function checkprivs()
{
    $_POST["userid"] = trim($_POST["userid"]);
    include "ressources/settings.inc";
    $socks = new sockets();
    if (strtolower($_POST["userid"]) == strtolower($_GLOBAL["ldap_admin"])) {
        if ($_POST["password"] != $_GLOBAL["ldap_password"]) {
            die("bad password");
        }
        $dans = new dansguardian_rules(null, 1);
        $dans->Add_exceptionsitelist(1, $_POST["uri"]);
        AddEvents("Manager", $_POST["uri"]);
        $sock = new sockets();
        $sock->getFrameWork("reload-dansguardian");
        die("SUCCESS");
    }
    $ldap = new clladp();
    writelogs('This is not Global admin, so test user...', __FUNCTION__, __FILE__);
    $hash = $ldap->UserDatas($_POST["userid"]);
    $userPassword = $hash["userPassword"];
    if (trim($hash["uid"]) == null) {
        writelogs('Unable to get user infos abort', __FUNCTION__, __FILE__);
        die("Unknown user");
    }
    if (trim($_POST["password"]) == trim($userPassword)) {
        $users = new usersMenus($ldap->_Get_privileges_userid($_POST["userid"]));
        $priv_array = $users->_ParsePrivieleges($ldap->_Get_privileges_userid($_POST["userid"]));
        $users->_TranslateRights($priv_array);
        if ($users->AllowDansGuardianBanned) {
            $dans = new dansguardian_rules(null, 1);
            $dans->Add_exceptionsitelist(1, $_POST["uri"]);
            $sock = new sockets();
            AddEvents($_POST["userid"], $_POST["uri"]);
            $sock->getFrameWork("cmd.php?reload-dansguardian");
            die("SUCCESS");
        }
    } else {
        die("BAD PASSWORD");
    }
    die("No privileges");
}
Exemplo n.º 2
0
function authenticate()
{
    error_log("1) Auth user:{$_SERVER['PHP_AUTH_USER']} password:{$_SERVER['PHP_AUTH_PW']}");
    if (!isset($_SERVER['PHP_AUTH_USER']) && !isset($_SERVER['PHP_AUTH_PW'])) {
        return false;
    }
    $_POST["artica_username"] = $_SERVER['PHP_AUTH_USER'];
    $_POST["artica_password"] = $_SERVER['PHP_AUTH_PW'];
    include "ressources/settings.inc";
    if ($_POST["artica_username"] == $_GLOBAL["ldap_admin"]) {
        if ($_POST["artica_password"] != $_GLOBAL["ldap_password"]) {
            artica_mysql_events("Failed to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]}", @implode("\n", $notice), "security", "security");
            return false;
        } else {
            artica_mysql_events("Success to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]} as SuperAdmin", @implode("\n", $notice), "security", "security");
            //session_start();
            $_SESSION["uid"] = '-100';
            $_SESSION["groupid"] = '-100';
            $_SESSION["passwd"] = $_POST["artica_password"];
            setcookie("artica-language", $_POST["lang"], time() + 172800);
            $_SESSION["detected_lang"] = $_POST["lang"];
            $_SESSION["privileges"]["ArticaGroupPrivileges"] = '
			[AllowAddGroup]="yes"
			[AllowAddUsers]="yes"
			[AllowChangeKav]="yes"
			[AllowChangeKas]="yes"
			[AllowChangeUserPassword]="yes"
			[AllowEditAliases]="yes"
			[AllowEditAsWbl]="yes"
			[AsSystemAdministrator]="yes"
			[AsPostfixAdministrator]="yes"
			[AsArticaAdministrator]="yes"
			';
            return true;
        }
    }
    writelogs('This is not Global admin, so test user...', __FUNCTION__, __FILE__);
    $u = new user($_POST["artica_username"]);
    $userPassword = $u->password;
    if (trim($u->uidNumber) == null) {
        writelogs('Unable to get user infos abort', __FUNCTION__, __FILE__);
        return false;
    }
    if (trim($_POST["artica_password"]) != trim($userPassword)) {
        return false;
    }
    if (trim($_POST["artica_password"]) == trim($userPassword)) {
        $ldap = new clladp();
