Tree - centos/artwork-archive - CentOS Git server

centos / artwork-archive

Files

Commit: 91d90d418ca0c5e02a423ec310148fad2ae3c670

Blob Blame History Raw

 <?php
/**
 * Authentication and authorization
 *
 * @category   Logic
 * @package    CentOS-News
 * @author     Alain Reguera Delgado <alain.reguera@gmail.com>
 * @copyright  2009 - CentOS Artwork SIG.
 * @license    GPL
 */
 
//--------------Authentication stuff--------------
 
    session_start();
 
//--------------/* Verify Admin access rights  */
 
    function check_adminaccess()
    {
        /* Verify session */
        if (!isset($_SESSION['employeetype']))
        {
            header('Location: '. BASEURL .'admin/login.php');
        }
    }
 
    /* Check User Access */
    function check_useraccess()
    {
        $timeout = 60 * 30; // In seconds, i.e. 30 minutes.
        $fingerprint = md5($_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT']);
        $redirect_to = BASEURL . 'admin/login.php?loggedout=true';
 
        /* Destroy session if ... */
        if (isset($_SESSION['last_active']) && $_SESSION['last_active'] < (time()-$timeout)
           || (isset($_SESSION['fingerprint']) && $_SESSION['fingerprint']!=$fingerprint)
           || isset($_GET['action']) && $_GET['action'] == 'logout') 
        {
 
            setcookie(session_name(), '', time()-3600, '/');
            session_destroy();
            header("Location: $redirect_to");
        }
 
        /* Regenerate session */
        session_regenerate_id(); 
 
        /* Increase session lifetime */
        $_SESSION['last_active'] = time();
 
        /* Rebuild session fingerprint */
        $_SESSION['fingerprint'] = $fingerprint;
 
    }
 
    /* Verify username and password */
    function login()
    {
        require_once(ABSPATH . 'admin/includes/classes/ldap.php');
        $ldap = new LDAP;
 
        /* Inicialize variables */
        $login = array();
        $login['username'] = '';
        $login['password'] = '';
 
        /* Validate username input */ 
        if (isset($_POST['username']))
        {
            $mail_pattern = '/^([a-z0-9+_]|\-|\.)+@(([a-z0-9_]|\-)+\.)+[a-z]{2,6}$/';
            if (preg_match( $mail_pattern,$_POST['username']))
            {
                $login['username'] = $_POST['username'];
            }
        }
 
        /* Validate password input */
        if (isset($_POST['password']))
        {
            $login['password'] = $ldap->prepare_userpassword($_POST['password']);
        }
 
        /* Query LDAP directory looking for username AND password */
        $search = $ldap->get_entries('(&(uid=' . $login['username']  . ')(&(userpassword=' . $login['password'] . ')))');
 
        /* Build user's session if match */
        if ($search['count'] == 1)
        {
            /* Set session information */
            $_SESSION['uid']            = $search[0]['uid'][0];
            $_SESSION['cn']             = $search[0]['cn'][0];
            $_SESSION['employeetype']   = $search[0]['employeetype'][0];
 
            /* Set session lasttime access */
            $_SESSION['last_active'] = time();
 
            /* Set session fingerprint */
            $fingerprint = md5($_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT']);
            $_SESSION['fingerprint'] = $fingerprint;
 
            /* Redirect to frontpage */
            header("Location: " . BASEURL);
 
            return 0;
        }
        else if ($search['count'] > 1)
        {
            // Login Failed: There are duplicates in the ldap directory database
            return 002;
        }
        else
        {
            // Login Failed: There is no coincidece in the search
            return '001';
        }
    }
 
    // User links
    function get_auth_userlinks()
    {
 
        $html = '<ul>' . "\n";
 
        if (isset($_SESSION['cn'])) 
        {
            $html .= '<li><strong>' . $_SESSION['cn'] . '</strong> (<a href="?action=logout">' . ucfirst(translate("logout")) . '</a>)</li>' . "\n";
            $html .= '<li><a href="admin/index.php">' .  ucfirst(translate("admin")) . '</a></li>' . "\n";
        }
        else
        {
            $html .= '<li><a href="admin/login.php">' . ucfirst(translate("login")) . '</a></li>' . "\n";
        }
 
        $html .= '</ul>' . "\n";
 
        return $html;
 
    }
 
?>

	<?php
	/**
	* Authentication and authorization
	*
	* @category Logic
	* @package CentOS-News
	* @author Alain Reguera Delgado <alain.reguera@gmail.com>
	* @copyright 2009 - CentOS Artwork SIG.
	* @license GPL
	*/

	//--------------Authentication stuff--------------

	session_start();

	//--------------/* Verify Admin access rights */

	function check_adminaccess()
	{
	/* Verify session */
	if (!isset($_SESSION['employeetype']))
	{
	header('Location: '. BASEURL .'admin/login.php');
	}
	}

	/* Check User Access */
	function check_useraccess()
	{
	$timeout = 60 * 30; // In seconds, i.e. 30 minutes.
	$fingerprint = md5($_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT']);
	$redirect_to = BASEURL . 'admin/login.php?loggedout=true';

	/* Destroy session if ... */
	if (isset($_SESSION['last_active']) && $_SESSION['last_active'] < (time()-$timeout)
	\|\| (isset($_SESSION['fingerprint']) && $_SESSION['fingerprint']!=$fingerprint)
	\|\| isset($_GET['action']) && $_GET['action'] == 'logout')
	{

	setcookie(session_name(), '', time()-3600, '/');
	session_destroy();
	header("Location: $redirect_to");
	}

	/* Regenerate session */
	session_regenerate_id();

	/* Increase session lifetime */
	$_SESSION['last_active'] = time();

	/* Rebuild session fingerprint */
	$_SESSION['fingerprint'] = $fingerprint;

	}

	/* Verify username and password */
	function login()
	{
	require_once(ABSPATH . 'admin/includes/classes/ldap.php');
	$ldap = new LDAP;

	/* Inicialize variables */
	$login = array();
	$login['username'] = '';
	$login['password'] = '';

	/* Validate username input */
	if (isset($_POST['username']))
	{
	$mail_pattern = '/^([a-z0-9+_]\|\-\|\.)+@(([a-z0-9_]\|\-)+\.)+[a-z]{2,6}$/';
	if (preg_match( $mail_pattern,$_POST['username']))
	{
	$login['username'] = $_POST['username'];
	}
	}

	/* Validate password input */
	if (isset($_POST['password']))
	{
	$login['password'] = $ldap->prepare_userpassword($_POST['password']);
	}

	/* Query LDAP directory looking for username AND password */
	$search = $ldap->get_entries('(&(uid=' . $login['username'] . ')(&(userpassword=' . $login['password'] . ')))');

	/* Build user's session if match */
	if ($search['count'] == 1)
	{
	/* Set session information */
	$_SESSION['uid'] = $search[0]['uid'][0];
	$_SESSION['cn'] = $search[0]['cn'][0];
	$_SESSION['employeetype'] = $search[0]['employeetype'][0];

	/* Set session lasttime access */
	$_SESSION['last_active'] = time();

	/* Set session fingerprint */
	$fingerprint = md5($_SERVER['REMOTE_ADDR'].$_SERVER['HTTP_USER_AGENT']);
	$_SESSION['fingerprint'] = $fingerprint;

	/* Redirect to frontpage */
	header("Location: " . BASEURL);

	return 0;
	}
	else if ($search['count'] > 1)
	{
	// Login Failed: There are duplicates in the ldap directory database
	return 002;
	}
	else
	{
	// Login Failed: There is no coincidece in the search
	return '001';
	}
	}

	// User links
	function get_auth_userlinks()
	{

	$html = '<ul>' . "\n";

	if (isset($_SESSION['cn']))
	{
	$html .= '<li><strong>' . $_SESSION['cn'] . '</strong> (<a href="?action=logout">' . ucfirst(translate("logout")) . '</a>)</li>' . "\n";
	$html .= '<li><a href="admin/index.php">' . ucfirst(translate("admin")) . '</a></li>' . "\n";
	}
	else
	{
	$html .= '<li><a href="admin/login.php">' . ucfirst(translate("login")) . '</a></li>' . "\n";
	}

	$html .= '</ul>' . "\n";

	return $html;

	}

	?>

centos / artwork-archive

Source Code

Files