Hi Sofa,
I just upgraded to 4.2 and used the modded page as I sent to you. It does work and authenticates via LDAP on Wink 2K3 network.
The actual login page is from 3.1 but is only used to set the username and owner fields. I have tried the 4.2 login page but it keeps blank screening on me. Will keep persisting.
I have never used it to add new users - as they are in the database I use that to control who has any chance of getting in. That section is commented out.
Changes are in red.
Key issue is where you put ADLDAP - that path must be right according to the directory.
The page below is named login.php
<?php
ini_set("display_errors","1");
ini_set("display_startup_errors","1");
set_magic_quotes_runtime(0);
include("include/dbcommon.php");
if(@$_POST["a"]=="logout" || @$_GET["a"]=="logout")
{
session_unset();
setcookie("username","",time()-365
144060);
setcookie("password","",time()-365
144060);
header("Location: login.php");
exit();
}
if(!@$_SESSION["MyURL"])
session_unset();
include('libs/Smarty.class.php');
$smarty = new Smarty();
$myurl=@$_SESSION["MyURL"];
unset($_SESSION["MyURL"]);
$defaulturl="";
$defaulturl="menu.php";
// $defaulturl="My_Details_list.php";
$strMessage="";
if(@$_COOKIE["username"] || @$_COOKIE["password"])
$smarty->assign("checked"," checked");
if (@$_POST["btnSubmit"] == "Login")
{
if(@$_POST["remember_password"] == 1)
{
setcookie("username",@$_POST["username"],time()+365
144060);
setcookie("password",@$_POST["password"],time()+365
144060);
$smarty->assign("checked"," checked");
}
else
{
setcookie("username","",time()-365
144060);
setcookie("password","",time()-365
144060);
$smarty->assign("checked","");
}
// username and password are stored in the database
$conn=db_connect();
;
$strlPassword = (string)@$_POST["password"];
$strUsername = (string)@$_POST["username"];
$strPassword = (string)@$_POST["password"];
$rstemp=db_query("select
from ".AddTableWrappers($cLoginTable)." where 1=0",$conn);
if(NeedQuotes(db_fieldtype($rstemp,$cUserNameField)))
$strUsername="'".db_addslashes($strUsername)."'";
else
$strUsername=(0+$strUsername);
if(NeedQuotes(db_fieldtype($rstemp,$cPasswordField)))
$strPassword="'".db_addslashes($strPassword)."'";
else
$strPassword=(0+$strPassword);
$strSQL = "select from ".AddTableWrappers($cLoginTable)." where ".AddFieldWrappers($cUserNameField).
"=".$strUsername." and ".AddFieldWrappers($cPasswordField).
"=".$strPassword;
################################################################################
LDAP AUTHENTICATION MODIFICATION #
################################################################################
//include the class
include ("ldap/adLDAP.php");
//create the LDAP connection
$adldap = new adLDAP();
$ldap_auth = 1;
$ldap_group ="staff"; # Specified group for group authentication
// Authenticate
if (($adldap -> authenticate($strlUsername,$strlPassword))){
if ($adldap -> user_ingroup($strlUsername,$ldap_group)){ # Group Authentication Only
$ldap_auth = 1;
// Check if user exists
$sql = "Select from ".AddTableWrappers($cLoginTable)." Where ".AddFieldWrappers($cUserNameField)." = \"$strlUsername\"";
$rs = mysql_query($sql,$conn) or die("USER QUERY FAILED.");
// Update DB for new users
//if (mysql_num_rows($rs) < 1) {
//$info=$adldap->user_info($strlUsername,array("givenname","sn"));
//$strldapfirstname = $info[0][givenname][0]; #sets firstname value from AD
//$strldaplastname = $info[0][sn][0]; #sets lastname value from AD
//$sql = "INSERT INTO ".AddTableWrappers($cLoginTable)." ( ".AddFieldWrappers($cUserNameField).", firstname, lastname, level)";
//$sql .= " SELECT ";
//$sql .= "\"$strlUsername\" AS Expr1, "; #adds username to database
//$sql .= "\"$strldapfirstname\" AS Expr2, "; #adds firstname to database
//$sql .= "\"$strldaplastname\" AS Expr3, "; #adds lastname to database
//$sql .= "1 AS Expr4;"; #adds level to database
//$result = mysql_query($sql,$conn);
//}
// Generate Query
$strSQL = "select from ".AddTableWrappers($cLoginTable)." where ".AddFieldWrappers($cUserNameField).
"=\"".$strlUsername."\"";
} #Group Authentication Only
}
// Catch failed logins
if ($ldap_auth == 0) $strSQL = "select * from ".AddTableWrappers($cLoginTable)." where ".AddFieldWrappers($cUserNameField)."=\"xxxxx\"";
################################################################################
END OF MODIFICATION #
################################################################################
if(function_exists("BeforeLogin"))
if(!BeforeLogin(postvalue("username"),postvalue("password")))
$strSQL="select * from `staff` where 1<0";
$rs=db_query($strSQL,$conn);
if($data=db_fetch_array($rs))
==$strlPassword)
{
$_SESSION["UserID"] = @$_POST["username"];
$_SESSION["AccessLevel"] = ACCESS_LEVEL_USER;
$_SESSION["OwnerID"] = $data["username"];
$_SESSION["GroupID"] = $data["Access"];
if(function_exists("AfterSuccessfulLogin"))
AfterSuccessfulLogin();
if($myurl)
header("Location: ".$myurl);
else
header("Location: ".$defaulturl);
return;
}
else
{
if(function_exists("AfterUnsuccessfulLogin"))
AfterUnsuccessfulLogin();
$strMessage = "Invalid Login";
}
}
$_SESSION["MyURL"]=$myurl;
if($myurl)
$smarty->assign("url",$myurl);
else
$smarty->assign("url",$defaulturl);
if(@$_POST["username"] || @$_GET["username"])
$smarty->assign("value_username","value=\"".htmlspecialchars(@$_POST["username"])."\"");
else
$smarty->assign("value_username","value=\"".htmlspecialchars(refine(@$_COOKIE["username"]))."\"");
if(@$_POST["password"])
$smarty->assign("value_password","value=\"".htmlspecialchars(@$_POST["password"])."\"");
else
$smarty->assign("value_password","value=\"".htmlspecialchars(refine(@$_COOKIE["password"]))."\"");
if(@$_GET["message"]=="expired")
$strMessage = "Your session has expired. Please login again.";
$smarty->assign("message",$strMessage);
$smarty->display("login.htm");
?>