Babatunde
-
Posts
2 -
Joined
-
Last visited
Posts posted by Babatunde
-
-
Hello there,
I have this as login in function for an application.
function login($username, $password){$db =& $this->db;Kit::ClassLoader('userdata');if (Config::Version('DBVersion') < 62) {// We can't do CSPRNG because the field doesn't exist, so we need to do standard user login// This can ONLY happen during an upgrade.$dbh = PDOConnect::init();$sth = $dbh->prepare('SELECT UserID, UserName, UserPassword, UserTypeID FROM `user` WHERE UserName = :userName');$sth->execute(array('userName' => $username));$rows = $sth->fetchAll();if (count($rows) != 1) {setMessage(__('Username or Password incorrect'));return false;}$userInfo = $rows[0];// Check the password using a MD5if ($userInfo['UserPassword'] != md5($password)) {setMessage(__('Username or Password incorrect'));return false;}}else {// Get the SALT for this usernameif (!$userInfo = $db->GetSingleRow(sprintf("SELECT UserID, UserName, UserPassword, UserTypeID, CSPRNG FROM `user` WHERE UserName = '%s'", $db->escape_string($username)))) {setMessage(__('Username or Password incorrect'));return false;}// User Data Object to check the password$userData = new Userdata($db);// Is SALT emptyif ($userInfo['CSPRNG'] == 0) {// Check the password using a MD5if ($userInfo['UserPassword'] != md5($password)) {setMessage(__('Username or Password incorrect'));return false;}// Now that we are validated, generate a new SALT and set the users password.$userData->ChangePassword(Kit::ValidateParam($userInfo['UserID'], _INT), null, $password, $password, true /* Force Change */);} else {// Check the users password using the random SALTED passwordif ($userData->validate_password($password, $userInfo['UserPassword']) === false) {setMessage(__('Username or Password incorrect'));return false;}}}// there is a result so we store the userID in the session variable$_SESSION['userid'] = Kit::ValidateParam($userInfo['UserID'], _INT);$_SESSION['username'] = Kit::ValidateParam($userInfo['UserName'], _USERNAME);$_SESSION['usertype'] = Kit::ValidateParam($userInfo['UserTypeID'], _INT);// Set the User Object$this->usertypeid = $_SESSION['usertype'];$this->userid = $_SESSION['userid'];// update the db// write out to the db that the logged in user has accessed the page$SQL = sprintf("UPDATE user SET lastaccessed = '" . date("Y-m-d H:i:s") . "', loggedin = 1 WHERE userid = %d", $_SESSION['userid']);$db->query($SQL) or trigger_error(__('Can not write last accessed info.'), E_USER_ERROR);// Switch Session ID'sglobal $session;$session->setIsExpired(0);$session->RegenerateSessionID(session_id());return true;}i am trying to squeeze in an alternative authentication for users on ldap as such if local authentication fails// alternativelly validate against Tivoli Directory server$ldap_host = "www.zflexldap.com:389";$password = "password";// Tivoli Directory DN$ldap_dn = "ou=users,ou=guests,dc=zflexsoftware,dc=com";// connect to active directory$ldap = ldap_connect($ldap_host)or die("Couldn't connect to LDAP Server");//username specified on post form is from TDS server// $dn = "uid=".$username.",";$dn = "uid=guest1,ou=users,ou=guests,dc=zflexsoftware,dc=com";ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);// verify user and passwordif($bind = @ldap_bind($ldap, $dn, $password))all attempts thou has been breaking the application.thanks
add LDAP alternative to login function
in PHP Coding Help
Posted
Hi barand,
i just want to use for authentication and not user management.
I would be glad if you can help tidy .
Thank you