$objectclass = $conf->global->LDAP_CONTACT_OBJECT_CLASS;
show_ldap_test_button($butlabel, $testlabel, $key, $dn, $objectclass);
if (function_exists("ldap_connect")) {
    if ($_GET["action"] == 'test') {
        // Creation objet
        $object = new Contact($db);
        $object->initAsSpecimen();
        // Test synchro
        $ldap = new Ldap();
        $result = $ldap->connect_bind();
        if ($result > 0) {
            $info = $object->_load_ldap_info();
            $dn = $object->_load_ldap_dn($info);
            $result1 = $ldap->delete($dn);
            // To be sure to delete existing records
            $result2 = $ldap->add($dn, $info, $user);
            // Now the test
            $result3 = $ldap->delete($dn);
            // Clean what we did
            if ($result2 > 0) {
                print img_picto('', 'info') . ' ';
                print '<font class="ok">' . $langs->trans("LDAPSynchroOK") . '</font><br>';
            } else {
                print img_picto('', 'error') . ' ';
                print '<font class="error">' . $langs->trans("LDAPSynchroKOMayBePermissions");
                print ': ' . $ldap->error;
                print '</font><br>';
                print $langs->trans("ErrorLDAPMakeManualTest", $conf->ldap->dir_temp) . '<br>';
            }
            print "<br>\n";
            print "LDAP input file used for test:<br><br>\n";
		$fgroup = new UserGroup($db);
		$fgroup->id = $obj->rowid;
		$fgroup->fetch($fgroup->id);

		print $langs->trans("UpdateGroup")." rowid=".$fgroup->id." ".$fgroup->name;

		$oldobject=$fgroup;

	    $oldinfo=$oldobject->_load_ldap_info();
	    $olddn=$oldobject->_load_ldap_dn($oldinfo);

	    $info=$fgroup->_load_ldap_info();
		$dn=$fgroup->_load_ldap_dn($info);

		$result=$ldap->add($dn,$info,$user);	// Wil fail if already exists
		$result=$ldap->update($dn,$info,$user,$olddn);
		if ($result > 0)
		{
			print " - ".$langs->trans("OK");
		}
		else
		{
			$error++;
			print " - ".$langs->trans("KO").' - '.$ldap->error;
		}
		print "\n";

