| <?php |
| |
| |
| |
| |
| |
| |
| |
| class LDAP |
| { |
| public $this_conn; |
| public $this_host; |
| public $this_port; |
| public $this_rootdn; |
| public $this_rootpw; |
| public $this_authschema; |
| public $this_basedn; |
| |
| |
| |
| |
| function __construct() |
| { |
| |
| $this->ldap_host = 'localhost'; |
| $this->ldap_port = '389'; |
| $this->ldap_rootdn = 'cn=manager,dc=example,dc=com'; |
| $this->ldap_rootpw = ''; |
| $this->ldap_authschema = '{MD5}'; |
| $this->ldap_basedn = 'ou=people,dc=example,dc=com'; |
| |
| |
| $config = array('ldap_host', 'ldap_port', 'ldap_rootdn', |
| 'ldap_rootpw', 'ldap_authschema','ldap_basedn'); |
| |
| foreach ( $config as $param ) |
| { |
| if ( ! isset($_SESSION[$param] ) ) |
| { |
| $_SESSION[$param] = $this->$param; |
| } |
| |
| $_SESSION[$param] = isset($_POST[$param])?$_POST[$param]:$_SESSION[$param]; |
| |
| $this->$param = $_SESSION[$param]; |
| } |
| |
| |
| if ( $this->ldap_host && $this->ldap_port ) |
| { |
| $this->ldap_conn = ldap_connect( $this->ldap_host, $this->ldap_port ); |
| } |
| |
| |
| ldap_set_option( $this->ldap_conn, LDAP_OPT_PROTOCOL_VERSION, 3); |
| } |
| |
| |
| |
| |
| function get_configForm( $disabled = "" ) |
| { |
| $htmlblock = array(); |
| |
| array_push( $htmlblock, |
| |
| '<h2>LDAP configuration:</h2>', '<dl>', |
| |
| '<dt>Host:</dt>', |
| '<dd><input type="text" name="ldap_host" value="'. $this->ldap_host . '" ' . $disabled . ' /></dd>', |
| |
| '<dt>Port:</dt>', |
| '<dd><input type="text" name="ldap_port" value="' . $this->ldap_port.'" ' . $disabled . ' /></dd>', |
| |
| '<dt>Bind DN:</dt>', |
| '<dd><input type="text" name="ldap_rootdn" value="'. $this->ldap_rootdn .'" size="50" ' . $disabled . ' /></dd>', |
| |
| '<dt>Base DN: </dt>', |
| '<dd><input type="text" name="ldap_basedn" value="' . $this->ldap_basedn . '" size="50" ' . $disabled . ' /></dd>', |
| |
| '<dt>Bind Password: </dt>', |
| '<dd><input type="password" name="ldap_rootpw" value="' . $this->ldap_rootpw.'" ' . $disabled . ' /></dd>', |
| |
| |
| '<dt>Schema: </dt>', |
| '<dd>', |
| '<select name="ldap_authschema" ' . $disabled . '>', |
| '<option value="{MD5}">{MD5}</option>', |
| '<option value="{SHA}">{SHA}</option>', |
| '</select>', |
| '</dd>', |
| |
| '</dl>'); |
| |
| return $htmlblock; |
| } |
| |
| |
| |
| |
| |
| function verify_configuration() |
| { |
| |
| } |
| |
| |
| |
| |
| function do_bind() |
| { |
| return ldap_bind( $this->ldap_conn, $this->ldap_rootdn, $this->ldap_rootpw ); |
| } |
| |
| |
| |
| |
| function is_uid_present( $uid ) |
| { |
| $filter = 'uid=' . $uid; |
| $result = ldap_search( $this->ldap_conn, $this->ldap_basedn, $filter); |
| $entry = ldap_get_entries( $this->ldap_conn, $result); |
| |
| if ( $uid != '' && $entry['count'] == 1 ) |
| { |
| return true; |
| } |
| else |
| { |
| return false; |
| } |
| } |
| |
| |
| |
| |
| function prepare_userpassword( $userpassword ) |
| { |
| $dirty['userpassword'] = $userpassword; |
| $clean['userpassword'] = ''; |
| |
| switch ( $this->ldap_authschema ) |
| { |
| case '{MD5}': |
| $clean['userpassword'] = '{MD5}' . base64_encode( pack( 'H*', md5( $dirty['userpassword'] ) ) ); |
| break; |
| |
| case '{SHA}': |
| $clean['userpassword'] = '{SHA}' . base64_encode( pack( 'H*', sha1( $dirty['userpassword'] ) ) ); |
| break; |
| } |
| |
| return $clean['userpassword']; |
| } |
| |
| |
| |
| |
| |
| function add_User( $entry ) |
| { |
| $this_entry = array(); |
| |
| |
| $dn = 'uid=' . $entry['email'] . ',' . $this->ldap_basedn; |
| |
| |
