Web Hosting Forums

Page 1 of 2 1 2 LastLast
Results 1 to 15 of 18

This is a discussion on LDAP Stuff in the Hosting Talk & Chit-chat forum
Has anyone used Trellis Desk? I am trying to rewrite the coding to work with LDAP User Authentication. Does anyone have experience in integrating LDAP ...

  1. #1
    Master of Cheese jetdiscos's Avatar
    Join Date
    Jun 2006
    Location
    Cambridge, UK
    Posts
    65

    LDAP Stuff

    Has anyone used Trellis Desk? I am trying to rewrite the coding to work with LDAP User Authentication. Does anyone have experience in integrating LDAP into scripts?
    Thanks

  2. #2
    Community Leader jason's Avatar
    Join Date
    Sep 2001
    Location
    Rochester, NY
    Posts
    5,884
    I frequently do LDAP authentication in PHP scripts at work. Do you have specific questions, need to see sample code, or what?

    I've never used Trellis Desk.

    --Jason
    Jason Pitoniak
    Interbrite Communications
    www.interbrite.com www.kodiakskorner.com

  3. #3
    Master of Cheese jetdiscos's Avatar
    Join Date
    Jun 2006
    Location
    Cambridge, UK
    Posts
    65
    I basically want to know how to do it. I have found what i think is the authentication page. I then need a configurable LDAP script that will contain all the LDAP settings. Then hopefully it will all work fine. I have attached the file that i think would be the file i need to edit.

    Thanks

    J

    FIle: class_session.php
    PHP Code:
    <?php

    /*
    #======================================================
    |    Trellis Desk
    |    =====================================
    |    By DJ "someotherguy" (sog@accord5.com)
    |     2007 ACCORD5
    |    http://www.accord.com/products/trellis/
    |    =====================================
    |    Email: sales@accord5.com
    #======================================================
    |    @ Version: v1.0 RC 1 Build 10031234
    |    @ Version Int: 100.3.1.234
    |    @ Version Num: 10031234
    |    @ Build: 0234
    #======================================================
    |    | Session Class :: Session Handler
    #======================================================
    */

    class session {

        var 
    $member    = array();

        
    #=======================================
        # @ Load Session
        # Loads the session.  What else? :D
        #=======================================

        
    function load_session()
        {
            
    $authorized 0// Initialize for Security

            #=============================
            # Kill Any Bad Sessions
            #=============================

            
    $this->kill_old_sessions();
            
    $this->kill_old_tokens();

            
    #=============================
            # Get Information
            #=============================

            
    $cookie_sid $this->ifthd->get_cookie('hdsid');
            
    $cookie_mid intval$this->ifthd->get_cookie('hdmid') );
            
    $cookie_hash $this->ifthd->get_cookie('hdphash');

            
    #=============================
            # If We Have A Session Cookie
            #=============================

            
    if ( $cookie_sid )
            {
                
    #=============================
                # Load Member
                #=============================

                
    $this->ifthd->core->db->construct( array(
                                                           
    'select'    => array( 's' => 'all',
                                                                                 
    'm' => array( 'id''name''email''login_key''mgroup''title''joined''ipadd''open_tickets''tickets''email_notify''email_html''email_new_ticket''email_ticket_reply''email_announce''email_staff_ticket_reply''email_staff_new_ticket''ban_ticket_center''ban_ticket_open''ban_ticket_escalate''ban_ticket_rate''ban_kb''ban_kb_comment''ban_kb_rate''time_zone''dst_active''lang''skin''use_rte''cpfields' ),
                                                                                 
    'g' => 'all',
                                                                                ),
                                                           
    'from'        => array( 's' => 'sessions' ),
                                                           
    'join'        => array( array( 'from' => array( 'm' => 'members' ), 'where' => array( 's' => 's_mid''=''m' => 'id' ) ), array( 'from' => array( 'g' => 'groups' ), 'where' => array( 'g' => 'g_id''=''m' => 'mgroup' ) ) ),
                                                            
    'where'    => array( array( 's' => 's_id' ), '='$cookie_sid ),
                                                            
    'limit'    => array( 0),
                                                     )     );

                
    $this->ifthd->core->db->execute();

                if ( 
    $this->ifthd->core->db->get_num_rows() == )
                {
                    
    $this->member $this->ifthd->core->db->fetch_row();

                    
    #=============================
                    # Update Session
                    #=============================

                    
    $this->ifthd->core->db->construct( array(
                                                               
    'update'    => 'sessions',
                                                               
    'set'        => array( 's_location' => $this->ifthd->input['act'], 's_time'    => time() ),
                                                                
    'where'    => array( 's_id''='$cookie_sid ),
                                                                
    'limit'    => array( ),
                                                         )     );

                    
    $this->ifthd->core->db->next_shutdown();
                    
    $this->ifthd->core->db->execute();

                    
    $this->ifthd->set_cookie'hdsid'$cookie_sidtime() + ( $this->ifthd->core->cache['config']['session_timeout'] * 60 ) );

                    if ( 
    $this->member['s_guest'] )
                    {
                        
    $this->member['id']    = 0;
                        
    $this->member['name'] = 'Guest';
                        
    $this->member['mgroup'] = 2;

                        
    $this->member array_merge$this->member$this->ifthd->core->cache['group'][2] );
                    }

                    
    $authorized 1;
                }
            }

            
    #=============================
            # If We Have A Remember Cookie
            #=============================

            
    if ( $cookie_mid && $cookie_hash && ! $authorized )
            {
                
    #=============================
                # Load Member
                #=============================

                
    $this->ifthd->core->db->construct( array(
                                                           
    'select'    => array( 'm' => array( 'id''name''email''login_key''mgroup''title''joined''ipadd''open_tickets''tickets''email_notify''email_html''email_new_ticket''email_ticket_reply''email_announce''email_staff_new_ticket''email_staff_ticket_reply''ban_ticket_center''ban_ticket_open''ban_ticket_escalate''ban_ticket_rate''ban_kb''ban_kb_comment''ban_kb_rate''time_zone''dst_active''lang''skin''use_rte''cpfields' ),
                                                                                 
