本文整理汇总了PHP中Ldap类的典型用法代码示例。如果您正苦于以下问题:PHP Ldap类的具体用法?PHP Ldap怎么用?PHP Ldap使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了Ldap类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的PHP代码示例。
示例1: testGetAttributes
public function testGetAttributes()
{
$ldap = new Ldap($this->container);
$this->assertCount(3, $ldap->getProfileAttributes());
$this->assertContains(LDAP_ACCOUNT_FULLNAME, $ldap->getProfileAttributes());
$this->assertContains(LDAP_ACCOUNT_EMAIL, $ldap->getProfileAttributes());
$this->assertContains(LDAP_ACCOUNT_MEMBEROF, $ldap->getProfileAttributes());
}
开发者ID:jewelhuqsapp,项目名称:kanboard,代码行数:8,代码来源:LdapTest.php
示例2: install
/**
* plugin installation
*
* perform here all needed step for the plugin installation
* such as create default config, add database tables,
* add fields to existing tables, create local folders...
*/
function install($plugin_version, &$errors = array())
{
global $conf;
$config = new Ldap();
if (file_exists(LDAP_LOGIN_PATH . 'data.dat')) {
$config->load_config();
} else {
$config->load_default_config();
}
$config->save_config();
$this->installed = true;
}
开发者ID:kvakanet,项目名称:ldap_login,代码行数:19,代码来源:maintain.inc.php
示例3: getUserInformation
/**
* Gather user information
*
* @param string $username Find information for 'username'
* @param string $info Required attribute of the user account object
* @return null|string User information
* @throws Exception
*/
public function getUserInformation($username, $info)
{
$toReturn = null;
$db = new RecordSet($this->dbConnectionInfo, false, true);
$information = $db->Open("SELECT email FROM users WHERE userName = '" . $username . "' AND password != '';");
switch ($information) {
case 1:
// User found in local database
$toReturn = $db->Field('email');
break;
case 0:
// User not found in local database
// Try to find it in LDAP
if ($this->ldap instanceof Ldap) {
try {
$information = $this->ldap->getUserInfo($username, array($info));
$toReturn = @$information[0][$info][0];
} catch (Exception $e) {
throw new Exception($e->getMessage());
}
}
break;
default:
throw new Exception('No or more than one email address found for ' . $username);
}
return $toReturn;
}
开发者ID:bdensmore,项目名称:dita-docs,代码行数:35,代码来源:User.php
示例4: testFailedSearch
public function testFailedSearch()
{
if ($this->skipIfNoLdap()) {
return;
}
$mock = $this->getMock('Bart\\PHPLDAP');
$mock->expects($this->exactly(2))->method('ldap_bind')->will($this->returnValueMap(array(array('conn', 'binduser', 'bindpw', true), array('conn', $this->brayDN, 'jbraynardpwd', false))));
$this->stubSearchSequence($mock);
Diesel::registerInstantiator('Bart\\PHPLDAP', function () use($mock) {
return $mock;
});
$ldap = new Ldap($this->config);
$ldap->connect();
$this->assertThrows('\\Bart\\LdapException', "LDAP Auth: failure, username/password did not match for {$this->brayDN}", function () use($mock, $ldap) {
$ldap->auth_user('jbraynard', 'jbraynardpwd');
});
}
开发者ID:martinsv,项目名称:bart,代码行数:17,代码来源:LdapTest.php
示例5: getLdapMemberGroups
public static function getLdapMemberGroups()
{
if (Ldap::getConnection()) {
$query = ldap_search(Ldap::getConnection(), 'CN=groups,' . $GLOBALS['TL_CONFIG']['ldap_base'], "(objectClass=*)", LdapMemberGroup::getAttributes());
if (!$query) {
return false;
}
$found = ldap_get_entries(Ldap::getConnection(), $query);
// groups not found
if (!is_array($found) || count($found) <= 0) {
return false;
}
return $found;
} else {
return false;
}
}
开发者ID:heimrichhannot,项目名称:contao-ldap,代码行数:17,代码来源:LdapMemberGroupModel.php
示例6: findLdapMember
public static function findLdapMember($strUsername)
{
if (Ldap::getConnection()) {
$user_name_filter = $GLOBALS['TL_CONFIG']['ldap_uid'] . '=' . $strUsername;
$filter = '(&(' . $user_name_filter . ')' . $GLOBALS['TL_CONFIG']['ldap_filter_person'] . ')';
// search by username
$query = ldap_search(Ldap::getConnection(), $GLOBALS['TL_CONFIG']['ldap_base'], $filter, LdapMember::getAttributes());
if (!$query) {
return null;
}
$found = ldap_get_entries(Ldap::getConnection(), $query);
// user not found
if (!is_array($found) || count($found) <= 0) {
return null;
}
$found = (object) $found[0];
return $found;
} else {
return null;
}
}
开发者ID:heimrichhannot,项目名称:contao-ldap,代码行数:21,代码来源:LdapMemberModel.php
示例7: authenticateLdapMember
public static function authenticateLdapMember($strUsername, $strPassword)
{
$objLdapUser = LdapMemberModel::findLdapMember($strUsername);
if ($objLdapUser) {
if (!@ldap_bind(Ldap::getConnection(), $objLdapUser->dn, $strPassword)) {
$errno = ldap_errno(Ldap::getConnection());
switch ($errno) {
case static::LDAP_INVALID_CREDENTIALS:
return false;
}
return false;
}
// ldap account requires an valid email and uid
if ($objLdapUser->uid['count'] == 0 || $objLdapUser->mail['count'] == 0) {
\Message::addError($GLOBALS['TL_LANG']['MSC']['ldap']['emailUidMissing']);
return false;
}
return true;
} else {
return false;
}
}
开发者ID:heimrichhannot,项目名称:contao-ldap,代码行数:22,代码来源:LdapMember.php
示例8: searchADUserInGroup
/**
* Buscar al usuario en un grupo.
*
* @param string $userLogin con el login del usuario
* @throws \Exception
* @return bool
*/
public static function searchADUserInGroup($userLogin)
{
if (Ldap::$_isADS === false) {
return false;
}
$log = new Log(__FUNCTION__);
$ldapGroup = Config::getValue('ldap_group');
// El filtro de grupo no está establecido
if (empty($ldapGroup)) {
return true;
}
// Obtenemos el DN del grupo
if (!($groupDN = Ldap::searchGroupDN())) {
return false;
}
$filter = '(memberof:1.2.840.113556.1.4.1941:=' . $groupDN . ')';
$filterAttr = array("sAMAccountName");
$searchRes = @ldap_search(Ldap::$_ldapConn, Ldap::$_searchBase, $filter, $filterAttr);
if (!$searchRes) {
$log->addDescription(_('Error al buscar el grupo de usuarios'));
$log->addDescription('LDAP ERROR: ' . ldap_error(Ldap::$_ldapConn) . '(' . ldap_errno(Ldap::$_ldapConn) . ')');
$log->addDescription('LDAP FILTER: ' . $filter);
$log->writeLog();
throw new \Exception(_('Error al buscar el grupo de usuarios'));
}
if (@ldap_count_entries(Ldap::$_ldapConn, $searchRes) === 0) {
$log->addDescription(_('No se encontró el grupo con ese nombre'));
$log->addDescription('LDAP ERROR: ' . ldap_error(Ldap::$_ldapConn) . '(' . ldap_errno(Ldap::$_ldapConn) . ')');
$log->addDescription('LDAP FILTER: ' . $filter);
$log->writeLog();
throw new \Exception(_('No se encontró el grupo con ese nombre'));
}
foreach (ldap_get_entries(Ldap::$_ldapConn, $searchRes) as $entry) {
if ($userLogin === $entry['samaccountname'][0]) {
return true;
}
}
return false;
}
开发者ID:bitking,项目名称:sysPass,代码行数:46,代码来源:LdapADS.class.php
示例9: __construct
public function __construct(Ldap $link, $result = null)
{
$this->result = $result;
if (is_resource($result)) {
// Get the status code, matched DN and referrals from the response
ldap_parse_result($link->resource(), $result, $this->code, $this->matchedDN, $this->message, $this->referrals);
// Get the string representation of the status code
$this->message = ldap_err2str($this->code);
// Extract the data from the resource
$this->data = ldap_get_entries($link->resource(), $result);
$this->data = $this->cleanup_result($this->data);
// Remove the referrals array if there's nothing inside
count($this->referrals) == 0 && ($this->referrals = null);
// Try to extract pagination cookie and estimated number of objects to be returned
// Since there's no way to tell if pagination has been enabled or not, I am suppressing php errors
@ldap_control_paged_result_response($link->resource(), $result, $this->cookie, $this->estimated);
} else {
$this->code = ldap_errno($link->resource());
$this->message = ldap_error($link->resource());
}
// Active Directory conceals some additional error codes in the ErrorMessage of the response
// that we cannot get to with ldap_errno() in authentication failures - let's try to
// extract them!
