for ($detail = 0; $detail < $ldapResults[$item][$data]['count']; $detail++) { if ($data == 'objectsid' | $data == 'objectguid') { $entry = ldap_first_entry($ldapConn, $ldapSearch); $value = ldap_get_values_len($ldapConn, $entry, $data); echo " " . $value[0] . " Len = " . strlen($value[0]) . "\n"; } else { $called = $ldapResults[$item][$data][$detail]; echo " " . $called . "\n"; } } } echo "=====================================================================================\n"; if ($SearchSelect != 2) { echo " LDAP Group this user is apart of\n"; echo "=====================================================================================\n"; $ldapGroup = new ldapGroups(); $ldapGroup->ldap_members_set($ldapSearchValue); // Go thought the list of groups that they are members of in LDAP foreach ($ldapGroup->ldapMembers as $value) { echo "\t" . $value . "\n"; } } } echo '</pre>'; // ---------------------------------------------------- // ldap_connect_ex() // // Connects to LDAP on specifing port, if it was configured // using Authentication Settings in Control Panel // ---------------------------------------------------- function ldap_connect_ex()
function ldapUpdateGroups($username) { // turn off reporting errors in case the password will be incorrect during binding $reporting = error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR); global $db; $ldapGroup = new ldapGroups(); $ldapGroup->ldap_members_set($username); // Get the User_id from the DB $sql = "SELECT user_id FROM " . USERS_TABLE . " WHERE username = '******'"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not query User information', '', __LINE__, __FILE__, $sql); } $user_data = $db->sql_fetchrow($result); $userid = $user_data['user_id']; // Get the list of group that are LDAP updated that the user is a member of // But not moderator (we don't want to delete the moderator). $sql = "SELECT gt.group_id, gt.group_name FROM " . GROUPS_TABLE . " gt, " . USER_GROUP_TABLE . " ugt\n\t\tWHERE gt.group_id = ugt.group_id\n\t\t\tAND gt.group_ldap_update = " . TRUE . "\n\t\t\tAND ugt.user_id = " . $userid . "\n\t\t\tAND gt.group_moderator <>" . $userid; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not query Group membership information', '', __LINE__, __FILE__, $sql); } $user_group = array(); while ($user_group_data = $db->sql_fetchrow($result)) { // See if they are apart of any phpBB groups and not in LDAP $user_group[] = array($user_group_data['group_name'], $user_group_data['group_id']); } foreach ($user_group as $group) { if (!in_array($group[0], $ldapGroup->ldapMembers)) { // If they are not members of the LDAP group, remove them from the phpBB group $sql = "DELETE FROM " . USER_GROUP_TABLE . "\n\t\t\t\tWHERE group_id = " . $group[1] . "\n\t\t\t\t\tAND user_id = " . $userid; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not remove user from group', '', __LINE__, __FILE__, $sql); } } } // Get the new list of memberships // Include the groups the user moderates $sql = "SELECT gt.group_id, gt.group_name FROM " . GROUPS_TABLE . " gt , " . USER_GROUP_TABLE . " ugt\n\t\tWHERE gt.group_id = ugt.group_id\n\t\t\tAND gt.group_ldap_update = " . TRUE . "\n\t\t\tAND ugt.user_id = " . $userid; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not query Group membership information', '', __LINE__, __FILE__, $sql); } // Fill an array $user_group = array(); while ($user_group_data = $db->sql_fetchrow($result)) { $user_group[] = $user_group_data['group_name']; } // Get list of groups in phpBB that are LDAP updated $sql = "SELECT gt.group_id, gt.group_name FROM " . GROUPS_TABLE . " gt\n\t\tWHERE gt.group_ldap_update = 1"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not query Group LDAP information', '', __LINE__, __FILE__, $sql); } // Fill an array $group_ldap = array(); while ($group_ldap_data = $db->sql_fetchrow($result)) { $group_ldap[$group_ldap_data['group_name']] = $group_ldap_data['group_id']; } // Go thought the list and see if they are not members of any groups that they are in LDAP foreach ($ldapGroup->ldapMembers as $value) { if (!in_array($value, $user_group) && array_key_exists($value, $group_ldap)) { // Add user the Groups $sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending)\n\t\t\t\tVALUES (" . $userid . ", " . $group_ldap[$value] . ", 0)"; if (!($result = $db->sql_query($sql, END_TRANSACTION))) { message_die(GENERAL_ERROR, 'Could not insert data into user_group table', '', __LINE__, __FILE__, $sql); } } } unset($ldapGroup); }