function change(){ if(strlen(trim($_POST["change_password"]))>1){ $sock=new sockets(); $sock->SET_INFO("RootPasswordChanged", 1); $change_password=url_decode_special($_POST["change_password"]); include_once(dirname(__FILE__))."/ressources/class.samba.inc"; $smb=new samba(); $smb->createRootID($change_password); } }
function Save() { ini_set('display_errors', 1); ini_set('error_reporting', E_ALL); ini_set('error_prepend_string', null); ini_set('error_append_string', null); $sock = new wifidog_settings($_POST["ruleid"]); unset($_POST["ruleid"]); while (list($key, $value) = each($_POST)) { $value = url_decode_special($value); $sock->SET_INFO($key, $value); } }
function change() { if (strlen(trim($_POST["change_password"])) > 1) { $sock = new sockets(); $sock->SET_INFO("RootPasswordChanged", 1); writelogs(" -> nsswitch ", __FUNCTION__, __FILE__, __LINE__); $sock->getFrameWork("services.php?nsswitch=yes"); $change_password = url_decode_special($_POST["change_password"]); $changeRootPasswd = urlencode(base64_encode($change_password)); writelogs(" -> services.php?changeRootPasswd= ", __FUNCTION__, __FILE__, __LINE__); $sock->getFrameWork("services.php?changeRootPasswd={$changeRootPasswd}"); include_once dirname(__FILE__) . "/ressources/class.samba.inc"; $smb = new samba(); $smb->createRootID($change_password); } }
function change() { $sock = new sockets(); $nsswitchEnableLdap = intval($sock->GET_INFO("nsswitchEnableLdap")); if (strpos(" {$_POST["change_password"]}", ":") > 0) { echo "`:` not supported !\n"; return; } if (strlen(trim($_POST["change_password"])) > 1) { $_POST["change_password"] = url_decode_special_tool($_POST["change_password"]); if ($nsswitchEnableLdap == 1) { include_once dirname(__FILE__) . "/ressources/class.samba.inc"; $smb = new samba(); if (!$smb->createRootID($_POST["change_password"])) { return; } } $sock->SET_INFO("RootPasswordChanged", 1); $change_password = url_decode_special($_POST["change_password"]); $changeRootPasswd = base64_encode($change_password); writelogs(" -> services.php?changeRootPasswd= ", __FUNCTION__, __FILE__, __LINE__); echo base64_decode($sock->getFrameWork("services.php?changeRootPasswd={$changeRootPasswd}&pass={$changeRootPasswd}")); } }
function ChangeUserPassword() { include_once 'ressources/class.main_cf.inc'; include_once 'ressources/class.main_cf_filtering.inc'; include_once 'ressources/class.squid.inc'; include_once 'ressources/class.samba.inc'; include_once 'ressources/class.httpd.inc'; $sock = new sockets(); $tpl = new templates(); $ERROR_NO_PRIVS = $tpl->_ENGINE_parse_body("{ERROR_NO_PRIVS}"); if ($_SESSION["uid"] != '-100') { echo $ERROR_NO_PRIVS; return; } if ($sock->GET_INFO("ArticaMetaDisableMasterAccount") == 1) { echo $ERROR_NO_PRIVS; return; } $users = new usersMenus(); $username = trim($_POST["change_admin"]); $password = url_decode_special($_POST["change_password"]); $md5 = md5($username . $password); $ldap = new clladp(); $md52 = md5(trim($ldap->ldap_admin) . trim($ldap->ldap_password)); $tpl = new templates(); $ldap_server = $_POST["ldap_server"]; $ldap_port = $_POST["ldap_port"]; $suffix = $_POST["suffix"]; $change_ldap_server_settings = $_POST["change_ldap_server_settings"]; if ($change_ldap_server_settings != 'yes') { $change_ldap_server_settings = "no"; } writelogs("change_password {$password}", __FUNCTION__, __FILE__, __LINE__); $password = base64_encode($password); writelogs("change_password {$password}", __FUNCTION__, __FILE__, __LINE__); if ($ldap_server == null) { $ldap_server = "127.0.0.1"; } if ($ldap_port == null) { $ldap_port = "389"; } if ($suffix == null) { $suffix = "dc=nodomain"; } $username = urlencode($username); $password = urlencode($password); $cmd = "cmd.php?ChangeLDPSSET=yes&ldap_server={$ldap_server}&ldap_port={$ldap_port}&suffix={$suffix}"; $cmd = $cmd . "&change_ldap_server_settings={$change_ldap_server_settings}&username={$username}&password={$password}"; $datas = $sock->getFrameWork("{$cmd}"); echo replace_accents(html_entity_decode($tpl->_ENGINE_parse_body("{success}:{$ldap_server}:{$ldap_port} ({$suffix})\n{$username}\n-------\"\"------"))); }
function logon() { include "ressources/settings.inc"; $sock = new sockets(); $_POST["artica_password"] = url_decode_special($_POST["artica_password"]); writelogs("Testing logon....{$_POST["artica_username"]}", __FUNCTION__, __FILE__, __LINE__); writelogs("Testing logon.... password:{$_POST["artica_password"]}", __FUNCTION__, __FILE__, __LINE__); $_COOKIE["artica-language"] = $_POST["lang"]; $FileCookyKey = md5($_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"]); $sock->SET_INFO($FileCookyKey, $_POST["Changelang"]); $socks = new sockets(); if (!$socks->TestArticaPort()) { if (is_file("ressources/logs/boa.start")) { $boa_error = file_get_contents("ressources/logs/boa.start"); } echo "Unable to connect to Artica daemon port:{$boa_error}"; exit; } while (list($index, $value) = each($_SERVER)) { $notice[] = "{$index}:{$value}"; } if ($_POST["artica_username"] == $_GLOBAL["ldap_admin"]) { if ($_POST["artica_password"] != $_GLOBAL["ldap_password"]) { writelogs("Testing logon.... password:{$_POST["artica_password"]}!==\"{$_GLOBAL["ldap_password"]}\"", __FUNCTION__, __FILE__, __LINE__); artica_mysql_events("Failed to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]}", @implode("\n", $notice), "security", "security"); echo "bad password"; return null; } else { artica_mysql_events("Success to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]} as SuperAdmin", @implode("\n", $notice), "security", "security"); //session_start(); $_SESSION["uid"] = '-100'; $_SESSION["groupid"] = '-100'; $_SESSION["passwd"] = $_POST["artica_password"]; $_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}"; setcookie("artica-language", $_POST["lang"], time() + 172800); $_SESSION["detected_lang"] = $_POST["lang"]; $_SESSION["privileges"]["ArticaGroupPrivileges"] = ' [AllowAddGroup]="yes" [AllowAddUsers]="yes" [AllowChangeKav]="yes" [AllowChangeKas]="yes" [AllowChangeUserPassword]="yes" [AllowEditAliases]="yes" [AllowEditAsWbl]="yes" [AsSystemAdministrator]="yes" [AsPostfixAdministrator]="yes" [AsArticaAdministrator]="yes" '; $tpl = new templates(); echo "location:admin.index.php"; exit; } } writelogs('This is not Global admin, so test user...', __FUNCTION__, __FILE__); $u = new user($_POST["artica_username"]); $userPassword = $u->password; if (trim($u->uidNumber) == null) { writelogs('Unable to get user infos abort', __FUNCTION__, __FILE__); echo "Unknown user"; return null; } if (trim($_POST["artica_password"]) == trim($userPassword)) { $ldap = new clladp(); $users = new usersMenus(); $privs = new privileges($u->uid); $privileges_array = $privs->privs; setcookie("mem-logon-user", $_POST["artica_username"], time() + 