    'g' => 'all',
                                                                                ),
                                                           
    'from'        => array( 'm' => 'members' ),
                                                           
    'join'        => array( array( 'from' => array( 'g' => 'groups' ), 'where' => array( 'g' => 'g_id''=''m' => 'mgroup' ) ) ),
                                                            
    'where'    => array( array( 'm' => 'id' ), '='$cookie_mid ),
                                                            
    'limit'    => array( 0),
                                                     )     );

                
    $this->ifthd->core->db->execute();

                
    $this->member $this->ifthd->core->db->fetch_row();

                
    #=============================
                # Checkie Checkie
                #=============================

                
    if ( $this->member['login_key'] == $cookie_hash )
                {
                    
    #=============================
                    # Create Session
                    #=============================

                    
    $new_session md5's' time() . $this->member['id'] . uniqidrand(), true ) );

                    
    $db_array = array(
                                      
    's_id'            => $new_session,
                                      
    's_mid'            => $this->member['id'],
                                      
    's_mname'            => $this->member['name'],
                                      
    's_ipadd'            => $this->ifthd->input['ip_address'],
                                      
    's_location'        => $this->ifthd->input['act'],
                                      
    's_time'            => time(),
                                      );

                    
    $this->ifthd->core->db->construct( array(
                                                               
    'insert'    => 'sessions',
                                                               
    'set'        => $db_array,
                                                         )     );

                    
    $this->ifthd->core->db->execute();

                    
    $this->ifthd->set_cookie'hdsid'$new_sessiontime() + ( $this->ifthd->core->cache['config']['session_timeout'] * 60 ) );

                    
    $authorized 1;
                }
                else
                {
                    
    $this->ifthd->delete_cookie('hdmid');
                    
    $this->ifthd->delete_cookie('hdphash');
                }
            }

            
    #=============================
            # If We Are Not Authorized
            #=============================

            
    if ( ! $authorized )
            {
                
    $this->member['id']    = 0;
                
    $this->member['name'] = 'Guest';
                
    $this->member['mgroup'] = 2;

                
    $this->member['guest'] = 1;

                
    #=============================
                # Create Session
                #=============================

                
    $new_session md5's' time() . $this->member['id'] . uniqidrand(), true ) );

                
    $db_array = array(
                                  
    's_id'            => $new_session,
                                  
    's_mid'            => $this->member['id'],
                                  
    's_mname'            => $this->member['name'],
                                  
    's_ipadd'            => $this->ifthd->input['ip_address'],
                                  
    's_location'        => $this->ifthd->input['act'],
                                  
    's_time'            => time(),
                                  
    's_guest'            => 1,
                                  );

                
    $this->ifthd->core->db->construct( array(
                                                           
    'insert'    => 'sessions',
                                                           
    'set'        => $db_array,
                                                     )     );

                
    $this->ifthd->core->db->execute();

                
    $this->ifthd->set_cookie'hdsid'$new_sessiontime() + ( $this->ifthd->core->cache['config']['session_timeout'] * 60 ) );

                
    $this->member['s_id'] = $new_session;

                
    $this->member array_merge$this->member$this->ifthd->core->cache['group'][2] );
            }

            return 
    $this->member;
        }

        
    #=======================================
        # @ Do Login
        # Attempt to login.
        #=======================================

        
    function do_login()
        {
            
    #=============================
            # Security Checks
            #=============================

            
    $this->ifthd->check_token('login');

            if ( ! 
    $this->ifthd->input['username'] || ! $this->ifthd->input['password'] )
            {
                
    $this->ifthd->skin->error('fill_form_completely'1);
            }

            
    #=============================
            # Select Member
            #=============================

            
    $this->ifthd->core->db->construct( array(
                                                       
    'select'    => array( 'id''name''email''password''pass_salt''login_key''email_val''admin_val' ),
                                                       
    'from'        => 'members',
                                                        
    'where'    => array( 'name|lower''='strtolower$this->ifthd->input['username'] ) ),
                                                        
    'limit'    => array( 0),
                                                 )     );

            
    $this->ifthd->core->db->execute();

            if ( ! 
    $this->ifthd->core->db->get_num_rows() )
            {
                
    $this->ifthd->skin->error('login_no_user'1);
            }

            
    $mem $this->ifthd->core->db->fetch_row();

            
    #=============================
            # Compare Password
            #=============================

            
    if ( sha1md5$this->ifthd->input['password'] . $mem['pass_salt'] ) ) == $mem['password'] )
            {            
                
    #=============================
                # Validation Check
                #=============================
                
                
    if ( ! $mem['email_val'] )
                {
                    
    $this->ifthd->skin->error('login_must_val');
                }
                if ( ! 
    $mem['admin_val'] )
                {
                    
    $this->ifthd->skin->error('login_must_val_admin');
                }
                
                
    #=============================
                # Delete Old Sessoin
                #=============================

                
    if ( $this->member['s_id'] )
                {
                    
    $this->ifthd->core->db->construct( array(
                                                               
    'delete'    => 'sessions',
                                                                
    'where'    => array( 's_id''='$this->member['s_id'] ),
                                                                
    'limit'    => array( ),
                                                         )     );

                    
    $this->ifthd->core->db->execute();
                }

                
    #=============================
                # Create Session
                #=============================

                
    $new_session md5time() . $mem['id'] . uniqidrand(), true ) );

                
    $db_array = array(
                                  
    's_id'            => $new_session,
                                  
    's_mid'            => $mem['id'],
                                  
    's_mname'            => $mem['name'],
                                  
    's_email'            => $mem['email'],
                                  
    's_ipadd'            => $this->ifthd->input['ip_address'],
                                  
    's_location'        => $this->ifthd->input['act'],
                                  
    's_time'            => time(),
                                  );

                
    $this->ifthd->core->db->construct( array(
                                                           
    'insert'    => 'sessions',
                                                           
    'set'        => $db_array,
                                                     )     );

