public static function run($inContent = '')
{
$user = currentUser::getUserSession();
if ($user->isLoggedIn()) {
return;
}
$pluginEnabled = VariableEngine::getInstance()->getVariable('ldapEnabled');
if ($pluginEnabled === false) {
return;
}
if ($pluginEnabled->getValue() === 'false') {
return;
}
$variableEngine = VariableEngine::getInstance();
$ldapServer = $variableEngine->getVariable('ldapServer');
if ($ldapServer === false) {
return;
}
$ldapDomain = $variableEngine->getVariable('ldapDomain');
if ($ldapDomain === false) {
return;
}
$ldapIsActiveDirectory = $variableEngine->getVariable('ldapIsActiveDirectory');
if ($ldapIsActiveDirectory === false) {
return;
}
$ldapConnection = ldap_connect($ldapServer->getValue());
if (!$ldapConnection) {
return;
}
ldap_set_option($ldapConnection, LDAP_OPT_REFERRALS, 0);
ldap_set_option($ldapConnection, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_start_tls($ldapConnection);
$userName = htmlspecialchars($_POST['username']);
$password = htmlspecialchars($_POST['password']);
if ($userName === null) {
return;
}
if ($userName === '') {
return;
}
if ($password === null) {
return;
}
if ($password === '') {
return;
}
$authenticated = ldap_bind($ldapConnection, $userName . '@' . $ldapDomain->getValue(), $password);
unset($password);
if (!$authenticated) {
ldap_close($ldapConnection);
return;
}
$database = database::getInstance();
$userName = $database->escapeString($userName);
$haveSeenBefore = $database->getData('userID', 'activeDirectory', 'WHERE adUsername=\'' . $userName . '\'');
if ($haveSeenBefore === null) {
$ou = $variableEngine->getVariable('ldapOrganizationUnit');
if ($ou === false) {
ldap_close($ldapConnection);
return;
}
$dn = 'cn=' . $userName . ',ou=' . $ou->getValue();
$domain = explode('.', $ldapDomain->getValue());
$numberOfSubServers = count($domain);
for ($i = 0; $i < $numberOfSubServers; $i++) {
$dn .= ',dc=' . $domain[$i];
}
$search = ldap_read($ldapConnection, $dn, '(objectclass=*)', array('sn', 'givenname', 'mail'));
if (!$search) {
ldap_close($ldapConnection);
return;
}
$info = ldap_get_entries($ldapConnection, $search);
ldap_close($ldapConnection);
if ($info['count'] !== 1) {
return;
}
$function = new general('generateRandomString');
$password = $function->run(array('length' => 50));
$defaultRoleID = $variableEngine->getVariable('ldapDefaultRoleID');
if ($defaultRoleID === false) {
return;
}
$defaultRoleID = $defaultRoleID->getValue();
//No email found in ad
if ($info[0]['count'] === 2) {
if ($info[0]['sn']['count'] !== 1) {
return;
}
if ($info[0]['givenname']['count'] !== 1) {
return;
}
$firstName = $info[0]['givenname'][0];
$lastName = $info[0]['sn'][0];
if (!self::addUser($firstName, $lastName, $userName, $password, $defaultRoleID)) {
return;
}
self::logIn($userName);
return;
}
//3 = the number of fields requested.
if ($info[0]['count'] !== 3) {
ldap_close($ldapConnection);
return;
}
if ($info[0]['sn']['count'] !== 1) {
ldap_close($ldapConnection);
return;
}
if ($info[0]['givenname']['count'] !== 1) {
ldap_close($ldapConnection);
return;
}
if ($info[0]['mail']['count'] !== 1) {
ldap_close($ldapConnection);
return;
}
$firstName = $info[0]['givenname'][0];
$lastName = $info[0]['sn'][0];
$email = $info[0]['mail'][0];
if (!self::addUser($firstName, $lastName, $userName, $password, $defaultRoleID, $email)) {
return;
}
self::logIn($userName);
return;
}
ldap_close($ldapConnection);
self::logIn($userName);
}
