/** * Changes a user's password inside the LDAP * * @param CUser $user The user * @param string $old_pass The user's old password * @param string $new_pass The user's new password * @param string $encryption Encryption type: Unicode or MD5 or SHA * * @return boolean Success */ static function changePassword(CUser $user, $old_pass, $new_pass, $encryption = "Unicode") { if (!in_array($encryption, array("Unicode", "MD5", "SHA"))) { return false; } $source_ldap = CLDAP::connect(); if (!$source_ldap) { return false; } if (!$source_ldap->secured) { $source_ldap->start_tls(); } $bound = $source_ldap->ldap_bind($source_ldap->_ldapconn, $user->user_username, $old_pass); if (!$bound) { return false; } $entry = array(); switch ($encryption) { case "Unicode": $entry["unicodePwd"][0] = self::encodeUnicodePassword($new_pass); break; case "MD5": $new_pass = md5($new_pass); $entry["userPassword"] = "******" . base64_encode(pack("H*", $new_pass)); break; case "SHA": $new_pass = sha1($new_pass); $entry["userPassword"] = "******" . base64_encode(pack("H*", $new_pass)); break; } $dn = $source_ldap->get_dn($user->user_username); return $source_ldap->ldap_mod_replace($source_ldap->_ldapconn, $dn, $entry); }