dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update LDAP authentication.

This commit is contained in:
Mark Crane 2015-03-18 02:39:35 +00:00
parent 535f62a1e1
commit 2b2a9afd2f
1 changed files with 14 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
resources/check_auth.php
View File

@ -99,17 +99,18 @@ require_once "resources/require.php";
} }
//ldap authentication //ldap authentication
if ($_SESSION["ldap"]["authentication"]["boolean"] == "true") { if ($_SESSION["ldap"]["enabled"]["boolean"] == "true") {
//use ldap to validate the user credentials //use ldap to validate the user credentials
if (strlen(check_str($_REQUEST["domain_name"])) > 0) { if (strlen(check_str($_REQUEST["domain_name"])) > 0) {
$domain_name = check_str($_REQUEST["domain_name"]); $domain_name = check_str($_REQUEST["domain_name"]);
} }
$ad = ldap_connect("ldap://".$_SESSION["ldap"]["server_host"]["text"].":".$_SESSION["ldap"]["server_port"]["numeric"]) //ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
or die("Couldn't connect to AD!"); $connect = ldap_connect($_SESSION["ldap"]["server_host"]["text"], $_SESSION["ldap"]["server_port"]["numeric"])
ldap_set_option($ad, LDAP_OPT_PROTOCOL_VERSION, 3); or die("Could not connect to the LDAP server.");
$bd = ldap_bind($ad,$username."@".$domain_name,check_str($_REQUEST["password"])); $bind_dn = $_SESSION["ldap"]["user_attribute"]["text"]."=".$_REQUEST["password"].",".$_SESSION["ldap"]["user_dn"]["text"];
if ($bd) {
//echo "success\n"; $bind = ldap_bind($connect, $bind_dn, $_SESSION["ldap"]["bind_password"]["text"]);
if ($bind) {
$_SESSION['username'] = $username; $_SESSION['username'] = $username;
} }
@ -117,20 +118,16 @@ require_once "resources/require.php";
if (strlen($_SESSION['username']) > 0) { if (strlen($_SESSION['username']) > 0) {
$sql = "select * from v_users "; $sql = "select * from v_users ";
$sql .= "where username=:username "; $sql .= "where username=:username ";
if (count($_SESSION["domains"]) > 1) { $sql .= "and domain_uuid=:domain_uuid ";
$sql .= "and domain_uuid=:domain_uuid ";
}
$prep_statement = $db->prepare(check_sql($sql)); $prep_statement = $db->prepare(check_sql($sql));
if (count($_SESSION["domains"]) > 1) { $prep_statement->bindParam(':domain_uuid', $domain_uuid);
$prep_statement->bindParam(':domain_uuid', $domain_uuid);
}
$prep_statement->bindParam(':username', $username); $prep_statement->bindParam(':username', $username);
$prep_statement->execute(); $prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED); $result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
if (count($result) == 0) { if (count($result) == 0) {
//salt used with the password to create a one way hash //salt used with the password to create a one way hash
$salt = generate_password('20', '4'); $salt = generate_password('32', '4');
$password = generate_password('20', '4'); $password = generate_password('32', '4');
//prepare the uuids //prepare the uuids
$user_uuid = uuid(); $user_uuid = uuid();
@ -161,7 +158,7 @@ require_once "resources/require.php";
$sql .= "'".strtolower($username)."', "; $sql .= "'".strtolower($username)."', ";
$sql .= "'true' "; $sql .= "'true' ";
$sql .= ")"; $sql .= ")";
$db->exec(check_sql($sql)); //$db->exec(check_sql($sql));
unset($sql); unset($sql);
//add the user to group user //add the user to group user
@ -180,7 +177,7 @@ require_once "resources/require.php";
$sql .= "'$group_name', "; $sql .= "'$group_name', ";
$sql .= "'$user_uuid' "; $sql .= "'$user_uuid' ";
$sql .= ")"; $sql .= ")";
$db->exec(check_sql($sql)); //$db->exec(check_sql($sql));
unset($sql); unset($sql);
} }
} }