Exemple #1
0
 public function authenticate($user, $pass, $log = true)
 {
     $base = $this->manager->getConf('login.ldap.base');
     $custom = $this->manager->getConf('login.ldap.custom');
     $schema = $this->manager->getConf('login.ldap.schema');
     $attr = $this->manager->getConf('login.ldap.userName');
     $l = $this->manager->getConf('login.ldap.login');
     $idPerson = $this->manager->getConf('login.ldap.idperson');
     $vars = array('%domain%' => $_SERVER['HOST_NAME'], '%login%' => $user, '%password%' => md5($pass), 'AND(' => '&(', 'OR(' => '|(');
     switch ($schema) {
         case 'manager':
             $search = '(&(login='******')(password='******'))';
             $login = false;
             break;
         case 'system':
             $search = 'uid=' . $user;
             $login = true;
             break;
         default:
             if ($custom) {
                 $search = strtr($custom, $vars);
             } else {
                 $search = strtr('(&(|(uid=%login%)(login=%login%))(objectClass=managerUser))', $vars);
             }
             $login = null;
     }
     $sr = ldap_search($this->conn, $base, $search, array('dn', $attr, 'password', 'managerGroup', $l, $idPerson));
     $info = ldap_get_entries($this->conn, $sr);
     for ($i = 0; $i < $info['count']; $i++) {
         $bind = $exists = false;
         if ($info[$i]['dn']) {
             if (!$login) {
                 $exists = $info[$i]['password'][0] == md5($pass);
             }
             if (!$exists && ($login || is_null($login))) {
                 $bind = ldap_bind($this->conn, $info[$i]['dn'], $pass);
             }
             if ($bind || $exists) {
                 $r = true;
                 break;
             }
         }
     }
     if ($l) {
         $user = $info[$i][$l][0];
     }
     $groups = array();
     if ($info[$i]['managergroup']['count'] > 0) {
         unset($info[$i]['managergroup']['count']);
         $groups = $info[$i]['managergroup'];
     }
     if ($log && $r) {
         $login = new MLogin($user, $pass, $info[$i][$attr][0], 0);
         $login->setIdPerson($info[$i][$idPerson][0]);
         $login->setGroups($groups);
         $this->setLogin($login);
     }
     return $r;
 }