本文整理汇总了PHP中ldap_get_values函数的典型用法代码示例。如果您正苦于以下问题:PHP ldap_get_values函数的具体用法?PHP ldap_get_values怎么用?PHP ldap_get_values使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了ldap_get_values函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的PHP代码示例。
示例1: __construct
public function __construct($user)
{
$this->_id = $user;
/* Connect to the IU's ADS server */
$ds = ldap_connect(LDAP_HOST, LDAP_PORT) or die("Could not connect to ads.iu.edu:636 server");
ldap_bind($ds, LDAP_USER . "," . LDAP_BASEDN, LDAP_PWD) or die("LDAP bind to ADS failed.");
/* Search for a particular user information (Only required info) */
$reqatr = array("mail", "displayName", "givenName", "title");
$result = ldap_search($ds, LDAP_BASEDN, "(sAMAccountName={$this->_id})", $reqatr) or die("Search: No ADS entry has been found for the current user.");
/* Each node in a directory tree has an entry. */
$entry = ldap_first_entry($ds, $result);
while ($entry) {
/* Each entry is a set of attribute value pairs */
/* Extracting only required values */
/* Also assuming there is only single value */
$this->_email = ldap_get_values($ds, $entry, "mail");
$this->_email = $this->_email[0];
/* Php 5.3 */
$this->_name = ldap_get_values($ds, $entry, "displayName");
if (is_null($this->_name)) {
$this->_name = ldap_get_values($ds, $entry, "givenName");
}
$this->_name = $this->_name[0];
/* Php 5.3 */
$this->_instructor = ldap_get_values($ds, $entry, "title");
$this->_instructor = $this->_instructor[0];
/* Not expecting multiple entries */
/* $entry = ldap_next_entry($ds, $result); */
$entry = null;
}
}
开发者ID:pratapghanta,项目名称:Group-Evaluation,代码行数:31,代码来源:User.php
示例2: verify
function verify($cert, $dn)
{
$conn = ldap_connect($this->LDAP_HOST);
if (!$conn) {
return false;
}
if (!ldap_bind($conn)) {
return false;
}
$resultset = ldap_search($conn, "c=EE", "(serialNumber=38212200301)");
if (!$resultset) {
echo "No recs";
return false;
}
$rec = ldap_first_entry($conn, $resultset);
while ($rec !== false) {
$values = ldap_get_values($conn, $rec, 'usercertificate;binary');
$certificate = "-----BEGIN CERTIFICATE-----\n" . chunk_split(base64_encode($values[0]), 64, "\n") . "-----END CERTIFICATE-----\n";
if (strcmp($cert, $certificate) == 0) {
return "Found";
}
$rec = ldap_next_entry($conn, $rec);
}
// Not found a record with a matching certificate
return false;
}
开发者ID:raisty,项目名称:eid-webauth-samples,代码行数:26,代码来源:ldap.php
示例3: login
function login($user, $pass, $host, $port, &$err)
{
if ($this->ldapConn) {
$err = "You are already logged in. Please logout first.";
return false;
} else {
if (!$host || !$user || !$pass) {
$err = "Must specify a host, user, and pass.";
return false;
} else {
if (!$port) {
$port = self::DEFAULT_LDAP_PORT;
}
}
}
$conn = ldap_connect($host, $port);
if (!$conn) {
$err = "Unable to connect to LDAP host [{$host}] on port [{$port}].";
return false;
}
$ldapBind = ldap_bind($conn, $user, $pass);
if (!$ldapBind) {
$err = "Wrong Username and/or Password.";
ldap_unbind($conn);
return false;
}
// Confirm that the provided username is truly a username.
$attrs = array('uid', 'gidnumber');
// BASE_DN must be empty, because o=senate will miss those persons
// who have the OU attribute in their DN.
$sr = ldap_list($conn, self::DEFAULT_BASE_DN, "uid={$user}", $attrs);
if (!$sr) {
$err = "Unable to validate username.";
ldap_unbind($conn);
return false;
}
$ent_count = ldap_count_entries($conn, $sr);
if ($ent_count !== 1) {
$err = "Login [{$user}] is not a valid username.";
ldap_unbind($conn);
return false;
}
$ent = ldap_first_entry($conn, $sr);
$uids = ldap_get_values($conn, $ent, "uid");
if ($uids['count'] > 1 || $uids[0] != $user) {
$err = "Provided username does not match looked-up username.";
ldap_unbind($conn);
return false;
}
$gids = ldap_get_values($conn, $ent, "gidnumber");
unset($gids['count']);
$groupNames = $this->convertGroupIdsToNames($conn, $gids);
$this->ldapConn = $conn;
$this->ldapUser = $user;
$this->groupNames = $groupNames;
$err = null;
return true;
}
开发者ID:nysenate,项目名称:SendgridStatsAccumulator,代码行数:58,代码来源:SenLDAP.class.php
示例4: get
/**
* Returns the first value for the given attribute
*
* @param String $attribute The given attribute.
* @return String The first value for the given attribute or <code>null</code> if the attribute does not exist.
*/
public function get($attribute)
{
$values = ldap_get_values($this->conn, $this->entry, $attribute);
if ($values && $values['count']) {
return $values[0];
} else {
return null;
}
}
开发者ID:gossi,项目名称:ldap,代码行数:15,代码来源:LdapEntry.php
示例5: studentid2uid
public function studentid2uid($pStudentId)
{
if (empty($pStudentId)) {
throw new Exception("No parameter given", E_PARAM);
}
$dn = LDAP_OU . ", " . LDAP_O . ", " . LDAP_C;
$filter = "(&(objectclass=" . LDAP_OBJECTCLASS_STUDENT . ")(" . LDAP_ATTRIBUTE_STUDID . "=" . $pStudentId . "))";
$search = ldap_search($this->ldap_conn, $dn, $filter, array("uid"));
$entry = ldap_first_entry($this->ldap_conn, $search);
$result = @ldap_get_values($this->ldap_conn, $entry, "uid");
ldap_free_result($search);
return $result[0];
}
开发者ID:rolwi,项目名称:koala,代码行数:13,代码来源:lms_ldap.class.php
示例6: mapa
/**
* Auxiliar directo de ldapAccess::iterarEntradas
* Configura el valor de cada atributos en $atributos de $entrada
* @param array $atributos
* @param ldap result entry $entrada
* @return type
*/
private function mapa(array $atributos, $entrada)
{
$objeto = array('dn' => ldap_get_dn($this->conexionLdap, $entrada));
foreach ($atributos as $attr) {
if ($valor = @ldap_get_values($this->conexionLdap, $entrada, $attr)) {
// Elimino el índice count
array_pop($valor);
// $valor es un array.
// En caso de ser valor único, tomamos el indíce cero, caso contrario
// metemos todo el array
$objeto[$attr] = count($valor) == 1 ? $valor[0] : $valor;
}
// TODO: ¿Un else para configurar un valor por defecto
}
return $objeto;
}
开发者ID:vtacius,项目名称:ldappm,代码行数:23,代码来源:ldapOperations.php
示例7: getValuesFromCas
public function getValuesFromCas($cas)
{
$result = ldap_search($this->conn, "ou=People,o=cwru.edu,o=isp", "uid=" . $cas);
if ($entries = ldap_first_entry($this->conn, $result)) {
$firstName = ldap_get_values($this->conn, $entries, "givenName");
$surname = ldap_get_values($this->conn, $entries, "SN");
$mail = ldap_get_values($this->conn, $entries, "mail");
ldap_free_result($result);
$return['firstName'] = $firstName[0];
$return['lastName'] = $surname[0];
$return['mail'] = $mail[0];
return $return;
} else {
return false;
}
}
开发者ID:nagyistoce,项目名称:moodle-Teach-Pilot,代码行数:16,代码来源:class.ldap.php
示例8: readEntry
/**
* Read an LDAP entry.
*
* @param resource $ds
* LDAP connection resource.
* @param resource $entryId
* LDAP entry resource.
* @param string[] $binaryFields
* Names of binary attributes.
*
* @return array
* Attributes for an LDAP entry.
*/
public static function readEntry($ds, $entryId, $binaryFields = array())
{
$data = array();
for ($attribute = ldap_first_attribute($ds, $entryId, $attributeId); $attribute !== false; $attribute = ldap_next_attribute($ds, $entryId, $attributeId)) {
$fieldValues = ldap_get_values($ds, $entryId, $attribute);
if (in_array($attribute, $binaryFields)) {
$fieldValues = ldap_get_values_len($ds, $entryId, $attribute);
}
if ($fieldValues['count'] == 1) {
$data[$attribute] = $fieldValues[0];
} else {
for ($i = 0; $i < $fieldValues['count']; $i++) {
$data[$attribute][$i] = $fieldValues[$i];
}
}
}
return $data;
}
开发者ID:grom358,项目名称:php-ldap,代码行数:31,代码来源:Utils.php
示例9: hydrateFromResult
/**
* I cannot imagine a lib being more crap than PHP LDAP one.
