Commit 67bb8288 authored by jlopez's avatar jlopez
Browse files

Add ldap connection

parent 33da23ea
......@@ -10,12 +10,14 @@ session_start ();
require_once '../dao/DBquery.php';
$db = new DBquery();
require_once '../dao/LDAPquery.php';
$today = date("Y-m-d G:i:s");
$db = new DBquery();
session_start ();
$today = date("Y-m-d G:i:s");
$login = $db->escape($_POST['username']);
$pwd = $db->escape($_POST['password']);
......@@ -24,12 +26,25 @@ $passcode = $db->verifyPass($login, $pwd);
if($passcode == 1) {
$_SESSION['username'] = $login;
$_SESSION['usercode'] = 1;
$_SESSION['gestion'] = 1;
header("Location: ../gestion.php");
} elseif ($passcode == 2) {
$_SESSION['username'] = "guest";
$_SESSION['usercode'] = 2;
$_SESSION['gestion'] = 1;
header("Location: ../gestion.php");
} else {
header("Location: ../login.php");
$ldap = new LDAPquery();
$ldappasscode = $ldap->verifyPass($login, $pwd);
if($ldappasscode == 1) {
$_SESSION['username'] = $login;
$_SESSION['usercode'] = 3;
header("Location: ../index.php");
} else {
header("Location: ../login.php");
}
}
......@@ -13,5 +13,22 @@ class Conf {
// generate an admin password with: echo password|sha1sum|awk '{print $1}';
public static $KK = "to_replace_with_your_admin_pass";
public static $LDAP_HOSTNAME = '';
public static $LDAP_PORT = 0;
public static $LDAP_ADMIN = 'cn=X,dc=X,dc=X,dc=X';
public static $LDAP_USER = 'ou=people,dc=X,dc=X,dc=X';
public static $LDAP_PP = '';
public static function dbEncodePass($p) {
# exemple md5, sha1, etc...
return $p;
}
# encoding ldap password
public static function ldapEncodePass($p) {
return $p;
}
}
......@@ -258,14 +258,15 @@ class DBquery
}
public function verifyPass($username, $pass) {
if($username == "admin" && sha1($pass)==Conf::$KK) {
if($username == "admin" && Conf::dbEncodePass($pass)==Conf::$KK) {
return 1;
} else {
if($username == "guest" && $pass == "2019mbb") {
return 2;
} else {
# if you want guest admin
//if($username == "guest" && $pass == "2019mbb") {
// return 2;
//} else {
return 0;
}
//}
}
}
......
<?php
/**
* Connection to ldap
*/
require_once(__DIR__.'/../conf/Conf.php');
class LDAPquery {
var $ldaph = NULL;
public function __construct() {
$this->openConnection();
}
public function openConnection() {
$this->ldaph = ldap_connect(Conf::$LDAP_HOSTNAME);
if(!$this->ldaph) {
die("Impossible de se connecter au serveur LDAP ".Conf::$LDAP_HOSTNAME);
}
}
public function bind() {
ldap_set_option($this->ldaph, LDAP_OPT_PROTOCOL_VERSION, 3);
$r = ldap_bind($this->ldaph, Conf::$LDAP_ADMIN, Conf::$LDAP_PP);
return $r;
}
public function verifyPass($ul, $up) {
$r = $this->bind();
if($r) {
$sr=ldap_search($this->ldaph, Conf::$LDAP_USER, "(cn=*)");
$info = ldap_get_entries($this->ldaph, $sr);
for ($i=0; $i<$info["count"]; $i++) {
$login = $info[$i]["cn"][0];
if($login == $ul) {
if($info[$i]["userpassword"][0] == Conf::ldapEncodePass($up)) {
return 1;
};
}
}
}
return 0;
}
}
\ No newline at end of file
......@@ -8,8 +8,8 @@
session_start ();
if(!isset($_SESSION['username'])) {
header("Location: ../login.php");
if(!isset($_SESSION['gestion'])) {
header("Location: ./login.php");
}
require_once "./dao/DBquery.php";
......
......@@ -12,6 +12,10 @@
session_start ();
if(!isset($_SESSION['username'])) {
header("Location: ./login.php");
}
require_once "./dao/DBquery.php";
$db = new DBquery();
......@@ -108,7 +112,11 @@ function printPanel($name) {
if(isset($_SESSION['username']) && !empty($_SESSION['username']))
{
echo ' <a class="nav-item nav-link active" href="./index.php"> Home </a>';
echo ' <a class="nav-item nav-link" href="./gestion.php"> Gestion </a>';
if(isset($_SESSION['gestion']) && !empty($_SESSION['gestion']))
{
echo ' <a class="nav-item nav-link" href="./gestion.php"> Gestion </a>';
}
}
?>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment