session_start();
define("valid",1);
require_once("./configuration.php");
$conn=mysql_connect($hostname,$username,$password);
mysql_select_db($database,$conn);
$sql="set character_set_client='utf8'";
mysql_query($sql,$conn);
$sql="set character_set_connection='utf8'";
mysql_query($sql,$conn);
$sql="set character_set_database='utf8'";
mysql_query($sql,$conn);
$sql="set character_set_results='utf8'";
mysql_query($sql,$conn);
$sql="set character_set_server='utf8'";
mysql_query($sql,$conn);
$usrname=$_POST['username'];
$pass=md5($_POST['password']);
if($usrname!=""){
$sql="select * from user where username='$usrname'";
$result=mysql_query($sql,$conn);
if(@mysql_num_rows($result)>0){
$result_row=mysql_fetch_object($result);
mysql_free_result($result);
$mail=explode("@",$result_row->email);
$mail=$mail[0];
$ds=ldap_connect("202.12.97.29");
$r=ldap_bind($ds);
$sr=ldap_search($ds,"ou=khonkaen,o=kku", "cn=$mail");
$info = ldap_get_entries($ds, $sr);
if('{MD5}'.base64_encode(mhash(MHASH_MD5,$_POST['password']))==$info[0]["userpassword"][0]){
$_SESSION['usrname']=$usrname;
$_SESSION['group_id']=$result_row->group_id;
$_SESSION['givenname']=$info[0]["givenname"][0];
$_SESSION['sn']=$info[0]["sn"][0];
$_SESSION['mail']=$info[0]["mail"][0];
$_SESSION['fullname']=$result_row->fullname;
echo "";
}
}
else{
$ds=ldap_connect("202.12.97.29");
$r=ldap_bind($ds);
$sr=ldap_search($ds,"ou=staff, ou=khonkaen,o=kku", "cn=$usrname");
$info = ldap_get_entries($ds, $sr);
if('{MD5}'.base64_encode(mhash(MHASH_MD5,$_POST['pass']))==$info[0]["userpassword"][0]){
$_SESSION['usrname']=$usrname;
$_SESSION['givenname']=$info[0]["givenname"][0];
$_SESSION['sn']=$info[0]["sn"][0];
$_SESSION['mail']=$info[0]["mail"][0];
$_SESSION['fullname']=$result_row->fullname;
echo "";
}
}
}
require_once("./templates/login.php");
?>