Changeset 27036 for extensions/Ldap_Login/main.inc.php
- Timestamp:
- Jan 29, 2014, 10:52:57 AM (10 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
extensions/Ldap_Login/main.inc.php
r19261 r27036 2 2 /* 3 3 Plugin Name: Ldap_Login 4 Version: 0.15 Description: Permet de se logger via une authentification ldap6 Plugin URI: http://www.22decembre.eu4 Version: 1.0.1 5 Description: Allow piwigo authentication along an ldap 6 Plugin URI: 7 7 Author: 22decembre 8 Author URI: http://www.22decembre.eu8 Author URI: http://www.22decembre.eu 9 9 */ 10 11 10 if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); 12 11 13 add_event_handler('try_login','ldap_login', 0, 4); 12 // +-----------------------------------------------------------------------+ 13 // | Define plugin constants | 14 // +-----------------------------------------------------------------------+ 15 define('LDAP_LOGIN_ID', basename(dirname(__FILE__))); 16 define('LDAP_LOGIN_PATH' , PHPWG_PLUGINS_PATH . LDAP_LOGIN_ID . '/'); 17 define('LDAP_LOGIN_ADMIN', get_root_url() . 'admin.php?page=plugin-' . LDAP_LOGIN_ID); 18 define('LDAP_LOGIN_VERSION', '1.0.1'); 14 19 15 function ldap_login($username, $password, $remember_me, $success) 16 { 17 #pwg_session_gc(); 20 include_once(LDAP_LOGIN_PATH.'/class.ldap.php'); 18 21 19 global $conf; 20 $query = ' 21 SELECT '.$conf['user_fields']['id'].' AS id FROM '.USERS_TABLE.' WHERE '.$conf['user_fields']['username'].' = \''.pwg_db_real_escape_string($username).'\' 22 ;'; 22 // +-----------------------------------------------------------------------+ 23 // | Event handlers | 24 // +-----------------------------------------------------------------------+ 25 26 add_event_handler('init', 'ld_init'); 27 28 add_event_handler('try_log_user','login', 0, 4); 29 30 add_event_handler('get_admin_plugin_menu_links', array(&$ldap, 'ldap_admin_menu')); 31 32 // +-----------------------------------------------------------------------+ 33 // | Admin menu loading | 34 // +-----------------------------------------------------------------------+ 35 36 $ldap = new Ldap(); 37 $ldap->load_config(); 38 set_plugin_data($plugin['id'], $ldap); 39 unset($ldap); 40 41 // +-----------------------------------------------------------------------+ 42 // | functions | 43 // +-----------------------------------------------------------------------+ 44 45 function random_password( $length = 8 ) { 46 $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()_-=+;:,.?"; 47 $password = substr( str_shuffle( $chars ), 0, $length ); 48 return $password; 49 } 50 51 function ld_init(){ 52 load_language('plugin.lang', LDAP_LOGIN_PATH); 53 } 54 55 56 function login($success, $username, $password, $remember_me){ 57 58 global $conf; 59 60 $obj = new Ldap(); 61 $obj->load_config(); 62 $obj->ldap_conn() or die("Unable to connect LDAP server : ".$ldap->getErrorString()); 63 64 if (!$obj->ldap_bind_as($username,$password)){ // bind with userdn 65 trigger_action('login_failure', stripslashes($username)); 66 return false; // wrong password 67 } 68 69 // search user in piwigo database 70 $query = 'SELECT '.$conf['user_fields']['id'].' AS id FROM '.USERS_TABLE.' WHERE '.$conf['user_fields']['username'].' = \''.pwg_db_real_escape_string($username).'\' ;'; 23 71 24 72 $row = pwg_db_fetch_assoc(pwg_query($query)); 25 73 26 // Vérification de l'authentification 27 if (ldap_log($username,$password)) { 74 // if query is not empty, it means everything is ok and we can continue, auth is done ! 