public function login() { header("Content-Type:text/html; charset=utf-8"); $username = isset($_POST['username']) ? $_POST['username'] : ''; $password = isset($_POST['password']) ? $_POST['password'] : ''; // print_r($username); $sqlAuth = new SQLAuthenticator(); if ($SQLRet = $sqlAuth->authenticate($username, $password)) { AuditLog::writeLog('login in', session('userid')); $this->getUserPermission(); $this->success("login success 1 "); } else { if ($ldapRet = $this->authenticate($username, $password)) { AuditLog::writeLog('login in', session('userid')); $this->getUserPermission(); $this->success("login success 2 "); } else { $this->error('Your account may be disabled or blocked or the username/password you entered is incorrect.'); } } }
// but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with this program; if not, write to the Free Software // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. // require_once "../ipplanlib.php"; require_once "../adodb/adodb.inc.php"; require_once "../class.dbflib.php"; require_once "../layout/class.layout"; require_once "../auth.php"; $auth = new SQLAuthenticator(REALM, REALMERROR); // And now perform the authentication $auth->authenticate(); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Change user password"); newhtml($p); $w = myheading($p, $title); // explicitly cast variables as security measure against SQL injection list($user, $password1, $password2) = myRegister("S:user S:password1 S:password2"); $formerror = ""; $ds = new IPplanDbf() or myError($w, $p, my_("Could not connect to database")); if ($_POST) { $password1 = trim($password1); $password2 = trim($password2);
// but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with this program; if not, write to the Free Software // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. // require_once "../ipplanlib.php"; require_once "../adodb/adodb.inc.php"; require_once "../class.dbflib.php"; require_once "../layout/class.layout"; require_once "../auth.php"; $auth = new SQLAuthenticator(REALM, REALMERROR); // And now perform the authentication $grps = $auth->authenticate(); // set language isset($_COOKIE["ipplanLanguage"]) && myLanguage($_COOKIE['ipplanLanguage']); //setdefault("window",array("bgcolor"=>"white")); //setdefault("table",array("cellpadding"=>"0")); //setdefault("text",array("size"=>"2")); $title = my_("Modify/Copy/Move/Delete/Split/Join subnets"); newhtml($p); insert($p, $h = wheader("IPPlan - {$title}")); insert($h, script("", array("type" => "text/javascript", "src" => "../cookies.js"))); insert($h, script("", array("type" => "text/javascript", "src" => "../phpserializer.js"))); insert($h, script("", array("type" => "text/javascript", "src" => "../ipplanlib.js"))); $w = myheading($p, $title, true); // explicitly cast variables as security measure against SQL injection list($cust, $areaindex) = myRegister("I:cust I:areaindex"); // display opening text
function authenticate($username, $password) { global $dPconfig; $this->username = $username; if (strlen($password) == 0) { return false; } // LDAP will succeed binding with no password on AD (defaults to anon bind) if ($this->fallback == true) { if (parent::authenticate($username, $password)) { return true; } } // Fallback SQL authentication fails, proceed with LDAP if (!($rs = @ldap_connect($this->ldap_host, $this->ldap_port))) { return false; } @ldap_set_option($rs, LDAP_OPT_PROTOCOL_VERSION, $this->ldap_version); @ldap_set_option($rs, LDAP_OPT_REFERRALS, 0); //$ldap_bind_dn = "cn=".$this->ldap_search_user.",".$this->base_dn; $ldap_bind_dn = empty($this->ldap_search_user) ? NULL : $this->ldap_search_user; $ldap_bind_pw = empty($this->ldap_search_pass) ? NULL : $this->ldap_search_pass; if (!($bindok = @ldap_bind($rs, $ldap_bind_dn, $ldap_bind_pw))) { // Uncomment for LDAP debugging /* $error_msg = ldap_error($rs); die("Couldnt Bind Using ".$ldap_bind_dn."@".$this->ldap_host.":".$this->ldap_port." Because:".$error_msg); */ return false; } else { $filter_r = html_entity_decode(str_replace("%USERNAME%", $username, $this->filter), ENT_COMPAT, 'UTF-8'); $result = @ldap_search($rs, $this->base_dn, $filter_r); if (!$result) { return false; } // ldap search returned nothing or error $result_user = ldap_get_entries($rs, $result); if ($result_user["count"] == 0) { return false; } // No users match the filter $first_user = $result_user[0]; $ldap_user_dn = $first_user["dn"]; // Bind with the dn of the user that matched our filter (only one user should match sAMAccountName or uid etc..) if (!($bind_user = @ldap_bind($rs, $ldap_user_dn, $password))) { /* $error_msg = ldap_error($rs); die("Couldnt Bind Using ".$ldap_user_dn."@".$this->ldap_host.":".$this->ldap_port." Because:".$error_msg); */ return false; } else { if ($this->userExists($username)) { return true; } else { $this->createsqluser($username, $password, $first_user); } return true; } } }
function authenticate($username, $password) { $ret = parent::authenticate($username, $password); if ($ret == false) { return false; } $q = new DBQuery(); $q->addTable('user_ip_lock'); $q->addQuery('user_id'); $q->addWhere("user_id = {$this->user_id}"); $q->addWhere("user_ip = '{$_SERVER['REMOTE_ADDR']}'"); $row = $q->loadResult(); if ($row) { return false; } return true; }