thooge/ipreg
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Features LDAP, Rights, Cables, Menu improvements and bug fixing

Browse Source
This commit is contained in:
Thomas Hooge
2023-02-28 19:21:42 +01:00
parent 26e9c89405
commit db26ffa611
59 changed files with 1039 additions and 301 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
login.php
View File

@@ -11,8 +11,13 @@ session_name('ipreg');
session_start();
include("config.php");
include("dbconnect.php");
include("lib.php");
// connect to database
$dbh = new PDO("mysql:host=$config_mysql_host;dbname=$config_mysql_dbname;charset=utf8", $config_mysql_username, $config_mysql_password);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$dbh->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
include("lib.php"); // only for get_language from browser. TODO: simplify
function user_login ($user_name, $user_pass) {
global $dbh;
@@ -27,11 +32,8 @@ function user_login ($user_name, $user_pass) {
$sql = "SELECT user_id, user_pass, user_displayname, user_language,
user_imagesize, user_imagecount, user_mac, user_dateformat,
user_dns1suffix, user_dns2suffix, user_menu_assets,
user_menu_assetclasses, user_menu_assetclassgroups,
user_menu_locations, user_menu_nodes, user_menu_subnets,
user_menu_users, user_menu_vlans, user_menu_zones,
user_tooltips
user_dns1suffix, user_dns2suffix, user_tooltips,
user_menu, user_role, user_flags
FROM user
WHERE user_name=?";
$sth = $dbh->prepare($sql);
@@ -55,6 +57,7 @@ function user_login ($user_name, $user_pass) {
$sth->execute([$newhash, $user->user_id]);
}
// all ok: user is logged in, register session data
$_SESSION['suser_id'] = $user->user_id;
$_SESSION['suser_displayname'] = $user->user_displayname;
@@ -65,17 +68,26 @@ function user_login ($user_name, $user_pass) {
$_SESSION['suser_dateformat'] = $user->user_dateformat;
$_SESSION['suser_dns1suffix'] = $user->user_dns1suffix;
$_SESSION['suser_dns2suffix'] = $user->user_dns2suffix;
$_SESSION['suser_menu_assets'] = $user->user_menu_assets;
$_SESSION['suser_menu_assetclasses'] = $user->user_menu_assetclasses;
$_SESSION['suser_menu_assetclassgroups'] = $user->user_menu_assetclassgroups;
$_SESSION['suser_menu_locations'] = $user->user_menu_locations;
$_SESSION['suser_menu_nodes'] = $user->user_menu_nodes;
$_SESSION['suser_menu_subnets'] = $user->user_menu_subnets;
$_SESSION['suser_menu_users'] = $user->user_menu_users;
$_SESSION['suser_menu_vlans'] = $user->user_menu_vlans;
$_SESSION['suser_menu_zones'] = $user->user_menu_zones;
$_SESSION['suser_tooltips'] = $user->user_tooltips;
$roles = explode(',', $user->user_role);
$_SESSION['suser_role_add'] = in_array('add', $roles);
$_SESSION['suser_role_edit'] = in_array('edit', $roles);
$_SESSION['suser_role_delete'] = in_array('delete', $roles);
$_SESSION['suser_role_manage'] = in_array('manage', $roles);
$_SESSION['suser_role_admin'] = in_array('admin', $roles);
$menu = explode(',', $user->user_menu);
$_SESSION['suser_menu_assets'] = in_array('asset', $menu);
$_SESSION['suser_menu_assetclasses'] = in_array('class', $menu);
$_SESSION['suser_menu_assetclassgroups'] = in_array('group', $menu);
$_SESSION['suser_menu_cables'] = in_array('cable', $menu);
$_SESSION['suser_menu_locations'] = in_array('location', $menu);
$_SESSION['suser_menu_nodes'] = in_array('node', $menu);
$_SESSION['suser_menu_subnets'] = in_array('subnet', $menu);
$_SESSION['suser_menu_vlans'] = in_array('vlan', $menu);
$_SESSION['suser_menu_zones'] = in_array('zone', $menu);
return TRUE;
}
@@ -84,13 +96,13 @@ function user_login ($user_name, $user_pass) {
$language = lang_getfrombrowser($config_lang, $config_lang_default, null, false);
include('lang/' . $language . '.php');
if ($_SERVER['REQUEST_METHOD']=="POST" ) {
if ($_SERVER['REQUEST_METHOD'] == "POST" ) {
$user_name = sanitize($_POST['user_name']);
$user_pass = sanitize($_POST['user_pass']);
if (user_login($user_name, $user_pass) == TRUE) {
header_location("index.php");
header_location($_SESSION['prelogin'] ?? 'index.php');
} else {
$_SESSION = array();
session_destroy();