pastebin - collaborative debugging

pastebin is a collaborative debugging tool allowing you to share and modify code snippets while chatting on IRC, IM or a message board.

This site is developed to XHTML and CSS2 W3C standards. If you see this paragraph, your browser does not support those standards and you need to upgrade. Visit WaSP for a variety of options.

PHP ZTDev Pastebin View Help

Posted by lindsaym on Wed 2nd Dec 11:33 (modification of post by lindsaym view diff)
View followups from lindsaym | diff | download | new post

  1. function login_user( $username, $passphrase, $from_cookie = false ) {
  2.     // perform a login check for username and passphrase
  3.     // returns the user's user_id
  4.     $username = $this->checkAlphaNum($username);
  5.     $pass = $from_cookie? $this->checkSlashes($passphrase) : $this->checkSlashes($this->encval($passphrase));
  6.  
  7. #XXX: START LDAP EDIT ML.11/23/2009
  8.     //CHECK THE PROTECTED USER ARRAY AGAINST THE SUBMITTED USER FORM
  9.     //If the user is in the protected array the ALL LDAP/AD functions will be skipped
  10.     //  and normal ZT DB authenication will be done
  11.     foreach ($this->ldap_to_ZT_protected_users as $value){
  12.         if($value == $username){
  13.             $userSkip = TRUE;
  14.             break;
  15.         }else{
  16.             $userSkip = FALSE;
  17.         }
  18.     }
  19.  
  20.  
  21.     //CHECK TO SEE IF LDAP AUTH IS SET AND THE USERSKIP VAR IS FALSE
  22.         if ($this->LDAP_login && !$userSkip){
  23.                 ldapConnect($this->ldap_server, $this->ldap_port, $this->ldap_tls_enable);
  24.                 #THIS IS WHERE THE LDAP AUTH AND REPLICATION HAPPENS
  25.                 //Create the user's RDN to bind to
  26.                 if($this->ADcompat){
  27.                         //$userDN = $username . "@" . $this->ldap_AD_domain;
  28.                         $userDN = $this->ldap_user_dn_prefix . "=" . $username . "@" . $this->ldap_AD_domain . "," . $this->ldap_user_dn;
  29.                 }else{
  30.                         $userDN = $this->ldap_user_dn_prefix . "=" . $username . "," . $this->ldap_user_dn;
  31.                 }
  32. /***********  COMMENT OUT TIL END BLOCK FOR GROUP BYPASS ***********************/
  33.                 $validUser = ldap_auth_user($userDN, $passphrase, $this->ldap_failover_support); //auth the user agianst LDAP return 0 on fail
  34.                 if($validUser == 1){
  35.                         //Verify group membership or return 0
  36.                         if(ldap_verify_group($userDN, $this->ldap_base_dn, $this->ldap_requiredGroup_dn, $this->ldap_groupMemberSearch)){
  37.                                 //sync the ldap group membership and usertable. return the ldap response array
  38.                                 ldap_usertable_sync($this, $userDN, $passphrase) or die("Cannot sync user");
  39.                         }else{
  40.                                 ldapClose();
  41.                                 return 0; //not a group member denied and not replicated
  42.                         }
  43.                 }elseif($validUser == 999){ //if 999 is returned then we have hit a failover mark
  44.                         //AUTH AGAINST ZT DB
  45.                         $query = "select user_id from ".$this->table_users
  46.                                                 ." where login = '$username' and passphrase = $pass and active > 0";
  47.                         $user_id = $this->db_get($query);
  48.                         $this->addDebug("zentrack.class.php:login_user($user_id)",$query,2);
  49.                         if( $user_id ) { $this->getUser($user_id); };
  50.                         return($user_id);
  51.                 }else{
  52.                         //insert the access denied message here
  53.                         ldapClose();
  54.                         return 0;
  55.                 }
  56.                 //TIME FOR HOUSE CLEANING, DELETE OR MARK USERS INACTIVE IN ZT DB IF NOT IN LDAP GROUP
  57.                 ldap_usertable_cleanup($this) or die("Cannot preform house keeping");
  58.  
  59.                 //RELEASE THE LDAP CONNECTION, ALL DONE
  60.                 ldapClose();
  61. //END BLOCK */
  62. /***********  UN COMMENT FOR GROUP BYPASS **********************
  63.                 if(!ldap_auth_user($userDN, $passphrase, $this->ldap_failover_support)){ //auth the user agianst LDAP return 0 on fail
  64.                         //insert the access denied message here
  65.                         ldapClose();
  66.                         return 0;
  67.                 }
  68.                 //RELEASE THE LDAP CONNECTION, ALL DONE
  69.                 ldapClose();
  70. /*************************************************************/
  71.         }
  72. #XXX: END LDAP EDIT ML.11/23/2009
  73.  
  74.         $query = "select user_id from ".$this->table_users
  75.       ." where login = '$username' and passphrase = $pass and active > 0";
  76.     $user_id = $this->db_get($query);
  77.     $this->addDebug("zentrack.class.php:login_user($user_id)",$query,2);
  78.  
  79.     if( $user_id ) { $this->getUser($user_id); };
  80.     return($user_id);
  81.   }

Submit a correction or amendment below (click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.

Syntax highlighting:

To highlight particular lines, prefix each line with @@


Remember me