LDAP Auth. anpassen

BlueDivel

Grünschnabel
Ich möchte eine LDAP Auth. in ein fertiges System einbinden aber dann funktionieren manche aktionen im System nicht mehr.

Hier die funktionierende Auth:

PHP:
<?php

error_reporting(1);
session_start();

function authenticate() {
   header('WWW-Authenticate: Basic realm="Active Directory Login"');
   header('HTTP/1.0 401 Unauthorized');
   echo 'Sorry, you must login using the correct user and pass.';
   echo '<br><br><a href="' . $PHP_SELF . '?logout=1">Click here</a> to try again.';
   exit;
}

if(!isset($_SERVER['PHP_AUTH_USER']) || ($_GET['logout'] == 1 && isset($_SESSION['user']) && isset($_SESSION['domain']))){
   session_unset();
   authenticate();
} else {
   $_SESSION["domain"] = $domain = 'MYDOMAIN'; // <- your domain
   $_SESSION["user"] = strtoupper($_SERVER["PHP_AUTH_USER"]);
   $_SESSION["password"] = $_SERVER["PHP_AUTH_PW"];
   $LDAPServerAddress1="192.168.1.xxx"; // <- IP address for your 1st DC
   $LDAPServerAddress2="192.168.1.xxx"; // <- IP address for your 2nd DC...and so on...
   $LDAPServerPort="389";
   $LDAPServerTimeOut ="60";
   $LDAPContainer="dc=mydomain,dc=com"; // <- your domain info
   $BIND_username = "mydomain\\authaccountuser"; // <- an account in AD to test using
   $BIND_password = "authaccountpass";
   $filter = "sAMAccountName=".$_SESSION["user"];
   $login_error_code = 0;

   if(($ds=ldap_connect($LDAPServerAddress1)) || ($ds=ldap_connect($LDAPServerAddress2))) {
      ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
      ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
      
      if($r=ldap_bind($ds,$BIND_username,$BIND_password)) {
         if($sr=ldap_search($ds, $LDAPContainer, $filter, array('distinguishedName'))) {
            if($info = ldap_get_entries($ds, $sr)) {
               $BIND_username = $info[0]['distinguishedname'][0];
               $BIND_password = $_SERVER["PHP_AUTH_PW"];
               if ($r2=ldap_bind($ds,$BIND_username,$BIND_password)) {
                  if($sr2=ldap_search($ds, $LDAPContainer, $filter, array("givenName","sn","mail","displayName"))) {
                     if($info2 = ldap_get_entries($ds, $sr2)) {
                        $_SESSION["name"] = $info2[0]["givenname"][0]." ".$info2[0]["sn"][0];
                        $_SESSION["email"] = $info2[0]["mail"][0];
                        $_SESSION["displayname"] = $info2[0]["displayname"][0];
                     } else {
                        $login_error = "Could not read entries"; $login_error_code=1;
                     }
                  } else {
                     $login_error = "Could not search"; $login_error_code=2;
                  }
               } else {
                  $login_error = "User password incorrect"; $login_error_code=3;
               }
            } else {
               $login_error = "User name not found"; $login_error_code=4;
            }
         } else {
            $login_error = "Could not search"; $login_error_code=5;
         }
      } else {
         $login_error = "Could not bind"; $login_error_code=6;
      }
   } else {
      $login_error = "Could not connect"; $login_error_code=7;
   }
   
   if($login_error_code > 0){
      authenticate();
   } else {
      echo 'Welcome ' . $_SESSION["displayname"];
      echo '<br><br><a href="' . $PHP_SELF . '?logout=1">Click here</a> to logout and try again.';
   }
}


?>

Diese wollte ich hier einfügen:

PHP:
<?php

define('IN_SCRIPT',1);
define('HESK_PATH','./');

/* Get all the required files and functions */
require(HESK_PATH . 'hesk_settings.inc.php');
require(HESK_PATH . 'inc/common.inc.php');

/* What should we do? */
$action = hesk_REQUEST('a');

switch ($action)
{
	case 'add':
		hesk_session_start();
        print_add_ticket();
	    break;

	case 'forgot_tid':
		hesk_session_start();
        forgot_tid();
	    break;

	default:
		print_start();
}

/* Print footer */
require_once(HESK_PATH . 'inc/footer.inc.php');
exit();

/*** START FUNCTIONS ***/

function print_add_ticket() {
global $hesk_settings, $hesklang;

/* Varibles for coloring the fields in case of errors */
if (!isset($_SESSION['iserror']))
{
	$_SESSION['iserror'] = array();
}

if (!isset($_SESSION['isnotice']))
{
	$_SESSION['isnotice'] = array();
}

hesk_cleanSessionVars('already_submitted');

/* Print header */
$hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' . $hesklang['submit_ticket'];
require_once(HESK_PATH . 'inc/header.inc.php');
?>

<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="3"><img src="img/headerleftsm.jpg" width="3" height="25" alt="" /></td>
<td class="headersm"><?php hesk_showTopBar($hesklang['submit_ticket']); ?></td>
<td width="3"><img src="img/headerrightsm.jpg" width="3" height="25" alt="" /></td>
</tr>
</table>

<table width="100%" border="0" cellspacing="0" cellpadding="3">
<tr>
<td><span class="smaller"><a href="<?php echo $hesk_settings['site_url']; ?>" class="smaller"><?php echo $hesk_settings['site_title']; ?></a> &gt;
<a href="<?php echo $hesk_settings['hesk_url']; ?>" class="smaller"><?php echo $hesk_settings['hesk_title']; ?></a>
&gt; <?php echo $hesklang['submit_ticket']; ?></span></td>
</tr>
</table>