        $users = new usersMenus();
        $privs = new privileges($u->uid);
        $privileges_array = $privs->privs;
        setcookie("mem-logon-user", $_POST["artica_username"], time() + 172800);
        $_SESSION["privileges_array"] = $privs->privs;
        $_SESSION["privs"] = $privileges_array;
        $_SESSION["OU_LANG"] = $privileges_array["ForceLanguageUsers"];
        $_SESSION["uid"] = $_POST["artica_username"];
        $_SESSION["passwd"] = $_POST["artica_password"];
        $_SESSION["privileges"]["ArticaGroupPrivileges"] = $privs->content;
        $_SESSION["groupid"] = $ldap->UserGetGroups($_POST["artica_username"], 1);
        $_SESSION["DotClearUserEnabled"] = $u->DotClearUserEnabled;
        $_SESSION["MailboxActive"] = $u->MailboxActive;
        $_SESSION["ou"] = $u->ou;
        $_SESSION["UsersInterfaceDatas"] = trim($u->UsersInterfaceDatas);
        $lang = new articaLang();
        writelogs("[{$_POST["artica_username"]}]: Default organization language={$_SESSION["OU_LANG"]}", __FUNCTION__, __FILE__);
        if (trim($_SESSION["OU_LANG"]) != null) {
            $_SESSION["detected_lang"] = $_SESSION["OU_LANG"];
            setcookie("artica-language", $_SESSION["OU_LANG"], time() + 172800);
        } else {
            setcookie("artica-language", $_POST["lang"], time() + 172800);
            $_SESSION["detected_lang"] = $lang->get_languages();
        }
        $users->_TranslateRights($privileges_array, true);
        if (!$users->AsSquidAdministrator) {
            artica_mysql_events("failed to logon on the Artica Squid Stats Web console from {$_SERVER["REMOTE_HOST"]} as User", @implode("\n", $notice), "security", "security");
            writelogs("[{$_POST["artica_username"]}]: This is not an user =>admin.index.php", __FUNCTION__, __FILE__);
            return false;
        }
    }
    return true;
}
Exemplo n.º 3
0
function logon()
{
    include "ressources/settings.inc";
    $_POST["artica_password"] = url_decode_special($_POST["artica_password"]);
    writelogs("Testing logon....{$_POST["artica_username"]}", __FUNCTION__, __FILE__, __LINE__);
    writelogs("Testing logon.... password:{$_POST["artica_password"]}", __FUNCTION__, __FILE__, __LINE__);
    $_COOKIE["artica-language"] = $_POST["lang"];
    $socks = new sockets();
    if (!$socks->TestArticaPort()) {
        if (is_file("ressources/logs/boa.start")) {
            $boa_error = file_get_contents("ressources/logs/boa.start");
        }
        echo "Unable to connect to Artica daemon port:{$boa_error}";
        exit;
    }
    if ($_POST["artica_username"] == $_GLOBAL["ldap_admin"]) {
        if ($_POST["artica_password"] != $_GLOBAL["ldap_password"]) {
            echo "bad password";
            return null;
        } else {
            //session_start();
            $_SESSION["uid"] = '-100';
            $_SESSION["groupid"] = '-100';
            $_SESSION["passwd"] = $_POST["artica_password"];
            setcookie("artica-language", $_POST["lang"], time() + 172800);
            $_SESSION["detected_lang"] = $_POST["lang"];
            $_SESSION["privileges"]["ArticaGroupPrivileges"] = '
			[AllowAddGroup]="yes"
			[AllowAddUsers]="yes"
			[AllowChangeKav]="yes"
			[AllowChangeKas]="yes"
			[AllowChangeUserPassword]="yes"
			[AllowEditAliases]="yes"
			[AllowEditAsWbl]="yes"
			[AsSystemAdministrator]="yes"
			[AsPostfixAdministrator]="yes"
			[AsArticaAdministrator]="yes"
			';
            $tpl = new templates();
            echo "location:admin.index.php";
            exit;
        }
    }
    writelogs('This is not Global admin, so test user...', __FUNCTION__, __FILE__);
    $u = new user($_POST["artica_username"]);
    $userPassword = $u->password;
    if (trim($u->uidNumber) == null) {
        writelogs('Unable to get user infos abort', __FUNCTION__, __FILE__);
        echo "Unknown user";
        return null;
    }
    if (trim($_POST["artica_password"]) == trim($userPassword)) {
        $ldap = new clladp();
        $ouprivs = $ldap->_Get_privileges_ou($u->uid, $u->ou);
        $privileges = $ldap->_Get_privileges_userid($_POST["artica_username"]);
        $_SESSION["OU_LANG"] = $ouprivs["ForceLanguageUsers"];
        $_SESSION["uid"] = $_POST["artica_username"];
        $_SESSION["passwd"] = $_POST["artica_password"];
        $_SESSION["privileges"]["ArticaGroupPrivileges"] = $privileges;
        $_SESSION["groupid"] = $ldap->UserGetGroups($_POST["artica_username"], 1);
        $_SESSION["DotClearUserEnabled"] = $u->DotClearUserEnabled;
        $_SESSION["MailboxActive"] = $u->MailboxActive;
        $_SESSION["ou"] = $u->ou;
        $_SESSION["UsersInterfaceDatas"] = trim($u->UsersInterfaceDatas);
        $lang = new articaLang();
        writelogs("default organization language={$_SESSION["OU_LANG"]}", __FUNCTION__, __FILE__);
        if (trim($_SESSION["OU_LANG"]) != null) {
            $_SESSION["detected_lang"] = $_SESSION["OU_LANG"];
            setcookie("artica-language", $_SESSION["OU_LANG"], time() + 172800);
        } else {
            setcookie("artica-language", $_POST["lang"], time() + 172800);
            $_SESSION["detected_lang"] = $lang->get_languages();
        }
        $users = new usersMenus();
        $privileges_array = $users->_ParsePrivieleges($privileges);
        $users->_TranslateRights($privileges_array, true);
        if (!$users->IfIsAnuser(true)) {
            writelogs('This is not an user =>admin.index.php ', __FUNCTION__, __FILE__);
            echo "location:admin.index.php";
            return null;
        }
        writelogs('IT IS AN USER =>../user-backup/logon.php ', __FUNCTION__, __FILE__);
        $tpl = new templates();
        $array["USERNAME"] = $_POST["artica_username"];
        $array["PASSWORD"] = md5($_POST["artica_username"]);
        $credentials = base64_encode(serialize($array));
        echo "location:../user-backup/logon.php?credentials={$credentials}";
        return null;
        exit;
    } else {
        writelogs("The passord typed  is not the same in ldap database...", __FUNCTION__, __FILE__);
        echo "bad password";
        return null;
    }
}
Exemplo n.º 4
0
function logon()
{
    include "ressources/settings.inc";
    $sock = new sockets();
    $_POST["artica_password"] = url_decode_special($_POST["artica_password"]);
    writelogs("Testing logon....{$_POST["artica_username"]}", __FUNCTION__, __FILE__, __LINE__);
    writelogs("Testing logon.... password:{$_POST["artica_password"]}", __FUNCTION__, __FILE__, __LINE__);
    $_COOKIE["artica-language"] = $_POST["lang"];
    $FileCookyKey = md5($_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"]);
    $sock->SET_INFO($FileCookyKey, $_POST["Changelang"]);
    $socks = new sockets();
    if (!$socks->TestArticaPort()) {
        if (is_file("ressources/logs/boa.start")) {
            $boa_error = file_get_contents("ressources/logs/boa.start");
        }
        echo "Unable to connect to Artica daemon port:{$boa_error}";
        exit;
    }
    while (list($index, $value) = each($_SERVER)) {
        $notice[] = "{$index}:{$value}";
    }
    if ($_POST["artica_username"] == $_GLOBAL["ldap_admin"]) {
        if ($_POST["artica_password"] != $_GLOBAL["ldap_password"]) {
            writelogs("Testing logon.... password:{$_POST["artica_password"]}!==\"{$_GLOBAL["ldap_password"]}\"", __FUNCTION__, __FILE__, __LINE__);
