From 370e189f156730f3ea602052737fb6995c85c23c Mon Sep 17 00:00:00 2001 From: David M Date: Tue, 8 Jan 2008 06:44:05 +0000 Subject: - make viewforum work again - remove the lower case functions, they were stupid anyway - added some indexes - added a group_name_clean column git-svn-id: file:///svn/phpbb/trunk@8315 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/auth/auth_ldap.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/auth/auth_ldap.php') diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index 472927ace3..9507dc645a 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -198,7 +198,7 @@ function login_ldap(&$username, &$password) // retrieve default group id $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " - WHERE group_name = '" . $db->sql_escape('REGISTERED') . "' + WHERE group_name_clean = '" . $db->sql_escape('registered') . "' AND group_type = " . GROUP_SPECIAL; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); -- cgit v1.2.1 From 02a5032a52784339e75d0d3fc9c24e92e235c26b Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Tue, 18 Mar 2008 14:47:43 +0000 Subject: merging... again git-svn-id: file:///svn/phpbb/trunk@8452 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/auth/auth_ldap.php | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'phpBB/includes/auth/auth_ldap.php') diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index 9507dc645a..3163153997 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -104,8 +104,18 @@ function login_ldap(&$username, &$password) if (!$password) { return array( - 'status' => LOGIN_BREAK, + 'status' => LOGIN_ERROR_PASSWORD, 'error_msg' => 'NO_PASSWORD_SUPPLIED', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + if (!$username) + { + return array( + 'status' => LOGIN_ERROR_USERNAME, + 'error_msg' => 'LOGIN_ERROR_USERNAME', + 'user_row' => array('user_id' => ANONYMOUS), ); } -- cgit v1.2.1 From 25725c98503c3a9ba8b5de4b91c2528b6c974a03 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sat, 27 Dec 2008 12:18:04 +0000 Subject: replace constants with class constants. ACL_YES, ACL_NO, ACL_NEVER, USER_NORMAL, USER_IGNORE, USER_INACTIVE, USER_FOUNDER git-svn-id: file:///svn/phpbb/trunk@9233 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/auth/auth_ldap.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'phpBB/includes/auth/auth_ldap.php') diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index 3163153997..797d3c1cbb 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -187,7 +187,7 @@ function login_ldap(&$username, &$password) unset($ldap_result); // User inactive... - if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) + if ($row['user_type'] == phpbb::USER_INACTIVE || $row['user_type'] == phpbb::USER_IGNORE) { return array( 'status' => LOGIN_ERROR_ACTIVE, @@ -225,7 +225,7 @@ function login_ldap(&$username, &$password) 'user_password' => phpbb_hash($password), 'user_email' => (!empty($config['ldap_email'])) ? $ldap_result[0][$config['ldap_email']][0] : '', 'group_id' => (int) $row['group_id'], - 'user_type' => USER_NORMAL, + 'user_type' => phpbb::USER_NORMAL, 'user_ip' => $user->ip, ); -- cgit v1.2.1 From 19aed179e53f9660a7202e2e50816e1cef0f7be9 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sun, 28 Dec 2008 23:30:09 +0000 Subject: $config to phpbb::$config git-svn-id: file:///svn/phpbb/trunk@9242 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/auth/auth_ldap.php | 48 +++++++++++++++++++-------------------- 1 file changed, 23 insertions(+), 25 deletions(-) (limited to 'phpBB/includes/auth/auth_ldap.php') diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index 797d3c1cbb..19ec9db683 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -27,21 +27,21 @@ if (!defined('IN_PHPBB')) */ function init_ldap() { - global $config, $user; + global $user; if (!@extension_loaded('ldap')) { return $user->lang['LDAP_NO_LDAP_EXTENSION']; } - $config['ldap_port'] = (int) $config['ldap_port']; - if ($config['ldap_port']) + phpbb::$config['ldap_port'] = (int) phpbb::$config['ldap_port']; + if (phpbb::$config['ldap_port']) { - $ldap = @ldap_connect($config['ldap_server'], $config['ldap_port']); + $ldap = @ldap_connect(phpbb::$config['ldap_server'], phpbb::$config['ldap_port']); } else { - $ldap = @ldap_connect($config['ldap_server']); + $ldap = @ldap_connect(phpbb::$config['ldap_server']); } if (!$ldap) @@ -52,9 +52,9 @@ function init_ldap() @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); - if ($config['ldap_user'] || $config['ldap_password']) + if (phpbb::$config['ldap_user'] || phpbb::$config['ldap_password']) { - if (!@ldap_bind($ldap, htmlspecialchars_decode($config['ldap_user']), htmlspecialchars_decode($config['ldap_password']))) + if (!@ldap_bind($ldap, htmlspecialchars_decode(phpbb::$config['ldap_user']), htmlspecialchars_decode(phpbb::$config['ldap_password']))) { return $user->lang['LDAP_INCORRECT_USER_PASSWORD']; } @@ -63,9 +63,9 @@ function init_ldap() // ldap_connect only checks whether the specified server is valid, so the connection might still fail $search = @ldap_search( $ldap, - $config['ldap_base_dn'], + phpbb::$config['ldap_base_dn'], ldap_user_filter($user->data['username']), - (empty($config['ldap_email'])) ? array($config['ldap_uid']) : array($config['ldap_uid'], $config['ldap_email']), + (empty(phpbb::$config['ldap_email'])) ? array(phpbb::$config['ldap_uid']) : array(phpbb::$config['ldap_uid'], phpbb::$config['ldap_email']), 0, 1 ); @@ -85,7 +85,7 @@ function init_ldap() return sprintf($user->lang['LDAP_NO_IDENTITY'], $user->data['username']); } - if (!empty($config['ldap_email']) && !isset($result[0][$config['ldap_email']])) + if (!empty(phpbb::$config['ldap_email']) && !isset($result[0][phpbb::$config['ldap_email']])) { return $user->lang['LDAP_NO_EMAIL']; } @@ -98,7 +98,7 @@ function init_ldap() */ function login_ldap(&$username, &$password) { - global $db, $config, $user; + global $db, $user; // do not allow empty password if (!