/**
* Effectively logs the user in
* @param string $login
* @param string $passwd
*/
function user_login($login, $passwd)
{
global $input;
global $template_folder;
global $error;
global $ezplayer_url;
// 0) Sanity checks
if (empty($login) || empty($passwd)) {
$error = template_get_message('empty_username_password', get_lang());
view_login_form();
die;
}
$login_parts = explode("/", $login);
// checks if runas
if (count($login_parts) == 2) {
if (!file_exists('admin.inc')) {
$error = "Not admin. runas login failed";
view_login_form();
die;
}
include 'admin.inc';
//file containing an assoc array of admin users
if (!isset($admin[$login_parts[0]])) {
$error = "Not admin. runas login failed";
view_login_form();
die;
}
$_SESSION['user_is_admin'] = true;
$_SESSION['user_runas'] = true;
} else {
if (file_exists('admin.inc')) {
include 'admin.inc';
//file containing an assoc array of admin users
if (isset($admin[$login])) {
$_SESSION['user_is_admin'] = true;
}
}
}
$res = checkauth(strtolower($login), $passwd);
if (!$res) {
$error = checkauth_last_error();
view_login_form();
die;
}
// 1) Initializing session vars
$_SESSION['ezplayer_logged'] = "user_logged";
// "boolean" stating that we're logged
$_SESSION['user_login'] = $res['login'];
$_SESSION['user_real_login'] = $res['real_login'];
$_SESSION['user_full_name'] = $res['full_name'];
$_SESSION['user_email'] = $res['email'];
$_SESSION['admin_enabled'] = false;
//check flash plugin or GET parameter no_flash
if (!isset($_SESSION['has_flash'])) {
//no noflash param when login
//check flash plugin
if ($input['has_flash'] == 'N') {
$_SESSION['has_flash'] = false;
} else {
$_SESSION['has_flash'] = true;
}
}
// 2) Initializing the ACLs
acl_init($login);
// 3) Setting correct language
set_lang($input['lang']);
// 4) Resetting the template path to the one of the language chosen
template_repository_path($template_folder . get_lang());
// 5) Logging the login operation
log_append("login");
log_append("user's browser : " . $_SESSION['browser_full']);
// lvl, action, browser_name, browser_version, user_os, browser_full_info
trace_append(array("1", "login", $_SESSION['browser_name'], $_SESSION['browser_version'], $_SESSION['user_os'], $_SESSION['browser_full'], session_id()));
// 6) Displaying the page
// view_main();
if (count($_SESSION['first_input']) > 0) {
$ezplayer_url .= '/index.php?';
}
foreach ($_SESSION['first_input'] as $key => $value) {
$ezplayer_url .= "{$key}={$value}&";
}
header("Location: " . $ezplayer_url);
load_page();
}
/**
* Determines whether the user to authenticate is a simple user
* or a 'runas' (admin).
* Tries to authenticate the user and returns user's information
* in case of success.
* @global type $auth_methods various methods used for authentication (may be file / ldap / ...)
* @param type $login user's login (can be user or admin/user with admin authenticated as user)
* @param type $passwd user's password
* @return user's information if the user has been authenticated; false otherwise
*/
function checkauth($login, $passwd)
{
global $auth_methods;
$auth_methods_length = count($auth_methods);
$login = trim($login);
//check if runas admin login
$login_parts = explode("/", $login);
//simple login
if (count($login_parts) == 1) {
$index = 0;
$auth_user = false;
// authenticates user (fallback on every available methods)
while ($index < $auth_methods_length && $auth_user === false) {
$check_auth = $auth_methods[$index] . "_checkauth";
$auth_user = $check_auth($login, $passwd);
$index++;
}
// user has not been authenticated using all available methods
if ($auth_user === false) {
checkauth_last_error("Authentication failure");
}
// returns user info or false if user has not been found
return $auth_user;
// admin run as login
} else {
//runas_login identification where user <login> wants to act as another one
$real_login = $login_parts[0];
$runas_login = $login_parts[1];
$index = 0;
$auth_admin = false;
// loops on every available methods to authenticate the admin
while ($index < $auth_methods_length && $auth_admin === false) {
$check_auth = $auth_methods[$index] . "_checkauth";
$auth_admin = $check_auth($real_login, $passwd);
$index++;
}
// admin has not been authenticated
if ($auth_admin === false) {
checkauth_last_error("Authentication failure");
return false;
// admin has been authenticated
} else {
$index = 0;
$auth_user = false;
// loops on every available methods to get user info
while ($index < $auth_methods_length && $auth_user === false) {
$getinfo = $auth_methods[$index] . "_getinfo";
$auth_user = $getinfo($runas_login);
$index++;
}
// user does not exit
if ($auth_user === false) {
checkauth_last_error("Authentication failure");
} else {
$auth_user["real_login"] = $real_login;
}
// returns user info or false if user has not been found
return $auth_user;
}
}
}
/**
* Effectively logs the user in
* @param string $login
* @param string $passwd
*/