            artica_mysql_events("Failed to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]}", @implode("\n", $notice), "security", "security");
            echo "bad password";
            return null;
        } else {
            artica_mysql_events("Success to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]} as SuperAdmin", @implode("\n", $notice), "security", "security");
            //session_start();
            $_SESSION["uid"] = '-100';
            $_SESSION["groupid"] = '-100';
            $_SESSION["passwd"] = $_POST["artica_password"];
            $_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}";
            setcookie("artica-language", $_POST["lang"], time() + 172800);
            $_SESSION["detected_lang"] = $_POST["lang"];
            $_SESSION["privileges"]["ArticaGroupPrivileges"] = '
			[AllowAddGroup]="yes"
			[AllowAddUsers]="yes"
			[AllowChangeKav]="yes"
			[AllowChangeKas]="yes"
			[AllowChangeUserPassword]="yes"
			[AllowEditAliases]="yes"
			[AllowEditAsWbl]="yes"
			[AsSystemAdministrator]="yes"
			[AsPostfixAdministrator]="yes"
			[AsArticaAdministrator]="yes"
			';
            $tpl = new templates();
            echo "location:admin.index.php";
            exit;
        }
    }
    writelogs('This is not Global admin, so test user...', __FUNCTION__, __FILE__);
    $u = new user($_POST["artica_username"]);
    $userPassword = $u->password;
    if (trim($u->uidNumber) == null) {
        writelogs('Unable to get user infos abort', __FUNCTION__, __FILE__);
        echo "Unknown user";
        return null;
    }
    if (trim($_POST["artica_password"]) == trim($userPassword)) {
        $ldap = new clladp();
        $users = new usersMenus();
        $privs = new privileges($u->uid);
        $privileges_array = $privs->privs;
        setcookie("mem-logon-user", $_POST["artica_username"], time() + 172800);
        $_SESSION["privileges_array"] = $privs->privs;
        $_SESSION["privs"] = $privileges_array;
        $_SESSION["OU_LANG"] = $privileges_array["ForceLanguageUsers"];
        $_SESSION["uid"] = $_POST["artica_username"];
        $_SESSION["passwd"] = $_POST["artica_password"];
        $_SESSION["privileges"]["ArticaGroupPrivileges"] = $privs->content;
        $_SESSION["groupid"] = $ldap->UserGetGroups($_POST["artica_username"], 1);
        $_SESSION["DotClearUserEnabled"] = $u->DotClearUserEnabled;
        $_SESSION["MailboxActive"] = $u->MailboxActive;
        $_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}";
        $_SESSION["ou"] = $u->ou;
        $_SESSION["UsersInterfaceDatas"] = trim($u->UsersInterfaceDatas);
        $lang = new articaLang();
        writelogs("[{$_POST["artica_username"]}]: Default organization language={$_SESSION["OU_LANG"]}", __FUNCTION__, __FILE__);
        if (trim($_SESSION["OU_LANG"]) != null) {
            $_SESSION["detected_lang"] = $_SESSION["OU_LANG"];
            setcookie("artica-language", $_SESSION["OU_LANG"], time() + 172800);
        } else {
            setcookie("artica-language", $_POST["lang"], time() + 172800);
            $_SESSION["detected_lang"] = $lang->get_languages();
        }
        $users->_TranslateRights($privileges_array, true);
        if (!$users->IfIsAnuser(true)) {
            artica_mysql_events("Success to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]} as User", @implode("\n", $notice), "security", "security");
            writelogs("[{$_POST["artica_username"]}]: This is not an user =>admin.index.php", __FUNCTION__, __FILE__);
            echo "location:admin.index.php";
            return null;
        }
        writelogs("[{$_POST["artica_username"]}]: IS AN USER =>../user-backup/logon.php", __FUNCTION__, __FILE__);
        $tpl = new templates();
        $array["USERNAME"] = $_POST["artica_username"];
