X-Git-Url: https://git.llucax.com/mecon/intranet.git/blobdiff_plain/e59d3170b36e5b9ccc19afcb1565faf4dcb40463..631e99d6b2c669a7a160ea80e5355a54de839116:/sistema/www/login.php?ds=inline diff --git a/sistema/www/login.php b/sistema/www/login.php index ca3c860..b2c8272 100644 --- a/sistema/www/login.php +++ b/sistema/www/login.php @@ -14,36 +14,43 @@ //error connecting - return false echo "Error conectando!\n"; } - list( $uid, $domain ) = split( "@", $userid ); + @ list( $uid, $domain ) = split( "@", $userid ); + if(is_null($uid) || is_null($domain)) + $error = true; - $r = @ldap_bind($ds, "uid=$uid,ou=Personas,o=$domain,o=gov.ar", $_POST['password']); + $r = @ ldap_bind($ds, "uid=$uid,ou=Personas,o=$domain,o=gov.ar", $_POST['password']); if ($r) { - $sr = @ldap_search($ds, "ou=Personas,o=$domain,o=gov.ar", "uid=$uid"); - $info = @ldap_get_entries($ds, $sr); + $sr = @ ldap_search($ds, "ou=Personas,o=$domain,o=gov.ar", "uid=$uid"); + $info = @ ldap_get_entries($ds, $sr); } + else + $error = true; ldap_close($ds); - - if (!isset($sr)) { + if (! @ $sr) { //error reading / authenticating - return false $error = true; } else { - $_SESSION['usuario'] = $_POST['usuario']; - $_SESSION['documento'] = $info[0]['uidnumber'][0]; - - // Agregado MANAZAR - $MECON_DNI= $info[0]['uidnumber'][0]; - $MECON_NOMBRE= $info[0]['sn'][0]." ".$info[0]['givenname'][0]; - $MECON_LOGIN= $_POST['usuario']; - $usuario=& new MECON_USUARIO(); - $usuario->Insertar_Usuario($MECON_DNI,$MECON_LOGIN,$MECON_NOMBRE); - // Fin Agregado MANAZAR - + if(! @ $_POST['usuario'] || ! @ $info[0]['uidnumber'][0]) + $error = true; + else + { + $_SESSION['usuario'] = $_POST['usuario']; + $_SESSION['documento'] = $info[0]['uidnumber'][0]; + // Agregado MANAZAR + $MECON_DNI= $info[0]['uidnumber'][0]; + $MECON_NOMBRE= $info[0]['sn'][0]." ".$info[0]['givenname'][0]; + $MECON_LOGIN= $_POST['usuario']; + $usuario=& new MECON_USUARIO(); + $usuario->Insertar_Usuario($MECON_DNI,$MECON_LOGIN,$MECON_NOMBRE); + // Fin Agregado MANAZAR + } } } + { - if(!isset($_SESSION['usuario'])) + if(!isset($_SESSION['usuario']) ) { if((isset($_GET['redirect']) && $_GET['redirect'] == 'sistemas') || (isset($_POST['redirect']) && $_POST['redirect'] == 'sistemas')) @@ -75,25 +82,19 @@ } } - if(isset($_SESSION['usuario']) && + if(isset($_SESSION['usuario']) && ! @ $error && (isset($_POST['redirect']) || isset($_GET['redirect']))) { - if((isset($_GET['redirect']) && $_GET['redirect'] == 'sistemas') || - (isset($_POST['redirect']) && $_POST['redirect'] == 'sistemas')) - { - header('location: sistemas.php'); - exit; - } + @ $redirect = $_GET['redirect'].$_POST['redirect']; + $db = DB::Connect('mysql://intranet:intranet@bal747f/intranet'); + $query = "SELECT link + FROM servicio + WHERE servicio = $redirect"; + $link = $db->getOne($query); + if(PEAR::isError($link)) + header('location: '.$redirect); else - { - $db = DB::Connect('mysql://intranet:intranet@bal747f/intranet'); - $query = "SELECT link - FROM servicio - WHERE servicio = "; - if(isset($_POST['redirect'])) $query .= $_POST['redirect']; - else $query .= $_GET['redirect']; - $link = $db->getOne($query); header('location: '.$link); - } - } + } + ?>