centos / artwork-archive

Clone
Source Code
GIT

Blame Automation/Php/Webenv/admin/includes/classes/ldap.php

master
  1.   8f60cb68d9d2897b9e38cc72560f0ba2712dd723
  2.   Automation
  3.   Php
  4.   Webenv
  5.   admin
  6.   includes
  7.   classes
  8.   ldap.php
Blob History Raw
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
/**
Alain Reguera Delgado 8f60cb 
 * LDAP Access
Alain Reguera Delgado 8f60cb 
 *
Alain Reguera Delgado 8f60cb 
 * @category   Logic
Alain Reguera Delgado 8f60cb 
 * @package    CentOS-News
Alain Reguera Delgado 8f60cb 
 * @author     Alain Reguera Delgado <alain.reguera@gmail.com>
Alain Reguera Delgado 8f60cb 
 * @copyright  2009 - CentOS Artwork SIG.
Alain Reguera Delgado 8f60cb 
 * @license    GPL
Alain Reguera Delgado 8f60cb 
 */
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
class LDAP
Alain Reguera Delgado 8f60cb 
{
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
    var $ldapconn;
Alain Reguera Delgado 8f60cb 
    var $ldapbind;
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
    // LDAP Filter Attributes
Alain Reguera Delgado 8f60cb 
    var $filter_attrb                     = array();
Alain Reguera Delgado 8f60cb 
    var $filter_type                      = array();
Alain Reguera Delgado 8f60cb 
    var $filter_clean                     = array();
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
//-----------/* Class initializations
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
    function __construct()
Alain Reguera Delgado 8f60cb 
    {
Alain Reguera Delgado 8f60cb 
        // Open connection against ldap server
Alain Reguera Delgado 8f60cb 
        $this->ldapconn = ldap_connect(LDAP_HOST,LDAP_PORT) or die("Could not connect to " . LDAP_HOST . ".");
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Set protocol version to use
Alain Reguera Delgado 8f60cb 
        ldap_set_option($this->ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3) or die("Could not connect to server through LDAPv3.");
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Bind
Alain Reguera Delgado 8f60cb 
        $this->ldapbind = ldap_bind( $this->ldapconn, LDAP_ROOTDN, LDAP_ROOTPW );
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Initialize ldap filter attributes
Alain Reguera Delgado 8f60cb 
        $this->filter_attrb['cn']                   = 'cn';
Alain Reguera Delgado 8f60cb 
        $this->filter_attrb['uid']                  = 'uid';
Alain Reguera Delgado 8f60cb 
        $this->filter_attrb['employeetype']         = ucfirst(translate('employeetype'));
Alain Reguera Delgado 8f60cb 
        $this->filter_attrb['preferredlanguage']    = ucfirst(translate('language'));
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Initialize ldap filter Types
Alain Reguera Delgado 8f60cb 
        $this->filter_type['=']                     = '=';
Alain Reguera Delgado 8f60cb 
        $this->filter_type['~=']                    = '~=';
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Initialize ldap filter default
Alain Reguera Delgado 8f60cb 
        $this->filter_clean['attrb']                = 'preferredlanguage';
Alain Reguera Delgado 8f60cb 
        $this->filter_clean['type']                 = '=';
Alain Reguera Delgado 8f60cb 
        $this->filter_clean['value']                = LANGUAGE;
Alain Reguera Delgado 8f60cb 
    }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
//----------- Get entries from ldap server
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
    function get_entries( $filter )
Alain Reguera Delgado 8f60cb 
    {
Alain Reguera Delgado 8f60cb 
        // Return entries just if filter valid
Alain Reguera Delgado 8f60cb 
        $search = ldap_search($this->ldapconn,LDAP_DN,$filter);
Alain Reguera Delgado 8f60cb 
        $entries = ldap_get_entries($this->ldapconn,$search);
Alain Reguera Delgado 8f60cb 
        return $entries;
Alain Reguera Delgado 8f60cb 
    }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
//----------// Validate filter value input
Alain Reguera Delgado 8f60cb 
            // Sanitize filter pattern - Attributes
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
    function is_valid( $name , $value )
Alain Reguera Delgado 8f60cb 
    {
Alain Reguera Delgado 8f60cb 
        switch ( $name )
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            case 'uid':
Alain Reguera Delgado 8f60cb 
                $pattern = '/^([a-z0-9_]|\-|\.)+@(([a-z0-9_]|\-)+\.)+([a-z]{2,6})?$/';
Alain Reguera Delgado 8f60cb 
                break;
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
            case 'preferredlanguage':
Alain Reguera Delgado 8f60cb 
                $pattern = '/^[a-zA-Z]{2}$/';
Alain Reguera Delgado 8f60cb 
                break;
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
            case 'filtertype':
Alain Reguera Delgado 8f60cb 
                $pattern = '/^(=|~=)$/';
Alain Reguera Delgado 8f60cb 
                break;
