[Last Call] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 376
  • Last Modified:

Getting Logged on Users Email | NTLM/Apache/PHP

I'm using the script below to get the logged on users details in apache. It works a treat.

I was curious as to whether it was possible to get the logged on users email address from this as well?

What other info can I pull? First name and last name?

$headers = apache_request_headers();

if (!isset($headers['Authorization'])){
        header('HTTP/1.1 401 Unauthorized');
        header('WWW-Authenticate: NTLM');

$auth = $headers['Authorization'];

if (substr($auth,0,5) == 'NTLM ') {
        $msg = base64_decode(substr($auth, 5));
        if (substr($msg, 0, 8) != "NTLMSSP\x00")
                die('error header not recognised');

        if ($msg[8] == "\x01") {
                $msg2 = "NTLMSSP\x00\x02"."\x00\x00\x00\x00". // target name len/alloc
                        "\x00\x00\x00\x00". // target name offset
                        "\x01\x02\x81\x01". // flags
                        "\x00\x00\x00\x00\x00\x00\x00\x00". // challenge
                        "\x00\x00\x00\x00\x00\x00\x00\x00". // context
                        "\x00\x00\x00\x00\x30\x00\x00\x00"; // target info len/alloc/offset

                header('HTTP/1.1 401 Unauthorized');
                header('WWW-Authenticate: NTLM '.trim(base64_encode($msg2)));
        else if ($msg[8] == "\x03") {
                function get_msg_str($msg, $start, $unicode = true) {
                        $len = (ord($msg[$start+1]) * 256) + ord($msg[$start]);
                        $off = (ord($msg[$start+5]) * 256) + ord($msg[$start+4]);
                        if ($unicode)
                                return str_replace("\0", '', substr($msg, $off, $len));
                                return substr($msg, $off, $len);
                $user = get_msg_str($msg, 36);
                $domain = get_msg_str($msg, 28);
                $workstation = get_msg_str($msg, 44);

                print "You are $user from $workstation.$domain";

Open in new window

1 Solution
Gerwin Jansen, EE MVETopic Advisor Commented:
See here: http://davenport.sourceforge.net/ntlm.html - look for 'Type 3 Message' - looks if there is no email address there, sorry.
Ray PaseurCommented:
Why not just ask your users to provide the email address they want you to use?  That would seem easy and it would comply with the laws about spam since they could have the option to say, "No Email."
jaxstormAuthor Commented:

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now