source: trunk/FACT++/www/index.php@ 13685

Last change on this file since 13685 was 13684, checked in by tbretz, 13 years ago
Enabled authentication; removed default label from filename.
File size: 3.4 KB
Line 
1<?PHP
2
3require_once("config.php");
4
5function login()
6{
7 global $ldaphost;
8 global $baseDN;
9 global $groupDN;
10
11 $username = $_SERVER['PHP_AUTH_USER'];
12 $password = $_SERVER['PHP_AUTH_PW'];
13
14 $con = @ldap_connect($ldaphost);
15 if (!$con)
16 return "ldap_connect failed to ".$ldaphost;
17
18 //------------------ Look for user common name
19 $attributes = array('cn', 'mail');
20 $dn = 'ou=People,'.$baseDN;
21 $filter = '(uid='.$username.')';
22
23 $sr = @ldap_search($con, $dn, $filter, $attributes);
24 if (!$sr)
25 return "ldap_search failed for dn=".$dn.": ".ldap_error($con);
26
27 $srData = @ldap_get_entries($con, $sr);
28 if ($srData["count"]==0)
29 return "No results returned by ldap_get_entries for dn=".$dn.".";
30
31 $email =$srData[0]['mail'][0];
32 $userCommonName=$srData[0]['cn'][0];
33 $userDN =$srData[0]['dn'];
34
35 //------------------ Authenticate user
36 if (!@ldap_bind($con, $userDN, $password))
37 return "ldap_bind failed: ".ldap_error($con);
38
39 //------------------ Check if the user is in FACT ldap group
40 $attributes= array("member");
41 $filter= '(objectClass=*)';
42
43 // Get all members of the group.
44 $sr = @ldap_read($con, $groupDN, $filter, $attributes);
45 if (!$sr)
46 return "ldap_read failed for dn=".$groupDN.": ".ldap_error($con);
47
48 // retrieve the corresponding data
49 $srData = @ldap_get_entries($con, $sr);
50 if ($srData["count"]==0)
51 return "No results returned by ldap_get_entries for dn=".$dn.".";
52
53 @ldap_unbind($con);
54
55 $found = false;
56 foreach ($srData[0]['member'] as $member)
57 if (strpos($member, "cn=".$userCommonName.",")===0)
58 return "";
59
60 return "Sorry, your credentials don't match!";
61}
62// --------------------------------------------------------------------
63
64if (isset($_GET['logout']))
65{
66 if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
67 return;
68
69 return header('HTTP/1.0 401 Successfull logout!');
70}
71
72// --------------------------------------------------------------------
73
74if (!isset($_GET['start']) && !isset($_GET['stop']))
75 return header('HTTP/1.0 400 Command not supported');
76
77// --------------------------------------------------------------------
78
79if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
80{
81 header('WWW-Authenticate: Basic realm="SmartFACT++"');
82 header('HTTP/1.0 401 Unauthorized');
83 return;
84}
85
86$rc = login();
87if ($rc!="")
88 return header('HTTP/1.0 401 '.$rc);
89
90// --------------------------------------------------------------------
91
92$out = array();
93
94if (isset($_GET['stop']))
95 $str = exec($path."/dimctrl --stop", $out, $rc);
96
97if (isset($_GET['start']))
98{
99 $args = '\"'.$_GET['start'].'\"';
100
101 unset($_GET['start']);
102
103 /*
104 $args = "";
105 foreach ($_GET as $key => $value)
106 $args .= " --arg:".$key."=".$value;
107 $str = exec($path."/dimctrl --exec ".$args, $out, $rc);
108 */
109
110 if (isset($_GET['label']))
111 {
112 if ($_GET['label']>=0)
113 $args .= ":".$_GET['label'];
114 unset($_GET['label']);
115 }
116
117 foreach ($_GET as $key => $value)
118 $args .= ' \"'.$key.'='.$value.'\"';
119
120 $str = exec($path.'/dimctrl --start "'.$args.'"', $out, $rc);
121}
122
123if ($rc!=1 && $rc!=2)
124 return header('HTTP/1.0 500 Execution failed [rc='.$rc."]");
125
126print($rc);
127
128if (isset($_GET['debug']))
129{
130 print("\n");
131 print_r($out);
132}
133
134?>
Note: See TracBrowser for help on using the repository browser.