$password) @@ -128,14 +128,14 @@ function login_ldap(&$username, &$password) ); } - $config['ldap_port'] = (int) $config['ldap_port']; - if ($config['ldap_port']) + phpbb::$config['ldap_port'] = (int) phpbb::$config['ldap_port']; + if (phpbb::$config['ldap_port']) { - $ldap = @ldap_connect($config['ldap_server'], $config['ldap_port']); + $ldap = @ldap_connect(phpbb::$config['ldap_server'], phpbb::$config['ldap_port']); } else { - $ldap = @ldap_connect($config['ldap_server']); + $ldap = @ldap_connect(phpbb::$config['ldap_server']); } if (!$ldap) @@ -150,9 +150,9 @@ function login_ldap(&$username, &$password) @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); - if ($config['ldap_user'] || $config['ldap_password']) + if (phpbb::$config['ldap_user'] || phpbb::$config['ldap_password']) { - if (!@ldap_bind($ldap, $config['ldap_user'], htmlspecialchars_decode($config['ldap_password']))) + if (!@ldap_bind($ldap, phpbb::$config['ldap_user'], htmlspecialchars_decode(phpbb::$config['ldap_password']))) { return $user->lang['LDAP_NO_SERVER_CONNECTION']; } @@ -160,9 +160,9 @@ function login_ldap(&$username, &$password) $search = @ldap_search( $ldap, - $config['ldap_base_dn'], + phpbb::$config['ldap_base_dn'], ldap_user_filter($username), - (empty($config['ldap_email'])) ? array($config['ldap_uid']) : array($config['ldap_uid'], $config['ldap_email']), + (empty(phpbb::$config['ldap_email'])) ? array(phpbb::$config['ldap_uid']) : array(phpbb::$config['ldap_uid'], phpbb::$config['ldap_email']), 0, 1 ); @@ -223,7 +223,7 @@ function login_ldap(&$username, &$password) $ldap_user_row = array( 'username' => $username, 'user_password' => phpbb_hash($password), - 'user_email' => (!empty($config['ldap_email'])) ? $ldap_result[0][$config['ldap_email']][0] : '', + 'user_email' => (!empty(phpbb::$config['ldap_email'])) ? $ldap_result[0][phpbb::$config['ldap_email']][0] : '', 'group_id' => (int) $row['group_id'], 'user_type' => phpbb::USER_NORMAL, 'user_ip' => $user->ip, @@ -271,12 +271,10 @@ function login_ldap(&$username, &$password) */ function ldap_user_filter($username) { - global $config; - - $filter = '(' . $config['ldap_uid'] . '=' . ldap_escape(htmlspecialchars_decode($username)) . ')'; - if ($config['ldap_user_filter']) + $filter = '(' . phpbb::$config['ldap_uid'] . '=' . ldap_escape(htmlspecialchars_decode($username)) . ')'; + if (phpbb::$config['ldap_user_filter']) { - $filter = "(&$filter({$config['ldap_user_filter']}))"; + $filter = "(&$filter({phpbb::$config['ldap_user_filter']}))"; } return $filter; } -- cgit v1.2.1 From 794c5749696c9fa2595ed3a1d7c836a0d984e11c Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sun, 22 Feb 2009 15:29:18 +0000 Subject: remove global and change $user-> to phpbb::$user-> git-svn-id: file:///svn/phpbb/trunk@9334 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/auth/auth_ldap.php | 40 +++++++++++++++++---------------------- 1 file changed, 17 insertions(+), 23 deletions(-) (limited to 'phpBB/includes/auth/auth_ldap.php') diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index 19ec9db683..84eb6f33d4 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -27,11 +27,9 @@ if (!defined('IN_PHPBB')) */ function init_ldap() { - global $user; - if (!@extension_loaded('ldap')) { - return $user->lang['LDAP_NO_LDAP_EXTENSION']; + return phpbb::$user->lang['LDAP_NO_LDAP_EXTENSION']; } phpbb::$config['ldap_port'] = (int) phpbb::$config['ldap_port']; @@ -46,7 +44,7 @@ function init_ldap() if (!$ldap) { - return $user->lang['LDAP_NO_SERVER_CONNECTION']; + return phpbb::$user->lang['LDAP_NO_SERVER_CONNECTION']; } @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); @@ -56,7 +54,7 @@ function init_ldap() { if (!@ldap_bind($ldap, htmlspecialchars_decode(phpbb::$config['ldap_user']), htmlspecialchars_decode(phpbb::$config['ldap_password']))) { - return $user->lang['LDAP_INCORRECT_USER_PASSWORD']; + return phpbb::$user->lang['LDAP_INCORRECT_USER_PASSWORD']; } } @@ -64,7 +62,7 @@ function init_ldap() $search = @ldap_search( $ldap, phpbb::$config['ldap_base_dn'], - ldap_user_filter($user->data['username']), + ldap_user_filter(phpbb::$user->data['username']), (empty(phpbb::$config['ldap_email'])) ? array(phpbb::$config['ldap_uid']) : array(phpbb::$config['ldap_uid'], phpbb::$config['ldap_email']), 0, 1 @@ -72,7 +70,7 @@ function init_ldap() if ($search === false) { - return $user->lang['LDAP_NO_SERVER_CONNECTION']; + return phpbb::$user->lang['LDAP_NO_SERVER_CONNECTION']; } $result = @ldap_get_entries($ldap, $search); @@ -82,12 +80,12 @@ function init_ldap() if (!is_array($result) || sizeof($result) < 2) { - return sprintf($user->lang['LDAP_NO_IDENTITY'], $user->data['username']); + return sprintf(phpbb::$user->lang['LDAP_NO_IDENTITY'], phpbb::$user->data['username']); } if (!empty(phpbb::$config['ldap_email']) && !isset($result[0][phpbb::$config['ldap_email']])) { - return $user->lang['LDAP_NO_EMAIL']; + return phpbb::$user->lang['LDAP_NO_EMAIL']; } return false; @@ -98,8 +96,6 @@ function init_ldap() */ function login_ldap(&$username, &$password) { - global $db, $user; - // do not allow empty password if (!$password) { @@ -154,7 +150,7 @@ function login_ldap(&$username, &$password) { if (!@ldap_bind($ldap, phpbb::$config['ldap_user'], htmlspecialchars_decode(phpbb::$config['ldap_password']))) { - return $user->lang['LDAP_NO_SERVER_CONNECTION']; + return phpbb::$user->lang['LDAP_NO_SERVER_CONNECTION']; } } @@ -226,7 +222,7 @@ function login_ldap(&$username, &$password) 'user_email' => (!empty(phpbb::$config['ldap_email'])) ? $ldap_result[0][phpbb::$config['ldap_email']][0] : '', 'group_id' => (int) $row['group_id'], 'user_type' => phpbb::USER_NORMAL, - 'user_ip' => $user->ip, + 'user_ip' => phpbb::$user->ip, ); unset($ldap_result); @@ -293,40 +289,38 @@ function ldap_escape($string) */ function acp_ldap(&$new) { - global $user; - $tpl = '
-