if ($this->code == 49) {
$message = null;
ldap_get_option($link->resource(), Option::ErrorString, $message);
if (stripos($message, 'AcceptSecurityContext') !== false) {
$message = explode(', ', $message);
end($message);
$message = prev($message);
$this->code = explode(' ', $message)[1];
// For compatibility reasons with standard ldap, if the error code
// is 52e let's replace it with 49 ( their meanings are equal, it's just
// Microsoft doing it its own way again )
if ($this->code == '52e') {
$this->code = ResponseCode::InvalidCredentials;
}
}
}
}
开发者ID:alaneor,项目名称:ldap,代码行数:40,代码来源:Response.php
示例10: run_trigger
/**
* Function called when a Dolibarrr business event is done.
* All functions "run_trigger" are triggered if file is inside directory htdocs/includes/triggers
* @param action Event code (COMPANY_CREATE, PROPAL_VALIDATE, ...)
* @param object Object action is done on
* @param user Object user
* @param langs Object langs
* @param conf Object conf
* @return int <0 if KO, 0 if no action are done, >0 if OK
*/
function run_trigger($action, $object, $user, $langs, $conf)
{
if (empty($conf->ldap->enabled)) {
return 0;
}
// Module not active, we do nothing
if (!function_exists('ldap_connect')) {
dol_syslog("Warning, module LDAP is enabled but LDAP functions not available in this PHP", LOG_WARNING);
return 0;
}
// Users
if ($action == 'USER_CREATE') {
dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
$ldap = new Ldap();
$ldap->connect_bind();
$info = $object->_load_ldap_info();
$dn = $object->_load_ldap_dn($info);
$result = $ldap->add($dn, $info, $user);
if ($result < 0) {
$this->error = "ErrorLDAP" . " " . $ldap->error;
}
return $result;
}
} elseif ($action == 'USER_MODIFY') {
dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
$ldap = new Ldap();
$ldap->connect_bind();
$oldinfo = $object->oldcopy->_load_ldap_info();
$olddn = $object->oldcopy->_load_ldap_dn($oldinfo);
// Verify if entry exist
$container = $object->oldcopy->_load_ldap_dn($oldinfo, 1);
$search = "(" . $object->oldcopy->_load_ldap_dn($oldinfo, 2) . ")";
$records = $ldap->search($container, $search);
if (sizeof($records) && $records['count'] == 0) {
$olddn = '';
}
$info = $object->_load_ldap_info();
$dn = $object->_load_ldap_dn($info);
$result = $ldap->update($dn, $info, $user, $olddn);
if ($result < 0) {
$this->error = "ErrorLDAP" . " " . $ldap->error;
}
return $result;
}
} elseif ($action == 'USER_NEW_PASSWORD') {
dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
$ldap = new Ldap();
$ldap->connect_bind();
$oldinfo = $object->oldcopy->_load_ldap_info();
$olddn = $object->oldcopy->_load_ldap_dn($oldinfo);
// Verify if entry exist
$container = $object->oldcopy->_load_ldap_dn($oldinfo, 1);
$search = "(" . $object->oldcopy->_load_ldap_dn($oldinfo, 2) . ")";
$records = $ldap->search($container, $search);
if (sizeof($records) && $records['count'] == 0) {
$olddn = '';
}
$info = $object->_load_ldap_info();
$dn = $object->_load_ldap_dn($info);
$result = $ldap->update($dn, $info, $user, $olddn);
if ($result < 0) {
$this->error = "ErrorLDAP" . " " . $ldap->error;
}
return $result;
}
} elseif ($action == 'USER_ENABLEDISABLE') {
dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
} elseif ($action == 'USER_DELETE') {
dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
$ldap = new Ldap();
$ldap->connect_bind();
$info = $object->_load_ldap_info();
$dn = $object->_load_ldap_dn($info);
$result = $ldap->delete($dn, $info, $user);
if ($result < 0) {
$this->error = "ErrorLDAP" . " " . $ldap->error;
}
return $result;
}
} elseif ($action == 'GROUP_CREATE') {
if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
$ldap = new Ldap();
$ldap->connect_bind();
$info = $object->_load_ldap_info();
$dn = $object->_load_ldap_dn($info);
// Get a gid number for objectclass PosixGroup
//.........这里部分代码省略.........
开发者ID:netors,项目名称:dolibarr,代码行数:101,代码来源:interface_modLdap_Ldapsynchro.class.php
示例11: print_titre
if (!empty($conf->global->LDAP_CONTACT_ACTIVE) && $conf->global->LDAP_CONTACT_ACTIVE != 'ldap2dolibarr') {
print '<a class="butAction" href="' . $_SERVER["PHP_SELF"] . '?id=' . $contact->id . '&action=dolibarr2ldap">' . $langs->trans("ForceSynchronize") . '</a>';
}
print "</div>\n";
if (!empty($conf->global->LDAP_CONTACT_ACTIVE) && $conf->global->LDAP_CONTACT_ACTIVE != 'ldap2dolibarr') {
print "<br>\n";
}
// Affichage attributs LDAP
print_titre($langs->trans("LDAPInformationsForThisContact"));
print '<table width="100%" class="noborder">';
print '<tr class="liste_titre">';
print '<td>' . $langs->trans("LDAPAttributes") . '</td>';
print '<td>' . $langs->trans("Value") . '</td>';
print '</tr>';
// Lecture LDAP
$ldap = new Ldap();
$result = $ldap->connect_bind();
if ($result > 0) {
$info = $contact->_load_ldap_info();
$dn = $contact->_load_ldap_dn($info, 1);
$search = "(" . $contact->_load_ldap_dn($info, 2) . ")";
$records = $ldap->getAttribute($dn, $search);
//var_dump($records);
// Affichage arbre
if (count($records) && $records != false && (!isset($records['count']) || $records['count'] > 0)) {
if (!is_array($records)) {
print '<tr ' . $bc[false] . '><td colspan="2"><font class="error">' . $langs->trans("ErrorFailedToReadLDAP") . '</font></td></tr>';
} else {
$result = show_ldap_content($records, 0, $records['count'], true);
}
} else {
开发者ID:ADDAdev,项目名称:Dolibarr,代码行数:31,代码来源:ldap.php
示例12: while
if ($num) {
while ($i < $num) {
$obj = $db->fetch_object($resql);
if ($obj) {
//print 'Load cache for country '.strtolower($obj->label).' rowid='.$obj->rowid."\n";
$hashlib2rowid[strtolower($obj->label)] = $obj->rowid;
$countries[$obj->rowid] = array('rowid' => $obj->rowid, 'label' => $obj->label, 'code' => $obj->code);
}
$i++;
}
}
} else {
dol_print_error($db);
exit(-1);
}
$ldap = new Ldap();
$result = $ldap->connect_bind();
if ($result >= 0) {
$justthese = array();
// We disable synchro Dolibarr-LDAP
$conf->global->LDAP_MEMBER_ACTIVE = 0;
$ldaprecords = $ldap->getRecords('*', $conf->global->LDAP_MEMBER_DN, $conf->global->LDAP_KEY_MEMBERS, $required_fields, 0);
if (is_array($ldaprecords)) {
$db->begin();
// Warning $ldapuser has a key in lowercase
foreach ($ldaprecords as $key => $ldapuser) {
$member = new Adherent($db);
// Propriete membre
