Commit 27cdeac6aec691d603927423b809aea7619f90af
1 parent
2b381b2a
Basic Import
Showing
1 changed file
with
115 additions
and
0 deletions
main.inc.php
0 → 100644
1 | +<?php | |
2 | +/* | |
3 | +Plugin Name: Ldap_Login | |
4 | +Version: 1.2 | |
5 | +Description: Allow piwigo authentication along an ldap | |
6 | +Plugin URI: http://piwigo.org/ext/extension_view.php?eid=650 | |
7 | +Author: 22decembre | |
8 | +Author URI: http://www.22decembre.eu | |
9 | +*/ | |
10 | +if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); | |
11 | + | |
12 | +// +-----------------------------------------------------------------------+ | |
13 | +// | Define plugin constants | | |
14 | +// +-----------------------------------------------------------------------+ | |
15 | +define('LDAP_LOGIN_ID', basename(dirname(__FILE__))); | |
16 | +define('LDAP_LOGIN_PATH' , PHPWG_PLUGINS_PATH . LDAP_LOGIN_ID . '/'); | |
17 | +define('LDAP_LOGIN_ADMIN', get_root_url() . 'admin.php?page=plugin-' . LDAP_LOGIN_ID); | |
18 | +define('LDAP_LOGIN_VERSION', '1.2'); | |
19 | + | |
20 | +include_once(LDAP_LOGIN_PATH.'/class.ldap.php'); | |
21 | + | |
22 | +// +-----------------------------------------------------------------------+ | |
23 | +// | Event handlers | | |
24 | +// +-----------------------------------------------------------------------+ | |
25 | + | |
26 | +add_event_handler('init', 'ld_init'); | |
27 | + | |
28 | +add_event_handler('try_log_user','login', 0, 4); | |
29 | + | |
30 | +add_event_handler('get_admin_plugin_menu_links', array(&$ldap, 'ldap_admin_menu')); | |
31 | + | |
32 | +// +-----------------------------------------------------------------------+ | |
33 | +// | Admin menu loading | | |
34 | +// +-----------------------------------------------------------------------+ | |
35 | + | |
36 | +$ldap = new Ldap(); | |
37 | +$ldap->load_config(); | |
38 | +set_plugin_data($plugin['id'], $ldap); | |
39 | +unset($ldap); | |
40 | + | |
41 | +// +-----------------------------------------------------------------------+ | |
42 | +// | functions | | |
43 | +// +-----------------------------------------------------------------------+ | |
44 | + | |
45 | +function random_password( $length = 8 ) { | |
46 | + $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()_-=+;:,.?"; | |
47 | + $password = substr( str_shuffle( $chars ), 0, $length ); | |
48 | + return $password; | |
49 | +} | |
50 | + | |
51 | +function ld_init(){ | |
52 | + load_language('plugin.lang', LDAP_LOGIN_PATH); | |
53 | +} | |
54 | + | |
55 | + | |
56 | +function login($success, $username, $password, $remember_me){ | |
57 | + | |
58 | + global $conf; | |
59 | + | |
60 | + $obj = new Ldap(); | |
61 | + $obj->load_config(); | |
62 | + $obj->ldap_conn() or die("Unable to connect LDAP server : ".$ldap->getErrorString()); | |
63 | + | |
64 | + //if (!$obj->ldap_bind_as($username,$password)){ // bind with userdn | |
65 | + if (!$obj->ldap_search_dn($username) || !$obj->ldap_bind_as($obj->ldap_search_dn($username),$password)){ // bind with userdn | |
66 | + trigger_notify('login_failure', stripslashes($username)); | |
67 | + return false; // wrong password | |
68 | + } | |
69 | + | |
70 | + // search user in piwigo database | |
71 | + $query = 'SELECT '.$conf['user_fields']['id'].' AS id FROM '.USERS_TABLE.' WHERE '.$conf['user_fields']['username'].' = \''.pwg_db_real_escape_string($username).'\' ;'; | |
72 | + | |
73 | + $row = pwg_db_fetch_assoc(pwg_query($query)); | |
74 | + | |
75 | + // if query is not empty, it means everything is ok and we can continue, auth is done ! | |
76 | + if (!empty($row['id'])) { | |
77 | + log_user($row['id'], $remember_me); | |
78 | + trigger_notify('login_success', stripslashes($username)); | |
79 | + return true; | |
80 | + } | |
81 | + | |
82 | + // if query is empty but ldap auth is done we can create a piwigo user if it's said so ! | |
83 | + else { | |
84 | + // this is where we check we are allowed to create new users upon that. | |
85 | + if ($obj->config['allow_newusers']) { | |
86 | + | |
87 | + // we got the email address | |
88 | + if ($obj->ldap_mail($username)) { | |
89 | + $mail = $obj->ldap_mail($username); | |
90 | + } | |
91 | + else { | |
92 | + $mail = NULL; | |
93 | + } | |
94 | + | |
95 | + // we actually register the new user | |
96 | + $new_id = register_user($username,random_password(8),$mail); | |
97 | + | |
98 | + // now we fetch again his id in the piwigo db, and we get them, as we just created him ! | |
99 | + //$query = 'SELECT '.$conf['user_fields']['id'].' AS id FROM '.USERS_TABLE.' WHERE '.$conf['user_fields']['username'].' = \''.pwg_db_real_escape_string($username).'\' ;'; | |
100 | + //$row = pwg_db_fetch_assoc(pwg_query($query)); | |
101 | + | |
102 | + log_user($new_id, False); | |
103 | + trigger_notify('login_success', stripslashes($username)); | |
104 | + redirect('profile.php'); | |
105 | + return true; | |
106 | + } | |
107 | + // else : this is the normal behavior ! user is not created. | |
108 | + else { | |
109 | + trigger_notify('login_failure', stripslashes($username)); | |
110 | + return false; | |
111 | + } | |
112 | + } | |
113 | +} | |
114 | + | |
115 | +?> | |
... | ... |