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
            case 'employeetype':
Alain Reguera Delgado 8f60cb 
                $pattern = '/^(writer|administrator)$/';
Alain Reguera Delgado 8f60cb 
            break;
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
            default:
Alain Reguera Delgado 8f60cb 
                $pattern = '/^[a-zA-Z0-9_áéíóñúàçèé ]+$/';
Alain Reguera Delgado 8f60cb 
                break;
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        if ( isset( $pattern ) && preg_match( $pattern , $value ))
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            return true;
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb 
        else
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            return false;
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb 
    }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
//---------- Check filter attributes */
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
    function sanitize_filter_attribute()
Alain Reguera Delgado 8f60cb 
    {
Alain Reguera Delgado 8f60cb 
        $dirty = array();
Alain Reguera Delgado 8f60cb 
        $clean = array();
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Initialize dirty attribute
Alain Reguera Delgado 8f60cb 
        $dirty['attrb'] = $this->filter_clean['attrb'];
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Initialize clean attribute
Alain Reguera Delgado 8f60cb 
        $clean['attrb'] = $this->filter_clean['attrb'];
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Recover dirty attribute values from filter form
Alain Reguera Delgado 8f60cb 
        if ( isset( $_POST['attribute'] ) )
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            $dirty['attrb'] = $_POST['attribute'];
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Check dirty attribute
Alain Reguera Delgado 8f60cb 
        if ( array_key_exists( $dirty['attrb'], $this->filter_attrb ) )
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            // Attribute is not dirty any more. It passed validation.
Alain Reguera Delgado 8f60cb 
            $clean['attrb'] = $dirty['attrb'];
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        return $clean['attrb'];
Alain Reguera Delgado 8f60cb 
    }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
//---------- Check filter types
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
    function sanitize_filter_type()
Alain Reguera Delgado 8f60cb 
    {
Alain Reguera Delgado 8f60cb 
        $dirty = array();
Alain Reguera Delgado 8f60cb 
        $clean = array();
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        $dirty['type'] = $this->filter_clean['type'];
Alain Reguera Delgado 8f60cb 
        $clear['type'] = $this->filter_clean['type'];
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Recover dirty type values from filter form
Alain Reguera Delgado 8f60cb 
        if ( isset( $_POST['type'] ) )
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            $dirty['type'] = $_POST['type'];
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb 
        else
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            $dirty['type'] = $this->filter_clean['type'];
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Check dirty types
Alain Reguera Delgado 8f60cb 
        if ( array_key_exists( $dirty['type'], $this->filter_type ) )
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            // Type is not dirty any more. It passed validation.
Alain Reguera Delgado 8f60cb 
            $clean['type'] = $dirty['type'];
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        return $clean['type'];
Alain Reguera Delgado 8f60cb 
    }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
//---------- Sanitize filter value
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
    function sanitize_filter_value()
Alain Reguera Delgado 8f60cb 
    {
Alain Reguera Delgado 8f60cb 
        $dirty = array();
Alain Reguera Delgado 8f60cb 
        $clean = array();
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        $dirty['value'] = $this->filter_clean['value'];
Alain Reguera Delgado 8f60cb 
        $clean['value'] = $this->filter_clean['value'];
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Recover dirty value from filter form
Alain Reguera Delgado 8f60cb 
        if ( isset( $_POST['value'] ) )
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            $dirty['value'] = $_POST['value'];
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Sanitize dirty value, based on supplied attribe
Alain Reguera Delgado 8f60cb 
        $name  = $this->sanitize_filter_attribute();
Alain Reguera Delgado 8f60cb 
        $value = $dirty['value'];
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        if ( $this->is_valid( $name, $value ) )
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            // Value is not dirty any more. It passed validation.
Alain Reguera Delgado 8f60cb 
            $clean['value'] = $value;
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        return $clean['value'];
Alain Reguera Delgado 8f60cb 
    }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
//---------- Build ldap form filter
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
    function show_filter()
Alain Reguera Delgado 8f60cb 
    {
Alain Reguera Delgado 8f60cb 
        $clean = array();
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        $clean['attrb'] = $this->sanitize_filter_attribute();
Alain Reguera Delgado 8f60cb 
        $clean['type']  = $this->sanitize_filter_type();
Alain Reguera Delgado 8f60cb 
        $clean['value']  = $this->sanitize_filter_value();
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Start html form
Alain Reguera Delgado 8f60cb 
        $html = '
';
Alain Reguera Delgado 8f60cb 
        $html .= '<form name="filter" method="post" action="">';
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Build html form fileds. Start with some text
Alain Reguera Delgado 8f60cb 
        $html .= ucfirst(translate('filtering by')) . ': ';
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Build attributes' select form field
Alain Reguera Delgado 8f60cb 
        $html .= get_user_attrSelector();
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Build types' select form field
Alain Reguera Delgado 8f60cb 
        $html .= '<select name="type">';
Alain Reguera Delgado 8f60cb 
        foreach ($this->filter_type as $key => $value)
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            if ($clean['type'] == $key )
Alain Reguera Delgado 8f60cb 
            {
Alain Reguera Delgado 8f60cb 
                $html .= '<option selected value="'.$key.'">' . $value . '</option>';
Alain Reguera Delgado 8f60cb 
            }
Alain Reguera Delgado 8f60cb 
            else
Alain Reguera Delgado 8f60cb 
            {
Alain Reguera Delgado 8f60cb 
                $html .= '<option value="'.$key.'">' . $value . '</option>';
Alain Reguera Delgado 8f60cb 
            }
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb 
        $html .= '</select>';
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Build value's text form field
Alain Reguera Delgado 8f60cb 
        $html .= '<input type="text" name="value" value="'.$clean['value'].'">';
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Build submit form button
Alain Reguera Delgado 8f60cb 
        $html .= '<input type="submit" name="submit_filter" value="'.ucfirst(translate('filter')).'">';
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // End html form
Alain Reguera Delgado 8f60cb 
        $html .= '</form>';
Alain Reguera Delgado 8f60cb 
        $html .= '';
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        return $html;
Alain Reguera Delgado 8f60cb 
    }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
//---------- Build ldap filter string
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
    function build_filter_string()
Alain Reguera Delgado 8f60cb 
    {
Alain Reguera Delgado 8f60cb 
        $clean['attrb'] = $this->sanitize_filter_attribute();
Alain Reguera Delgado 8f60cb 
        $clean['type']  = $this->sanitize_filter_type();
Alain Reguera Delgado 8f60cb 
        $clean['value']  = $this->sanitize_filter_value();
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        return $clean['attrb'] . $clean['type'] . $clean['value'];
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
    }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
//----------- Check uniqueness of uid attribute */
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
    function is_uid_present( $uid )
Alain Reguera Delgado 8f60cb 
    {
Alain Reguera Delgado 8f60cb 
        // Verify that uid entry's value be unique
Alain Reguera Delgado 8f60cb 
        $filter     = 'uid=' . $uid;
Alain Reguera Delgado 8f60cb 
        $entry      = $this->get_entries($filter);
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        if ( $uid != '' && $entry['count'] == 1 )
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            return true;
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb 
        else
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            return false;
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb 
    }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
//---------- Prepare userPassword
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
    function prepare_userpassword( $userpassword )
Alain Reguera Delgado 8f60cb 
    {
Alain Reguera Delgado 8f60cb 
        $dirty['userpassword'] = $userpassword;
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        switch ( LDAP_PASSHASH )
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            case '{MD5}':
Alain Reguera Delgado 8f60cb 
            $clean['userpassword'] = LDAP_PASSHASH . base64_encode( pack( 'H*', md5( $dirty['userpassword'] ) ) );
Alain Reguera Delgado 8f60cb 
            break;
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
            case '{SHA}':
Alain Reguera Delgado 8f60cb 
            $clean['userpassword'] = LDAP_PASSHASH . base64_encode( pack( 'H*', sha1( $dirty['userpassword'] ) ) );
Alain Reguera Delgado 8f60cb 
            break;
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        return $clean['userpassword'];
Alain Reguera Delgado 8f60cb 
    }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
//-----------/* Verify modifiable attributes
Alain Reguera Delgado 8f60cb 
             /* Description : Generally used to redifine entry's input keys and values,
Alain Reguera Delgado 8f60cb 
             /*               based on is_valid() */
Alain Reguera Delgado 8f60cb 
             /*      $entry : is an array with entry's keys and values. */
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
    function sanitize_entry( $entry )
Alain Reguera Delgado 8f60cb 
    {
Alain Reguera Delgado 8f60cb 
        // Define attributes that can be modified
Alain Reguera Delgado 8f60cb 
        $fields = array('uid', 'cn','userpassword','displayname','preferredlanguage','employeetype');
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Verify and validate entry's attributes
Alain Reguera Delgado 8f60cb 
        foreach ( $fields as $key )
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            if ( isset( $entry[$key] ) && $this->is_valid( $key, $entry[$key] ) )
Alain Reguera Delgado 8f60cb 
            {
Alain Reguera Delgado 8f60cb 
                // Values that reach this point may be concider "clean".
