mirror of
https://github.com/phpbb/phpbb.git
synced 2025-08-07 01:06:48 +02:00
- display age in user profile and make it available on viewtopic
- various tiny bugfixes including [Bug #2351] [Bug #2549] [Bug #2681] [Bug #3015] - strip first, then change newlines [Bug #2403] - added support for creating user profiles to the login function (makes use of user_add), triggered by LOGIN_SUCCESS_CREATE_PROFILE constant - moved newest user updating from ucp_register to user_add function - renamed the admin_ auth module function to acp_ - added initialisation code to auth_apache which checks whether it will work - added user_add support to both auth_ldap and auth_apache - some auth_ldap tweaks, should work with users deeper in the organisation structure too now - adjusted global topics in mcp_report to work like mcp_queue git-svn-id: file:///svn/phpbb/trunk@6151 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Nils Adermann
@@ -5,13 +5,6 @@
|
||||
*
|
||||
* Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him.
|
||||
*
|
||||
* This is for initial authentication via an LDAP server, user information is then
|
||||
* obtained from the integrated user table
|
||||
*
|
||||
* You can do any kind of checking you like here ... the return data format is
|
||||
* either the resulting row of user information, an integer zero (indicating an
|
||||
* inactive user) or some error string
|
||||
*
|
||||
* @package login
|
||||
* @version $Id$
|
||||
* @copyright (c) 2005 phpBB Group
|
||||
@@ -39,9 +32,17 @@ function init_ldap()
|
||||
}
|
||||
|
||||
@ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||
@ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
|
||||
|
||||
// ldap_connect only checks whether the specified server is valid, so the connection might still fail
|
||||
$search = @ldap_search($ldap, $config['ldap_base_dn'], $config['ldap_uid'] . '=' . $user->data['username'], array($config['ldap_uid']));
|
||||
$search = @ldap_search(
|
||||
$ldap,
|
||||
$config['ldap_base_dn'],
|
||||
'(' . $config['ldap_uid'] . '=' . $user->data['username'] . ')',
|
||||
(empty($config['ldap_email'])) ? array($config['ldap_uid']) : array($config['ldap_uid'], $config['ldap_email']),
|
||||
0,
|
||||
1
|
||||
);
|
||||
|
||||
if ($search === false)
|
||||
{
|
||||
@@ -52,6 +53,11 @@ function init_ldap()
|
||||
|
||||
@ldap_close($ldap);
|
||||
|
||||
if (!empty($config['ldap_email']) && !isset($result[0][$config['ldap_email']]))
|
||||
{
|
||||
return $user->lang['LDAP_NO_EMAIL'];
|
||||
}
|
||||
|
||||
if (is_array($result) && sizeof($result) > 1)
|
||||
{
|
||||
return false;
|
||||
@@ -65,7 +71,7 @@ function init_ldap()
|
||||
*/
|
||||
function login_ldap(&$username, &$password)
|
||||
{
|
||||
global $db, $config;
|
||||
global $db, $config, $user;
|
||||
|
||||
if (!@extension_loaded('ldap'))
|
||||
{
|
||||
@@ -86,13 +92,22 @@ function login_ldap(&$username, &$password)
|
||||
}
|
||||
|
||||
@ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||
@ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
|
||||
|
||||
$search = @ldap_search($ldap, $config['ldap_base_dn'], $config['ldap_uid'] . '=' . $username, array($config['ldap_uid']));
|
||||
$result = @ldap_get_entries($ldap, $search);
|
||||
$search = @ldap_search(
|
||||
$ldap,
|
||||
$config['ldap_base_dn'],
|
||||
'(' . $config['ldap_uid'] . '=' . $username . ')',
|
||||
(empty($config['ldap_email'])) ? array($config['ldap_uid']) : array($config['ldap_uid'], $config['ldap_email']),
|
||||
0,
|
||||
1
|
||||
);
|
||||
|
||||
if (is_array($result) && sizeof($result) > 1)
|
||||
$ldap_result = @ldap_get_entries($ldap, $search);
|
||||
|
||||
if (is_array($ldap_result) && sizeof($ldap_result) > 1)
|
||||
{
|
||||
if (@ldap_bind($ldap, $result[0]['dn'], $password))
|
||||
if (@ldap_bind($ldap, $ldap_result[0]['dn'], $password))
|
||||
{
|
||||
@ldap_close($ldap);
|
||||
|
||||
@@ -105,6 +120,8 @@ function login_ldap(&$username, &$password)
|
||||
|
||||
if ($row)
|
||||
{
|
||||
unset($ldap_result);
|
||||
|
||||
// User inactive...