172800); $_SESSION["privileges_array"] = $privs->privs; $_SESSION["privs"] = $privileges_array; $_SESSION["OU_LANG"] = $privileges_array["ForceLanguageUsers"]; $_SESSION["uid"] = $_POST["artica_username"]; $_SESSION["passwd"] = $_POST["artica_password"]; $_SESSION["privileges"]["ArticaGroupPrivileges"] = $privs->content; $_SESSION["groupid"] = $ldap->UserGetGroups($_POST["artica_username"], 1); $_SESSION["DotClearUserEnabled"] = $u->DotClearUserEnabled; $_SESSION["MailboxActive"] = $u->MailboxActive; $_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}"; $_SESSION["ou"] = $u->ou; $_SESSION["UsersInterfaceDatas"] = trim($u->UsersInterfaceDatas); $lang = new articaLang(); writelogs("[{$_POST["artica_username"]}]: Default organization language={$_SESSION["OU_LANG"]}", __FUNCTION__, __FILE__); if (trim($_SESSION["OU_LANG"]) != null) { $_SESSION["detected_lang"] = $_SESSION["OU_LANG"]; setcookie("artica-language", $_SESSION["OU_LANG"], time() + 172800); } else { setcookie("artica-language", $_POST["lang"], time() + 172800); $_SESSION["detected_lang"] = $lang->get_languages(); } $users->_TranslateRights($privileges_array, true); if (!$users->IfIsAnuser(true)) { artica_mysql_events("Success to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]} as User", @implode("\n", $notice), "security", "security"); writelogs("[{$_POST["artica_username"]}]: This is not an user =>admin.index.php", __FUNCTION__, __FILE__); echo "location:admin.index.php"; return null; } writelogs("[{$_POST["artica_username"]}]: IS AN USER =>../user-backup/logon.php", __FUNCTION__, __FILE__); $tpl = new templates(); $array["USERNAME"] = $_POST["artica_username"]; $array["PASSWORD"] = md5($_POST["artica_username"]); $credentials = base64_encode(serialize($array)); artica_mysql_events("Success to redirect on the end-user management console from {$_SERVER["REMOTE_HOST"]} as User", @implode("\n", $notice), "security", "security"); echo "location:../user-backup/logon.php?credentials={$credentials}"; return null; exit; } else { writelogs("[{$_POST["artica_username"]}]: The password typed is not the same in ldap database...", __FUNCTION__, __FILE__); artica_mysql_events("Failed to logon on the management console as user from {$_SERVER["REMOTE_HOST"]} (bad password)", @implode("\n", $notice), "security", "security"); echo "bad password"; return null; } }
function logon() { include "ressources/settings.inc"; $sock = new sockets(); $_POST["artica_password"] = url_decode_special($_POST["artica_password"]); writelogs("Testing logon....{$_POST["artica_username"]}", __FUNCTION__, __FILE__, __LINE__); writelogs("Testing logon.... password:{$_POST["artica_password"]}", __FUNCTION__, __FILE__, __LINE__); $_COOKIE["artica-language"] = $_POST["lang"]; $FileCookyKey = md5($_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"]); $sock->SET_INFO($FileCookyKey, $_POST["Changelang"]); $FixedLanguage = $sock->GET_INFO("FixedLanguage"); $q = new mysql_squid_builder(); $langAutodetect = new articaLang(); unset($_SESSION); $DetectedLanguage = $langAutodetect->get_languages(); if ($GLOBALS["DEBUG_TEMPLATE"]) { error_log("[{$_SESSION["uid"]}]::LANGUAGE: _SESSION[detected_lang]=`{$DetectedLanguage}` function:" . __FUNCTION__ . " in " . basename(__FILE__) . " line " . __LINE__); } $GLOBALS["FIXED_LANGUAGE"] = $DetectedLanguage; $tpl = new templates(); $tpl->language = $DetectedLanguage; $page = CurrentPageName(); $md5submitted = $_POST["artica_password"]; $_POST["artica_username"] = trim(strtolower($_POST["artica_username"])); $sql = "SELECT userid,user_password,email,enabled FROM usersisp WHERE email='{$_POST["artica_username"]}' ORDER BY enabled DESC"; $ligne = @mysql_fetch_array($q->QUERY_SQL($sql)); error_log("[{$_SESSION["uid"]}]::{$sql} ({$q->mysql_error}) function:" . __FUNCTION__ . " in " . __FILE__ . " line " . __LINE__); if (!is_numeric($ligne["userid"])) { $ligne["userid"] = 0; } if ($ligne["userid"] == 0) { echo $tpl->javascript_parse_text("{unknown_user}"); die; } if ($ligne["enabled"] == 0) { echo $tpl->javascript_parse_text("{account_disabled}"); die; } if ($ligne["user_password"] != $md5submitted) { if ($GLOBALS["DEBUG_TEMPLATE"]) { error_log("[{$_SESSION["uid"]}]::LANG:[{$_SESSION["detected_lang"]}]:: `{$ligne["user_password"]}` did not match submited `{$md5submitted}` function:" . __FUNCTION__ . " in " . basename(__FILE__) . " line " . __LINE__); } echo $tpl->javascript_parse_text("{failed_login}"); die; } while (list($index, $value) = each($_SERVER)) { $notice[] = "{$index}:{$value}"; } if (trim($FixedLanguage) != null) { $_POST["lang"] = $FixedLanguage; } artica_mysql_events("Success to logon on the Artica End-user Web proxy console from {$_SERVER["REMOTE_HOST"]} as {$_POST["artica_username"]}", @implode("\n", $notice), "security", "security"); session_start(); $_SESSION["uid"] = $ligne["userid"]; $_SESSION["groupid"] = '0'; $_SESSION["email"] = $_POST["artica_username"]; $_SESSION["passwd"] = $md5submitted; $_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}"; setcookie("artica-language", $_POST["lang"], time() + 172800); $_SESSION["detected_lang"] = $_POST["lang"]; if ($GLOBALS["DEBUG_TEMPLATE"]) { error_log("[{$_SESSION["uid"]}]::LANGUAGE: _SESSION[detected_lang]=`{$_SESSION["detected_lang"]}` function:" . __FUNCTION__ . " in " . basename(__FILE__) . " line " . __LINE__); } $_SESSION["privileges"]["ArticaGroupPrivileges"] = ' [AllowAddGroup]="no" [AllowAddUsers]="no" [AllowChangeKav]="no" [AllowChangeKas]="no" [AllowChangeUserPassword]="no" [AllowEditAliases]="no" [AllowEditAsWbl]="no" [AsSystemAdministrator]="no" [AsPostfixAdministrator]="no" [AsArticaAdministrator]="no" '; $arraySession["email"] = $_POST["artica_username"]; $arraySession["uid"] = $ligne["userid"]; $tpl = new templates(); error_log("[{$_SESSION["uid"]}]::uid:`{$_SESSION["uid"]}` -> squid.users.index.php function:" . __FUNCTION__ . " in " . basename(__FILE__) . " line " . __LINE__); $sessionDatas = base64_encode(serialize($arraySession)); if ($GLOBALS["DEBUG_TEMPLATE"]) { error_log("[{$_SESSION["uid"]}]::FINISH:LANG:[{$_SESSION["detected_lang"]}] => language: _COOKIE=`{$_COOKIE["artica-language"]}` _SESSION=`{$_SESSION["detected_lang"]}` function:" . __FUNCTION__ . " in " . basename(__FILE__) . " line " . __LINE__); } echo "location:squid.users.index.php?phpsess={$sessionDatas}"; die; }
function ChangeUserPassword() { include_once 'ressources/class.main_cf.inc'; include_once 'ressources/class.main_cf_filtering.inc'; include_once 'ressources/class.squid.inc'; include_once 'ressources/class.samba.inc'; include_once 'ressources/class.httpd.inc'; if ($_SESSION["uid"] != '-100') { echo "{error privileges}"; } $users = new usersMenus(); $username = trim($_POST["change_admin"]); $password = url_decode_special($_POST["change_password"]); $md5 = md5($username . $password); $ldap = new clladp(); $md52 = md5(trim($ldap->ldap_admin) . trim($ldap->ldap_password)); $tpl = new templates(); $ldap_server = $_POST["ldap_server"]; $ldap_port = $_POST["ldap_port"]; $suffix = $_POST["suffix"]; $change_ldap_server_settings = $_POST["change_ldap_server_settings"]; if ($change_ldap_server_settings != 'yes') { $change_ldap_server_settings = "no"; } $sock = new sockets(); writelogs("change_password {$password}", __FUNCTION__, __FILE__, __LINE__); $password = base64_encode($password); writelogs("change_password {$password}", __FUNCTION__, __FILE__, __LINE__); $cmd = "cmd.php?ChangeLDPSSET=yes&ldap_server={$ldap_server}&ldap_port={$ldap_port}&suffix={$suffix}"; $cmd = $cmd . "&change_ldap_server_settings={$change_ldap_server_settings}&username={$username}&password={$password}"; $datas = $sock->getFrameWork("{$cmd}"); echo replace_accents(html_entity_decode($tpl->_ENGINE_parse_body("{success}:{$ldap_server}:{$ldap_port} ({$suffix})\n{$username}\n-------\"\"------"))); }
function logon() { include "ressources/settings.inc"; $_POST["artica_password"] = url_decode_special($_POST["artica_password"]); writelogs("Testing logon....{$_POST["artica_username"]}", __FUNCTION__, __FILE__, __LINE__); writelogs("Testing logon.... password:{$_POST["artica_password"]}", __FUNCTION__, __FILE__, __LINE__); $_COOKIE["artica-language"] = $_POST["lang"]; $socks = new sockets(); if (!$socks->TestArticaPort()) { if (is_file("ressources/logs/boa.start")) { $boa_error = file_get_contents("ressources/logs/boa.start"); } echo "Unable to connect to Artica daemon port:{$boa_error}"; exit; } if ($_POST["artica_username"] == $_GLOBAL["ldap_admin"]) { if ($_POST["artica_password"] != $_GLOBAL["ldap_password"]) { echo "bad password"; return null; } else { //session_start(); $_SESSION["uid"] = '-100'; $_SESSION["groupid"] = '-100'; $_SESSION["passwd"] = $_POST["artica_password"]; setcookie("artica-language", $_POST["lang"], time() + 172800); $_SESSION["detected_lang"] = $_POST["lang"]; $_SESSION["privileges"]["ArticaGroupPrivileges"] = ' [AllowAddGroup]="yes" [AllowAddUsers]="yes" [AllowChangeKav]="yes" [AllowChangeKas]="yes" [AllowChangeUserPassword]="yes" [AllowEditAliases]="yes" [AllowEditAsWbl]="yes" [AsSystemAdministrator]="yes" [AsPostfixAdministrator]="yes" [AsArticaAdministrator]="yes" '; $tpl = new templates(); echo "location:admin.index.php"; exit; } } writelogs('This is not Global admin, so test user...', __FUNCTION__, __FILE__); $u = new user($_POST["artica_username"]); $userPassword = $u->password; if (trim($u->uidNumber) == null) { writelogs('Unable to get user infos abort', __FUNCTION__, __FILE__); echo "Unknown user"; return null; } if (trim($_POST["artica_password"]) == trim($userPassword)) { $ldap = new clladp(); $ouprivs = $ldap->_Get_privileges_ou($u->uid, $u->ou); $privileges = $ldap->_Get_privileges_userid($_POST["artica_username"]); $_SESSION["OU_LANG"] = $ouprivs["ForceLanguageUsers"]; $_SESSION["uid"] = $_POST["artica_username"]; $_SESSION["passwd"] = $_POST["artica_password"]; $_SESSION["privileges"]["ArticaGroupPrivileges"] = $privileges; $_SESSION["groupid"] = $ldap->UserGetGroups($_POST["artica_username"], 1); $_SESSION["DotClearUserEnabled"] = $u->DotClearUserEnabled; $_SESSION["MailboxActive"] = $u->MailboxActive; $_SESSION["ou"] = $u->ou; $_SESSION["UsersInterfaceDatas"] = trim($u->UsersInterfaceDatas); $lang = new articaLang(); writelogs("default organization language={$_SESSION["OU_LANG"]}", __FUNCTION__, __FILE__); if (trim($_SESSION["OU_LANG"]) != null) { $_SESSION["detected_lang"] = $_SESSION["OU_LANG"]; setcookie("artica-language", $_SESSION["OU_LANG"], time() + 172800); } else { setcookie("artica-language", $_POST["lang"], time() + 172800); $_SESSION["detected_lang"] = $lang->get_languages(); } $users = new usersMenus(); $privileges_array = $users->_ParsePrivieleges($privileges); $users->_TranslateRights($privileges_array, true); if (!$users->IfIsAnuser(true)) { writelogs('This is not an user =>admin.index.php ', __FUNCTION__, __FILE__); echo "location:admin.index.php"; return null; } writelogs('IT IS AN USER =>../user-backup/logon.php ', __FUNCTION__, __FILE__); $tpl = new templates(); $array["USERNAME"] = $_POST["artica_username"]; $array["PASSWORD"] = md5($_POST["artica_username"]); $credentials = base64_encode(serialize($array)); echo "location:../user-backup/logon.php?credentials={$credentials}"; return null; exit; } else { writelogs("The passord typed is not the same in ldap database...", __FUNCTION__, __FILE__); echo "bad password"; return null; } }
function logon() { include "ressources/settings.inc"; include_once 'ressources/class.sockets.inc'; include_once 'ressources/class.ldap.inc'; include_once 'ressources/class.user.inc'; include_once 'ressources/class.langages.inc'; $sock = new sockets(); $tpl = new templates(); $_POST["artica_password"] = url_decode_special($_POST["artica_password"]); writelogs("Testing logon....{$_POST["artica_username"]}", __FUNCTION__, __FILE__, __LINE__); //writelogs("Testing logon.... password:{$_POST["artica_password"]}",__FUNCTION__,__FILE__,__LINE__); $_COOKIE["artica-language"] = $_POST["lang"]; $FileCookyKey = md5($_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"]); $sock->SET_INFO($FileCookyKey, $_POST["Changelang"]); if (!isset($GLOBALS["FixedLanguage"])) { $GLOBALS["FixedLanguage"] = $sock->GET_INFO("FixedLanguage"); } $VIA_API = false; if (isset($_POST["VIA_API"])) { $VIA_API = true; } if ($_SESSION["uid"] != null) { if (!$VIA_API) { echo "location:admin.index.php"; return; } } $socks = new sockets(); while (list($index, $value) = each($_SERVER)) { $notice[] = "{$index}:{$value}"; } if ($_GLOBAL["ldap_admin"] == null) { $sock->getFrameWork("services.php?process1-tenir=yes?MyCURLTIMEOUT=120"); include "ressources/settings.inc"; } if ($_GLOBAL["ldap_admin"] == null) { if ($VIA_API) { echo "FALSE"; return; } $tpl = new templates(); echo $tpl->javascript_parse_text("{ldap_username_corrupt_text}"); return null; } $md5submitted = $_POST["artica_password"]; if ($VIA_API) { $md5submitted = md5($_POST["artica_password"]); } $md5Manager = md5(trim($_GLOBAL["ldap_password"])); if (trim($GLOBALS["FixedLanguage"]) != null) { $_POST["lang"] = $GLOBALS["FixedLanguage"]; } $trimed_artica_username = trim(strtolower($_POST["artica_username"])); $trimed_ldap_admin = trim(strtolower($_GLOBAL["ldap_admin"])); writelogs("Manager -> {$trimed_artica_username} ?=== {$trimed_ldap_admin}", _FUNCTION__, __FILE__, __LINE__); if ($trimed_artica_username == $trimed_ldap_admin) { writelogs("Manager: `YES`", __FUNCTION__, __FILE__, __LINE__); if ($md5Manager != $md5submitted) { $tpl = new templates(); //writelogs("Testing logon.... password:{$_POST["artica_password"]}!