zalez
09-27-2008, 11:21 PM
I decided to not use any type of CAPTCHA for spam but I needed something. After much consideration I choose to limit the posting of new tickets if you are off my network. I also wanted to give our users the option to post if they weren't on our network, so I added ldap authentication. The reason I didn't just go with ldap all around was to not bother anyone inside our network.
So in open.php around line 38-39 after require(CLIENTINC_DIR.'header.inc.php');
//grab client ip address and split it in to an array
$ipaddress = explode(".", $_SERVER['REMOTE_ADDR']);
/* check first two numbers of address and see if it is in our network (you can check the third if you are
dealing with only one subnet */
if ($ipaddress[0] == "192" && $ipaddress[1] == "168"){
//the address matches our network, show the open ticket page.
require(CLIENTINC_DIR.$inc);
} else {
//the address is outside our network, check and see if we have our ldap session
if (!isset($_SESSION['fullname'])) {
//ldap session not set, let's prompt the error and give the opportunity to use ldap to authenticate
print "<br /><br /><br /><center><h2>Out of network error</h2><br />Our support system requires you to be on our network in order to submit a ticket. <br />You may choose to authenticate using your Novell credentials.<br /> <a href=\"ldap.php?referer=open\" style=\"font-weight:bold; font-size:14px;\">Novell Login</a>.<br /><br />If Novell authentication fails, please call tech support.</center><br /><br /><br /><br />";
} else {
//our ldap authentication succeeded, proceed
require(CLIENTINC_DIR.$inc);
}
}
The code above replaced this line (line 40ish) require(CLIENTINC_DIR.$inc);
I also am including the ldap.php file with images as an attachment. Most likely this will not work by just dropping it in and will need to be altered significantly to work with your ldap server. It does give you the idea on how to use php to access ldap. Be sure that you have the php_ldap.dll in your php extensions folder and it must also be an enabled extension in your php.ini file.
There is also a sql file for the database that I use to store my container info for my ldap server.
On a side note, if you don't know what "O", "OU" or "CN" means, than most likely you will not be able to implement this. I am not trying to be mean, just honest.
So in open.php around line 38-39 after require(CLIENTINC_DIR.'header.inc.php');
//grab client ip address and split it in to an array
$ipaddress = explode(".", $_SERVER['REMOTE_ADDR']);
/* check first two numbers of address and see if it is in our network (you can check the third if you are
dealing with only one subnet */
if ($ipaddress[0] == "192" && $ipaddress[1] == "168"){
//the address matches our network, show the open ticket page.
require(CLIENTINC_DIR.$inc);
} else {
//the address is outside our network, check and see if we have our ldap session
if (!isset($_SESSION['fullname'])) {
//ldap session not set, let's prompt the error and give the opportunity to use ldap to authenticate
print "<br /><br /><br /><center><h2>Out of network error</h2><br />Our support system requires you to be on our network in order to submit a ticket. <br />You may choose to authenticate using your Novell credentials.<br /> <a href=\"ldap.php?referer=open\" style=\"font-weight:bold; font-size:14px;\">Novell Login</a>.<br /><br />If Novell authentication fails, please call tech support.</center><br /><br /><br /><br />";
} else {
//our ldap authentication succeeded, proceed
require(CLIENTINC_DIR.$inc);
}
}
The code above replaced this line (line 40ish) require(CLIENTINC_DIR.$inc);
I also am including the ldap.php file with images as an attachment. Most likely this will not work by just dropping it in and will need to be altered significantly to work with your ldap server. It does give you the idea on how to use php to access ldap. Be sure that you have the php_ldap.dll in your php extensions folder and it must also be an enabled extension in your php.ini file.
There is also a sql file for the database that I use to store my container info for my ldap server.
On a side note, if you don't know what "O", "OU" or "CN" means, than most likely you will not be able to implement this. I am not trying to be mean, just honest.