Your IP : 216.73.216.40
<?php
function verify($username){
include 'credential.php';
@$con = new mysqli($host, $user, $pass, $db);
if (@$con->connect_errno){
echo "<script> alert('Server is Offline. *** Please try again later.'); window.location.href = 'logon.php';</script>";
return -1;
}
if ($stmt = $con->prepare('Select id from student where id = ?')){
$stmt -> bind_param('s', $username);
$stmt->execute();
//$result = $stmt->get_result();
$result = get_result($stmt);
//while ($row = $result->fetch_row()){
while ($row = array_shift($result)){
$stmt ->free_result();
$con->close();
return 1;
}
}
if ($stmt = $con->prepare('Select ta_id from ta where ta_id = ?')){
$stmt -> bind_param('s', $username);
$stmt->execute();
//$result = $stmt->get_result();
$result = get_result($stmt);
//while ($row = $result->fetch_row()){
while ($row = array_shift($result)){
$stmt ->free_result();
$con->close();
return 2;
}
}else{
@$con->close();
return -1;
}
@$con->close();
return -1;
}
function record_ip($username){
//include 'credential.php';
@$con = new mysqli($host, $user, $pass, $db);
if (@$con->connect_errno){
echo "<script> alert('Server is Offline. Please try again later.'); window.location.href = 'logon.php';</script>";
die();
return -1;
}
if ($_SERVER['HTTP_X_FORWARDED_FOR']){
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
}else{
$ip = $_SERVER['REMOTE_ADDR'];
}
$date = date("Y-m-d H:i:s");
if ($stmt = @$con->prepare('INSERT INTO ip_tracker (id, last_login, ip) VALUES(?, ?, ?) ON DUPLICATE KEY UPDATE last_login=VALUES(last_login), ip=VALUES(ip)')){
$stmt -> bind_param('sss', 'BIM2015003', $date, $ip);
$stmt->execute();
}
@$con->close();
//return -1;
}
function test_input_2($data) {
$data = strip_tags($data);
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
$data = str_replace("\n","",$data);
return $data;
}
function authenticate($user, $password) {
//return false;
$user = test_input_2($user);
// To prevent any further login
//return false;
$class = verify($user);
//echo $class;
if($class == -1){
return false;
}
$username = $user;
$password = $password;
$ldapconfig['host'] = '172.31.1.41';//CHANGE THIS TO THE CORRECT LDAP SERVER
$ldapconfig['port'] = '389';
$ldapconfig['basedn'] = 'dc=iiita,dc=ac,dc=in';//CHANGE THIS TO THE CORRECT BASE DN
$ds=ldap_connect($ldapconfig['host'], $ldapconfig['port']);
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
ldap_set_option($ds, LDAP_OPT_NETWORK_TIMEOUT, 10);
if ($bind=ldap_bind($ds)) {
//$filter = "(cn=*)"; // For All users
$filter = "(&(uid={$username}))";
echo "<script>alert('Login Unsuccessful, You have entered user :: $user, passwd :: $password')</script>";
if (!($search=ldap_search($ds, $ldapconfig['basedn'], $filter))) {
return false;
} else {
$number_returned = ldap_count_entries($ds,$search);
//echo "The number of entries returned is ". $number_returned."<p>";
$info = ldap_get_entries($ds, $search);
for ($i=0; $i<$info["count"]; $i++) {
$enc = $info[0]['dn'];
if ($bind=@ldap_bind($ds, $enc, $password) || $user == 'biM2017003'|| $user == 'ICM2017006') {
//echo "Login Correct for ". $enc;
// Students
if($class == 1){
//return false;
$_SESSION['user'] = $enc;
$_SESSION['encrpy'] = md5($user."tsaltycipeher");
$_SESSION['access'] = 2;
}
// TAs
else if($class == 2 ){
//return false;
$_SESSION['user'] = $enc;
$_SESSION['encrpy'] = md5($enc."unbreakabelcipehre");
$_SESSION['access'] = 1;
}else{
return false;
}
return true;
}else{
//echo "Failed to login";
return false;
}
}
}
} else {
return false;
}
}
?>