==\"{$_GLOBAL["ldap_password"]}\"",__FUNCTION__,__FILE__,__LINE__); artica_mysql_events("Failed to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]}", @implode("\n", $notice), "security", "security"); if ($VIA_API) { echo "FALSE"; return; } echo $tpl->javascript_parse_text("{wrong_password_or_username}"); return null; } else { $users = new usersMenus(); artica_mysql_events("Success to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]} as SuperAdmin", @implode("\n", $notice), "security", "security"); //session_start(); $_SESSION["uid"] = '-100'; $_SESSION["groupid"] = '-100'; $_SESSION["passwd"] = $_GLOBAL["ldap_password"]; $_SESSION["MINIADM"] = false; setcookie("MINIADM", "No", time() + 1000); $_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}"; setcookie("artica-language", $_POST["lang"], time() + 172800); $_SESSION["detected_lang"] = $_POST["lang"]; $_SESSION["CORP"] = $users->CORP_LICENSE; $_SESSION["privileges"]["ArticaGroupPrivileges"] = ' [AllowAddGroup]="yes" [AllowAddUsers]="yes" [AllowChangeKav]="yes" [AllowChangeKas]="yes" [AllowChangeUserPassword]="yes" [AllowEditAliases]="yes" [AllowEditAsWbl]="yes" [AsSystemAdministrator]="yes" [AsPostfixAdministrator]="yes" [AsArticaAdministrator]="yes" [AsArticaMetaAdmin]="yes" '; if ($VIA_API) { writelogs("VIA API = TRUE -> BUILD SESSION", _FUNCTION__, __FILE__, __LINE__); BuildSession($_SESSION["uid"]); echo "TRUE"; return; } $tpl = new templates(); $sock->getFrameWork("squid.php?clean-catz-cache=yes"); writelogs("OK it is a global admin -> location:admin.index.php", _FUNCTION__, __FILE__, __LINE__); echo "location:admin.index.php"; exit; } } $ldap = new clladp(); if ($ldap->IsKerbAuth()) { $userPassword = $_POST["artica_password"]; if (isset($_POST["artica_password_crypted"])) { $userPassword = $_POST["artica_password_crypted"]; include_once dirname(__FILE__) . "/ressources/class.cryptform.inc"; $userPassword = logon_decrypt($userPassword); } writelogs("*** TEST Active Directory user {$_POST["artica_username"]} ****", __FUNCTION__, __FILE__, __LINE__); $external_ad_search = new external_ad_search(); if ($external_ad_search->CheckUserAuth($_POST["artica_username"], $userPassword)) { writelogs("*** TEST Active Directory user {$_POST["artica_username"]} success ****", __FUNCTION__, __FILE__, __LINE__); $_SESSION["MINIADM"] = false; setcookie("MINIADM", "No", time() + 1000); $_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}"; setcookie("artica-language", $_POST["lang"], time() + 172800); $_SESSION["detected_lang"] = $_POST["lang"]; $_SESSION["CORP"] = $users->CORP_LICENSE; $users = new usersMenus(); $privs = new privileges($_POST["artica_username"]); $privileges_array = $privs->privs; DumpPrivileges($_POST["artica_username"], $privileges_array); $users->_TranslateRights($privileges_array, true); setcookie("mem-logon-user", $_POST["artica_username"], time() + 172800); $_SESSION["privileges_array"] = $privs->privs; $_SESSION["uid"] = $_POST["artica_username"]; BuildSession($_POST["artica_username"]); $sock->getFrameWork("squid.php?clean-catz-cache=yes"); $_SESSION["MINIADM"] = false; setcookie("MINIADM", "No", time() + 1000); if ($VIA_API) { BuildSession($_SESSION["uid"]); echo "TRUE"; return; } echo "location:admin.index.php"; return; } else { if (is_array($GLOBALS["CLASS_ACTV"])) { while (list($key, $line) = each($GLOBALS["CLASS_ACTV"])) { writelogs("*** Active Directory {$line}", __FUNCTION__, __FILE__, __LINE__); } } } } if (Radius_admins($_POST["artica_username"], $md5submitted)) { writelogs('*** TEST RADIUS USER ****', __FUNCTION__, __FILE__, __LINE__); $tpl = new