|
|
@ -20,7 +20,9 @@ $dbh = new PDO("mysql:host=$config_mysql_host;dbname=$config_mysql_dbname;charse |
|
|
|
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); |
|
|
|
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); |
|
|
|
$dbh->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); |
|
|
|
$dbh->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); |
|
|
|
|
|
|
|
|
|
|
|
include("lib.php"); // only for get_language from browser. TODO: simplify |
|
|
|
include("lib.php"); // for smarty e.g. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// ========== LOGIN FUNCTIONS ================================================= |
|
|
|
|
|
|
|
|
|
|
|
function check_ldap_bind($user_name, $user_pass) { |
|
|
|
function check_ldap_bind($user_name, $user_pass) { |
|
|
|
global $config_ldap_host; |
|
|
|
global $config_ldap_host; |
|
|
@ -40,7 +42,7 @@ function check_ldap_bind($user_name, $user_pass) { |
|
|
|
if ($res) { |
|
|
|
if ($res) { |
|
|
|
$info = ldap_get_entries($ldap_conn, $res); |
|
|
|
$info = ldap_get_entries($ldap_conn, $res); |
|
|
|
$user_dn = $info[0]['dn']; |
|
|
|
$user_dn = $info[0]['dn']; |
|
|
|
$res = ldap_bind($ldap_conn, $user_dn, $user_pass); |
|
|
|
$res = @ldap_bind($ldap_conn, $user_dn, $user_pass); |
|
|
|
if ($res) { |
|
|
|
if ($res) { |
|
|
|
return TRUE; |
|
|
|
return TRUE; |
|
|
|
} |
|
|
|
} |
|
|
@ -83,7 +85,7 @@ function user_login ($user_name, $user_pass) { |
|
|
|
return FALSE; |
|
|
|
return FALSE; |
|
|
|
} |
|
|
|
} |
|
|
|
// TODO sync LDAP data to local |
|
|
|
// TODO sync LDAP data to local |
|
|
|
{ else { |
|
|
|
} else { |
|
|
|
// compare local passwords |
|
|
|
// compare local passwords |
|
|
|
if (strcmp(md5($user_pass), rtrim($user->user_pass)) != 0) { |
|
|
|
if (strcmp(md5($user_pass), rtrim($user->user_pass)) != 0) { |
|
|
|
// password does not match with md5, check if new hash matches |
|
|
|
// password does not match with md5, check if new hash matches |
|
|
@ -135,6 +137,8 @@ function user_login ($user_name, $user_pass) { |
|
|
|
|
|
|
|
|
|
|
|
// No header included, this page has no menu |
|
|
|
// No header included, this page has no menu |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// ========== LOGIN: HERE BE DRAGONS ========================================== |
|
|
|
|
|
|
|
|
|
|
|
$language = lang_getfrombrowser($config_lang, $config_lang_default, null, false); |
|
|
|
$language = lang_getfrombrowser($config_lang, $config_lang_default, null, false); |
|
|
|
include('lang/' . $language . '.php'); |
|
|
|
include('lang/' . $language . '.php'); |
|
|
|
|
|
|
|
|
|
|
|