/**
* Adds a user to the Chamilo database or updates its data
* @param string username (and uid inside LDAP)
* @author Mustapha Alouani
*/
function ldap_add_user($login)
{
if ($ldap_user = extldap_authenticate($login, 'nopass', true)) {
return extldap_add_user_by_array($ldap_user);
}
}
/**
* checks if the user already get a session
* @return the user login if the user already has a session ,false otherwise
**/
function cas_is_authenticated()
{
global $cas_auth_ver, $cas_auth_server, $cas_auth_port, $cas_auth_uri;
global $PHPCAS_CLIENT;
global $logout;
if (!cas_configured()) {
return;
}
if (!is_object($PHPCAS_CLIENT)) {
phpCAS::client($cas_auth_ver, $cas_auth_server, $cas_auth_port, $cas_auth_uri);
phpCAS::setNoCasServerValidation();
}
$auth = phpCAS::checkAuthentication();
if ($auth) {
$login = trim(phpCAS::getUser());
/*
Get user attributes. Here are the attributes for crdp platform
sn => name
ENTPersonMailInterne => mail
ENTPersonAlias => login
ENTPersonProfils => profil
givenName => first name
*/
/*$user=phpCAS::getAttributes();
$firstName = trim($user['givenName']);
$lastName = trim($user['sn']);
$login = trim($user['ENTPersonAlias']);
$profil = trim($user['ENTPersonProfils']);
$email = trim($user['ENTPersonMailInterne']);
$satus=5;
switch ($profil){
case 'admin_etab':
$status=3; //Session admin
break;
case 'admin_sie':
$status=3; //Session admin
break;
case 'National_3':
$status=1; // Teacher
break;
case 'National_1':
$status=5; // Student
break;
default:
$status=5; // Student
}*/
if (!$logout) {
// get user info from username
$tab_user_info = UserManager::get_user_info($login);
// user found in the chamilo database
if (is_array($tab_user_info)) {
// if option is on we update user automatically from ldap server
if (api_get_setting("update_user_info_cas_with_ldap") == "true") {
$ldapuser = extldap_authenticate($login, 'nopass', true);
if ($ldap_user !== false) {
$chamilo_user = extldap_get_chamilo_user($ldapuser);
$chamilo_user['user_id'] = $tab_user_info['user_id'];
$chamilo_user['status'] = $tab_user_info['status'];
UserManager::update_user($chamilo_user["user_id"], $chamilo_user["firstname"], $chamilo_user["lastname"], $login, null, null, $chamilo_user["email"], $chamilo_user["status"], '', '', '', '', 1, null, 0, null, '');
}
}
return $login;
} else {
// if option is on we can ADD user automatically from ldap server or by modify own profil
$user_added = false;
switch (api_get_setting("cas_add_user_activate")) {
case PLATFORM_AUTH_SOURCE:
// user will have to modify firstname, lastname, email in chamilo profil edit
$userdata = get_lang("EditInProfil");
UserManager::create_user($userdata, $userdata, '5', $userdata, $login, 'casplaceholder', '', '', '', '', CAS_AUTH_SOURCE);
$user_added = $login;
break;
case LDAP_AUTH_SOURCE:
// user info are read from ldap connexion
// get user info from ldap server
// user has already been authenticated by CAS
// If user not found in LDAP, user not created
$ldapuser = extldap_authenticate($login, 'nopass', true);
if ($ldap_user !== false) {
$chamilo_user = extldap_get_chamilo_user($ldapuser);
$chamilo_user['username'] = $login;
$chamilo_user['auth_source'] = CAS_AUTH_SOURCE;
$chamilo_uid = external_add_user($chamilo_user);
$user_added = $login;
}
break;
default:
break;
}
return $user_added;
}
}
// //If the user is in the dokeos database and we are ,not in a logout request, we upgrade his infomration by ldap
// if (! $logout){
// $user_table = Database::get_main_table(TABLE_MAIN_USER);
// $sql = "SELECT user_id, username, password, auth_source, active, expiration_date ".
// "FROM $user_table ".
// "WHERE username = '******' ";
//
// $result = Database::query($sql,__FILE__,__LINE__);
// if(mysql_num_rows($result) == 0) {
// require_once(api_get_path(SYS_PATH).'main/inc/lib/usermanager.lib.php');
// $rnumber=rand(0,256000);
// UserManager::create_user($firstName, $lastName, $status, $email, $login, md5('casplaceholder'.$rnumber), $official_code='',$language='',$phone='',$picture_uri='',$auth_source = PLATFORM_AUTH_SOURCE);
// }
// else {
// $user = mysql_fetch_assoc($result);
// $user_id = intval($user['user_id']);
// //echo "deb : $status";
// UserManager::update_user ($user_id, $firstname, $lastname, $login, null, null, $email, $status, '', '', '', '', 1, null, 0, null,'') ;
//
// }
// }
return $login;
} else {
return false;
}
}
* - set $loginFailed=true
* - set $uidReset = false
* User wil then have the user password incorrect message
*
* 2. We redirect the user to index.php with appropriate message :
* Possible messages are :
* - index.php?loginFailed=1&error=access_url_inactive
* - index.php?loginFailed=1&error=account_expired
* - index.php?loginFailed=1&error=account_inactive
* - index.php?loginFailed=1&error=user_password_incorrect
* - index.php?loginFailed=1&error=unrecognize_sso_origin');
* */
use ChamiloSession as Session;
require_once dirname(__FILE__) . '/ldap.inc.php';
require_once dirname(__FILE__) . '/functions.inc.php';
$ldap_user = extldap_authenticate($login, $password);
if ($ldap_user !== false) {
$chamilo_user = extldap_get_chamilo_user($ldap_user);
//username is not on the ldap, we have to use $login variable
$chamilo_user['username'] = $login;
$chamilo_uid = external_add_user($chamilo_user);
if ($chamilo_uid !== false) {
$loginFailed = false;
$_user['user_id'] = $chamilo_uid;
$_user['status'] = isset($chamilo_user['status']) ? $chamilo_user['status'] : 5;
$_user['uidReset'] = true;
Session::write('_user', $_user);
$uidReset = true;
// Is user admin?
if ($chamilo_user['admin'] === true) {
$is_platformAdmin = true;