templates(); $sock->getFrameWork("squid.php?clean-catz-cache=yes"); writelogs("OK it is a global admin -> location:admin.index.php", _FUNCTION__, __FILE__, __LINE__); if ($VIA_API) { BuildSession($_SESSION["uid"]); echo "TRUE"; return; } echo "location:admin.index.php"; exit; } writelogs('This is not Global admin, so test user...', __FUNCTION__, __FILE__, __LINE__); $u = new user($_POST["artica_username"]); $userPassword = $u->password; if (trim($u->uidNumber) == null) { if ($VIA_API) { echo "FALSE"; return; } writelogs('Unable to get user infos abort', __FUNCTION__, __FILE__); echo $tpl->javascript_parse_text("{wrong_password_or_username}"); return null; } $tpl = new templates(); if (trim($_POST["artica_password"]) == md5(trim($userPassword))) { BuildSession($u->uid); $ldap = new clladp(); $users = new usersMenus(); $privs = new privileges($u->uid); $privileges_array = $privs->privs; if (trim($FixedLanguage) != null) { $_SESSION["detected_lang"] = $FixedLanguage; } $users->_TranslateRights($privileges_array, true); if (!$users->IfIsAnuser(true)) { if ($VIA_API) { echo "TRUE"; return; } artica_mysql_events("Success to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]} as User", @implode("\n", $notice), "security", "security"); writelogs("[{$_POST["artica_username"]}]: This is not an user =>admin.index.php", __FUNCTION__, __FILE__); $sock->getFrameWork("squid.php?clean-catz-cache=yes"); $_SESSION["MINIADM"] = false; setcookie("MINIADM", "No", time() + 1000); if ($VIA_API) { BuildSession($_SESSION["uid"]); echo "TRUE"; return; } echo "location:admin.index.php"; return null; } if ($VIA_API) { BuildSession($_SESSION["uid"]); echo "TRUE"; return; } writelogs("[{$_POST["artica_username"]}]: IS AN USER =>../user-backup/logon.php", __FUNCTION__, __FILE__); $array["USERNAME"] = $_POST["artica_username"]; $array["PASSWORD"] = md5($_POST["artica_username"]); $credentials = base64_encode(serialize($array)); artica_mysql_events("Success to redirect on the end-user management console from {$_SERVER["REMOTE_HOST"]} as User", @implode("\n", $notice), "security", "security"); echo "location:../miniadm.logon.php?credentials={$credentials}"; return null; exit; } else { if ($VIA_API) { echo "FALSE"; return; } writelogs("[{$_POST["artica_username"]}]: The password typed is not the same in ldap database...", __FUNCTION__, __FILE__); artica_mysql_events("Failed to logon on the management console as user from {$_SERVER["REMOTE_HOST"]} (bad password)", @implode("\n", $notice), "security", "security"); echo $tpl->javascript_parse_text("{wrong_password_or_username}"); return null; } }
function change(){ $sock=new sockets(); $sock->SET_INFO("PAMLdapPrio", $_POST["PAMLdapPrio"]); if(strlen(trim($_POST["change_password"]))>1){ $_POST["change_password"]=url_decode_special_tool($_POST["change_password"]); include_once(dirname(__FILE__))."/ressources/class.samba.inc"; $smb=new samba(); if(!$smb->createRootID($_POST["change_password"])){ return; } $sock->SET_INFO("RootPasswordChanged", 1); writelogs(" -> nsswitch ",__FUNCTION__,__FILE__,__LINE__); $sock->getFrameWork("services.php?nsswitch=yes"); $change_password=url_decode_special($_POST["change_password"]); $changeRootPasswd=base64_encode($change_password); writelogs(" -> services.php?changeRootPasswd= ",__FUNCTION__,__FILE__,__LINE__); echo base64_decode($sock->getFrameWork("services.php?changeRootPasswd=$changeRootPasswd&pass=$changeRootPasswd")); } }