/**
* Constructor.
*
* @author Andreas Gohr <*****@*****.**>
*/
function DokuHTTPClient()
{
global $conf;
// call parent constructor
$this->HTTPClient();
// set some values from the config
$this->proxy_host = $conf['proxy']['host'];
$this->proxy_port = $conf['proxy']['port'];
$this->proxy_user = $conf['proxy']['user'];
$this->proxy_pass = conf_decodeString($conf['proxy']['pass']);
$this->proxy_ssl = $conf['proxy']['ssl'];
}
/**
* Constructor.
*/
public function __construct()
{
parent::__construct();
// for compatibility
if (!class_exists('PDO')) {
$this->_debug('PDO extension for PHP not found.', -1, __LINE__);
$this->success = false;
return;
}
if (!$this->getConf('dsn')) {
$this->_debug('No DSN specified', -1, __LINE__);
$this->success = false;
return;
}
try {
$this->pdo = new PDO($this->getConf('dsn'), $this->getConf('user'), conf_decodeString($this->getConf('pass')), array(PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, PDO::ATTR_EMULATE_PREPARES => true, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
} catch (PDOException $e) {
$this->_debug($e);
msg($this->getLang('connectfail'), -1);
$this->success = false;
return;
}
// can Users be created?
$this->cando['addUser'] = $this->_chkcnf(array('select-user', 'select-user-groups', 'select-groups', 'insert-user', 'insert-group', 'join-group'));
// can Users be deleted?
$this->cando['delUser'] = $this->_chkcnf(array('select-user', 'select-user-groups', 'select-groups', 'leave-group', 'delete-user'));
// can login names be changed?
$this->cando['modLogin'] = $this->_chkcnf(array('select-user', 'select-user-groups', 'update-user-login'));
// can passwords be changed?
$this->cando['modPass'] = $this->_chkcnf(array('select-user', 'select-user-groups', 'update-user-pass'));
// can real names be changed?
$this->cando['modName'] = $this->_chkcnf(array('select-user', 'select-user-groups', 'update-user-info:name'));
// can real email be changed?
$this->cando['modMail'] = $this->_chkcnf(array('select-user', 'select-user-groups', 'update-user-info:mail'));
// can groups be changed?
$this->cando['modGroups'] = $this->_chkcnf(array('select-user', 'select-user-groups', 'select-groups', 'leave-group', 'join-group', 'insert-group'));
// can a filtered list of users be retrieved?
$this->cando['getUsers'] = $this->_chkcnf(array('list-users'));
// can the number of users be retrieved?
$this->cando['getUserCount'] = $this->_chkcnf(array('count-users'));
// can a list of available groups be retrieved?
$this->cando['getGroups'] = $this->_chkcnf(array('select-groups'));
$this->success = true;
}
/**
* Constructor.
*
* @author Andreas Gohr <*****@*****.**>
*/
function __construct()
{
global $conf;
// call parent constructor
parent::__construct();
// set some values from the config
$this->proxy_host = $conf['proxy']['host'];
$this->proxy_port = $conf['proxy']['port'];
$this->proxy_user = $conf['proxy']['user'];
$this->proxy_pass = conf_decodeString($conf['proxy']['pass']);
$this->proxy_ssl = $conf['proxy']['ssl'];
$this->proxy_except = $conf['proxy']['except'];
// allow enabling debugging via URL parameter (if debugging allowed)
if ($conf['allowdebug']) {
if (isset($_REQUEST['httpdebug']) || isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], 'httpdebug') !== false) {
$this->debug = true;
}
}
}
/**
* Opens a connection to the configured LDAP server and sets the wanted
* option on the connection
*
* @author Andreas Gohr <*****@*****.**>
*/
protected function _openLDAP()
{
if ($this->con) {
return true;
}
// connection already established
if ($this->getConf('debug')) {
ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);
}
$this->bound = 0;
$port = $this->getConf('port');
$bound = false;
$servers = explode(',', $this->getConf('server'));
foreach ($servers as $server) {
$server = trim($server);
$this->con = @ldap_connect($server, $port);
if (!$this->con) {
continue;
}
/*
* When OpenLDAP 2.x.x is used, ldap_connect() will always return a resource as it does
* not actually connect but just initializes the connecting parameters. The actual
* connect happens with the next calls to ldap_* funcs, usually with ldap_bind().
