Overview

Packages

  • Auth
    • Ads
    • Ldap
    • Xoops
  • Autotasks
  • Config
    • Category
    • Item
    • Option
  • Core
    • Filesystem
    • Filters
    • Logger
    • Mail
    • Message
    • Password
    • Security
    • StopSpammer
    • Template
    • Textsanitizer
    • VersionChecker
  • Data
    • Avatar
    • Comment
  • Database
    • Connection
    • Criteria
    • Legacy
    • MySQL
    • PDO
    • Updater
  • Feeds
    • RSS
  • File
  • Form
    • Base
    • Elements
  • ICMS
    • IPF
      • View
  • Image
    • Category
  • Ipf
    • Category
    • Controller
    • Export
    • form
    • Keyhighlighter
    • Member
    • Object
    • Permission
    • richfile
    • Tree
    • urllink
    • View
  • kernel
    • Set
  • Member
    • Group
    • GroupMembership
    • GroupPermission
    • User
  • Messaging
  • Module
  • None
  • Notification
  • Page
  • Plugins
    • Editor
  • Preload
    • Libraries
  • Privmessage
  • Session
  • SmartObject
  • View
    • Block
    • Breadcrumb
    • PageNav
    • PrinterFriendly
    • Template
    • Templates
    • Theme
    • Tree

