/**
* Logs the user in
* @param string $login login
* @param string $pass password
* @param string $cookieVal y or n if we are using cookie
* @param string $isCookie id value of user stored in the cookie
* @param string $resume page to forward the user to after a login
* @param string $lang language code to set
* @return any error message that occured during login
*/
function doLogin($login, $pass, $cookieVal = null, $isCookie = false, $resume = '', $lang = '', $domain = '')
{
global $conf;
$msg = '';
$allowedToLogin = true;
if (empty($resume)) {
$resume = 'summary.php';
}
// Go to control panel by default
$_SESSION['sessionID'] = null;
$_SESSION['sessionName'] = null;
$_SESSION['sessionMail'] = null;
$_SESSION['sessionAdmin'] = null;
$_SESSION['sessionMailAdmin'] = null;
$_SESSION['sessionNav'] = null;
$login = stripslashes($login);
$pass = stripslashes($pass);
$ok_user = $ok_pass = false;
$authMethod = $conf['auth']['serverType'];
if ($isCookie != false) {
// Cookie is set
$id = $isCookie;
if ($this->db->verifyID($id)) {
$ok_user = $ok_pass = true;
} else {
$ok_user = $ok_pass = false;
setcookie('ID', '', time() - 3600, '/');
// Clear out all cookies
$msg .= translate('That cookie seems to be invalid') . '<br/>';
}
} else {
switch (strtolower($authMethod)) {
case "ad":
case "ldap":
// Added this check for LDAP servers that switch to anonymous bind whenever
// provided password is left blank
if ($pass == '') {
return translate('Invalid User Name/Password.');
}
// Include LDAPEngine class
include_once 'LDAPEngine.class.php';
$ldap = new LDAPEngine();
if ($ldap->connect()) {
// Get user DN
// For AD it could be of the form of 'user@domain' or standard LDAP dn
$dn = $ldap->getUserDN($login);
// Check if user is allowed to log in
if (!$this->isAllowedToLogin($login)) {
$allowedToLogin = false;
$msg .= 'User is not allowed to login';
// If user is allowed to log in try a bind
} elseif ($dn != '' && $ldap->authBind($dn, $pass)) {
$ldap->logonName = $login;
$ldap->loadUserData($dn);
$data = $ldap->getUserData();
$ok_user = true;
$ok_pass = true;
} else {
$msg .= 'Invalid User Name/Password.';
}
$ldap->disconnect();
}
break;
case "sql":
// Include DBAuth class
include_once 'DBAuth.class.php';
$db = new DBAuth();
// Check if user is allowed to log in
if (!$this->isAllowedToLogin($login)) {
$allowedToLogin = false;
$msg .= 'User is not allowed to login';
// If user is allowed to log in try to authenticate
} elseif ($db->authUser($login, $pass)) {
$data = $db->getUserData();
$ok_user = true;
$ok_pass = true;
} else {
$msg .= 'Invalid User Name/Password.';
}
break;
case "exchange":
// Include ExchAuth class
include_once 'ExchAuth.class.php';
$exch = new ExchAuth();
// Check if user is allowed to log in
if (!$this->isAllowedToLogin($login)) {
$allowedToLogin = false;
$msg .= 'User is not allowed to login';
// If user is allowed to log in try to authenticate
} elseif ($exch->authUser($login, $pass, $domain)) {
$data = $exch->getUserData();
$ok_user = true;
$ok_pass = true;
} else {
$msg .= 'Invalid User Name/Password.';
}
break;
case "imap":
// Include IMAPAuth class
include_once 'IMAPAuth.class.php';
$imap = new IMAPAuth();
// Check if user is allowed to log in
if (!$this->isAllowedToLogin($login)) {
$allowedToLogin = false;
$msg .= 'User is not allowed to login';
// If user is allowed to log in try to authenticate
} elseif ($imap->authUser($login, $pass)) {
$data = $imap->getUserData();
$ok_user = true;
$ok_pass = true;
} else {
$msg .= 'Invalid User Name/Password.';
}
break;
default:
CmnFns::do_error_box(translate('Unknown server type'), '', false);
break;
}
}
// If the login failed, notify the user and quit the app
if (!$ok_user || !$ok_pass || !$allowedToLogin) {
CmnFns::write_log('Authentication failed' . ', ' . $msg, $login);
return translate($msg);
} else {
$this->is_loggedin = true;
CmnFns::write_log('Authentication successful', $login);
/*
$user = new User($id); // Get user info
// If the user wants to set a cookie, set it
// for their ID and fname. Expires in 30 days (2592000 seconds)
if (!empty($cookieVal)) {
//die ('Setting cookie');
setcookie('ID', $user->get_id(), time() + 2592000, '/');
}
*/