Alain Reguera Delgado 8f60cb 
                $clean['entry'][$key] = $entry[$key];
Alain Reguera Delgado 8f60cb 
            }
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Return clean entry array or false
Alain Reguera Delgado 8f60cb 
        if ( isset( $clean['entry'] ) && is_array( $clean['entry'] ) )
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            return $clean['entry'];
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb 
        else
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            return false;
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb 
    }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
//----------/* Initialize useradd values.
Alain Reguera Delgado 8f60cb 
            /* Description: Used in the useradd form page to initiate form values.
Alain Reguera Delgado 8f60cb 
            /* $attribute : is an array with the related attributes to check. */
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
   function init_useradd_values( $attributes )
Alain Reguera Delgado 8f60cb 
   {
Alain Reguera Delgado 8f60cb 
        foreach ( $attributes as $key )
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            if ( ! isset( $_POST[$key] ) )
Alain Reguera Delgado 8f60cb 
            {
Alain Reguera Delgado 8f60cb 
                $entry[$key] = '';
Alain Reguera Delgado 8f60cb 
            }
Alain Reguera Delgado 8f60cb 
            else
Alain Reguera Delgado 8f60cb 
            {
Alain Reguera Delgado 8f60cb 
                if ( isset( $_POST[$key] ) && $this->is_valid($key, $_POST[$key]) )
Alain Reguera Delgado 8f60cb 
                {
Alain Reguera Delgado 8f60cb 
                    $entry[$key] = $_POST[$key];
Alain Reguera Delgado 8f60cb 
                }
Alain Reguera Delgado 8f60cb 
                else
Alain Reguera Delgado 8f60cb 
                {
Alain Reguera Delgado 8f60cb 
                    $entry[$key] = '';
Alain Reguera Delgado 8f60cb 
                }
Alain Reguera Delgado 8f60cb 
            }
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb 
        return $entry;
Alain Reguera Delgado 8f60cb 
   }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
//----------/* Initialize useradmin values and do action if submited
Alain Reguera Delgado 8f60cb 
            /* values are different from the actual one.
Alain Reguera Delgado 8f60cb 
            /* Description: used in the p_users.php to initiate form values.
Alain Reguera Delgado 8f60cb 
            /*        $id : is the name of the form identification.
Alain Reguera Delgado 8f60cb 
            /* $attribute : is an array with the related attributes to check. */
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
   function init_useradmin_values( $entry, $attributes, $action )
Alain Reguera Delgado 8f60cb 
   {
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // First loop to match b in x[b]
Alain Reguera Delgado 8f60cb 
        for ($i = 0; $i < $entry['count']; $i++)
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            if ( isset( $_POST['uid'][$i] ))
Alain Reguera Delgado 8f60cb 
            {
Alain Reguera Delgado 8f60cb 
                // Define entry id
Alain Reguera Delgado 8f60cb 
                $entry_new['uid'] = $entry[$i]['uid'][0];
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
                // Initialize entry cn
Alain Reguera Delgado 8f60cb 
                // Needed to update sn in the background.