' . $user->lang['LDAP_SERVER_EXPLAIN'] . '
+

' . phpbb::$user->lang['LDAP_SERVER_EXPLAIN'] . '
-

' . $user->lang['LDAP_PORT_EXPLAIN'] . '
+

' . phpbb::$user->lang['LDAP_PORT_EXPLAIN'] . '
-

' . $user->lang['LDAP_DN_EXPLAIN'] . '
+

' . phpbb::$user->lang['LDAP_DN_EXPLAIN'] . '
-

' . $user->lang['LDAP_UID_EXPLAIN'] . '
+

' . phpbb::$user->lang['LDAP_UID_EXPLAIN'] . '
-

' . $user->lang['LDAP_USER_FILTER_EXPLAIN'] . '
+

' . phpbb::$user->lang['LDAP_USER_FILTER_EXPLAIN'] . '
-

' . $user->lang['LDAP_EMAIL_EXPLAIN'] . '
+

' . phpbb::$user->lang['LDAP_EMAIL_EXPLAIN'] . '
-

' . $user->lang['LDAP_USER_EXPLAIN'] . '
+

' . phpbb::$user->lang['LDAP_USER_EXPLAIN'] . '
-

' . $user->lang['LDAP_PASSWORD_EXPLAIN'] . '
+

' . phpbb::$user->lang['LDAP_PASSWORD_EXPLAIN'] . '
'; -- cgit v1.2.1 From 84f795e9fbd172924280593d575bf4587c9b40e5 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sun, 22 Feb 2009 18:06:05 +0000 Subject: $db-> to phpbb::$db-> git-svn-id: file:///svn/phpbb/trunk@9336 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/auth/auth_ldap.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'phpBB/includes/auth/auth_ldap.php') diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index 84eb6f33d4..6dd9abda03 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -173,10 +173,10 @@ function login_ldap(&$username, &$password) $sql ='SELECT user_id, username, user_password, user_passchg, user_email, user_type FROM ' . USERS_TABLE . " - WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); + WHERE username_clean = '" . phpbb::$db->sql_escape(utf8_clean_string($username)) . "'"; + $result = phpbb::$db->sql_query($sql); + $row = phpbb::$db->sql_fetchrow($result); + phpbb::$db->sql_freeresult($result); if ($row) { @@ -204,11 +204,11 @@ function login_ldap(&$username, &$password) // retrieve default group id $sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " - WHERE group_name_clean = '" . $db->sql_escape('registered') . "' + WHERE group_name_clean = '" . phpbb::$db->sql_escape('registered') . "' AND group_type = " . GROUP_SPECIAL; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); + $result = phpbb::$db->sql_query($sql); + $row = phpbb::$db->sql_fetchrow($result); + phpbb::$db->sql_freeresult($result); if (!$row) { -- cgit v1.2.1 From bf8ac19eaa8d74f9dfd6d597190f5664e7339382 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sun, 4 Oct 2009 18:13:59 +0000 Subject: Move trunk/phpBB to old_trunk/phpBB git-svn-id: file:///svn/phpbb/trunk@10210 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/auth/auth_ldap.php | 335 -------------------------------------- 1 file changed, 335 deletions(-) delete mode 100644 phpBB/includes/auth/auth_ldap.php (limited to 'phpBB/includes/auth/auth_ldap.php') diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php deleted file mode 100644 index 6dd9abda03..0000000000 --- a/phpBB/includes/auth/auth_ldap.php +++ /dev/null @@ -1,335 +0,0 @@ -lang['LDAP_NO_LDAP_EXTENSION']; - } - - phpbb::$config['ldap_port'] = (int) phpbb::$config['ldap_port']; - if (phpbb::$config['ldap_port']) - { - $ldap = @ldap_connect(phpbb::$config['ldap_server'], phpbb::$config['ldap_port']); - } - else - { - $ldap = @ldap_connect(phpbb::$config['ldap_server']); - } - - if (!$ldap) - { - return phpbb::$user->lang['LDAP_NO_SERVER_CONNECTION']; - } - - @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); - @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); - - if (phpbb::$config['ldap_user'] || phpbb::$config['ldap_password']) - { - if (!@ldap_bind($ldap, htmlspecialchars_decode(phpbb::$config['ldap_user']), htmlspecialchars_decode(phpbb::$config['ldap_password']))) - { - return phpbb::$user->lang['LDAP_INCORRECT_USER_PASSWORD']; - } - } - - // ldap_connect only checks whether the specified server is valid, so the connection might still fail - $search = @ldap_search( - $ldap, - phpbb::$config['ldap_base_dn'], - ldap_user_filter(phpbb::$user->data['username']), - (empty(phpbb::$config['ldap_email'])) ? array(phpbb::$config['ldap_uid']) : array(phpbb::$config['ldap_uid'], phpbb::$config['ldap_email']), - 0, - 1 - ); - - if ($search === false) - { - return phpbb::$user->lang['LDAP_NO_SERVER_CONNECTION']; - } - - $result = @ldap_get_entries($ldap, $search); - - @ldap_close($ldap); - - - if (!is_array($result) || sizeof($result) < 2) - { - return sprintf(phpbb::$user->lang['LDAP_NO_IDENTITY'], phpbb::$user->data['username']); - } - - if (!empty(phpbb::$config['ldap_email']) && !isset($result[0][phpbb::$config['ldap_email']])) - { - return phpbb::$user->lang['LDAP_NO_EMAIL']; - } - - return false; -} - -/** -* Login function -*/ -function login_ldap(&$username, &$password) -{ - // do not allow empty password - if (!$password) - { - return array( - 'status' => LOGIN_ERROR_PASSWORD, - 'error_msg' => 'NO_PASSWORD_SUPPLIED', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - if (!$username) - { - return array( - 'status' => LOGIN_ERROR_USERNAME, - 'error_msg' => 'LOGIN_ERROR_USERNAME', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - if (!@extension_loaded('ldap')) - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - 'error_msg' => 'LDAP_NO_LDAP_EXTENSION', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - phpbb::$config['ldap_port'] = (int) phpbb::$config['ldap_port']; - if (phpbb::$config['ldap_port']) - { - $ldap = @ldap_connect(phpbb::$config['ldap_server'], phpbb::$config['ldap_port']); - } - else - { - $ldap = @ldap_connect(phpbb::$config['ldap_server']); - } - - if (!$ldap) - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - 'error_msg' => 'LDAP_NO_SERVER_CONNECTION', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); - @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); - - if (phpbb::$config['ldap_user'] || phpbb::$config['ldap_password']) - { - if (!@ldap_bind($ldap, phpbb::$config['ldap_user'], htmlspecialchars_decode(phpbb::$config['ldap_password']))) - { - return phpbb::$user->lang['LDAP_NO_SERVER_CONNECTION']; - } - } - - $search = @ldap_search( - $ldap, - phpbb::$config['ldap_base_dn'], - ldap_user_filter($username), - (empty(phpbb::$config['ldap_email'])) ? array(phpbb::$config['ldap_uid']) : array(phpbb::$config['ldap_uid'], phpbb::$config['ldap_email']), - 0, - 1 - ); - - $ldap_result = @ldap_get_entries($ldap, $search); - - if (is_array($ldap_result) && sizeof($ldap_result) > 1) - { - if (@ldap_bind($ldap, $ldap_result[0]['dn'], htmlspecialchars_decode($password))) - { - @ldap_close($ldap); - - $sql ='SELECT user_id, username, user_password, user_passchg, user_email, user_type - FROM ' . USERS_TABLE . " - WHERE username_clean = '" . phpbb::$db->sql_escape(utf8_clean_string($username)) . "'"; - $result = phpbb::$db->sql_query($sql); - $row = phpbb::$db->sql_fetchrow($result); - phpbb::$db->sql_freeresult($result); - - if ($row) - { - unset($ldap_result); - - // User inactive... - if ($row['user_type'] == phpbb::USER_INACTIVE || $row['user_type'] == phpbb::USER_IGNORE) - { - return array( - 'status' => LOGIN_ERROR_ACTIVE, - 'error_msg' => 'ACTIVE_ERROR', - 'user_row' => $row, - ); - } - - // Successful login... set user_login_attempts to zero... - return array( - 'status' => LOGIN_SUCCESS, - 'error_msg' => false, - 'user_row' => $row, - ); - } - else - { - // retrieve default group id - $sql = 'SELECT group_id - FROM ' . GROUPS_TABLE . " - WHERE group_name_clean = '" . phpbb::$db->sql_escape('registered') . "' - AND group_type = " . GROUP_SPECIAL; - $result = phpbb::$db->sql_query($sql); - $row = phpbb::$db->sql_fetchrow($result); - phpbb::$db->sql_freeresult($result); - - if (!$row) - { - trigger_error('NO_GROUP'); - } - - // generate user account data - $ldap_user_row = array( - 'username' => $username, - 'user_password' => phpbb_hash($password), - 'user_email' => (!empty(phpbb::$config['ldap_email'])) ? $ldap_result[0][phpbb::$config['ldap_email']][0] : '', - 'group_id' => (int) $row['group_id'], - 'user_type' => phpbb::USER_NORMAL, - 'user_ip' => phpbb::$user->ip, - ); - - unset($ldap_result); - - // this is the user's first login so create an empty profile - return array( - 'status' => LOGIN_SUCCESS_CREATE_PROFILE, - 'error_msg' => false, - 'user_row' => $ldap_user_row, - ); - } - } - else - { - unset($ldap_result); - @ldap_close($ldap); - - // Give status about wrong password... - return array( - 'status' => LOGIN_ERROR_PASSWORD, - 'error_msg' => 'LOGIN_ERROR_PASSWORD', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - } - - @ldap_close($ldap); - - return array( - 'status' => LOGIN_ERROR_USERNAME, - 'error_msg' => 'LOGIN_ERROR_USERNAME', - 'user_row' => array('user_id' => ANONYMOUS), - ); -} - -/** -* Generates a filter string for ldap_search to find a user -* -* @param $username string Username identifying the searched user -* -* @return string A filter string for ldap_search -*/ -function ldap_user_filter($username) -{ - $filter = '(' . phpbb::$config['ldap_uid'] . '=' . ldap_escape(htmlspecialchars_decode($username)) . ')'; - if (phpbb::$config['ldap_user_filter']) - { - $filter = "(&$filter({phpbb::$config['ldap_user_filter']}))"; - } - return $filter; -} - -/** -* Escapes an LDAP AttributeValue -*/ -function ldap_escape($string) -{ - return str_replace(array('*', '\\', '(', ')'), array('\\*', '\\\\', '\\(', '\\)'), $string); -} - -/** -* This function is used to output any required fields in the authentication -* admin panel. It also defines any required configuration table fields. -*/ -function acp_ldap(&$new) -{ - $tpl = ' - -
-