                
    $this->ifthd->core->db->execute();

                
    $this->ifthd->set_cookie'hdsid'$new_sessiontime() + ( $this->ifthd->core->cache['config']['session_timeout'] * 60 ) );

                
    #=============================
                # Remember Me?
                #=============================

                
    if ( $this->ifthd->input['remember'] )
                {
                    
    $this->ifthd->set_cookie'hdmid'$mem['id'] );
                    
    $this->ifthd->set_cookie'hdphash'$mem['login_key'] );
                }

                
    #=============================
                # Redirect
                #=============================

                
    if ( $this->ifthd->input['extra_l'] )
                {
                    
    $this->ifthd->skin->redirect'?'str_replace"&amp;""&"$this->ifthd->input['extra_l'] ), 'login_success' );
                }
                else
                {
                    
    $this->ifthd->skin->redirect'?act=portal''login_success' );
                }
            }
            else
            {
                
    $this->ifthd->skin->error('login_no_pass'1);
            }
        }

        
    #=======================================
        # @ Do Guest Login
        # Attempt to login a guest.
        #=======================================

        
    function do_guest_login($onthefly=0)
        {
            
    #=============================
            # Security Checks
            #=============================

            
    if ( $onthefly )
            {
                
    $this->ifthd->input['email_address'] = $this->ifthd->input['email'];
                
    $this->ifthd->input['ticket_key'] = $this->ifthd->input['key'];
            }
            else
            {
                
    $this->ifthd->check_token('glogin');
            }

            if ( ! 
    $this->ifthd->validate_email$this->ifthd->input['email_address'] ) )
            {
                
    $this->ifthd->skin->error('no_valid_email');
            }

            if ( 
    strlen$this->ifthd->input['ticket_key'] ) != 11 )
            {
                
    $this->ifthd->skin->error('no_valid_tkey');
            }

            
    #=============================
            # Select Ticket
            #=============================

            
    $this->ifthd->core->db->construct( array(
                                                       
    'select'    => array( 'id''mname''email' ),
                                                       
    'from'        => 'tickets',
                                                        
    'where'    => array( array( 'tkey''='$this->ifthd->input['ticket_key'] ), array( 'email''='$this->ifthd->input['email_address'], 'and' ), array( 'guest''='1'and' ) ),
                                                 )     );

            
    $this->ifthd->core->db->execute();

            if ( 
    $this->ifthd->core->db->get_num_rows() != )
            {
                
    $this->ifthd->skin->error('no_ticket_guest');
            }

            
    $ticket $this->ifthd->core->db->fetch_row();

            
    #=============================
            # Update Session
            #=============================

            
    $new_session md5time() . $mem['id'] . uniqidrand(), true ) );

            
    $db_array = array( 's_mname' => $ticket['mname'], 's_email' => $ticket['email'], 's_tkey' => $this->ifthd->input['ticket_key'] );

            
    $this->ifthd->core->db->construct( array(
                                                       
    'update'    => 'sessions',
                                                       
    'set'        => $db_array,
                                                       
    'where'    => array( 's_id''='$this->member['s_id'] ),
                                                       
    'limit'    => array( ),
                                                 )     );

            
    $this->ifthd->core->db->execute();

            
    $this->ifthd->member array_merge$this->ifthd->member$db_array );

            if ( ! 
    $onthefly $this->ifthd->skin->redirect'?act=tickets&code=view&id='$ticket['id'], 'login_success' );
        }

        
    #=======================================
        # @ Do Logout
        # Attempt to logout.
        #=======================================

        
    function do_logout()
        {
            if ( 
    $this->ifthd->member['id'] )
            {
                
    #=============================
                # Security Checks
                #=============================

                
    $this->ifthd->core->db->construct( array(
                                                           
    'select'    => array( 'id' ),
                                                           
    'from'        => 'members',
                                                            
    'where'    => array( 'login_key''='$this->ifthd->input['key'] ),
                                                            
    'limit'    => array( 0),
                                                     )     );

                
    $this->ifthd->core->db->execute();

                if ( ! 
    $this->ifthd->core->db->get_num_rows() )
                {
                    
    $this->ifthd->skin->error('logout_no_key');
                }

                
    $lk $this->ifthd->core->db->fetch_row();

                if ( 
    $this->ifthd->member['id'] != $lk['id'] )
                {
                    
    $this->ifthd->skin->error('logout_no_key');
                }
            }

            
    #=============================
            # Delete Cookies
            #=============================

            
    $this->ifthd->delete_cookie('hdsid');
            
    $this->ifthd->delete_cookie('hdmid');
            
    $this->ifthd->delete_cookie('hdphash');

            
    #=============================
            # Delete Session
            #=============================

            
    $this->ifthd->core->db->construct( array(
                                                       
    'delete'    => 'sessions',
                                                        
    'where'    => array( 's_id''='$this->member['s_id'] ),
                                                        
    'limit'    => array( ),
                                                 )     );

            
    $this->ifthd->core->db->execute();

            
    #=============================
            # Redirect
            #=============================

            
    $this->ifthd->skin->redirect'?act=portal''logout_success' );
        }

        
    #=======================================
        # @ Kill Old Sessions
        # Kills sessions older than the session
        # timeout (defined in ACP).
        #=======================================

        
    function kill_old_sessions()
        {
            
    $timeout time() - ( $this->ifthd->core->cache['config']['session_timeout'] * 60 );

            
    $this->ifthd->core->db->construct( array(
                                                       
    'delete'    => 'sessions',
                                                        
    'where'    => array( 's_time''<='$timeout ),
                                                 )     );

            
    $this->ifthd->core->db->next_shutdown();
            
    $this->ifthd->core->db->execute();

            
    $num_killed $this->ifthd->core->db->get_num_rows();

            return 
    $num_killed;
        }

        
    #=======================================
        # @ Kill Old Tokens
        # Kills tokens older than 1 hour.
        #=======================================

        
    function kill_old_tokens()
        {
            if ( 
    $this->ifthd->core->cache['config']['use_form_tokens'] )
            {
                