Alain Reguera Delgado 8f60cb 
                $entry_new['cn'] = $entry[$i]['cn'][0];
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
                // Second loop to match x in x[b]
Alain Reguera Delgado 8f60cb 
                foreach ( $attributes as $key )
Alain Reguera Delgado 8f60cb 
                {
Alain Reguera Delgado 8f60cb 
                    // Reset entry value based on input
Alain Reguera Delgado 8f60cb 
                    if ( isset( $_POST[$key][$i] ) )
Alain Reguera Delgado 8f60cb 
                    {
Alain Reguera Delgado 8f60cb 
                        // Check it is a valid value
Alain Reguera Delgado 8f60cb 
                        if ( $this->is_valid( $key, $_POST[$key][$i] ) )
Alain Reguera Delgado 8f60cb 
                        {
Alain Reguera Delgado 8f60cb 
                            // ... and that it is different from the actual one
Alain Reguera Delgado 8f60cb 
                            if ( $_POST[$key][$i] != $entry[$i][$key][0] )
Alain Reguera Delgado 8f60cb 
                            {
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
                                $entry_new[$key] = $_POST[$key][$i];
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
                                // Prepare userPassword.
Alain Reguera Delgado 8f60cb 
                                // SECURITY: this attribute value should never
Alain Reguera Delgado 8f60cb 
                                // be verified with the previous one. If
Alain Reguera Delgado 8f60cb 
                                // verification is done you are providing a
Alain Reguera Delgado 8f60cb 
                                // way to "guess" the user password by trying
Alain Reguera Delgado 8f60cb 
                                // passwords until someone reject to update.
Alain Reguera Delgado 8f60cb 
                                // Not to critic but if you guess it at the
Alain Reguera Delgado 8f60cb 
                                // first try ;). Keep it unverifiable please.
Alain Reguera Delgado 8f60cb 
                                if ( $key == 'userpassword' )
Alain Reguera Delgado 8f60cb 
                                {
Alain Reguera Delgado 8f60cb 
                                    $newpasswd = $this->prepare_userpassword($_POST[$key][$i]);
Alain Reguera Delgado 8f60cb 
                                    $entry_new[$key] = $newpasswd;
Alain Reguera Delgado 8f60cb 
                                }
Alain Reguera Delgado 8f60cb 
                            }
Alain Reguera Delgado 8f60cb 
                        }
Alain Reguera Delgado 8f60cb 
                    }
Alain Reguera Delgado 8f60cb 
                }
Alain Reguera Delgado 8f60cb 
            }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
            // Do action if pressent
Alain Reguera Delgado 8f60cb 
            if ( isset( $entry_new ) )
Alain Reguera Delgado 8f60cb 
            {
Alain Reguera Delgado 8f60cb 
                $message = $this->do_action( $entry_new, $action );
Alain Reguera Delgado 8f60cb 
            }
Alain Reguera Delgado 8f60cb 
            else
Alain Reguera Delgado 8f60cb 
            {
Alain Reguera Delgado 8f60cb 
                $message = show_message(ucfirst(translate('nothing to do')), 'orange');
Alain Reguera Delgado 8f60cb 
            }
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        return $message;
Alain Reguera Delgado 8f60cb 
   }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
//-----------/*  Do actions (udpate|delete|add)
Alain Reguera Delgado 8f60cb 
             /*       $entry : is an array with the entry's key and value information.
Alain Reguera Delgado 8f60cb 
             /*      $action : is an string telling what to do with the $entry.
Alain Reguera Delgado 8f60cb 
             /*  Description : Actions are applied to just one entry at the same time. */
Alain Reguera Delgado 8f60cb 
             /*                The returned value is a message telling what happend with
Alain Reguera Delgado 8f60cb 
                               the action requested.*/
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
    function do_action( $entry, $action )
Alain Reguera Delgado 8f60cb 
    {
Alain Reguera Delgado 8f60cb 
        // Define Entry's DN
Alain Reguera Delgado 8f60cb 
        if ( isset( $entry['uid'] ) && $this->is_valid( 'uid', $entry['uid'] ) )
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            $dn = 'uid=' . $entry['uid'] . ',' . LDAP_DN;
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb 
        else
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            $message = show_message(ucfirst(translate('a valid uid is required')),'orange');
Alain Reguera Delgado 8f60cb 
            return $message;
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Define possible actions
Alain Reguera Delgado 8f60cb 
        $possible_actions = '/^(add|update|delete)$/';
Alain Reguera Delgado 8f60cb 
        if ( ! preg_match( $possible_actions, $action ) )
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            // There is nothing to do here so exit to finish action intention.
Alain Reguera Delgado 8f60cb 
            $message = show_message(ucfirst(translate('invalid action')), 'red');
Alain Reguera Delgado 8f60cb 
            return $message;
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        // Define what to do in each action's case
Alain Reguera Delgado 8f60cb 
        switch ( $action )
Alain Reguera Delgado 8f60cb 
        {
Alain Reguera Delgado 8f60cb 
            case 'update':
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
                // If there are valid values then do the update action.