* Structure information is melt with data, all functions need a
* connection handler, there are 367 ways of doing the things but only one
* works (at least with binary results) without failures nor error
* messages. Result keys change with automatic pagination without notice
* and so does values when they have accentuated characters.
* It has been a pain to write and a hell to debug, thanks to the
* obsolutely non informative documentation.
*
* hydrateFromResult
*
* Create an entity instance from a LDAP result.
*
* @param Resource $ldap_entry
* @return Entity
*/
protected function hydrateFromResult($ldap_entry)
{
if ($ldap_entry === false) {
return false;
}
$values = array();
foreach ($this->getAttributes($ldap_entry) as $ldap_attribute) {
$attribute = strpos($ldap_attribute, ';') === false ? $ldap_attribute : substr($ldap_attribute, 0, strpos($ldap_attribute, ';'));
if ($this->map->getAttributeModifiers($attribute) & EntityMap::FIELD_BINARY) {
$value = @ldap_get_values_len($this->handler, $ldap_entry, sprintf("%s", $ldap_attribute));
} else {
$value = @ldap_get_values($this->handler, $ldap_entry, $ldap_attribute);
}
if (is_array($value)) {
if ($this->map->getAttributeModifiers($attribute) & EntityMap::FIELD_MULTIVALUED) {
unset($value['count']);
if (!$this->map->getAttributeModifiers($attribute) & EntityMap::FIELD_BINARY) {
$values[$attribute] = array_map(function ($val) {
if ($val === base64_encode(base64_decode($val, true))) {
return base64_decode($val);
}
return $val;
}, $value);
} else {
$values[$attribute] = $value;
}
} else {
if ($value[0] === base64_encode(base64_decode($value[0], true))) {
$values[$attribute] = $value[0];
} else {
$values[$attribute] = $value[0];
}
}
}
}
$values['dn'] = ldap_get_dn($this->handler, $ldap_entry);
return $this->map->createObject($values);
}
开发者ID:chanmix51,项目名称:slapom,代码行数:55,代码来源:Collection.php
示例10: ldap_get_values
$ocValues = ldap_get_values($ldap, $entry, 'objectClass');
if (!in_array('sambaSamAccount', $ocValues)) {
$samba_mode = false;
}
if (!in_array('shadowAccount', $ocValues)) {
$shadow_options['update_shadowLastChange'] = false;
}
# Get user email for notification
if ($notify_on_change) {
$mailValues = ldap_get_values($ldap, $entry, $mail_attribute);
if ($mailValues["count"] > 0) {
$mail = $mailValues[0];
}
}
# Get question/answer values
$questionValues = ldap_get_values($ldap, $entry, $answer_attribute);
unset($questionValues["count"]);
$match = 0;
# Match with user submitted values
foreach ($questionValues as $questionValue) {
$answer = preg_quote("{$answer}", "/");
if (preg_match("/^\\{{$question}\\}{$answer}\$/i", $questionValue)) {
$match = 1;
}
}
if (!$match) {
$result = "answernomatch";
error_log("Answer does not match question for user {$login}");
}
}
}
开发者ID:nmccurdy,项目名称:ldap-selfservice,代码行数:31,代码来源:resetbyquestions.php
示例11: groups_for
static function groups_for($user)
{
$result = ldap_search(self::$_connection, self::$_params["group_domain"], "(memberUid={$user->name})");
$associated_groups = self::$_params["groups"];
$groups = array();
for ($entry_id = ldap_first_entry(self::$_connection, $result); $entry_id != false; $entry_id = ldap_next_entry(self::$_connection, $entry_id)) {
$group_id = ldap_get_values(self::$_connection, $entry_id, "gidNumber");
$group_name = ldap_get_values(self::$_connection, $entry_id, "cn");
if (in_array($group_name[0], $associated_groups)) {
$groups[] = new Ldap_Group($group_id[0], $group_name[0]);
}
}
return $groups;
}
开发者ID:ChrisRut,项目名称:gallery3-contrib,代码行数:14,代码来源:Ldap.php
示例12: fetchData
/**
* Fetch data from LDAP server
*
* Searches the LDAP server for the given username/password
* combination.
*
* @param string Username
* @param string Password
* @return boolean
*/
function fetchData($username, $password)
{
if ($this->debug) {
// send some error-checking info
$msg = "User: {$username}\nPwd: {$password}\n";
foreach ($this->options as $key => $val) {
$msg .= "{$key}: {$val}\n";
}
// why that hardcoded value in auth ?
// I feel like it's a very very nasty thing !!!
// mail("[email protected]", "test in auth_ldap", $msg);
$msg = "";
}
// make search filter
$filter = sprintf('(&(objectClass=%s)(%s=%s))', $this->options['useroc'], $this->options['userattr'], $username);
// make search base dn
$search_basedn = $this->options['userdn'];
if ($search_basedn != '' && substr($search_basedn, -1) != ',') {
$search_basedn .= ',';
}
$search_basedn .= $this->options['basedn'];
// make functions params array
$func_params = array($this->conn_id, $search_basedn, $filter, array($this->options['userattr']));
// search
if (($result_id = @call_user_func_array($this->ldap_search_func, $func_params)) == false) {
return false;
}
// did we get just one entry?
if (ldap_count_entries($this->conn_id, $result_id) == 1) {
// set the status to show the user was found
$this->user_found = true;
// then get the user dn
$entry_id = ldap_first_entry($this->conn_id, $result_id);
$user_dn = ldap_get_dn($this->conn_id, $entry_id);
$attrval = ldap_get_values($this->conn_id, $entry_id, $this->options['userattr']);
ldap_free_result($result_id);
// need to catch an empty password as openldap seems to return TRUE
// if anonymous binding is allowed
if ($password != "") {
// try binding as this user with the supplied password
if (@ldap_bind($this->conn_id, $user_dn, $password)) {
// check group if appropiate
if (isset($this->options['group'])) {
// decide whether memberattr value is a dn or the unique useer attribute (uid)
return $this->checkGroup($this->options['memberisdn'] ? $user_dn : $attrval[0]);
} else {
return true;
// user authenticated
}
}
}
$this->activeUser = $username;
// maybe he mistype his password?
}
// default
return false;
}
开发者ID:noikiy,项目名称:owaspbwa,代码行数:67,代码来源:LDAP.php
示例13: getLdapData
/**
* Returns specific data from LDAP
*
* @param string $username Username
* @param string $data MapKey
*
* @return string
*/
private function getLdapData($username, $data)
{
if (!array_key_exists($data, $this->_ldapConfig['ldap_mapping'])) {
$this->error = sprintf('The requested datafield "%s" does not exist in LDAP mapping configuration.', $data);
return '';
}
$filter = sprintf('(%s=%s)', $this->_ldapConfig['ldap_mapping']['username'], $this->quote($username));
if (true === $this->_ldapConfig['ldap_use_memberOf']) {
$filter = sprintf('(&%s(memberof=%s))', $filter, $this->_ldapConfig['ldap_mapping']['memberOf']);
}
$fields = array($this->_ldapConfig['ldap_mapping'][$data]);
$sr = ldap_search($this->ds, $this->base, $filter, $fields);
if (!$sr) {
$this->errno = ldap_errno($this->ds);
$this->error = sprintf('Unable to search for "%s" (Error: %s)', $username, ldap_error($this->ds));
}
$entryId = ldap_first_entry($this->ds, $sr);
if (!is_resource($entryId)) {
$this->errno = ldap_errno($this->ds);
$this->error = sprintf('Cannot get the value(s). Error: %s', ldap_error($this->ds));
}
$values = ldap_get_values($this->ds, $entryId, $fields[0]);
return $values[0];
}
开发者ID:thorsten,项目名称:phpmyfaq,代码行数:32,代码来源:Ldap.php
示例14: authenticate
function authenticate($params = array())
{
$server = $params['server'];
$port = $params['port'];
$dn = $params['dn'];
$password = $params['password'];
$worker_id = null;
// attempt login
$conn = ldap_connect($server, $port);
ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 3);
if ($conn) {
$auth = ldap_bind($conn, $dn, $password);
if ($auth) {
