mods/ldap/admin/ldap_lib.php

   1 <?php
   2 /*
   3 Library which implement simple functions for LDAP authentication in Atutor
   4
   5 Maintainer smal (Serhiy Voyt)
   6 smalgroup@gmail.com
   7
   8 Version 0.2
   9 10.11.2008
  10
  11 Distributed under GPL (c)Sehiy Voyt 2005-2009
  12 */
  13
  14 if (!defined('AT_INCLUDE_PATH')) { exit; }
  15
  16 function get_ldap_config($param){
  17         /**
  18         * Get LDAP config param from DB
  19         * @access  public
  20         * @param   var $param - LDAP config parametr
  21         * @return  LDAP config parametr value
  22         * @author  smal
  23         */
  24         global $db;
  25
  26         $sql    = "SELECT value FROM ".TABLE_PREFIX."config_ldap WHERE name='$param'";
  27         $result = mysql_query($sql,$db);
  28         if (!($row = mysql_fetch_assoc($result))) {
  29                 return 'error';
  30                 exit;
  31                 }else{
  32                 return strtolower($row['value']);
  33                 }
  34 }
  35
  36
  37 function ldap_bind_connect($username, $password){
  38         /**
  39         * Auth user via LDAP
  40         * @access  public
  41         * @param   var $username
  42         * @param   var $password
  43         * @return  True if success bind to LDAP with username/password, otherwise return False
  44         * @author  smal
  45         */
  46
  47         $ldap_server = ldap_connect(get_ldap_config('ldap_name'),get_ldap_config('ldap_port'));
  48         if (!$ldap_server) {
  49                 return False;
  50         }
  51         #try start TLS
  52         ldap_set_option($ldap_server, LDAP_OPT_PROTOCOL_VERSION, 3);
  53         ldap_start_tls($ldap_server);
  54         #if (!ldap_start_tls($ldap_server)){
  55         #    return False;
  56         #}
  57         $user_dn = get_ldap_config('ldap_attr_login'). "=" . $username . "," . get_ldap_config('ldap_base_tree');
  58         $ldap_server_bind = ldap_bind($ldap_server, $user_dn, $password);
  59         if ($ldap_server_bind == False) {
  60                return False;
  61         }else{
  62                return True;
  63         }
  64         ldap_close($ldap_server);
  65 }
  66
  67 function get_ldap_config_attr() {
  68         /**
  69         * Get LDAP config param's value from DB
  70         * @access  public
  71         * @return  array of LDAP config attributes value (which not NULL) from ATutor DB
  72         * @author  smal
  73         */
  74
  75         global $db;
  76
  77         $result = array();
  78
  79         $sql = "SELECT value FROM ".TABLE_PREFIX."config_ldap WHERE value != '' AND  name LIKE 'ldap_attr_%'";
  80         if ($result_sql = mysql_query($sql, $db)) {
  81                 while ($row = mysql_fetch_array($result_sql)){
  82                         array_push($result, $row[0]);
  83                 }
  84         }else{
  85                 return false;
  86                 exit;
  87         }
  88
  89         return $result;
  90
  91 }
  92
  93 function get_ldap_entry_info($username, $password, $hash_password){
  94         /**
  95         * Get info about user entry from LDAP
  96         * @access  public
  97         * @param   var $username
  98         * @param   var $password
  99         * @param   var $hash_password
 100         * @return  array of user attributes value
 101         * @author  smal
 102         */
 103
 104         $result = array();
 105
 106         $ldap_server = ldap_connect(get_ldap_config('ldap_name'),get_ldap_config('ldap_port'));
 107         if (!$ldap_server) {
 108                 return false;
 109         }else{
 110                 $user_dn = get_ldap_config('ldap_attr_login'). "=" . $username . "," . get_ldap_config('ldap_base_tree');
 111                 $ldap_server_bind = ldap_bind($ldap_server, $user_dn, $password);
 112                 if (!$ldap_server_bind) {
 113                         return false;
 114                 }else{
 115                         $filter = get_ldap_config('ldap_attr_login') ."=".$username;
 116                         $attr = get_ldap_config_attr();
 117
 118                         if(!$ldap_user= ldap_search($ldap_server, get_ldap_config('ldap_base_tree'),$filter, $attr)){
 119                                 return false;
 120                         }else{
 121                                 if(!$ldap_user_entry = ldap_first_entry($ldap_server,$ldap_user)){
 122                                         return false;
 123                                 }else{
 124                                         if(!$ldap_user_attr = ldap_get_attributes($ldap_server,$ldap_user_entry)){
 125                                                 return false;
 126                                         }else{
 127                                                 if(!$ldap_user_info=ldap_get_entries($ldap_server,$ldap_user)){
 128                                                         return false;
 129                                                 }else{
 130
 131                                                         for ($i=0;$i<$ldap_user_attr['count'];$i++){
 132                                                                 if (isset($ldap_user_info[0][strtolower($ldap_user_attr[$i])][0])) {
 133                                                                 $result[strtolower($ldap_user_attr[$i])] = $ldap_user_info[0][strtolower($ldap_user_attr[$i])][0];
 134                                                                 }
 135                                                         }
 136                                                         $result[get_ldap_config('ldap_attr_login')] = $username;
 137                                                         $result[get_ldap_config('ldap_attr_password')] = $hash_password;
 138                                                         return $result;
 139                                                 }
 140                                         }
 141                                 }
 142                         }
 143                 }
 144         ldap_close($ldap_server);
 145         }
 146
 147
 148 }
 149
 150
 151 function add_ldap_log($ldap_source=NULL) {
 152         /**
 153         * Function provide logging all user that's authentivated via LDAP
 154         * @access  public
 155         * @param   var $ldap_sourse - LDAP server name, optional
 156         * @return  True if logging success to DB, otherwise False
 157         * @author  smal
 158         */
 159
 160         global $db;
 161
 162         $member_id = $_SESSION['member_id'];
 163         if (!$member_id) {
 164                 $member_id = 0;
 165         }
 166         $date = date('Y-m-d H:i:s');
 167
 168         $sql = "INSERT INTO ".TABLE_PREFIX."ldap_log VALUES($member_id,'$date', '$ldap_source')";
 169         $result = mysql_query($sql,$db);
 170         if ($result) {
 171                 return true;
 172         }else{
 173                 return false;
 174         }
 175 }
 176
 177 function insert_user_info($user_info) {
 178         //function provide insert user info from $user_info array into
 179         //ATutor MySQL DB
 180         /**
 181         * Insert user info from LDAP to ATutor DB
 182         * @access  public
 183         * @param   var $user_info - array of user attributes-values
 184         * @return  member_id of created user or False if error's occured
 185         * @author  smal
 186         */
 187
 188         global $db, $_config;
 189
 190         $name = strtolower($user_info[get_ldap_config('ldap_attr_login')]);
 191         $password = $user_info[get_ldap_config('ldap_attr_password')];
 192         $email = $user_info[get_ldap_config('ldap_attr_mail')];
 193         $website = $user_info[get_ldap_config('ldap_attr_website')];
 194
 195         $first_name = $user_info[get_ldap_config('ldap_attr_first_name')];
 196         $second_name = $user_info[get_ldap_config('ldap_attr_second_name')];
 197         $last_name = $user_info[get_ldap_config('ldap_attr_last_name')];
 198
 199         $dob = $user_info[get_ldap_config('ldap_attr_dob')];
 200         //$dob = '0000-00-00';
 201         $gender = $user_info[get_ldap_config('ldap_attr_gender')];
 202         $address = $user_info[get_ldap_config('ldap_attr_address')];
 203         $postal = $user_info[get_ldap_config('ldap_attr_postal')];
 204         $city = $user_info[get_ldap_config('ldap_attr_city')];
 205         $province = $user_info[get_ldap_config('ldap_attr_province')];
 206         $country = $user_info[get_ldap_config('ldap_attr_country')];
 207         $phone = $user_info[get_ldap_config('ldap_attr_phone')];
 208         $status = AT_STATUS_STUDENT;
 209         $now = date('Y-m-d H:i:s');
 210
 211         //check unique login and email
 212         $sql = "SELECT login FROM ".TABLE_PREFIX."members WHERE login='$name' OR email='$email'";
 213         if ($result=mysql_query($sql,$db)){
 214                 if(mysql_num_rows($result) > 0){
 215                         return false;
 216                         exit;
 217                 }
 218         }
 219
 220         $sql = "INSERT INTO ".TABLE_PREFIX."members VALUES (0,'$name','$password','$email','$website','$first_name','$second_name','$last_name', '$dob', '$gender', '$address','$postal','$city','$province','$country', '$phone', $status, '$_config[pref_defaults]', '$now', '$_SESSION[lang]', 1, 1, '0000-00-00 00:00:00')";
 221         $result = mysql_query($sql, $db);
 222
 223         if (!$result) {
 224                 return false;
 225         }else{
 226                 if ($row = mysql_fetch_assoc($result)){
 227                     return $row['member_id'];
 228                 }else{
 229                     return true;
 230                 }
 231         }
 232
 233 }
 234
 235
 236 ?>