function user_login($login, $passwd)
{
global $input;
global $template_folder;
global $error;
global $ezmanager_url;
// 0) Sanity checks
if (empty($login) || empty($passwd)) {
$error = template_get_message('empty_username_password', get_lang());
view_login_form();
die;
}
$login_parts = explode("/", $login);
// checks if runas
if (count($login_parts) == 2) {
if (!file_exists('admin.inc')) {
$error = "Not admin. runas login failed";
view_login_form();
die;
}
include 'admin.inc';
//file containing an assoc array of admin users
if (!isset($admin[$login_parts[0]])) {
$error = "Not admin. runas login failed";
view_login_form();
die;
}
}
$res = checkauth(strtolower($login), $passwd);
if (!$res) {
$error = checkauth_last_error();
view_login_form();
die;
}
// 1) Initializing session vars
$_SESSION['podman_logged'] = "LEtimin";
// "boolean" stating that we're logged
$_SESSION['user_login'] = $res['login'];
$_SESSION['user_real_login'] = $res['real_login'];
$_SESSION['user_full_name'] = $res['full_name'];
$_SESSION['user_email'] = $res['email'];
//check flash plugin or GET parameter no_flash
if (!isset($_SESSION['has_flash'])) {
//no noflash param when login
//check flash plugin
if ($input['has_flash'] == 'N') {
$_SESSION['has_flash'] = false;
} else {
$_SESSION['has_flash'] = true;
}
}
// 2) Initializing the ACLs
acl_init($login);
// 3) Setting correct language
set_lang($input['lang']);
if (count(acl_authorized_albums_list()) == 0) {
error_print_message(template_get_message('not_registered', get_lang()), false);
log_append('warning', $res['login'] . ' tried to access ezmanager but doesn\'t have permission to manage any album.');
session_destroy();
view_login_form();
die;
}
// 4) Resetting the template path to the one of the language chosen
template_repository_path($template_folder . get_lang());
// 5) Logging the login operation
log_append("login");
// 6) Displaying the page
header("Location: " . $ezmanager_url);
view_main();
}
/**
* Effectively logs the user in
* @param string $login
* @param string $passwd
*/
function user_login($login, $passwd)
{
global $input;
global $template_folder;
global $error;
global $ezadmin_url;
// 0) Sanity checks
if (empty($login) || empty($passwd)) {
$error = template_get_message('empty_username_password', get_lang());
view_login_form();
die;
}
$login_parts = explode("/", $login);
// checks if runas
if (count($login_parts) >= 2) {
$error = "No runas here !";
view_login_form();
die;
}
if (!file_exists('admin.inc')) {
$error = "User not authorized";
view_login_form();
die;
}
include 'admin.inc';
//file containing an assoc array of admin users
if (!isset($users[$login_parts[0]])) {
$error = "User not authorized";
view_login_form();
die;
}
$res = checkauth(strtolower($login), $passwd);
if (!$res) {
$error = checkauth_last_error();
view_login_form();
die;
}
// 1) Initializing session vars
$_SESSION['podcastcours_logged'] = "LEtimin";
// "boolean" stating that we're logged
$_SESSION['user_login'] = $login;
$_SESSION['user_real_login'] = $res['real_login'];
$_SESSION['user_full_name'] = $res['full_name'];
$_SESSION['user_email'] = $res['email'];
// 3) Setting correct language
set_lang($input['lang']);
// 4) Resetting the template path to the one of the language chosen
template_repository_path($template_folder . get_lang());
// 5) Logging the login operation
log_append("login");
// 6) Displaying the page
header("Location: " . $ezadmin_url);
view_main();
}
/**
* Tries to establish a connection to ldap server. Loops on all available servers while the
* connection has not been established
* @param type $ldap_servers array containing the available servers
* @param int $index position in the array where the search starts
* @param type $login
* @param type $password
* @return boolean
*/
function private_ldap_connect($ldap_servers, &$index = 0, $login = "", $password = "")
{
$ldap_servers_count = count($ldap_servers);
if (!isset($index)) {
$index = 0;
}
while ($index < $ldap_servers_count) {
$rdn = str_replace("!LOGIN", $login, $ldap_servers[$index]["rdn"]);
if (!isset($password) || $password == "") {
$password = $ldap_servers[$index]["password"];
}
//try to connect to ldap server
if (isset($ldap_servers[$index]["port"]) && trim($ldap_servers[$index]["port"]) != "") {
$link_identifier = ldap_connect($ldap_servers[$index]["hostname"], $ldap_servers[$index]["port"]);
} else {
$link_identifier = ldap_connect($ldap_servers[$index]["hostname"]);
}
ldap_set_option($link_identifier, LDAP_OPT_PROTOCOL_VERSION, 3);
//try to bind with login and password
@($res = ldap_bind($link_identifier, $rdn, $password));
//check ldap branch
if ($res) {
return $link_identifier;
} else {
ldap_close($link_identifier);
}
$index++;
}
//if not sucessfull show reason:
$errno = ldap_errno($link_identifier);
$errstring = ldap_error($link_identifier);
checkauth_last_error("{$errno}:{$errstring}:Bind to ldap failed");
return false;
}