</td>
</tr>
<tr>
<td>

<?php
/* This will handle error, success and notice messages */
hesk_handle_messages();
?>

<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
	<td width="7" height="7"><img src="img/roundcornerslt.jpg" width="7" height="7" alt="" /></td>
	<td class="roundcornerstop"></td>
	<td><img src="img/roundcornersrt.jpg" width="7" height="7" alt="" /></td>
</tr>
<tr>
	<td class="roundcornersleft">&nbsp;</td>
	<td>
    <!-- START FORM -->

	<p style="text-align:center"><?php echo $hesklang['use_form_below']; ?> <font class="important"> *</font></p>

	<form method="post" action="submit_ticket.php" name="form1" enctype="multipart/form-data">

	<!-- Contact info -->
	<table border="0" width="100%">
	<tr>
	<td style="text-align:right" width="150"><?php echo $hesklang['name']; ?>: <font class="important">*</font></td>
	<td width="80%"><input type="text" name="name" size="40" maxlength="30" value="<?php if (isset($_SESSION['c_name'])) {echo stripslashes(hesk_input($_SESSION['c_name']));} ?>" <?php if (in_array('name',$_SESSION['iserror'])) {echo ' class="isError" ';} ?> /></td>
	</tr>
	<tr>
	<td style="text-align:right" width="150"><?php echo $hesklang['email']; ?>: <font class="important">*</font></td>
	<td width="80%"><input type="text" name="email" size="40" maxlength="50" value="<?php if (isset($_SESSION['c_email'])) {echo stripslashes(hesk_input($_SESSION['c_email']));} ?>" <?php if (in_array('email',$_SESSION['iserror'])) {echo ' class="isError" ';} elseif (in_array('email',$_SESSION['isnotice'])) {echo ' class="isNotice" ';} ?> <?php if($hesk_settings['detect_typos']) { echo ' onblur="Javascript:hesk_suggestEmail(0)"'; } ?> /></td>
	</tr>
    <?php
    if ($hesk_settings['confirm_email'])
    {
	    ?>
		<tr>
		<td style="text-align:right" width="150"><?php echo $hesklang['confemail']; ?>: <font class="important">*</font></td>
		<td width="80%"><input type="text" name="email2" size="40" maxlength="50" value="<?php if (isset($_SESSION['c_email2'])) {echo stripslashes(hesk_input($_SESSION['c_email2']));} ?>" <?php if (in_array('email2',$_SESSION['iserror'])) {echo ' class="isError" ';} ?> /></td>
		</tr>
	    <?php
    } // End if $hesk_settings['confirm_email']
    ?>
	</table>

	<div id="email_suggestions"></div>

	<hr />

	<!-- Department and priority -->

    <?php
    $is_table = 0;

	require(HESK_PATH . 'inc/database.inc.php');

    /* Get categories */
	hesk_dbConnect();
	$sql = "SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."categories` WHERE `type`='0' ORDER BY `cat_order` ASC";
	$res = hesk_dbQuery($sql);

    if (hesk_dbNumRows($res) == 1)
    {
    	/* Only 1 public category, no need for select box */
    	$row = hesk_dbFetchAssoc($res);
		echo '<input type="hidden" name="category" value="'.$row['id'].'" />';
    }
    elseif (hesk_dbNumRows($res) < 1)
    {
    	/* No public categories, set it to default one */
		echo '<input type="hidden" name="category" value="'.$row['id'].'" />';
    }
    else
    {
		/* List available categories */
		$is_table = 1;
		?>
		<table border="0" width="100%">
		<tr>
		<td style="text-align:right" width="150"><?php echo $hesklang['category']; ?>: <font class="important">*</font></td>
		<td width="80%"><select name="category" <?php if (in_array('category',$_SESSION['iserror'])) {echo ' class="isError" ';} ?> >
		<?php
		if (!empty($_GET['catid']))
		{
			$_SESSION['c_category'] = intval($_GET['catid']);
		}

		while ($row = hesk_dbFetchAssoc($res))
		{
			$selected = (isset($_SESSION['c_category']) && $_SESSION['c_category'] == $row['id']) ? ' selected="selected"' : '';
			echo '<option value="'.$row['id'].'"'.$selected.'>'.$row['name'].'</option>';
		}
		?>
		</select></td>
		</tr>
        <?php
    }

	/* Can customer assign urgency? */
	if ($hesk_settings['cust_urgency'])
	{
		if (!$is_table)
		{
			echo '<table border="0" width="100%">';
            $is_table = 1;
		}
		?>
		<tr>
		<td style="text-align:right" width="150"><?php echo $hesklang['priority']; ?>: <font class="important">*</font></td>
		<td width="80%"><select name="priority" <?php if (in_array('priority',$_SESSION['iserror'])) {echo ' class="isError" ';} ?> >
		<option value="3" <?php if(isset($_SESSION['c_priority']) && $_SESSION['c_priority']==3) {echo 'selected="selected"';} ?>><?php echo $hesklang['low']; ?></option>
		<option value="2" <?php if(isset($_SESSION['c_priority']) && $_SESSION['c_priority']==2) {echo 'selected="selected"';} ?>><?php echo $hesklang['medium']; ?></option>
		<option value="1" <?php if(isset($_SESSION['c_priority']) && $_SESSION['c_priority']==1) {echo 'selected="selected"';} ?>><?php echo $hesklang['high']; ?></option>
		</select></td>
		</tr>
		<?php
	}

	/* Need to close the table? */
	if ($is_table)
	{
		echo '</table> <hr />';
	}
	?>
	<!-- START CUSTOM BEFORE -->
	<?php

	/* custom fields BEFORE comments */

	$print_table = 0;

	foreach ($hesk_settings['custom_fields'] as $k=>$v)
	{
		if ($v['use'] && $v['place']==0)
	    {
	    	if ($print_table == 0)
	        {
	        	echo '<table border="0" width="100%">';
	        	$print_table = 1;
	        }

			$v['req'] = $v['req'] ? '<font class="important">*</font>' : '';

			if ($v['type'] == 'checkbox')
            {
            	$k_value = array();
                if (isset($_SESSION["c_$k"]) && is_array($_SESSION["c_$k"]))
                {
	                foreach ($_SESSION["c_$k"] as $myCB)
	                {
	                	$k_value[] = stripslashes(hesk_input($myCB));
	                }
                }
            }
            elseif (isset($_SESSION["c_$k"]))
            {
            	$k_value  = stripslashes(hesk_input($_SESSION["c_$k"]));
            }
            else
            {
            	$k_value  = '';
            }

	        switch ($v['type'])
	        {
	        	/* Radio box */
	        	case 'radio':
					echo '
					<tr>
					<td style="text-align:right" width="150" valign="top">'.$v['name'].': '.$v['req'].'</td>
	                <td width="80%">';

	            	$options = explode('#HESK#',$v['value']);
                    $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : '';

	                foreach ($options as $option)
	                {

		            	if (strlen($k_value) == 0 || $k_value == $option)
		                {
	                    	$k_value = $option;
							$checked = 'checked="checked"';
	                    }
	                    else
	                    {
	                    	$checked = '';
	                    }

	                	echo '<label><input type="radio" name="'.$k.'" value="'.$option.'" '.$checked.' '.$cls.' /> '.$option.'</label><br />';
	                }

	                echo '</td>
					</tr>
					';
	            break;

	            /* Select drop-down box */
	            case 'select':

                	$cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : '';

					echo '
					<tr>
					<td style="text-align:right" width="150">'.$v['name'].': '.$v['req'].'</td>
	                <td width="80%"><select name="'.$k.'" '.$cls.'>';

	            	$options = explode('#HESK#',$v['value']);

	                foreach ($options as $option)
	                {

		            	if (strlen($k_value) == 0 || $k_value == $option)
		                {
	                    	$k_value = $option;
	                        $selected = 'selected="selected"';
		                }
	                    else
	                    {
	                    	$selected = '';
	                    }

	                	echo '<option '.$selected.'>'.$option.'</option>';
	                }

	                echo '</select></td>
					</tr>
					';
	            break;

	            /* Checkbox */
	        	case 'checkbox':
					echo '
					<tr>
					<td style="text-align:right" width="150" valign="top">'.$v['name'].': '.$v['req'].'</td>
	                <td width="80%">';

	            	$options = explode('#HESK#',$v['value']);
                    $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : '';

	                foreach ($options as $option)
	                {

		            	if (in_array($option,$k_value))
		                {
							$checked = 'checked="checked"';
	                    }
	                    else
	                    {
	                    	$checked = '';
	                    }

	                	echo '<label><input type="checkbox" name="'.$k.'[]" value="'.$option.'" '.$checked.' '.$cls.' /> '.$option.'</label><br />';
	                }

	                echo '</td>
					</tr>
					';
	            break;

	            /* Large text box */
	            case 'textarea':
	                $size = explode('#',$v['value']);
                    $size[0] = empty($size[0]) ? 5 : intval($size[0]);
                    $size[1] = empty($size[1]) ? 30 : intval($size[1]);

                    $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : '';

					echo '
					<tr>
					<td style="text-align:right" width="150" valign="top">'.$v['name'].': '.$v['req'].'</td>
					<td width="80%"><textarea name="'.$k.'" rows="'.$size[0].'" cols="'.$size[1].'" '.$cls.'>'.$k_value.'</textarea></td>
					</tr>
	                ';
	            break;

	            /* Default text input */
	            default:
                	if (strlen($k_value) != 0)
                    {
                    	$v['value'] = $k_value;
                    }

                    $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : '';

					echo '
					<tr>
					<td style="text-align:right" width="150">'.$v['name'].': '.$v['req'].'</td>
					<td width="80%"><input type="text" name="'.$k.'" size="40" maxlength="'.$v['maxlen'].'" value="'.$v['value'].'" '.$cls.' /></td>
					</tr>
					';
	        }
	    }
	}

	/* If table was started we need to close it */
	if ($print_table)
	{
		echo '</table> <hr />';
		$print_table = 0;
	}
	?>
	<!-- END CUSTOM BEFORE -->

	<!-- ticket info -->
	<table border="0" width="100%">
	<tr>
	<td style="text-align:right" width="150"><?php echo $hesklang['subject']; ?>: <font class="important">*</font></td>
	<td width="80%"><input type="text" name="subject" size="40" maxlength="40" value="<?php if (isset($_SESSION['c_subject'])) {echo stripslashes(hesk_input($_SESSION['c_subject']));} ?>" <?php if (in_array('subject',$_SESSION['iserror'])) {echo ' class="isError" ';} ?> /></td>
	</tr>
	<tr>
	<td style="text-align:right" width="150" valign="top"><?php echo $hesklang['message']; ?>: <font class="important">*</font></td>
	<td width="80%"><textarea name="message" rows="12" cols="60" <?php if (in_array('message',$_SESSION['iserror'])) {echo ' class="isError" ';} ?> ><?php if (isset($_SESSION['c_message'])) {echo stripslashes(hesk_input($_SESSION['c_message']));} ?></textarea>

		<!-- START KNOWLEDGEBASE SUGGEST -->
		<?php
		if ($hesk_settings['kb_enable'] && $hesk_settings['kb_recommendanswers'])
		{
			?>
			<div id="kb_suggestions" style="display:none">
            <br />&nbsp;<br />
			<img src="img/loading.gif" width="24" height="24" alt="" border="0" style="vertical-align:text-bottom" /> <i><?php echo $hesklang['lkbs']; ?></i>
			</div>

			<script language="Javascript" type="text/javascript"><!--
			hesk_suggestKB();
			//-->
			</script>
			<?php
		}
		?>
		<!-- END KNOWLEDGEBASE SUGGEST -->
    </td>
	</tr>
	</table>

	<!-- START CUSTOM AFTER -->
	<?php
	/* custom fields AFTER comments */
	$print_table = 0;

	foreach ($hesk_settings['custom_fields'] as $k=>$v)
	{
		if ($v['use'] && $v['place'])
	    {
	    	if ($print_table == 0)
	        {
	        	echo '
                <hr />
                <table border="0" width="100%">
                ';
	        	$print_table = 1;
	        }

			$v['req'] = $v['req'] ? '<font class="important">*</font>' : '';

			if ($v['type'] == 'checkbox')
            {
            	$k_value = array();
                if (isset($_SESSION["c_$k"]) && is_array($_SESSION["c_$k"]))
                {
	                foreach ($_SESSION["c_$k"] as $myCB)
	                {
	                	$k_value[] = stripslashes(hesk_input($myCB));
	                }
                }
            }
            elseif (isset($_SESSION["c_$k"]))
            {
            	$k_value  = stripslashes(hesk_input($_SESSION["c_$k"]));
            }
            else
            {
            	$k_value  = '';
            }


	        switch ($v['type'])
	        {
	        	/* Radio box */
	        	case 'radio':
					echo '
					<tr>
					<td style="text-align:right" width="150" valign="top">'.$v['name'].': '.$v['req'].'</td>
	                <td width="80%">';

	            	$options = explode('#HESK#',$v['value']);
                    $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : '';

	                foreach ($options as $option)
	                {

		            	if (strlen($k_value) == 0 || $k_value == $option)
		                {
	                    	$k_value = $option;
							$checked = 'checked="checked"';
	                    }
	                    else
	                    {
	                    	$checked = '';
	                    }

	                	echo '<label><input type="radio" name="'.$k.'" value="'.$option.'" '.$checked.' '.$cls.' /> '.$option.'</label><br />';
	                }

	                echo '</td>
					</tr>
					';
	            break;

	            /* Select drop-down box */
	            case 'select':

                	$cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : '';

					echo '
					<tr>
					<td style="text-align:right" width="150">'.$v['name'].': '.$v['req'].'</td>
	                <td width="80%"><select name="'.$k.'" '.$cls.'>';

	            	$options = explode('#HESK#',$v['value']);

	                foreach ($options as $option)
	                {

		            	if (strlen($k_value) == 0 || $k_value == $option)
		                {
	                    	$k_value = $option;
	                        $selected = 'selected="selected"';
		                }
	                    else
	                    {
	                    	$selected = '';
	                    }

	                	echo '<option '.$selected.'>'.$option.'</option>';
	                }

	                echo '</select></td>
					</tr>
					';
	            break;

	            /* Checkbox */
	        	case 'checkbox':
					echo '
					<tr>
					<td style="text-align:right" width="150" valign="top">'.$v['name'].': '.$v['req'].'</td>
	                <td width="80%">';

	            	$options = explode('#HESK#',$v['value']);
                    $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : '';

	                foreach ($options as $option)
	                {

		            	if (in_array($option,$k_value))
		                {
							$checked = 'checked="checked"';
	                    }
	                    else
	                    {
	                    	$checked = '';
	                    }

	                	echo '<label><input type="checkbox" name="'.$k.'[]" value="'.$option.'" '.$checked.' '.$cls.' /> '.$option.'</label><br />';
	                }

	                echo '</td>
					</tr>
					';
	            break;

	            /* Large text box */
	            case 'textarea':
	                $size = explode('#',$v['value']);
                    $size[0] = empty($size[0]) ? 5 : intval($size[0]);
                    $size[1] = empty($size[1]) ? 30 : intval($size[1]);

                    $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : '';

					echo '
					<tr>
					<td style="text-align:right" width="150" valign="top">'.$v['name'].': '.$v['req'].'</td>
					<td width="80%"><textarea name="'.$k.'" rows="'.$size[0].'" cols="'.$size[1].'" '.$cls.'>'.$k_value.'</textarea></td>
					</tr>
	                ';
	            break;

	            /* Default text input */
	            default:
                	if (strlen($k_value) != 0)
                    {
                    	$v['value'] = $k_value;
                    }

                    $cls = in_array($k,$_SESSION['iserror']) ? ' class="isError" ' : '';

					echo '
					<tr>
					<td style="text-align:right" width="150">'.$v['name'].': '.$v['req'].'</td>
					<td width="80%"><input type="text" name="'.$k.'" size="40" maxlength="'.$v['maxlen'].'" value="'.$v['value'].'" '.$cls.' /></td>
					</tr>
					';
	        }
	    }
	}

	/* If table was started we need to close it */
	if ($print_table)
	{
		echo '</table>';
		$print_table = 0;
	}
	?>
	<!-- END CUSTOM AFTER -->

	<?php
	/* attachments */
	if ($hesk_settings['attachments']['use'])
    {
	?>
    <hr />

	<table border="0" width="100%">
	<tr>
	<td style="text-align:right" width="150" valign="top"><?php echo $hesklang['attachments']; ?>:</td>
	<td width="80%" valign="top">
	<?php
	for ($i=1;$i<=$hesk_settings['attachments']['max_number'];$i++)
    {
    	$cls = ($i == 1 && in_array('attachments',$_SESSION['iserror'])) ? ' class="isError" ' : '';
		echo '<input type="file" name="attachment['.$i.']" size="50" '.$cls.' /><br />';
	}
	?>
	<a href="file_limits.php" target="_blank" onclick="Javascript:hesk_window('file_limits.php',250,500);return false;"><?php echo $hesklang['ful']; ?></a>

	</td>
	</tr>
	</table>
	<?php
	}

	if ($hesk_settings['question_use'] || $hesk_settings['secimg_use'])
    {
		?>

        <hr />

        <!-- Security checks -->
		<table border="0" width="100%">
		<?php
		if ($hesk_settings['question_use'])
	    {
			?>
			<tr>
			<td style="text-align:right;vertical-align:top" width="150"><?php echo $hesklang['verify_q']; ?> <font class="important">*</font></td>
			<td width="80%">
            <?php
        	$value = '';
        	if (isset($_SESSION['c_question']))
            {
	        	$value = stripslashes(hesk_input($_SESSION['c_question']));
            }
            $cls = in_array('question',$_SESSION['iserror']) ? ' class="isError" ' : '';
		    echo $hesk_settings['question_ask'].'<br /><input type="text" name="question" size="20" value="'.$value.'" '.$cls.'  />';
            ?><br />&nbsp;
	        </td>
			</tr>
            <?php
		}

		if ($hesk_settings['secimg_use'])
	    {
			?>
			<tr>
			<td style="text-align:right;vertical-align:top" width="150"><?php echo $hesklang['verify_i']; ?> <font class="important">*</font></td>
			<td width="80%">
            <?php

            if (isset($_SESSION['img_verified']))
            {
				echo '<img src="'.HESK_PATH.'img/success.png" width="16" height="16" border="0" alt="" style="vertical-align:text-bottom" /> '.$hesklang['vrfy'];
            }
            else
            {
	            $cls = in_array('mysecnum',$_SESSION['iserror']) ? ' class="isError" ' : '';

	            echo $hesklang['sec_enter'].'<br />&nbsp;<br /><img src="print_sec_img.php?'.rand(10000,99999).'" width="150" height="40" alt="'.$hesklang['sec_img'].'" title="'.$hesklang['sec_img'].'" border="1" name="secimg" style="vertical-align:text-bottom" /> '.
	            '<a href="javascript:void(0)" onclick="javascript:document.form1.secimg.src=\'print_sec_img.php?\'+ ( Math.floor((90000)*Math.random()) + 10000);"><img src="img/reload.png" height="24" width="24" alt="'.$hesklang['reload'].'" title="'.$hesklang['reload'].'" border="0" style="vertical-align:text-bottom" /></a>'.
	            '<br />&nbsp;<br /><input type="text" name="mysecnum" size="20" maxlength="5" '.$cls.' />';
            }
            ?>
	        </td>
			</tr>
            <?php
		}
		?>
		</table>

    <?php
    }
	?>

	<!-- Submit -->
    <?php
    if ($hesk_settings['submit_notice'])
    {
	    ?>

	    <hr />

		<div align="center">
		<table border="0">
		<tr>
		<td>

	    <b><?php echo $hesklang['before_submit']; ?></b>
	    <ul>
	    <li><?php echo $hesklang['all_info_in']; ?>.</li>
		<li><?php echo $hesklang['all_error_free']; ?>.</li>
	    </ul>


		<b><?php echo $hesklang['we_have']; ?>:</b>
	    <ul>
	    <li><?php echo hesk_htmlspecialchars($_SERVER['REMOTE_ADDR']).' '.$hesklang['recorded_ip']; ?></li>
		<li><?php echo $hesklang['recorded_time']; ?></li>
		</ul>

		<p align="center"><input type="hidden" name="token" value="<?php hesk_token_echo(); ?>" />
	    <input type="submit" value="<?php echo $hesklang['sub_ticket']; ?>" class="orangebutton"  onmouseover="hesk_btn(this,'orangebuttonover');" onmouseout="hesk_btn(this,'orangebutton');" /></p>

	    </td>
		</tr>
		</table>
		</div>
	    <?php
    } // End IF submit_notice
    else
    {
	    ?>
        &nbsp;<br />&nbsp;<br />
		<table border="0" width="100%">
		<tr>
		<td style="text-align:right" width="150">&nbsp;</td>
		<td width="80%"><input type="hidden" name="token" value="<?php hesk_token_echo(); ?>" />
	    <input type="submit" value="<?php echo $hesklang['sub_ticket']; ?>" class="orangebutton"  onmouseover="hesk_btn(this,'orangebuttonover');" onmouseout="hesk_btn(this,'orangebutton');" /><br />
	    &nbsp;<br />&nbsp;</td>
		</tr>
		</table>
	    <?php
    } // End ELSE submit_notice
    ?>

	</form>

    <!-- END FORM -->
	</td>
	<td class="roundcornersright">&nbsp;</td>
</tr>
<tr>
	<td><img src="img/roundcornerslb.jpg" width="7" height="7" alt="" /></td>
	<td class="roundcornersbottom"></td>
	<td width="7" height="7"><img src="img/roundcornersrb.jpg" width="7" height="7" alt="" /></td>
</tr>
</table>

<?php

hesk_cleanSessionVars('iserror');
hesk_cleanSessionVars('isnotice');

} // End print_add_ticket()


function print_start()
{
	global $hesk_settings, $hesklang;

	if ($hesk_settings['kb_enable'])
	{
        require(HESK_PATH . 'inc/knowledgebase_functions.inc.php');
		require(HESK_PATH . 'inc/database.inc.php');
	    hesk_dbConnect();
	}

	/* Print header */
	require_once(HESK_PATH . 'inc/header.inc.php');

	?>

<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="3"><img src="img/headerleftsm.jpg" width="3" height="25" alt="" /></td>
<td class="headersm"><?php hesk_showTopBar($hesk_settings['hesk_title']); ?></td>
<td width="3"><img src="img/headerrightsm.jpg" width="3" height="25" alt="" /></td>
</tr>
</table>

<table width="100%" border="0" cellspacing="0" cellpadding="3">
<tr>
<td><span class="smaller"><a href="<?php echo $hesk_settings['site_url']; ?>" class="smaller"><?php echo $hesk_settings['site_title']; ?></a> &gt;
<?php echo $hesk_settings['hesk_title']; ?></span>
</td>

	<?php
    // Print small search box
    if ($hesk_settings['kb_enable'])
    {
    	hesk_kbSearchSmall();
    }
	?>
    
</tr>
</table>

</td>
</tr>
<tr>
<td>

	<?php
	// Print large search box
    if ($hesk_settings['kb_enable'])
    {
		hesk_kbSearchLarge();
    }
    // Knowledgebase disabled, print an empty line for formatting
    else
    {
    	echo '&nbsp;';
    }
	?>

<table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr>
<td width="50%">
<!-- START SUBMIT -->
	<table width="100%" border="0" cellspacing="0" cellpadding="0">
	<tr>
		<td width="7" height="7"><img src="img/roundcornerslt.jpg" width="7" height="7" alt="" /></td>
		<td class="roundcornerstop"></td>
		<td><img src="img/roundcornersrt.jpg" width="7" height="7" alt="" /></td>
	</tr>
	<tr>
		<td class="roundcornersleft">&nbsp;</td>
		<td>
	    <table width="100%" border="0" cellspacing="0" cellpadding="0">
	    <tr>
	    	<td width="1"><img src="img/newticket.png" alt="" width="60" height="60" /></td>
	        <td>
	        <p><b><a href="index.php?a=add"><?php echo $hesklang['sub_support']; ?></a></b><br />
            <?php echo $hesklang['open_ticket']; ?></p>
	        </td>
	    </tr>
	    </table>
		</td>
		<td class="roundcornersright">&nbsp;</td>
	</tr>
	<tr>
		<td><img src="img/roundcornerslb.jpg" width="7" height="7" alt="" /></td>
		<td class="roundcornersbottom"></td>
		<td width="7" height="7"><img src="img/roundcornersrb.jpg" width="7" height="7" alt="" /></td>
	</tr>
	</table>
<!-- END SUBMIT -->
</td>
<td width="1"><img src="img/blank.gif" width="5" height="1" alt="" /></td>
<td width="50%">
<!-- START VIEW -->
	<table width="100%" border="0" cellspacing="0" cellpadding="0">
	<tr>
		<td width="7" height="7"><img src="img/roundcornerslt.jpg" width="7" height="7" alt="" /></td>
		<td class="roundcornerstop"></td>
		<td><img src="img/roundcornersrt.jpg" width="7" height="7" alt="" /></td>
	</tr>
	<tr>
		<td class="roundcornersleft">&nbsp;</td>
		<td>
	    <table width="100%" border="0" cellspacing="0" cellpadding="0">
	    <tr>
	    	<td width="1"><img src="img/existingticket.png" alt="" width="60" height="60" /></td>
	        <td>
	        <p><b><a href="ticket.php"><?php echo $hesklang['view_existing']; ?></a></b><br />
            <?php echo $hesklang['vet']; ?></p>
	        </td>
	    </tr>
	    </table>
		</td>
		<td class="roundcornersright">&nbsp;</td>
	</tr>
	<tr>
		<td><img src="img/roundcornerslb.jpg" width="7" height="7" alt="" /></td>
		<td class="roundcornersbottom"></td>
		<td width="7" height="7"><img src="img/roundcornersrb.jpg" width="7" height="7" alt="" /></td>
	</tr>
	</table>
<!-- END VIEW -->
</td>
</tr>
</table>

<?php
if ($hesk_settings['kb_enable'])
{
	?>
	<br />

	<table width="100%" border="0" cellspacing="0" cellpadding="0">
	<tr>
		<td width="7" height="7"><img src="img/roundcornerslt.jpg" width="7" height="7" alt="" /></td>
		<td class="roundcornerstop"></td>
		<td><img src="img/roundcornersrt.jpg" width="7" height="7" alt="" /></td>
	</tr>
	<tr>
		<td class="roundcornersleft">&nbsp;</td>
		<td>

        <p><span class="homepageh3"><?php echo $hesklang['kb_text']; ?></span></p>

        <?php

        /* Get list of top articles */
        hesk_kbTopArticles($hesk_settings['kb_index_popart']);

        /* Get list of latest articles */
        hesk_kbLatestArticles($hesk_settings['kb_index_latest']);

        ?>

        <p>&raquo; <b><a href="knowledgebase.php"><?php echo $hesklang['viewkb']; ?></a></b></p>

		</td>
		<td class="roundcornersright">&nbsp;</td>
	</tr>
	<tr>
		<td><img src="img/roundcornerslb.jpg" width="7" height="7" alt="" /></td>
		<td class="roundcornersbottom"></td>
		<td width="7" height="7"><img src="img/roundcornersrb.jpg" width="7" height="7" alt="" /></td>
	</tr>
	</table>

    <br />
	<?php
}
// Knowledgebase disabled, let's just print some blank lines so page looks better
else
{
	?>
	<p>&nbsp;</p>
	<p>&nbsp;</p>
	<p>&nbsp;</p>
	<p>&nbsp;</p>
	<p>&nbsp;</p>
	<p>&nbsp;</p>
	<?php
}

	// Show a link to admin panel?
	if ($hesk_settings['alink'])
	{
		?>
		<p style="text-align:center"><a href="admin/" class="smaller"><?php echo $hesklang['ap']; ?></a></p>
		<?php
	}

} // End print_start()


function forgot_tid()
{
	global $hesk_settings, $hesklang;

	require(HESK_PATH . 'inc/email_functions.inc.php');

	$email = isset($_POST['email']) ? hesk_validateEmail($_POST['email'],'ERR',0) : '';

	if (empty($email))
	{
		hesk_process_messages($hesklang['enter_valid_email'],'ticket.php?remind=1&e='.$email);
		exit();
	}

	/* Prepare ticket statuses */
	$my_status = array(
	    0 => $hesklang['open'],
	    1 => $hesklang['wait_staff_reply'],
	    2 => $hesklang['wait_cust_reply'],
	    3 => $hesklang['closed'],
	    4 => $hesklang['in_progress'],
	    5 => $hesklang['on_hold'],
	);

	/* Get ticket(s) from database */
	require(HESK_PATH . 'inc/database.inc.php');
	hesk_dbConnect();

	/* Remind for open tickets only? */
    $open_sql = $hesk_settings['open_only'] ? "`status` != '3' AND " : '';

    /* SQL code for getting tickets */
	$sql = 'SELECT * FROM `'.hesk_dbEscape($hesk_settings['db_pfix']).'tickets` WHERE '.$open_sql.' '.hesk_dbFormatEmail($email);

    /* Show open tickets on top */
	$sql .= ' ORDER BY `status` ASC, `lastchange` DESC ';

	$res = hesk_dbQuery($sql);
	$num = hesk_dbNumRows($res);
	if ($num < 1)
	{
		if ($hesk_settings['open_only'])
        {
        	hesk_process_messages($hesklang['noopen'],'ticket.php?remind=1&e='.$email);
        }
        else
        {
        	hesk_process_messages($hesklang['tid_not_found'],'ticket.php?remind=1&e='.$email);
        }
	}

	$tid_list = '';
	$name = '';

    $email_param = $hesk_settings['email_view_ticket'] ? '&e='.rawurlencode($email) : '';

	while ($my_ticket=hesk_dbFetchAssoc($res))
	{
		$name = $name ? $name : $my_ticket['name'];
$tid_list .= "
$hesklang[trackID]: $my_ticket[trackid]
$hesklang[subject]: ".html_entity_decode($my_ticket['subject'])."
$hesklang[status]: ".$my_status[$my_ticket['status']]."
$hesk_settings[hesk_url]/ticket.php?track=$my_ticket[trackid]$email_param
";
	}

	/* Get e-mail message for customer */
	$msg = hesk_getEmailMessage('forgot_ticket_id','',0,0,1);
	$msg = str_replace('%%NAME%%',$name,$msg);
	$msg = str_replace('%%NUM%%',$num,$msg);
	$msg = str_replace('%%LIST_TICKETS%%',$tid_list,$msg);
	$msg = str_replace('%%SITE_TITLE%%',$hesk_settings['site_title'],$msg);
	$msg = str_replace('%%SITE_URL%%',$hesk_settings['site_url'],$msg);

    $subject = hesk_getEmailSubject('forgot_ticket_id');

	/* Send e-mail */
	hesk_mail($email, $subject, $msg);

	/* Show success message */
	$tmp  = '<b>'.$hesklang['tid_sent'].'!</b>';
	$tmp .= '<br />&nbsp;<br />'.$hesklang['tid_sent2'].'.';
	$tmp .= '<br />&nbsp;<br />'.$hesklang['check_spambox'];
	hesk_process_messages($tmp,'ticket.php?e='.$email,'SUCCESS');
	exit();

