Added phplogin.php
This commit is contained in:
parent
326895dffd
commit
8dc358ded5
@ -37,7 +37,8 @@ slapd -h "ldap:/// ldapi:///" -u openldap -g openldap &
|
|||||||
SLAPD_PID=$!
|
SLAPD_PID=$!
|
||||||
sleep 8
|
sleep 8
|
||||||
|
|
||||||
# Full tree with root entry
|
# Full tree with root and users entries
|
||||||
|
echo "--> Creating base.ldif with root and user entries"
|
||||||
cat > /tmp/base.ldif <<EOF
|
cat > /tmp/base.ldif <<EOF
|
||||||
dn: ${LDAP_BASE_DN}
|
dn: ${LDAP_BASE_DN}
|
||||||
objectClass: top
|
objectClass: top
|
||||||
@ -75,6 +76,93 @@ homeDirectory: /home/marisa
|
|||||||
gecos: Marisa Kirisame
|
gecos: Marisa Kirisame
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
# Create phplogin.php with dynamic base DN
|
||||||
|
echo "--> Creating phplogin.php with full users support"
|
||||||
|
cat > /var/www/html/phplogin.php <<'EOF'
|
||||||
|
<?php
|
||||||
|
// Use the same logic as entrypoint.sh, but with better localhost handling
|
||||||
|
$raw_host = $_SERVER['HTTP_HOST'] ?? 'example.com';
|
||||||
|
$raw_host = preg_replace('/:\d+$/', '', $raw_host); // strip port if present
|
||||||
|
|
||||||
|
if ($raw_host === 'localhost' || $raw_host === '127.0.0.1') {
|
||||||
|
// When testing locally via http://localhost → assume default example.com
|
||||||
|
$base_dn = 'dc=example,dc=com';
|
||||||
|
} else {
|
||||||
|
// Normal case: build dc=... from real hostname
|
||||||
|
$host_parts = explode('.', $raw_host);
|
||||||
|
$base_dn = '';
|
||||||
|
foreach ($host_parts as $part) {
|
||||||
|
if ($part) $base_dn .= ($base_dn ? ',' : '') . 'dc=' . $part;
|
||||||
|
}
|
||||||
|
if (!$base_dn) $base_dn = 'dc=example,dc=com'; // ultimate fallback
|
||||||
|
}
|
||||||
|
|
||||||
|
$msg = '';
|
||||||
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||||
|
$username = trim($_POST['username'] ?? '');
|
||||||
|
$password = $_POST['password'] ?? '';
|
||||||
|
|
||||||
|
if ($username && $password) {
|
||||||
|
$ldap = ldap_connect("ldap://127.0.0.1:389");
|
||||||
|
if ($ldap) {
|
||||||
|
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||||
|
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
|
||||||
|
|
||||||
|
if (ldap_start_tls($ldap)) {
|
||||||
|
// First: try admin bind (no ou=People)
|
||||||
|
$admin_dn = "cn=admin,{$base_dn}";
|
||||||
|
if (@ldap_bind($ldap, $admin_dn, $password)) {
|
||||||
|
$msg = "<p style='color:green;font-weight:bold'>Login successful! Welcome <strong>admin</strong> (full privileges)</p>";
|
||||||
|
}
|
||||||
|
// Second: if not admin, try regular user
|
||||||
|
elseif (@ldap_bind($ldap, "uid={$username},ou=People,{$base_dn}", $password)) {
|
||||||
|
$msg = "<p style='color:green;font-weight:bold'>Login successful! Welcome {$username}</p>";
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$msg = "<p style='color:red'>Invalid credentials</p>";
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
$msg = "<p style='color:red'>StartTLS failed</p>";
|
||||||
|
}
|
||||||
|
ldap_close($ldap);
|
||||||
|
} else {
|
||||||
|
$msg = "<p style='color:red'>Could not connect to LDAP server</p>";
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
$msg = "<p style='color:red'>Please fill both fields</p>";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<title>ldapdock LDAP login</title>
|
||||||
|
<style>
|
||||||
|
body { font-family: Arial, sans-serif; max-width: 400px; margin: 100px auto; text-align: center; }
|
||||||
|
input, button { padding: 10px; margin: 5px; width: 100%; font-size: 16px; box-sizing: border-box; }
|
||||||
|
button { background: #007cba; color: white; border: none; cursor: pointer; }
|
||||||
|
.note { font-size: 0.9em; color: #666; }
|
||||||
|
</style>
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<h1>ldapdock login</h1>
|
||||||
|
<p>Server base DN: <strong><?= htmlspecialchars($base_dn) ?></strong></p>
|
||||||
|
<?= $msg ?>
|
||||||
|
<form method="post">
|
||||||
|
<input type="text" name="username" placeholder="Username (marisa or admin)" required autofocus>
|
||||||
|
<input type="password" name="password" placeholder="Password" required>
|
||||||
|
<button type="submit">Login</button>
|
||||||
|
</form>
|
||||||
|
<hr>
|
||||||
|
<div class="note">
|
||||||
|
<strong>Test accounts:</strong><br>
|
||||||
|
Regular user: <code>marisa</code> / password: <code>MarisaNewPass2025</code><br>
|
||||||
|
Admin user: <code>admin</code> / password: <code>admin</code>
|
||||||
|
</div>
|
||||||
|
</body>
|
||||||
|
</html>
|
||||||
|
EOF
|
||||||
|
|
||||||
ADMIN_DN="cn=admin,${LDAP_BASE_DN}"
|
ADMIN_DN="cn=admin,${LDAP_BASE_DN}"
|
||||||
ADMIN_PW="admin"
|
ADMIN_PW="admin"
|
||||||
|
|
||||||
@ -272,6 +360,7 @@ fi
|
|||||||
echo "--> ldapdock ready — OpenLDAP + Apache + PHP running"
|
echo "--> ldapdock ready — OpenLDAP + Apache + PHP running"
|
||||||
echo " → LDAP: 389/636"
|
echo " → LDAP: 389/636"
|
||||||
echo " → PHPinfo: https://localhost/info.php"
|
echo " → PHPinfo: https://localhost/info.php"
|
||||||
|
echo " → PHPlogin test: https://localhost/phplogin.php"
|
||||||
echo " → Shell: /bin/bash"
|
echo " → Shell: /bin/bash"
|
||||||
echo " → Exit with CTRL+D or 'exit' command"
|
echo " → Exit with CTRL+D or 'exit' command"
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user