108 lines
2.8 KiB
PHP
108 lines
2.8 KiB
PHP
|
<?php
|
||
|
|
|
||
|
|
/*
|
||
|
|
* login.php
|
||
|
|
* For servers whose auth_type is set to 'form'. Pass me the login info
|
||
|
|
* and I'll write two cookies, pla_login_dn_X and pla_pass_X
|
||
|
|
* where X is the server_id. The cookie_time comes from config.php
|
||
|
|
*
|
||
|
|
* Note: this file uses ldap_connect() and ldap_bind() only for purposes
|
||
|
|
* of verifying the user-supplied DN and Password.
|
||
|
|
*
|
||
|
|
* Variables that come in as POST vars:
|
||
|
|
* - login_dn
|
||
|
|
* - login_pass
|
||
|
|
* - server_id
|
||
|
|
*/
|
||
|
|
|
||
|
|
require 'config.php';
|
||
|
|
require_once 'functions.php';
|
||
|
|
|
||
|
|
$server_id = $_POST['server_id'];
|
||
|
|
$dn = stripslashes( $_POST['login_dn'] );
|
||
|
|
$pass = stripslashes( $_POST['login_pass'] );
|
||
|
|
$redirect = rawurldecode( $_POST['redirect'] );
|
||
|
|
$anon_bind = $_POST['anonymous_bind'] == 'on' ? true : false;
|
||
|
|
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
|
||
|
|
|
||
|
|
if( ! $anon_bind ) {
|
||
|
|
strlen($pass) or pla_error( "You left the password blank." );
|
||
|
|
}
|
||
|
|
|
||
|
|
if( $anon_bind ) {
|
||
|
|
$dn = null;
|
||
|
|
$pass = null;
|
||
|
|
}
|
||
|
|
|
||
|
|
$host = $servers[$server_id]['host'];
|
||
|
|
$port = $servers[$server_id]['port'];
|
||
|
|
|
||
|
|
// verify that the login is good
|
||
|
|
$ds = @ldap_connect( $host, $port );
|
||
|
|
$ds or pla_error( "Could not connect to '" . htmlspecialchars( $host ) . "' on port '" . htmlentities( $port ) . "'" );
|
||
|
|
|
||
|
|
// go with LDAP version 3 if possible (needed for renaming and Novell schema fetching)
|
||
|
|
@ldap_set_option( $ds, LDAP_OPT_PROTOCOL_VERSION, 3 );
|
||
|
|
|
||
|
|
$bind_result = @ldap_bind( $ds, $dn, $pass );
|
||
|
|
|
||
|
|
if( ! $bind_result )
|
||
|
|
pla_error( "Bad username/password. Try again" );
|
||
|
|
|
||
|
|
$expire = $cookie_time==0 ? null : time()+$cookie_time;
|
||
|
|
if( $anon_bind ) {
|
||
|
|
// we set the cookie val to 0 for anonymous binds.
|
||
|
|
$res1 = setcookie( "pla_login_dn_$server_id", '0', $expire, dirname( $_SERVER['PHP_SELF'] ) );
|
||
|
|
$res2 = setcookie( "pla_pass_$server_id", '0', $expire, dirname( $_SERVER['PHP_SELF'] ) );
|
||
|
|
} else {
|
||
|
|
$res1 = setcookie( "pla_login_dn_$server_id", $dn, $expire, dirname( $_SERVER['PHP_SELF'] ) );
|
||
|
|
$res2 = setcookie( "pla_pass_$server_id", $pass, $expire, dirname( $_SERVER['PHP_SELF'] ) );
|
||
|
|
}
|
||
|
|
if( ! $res1 || ! $res2 )
|
||
|
|
pla_error( "Could not set cookie!" );
|
||
|
|
?>
|
||
|
|
|
||
|
|
<html>
|
||
|
|
<head>
|
||
|
|
<script language="javascript">
|
||
|
|
parent.left_frame.location.reload();
|
||
|
|
<?php if( $redirect ) { ?>
|
||
|
|
location.href='<?php echo $redirect; ?>';
|
||
|
|
<?php } ?>
|
||
|
|
</script>
|
||
|
|
<link rel="stylesheet" href="style.css" />
|
||
|
|
|
||
|
|
<?php if( $redirect ) { ?>
|
||
|
|
|
||
|
|
<meta http-equiv="refresh" content="0;<?php echo $redirect; ?>" />
|
||
|
|
|
||
|
|
<?php } ?>
|
||
|
|
|
||
|
|
</head>
|
||
|
|
<body>
|
||
|
|
|
||
|
|
<?php if( $redirect ) { ?>
|
||
|
|
|
||
|
|
Redirecting... Click <a href="<?php echo $redirect; ?>">here</a> if nothing happens.<br />
|
||
|
|
|
||
|
|
<?php } else { ?>
|
||
|
|
|
||
|
|
<center>
|
||
|
|
<br />
|
||
|
|
<br />
|
||
|
|
Logged in to <b><?php echo htmlspecialchars($servers[$server_id]['name']); ?></b><br />
|
||
|
|
<?php if( $anon_bind ) { ?>
|
||
|
|
(anonymous bind)
|
||
|
|
<?php } ?>
|
||
|
|
<br />
|
||
|
|
<br />
|
||
|
|
<br />
|
||
|
|
Click <a href="search.php?server_id=<?php echo $server_id?>">here</a> to go to the search form.
|
||
|
|
</center>
|
||
|
|
|
||
|
|
<?php } ?>
|
||
|
|
|
||
|
|
</body>
|
||
|
|
</html>
|
||
|
|
|