Use exception for user login
This commit is contained in:
parent
0b7b63dd35
commit
e99c3f2b78
|
@ -16,17 +16,14 @@ if (isset($_SESSION['login'])) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!empty($_POST['login'])) {
|
if (!empty($_POST['login'])) {
|
||||||
if ($server = new LdapServer(Html::clean($_POST['login']), LDAP_BASE, LDAP_ADMIN_DN, LDAP_ADMIN_PASS, LDAP_URI)) {
|
try {
|
||||||
if ($server->login(Html::clean($_POST['password']))) {
|
$server = new LdapServer(Html::clean($_POST['login']), LDAP_BASE, LDAP_ADMIN_DN, LDAP_ADMIN_PASS, LDAP_URI);
|
||||||
|
$server->login(Html::clean($_POST['password']));
|
||||||
$_SESSION['login'] = $server->getLogin();
|
$_SESSION['login'] = $server->getLogin();
|
||||||
$_SESSION['dn'] = $server->getDn();
|
|
||||||
header("location: superadmin.php\n\n");
|
header("location: superadmin.php\n\n");
|
||||||
exit(0);
|
exit(0);
|
||||||
} else {
|
} catch (Exception $e) {
|
||||||
print "<div class='alert alert-danger' role='alert'>Échec de l\'authentification, utilisateur ou mot de passe incorrect.<br />Si vous avez oublié votre mot de passe, contactez <a href='mailto:" .$conf['admin']['mail']. "'>" .$conf['admin']['mail']. "</a></div>";
|
print '<div class="alert alert-danger" role="alert">'.$e->getMessage().'</div>';
|
||||||
}
|
|
||||||
} else {
|
|
||||||
print "<div class=\"alert alert-danger\" role=\"alert\">Erreur de connexion LDAP !</div>";
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -54,21 +54,8 @@ class LdapServer {
|
||||||
public function login($password) {
|
public function login($password) {
|
||||||
$sr=ldap_search($this->conn, self::getBaseDN($this), "(&(uid=".$this->login.")(isAdmin=TRUE))");
|
$sr=ldap_search($this->conn, self::getBaseDN($this), "(&(uid=".$this->login.")(isAdmin=TRUE))");
|
||||||
$info = ldap_get_entries($this->conn, $sr);
|
$info = ldap_get_entries($this->conn, $sr);
|
||||||
if ($info['count']) {
|
if (!$info['count'] || !@ldap_bind($this->conn, $info[0]['dn'], $password)) {
|
||||||
if (@ldap_bind($this->conn, $info[0]['dn'], $password)) {
|
throw new Exception("Échec de l'authentification, utilisateur ou mot de passe incorrect.");
|
||||||
unset($password);
|
|
||||||
$this->base = $info[0]['dn'];
|
|
||||||
# EvoLog::log("Login success for " . $this->login);
|
|
||||||
return true;
|
|
||||||
} else {
|
|
||||||
$this->__destruct();
|
|
||||||
# EvoLog::log("Password failed : " . $this->login);
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
$this->__destruct();
|
|
||||||
# EvoLog::log("Login failed : " . $this->login);
|
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue