This repository has been archived by the owner on Feb 15, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathcheckin.php
98 lines (93 loc) · 2.8 KB
/
checkin.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
<?php
/**
* Check in file - determines where a login request should be
* redirected
*
* @package utilities
* @subpackage authentication
* @copyright University of Melbourne, 2005
* @author Damian Sweeney <dsweeney@unimelb.edu.au>
*/
session_name("stationery");
session_start();
require_once(dirname(__FILE__) . "/lib/find_path.inc.php");
// have we been redirected?
$redirect = "/" . LIBPATH;
if (isset($_SESSION["nologin_from"]))
{
$redirect = $_SESSION["nologin_from"];
}
else if (isset($_SESSION["login_from"]))
{
$redirect = $_SESSION["login_from"];
}
/* clear all previous session variables (in case a previous user hasn't
* logged out of their session)
*/
$_SESSION = array();
/**
* Check the login details provided
*/
//require_once(dirname(__FILE__) . "/lib/find_path.inc.php");
require_once($_SERVER["DOCUMENT_ROOT"] . LIBPATH . "/lib/controllers/auth/ldap_login.class.php");
require_once($_SERVER["DOCUMENT_ROOT"] . LIBPATH . "/lib/controllers/request.class.php");
require_once($_SERVER["DOCUMENT_ROOT"] . LIBPATH . "/includes/login_session_updater.class.php");
$login = new LDAPLogin();
$login->setFields(array("uid", "displayname", "auedupersontype", "givenname", "sn", "mail", "departmentnumber", "auedupersonsubtype", "auedupersonid"));
$request = new Request();
$user = $request->getProperty("userName");
$pass = $request->getProperty("pw");
$login->attach(new LoginSessionUpdater());
if ($user and $pass)
{
if ($user == "godzilla" and $pass == "monster")
{
$_SESSION["logged_in"] = true;
$_SESSION["username"] = "godzilla";
$_SESSION["email"] = "chili@lists.unimelb.edu.au";
$_SESSION["common_name"] = "Godzilla";
$_SESSION["given_names"] = "Godzilla";
$_SESSION["family_name"] = "daikaiju";
$_SESSION["usertype"] = "staff";
$_SESSION["department_number"] = "030";
header("Location: http://{$_SERVER["HTTP_HOST"]}$redirect");
exit;
}
elseif ($user == "test" and $pass == "test") {
/* a non-admin user */
$_SESSION["logged_in"] = true;
$_SESSION["username"] = "test";
$_SESSION["email"] = "chili@lists.unimelb.edu.au";
$_SESSION["common_name"] = "Test";
$_SESSION["given_names"] = "Test";
$_SESSION["family_name"] = "User";
$_SESSION["usertype"] = "staff";
$_SESSION["department_number"] = "030";
header("Location: http://{$_SERVER["HTTP_HOST"]}$redirect");
exit;
}
else
{
try
{
if ($login->authenticate($user, $pass))
{
header("Location: http://{$_SERVER["HTTP_HOST"]}$redirect");
exit;
}
}
catch (LDAPBindException $e)
{
header("Location: http://{$_SERVER["HTTP_HOST"]}" . LIBPATH . "/failedlogin.php");
exit;
}
}
}
// Should only reach here if the credentials are wrong
if ($redirect != "/")
{
$_SESSION["nologin_from"] = $redirect;
}
header("Location: http://{$_SERVER["HTTP_HOST"]}" . LIBPATH . "/failedlogin.php");
exit;
?>