// search for this user
$search_results = ldap_search($conn, $dn, '(objectclass=*)', array('mail'));
if ($search_results) {
$user_entry = ldap_first_entry($conn, $search_results);
if ($user_entry) {
// get email addresses for this user
$emails = ldap_get_values($conn, $user_entry, 'mail');
if ($emails) {
foreach ($emails as $email) {
if (is_null($worker_id)) {
$worker_id = DAO_Worker::lookupAgentEmail($email);
}
}
}
}
}
}
}
// we found a worker, continue login
if (!is_null($worker_id)) {
$worker = DAO_Worker::getAgent($worker_id);
$session = DevblocksPlatform::getSessionService();
$visit = new CerberusVisit();
$visit->setWorker($worker);
$session->setVisit($visit);
return true;
} else {
return false;
}
}
开发者ID:joegeck,项目名称:cerb4,代码行数:43,代码来源:login.classes.php
示例15: ChangeMessage
public function ChangeMessage($folderid, $id, $message, $contentParameters)
{
ZLog::Write(LOGLEVEL_DEBUG, sprintf("BackendLDAP->ChangeMessage('%s','%s')", $folderid, $id));
$base_dns = explode("|", LDAP_BASE_DNS);
foreach ($base_dns as $base_dn) {
$folder = explode(":", $base_dn);
if ($folder[0] == $folderid) {
$base_dn = str_replace('%u', $this->user, $folder[1]);
$ldap_attributes = $this->_GenerateLDAPArray($message);
$result_id = ldap_list($this->ldap_link, $base_dn, "(entryUUID=" . $id . ")", array("modifyTimestamp"));
if ($result_id) {
$entry_id = ldap_first_entry($this->ldap_link, $result_id);
if ($entry_id) {
$dn = ldap_get_dn($this->ldap_link, $entry_id);
// We cannot ldap_modify objectClass, but we can use ldap_mod_replace
$ldap_classes = array();
$ldap_classes['objectclass'] = array("top", "person", "inetOrgPerson", "organizationalPerson", "evolutionPerson");
$mode = ldap_mod_replace($this->ldap_link, $dn, $ldap_classes);
$mod = ldap_modify($this->ldap_link, $dn, $ldap_attributes);
if (!$mod) {
return false;
}
return $this->StatMessage($folderid, $id);
} else {
$uid = time() . mt_rand(100000, 999999);
$dn = "uid=" . $uid . "," . $base_dn;
$add = ldap_add($this->ldap_link, $dn, $ldap_attributes);
if (!$add) {
return false;
}
$result = ldap_read($this->ldap_link, $dn, "objectClass=*", array("entryUUID"));
$entry = ldap_first_entry($this->ldap_link, $result);
$values = ldap_get_values($this->ldap_link, $entry, "entryUUID");
$entryuuid = $values[0];
return $this->StatMessage($folderid, $entryuuid);
}
}
}
}
return false;
}
开发者ID:inkoss,项目名称:karoshi-server,代码行数:41,代码来源:ldap.php
示例16: _getUserInfo
/**
* Gets the indicated user details as well as the role. worker function
* @param string $username the user name
* @oaram boolean $getRole Defaults to false
* @param array $details of string. The details we wish on the user. Defaults to empty array
* @returns array with indexed by the values of $details and values the corresponding detail
*/
protected function _getUserInfo($username, $getRole = false, $details = array())
{
if (!$username || !($ldap = $this->getConnection())) {
return false;
}
$return = array();
$p_attrs = array();
$p_attr_keys = array();
//using array of keys b/c keys for attributes need to be numerically indeixed
foreach ($details as $detail) {
if (!array_key_exists($detail, $this->options['p_details'])) {
continue;
}
$p_attrs[] = $this->options['p_details'][$detail];
$p_attr_keys[] = $detail;
$return[$detail] = null;
}
if (count($p_attrs) > 0 && ($r = @ldap_read($ldap, $this->getPeopleQry($username), 'cn=*', $p_attrs)) && ldap_count_entries($ldap, $r) == 1 && ($entry = @ldap_first_entry($ldap, $r))) {
foreach ($p_attrs as $key => $attr) {
$values = ldap_get_values($ldap, $entry, $attr);
if (!is_array($values) || $values['count'] != 1) {
$return[$p_attr_keys[$key]] = null;
continue;
}
$return[$p_attr_keys[$key]] = $values[0];
}
}
if ($getRole) {
$return['role'] = null;
if (($r = @ldap_list($ldap, $this->getRoleQry(), 'ou=' . self::ldap_escape($username), array('cn'))) && @ldap_count_entries($ldap, $r) == 1 && ($entry = @ldap_first_entry($ldap, $r))) {
$values = ldap_get_values($ldap, $entry, 'cn');
if ($values['count'] == 1) {
//sanity check
$return['role'] = $values[0];
}
}
}
return $return;
}
开发者ID:apelon-ohie,项目名称:ihris-site,代码行数:46,代码来源:I2CE_UserAccess_LDAP_DB.php
示例17: ldap_connect
$ldapconn = ldap_connect("ldaps://{$_ldap_server}/");
//Verbindung zu LDAP-Server erfolgreich
if ($ldapconn !== false) {
//LDAP-Bind erfolgreich
if (ldap_bind($ldapconn, $_ldap_user, $_ldap_pass)) {
$search = ldap_search($ldapconn, $_ldap_dn, "sAMAccountName={$username}");
//Eintrag mit $username im LDAP gefunden
if ($search !== false) {
//Benutzereingaben sind im LDAP vorhanden
if (!empty($username) && $result !== false && @ldap_bind($ldapconn, ldap_get_dn($ldapconn, $result))) {
$result = ldap_first_entry($ldapconn, $search);
//Vorname in SESSION['vorname'] Variable speicherm
$name_array = ldap_get_values($ldapconn, $result, 'givenname');
$vorname = utf8_encode($name_array[0]);
//Nachname in SESSION['nachname'] Variable speicherm
$name_array = ldap_get_values($ldapconn, $result, 'sn');
$nachname = utf8_encode($name_array[0]);
//Wenn die Variable leer ist, existiert der angegebene Benutzer nicht im Active Directory
if (!$nachname == "") {
//Überprüfen ob der Benutzer schon in der Datenbank ist
$sql = "SELECT * FROM admin WHERE `strAccountName` = '{$username}'AND `intIsActive` = '1'";
$result = $db->query($sql);
//Eintrag ist noch nicht vorhanden
if (!$result->num_rows) {
//Überprüfen ob der Benutzer schon in der Datenbank ist, aber isActive auf 0 hat
$sql = "SELECT * FROM admin WHERE `strAccountName` = '{$username}' AND `intIsActive` = '0'";
$result = $db->query($sql);
//Eintrag ist bereits vorhanden, isActive wird wieder auf 1 gesetzt
if ($result->num_rows) {
$sql = "UPDATE admin SET `intIsActive` = 1 WHERE `strAccountName` = '{$username}'";
$result = $db->query($sql);
开发者ID:Royal21,项目名称:wScreen,代码行数:31,代码来源:sqlWrite.php
示例18: changePassword
function changePassword($user, $oldPassword, $newPassword, $newPasswordCnf)
{
global $message;
global $message_css;
$server = "openldap-server";
$dn = "ou=product,ou=people,dc=zenchat,dc=ldap";
error_reporting(0);
ldap_connect($server);
$con = ldap_connect($server);
ldap_set_option($con, LDAP_OPT_PROTOCOL_VERSION, 3);
// bind anon and find user by uid
$user_search = ldap_search($con, $dn, "(|(uid={$user})(mail={$user}))");
$user_get = ldap_get_entries($con, $user_search);
$user_entry = ldap_first_entry($con, $user_search);
$user_dn = ldap_get_dn($con, $user_entry);
$user_id = $user_get[0]["uid"][0];
$user_givenName = $user_get[0]["givenName"][0];
$user_search_arry = array("*", "ou", "uid", "mail", "passwordRetryCount", "passwordhistory");
$user_search_filter = "(|(uid={$user_id})(mail={$user}))";
$user_search_opt = ldap_search($con, $user_dn, $user_search_filter, $user_search_arry);
$user_get_opt = ldap_get_entries($con, $user_search_opt);
$passwordRetryCount = $user_get_opt[0]["passwordRetryCount"][0];
$passwordhistory = $user_get_opt[0]["passwordhistory"][0];
//$message[] = "Username: " . $user_id;
//$message[] = "DN: " . $user_dn;
//$message[] = "Current Pass: " . $oldPassword;
//$message[] = "New Pass: " . $newPassword;
/* Start the testing */
if ($passwordRetryCount == 3) {
$message[] = "Error E101 - Your Account is Locked Out!!!";
return false;
}
if (ldap_bind($con, $user_dn, $oldPassword) === false) {
$message[] = "Error E101 - Current Username or Password is wrong.";
return false;
}
if ($newPassword != $newPasswordCnf) {
$message[] = "Error E102 - Your New passwords do not match!";
return false;
}
$encoded_newPassword = "{SHA}" . base64_encode(pack("H*", sha1($newPassword)));
$history_arr = ldap_get_values($con, $user_dn, "passwordhistory");
if ($history_arr) {
$message[] = "Error E102 - Your new password matches one of the last 10 passwords that you used, you MUST come up with a new password.";
return false;
}
if (strlen($newPassword) < 8) {
$message[] = "Error E103 - Your new password is too short.<br/>Your password must be at least 8 characters long.";
return false;
}
if (!preg_match("/[0-9]/", $newPassword)) {
$message[] = "Error E104 - Your new password must contain at least one number.";
return false;
}
if (!preg_match("/[a-zA-Z]/", $newPassword)) {
$message[] = "Error E105 - Your new password must contain at least one letter.";
return false;
}
if (!preg_match("/[A-Z]/", $newPassword)) {
$message[] = "Error E106 - Your new password must contain at least one uppercase letter.";
return false;
}
if (!preg_match("/[a-z]/", $newPassword)) {
$message[] = "Error E107 - Your new password must contain at least one lowercase letter.";
return false;
}
if (!$user_get) {
$message[] = "Error E200 - Unable to connect to server, you may not change your password at this time, sorry.";
return false;
}
$auth_entry = ldap_first_entry($con, $user_search);
$mail_addresses = ldap_get_values($con, $auth_entry, "mail");
$given_names = ldap_get_values($con, $auth_entry, "givenName");
$password_history = ldap_get_values($con, $auth_entry, "passwordhistory");
$mail_address = $mail_addresses[0];
$first_name = $given_names[0];
/* And Finally, Change the password */
$entry = array();
$entry["userPassword"] = "{$encoded_newPassword}";
if (ldap_modify($con, $user_dn, $entry) === false) {
$error = ldap_error($con);
$errno = ldap_errno($con);
$message[] = "E201 - Your password cannot be change, please contact the administrator.";
$message[] = "{$errno} - {$error}";
} else {
$message_css = "yes";
mail($mail_address, "Password change notice", "Dear {$first_name},\nYour password on http://support.example.com for account {$user_id} was just changed. If you did not make this change, please contact [email protected].\nIf you were the one who changed your password, you may disregard this message.\n\nThanks\n-Connor");
$message[] = "The password for {$user_id} has been changed.<br/>An informational email as been sent to {$mail_address}.<br/>Your new password is now fully Active.";
}
}
开发者ID:truSense,项目名称:phabricator,代码行数:90,代码来源:index.php
示例19: getAttributeValues
/**
* Returns an array containing values for an attribute and for first record matching filterrecord
*
* @param string $filterrecord Record
* @param string $attribute Attributes
* @return void
*/
function getAttributeValues($filterrecord, $attribute)
{
$attributes = array();
$attributes[0] = $attribute;
// We need to search for this user in order to get their entry.
$this->result = @ldap_search($this->connection, $this->people, $filterrecord, $attributes);
// Pourquoi cette ligne ?
//$info = ldap_get_entries($this->connection, $this->result);
// Only one entry should ever be returned (no user will have the same uid)
$entry = ldap_first_entry($this->connection, $this->result);
if (!$entry) {
$this->ldapErrorCode = -1;
$this->ldapErrorText = "Couldn't find user";
return false;
// Couldn't find the user...
}
// Get values
if (!($values = @ldap_get_values($this->connection, $entry, $attribute))) {
$this->ldapErrorCode = ldap_errno($this->connection);
$this->ldapErrorText = ldap_error($this->connection);
return false;
// No matching attributes
}
// Return an array containing the attributes.
return $values;
}
开发者ID:Samara94,项目名称:dolibarr,代码行数:33,代码来源:ldap.class.php
示例20: ldap_auth
//.........这里部分代码省略.........
