B
bobdansei author
Well i am trying make the ldap work in phpr6 and this is my login.php anyone can help me? (what i am making wrong?) i am using mssql 2008
after try login... i recive this error: php error happened Technical information
Error type 2
Error description mssql_query() expects parameter 2 to be resource, object given
URL localhost/helptela/output/login.php?
Error file C:\xampp\htdocs\helptela\output\login.php
Error line 316
SQL query select * from [dbo].[TB_Usuario] where [LoginWindows]=N'suporte' and [senha]=N'caper' More info Call stack
File: line Function Arguments
0. login.php:316 runner_error_handler 1. 2;
- mssql_query() expects parameter 2 to be resource, object given;
- C:\xampp\htdocs\helptela\output\login.php;
- 316;
- Array ( [GLOBALS] => Array RECURSION [_POST] => Array ( [btnSubmit] => Login [username] => suporte [password] => caper ) [_GET] => A...;
1. (null):0 mssql_query 1. Select * from [dbo].[TB_Usuario] Where [LoginWindows] = "suporte";
- com;
<?php @ini_set("display_errors","1");
@ini_set("display_startup_errors","1"); include("include/dbcommon.php"); add_nocache_headers(); $auditObj = GetAuditObject(); if(@$_POST["a"]=="logout" || @$_GET["a"]=="logout")
{
if($auditObj)
$auditObj->LogLogout(); session_unset();
setcookie("username","",time()-365144060);
setcookie("password","",time()-365144060);
header("Location: login.php");
exit();
} $layout = new TLayout("login2","FusionBlue_white","MobileBlue_white");
$layout->blocks["top"] = array();
$layout->containers["login"] = array(); $layout->containers["login"][] = array("name"=>"loginheader","block"=>"","substyle"=>2); $layout->containers["login"][] = array("name"=>"message","block"=>"message_block","substyle"=>1); $layout->containers["login"][] = array("name"=>"wrapper","block"=>"","substyle"=>1); $layout->containers["fields"] = array(); $layout->containers["fields"][] = array("name"=>"loginfields","block"=>"","substyle"=>1); $layout->containers["fields"][] = array("name"=>"loginbuttons","block"=>"","substyle"=>2); $layout->skins["fields"] = "fields"; $layout->skins["login"] = "1";
$layout->blocks["top"][] = "login";$page_layouts["login"] = $layout; include('include/xtempl.php');
include('classes/runnerpage.php');
$xt = new Xtempl(); $id = postvalue("id") != "" ? postvalue("id") : 1; //array of params for classes
$params = array("id" =>$id, "pageType" => PAGE_LOGIN);
$params['xt'] = &$xt;
$params["tName"]= "global";
$params["templatefile"] = "login.htm";
$params['needSearchClauseObj'] = false;
$pageObject = new RunnerPage($params); // begin proccess captcha
$pageObject->isCaptchaOk = 1;
$useCaptcha = false; // end proccess captcha // Before Process event if($globalEvents->exists("BeforeProcessLogin"))
$globalEvents->BeforeProcessLogin($conn); $myurl = @$_SESSION["MyURL"];
unset($_SESSION["MyURL"]); $message=""; $pUsername = postvalue("username");
$pPassword = postvalue("password"); $is508 = isEnableSection508(); $rememberbox_checked = "";
$rememberbox_attrs = ($is508==true ? "id=\"remember_password\" " : "")."name=\"remember_password\" value=\"1\"";
if(@$_COOKIE["username"] || @$_COOKIE["password"])
$rememberbox_checked = " checked"; $logacc = true;
if($auditObj)
{
if($auditObj->LoginAccess())
{
$logacc = false;
$message = mysprintf("Access denied for %s minutes",array($auditObj->LoginAccess()));
}
} if (@$_POST["btnSubmit"] == "Login" && $logacc)
{
if(@$_POST["remember_password"] == 1)
{
setcookie("username",$pUsername,time()+365144060);
setcookie("password",$pPassword,time()+365144060);
$rememberbox_checked=" checked";
}
else
{
setcookie("username","",time()-365144060);
setcookie("password","",time()-365144060);
$rememberbox_checked="";
} if($pageObject->isCaptchaOk)
$_SESSION["login_count_captcha"] = $_SESSION["login_count_captcha"]+1; // username and password are stored in the database
$conn=db_connect();
$strUsername = (string)$pUsername;
$strPassword = (string)$pPassword;
$sUsername = $strUsername;
$sPassword = $strPassword;
$strlUsername = (string)$pUsername;
$strlPassword = (string)$pPassword; if(NeedQuotes($cUserNameFieldType))
$strUsername = db_prepare_string($strUsername);
else
$strUsername = (0+$strUsername); if(NeedQuotes($cPasswordFieldType))
$strPassword = db_prepare_string($strPassword);
else
$strPassword = (0+$strPassword); $strSQL = "select * from ".AddTableWrappers("dbo.TB_Usuario")." where ".AddFieldWrappers($cUserNameField).
