function encode_node($node) { $literals = [null => 'nil', true => 'true', false => 'false']; if (is_literal($node) && isset($literals[$node])) { return $literals[$node]; } if (is_character($node)) { return encode_character($node); } if (is_string($node)) { return encode_string($node); } if ($node instanceof Keyword) { return ':' . encode_symbol($node); } if ($node instanceof Symbol) { return encode_symbol($node); } if (is_int($node) || is_float($node)) { return $node; } if ($node instanceof LinkedList) { return encode_list($node); } if ($node instanceof Vector) { return encode_vector($node); } if ($node instanceof Map) { return encode_map($node); } if ($node instanceof Set) { return encode_set($node); } if ($node instanceof Tagged) { return encode_tagged($node); } if (is_array($node)) { return !count($node) || isset($node[0]) ? encode_list(new \ArrayIterator($node)) : encode_map(convert_assoc_to_map($node)); } throw new \InvalidArgumentException(sprintf('Cannot encode node of type %s.', gettype($node))); }
$out = "<login>\n"; if ($single_user == "Y") { // No login for single-user mode $out .= "<error>No login required for single-user mode</error>\n"; } else { if ($use_http_auth) { // There is no login page when using HTTP authorization $out .= "<error>No login required for HTTP authentication</error>\n"; } else { if (!empty($login) && !empty($password)) { $login = trim($login); if (user_valid_login($login, $password)) { user_load_variables($login, ""); // set login to expire in 365 days srand((double) microtime() * 1000000); $salt = chr(rand(ord('A'), ord('z'))) . chr(rand(ord('A'), ord('z'))); $encoded_login = encode_string($login . "|" . crypt($password, $salt)); //SetCookie ( "webcalendar_session", $encoded_login, 0, $cookie_path ); $out .= " <cookieName>webcalendar_session</cookieName>\n"; $out .= " <cookieValue>{$encoded_login}</cookieValue>\n"; if ($is_admin) { $out .= " <admin>1</admin>\n"; } } else { $out .= " <error>Invalid login</error>\n"; } } } } echo $out; echo "</login>\n";
if ($use_http_auth) { // There is no login page when using HTTP authorization do_redirect('index.php'); } else { if (!empty($login) && !empty($password) && !$logout) { if (get_magic_quotes_gpc()) { $password = stripslashes($password); $login = stripslashes($login); } $login = trim($login); if ($login != addslashes($login)) { die_miserable_death('Illegal characters in login ' . '<tt>' . htmlentities($login) . '</tt>'); } if (user_valid_login($login, $password)) { user_load_variables($login, ''); $encoded_login = encode_string($login . '|' . crypt($password)); // set login to expire in 365 days if (!empty($remember) && $remember == 'yes') { SetCookie('webcalendar_session', $encoded_login, time() + 24 * 3600 * 365, $cookie_path); } else { SetCookie('webcalendar_session', $encoded_login, 0, $cookie_path); } // The cookie "webcalendar_login" is provided as a convenience to // other apps that may wish to find out what the last calendar // login was, so they can use week_ssi.php as a server-side include. // As such, it's not a security risk to have it un-encoded since it // is not used to allow logins within this app. It is used to // load user preferences on the login page (before anyone has // logged in) if $REMEMBER_LAST_LOGIN is set to "Y" (in admin.php). if (!empty($remember) && $remember == 'yes') { SetCookie('webcalendar_login', $login, time() + 24 * 3600 * 365, $cookie_path);
$date = getValue('date'); $return_path = getValue('return_path'); // Was a return path set? $url = !empty($return_path) ? clean_whitespace($return_path . (!empty($date) ? '?date=' . $date : '')) : 'index.php'; if ($login == '__public__') { do_redirect($url); } if (!nonuser_load_variables($login, 'temp_')) { die_miserable_death(translate('No such nonuser calendar') . ": {$login}"); } if (empty($temp_is_public) || $temp_is_public != 'Y') { die_miserable_death(print_not_auth(24)); } // calculate path for cookie if (empty($PHP_SELF)) { $PHP_SELF = $_SERVER['PHP_SELF']; } $cookie_path = str_replace('nulogin.php', '', $PHP_SELF); // echo "Cookie path: $cookie_path\n"; if (get_magic_quotes_gpc()) { $login = stripslashes($login); } $login = trim($login); if ($login != addslashes($login)) { die_miserable_death(translate('Illegal characters in login') . ' <tt>' . htmlentities($login) . '</tt>.'); } // Allow proper login using NUC name $encoded_login = encode_string($login . '|nonuser'); // set login to expire in 365 days SetCookie('webcalendar_session', $encoded_login, !empty($remember) && $remember == 'yes' ? 86400 * 365 + time() : 0, $cookie_path); do_redirect($url);
if ($r) { if ($Fcn != '' && $Fcn != '-' && $Fcn != $cn) { list($givenname, $sn) = preg_split('/ /', $Fcn, 2); $mod['cn'] = $Fcn; $mod['cn'] = $decode_normal ? encode_string($mod['cn'], $k) : $mod['cn']; $mod['givenname'] = $givenname; $mod['givenname'] = $decode_normal ? encode_string($mod['givenname'], $k) : $mod['givenname']; $mod['sn'] = $sn; $mod['sn'] = $decode_normal ? encode_string($mod['sn'], $k) : $mod['sn']; } if ($Fmail != '' && $Fmail != '-' && $Fmail != $mail) { $mod['mail'] = $Fmail; } if ($Fou != '' && $Fou != '-' && $Fou != $ou) { $mod['ou'] = $Fou; $mod['ou'] = $decode_normal ? encode_string($mod['ou'], $k) : $mod['ou']; } if ($Ftelephonenumber != '' && $Ftelephonenumber != '-' && $Ftelephonenumber != $telephonenumber) { $mod['telephonenumber'] = $Ftelephonenumber; } if ($Fhomephone != '' && $Fhomephone != '-' && $Fhomephone != $homephone) { $mod['homephone'] = $Fhomephone; } if ($dn != '') { if ($config[ldap_debug] == 'true') { print "<b>DEBUG(LDAP): ldap_mod_replace(): DN='{$dn}'</b><br>\n"; print "<b>DEBUG(LDAP): ldap_mod_replace(): Data:"; print_r($mod); print "</b><br>\n"; } @ldap_mod_replace($ds, $dn, $mod);