public function loadUsers()
{
$search = ldap_read($this->ldapconn, $this->dn, Group::FILTER_GROUPS, array("member"));
if (ldap_count_entries($this->ldapconn, $search) > 0) {
$entry = ldap_first_entry($this->ldapconn, $search);
$att = ldap_get_attributes($this->ldapconn, $entry);
if (isset($att['member'])) {
$this->members = [];
for ($i = 0; $i < $att['member']['count']; $i++) {
$dn = $att['member'][$i];
if ($dn != DUMMY_USER_DN) {
$this->members[] = User::readUser($this->ldapconn, $dn);
}
}
} else {
$this->members = [];
}
}
}
$ret = '';
$postdata = file_get_contents("php://input");
$request = (array) json_decode($postdata);
if (empty($request['cn'])) {
http_response_code(400);
die("Missing parameter: cn");
}
$ldapDn = 'cn=' . $request['cn'] . ',' . USER_DN;
if (empty($request['pw'])) {
http_response_code(400);
die("Missing parameter: pw");
}
$password = $request['pw'];
$ret .= $ldapDn . "\n" . $password . "\n";
$ldapconn = ldap_connect_options();
$bind_success = ldap_bind($ldapconn, $ldapDn, $password);
if ($bind_success) {
$user = User::readUser($ldapconn, $ldapDn);
$user->loadGroupInformation();
$_SESSION['ldapDn'] = $ldapDn;
$_SESSION['password'] = $password;
$_SESSION['displayName'] = $user->displayName;
session_write_close();
ldap_close($ldapconn);
http_response_code(200);
echo json_encode($user);
} else {
http_response_code(403);
ldap_close($ldapconn);
echo $ret;
}
<?php
require_once __DIR__ . '/../config.inc.php';
require_once BASE_PATH . 'ldap.inc.php';
require_once BASE_PATH . 'classes/user.inc.php';
session_start();
$postdata = file_get_contents("php://input");
$request = (array) json_decode($postdata);
if (empty($request['dn'])) {
http_response_code(400);
die("Missing parameter: dn");
}
// read user from LDAP
$ldapconn = ldap_bind_session();
$user = User::readUser($ldapconn, $request['dn']);
$retval = array();
if ($user->deleteFromDirectory($ldapconn) === true) {
// success
http_response_code(200);
} else {
http_response_code(500);
$retval["detail"] = ldap_error($ldapconn);
$retval["message"] = "Could not write change to LDAP directory";
}
ldap_close($ldapconn);
echo json_encode($retval);
http_response_code(400);
die("Missing parameter: " . $par);
}
${$par} = $request[$par];
}
$newuser = new User();
$newuser->cn = $cn;
$newuser->mail = $mail;
$newuser->sn = $sn;
$newuser->givenName = $givenName;
$newuser->displayName = $givenName . ' ' . $sn;
$newuser->dn = 'cn=' . $cn . ',' . USER_DN;
// store to LDAP
$ldapconn = ldap_bind_session();
$retval = array();
if ($newuser->addToDirectory($ldapconn) === true) {
// success
http_response_code(200);
$user = User::readUser($ldapconn, $newuser->dn);
$user->loadGroupInformation();
$newpassword = User::generateRandomPassword();
$user->changePassword($newpassword);
$retval["user"] = $user;
$retval["password"] = $newpassword;
} else {
http_response_code(500);
$retval["detail"] = ldap_error($ldapconn);
$retval["message"] = "Could not write change to LDAP directory";
}
ldap_close($ldapconn);
echo json_encode($retval);
