A place where AppGini users can exchange ideas and help each other.
https://forums.appgini.com:443/phpbb/
https://forums.appgini.com:443/phpbb/viewtopic.php?f=2&t=1406
Code: Select all
diff -Naur PackMan/incCommon.php PackManMOD/incCommon.php
--- incCommon.php 2018-07-13 10:06:48.429028556 +0200
+++ incCommon.php 2018-07-13 10:42:37.575924821 +0200
@@ -269,56 +269,67 @@
#########################################################
- function logInMember(){
- $redir = 'index.php';
- if($_POST['signIn'] != ''){
- if($_POST['username'] != '' && $_POST['password'] != ''){
- $username = makeSafe(strtolower($_POST['username']));
- $password = md5($_POST['password']);
-
- if(sqlValue("select count(1) from membership_users where lcase(memberID)='$username' and passMD5='$password' and isApproved=1 and isBanned=0")==1){
- $_SESSION['memberID']=$username;
- $_SESSION['memberGroupID']=sqlValue("select groupID from membership_users where lcase(memberID)='$username'");
- if($_POST['rememberMe']==1){
- @setcookie('PackMan_rememberMe', md5($username.$password), time()+86400*30);
- }else{
- @setcookie('PackMan_rememberMe', '', time()-86400*30);
- }
-
- // hook: login_ok
- if(function_exists('login_ok')){
- $args=array();
- if(!$redir=login_ok(getMemberInfo(), $args)){
- $redir='index.php';
- }
- }
-
- redirect($redir);
- exit;
- }
- }
-
- // hook: login_failed
- if(function_exists('login_failed')){
- $args=array();
- login_failed(array(
- 'username' => $_POST['username'],
- 'password' => $_POST['password'],
- 'IP' => $_SERVER['REMOTE_ADDR']
- ), $args);
- }
-
- if(!headers_sent()) header('HTTP/1.0 403 Forbidden');
- redirect("index.php?loginFailed=1");
- exit;
- }elseif((!$_SESSION['memberID'] || $_SESSION['memberID']==$adminConfig['anonymousMember']) && $_COOKIE['PackMan_rememberMe']!=''){
- $chk=makeSafe($_COOKIE['PackMan_rememberMe']);
- if($username=sqlValue("select memberID from membership_users where convert(md5(concat(memberID, passMD5)), char)='$chk' and isBanned=0")){
- $_SESSION['memberID']=$username;
- $_SESSION['memberGroupID']=sqlValue("select groupID from membership_users where lcase(memberID)='$username'");
- }
- }
- }
+function logInMember() {
+ $redir = 'index.php';
+ if ($_POST['signIn'] != '') {
+ if ($_POST['username'] != '' && $_POST['password'] != '') {
+ $username = makeSafe(strtolower($_POST['username']));
+ $password = md5($_POST['password']);
+ $ldap_username = 'YOUR-DOMAIN\\'.$_POST['username'];
+ $ldap_password = $_POST['password'];
+ $link = ldap_connect('your.directory.server.local');
+ if ($link) {
+ ldap_set_option($link, LDAP_OPT_PROTOCOL_VERSION, 3);
+ if (ldap_bind($link, $ldap_username, $ldap_password)) {
+ $ldap_authorized = true;
+ $_POST['rememberMe'] = 0;
+ }
+ }
+ if ($ldap_authorized) {
+
+ if (sqlValue("select count(1) from membership_users where lcase(memberID)='$username' and isApproved=1 and isBanned=0") == 1) {
+ $_SESSION['memberID'] = $username;
+ $_SESSION['memberGroupID'] = sqlValue("select groupID from membership_users where lcase(memberID)='$username'");
+ if ($_POST['rememberMe'] == 1) {
+ @setcookie('helpdesk_rememberMe', md5($username.$password), time() + 86400 * 30);
+ } else {
+ @setcookie('helpdesk_rememberMe', '', time() - 86400 * 30);
+ }
+
+ if (function_exists('login_ok')) {
+ $args = array();
+ if (!$redir = login_ok(getMemberInfo(), $args)) {
+ $redir = 'index.php';
+ }
+ }
+
+ redirect($redir);
+ exit;
+ }
+ }
+ }
+
+ if (function_exists('login_failed')) {
+ $args = array();
+ login_failed(array(
+ 'username' => $_POST['username'],
+ 'password' => $_POST['password'],
+ 'IP' => $_SERVER['REMOTE_ADDR']
+ ), $args);
+ }
+
+ if (!headers_sent()) header('HTTP/1.0 403 Forbidden');
+ redirect("index.php?loginFailed=1");
+ exit;
+ }
+ elseif((!$_SESSION['memberID'] || $_SESSION['memberID'] == $adminConfig['anonymousMember']) && $_COOKIE['helpdesk_rememberMe'] != '') {
+ $chk = makeSafe($_COOKIE['helpdesk_rememberMe']);
+ if ($username = sqlValue("select memberID from membership_users where convert(md5(concat(memberID, passMD5)), char)='$chk' and isBanned=0")) {
+ $_SESSION['memberID'] = $username;
+ $_SESSION['memberGroupID'] = sqlValue("select groupID from membership_users where lcase(memberID)='$username'");
+ }
+ }
+}
#########################################################