| <?php |
| |
| include_once "User.php"; |
| use \User as User; |
| |
| function debug($msg) |
| { |
| include 'config.php'; |
| if ($DEBUG) |
| echo $msg . "\n"; |
| } |
| function generateSalt($length = 10) |
| { |
| $chars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; |
| |
| $string = ""; |
| for ($i = 0; $i < $length; $i++) { |
| $string .= substr($chars, rand(0, strlen($chars) - 1), 1); |
| } |
| |
| return $string; |
| } |
| |
| |
| function ldap_search_query($query, $filter = "cn") |
| { |
| include 'config.php'; |
| $ldap_host = $HOST; |
| $ldap_port = $PORT; |
| $ldaptree = explode("{},", $BASE_DN)[1]; |
| |
| $ldap_user = "cn=" . $USER . "," . join(",", array_slice(explode(",", $ldaptree), 1)); |
| $ldap_pass = $PASSWORD; |
| |
| //First: Connect to LDAP Server |
| $connect = ldap_connect($ldap_host, $ldap_port) |
| or debug(">>Could not connect to LDAP server to add user $ldap_user<<"); |
| ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3); |
| ldap_set_option($connect, LDAP_OPT_REFERRALS, 0); |
| |
| //Login to LDAP |
| $bind = ldap_bind($connect, $ldap_user, $ldap_pass); |
| if (!$bind) { |
| debug(">>Could not bind to $ldap_host to add user $ldap_user<<"); |
| if (ldap_get_option($connect, LDAP_OPT_DIAGNOSTIC_MESSAGE, $extended_error)) { |
| debug("Error Binding to LDAP: $extended_error"); |
| } else { |
| debug("Error Binding to LDAP: No additional information is available."); |
| } |
| } |
| |
| $result = ldap_search($connect, $ldaptree, "(" . $filter . "=" . $query . ")") or die("Error in search query: " . ldap_error($connect)); |
| $data = ldap_get_entries($connect, $result); |
| return $data; |
| } |
| |
| function ldap_add_user(User $user) |
| { |
| include 'config.php'; |
| $ldap_host = $HOST; |
| $ldap_port = $PORT; |
| $base_dn = str_replace('{}', $user->username, $BASE_DN); |
| $ldaptree = explode("{},", $BASE_DN)[1]; |
| |
| |
| $info["givenName"] = $user->first_name; |
| $info["sn"] = $user->last_name; |
| $info["uid"] = $user->username; |
| #$info["homeDirectory"]="/home/"; |
| $info["mail"] = $user->email; |
| $info["o"] = $user->organization; |
| $info["displayName"] = $user->first_name . " " . $user->last_name; |
| #$info["departmentNumber"]=$user->id; |
| $info["cn"] = $user->username; |
| $info["userPassword"] = $user->user_hash; |
| $info["l"] = $user->city; |
| $info["street"] = $user->street; |
| $info["postalcode"] = $user->zip; |
| $info["l"] = $user->city; |
| $info["co"] = $user->country; |
| $info["telephoneNumber"] = $user->phone; |
| |
| $info["objectclass"][0] = "top"; |
| $info["objectclass"][1] = "person"; |
| $info["objectclass"][2] = "inetOrgPerson"; |
| $info["objectclass"][3] = "organizationalPerson"; |
| $info["objectclass"][4] = "extensibleObject"; |
| |
| $ldap_user = "cn=" . $USER . "," . join(",", array_slice(explode(",", $ldaptree), 1)); |
| $ldap_pass = $PASSWORD; |
| |
| //First: Connect to LDAP Server |
| $connect = ldap_connect($ldap_host, $ldap_port) |
| or debug(">>Could not connect to LDAP server to add user<<"); |
| ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3); |
| ldap_set_option($connect, LDAP_OPT_REFERRALS, 0); |
| |
| //Login to LDAP |
| ldap_bind($connect, $ldap_user, $ldap_pass) |
| or debug(">>Could not bind to $ldap_host to add user<<"); |
| |
| // Adding new user |
| |
| $add = ldap_add($connect, $base_dn, $info); |
| if (!$add) { |
| debug(">>Not able to add user $info<<"); |
| debug(">>Could not bind to $ldap_host to add user $ldap_user<<"); |
| if (ldap_get_option($connect, LDAP_OPT_DIAGNOSTIC_MESSAGE, $extended_error)) { |
| debug("Error Binding to LDAP: $extended_error"); |
| } else { |
| debug("Error Binding to LDAP: No additional information is available."); |
| } |
| } |
| |
| // Close connection |
| ldap_close($connect); |
| |
| // Return value of operation |
| |
| return $add; |
| } |
| function ldap_user_count(string $user) |
| { |
| return ldap_search_query($user)["count"]; |
| } |
| function ldap_mail_count($email) |
| { |
| return ldap_search_query($email, "mail")["count"]; |
| } |
| |
| function change_password($email, $new_password) |
| { |
| include 'config.php'; |
| $ldap_host = $HOST; |
| $ldap_port = $PORT; |
| $ldaptree = explode("{},", $BASE_DN)[1]; |
| |
| $ldap_user = "cn=" . $USER . "," . join(",", array_slice(explode(",", $ldaptree), 1)); |
| $ldap_pass = $PASSWORD; |
| |
| //First: Connect to LDAP Server |
| $connect = ldap_connect($ldap_host, $ldap_port) |
| or debug(">>Could not connect to LDAP server to add user<<"); |
| ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3); |
| ldap_set_option($connect, LDAP_OPT_REFERRALS, 0); |
| |
| //Login to LDAP |
| ldap_bind($connect, $ldap_user, $ldap_pass) |
| or debug(">>Could not bind to $ldap_host to add user<<"); |
| |
| |
| $result = ldap_search($connect, $ldaptree, "(mail=" . $email . ")") or die("Error in search query: " . ldap_error($connect)); |
| $data = ldap_get_entries($connect, $result); |
| if (!$data['count'] || !isset($data[0]["dn"]) || empty($data[0]["dn"])) { |
| return false; |
| } |
| $dn = $data[0]["dn"]; |
| |
| if ($ENCRYPT_PASSWORDS) { |
| # $newEntry = ['userPassword' => "{crypt}" . crypt($new_password, '$6$' . generateSalt(10) . '$')]; |
| # $newEntry = ['userPassword' => "{SHA}" . base64_encode(sha1($new_password, true))]; |
| $salt = generateSalt(10); |
| $newEntry = ['userPassword' => "{SSHA}" . base64_encode( sha1( $new_password . $salt, true) . $salt )]; |
| } else { |
| $newEntry = ['userPassword' => "{CLEAR}" . $new_password]; |
| } |
| if (ldap_mod_replace($connect, $dn, $newEntry)) |
| return true; |
| else |
| return false; |
| } |