function ntlm_get_user()
{
if (ntlm_check()) {
$ntlm_user = $_SERVER['REMOTE_USER'];
$strloc = strpos($ntlm_user, "\\");
$strloc++;
$strloc++;
if ($strloc > 2) {
$username = substr($ntlm_user, $strloc);
} else {
$username = false;
}
return $username;
} else {
return false;
}
}
ob_implicit_flush(0);
header('Content-Encoding: gzip');
}
}
}
//
// Parse and show the overall header.
//
$template->set_filenames(array('overall_header' => empty($gen_simple_header) ? 'overall_header.tpl' : 'simple_header.tpl'));
//
// Generate logged in/logged out status
//
if ($userdata['session_logged_in']) {
$u_login_logout = 'login.' . $phpEx . '?logout=true&sid=' . $userdata['session_id'];
$l_login_logout = $lang['Logout'] . ' [ ' . $userdata['username'] . ' ]';
if ($board_config['auth_mode'] == 'ldap' && ntlm_check() && !defined("IN_LOGIN")) {
if (strcmp(strtolower(ntlm_get_user()), strtolower($userdata['username']))) {
//Logout if we are logged on as a diffrent user
header('Location: ' . append_sid("login.{$phpEx}?logout=true&redirect=index.{$phpEx}", true));
}
}
} else {
$u_login_logout = 'login.' . $phpEx;
$l_login_logout = $lang['Login'];
if ($board_config['disable_guest'] == 1 && !defined("IN_LOGIN") && !defined("IN_SEARCHUSER")) {
header('Location: ' . append_sid("login.{$phpEx}?redirect=index.{$phpEx}", true));
}
}
//-- mod : keep unread -----------------------------------------------------------------------------
//-- delete
// $s_last_visit = ( $userdata['session_logged_in'] ) ? create_date($board_config['default_dateformat'], $userdata['user_lastvisit'], $board_config['board_timezone']) : '';
// Prillian - Begin Code Addition
//
include_once PRILL_PATH . 'prill_common.' . $phpEx;
//
// Prillian - End Code Addition
//--------------------------------------------------------------------------------
// session id check
if (isset($HTTP_GET_VARS['sid']) && !empty($HTTP_GET_VARS['sid'])) {
$sid = $HTTP_GET_VARS['sid'];
} elseif (isset($HTTP_POST_VARS['sid']) && !empty($HTTP_POST_VARS['sid'])) {
$sid = $HTTP_POST_VARS['sid'];
} else {
$sid = '';
}
$auth_mode = $board_config['auth_mode'];
$use_ldap = $board_config['auth_mode'] == 'ldap' && ntlm_check() ? TRUE : FALSE;
if (isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($HTTP_POST_VARS['logout']) || isset($HTTP_GET_VARS['logout']) || $use_ldap) {
if ((isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || $use_ldap) && !$userdata['session_logged_in']) {
if ($use_ldap) {
$username = ntlm_get_user();
} else {
$username = isset($HTTP_POST_VARS['username']) ? trim(htmlspecialchars($HTTP_POST_VARS['username'])) : '';
}
$username = substr(str_replace("\\'", "'", $username), 0, 25);
$username = str_replace("'", "\\'", $username);
$password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : '';
$sql = "SELECT user_id, username, user_password, user_active, user_level, user_type\n FROM " . USERS_TABLE . "\n WHERE username = '******'", "''", $username) . "'";
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
function ntlm_get_user($skip = FALSE)
{
if ($skip || ntlm_check()) {
$ntlm_user = $_SERVER['REMOTE_USER'];
$strloc = strpos($ntlm_user, "\\");
$strloc++;
if (substr($ntlm_user, $strloc, 1) == "\\") {
$strloc++;
}
if ($strloc > 2) {
$username = substr($ntlm_user, $strloc);
} else {
$username = $ntlm_user;
}
return $username;
} else {
return false;
}
}