"=".$strUsername." and ".AddFieldWrappers($cPasswordField).
"=".$strPassword; $retval = true;
$logged = false;
$data = array(); if($globalEvents->exists("BeforeLogin"))
$retval = $globalEvents->BeforeLogin($pUsername,$pPassword,$message); if($retval)
{
$rs = db_query($strSQL,$conn);
$data = db_fetch_array($rs);
if($data){
if(@$data[$cUserNameField]==$sUsername && @$data[$cPasswordField]==$sPassword){
$logged=true;
}
}
} if($logged && $pageObject->isCaptchaOk)
{
$_SESSION["UserID"] = $pUsername;
$_SESSION["AccessLevel"] = ACCESS_LEVEL_USER; $_SESSION["GroupID"] = $data["LoginWindows"]; $_SESSION["OwnerID"] = $data["IdUsuario"];
$_SESSION["_dbo.TB_Ticket_OwnerID"] = $data["IdUsuario"];
if($auditObj)
{
$auditObj->LogLogin($pUsername);
$auditObj->LoginSuccessful();
} if($globalEvents->exists("AfterSuccessfulLogin"))
$globalEvents->AfterSuccessfulLogin($pUsername,$pPassword,$data); if($myurl)
header("Location: ".$myurl);
else
header("Location: menu.php");
return;
}
else{
if($auditObj)
{
$auditObj->LogLoginFailed($pUsername);
$auditObj->LoginUnsuccessful($pUsername);
} if($globalEvents->exists("AfterUnsuccessfulLogin"))
$globalEvents->AfterUnsuccessfulLogin($pUsername,$pPassword,$message);
if($message=="" && !$logged)
$message = "Invalid Login";
}
}
$xt->assign("loginlink_attrs","onclick=\"document.forms[0].submit();return false;\"");
$xt->assign("rememberbox_attrs",$rememberbox_attrs.$rememberbox_checked); $xt->assign("guestlink_block",false); $_SESSION["MyURL"] = $myurl;
if($myurl)
$xt->assign("guestlink_attrs","href=\"".$myurl."\"");
else
$xt->assign("guestlink_attrs","href=\"menu.php\""); if(postvalue("username"))
$xt->assign("username_attrs",($is508==true ? "id=\"username\" " : "")."value=\"".htmlspecialchars($pUsername)."\"");
else
$xt->assign("username_attrs",($is508==true ? "id=\"username\" " : "")."value=\"".htmlspecialchars(refine(@$_COOKIE["username"]))."\""); $password_attrs="onkeydown=\"e=event; if(!e) e = window.event; if (e.keyCode != 13) return; e.cancel = true; e.cancelBubble=true; document.forms[0].submit(); return false;\"";
if(postvalue("password"))
$password_attrs.=($is508==true ? " id=\"password\"": "")." value=\"".htmlspecialchars($pPassword)."\"";
else
$password_attrs.=($is508==true ? " id=\"password\"": "")." value=\"".htmlspecialchars(refine(@$_COOKIE["password"]))."\"";
$xt->assign("password_attrs",$password_attrs); if(@$_GET["message"]=="expired")
$message = "Your session has expired. Please login again."; if($message)
{
$xt->assign("message_block",true);
$xt->assign("message",$message);
} $pageObject->body["begin"] .= "<script type=\"text/javascript\" src=\"include/loadfirst.js\"></script>";
$pageObject->body["begin"] .= "<script type=\"text/javascript\" src=\"include/lang/".getLangFileName(mlang_getcurrentlang()).".js\"></script>";
$pageObject->body["begin"] .= "<form method=post action=\"login.php\" id=form1 name=form1>
<input type=hidden name=btnSubmit value=\"Login\">"; $pageObject->body["end"] .= "</form>
<script>
function elementVisible(jselement)
{
do
{
if (jselement.style.display.toUpperCase() == 'NONE')
return false;
jselement=jselement.parentNode;
}
while (jselement.tagName.toUpperCase() != 'BODY');
return true;
}
if(elementVisible(document.forms[0].elements['username']))