$member->firstname = $ldapuser[$conf->global->LDAP_FIELD_FIRSTNAME];
$member->lastname = $ldapuser[$conf->global->LDAP_FIELD_NAME];
$member->login = $ldapuser[$conf->global->LDAP_FIELD_LOGIN];
开发者ID:ADDAdev,项目名称:Dolibarr,代码行数:31,代码来源:sync_members_ldap2dolibarr.php
示例13: User
print "<tr>" . '<td align="center" colspan="2"><input class="button" value="' . $langs->trans("CreateUser") . '" type="submit"></td></tr>';
print "</table>\n";
print "</form>";
} else {
/* ************************************************************************** */
/* */
/* Visu et edition */
/* */
/* ************************************************************************** */
if ($id) {
$fuser = new User($db);
$fuser->fetch($id);
// Connexion ldap
// pour recuperer passDoNotExpire et userChangePassNextLogon
if ($conf->ldap->enabled && $fuser->ldap_sid) {
$ldap = new Ldap();
$result = $ldap->connect_bind();
if ($result > 0) {
$userSearchFilter = '(' . $conf->global->LDAP_FILTER_CONNECTION . '(' . $this->getUserIdentifier() . '=' . $fuser->login . '))';
$entries = $ldap->fetch($fuser->login, $userSearchFilter);
if (!$entries) {
$message .= $ldap->error;
}
$passDoNotExpire = 0;
$userChangePassNextLogon = 0;
$userDisabled = 0;
$statutUACF = '';
//On verifie les options du compte
if (count($ldap->uacf) > 0) {
foreach ($ldap->uacf as $key => $statut) {
if ($key == 65536) {
开发者ID:netors,项目名称:dolibarr,代码行数:31,代码来源:fiche.php
示例14: trim
$input = trim(fgets(STDIN));
}
/*
if (! $conf->global->LDAP_CONTACT_ACTIVE)
{
print $langs->trans("LDAPSynchronizationNotSetupInDolibarr");
exit(-1);
}
*/
$sql = "SELECT rowid";
$sql .= " FROM " . MAIN_DB_PREFIX . "socpeople";
$resql = $db->query($sql);
if ($resql) {
$num = $db->num_rows($resql);
$i = 0;
$ldap = new Ldap();
$ldap->connect_bind();
while ($i < $num) {
$ldap->error = "";
$obj = $db->fetch_object($resql);
$contact = new Contact($db);
$contact->id = $obj->rowid;
$contact->fetch($contact->id);
print $langs->trans("UpdateContact") . " rowid=" . $contact->id . " " . $contact->getFullName($langs);
$oldobject = $contact;
$oldinfo = $oldobject->_load_ldap_info();
$olddn = $oldobject->_load_ldap_dn($oldinfo);
$info = $contact->_load_ldap_info();
$dn = $contact->_load_ldap_dn($info);
$result = $ldap->add($dn, $info, $user);
// Wil fail if already exists
开发者ID:Albertopf,项目名称:prueba,代码行数:31,代码来源:sync_contacts_dolibarr2ldap.php
示例15: authUserLDAP
/**
* Autentificación de usuarios con LDAP.
