This topic is locked
[SOLVED]

 LDAP in phprunner 6.0

10/17/2011 1:16:33 PM
PHPRunner General questions
B
bobdansei author

Well i am trying make the ldap work in phpr6 and this is my login.php
anyone can help me? (what i am making wrong?) i am using mssql 2008

after try login... i recive this error:
php error happened
Technical information

Error type 2

Error description mssql_query() expects parameter 2 to be resource, object given

URL localhost/helptela/output/login.php?

Error file C:\xampp\htdocs\helptela\output\login.php

Error line 316

SQL query select * from [dbo].[TB_Usuario] where [LoginWindows]=N'suporte' and [senha]=N'caper'
More info
Call stack

File: line Function Arguments

0. login.php:316 runner_error_handler 1. 2;

  1. mssql_query() expects parameter 2 to be resource, object given;
  2. C:\xampp\htdocs\helptela\output\login.php;
  3. 316;
  4. Array ( [GLOBALS] => Array RECURSION [_POST] => Array ( [btnSubmit] => Login [username] => suporte [password] => caper ) [_GET] => A...;

    1. (null):0 mssql_query 1. Select * from [dbo].[TB_Usuario] Where [LoginWindows] = "suporte";


  5. com;
    <?php
    @ini_set("display_errors","1");

    @ini_set("display_startup_errors","1");
    include("include/dbcommon.php");
    add_nocache_headers();
    $auditObj = GetAuditObject();
    if(@$_POST["a"]=="logout" || @$_GET["a"]=="logout")

    {

    if($auditObj)

    $auditObj->LogLogout();
    session_unset();

    setcookie("username","",time()-365144060);

    setcookie("password","",time()-365144060);

    header("Location: login.php");

    exit();

    }
    $layout = new TLayout("login2","FusionBlue_white","MobileBlue_white");

    $layout->blocks["top"] = array();

    $layout->containers["login"] = array();
    $layout->containers["login"][] = array("name"=>"loginheader","block"=>"","substyle"=>2);
    $layout->containers["login"][] = array("name"=>"message","block"=>"message_block","substyle"=>1);
    $layout->containers["login"][] = array("name"=>"wrapper","block"=>"","substyle"=>1);
    $layout->containers["fields"] = array();
    $layout->containers["fields"][] = array("name"=>"loginfields","block"=>"","substyle"=>1);
    $layout->containers["fields"][] = array("name"=>"loginbuttons","block"=>"","substyle"=>2);
    $layout->skins["fields"] = "fields";
    $layout->skins["login"] = "1";

    $layout->blocks["top"][] = "login";$page_layouts["login"] = $layout;
    include('include/xtempl.php');

    include('classes/runnerpage.php');

    $xt = new Xtempl();
    $id = postvalue("id") != "" ? postvalue("id") : 1;
    //array of params for classes

    $params = array("id" =>$id, "pageType" => PAGE_LOGIN);

    $params['xt'] = &$xt;

    $params["tName"]= "global";

    $params["templatefile"] = "login.htm";

    $params['needSearchClauseObj'] = false;

    $pageObject = new RunnerPage($params);
    // begin proccess captcha

    $pageObject->isCaptchaOk = 1;

    $useCaptcha = false;
    // end proccess captcha
    // Before Process event
    if($globalEvents->exists("BeforeProcessLogin"))

    $globalEvents->BeforeProcessLogin($conn);
    $myurl = @$_SESSION["MyURL"];

    unset($_SESSION["MyURL"]);
    $message="";
    $pUsername = postvalue("username");

    $pPassword = postvalue("password");
    $is508 = isEnableSection508();
    $rememberbox_checked = "";

    $rememberbox_attrs = ($is508==true ? "id=\"remember_password\" " : "")."name=\"remember_password\" value=\"1\"";

    if(@$_COOKIE["username"] || @$_COOKIE["password"])

    $rememberbox_checked = " checked";
    $logacc = true;

    if($auditObj)

    {

    if($auditObj->LoginAccess())

    {

    $logacc = false;

    $message = mysprintf("Access denied for %s minutes",array($auditObj->LoginAccess()));

    }

    }
    if (@$_POST["btnSubmit"] == "Login" && $logacc)

    {

    if(@$_POST["remember_password"] == 1)

    {

    setcookie("username",$pUsername,time()+365144060);

    setcookie("password",$pPassword,time()+365144060);

    $rememberbox_checked=" checked";

    }

    else

    {

    setcookie("username","",time()-365144060);

    setcookie("password","",time()-365144060);

    $rememberbox_checked="";

