Changeset 13680 for trunk/FACT++/www


Ignore:
Timestamp:
05/12/12 18:43:11 (13 years ago)
Author:
tbretz
Message:
Added authetication stuff
File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/FACT++/www/index.php

    r13666 r13680  
    33require_once("config.php");
    44
     5function login()
     6{
     7    global $ldaphost;
     8    global $baseDN;
     9    global $groupDN;
     10
     11    $username = $_SERVER['PHP_AUTH_USER'];
     12    $password = $_SERVER['PHP_AUTH_PW'];
     13
     14    $con = @ldap_connect($ldaphost);
     15    if (!$con)
     16        return "ldap_connect failed to ".$ldaphost;
     17
     18    //------------------ Look for user common name
     19    $attributes = array('cn', 'mail');
     20    $dn         = 'ou=People,'.$baseDN;
     21    $filter     = '(uid='.$username.')';
     22
     23    $sr = @ldap_search($con, $dn, $filter, $attributes);
     24    if (!$sr)
     25        return "ldap_search failed for dn=".$dn.": ".ldap_error($con);
     26
     27    $srData = @ldap_get_entries($con, $sr);
     28    if ($srData["count"]==0)
     29        return "No results returned by ldap_get_entries for dn=".$dn.".";
     30
     31    $email         =$srData[0]['mail'][0];
     32    $userCommonName=$srData[0]['cn'][0];
     33    $userDN        =$srData[0]['dn'];
     34
     35    //------------------ Authenticate user
     36    if (!@ldap_bind($con, $userDN, $password))
     37        return "ldap_bind failed: ".ldap_error($con);
     38
     39    //------------------ Check if the user is in FACT ldap group
     40    $attributes= array("member");
     41    $filter= '(objectClass=*)';
     42
     43    // Get all members of the group.
     44    $sr = @ldap_read($con, $groupDN, $filter, $attributes);
     45    if (!$sr)
     46        return "ldap_read failed for dn=".$groupDN.": ".ldap_error($con);
     47
     48    // retrieve the corresponding data
     49    $srData = @ldap_get_entries($con, $sr);
     50    if ($srData["count"]==0)
     51        return "No results returned by ldap_get_entries for dn=".$dn.".";
     52
     53    @ldap_unbind($con);
     54
     55    $found = false;
     56    foreach ($srData[0]['member'] as $member)
     57        if (strpos($member, "cn=".$userCommonName.",")===0)
     58            return "";
     59
     60    return "Sorry, your credentials don't match!";
     61}
     62// --------------------------------------------------------------------
     63
     64if (isset($_GET['logout']))
     65{
     66    if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
     67        return;
     68
     69    return header('HTTP/1.0 401 Successfull logout!');
     70}
     71
     72// --------------------------------------------------------------------
     73
    574if (!isset($_GET['start']) && !isset($_GET['stop']))
    675    return header('HTTP/1.0 400 Command not supported');
     76
     77// --------------------------------------------------------------------
     78/*
     79if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW']))
     80{
     81    header('WWW-Authenticate: Basic realm="SmartFACT++"');
     82    header('HTTP/1.0 401 Unauthorized');
     83    return;
     84}
     85
     86$rc = login();
     87if ($rc!="")
     88    return header('HTTP/1.0 401 '.$rc);
     89*/
     90// --------------------------------------------------------------------
    791
    892$out = array();
     
    1296
    1397if (isset($_GET['start']))
    14     $str = exec($path."/dimctrl --start '".$_GET['start']."'", $out, $rc);
     98{
     99    $args = '\"'.$_GET['start'].'\"';
     100
     101    unset($_GET['start']);
     102
     103    /*
     104     $args = "";
     105     foreach ($_GET as $key => $value)
     106        $args .= " --arg:".$key."=".$value;
     107     $str = exec($path."/dimctrl --exec ".$args, $out, $rc);
     108     */
     109
     110    if (isset($_GET['label']))
     111    {
     112        $args .= ":".$_GET['label'];
     113        unset($_GET['label']);
     114    }
     115
     116    foreach ($_GET as $key => $value)
     117        $args .= ' \"'.$key.'='.$value.'\"';
     118
     119    $str = exec($path.'/dimctrl --start "'.$args.'"', $out, $rc);
     120}
    15121
    16122if ($rc!=1 && $rc!=2)
Note: See TracChangeset for help on using the changeset viewer.