Online PHP and Javascript Decoder decode hidden script to uncover its real functionality


Show other level

defined("_JEXEC") or die("Restricted access");
use Joomla\CMS\Factory;
require_once JPATH_ADMINISTRATOR . DIRECTORY_SEPARATOR . "components" . DIRECTORY_SEPARATOR . "com_miniorange_dirsync" . DIRECTORY_SEPARATOR . "helpers" . DIRECTORY_SEPARATOR . "mo_ldap_utility.php";
require_once JPATH_ADMINISTRATOR . "/components/com_miniorange_dirsync/helpers/MoLdapLogger.php";
if (!defined("_JEXEC")) {
    goto W_;
}
class plgauthenticationmoldap extends JPlugin
{
    function onUserAuthenticate($G6, $qm, &$SH)
    {
        $N0 = JFactory::getApplication("site");
        $o8 = MoLdapUtility::mo_ldap_get_details("#__miniorange_ldap_customer");
        $rp = trim($G6["username"]);
        $oT = $G6["password"];
        if (!($oT == '' || $oT == " ")) {
            goto ZB;
        }
        $SH->status = JAuthentication::STATUS_FAILURE;
        $N0->enqueueMessage("Kindly please enter the password.", "warning");
        MoLdapLogger::addLog("Authentication failed: Empty password provided", "warning", "ldap-authentication");
        return;
        ZB:
        if (!($o8["ldap_login"] == "ch")) {
            goto CR;
        }
        $pH = MoLdapUtility::moLdapFetchDb("#__miniorange_dirsync_config", TRUE, "loadAssocList");
        $Yl = JFilterInput::getInstance();
        $ea = $Yl->clean($rp, "username");
        $VP = $oT;
        foreach ($pH as $EM) {
            $qs = isset($EM["ldap_server_url"]) ? MoLdapUtility::mo_ldap_decrypt($EM["ldap_server_url"]) : '';
            $Nw = htmlspecialchars($qs, ENT_QUOTES, "UTF-8");
            $Q0 = self::moLdapGetConnection($Nw);
            if ($Q0) {
                goto NA;
            }
            MoLdapLogger::addLog("Failed to connect to LDAP server: {$Nw}", "error", "ldap-authentication");
            goto wm;
            NA:
            if (!$Q0) {
                goto OU;
            }
            MoLdapLogger::addLog("Connected to LDAP server: {$Nw}", "info", "ldap-authentication");
            $ok = isset($EM["service_account_dn"]) ? MoLdapUtility::mo_ldap_decrypt($EM["service_account_dn"]) : '';
            $R1 = isset($EM["service_account_password"]) ? MoLdapUtility::mo_ldap_decrypt($EM["service_account_password"]) : '';
            $KO = isset($EM["search_base"]) ? MoLdapUtility::mo_ldap_decrypt($EM["search_base"]) : '';
            $s0 = explode(";", $KO);
            $cx = $EM["search_filter"];
            $CA = ldap_escape($ea, '', LDAP_ESCAPE_FILTER);
            $c1 = str_replace("?", $CA, $cx);
            $Wd = null;
            $Y1 = null;
            $V6 = null;
            $T6 = @ldap_bind($Q0, $ok, $R1);
            $Hz = ldap_error($Q0);
            $jN = '';
            $H0 = ldap_error($Q0);
            $ld = ldap_errno($Q0);
            $TK = MoLdapUtility::mo_ldap_error_type($ld);
            if (!($TK != "COM_MINIORANGE_SUCCESSFUL_CONNECTION")) {
                goto pz;
            }
            MoLdapLogger::addLog("LDAP bind error: {$Hz} ({$TK})", "error", "ldap-authentication");
            return $TK;
            pz:
            if (!(strtolower($Hz) == "success")) {
                goto E2;
            }
            MoLdapLogger::addLog("LDAP bind successful for service account", "info", "ldap-authentication");
            $mb = 0;
            AX:
            if (!($mb < count($s0))) {
                goto ud;
            }
            if (!ldap_search($Q0, $s0[$mb], $c1)) {
                goto Fe;
            }
            $Wd = ldap_search($Q0, $s0[$mb], $c1);
            $V6 = ldap_first_entry($Q0, $Wd);
            $Y1 = ldap_get_entries($Q0, $Wd);
            if (!$V6) {
                goto iR;
            }
            MoLdapLogger::addLog("Attempted user bind for DN: " . $Y1[0]["dn"], "info", "ldap-authentication");
            $jN = @ldap_bind($Q0, $Y1[0]["dn"], $VP);
            iR:
            if (!isset($Y1[0][$EM["email"]][0])) {
                goto aq;
            }
            $ux = $Yl->clean($Y1[0][$EM["email"]][0], "email");
            $VO = JMailHelper::isEmailAddress($ux);
            if (!$VO) {
                goto kk;
            }
            $Am = self::moLdapGetUserFromJoomla($ux);
            kk:
            aq:
            if (!(isset($Am) && $Am)) {
                goto bv;
            }
            $XR = JFactory::getDbo();
            $la = $XR->getQuery(true);
            $CY = array($XR->quoteName("user_already_exist") . " = " . $XR->quote(1));
            $vl = array($XR->quoteName("id") . " = " . $XR->quote($Am->id));
            $la->update($XR->quoteName("#__users"))->set($CY)->where($vl);
            $XR->setQuery($la);
            $XR->execute();