    }
    if($pageObject->isCaptchaOk)

    $_SESSION["login_count_captcha"] = $_SESSION["login_count_captcha"]+1;
    // username and password are stored in the database

    $conn=db_connect();

    $strUsername = (string)$pUsername;

    $strPassword = (string)$pPassword;

    $sUsername = $strUsername;

    $sPassword = $strPassword;

    $strlUsername = (string)$pUsername;

    $strlPassword = (string)$pPassword;
    if(NeedQuotes($cUserNameFieldType))

    $strUsername = db_prepare_string($strUsername);

    else

    $strUsername = (0+$strUsername);
    if(NeedQuotes($cPasswordFieldType))

    $strPassword = db_prepare_string($strPassword);

    else

    $strPassword = (0+$strPassword);
    $strSQL = "select * from ".AddTableWrappers("dbo.TB_Usuario")." where ".AddFieldWrappers($cUserNameField).

    "=".$strUsername." and ".AddFieldWrappers($cPasswordField).

    "=".$strPassword;
    $retval = true;

    $logged = false;

    $data = array();
    if($globalEvents->exists("BeforeLogin"))

    $retval = $globalEvents->BeforeLogin($pUsername,$pPassword,$message);
    if($retval)

    {

    $rs = db_query($strSQL,$conn);

    $data = db_fetch_array($rs);

    if($data){

    if(@$data[$cUserNameField]==$sUsername && @$data[$cPasswordField]==$sPassword){

    $logged=true;

    }

    }

    }
    if($logged && $pageObject->isCaptchaOk)

    {

    $_SESSION["UserID"] = $pUsername;

    $_SESSION["AccessLevel"] = ACCESS_LEVEL_USER;
    $_SESSION["GroupID"] = $data["LoginWindows"];
    $_SESSION["OwnerID"] = $data["IdUsuario"];

    $_SESSION["_dbo.TB_Ticket_OwnerID"] = $data["IdUsuario"];

    if($auditObj)

    {

    $auditObj->LogLogin($pUsername);

    $auditObj->LoginSuccessful();

    }
    if($globalEvents->exists("AfterSuccessfulLogin"))

    $globalEvents->AfterSuccessfulLogin($pUsername,$pPassword,$data);
    if($myurl)

    header("Location: ".$myurl);

    else

    header("Location: menu.php");

    return;

    }

    else{

    if($auditObj)

    {

    $auditObj->LogLoginFailed($pUsername);

    $auditObj->LoginUnsuccessful($pUsername);

    }
    if($globalEvents->exists("AfterUnsuccessfulLogin"))

    $globalEvents->AfterUnsuccessfulLogin($pUsername,$pPassword,$message);

    if($message=="" && !$logged)

    $message = "Invalid Login";

    }

    }

    $xt->assign("loginlink_attrs","onclick=\"document.forms[0].submit();return false;\"");

    $xt->assign("rememberbox_attrs",$rememberbox_attrs.$rememberbox_checked);
    $xt->assign("guestlink_block",false);
    $_SESSION["MyURL"] = $myurl;

    if($myurl)

    $xt->assign("guestlink_attrs","href=\"".$myurl."\"");

    else

    $xt->assign("guestlink_attrs","href=\"menu.php\"");
    if(postvalue("username"))

    $xt->assign("username_attrs",($is508==true ? "id=\"username\" " : "")."value=\"".htmlspecialchars($pUsername)."\"");

    else

    $xt->assign("username_attrs",($is508==true ? "id=\"username\" " : "")."value=\"".htmlspecialchars(refine(@$_COOKIE["username"]))."\"");
    $password_attrs="onkeydown=\"e=event; if(!e) e = window.event; if (e.keyCode != 13) return; e.cancel = true; e.cancelBubble=true; document.forms[0].submit(); return false;\"";

    if(postvalue("password"))

    $password_attrs.=($is508==true ? " id=\"password\"": "")." value=\"".htmlspecialchars($pPassword)."\"";

    else

    $password_attrs.=($is508==true ? " id=\"password\"": "")." value=\"".htmlspecialchars(refine(@$_COOKIE["password"]))."\"";

    $xt->assign("password_attrs",$password_attrs);
    if(@$_GET["message"]=="expired")

    $message = "Your session has expired. Please login again.";
    if($message)

    {

    $xt->assign("message_block",true);

    $xt->assign("message",$message);

    }
    $pageObject->body["begin"] .= "<script type=\"text/javascript\" src=\"include/loadfirst.js\"></script>";