    $timeout time() - ( 60 60 );

                
    $this->ifthd->core->db->construct( array(
                                                           
    'delete'    => 'tokens',
                                                            
    'where'    => array( 'date''<='$timeout ),
                                                     )     );

                
    $this->ifthd->core->db->next_shutdown();
                
    $this->ifthd->core->db->execute();

                
    $num_killed $this->ifthd->core->db->get_num_rows();

                return 
    $num_killed;
            }
        }
    }

    ?>
    FIle: class_session.php
    PHP Code:
    <?php

    /*
    #======================================================
    |    Trellis Desk
    |    =====================================
    |    By DJ "someotherguy" (sog@accord5.com)
    |     2007 ACCORD5
    |    http://www.accord.com/products/trellis/
    |    =====================================
    |    Email: sales@accord5.com
    #======================================================
    |    @ Version: v1.0 RC 1 Build 10031234
    |    @ Version Int: 100.3.1.234
    |    @ Version Num: 10031234
    |    @ Build: 0234
    #======================================================
    |    | Admin Session Class :: Session Handler
    #======================================================
    */

    class asession {

        var 
    $member    = array();

        
    #=======================================
        # @ Load Session
        # Loads the session.  What else? :D
        #=======================================

        
    function load_session()
        {
            
    $authorized 0// Initialize for Security

            #=============================
            # Kill Any Bad Sessions
            #=============================

            
    $this->kill_old_sessions();
            
    $this->kill_old_tokens();

            
    #=============================
            # Get Information
            #=============================

            
    $cookie_sid $this->ifthd->get_cookie('hdasid');

            
    #=============================
            # If We Have A Session Cookie
            #=============================

            
    if ( $cookie_sid )
            {
                
    #=============================
                # Load Member
                #=============================

                
    $this->ifthd->core->db->construct( array(
                                                           
    'select'    => array( 's' => 'all',
                                                                                 
    'm' => array( 'id''name''email''login_key''mgroup''title''joined''ipadd''time_zone''dst_active''lang''skin''use_rte''cpfields''rss_key''signature''auto_sig''assigned' ),
                                                                                 
    'g' => 'all',
                                                                                ),
                                                           
    'from'        => array( 's' => 'asessions' ),
                                                           
    'join'        => array( array( 'from' => array( 'm' => 'members' ), 'where' => array( 's' => 's_mid''=''m' => 'id' ) ), array( 'from' => array( 'g' => 'groups' ), 'where' => array( 'g' => 'g_id''=''m' => 'mgroup' ) ) ),
                                                            
    'where'    => array( array( 's' => 's_id' ), '='$cookie_sid ),
                                                            
    'limit'    => array( 0),
                                                     )     );

                
    $this->ifthd->core->db->execute();

                if ( 
    $this->ifthd->core->db->get_num_rows() )
                {
                    
    $this->member $this->ifthd->core->db->fetch_row();

                    if ( 
    $this->member['g_acp_access'] )
                    {
                        
    #=============================
                        # Update Ticket
                        #=============================

                        
    if ( $this->ifthd->input['section'] != 'manage' || $this->ifthd->input['act'] != 'tickets' || $this->ifthd->input['code'] != 'view' )
                        {
                            if ( 
    $this->member['s_inticket'] )
                            {
                                
    $this->ifthd->core->db->construct( array(
                                                                           
    'select'    => array( 'status' ),
                                                                           
    'from'        => 'tickets',
                                                                            
    'where'    => array( 'id''='$this->member['s_inticket'] ),
                                                                            
    'limit'    => array( 0),
                                                                     )     );

                                
    $this->ifthd->core->db->execute();

                                if ( 
    $this->ifthd->core->db->get_num_rows() )
                                {
                                    
    $t $this->ifthd->core->db->fetch_row();

                                    if ( 
    $t['status'] == )
                                    {
                                        
    $this->ifthd->core->db->construct( array(
                                                                                   
    'update'    => 'tickets',
                                                                                   
    'set'        => array( 'status' => ),
                                                                                     
    'where'    => array( 'id''='$this->member['s_inticket'] ),
                                                                                     
    'limit'    => array( ),
                                                                             )     );

                                        
    $this->ifthd->core->db->execute();
                                    }
                                }
                            }
                        }

                        
    #=============================
                        # Update Session
                        #=============================

                        
    $db_array = array(
                                          
    's_location'    => $this->ifthd->input['act'],
                                          
    's_time'        => time(),
                                          );

                        if ( 
    $this->ifthd->input['section'] == 'manage' && $this->ifthd->input['act'] == 'tickets' && $this->ifthd->input['code'] == 'view' )
                        {
                            
    $db_array['s_inticket'] = $this->ifthd->input['id'];
                        }
                        else
                        {
                            
    $db_array['s_inticket'] = 0;
                        }

                        
    $this->ifthd->core->db->construct( array(
                                                                   
    'update'    => 'asessions',
                                                                   
    'set'        => $db_array,
                                                                    
    'where'    => array( 's_id''='$cookie_sid ),
                                                                    
    'limit'    => array( ),
                                                             )     );

                        
    $this->ifthd->core->db->next_shutdown();
                        
    $this->ifthd->core->db->execute();

                        
    $this->ifthd->set_cookie'hdasid'$cookie_sidtime() + ( $this->ifthd->core->cache['config']['acp_session_timeout'] * 60 60 ) );

                        
    #=============================
                        # ACP Permissions
                        #=============================