Classes

  • icms_auth_Ads
  • icms_auth_Factory
  • icms_auth_Ldap
  • icms_auth_Object
  • icms_auth_Provisionning
  • icms_auth_Xoops
  • icms_Autoloader
  • icms_config_category_Handler
  • icms_config_category_Object
  • icms_config_Handler
  • icms_config_Item_Handler
  • icms_config_Item_Object
  • icms_config_option_Handler
  • icms_config_option_Object
  • icms_core_DataFilter
  • icms_core_Debug
  • icms_core_Filesystem
  • icms_core_HTMLFilter
  • icms_core_Logger
  • icms_core_Message
  • icms_core_Object
  • icms_core_ObjectHandler
  • icms_core_OnlineHandler
  • icms_core_Password
  • icms_core_Security
  • icms_core_Session
  • icms_core_StopSpammer
  • icms_core_Textsanitizer
  • icms_core_Versionchecker
  • icms_data_avatar_Handler
  • icms_data_avatar_Object
  • icms_data_comment_Handler
  • icms_data_comment_Object
  • icms_data_comment_Renderer
  • icms_data_file_Handler
  • icms_data_file_Object
  • icms_data_notification_Handler
  • icms_data_notification_Object
  • icms_data_page_Handler
  • icms_data_page_Object
  • icms_data_privmessage_Handler
  • icms_data_privmessage_Object
  • icms_data_urllink_Handler
  • icms_data_urllink_Object
  • icms_db_Connection
  • icms_db_criteria_Compo
  • icms_db_criteria_Element
  • icms_db_criteria_Item
  • icms_db_Factory
  • icms_db_legacy_Database
  • icms_db_legacy_Factory
  • icms_db_legacy_mysql_Database
  • icms_db_legacy_mysql_Proxy
  • icms_db_legacy_mysql_Safe
  • icms_db_legacy_mysql_Utility
  • icms_db_legacy_PdoDatabase
  • icms_db_legacy_updater_Handler
  • icms_db_legacy_updater_Table
  • icms_db_mysql_Connection
  • icms_db_mysql_Utility
  • icms_Event
  • icms_feeds_Rss
  • icms_feeds_Simplerss
  • icms_file_DownloadHandler
  • icms_file_MediaUploadHandler
  • icms_file_TarDownloader
  • icms_file_TarFileHandler
  • icms_file_ZipDownloader
  • icms_file_ZipFileHandler
  • icms_form_Base
  • icms_form_Element
  • icms_form_elements_Button
  • icms_form_elements_Captcha
  • icms_form_elements_captcha_Image
  • icms_form_elements_captcha_ImageHandler
  • icms_form_elements_captcha_Object
  • icms_form_elements_captcha_Text
  • icms_form_elements_Checkbox
  • icms_form_elements_Colorpicker
  • icms_form_elements_Date
  • icms_form_elements_Datetime
  • icms_form_elements_Dhtmltextarea
  • icms_form_elements_Editor
  • icms_form_elements_File
  • icms_form_elements_Groupperm
  • icms_form_elements_Hidden
  • icms_form_elements_Hiddentoken
  • icms_form_elements_Label
  • icms_form_elements_Password
  • icms_form_elements_Radio
  • icms_form_elements_Radioyn
  • icms_form_elements_Select
  • icms_form_elements_select_Country
  • icms_form_elements_select_Editor
  • icms_form_elements_select_Group
  • icms_form_elements_select_Image
  • icms_form_elements_select_Lang
  • icms_form_elements_select_Matchoption
  • icms_form_elements_select_Theme
  • icms_form_elements_select_Timezone
  • icms_form_elements_select_User
  • icms_form_elements_Text
  • icms_form_elements_Textarea
  • icms_form_elements_Tray
  • icms_form_Groupperm
  • icms_form_Simple
  • icms_form_Table
  • icms_form_Theme
  • icms_image_category_Handler
  • icms_image_category_Object
  • icms_image_Handler
  • icms_image_Object
  • icms_image_set_Handler
  • icms_image_set_Object
  • icms_ipf_About
  • icms_ipf_category_Handler
  • icms_ipf_category_Object
  • icms_ipf_Controller
  • icms_ipf_export_Handler
  • icms_ipf_export_Renderer
  • icms_ipf_form_Base
  • icms_ipf_form_elements_Autocomplete
  • icms_ipf_form_elements_Blockoptions
  • icms_ipf_form_elements_Checkbox
  • icms_ipf_form_elements_Date
  • icms_ipf_form_elements_Datetime
  • icms_ipf_form_elements_File
  • icms_ipf_form_elements_Fileupload
  • icms_ipf_form_elements_Image
  • icms_ipf_form_elements_Imageupload
  • icms_ipf_form_elements_Language
  • icms_ipf_form_elements_Page
  • icms_ipf_form_elements_Parentcategory
  • icms_ipf_form_elements_Passwordtray
  • icms_ipf_form_elements_Radio
  • icms_ipf_form_elements_Richfile
  • icms_ipf_form_elements_Section
  • icms_ipf_form_elements_Select
  • icms_ipf_form_elements_Selectmulti
  • icms_ipf_form_elements_Signature
  • icms_ipf_form_elements_Source
  • icms_ipf_form_elements_Text
  • icms_ipf_form_elements_Time
  • icms_ipf_form_elements_Upload
  • icms_ipf_form_elements_Urllink
  • icms_ipf_form_elements_User
  • icms_ipf_form_elements_Yesno
  • icms_ipf_form_Secure
  • icms_ipf_Handler
  • icms_ipf_Highlighter
  • icms_ipf_member_Handler
  • icms_ipf_Metagen
  • icms_ipf_Object
  • icms_ipf_permission_Handler
  • icms_ipf_registry_Handler
  • icms_ipf_seo_Object
  • icms_ipf_Tree
  • icms_ipf_view_Column
  • icms_ipf_view_Row
  • icms_ipf_view_Single
  • icms_ipf_view_Table
  • icms_ipf_view_Tree
  • icms_member_group_Handler
  • icms_member_group_membership_Handler
  • icms_member_group_membership_Object
  • icms_member_group_Object
  • icms_member_groupperm_Handler
  • icms_member_groupperm_Object
  • icms_member_Handler
  • icms_member_user_Handler
  • icms_member_user_Object
  • icms_messaging_EmailHandler
  • icms_messaging_Handler
  • icms_module_Handler
  • icms_module_Object
  • icms_plugins_EditorHandler
  • icms_plugins_Handler
  • icms_plugins_Object
  • icms_preload_Handler
  • icms_preload_Item
  • icms_preload_LibrariesHandler
  • icms_sys_autotasks_System
  • icms_Utils
  • icms_view_block_Handler
  • icms_view_block_Object
  • icms_view_block_position_Handler
  • icms_view_block_position_Object
  • icms_view_Breadcrumb
  • icms_view_PageBuilder
  • icms_view_PageNav
  • icms_view_Printerfriendly
  • icms_view_template_file_Handler
  • icms_view_template_file_Object
  • icms_view_template_set_Handler
  • icms_view_template_set_Object
  • icms_view_theme_Factory
  • icms_view_theme_Object
  • icms_view_Tpl
  • icms_view_Tree

Interfaces

  • icms_db_IConnection
  • icms_db_IUtility
  • icms_db_legacy_IDatabase
  • icms_sys_autotasks_ISystem
  • Overview
  • Package
  • Class
  1:   2:   3:   4:   5:   6:   7:   8:   9:  10:  11:  12:  13:  14:  15:  16:  17:  18:  19:  20:  21:  22:  23:  24:  25:  26:  27:  28:  29:  30:  31:  32:  33:  34:  35:  36:  37:  38:  39:  40:  41:  42:  43:  44:  45:  46:  47:  48:  49:  50:  51:  52:  53:  54:  55:  56:  57:  58:  59:  60:  61:  62:  63:  64:  65:  66:  67:  68:  69:  70:  71:  72:  73:  74:  75:  76:  77:  78:  79:  80:  81:  82:  83:  84:  85:  86:  87:  88:  89:  90:  91:  92:  93:  94:  95:  96:  97:  98:  99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120: 121: 122: 123: 124: 125: 126: 127: 128: 129: 130: 131: 132: 133: 134: 135: 136: 137: 138: 139: 140: 141: 142: 143: 144: 145: 146: 147: 148: 149: 150: 151: 152: 153: 154: 155: 156: 157: 158: 159: 160: 161: 162: 163: 164: 165: 166: 167: 168: 169: 170: 171: 172: 173: 174: 175: 176: 177: 178: 179: 180: 181: 182: 183: 184: 185: 186: 187: 188: 189: 190: 191: 192: 193: 194: 195: 196: 197: 198: 199: 200: 201: 202: 203: 204: 205: 206: 207: 208: 209: 210: 211: 212: 213: 214: 215: 216: 217: 218: 219: 220: 221: 222: 223: 
<?php
//  ------------------------------------------------------------------------ //
//                XOOPS - PHP Content Management System                      //
//                    Copyright (c) 2000 XOOPS.org                           //
//                       <http://www.xoops.org/>                             //
//  ------------------------------------------------------------------------ //
//  This program is free software; you can redistribute it and/or modify     //
//  it under the terms of the GNU General Public License as published by     //
//  the Free Software Foundation; either version 2 of the License, or        //
//  (at your option) any later version.                                      //
//                                                                           //
//  You may not change or alter any portion of this comment or credits       //
//  of supporting developers from this source code or any supporting         //
//  source code which is considered copyrighted (c) material of the          //
//  original comment or credit authors.                                      //
//                                                                           //
//  This program is distributed in the hope that it will be useful,          //
//  but WITHOUT ANY WARRANTY; without even the implied warranty of           //
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            //
//  GNU General Public License for more details.                             //
//                                                                           //
//  You should have received a copy of the GNU General Public License        //
//  along with this program; if not, write to the Free Software              //
//  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA //
//  ------------------------------------------------------------------------ //
 
/**
 * Authorization classes, LDAP class file
 *
 * @copyright   http://www.impresscms.org/ The ImpressCMS Project
 * @license     LICENSE.txt
 * @category    ICMS
 * @package     Auth
 * @subpackage  Ldap
 * @version     SVN: $Id: Ldap.php 12313 2013-09-15 21:14:35Z skenow $
 */
 
/**
 * Authentification class for standard LDAP Server V2 or V3
 *
 * @copyright   http://www.xoops.org/ The XOOPS Project
 * @copyright   http://www.impresscms.org/ The ImpressCMS Project
 * @license     LICENSE.txt
 * @author      http://www.xoops.org The XOOPS Project
 * @since       XOOPS
 * @category    ICMS
 * @package     Auth
 * @subpackage  Ldap
 * @author      Pierre-Eric MENUET  <pemphp@free.fr>
 */
class icms_auth_Ldap extends icms_auth_Object {