            bv:
            if (isset($jN) && $jN) {
                goto ef;
            }
            MoLdapLogger::addLog("User bind failed for DN: " . $Y1[0]["dn"], "warning", "ldap-authentication");
            goto RN;
            ef:
            MoLdapLogger::addLog("User authenticated successfully via LDAP: {$ea}", "success", "ldap-authentication");
            $SH->type = "Ldap";
            $SH->error_message = '';
            if (isset($Y1[0][$EM["name"]][0]) && $Y1[0][$EM["name"]][0] != NULL) {
                goto bt;
            }
            $dd = $Yl->clean($Y1[0]["givenname"][0] . " " . $Y1[0]["sn"][0], "string");
            $SH->fullname = $dd;
            goto ww;
            bt:
            $dd = $Yl->clean($Y1[0][$EM["name"]][0], "string");
            $SH->fullname = $dd;
            ww:
            $SH->username = $Y1[0][$EM["username"]][0];
            if (!isset($Y1[0][$EM["email"]][0])) {
                goto u0;
            }
            $gM = $Yl->clean($Y1[0][$EM["email"]][0]);
            $ll = JMailHelper::isEmailAddress($gM);
            if ($ll) {
                goto C_;
            }
            $SH->status = JAuthentication::STATUS_FAILURE;
            $N0->enqueueMessage("<strong>MOLDAP A04: </strong>In valid email attribute. The email attribute received is not an email attribute. Kindly reach out to your admin.", "warning");
            return;
            goto wx;
            C_:
            $SH->email = $gM;
            wx:
            u0:
            if (!empty($SH->email)) {
                goto zK;
            }
            $N0->enqueueMessage("<strong>MOLDAP A01:</strong> User email not retrieved. Contact your administrator for more details.", "warning");
            return;
            zK:
            if (!empty($SH->username)) {
                goto Li;
            }
            $N0->enqueueMessage("<strong>MOLDAP A02:</strong> Username not retrieved. Contact your administrator for more details.", "warning");
            return;
            Li:
            if (!empty($SH->fullname)) {
                goto hQ;
            }
            $N0->enqueueMessage("<strong>MOLDAP A03:</strong> User's name not retrieved. Contact your administrator for more details.", "warning");
            return;
            hQ:
            $SH->status = JAuthentication::STATUS_SUCCESS;
            MoLdapLogger::addLog("User sync details: Email = " . ($Y1[0][$EM["email"]][0] ?? "N/A") . ", Full Name = " . ($Y1[0][$EM["name"]][0] ?? "N/A"), "info", "ldap-authentication");
            goto Kc;
            RN:
            Fe:
            zj:
            $mb++;
            goto AX;
            ud:
            E2:
            ldap_close($Q0);
            OU:
            wm:
        }
        Kc:
        CR:
    }
    public static function moLdapGetConnection($qs)
    {
        $Q0 = ldap_connect($qs);
        if (!(version_compare(PHP_VERSION, "5.3.0") >= 0)) {
            goto Lv;
        }
        ldap_set_option($Q0, LDAP_OPT_NETWORK_TIMEOUT, 5);
        Lv:
        ldap_set_option($Q0, LDAP_OPT_PROTOCOL_VERSION, 3);
        ldap_set_option($Q0, LDAP_OPT_REFERRALS, 0);
        return $Q0;
    }
    public static function selectMaxOrdering($Li)
    {
        $XR = JFactory::getDbo();
        $la = $XR->getQuery(true);
        $la->select("MAX(ordering)");
        $la->from($XR->quoteName("#__user_profiles"));
        $la->where($XR->quoteName("user_id") . " = " . $XR->quote($Li));
        $XR->setQuery($la);
        $mh = $XR->loadResult();
        return isset($mh) && !empty($mh) ? $mh : "0";
    }
    public static function moLdapRedirectTheUserAtLogin()
    {
        $N0 = JFactory::getApplication();
        $o8 = MoLdapUtility::mo_ldap_get_details("#__miniorange_ldap_customer");
        if (empty($o8["redirect_url"])) {
            goto fg;
        }
        MoLdapLogger::addLog("LDAP login flow completed. Redirecting user.", "info", "ldap-authentication");
        $MQ = $o8["redirect_url"];
        $N0->redirect($MQ);
        fg:
    }
    public static function moLdapGetUserFromJoomla($ZZ)
    {
        $XR = JFactory::getDBO();
        $la = $XR->getQuery(true)->select("id")->from("#__users")->where("email=" . $XR->quote($ZZ));
        $XR->setQuery($la);
        $k2 = $XR->loadObject();
        return $k2;
    }
    public static function updateUserFieldAttributes($Li, $Y1, $i6)
    {
        MoLdapUtility::removeIfExistsUserId($Li);
        $i6 = json_decode($i6, true);
        foreach ($i6 as $CY) {
            $Z9 = $CY["attr_name"];
            $Z9 = MoLdapUtility::getIdFromFields($Z9);
            if (!$Z9) {
                goto AR;
            }
            $wV = $Y1[0][$CY["attr_value"]][0];
            $CW = new stdClass();
            $CW->field_id = $Z9->id;
            $CW->item_id = $Li;
            $CW->value = $wV;
            JFactory::getDbo()->insertObject("#__fields_values", $CW);
            AR:
            kS:
        }
        Ut:
    }
    public static function onUserAfterLogin()
    {
        MoLdapLogger::addLog("Starting onUserAfterLogin function.", "info", "ldap-authentication");
        $post = Factory::getApplication()->input->post->getArray();
        $Yl = JFilterInput::getInstance();
        $rp = $Yl->clean($post["username"], "username");
        $xi = JFactory::getUser();
        $pH = MoLdapUtility::moLdapFetchDb("#__miniorange_dirsync_config", TRUE, "loadAssocList");
        foreach ($pH as $EM) {
            $qs = isset($EM["ldap_server_url"]) ? MoLdapUtility::mo_ldap_decrypt($EM["ldap_server_url"]) : '';
            $Nw = htmlspecialchars($qs, ENT_QUOTES, "UTF-8");
            MoLdapLogger::addLog("Attempting LDAP connection to: {$Nw}", "info", "ldap-authentication");
            $Q0 = self::moLdapGetConnection($Nw);
            if ($Q0) {
                goto wv;
            }
            MoLdapLogger::addLog("Failed to connect to LDAP server: {$Nw}", "error", "ldap-authentication");
            goto KL;
            wv:
            if (!$Q0) {
                goto XH;
            }
            $ok = isset($EM["service_account_dn"]) ? MoLdapUtility::mo_ldap_decrypt($EM["service_account_dn"]) : '';
            $R1 = isset($EM["service_account_password"]) ? MoLdapUtility::mo_ldap_decrypt($EM["service_account_password"]) : '';
            $KO = isset($EM["search_base"]) ? MoLdapUtility::mo_ldap_decrypt($EM["search_base"]) : '';
            $s0 = explode(";", $KO);
            $cx = $EM["search_filter"];
            $CA = ldap_escape($rp, '', LDAP_ESCAPE_FILTER);
            $c1 = str_replace("?", $CA, $cx);
            $Wd = null;
            $Y1 = null;
            $V6 = null;
            $jN = '';
            $T6 = @ldap_bind($Q0, $ok, $R1);
            $Hz = ldap_error($Q0);
            $H0 = ldap_error($Q0);
            $ld = ldap_errno($Q0);
            $TK = MoLdapUtility::mo_ldap_error_type($ld);
            if (!($TK != "COM_MINIORANGE_SUCCESSFUL_CONNECTION")) {
                goto nA;
            }
            return $TK;
            nA:
            if (!(strtolower($Hz) == "success")) {
                goto ow;
            }
            $yg = 0;
            g5:
            if (!($yg < count($s0))) {
                goto ZW;
            }
            $Wd = ldap_search($Q0, $s0[$yg], $c1);
            if (!$Wd) {
                goto i6;
            }
            $V6 = ldap_first_entry($Q0, $Wd);
            $Y1 = ldap_get_entries($Q0, $Wd);
            if (!$V6) {
                goto tg;
            }
            if (!($Y1[0][$EM["username"]][0] && $Y1[0][$EM["email"]][0] && $Y1[0][$EM["name"]][0])) {
                goto Ws;
            }
            $Xy = $Yl->clean($Y1[0][$EM["username"]][0], "string");
            $rp = $Xy;
            $i3 = $Yl->clean($Y1[0][$EM["email"]][0], "email");
            $Db = $Yl->clean($Y1[0][$EM["name"]][0], "string");
            $ie = $Db;
            $XR = JFactory::getDbo();
            $la = $XR->getQuery(true);
            $CY = array($XR->quoteName("username") . " = " . $XR->quote($rp), $XR->quoteName("email") . " = " . $XR->quote($i3), $XR->quoteName("name") . " = " . $XR->quote($ie));
            $vl = array($XR->quoteName("id") . " = " . $XR->quote($xi->id));
            $la->update($XR->quoteName("#__users"))->set($CY)->where($vl);
            $XR->setQuery($la);
            $ft = $XR->execute();
            Ws:
            $XR = JFactory::getDbo();
            $la = $XR->getQuery(true);
            $la->select(array("profile_key", "profile_value", "ordering"));
            $la->from($XR->quoteName("#__user_profiles"));
            $la->where($XR->quoteName("user_id") . " =" . $XR->quote($xi->id));
            $XR->setQuery($la);
            $sN = $XR->loadRowList();
            if (!$sN) {
                goto B9;
            }
            $XR = JFactory::getDbo();
            $la = $XR->getQuery(true);
            $la->delete($XR->quoteName("#__user_profiles"));
            $la->where($XR->quoteName("user_id") . " =" . $XR->quote($xi->id));
            $XR->setQuery($la);
            $sN = $XR->execute();
            B9:
            $Zi = $EM["user_profile_attributes"];
            $Li = $xi->id;
            $mb = 0;
            if (!(isset($Zi) && !empty($Zi))) {
                goto hE;
            }
            $Zi = json_decode($Zi, true);
            $tq = self::selectMaxOrdering($Li);
            foreach ($Zi as $PY) {
                $Z9 = strtolower($PY["attr_name"]);
                $wV = strtolower($PY["attr_value"]);
                if (!isset($Y1[0][$wV][0])) {
                    goto c2;
                }
                if (is_array($Y1[0][$wV])) {
                    goto iA;
                }
                $wV = isset($Y1[0][$wV]) ? $Yl->clean($Y1[0][$wV][0], "string") : '';
                goto au;
                iA:
                $wV = isset($Y1[0][$wV][0]) ? $Yl->clean($Y1[0][$wV][0], "string") : '';
                au:
                $XR = JFactory::getDbo();
                $la = $XR->getQuery(true);
                $Mk = array("user_id", "profile_key", "profile_value", "ordering");
                $SP = array($Li, $XR->quote("profile." . $Z9), $XR->quote($wV), ++$tq);
                $la->insert($XR->quoteName("#__user_profiles"))->columns($XR->quoteName($Mk))->values(implode(",", $SP));
                $XR->setQuery($la);
                $XR->execute();
                MoLdapLogger::addLog("User profile updated for Joomla ID: " . $xi->id, "info", "ldap-authentication");
                c2:
                n7:
            }
            q1:
            hE:
            $rJ = isset($EM["user_field_attributes"]) ? $EM["user_field_attributes"] : '';
            if (empty($rJ)) {
                goto cY;
            }
            self::updateUserFieldAttributes($Li, $Y1, $rJ);
            cY:
            $vA = MoLdapUtility::moLdapFetchDb("#__miniorange_ldap_role_mapping", array("ldap_server_name" => $EM["ldap_server_name"]), "loadAssoc");
            $XR = JFactory::getDbo();
            $la = $XR->getQuery(true);
            $la->select("user_already_exist");
            $la->from($XR->quoteName("#__users"));
            $la->where($XR->quoteName("id") . " = " . $XR->quote($xi->id));
            $XR->setQuery($la);
            $tI = $XR->loadAssoc();
            if ($tI["user_already_exist"]) {
                goto uD;
            }
            $cD = $vA["mapping_value_default"];
            $NL = !isset($xi->groups[8]);
            if (!($vA["enable_ldap_role_mapping"] && $NL)) {
                goto uP;
            }
            MoLdapLogger::addLog("Assigning new user (ID: {$xi->id}) to default group: {$cD}", "info", "ldap-authentication");
            JUserHelper::addUserToGroup($xi->id, $cD);
            foreach ($xi->groups as $YC) {
                if (!($YC != $cD && $YC != "8")) {
                    goto Dm;
                }
                JUserHelper::removeUserFromGroup($xi->id, $YC);
                MoLdapLogger::addLog("Removing user (ID: {$xi->id}) from group: {$YC}", "info", "ldap-authentication");
                Dm:
                Z3:
            }
            qE:
            uP:
            uD:
            if (!(($tI["user_already_exist"] != 1 || $vA["disable_update_existing_users_role"] != 1) && $vA["enable_ldap_role_mapping"])) {
                goto mX;
            }
            $Xf = array("memberof");
            if (!isset($vA["mapping_memberof_attribute"])) {
                goto Lp;
            }
            $Xf = array($vA["mapping_memberof_attribute"]);
            Lp:
            $gu = $vA["role_mapping_key_value"];
            $gu = json_decode($gu, true);
            $bR = $vA["role_mapping_groupvalue"];
            $bR = json_decode($bR, true);
            $mb = 1;
            foreach ($gu as $Qz) {
                if (empty($Y1[0][$Xf[0]])) {
                    goto ao;
                }
                if (gettype($Y1[0][$Xf[0]]) == "array") {
                    goto cZ;
                }
                if (!(gettype($Y1[0][$Xf[0]]) == "string")) {
                    goto ee;
                }
                if (!(strcmp($Y1[0][$Xf[0]], $Qz) == 0)) {
                    goto zT;
                }
                JUserHelper::addUserToGroup($xi->id, $bR[$mb]);
                MoLdapLogger::addLog("Mapped user (ID: {$xi->id}) to group ID: {$bR[$mb]} via direct match with key: {$Qz}", "info", "ldap-authentication");
                zT:
                ee:
                goto uJ;
                cZ:
                if (!in_array($Qz, $Y1[0][$Xf[0]])) {
                    goto GK;
                }
                JUserHelper::addUserToGroup($xi->id, $bR[$mb]);
                MoLdapLogger::addLog("Mapped user (ID: {$xi->id}) to group ID: {$bR[$mb]} via key: {$Qz}", "info", "ldap-authentication");
                GK:
                uJ:
                ao:
                $mb++;
                rw:
            }
            iE:
            MoLdapLogger::addLog("LDAP role/group mapping applied for user ID: " . $xi->id, "info", "ldap-authentication");
            mX:
            self::moLdapRedirectTheUserAtLogin();
            goto BX;
            tg:
            i6:
            FI:
            $yg++;
            goto g5;
            ZW:
            ow:
            XH:
            KL:
        }
        BX:
    }
}
W_:

defined("_JEXEC") or die("Restricted access");
use Joomla\CMS\Factory;
require_once JPATH_ADMINISTRATORDIRECTORY_SEPARATOR . "components" . DIRECTORY_SEPARATOR . "com_miniorange_dirsync" . DIRECTORY_SEPARATOR . "helpers" . DIRECTORY_SEPARATOR . "mo_ldap_utilityphp";
require_once JPATH_ADMINISTRATOR . "/components/com_miniorange_dirsync/helpers/MoLdapLoggerphp";
if (!defined("_JEXEC")) {
    goto W_;
}
class plgauthenticationmoldap extends JPlugin
{
    function onUserAuthenticate($G6, $qm, &$SH)
    {
        $N0 = JFactory::getApplication("site");
        $o8 = MoLdapUtility::mo_ldap_get_details("#__miniorange_ldap_customer");
        $rp = trim($G6["username"]);
        $oT = $G6["password"];
        if (!($oT == '' || $oT == " ")) {
            goto ZB;
        }
        $SH->status = JAuthentication::STATUS_FAILURE;
        $N0->enqueueMessage("Kindly please enter the password.", "warning");
        MoLdapLogger::addLog("Authentication failed: Empty password provided", "warning", "ldap-authentication");
        return;
        ZB:
        if (!($o8["ldap_login"] == "ch")) {
            goto CR;
        }
        $pH = MoLdapUtility::moLdapFetchDb("#__miniorange_dirsync_config", TRUE, "loadAssocList");
        $Yl = JFilterInput::getInstance();
        $ea = $Yl->clean($rp, "username");
        $VP = $oT;
        foreach ($pH as $EM) {
            $qs = isset($EM["ldap_server_url"]) ? MoLdapUtility::mo_ldap_decrypt($EM["ldap_server_url"]) : '';
            $Nw = htmlspecialchars($qs, ENT_QUOTES, "UTF-8");
            $Q0 = self::moLdapGetConnection($Nw);
            if ($Q0) {
                goto NA;
            }
            MoLdapLogger::addLog("Failed to connect to LDAP server: {$Nw}", "error", "ldap-authentication");
            goto wm;
            NA:
            if (!$Q0) {
                goto OU;
            }
            MoLdapLogger::addLog("Connected to LDAP server: {$Nw}", "info", "ldap-authentication");
            $ok = isset($EM["service_account_dn"]) ? MoLdapUtility::mo_ldap_decrypt($EM["service_account_dn"]) : '';
            $R1 = isset($EM["service_account_password"]) ? MoLdapUtility::mo_ldap_decrypt($EM["service_account_password"]) : '';
            $KO = isset($EM["search_base"]) ? MoLdapUtility::mo_ldap_decrypt($EM["search_base"]) : '';
            $s0 = explode(";", $KO);
            $cx = $EM["search_filter"];
            $CA = ldap_escape($ea, '', LDAP_ESCAPE_FILTER);
            $c1 = str_replace("?", $CA, $cx);
            $Wd = null;
            
            $V6 = null;
            $T6 = @ldap_bind($Q0, $ok, $R1);
            $Hz = ldap_error($Q0);
            $jN = '';
            $H0 = ldap_error($Q0);
            $ld = ldap_errno($Q0);
            $TK = MoLdapUtility::mo_ldap_error_type($ld);
            if (!($TK != "COM_MINIORANGE_SUCCESSFUL_CONNECTION")) {
                goto pz;
            }
            MoLdapLogger::addLog("LDAP bind error: {$Hz} ({$TK})", "error", "ldap-authentication");
            return $TK;
            pz:
            if (!(strtolower($Hz) == "success")) {
                goto E2;
            }
            MoLdapLogger::addLog("LDAP bind successful for service account", "info", "ldap-authentication");
            $mb = 0;
            AX:
            if (!($mb < count($s0))) {
                goto ud;
            }
            if (!ldap_search($Q0, $s0[$mb], $c1)) {
                goto Fe;
            }
            $Wd = ldap_search($Q0, $s0[$mb], $c1);
            $V6 = ldap_first_entry($Q0, $Wd);
            
            if (!$V6) {
                goto iR;
            }
            MoLdapLogger::addLog("Attempted user bind for DN: n"["dn"], "info", "ldap-authentication");
            $jN = @ldap_bind($Q0, "n"["dn"], $VP);
            iR:
            if (!isset("n"[$EM["email"]][0])) {
                goto aq;
            }
            $ux = $Yl->clean("n"[$EM["email"]][0], "email");
            $VO = JMailHelper::isEmailAddress($ux);
            if (!$VO) {
                goto kk;
            }
            $Am = self::moLdapGetUserFromJoomla($ux);
            kk:
            aq:
            if (!(isset($Am) && $Am)) {
                goto bv;
            }
            $XR = JFactory::getDbo();
            $la = $XR->getQuery(true);
            $CY = array($XR->quoteName("user_already_exist") . " = " . $XR->quote(1));
            $vl = array($XR->quoteName("id") . " = " . $XR->quote($Am->id));
            $la->update($XR->quoteName("#__users"))->set($CY)->where($vl);
            $XR->setQuery($la);
            $XR->execute();
            bv:
            if (isset($jN) && $jN) {
                goto ef;
            }
            MoLdapLogger::addLog("User bind failed for DN: n"["dn"], "warning", "ldap-authentication");
            goto RN;
            ef:
            MoLdapLogger::addLog("User authenticated successfully via LDAP: {$ea}", "success", "ldap-authentication");
            $SH->type = "Ldap";
            $SH->error_message = '';
            if (isset("n"[$EM["name"]][0]) && "n"[$EM["name"]][0] != NULL) {
                goto bt;
            }
            $dd = $Yl->clean("n"["givenname"][0] . " n"["sn"][0], "string");
            $SH->fullname = $dd;
            goto ww;
            bt:
            $dd = $Yl->clean("n"[$EM["name"]][0], "string");
            $SH->fullname = $dd;
            ww:
            $SH->username = "n"[$EM["username"]][0];
            if (!isset("n"[$EM["email"]][0])) {
                goto u0;
            }
            $gM = $Yl->clean("n"[$EM["email"]][0]);
            $ll = JMailHelper::isEmailAddress($gM);
            if ($ll) {
                goto C_;
            }
            $SH->status = JAuthentication::STATUS_FAILURE;
            $N0->enqueueMessage("<strong>MOLDAP A04: </strong>In valid email attributeThe email attribute received is not an email attributeKindly reach out to your admin.", "warning");
            return;
            goto wx;
            C_:
            $SH->email = $gM;
            wx:
            u0:
            if (!empty($SH->email)) {
                goto zK;
            }
            $N0->enqueueMessage("<strong>MOLDAP A01:</strong> User email not retrievedContact your administrator for more details.", "warning");
            return;
            zK:
            if (!empty($SH->username)) {
                goto Li;
            }
            $N0->enqueueMessage("<strong>MOLDAP A02:</strong> Username not retrievedContact your administrator for more details.", "warning");
            return;
            Li:
            if (!empty($SH->fullname)) {
                goto hQ;
            }
            $N0->enqueueMessage("<strong>MOLDAP A03:</strong> User's name not retrievedContact your administrator for more details.", "warning");
            return;
            hQ:
            $SH->status = JAuthentication::STATUS_SUCCESS;
            MoLdapLogger::addLog("User sync details: Email = " . ("n"[$EM["email"]][0] ?? "N/A") . ", Full Name = " . ("n"[$EM["name"]][0] ?? "N/A"), "info", "ldap-authentication");
            goto Kc;
            RN:
            Fe:
            zj:
            $mb++;
            goto AX;
            ud:
            E2:
            ldap_close($Q0);
            OU:
            wm:
        }
        Kc:
        CR:
    }
    public static function moLdapGetConnection($qs)
    {
        $Q0 = ldap_connect($qs);
        if (!(version_compare(PHP_VERSION, "530") >= 0)) {
            goto Lv;
        }
        ldap_set_option($Q0, LDAP_OPT_NETWORK_TIMEOUT, 5);
        Lv:
        ldap_set_option($Q0, LDAP_OPT_PROTOCOL_VERSION, 3);
        ldap_set_option($Q0, LDAP_OPT_REFERRALS, 0);
        return $Q0;
    }
    public static function selectMaxOrdering($Li)
    {
        $XR = JFactory::getDbo();
        $la = $XR->getQuery(true);
        $la->select("MAX(ordering)");
        $la->from($XR->quoteName("#__user_profiles"));
        $la->where($XR->quoteName("user_id") . " = " . $XR->quote($Li));
        $XR->setQuery($la);
        $mh = $XR->loadResult();
        return isset($mh) && !empty($mh) ? $mh : "0";
    }
    public static function moLdapRedirectTheUserAtLogin()
    {
        $N0 = JFactory::getApplication();
        $o8 = MoLdapUtility::mo_ldap_get_details("#__miniorange_ldap_customer");
        if (empty($o8["redirect_url"])) {
            goto fg;
        }
        MoLdapLogger::addLog("LDAP login flow completedRedirecting user.", "info", "ldap-authentication");
        $MQ = $o8["redirect_url"];
        $N0->redirect($MQ);
        fg:
    }
    public static function moLdapGetUserFromJoomla($ZZ)
    {
        $XR = JFactory::getDBO();
        $la = $XR->getQuery(true)->select("id")->from("#__users")->where("email=" . $XR->quote($ZZ));
        $XR->setQuery($la);
        $k2 = $XR->loadObject();
        return $k2;
    }
    public static function updateUserFieldAttributes($Li, $Y1, $i6)
    {
        MoLdapUtility::removeIfExistsUserId($Li);
        $i6 = json_decode($i6, true);
        foreach ($i6 as $CY) {
            $Z9 = $CY["attr_name"];
            $Z9 = MoLdapUtility::getIdFromFields($Z9);
            if (!$Z9) {
                goto AR;
            }
            $wV = "n"[$CY["attr_value"]][0];
            $CW = new stdClass();
            $CW->field_id = $Z9->id;
            $CW->item_id = $Li;
            $CW->value = $wV;
            JFactory::getDbo()->insertObject("#__fields_values", $CW);
            AR:
            kS:
        }
        Ut:
    }
    public static function onUserAfterLogin()
    {
        MoLdapLogger::addLog("Starting onUserAfterLogin function.", "info", "ldap-authentication");
        $post = Factory::getApplication()->input->post->getArray();
        $Yl = JFilterInput::getInstance();
        $rp = $Yl->clean($post["username"], "username");
        $xi = JFactory::getUser();
        $pH = MoLdapUtility::moLdapFetchDb("#__miniorange_dirsync_config", TRUE, "loadAssocList");
        foreach ($pH as $EM) {
            $qs = isset($EM["ldap_server_url"]) ? MoLdapUtility::mo_ldap_decrypt($EM["ldap_server_url"]) : '';
            $Nw = htmlspecialchars($qs, ENT_QUOTES, "UTF-8");
            MoLdapLogger::addLog("Attempting LDAP connection to: {$Nw}", "info", "ldap-authentication");
            $Q0 = self::moLdapGetConnection($Nw);
            if ($Q0) {
                goto wv;
            }
            MoLdapLogger::addLog("Failed to connect to LDAP server: {$Nw}", "error", "ldap-authentication");
            goto KL;
            wv:
            if (!$Q0) {
                goto XH;
            }
            $ok = isset($EM["service_account_dn"]) ? MoLdapUtility::mo_ldap_decrypt($EM["service_account_dn"]) : '';
            $R1 = isset($EM["service_account_password"]) ? MoLdapUtility::mo_ldap_decrypt($EM["service_account_password"]) : '';
            $KO = isset($EM["search_base"]) ? MoLdapUtility::mo_ldap_decrypt($EM["search_base"]) : '';
            $s0 = explode(";", $KO);
            $cx = $EM["search_filter"];
            $CA = ldap_escape($rp, '', LDAP_ESCAPE_FILTER);
            $c1 = str_replace("?", $CA, $cx);
            $Wd = null;
            
            $V6 = null;
            $jN = '';
            $T6 = @ldap_bind($Q0, $ok, $R1);
            $Hz = ldap_error($Q0);
            $H0 = ldap_error($Q0);
            $ld = ldap_errno($Q0);
            $TK = MoLdapUtility::mo_ldap_error_type($ld);
            if (!($TK != "COM_MINIORANGE_SUCCESSFUL_CONNECTION")) {
                goto nA;
            }
            return $TK;
            nA:
            if (!(strtolower($Hz) == "success")) {
                goto ow;
            }
            $yg = 0;
            g5:
            if (!($yg < count($s0))) {
                goto ZW;
            }
            $Wd = ldap_search($Q0, $s0[$yg], $c1);
            if (!$Wd) {
                goto i6;
            }
            $V6 = ldap_first_entry($Q0, $Wd);
            
            if (!$V6) {
                goto tg;
            }
            if (!("n"[$EM["username"]][0] && "n"[$EM["email"]][0] && "n"[$EM["name"]][0])) {
                goto Ws;
            }
            $Xy = $Yl->clean("n"[$EM["username"]][0], "string");
            $rp = $Xy;
            $i3 = $Yl->clean("n"[$EM["email"]][0], "email");
            $Db = $Yl->clean("n"[$EM["name"]][0], "string");
            $ie = $Db;
            $XR = JFactory::getDbo();
            $la = $XR->getQuery(true);
            $CY = array($XR->quoteName("username") . " = " . $XR->quote($rp), $XR->quoteName("email") . " = " . $XR->quote($i3), $XR->quoteName("name") . " = " . $XR->quote($ie));
            $vl = array($XR->quoteName("id") . " = " . $XR->quote($xi->id));
            $la->update($XR->quoteName("#__users"))->set($CY)->where($vl);
            $XR->setQuery($la);
            $ft = $XR->execute();
            Ws:
            $XR = JFactory::getDbo();
            $la = $XR->getQuery(true);
            $la->select(array("profile_key", "profile_value", "ordering"));
            $la->from($XR->quoteName("#__user_profiles"));
            $la->where($XR->quoteName("user_id") . " =" . $XR->quote($xi->id));
            $XR->setQuery($la);
            $sN = $XR->loadRowList();
            if (!$sN) {
                goto B9;
            }
            $XR = JFactory::getDbo();
            $la = $XR->getQuery(true);
            $la->delete($XR->quoteName("#__user_profiles"));
            $la->where($XR->quoteName("user_id") . " =" . $XR->quote($xi->id));
            $XR->setQuery($la);
            $sN = $XR->execute();
            B9:
            $Zi = $EM["user_profile_attributes"];
            $Li = $xi->id;
            $mb = 0;
            if (!(isset($Zi) && !empty($Zi))) {
                goto hE;
            }
            $Zi = json_decode($Zi, true);
            $tq = self::selectMaxOrdering($Li);
            foreach ($Zi as $PY) {
                $Z9 = strtolower($PY["attr_name"]);
                $wV = strtolower($PY["attr_value"]);
                if (!isset("n"[$wV][0])) {
                    goto c2;
                }