Alain Reguera Delgado 8f60cb 
                if ( is_array( $entry ) )
Alain Reguera Delgado 8f60cb 
                {
Alain Reguera Delgado 8f60cb 
                    // Update sn attribute
Alain Reguera Delgado 8f60cb 
                    $entry['sn'] = preg_replace('/^([a-zA-Z0-9_]+ ?)/','', $entry['cn']);
Alain Reguera Delgado 8f60cb 
                    if ( $entry['sn'] == '' )
Alain Reguera Delgado 8f60cb 
                    {
Alain Reguera Delgado 8f60cb 
                        $message = show_message(ucfirst(translate('invalid cn')), 'orange');
Alain Reguera Delgado 8f60cb 
                        return $message;
Alain Reguera Delgado 8f60cb 
                    }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
                    if (ldap_modify($this->ldapconn, $dn, $entry))
Alain Reguera Delgado 8f60cb 
                    {
Alain Reguera Delgado 8f60cb 
                        $message = show_message(ucfirst(translate('data was updated successfully')), 'green');
Alain Reguera Delgado 8f60cb 
                    }
Alain Reguera Delgado 8f60cb 
                    else
Alain Reguera Delgado 8f60cb 
                    {
Alain Reguera Delgado 8f60cb 
                        $message = show_message(ucfirst(translate('data was not updated')), 'orange');
Alain Reguera Delgado 8f60cb 
                    }
Alain Reguera Delgado 8f60cb 
                }
Alain Reguera Delgado 8f60cb 
            break;
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
            // Delete Entry
Alain Reguera Delgado 8f60cb 
            case 'delete':
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
                // Delete Entry
Alain Reguera Delgado 8f60cb 
                if ( is_array( $entry ) )
Alain Reguera Delgado 8f60cb 
                {
Alain Reguera Delgado 8f60cb 
                    if ( ldap_delete( $this->ldapconn, $dn ) )
Alain Reguera Delgado 8f60cb 
                    {
Alain Reguera Delgado 8f60cb 
                        $message = show_message(ucfirst(translate('data was deleted successfully')), 'green');
Alain Reguera Delgado 8f60cb 
                    }
Alain Reguera Delgado 8f60cb 
                    else
Alain Reguera Delgado 8f60cb 
                    {
Alain Reguera Delgado 8f60cb 
                        $message = show_message(ucfirst(translate('data was not deleted')), 'orange');
Alain Reguera Delgado 8f60cb 
                    }
Alain Reguera Delgado 8f60cb 
                }
Alain Reguera Delgado 8f60cb 
            break;
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
            // Add Entry
Alain Reguera Delgado 8f60cb 
            case 'add':
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
                // Verify uid presence
Alain Reguera Delgado 8f60cb 
                if ( $this->is_uid_present( $entry['uid'] ) )
Alain Reguera Delgado 8f60cb 
                {
Alain Reguera Delgado 8f60cb 
                    // Abort this action commitment.
Alain Reguera Delgado 8f60cb 
                    $message = show_message(ucfirst(translate('user identifier already exists')), 'orange');
Alain Reguera Delgado 8f60cb 
                    return $message;
Alain Reguera Delgado 8f60cb 
                }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
                // Define and validate required attributes
Alain Reguera Delgado 8f60cb 
                $require_attrs = array('uid', 'userpassword', 'cn', 'displayname', 'preferredlanguage', 'employeetype');
Alain Reguera Delgado 8f60cb 
                foreach ( $require_attrs as $key )
Alain Reguera Delgado 8f60cb 
                {
Alain Reguera Delgado 8f60cb 
                    if ( !isset($entry[$key]) || ! $this->is_valid($key, $entry[$key]))
Alain Reguera Delgado 8f60cb 
                    {
Alain Reguera Delgado 8f60cb 
                        $message = show_message(ucfirst(translate('the field')) .' '. translate($key) .' ' . translate('requires a valid value') , 'orange');
Alain Reguera Delgado 8f60cb 
                        return $message;
Alain Reguera Delgado 8f60cb 
                    }
Alain Reguera Delgado 8f60cb 
                }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
                // Prepare userPassword and other attributes.
