Added special auth handling for admin@localhost.

This could be useful for LDAP installs where admin account
does not exist in LDAP directory or is misconfigured.

diff --git a/WEB-INF/lib/auth/Auth_db.class.php b/WEB-INF/lib/auth/Auth_db.class.php
index 7475e6b..40743b4 100644 (file)
--- a/WEB-INF/lib/auth/Auth_db.class.php
+++ b/WEB-INF/lib/auth/Auth_db.class.php
@@ -41,10 +41,10 @@ class Auth_db extends Auth {
    */
   function authenticate($login, $password)
   {
-       $mdb2 = getConnection();
-       
-       // Try md5 password match first.
-       $sql = "SELECT id FROM tt_users 
+    $mdb2 = getConnection();
+
+    // Try md5 password match first.
+    $sql = "SELECT id FROM tt_users
       WHERE login = ".$mdb2->quote($login)." AND password = md5(".$mdb2->quote($password).") AND status = 1";
 
     $res = $mdb2->query($sql);
@@ -77,8 +77,23 @@ class Auth_db extends Auth {
       if ($val['id'] > 0) {
         return array('login'=>$login,'id'=>$val['id']);
       }
-      return false;
     }
+
+    // Special handling for admin@localhost - search for an account with admin role with a matching password.
+    if ($login == 'admin@localhost') {
+      $sql = "SELECT id, login FROM tt_users
+        WHERE role = 1024 AND password = md5(".$mdb2->quote($password).") AND status = 1";
+      $res = $mdb2->query($sql);
+      if (is_a($res, 'PEAR_Error')) {
+        die($res->getMessage());
+      }
+      $val = $res->fetchRow();
+      if ($val['id'] > 0) {
+        return array('login'=>$val['login'],'id'=>$val['id']);
+      }
+    }
+
+    return false;
   }
 
   function isPasswordExternal() {

diff --git a/WEB-INF/lib/auth/Auth_ldap.class.php b/WEB-INF/lib/auth/Auth_ldap.class.php
index 25d375b..b3f5d52 100644 (file)
--- a/WEB-INF/lib/auth/Auth_ldap.class.php
+++ b/WEB-INF/lib/auth/Auth_ldap.class.php
@@ -78,6 +78,13 @@ class Auth_ldap extends Auth {
    */
   function authenticate($login, $password)
   {
+    // Special handling for admin@localhost - authenticate against db, not ldap.
+    // It is a fallback mechanism when admin account in LDAP directory does not exist or is misconfigured.
+    if ($login == 'admin@localhost') {
+        import('auth.Auth_db');
+        return Auth_db::authenticate($login, $password);
+    }
+
     if (!function_exists('ldap_bind')) {
       die ('php_ldap extension not loaded!');
     }

diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl
index eeab789..c93ca09 100644 (file)
--- a/WEB-INF/templates/footer.tpl
+++ b/WEB-INF/templates/footer.tpl
@@ -12,7 +12,7 @@
       <br>
       <table cellspacing="0" cellpadding="4" width="100%" border="0">
         <tr>
-          <td align="center">&nbsp;Anuko Time Tracker 1.9.19.3442 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
+          <td align="center">&nbsp;Anuko Time Tracker 1.9.20.3443 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
             <a href="https://www.anuko.com/lp/tt_4.htm" target="_blank">{$i18n.footer.credits}</a> |
             <a href="https://www.anuko.com/lp/tt_5.htm" target="_blank">{$i18n.footer.license}</a> |
             <a href="https://www.anuko.com/lp/tt_7.htm" target="_blank">{$i18n.footer.improve}</a>