function getWpmuLdapSiteOptions()
{
$defaultSignupMessage = 'Public sign-up has been disabled.';
$sysAdminEmail = get_site_option('admin_email');
$defaultGetPasswordMessage = <<<GetPasswordMsg
Your account is tied to an account in the central directory. You cannot
retrieve your password via email. Please contact the
<a href="mailto:{$sysAdminEmail}">system administrator</a> for information on how
to reset your password.
GetPasswordMsg;
$defaultLDAPEmailSubj = $defaultLocalEmailSubj = 'Blogging Account Created';
$defaultLDAPEmailMessage = 'Dear User,
You have just been permitted to access a new blog!
Username: USERNAME
Login: LOGINLINK
We hope you enjoy your new weblog.
Thanks!
--Wordpress';
$defaultLocalEmailMessage = 'Dear User,
You have just been permitted to access a new blog!
Username: USERNAME
Password: PASSWORD
Login: LOGINLINK
We hope you enjoy your new weblog.
Thanks!
--Wordpress';
$ret = array();
$ret['ldapAuth'] = get_site_option('ldapAuth');
$ret['ldapSSOEnabled'] = get_site_option('ldapSSOEnabled');
$ret['ldapCreateAcct'] = get_site_option('ldapCreateAcct');
$ret['ldapCreateBlog'] = get_site_option('ldapCreateBlog');
$ret['ldapLinuxWindows'] = get_site_option('ldapLinuxWindows');
$ret['ldapServerAddr'] = get_site_option('ldapServerAddr');
$ret['ldapServerPort'] = get_site_option('ldapServerPort');
$ret['ldapServerOU'] = get_site_option('ldapServerOU');
$ret['ldapServerCN'] = get_site_option('ldapServerCN');
$ret['ldapEnableSSL'] = get_site_option('ldapEnableSSL');
$ret['ldapServerPass'] = get_site_option('ldapServerPass');
$ret['ldapDisableSignup'] = get_site_option('ldapDisableSignup');
$ret['ldapLocalEmail'] = get_site_option('ldapLocalEmail');
$ret['ldapLocalEmailSubj'] = get_site_option('ldapLocalEmailSubj', $defaultLocalEmailSubj);
$ret['ldapLocalEmailMessage'] = stripslashes(get_site_option('ldapLocalEmailMessage', $defaultLocalEmailMessage));
$ret['ldapLDAPEmail'] = get_site_option('ldapLDAPEmail');
$ret['ldapLDAPEmailSubj'] = get_site_option('ldapLDAPEmailSubj', $defaultLDAPEmailSubj);
$ret['ldapLDAPEmailMessage'] = stripslashes(get_site_option('ldapLDAPEmailMessage', $defaultLDAPEmailMessage));
$ret['ldapCreateLocalUser'] = get_site_option('ldapCreateLocalUser');
$ret['ldapSignupMessage'] = stripslashes(get_site_option('ldapSignupMessage', $defaultSignupMessage));
$ret['ldapGetPasswordMessage'] = stripslashes(get_site_option('ldapGetPasswordMessage', $defaultGetPasswordMessage));
$ret['ldapfixmetafor15'] = get_site_option('ldapfixmetafor15');
$ret['ldapfixdisplayname'] = get_site_option('ldapfixdisplayname');
$ret['ldapBulkAdd'] = get_site_option('ldapBulkAdd');
$ret['ldapAddUser'] = get_site_option('ldapAddUser');
$ret['ldapPublicDisplayName'] = get_site_option('ldapPublicDisplayName');
$ret['ldapAttributeMail'] = get_site_option('ldapAttributeMail', LDAP_DEFAULT_ATTRIBUTE_MAIL);
$ret['ldapAttributeGivenname'] = get_site_option('ldapAttributeGivenname', LDAP_DEFAULT_ATTRIBUTE_GIVENNAME);
$ret['ldapAttributeNickname'] = get_site_option('ldapAttributeNickname', LDAP_DEFAULT_ATTRIBUTE_NICKNAME);