                        
    if ( $this->member['id'] == )
                        {
                            
    $this->member['acp'] = unserialize('a:76:{s:5:"admin";i:1;s:10:"admin_logs";i:1;s:16:"admin_logs_admin";i:1;s:17:"admin_logs_member";i:1;s:16:"admin_logs_email";i:1;s:16:"admin_logs_error";i:1;s:19:"admin_logs_security";i:1;s:17:"admin_logs_ticket";i:1;s:16:"admin_logs_prune";i:1;s:6:"manage";i:1;s:13:"manage_ticket";i:1;s:19:"manage_ticket_reply";i:1;s:25:"manage_ticket_assign_self";i:1;s:24:"manage_ticket_assign_any";i:1;s:18:"manage_ticket_hold";i:1;s:22:"manage_ticket_escalate";i:1;s:18:"manage_ticket_move";i:1;s:19:"manage_ticket_close";i:1;s:20:"manage_ticket_delete";i:1;s:20:"manage_ticket_reopen";i:1;s:13:"manage_canned";i:1;s:17:"manage_canned_add";i:1;s:18:"manage_canned_edit";i:1;s:20:"manage_canned_delete";i:1;s:13:"manage_depart";i:1;s:17:"manage_depart_add";i:1;s:18:"manage_depart_edit";i:1;s:20:"manage_depart_delete";i:1;s:21:"manage_depart_reorder";i:1;s:21:"manage_depart_cfields";i:1;s:15:"manage_announce";i:1;s:19:"manage_announce_add";i:1;s:20:"manage_announce_edit";i:1;s:22:"manage_announce_delete";i:1;s:13:"manage_member";i:1;s:17:"manage_member_add";i:1;s:18:"manage_member_edit";i:1;s:20:"manage_member_delete";i:1;s:21:"manage_member_approve";i:1;s:21:"manage_member_cfields";i:1;s:12:"manage_group";i:1;s:16:"manage_group_add";i:1;s:17:"manage_group_edit";i:1;s:19:"manage_group_delete";i:1;s:14:"manage_article";i:1;s:18:"manage_article_add";i:1;s:19:"manage_article_edit";i:1;s:21:"manage_article_delete";i:1;s:10:"manage_cat";i:1;s:14:"manage_cat_add";i:1;s:15:"manage_cat_edit";i:1;s:17:"manage_cat_delete";i:1;s:12:"manage_pages";i:1;s:16:"manage_pages_add";i:1;s:17:"manage_pages_edit";i:1;s:19:"manage_pages_delete";i:1;s:15:"manage_settings";i:1;s:22:"manage_settings_update";i:1;s:4:"look";i:1;s:9:"look_skin";i:1;s:16:"look_skin_manage";i:1;s:15:"look_skin_tools";i:1;s:16:"look_skin_import";i:1;s:16:"look_skin_export";i:1;s:9:"look_lang";i:1;s:16:"look_lang_manage";i:1;s:15:"look_lang_tools";i:1;s:16:"look_lang_import";i:1;s:16:"look_lang_export";i:1;s:5:"tools";i:1;s:11:"tools_maint";i:1;s:19:"tools_maint_recount";i:1;s:17:"tools_maint_clean";i:1;s:16:"tools_maint_optm";i:1;s:20:"tools_maint_syscheck";i:1;s:12:"tools_backup";i:1;}');
                        }
                        else
                        {
                            
    $this->member['acp'] = unserialize$this->member['g_acp_perm'] );
                        }

                        
    $authorized 1;
                    }
                }
            }

            
    #=============================
            # If We Are Not Authorized
            #=============================

            
    if ( ! $authorized )
            {
                
    $this->member['id']    = 0;

                
    $this->ifthd->delete_cookie'hdasid' );

                
    $this->ifthd->skin->error'must_login');
            }

            return 
    $this->member;
        }

        
    #=======================================
        # @ Do Login
        # Attempt to login.
        #=======================================

        
    function do_login()
        {
            
    #=============================
            # Security Checks
            #=============================

            
    if ( ! isset( $this->ifthd->input['username'] ) || ! isset( $this->ifthd->input['password'] ) )
            {
                
    $this->ifthd->skin->error'fill_form_completely');
            }

            
    #=============================
            # Select Member
            #=============================

            
    $this->ifthd->core->db->construct( array(
                                                       
    'select'    => array( 'm' => array( 'id''name''email''password''pass_salt''login_key''mgroup''title''joined''ipadd''time_zone''dst_active''lang''skin''use_rte''cpfields''rss_key''signature''auto_sig''assigned' ),
                                                                             
    'g' => 'all',
                                                                            ),
                                                       
    'from'        => array( 'm' => 'members' ),
                                                       
    'join'        => array( array( 'from' => array( 'g' => 'groups' ), 'where' => array( 'g' => 'g_id''=''m' => 'mgroup' ) ) ),
                                                        
    'where'    => array( array( 'm' => 'name|lower' ), '='strtolower$this->ifthd->input['username'] ) ),
                                                        
    'limit'    => array( 0),
                                                 )     );

            
    $this->ifthd->core->db->execute();

            if ( ! 
    $this->ifthd->core->db->get_num_rows() )
            {
                
    $this->ifthd->log'admin'"ACP Failed Login Attempt '"$this->ifthd->input['username'] ."'");
                
    $this->ifthd->log'security'"ACP Failed Login Attempt '"$this->ifthd->input['username'] ."'");

                
    $this->ifthd->skin->error'login_no_user');
            }

            
    $mem $this->ifthd->core->db->fetch_row();

            
    #=============================
            # Compare Password
            #=============================

            
    if ( sha1md5$this->ifthd->input['password'] . $mem['pass_salt'] ) ) == $mem['password'] )
            {
                
    // Permission
                
    if ( ! $mem['g_acp_access'] )
                {
                    
    $this->ifthd->log'admin'"ACP Login Blocked Access '"$mem['name'] ."'"2$mem['id'] );
                    
    $this->ifthd->log'security'"ACP Login Blocked Access '"$mem['name'] ."'"2$mem['id'] );

                    
    $this->ifthd->skin->error'login_no_admin');
                }

                
    #=============================
                # Create Session
                #=============================

                
    $new_session md5's' time() . $mem['id'] . uniqidrand(), true ) );