		$i++;
	}
 /**
  *      Function called when a Dolibarrr business event is done.
  *      All functions "run_trigger" are triggered if file is inside directory htdocs/includes/triggers
  *      @param      action      Event code (COMPANY_CREATE, PROPAL_VALIDATE, ...)
  *      @param      object      Object action is done on
  *      @param      user        Object user
  *      @param      langs       Object langs
  *      @param      conf        Object conf
  *      @return     int         <0 if KO, 0 if no action are done, >0 if OK
  */
 function run_trigger($action, $object, $user, $langs, $conf)
 {
     if (empty($conf->ldap->enabled)) {
         return 0;
     }
     // Module not active, we do nothing
     if (!function_exists('ldap_connect')) {
         dol_syslog("Warning, module LDAP is enabled but LDAP functions not available in this PHP", LOG_WARNING);
         return 0;
     }
     // Users
     if ($action == 'USER_CREATE') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->add($dn, $info, $user);
             if ($result < 0) {
                 $this->error = "ErrorLDAP" . " " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'USER_MODIFY') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $oldinfo = $object->oldcopy->_load_ldap_info();
             $olddn = $object->oldcopy->_load_ldap_dn($oldinfo);
             // Verify if entry exist
             $container = $object->oldcopy->_load_ldap_dn($oldinfo, 1);
             $search = "(" . $object->oldcopy->_load_ldap_dn($oldinfo, 2) . ")";
             $records = $ldap->search($container, $search);
             if (sizeof($records) && $records['count'] == 0) {
                 $olddn = '';
             }
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->update($dn, $info, $user, $olddn);
             if ($result < 0) {
                 $this->error = "ErrorLDAP" . " " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'USER_NEW_PASSWORD') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $oldinfo = $object->oldcopy->_load_ldap_info();
             $olddn = $object->oldcopy->_load_ldap_dn($oldinfo);
             // Verify if entry exist
             $container = $object->oldcopy->_load_ldap_dn($oldinfo, 1);
             $search = "(" . $object->oldcopy->_load_ldap_dn($oldinfo, 2) . ")";
             $records = $ldap->search($container, $search);
             if (sizeof($records) && $records['count'] == 0) {
                 $olddn = '';
             }
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->update($dn, $info, $user, $olddn);
             if ($result < 0) {
                 $this->error = "ErrorLDAP" . " " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'USER_ENABLEDISABLE') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
     } elseif ($action == 'USER_DELETE') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->delete($dn, $info, $user);
             if ($result < 0) {
                 $this->error = "ErrorLDAP" . " " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'GROUP_CREATE') {
         if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             // Get a gid number for objectclass PosixGroup
             if (in_array('posixGroup', $info['objectclass'])) {
                 $info['gidNumber'] = $ldap->getNextGroupGid();
             }
             $result = $ldap->add($dn, $info, $user);
             if ($result < 0) {
                 $this->error = "ErrorLDAP" . " " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'GROUP_MODIFY') {
         if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $oldinfo = $object->oldcopy->_load_ldap_info();
             $olddn = $object->oldcopy->_load_ldap_dn($oldinfo);
             // Verify if entry exist
             $container = $object->oldcopy->_load_ldap_dn($oldinfo, 1);
             $search = "(" . $object->oldcopy->_load_ldap_dn($oldinfo, 2) . ")";
             $records = $ldap->search($container, $search);
             if (sizeof($records) && $records['count'] == 0) {
                 $olddn = '';
             }
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->update($dn, $info, $user, $olddn);
             if ($result < 0) {
                 $this->error = "ErrorLDAP" . " " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'GROUP_DELETE') {
         if ($conf->ldap->enabled && $conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->delete($dn, $info, $user);
             if ($result < 0) {
                 $this->error = "ErrorLDAP" . " " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'CONTACT_CREATE') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if ($conf->ldap->enabled && $conf->global->LDAP_CONTACT_ACTIVE) {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->add($dn, $info, $user);
             if ($result < 0) {
                 $this->error = "ErrorLDAP" . " " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'CONTACT_MODIFY') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if ($conf->ldap->enabled && $conf->global->LDAP_CONTACT_ACTIVE) {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $oldinfo = $object->oldcopy->_load_ldap_info();
             $olddn = $object->oldcopy->_load_ldap_dn($oldinfo);
             // Verify if entry exist
             $container = $object->oldcopy->_load_ldap_dn($oldinfo, 1);
             $search = "(" . $object->oldcopy->_load_ldap_dn($oldinfo, 2) . ")";
             $records = $ldap->search($container, $search);
             if (sizeof($records) && $records['count'] == 0) {
                 $olddn = '';
             }
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->update($dn, $info, $user, $olddn);
             if ($result < 0) {
