mirror/php-ifm
1
0
Fork 0
mirror of https://github.com/misterunknown/ifm.git synced 2025-08-16 21:13:59 +02:00
Code Issues Releases Wiki Activity

fix merge conflicts with master

Browse Source
This commit is contained in:
Marco Dickert
2017-06-13 11:18:08 +02:00
parent 72c5586136
commit 7f1d14bd21
3 changed files with 74 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
ifm.php
View File

@@ -51,9 +51,17 @@ class IFMConfig {
format: format:
<username>:<passwordhash> <username>:<passwordhash>
LDAP auth syntax
const auth_source = 'ldap;<ldap_sever_host>:<rootdn>';
The script will add "uid=<username>," to the rootdn for binding. If your ldap server
does not use uid for usernames you can change it in the function checkCredentials.
examples: examples:
const auth_source = 'inline;admin:$2y$10$0Bnm5L4wKFHRxJgNq.oZv.v7yXhkJZQvinJYR2p6X1zPvzyDRUVRC'; const auth_source = 'inline;admin:$2y$10$0Bnm5L4wKFHRxJgNq.oZv.v7yXhkJZQvinJYR2p6X1zPvzyDRUVRC';
const auth_source = 'file;/path/to/file'; const auth_source = 'file;/path/to/file';
const auth_source = 'ldap;<ldap_sever_host>:<rootdn>';
*/ */
const auth = 0; const auth = 0;
const auth_source = 'inline;admin:$2y$10$0Bnm5L4wKFHRxJgNq.oZv.v7yXhkJZQvinJYR2p6X1zPvzyDRUVRC'; const auth_source = 'inline;admin:$2y$10$0Bnm5L4wKFHRxJgNq.oZv.v7yXhkJZQvinJYR2p6X1zPvzyDRUVRC';
@@ -1830,21 +1838,42 @@ ifm.init();
} }
} }
private function checkCredentials($user, $pass) { private function checkCredentials( $user, $pass ) {
list($src, $srcopt) = explode(";", IFMConfig::auth_source, 2); list( $src, $srcopt ) = explode( ";", IFMConfig::auth_source, 2 );
switch($src) { switch( $src ) {
case "inline": case "inline":
list($uname, $hash) = explode(":", $srcopt); list( $uname, $hash ) = explode( ":", $srcopt );
return password_verify( $pass, trim( $hash ) ) ? ( $uname == $user ) : false;
break; break;
case "file": case "file":
if(@file_exists($srcopt) && @is_readable($srcopt)) { if( @file_exists( $srcopt ) && @is_readable( $srcopt ) ) {
list($uname, $hash) = explode(":", fgets(fopen($srcopt, 'r'))); list( $uname, $hash ) = explode( ":", fgets( fopen( $srcopt, 'r' ) ) );
return password_verify( $pass, trim( $hash ) ) ? ( $uname == $user ) : false;
} else { } else {
return false; return false;
} }
break; break;
case "ldap":
$authenticated = false;
list( $ldap_server, $rootdn ) = explode( ":", $srcopt );
$u = "uid=" . $user . "," . $rootdn;
$ds = ldap_connect( $ldap_server ) or ( trigger_error( "Could not reach the ldap server.", E_USER_ERROR ); return false; );
ldap_set_option( $ds, LDAP_OPT_PROTOCOL_VERSION, 3 );
if( $ds ) {
$ldbind = @ldap_bind( $ds, $u, $pass );
if( $ldbind ) {
$authenticated = true;
} else {
$authenticated = false;
}
ldap_unbind( $ds );
} else {
$authenticated = false;
}
return $authenticated;
break;
} }
return password_verify($pass, trim($hash))?($uname == $user):false; return false;
} }
private function loginForm($loginFailed=false) { private function loginForm($loginFailed=false) {

8
src/config.php
View File

@@ -51,9 +51,17 @@ class IFMConfig {
format: format:
<username>:<passwordhash> <username>:<passwordhash>
LDAP auth syntax
const auth_source = 'ldap;<ldap_sever_host>:<rootdn>';
The script will add "uid=<username>," to the rootdn for binding. If your ldap server
does not use uid for usernames you can change it in the function checkCredentials.
examples: examples:
const auth_source = 'inline;admin:$2y$10$0Bnm5L4wKFHRxJgNq.oZv.v7yXhkJZQvinJYR2p6X1zPvzyDRUVRC'; const auth_source = 'inline;admin:$2y$10$0Bnm5L4wKFHRxJgNq.oZv.v7yXhkJZQvinJYR2p6X1zPvzyDRUVRC';
const auth_source = 'file;/path/to/file'; const auth_source = 'file;/path/to/file';
const auth_source = 'ldap;<ldap_sever_host>:<rootdn>';
*/ */
const auth = 0; const auth = 0;
const auth_source = 'inline;admin:$2y$10$0Bnm5L4wKFHRxJgNq.oZv.v7yXhkJZQvinJYR2p6X1zPvzyDRUVRC'; const auth_source = 'inline;admin:$2y$10$0Bnm5L4wKFHRxJgNq.oZv.v7yXhkJZQvinJYR2p6X1zPvzyDRUVRC';

35
src/main.php
View File

@@ -616,21 +616,42 @@ class IFM {
} }
} }
private function checkCredentials($user, $pass) { private function checkCredentials( $user, $pass ) {
list($src, $srcopt) = explode(";", IFMConfig::auth_source, 2); list( $src, $srcopt ) = explode( ";", IFMConfig::auth_source, 2 );
switch($src) { switch( $src ) {
case "inline": case "inline":
list($uname, $hash) = explode(":", $srcopt); list( $uname, $hash ) = explode( ":", $srcopt );
return password_verify( $pass, trim( $hash ) ) ? ( $uname == $user ) : false;
break; break;
case "file": case "file":
if(@file_exists($srcopt) && @is_readable($srcopt)) { if( @file_exists( $srcopt ) && @is_readable( $srcopt ) ) {
list($uname, $hash) = explode(":", fgets(fopen($srcopt, 'r'))); list( $uname, $hash ) = explode( ":", fgets( fopen( $srcopt, 'r' ) ) );
return password_verify( $pass, trim( $hash ) ) ? ( $uname == $user ) : false;
} else { } else {
return false; return false;
} }
break; break;
case "ldap":
$authenticated = false;
list( $ldap_server, $rootdn ) = explode( ":", $srcopt );
$u = "uid=" . $user . "," . $rootdn;
$ds = ldap_connect( $ldap_server ) or ( trigger_error( "Could not reach the ldap server.", E_USER_ERROR ); return false; );
ldap_set_option( $ds, LDAP_OPT_PROTOCOL_VERSION, 3 );
if( $ds ) {
$ldbind = @ldap_bind( $ds, $u, $pass );
if( $ldbind ) {
$authenticated = true;
} else {
$authenticated = false;
}
ldap_unbind( $ds );
} else {
$authenticated = false;
}
return $authenticated;
break;
} }
return password_verify($pass, trim($hash))?($uname == $user):false; return false;
} }
private function loginForm($loginFailed=false) { private function loginForm($loginFailed=false) {