' . phpbb::$user->lang['LDAP_SERVER_EXPLAIN'] . '
-
-
-
-

' . phpbb::$user->lang['LDAP_PORT_EXPLAIN'] . '
-
-
-
-

' . phpbb::$user->lang['LDAP_DN_EXPLAIN'] . '
-
-
-
-

' . phpbb::$user->lang['LDAP_UID_EXPLAIN'] . '
-
-
-
-

' . phpbb::$user->lang['LDAP_USER_FILTER_EXPLAIN'] . '
-
-
-
-

' . phpbb::$user->lang['LDAP_EMAIL_EXPLAIN'] . '
-
-
-
-

' . phpbb::$user->lang['LDAP_USER_EXPLAIN'] . '
-
-
-
-

' . phpbb::$user->lang['LDAP_PASSWORD_EXPLAIN'] . '
-
-
- '; - - // These are fields required in the config table - return array( - 'tpl' => $tpl, - 'config' => array('ldap_server', 'ldap_port', 'ldap_base_dn', 'ldap_uid', 'ldap_user_filter', 'ldap_email', 'ldap_user', 'ldap_password') - ); -} - -?> \ No newline at end of file -- cgit v1.2.1 From 2e17e448deed073f8614bb555a8ef20c57291c2a Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Sun, 4 Oct 2009 18:14:59 +0000 Subject: Copy 3.0.x branch to trunk git-svn-id: file:///svn/phpbb/trunk@10211 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/auth/auth_ldap.php | 349 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 349 insertions(+) create mode 100644 phpBB/includes/auth/auth_ldap.php (limited to 'phpBB/includes/auth/auth_ldap.php') diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php new file mode 100644 index 0000000000..a6092baba5 --- /dev/null +++ b/phpBB/includes/auth/auth_ldap.php @@ -0,0 +1,349 @@ +lang['LDAP_NO_LDAP_EXTENSION']; + } + + $config['ldap_port'] = (int) $config['ldap_port']; + if ($config['ldap_port']) + { + $ldap = @ldap_connect($config['ldap_server'], $config['ldap_port']); + } + else + { + $ldap = @ldap_connect($config['ldap_server']); + } + + if (!$ldap) + { + return $user->lang['LDAP_NO_SERVER_CONNECTION']; + } + + @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); + @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); + + if ($config['ldap_user'] || $config['ldap_password']) + { + if (!@ldap_bind($ldap, htmlspecialchars_decode($config['ldap_user']), htmlspecialchars_decode($config['ldap_password']))) + { + return $user->lang['LDAP_INCORRECT_USER_PASSWORD']; + } + } + + // ldap_connect only checks whether the specified server is valid, so the connection might still fail + $search = @ldap_search( + $ldap, + htmlspecialchars_decode($config['ldap_base_dn']), + ldap_user_filter($user->data['username']), + (empty($config['ldap_email'])) ? + array(htmlspecialchars_decode($config['ldap_uid'])) : + array(htmlspecialchars_decode($config['ldap_uid']), htmlspecialchars_decode($config['ldap_email'])), + 0, + 1 + ); + + if ($search === false) + { + return $user->lang['LDAP_NO_SERVER_CONNECTION']; + } + + $result = @ldap_get_entries($ldap, $search); + + @ldap_close($ldap); + + + if (!is_array($result) || sizeof($result) < 2) + { + return sprintf($user->lang['LDAP_NO_IDENTITY'], $user->data['username']); + } + + if (!empty($config['ldap_email']) && !isset($result[0][htmlspecialchars_decode($config['ldap_email'])])) + { + return $user->lang['LDAP_NO_EMAIL']; + } + + return false; +} + +/** +* Login function +*/ +function login_ldap(&$username, &$password) +{ + global $db, $config, $user; + + // do not allow empty password + if (!$password) + { + return array( + 'status' => LOGIN_ERROR_PASSWORD, + 'error_msg' => 'NO_PASSWORD_SUPPLIED', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + if (!$username) + { + return array( + 'status' => LOGIN_ERROR_USERNAME, + 'error_msg' => 'LOGIN_ERROR_USERNAME', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + if (!@extension_loaded('ldap')) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LDAP_NO_LDAP_EXTENSION', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + $config['ldap_port'] = (int) $config['ldap_port']; + if ($config['ldap_port']) + { + $ldap = @ldap_connect($config['ldap_server'], $config['ldap_port']); + } + else + { + $ldap = @ldap_connect($config['ldap_server']); + } + + if (!$ldap) + { + return array( + 'status' => LOGIN_ERROR_EXTERNAL_AUTH, + 'error_msg' => 'LDAP_NO_SERVER_CONNECTION', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + + @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); + @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); + + if ($config['ldap_user'] || $config['ldap_password']) + { + if (!@ldap_bind($ldap, htmlspecialchars_decode($config['ldap_user']), htmlspecialchars_decode($config['ldap_password']))) + { + return $user->lang['LDAP_NO_SERVER_CONNECTION']; + } + } + + $search = @ldap_search( + $ldap, + htmlspecialchars_decode($config['ldap_base_dn']), + ldap_user_filter($username), + (empty($config['ldap_email'])) ? + array(htmlspecialchars_decode($config['ldap_uid'])) : + array(htmlspecialchars_decode($config['ldap_uid']), htmlspecialchars_decode($config['ldap_email'])), + 0, + 1 + ); + + $ldap_result = @ldap_get_entries($ldap, $search); + + if (is_array($ldap_result) && sizeof($ldap_result) > 1) + { + if (@ldap_bind($ldap, $ldap_result[0]['dn'], htmlspecialchars_decode($password))) + { + @ldap_close($ldap); + + $sql ='SELECT user_id, username, user_password, user_passchg, user_email, user_type + FROM ' . USERS_TABLE . " + WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if ($row) + { + unset($ldap_result); + + // User inactive... + if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) + { + return array( + 'status' => LOGIN_ERROR_ACTIVE, + 'error_msg' => 'ACTIVE_ERROR', + 'user_row' => $row, + ); + } + + // Successful login... set user_login_attempts to zero... + return array( + 'status' => LOGIN_SUCCESS, + 'error_msg' => false, + 'user_row' => $row, + ); + } + else + { + // retrieve default group id + $sql = 'SELECT group_id + FROM ' . GROUPS_TABLE . " + WHERE group_name = '" . $db->sql_escape('REGISTERED') . "' + AND group_type = " . GROUP_SPECIAL; + $result = $db->sql_query($sql); + $row = $db->sql_fetchrow($result); + $db->sql_freeresult($result); + + if (!$row) + { + trigger_error('NO_GROUP'); + } + + // generate user account data + $ldap_user_row = array( + 'username' => $username, + 'user_password' => phpbb_hash($password), + 'user_email' => (!empty($config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($config['ldap_email'])][0]) : '', + 'group_id' => (int) $row['group_id'], + 'user_type' => USER_NORMAL, + 'user_ip' => $user->ip, + 'user_new' => ($config['new_member_post_limit']) ? 1 : 0, + ); + + unset($ldap_result); + + // this is the user's first login so create an empty profile + return array( + 'status' => LOGIN_SUCCESS_CREATE_PROFILE, + 'error_msg' => false, + 'user_row' => $ldap_user_row, + ); + } + } + else + { + unset($ldap_result); + @ldap_close($ldap); + + // Give status about wrong password... + return array( + 'status' => LOGIN_ERROR_PASSWORD, + 'error_msg' => 'LOGIN_ERROR_PASSWORD', + 'user_row' => array('user_id' => ANONYMOUS), + ); + } + } + + @ldap_close($ldap); + + return array( + 'status' => LOGIN_ERROR_USERNAME, + 'error_msg' => 'LOGIN_ERROR_USERNAME', + 'user_row' => array('user_id' => ANONYMOUS), + ); +} + +/** +* Generates a filter string for ldap_search to find a user +* +* @param $username string Username identifying the searched user +* +* @return string A filter string for ldap_search +*/ +function ldap_user_filter($username) +{ + global $config; + + $filter = '(' . $config['ldap_uid'] . '=' . ldap_escape(htmlspecialchars_decode($username)) . ')'; + if ($config['ldap_user_filter']) + { + $_filter = ($config['ldap_user_filter'][0] == '(' && substr($config['ldap_user_filter'], -1) == ')') ? $config['ldap_user_filter'] : "({$config['ldap_user_filter']})"; + $filter = "(&{$filter}{$_filter})"; + } + return $filter; +} + +/** +* Escapes an LDAP AttributeValue +*/ +function ldap_escape($string) +{ + return str_replace(array('*', '\\', '(', ')'), array('\\*', '\\\\', '\\(', '\\)'), $string); +} + +/** +* This function is used to output any required fields in the authentication +* admin panel. It also defines any required configuration table fields. +*/ +function acp_ldap(&$new) +{ + global $user; + + $tpl = ' + +
+

' . $user->lang['LDAP_SERVER_EXPLAIN'] . '
+
+
+
+

' . $user->lang['LDAP_PORT_EXPLAIN'] . '
+
+
+
+

' . $user->lang['LDAP_DN_EXPLAIN'] . '
+
+
+
+

' . $user->lang['LDAP_UID_EXPLAIN'] . '
+
+
+
+

' . $user->lang['LDAP_USER_FILTER_EXPLAIN'] . '
+
+
+
+

' . $user->lang['LDAP_EMAIL_EXPLAIN'] . '
+
+
+
+

' . $user->lang['LDAP_USER_EXPLAIN'] . '
+
+
+
+

' . $user->lang['LDAP_PASSWORD_EXPLAIN'] . '
+
+
+ '; + + // These are fields required in the config table + return array( + 'tpl' => $tpl, + 'config' => array('ldap_server', 'ldap_port', 'ldap_base_dn', 'ldap_uid', 'ldap_user_filter', 'ldap_email', 'ldap_user', 'ldap_password') + ); +} + +?> \ No newline at end of file -- cgit v1.2.1 From af5b9a96409d788733fcb1ff367e0c7fb0583702 Mon Sep 17 00:00:00 2001 From: Igor Wiedler Date: Tue, 9 Nov 2010 08:59:25 +0100 Subject: [ticket/9556] Drop php closing tags, add trailing newline Closing tags converted using Oleg's script. remove-php-end-tags.py -a . Trailing newlines added using the following where $ext is file extension. find . -type f -name "*.$ext" -print | xargs printf "e %s\nw\n" | ed -s; Extensions: php, css, html, js, xml. PHPBB3-9556 --- phpBB/includes/auth/auth_ldap.php | 2 -- 1 file changed, 2 deletions(-) (limited to 'phpBB/includes/auth/auth_ldap.php') diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index e8c957aaa3..4f311797b2 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -345,5 +345,3 @@ function acp_ldap(&$new) 'config' => array('ldap_server', 'ldap_port', 'ldap_base_dn', 'ldap_uid', 'ldap_user_filter', 'ldap_email', 'ldap_user', 'ldap_password') ); } - -?> \ No newline at end of file -- cgit v1.2.1 From 7a04c9048c110f0bd21ea3e9e869e17b408d640e Mon Sep 17 00:00:00 2001 From: Unknown Date: Sat, 31 Dec 2011 13:32:52 +0000 Subject: [ticket/9916] Updating header license and removing Version $Id$ PHPBB3-9916 --- phpBB/includes/auth/auth_ldap.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'phpBB/includes/auth/auth_ldap.php') diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index 66facd0faa..b2f45f046c 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -6,9 +6,8 @@ * Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him. * * @package login -* @version $Id$ * @copyright (c) 2005 phpBB Group -* @license http://opensource.org/licenses/gpl-license.php GNU Public License +* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 * */ -- cgit v1.2.1 From e48f5aa29caa2656b20938141937d81f2ae4dd33 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Sat, 10 Nov 2012 00:33:08 +0100 Subject: [ticket/10780] Use L_COLON on LDAP page. PHPBB3-10780 --- phpBB/includes/auth/auth_ldap.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) (limited to 'phpBB/includes/auth/auth_ldap.php') diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index 26029efe1e..24823f9ce7 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -309,35 +309,35 @@ function acp_ldap(&$new) $tpl = '
-

' . $user->lang['LDAP_SERVER_EXPLAIN'] . '
+

' . $user->lang['LDAP_SERVER_EXPLAIN'] . '
-

' . $user->lang['LDAP_PORT_EXPLAIN'] . '
+

' . $user->lang['LDAP_PORT_EXPLAIN'] . '
-

' . $user->lang['LDAP_DN_EXPLAIN'] . '
+

' . $user->lang['LDAP_DN_EXPLAIN'] . '
-

' . $user->lang['LDAP_UID_EXPLAIN'] . '
+

' . $user->lang['LDAP_UID_EXPLAIN'] . '
-

' . $user->lang['LDAP_USER_FILTER_EXPLAIN'] . '
+

' . $user->lang['LDAP_USER_FILTER_EXPLAIN'] . '
-

' . $user->lang['LDAP_EMAIL_EXPLAIN'] . '
+

' . $user->lang['LDAP_EMAIL_EXPLAIN'] . '
-

' . $user->lang['LDAP_USER_EXPLAIN'] . '
+

' . $user->lang['LDAP_USER_EXPLAIN'] . '
-

' . $user->lang['LDAP_PASSWORD_EXPLAIN'] . '
+

' . $user->lang['LDAP_PASSWORD_EXPLAIN'] . '
'; -- cgit v1.2.1 From 4fe7ba5daf16abdb50297b60398aaed1b9d9edce Mon Sep 17 00:00:00 2001 From: Senky Date: Wed, 8 Aug 2012 21:03:45 +0200 Subject: [ticket/11010] changing email and url input types in php files PHPBB3-11010 --- phpBB/includes/auth/auth_ldap.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'phpBB/includes/auth/auth_ldap.php') diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php index 24823f9ce7..98355dd044 100644 --- a/phpBB/includes/auth/auth_ldap.php +++ b/phpBB/includes/auth/auth_ldap.php @@ -330,7 +330,7 @@ function acp_ldap(&$new)

' . $user->lang['LDAP_EMAIL_EXPLAIN'] . '
-
+

' . $user->lang['LDAP_USER_EXPLAIN'] . '
-- cgit v1.2.1 From 09372d765d5adbca743063a7410b97abf4536015 Mon Sep 17 00:00:00 2001 From: Joseph Warner Date: Tue, 25 Jun 2013 22:01:00 -0400 Subject: [feature/auth-refactor] Remove old auth plugins PHPBB3-9734 --- phpBB/includes/auth/auth_ldap.php | 350 -------------------------------------- 1 file changed, 350 deletions(-) delete mode 100644 phpBB/includes/auth/auth_ldap.php (limited to 'phpBB/includes/auth/auth_ldap.php') diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php deleted file mode 100644 index 98355dd044..0000000000 --- a/phpBB/includes/auth/auth_ldap.php +++ /dev/null @@ -1,350 +0,0 @@ -lang['LDAP_NO_LDAP_EXTENSION']; - } - - $config['ldap_port'] = (int) $config['ldap_port']; - if ($config['ldap_port']) - { - $ldap = @ldap_connect($config['ldap_server'], $config['ldap_port']); - } - else - { - $ldap = @ldap_connect($config['ldap_server']); - } - - if (!$ldap) - { - return $user->lang['LDAP_NO_SERVER_CONNECTION']; - } - - @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); - @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); - - if ($config['ldap_user'] || $config['ldap_password']) - { - if (!@ldap_bind($ldap, htmlspecialchars_decode($config['ldap_user']), htmlspecialchars_decode($config['ldap_password']))) - { - return $user->lang['LDAP_INCORRECT_USER_PASSWORD']; - } - } - - // ldap_connect only checks whether the specified server is valid, so the connection might still fail - $search = @ldap_search( - $ldap, - htmlspecialchars_decode($config['ldap_base_dn']), - ldap_user_filter($user->data['username']), - (empty($config['ldap_email'])) ? - array(htmlspecialchars_decode($config['ldap_uid'])) : - array(htmlspecialchars_decode($config['ldap_uid']), htmlspecialchars_decode($config['ldap_email'])), - 0, - 1 - ); - - if ($search === false) - { - return $user->lang['LDAP_SEARCH_FAILED']; - } - - $result = @ldap_get_entries($ldap, $search); - - @ldap_close($ldap); - - - if (!is_array($result) || sizeof($result) < 2) - { - return sprintf($user->lang['LDAP_NO_IDENTITY'], $user->data['username']); - } - - if (!empty($config['ldap_email']) && !isset($result[0][htmlspecialchars_decode($config['ldap_email'])])) - { - return $user->lang['LDAP_NO_EMAIL']; - } - - return false; -} - -/** -* Login function -*/ -function login_ldap(&$username, &$password) -{ - global $db, $config, $user; - - // do not allow empty password - if (!$password) - { - return array( - 'status' => LOGIN_ERROR_PASSWORD, - 'error_msg' => 'NO_PASSWORD_SUPPLIED', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - if (!$username) - { - return array( - 'status' => LOGIN_ERROR_USERNAME, - 'error_msg' => 'LOGIN_ERROR_USERNAME', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - if (!@extension_loaded('ldap')) - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - 'error_msg' => 'LDAP_NO_LDAP_EXTENSION', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - $config['ldap_port'] = (int) $config['ldap_port']; - if ($config['ldap_port']) - { - $ldap = @ldap_connect($config['ldap_server'], $config['ldap_port']); - } - else - { - $ldap = @ldap_connect($config['ldap_server']); - } - - if (!$ldap) - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - 'error_msg' => 'LDAP_NO_SERVER_CONNECTION', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - - @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); - @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); - - if ($config['ldap_user'] || $config['ldap_password']) - { - if (!@ldap_bind($ldap, htmlspecialchars_decode($config['ldap_user']), htmlspecialchars_decode($config['ldap_password']))) - { - return array( - 'status' => LOGIN_ERROR_EXTERNAL_AUTH, - 'error_msg' => 'LDAP_NO_SERVER_CONNECTION', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - } - - $search = @ldap_search( - $ldap, - htmlspecialchars_decode($config['ldap_base_dn']), - ldap_user_filter($username), - (empty($config['ldap_email'])) ? - array(htmlspecialchars_decode($config['ldap_uid'])) : - array(htmlspecialchars_decode($config['ldap_uid']), htmlspecialchars_decode($config['ldap_email'])), - 0, - 1 - ); - - $ldap_result = @ldap_get_entries($ldap, $search); - - if (is_array($ldap_result) && sizeof($ldap_result) > 1) - { - if (@ldap_bind($ldap, $ldap_result[0]['dn'], htmlspecialchars_decode($password))) - { - @ldap_close($ldap); - - $sql ='SELECT user_id, username, user_password, user_passchg, user_email, user_type - FROM ' . USERS_TABLE . " - WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'"; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if ($row) - { - unset($ldap_result); - - // User inactive... - if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) - { - return array( - 'status' => LOGIN_ERROR_ACTIVE, - 'error_msg' => 'ACTIVE_ERROR', - 'user_row' => $row, - ); - } - - // Successful login... set user_login_attempts to zero... - return array( - 'status' => LOGIN_SUCCESS, - 'error_msg' => false, - 'user_row' => $row, - ); - } - else - { - // retrieve default group id - $sql = 'SELECT group_id - FROM ' . GROUPS_TABLE . " - WHERE group_name = '" . $db->sql_escape('REGISTERED') . "' - AND group_type = " . GROUP_SPECIAL; - $result = $db->sql_query($sql); - $row = $db->sql_fetchrow($result); - $db->sql_freeresult($result); - - if (!$row) - { - trigger_error('NO_GROUP'); - } - - // generate user account data - $ldap_user_row = array( - 'username' => $username, - 'user_password' => phpbb_hash($password), - 'user_email' => (!empty($config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($config['ldap_email'])][0]) : '', - 'group_id' => (int) $row['group_id'], - 'user_type' => USER_NORMAL, - 'user_ip' => $user->ip, - 'user_new' => ($config['new_member_post_limit']) ? 1 : 0, - ); - - unset($ldap_result); - - // this is the user's first login so create an empty profile - return array( - 'status' => LOGIN_SUCCESS_CREATE_PROFILE, - 'error_msg' => false, - 'user_row' => $ldap_user_row, - ); - } - } - else - { - unset($ldap_result); - @ldap_close($ldap); - - // Give status about wrong password... - return array( - 'status' => LOGIN_ERROR_PASSWORD, - 'error_msg' => 'LOGIN_ERROR_PASSWORD', - 'user_row' => array('user_id' => ANONYMOUS), - ); - } - } - - @ldap_close($ldap); - - return array( - 'status' => LOGIN_ERROR_USERNAME, - 'error_msg' => 'LOGIN_ERROR_USERNAME', - 'user_row' => array('user_id' => ANONYMOUS), - ); -} - -/** -* Generates a filter string for ldap_search to find a user -* -* @param $username string Username identifying the searched user -* -* @return string A filter string for ldap_search -*/ -function ldap_user_filter($username) -{ - global $config; - - $filter = '(' . $config['ldap_uid'] . '=' . ldap_escape(htmlspecialchars_decode($username)) . ')'; - if ($config['ldap_user_filter']) - { - $_filter = ($config['ldap_user_filter'][0] == '(' && substr($config['ldap_user_filter'], -1) == ')') ? $config['ldap_user_filter'] : "({$config['ldap_user_filter']})"; - $filter = "(&{$filter}{$_filter})"; - } - return $filter; -} - -/** -* Escapes an LDAP AttributeValue -*/ -function ldap_escape($string) -{ - return str_replace(array('*', '\\', '(', ')'), array('\\*', '\\\\', '\\(', '\\)'), $string); -} - -/** -* This function is used to output any required fields in the authentication -* admin panel. It also defines any required configuration table fields. -*/ -function acp_ldap(&$new) -{ - global $user; - - $tpl = ' - -
-

' . $user->lang['LDAP_SERVER_EXPLAIN'] . '
-
-
-
-

' . $user->lang['LDAP_PORT_EXPLAIN'] . '
-
-
-
-

' . $user->lang['LDAP_DN_EXPLAIN'] . '
-
-
-
-

' . $user->lang['LDAP_UID_EXPLAIN'] . '
-
-
-
-

' . $user->lang['LDAP_USER_FILTER_EXPLAIN'] . '
-
-
-
-

' . $user->lang['LDAP_EMAIL_EXPLAIN'] . '
-
-
-
-

' . $user->lang['LDAP_USER_EXPLAIN'] . '
-
-
-
-

' . $user->lang['LDAP_PASSWORD_EXPLAIN'] . '
-
-
- '; - - // These are fields required in the config table - return array( - 'tpl' => $tpl, - 'config' => array('ldap_server', 'ldap_port', 'ldap_base_dn', 'ldap_uid', 'ldap_user_filter', 'ldap_email', 'ldap_user', 'ldap_password') - ); -} -- cgit v1.2.1