id);
} else {
// email check failed or is disabled - register new FUDforum user.
$uent = new fud_user_reg;
$uent->users_opt = -1;
$uent->login = _esc($login);
$uent->plaintext_passwd = $password;
$uent->name = ucwords(strtolower($info[0]['cn'][0]));
$uent->alias = _esc($login)." (".ucwords(strtolower($info[0]['cn'][0])).")";
$uent->email = $info[0]['mail'][0]; //$login .'@'. $ini['LDAP_HOST'];
$uent->add_user();
}
}
dbg('REFRESH_ALIAS_DUMMY3');
$usr_d = db_sab('SELECT id, passwd, salt FROM '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users WHERE login='. _esc($login));
if ( !((empty($usr_d->salt) && $usr_d->passwd == md5($password)) || $usr_d->passwd == sha1($usr_d->salt . sha1($password)))) {
// Sync password
$salt = substr(md5(uniqid(mt_rand(), true)), 0, 9);
$sec_pass = sha1($salt . sha1($password));
q('UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET passwd='. _esc($sec_pass) .', salt='. _esc($salt) .' WHERE id='. $usr_d->id);
}
// Sync user details, if enabled
if (!empty($ini['LDAP_EMAIL'])) {
q('UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET email='. _esc($info[0][ $ini['LDAP_EMAIL'] ][0]) .' WHERE login='. _esc($login));
}
//wl: 20130706 David Kikl - Names + Alias style: "netxxx (Surename Gname)"
if (!empty($ini['LDAP_NAME'])) {
q('UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET name='. _esc(ucwords(strtolower($info[0][$ini['LDAP_NAME']][0]))) .' WHERE login='. _esc($login));
}
if (!empty($ini['LDAP_ALIAS'])) {
q('UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET alias='. _esc($login." (".ucwords(strtolower($info[0][$ini['LDAP_NAME']][0])).")").' WHERE login='. _esc($login));
#dbg('REFRESH_ALIAS: UPDATE '. $GLOBALS['DBHOST_TBL_PREFIX'] .'users SET alias='. _esc($login." (".ucwords(strtolower($info[0]['cn'][0])).")").' WHERE login='. _esc($login));
}//else dbg("REFRESH_ALIAS: empty ALIAS?");
return 1; // Allow access.
dbg("REFRESH_ALIAS: ACCESS GRANTED");
} else {
dbg("REFRESH_ALIAS: DENIEDDDDDDD..! $login != $ldap_login");
return 0; // Deny access.
}
ldap_close($connection);
}
function ldap_info() {
return array('name' => 'LDAP Authentication',
'desc' => 'Authenticate forum users from an LDAP server. You probably want to disable "Allow Registration" and "Allow Password Resets" from the Global Settings Manager after enabling this plugin.
',
'cat' => 'Authentication',
'version' => '1.3-modified');
}
function ldap_enable() {
if (!extension_loaded('ldap')) {
return array(null, 'You PHP installation doesn\'t support LDAP.'); // OK, Err.
}
return; // Good to go.
}
function ldap_config() {
if((@include $GLOBALS['PLUGIN_PATH'] .'ldap/ldap.ini') === false) {
$ini = NULL;
}
if (isset($_POST['Set'])) {
foreach (array_keys($_POST) as $key) {
if (substr($key,0,5) == 'LDAP_') {
$ini[$key] = $_POST[$key];
}
}
// Array key from ldap_get_entries() must be lowercase.
$ini['LDAP_UID'] = strtolower($ini['LDAP_UID']);
$fp = fopen($GLOBALS['PLUGIN_PATH'] .'ldap/ldap.ini', 'w');
fwrite($fp, '');
fclose($fp);
pf(successify('Settings successfully saved.'));
}
?>
LDAP server URL:
(use ldap://<servername>:<port>/ for normal LDAP, or ldaps://<servername>:<port>/ for LDAP over SSL)
Enable TLS (Transport Layer Security) mode:
(do not enable this if using LDAP over SSL)
Is the LDAP server case insensitive (like Active Directory):
Proxy user (if required to bind via proxy):
Proxy password (if required to bind via proxy):
Look for usernames in namespace:
Property to query:
Comment: As administrators sets the Name Paramter this way: surename given-name
HARDCODED LDAP Attributes for forum user alias:
username (Surename Gname) (<- SURENAME GnAmE / surename GNAME / ect.)
(wl/dk alias)
HARDCODED LDAP Attributes for forum user real name:
Surename Gname (<- SURENAME GnAmE / surename GNAME / ect.)
(wl/dk alias)
LDAP Attribute for forum user email address:
(leave blank to use <login>@<ldap-server-name> as forum user email address)
Check for existing user with this email address: