Commit 27cdeac6aec691d603927423b809aea7619f90af
1 parent
2b381b2a
Basic Import
Showing
1 changed file
with
115 additions
and
0 deletions
main.inc.php
0 → 100644
| 1 | +<?php | |
| 2 | +/* | |
| 3 | +Plugin Name: Ldap_Login | |
| 4 | +Version: 1.2 | |
| 5 | +Description: Allow piwigo authentication along an ldap | |
| 6 | +Plugin URI: http://piwigo.org/ext/extension_view.php?eid=650 | |
| 7 | +Author: 22decembre | |
| 8 | +Author URI: http://www.22decembre.eu | |
| 9 | +*/ | |
| 10 | +if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); | |
| 11 | + | |
| 12 | +// +-----------------------------------------------------------------------+ | |
| 13 | +// | Define plugin constants | | |
| 14 | +// +-----------------------------------------------------------------------+ | |
| 15 | +define('LDAP_LOGIN_ID', basename(dirname(__FILE__))); | |
| 16 | +define('LDAP_LOGIN_PATH' , PHPWG_PLUGINS_PATH . LDAP_LOGIN_ID . '/'); | |
| 17 | +define('LDAP_LOGIN_ADMIN', get_root_url() . 'admin.php?page=plugin-' . LDAP_LOGIN_ID); | |
| 18 | +define('LDAP_LOGIN_VERSION', '1.2'); | |
| 19 | + | |
| 20 | +include_once(LDAP_LOGIN_PATH.'/class.ldap.php'); | |
| 21 | + | |
| 22 | +// +-----------------------------------------------------------------------+ | |
| 23 | +// | Event handlers | | |
| 24 | +// +-----------------------------------------------------------------------+ | |
| 25 | + | |
| 26 | +add_event_handler('init', 'ld_init'); | |
| 27 | + | |
| 28 | +add_event_handler('try_log_user','login', 0, 4); | |
| 29 | + | |
| 30 | +add_event_handler('get_admin_plugin_menu_links', array(&$ldap, 'ldap_admin_menu')); | |
| 31 | + | |
| 32 | +// +-----------------------------------------------------------------------+ | |
| 33 | +// | Admin menu loading | | |
| 34 | +// +-----------------------------------------------------------------------+ | |
| 35 | + | |
| 36 | +$ldap = new Ldap(); | |
| 37 | +$ldap->load_config(); | |
| 38 | +set_plugin_data($plugin['id'], $ldap); | |
| 39 | +unset($ldap); | |
| 40 | + | |
| 41 | +// +-----------------------------------------------------------------------+ | |
| 42 | +// | functions | | |
| 43 | +// +-----------------------------------------------------------------------+ | |
| 44 | + | |
| 45 | +function random_password( $length = 8 ) { | |
| 46 | + $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()_-=+;:,.?"; | |
| 47 | + $password = substr( str_shuffle( $chars ), 0, $length ); | |
| 48 | + return $password; | |
| 49 | +} | |
| 50 | + | |
| 51 | +function ld_init(){ | |
| 52 | + load_language('plugin.lang', LDAP_LOGIN_PATH); | |
| 53 | +} | |
| 54 | + | |
| 55 | + | |
| 56 | +function login($success, $username, $password, $remember_me){ | |
| 57 | + | |
| 58 | + global $conf; | |
| 59 | + | |
| 60 | + $obj = new Ldap(); | |
| 61 | + $obj->load_config(); | |
| 62 | + $obj->ldap_conn() or die("Unable to connect LDAP server : ".$ldap->getErrorString()); | |
| 63 | + | |
| 64 | + //if (!$obj->ldap_bind_as($username,$password)){ // bind with userdn | |
| 65 | + if (!$obj->ldap_search_dn($username) || !$obj->ldap_bind_as($obj->ldap_search_dn($username),$password)){ // bind with userdn | |
| 66 | + trigger_notify('login_failure', stripslashes($username)); | |
| 67 | + return false; // wrong password | |
| 68 | + } | |
| 69 | + | |
| 70 | + // search user in piwigo database | |
| 71 | + $query = 'SELECT '.$conf['user_fields']['id'].' AS id FROM '.USERS_TABLE.' WHERE '.$conf['user_fields']['username'].' = \''.pwg_db_real_escape_string($username).'\' ;'; | |
| 72 | + | |
| 73 | + $row = pwg_db_fetch_assoc(pwg_query($query)); | |
| 74 | + | |
| 75 | + // if query is not empty, it means everything is ok and we can continue, auth is done ! | |
| 76 | + if (!empty($row['id'])) { | |
| 77 | + log_user($row['id'], $remember_me); | |
| 78 | + trigger_notify('login_success', stripslashes($username)); | |
| 79 | + return true; | |
| 80 | + } | |
| 81 | + | |
| 82 | + // if query is empty but ldap auth is done we can create a piwigo user if it's said so ! | |
| 83 | + else { | |
| 84 | + // this is where we check we are allowed to create new users upon that. | |
| 85 | + if ($obj->config['allow_newusers']) { | |
| 86 | + | |
| 87 | + // we got the email address | |
| 88 | + if ($obj->ldap_mail($username)) { | |
| 89 | + $mail = $obj->ldap_mail($username); | |
| 90 | + } | |
| 91 | + else { | |
| 92 | + $mail = NULL; | |
| 93 | + } | |
| 94 | + | |
| 95 | + // we actually register the new user | |
| 96 | + $new_id = register_user($username,random_password(8),$mail); | |
| 97 | + | |
| 98 | + // now we fetch again his id in the piwigo db, and we get them, as we just created him ! | |
| 99 | + //$query = 'SELECT '.$conf['user_fields']['id'].' AS id FROM '.USERS_TABLE.' WHERE '.$conf['user_fields']['username'].' = \''.pwg_db_real_escape_string($username).'\' ;'; | |
| 100 | + //$row = pwg_db_fetch_assoc(pwg_query($query)); | |
| 101 | + | |
| 102 | + log_user($new_id, False); | |
| 103 | + trigger_notify('login_success', stripslashes($username)); | |
| 104 | + redirect('profile.php'); | |
| 105 | + return true; | |
| 106 | + } | |
| 107 | + // else : this is the normal behavior ! user is not created. | |
| 108 | + else { | |
| 109 | + trigger_notify('login_failure', stripslashes($username)); | |
| 110 | + return false; | |
| 111 | + } | |
| 112 | + } | |
| 113 | +} | |
| 114 | + | |
| 115 | +?> | |
| ... | ... |