                
    $db_array = array(
                                  
    's_id'            => $new_session,
                                  
    's_mid'            => $mem['id'],
                                  
    's_mname'            => $mem['name'],
                                  
    's_ipadd'            => $this->ifthd->input['ip_address'],
                                  
    's_location'        => $this->ifthd->input['act'],
                                  
    's_time'            => time(),
                                  );
                
                if ( 
    $this->ifthd->input['section'] == 'manage' && $this->ifthd->input['act'] == 'tickets' && $this->ifthd->input['code'] == 'view' )
                {
                    
    $db_array['s_inticket'] = $this->ifthd->input['id'];
                }
                else
                {
                    
    $db_array['s_inticket'] = 0;
                }

                
    $this->ifthd->core->db->construct( array(
                                                           
    'insert'    => 'asessions',
                                                           
    'set'        => $db_array,
                                                     )     );

                
    $this->ifthd->core->db->execute();

                
    $this->ifthd->set_cookie'hdasid'$new_sessiontime() + ( $this->ifthd->core->cache['config']['acp_session_timeout'] * 60 60 ) );

                
    $this->ifthd->log'admin'"ACP Successful Login '"$mem['name'] ."'"1$mem['id'] );
                
                
    // Play It Safe
                
    $mem['password'] = $mem['pass_salt'] = $mem['login_key'] = "";
                
                
    $mem array_merge$mem$db_array );
                
                
    $this->member $mem;
                
                
    #=============================
                # ACP Permissions
                #=============================

                
    if ( $this->member['id'] == )
                {
                    
    $this->member['acp'] = unserialize('a:76:{s:5:"admin";i:1;s:10:"admin_logs";i:1;s:16:"admin_logs_admin";i:1;s:17:"admin_logs_member";i:1;s:16:"admin_logs_email";i:1;s:16:"admin_logs_error";i:1;s:19:"admin_logs_security";i:1;s:17:"admin_logs_ticket";i:1;s:16:"admin_logs_prune";i:1;s:6:"manage";i:1;s:13:"manage_ticket";i:1;s:19:"manage_ticket_reply";i:1;s:25:"manage_ticket_assign_self";i:1;s:24:"manage_ticket_assign_any";i:1;s:18:"manage_ticket_hold";i:1;s:22:"manage_ticket_escalate";i:1;s:18:"manage_ticket_move";i:1;s:19:"manage_ticket_close";i:1;s:20:"manage_ticket_delete";i:1;s:20:"manage_ticket_reopen";i:1;s:13:"manage_canned";i:1;s:17:"manage_canned_add";i:1;s:18:"manage_canned_edit";i:1;s:20:"manage_canned_delete";i:1;s:13:"manage_depart";i:1;s:17:"manage_depart_add";i:1;s:18:"manage_depart_edit";i:1;s:20:"manage_depart_delete";i:1;s:21:"manage_depart_reorder";i:1;s:21:"manage_depart_cfields";i:1;s:15:"manage_announce";i:1;s:19:"manage_announce_add";i:1;s:20:"manage_announce_edit";i:1;s:22:"manage_announce_delete";i:1;s:13:"manage_member";i:1;s:17:"manage_member_add";i:1;s:18:"manage_member_edit";i:1;s:20:"manage_member_delete";i:1;s:21:"manage_member_approve";i:1;s:21:"manage_member_cfields";i:1;s:12:"manage_group";i:1;s:16:"manage_group_add";i:1;s:17:"manage_group_edit";i:1;s:19:"manage_group_delete";i:1;s:14:"manage_article";i:1;s:18:"manage_article_add";i:1;s:19:"manage_article_edit";i:1;s:21:"manage_article_delete";i:1;s:10:"manage_cat";i:1;s:14:"manage_cat_add";i:1;s:15:"manage_cat_edit";i:1;s:17:"manage_cat_delete";i:1;s:12:"manage_pages";i:1;s:16:"manage_pages_add";i:1;s:17:"manage_pages_edit";i:1;s:19:"manage_pages_delete";i:1;s:15:"manage_settings";i:1;s:22:"manage_settings_update";i:1;s:4:"look";i:1;s:9:"look_skin";i:1;s:16:"look_skin_manage";i:1;s:15:"look_skin_tools";i:1;s:16:"look_skin_import";i:1;s:16:"look_skin_export";i:1;s:9:"look_lang";i:1;s:16:"look_lang_manage";i:1;s:15:"look_lang_tools";i:1;s:16:"look_lang_import";i:1;s:16:"look_lang_export";i:1;s:5:"tools";i:1;s:11:"tools_maint";i:1;s:19:"tools_maint_recount";i:1;s:17:"tools_maint_clean";i:1;s:16:"tools_maint_optm";i:1;s:20:"tools_maint_syscheck";i:1;s:12:"tools_backup";i:1;}');
                }
                else
                {
                    
    $this->member['acp'] = unserialize$this->member['g_acp_perm'] );
                }

                
    #=============================
                # Redirect
                #=============================

                /*if ( $this->ifthd->input['extra_l'] )
                {
                    $this->ifthd->skin->redirect( '?'. str_replace( "&amp;", "&", $this->ifthd->input['extra_l'] ), 'login_success' );
                }
                else
                {
                    $this->ifthd->skin->redirect( '?act=admin', 'login_success' );
                }*/

                
    return $this->member;
            }
            else
            {
                
    $this->ifthd->log'admin'"ACP Failed Login Attempt '"$mem['name'] ."'"2$mem['id'] );
                
    $this->ifthd->log'security'"ACP Failed Login Attempt '"$mem['name'] ."'"2$mem['id'] );

                
    $this->ifthd->skin->error'login_no_pass');
            }
        }

        
    #=======================================
        # @ Do Logout
        # Attempt to logout.
        #=======================================

        
    function do_logout()
        {
            
    #=============================
            # Delete Cookie
            #=============================

            
    $this->ifthd->delete_cookie('hdasid');

