4 * assigns some standard variables to smarty templates
8 $smarty->assign('USER',$_SESSION[ldapab][username]);
12 * Uses Username and Password from Session to initialize the LDAP handle
13 * If it fails it redirects to login.php
15 function ldap_login(){
17 if(!empty($_SESSION[ldapab][username])){
18 //existing session! Check if valid
19 if($_COOKIE[ldapabconid] != $_SESSION[ldapab][conid]){
20 //session hijacking detected
21 header('Location: login.php?username=');
24 } elseif ($conf[httpd_auth] && !empty($_SERVER[PHP_AUTH_USER])) {
25 $_SESSION[ldapab][username] = $_SERVER[PHP_AUTH_USER];
26 $_SESSION[ldapab][password] = $_SERVER[PHP_AUTH_PW];
29 if(!do_ldap_bind($_SESSION[ldapab][username],
30 $_SESSION[ldapab][password],
31 $_SESSION[ldapab][binddn])){
32 header('Location: login.php?username=');
38 * Creates a global LDAP connection handle called $LDAP_CON
40 function do_ldap_bind($user,$pass,$dn=""){
44 //create global connection to LDAP if nessessary
46 $LDAP_CON = ldap_connect($conf[ldapserver],$conf[ldapport]);
48 die("couldn't connect to LDAP server");
53 //anonymous bind to lookup users
54 //blank binddn or blank bindpw will result in anonymous bind
55 if(!ldap_bind($LDAP_CON,$conf[anonbinddn],$conf[anonbindpw])){
56 die("can not bind anonymously");
59 //when no user was given stay connected anonymous
61 set_session('','','');
65 //get dn for given user
66 $filter = str_replace('%u',$user,$conf[userfilter]);
67 $sr = ldap_search($LDAP_CON, $conf[usertree], $filter);;
68 $result = ldap_get_entries($LDAP_CON, $sr);
69 if($result['count'] != 1){
70 set_session('','','');
73 $dn = $result[0]['dn'];
77 if(ldap_bind($LDAP_CON,$dn,$pass)){
78 //bind successful -> set up session
79 set_session($user,$pass,$dn);
82 //bind failed -> remove session
83 set_session('','','');
88 * saves user data to Session
90 function set_session($user,$pass,$dn){
92 $_SESSION[ldapab][username]=$user;
93 $_SESSION[ldapab][binddn] =$dn;
94 $_SESSION[ldapab][password]=$pass;
95 $_SESSION[ldapab][conid] =$rand;
96 setcookie('ldapabconid',$rand,time()+60*60*24);
100 * binary safe function to get all search result data.
101 * It will use ldap_get_values_len() instead and build the array
102 * note: it's similar with the array returned by ldap_get_entries()
103 * except it has no "count" elements
105 * @author: Original code by Ovidiu Geaboc <ogeaboc@rdanet.com>
107 function ldap_get_binentries($conn,$srchRslt){
108 if(!@ldap_count_entries($conn,$srchRslt)){
111 $entry = ldap_first_entry($conn, $srchRslt);
114 $dn = ldap_get_dn($conn,$entry);
115 $attrs = ldap_get_attributes($conn, $entry);
116 for($j=0; $j<$attrs['count']; $j++) {
117 $vals = ldap_get_values_len($conn, $entry,$attrs[$j]);
118 for($k=0; $k<$vals['count']; $k++){
119 $data[$i][$attrs[$j]][$k]=$vals[$k];
124 }while ($entry = ldap_next_entry($conn, $entry));
130 * loads ldap names and their cleartext meanings from
131 * entries.conf file and returns it as hash
133 function namedentries($flip=false){
137 $entries[sn] = 'name';
138 $entries[givenName] = 'givenname';
139 $entries[title] = 'title';
140 $entries[o] = 'organization';
141 $entries[physicalDeliveryOfficeName] = 'office';
142 $entries[postalAddress] = 'street';
143 $entries[postalCode] = 'zip';
144 $entries[l] = 'location';
145 $entries[telephoneNumber] = 'phone';
146 $entries[facsimileTelephoneNumber] = 'fax';
147 $entries[mobile] = 'mobile';
148 $entries[pager] = 'pager';
149 $entries[homePhone] = 'homephone';
150 $entries[homePostalAddress] = 'homestreet';
151 $entries[jpegPhoto] = 'photo';
152 $entries[labeledURI] = 'url';
153 $entries[description] = 'note';
154 $entries[manager] = 'manager';
155 $entries[cn] = 'displayname';
158 $entries[anniversary] = 'anniversary';
160 if($conf[openxchange]){
161 $entries[mailDomain] = 'domain';
162 $entries[userCountry] = 'country';
163 $entries[birthDay] = 'birthday';
164 $entries[IPPhone] = 'ipphone';
165 $entries[OXUserCategories] = 'categories';
166 $entries[OXUserInstantMessenger] = 'instantmessenger';
167 $entries[OXTimeZone] = 'timezone';
168 $entries[OXUserPosition] = 'position';
169 $entries[relClientCert] = 'certificate';
173 $entries = array_reverse($entries);
174 $entries = array_flip($entries);
180 * Creates an array for submission to ldap from websitedata
182 function prepare_ldap_entry($in){
186 if(!preg_match('/\d\d\d\d-\d\d-\d\d/',$in[anniversary])){
190 $entries = namedentries(true);
191 foreach(array_keys($in) as $key){
192 if(empty($entries[$key])){
195 $keyname=$entries[$key];
197 if(is_array($in[$key])){
198 $out[$keyname] = $in[$key];
200 $out[$keyname][] = $in[$key];
204 //standard Objectclass
205 $out[objectclass][] = 'inetOrgPerson';
207 $out[objectclass][] = 'contactPerson';
209 if($conf[openxchange]){
210 $out[objectclass][] = 'OXUserObject';
213 utf8_encode_array($out);
215 return clear_array($out);
219 * remove empty element from arrays recursively
221 * @author Original by <xntx@msn.com>
223 function clear_array ( $a ) {
224 if ($a !== array()) {
226 foreach ( $a as $key => $value ) {
227 if (is_array($value)) {
228 if (clear_array($value) !== false) {
229 $b[$key] = clear_array ( $value );
231 } elseif ($value !== '') {
235 if ($b !== array()) {
246 * deletes an entryfrom ldap - optional with recursion
248 * @author Original by <gabriel@hrz.uni-marburg.de>
250 function ldap_full_delete($ds,$dn,$recursive=false){
251 if($recursive == false){
252 return(ldap_delete($ds,$dn));
254 //searching for sub entries
255 $sr=ldap_list($ds,$dn,"ObjectClass=*",array(""));
256 $info = ldap_get_entries($ds, $sr);
257 for($i=0;$i<$info['count'];$i++){
258 //deleting recursively sub entries
259 $result=myldap_delete($ds,$info[$i]['dn'],$recursive);
261 //return result code, if delete fails
265 return(ldap_delete($ds,$dn));
270 * Returns all User Accounts as assoziative array
272 function get_users(){
276 $sr = ldap_list($LDAP_CON,$conf[usertree],"ObjectClass=inetOrgPerson");
277 $result = ldap_get_binentries($LDAP_CON, $sr);
279 foreach ($result as $entry){
280 if(!empty($entry[sn][0])){
281 $users[$entry[dn]] = $entry[givenName][0]." ".$entry[sn][0];
289 * makes sure the given DN contains exactly one space
292 function normalize_dn($dn){
293 $dn = preg_replace('/,/',', ',$dn);
294 $dn = preg_replace('/,\s+/',', ',$dn);
299 * Merges the given classes with the existing ones
301 function ldap_store_objectclasses($dn,$classes){
305 $sr = ldap_search($LDAP_CON,$dn,"objectClass=*",array('objectClass'));
306 $result = ldap_get_binentries($LDAP_CON, $sr);
307 $set = $result[0][objectClass];
308 $set = array_unique_renumber(array_merge($set,$classes));
309 $add[objectClass] = $set;
311 $r = @ldap_mod_replace($LDAP_CON,$dn,$add);
320 * Makes array unique and renumbers the entries
322 * @author <kay_rules@yahoo.com>
324 function array_unique_renumber($somearray){
325 $tmparr = array_unique($somearray);
327 foreach ($tmparr as $v) {
335 * Decodes UTF8 recursivly for the given array
337 function utf8_decode_array(&$array) {
338 foreach (array_keys($array) as $key) {
339 if($key === 'dn') continue;
340 if($key === 'jpegPhoto') continue;
341 if (is_array($array[$key])) {
342 utf8_decode_array($array[$key]);
344 $array[$key] = utf8_decode($array[$key]);
350 * Encodes the given array to UTF8 recursively
352 function utf8_encode_array(&$array) {
353 foreach (array_keys($array) as $key) {
354 if($key === 'dn') continue;
355 if($key === 'jpegPhoto') continue;
356 if (is_array($array[$key])) {
357 utf8_encode_array($array[$key]);
359 $array[$key] = utf8_encode($array[$key]);