                 $this->error = "ErrorLDAP" . " " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'CONTACT_DELETE') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if ($conf->ldap->enabled && $conf->global->LDAP_CONTACT_ACTIVE) {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->delete($dn, $info, $user);
             if ($result < 0) {
                 $this->error = "ErrorLDAP" . " " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'MEMBER_CREATE') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if ($conf->ldap->enabled && $conf->global->LDAP_MEMBER_ACTIVE) {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->add($dn, $info, $user);
             if ($result < 0) {
                 $this->error = "ErrorLDAP" . " " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'MEMBER_VALIDATE') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if ($conf->ldap->enabled && $conf->global->LDAP_MEMBER_ACTIVE) {
             # If status field is setup to be synchronized
             if ($conf->global->LDAP_FIELD_MEMBER_STATUS) {
                 $ldap = new Ldap();
                 $ldap->connect_bind();
                 $info = $object->_load_ldap_info();
                 $dn = $object->_load_ldap_dn($info);
                 $olddn = $dn;
                 // We know olddn=dn as we change only status
                 $result = $ldap->update($dn, $info, $user, $olddn);
                 if ($result < 0) {
                     $this->error = "ErrorLDAP" . " " . $ldap->error;
                 }
                 return $result;
             }
         }
     } elseif ($action == 'MEMBER_SUBSCRIPTION') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if ($conf->ldap->enabled && $conf->global->LDAP_MEMBER_ACTIVE) {
             # If subscriptions fields are setup to be synchronized
             if ($conf->global->LDAP_FIELD_MEMBER_FIRSTSUBSCRIPTION_DATE || $conf->global->LDAP_FIELD_MEMBER_FIRSTSUBSCRIPTION_AMOUNT || $conf->global->LDAP_FIELD_MEMBER_LASTSUBSCRIPTION_DATE || $conf->global->LDAP_FIELD_MEMBER_LASTSUBSCRIPTION_AMOUNT || $conf->global->LDAP_FIELD_MEMBER_END_LASTSUBSCRIPTION) {
                 $ldap = new Ldap();
                 $ldap->connect_bind();
                 $info = $object->_load_ldap_info();
                 $dn = $object->_load_ldap_dn($info);
                 $olddn = $dn;
                 // We know olddn=dn as we change only subscriptions
                 $result = $ldap->update($dn, $info, $user, $olddn);
                 if ($result < 0) {
                     $this->error = "ErrorLDAP" . " " . $ldap->error;
                 }
                 return $result;
             }
         }
     } elseif ($action == 'MEMBER_MODIFY') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if ($conf->ldap->enabled && $conf->global->LDAP_MEMBER_ACTIVE) {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $oldinfo = $object->oldcopy->_load_ldap_info();
             $olddn = $object->oldcopy->_load_ldap_dn($oldinfo);
             // Verify if entry exist
             $container = $object->oldcopy->_load_ldap_dn($oldinfo, 1);
             $search = "(" . $object->oldcopy->_load_ldap_dn($oldinfo, 2) . ")";
             $records = $ldap->search($container, $search);
             if (sizeof($records) && $records['count'] == 0) {
                 $olddn = '';
             }
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->update($dn, $info, $user, $olddn);
             if ($result < 0) {
                 $this->error = "ErrorLDAP" . " " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'MEMBER_NEW_PASSWORD') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if ($conf->ldap->enabled && $conf->global->LDAP_MEMBER_ACTIVE) {
             # If password field is setup to be synchronized
             if ($conf->global->LDAP_FIELD_PASSWORD || $conf->global->LDAP_FIELD_PASSWORD_CRYPTED) {
                 $ldap = new Ldap();
                 $ldap->connect_bind();
                 $info = $object->_load_ldap_info();
                 $dn = $object->_load_ldap_dn($info);
                 $olddn = $dn;
                 // We know olddn=dn as we change only password
                 $result = $ldap->update($dn, $info, $user, $olddn);
                 if ($result < 0) {
                     $this->error = "ErrorLDAP" . " " . $ldap->error;
                 }
                 return $result;
             }
         }
     } elseif ($action == 'MEMBER_RESILIATE') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if ($conf->ldap->enabled && $conf->global->LDAP_MEMBER_ACTIVE) {
             # If status field is setup to be synchronized
             if ($conf->global->LDAP_FIELD_MEMBER_STATUS) {
                 $ldap = new Ldap();
                 $ldap->connect_bind();
                 $info = $object->_load_ldap_info();
                 $dn = $object->_load_ldap_dn($info);
                 $olddn = $dn;
                 // We know olddn=dn as we change only status
                 $result = $ldap->update($dn, $info, $user, $olddn);
                 if ($result < 0) {
                     $this->error = "ErrorLDAP" . " " . $ldap->error;
                 }
                 return $result;
             }
         }
     } elseif ($action == 'MEMBER_DELETE') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if ($conf->ldap->enabled && $conf->global->LDAP_MEMBER_ACTIVE) {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->delete($dn, $info, $user);
             if ($result < 0) {
                 $this->error = "ErrorLDAP" . " " . $ldap->error;
             }
             return $result;
         }
     }
     // If not found
     /*
             else
             {
                 dol_syslog("Trigger '".$this->name."' for action '$action' was ran by ".__FILE__." but no handler found for this action.");
     			return -1;
             }
     */
     return 0;
 }
示例#4
0
	{
		// Creation objet
		$object=new UserGroup($db);
		$object->initAsSpecimen();

