source: extensions/Ldap_Login/main.inc.php @ 27064

Revision 27036, 3.9 KB checked in by 22decembre, 6 years ago (diff)

version 1.0.1

add main function : ability to add new piwigo users when ldap is successful.
add danish language, must be reviewed

this version is not yet considered stable, as needed to be reviewed and commented by beta-testers

Line 
1<?php
2/*
3Plugin Name: Ldap_Login
4Version: 1.0.1
5Description: Allow piwigo authentication along an ldap
6Plugin URI:
7Author: 22decembre
8Author URI: http://www.22decembre.eu
9*/
10if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
11
12// +-----------------------------------------------------------------------+
13// | Define plugin constants                                               |
14// +-----------------------------------------------------------------------+
15define('LDAP_LOGIN_ID',      basename(dirname(__FILE__)));
16define('LDAP_LOGIN_PATH' ,   PHPWG_PLUGINS_PATH . LDAP_LOGIN_ID . '/');
17define('LDAP_LOGIN_ADMIN',   get_root_url() . 'admin.php?page=plugin-' . LDAP_LOGIN_ID);
18define('LDAP_LOGIN_VERSION', '1.0.1');
19
20include_once(LDAP_LOGIN_PATH.'/class.ldap.php');
21
22// +-----------------------------------------------------------------------+
23// | Event handlers                                                        |
24// +-----------------------------------------------------------------------+
25
26add_event_handler('init', 'ld_init');
27
28add_event_handler('try_log_user','login', 0, 4);
29
30add_event_handler('get_admin_plugin_menu_links', array(&$ldap, 'ldap_admin_menu'));
31
32// +-----------------------------------------------------------------------+
33// | Admin menu loading                                                    |
34// +-----------------------------------------------------------------------+
35
36$ldap = new Ldap();
37$ldap->load_config();
38set_plugin_data($plugin['id'], $ldap);
39unset($ldap);
40
41// +-----------------------------------------------------------------------+
42// | functions                                                             |
43// +-----------------------------------------------------------------------+
44
45function random_password( $length = 8 ) {
46    $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()_-=+;:,.?";
47    $password = substr( str_shuffle( $chars ), 0, $length );
48    return $password;
49}
50
51function ld_init(){
52        load_language('plugin.lang', LDAP_LOGIN_PATH);
53}
54
55
56function login($success, $username, $password, $remember_me){
57
58        global $conf;
59       
60        $obj = new Ldap();
61        $obj->load_config();
62        $obj->ldap_conn() or die("Unable to connect LDAP server : ".$ldap->getErrorString());
63
64        if (!$obj->ldap_bind_as($username,$password)){ // bind with userdn
65                trigger_action('login_failure', stripslashes($username));
66                return false; // wrong password
67        }
68
69        // search user in piwigo database
70$query = 'SELECT '.$conf['user_fields']['id'].' AS id FROM '.USERS_TABLE.' WHERE '.$conf['user_fields']['username'].' = \''.pwg_db_real_escape_string($username).'\' ;';
71
72  $row = pwg_db_fetch_assoc(pwg_query($query));
73
74  // if query is not empty, it means everything is ok and we can continue, auth is done !
75        if (!empty($row['id'])) {
76                log_user($row['id'], $remember_me);
77                trigger_action('login_success', stripslashes($username));
78                return true;
79        }
80       
81        // if query is empty but ldap auth is done we can create a piwigo user if it's said so !
82        else {
83                // this is where we check we are allowed to create new users upon that.
84                if ($obj->config['allow_newusers']) {
85                       
86                        // we got the email address
87                        if ($obj->ldap_mail($username)) {
88                                $mail = $obj->ldap_mail($username);
89                        }
90                        else {
91                                $mail = NULL;
92                        }
93                       
94                        // we actually register the new user
95                        $new_id = register_user($username,random_password(8),$mail);
96                       
97                        // now we fetch again his id in the piwigo db, and we get them, as we just created him !
98                        //$query = 'SELECT '.$conf['user_fields']['id'].' AS id FROM '.USERS_TABLE.' WHERE '.$conf['user_fields']['username'].' = \''.pwg_db_real_escape_string($username).'\' ;';
99                        //$row = pwg_db_fetch_assoc(pwg_query($query));
100
101                        log_user($new_id, False);
102                        trigger_action('login_success', stripslashes($username));
103                        redirect('profile.php');
104                        return true;
105                }
106                // else : this is the normal behavior ! user is not created.
107                else {
108                trigger_action('login_failure', stripslashes($username));
109                return false;
110                }
111        }
112}
113
114?>
Note: See TracBrowser for help on using the repository browser.