    public $cp1252_map = array(
        "\xc2\x80" => "\xe2\x82\xac", /* EURO SIGN */
        "\xc2\x82" => "\xe2\x80\x9a", /* SINGLE LOW-9 QUOTATION MARK */
        "\xc2\x83" => "\xc6\x92",     /* LATIN SMALL LETTER F WITH HOOK */
        "\xc2\x84" => "\xe2\x80\x9e", /* DOUBLE LOW-9 QUOTATION MARK */
        "\xc2\x85" => "\xe2\x80\xa6", /* HORIZONTAL ELLIPSIS */
        "\xc2\x86" => "\xe2\x80\xa0", /* DAGGER */
        "\xc2\x87" => "\xe2\x80\xa1", /* DOUBLE DAGGER */
        "\xc2\x88" => "\xcb\x86",     /* MODIFIER LETTER CIRCUMFLEX ACCENT */
        "\xc2\x89" => "\xe2\x80\xb0", /* PER MILLE SIGN */
        "\xc2\x8a" => "\xc5\xa0",     /* LATIN CAPITAL LETTER S WITH CARON */
        "\xc2\x8b" => "\xe2\x80\xb9", /* SINGLE LEFT-POINTING ANGLE QUOTATION */
        "\xc2\x8c" => "\xc5\x92",     /* LATIN CAPITAL LIGATURE OE */
        "\xc2\x8e" => "\xc5\xbd",     /* LATIN CAPITAL LETTER Z WITH CARON */
        "\xc2\x91" => "\xe2\x80\x98", /* LEFT SINGLE QUOTATION MARK */
        "\xc2\x92" => "\xe2\x80\x99", /* RIGHT SINGLE QUOTATION MARK */
        "\xc2\x93" => "\xe2\x80\x9c", /* LEFT DOUBLE QUOTATION MARK */
        "\xc2\x94" => "\xe2\x80\x9d", /* RIGHT DOUBLE QUOTATION MARK */
        "\xc2\x95" => "\xe2\x80\xa2", /* BULLET */
        "\xc2\x96" => "\xe2\x80\x93", /* EN DASH */
        "\xc2\x97" => "\xe2\x80\x94", /* EM DASH */
        "\xc2\x98" => "\xcb\x9c",     /* SMALL TILDE */
        "\xc2\x99" => "\xe2\x84\xa2", /* TRADE MARK SIGN */
        "\xc2\x9a" => "\xc5\xa1",     /* LATIN SMALL LETTER S WITH CARON */
        "\xc2\x9b" => "\xe2\x80\xba", /* SINGLE RIGHT-POINTING ANGLE QUOTATION*/
        "\xc2\x9c" => "\xc5\x93",     /* LATIN SMALL LIGATURE OE */
        "\xc2\x9e" => "\xc5\xbe",     /* LATIN SMALL LETTER Z WITH CARON */
        "\xc2\x9f" => "\xc5\xb8"      /* LATIN CAPITAL LETTER Y WITH DIAERESIS*/
    );

    public $ldap_server;
    public $ldap_port = '389';
    public $ldap_version = '3';
    public $ldap_base_dn;
    public $ldap_loginname_asdn;
    public $ldap_loginldap_attr;
    public $ldap_mail_attr;
    public $ldap_name_attr;
    public $ldap_surname_attr;
    public $ldap_givenname_attr;
    public $ldap_manager_dn;
    public $ldap_manager_pass;
    public $_ds;

    /**
     * Authentication Service constructor
     */
    public function __construct(&$dao) {
        $this->_dao = $dao;
        //The config handler object allows us to look at the configuration options that are stored in the database
        global $icmsConfigAuth;
        $confcount = count($icmsConfigAuth);
        foreach ($icmsConfigAuth as $key => $val) {$this->$key = $val;}
    }

    public function cp1252_to_utf8($str) {
        return strtr(utf8_encode($str), $this->cp1252_map);
    }

    /**
     *  Authenticate  user against LDAP directory (Bind)
     *  2 options :
     *      Authenticate directly with uname in the DN
     *      Authenticate with manager, search the dn
     * @param string $uname Username
     * @param string $pwd Password
     * @return bool
     */
    public function authenticate($uname, $pwd = null) {
        $authenticated = false;
        if (!extension_loaded('ldap')) {
            $this->setErrors(0, _AUTH_LDAP_EXTENSION_NOT_LOAD);
            return $authenticated;
        }
        $this->_ds = ldap_connect($this->ldap_server, $this->ldap_port);
        if ($this->_ds) {
            ldap_set_option($this->_ds, LDAP_OPT_PROTOCOL_VERSION, $this->ldap_version);
            if ($this->ldap_use_TLS) {
                // We use TLS secure connection
                if (!ldap_start_tls($this->_ds)) {
                    $this->setErrors(0, _AUTH_LDAP_START_TLS_FAILED);
                }
            }
            // If the uid is not in the DN we proceed to a search
            // The uid is not always in the dn
            $userDN = $this->getUserDN($uname);
            if (!$userDN) return false;
            // We bind as user to test the credentials
            $authenticated = ldap_bind($this->_ds, $userDN, stripslashes($pwd));
            if ($authenticated) {
                icms::$session->securityLevel = 3;
                icms::$session->check_ip_blocks = 2;
                icms::$session->salt_key = XOOPS_DB_SALT;
                icms::$session->enableRegenerateId = true;
                icms::$session->sessionOpen();
                // We load the User database
                return $this->loadicms_member_user_Object($userDN, $uname, $pwd);
            } else {
                icms::$session->destroy(session_id());
                $this->setErrors(ldap_errno($this->_ds), ldap_err2str(ldap_errno($this->_ds)) . '(' . $userDN . ')');
            }
        } else {
            $this->setErrors(0, _AUTH_LDAP_SERVER_NOT_FOUND);
        }
        @ldap_close($this->_ds);
        return $authenticated;
    }

    /**
     * Compose the user DN with the configuration.
     * @param string $uname UserName
     * @return userDN or false
     */
    public function getUserDN($uname) {
        $userDN = false;
        if (!$this->ldap_loginname_asdn) {
            // Bind with the manager
            if (!ldap_bind($this->_ds, $this->ldap_manager_dn, stripslashes($this->ldap_manager_pass))) {
                $this->setErrors(ldap_errno($this->_ds), ldap_err2str(ldap_errno($this->_ds)) . '(' . $this->ldap_manager_dn . ')');
                return false;
            }
            $filter = $this->getFilter($uname);
            $sr = ldap_search($this->_ds, $this->ldap_base_dn, $filter);
            $info = ldap_get_entries($this->_ds, $sr);
            if ($info['count'] > 0) {
                $userDN = $info[0]['dn'];
            } else {
                $this->setErrors(0, sprintf(_AUTH_LDAP_USER_NOT_FOUND, $uname, $filter, $this->ldap_base_dn));
            }
        } else {
            $userDN = $this->ldap_loginldap_attr . '=' . $uname . ',' . $this->ldap_base_dn;
        }
        return $userDN;
    }

    /**
     * Load user from ImpressCMS Database
     * @param string $uname UserName
     * @return object {@link icms_member_user_Object} icms_member_user_Object object
     */
    public function getFilter($uname) {
        $filter = '';
        if ($this->ldap_filter_person != '') {
            $filter = str_replace('@@loginname@@', $uname, $this->ldap_filter_person);
        } else {
            $filter = $this->ldap_loginldap_attr . '=' . $uname;
        }
        return $filter;
    }

    /**
     * Loads user
     * @param string $userdn
     * @param string $uname Username
     * @param string $pwd Password
     * @return object {@link icms_member_user_Object} icms_member_user_Object object
     **/
    public function loadicms_member_user_Object($userdn, $uname, $pwd = null) {
        $provisHandler = icms_auth_Provisionning::getInstance($this);
        $sr = ldap_read($this->_ds, $userdn, '(objectclass=*)');
        $entries = ldap_get_entries($this->_ds, $sr);
        if ($entries['count'] > 0) {
            $icmsUser = $provisHandler->sync($entries[0], $uname, $pwd);
        } else {
            $this->setErrors(0, sprintf('loadicms_member_user_Object - ' . _AUTH_LDAP_CANT_READ_ENTRY, $userdn));
        }
        return $icmsUser;
    }
}

API documentation generated by ApiGen