lang['LDAP_NO_LDAP_EXTENSION']; } if (!($ldap = @ldap_connect($config['ldap_server']))) { return $user->lang['LDAP_NO_SERVER_CONNECTION']; } @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); // We'll get a notice here that we don't want, if we cannot connect to the server. // ldap_connect only checks whether the specified server is valid, so the connection might still fail ob_start(); $search = @ldap_search($ldap, $config['ldap_base_dn'], $config['ldap_uid'] . '=' . $user->data['username'], array($config['ldap_uid'])); if (ob_get_clean()) { return $user->lang['LDAP_NO_SERVER_CONNECTION']; } $result = @ldap_get_entries($ldap, $search); @ldap_close($ldap); if (is_array($result) && sizeof($result) > 1) { return false; } return sprintf($user->lang['LDAP_NO_IDENTITY'], $user->data['username']); } /** * Login function */ function login_ldap(&$username, &$password) { global $db, $config; if (!extension_loaded('ldap')) { return 'LDAP extension not available'; } if (!($ldap = @ldap_connect($config['ldap_server']))) { return 'Could not connect to LDAP server'; } @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); $search = @ldap_search($ldap, $config['ldap_base_dn'], $config['ldap_uid'] . '=' . $username, array($config['ldap_uid'])); $result = @ldap_get_entries($ldap, $search); if (is_array($result) && sizeof($result) > 1) { if (@ldap_bind($ldap, $result[0]['dn'], $password)) { @ldap_close($ldap); $sql ='SELECT user_id, username, user_password, user_passchg, user_email, user_type FROM ' . USERS_TABLE . " WHERE username = '" . $db->sql_escape($username) . "'"; $result = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result)) { $db->sql_freeresult($result); return ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) ? 0 : $row; } } } @ldap_close($ldap); return false; } /** * This function is used to output any required fields in the authentication * admin panel. It also defines any required configuration table fields. */ function admin_ldap(&$new) { global $user; /** * @todo Using same approach with cfg_build_template? */ $tpl = '

' . $user->lang['LDAP_SERVER'] . ':
' . $user->lang['LDAP_SERVER_EXPLAIN'] . '

' . $user->lang['LDAP_DN'] . ':
' . $user->lang['LDAP_DN_EXPLAIN'] . '

' . $user->lang['LDAP_UID'] . ':
' . $user->lang['LDAP_UID_EXPLAIN'] . '

'; // These are fields required in the config table return array( 'tpl' => $tpl, 'config' => array('ldap_server', 'ldap_base_dn', 'ldap_uid') ); } /** * Would be nice to allow syncing of 'appropriate' data when user updates * their username, password, etc. ... should be up to the plugin what data * is updated. * * @param new|update|delete $mode defining the action to take on user updates */ function usercp_ldap($mode) { global $db, $config; } ?>