From 5823772d4b76fb3ecc4390e79a48342efec16276 Mon Sep 17 00:00:00 2001
From: spelth <lukas.leidinger@gmail.com>
Date: Sat, 2 May 2015 11:29:52 +0200
Subject: [PATCH] Basic Import

---
 admin/configuration.php           |  75 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 admin/configuration.tpl           | 114 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 admin/index.php                   |  30 ++++++++++++++++++++++++++++++
 admin/ldap_login_plugin_admin.php |  22 ++++++++++++++++++++++
 admin/ldap_login_plugin_admin.tpl |  24 ++++++++++++++++++++++++
 admin/newusers.php                |  52 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 admin/newusers.tpl                |  54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 7 files changed, 371 insertions(+), 0 deletions(-)
 create mode 100644 admin/configuration.php
 create mode 100644 admin/configuration.tpl
 create mode 100644 admin/index.php
 create mode 100644 admin/ldap_login_plugin_admin.php
 create mode 100644 admin/ldap_login_plugin_admin.tpl
 create mode 100644 admin/newusers.php
 create mode 100644 admin/newusers.tpl

diff --git a/admin/configuration.php b/admin/configuration.php
new file mode 100644
index 0000000..53fe66a
--- /dev/null
+++ b/admin/configuration.php
@@ -0,0 +1,75 @@
+<?php
+if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
+
+global $template;
+$template->set_filenames( array('plugin_admin_content' => dirname(__FILE__).'/configuration.tpl') );
+$template->assign(
+  array(
+    'PLUGIN_ACTION' => get_root_url().'admin.php?page=plugin-Ldap_Login-configuration',
+    'PLUGIN_CHECK' => get_root_url().'admin.php?page=plugin-Ldap_Login-configuration',
+    ));
+
+$me = new Ldap();
+$me->load_config();
+//$me = get_plugin_data($plugin_id);
+
+$template->assign('HOST', 	$me->config['host']);
+$template->assign('BASEDN',	$me->config['basedn']); // racine !
+$template->assign('PORT', 	$me->config['port']);
+$template->assign('LD_ATTR',	$me->config['ld_attr']);
+$template->assign('LD_GROUP',	$me->config['ld_group']);
+$template->assign('LD_USE_SSL',	$me->config['ld_use_ssl']);
+$template->assign('LD_BINDPW',	$me->config['ld_bindpw']);
+$template->assign('LD_BINDDN',	$me->config['ld_binddn']);
+
+if (isset($_POST['save'])){
+	$me->config['host'] 	 = $_POST['HOST'];
+	$me->config['basedn']    = $_POST['BASEDN'];
+	$me->config['port']      = $_POST['PORT'];
+	$me->config['ld_attr']   = $_POST['LD_ATTR'];
+	$me->config['ld_group']	 = $_POST['LD_GROUP'];
+	$me->config['ld_binddn'] = $_POST['LD_BINDDN'];
+	$me->config['ld_bindpw'] = $_POST['LD_BINDPW'];
+
+	if (isset($_POST['LD_USE_SSL'])){
+		$me->config['ld_use_ssl'] = True;
+	} else {
+		$me->config['ld_use_ssl'] = False;
+	}
+}
+
+// Save LDAP configuration
+if (isset($_POST['save'])){
+	$me->save_config();
+}
+
+// Checki LDAP configuration
+$me->ldap_conn();
+if (isset($_POST['check_ldap'])){
+	//$me->write_log("[function]> admin");
+	//$check = $me->ldap_name($_POST['USERNAME']);
+	$username = $me->ldap_search_dn($_POST['USERNAME']);
+	//$me->write_log("[admin]> bind=".$username);
+	$error=$me->check_ldap();
+	if($error==1 && $username) {
+		if ($me->ldap_bind_as($username,$_POST['PASSWORD'])){
+			if($me->check_ldap_group_membership($username,$me->config['ld_group'])){
+	                        $template->assign('LD_CHECK_LDAP','<p style="color:green;">Configuration LDAP OK : '.$username.'</p>');
+			} else {
+				$template->assign('LD_CHECK_LDAP','<p style="color:orange;">Credentials OK, Check GroupMembership for: '.$username.'</p>');
+			}
+                }
+                else {
+			$template->assign('LD_CHECK_LDAP','<p style="color:red;"> Binding OK, but check credentials on server '.$me->config['uri'].' for user '.$username.'</p>');
+                }
+	} elseif($error==1 && !$username){
+		$template->assign('LD_CHECK_LDAP','<p style="color:red;">Error : Binding OK, but no valid DN found on server '.$me->config['uri'].' for user '.$_POST['USERNAME'].'</p>');
+	} elseif($error && $username){
+		$template->assign('LD_CHECK_LDAP','<p style="color:red;">Error : Binding OK, but check credentials on '.$me->config['uri'].' for user '.$_POST['USERNAME'].'</p>');
+	} else {
+		$template->assign('LD_CHECK_LDAP','<p style="color:red;">Error : '.$error.' for binding on server '.$me->config['uri'].' for user '.$_POST['USERNAME'].', check your binding!</p>');
+	}
+}
+
+$template->assign_var_from_handle( 'ADMIN_CONTENT', 'plugin_admin_content');
+?>
diff --git a/admin/configuration.tpl b/admin/configuration.tpl
new file mode 100644
index 0000000..072613a
--- /dev/null
+++ b/admin/configuration.tpl
@@ -0,0 +1,114 @@
+<h2>{'Ldap_Login Plugin'|@translate}</h2>
+
+<div id="configContent">
+
+<p>{'All LDAP users can use their ldap password everywhere on piwigo if needed.'|@translate}</p>
+
+<form method="post" action="{$PLUGIN_ACTION}" class="general">
+
+	{if (!extension_loaded('ldap'))}
+		<p style="color:red;">{'Warning: LDAP Extension missing.'|@translate}</p>
+		<br />
+	{/if}
+	
+	<fieldset class="mainConf">
+	<legend>{'Ldap server host connection'|@translate}</legend>
+	
+	<ul>
+		<li>
+			<label for="host">{'Ldap server host'|@translate}</label>
+			<br>
+			<input size="70" type="text" id="host" name="HOST" value="{$HOST}" />
+		</li>
+	
+		<li>
+			<label for="ld_use_ssl">
+			{if $LD_USE_SSL }
+				<input type="checkbox" id="ld_use_ssl" name="LD_USE_SSL" value="{$LD_USE_SSL}" checked />
+			{else}
+				<input type="checkbox" id="ld_use_ssl" name="LD_USE_SSL" value="{$LD_USE_SSL}" />
+			{/if}
+			{'Secure connexion'|@translate}</label>
+		</li>
+	
+		<li>
+			<label for="port">{'Ldap port'|@translate}</label>
+			<br>
+			<input type="text" id="port" name="PORT" value="{$PORT}" />
+		</li>
+	</ul>
+	<i>{'If empty, localhost and standard protocol ports will be used in configuration.'|@translate}</i>
+    </fieldset>
+    
+    <fieldset class="mainConf">
+	<legend>{'Ldap attributes'|@translate}</legend>
+	<ul>
+		<li>
+			<label for="basedn">{'Base DN'|@translate}</label>
+			<br>
+			<input size="70" type="text" id="basedn" name="BASEDN" value="{$BASEDN}" />
+		</li>
+	
+		<li>
+			<label for="ld_attr">{'Attribute corresponding to the user name'|@translate}</label>
+			<br>
+			<input type="text" id="ld_attr" name="LD_ATTR" value="{$LD_ATTR}" />
+		</li>
+		<li>
+			<label for="groupdn">{'DN of group for membership-check (memberOf)'|@translate}</label>
+			<br>
+			<input size="70" type="text" id="ld_group" name="LD_GROUP" value="{$LD_GROUP}" />
+		</li>
+	</ul>
+    </fieldset>
+    
+    <fieldset class="mainConf">
+	<legend>{'Ldap connection credentials'|@translate}</legend>
+	<ul>
+		<li>
+			<label for="ld_binddn">{'Bind DN, field in full ldap style'|@translate}</label>
+			<br>
+			<input size="70" type="text" id="ld_binddn" name="LD_BINDDN" value="{$LD_BINDDN}" />
+		</li>
+		
+		<li>
+			<label for="ld_bindpw">{'Bind password'|@translate}</label>
+			<br>
+			<input type="password" id="ld_bindpw" name="LD_BINDPW" />
+		</li>
+	</ul>
+	<i>{'Let the fields blank if the ldap accept anonymous connections.'|@translate}</i>
+</fieldset>
+ 
+<p>
+<input type="submit" value="{'Save'|@translate}" name="save" />
+</p>
+</form>
+
+<form method="post" action="{$PLUGIN_CHECK}" class="general">
+<fieldset class="mainConf">
+<legend>{'Ldap_Login Test'|@translate}</legend>
+<i>{'You must save the settings with the Save button just up there before testing here.'|@translate}</i>
+	<ul>
+		<li>
+			<label for="username">{'Username'|@translate}</label>
+			<br>
+			<input type="text" id="username" name="USERNAME" value="{$USERNAME}" />
+		</li>
+		
