public static function getLdapMemberGroups() { if (Ldap::getConnection()) { $query = ldap_search(Ldap::getConnection(), 'CN=groups,' . $GLOBALS['TL_CONFIG']['ldap_base'], "(objectClass=*)", LdapMemberGroup::getAttributes()); if (!$query) { return false; } $found = ldap_get_entries(Ldap::getConnection(), $query); // groups not found if (!is_array($found) || count($found) <= 0) { return false; } return $found; } else { return false; } }
public static function findLdapMember($strUsername) { if (Ldap::getConnection()) { $user_name_filter = $GLOBALS['TL_CONFIG']['ldap_uid'] . '=' . $strUsername; $filter = '(&(' . $user_name_filter . ')' . $GLOBALS['TL_CONFIG']['ldap_filter_person'] . ')'; // search by username $query = ldap_search(Ldap::getConnection(), $GLOBALS['TL_CONFIG']['ldap_base'], $filter, LdapMember::getAttributes()); if (!$query) { return null; } $found = ldap_get_entries(Ldap::getConnection(), $query); // user not found if (!is_array($found) || count($found) <= 0) { return null; } $found = (object) $found[0]; return $found; } else { return null; } }
public static function authenticateLdapMember($strUsername, $strPassword) { $objLdapUser = LdapMemberModel::findLdapMember($strUsername); if ($objLdapUser) { if (!@ldap_bind(Ldap::getConnection(), $objLdapUser->dn, $strPassword)) { $errno = ldap_errno(Ldap::getConnection()); switch ($errno) { case static::LDAP_INVALID_CREDENTIALS: return false; } return false; } // ldap account requires an valid email and uid if ($objLdapUser->uid['count'] == 0 || $objLdapUser->mail['count'] == 0) { \Message::addError($GLOBALS['TL_LANG']['MSC']['ldap']['emailUidMissing']); return false; } return true; } else { return false; } }