*
* So we should try to bind to server in order to check its availability.
*/
//set protocol version and dependend options
if ($this->getConf('version')) {
if (!@ldap_set_option($this->con, LDAP_OPT_PROTOCOL_VERSION, $this->getConf('version'))) {
msg('Setting LDAP Protocol version ' . $this->getConf('version') . ' failed', -1);
$this->_debug('LDAP version set: ' . htmlspecialchars(ldap_error($this->con)), 0, __LINE__, __FILE__);
} else {
//use TLS (needs version 3)
if ($this->getConf('starttls')) {
if (!@ldap_start_tls($this->con)) {
msg('Starting TLS failed', -1);
$this->_debug('LDAP TLS set: ' . htmlspecialchars(ldap_error($this->con)), 0, __LINE__, __FILE__);
}
}
// needs version 3
if ($this->getConf('referrals') > -1) {
if (!@ldap_set_option($this->con, LDAP_OPT_REFERRALS, $this->getConf('referrals'))) {
msg('Setting LDAP referrals failed', -1);
$this->_debug('LDAP referal set: ' . htmlspecialchars(ldap_error($this->con)), 0, __LINE__, __FILE__);
}
}
}
}
//set deref mode
if ($this->getConf('deref')) {
if (!@ldap_set_option($this->con, LDAP_OPT_DEREF, $this->getConf('deref'))) {
msg('Setting LDAP Deref mode ' . $this->getConf('deref') . ' failed', -1);
$this->_debug('LDAP deref set: ' . htmlspecialchars(ldap_error($this->con)), 0, __LINE__, __FILE__);
}
}
/* As of PHP 5.3.0 we can set timeout to speedup skipping of invalid servers */
if (defined('LDAP_OPT_NETWORK_TIMEOUT')) {
ldap_set_option($this->con, LDAP_OPT_NETWORK_TIMEOUT, 1);
}
if ($this->getConf('binddn') && $this->getConf('bindpw')) {
$bound = @ldap_bind($this->con, $this->getConf('binddn'), conf_decodeString($this->getConf('bindpw')));
$this->bound = 2;
} else {
$bound = @ldap_bind($this->con);
}
if ($bound) {
break;
}
}
if (!$bound) {
msg("LDAP: couldn't connect to LDAP server", -1);
$this->_debug(ldap_error($this->con), 0, __LINE__, __FILE__);
return false;
}
$this->cando['getUsers'] = true;
return true;
}
/**
* Creates a directory using FTP
*
* This is used when the safemode workaround is enabled
*
* @author <*****@*****.**>
*/
function io_mkdir_ftp($dir)
{
global $conf;
if (!function_exists('ftp_connect')) {
msg("FTP support not found - safemode workaround not usable", -1);
return false;
}
$conn = @ftp_connect($conf['ftp']['host'], $conf['ftp']['port'], 10);
if (!$conn) {
msg("FTP connection failed", -1);
return false;
}
if (!@ftp_login($conn, $conf['ftp']['user'], conf_decodeString($conf['ftp']['pass']))) {
msg("FTP login failed", -1);
return false;
}
//create directory
$ok = @ftp_mkdir($conn, $dir);
//set permissions
@ftp_site($conn, sprintf("CHMOD %04o %s", $conf['dmode'], $dir));
@ftp_close($conn);
return $ok;
}
/**
* Fetch the configuration for the given AD domain
*
* @param string $domain current AD domain
* @return array
*/
protected function _loadServerConfig($domain)
{
// prepare adLDAP standard configuration
$opts = $this->conf;
$opts['domain'] = $domain;
// add possible domain specific configuration
if ($domain && is_array($this->conf[$domain])) {
foreach ($this->conf[$domain] as $key => $val) {
$opts[$key] = $val;
}
}
// handle multiple AD servers
$opts['domain_controllers'] = explode(',', $opts['domain_controllers']);
