|
@@ -2,22 +2,12 @@
|
|
|
|
|
|
|
|
namespace UserModel;
|
|
namespace UserModel;
|
|
|
|
|
|
|
|
-function get_user_infos($id) {
|
|
|
|
|
- $ini = parse_ini_file('../includes/config.ini');
|
|
|
|
|
- try {
|
|
|
|
|
- $ldapconn = ldap_connect($ini['hostname'], $ini['port']);
|
|
|
|
|
- ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
|
|
|
|
|
- ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
|
|
|
|
|
- } catch (Exception $e) {
|
|
|
|
|
- die ('ERROR: ' . $e->getMessage());
|
|
|
|
|
- }
|
|
|
|
|
|
|
+require_once 'ldap_utils.php';
|
|
|
|
|
|
|
|
- if (!$ldapconn) {
|
|
|
|
|
- return false;
|
|
|
|
|
- }
|
|
|
|
|
-
|
|
|
|
|
- $ldapbind = @ldap_bind($ldapconn, $ini["binddn"], $ini["bindpw"]);
|
|
|
|
|
- if (!$ldapbind) {
|
|
|
|
|
|
|
+function get_user_infos($id) {
|
|
|
|
|
+ global $ini;
|
|
|
|
|
+ $is_binded = bind_as_operator();
|
|
|
|
|
+ if (!$is_binded[0]) {
|
|
|
return false;
|
|
return false;
|
|
|
}
|
|
}
|
|
|
|
|
|
|
@@ -25,8 +15,8 @@ function get_user_infos($id) {
|
|
|
$filter = "(&(uid=" . $id . ")(objectClass=ldapPublicKey))";
|
|
$filter = "(&(uid=" . $id . ")(objectClass=ldapPublicKey))";
|
|
|
$attributes = array("ldapPublicKey");
|
|
$attributes = array("ldapPublicKey");
|
|
|
|
|
|
|
|
- $res = ldap_search($ldapconn, $ini["basedn"], $filter, $attributes);
|
|
|
|
|
- $info = ldap_get_entries($ldapconn, $res);
|
|
|
|
|
|
|
+ $res = ldap_search($is_binded[1], $ini["basedn"], $filter, $attributes);
|
|
|
|
|
+ $info = ldap_get_entries($is_binded[1], $res);
|
|
|
|
|
|
|
|
if ($info["count"] > 0) {
|
|
if ($info["count"] > 0) {
|
|
|
$is_ssh = true;
|
|
$is_ssh = true;
|
|
@@ -37,46 +27,26 @@ function get_user_infos($id) {
|
|
|
return array("IS_SSH" => $is_ssh);
|
|
return array("IS_SSH" => $is_ssh);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
-function auth($id, $passwd) {
|
|
|
|
|
- $ini = parse_ini_file('../includes/config.ini');
|
|
|
|
|
- try {
|
|
|
|
|
- $ldapconn = ldap_connect($ini['hostname'], $ini['port']);
|
|
|
|
|
- ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
|
|
|
|
|
- ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
|
|
|
|
|
- } catch (Exception $e) {
|
|
|
|
|
- die ('ERROR: ' . $e->getMessage());
|
|
|
|
|
- }
|
|
|
|
|
-
|
|
|
|
|
- if ($ldapconn) {
|
|
|
|
|
-
|
|
|
|
|
- $ldapbind = @ldap_bind($ldapconn, "uid=" . ldap_escape($id) . ',' . $ini["basedn"], $passwd);
|
|
|
|
|
|
|
+function auth($id, $passwd) {
|
|
|
|
|
+ $is_authed = bind_as_user(ldap_escape($id), $passwd);
|
|
|
|
|
|
|
|
- $user_infos = get_user_infos($id);
|
|
|
|
|
- if (!$user_infos) {
|
|
|
|
|
- return array(false, "A problem occured getting your account informations, contact admins");
|
|
|
|
|
- }
|
|
|
|
|
- if (!$ldapbind) {
|
|
|
|
|
- return array(false, "Wrong username or password");
|
|
|
|
|
- }
|
|
|
|
|
|
|
+ $user_infos = get_user_infos($id);
|
|
|
|
|
+ if (!$user_infos) {
|
|
|
|
|
+ return array(false, "A problem occured getting your account informations, contact admins");
|
|
|
|
|
+ }
|
|
|
|
|
+ if (!$is_authed[0]) {
|
|
|
|
|
+ return array(false, "Wrong username or password");
|
|
|
|
|
+ }
|
|
|
|
|
|
|
|
- return array(true, $user_infos);
|
|
|
|
|
- }
|
|
|
|
|
|
|
+ return array(true, $user_infos);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
function change_password($current_password, $new_passwd) {
|
|
function change_password($current_password, $new_passwd) {
|
|
|
- $ini = parse_ini_file('../includes/config.ini');
|
|
|
|
|
- try {
|
|
|
|
|
- $ldapconn = ldap_connect($ini['hostname'], $ini['port']);
|
|
|
|
|
- ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
|
|
|
|
|
- ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
|
|
|
|
|
- } catch (Exception $e) {
|
|
|
|
|
- die ('ERROR: ' . $e->getMessage());
|
|
|
|
|
- }
|
|
|
|
|
-
|
|
|
|
|
- $dn = "uid=" . ldap_escape($_SESSION['user']) . ',' . $ini["basedn"];
|
|
|
|
|
- $ldap_bind = @ldap_bind($ldapconn, $dn, $current_password);
|
|
|
|
|
|
|
+ global $ini;
|
|
|
|
|
+ $ldap_bind = bind_as_user(ldap_escape($_SESSION['user']), $current_password);
|
|
|
|
|
+ $dn = "uid=" . ldap_escape($_SESSION['user']) . ',' . $ini["basedn"];
|
|
|
|
|
|
|
|
- if (!$ldap_bind) {
|
|
|
|
|
|
|
+ if (!$ldap_bind[0]) {
|
|
|
return array(false, "Wrong current password");
|
|
return array(false, "Wrong current password");
|
|
|
}
|
|
}
|
|
|
|
|
|
|
@@ -84,7 +54,7 @@ function change_password($current_password, $new_passwd) {
|
|
|
$hash = "{SSHA512}" . base64_encode(pack("H*", hash('sha512', $new_passwd . $salt)) .$salt);
|
|
$hash = "{SSHA512}" . base64_encode(pack("H*", hash('sha512', $new_passwd . $salt)) .$salt);
|
|
|
$entry["userPassword"] = $hash;
|
|
$entry["userPassword"] = $hash;
|
|
|
|
|
|
|
|
- if (! ldap_mod_replace($ldapconn, $dn, $entry)) {
|
|
|
|
|
|
|
+ if (! ldap_mod_replace($ldap_bind[1], $dn, $entry)) {
|
|
|
return array(false, "A problem occured, contact admins");
|
|
return array(false, "A problem occured, contact admins");
|
|
|
}
|
|
}
|
|
|
|
|
|
