get_error() will return: * 'connfailed' : A connection to the authentication server could not be established * 'invalid' : The login details were invalid * * * @copyright 2007 Loughborough University * @license http://www.gnu.org/licenses/gpl.txt * @version 1.0.0.0 * */ require_once(DOC__ROOT.'includes/functions/lib_string_functions.php'); class LDAPAuthenticator extends Authenticator { /* =============================================================================== PUBLIC =============================================================================== */ /* Authenticate the user against the LDAP directory */ function authenticate() { global $LDAP_INFO_PARAMETERS; $this->_authenticated = FALSE; $this->_error = NULL; //set the debug level ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, LDAP__DEBUG_LEVEL); //using the ldap function connect with the specified server $ldapconn = ldap_connect(LDAP__HOST, LDAP__PORT); //check the connection if (!$ldapconn) { $this->_error = 'connfailed'; return FALSE; } //Set this option to cope with Windows Server 2003 Active directories ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0); //Set the version of LDAP that we will be using ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3); //construct login name $user = $this->username . LDAP__USERNAME_EXT; //bind with the username and password $bind = ldap_bind($ldapconn, $user, $this->password); //check the bind has worked if (!$bind) { // drop the ldap connection ldap_close($ldapconn); $this->_error = 'connfailed'; return FALSE; } $filter = str_replace('{username}', $this->username, LDAP__FILTER); $info_req = array_values($LDAP_INFO_PARAMETERS); $result = ldap_search($ldapconn, LDAP__BASE, $filter, $info_req); //check the bind has worked if (!$result) { //drop the ldap connection ldap_close($ldapconn); $this->_error = 'invalid'; return FALSE; } $info = ldap_get_entries($ldapconn,$result); ldap_close($ldapconn); //check the fetch has worked if (!$info) { $this->_error = 'invalid'; return FALSE; } $i = 0; while ($i < count($info)) { $found = TRUE; for ($j = 0; $j < count($info_req); $j++) { $found = $found && isset($info[$i][$info_req[$j]]); } if ($found) { break; } $i++; } if ($i >= count($info)) { $this->_error = 'invalid'; return FALSE; } $els = array(); foreach ($LDAP_INFO_PARAMETERS as $key => $value) { $els[] = "{$key} = '{$info[$i][$value][0]}'"; } $DAO = $this->get_DAO(); if (LDAP__AUTO_CREATE_USER) { $sql = 'INSERT INTO ' . APP__DB_TABLE_PREFIX . 'user SET ' . implode(', ', $els) . ", username = '{$this->username}', password = '" . md5(str_random()) . "', source_id = ''"; $sql .= ' ON DUPLICATE KEY UPDATE ' . implode(', ', $els); $DAO->execute($sql); $id = $DAO->get_insert_id(); $sql = 'SELECT user_id FROM ' . APP__DB_TABLE_PREFIX . "user WHERE source_id = '' AND username = '{$this->username}'"; $id = $DAO->fetch_value($sql); $sql = 'SELECT * FROM ' . APP__DB_TABLE_PREFIX . "user WHERE user_id = $id"; } else { $sql = 'UPDATE ' . APP__DB_TABLE_PREFIX . 'user SET ' . implode(', ', $els) . " WHERE username = '{$this->username}' AND source_id = ''"; $DAO->execute($sql); $sql = 'SELECT * FROM ' . APP__DB_TABLE_PREFIX . "user WHERE username = '{$this->username}' AND source_id = ''"; } return $this->initialise($sql); }// /->authenticate() /* =============================================================================== PRIVATE =============================================================================== */ }// /class LDAPAuthenticator ?>