                if (is_array("n"[$wV])) {
                    goto iA;
                }
                $wV = isset("n"[$wV]) ? $Yl->clean("n"[$wV][0], "string") : '';
                goto au;
                iA:
                $wV = isset("n"[$wV][0]) ? $Yl->clean("n"[$wV][0], "string") : '';
                au:
                $XR = JFactory::getDbo();
                $la = $XR->getQuery(true);
                $Mk = array("user_id", "profile_key", "profile_value", "ordering");
                $SP = array($Li, $XR->quote("profile." . $Z9), $XR->quote($wV), ++$tq);
                $la->insert($XR->quoteName("#__user_profiles"))->columns($XR->quoteName($Mk))->values(implode(",", $SP));
                $XR->setQuery($la);
                $XR->execute();
                MoLdapLogger::addLog("User profile updated for Joomla ID: " . $xi->id, "info", "ldap-authentication");
                c2:
                n7:
            }
            q1:
            hE:
            $rJ = isset($EM["user_field_attributes"]) ? $EM["user_field_attributes"] : '';
            if (empty($rJ)) {
                goto cY;
            }
            self::updateUserFieldAttributes($Li, $Y1, $rJ);
            cY:
            $vA = MoLdapUtility::moLdapFetchDb("#__miniorange_ldap_role_mapping", array("ldap_server_name" => $EM["ldap_server_name"]), "loadAssoc");
            $XR = JFactory::getDbo();
            $la = $XR->getQuery(true);
            $la->select("user_already_exist");
            $la->from($XR->quoteName("#__users"));
            $la->where($XR->quoteName("id") . " = " . $XR->quote($xi->id));
            $XR->setQuery($la);
            $tI = $XR->loadAssoc();
            if ($tI["user_already_exist"]) {
                goto uD;
            }
            $cD = $vA["mapping_value_default"];
            $NL = !isset($xi->groups[8]);
            if (!($vA["enable_ldap_role_mapping"] && $NL)) {
                goto uP;
            }
            MoLdapLogger::addLog("Assigning new user (ID: {$xi->id}) to default group: {$cD}", "info", "ldap-authentication");
            JUserHelper::addUserToGroup($xi->id, $cD);
            foreach ($xi->groups as $YC) {
                if (!($YC != $cD && $YC != "8")) {
                    goto Dm;
                }
                JUserHelper::removeUserFromGroup($xi->id, $YC);
                MoLdapLogger::addLog("Removing user (ID: {$xi->id}) from group: {$YC}", "info", "ldap-authentication");
                Dm:
                Z3:
            }
            qE:
            uP:
            uD:
            if (!(($tI["user_already_exist"] != 1 || $vA["disable_update_existing_users_role"] != 1) && $vA["enable_ldap_role_mapping"])) {
                goto mX;
            }
            $Xf = array("memberof");
            if (!isset($vA["mapping_memberof_attribute"])) {
                goto Lp;
            }
            $Xf = array($vA["mapping_memberof_attribute"]);
            Lp:
            $gu = $vA["role_mapping_key_value"];
            $gu = json_decode($gu, true);
            $bR = $vA["role_mapping_groupvalue"];
            $bR = json_decode($bR, true);
            $mb = 1;
            foreach ($gu as $Qz) {
                if (empty("n"["n"])) {
                    goto ao;
                }
                if (gettype("n"["n"]) == "array") {
                    goto cZ;
                }
                if (!(gettype("n"["n"]) == "string")) {
                    goto ee;
                }
                if (!(strcmp("n"["n"], $Qz) == 0)) {
                    goto zT;
                }
                JUserHelper::addUserToGroup($xi->id, $bR[$mb]);
                MoLdapLogger::addLog("Mapped user (ID: {$xi->id}) to group ID: {$bR[$mb]} via direct match with key: {$Qz}", "info", "ldap-authentication");
                zT:
                ee:
                goto uJ;
                cZ:
                if (!in_array($Qz, "n"["n"])) {
                    goto GK;
                }
                JUserHelper::addUserToGroup($xi->id, $bR[$mb]);
                MoLdapLogger::addLog("Mapped user (ID: {$xi->id}) to group ID: {$bR[$mb]} via key: {$Qz}", "info", "ldap-authentication");
                GK:
                uJ:
                ao:
                $mb++;
                rw:
            }
            iE:
            MoLdapLogger::addLog("LDAP role/group mapping applied for user ID: " . $xi->id, "info", "ldap-authentication");
            mX:
            self::moLdapRedirectTheUserAtLogin();
            goto BX;
            tg:
            i6:
            FI:
            $yg++;
            goto g5;
            ZW:
            ow:
            XH:
            KL:
        }
        BX:
    }
}
W_:



© 2023 Quttera Ltd. All rights reserved.