    $pageObject->body["begin"] .= "<script type=\"text/javascript\" src=\"include/lang/".getLangFileName(mlang_getcurrentlang()).".js\"></script>";

    $pageObject->body["begin"] .= "<form method=post action=\"login.php\" id=form1 name=form1>

    <input type=hidden name=btnSubmit value=\"Login\">";
    $pageObject->body["end"] .= "</form>

    <script>

    function elementVisible(jselement)

    {

    do

    {

    if (jselement.style.display.toUpperCase() == 'NONE')

    return false;

    jselement=jselement.parentNode;

    }

    while (jselement.tagName.toUpperCase() != 'BODY');

    return true;

    }

    if(elementVisible(document.forms[0].elements['username']))

    document.forms[0].elements['username'].focus();

    </script>";
    $pageObject->addCommonJs();
    // button handlers file names

    //fill jsSettings and ControlsHTMLMap

    $pageObject->fillSetCntrlMaps();

    $pageObject->body['end'] .= '<script>';

    $pageObject->body['end'] .= "window.controlsMap = ".my_json_encode($pageObject->controlsHTMLMap).";";

    $pageObject->body['end'] .= "window.settings = ".my_json_encode($pageObject->jsSettings).";</script>";

    $pageObject->body["end"] .= "<script type=\"text/javascript\" src=\"include/runnerJS/RunnerAll.js\"></script>";

    $pageObject->body["end"] .= '<script>'.$pageObject->PrepareJS()."</script>";

    $pageObject->addButtonHandlers();
    $xt->assignbyref("body",$pageObject->body);
    $xt->assign("username_label",true);

    $xt->assign("password_label",true);

    $xt->assign("remember_password_label",true);

    if(isEnableSection508())

    {

    $xt->assign_section("username_label","<label for=\"username\">","</label>");

    $xt->assign_section("password_label","<label for=\"password\">","</label>");

    $xt->assign_section("remember_password_label","<label for=\"remember_password\">","</label>");

    }
    if($globalEvents->exists("BeforeShowLogin"))

    $globalEvents->BeforeShowLogin($xt,$pageObject->templatefile);
    $xt->display($pageObject->templatefile);
    ################################################################################


    LDAP AUTHENTICATION MODIFICATION #

    ################################################################################




    //include the class

    include ("ldap/adLDAP.php");
    //create the LDAP connection

    $adldap = new adLDAP();

    $ldap_auth = 0;

    $ldap_group ="usergroup"; # Specified group for group authentication
    // Authenticate

    if (($adldap -> authenticate($strlUsername,$strlPassword))){

    if ($adldap -> user_ingroup($strlUsername,$ldap_group)){ # Group Authentication Only

    $ldap_auth = 1;
    // Check if user exists

    $sql = "Select from ".AddTableWrappers($cLoginTable)." Where ".AddFieldWrappers($cUserNameField)." = \"$strlUsername\"";

    $rs = mssql_query($sql,$conn) or die("USER QUERY FAILED.");
    // Update DB for new users

    if (mssql_num_rows($rs) < 1) {

    $info=$adldap->user_info($strlUsername,array("givenname","sn"));

    $strldapfirstname = $info[0][givenname][0]; #sets firstname value from AD

    $strldaplastname = $info[0][sn][0]; #sets lastname value from AD

    $sql = "INSERT INTO ".AddTableWrappers($cLoginTable)." ( ".AddFieldWrappers($cUserNameField).", firstname, lastname, level)";

    $sql .= " SELECT ";

    $sql .= "\"$strlUsername\" AS Expr1, "; #adds username to database

    $sql .= "\"$strldapfirstname\" AS Expr2, "; #adds firstname to database

    $sql .= "\"$strldaplastname\" AS Expr3, "; #adds lastname to database

    $sql .= "1 AS Expr4;"; #adds level to database

    $result = mssql_query($sql,$conn);

    }
    // Generate Query

    $strSQL = "select
    from ".AddTableWrappers($cLoginTable)." where ".AddFieldWrappers($cUserNameField).

    "=\"".$strlUsername."\"";

    } #Group Authentication Only

    }
    // Catch failed logins

    if ($ldap_auth == 0) $strSQL = "select * from ".AddTableWrappers($cLoginTable)." where ".AddFieldWrappers($cUserNameField)."=\"xxxxx\"";
    ################################################################################


    END OF MODIFICATION #

    ################################################################################



    ?>



Sergey Kornilov admin 10/17/2011

Rodrigo,
post your application to Demo Account and open a ticket at http://support.xlinesoft.com sending your Demo Account URL. 'Demo Account' button can be found on the last screen in the program.