document.forms[0].elements['username'].focus();
</script>"; $pageObject->addCommonJs(); // button handlers file names
//fill jsSettings and ControlsHTMLMap
$pageObject->fillSetCntrlMaps();
$pageObject->body['end'] .= '<script>';
$pageObject->body['end'] .= "window.controlsMap = ".my_json_encode($pageObject->controlsHTMLMap).";";
$pageObject->body['end'] .= "window.settings = ".my_json_encode($pageObject->jsSettings).";</script>";
$pageObject->body["end"] .= "<script type=\"text/javascript\" src=\"include/runnerJS/RunnerAll.js\"></script>";
$pageObject->body["end"] .= '<script>'.$pageObject->PrepareJS()."</script>";
$pageObject->addButtonHandlers(); $xt->assignbyref("body",$pageObject->body); $xt->assign("username_label",true);
$xt->assign("password_label",true);
$xt->assign("remember_password_label",true);
if(isEnableSection508())
{
$xt->assign_section("username_label","<label for=\"username\">","</label>");
$xt->assign_section("password_label","<label for=\"password\">","</label>");
$xt->assign_section("remember_password_label","<label for=\"remember_password\">","</label>");
} if($globalEvents->exists("BeforeShowLogin"))
$globalEvents->BeforeShowLogin($xt,$pageObject->templatefile); $xt->display($pageObject->templatefile); ################################################################################
LDAP AUTHENTICATION MODIFICATION #
################################################################################
//include the class
include ("ldap/adLDAP.php"); //create the LDAP connection
$adldap = new adLDAP();
$ldap_auth = 0;
$ldap_group ="usergroup"; # Specified group for group authentication // Authenticate
if (($adldap -> authenticate($strlUsername,$strlPassword))){
if ($adldap -> user_ingroup($strlUsername,$ldap_group)){ # Group Authentication Only
$ldap_auth = 1; // Check if user exists
$sql = "Select from ".AddTableWrappers($cLoginTable)." Where ".AddFieldWrappers($cUserNameField)." = \"$strlUsername\"";
$rs = mssql_query($sql,$conn) or die("USER QUERY FAILED."); // Update DB for new users
if (mssql_num_rows($rs) < 1) {
$info=$adldap->user_info($strlUsername,array("givenname","sn"));
$strldapfirstname = $info[0][givenname][0]; #sets firstname value from AD
$strldaplastname = $info[0][sn][0]; #sets lastname value from AD
$sql = "INSERT INTO ".AddTableWrappers($cLoginTable)." ( ".AddFieldWrappers($cUserNameField).", firstname, lastname, level)";
$sql .= " SELECT ";
$sql .= "\"$strlUsername\" AS Expr1, "; #adds username to database
$sql .= "\"$strldapfirstname\" AS Expr2, "; #adds firstname to database
$sql .= "\"$strldaplastname\" AS Expr3, "; #adds lastname to database
$sql .= "1 AS Expr4;"; #adds level to database
$result = mssql_query($sql,$conn);
} // Generate Query
$strSQL = "select from ".AddTableWrappers($cLoginTable)." where ".AddFieldWrappers($cUserNameField).
"=\"".$strlUsername."\"";
} #Group Authentication Only
} // Catch failed logins
if ($ldap_auth == 0) $strSQL = "select * from ".AddTableWrappers($cLoginTable)." where ".AddFieldWrappers($cUserNameField)."=\"xxxxx\""; ################################################################################
END OF MODIFICATION #
################################################################################
?>
|
|