XOOPS 2.5.6  Final
 All Classes Namespaces Files Functions Variables Pages
auth_ldap.php
Go to the documentation of this file.
1 <?php
20 defined('XOOPS_ROOT_PATH') or die('Restricted access');
21 
30 if (file_exists($file = $GLOBALS['xoops']->path('class/auth/auth_provisionning.php'))) {
31  include_once $file;
32 }
33 
34 if (!class_exists('XoopsAuthProvisionning')) {
35  trigger_error('Required class XoopsAuthProvisionning was not found at line ' . __FILE__ . ' at line ' . __LINE__, E_USER_WARNING);
36  return false;
37 }
38 
48 class XoopsAuthLdap extends XoopsAuth
49 {
50  var $cp1252_map = array("\xc2\x80" => "\xe2\x82\xac" ,
53  "\xc2\x82" => "\xe2\x80\x9a" ,
56  "\xc2\x83" => "\xc6\x92" ,
59  "\xc2\x84" => "\xe2\x80\x9e" ,
62  "\xc2\x85" => "\xe2\x80\xa6" ,
65  "\xc2\x86" => "\xe2\x80\xa0" ,
68  "\xc2\x87" => "\xe2\x80\xa1" ,
71  "\xc2\x88" => "\xcb\x86" ,
74  "\xc2\x89" => "\xe2\x80\xb0" ,
77  "\xc2\x8a" => "\xc5\xa0" ,
80  "\xc2\x8b" => "\xe2\x80\xb9" ,
83  "\xc2\x8c" => "\xc5\x92" ,
86  "\xc2\x8e" => "\xc5\xbd" ,
89  "\xc2\x91" => "\xe2\x80\x98" ,
92  "\xc2\x92" => "\xe2\x80\x99" ,
95  "\xc2\x93" => "\xe2\x80\x9c" ,
98  "\xc2\x94" => "\xe2\x80\x9d" ,
101  "\xc2\x95" => "\xe2\x80\xa2" ,
104  "\xc2\x96" => "\xe2\x80\x93" ,
107  "\xc2\x97" => "\xe2\x80\x94" ,
110  "\xc2\x98" => "\xcb\x9c" ,
113  "\xc2\x99" => "\xe2\x84\xa2" ,
116  "\xc2\x9a" => "\xc5\xa1" ,
119  "\xc2\x9b" => "\xe2\x80\xba" ,
122  "\xc2\x9c" => "\xc5\x93" ,
125  "\xc2\x9e" => "\xc5\xbe" ,
128  "\xc2\x9f" => "\xc5\xb8");
134  var $ldap_port = '389';
135  var $ldap_version = '3';
145  var $_ds;
146 
150  function XoopsAuthLdap(&$dao)
151  {
152  $this->_dao = $dao;
153  // The config handler object allows us to look at the configuration options that are stored in the database
154  $config_handler =& xoops_gethandler('config');
155  $config = $config_handler->getConfigsByCat(XOOPS_CONF_AUTH);
156  $confcount = count($config);
157  foreach ($config as $key => $val) {
158  $this->$key = $val;
159  }
160  }
161 
168  function cp1252_to_utf8($str)
169  {
170  return strtr(utf8_encode($str), $this->cp1252_map);
171  }
172 
183  function authenticate($uname, $pwd = null)
184  {
185  $authenticated = false;
186  if (!extension_loaded('ldap')) {
188  return $authenticated;
189  }
190  $this->_ds = ldap_connect($this->ldap_server, $this->ldap_port);
191  if ($this->_ds) {
192  ldap_set_option($this->_ds, LDAP_OPT_PROTOCOL_VERSION, $this->ldap_version);
193  if ($this->ldap_use_TLS) { // We use TLS secure connection
194  if (!ldap_start_tls($this->_ds)) {
196  }
197  }
198  // If the uid is not in the DN we proceed to a search
199  // The uid is not always in the dn
200  $userDN = $this->getUserDN($uname);
201  if (!$userDN) {
202  return false;
203  }
204  // We bind as user to test the credentials
205  $authenticated = ldap_bind($this->_ds, $userDN, stripslashes($pwd));
206  if ($authenticated) {
207  // We load the Xoops User database
208  return $this->loadXoopsUser($userDN, $uname, $pwd);
209  } else {
210  $this->setErrors(ldap_errno($this->_ds), ldap_err2str(ldap_errno($this->_ds)) . '(' . $userDN . ')');
211  }
212  } else {
214  }
215  @ldap_close($this->_ds);
216  return $authenticated;
217  }
218 
224  function getUserDN($uname)
225  {
226  $userDN = false;
227  if (!$this->ldap_loginname_asdn) {
228  // Bind with the manager
229  if (!ldap_bind($this->_ds, $this->ldap_manager_dn, stripslashes($this->ldap_manager_pass))) {
230  $this->setErrors(ldap_errno($this->_ds), ldap_err2str(ldap_errno($this->_ds)) . '(' . $this->ldap_manager_dn . ')');
231  return false;
232  }
233  $filter = $this->getFilter($uname);
234  $sr = ldap_search($this->_ds, $this->ldap_base_dn, $filter);
235  $info = ldap_get_entries($this->_ds, $sr);
236  if ($info['count'] > 0) {
237  $userDN = $info[0]['dn'];
238  } else {
239  $this->setErrors(0, sprintf(_AUTH_LDAP_USER_NOT_FOUND, $uname, $filter, $this->ldap_base_dn));
240  }
241  } else {
242  $userDN = $this->ldap_loginldap_attr . '=' . $uname . ',' . $this->ldap_base_dn;
243  }
244  return $userDN;
245  }
246 
252  function getFilter($uname)
253  {
254  $filter = '';
255  if ($this->ldap_filter_person != '') {
256  $filter = str_replace('@@loginname@@', $uname, $this->ldap_filter_person);
257  } else {
258  $filter = $this->ldap_loginldap_attr . '=' . $uname;
259  }
260  return $filter;
261  }
262 
271  function loadXoopsUser($userdn, $uname, $pwd = null)
272  {
273  $provisHandler = XoopsAuthProvisionning::getInstance($this);
274  $sr = ldap_read($this->_ds, $userdn, '(objectclass=*)');
275  $entries = ldap_get_entries($this->_ds, $sr);
276  if ($entries['count'] > 0) {
277  $xoopsUser = $provisHandler->sync($entries[0], $uname, $pwd);
278  } else {
279  $this->setErrors(0, sprintf('loadXoopsUser - ' . _AUTH_LDAP_CANT_READ_ENTRY, $userdn));
280  }
281  return $xoopsUser;
282  }
283 } // end class
284 
285 ?>