Alain Reguera Delgado 8f60cb 
                $entry['userpassword'] = $this->prepare_userpassword($entry['userpassword']);
Alain Reguera Delgado 8f60cb 
                $entry['objectclass']  = 'inetOrgPerson';
Alain Reguera Delgado 8f60cb 
                $entry['sn']           = preg_replace('/^([a-zA-Z0-9_]+ ?)/','', $entry['cn']);
Alain Reguera Delgado 8f60cb 
                if ( $entry['sn'] == '' )
Alain Reguera Delgado 8f60cb 
                {
Alain Reguera Delgado 8f60cb 
                    $message = show_message(ucfirst(translate('invalid cn')), 'orange');
Alain Reguera Delgado 8f60cb 
                    return $message;
Alain Reguera Delgado 8f60cb 
                }
Alain Reguera Delgado 8f60cb 
                $entry['mail']         = $entry['uid'];
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
                // If there are valid values then do the add action.
Alain Reguera Delgado 8f60cb 
                if ( ldap_add( $this->ldapconn, $dn, $entry ) )
Alain Reguera Delgado 8f60cb 
                {
Alain Reguera Delgado 8f60cb 
                    $message = show_message(ucfirst(translate('user added successfully')), 'green');
Alain Reguera Delgado 8f60cb 
                }
Alain Reguera Delgado 8f60cb 
                else
Alain Reguera Delgado 8f60cb 
                {
Alain Reguera Delgado 8f60cb 
                    $message = show_message(ucfirst(translate('user was not added')), 'orange');
Alain Reguera Delgado 8f60cb 
                }
Alain Reguera Delgado 8f60cb 
            break;
Alain Reguera Delgado 8f60cb 
        }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        return $message;
Alain Reguera Delgado 8f60cb 
    }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
//-------------------/*  Rename entry dn */
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
    function rename_dn( $olddn, $newdn, $newparent, $deleteoldrdn )
Alain Reguera Delgado 8f60cb 
    {
Alain Reguera Delgado 8f60cb 
        ldap_rename($this->ldapconn, $olddn, $newdn, $newparent, $deleteoldrdn );
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
        return true;
Alain Reguera Delgado 8f60cb 
    }
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
//-----------/* Display useradmin information
Alain Reguera Delgado 8f60cb 
             /* Description : Used in p_users.php
Alain Reguera Delgado 8f60cb 
             /*    $entries : is an array with the entries' keys and values. */
Alain Reguera Delgado 8f60cb
Alain Reguera Delgado 8f60cb 
    function show_useradmin_info( $entries )
Alain Reguera Delgado 8f60cb 
    {
Alain Reguera Delgado 8f60cb 
        $html = '
    ';
Alain Reguera Delgado 8f60cb 
        $html .= '
  • LDAP Host: ' . LDAP_HOST . '
    • ';
    Alain Reguera Delgado 8f60cb 
            $html .= '
  • Domain Component (dc): ' . LDAP_DN . '
    • ';
    Alain Reguera Delgado 8f60cb 
            $html .= '
  • ' . $this->show_filter() .'
    • ';
    Alain Reguera Delgado 8f60cb 
            $html .= '
  • ' . ucfirst(translate('results')) . ': '. $entries['count']; '
    • ';
    Alain Reguera Delgado 8f60cb 
            $html .= '';
    Alain Reguera Delgado 8f60cb
    Alain Reguera Delgado 8f60cb 
            return $html;
    Alain Reguera Delgado 8f60cb 
        }
    Alain Reguera Delgado 8f60cb
    Alain Reguera Delgado 8f60cb 
    //-------------------/*  Close connection */
    Alain Reguera Delgado 8f60cb
    Alain Reguera Delgado 8f60cb 
        function __destruct()
    Alain Reguera Delgado 8f60cb 
        {
    Alain Reguera Delgado 8f60cb 
            if ( isset( $this->ldapconn ) )
    Alain Reguera Delgado 8f60cb 
            {
    Alain Reguera Delgado 8f60cb 
                ldap_unbind( $this->ldapconn );
    Alain Reguera Delgado 8f60cb 
            }
    Alain Reguera Delgado 8f60cb 
        }
    Alain Reguera Delgado 8f60cb
    Alain Reguera Delgado 8f60cb 
    }
    Alain Reguera Delgado 8f60cb
    Alain Reguera Delgado 8f60cb 
    $ldap = new LDAP;
    Alain Reguera Delgado 8f60cb 
    ?>

    Powered by Pagure 5.14.1

    SSH Hostkey/Fingerprint | Documentation