/* Load plugin */ if (is_file("{$plugin_dir}/main.inc")) { $display = ""; require "{$plugin_dir}/main.inc"; } else { msg_dialog::display(_("Plugin"), sprintf(_("Fatal error: Cannot find any plugin definitions for plugin '%s' ('%s' is not a file)!"), $plug, "{$plugin_dir}/main.inc"), FATAL_ERROR_DIALOG); exit; } /* Print_out last ErrorMessage repeated string. */ $smarty->assign("msg_dialogs", msg_dialog::get_dialogs()); $smarty->assign("contents", $display); $smarty->assign("sessionLifetime", $config->get_cfg_value("sessionLifetime", 60 * 60 * 2)); /* If there's some post, take a look if everything is there... */ if (isset($_POST) && count($_POST)) { if (!isset($_POST['php_c_check'])) { msg_dialog::display(_("Configuration Error"), sprintf(_("Fatal error: not all POST variables have been transfered by PHP - please inform your administrator!")), FATAL_ERROR_DIALOG); exit; } } /* Assign errors to smarty */ if (session::is_set('errors')) { $smarty->assign("errors", session::get('errors')); } if ($error_collector != "") { $smarty->assign("php_errors", preg_replace("/%BUGBODY%/", $error_collector_mailto, $error_collector) . "</div>"); } else { $smarty->assign("php_errors", ""); } /* Set focus to the error button if we've an error message */ $focus = ""; if (session::is_set('errors') && session::get('errors') != "") {
static function casLoginProcess() { global $config, $message, $ui; self::init(); /* Reset error messages */ $message = ''; //~ phpCAS::setDebug(); // Initialize phpCAS phpCAS::client(CAS_VERSION_2_0, $config->get_cfg_value('casHost', 'localhost'), (int) $config->get_cfg_value('casPort', 443), $config->get_cfg_value('casContext', '')); // Set the CA certificate that is the issuer of the cert phpCAS::setCasServerCACert($config->get_cfg_value('casServerCaCertPath')); //~ phpCAS::setNoCasServerValidation(); // force CAS authentication phpCAS::forceAuthentication(); self::$username = phpCAS::getUser(); $ldap = $config->get_ldap_link(); $ldap->cd($config->current['BASE']); $verify_attr = explode(',', $config->get_cfg_value('loginAttribute', 'uid')); $filter = ''; foreach ($verify_attr as $attr) { $filter .= '(' . $attr . '=' . self::$username . ')'; } $ldap->search('(&(|' . $filter . ')(objectClass=inetOrgPerson))'); $attrs = $ldap->fetch(); if ($ldap->count() < 1) { msg_dialog::display(_('Error'), sprintf(_('CAS user "%s" could not be found in the LDAP'), self::$username), FATAL_ERROR_DIALOG); exit; } elseif ($ldap->count() > 1) { msg_dialog::display(_('Error'), sprintf(_('CAS user "%s" match several users in the LDAP'), self::$username), FATAL_ERROR_DIALOG); exit; } $ui = new userinfo($config, $attrs['dn']); $ui->loadACL(); $success = self::runSteps(array('loginAndCheckExpired', 'runSchemaCheck', 'checkForLockingBranch')); if ($success) { /* Everything went well, redirect to main.php */ self::redirect(); } }
exit; } $ui = session::get('ui'); $config = session::get('config'); /* Check ACL's */ $dn = ""; if (isset($_GET['n'])) { $dn = base64_decode($_GET['n']); $acl_dn = base64_decode($_GET['d']) . base64_decode($_GET['n']); } elseif (isset($_GET['dn'])) { $dn = base64_decode($_GET['dn']); $acl_dn = base64_decode($_GET['dn']); } $acl = $ui->get_permissions($acl_dn, "ldapmanager/ldif"); if (!preg_match("/r/", $acl)) { msg_dialog::display(_("Permission error"), _("You have no permission to do LDAP exports!"), FATAL_ERROR_DIALOG); exit; } header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-cache"); header("Pragma: no-cache"); header("Cache-Control: post-check=0, pre-check=0"); header("Content-type: text/plain"); switch ($_GET['ivbb']) { case 2: dump_ldap(2); break; case 3: dump_ldap(3); break;
$tls = $config->get_cfg_value("ldapTLS") == "TRUE"; if (!count($ldap->get_objectclasses())) { msg_dialog::display(_("LDAP error"), _("Cannot detect information about the installed LDAP schema!"), ERROR_DIALOG); displayLogin(); exit; } else { $cfg = array(); $cfg['admin'] = $config->current['ADMINDN']; $cfg['password'] = $config->current['ADMINPASSWORD']; $cfg['connection'] = $config->current['SERVER']; $cfg['tls'] = $tls; $str = check_schema($cfg); $checkarr = array(); foreach ($str as $tr) { if (isset($tr['IS_MUST_HAVE']) && !$tr['STATUS']) { msg_dialog::display(_("LDAP error"), _("Your LDAP setup contains old schema definitions:") . "<br><br><i>" . $tr['MSG'] . "</i>", ERROR_DIALOG); displayLogin(); exit; } } } } /* Check for locking area */ $ldap->cat(get_ou('lockRDN') . get_ou('fusiondirectoryRDN') . $config->current['BASE'], array('dn')); $attrs = $ldap->fetch(); if (!count($attrs)) { $ldap->cd($config->current['BASE']); $ldap->create_missing_trees(get_ou('lockRDN') . get_ou('fusiondirectoryRDN') . $config->current['BASE']); } /* Check for valid input */ $username = trim($_POST['username']);
$ssl = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; } } /* If SSL is forced, just forward to the SSL enabled site */ if ($config->get_cfg_value("core", "forceSSL") == 'true' && $ssl != '') { header("Location: {$ssl}"); exit; } /* Check for selected password method */ $method = $config->get_cfg_value("core", "passwordDefaultHash"); if (isset($_GET['method'])) { $method = validate($_GET['method']); $tmp = new passwordMethod($config, "dummy"); $available = $tmp->get_available_methods(); if (!isset($available[$method])) { msg_dialog::display(_("Password method"), _("Error: Password method not available!"), FATAL_ERROR_DIALOG); exit; } } /* Check for selected user... */ if (isset($_GET['uid']) && $_GET['uid'] != "") { $uid = validate($_GET['uid']); $smarty->assign('display_username', false); } elseif (isset($_POST['uid'])) { $uid = get_post('uid'); $smarty->assign('display_username', true); } else { $uid = ""; $smarty->assign('display_username', true); } $current_password = "";
if (is_file("{$plugin_dir}/main.inc")) { $display = ""; require "{$plugin_dir}/main.inc"; } else { msg_dialog::display(_("Plug-in"), sprintf(_("Fatal error: Cannot find any plugin definitions for plugin %s!"), bold($plug)), FATAL_ERROR_DIALOG); exit; } /* Print_out last ErrorMessage repeated string. */ $smarty->assign("msg_dialogs", msg_dialog::get_dialogs()); $smarty->assign("pathMenu", $plist->genPathMenu()); $smarty->assign("contents", $display); $smarty->assign("sessionLifetime", $config->get_cfg_value('core', 'sessionLifetime')); /* If there's some post, take a look if everything is there... */ if (isset($_POST) && count($_POST)) { if (!isset($_POST['php_c_check'])) { msg_dialog::display(_("Warning"), _("Not all POST variables have been transfered by PHP - Returning to main menu!"), INFO_DIALOG); header("Location: main.php"); exit; } } /* Assign erros to smarty */ if (session::is_set('errors')) { $smarty->assign("errors", session::get('errors')); } if ($error_collector != "") { $smarty->assign("php_errors", preg_replace("/%BUGBODY%/", $error_collector_mailto, $error_collector) . "</div>"); } else { $smarty->assign("php_errors", ""); } /* Set focus to the error button if we've an error message */ $focus = "";
