Babatunde

October 1, 2016

Hi barand,

i just want to use for authentication and not user management.

I would be glad if you can help tidy .

Thank you

October 1, 2016

Hello there,

I have this as login in function for an application.

function login($username, $password)

{

$db =& $this->db;

Kit::ClassLoader('userdata');

if (Config::Version('DBVersion') < 62) {

// We can't do CSPRNG because the field doesn't exist, so we need to do standard user login

// This can ONLY happen during an upgrade.

$dbh = PDOConnect::init();

$sth = $dbh->prepare('SELECT UserID, UserName, UserPassword, UserTypeID FROM `user` WHERE UserName = :userName');

$sth->execute(array('userName' => $username));

$rows = $sth->fetchAll();

if (count($rows) != 1) {

setMessage(__('Username or Password incorrect'));

return false;

}

$userInfo = $rows[0];

// Check the password using a MD5

if ($userInfo['UserPassword'] != md5($password)) {

setMessage(__('Username or Password incorrect'));

return false;

}

else {

// Get the SALT for this username

if (!$userInfo = $db->GetSingleRow(sprintf("SELECT UserID, UserName, UserPassword, UserTypeID, CSPRNG FROM `user` WHERE UserName = '%s'", $db->escape_string($username)))) {

setMessage(__('Username or Password incorrect'));

return false;

}

// User Data Object to check the password

$userData = new Userdata($db);

// Is SALT empty

if ($userInfo['CSPRNG'] == 0) {

// Check the password using a MD5

if ($userInfo['UserPassword'] != md5($password)) {

setMessage(__('Username or Password incorrect'));

return false;

}

// Now that we are validated, generate a new SALT and set the users password.

$userData->ChangePassword(Kit::ValidateParam($userInfo['UserID'], _INT), null, $password, $password, true /* Force Change */);

} else {

// Check the users password using the random SALTED password

if ($userData->validate_password($password, $userInfo['UserPassword']) === false) {

setMessage(__('Username or Password incorrect'));

return false;

}

// there is a result so we store the userID in the session variable

$_SESSION['userid'] = Kit::ValidateParam($userInfo['UserID'], _INT);

$_SESSION['username'] = Kit::ValidateParam($userInfo['UserName'], _USERNAME);

$_SESSION['usertype'] = Kit::ValidateParam($userInfo['UserTypeID'], _INT);

// Set the User Object

$this->usertypeid = $_SESSION['usertype'];

$this->userid = $_SESSION['userid'];

// update the db

// write out to the db that the logged in user has accessed the page

$SQL = sprintf("UPDATE user SET lastaccessed = '" . date("Y-m-d H:i:s") . "', loggedin = 1 WHERE userid = %d", $_SESSION['userid']);

$db->query($SQL) or trigger_error(__('Can not write last accessed info.'), E_USER_ERROR);

// Switch Session ID's

global $session;

$session->setIsExpired(0);

$session->RegenerateSessionID(session_id());

return true;

}

i am trying to squeeze in an alternative authentication for users on ldap as such if local authentication fails

// alternativelly validate against Tivoli Directory server

$ldap_host = "www.zflexldap.com:389";

$password = "password";

// Tivoli Directory DN

$ldap_dn = "ou=users,ou=guests,dc=zflexsoftware,dc=com";

// connect to active directory

$ldap = ldap_connect($ldap_host)

or die("Couldn't connect to LDAP Server");

//username specified on post form is from TDS server

// $dn = "uid=".$username.",";

$dn = "uid=guest1,ou=users,ou=guests,dc=zflexsoftware,dc=com";

ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);

// verify user and password

if($bind = @ldap_bind($ldap, $dn, $password))

all attempts thou has been breaking the application.

thanks

Sign In

Babatunde

Posts

Joined

Last visited

Content Type

Profiles

Forums

Posts posted by Babatunde

add LDAP alternative to login function

add LDAP alternative to login function

Browse

Activity

Important Information