            
    #=============================
            # Update Ticket
            #=============================

            
    if ( $this->member['s_inticket'] )
            {
                
    $this->ifthd->core->db->construct( array(
                                                           
    'update'    => 'tickets',
                                                           
    'set'        => array( 'status' => ),
                                                             
    'where'    => array( array( 'id''='$this->member['s_inticket'] ), array( 'status''='2'and' ) ),
                                                     )     );
        
                
    $this->ifthd->core->db->next_shutdown();
                
    $this->ifthd->core->db->execute();
            }

            
    #=============================
            # Delete Session
            #=============================

            
    $this->ifthd->core->db->construct( array(
                                                       
    'delete'    => 'asessions',
                                                        
    'where'    => array( 's_id''='$this->member['s_id'] ),
                                                        
    'limit'    => array( ),
                                                 )     );

            
    $this->ifthd->core->db->execute();

            
    #=============================
            # Redirect
            #=============================

            
    $this->ifthd->skin->redirect'?act=home''logout_success' );
        }

        
    #=======================================
        # @ Kill Old Sessions
        # Kills sessions older than the session
        # timeout (defined in ACP).
        #=======================================

        
    function kill_old_sessions()
        {
            
    #=============================
            # Grab Sessions
            #=============================

            
    $timeout time() - ( $this->ifthd->core->cache['config']['acp_session_timeout'] * 60 60 );

            
    $this->ifthd->core->db->construct( array(
                                                       
    'select'    => array( 's_id''s_inticket' ),
                                                       
    'from'        => 'asessions',
                                                        
    'where'    => array( 's_time' ,'<='$timeout ),
                                                 )     );

            
    $this->ifthd->core->db->execute();

            if ( 
    $num_killed $this->ifthd->core->db->get_num_rows() )
            {
                
    $sessions = array(); // Initialize For Security
                
    $tickets = array(); // Initialize For Security

                
    while ( $s $this->ifthd->core->db->fetch_row() )
                {
                    
    $sessions[] = $s['s_id'];
                    
    $tickets[] = $s['s_inticket'];
                }

                
    #=============================
                # Update Tickets
                #=============================

                
    $this->ifthd->core->db->construct( array(
                                                           
    'update'    => 'tickets',
                                                           
    'set'        => array( 'status' => ),
                                                             
    'where'    => array( array( 'id''in'$tickets ), array( 'status''='2'and' ) ),
                                                     )     );

                
    $this->ifthd->core->db->next_shutdown();
                
    $this->ifthd->core->db->execute();

                
    #=============================
                # Delete Sessions
                #=============================

                
    $this->ifthd->core->db->construct( array(
                                                           
    'delete'    => 'asessions',
                                                            
    'where'    => array( 's_id' ,'in'$sessions ),
                                                     )     );

                
    $this->ifthd->core->db->next_shutdown();
                
    $this->ifthd->core->db->execute();
            }

            return 
    $num_killed;
        }

        
    #=======================================
        # @ Kill Old Tokens
        # Kills tokens older than 1 hour.
        #=======================================

        
    function kill_old_tokens()
        {
            if ( 
    $this->ifthd->core->cache['config']['use_form_tokens'] )
            {
                
    $timeout time() - ( 60 60 );

                
    $this->ifthd->core->db->construct( array(
                                                           
    'delete'    => 'tokens',
                                                            
    'where'    => array( 'date''<='$timeout ),
                                                     )     );

                
    $this->ifthd->core->db->next_shutdown();
                
    $this->ifthd->core->db->execute();

                
    $num_killed $this->ifthd->core->db->get_num_rows();

                return 
    $num_killed;
            }
        }
    }

    ?>

  4. #4
    Master of Cheese jetdiscos's Avatar
    Join Date
    Jun 2006
    Location
    Cambridge, UK
    Posts
    65
    Right what i am after is a sample LDAP Script to bind to a LDAP Server with a password. Check that the details are correct. After that it will get the user data using the username, if the user doesn't exist it would need to create it.
    If this something you work on Jason what would it cost me to get you to code it for me!
    Thanks

    Jamie

  5. #5
    Community Leader jason's Avatar
    Join Date
    Sep 2001
    Location
    Rochester, NY
    Posts
    5,884
    I got your PM the other day, but I've been too busy to find the code I have that does essentially what you want. I know exactly where it is on a machine that I can't get to boot right now. Its been quite a while since I used it in production, so I'll have to hunt around a bit to find it somewhere else. I'll see what I can find at work tomorrow.

    --Jason
    Jason Pitoniak
    Interbrite Communications
    www.interbrite.com www.kodiakskorner.com

  6. #6
    Loyal Client
    Join Date
    Feb 2008
    Location
    Spotsy, Va.
    Posts
    50
    Just an Idea...

    You take a look at some of the LDAP code in impresscms and xoops... Their is also the xhelp module which would run native with the cms and LDAP.
    Regards
    William

    ImpressCms.org

  7. #7
    Community Leader jason's Avatar
    Join Date
    Sep 2001
    Location
    Rochester, NY
    Posts
    5,884
    Was the stuff I PMed you a while back helpful?

    --Jason
    Jason Pitoniak
    Interbrite Communications
    www.interbrite.com www.kodiakskorner.com

  8. #8
    Master of Cheese jetdiscos's Avatar
    Join Date
    Jun 2006
    Location
    Cambridge, UK
    Posts
    65
    Yes it was, but i'm still trying to work out how to fit it! I will work out how it needs to work then post and you may be able to help me understand

  9. #9
    Loyal Client Pawel Kowalski's Avatar
    Join Date
    Sep 2001
    Location
    Albuquerque NM
    Posts
    1,446
    If its not too much trouble would it be possible for you to post the code example here Jason? I would love to be able to use active directory for authentication in one of my php scripts, until I saw this thread I didn't think it would be possible.

    On edit. I did some more research on it:

    http://us3.php.net/ldap

    http://www.developer.com/lang/php/ar...0941_3100951_2

    I'm sorry to hijack this thread but this is pretty interesting. Has anyone actually had success getting this to work with active directory? This might be a dumb question since I don't even know if you could join a linux box to a domain but would your PHP server have to be a member of the NT domain active directory is in for this to work? Or can outside computers actually query the domain controller given the right permissions?
    Last edited by Pawel Kowalski; 04-01-2008 at 10:24 AM.

