|
|
Hi, to use this simple authenticator you only need to do this:
1.- Configure your PHP to work with register_globals Off
2.- Create a folder in your root web with name secure
3.- modify the config.php file to yours needs
4.- On every page that you need security use this ..
include ("secure/lock.php") make any changue to the path as needed
5.- go to login pague and go in...
Your exchange server must have LDAP protocol running, the
main script is this..
| <?php
include ("config.php");
session_start();
{
$strforIMAP = "{" . $authServer . ":143}";
//here we can chenge to other autentications methods
$mbox = @imap_open($strforIMAP, $_POST['login'], $_POST['password']);
if ($mbox=="") $UsuarioValido = false;
else $UsuarioValido = true;
@imap_close($mbox);
if ($UsuarioValido==true)
{
$secreto= $_SERVER['REMOTE_ADDR'] . $_POST['login'] . session_id();
$_SESSION['login'] = $_POST['login'];
$_SESSION['secreto'] = $secreto;
if ($_POST['urlToGo']=="") $_POST['urlToGo'] = $DefaultInURL;
header ("Location: HTTP://" .$ServidorName . $_POST['urlToGo']);
exit (0);
}
elseif (($_POST['login']=="") || ($_POST['password']==""))
{
header("Location: HTTP://$ServidorName/secure/login.php?error=A0003");
exit (0);
}
else
{
header("Location: HTTP://$ServidorName/secure/login.php?error=A0002");
exit (0);
}
$cnx->close();
}
?> | |
i hope this can be usefull.
David Perez |
|
| A simple PHP login script that you can modify to suite your needs. It use a session to store data in a session file submited by the page.
Categories : PHP, Sessions, Security, Authentication | | | Form Security - Match A Value For Success
Categories : PHP, Authentication, HTML and PHP, Sessions, Security | | | session out Timer
Categories : PHP, Sessions, Security, Beginner Guides | | | PHP Function to Encrypt/Decrypt a string without a known key. The string itself has his own different key for every character.
Categories : PHP, Algorithms, Security, Authentication, Encryption | | | CAPTCHA[Image verification]
Categories : PHP, Security, GD image library, Graphics, Sessions | | | Session Validation Methods (Security Checks)
Categories : PHP, Sessions, Security | | | Securing Web Forms with Simple PHP-CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart)
Categories : PHP, Security, GD image library, Sessions | | | phpSecurePages is a PHP module to secures pages with a loginname and
password. It handles multiple user groups (each has own viewing rights),
store data in a MySQL database or a configuration file, and can be used to
identify Web site viewers.
Categories : PHP, Security, Authentication | | | Basic Authentication with sessions
Categories : PHP, Beginner Guides, Authentication, Form Processing, Sessions | | | Function to generate readable/remeberable random password
Categories : PHP, Security, Security | | | Authentication script to authenticate users in Active Directory through LDAP.
Categories : LDAP, Authentication, Cookies, PHP | | | A damaged image generator (class) for validating text.
CAPTCHA - Completely Automated Public Turing test to tell Computers and Humans Apart
Categories : PHP, PHP Classes, Security, GD image library, Security | | | Use of bitmasks to represent permissions
Categories : PHP, Authentication, Bitwise Operators, Security, PHP Classes | | | A login page that require username, password and userlevel.
Categories : PHP, Security, Sessions, MySQL, Databases | | | Password using php, Javascript, and html form
Categories : Security, PHP, Authentication, Java Script | |
| |
| | | | | Jose Santos wrote :1060
This is very useful to security in the Web.
I`ve develloped an security system based in database, and this use XML.
It`s very secure and improve administration, audit, autentication and another proceeds for best security. I`m used php sessions.
But LDAP, is usualy the more useful !!
| |
|
|