// Set other session variables
$_SESSION['sessionID'] = $data['logonName'];
$_SESSION['sessionName'] = $data['firstName'];
$_SESSION['sessionMail'] = $data['emailAddress'];
// If it is the super admin, set session variable
foreach ($conf['auth']['s_admins'] as $s_admin) {
if (strtolower($s_admin) == strtolower($_SESSION['sessionID'])) {
$_SESSION['sessionAdmin'] = true;
}
}
// If it is the mail admin, set session variable
foreach ($conf['auth']['m_admins'] as $m_admin) {
if (strtolower($m_admin) == strtolower($_SESSION['sessionID'])) {
$_SESSION['sessionMailAdmin'] = true;
}
}
if ($lang != '') {
set_language($lang);
}
// Send them to the control panel
CmnFns::redirect(urldecode($resume));
}
}
/**
* Logs the user in
* @param string $uname username
* @param string $pass password
* @param string $cookieVal y or n if we are using cookie
* @param string $isCookie id value of user stored in the cookie
* @param string $resume page to forward the user to after a login
* @param string $lang language code to set
* @return any error message that occured during login
*/
function doLogin($uname, $pass, $cookieVal = null, $isCookie = false, $resume = '', $lang = '')
{
global $conf;
$msg = '';
if (empty($resume)) {
$resume = 'ctrlpnl.php';
}
// Go to control panel by default
$_SESSION['sessionID'] = null;
$_SESSION['sessionName'] = null;
$_SESSION['sessionAdmin'] = null;
$_SESSION['hourOffset'] = null;
$uname = stripslashes($uname);
$pass = stripslashes($pass);
$ok_user = $ok_pass = false;
$use_logonname = (bool) $conf['app']['useLogonName'];
$adminemail = strtolower($conf['app']['adminEmail']);
if ($isCookie !== false) {
// Cookie is set
$cookieValue = $isCookie;
if (($id = $this->verifyCookie($cookieValue)) !== false) {
$ok_user = $ok_pass = true;
} else {
$ok_user = $ok_pass = false;
setcookie('ID', '', time() - 3600, '/');
// Clear out all cookies
$msg .= translate('That cookie seems to be invalid') . '<br/>';
}
} else {
if ($conf['ldap']['authentication']) {
// Include LDAPEngine class
include_once 'LDAPEngine.class.php';
$ldap = new LDAPEngine($uname, $pass);
if ($ldap->connected()) {
$mail = $ldap->getUserEmail();
if ($mail) {
$id = $this->db->userExists($mail);
if ($id) {
// check if LDAP and local DB are in consistancy.
$updates = $ldap->getUserData();
if ($this->db->check_updates($id, $updates)) {
$this->db->update_user($id, $updates);
}
} else {
$data = $ldap->getUserData();
$id = $this->do_register_user($data, false);
}
$ok_user = true;
$ok_pass = true;
} else {
$msg .= translate('This system requires that you have an email address.');
}
} else {
$msg .= translate('Invalid User Name/Password.');
}
$ldap->disconnect();
} else {
// If we cant find email, set message and flag
if (!($id = $this->db->userExists($uname, $use_logonname))) {
$msg .= translate('We could not find that logon in our database.') . '<br/>';
$ok_user = false;
} else {
$ok_user = true;
}
// If password is incorrect, set message and flag
if ($ok_user && !$this->db->isPassword($uname, $pass, $use_logonname)) {
$msg .= translate('That password did not match the one in our database.') . '<br/>';
$ok_pass = false;
} else {
$ok_pass = true;
}
}
}
// If the login failed, notify the user and quit the app
if (!$ok_user || !$ok_pass) {
$msg .= translate('You can try');
return $msg;
} else {
$this->is_loggedin = true;
$user = new User($id);
// Get user info
// If the user wants to set a cookie, set it
// for their ID and fname. Expires in 30 days (2592000 seconds)
if (!empty($cookieVal)) {
//die ('Setting cookie');
setcookie('ID', $this->generateCookie($user->get_id()), time() + 2592000, '/');
}
// If it is the admin, set session variable
if ($user->get_email() == $adminemail || $user->get_isadmin()) {
$_SESSION['sessionAdmin'] = $user->get_email();
}
// Set other session variables
$_SESSION['sessionID'] = $user->get_id();
$_SESSION['sessionName'] = $user->get_fname();
$_SESSION['hourOffset'] = $user->get_timezone() - $conf['app']['timezone'];
if ($lang != '') {
set_language($lang);
if ($lang != $user->get_lang()) {
$user->set_lang($lang);
// Language changed so update the DB
}
}
// Send them to the control panel
CmnFns::redirect(urldecode($resume));
}
}