$opts['domain_controllers'] = array_map('trim', $opts['domain_controllers']);
$opts['domain_controllers'] = array_filter($opts['domain_controllers']);
// compatibility with old option name
if (empty($opts['admin_username']) && !empty($opts['ad_username'])) {
$opts['admin_username'] = $opts['ad_username'];
}
if (empty($opts['admin_password']) && !empty($opts['ad_password'])) {
$opts['admin_password'] = $opts['ad_password'];
}
$opts['admin_password'] = conf_decodeString($opts['admin_password']);
// deobfuscate
// we can change the password if SSL is set
if ($opts['use_ssl'] || $opts['use_tls']) {
$this->cando['modPass'] = true;
} else {
$this->cando['modPass'] = false;
}
// adLDAP expects empty user/pass as NULL, we're less strict FS#2781
if (empty($opts['admin_username'])) {
$opts['admin_username'] = null;
}
if (empty($opts['admin_password'])) {
$opts['admin_password'] = null;
}
// user listing needs admin priviledges
if (!empty($opts['admin_username']) && !empty($opts['admin_password'])) {
$this->cando['getUsers'] = true;
} else {
$this->cando['getUsers'] = false;
}
return $opts;
}
/**
* Opens a connection to a database and saves the handle for further
* usage in the object. The successful call to this functions is
* essential for most functions in this object.
*
* @author Matthias Grimm <*****@*****.**>
*
* @return bool
*/
protected function _openDB()
{
if (!$this->dbcon) {
$con = @mysql_connect($this->getConf('server'), $this->getConf('user'), conf_decodeString($this->getConf('password')));
if ($con) {
if (mysql_select_db($this->getConf('database'), $con)) {
if (preg_match('/^(\\d+)\\.(\\d+)\\.(\\d+).*/', mysql_get_server_info($con), $result) == 1) {
$this->dbver = $result[1];
$this->dbrev = $result[2];
$this->dbsub = $result[3];
}
$this->dbcon = $con;
if ($this->getConf('charset')) {
mysql_query('SET CHARACTER SET "' . $this->getConf('charset') . '"', $con);
}
return true;
// connection and database successfully opened
} else {
mysql_close($con);
$this->_debug("MySQL err: No access to database {$this->getConf('database')}.", -1, __LINE__, __FILE__);
}
} else {
$this->_debug("MySQL err: Connection to {$this->getConf('user')}@{$this->getConf('server')} not possible.", -1, __LINE__, __FILE__);
}
return false;
// connection failed
}
return true;
// connection already open
}
/**
* Opens a connection to a database and saves the handle for further
* usage in the object. The successful call to this functions is
* essential for most functions in this object.
*
* @author Matthias Grimm <*****@*****.**>
*
* @return bool
*/
protected function _openDB()
{
if (!$this->dbcon) {
$dsn = $this->conf['server'] ? 'host=' . $this->conf['server'] : '';
$dsn .= ' port=' . $this->conf['port'];
$dsn .= ' dbname=' . $this->conf['database'];
$dsn .= ' user='******'user'];
$dsn .= ' password='******'password']);
$con = @pg_connect($dsn);
if ($con) {
$this->dbcon = $con;
return true;
// connection and database successfully opened
} else {
$this->_debug("PgSQL err: Connection to {$this->conf['user']}@{$this->conf['server']} not possible.", -1, __LINE__, __FILE__);
}
return false;
// connection failed
}
return true;
// connection already open
}