*
* @param string $userLogin con el login del usuario
* @param string $userPass con la clave del usuario
* @return int|bool Número de error o boolean
*/
public static function authUserLDAP($userLogin, $userPass)
{
if (!Util::ldapIsAvailable() || !Util::ldapIsEnabled() || !Ldap::checkLDAPParams()) {
return false;
}
$ldapGroupAccess = false;
$message['action'] = __FUNCTION__;
// Conectamos al servidor realizamos la conexión con el usuario proxy
try {
Ldap::ldapConnect();
Ldap::ldapBind();
Ldap::getUserDN($userLogin);
} catch (\Exception $e) {
return false;
}
$userDN = Ldap::$ldapSearchData[0]['dn'];
// Realizamos la conexión con el usuario real y obtenemos los atributos
try {
Ldap::ldapBind($userDN, $userPass);
$attribs = Ldap::getLDAPAttr();
} catch (\Exception $e) {
return ldap_errno(Ldap::getConn());
}
// Comprobamos si la cuenta está bloqueada o expirada
if (isset($attribs['expire']) && $attribs['expire'] > 0) {
return 701;
}
if (Ldap::getLdapGroup() !== '*') {
// Comprobamos que el usuario está en el grupo indicado buscando en los atributos del usuario
if (isset($attribs['group'])) {
if (is_array($attribs['group'])) {
foreach ($attribs['group'] as $group) {
if (is_int($group)) {
continue;
}
// Comprobamos que el usuario está en el grupo indicado
if (self::checkLDAPGroup($group)) {
$ldapGroupAccess = true;
break;
}
}
} else {
$ldapGroupAccess = self::checkLDAPGroup($attribs['group']);
}
// Comprobamos que el usuario está en el grupo indicado buscando en los atributos del grupo
} else {
$ldapGroupAccess = Ldap::searchUserInGroup($userDN) || LdapADS::searchADUserInGroup($userLogin);
}
} else {
$ldapGroupAccess = true;
}
if ($ldapGroupAccess === false) {
$log = new Log(__FUNCTION__);
$log->addDescription(_('Usuario no pertenece al grupo'));
$log->addDescription(sprintf('%s : %s', _('Usuario'), $userDN));
$log->writeLog();
return 702;
}
self::$userName = isset($attribs['name']) ? $attribs['name'] : $userLogin;
self::$userEmail = isset($attribs['mail']) ? $attribs['mail'] : '';
return true;
}
开发者ID:EWegrzynowski,项目名称:sysPass,代码行数:69,代码来源:Auth.class.php
示例16: Ldap
{
print $langs->trans("LDAPSynchronizationNotSetupInDolibarr");
exit 1;
}
*/
$sql = "SELECT rowid";
$sql .= " FROM ".MAIN_DB_PREFIX."usergroup";
$resql = $db->query($sql);
if ($resql)
{
$num = $db->num_rows($resql);
$i = 0;
$ldap=new Ldap();
$ldap->connect_bind();
while ($i < $num)
{
$ldap->error="";
$obj = $db->fetch_object($resql);
$fgroup = new UserGroup($db);
$fgroup->id = $obj->rowid;
$fgroup->fetch($fgroup->id);
print $langs->trans("UpdateGroup")." rowid=".$fgroup->id." ".$fgroup->name;
$oldobject=$fgroup;
开发者ID:nrjacker4,项目名称:crm-php,代码行数:31,代码来源:sync_groups_dolibarr2ldap.php
示例17: UserGroup
$dn=$conf->global->LDAP_GROUP_DN;
$objectclass=$conf->global->LDAP_GROUP_OBJECT_CLASS;
show_ldap_test_button($butlabel,$testlabel,$key,$dn,$objectclass);
}
if (function_exists("ldap_connect"))
{
if ($_GET["action"] == 'testgroup')
{
// Creation objet
$object=new UserGroup($db);
$object->initAsSpecimen();
// Test synchro
$ldap=new Ldap();
$result=$ldap->connect_bind();
if ($result > 0)
{
$info=$object->_load_ldap_info();
$dn=$object->_load_ldap_dn($info);
$result1=$ldap->delete($dn); // To be sure to delete existing records
$result2=$ldap->add($dn,$info,$user); // Now the test
$result3=$ldap->delete($dn); // Clean what we did
if ($result2 > 0)
{
print img_picto('','info').' ';
print '<font class="ok">'.$langs->trans("LDAPSynchroOK").'</font><br>';
开发者ID:remyyounes,项目名称:dolibarr,代码行数:31,代码来源:ldap_groups.php
示例18: check_user_password_ldap
/**
* Check validity of user/password/entity
* If test is ko, reason must be filled into $_SESSION["dol_loginmesg"]
*
* @param string $usertotest Login
* @param string $passwordtotest Password
* @param int $entitytotest Number of instance (always 1 if module multicompany not enabled)
* @return string Login if OK, '' if KO
*/
function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest)
{
global $db, $conf, $langs;
global $_POST;
global $dolibarr_main_auth_ldap_host, $dolibarr_main_auth_ldap_port;
global $dolibarr_main_auth_ldap_version, $dolibarr_main_auth_ldap_servertype;
global $dolibarr_main_auth_ldap_login_attribute, $dolibarr_main_auth_ldap_dn;
global $dolibarr_main_auth_ldap_admin_login, $dolibarr_main_auth_ldap_admin_pass;
global $dolibarr_main_auth_ldap_filter;
global $dolibarr_main_auth_ldap_debug;
// Force master entity in transversal mode
$entity = $entitytotest;
if (!empty($conf->multicompany->enabled) && !empty($conf->multicompany->transverse_mode)) {
$entity = 1;
}
$login = '';
$resultFetchUser = '';
if (!function_exists("ldap_connect")) {
dol_syslog("functions_ldap::check_user_password_ldap Authentification ko failed to connect to LDAP. LDAP functions are disabled on this PHP");
sleep(1);
$langs->load('main');
$langs->load('other');
$_SESSION["dol_loginmesg"] = $langs->trans("ErrorLDAPFunctionsAreDisabledOnThisPHP") . ' ' . $langs->trans("TryAnotherConnectionMode");
return;
}
if ($usertotest) {
dol_syslog("functions_ldap::check_user_password_ldap usertotest=" . $usertotest . " passwordtotest=" . preg_replace('/./', '*', $passwordtotest) . " entitytotest=" . $entitytotest);
// If test username/password asked, we define $test=false and $login var if ok, set $_SESSION["dol_loginmesg"] if ko
$ldaphost = $dolibarr_main_auth_ldap_host;
$ldapport = $dolibarr_main_auth_ldap_port;
$ldapversion = $dolibarr_main_auth_ldap_version;
$ldapservertype = empty($dolibarr_main_auth_ldap_servertype) ? 'openldap' : $dolibarr_main_auth_ldap_servertype;
$ldapuserattr = $dolibarr_main_auth_ldap_login_attribute;
$ldapdn = $dolibarr_main_auth_ldap_dn;
$ldapadminlogin = $dolibarr_main_auth_ldap_admin_login;
$ldapadminpass = $dolibarr_main_auth_ldap_admin_pass;
$ldapdebug = empty($dolibarr_main_auth_ldap_debug) || $dolibarr_main_auth_ldap_debug == "false" ? false : true;
if ($ldapdebug) {
print "DEBUG: Logging LDAP steps<br>\n";
}
require_once DOL_DOCUMENT_ROOT . '/core/class/ldap.class.php';
$ldap = new Ldap();
$ldap->server = explode(',', $ldaphost);
$ldap->serverPort = $ldapport;
$ldap->ldapProtocolVersion = $ldapversion;
$ldap->serverType = $ldapservertype;
$ldap->searchUser = $ldapadminlogin;
$ldap->searchPassword = $ldapadminpass;
if ($ldapdebug) {
dol_syslog("functions_ldap::check_user_password_ldap Server:" . join(',', $ldap->server) . ", Port:" . $ldap->serverPort . ", Protocol:" . $ldap->ldapProtocolVersion . ", Type:" . $ldap->serverType);
dol_syslog("functions_ldap::check_user_password_ldap uid/samacountname=" . $ldapuserattr . ", dn=" . $ldapdn . ", Admin:" . $ldap->searchUser . ", Pass:" . $ldap->searchPassword);
print "DEBUG: Server:" . join(',', $ldap->server) . ", Port:" . $ldap->serverPort . ", Protocol:" . $ldap->ldapProtocolVersion . ", Type:" . $ldap->serverType . "<br>\n";
print "DEBUG: uid/samacountname=" . $ldapuserattr . ", dn=" . $ldapdn . ", Admin:" . $ldap->searchUser . ", Pass:" . $ldap->searchPassword . "<br>\n";
