-<?
+<?php
/**
* assigns some standard variables to smarty templates
// use HTTP auth if wanted and possible
$_SESSION['ldapab']['username'] = $_SERVER['PHP_AUTH_USER'];
$_SESSION['ldapab']['password'] = $_SERVER['PHP_AUTH_PW'];
- } elseif ($_COOKIE['ldapabauth']) {
+ } elseif (!empty($_COOKIE['ldapabauth'])) {
// check persistent cookie
$cookie = base64_decode($_COOKIE['ldapabauth']);
$cookie = x_Decrypt($cookie,get_cookie_secret());
$_SESSION['ldapab']['password'] = $p;
}
- if(!do_ldap_bind($_SESSION['ldapab']['username'],
+ if(empty($_SESSION['ldapab']) ||
+ !do_ldap_bind($_SESSION['ldapab']['username'],
$_SESSION['ldapab']['password'],
$_SESSION['ldapab']['binddn'])){
header('Location: login.php?username=');
*/
function auth_browseruid(){
$uid = '';
+ if (empty($_SERVER['HTTP_USER_AGENT'])) { $_SERVER['HTTP_USER_AGENT']='USER_AGENT'; }
+ if (empty($_SERVER['HTTP_ACCEPT_ENCODING'])) { $_SERVER['HTTP_ACCEPT_ENCODING']='ACCEPT_ENCODING'; }
+ if (empty($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { $_SERVER['HTTP_ACCEPT_LANGUAGE']='ACCEPT_LANGUAGE'; }
+ if (empty($_SERVER['HTTP_ACCEPT_CHARSET'])) { $_SERVER['HTTP_ACCEPT_CHARSET']='ACCEPT_CHARSET'; }
$uid .= $_SERVER['HTTP_USER_AGENT'];
$uid .= $_SERVER['HTTP_ACCEPT_ENCODING'];
$uid .= $_SERVER['HTTP_ACCEPT_LANGUAGE'];
$_SESSION['ldapab']['password'] = $pass;
$_SESSION['ldapab']['browserid'] = auth_browseruid();
- // (re)set the persistant auth cookie
+ // (re)set the persistent auth cookie
if($user == ''){
setcookie('ldapabauth','',time()+60*60*24*365);
- }elseif($_REQUEST['remember']){
+ }elseif(!empty($_REQUEST['remember'])){
$cookie = serialize(array($user,$pass));
$cookie = x_Encrypt($cookie,get_cookie_secret());
$cookie = base64_encode($cookie);
}
/**
- * Creates a random string to encrypt persistant auth
- * cookies the string is stored inside the cache dir
+ * Creates a random string to encrypt persistent auth
+ * cookies; the string is stored inside the cache dir
*/
function get_cookie_secret(){
$file = dirname(__FILE__).'/cache/.htcookiesecret.php';
return $data;
}
+
/**
* loads ldap names and their cleartext meanings from
* entries.conf file and returns it as hash
*/
function namedentries($flip=false){
- global $conf;
-
- $entries['dn'] = 'dn';
- $entries['sn'] = 'name';
- $entries['givenName'] = 'givenname';
- $entries['title'] = 'title';
- $entries['o'] = 'organization';
- $entries['physicalDeliveryOfficeName'] = 'office';
- $entries['postalAddress'] = 'street';
- $entries['postalCode'] = 'zip';
- $entries['l'] = 'location';
- $entries['telephoneNumber'] = 'phone';
- $entries['facsimileTelephoneNumber'] = 'fax';
- $entries['mobile'] = 'mobile';
- $entries['pager'] = 'pager';
- $entries['homePhone'] = 'homephone';
- $entries['homePostalAddress'] = 'homestreet';
- $entries['jpegPhoto'] = 'photo';
- $entries['labeledURI'] = 'url';
- $entries['description'] = 'note';
- $entries['manager'] = 'manager';
- $entries['cn'] = 'displayname';
-
- if($conf['extended']){
- $entries['anniversary'] = 'anniversary';
- }
- if($conf['openxchange']){
- $entries['mailDomain'] = 'domain';
- $entries['userCountry'] = 'country';
- $entries['birthDay'] = 'birthday';
- $entries['IPPhone'] = 'ipphone';
- $entries['OXUserCategories'] = 'categories';
- $entries['OXUserInstantMessenger'] = 'instantmessenger';
- $entries['OXTimeZone'] = 'timezone';
- $entries['OXUserPosition'] = 'position';
- $entries['relClientCert'] = 'certificate';
- }
-
- if($flip){
- $entries = array_reverse($entries);
- $entries = array_flip($entries);
- }
- return $entries;
+ trigger_error('deprecated namedentries called',E_USER_WARNING);
}
/**
*/
function prepare_ldap_entry($in){
global $conf;
-
- //check dateformat
- if(!preg_match('/\d\d\d\d-\d\d-\d\d/',$in['anniversary'])){
- $in['anniversary']='';
- }
-
- $entries = namedentries(true);
- foreach(array_keys($in) as $key){
- if(empty($entries[$key])){
- $keyname=$key;
- }else{
- $keyname=$entries[$key];
- }
- if(is_array($in[$key])){
- $out[$keyname] = $in[$key];
+ global $FIELDS;
+ global $OCLASSES;
+
+ //check dateformats
+ if(!preg_match('/\d\d\d\d-\d\d-\d\d/',$in['anniversary'])) $in['anniversary']='';
+ if(!preg_match('/\d\d\d\d-\d\d-\d\d/',$in['birthday'])) $in['birthday']='';
+
+ // we map all internal names to the configured LDAP attributes here
+ foreach($in as $key => $value){
+ if($FIELDS[$key]){
+ // normal mapped field
+ $out[$FIELDS[$key]][] = $value;
+ }elseif($FIELDS["_$key"]){
+ // mapped multi field
+ if(is_array($value)){
+ $out[$FIELDS["_$key"]] = $value;
+ }else{
+ $out[$FIELDS["_$key"]][] = $value; //shouldn't happen, but to be sure
+ }
}else{
- $out[$keyname][] = $in[$key];
+ // no mapping found - assume it to be a LDAP attribute (shouldn't happen)
+ if(is_array($value)){
+ $out[$key] = $value;
+ }else{
+ $out[$key][] = $value;
+ }
}
}
- //standard Objectclass
- $out['objectclass'][] = 'inetOrgPerson';
- if($conf['extended']){
- $out['objectclass'][] = 'contactPerson';
- }
- if($conf['openxchange']){
- $out['objectclass'][] = 'OXUserObject';
- }
+ // add the Objectclasses
+ $out['objectclass'] = $OCLASSES;
return clear_array($out);
}
$sr = ldap_list($LDAP_CON,$conf['usertree'],"ObjectClass=inetOrgPerson");
$result = ldap_get_binentries($LDAP_CON, $sr);
+ $users = array();
if(count($result)){
foreach ($result as $entry){
if(!empty($entry['sn'][0])){
projects / contagged / blobdiff