Commit 27cdeac6aec691d603927423b809aea7619f90af

Authored by spelth
1 parent 2b381b2a

Basic Import

Showing 1 changed file with 115 additions and 0 deletions
main.inc.php 0 → 100644
  1 +<?php
  2 +/*
  3 +Plugin Name: Ldap_Login
  4 +Version: 1.2
  5 +Description: Allow piwigo authentication along an ldap
  6 +Plugin URI: http://piwigo.org/ext/extension_view.php?eid=650
  7 +Author: 22decembre
  8 +Author URI: http://www.22decembre.eu
  9 +*/
  10 +if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
  11 +
  12 +// +-----------------------------------------------------------------------+
  13 +// | Define plugin constants |
  14 +// +-----------------------------------------------------------------------+
  15 +define('LDAP_LOGIN_ID', basename(dirname(__FILE__)));
  16 +define('LDAP_LOGIN_PATH' , PHPWG_PLUGINS_PATH . LDAP_LOGIN_ID . '/');
  17 +define('LDAP_LOGIN_ADMIN', get_root_url() . 'admin.php?page=plugin-' . LDAP_LOGIN_ID);
  18 +define('LDAP_LOGIN_VERSION', '1.2');
  19 +
  20 +include_once(LDAP_LOGIN_PATH.'/class.ldap.php');
  21 +
  22 +// +-----------------------------------------------------------------------+
  23 +// | Event handlers |
  24 +// +-----------------------------------------------------------------------+
  25 +
  26 +add_event_handler('init', 'ld_init');
  27 +
  28 +add_event_handler('try_log_user','login', 0, 4);
  29 +
  30 +add_event_handler('get_admin_plugin_menu_links', array(&$ldap, 'ldap_admin_menu'));
  31 +
  32 +// +-----------------------------------------------------------------------+
  33 +// | Admin menu loading |
  34 +// +-----------------------------------------------------------------------+
  35 +
  36 +$ldap = new Ldap();
  37 +$ldap->load_config();
  38 +set_plugin_data($plugin['id'], $ldap);
  39 +unset($ldap);
  40 +
  41 +// +-----------------------------------------------------------------------+
  42 +// | functions |
  43 +// +-----------------------------------------------------------------------+
  44 +
  45 +function random_password( $length = 8 ) {
  46 + $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()_-=+;:,.?";
  47 + $password = substr( str_shuffle( $chars ), 0, $length );
  48 + return $password;
  49 +}
  50 +
  51 +function ld_init(){
  52 + load_language('plugin.lang', LDAP_LOGIN_PATH);
  53 +}
  54 +
  55 +
  56 +function login($success, $username, $password, $remember_me){
  57 +
  58 + global $conf;
  59 +
  60 + $obj = new Ldap();
  61 + $obj->load_config();
  62 + $obj->ldap_conn() or die("Unable to connect LDAP server : ".$ldap->getErrorString());
  63 +
  64 + //if (!$obj->ldap_bind_as($username,$password)){ // bind with userdn
  65 + if (!$obj->ldap_search_dn($username) || !$obj->ldap_bind_as($obj->ldap_search_dn($username),$password)){ // bind with userdn
  66 + trigger_notify('login_failure', stripslashes($username));
  67 + return false; // wrong password
  68 + }
  69 +
  70 + // search user in piwigo database
  71 + $query = 'SELECT '.$conf['user_fields']['id'].' AS id FROM '.USERS_TABLE.' WHERE '.$conf['user_fields']['username'].' = \''.pwg_db_real_escape_string($username).'\' ;';
  72 +
  73 + $row = pwg_db_fetch_assoc(pwg_query($query));
  74 +
  75 + // if query is not empty, it means everything is ok and we can continue, auth is done !
  76 + if (!empty($row['id'])) {
  77 + log_user($row['id'], $remember_me);
  78 + trigger_notify('login_success', stripslashes($username));
  79 + return true;
  80 + }
  81 +
  82 + // if query is empty but ldap auth is done we can create a piwigo user if it's said so !
  83 + else {
  84 + // this is where we check we are allowed to create new users upon that.
  85 + if ($obj->config['allow_newusers']) {
  86 +
  87 + // we got the email address
  88 + if ($obj->ldap_mail($username)) {
  89 + $mail = $obj->ldap_mail($username);
  90 + }
  91 + else {
  92 + $mail = NULL;
  93 + }
  94 +
  95 + // we actually register the new user
  96 + $new_id = register_user($username,random_password(8),$mail);
  97 +
  98 + // now we fetch again his id in the piwigo db, and we get them, as we just created him !
  99 + //$query = 'SELECT '.$conf['user_fields']['id'].' AS id FROM '.USERS_TABLE.' WHERE '.$conf['user_fields']['username'].' = \''.pwg_db_real_escape_string($username).'\' ;';
  100 + //$row = pwg_db_fetch_assoc(pwg_query($query));
  101 +
  102 + log_user($new_id, False);
  103 + trigger_notify('login_success', stripslashes($username));
  104 + redirect('profile.php');
  105 + return true;
  106 + }
  107 + // else : this is the normal behavior ! user is not created.
  108 + else {
  109 + trigger_notify('login_failure', stripslashes($username));
  110 + return false;
  111 + }
  112 + }
  113 +}
  114 +
  115 +?>
... ...