Restrict user-login

Andreas Hoedle hoedle@kwsoft.de
Thu, 12 Jul 2001 17:33:49 +0200

Previous message: Help please
Next message: Warning: File Upload Mime headers garbled - bug 611 or 694?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello

we have the aim to limit the users who can login with IMP. As i see on
the list-archives this point has discussed before but i found no
solution. I have tried to hack it by myself but not sure if i don't
broke something other. Can someone with greater insight in the IMP/HORDE
code tell if there is some obvious bug in this.

Many thanxs.

Taken from "horde/imp/mailbox.php3"

[--snip--]

/* Set or read session */
page_open(array('sess' => 'HordeSession'));
if (isset($actionID) && $actionID == IMP_LOGIN) {
  $imp = new ImpSession();
  $imp->construct();
  $sess->register('imp');
} else if (!isset($imp) || !is_object($imp)) {
  page_close();
  header('Location: ' . $sess->url('login.php3'));
  exit;
} else {
  $imp->unpickle();
}

/* WARNING HACKER-CODE */
/* NOT REALLY PROVEN AT ALL */
/* create a array of users which are able to login */
$darf_imp = array ("kw3075", "kw3204", "kw3093", "kw3083");
/* test if actual user is in array */
if (!in_array($imp->user, $darf_imp)) {
  sleep (5); /* on error delay some time */
  /* stuff copied from horde/lib/horde.lib */
  /* reject code in function authenticate */
  global $sess; 
  $sess->unregister('imp');
  $imp->relogin();
  exit;
}
/* from now original Code */

/* only proceed on a valid login */
$imp->authenticate();

/* indicates invalid login or expired login so skip all the crap below
*/
if (isset($imp->stream) && (!$imp->stream)) exit;
if (!isset($plural)) $plural = false;

[--snip--]



-- 
Andreas Hödle (Systemadministration)

Kühn & Weyh Software GmbH
Linnestr. 1-3
79110 Freiburg

WWW.KWSOFT.DE

Previous message: Help please
Next message: Warning: File Upload Mime headers garbled - bug 611 or 694?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]