1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
| <?php
session_start();
//Include pour l'AD
require_once ('./common/include/adLDAP.inc.php');
//Connexion à la base de données des Users/////////////////////////////////////////////////////////////////
require_once ('./common/include/config.inc.php');
$UserServerName = trim(' '.checkIni('./common/include/config.ini','conn_user','server'));
$UserUserName = trim(' '.checkIni('./common/include/config.ini','conn_user','login'));
$UserUserPwd = trim(' '.checkIni('./common/include/config.ini','conn_user','pwd'));
$UserDataBase = trim(' '.checkIni('./common/include/config.ini','conn_user','db'));
$default_lng = trim(' '.checkIni('./common/include/config.ini','langue','default'));
require_once ('./common/include/lng/dictionnary.inc.php');
//Langue
if(!empty($_GET['lng']))
$lng = $_GET['lng'];
else if(!empty($_SESSION['lng']))
$lng = $_SESSION['lng'];
else
$lng = $default_lng;
$cible = $_GET["cible"];
//Connect to DB
$db = sqlsrv_connect($UserServerName, array('UID' => $UserUserName, 'PWD' => $UserUserPwd, 'Database' => $UserDataBase))
or die ('<center>Impossible de se connecter à la base de donnée<br /></center>');
//On va vérifier les crédentials dans l'AD
$username = trim($_POST["login"]); //remove case sensitivity on the username
$password = trim($_POST["passwd"]);
//Try connect to AD et create Object...
try {
$adldap = new adLDAP();
$user_info = $adldap->user_info($username, array("*"));
$user_displayname = $user_info[0]["displayname"][0];
$user_email = $user_info[0]["mail"][0];
//authenticate the user
$connect_bool = $adldap->authenticate($username, $password);
if($connect_bool == true){
//User Authenticated success!!!
//Changer l'ancien mot de passe par le nouveau
$SQL = "UPDATE sys_user SET sys_user.passwd = '".md5($password)."' WHERE sys_user.login = '".$username."'";
@sqlsrv_query($db, $SQL) or die("SQL Error:<br>".$SQL."<br>".print_r(sqlsrv_errors(),true));
///Select User
$SQL = "SELECT * FROM sys_user WHERE login = '".$username."' AND etat = '1' AND del ='0'";
$r_user = sqlsrv_query($db, $SQL) or die("SQL Error:<br>".$SQL."<br>".print_r(sqlsrv_errors(),true));
if(sqlsrv_has_rows($r_user) != true){
//on va vérifier son compte n'est pas désactivé
$SQL = "SELECT *
FROM sys_user
WHERE sys_user.login= '".trim($_POST["login"])."' AND (etat = '0' OR del ='1') ";
$req = sqlsrv_query($db, $SQL);
if(sqlsrv_num_rows($req) > 0){
session_start();
$l = sqlsrv_fetch_array($req);
$_SESSION['user_etat'] = $l['etat'];
header("Location:./index.php?bonjour=no&ad_exception=100&reason_fail=300&lng=". $lng);
}
else{
//Utilisateur no privilège
header("Location:./index.php?bonjour=no&ad_exception=100&reason_fail=310&lng=". $lng);
}
}
}else{
if(is_array($user_info)){
$userenabled = $user_info[0]["msrtcsip-userenabled"][0];
$user_locked = $user_info[0]["lockouttime"][0];
if(!$userenabled){
//Le comte est désactivé
header("Location:./index.php?bonjour=no&ad_exception=220&reason_fail=100&lng=". $lng);
}else if($user_locked > 0){
//Le coompte n'est-il pas bloqué?
header("Location:./index.php?bonjour=no&ad_exception=210&reason_fail=100&lng=". $lng);
}else{
header("Location:./index.php?bonjour=no&ad_exception=220&reason_fail=100&lng=". $lng);
}
}else{
$SQL = "SELECT * FROM sys_user
WHERE sys_user.login= '".$username."' AND sys_user.passwd='".md5($password)."' AND etat = '1' AND del ='0'";
$r_user = sqlsrv_query($db, $SQL, array(), array( "Scrollable" => SQLSRV_CURSOR_KEYSET )) or die("SQL Error:<br>".$SQL."<br>".print_r(sqlsrv_errors(), true));
if(sqlsrv_has_rows($r_user) === true)
$connect_bool = true;
else
header("Location:./index.php?bonjour=no&ad_exception=220&reason_fail=100&lng=". $lng);
}
}
}
catch (adLDAPException $e) {
//echo $e; exit();
header("Location:./index.php?bonjour=no&ad_exception=200&reason_fail=100&lng=". $lng);
}
if($connect_bool){
$apps = '';
$id_user = '';
while($l = sqlsrv_fetch_array($r_user)){
$apps .= '.'.$l['apps'];
$id_user = $l['id'];
$user_nom = $l['nom'];
$user_login = $l['login'];
$user_prenom = $l['prenom'];
$user_profil = $l['profil'];
$user_mail_db = $l['email'];
$user_lng = $l['lng'];
}
$_SESSION['id_user'] = $id_user;
$_SESSION['user_nom'] = $user_nom;
$_SESSION['user_prenom'] = $user_prenom;
$_SESSION['user_displayname'] = ($user_displayname!=""?$user_displayname:($user_prenom." ".$user_nom));
$_SESSION['nom'] = $user_nom;
$_SESSION['prenom'] = $user_prenom;
$_SESSION['appss'] = $apps;
$_SESSION['login'] = $user_login;
$_SESSION['email'] = ($user_email!=""?$user_email:$user_mail_db);
$_SESSION['profil'] = $user_profil;
$_SESSION['lng'] = $user_lng;
//Inscription Log
$SQL = "INSERT INTO sys_log VALUES('".$_SESSION['id_user']."','".$apps."','CONNECT',GETDATE(),'0')";
@sqlsrv_query($db, $SQL) or die("SQL Error:<br>".$SQL."<br>". print_r(sqlsrv_errors(), true));
header("Location:". (!empty($cible) ? "http://". urldecode($cible) : "./index.php?bonjour=oui&lng=". $_SESSION['lng']));
}else{
header("Location:./index.php?bonjour=no&ad_exception=200&reason_fail=100&lng=". $lng);
}
?> |
Authentification avec PHP via la librairie adLDAP
Répondre avec citation
Partager