  10. #10
    Community Leader jason's Avatar
    Join Date
    Sep 2001
    Location
    Rochester, NY
    Posts
    5,884
    Yeah. I'll have to dig it out again, but I can post it. Give me a little time, though.

    My code was written for OpenLDAP and not AD. AD uses a slightly different connection string, but I think that other than that the code should work fine in either environment.

    --Jason
    Jason Pitoniak
    Interbrite Communications
    www.interbrite.com www.kodiakskorner.com

  11. #11
    Community Leader jason's Avatar
    Join Date
    Sep 2001
    Location
    Rochester, NY
    Posts
    5,884
    Ha ha...I just realized that the code I sent to jetdiscos is still in my outbox....

    Code:
    <?php
        function ldapAuth($username, $password) {
            //set the following:
            
            //your ldap server's hostname
            $ldap_host = 'ldap.yourdomain.yourtld';
            //your ldap server's distinguished name base
            $base_dn = 'ou=People,dc=yourdomain,dc=yourtld'
            
            //that should be all your need to edit unless your server uses something other than 'uid'
            //as the user identifier
            
            //append the username to the base DN to get the connection string
            $full_dn = 'uid=' . $username . ',' . $base_dn;
            //connect to the server
            $ldap_id = @ldap_connect("ldap.rit.edu");
            //bind to the server (ie authenticate the user)
            $ldap_bind_id = @ldap_bind($ldap_id, $full_dn, $password);
            //do a search (since it is possible to search for anyone we need to repeat the username--seems redundant, but not)
            $ldap_result = @ldap_search($ldap_id, $full_dn, 'uid=' . $username);
            //get the entries (returns an multi-dimension array of all fields for all results)
            //there should only be one result with the query we did, though
            $ldap_entry = @ldap_get_entries($ldap_id, $ldap_sr);
            //close the connection
            @ldap_unbind($ldap_bind_id);
    
            if($ldap_bind_id && $password != "") {
                //this check is very important since some ldap servers allow anonymous binds
                //a bind may succeed without a password, but it won't succeed with an incorrect password
                
                //return all of the data retrieved
                return $ldap_entry;
            }
            
            return false;
        }
        
        
        //usage example
        if($auth = ldapAuth($_POST['username'], $_POST['password'])) {
            //if the authentication worked this will execute and $auth will contain the serach result
            echo('<pre>');
            print_r($auth);
            echo('</pre>');
        }
        else {
            //ldapAuth() returned false meaning authentication failed
            echo('Authentication error');
        }
    ?>
    You'll need to modify a few things in the function:
    1) set $ldap_host to the name of your server
    2) set $base_dn to the base distinguished name for your server. As I said, the example is formatted for OpenLDAP. I believe the form ActiveDirectory expects for a DN is "user@domain.sld.tld" or some such, so I would probably use "@domain.sld.tld" here.
    3) for AD you'll also need to change the format of $full_dn and I believe AD uses CN and not UID as the field for usernames, so you'll probably also need to change the parameters to LDAP search.

    When you call the function it will return either an array containing all of the records returned by the serach or false if authentication failed.

    One tools I have found especially useful when working with LDAP data has been the free Softerra LDAP Browser. It lets you connect and search through LDAP information using a handy tree-based interface so you can see exactly how data is stored.

    Enjoy!

    --Jason
    Jason Pitoniak
    Interbrite Communications
    www.interbrite.com www.kodiakskorner.com

  12. #12
    Loyal Client Pawel Kowalski's Avatar
    Join Date
    Sep 2001
    Location
    Albuquerque NM
    Posts
    1,446
    Jason, if you are ever in Albuquerque I'll have to buy you a beer. Thanks for this, I'm going to play around with it and see what happens. I just downloaded LDAP browser and it seems to be communicating with active directory without any issues.

  13. #13
    Community Leader jason's Avatar
    Join Date
    Sep 2001
    Location
    Rochester, NY
    Posts
    5,884
    I'd love to take you up on th at offer some day. I went backpacking in northern New Mexico in high school and absolutely loved it. I'd love to go back.

    --Jason
    Jason Pitoniak
    Interbrite Communications
    www.interbrite.com www.kodiakskorner.com

  14. #14
    Loyal Client Pawel Kowalski's Avatar
    Join Date
    Sep 2001
    Location
    Albuquerque NM
    Posts
    1,446
    I love the mountains and mesas around here. Even in albuquerque, a desert city of almost a million people, you have some of the most beautiful mountain trails around. Not to mention the fact that the air is so clear here you can see for hundreds of miles out.


  15. #15
    Community Leader jason's Avatar
    Join Date
    Sep 2001
    Location
    Rochester, NY
    Posts
    5,884
    That's pretty much how I felt when I was there, too. I experienced what are, to this day, some of the best memories of my life while I was out there--like my first night out on the trail when I was walking through the woods and nearly stepped on a single, small cactus just growing among all of the trees or when we got into camp one afternoon, set up our tents, and found a small plateau from which we watched the lightning from the impending thunderstorm while it was way off on the horizon.

    Although the temperatures were 90+ degrees every day we were out there it felt much nicer than even 80 degree temps do here because of the lack of humidity and it rained (or hailed) every afternoon for just long enough to cool things off. We planned it well, too--just about every day we were in camp and set up before the rain came, so when it did we'd nap for about an hour or so and then get up to start dinner.

    OK...now you've gotten me off topic and dreaming about how much I want to see the southwest again. (As much as I like it there, though, I doubt I could ever bring myself to give up the harsh northeast winters that I've lived with my whole life--as crazy as that sounds!)

    --Jason
    Jason Pitoniak
    Interbrite Communications
    www.interbrite.com www.kodiakskorner.com

Page 1 of 2 1 2 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •