* @version 1.0 */ /** * Path */ define('EVOADMIN_BASE','./'); /** * Requires */ require_once EVOADMIN_BASE . 'lib/common.php'; /* * Functions */ /** * Display message for bad authentification * * @param NULL * @return NULL */ function badauth() { global $conf; display("

Échec de l\'authentification, utilisateur ou mot de passe incorrect.
Si vous avez oublié votre mot de passe, contactez " .$conf['admin']['mail']. "

"); } // we start PHP output buffering to use HTTP header later ob_start(); /** * Requires and includes */ include EVOADMIN_BASE . 'haut.php'; /** * PHP cookies session * (cookies must be actived on browser) * * 3 steps: * - We use current session (or create new): session_start() * - We destroy current session: session_unset() et session_destroy() * - We create a new (and then empty) session: session_start() */ session_name('EVOADMIN_SESS'); session_start(); if (isset($_SESSION['login'])) { display(""); } session_unset('EVOADMIN_SESS'); session_destroy(); session_name('EVOADMIN_SESS'); session_start(); /** * Case with $_POST data * We try to verify login/password * and we forward to superadmin.php */ if (isset($_POST['login'])) { // connexion pour rechercher uid $ldapconn = Ldap::lda_connect(LDAP_ADMIN_DN,LDAP_ADMIN_PASS); if ($ldapconn) { $login = Html::clean($_POST['login']); $filter="(&(uid=" .$login. ")(isAdmin=TRUE))"; $sr=ldap_search($ldapconn, LDAP_BASE, $filter); $info = ldap_get_entries($ldapconn, $sr); if ($info['count']) { $bind = @ldap_bind($ldapconn,$info[0]['dn'],$_POST['password']); if ($bind) { $_SESSION['login'] = $login; $_SESSION['dn'] = $info[0]['dn']; EvoLog::log("Login success for " . $login); header("location: superadmin.php\n\n"); exit(0); } else { badauth(); EvoLog::log("Password failed : " . $login); Formulaire(); } } else { badauth(); EvoLog::log("Login failed : " . $login); Formulaire(); } } /** * Case with no $_POST data * we display Formular */ } else { ?>