session::start(); session::global_set('debugLevel', 1); session::set('errorsAlreadyPosted', array()); /* Attribute initialization, reset errors */ session::set('errors', ""); session::set('errorsAlreadyPosted', array()); session::set('LastError', ""); $smarty->compile_dir = "/var/spool/gosa/"; if (!(is_dir($smarty->compile_dir) && is_writable($smarty->compile_dir))) { if (isset($_SERVER['SCRIPT_FILENAME'])) { $smarty->compile_dir = preg_replace("#/html/.*\$#", "", $_SERVER['SCRIPT_FILENAME']); } } /* Check for compile directory */ if (!(is_dir($smarty->compile_dir) && is_writable($smarty->compile_dir))) { msg_dialog::display(_("Smarty"), sprintf(_("Compile directory %s is not accessible!"), bold('/var/spool/gosa/')), FATAL_ERROR_DIALOG); exit; } /* Get posted language */ if (!session::global_is_set('lang')) { session::global_set('lang', get_browser_language()); } if (isset($_POST['lang_selected'])) { if ($_POST['lang_selected'] != "") { session::global_set('lang', $_POST['lang_selected']); } else { session::global_set('lang', get_browser_language()); } } /* Check for js */ if (!isset($_GET['js']) && !session::global_is_set('js')) {
/* Set cookie lifetime to one day (The parameter is in seconds ) */ session_set_cookie_params(24 * 60 * 60); session_cache_expire(60 * 24); // default is 180 ini_set("session.gc_maxlifetime", 24 * 60 * 60); /* Start session */ session::start(); session::global_set('DEBUGLEVEL', 0); session::set('errorsAlreadyPosted', array()); /* Attribute initialization, reset errors */ reset_errors(); /* Set template compile directory */ $smarty->compile_dir = SPOOL_DIR; /* Check for compile directory */ if (!(is_dir($smarty->compile_dir) && is_writable($smarty->compile_dir))) { msg_dialog::display(_("Smarty"), sprintf(_("Directory '%s' specified as compile directory is not accessible!"), $smarty->compile_dir), FATAL_ERROR_DIALOG); exit; } /* Get posted language */ if (isset($_POST['lang_selected']) && $_POST['lang_selected'] != "") { $lang = $_POST['lang_selected']; /* Append .UTF-8 to language string if necessary */ if (!preg_match("/utf(-)8\$/i", $lang)) { $lang .= ".UTF-8"; } } else { $lang = get_browser_language(); } initLanguage($lang); $smarty->assign("rtl", language_is_rtl($lang)); $smarty->assign("must", '<span class="must">*</span>');
$username = get_post("username"); if (!preg_match("/^[@A-Za-z0-9_.-]+\$/", $username)) { $message = _("Please specify a valid user name!"); $ok = false; } elseif (mb_strlen(get_post("password"), 'UTF-8') == 0) { $message = _("Please specify your password!"); $smarty->assign('nextfield', 'password'); $ok = false; } } if ($ok) { /* Login as user, initialize user ACL's */ if ($htaccess_authenticated) { $ui = ldap_login_user_htaccess($username); if ($ui === NULL || !$ui) { msg_dialog::display(_("Authentication error"), _("Cannot retrieve user information for HTTP authentication!"), FATAL_ERROR_DIALOG); exit; } } else { $ui = ldap_login_user($username, get_post("password")); } if ($ui === NULL || !$ui) { $message = _("Please check the username/password combination!"); $smarty->assign('nextfield', 'password'); session::global_set('config', $config); new log("security", "login", "", array(), "Authentication failed for a user"); } else { /* Remove all locks of this user */ del_user_locks($ui->dn); /* Save userinfo and plugin structure */ session::global_set('ui', $ui);