function getWpmuLdapSiteOptions() { $defaultSignupMessage = 'Public sign-up has been disabled.'; $sysAdminEmail = get_site_option('admin_email'); $defaultGetPasswordMessage = <<<GetPasswordMsg Your account is tied to an account in the central directory. You cannot retrieve your password via email. Please contact the <a href="mailto:{$sysAdminEmail}">system administrator</a> for information on how to reset your password. GetPasswordMsg; $defaultLDAPEmailSubj = $defaultLocalEmailSubj = 'Blogging Account Created'; $defaultLDAPEmailMessage = 'Dear User, You have just been permitted to access a new blog! Username: USERNAME Login: LOGINLINK We hope you enjoy your new weblog. Thanks! --Wordpress'; $defaultLocalEmailMessage = 'Dear User, You have just been permitted to access a new blog! Username: USERNAME Password: PASSWORD Login: LOGINLINK We hope you enjoy your new weblog. Thanks! --Wordpress'; $ret = array(); $ret['ldapAuth'] = get_site_option('ldapAuth'); $ret['ldapSSOEnabled'] = get_site_option('ldapSSOEnabled'); $ret['ldapCreateAcct'] = get_site_option('ldapCreateAcct'); $ret['ldapCreateBlog'] = get_site_option('ldapCreateBlog'); $ret['ldapLinuxWindows'] = get_site_option('ldapLinuxWindows'); $ret['ldapServerAddr'] = get_site_option('ldapServerAddr'); $ret['ldapServerPort'] = get_site_option('ldapServerPort'); $ret['ldapServerOU'] = get_site_option('ldapServerOU'); $ret['ldapServerCN'] = get_site_option('ldapServerCN'); $ret['ldapEnableSSL'] = get_site_option('ldapEnableSSL'); $ret['ldapServerPass'] = get_site_option('ldapServerPass'); $ret['ldapDisableSignup'] = get_site_option('ldapDisableSignup'); $ret['ldapLocalEmail'] = get_site_option('ldapLocalEmail'); $ret['ldapLocalEmailSubj'] = get_site_option('ldapLocalEmailSubj', $defaultLocalEmailSubj); $ret['ldapLocalEmailMessage'] = stripslashes(get_site_option('ldapLocalEmailMessage', $defaultLocalEmailMessage)); $ret['ldapLDAPEmail'] = get_site_option('ldapLDAPEmail'); $ret['ldapLDAPEmailSubj'] = get_site_option('ldapLDAPEmailSubj', $defaultLDAPEmailSubj); $ret['ldapLDAPEmailMessage'] = stripslashes(get_site_option('ldapLDAPEmailMessage', $defaultLDAPEmailMessage)); $ret['ldapCreateLocalUser'] = get_site_option('ldapCreateLocalUser'); $ret['ldapSignupMessage'] = stripslashes(get_site_option('ldapSignupMessage', $defaultSignupMessage)); $ret['ldapGetPasswordMessage'] = stripslashes(get_site_option('ldapGetPasswordMessage', $defaultGetPasswordMessage)); $ret['ldapfixmetafor15'] = get_site_option('ldapfixmetafor15'); $ret['ldapfixdisplayname'] = get_site_option('ldapfixdisplayname'); $ret['ldapBulkAdd'] = get_site_option('ldapBulkAdd'); $ret['ldapAddUser'] = get_site_option('ldapAddUser'); $ret['ldapPublicDisplayName'] = get_site_option('ldapPublicDisplayName'); $ret['ldapAttributeMail'] = get_site_option('ldapAttributeMail', LDAP_DEFAULT_ATTRIBUTE_MAIL); $ret['ldapAttributeGivenname'] = get_site_option('ldapAttributeGivenname', LDAP_DEFAULT_ATTRIBUTE_GIVENNAME); $ret['ldapAttributeNickname'] = get_site_option('ldapAttributeNickname', LDAP_DEFAULT_ATTRIBUTE_NICKNAME); $ret['ldapAttributeSn'] = get_site_option('ldapAttributeSn', LDAP_DEFAULT_ATTRIBUTE_SN); $ret['ldapAttributePhone'] = get_site_option('ldapAttributePhone', LDAP_DEFAULT_ATTRIBUTE_PHONE); $ret['ldapAttributeHomedir'] = get_site_option('ldapAttributeHomedir', LDAP_DEFAULT_ATTRIBUTE_HOMEDIR); $ret['ldapAttributeMember'] = get_site_option('ldapAttributeMember', LDAP_DEFAULT_ATTRIBUTE_MEMBER); $ret['ldapAttributeMemberNix'] = get_site_option('ldapAttributeMemberNix', LDAP_DEFAULT_ATTRIBUTE_MEMBERNIX); $ret['ldapAttributeMacaddress'] = get_site_option('ldapAttributeMacaddress', LDAP_DEFAULT_ATTRIBUTE_MACADDRESS); $ret['ldapAttributeDn'] = get_site_option('ldapAttributeDN', LDAP_DEFAULT_ATTRIBUTE_DN); $ret['ldapAttributeNixSearch'] = get_site_option('ldapAttributeNixSearch', LDAP_DEFAULT_ATTRIBUTE_NIXSEARCH); $ret['ldapAttributeWinSearch'] = get_site_option('ldapAttributeWinSearch', LDAP_DEFAULT_ATTRIBUTE_WINSEARCH); $ret['ldapAttributeGroupObjectclass'] = get_site_option('ldapAttributeGroupObjectclass', LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASS); $ret['ldapAttributeGroupObjectclassNix'] = get_site_option('ldapAttributeGroupObjectclassNix', LDAP_DEFAULT_ATTRIBUTE_GROUP_OBJECTCLASSNIX); $ret['ldapGroupAllowLogin'] = wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupAllowLogin', 'display' => 'web')); $ret['ldapGroupAllowLoginCreate'] = wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupAllowLoginCreate', 'display' => 'web')); $ret['ldapGroupDenyLogin'] = wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupDenyLogin', 'display' => 'web')); return $ret; }
function DoSearchUsername($in_username, $attributes_to_get, &$data) { $this->Dock(); if (get_site_option('ldapLinuxWindows')) { $uid = get_site_option('ldapAttributeNixSearch', LDAP_DEFAULT_ATTRIBUTE_NIXSEARCH); } else { $uid = get_site_option('ldapAttributeWinSearch', LDAP_DEFAULT_ATTRIBUTE_WINSEARCH); } //Windows $this->SetSearchCriteria("({$uid}={$in_username})", $attributes_to_get); $this->Search(); $this->Disconnect(); if ($this->info['count'] > 0) { $data[LDAP_INDEX_DN] = $this->info[0]["dn"]; $data[LDAP_INDEX_NAME] = $this->GetLDAPInfo(LDAP_INDEX_NAME); $data[LDAP_INDEX_NICKNAME] = $this->GetLDAPInfo(LDAP_INDEX_NICKNAME); $data[LDAP_INDEX_EMAIL] = $this->GetLDAPInfo(LDAP_INDEX_EMAIL); $data[LDAP_INDEX_GIVEN_NAME] = $this->GetLDAPInfo(LDAP_INDEX_GIVEN_NAME); $data[LDAP_INDEX_SURNAME] = $this->GetLDAPInfo(LDAP_INDEX_SURNAME); $data[LDAP_INDEX_PHONE] = $this->GetLDAPInfo(LDAP_INDEX_PHONE); // If deny group set and user found, return $deny = $this->checkGroup($user_data[LDAP_INDEX_DN], wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupDenyLogin'))); if ($deny == LDAP_IN_GROUP) { return LDAP_ERROR_DENIED_GROUP; } // If allow group set and user found, $allow = $this->checkGroup($user_data[LDAP_INDEX_DN], wpmuLdapGroupsGet(array('siteoption' => 'ldapGroupAllowLogin'))); if ($allow == LDAP_IN_GROUP) { return LDAP_OK; } // found in group if ($allow == LDAP_ERROR_NOT_IN_GROUP) { return LDAP_ERROR_ACCESS_GROUP; } // not in group // Default Catch return LDAP_OK; } else { $data = null; } }