| [ Index ] |
|
Code source de e107 0.7.8 |
1 <?php 2 /* 3 + ----------------------------------------------------------------------------+ 4 | e107 website system 5 | 6 | Steve Dunstan 2001-2002 7 | http://e107.org 8 | jalist@e107.org 9 | 10 | Released under the terms and conditions of the 11 | GNU General Public License (http://gnu.org). 12 | 13 | $Source: /cvsroot/e107/e107_0.7/e107_plugins/alt_auth/ldap_auth.php,v $ 14 | $Revision: 1.3 $ 15 | $Date: 2006/08/03 13:46:17 $ 16 | $Author: mcfly_e107 $ 17 +----------------------------------------------------------------------------+ 18 */ 19 20 class auth_login 21 { 22 23 var $server; 24 var $dn; 25 var $usr; 26 var $pwd; 27 var $serverType; 28 var $ldapErrorCode; 29 var $ldapErrorText; 30 var $connection; 31 var $result; 32 var $ldapVersion; 33 var $Available; 34 var $filter; 35 36 function auth_login() 37 { 38 $sql = new db; 39 $sql -> db_Select("alt_auth", "*", "auth_type = 'ldap' "); 40 while($row = $sql -> db_Fetch()) 41 { 42 $ldap[$row['auth_parmname']]=$row['auth_parmval']; 43 } 44 45 $this->server = explode(",", $ldap['ldap_server']); 46 $this->serverType = $ldap['ldap_servertype']; 47 $this->dn = $ldap['ldap_basedn']; 48 $this->usr = $ldap['ldap_user']; 49 $this->pwd = $ldap['ldap_passwd']; 50 $this->ldapVersion = $ldap['ldap_version']; 51 $this->filter = (isset($ldap['ldap_edirfilter']) ? $ldap['ldap_edirfilter'] : ""); 52 53 if(!function_exists('ldap_connect')) 54 { 55 $this->Available = FALSE; 56 return false; 57 } 58 59 if(!$this -> connect()) 60 { 61 return AUTH_NOCONNECT; 62 } 63 } 64 65 function connect() 66 { 67 foreach ($this->server as $key => $host) 68 { 69 $this->connection = ldap_connect($host); 70 if ( $this->connection) { 71 if($this -> ldapVersion == 3 || $this->serverType == "ActiveDirectory") 72 { 73 @ldap_set_option( $this -> connection, LDAP_OPT_PROTOCOL_VERSION, 3 ); 74 } 75 return true; 76 } 77 } 78 79 $this->ldapErrorCode = -1; 80 $this->ldapErrorText = "Unable to connect to any server"; 81 return false; 82 } 83 84 function close() 85 { 86 if ( !@ldap_close( $this->connection)) 87 { 88 $this->ldapErrorCode = ldap_errno( $this->connection); 89 $this->ldapErrorText = ldap_error( $this->connection); 90 return false; 91 } 92 else 93 { 94 return true; 95 } 96 } 97 98 function login($uname, $pass) 99 { 100 /* Construct the full DN, eg:- 101 ** "uid=username, ou=People, dc=orgname,dc=com" 102 */ 103 if ($this->serverType == "ActiveDirectory") 104 { 105 $checkDn = "$uname@$this->dn"; 106 } 107 else 108 { 109 if ($this -> usr != '' && $this -> pwd != '') 110 { 111 $this -> result = ldap_bind($this -> connection, $this -> usr, $this -> pwd); 112 } 113 else 114 { 115 $this -> result = ldap_bind($this -> connection); 116 } 117 118 // In ldap_auth.php, should look like this instead for eDirectory 119 // $query = ldap_search($this -> connection, $this -> dn, "cn=".$uname); 120 121 if($this->serverType == "eDirectory") 122 { 123 $_filter = (isset($ldap['ldap_edirfilter']) ? $ldap['ldap_edirfilter'] : ""); 124 $current_filter = "(&(cn={$uname})".$this->filter.")"; 125 $query = ldap_search($this->connection, $this->dn, $current_filter); 126 } 127 else 128 { 129 $query = ldap_search($this->connection, $this->dn, "uid=".$uname); 130 } 131 132 if ($query == false) 133 { 134 // Could not perform query to LDAP directory 135 return AUTH_NOCONNECT; 136 } 137 else 138 { 139 $query_result = ldap_get_entries($this -> connection, $query); 140 141 if ($query_result["count"] != 1) 142 { 143 return AUTH_NOUSER; 144 } 145 else 146 { 147 $checkDn = $query_result[0]["dn"]; 148 $this -> close(); 149 $this -> connect(); 150 } 151 } 152 } 153 // Try and connect... 154 $this->result = ldap_bind($this -> connection, $checkDn, $pass); 155 if ( $this->result) 156 { 157 // Connected OK - login credentials are fine! 158 return AUTH_SUCCESS; 159 } 160 else 161 { 162 /* Login failed. Return false, together with the error code and text from 163 ** the LDAP server. The common error codes and reasons are listed below : 164 ** (for iPlanet, other servers may differ) 165 ** 19 - Account locked out (too many invalid login attempts) 166 ** 32 - User does not exist 167 ** 49 - Wrong password 168 ** 53 - Account inactive (manually locked out by administrator) 169 */ 170 $this->ldapErrorCode = ldap_errno( $this->connection); 171 $this->ldapErrorText = ldap_error( $this->connection); 172 173 if($this -> ldapErrorCode == 32) 174 { 175 return AUTH_NOUSER; 176 } 177 if($this -> ldapErrorCode == 49) 178 { 179 return AUTH_BADPASSWORD; 180 } 181 // return error code as if it never connected, maybe change that in the future 182 return AUTH_NOCONNECT; 183 } 184 } 185 } 186 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sun Apr 1 01:23:32 2007 | par Balluche grâce à PHPXref 0.7 |