		// Test synchro
		$ldap=new Ldap();
		$result=$ldap->connect_bind();

		if ($result > 0)
		{
			$info=$object->_load_ldap_info();
			$dn=$object->_load_ldap_dn($info);

			$result1=$ldap->delete($dn);			// To be sure to delete existing records
			$result2=$ldap->add($dn,$info,$user);	// Now the test
			$result3=$ldap->delete($dn);			// Clean what we did

			if ($result2 > 0)
			{
				print img_picto('','info').' ';
				print '<font class="ok">'.$langs->trans("LDAPSynchroOK").'</font><br>';
			}
			else
			{
				print img_picto('','error').' ';
				print '<font class="error">'.$langs->trans("LDAPSynchroKOMayBePermissions");
				print ': '.$ldap->error;
				print '</font><br>';
				print $langs->trans("ErrorLDAPMakeManualTest",$conf->ldap->dir_temp).'<br>';
			}
示例#5
0
Ldap::delete($connection, 'chewbacca', "ou=StarWars,{$dc}");
Ldap::deleteGroup($connection, 'Jedi', "ou=RebelAlliance,ou=StarWars,{$dc}");
Ldap::deleteGroup($connection, 'RebelAlliance', "ou=StarWars,{$dc}");
Ldap::deleteGroup($connection, 'Sith', "ou=GalacticEmpire,ou=StarWars,{$dc}");
Ldap::deleteGroup($connection, 'GalacticEmpire', "ou=StarWars,{$dc}");
Ldap::deleteGroup($connection, 'Rogues', "ou=StarWars,{$dc}");
Ldap::deleteGroup($connection, 'StarWars', $dc);
Ldap::addGroup($connection, 'StarWars', $dc);
$chewbaccaDN = Ldap::add($connection, 'chewbacca', '{MD5}' . base64_encode(pack('H*', md5('aaawwwwrrrkk'))), "ou=StarWars,{$dc}", 'Chewbacca', 'Chewbacca', array('givenName' => 'Chewbacca', 'displayName' => 'Chewbacca the Wokiee', 'ou' => array('StarWars', 'Rogues', 'RebelAlliance'), 'mail' => array('*****@*****.**')));
$hanSoloDN = Ldap::add($connection, 'han.solo', '{MD5}' . base64_encode(pack('H*', md5('leiaishot'))), "ou=StarWars,{$dc}", 'Solo', 'Han Solo', array('givenName' => 'Han', 'displayName' => 'He who shot first', 'ou' => array('StarWars', 'Rogues', 'RebelAlliance'), 'mail' => array('*****@*****.**')));
$princessLeiaDN = Ldap::add($connection, 'leia', '{MD5}' . base64_encode(pack('H*', md5('bunhead'))), "ou=StarWars,{$dc}", 'Organa', 'Leia Organa', array('givenName' => 'Leia', 'displayName' => 'Princess Leia', 'ou' => array('StarWars', 'RebelAlliance'), 'mail' => array('*****@*****.**')));
$darthVaderDN = Ldap::add($connection, 'darth.vader', '{MD5}' . base64_encode(pack('H*', md5('whosyourdaddy'))), "ou=StarWars,{$dc}", 'Skywalker', 'Anakin Skywalker', array('givenName' => 'Anakin', 'displayName' => 'Darth Vader', 'ou' => array('StarWars', 'GalacticEmpire', 'Sith'), 'mail' => array('*****@*****.**')));
$jabbaTheHuttDN = Ldap::add($connection, 'jabba.thehutt', '{MD5}' . base64_encode(pack('H*', md5('wishihadlegs'))), "ou=StarWars,{$dc}", 'Hutt', 'Jabba Hutt', array('givenName' => 'Jabba', 'displayName' => 'Jabba the Hutt', 'ou' => array('Hutts'), 'mail' => array('*****@*****.**')));
