public static function getLdapMemberGroups()
{
if (Ldap::getConnection()) {
$query = ldap_search(Ldap::getConnection(), 'CN=groups,' . $GLOBALS['TL_CONFIG']['ldap_base'], "(objectClass=*)", LdapMemberGroup::getAttributes());
if (!$query) {
return false;
}
$found = ldap_get_entries(Ldap::getConnection(), $query);
// groups not found
if (!is_array($found) || count($found) <= 0) {
return false;
}
return $found;
} else {
return false;
}
}
public static function findLdapMember($strUsername)
{
if (Ldap::getConnection()) {
$user_name_filter = $GLOBALS['TL_CONFIG']['ldap_uid'] . '=' . $strUsername;
$filter = '(&(' . $user_name_filter . ')' . $GLOBALS['TL_CONFIG']['ldap_filter_person'] . ')';
// search by username
$query = ldap_search(Ldap::getConnection(), $GLOBALS['TL_CONFIG']['ldap_base'], $filter, LdapMember::getAttributes());
if (!$query) {
return null;
}
$found = ldap_get_entries(Ldap::getConnection(), $query);
// user not found
if (!is_array($found) || count($found) <= 0) {
return null;
}
$found = (object) $found[0];
return $found;
} else {
return null;
}
}
public static function authenticateLdapMember($strUsername, $strPassword)
{
$objLdapUser = LdapMemberModel::findLdapMember($strUsername);
if ($objLdapUser) {
if (!@ldap_bind(Ldap::getConnection(), $objLdapUser->dn, $strPassword)) {
$errno = ldap_errno(Ldap::getConnection());
switch ($errno) {
case static::LDAP_INVALID_CREDENTIALS:
return false;
}
return false;
}
// ldap account requires an valid email and uid
if ($objLdapUser->uid['count'] == 0 || $objLdapUser->mail['count'] == 0) {
\Message::addError($GLOBALS['TL_LANG']['MSC']['ldap']['emailUidMissing']);
return false;
}
return true;
} else {
return false;
}
}
