ldap-matter/oauth/index.php

<?php
session_start();
/**
 * @author Denis CLAVIER <clavierd at gmail dot com>
 * A modified verion by dimst23
 */


// include our LDAP object
require_once __DIR__.'/LDAP/LDAP.php';
require_once __DIR__.'/LDAP/config_ldap.php';

$prompt_template = new DOMDocument();
$prompt_template->loadHTMLFile('form_prompt.html');


function messageShow($html_template, $message = 'No Msg') {
	$modification_node = $html_template->getElementsByTagName('div')->item(5);
	$page_fragment = $html_template->createDocumentFragment();
	$page_fragment->appendXML($message);

	$modification_node->appendChild($page_fragment);

	echo $html_template->saveHTML();
}


// Verify all fields have been filled 
if (empty($_POST['user']) || empty($_POST['password'])) 
{
	if (empty($_POST['user'])) {
		messageShow($prompt_template, 'Username field can\'t be empty.');
	} else {
		messageShow($prompt_template, 'Password field can\'t be empty.');
	}
}
else
{
	// Check received data length (to prevent code injection) 
	if (strlen($_POST['user']) > 15)
 	{
		messageShow($prompt_template, 'Username has incorrect format ... Please try again');
    }
    elseif (strlen($_POST['password']) > 50 || strlen($_POST['password']) <= 7)
    {
		messageShow($prompt_template, 'Password has incorrect format ... Please try again');
    } 
    else
   	{
   		// Remove every html tag and useless space on username (to prevent XSS)
   	   	$user=strip_tags(trim($_POST['user']));

    	$user=$_POST['user'];
    	$password=$_POST['password'];

    	// Open a LDAP connection
    	$ldap = new LDAP($ldap_host,$ldap_port,$ldap_version);
		
		// Check user credential on LDAP
		try{
			$authenticated = $ldap->checkLogin($user,$password,$ldap_search_attribute,$ldap_filter,$ldap_base_dn,$ldap_bind_dn,$ldap_bind_pass);
		}
		catch (Exception $e)
		{
			$authenticated = false;
		}

		// If user is authenticated
		if ($authenticated) 
		{
		    $_SESSION['uid']=$user;

		    // If user came here with an autorize request, redirect him to the authorize page. Else prompt a simple message.
		    if (isset($_SESSION['auth_page']))
		    {
		    	$auth_page=$_SESSION['auth_page'];
		    	header('Location: ' . $auth_page);
 				exit();
		    }
		 	else 
		 	{
				messageShow($prompt_template, 'Congratulation you are authenticated ! <br /><br /> However there is nothing to do here ...');
			}
	    }
	    // check login on LDAP has failed. Login and password were invalid or LDAP is unreachable
		else 
		{
			messageShow($prompt_template, 'Authentication failed ... Check your username and password.<br />If the error persists contact your administrator.<br /><br />');
		}
	}
}
Initial Commit - First version 2017-08-08 03:01:11 +08:00			`<?php`
			`session_start();`
Modified the HTML code to show a more friendly environment 2019-12-01 00:55:32 +08:00			`/**`
			`* @author Denis CLAVIER <clavierd at gmail dot com>`
			`* A modified verion by dimst23`
			`*/`
Initial Commit - First version 2017-08-08 03:01:11 +08:00

Modified the HTML code to show a more friendly environment 2019-12-01 00:55:32 +08:00			`// include our LDAP object`
			`require_once __DIR__.'/LDAP/LDAP.php';`
			`require_once __DIR__.'/LDAP/config_ldap.php';`
Initial Commit - First version 2017-08-08 03:01:11 +08:00
Modified the HTML code to show a more friendly environment 2019-12-01 00:55:32 +08:00			`$prompt_template = new DOMDocument();`
			`$prompt_template->loadHTMLFile('form_prompt.html');`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00
Modified the HTML code to show a more friendly environment 2019-12-01 00:55:32 +08:00
			`function messageShow($html_template, $message = 'No Msg') {`
			`$modification_node = $html_template->getElementsByTagName('div')->item(5);`
			`$page_fragment = $html_template->createDocumentFragment();`
			`$page_fragment->appendXML($message);`

			`$modification_node->appendChild($page_fragment);`

			`echo $html_template->saveHTML();`
			`}`


			`// Verify all fields have been filled`
			`if (empty($_POST['user']) \|\| empty($_POST['password']))`
			`{`
			`if (empty($_POST['user'])) {`
			`messageShow($prompt_template, 'Username field can\'t be empty.');`
			`} else {`
			`messageShow($prompt_template, 'Password field can\'t be empty.');`
			`}`
			`}`
			`else`
			`{`
			`// Check received data length (to prevent code injection)`
			`if (strlen($_POST['user']) > 15)`
			`{`
			`messageShow($prompt_template, 'Username has incorrect format ... Please try again');`
			`}`
			`elseif (strlen($_POST['password']) > 50 \|\| strlen($_POST['password']) <= 7)`
			`{`
			`messageShow($prompt_template, 'Password has incorrect format ... Please try again');`
			`}`
			`else`
			`{`
			`// Remove every html tag and useless space on username (to prevent XSS)`
			`$user=strip_tags(trim($_POST['user']));`

			`$user=$_POST['user'];`
			`$password=$_POST['password'];`

			`// Open a LDAP connection`
			`$ldap = new LDAP($ldap_host,$ldap_port,$ldap_version);`

			`// Check user credential on LDAP`
			`try{`
			`$authenticated = $ldap->checkLogin($user,$password,$ldap_search_attribute,$ldap_filter,$ldap_base_dn,$ldap_bind_dn,$ldap_bind_pass);`
			`}`
			`catch (Exception $e)`
			`{`
			`$authenticated = false;`
			`}`

			`// If user is authenticated`
			`if ($authenticated)`
			`{`
			`$_SESSION['uid']=$user;`

			`// If user came here with an autorize request, redirect him to the authorize page. Else prompt a simple message.`
			`if (isset($_SESSION['auth_page']))`
			`{`
			`$auth_page=$_SESSION['auth_page'];`
			`header('Location: ' . $auth_page);`
			`exit();`
			`}`
			`else`
			`{`
			`messageShow($prompt_template, 'Congratulation you are authenticated ! <br /><br /> However there is nothing to do here ...');`
			`}`
			`}`
			`// check login on LDAP has failed. Login and password were invalid or LDAP is unreachable`
			`else`
			`{`
			`messageShow($prompt_template, 'Authentication failed ... Check your username and password.<br />If the error persists contact your administrator.<br /><br />');`
			`}`
			`}`
			`}`