|
||||
if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE)
|
||||
{
|
||||
@@ -122,9 +139,45 @@ function login_ldap(&$username, &$password)
|
||||
'user_row' => $row,
|
||||
);
|
||||
}
|
||||
else
|
||||
{
|
||||
// retrieve default group id
|
||||
$sql = 'SELECT group_id
|
||||
FROM ' . GROUPS_TABLE . "
|
||||
WHERE group_name = '" . $db->sql_escape('REGISTERED') . "'
|
||||
AND group_type = " . GROUP_SPECIAL;
|
||||
$result = $db->sql_query($sql);
|
||||
$row = $db->sql_fetchrow($result);
|
||||
$db->sql_freeresult($result);
|
||||
|
||||
if (!$row)
|
||||
{
|
||||
trigger_error('NO_GROUP');
|
||||
}
|
||||
|
||||
// generate user account data
|
||||
$ldap_user_row = array(
|
||||
'username' => $username,
|
||||
'user_password' => $password,
|
||||
'user_email' => (!empty($config['ldap_email'])) ? $ldap_result[0][$config['ldap_email']][0] : '',
|
||||
'group_id' => (int) $row['group_id'],
|
||||
'user_type' => USER_NORMAL,
|
||||
'user_ip' => $user->ip,
|
||||
);
|
||||
|
||||
unset($ldap_result);
|
||||
|
||||
// this is the user's first login so create an empty profile
|
||||
return array(
|
||||
'status' => LOGIN_SUCCESS_CREATE_PROFILE,
|
||||
'error_msg' => false,
|
||||
'user_row' => $ldap_user_row,
|
||||
);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
unset($ldap_result);
|
||||
@ldap_close($ldap);
|
||||
|
||||
// Give status about wrong password...
|
||||
@@ -149,14 +202,10 @@ function login_ldap(&$username, &$password)
|
||||
* This function is used to output any required fields in the authentication
|
||||
* admin panel. It also defines any required configuration table fields.
|
||||
*/
|
||||
function admin_ldap(&$new)
|
||||
function acp_ldap(&$new)
|
||||
{
|
||||
global $user;
|
||||
|
||||
/**
|
||||
* @todo Using same approach as with cfg_build_template?
|
||||
*/
|
||||
|
||||
$tpl = '
|
||||
|
||||
<dl>
|
||||
@@ -171,27 +220,17 @@ function admin_ldap(&$new)
|
||||
<dt><label for="ldap_uid">' . $user->lang['LDAP_UID'] . ':</label><br /><span>' . $user->lang['LDAP_UID_EXPLAIN'] . '</span></dt>
|
||||
<dd><input type="text" id="ldap_uid" size="40" name="config[ldap_uid]" value="' . $new['ldap_uid'] . '" /></dd>
|
||||
</dl>
|
||||
<dl>
|
||||
<dt><label for="ldap_uid">' . $user->lang['LDAP_EMAIL'] . ':</label><br /><span>' . $user->lang['LDAP_EMAIL_EXPLAIN'] . '</span></dt>
|
||||
<dd><input type="text" id="ldap_uid" size="40" name="config[ldap_email]" value="' . $new['ldap_email'] . '" /></dd>
|
||||
</dl>
|
||||
';
|
||||
|
||||
// These are fields required in the config table
|
||||
return array(
|
||||
'tpl' => $tpl,
|
||||
'config' => array('ldap_server', 'ldap_base_dn', 'ldap_uid')
|
||||
'config' => array('ldap_server', 'ldap_base_dn', 'ldap_uid', 'ldap_email')
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Would be nice to allow syncing of 'appropriate' data when user updates
|
||||
* their username, password, etc. ... should be up to the plugin what data
|
||||
* is updated.
|
||||
*
|
||||
* @todo implement this functionality (probably 3.2)
|
||||
*
|
||||
* @param new|update|delete $mode defining the action to take on user updates
|
||||
*/
|
||||
function usercp_ldap($mode)
|
||||
{
|
||||
global $db, $config;
|
||||
}
|
||||
|
||||
?>
|
||||
Reference in New Issue
Block a user