$ret['ldapAttributeSn'] = get_site_option('ldapAttributeSn', LDAP_DEFAULT_ATTRIBUTE_SN);
$ret['ldapAttributePhone'] = get_site_option('ldapAttributePhone', LDAP_DEFAULT_ATTRIBUTE_PHONE);
$ret['ldapAttributeHomedir'] = get_site_option('ldapAttributeHomedir', LDAP_DEFAULT_ATTRIBUTE_HOMEDIR);
$ret['ldapAttributeMember'] = get_site_option('ldapAttributeMember', LDAP_DEFAULT_ATTRIBUTE_MEMBER);
$ret['ldapAttributeMemberNix'] = get_site_option('ldapAttributeMemberNix', LDAP_DEFAULT_ATTRIBUTE_MEMBERNIX);
$ret['ldapAttributeMacaddress'] = get_site_option('ldapAttributeMacaddress', LDAP_DEFAULT_ATTRIBUTE_MACADDRESS);
$ret['ldapAttributeDn'] = get_site_option('ldapAttributeDN', LDAP_DEFAULT_ATTRIBUTE_DN);
$ret['ldapAttributeNixSearch'] = get_site_option('ldapAttributeNixSearch', LDAP_DEFAULT_ATTRIBUTE_NIXSEARCH);
$ret['ldapAttributeWinSearch'] = get_site_option('ldapAttributeWinSearch', LDAP_DEFAULT_ATTRIBUTE_WINSEARCH);
$ret['ldapAttributeGroupObjectclass'] = get_site_option('ldapAttributeGroupObjectclass', LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS);
$ret['ldapAttributeGroupObjectclassNix'] = get_site_option('ldapAttributeGroupObjectclassNix', LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASSNIX);
$ret['ldapGroupAllowLogin'] = wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupAllowLogin', 'display' => 'web'));
$ret['ldapGroupAllowLoginCreate'] = wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupAllowLoginCreate', 'display' => 'web'));
$ret['ldapGroupDenyLogin'] = wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupDenyLogin', 'display' => 'web'));
return $ret;
}
function DoSearchUsername($in_username, $attributes_to_get, &$data)
{
$this->Dock();
if (get_site_option('ldapLinuxWindows')) {
$uid = get_site_option('ldapAttributeNixSearch', LDAP_DEFAULT_ATTRIBUTE_NIXSEARCH);
} else {
$uid = get_site_option('ldapAttributeWinSearch', LDAP_DEFAULT_ATTRIBUTE_WINSEARCH);
}
//Windows
$this->SetSearchCriteria("({$uid}={$in_username})", $attributes_to_get);
$this->Search();
$this->Disconnect();
if ($this->info['count'] > 0) {
$data[LDAP_INDEX_DN] = $this->info[0]["dn"];
$data[LDAP_INDEX_NAME] = $this->GetLDAPInfo(LDAP_INDEX_NAME);
$data[LDAP_INDEX_NICKNAME] = $this->GetLDAPInfo(LDAP_INDEX_NICKNAME);
$data[LDAP_INDEX_EMAIL] = $this->GetLDAPInfo(LDAP_INDEX_EMAIL);
$data[LDAP_INDEX_GIVEN_NAME] = $this->GetLDAPInfo(LDAP_INDEX_GIVEN_NAME);
$data[LDAP_INDEX_SURNAME] = $this->GetLDAPInfo(LDAP_INDEX_SURNAME);
$data[LDAP_INDEX_PHONE] = $this->GetLDAPInfo(LDAP_INDEX_PHONE);
// If deny group set and user found, return
$deny = $this->checkGroup($user_data[LDAP_INDEX_DN], wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupDenyLogin')));
if ($deny == LDAP_IN_GROUP) {
return LDAP_ERROR_DENIED_GROUP;
}
// If allow group set and user found,
$allow = $this->checkGroup($user_data[LDAP_INDEX_DN], wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupAllowLogin')));
if ($allow == LDAP_IN_GROUP) {
return LDAP_OK;
}
// found in group
if ($allow == LDAP_ERROR_NOT_IN_GROUP) {
return LDAP_ERROR_ACCESS_GROUP;
}
// not in group
// Default Catch
return LDAP_OK;
} else {
$data = null;
}
}