75 if (!empty($row['id'])) { 76 log_user($row['id'], $remember_me); 77 trigger_action('login_success', stripslashes($username)); 78 return true; 79 } 80 81 // if query is empty but ldap auth is done we can create a piwigo user if it's said so ! 82 else { 83 // this is where we check we are allowed to create new users upon that. 84 if ($obj->config['allow_newusers']) { 85 86 // we got the email address 87 if ($obj->ldap_mail($username)) { 88 $mail = $obj->ldap_mail($username); 89 } 90 else { 91 $mail = NULL; 92 } 93 94 // we actually register the new user 95 $new_id = register_user($username,random_password(8),$mail); 96 97 // now we fetch again his id in the piwigo db, and we get them, as we just created him ! 98 //$query = 'SELECT '.$conf['user_fields']['id'].' AS id FROM '.USERS_TABLE.' WHERE '.$conf['user_fields']['username'].' = \''.pwg_db_real_escape_string($username).'\' ;'; 99 //$row = pwg_db_fetch_assoc(pwg_query($query)); 28 100 29 log_user($row['id'], $remember_me); 30 trigger_action('login_success', stripslashes($username)); 31 return true; 32 } 33 else 34 { 35 trigger_action('login_failure', stripslashes($username)); 36 return false; 37 } 101 log_user($new_id, False); 102 trigger_action('login_success', stripslashes($username)); 103 redirect('profile.php'); 104 return true; 105 } 106 // else : this is the normal behavior ! user is not created. 107 else { 108 trigger_action('login_failure', stripslashes($username)); 109 return false; 110 } 111 } 38 112 } 39 113 40 function ldap_log($user,$pass)41 {42 $obj = new Ldap();43 $obj->load_config();44 45 // Eléments d'authentification LDAP46 $ldaprdn = $obj->config['pref'].$user.$obj->config['basedn']; // DN ou RDN LDAP47 //$ldappass = 'password'; // Mot de passe associé48 49 // Connexion au serveur LDAP50 $ldapconn = ldap_connect($obj->config['host'])51 or die("Impossible de se connecter au serveur LDAP.");52 53 ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);54 55 if ($ldapconn) {56 57 // Connexion au serveur LDAP58 $ldapbind = ldap_bind($ldapconn, $ldaprdn, $pass);59 60 // Vérification de l'authentification61 if ($ldapbind) {62 // echo "Connexion LDAP réussie...";63 return true;64 } else {65 // echo "Connexion LDAP échouée...";66 return false;67 }68 69 }70 }71 72 class Ldap73 {74 var $config;75 function load_config()76 {77 $x = @file_get_contents( dirname(__FILE__).'/data.dat' );78 if ($x!==false)79 {80 $c = unserialize($x);81 // do some more tests here82 $this->config = $c;83 }84 85 if ( !isset($this->config)86 or empty($this->config['Test']) )87 {88 $this->config['host'] = 'localhost';89 $this->config['basedn'] = ',ou=utilisateurs,dc=22decembre,dc=eu';90 $this->config['pref'] = 'uid=';91 $this->save_config();92 }93 }94 function save_config()95 {96 $file = fopen( dirname(__FILE__).'/data.dat', 'w' );97 fwrite($file, serialize($this->config) );98 fclose( $file );99 }100 101 function ldap_admin_menu($menu)102 {103 array_push($menu,104 array(105 'NAME' => 'Ldap Login',106 'URL' => get_admin_plugin_menu_link(dirname(__FILE__).'/admin/ldap_login_plugin_admin.php') )107 );108 109 return $menu;110 }111 }112 113 $ldap = new Ldap();114 $ldap->load_config();115 add_event_handler('get_admin_plugin_menu_links', array(&$ldap, 'ldap_admin_menu'));116 set_plugin_data($plugin['id'], $ldap);117 118 114 ?>
Note: See TracChangeset
for help on using the changeset viewer.