blob: dcc2e465e1280ce9e748a3ebff859be2563bd770 [file] [log] [blame]
<?php
include_once "User.php";
use \User as User;
function debug($msg)
{
include 'config.php';
if ($DEBUG)
echo $msg . "\n";
}
function generateSalt($length = 10)
{
$chars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
$string = "";
for ($i = 0; $i < $length; $i++) {
$string .= substr($chars, rand(0, strlen($chars) - 1), 1);
}
return $string;
}
function ldap_search_query($query, $filter = "cn")
{
include 'config.php';
$ldap_host = $HOST;
$ldap_port = $PORT;
$ldaptree = explode("{},", $BASE_DN)[1];
$ldap_user = "cn=" . $USER . "," . join(",", array_slice(explode(",", $ldaptree), 1));
$ldap_pass = $PASSWORD;
//First: Connect to LDAP Server
$connect = ldap_connect($ldap_host, $ldap_port)
or debug(">>Could not connect to LDAP server to add user $ldap_user<<");
ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
//Login to LDAP
$bind = ldap_bind($connect, $ldap_user, $ldap_pass);
if (!$bind) {
debug(">>Could not bind to $ldap_host to add user $ldap_user<<");
if (ldap_get_option($connect, LDAP_OPT_DIAGNOSTIC_MESSAGE, $extended_error)) {
debug("Error Binding to LDAP: $extended_error");
} else {
debug("Error Binding to LDAP: No additional information is available.");
}
}
$result = ldap_search($connect, $ldaptree, "(" . $filter . "=" . $query . ")") or die("Error in search query: " . ldap_error($connect));
$data = ldap_get_entries($connect, $result);
return $data;
}
function ldap_add_user(User $user)
{
include 'config.php';
$ldap_host = $HOST;
$ldap_port = $PORT;
$base_dn = str_replace('{}', $user->username, $BASE_DN);
$ldaptree = explode("{},", $BASE_DN)[1];
$info["givenName"] = $user->first_name;
$info["sn"] = $user->last_name;
$info["uid"] = $user->username;
#$info["homeDirectory"]="/home/";
$info["mail"] = $user->email;
$info["o"] = $user->organization;
$info["displayName"] = $user->first_name . " " . $user->last_name;
#$info["departmentNumber"]=$user->id;
$info["cn"] = $user->username;
$info["userPassword"] = $user->user_hash;
$info["l"] = $user->city;
$info["street"] = $user->street;
$info["postalcode"] = $user->zip;
$info["l"] = $user->city;
$info["co"] = $user->country;
$info["telephoneNumber"] = $user->phone;
$info["objectclass"][0] = "top";
$info["objectclass"][1] = "person";
$info["objectclass"][2] = "inetOrgPerson";
$info["objectclass"][3] = "organizationalPerson";
$info["objectclass"][4] = "extensibleObject";
$ldap_user = "cn=" . $USER . "," . join(",", array_slice(explode(",", $ldaptree), 1));
$ldap_pass = $PASSWORD;
//First: Connect to LDAP Server
$connect = ldap_connect($ldap_host, $ldap_port)
or debug(">>Could not connect to LDAP server to add user<<");
ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
//Login to LDAP
ldap_bind($connect, $ldap_user, $ldap_pass)
or debug(">>Could not bind to $ldap_host to add user<<");
// Adding new user
$add = ldap_add($connect, $base_dn, $info);
if (!$add) {
debug(">>Not able to add user $info<<");
debug(">>Could not bind to $ldap_host to add user $ldap_user<<");
if (ldap_get_option($connect, LDAP_OPT_DIAGNOSTIC_MESSAGE, $extended_error)) {
debug("Error Binding to LDAP: $extended_error");
} else {
debug("Error Binding to LDAP: No additional information is available.");
}
}
// Close connection
ldap_close($connect);
// Return value of operation
return $add;
}
function ldap_user_count(string $user)
{
return ldap_search_query($user)["count"];
}
function ldap_mail_count($email)
{
return ldap_search_query($email, "mail")["count"];
}
function change_password($email, $new_password)
{
include 'config.php';
$ldap_host = $HOST;
$ldap_port = $PORT;
$ldaptree = explode("{},", $BASE_DN)[1];
$ldap_user = "cn=" . $USER . "," . join(",", array_slice(explode(",", $ldaptree), 1));
$ldap_pass = $PASSWORD;
//First: Connect to LDAP Server
$connect = ldap_connect($ldap_host, $ldap_port)
or debug(">>Could not connect to LDAP server to add user<<");
ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
//Login to LDAP
ldap_bind($connect, $ldap_user, $ldap_pass)
or debug(">>Could not bind to $ldap_host to add user<<");
$result = ldap_search($connect, $ldaptree, "(mail=" . $email . ")") or die("Error in search query: " . ldap_error($connect));
$data = ldap_get_entries($connect, $result);
if (!$data['count'] || !isset($data[0]["dn"]) || empty($data[0]["dn"])) {
return false;
}
$dn = $data[0]["dn"];
if ($ENCRYPT_PASSWORDS) {
# $newEntry = ['userPassword' => "{crypt}" . crypt($new_password, '$6$' . generateSalt(10) . '$')];
$newEntry = ['userPassword' => "{SHA}" . base64_encode(sha1($new_password, true))];
} else {
$newEntry = ['userPassword' => "{CLEAR}" . $new_password];
}
if (ldap_mod_replace($connect, $dn, $newEntry))
return true;
else
return false;
}