$uok = DbNumRows($res); break; case RADIUS_ACCESS_REJECT: $raderr = "Incorrect RADIUS login!"; break; case RADIUS_ACCESS_CHALLENGE: $raderr = "No RADIUS challenge handling yet!"; break; default: $raderr = "Unknown RADIUS error!"; } } } elseif (strstr($guiauth, 'ldap') && $user != "admin") { # Ldap code by Stephane Garret & vtur require_once "inc/libldap.php"; if (user_from_ldap_servers($user, $_POST['pass'], false)) { $query = GenQuery('users', 's', '*', '', '', array('usrname'), array('='), array($user)); $res = DbQuery($query, $link); $uok = 1; $ldaperr = "<h4>Authentication LDAP OK</h4>"; } else { $uok = 0; $ldaperr = "<h4>Authentication LDAP Failed </h4>"; } } elseif (strstr($guiauth, 'sso') and $_POST['pass'] == 'NO_PASSWD') { # SSO Code for HTTPAUTH PassTrough by Juergen Vigna $query = GenQuery('users', 's', '*', '', '', array('usrname'), array('='), array($user)); $res = DbQuery($query, $link); $uok = DbNumRows($res); if ($uok != 1) { $user = $form_user;
<?php if( strstr($guiauth,'ldap') ) { ?> <input type="submit" name="ldap" value="<?= $addlbl ?> LDAP"> <?}?> </th> </table></form> <p> <?php } $link = DbConnect($dbhost,$dbuser,$dbpass,$dbname); if (isset($_GET['add']) and $_GET['usr']){ $pass = hash('sha256','NeDi'.$_GET['usr'].$_GET['usr']); $query = GenQuery('users','i','','','',array('usrname','password','time','language','theme'),'',array($_GET['usr'],$pass,time(),'english','default') ); if( !DbQuery($query,$link) ){echo "<h4>".DbError($link)."</h4>";}else{echo "<h5>$usrlbl $_GET[usr]: $addlbl OK</h5>";} }elseif(isset($_GET['ldap']) and $_GET['usr']){ $now = time(); if ( user_from_ldap_servers($_GET['usr']) ){ $query = GenQuery('users','i','','','',array('usrname','email','phone','password','time','language','theme'),'',array($fields['ldap_login'] ,$fields['ldap_field_email'],$fields['ldap_field_phone'],'',time(),'english','default') ); if( !DbQuery($query,$link) ){echo "<h4>".DbError($link)."</h4>";}else{echo "<h5>$usrlbl $_GET[usr]: $addbtn OK</h5>";} }else{ echo "<h4>No $usrlbl $_GET[usr] in LDAP!</h4>"; } }elseif(isset($_GET['psw']) ){ $pass = hash("sha256","NeDi".$_GET['psw'].$_GET['psw']); $query = GenQuery('users','u','usrname','=',$_GET[psw],array('password'),array(),array($pass) ); if( !DbQuery($query,$link) ){echo "<h4>".DbError($link)."</h4>";}else{echo "<h5>$usrlbl $_GET[psw]: $reslbl password OK</h5>";} }elseif(isset($_GET['gup']) ){ $query = GenQuery('users','u','usrname','=',$_GET[usr],array('groups'),array(),array($_GET['gup']) ); if( !DbQuery($query,$link) ){echo "<h4>".DbError($link)."</h4>";}else{echo "<h5>$usrlbl $grplbl $updlbl OK</h5>";} }elseif($del){ $query = GenQuery('users','d','','','',array('usrname'),array('='),array($_GET['del']) ); if( !DbQuery($query,$link) ){echo "<h4>".DbError($link)."</h4>";}else{echo "<h5>$usrlbl $_GET[del]: $dellbl OK</h5>";}