+		<li>
+			<label for="ld_attr">{'Your password'|@translate}</label>
+			<br>
+			<input type="password" id="password" name="PASSWORD" value="{$PASSWORD}" />
+		</li>
+	</ul>
+	
+	{if (!empty($LD_CHECK_LDAP))}
+ 		{$LD_CHECK_LDAP}
+	{/if}
+
+</fieldset>
+<p><input type="submit" value="{'Test Settings'|@translate}" name="check_ldap" /></p>
+
+</form>
+</div>
diff --git a/admin/index.php b/admin/index.php
new file mode 100644
index 0000000..df13f7e
--- /dev/null
+++ b/admin/index.php
@@ -0,0 +1,30 @@
+<?php
+// +-----------------------------------------------------------------------+
+// | Piwigo - a PHP based photo gallery                                    |
+// +-----------------------------------------------------------------------+
+// | Copyright(C) 2008-2013 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
+// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
+// +-----------------------------------------------------------------------+
+// | This program is free software; you can redistribute it and/or modify  |
+// | it under the terms of the GNU General Public License as published by  |
+// | the Free Software Foundation                                          |
+// |                                                                       |
+// | This program is distributed in the hope that it will be useful, but   |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
+// | General Public License for more details.                              |
+// |                                                                       |
+// | You should have received a copy of the GNU General Public License     |
+// | along with this program; if not, write to the Free Software           |
+// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
+// | USA.                                                                  |
+// +-----------------------------------------------------------------------+
+
+// Recursive call
+$url = '../';
+header( 'Request-URI: '.$url );
+header( 'Content-Location: '.$url );
+header( 'Location: '.$url );
+exit();
+?>
\ No newline at end of file
diff --git a/admin/ldap_login_plugin_admin.php b/admin/ldap_login_plugin_admin.php
new file mode 100644
index 0000000..07c9104
--- /dev/null
+++ b/admin/ldap_login_plugin_admin.php
@@ -0,0 +1,22 @@
+<?php
+if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
+ 
+$me = get_plugin_data($plugin_id);
+ 
+if (isset($_POST['submit']))
+{
+  $me->config['host'] = $_POST['HOST'];
+  $me->config['basedn'] = $_POST['BASEDN'];
+  $me->config['pref'] = $_POST['PREF'];
+  $me->save_config();
+}
+ 
+global $template;
+$template->set_filenames( array('plugin_admin_content' => dirname(__FILE__).'/ldap_login_plugin_admin.tpl') );
+ 
+$template->assign('HOST', $me->config['host']);
+$template->assign('BASEDN', $me->config['basedn']);
+$template->assign('PREF', $me->config['pref']);
+ 
+$template->assign_var_from_handle( 'ADMIN_CONTENT', 'plugin_admin_content');
+?>
\ No newline at end of file
diff --git a/admin/ldap_login_plugin_admin.tpl b/admin/ldap_login_plugin_admin.tpl
new file mode 100644
index 0000000..4ece27e
--- /dev/null
+++ b/admin/ldap_login_plugin_admin.tpl
@@ -0,0 +1,24 @@
+<div class="titrePage">
+  <h2>Ldap_Login PlugIn</h2>
+</div>
+
+<p>Configuration du plugin Ldap_Login</p>
+
+<form method="post" action="{$TESTPLUGIN_F_ACTION}" class="general">
+<fieldset>
+	<legend>Ldap_Login PlugIn</legend>
+    <label>Hote du serveur Ldap
+	   <input type="text" name="HOST" value="{$HOST}" />
+    </label>
+    <br />
+    <label>Arbre ldap à explorer : basedn = ",ou=utilisateurs,dc=22decembre,dc=eu". L'arbre doit commencer par une virgule !
+	   <input type="text" name="BASEDN" value="{$BASEDN}" />
+    </label>
+    <br />
+        <label>prefixe à utiliser. Les plus communs sont "uid=".
+	   <input type="text" name="PREF" value="{$PREF}" />
+    </label>
+</fieldset>
+ 
+<p><input type="submit" value="Enregistrer" name="submit" /></p>
+</form>
\ No newline at end of file
diff --git a/admin/newusers.php b/admin/newusers.php
new file mode 100644
index 0000000..e54aceb
--- /dev/null
+++ b/admin/newusers.php
@@ -0,0 +1,52 @@
+<?php
+if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
+
+global $template;
+$template->set_filenames( array('plugin_admin_content' => dirname(__FILE__).'/newusers.tpl') );
+$template->assign(
+  array(
+    'PLUGIN_NEWUSERS' => get_root_url().'admin.php?page=plugin-Ldap_Login-newusers',
+    ));
+
+$me = new Ldap();
+$me->load_config();
+//$me = get_plugin_data($plugin_id);
+
+$template->assign('ALLOW_NEWUSERS',	$me->config['allow_newusers']);
+$template->assign('ADVERTISE_ADMINS',	$me->config['advertise_admin_new_ldapuser']);
+$template->assign('SEND_CASUAL_MAIL',	$me->config['send_password_by_mail_ldap']);
+
+if (isset($_POST['save'])){
+
+	if (isset($_POST['ALLOW_NEWUSERS'])){
+		$me->config['allow_newusers'] = True;
+	} else {
+		$me->config['allow_newusers'] = False;
+	}
+	
+	if (isset($_POST['ADVERTISE_ADMINS'])){
+		$me->config['advertise_admin_new_ldapuser'] = True;
+	} else {
+		$me->config['advertise_admin_new_ldapuser'] = False;
+	}
+	
+	if (isset($_POST['SEND_CASUAL_MAIL'])){
+		$me->config['send_password_by_mail_ldap'] = True;
+	} else {
+		$me->config['send_password_by_mail_ldap'] = False;
+	}
+}
+
+// Save LDAP configuration
+if (isset($_POST['save'])){
+	$me->save_config();
+}
+
+// do we allow to create new piwigo users in case of auth along the ldap ?
+// does he have to belong an ldap group ?
+// does ldap groups give some power ?
+// what do we do when there's no mail in the ldap ?
+// do we send mail to admins ?
+
+$template->assign_var_from_handle( 'ADMIN_CONTENT', 'plugin_admin_content');
+?>
\ No newline at end of file
diff --git a/admin/newusers.tpl b/admin/newusers.tpl
new file mode 100644
index 0000000..ec9d9a6
--- /dev/null
+++ b/admin/newusers.tpl
@@ -0,0 +1,54 @@
+{literal}
+<style>
+label
+{
+    display: block;
+    width: 250px;
+    float: left;
+}
+</style>
+{/literal}
+
+<div class="titrePage">
+	<h2>{'Ldap_Login Plugin'|@translate}</h2>
+</div>
+
+<i>{"If the LDAP doesn't furnish the mail address, users can set it up in the profile page."|@translate}</i>
+<form method="post" action="{$PLUGIN_NEWUSERS}" class="general">
+
+<fieldset>
+	<legend>{'Ldap_Login configuration'|@translate}</legend>
+	
+    <p>
+	{if $ALLOW_NEWUSERS}
+		<input type="checkbox" id="allow_newusers" name="ALLOW_NEWUSERS" value="{$ALLOW_NEWUSERS}" checked />
+	{else}
+		<input type="checkbox" id="allow_newusers" name="ALLOW_NEWUSERS" value="{$ALLOW_NEWUSERS}" />
+	{/if}
+	{'Do you allow new piwigo users to be created when users authenticate succesfully on the ldap ?'|@translate}
+    </p>
+
+    <p>
+	{if $ADVERTISE_ADMINS}
+		<input type="checkbox" id="advertise_admin_new_ldapuser" name="ADVERTISE_ADMINS" value="{$ADVERTISE_ADMINS}" checked />
+	{else}
+		<input type="checkbox" id="advertise_admin_new_ldapuser" name="ADVERTISE_ADMINS" value="{$ADVERTISE_ADMINS}" />
+	{/if}
+	{'Do you want admins to be advertised by mail in case of new users creation upon ldap login ?'|@translate}
+    </p>
+    
+    <p>
+	{if $SEND_CASUAL_MAIL}
+		<input type="checkbox" id="send_password_by_mail_ldap" name="SEND_CASUAL_MAIL" value="{$SEND_CASUAL_MAIL}" checked />
+	{else}
+		<input type="checkbox" id="send_password_by_mail_ldap" name="SEND_CASUAL_MAIL" value="{$SEND_CASUAL_MAIL}" />
+	{/if}
+	{'Do you want to send mail to the new users, like casual piwigo users receive ?'|@translate}
+    </p>
+    
+</fieldset>
+ 
+<p>
+<input type="submit" value="{'Save'|@translate}" name="save" />
+</p>
+</form>
\ No newline at end of file
--
libgit2 0.22.2