matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 1 | <?php |
| 2 | |
Marc Kupietz | 0215a44 | 2023-03-05 18:34:16 +0100 | [diff] [blame] | 3 | include_once "User.php"; |
| 4 | use \User as User; |
| 5 | |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 6 | function debug($msg) |
| 7 | { |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 8 | include 'config.php'; |
| 9 | if ($DEBUG) |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 10 | echo $msg . "\n"; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 11 | } |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 12 | function generateSalt($length = 10) |
| 13 | { |
| 14 | $chars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 15 | |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 16 | $string = ""; |
| 17 | for ($i = 0; $i < $length; $i++) { |
| 18 | $string .= substr($chars, rand(0, strlen($chars) - 1), 1); |
| 19 | } |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 20 | |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 21 | return $string; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 22 | } |
| 23 | |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 24 | |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 25 | function ldap_search_query($query, $filter = "cn") |
| 26 | { |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 27 | include 'config.php'; |
| 28 | $ldap_host = $HOST; |
| 29 | $ldap_port = $PORT; |
| 30 | $ldaptree = explode("{},", $BASE_DN)[1]; |
| 31 | |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 32 | $ldap_user = "cn=" . $USER . "," . join(",", array_slice(explode(",", $ldaptree), 1)); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 33 | $ldap_pass = $PASSWORD; |
| 34 | |
| 35 | //First: Connect to LDAP Server |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 36 | $connect = ldap_connect($ldap_host, $ldap_port) |
Marc Kupietz | 5f06609 | 2023-04-20 11:16:25 +0200 | [diff] [blame] | 37 | or debug(">>Could not connect to LDAP server to add user $ldap_user<<"); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 38 | ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3); |
| 39 | ldap_set_option($connect, LDAP_OPT_REFERRALS, 0); |
| 40 | |
| 41 | //Login to LDAP |
Marc Kupietz | 5f06609 | 2023-04-20 11:16:25 +0200 | [diff] [blame] | 42 | $bind = ldap_bind($connect, $ldap_user, $ldap_pass); |
| 43 | if (!$bind) { |
| 44 | debug(">>Could not bind to $ldap_host to add user $ldap_user<<"); |
| 45 | if (ldap_get_option($connect, LDAP_OPT_DIAGNOSTIC_MESSAGE, $extended_error)) { |
| 46 | debug("Error Binding to LDAP: $extended_error"); |
| 47 | } else { |
| 48 | debug("Error Binding to LDAP: No additional information is available."); |
| 49 | } |
| 50 | } |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 51 | |
| 52 | $result = ldap_search($connect, $ldaptree, "(" . $filter . "=" . $query . ")") or die("Error in search query: " . ldap_error($connect)); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 53 | $data = ldap_get_entries($connect, $result); |
| 54 | return $data; |
| 55 | } |
| 56 | |
Marc Kupietz | 0215a44 | 2023-03-05 18:34:16 +0100 | [diff] [blame] | 57 | function ldap_add_user(User $user) |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 58 | { |
| 59 | include 'config.php'; |
| 60 | $ldap_host = $HOST; |
| 61 | $ldap_port = $PORT; |
Marc Kupietz | ade9e3c | 2023-03-06 21:39:23 +0100 | [diff] [blame] | 62 | $base_dn = str_replace('{}', $user->username, $BASE_DN); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 63 | $ldaptree = explode("{},", $BASE_DN)[1]; |
| 64 | |
| 65 | |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 66 | $info["givenName"] = $user->first_name; |
| 67 | $info["sn"] = $user->last_name; |
Marc Kupietz | ade9e3c | 2023-03-06 21:39:23 +0100 | [diff] [blame] | 68 | $info["uid"] = $user->username; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 69 | #$info["homeDirectory"]="/home/"; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 70 | $info["mail"] = $user->email; |
Marc Kupietz | a19f307 | 2023-02-25 14:16:40 +0100 | [diff] [blame] | 71 | $info["o"] = $user->organization; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 72 | $info["displayName"] = $user->first_name . " " . $user->last_name; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 73 | #$info["departmentNumber"]=$user->id; |
Marc Kupietz | ade9e3c | 2023-03-06 21:39:23 +0100 | [diff] [blame] | 74 | $info["cn"] = $user->username; |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 75 | $info["userPassword"] = $user->user_hash; |
Marc Kupietz | ade9e3c | 2023-03-06 21:39:23 +0100 | [diff] [blame] | 76 | $info["l"] = $user->city; |
| 77 | $info["street"] = $user->street; |
| 78 | $info["postalcode"] = $user->zip; |
| 79 | $info["l"] = $user->city; |
| 80 | $info["co"] = $user->country; |
Marc Kupietz | 0314662 | 2023-03-07 12:03:21 +0100 | [diff] [blame] | 81 | $info["telephoneNumber"] = $user->phone; |
Marc Kupietz | ade9e3c | 2023-03-06 21:39:23 +0100 | [diff] [blame] | 82 | |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 83 | $info["objectclass"][0] = "top"; |
| 84 | $info["objectclass"][1] = "person"; |
| 85 | $info["objectclass"][2] = "inetOrgPerson"; |
| 86 | $info["objectclass"][3] = "organizationalPerson"; |
Marc Kupietz | 00e13e8 | 2023-04-20 11:16:24 +0200 | [diff] [blame] | 87 | $info["objectclass"][4] = "extensibleObject"; |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 88 | |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 89 | $ldap_user = "cn=" . $USER . "," . join(",", array_slice(explode(",", $ldaptree), 1)); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 90 | $ldap_pass = $PASSWORD; |
| 91 | |
| 92 | //First: Connect to LDAP Server |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 93 | $connect = ldap_connect($ldap_host, $ldap_port) |
| 94 | or debug(">>Could not connect to LDAP server to add user<<"); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 95 | ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3); |
| 96 | ldap_set_option($connect, LDAP_OPT_REFERRALS, 0); |
| 97 | |
| 98 | //Login to LDAP |
| 99 | ldap_bind($connect, $ldap_user, $ldap_pass) |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 100 | or debug(">>Could not bind to $ldap_host to add user<<"); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 101 | |
| 102 | // Adding new user |
| 103 | |
Marc Kupietz | 5f06609 | 2023-04-20 11:16:25 +0200 | [diff] [blame] | 104 | $add = ldap_add($connect, $base_dn, $info); |
| 105 | if (!$add) { |
| 106 | debug(">>Not able to add user $info<<"); |
| 107 | debug(">>Could not bind to $ldap_host to add user $ldap_user<<"); |
| 108 | if (ldap_get_option($connect, LDAP_OPT_DIAGNOSTIC_MESSAGE, $extended_error)) { |
| 109 | debug("Error Binding to LDAP: $extended_error"); |
| 110 | } else { |
| 111 | debug("Error Binding to LDAP: No additional information is available."); |
| 112 | } |
| 113 | } |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 114 | |
| 115 | // Close connection |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 116 | ldap_close($connect); |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 117 | |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 118 | // Return value of operation |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 119 | |
| 120 | return $add; |
| 121 | } |
Marc Kupietz | 0215a44 | 2023-03-05 18:34:16 +0100 | [diff] [blame] | 122 | function ldap_user_count(string $user) |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 123 | { |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 124 | return ldap_search_query($user)["count"]; |
| 125 | } |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 126 | function ldap_mail_count($email) |
| 127 | { |
matheusfillipe | abd513e | 2021-05-11 03:29:11 -0300 | [diff] [blame] | 128 | return ldap_search_query($email, "mail")["count"]; |
| 129 | } |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 130 | |
| 131 | function change_password($email, $new_password) |
| 132 | { |
| 133 | include 'config.php'; |
| 134 | $ldap_host = $HOST; |
| 135 | $ldap_port = $PORT; |
| 136 | $ldaptree = explode("{},", $BASE_DN)[1]; |
| 137 | |
| 138 | $ldap_user = "cn=" . $USER . "," . join(",", array_slice(explode(",", $ldaptree), 1)); |
| 139 | $ldap_pass = $PASSWORD; |
| 140 | |
| 141 | //First: Connect to LDAP Server |
| 142 | $connect = ldap_connect($ldap_host, $ldap_port) |
| 143 | or debug(">>Could not connect to LDAP server to add user<<"); |
| 144 | ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3); |
| 145 | ldap_set_option($connect, LDAP_OPT_REFERRALS, 0); |
| 146 | |
| 147 | //Login to LDAP |
| 148 | ldap_bind($connect, $ldap_user, $ldap_pass) |
| 149 | or debug(">>Could not bind to $ldap_host to add user<<"); |
| 150 | |
| 151 | |
| 152 | $result = ldap_search($connect, $ldaptree, "(mail=" . $email . ")") or die("Error in search query: " . ldap_error($connect)); |
| 153 | $data = ldap_get_entries($connect, $result); |
| 154 | if (!$data['count'] || !isset($data[0]["dn"]) || empty($data[0]["dn"])) { |
| 155 | return false; |
| 156 | } |
| 157 | $dn = $data[0]["dn"]; |
| 158 | |
Marc Kupietz | 92e4866 | 2023-02-23 10:04:21 +0100 | [diff] [blame] | 159 | if ($ENCRYPT_PASSWORDS) { |
| 160 | $newEntry = ['userPassword' => "{crypt}" . crypt($new_password, '$6$' . generateSalt(10) . '$')]; |
| 161 | # $newEntry = ['userPassword' => "{SHA}" . base64_encode(sha1($new_password, true))]; |
| 162 | } else { |
| 163 | $newEntry = ['userPassword' => "{CLEAR}" . $new_password]; |
| 164 | } |
matheusfillipe | f43dd96 | 2021-05-13 23:27:01 -0300 | [diff] [blame] | 165 | if (ldap_mod_replace($connect, $dn, $newEntry)) |
| 166 | return true; |
| 167 | else |
| 168 | return false; |
| 169 | } |