}
$resultFetchLdapUser = 0;
// Define $userSearchFilter
$userSearchFilter = "";
if (empty($dolibarr_main_auth_ldap_filter)) {
$userSearchFilter = "(" . $ldapuserattr . "=" . $usertotest . ")";
} else {
$userSearchFilter = str_replace('%1%', $usertotest, $dolibarr_main_auth_ldap_filter);
}
// If admin login provided
// Code to get user in LDAP from an admin connection (may differ from user connection, done later)
if ($ldapadminlogin) {
$result = $ldap->connect_bind();
if ($result > 0) {
$resultFetchLdapUser = $ldap->fetch($usertotest, $userSearchFilter);
//dol_syslog('functions_ldap::check_user_password_ldap resultFetchLdapUser='.$resultFetchLdapUser);
if ($resultFetchLdapUser > 0 && $ldap->pwdlastset == 0) {
dol_syslog('functions_ldap::check_user_password_ldap ' . $usertotest . ' must change password next logon');
if ($ldapdebug) {
print "DEBUG: User " . $usertotest . " must change password<br>\n";
}
$ldap->close();
sleep(1);
$langs->load('ldap');
$_SESSION["dol_loginmesg"] = $langs->trans("YouMustChangePassNextLogon", $usertotest, $ldap->domainFQDN);
return '';
}
} else {
if ($ldapdebug) {
print "DEBUG: " . $ldap->error . "<br>\n";
}
}
$ldap->close();
}
// Forge LDAP user and password to test with them
// If LDAP need a dn with login like "uid=jbloggs,ou=People,dc=foo,dc=com", default dn may work even if previous code with
// admin login no exectued.
$ldap->searchUser = $ldapuserattr . "=" . $usertotest . "," . $ldapdn;
//.........这里部分代码省略.........
开发者ID:Samara94,项目名称:dolibarr,代码行数:101,代码来源:functions_ldap.php
示例19: die
<?php
if (!defined('PHPWG_ROOT_PATH')) {
die('Hacking attempt!');
}
/*
*
* Here we have everything if valid ldap users are allowed or not to connect to piwigo
* Valid ldap users with no piwigo login can create their login this way.
*
*/
global $template;
$template->set_filenames(array('plugin_admin_content' => dirname(__FILE__) . '/newusers.tpl'));
$template->assign(array('PLUGIN_NEWUSERS' => get_root_url() . 'admin.php?page=plugin-Ldap_Login-newusers'));
$me = new Ldap();
$me->load_config();
// do we allow new users to have a piwigo login created if they have a valid ldap login ?
$template->assign('ALLOW_NEWUSERS', $me->config['allow_newusers']);
// do we send a mail to admins in case of new users ?
$template->assign('ADVERTISE_ADMINS', $me->config['advertise_admin_new_ldapuser']);
// do we send the piwigo (!) password to the mail address provided by ldap ?
$template->assign('SEND_CASUAL_MAIL', $me->config['send_password_by_mail_ldap']);
// Is there a restriction in the ldap users group ?
// Only members of this ldap group can log in !
$template->assign('USERS_GROUP', $me->config['users_group']);
if (isset($_POST['save'])) {
$me->config['users_group'] = $_POST['USERS_GROUP'];
if (isset($_POST['ALLOW_NEWUSERS'])) {
$me->config['allow_newusers'] = True;
} else {
$me->config['allow_newusers'] = False;
开发者ID:kvakanet,项目名称:ldap_login,代码行数:31,代码来源:newusers.php
示例20: is_what
function is_what($login, $what)
{
$ldapconnisuid = Ldap::lda_connect(LDAP_ADMIN_DN, LDAP_ADMIN_PASS);
$filter = "(" . $what . "=" . $login . ")";
$sr = ldap_search($ldapconnisuid, LDAP_BASE, $filter);
$info = ldap_get_entries($ldapconnisuid, $sr);
if ($info['count']) {
ldap_unbind($ldapconnisuid);
return $info['count'];
} else {
ldap_unbind($ldapconnisuid);
return FALSE;
}
}
开发者ID:Evolix,项目名称:evoadmin-mail,代码行数:14,代码来源:Ldap.php
注:本文中的Ldap类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论