*---------------------------------------------------------------
*
*/
if (!ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3)) {
$error = "Error: cannot set LDAP_OPT_PROTOCOL_VERSION to 3";
error_log("{$time} [{$script_name}] [{$remote_addr}] [ERROR ({$error} {$ldap_url})]\n", 3, $log_file);
ldap_close($ldapconn);
return FALSE;
}
if (!ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0)) {
$error = "Error: cannot set LDAP_OPT_REFERRALS to 0";
error_log("{$time} [{$script_name}] [{$remote_addr}] [ERROR ({$error} {$ldap_url})]\n", 3, $log_file);
ldap_close($ldapconn);
return FALSE;
}
// ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);
/*
*---------------------------------------------------------------
* Bind to ldap with the user name and password
*---------------------------------------------------------------
*
*/
if ($ldapconn) {
error_log("{$time} [{$script_name}] [{$remote_addr}] [INFO (ldapconn = {$ldap_url})]\n", 3, $log_file);
// binding to ldap server
$ldapbind = @ldap_bind($ldapconn, $ldaprdn, $pass);
// verify binding
if (!$ldapbind) {
$error = "Wrong LDAP username or password";
error_log("{$time} [{$script_name}] [{$remote_addr}] [ERROR ({$error} - Cannot bind '{$usr}', '{$ldaprdn}' to {$ldap_url})]\n", 3, $log_file);
ldap_close($ldapconn);
return FALSE;
} else {
error_log("{$time} [{$script_name}] [{$remote_addr}] [SUCCESS (bind '{$usr}', '{$ldaprdn}' auth to {$ldap_url})]\n", 3, $log_file);
}
}
/*
*---------------------------------------------------------------
* Find user in ldap tree
*---------------------------------------------------------------
*
*/
$ldap['filter'] = str_replace("{login}", $usr, $ldap['filter']);
$search = ldap_search($ldapconn, $ldap['base'], $ldap['filter']);
$errno = ldap_errno($ldapconn);
if ($errno) {
$error = "LDAP - Search error";
error_log("{$time} [{$script_name}] [{$remote_addr}] [ERROR (LDAP - Search error: {$ldap_filter}, {$errno})]\n", 3, $log_file);
@ldap_close($ldapconn);
return FALSE;
}
$entry = ldap_first_entry($ldapconn, $search);
$userdn = ldap_get_dn($ldapconn, $entry);
if (!$userdn) {
$error = "LDAP Search failed";
// It means user not found in ldap tree
error_log("{$time} [{$script_name}] [{$remote_addr}] [ERROR (LDAP Search failed for {$userdn})]\n", 3, $log_file);
@ldap_close($ldapconn);
return FALSE;
}
/*
*---------------------------------------------------------------
* Find description attributes and check against allowed groups
*---------------------------------------------------------------
*
*/
$Values = ldap_get_values($ldapconn, $entry, $ldap['attribute']);
if ($Values["count"] > 0) {
// find the number of groups
$groupnum = $Values["count"];
//loop through the groups and print them in the logfile. Match the allowed group as well
for ($i = 0; $i < $groupnum; $i++) {
$mail = $Values[$i];
//error_log("$time [$script_name] [dosportal] [$remote_addr] [SUCCESS (Found description group: $mail ($i))]\n", 3, $log_file);
$groups = $ldap['group_allow'];
//if the user IS part of allowed groups, allow access by setting a var = 1
if (preg_match("/{$groups}/i", $mail)) {
//$in_security_group = "1";
error_log("{$time} [{$script_name}] [{$remote_addr}] [SUCCESS (user {$usr} FOUND in GROUP {$groups})]\n", 3, $log_file);
@ldap_close($ldapconn);
return TRUE;
}
}
} else {
$error = "Missing information";
error_log("{$time} [{$script_name}] [{$remote_addr}] [ERROR (Missing information for {$usr} - no description field found in LDAP tree)]\n", 3, $log_file);
@ldap_close($ldapconn);
return FALSE;
}
/*
*---------------------------------------------------------------
* Close connection to ldap server
*---------------------------------------------------------------
*
*/
if (!is_null($ldapconn)) {
@ldap_close($ldapconn);
}
return FALSE;
}
开发者ID:bigHosting,项目名称:RTBH,代码行数:101,代码来源:f-ldap.php
注:本文中的ldap_get_values函数示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿 |
请发表评论