        $array["PASSWORD"] = md5($_POST["artica_username"]);
        $credentials = base64_encode(serialize($array));
        artica_mysql_events("Success to redirect on the end-user management console from {$_SERVER["REMOTE_HOST"]} as User", @implode("\n", $notice), "security", "security");
        echo "location:../user-backup/logon.php?credentials={$credentials}";
        return null;
        exit;
    } else {
        writelogs("[{$_POST["artica_username"]}]: The password typed  is not the same in ldap database...", __FUNCTION__, __FILE__);
        artica_mysql_events("Failed to logon on the management console as user from {$_SERVER["REMOTE_HOST"]} (bad password)", @implode("\n", $notice), "security", "security");
        echo "bad password";
        return null;
    }
}
Exemplo n.º 5
0
function logon()
{
    include "ressources/settings.inc";
    include_once 'ressources/class.sockets.inc';
    include_once 'ressources/class.ldap.inc';
    include_once 'ressources/class.user.inc';
    include_once 'ressources/class.langages.inc';
    $sock = new sockets();
    $tpl = new templates();
    $_POST["artica_password"] = url_decode_special($_POST["artica_password"]);
    writelogs("Testing logon....{$_POST["artica_username"]}", __FUNCTION__, __FILE__, __LINE__);
    //writelogs("Testing logon.... password:{$_POST["artica_password"]}",__FUNCTION__,__FILE__,__LINE__);
    $_COOKIE["artica-language"] = $_POST["lang"];
    $FileCookyKey = md5($_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"]);
    $sock->SET_INFO($FileCookyKey, $_POST["Changelang"]);
    if (!isset($GLOBALS["FixedLanguage"])) {
        $GLOBALS["FixedLanguage"] = $sock->GET_INFO("FixedLanguage");
    }
    $VIA_API = false;
    if (isset($_POST["VIA_API"])) {
        $VIA_API = true;
    }
    if ($_SESSION["uid"] != null) {
        if (!$VIA_API) {
            echo "location:admin.index.php";
            return;
        }
    }
    $socks = new sockets();
    while (list($index, $value) = each($_SERVER)) {
        $notice[] = "{$index}:{$value}";
    }
    if ($_GLOBAL["ldap_admin"] == null) {
        $sock->getFrameWork("services.php?process1-tenir=yes?MyCURLTIMEOUT=120");
        include "ressources/settings.inc";
    }
    if ($_GLOBAL["ldap_admin"] == null) {
        if ($VIA_API) {
            echo "FALSE";
            return;
        }
        $tpl = new templates();
        echo $tpl->javascript_parse_text("{ldap_username_corrupt_text}");
        return null;
    }
    $md5submitted = $_POST["artica_password"];
    if ($VIA_API) {
        $md5submitted = md5($_POST["artica_password"]);
    }
    $md5Manager = md5(trim($_GLOBAL["ldap_password"]));
    if (trim($GLOBALS["FixedLanguage"]) != null) {
        $_POST["lang"] = $GLOBALS["FixedLanguage"];
    }
    $trimed_artica_username = trim(strtolower($_POST["artica_username"]));
    $trimed_ldap_admin = trim(strtolower($_GLOBAL["ldap_admin"]));
    writelogs("Manager -> {$trimed_artica_username} ?=== {$trimed_ldap_admin}", _FUNCTION__, __FILE__, __LINE__);
    if ($trimed_artica_username == $trimed_ldap_admin) {
        writelogs("Manager: `YES`", __FUNCTION__, __FILE__, __LINE__);
        if ($md5Manager != $md5submitted) {
            $tpl = new templates();
            //writelogs("Testing logon.... password:{$_POST["artica_password"]}!==\"{$_GLOBAL["ldap_password"]}\"",__FUNCTION__,__FILE__,__LINE__);
            artica_mysql_events("Failed to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]}", @implode("\n", $notice), "security", "security");
            if ($VIA_API) {
                echo "FALSE";
                return;
            }
            echo $tpl->javascript_parse_text("{wrong_password_or_username}");
            return null;
        } else {
            $users = new usersMenus();
            artica_mysql_events("Success to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]} as SuperAdmin", @implode("\n", $notice), "security", "security");
            //session_start();
            $_SESSION["uid"] = '-100';
            $_SESSION["groupid"] = '-100';
            $_SESSION["passwd"] = $_GLOBAL["ldap_password"];
            $_SESSION["MINIADM"] = false;
            setcookie("MINIADM", "No", time() + 1000);
            $_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}";
            setcookie("artica-language", $_POST["lang"], time() + 172800);
            $_SESSION["detected_lang"] = $_POST["lang"];
            $_SESSION["CORP"] = $users->CORP_LICENSE;
            $_SESSION["privileges"]["ArticaGroupPrivileges"] = '
			[AllowAddGroup]="yes"
			[AllowAddUsers]="yes"
			[AllowChangeKav]="yes"
			[AllowChangeKas]="yes"
			[AllowChangeUserPassword]="yes"
			[AllowEditAliases]="yes"
			[AllowEditAsWbl]="yes"
			[AsSystemAdministrator]="yes"
			[AsPostfixAdministrator]="yes"
			[AsArticaAdministrator]="yes"
			[AsArticaMetaAdmin]="yes"
			';
            if ($VIA_API) {
                writelogs("VIA API = TRUE -> BUILD SESSION", _FUNCTION__, __FILE__, __LINE__);
                BuildSession($_SESSION["uid"]);
                echo "TRUE";
                return;
            }
            $tpl = new templates();
            $sock->getFrameWork("squid.php?clean-catz-cache=yes");
            writelogs("OK it is a global admin -> location:admin.index.php", _FUNCTION__, __FILE__, __LINE__);
            echo "location:admin.index.php";
            exit;
        }
    }
    $ldap = new clladp();
    if ($ldap->IsKerbAuth()) {
        $userPassword = $_POST["artica_password"];
        if (isset($_POST["artica_password_crypted"])) {
            $userPassword = $_POST["artica_password_crypted"];
            include_once dirname(__FILE__) . "/ressources/class.cryptform.inc";
            $userPassword = logon_decrypt($userPassword);
        }
        writelogs("*** TEST Active Directory user {$_POST["artica_username"]} ****", __FUNCTION__, __FILE__, __LINE__);
        $external_ad_search = new external_ad_search();
        if ($external_ad_search->CheckUserAuth($_POST["artica_username"], $userPassword)) {
            writelogs("*** TEST Active Directory user {$_POST["artica_username"]} success ****", __FUNCTION__, __FILE__, __LINE__);
            $_SESSION["MINIADM"] = false;
            setcookie("MINIADM", "No", time() + 1000);
            $_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}";
            setcookie("artica-language", $_POST["lang"], time() + 172800);
            $_SESSION["detected_lang"] = $_POST["lang"];
            $_SESSION["CORP"] = $users->CORP_LICENSE;
            $users = new usersMenus();
            $privs = new privileges($_POST["artica_username"]);
            $privileges_array = $privs->privs;
            DumpPrivileges($_POST["artica_username"], $privileges_array);
            $users->_TranslateRights($privileges_array, true);
            setcookie("mem-logon-user", $_POST["artica_username"], time() + 172800);
            $_SESSION["privileges_array"] = $privs->privs;
            $_SESSION["uid"] = $_POST["artica_username"];
            BuildSession($_POST["artica_username"]);
            $sock->getFrameWork("squid.php?clean-catz-cache=yes");
            $_SESSION["MINIADM"] = false;
            setcookie("MINIADM", "No", time() + 1000);
            if ($VIA_API) {
                BuildSession($_SESSION["uid"]);
                echo "TRUE";
                return;
            }
            echo "location:admin.index.php";
            return;
        } else {