	/* Print header */
	$hesk_settings['tmp_title'] = $hesk_settings['hesk_title'] . ' - ' . $hesklang['tid_sent'];
	require_once(HESK_PATH . 'inc/header.inc.php');
	?>

<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="3"><img src="img/headerleftsm.jpg" width="3" height="25" alt="" /></td>
<td class="headersm"><?php hesk_showTopBar($hesklang['tid_sent']); ?></td>
<td width="3"><img src="img/headerrightsm.jpg" width="3" height="25" alt="" /></td>
</tr>
</table>

<table width="100%" border="0" cellspacing="0" cellpadding="3">
<tr>
<td><span class="smaller"><a href="<?php echo $hesk_settings['site_url']; ?>" class="smaller"><?php echo $hesk_settings['site_title']; ?></a> &gt;
<a href="<?php echo $hesk_settings['hesk_url']; ?>" class="smaller"><?php echo $hesk_settings['hesk_title']; ?></a>
&gt; <?php echo $hesklang['tid_sent']; ?></span></td>
</tr>
</table>

</td>
</tr>
<tr>
<td>

<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
	<td width="7" height="7"><img src="img/roundcornerslt.jpg" width="7" height="7" alt="" /></td>
	<td class="roundcornerstop"></td>
	<td><img src="img/roundcornersrt.jpg" width="7" height="7" alt="" /></td>
</tr>
<tr>
	<td class="roundcornersleft">&nbsp;</td>
	<td>

	<p>&nbsp;</p>
	<p align="center"><?php echo $hesklang['tid_sent2']; ?></p>
	<p align="center"><b><?php echo $hesklang['check_spambox']; ?></b></p>
	<p>&nbsp;</p>
	<p align="center"><a href="<?php echo $hesk_settings['hesk_url']; ?>"><?php echo $hesk_settings['hesk_title']; ?></a></p>
	<p>&nbsp;</p>

	</td>
	<td class="roundcornersright">&nbsp;</td>
</tr>
<tr>
	<td><img src="img/roundcornerslb.jpg" width="7" height="7" alt="" /></td>
	<td class="roundcornersbottom"></td>
	<td width="7" height="7"><img src="img/roundcornersrb.jpg" width="7" height="7" alt="" /></td>
</tr>
</table>

	<?php

    } // End forgot_tid()

?>

Wenn ich die Auth. an oberster Stelle einbinde egal wie , dann gehen manch andere Funktionen nicht mehr.

Kann mir wer helfen die Auth. umzubauen?

1. Das Login auf extra Seite ist aber die auth überprüfung trotzdem auf allen anderen seiten statt finden kann das wenn man nicht eingeloggt ist auf die login.php zurück kommt.
2. die $_SESSION["displayname"] trotzdem noch übernommen wird und genutz werden kann

Da
 
Warum nimmst du nicht einfach sonnen htaccess Zugriffschutz (Mit Authentifizierung)?

edit/ ok völlig verkackt, sorry. Ich dachte geht eifnach nur um ne möglich eifnache Zugriffsverwaltung....
 
Zuletzt bearbeitet:
Wäre das nicht die selbe Methode die ich schon hab ? Tut mir leid wenn ich das falsch sehe aber kann mir jemand aus dem Code den ich oben für die auth. Geposted hab ne Lösung bauen wie ich es beschrieben hatten? Ich bastel ja gerne aber ich sah es als letzte Lösung mal im Forum zu fragen ob jemand von euch das umsetzten kann was ich nicht hin bekomme.
 
Die frage die ich mir stelle: Was willst du mit dem LDAP? Bruaqchst du das? Und was willst du schützen?

Den ganzen "unteren" Code, also den in der zweiten Box oben?
 
Der Code aus der Zweiten Box ist von einem Ticket System,

Und ich will mit der Auth. über LDAP genau sicherstellen das der jenige der ein neues Ticket erstellt auch genau Diesen Namen zugeordnet bekommt welcher im Active Directory hinterlegt ist bei seiner Anmeldung. So das der jenige der ein neues Ticket aufmacht nicht selber einen Namen eintragen kann.

Verstehst du?
 
Das klingt dann schon eher nach dem größeren rechteverwaltungssystem mit PHP und einer Datenbank (MySQL).
Aber um ehrlich zu sein, verstehe ich das immer noch nicht genau.
Ein Name ist im "aktuellen Verzeichnis" hinterlegt? Benutzt du das Dateisystem als Datenspeicher?
 
Also das ganze ist ja im eigenem Netzwerk. Alle Benutzer im Active Directory sind ja auf dem Server hinterlegt. Benutzer Name: Maxm Vollständiger Name: Max Mustermann

Der Code der Auth. LDAP fragt ja genau das ab und wenn der benutzer im Active Directory vorhanden ist hat der jenige zugriff zu index.php und gleichzeitig wird der Vollständige Name der im AD hinterlegt wurde , wieder gegeben. Dieser Name soll dann bei der Ticketerstellung gleich als Name ausgegeben werden.

Ich könnte auch jeden Benutzer des Ticket Systems den Namen selber eingeben lassen bei der Ticket erstellung, doch dann währe nicht gewährleistet das der jenige überhaupt im AD hinterlegt ist und die nachverfolgung, wer nun genau das Ticket geschrieben hat wäre nicht gewährleistet.
 
Zuletzt bearbeitet:
Zurück