***/
class LDAP
{
public $this_conn;
public $this_host;
public $this_port;
public $this_rootdn;
public $this_rootpw;
public $this_authschema;
public $this_basedn;
/***
* Class initialization
*/
function __construct()
{
// Initialize configuration values
$this->ldap_host = 'localhost';
$this->ldap_port = '389';
$this->ldap_rootdn = 'cn=manager,dc=example,dc=com';
$this->ldap_rootpw = '';
$this->ldap_authschema = '{MD5}';
$this->ldap_basedn = 'ou=people,dc=example,dc=com';
// Reinitialize configuration values
$config = array('ldap_host', 'ldap_port', 'ldap_rootdn',
'ldap_rootpw', 'ldap_authschema','ldap_basedn');
foreach ( $config as $param )
{
if ( ! isset($_SESSION[$param] ) )
{
$_SESSION[$param] = $this->$param;
}
$_SESSION[$param] = isset($_POST[$param])?$_POST[$param]:$_SESSION[$param];
$this->$param = $_SESSION[$param];
}
// Open connection against ldap server
if ( $this->ldap_host && $this->ldap_port )
{
$this->ldap_conn = ldap_connect( $this->ldap_host, $this->ldap_port );
}
// Set protocol version to use LDAPv3
ldap_set_option( $this->ldap_conn, LDAP_OPT_PROTOCOL_VERSION, 3);
}
/***
* LDAP configuration
*/
function get_configForm( $disabled = "" )
{
$htmlblock = array();
array_push( $htmlblock,
'LDAP configuration:
', '',
'- Host:
',
'',
'- Port:
',
'',
'- Bind DN:
',
'',
'- Base DN:
',
'',
'- Bind Password:
',
'',
'- Schema:
',
'- ',
'',
'
',
'
');
return $htmlblock;
}
/***
* Verify configuration
*/
function verify_configuration()
{
}
/***
* Bind to LDAP server
*/
function do_bind()
{
return ldap_bind( $this->ldap_conn, $this->ldap_rootdn, $this->ldap_rootpw );
}
/***
* Verify LDAP uid's value uniqness
*/
function is_uid_present( $uid )
{
$filter = 'uid=' . $uid;
$result = ldap_search( $this->ldap_conn, $this->ldap_basedn, $filter);
$entry = ldap_get_entries( $this->ldap_conn, $result);
if ( $uid != '' && $entry['count'] == 1 )
{
return true;
}
else
{
return false;
}
}
/***
* Prepare LDAP userPassword attribute
*/
function prepare_userpassword( $userpassword )
{
$dirty['userpassword'] = $userpassword;
$clean['userpassword'] = '';
switch ( $this->ldap_authschema )
{
case '{MD5}':
$clean['userpassword'] = '{MD5}' . base64_encode( pack( 'H*', md5( $dirty['userpassword'] ) ) );
break;
case '{SHA}':
$clean['userpassword'] = '{SHA}' . base64_encode( pack( 'H*', sha1( $dirty['userpassword'] ) ) );
break;
}
return $clean['userpassword'];
}
/***
* Add User
*/
function add_User( $entry )
{
$this_entry = array();
// Define user DN
$dn = 'uid=' . $entry['email'] . ',' . $this->ldap_basedn;
// Remove user if exists
if ( $this->is_uid_present( $entry['uname'] ) === true )
{
$this->delete_User( $entry );
}
// Prepare userPassword and other attributes for insertion in LDAP directory.
$this_entry['objectclass'] = 'inetOrgPerson';
$this_entry['cn'] = $entry['name'];
$this_entry['mail'] = $entry['email'];
$this_entry['userpassword'] = $this->prepare_userpassword($entry['pass']);
$this_entry['sn'] = preg_replace('/^([a-zA-Z0-9_]+ ?)/','', $this_entry['cn']);
$this_entry['uid'][0] = $this_entry['mail'];
$this_entry['uid'][1] = $entry['uname'];
$this_entry['displayname'] = $entry['uname'];
$this_entry['employeetype'] = 'writer';
$this_entry['preferredlanguage'] = 'en';
if ( $this->do_bind() && ldap_add( $this->ldap_conn, $dn, $this_entry ))
{
return true;
}
else
{
return false;
}
}
/***
* Delete User
*/
function delete_User( $entry )
{
// Define user DN
$dn = 'uid=' . $entry['email'] . ',' . $this->ldap_basedn;
if ( $this->do_bind() && ldap_delete( $this->ldap_conn, $dn ) )
{
return true;
}
else
{
return false;
}
}
/***
* Update LDAP userPassword only.
*/
function update_userPassword( $dn, $userPassword )
{
$entry = array('userpassword' => $userPassword );
if ( $this->do_bind() && ldap_modify( $this->ldap_conn, $dn, $entry) )
{
return true;
}
else
{
return false;
}
}
/***
* Get LDAP user list
* ----------------------------------------------------
* 1. Show a form with a list of all users inserted from xoops.users table.
* 2. Generate random passwords for each user and codify them into
* userPassword format.
* 3. Real passwords are not displayed.
*/
function get_userList()
{
global $newbb_to_phpbb;
global $mail;
// Get users from LDAP server
$filter = 'objectclass=inetorgperson';
$result = ldap_search( $this->ldap_conn, $this->ldap_basedn, $filter);
$users = ldap_get_entries( $this->ldap_conn, $result );
$htmlblock = array(''.$users['count'].' password(s) reset under: '.$this->ldap_basedn.'
',
'',
'',
'| DN | ',
'CN | ',
'NewPass | ',
'userPassword | ',
'Password Updated | ',
'Email Notification | ',
'
');
for ($i = 0; $i < $users['count']; $i++)
{
// Reset userPassword value in a random manner
$newPassword = $newbb_to_phpbb->get_randomPass();
$userPassword = $this->prepare_userpassword($newPassword);
array_push($htmlblock, '',
'| ' . $users[$i]['dn'] . ' | ',
'' . $users[$i]['cn'][0] . ' | ',
'' . $newPassword . ' | ',
'' . $userPassword . ' | ');
// Update LDAP userPassword field
if ( $this->update_userPassword( $users[$i]['dn'], $userPassword ) === true )
{
array_push($htmlblock,'YES | ');
}
else
{
array_push($htmlblock,'NO | ');
}
// Send email notification
$info = array('mailto' => $users[$i]['mail'][0],
'cn' => $users[$i]['cn'][0],
'dn' => $users[$i]['dn'],
'uid1' => $users[$i]['uid'][0],
'uid2' => $users[$i]['uid'][1],
'sn' => $users[$i]['sn'][0],
'employeetype' => $users[$i]['employeetype'][0],
'preferredlanguage' => $users[$i]['preferredlanguage'][0],
'displayname' => $users[$i]['displayname'][0],
'userpassword' => $newPassword);
if ( $mail->send( $info ) === true )
{
array_push($htmlblock,'SENT | ');
}
else
{
array_push($htmlblock,'NOT SENT | ');
}
array_push($htmlblock,'
');
}
array_push($htmlblock,'
');
return $htmlblock;
}
/***
* Class destruct
*/
function __destruct()
{
if ( isset( $this->ldap_conn ) )
{
ldap_unbind( $this->ldap_conn );
}
}
}
$ldap = new LDAP;
?>