            if (is_array($GLOBALS["CLASS_ACTV"])) {
                while (list($key, $line) = each($GLOBALS["CLASS_ACTV"])) {
                    writelogs("*** Active Directory {$line}", __FUNCTION__, __FILE__, __LINE__);
                }
            }
        }
    }
    if (Radius_admins($_POST["artica_username"], $md5submitted)) {
        writelogs('*** TEST RADIUS USER ****', __FUNCTION__, __FILE__, __LINE__);
        $tpl = new templates();
        $sock->getFrameWork("squid.php?clean-catz-cache=yes");
        writelogs("OK it is a global admin -> location:admin.index.php", _FUNCTION__, __FILE__, __LINE__);
        if ($VIA_API) {
            BuildSession($_SESSION["uid"]);
            echo "TRUE";
            return;
        }
        echo "location:admin.index.php";
        exit;
    }
    writelogs('This is not Global admin, so test user...', __FUNCTION__, __FILE__, __LINE__);
    $u = new user($_POST["artica_username"]);
    $userPassword = $u->password;
    if (trim($u->uidNumber) == null) {
        if ($VIA_API) {
            echo "FALSE";
            return;
        }
        writelogs('Unable to get user infos abort', __FUNCTION__, __FILE__);
        echo $tpl->javascript_parse_text("{wrong_password_or_username}");
        return null;
    }
    $tpl = new templates();
    if (trim($_POST["artica_password"]) == md5(trim($userPassword))) {
        BuildSession($u->uid);
        $ldap = new clladp();
        $users = new usersMenus();
        $privs = new privileges($u->uid);
        $privileges_array = $privs->privs;
        if (trim($FixedLanguage) != null) {
            $_SESSION["detected_lang"] = $FixedLanguage;
        }
        $users->_TranslateRights($privileges_array, true);
        if (!$users->IfIsAnuser(true)) {
            if ($VIA_API) {
                echo "TRUE";
                return;
            }
            artica_mysql_events("Success to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]} as User", @implode("\n", $notice), "security", "security");
            writelogs("[{$_POST["artica_username"]}]: This is not an user =>admin.index.php", __FUNCTION__, __FILE__);
            $sock->getFrameWork("squid.php?clean-catz-cache=yes");
            $_SESSION["MINIADM"] = false;
            setcookie("MINIADM", "No", time() + 1000);
            if ($VIA_API) {
                BuildSession($_SESSION["uid"]);
                echo "TRUE";
                return;
            }
            echo "location:admin.index.php";
            return null;
        }
        if ($VIA_API) {
            BuildSession($_SESSION["uid"]);
            echo "TRUE";
            return;
        }
        writelogs("[{$_POST["artica_username"]}]: IS AN USER =>../user-backup/logon.php", __FUNCTION__, __FILE__);
        $array["USERNAME"] = $_POST["artica_username"];
        $array["PASSWORD"] = md5($_POST["artica_username"]);
        $credentials = base64_encode(serialize($array));
        artica_mysql_events("Success to redirect on the end-user management console from {$_SERVER["REMOTE_HOST"]} as User", @implode("\n", $notice), "security", "security");
        echo "location:../miniadm.logon.php?credentials={$credentials}";
        return null;
        exit;
    } else {
        if ($VIA_API) {
            echo "FALSE";
            return;
        }
        writelogs("[{$_POST["artica_username"]}]: The password typed  is not the same in ldap database...", __FUNCTION__, __FILE__);
        artica_mysql_events("Failed to logon on the management console as user from {$_SERVER["REMOTE_HOST"]} (bad password)", @implode("\n", $notice), "security", "security");
        echo $tpl->javascript_parse_text("{wrong_password_or_username}");
        return null;
    }
}