| if ( $this->is_uid_present( $entry['uname'] ) === true ) |
| { |
| $this->delete_User( $entry ); |
| } |
| |
| |
| $this_entry['objectclass'] = 'inetOrgPerson'; |
| $this_entry['cn'] = $entry['name']; |
| $this_entry['mail'] = $entry['email']; |
| $this_entry['userpassword'] = $this->prepare_userpassword($entry['pass']); |
| $this_entry['sn'] = preg_replace('/^([a-zA-Z0-9_]+ ?)/','', $this_entry['cn']); |
| $this_entry['uid'][0] = $this_entry['mail']; |
| $this_entry['uid'][1] = $entry['uname']; |
| $this_entry['displayname'] = $entry['uname']; |
| $this_entry['employeetype'] = 'writer'; |
| $this_entry['preferredlanguage'] = 'en'; |
| |
| if ( $this->do_bind() && ldap_add( $this->ldap_conn, $dn, $this_entry )) |
| { |
| return true; |
| } |
| else |
| { |
| return false; |
| } |
| } |
| |
| |
| |
| |
| function delete_User( $entry ) |
| { |
| |
| $dn = 'uid=' . $entry['email'] . ',' . $this->ldap_basedn; |
| |
| if ( $this->do_bind() && ldap_delete( $this->ldap_conn, $dn ) ) |
| { |
| return true; |
| } |
| else |
| { |
| return false; |
| } |
| } |
| |
| |
| |
| |
| function update_userPassword( $dn, $userPassword ) |
| { |
| $entry = array('userpassword' => $userPassword ); |
| |
| if ( $this->do_bind() && ldap_modify( $this->ldap_conn, $dn, $entry) ) |
| { |
| return true; |
| } |
| else |
| { |
| return false; |
| } |
| } |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| function get_userList() |
| { |
| global $newbb_to_phpbb; |
| global $mail; |
| |
| |
| $filter = 'objectclass=inetorgperson'; |
| $result = ldap_search( $this->ldap_conn, $this->ldap_basedn, $filter); |
| $users = ldap_get_entries( $this->ldap_conn, $result ); |
| |
| $htmlblock = array('<p>'.$users['count'].' password(s) reset under: <code>'.$this->ldap_basedn.'</code></p>', |
| '<table border="1">', |
| '<tr>', |
| '<th>DN</th>', |
| '<th>CN</th>', |
| '<th>NewPass</th>', |
| '<th>userPassword</th>', |
| '<th>Password Updated</th>', |
| '<th>Email Notification</th>', |
| '</tr>'); |
| |
| for ($i = 0; $i < $users['count']; $i++) |
| { |
| |
| $newPassword = $newbb_to_phpbb->get_randomPass(); |
| $userPassword = $this->prepare_userpassword($newPassword); |
| |
| array_push($htmlblock, '<tr>', |
| '<td>' . $users[$i]['dn'] . '</td>', |
| '<td>' . $users[$i]['cn'][0] . '</td>', |
| '<td>' . $newPassword . '</td>', |
| '<td>' . $userPassword . '</td>'); |
| |
| |
| if ( $this->update_userPassword( $users[$i]['dn'], $userPassword ) === true ) |
| { |
| array_push($htmlblock,'<td class="center">YES</td>'); |
| } |
| else |
| { |
| array_push($htmlblock,'<td class="center">NO</td>'); |
| } |
| |
| |
| $info = array('mailto' => $users[$i]['mail'][0], |
| 'cn' => $users[$i]['cn'][0], |
| 'dn' => $users[$i]['dn'], |
| 'uid1' => $users[$i]['uid'][0], |
| 'uid2' => $users[$i]['uid'][1], |
| 'sn' => $users[$i]['sn'][0], |
| 'employeetype' => $users[$i]['employeetype'][0], |
| 'preferredlanguage' => $users[$i]['preferredlanguage'][0], |
| 'displayname' => $users[$i]['displayname'][0], |
| 'userpassword' => $newPassword); |
| if ( $mail->send( $info ) === true ) |
| { |
| array_push($htmlblock,'<td class="center">SENT</td>'); |
| } |
| else |
| { |
| array_push($htmlblock,'<td class="center">NOT SENT</td>'); |
| } |
| array_push($htmlblock,'</tr>'); |
| } |
| |
| array_push($htmlblock,'</table>'); |
| |
| return $htmlblock; |
| } |
| |
| |
| |
| |
| function __destruct() |
| { |
| if ( isset( $this->ldap_conn ) ) |
| { |
| ldap_unbind( $this->ldap_conn ); |
| } |
| } |
| } |
| |
| $ldap = new LDAP; |
| ?> |