function login($success, $username, $password, $remember_me) { global $conf; $allow_auth = False; $obj = new Ldap(); $obj->load_config(); $obj->ldap_conn() or error_log("Unable to connect LDAP server : " . $obj->getErrorString()); // if there's a users group... if ($obj->config['users_group']) { // and the user is in if ($obj->user_membership($username, $obj->ldap_group($obj->config['users_group']))) { // it can continue $allow_auth = True; } else { // otherwise it means the user is not allowed to enter ! fail($username); } } else { // if there's no user group, we can continue. $allow_auth = True; } if ($allow_auth) { if ($obj->ldap_bind_as($username, $password)) { // bind with userdn // search user in piwigo database $query = ' SELECT ' . $conf['user_fields']['id'] . ' AS id FROM ' . USERS_TABLE . ' WHERE ' . $conf['user_fields']['username'] . ' = \'' . pwg_db_real_escape_string($username) . '\';'; $row = pwg_db_fetch_assoc(pwg_query($query)); // if query is not empty, it means everything is ok and we can continue, auth is done ! if (!empty($row['id'])) { update_user($username, $row['id']); log_user($row['id'], $remember_me); trigger_action('login_success', stripslashes($username)); return True; } else { // this is where we check we are allowed to create new users upon that. if ($obj->config['allow_newusers']) { // we got the email address if ($obj->ldap_mail($username)) { $mail = $obj->ldap_mail($username); } else { $mail = NULL; } // we actually register the new user $new_id = register_user($username, random_password(8), $mail); update_user($username, $new_id); // now we fetch again his id in the piwigo db, and we get them, as we just created him ! log_user($new_id, False); trigger_action('login_success', stripslashes($username)); redirect('profile.php'); return true; } else { fail($username); } } } else { fail($username); } } else { fail($username); } }
<?php if (!defined('PHPWG_ROOT_PATH')) { die('Hacking attempt!'); } /* * * Here we have everything related to the basic ldap conf' of the plugin. * */ global $template; $template->set_filenames(array('plugin_admin_content' => dirname(__FILE__) . '/configuration.tpl')); $template->assign(array('PLUGIN_ACTION' => get_root_url() . 'admin.php?page=plugin-ldap_login-configuration', 'PLUGIN_CHECK' => get_root_url() . 'admin.php?page=plugin-ldap_login-configuration')); $me = new Ldap(); $me->load_config(); $me->ldap_conn(); // we start the template generation by feeding with the settings (defaults or read from config). $template->assign('HOST', $me->config['host']); $template->assign('BASEDN', $me->config['basedn']); // racine ! $template->assign('USERSBRANCH', $me->config['usersbranch']); $template->assign('GROUPBRANCH', $me->config['groupbranch']); $template->assign('LD_SEARCH_USERS', $me->config['ld_search_users']); $template->assign('LD_SEARCH_GROUPS', $me->config['ld_search_groups']); $template->assign('PORT', $me->config['port']); $template->assign('LD_ATTR', $me->config['ld_attr']); $template->assign('LD_GROUP', $me->config['ld_group']); $template->assign('LD_USE_SSL', $me->config['ld_use_ssl']); $template->assign('LD_BINDPW', $me->config['ld_bindpw']); $template->assign('LD_BINDDN', $me->config['ld_binddn']); $template->assign('WEBMASTERS_GROUP', $me->config['webmasters_group']);