function authenticate_user($user_name, $user_pass) { // First determine if this is a local or ldap user if ($this->is_local_user($user_name, 'local')) { return $this->authenticate_local_user($user_name, $user_pass); } else { if (!($user_info = $this->authenticate_ldap_user($user_name, $user_pass))) { // Auth failed return false; } // Userinfo is an array which hold email and full name // Ok user is success fully authenticated // create user object and update / insert if (!($userid = $this->is_local_user($user_name, 'ldap'))) { $ldap_user = new User(); $ldap_user->set_full_name($user_info["fullname"]); $ldap_user->set_email($user_info["email"]); $ldap_user->set_user_name($user_name); $ldap_user->set_user_type('ldap'); // New user insert in local user if (!($userid = $ldap_user->insert())) { // Unable to update local user cache $this->error = $ldap_user->get_error(); return false; } // existing user update in local user cache } else { $ldap_user = new User($userid); $ldap_user->set_full_name($user_info["fullname"]); $ldap_user->set_email($user_info["email"]); $ldap_user->set_user_name($user_name); $ldap_user->set_user_type('ldap'); if (!$ldap_user->update()) { // Unable to update local user cache $this->error = $ldap_user->get_error(); return false; } } // get groups if (!($ldap_groups = $this->get_ldap_groups($user_name, $user_pass))) { return false; } if (!$this->update_ldap_groups($userid, $ldap_groups)) { // Unable to update local group cache return false; } return true; } }
} die("done"); case "edit_display_name": $query = mysql_query("SELECT * FROM `users`"); while ($row = mysql_fetch_object($query)) { if (strtolower($row->display_name) == strtolower($_POST["display_name"])) { die("error_display_name_used"); } } $user->set_display_name($_POST["display_name"]); if (!isset($_REQUEST["inactive_user"])) { $user->set_last_seen("change_user_info:display_name"); } die("done"); case "edit_name": $user->set_full_name(ucfirst($_POST["name_last"]), ucfirst($_POST["name_middle"]), ucfirst($_POST["name_first"])); if (!isset($_REQUEST["inactive_user"])) { $user->set_last_seen("change_user_info:name"); } die("done"); case "edit_dob": list($year, $month, $day) = explode("-", $_POST["datepicker"]); $user->set_dob($year, $month, $day); if (!isset($_REQUEST["inactive_user"])) { $user->set_last_seen("change_user_info:dob"); } die("done"); case "edit_email": if (!preg_match("/^(([a-zA-Z0-9_\\-\\.]+)@([a-zA-Z0-9_\\-\\.]+)\\.([a-zA-Z]{2,5}){1,25})+([;.](([a-zA-Z0-9_\\-\\.]+)@([a-zA-Z0-9_\\-\\.]+)\\.([a-zA-Z]{2,5}){1,25})+)*\$/", $_POST["email"])) { die("error_invalid"); }
function updateUser() { global $tool, $propertyForm; $tempInfo = array(); $infoKey = array("id", "full", "user", "email"); foreach ($infoKey as $index => $key) { $tempInfo[$key] = htmlspecialchars(trim($_POST[$key]), ENT_QUOTES); } //add slashes to these 2 to make sure it does not display wrongly $tempInfo[user] = addslashes($tempInfo[user]); $tempInfo[full] = addslashes($tempInfo[full]); $newUser = new User($tempInfo[id]); //checks if the name is empty, if not set all the names and insert them if ($newUser->set_user_name($tempInfo[user])) { //set all the values to the query $newUser->set_full_name($tempInfo[full]); $newUser->set_email($tempInfo[email]); //if the insert is sucessful reload the page with the new values if ($newUser->update()) { $status = "success"; echo "<script language='javascript'>LoadPage(\"configurations.php?action=userManage&mode=edit&update=" . $status . "\", 'settingsInfo');</script>"; //echo "<meta http-equiv=\"REFRESH\" content=\"0;url=".$_SERVER['PHP_SELF']."?action=userManage&add=$status\">"; } else { $propertyForm->error("Warning: Failed to update user. Reason: " . $newUser->get_error(), $_GET['ID']); } } else { $propertyForm->error("Warning: Failed to update user. Reason: " . $newUser->get_error(), $_GET['ID']); } }