$obiWanDN = Ldap::add($connection, 'obi.wan', '{MD5}' . base64_encode(pack('H*', md5('thesearenotthedroids'))), "ou=StarWars,{$dc}", 'Kenobi', 'Obi Wan Kenobi', array('givenName' => 'Obi Wan', 'displayName' => 'Obi Wan Kenobi', 'ou' => array('StarWars', 'RebelAlliance', 'Jedi'), 'seeAlso' => array("ou=StarWars,{$dc}", "ou=RebelAlliance,ou=StarWars,{$dc}", "ou=Jedi,ou=RebelAlliance,ou=StarWars,{$dc}"), 'mail' => array('*****@*****.**')));
$bobaFettDN = Ldap::add($connection, 'boba.fett', '{MD5}' . base64_encode(pack('H*', md5('ihatesarlacs'))), "ou=StarWars,{$dc}", 'Fett', 'Boba Fett', array('givenName' => 'Boba', 'displayName' => 'Boba Fett', 'ou' => array('StarWars', 'Rogues'), 'seeAlso' => array("ou=StarWars,{$dc}", "ou=Rogues,ou=StarWars,{$dc}"), 'mail' => array('*****@*****.**')));
$yodaDN = Ldap::add($connection, 'yoda', '{MD5}' . base64_encode(pack('H*', md5('dagobah4eva'))), "ou=StarWars,{$dc}", 'Yoda', 'Yoda', array('givenName' => 'Yoda', 'displayName' => 'Yoda', 'ou' => array('StarWars', 'RebelAlliance', 'Jedi'), 'seeAlso' => array("ou=StarWars,{$dc}", "ou=RebelAlliance,ou=StarWars,{$dc}", "ou=Jedi,ou=RebelAlliance,ou=StarWars,{$dc}"), 'mail' => array('*****@*****.**')));
Ldap::addGroup($connection, 'RebelAlliance', "ou=StarWars,{$dc}", array('seeAlso' => array($princessLeiaDN, $chewbaccaDN, $hanSoloDN, $obiWanDN, $yodaDN)));
Ldap::addGroup($connection, 'Rogues', "ou=StarWars,{$dc}", array('seeAlso' => array($chewbaccaDN, $hanSoloDN)));
Ldap::addGroup($connection, 'GalacticEmpire', "ou=StarWars,{$dc}", array('seeAlso' => array($darthVaderDN)));
Ldap::addGroup($connection, 'Sith', "ou=GalacticEmpire,ou=StarWars,{$dc}", array('seeAlso' => array($darthVaderDN)));
Ldap::addGroup($connection, 'Jedi', "ou=RebelAlliance,ou=StarWars,{$dc}", array('seeAlso' => array($obiWanDN, $yodaDN)));
// This dumps all the LDAP data
// Ldap::fetchAll( $connection, $dc );
Ldap::close($connection);
/**
 * Support for LDAP functions connect, add, delete and get_entries.
 */
class Ldap
{
    /**
     * Connects to an LDAP server specified by $uri, with admin $user and $password.
示例#6
0
Ldap::delete($connection, 'john.doe', $dc);
Ldap::delete($connection, 'jan.modaal', $dc);
Ldap::delete($connection, 'zhang.san', $dc);
Ldap::delete($connection, 'johnny.doe', "ou=Users,{$dc}");
Ldap::delete($connection, 'hans.mustermann', $dc);
Ldap::delete($connection, 'Ruşinică Piţigoi', $dc);
Ldap::deleteGroup($connection, 'Users', $dc);
Ldap::addGroup($connection, 'Users', $dc);
Ldap::add($connection, 'john.doe', '{CRYPT}' . crypt('foobar'), $dc);
Ldap::add($connection, 'jan.modaal', '{SHA}' . base64_encode(pack('H*', sha1('qwerty'))), $dc);
Ldap::add($connection, 'zhang.san', '{MD5}' . base64_encode(pack('H*', md5('asdfgh'))), $dc);
Ldap::add($connection, 'johnny.doe', '{MD5}' . base64_encode(pack('H*', md5('12345'))), "ou=Users,{$dc}", array('displayName' => 'Johnny Doe', 'ou' => array('Users')));
//Ldap::add( $connection, 'jan.modaal', '{SHA}' . base64_encode( sha1( 'qwerty' ) ), $dc );
//Ldap::add( $connection, 'zhang.san', '{MD5}' . base64_encode( md5( 'asdfgh' ) ), $dc );
Ldap::add($connection, 'hans.mustermann', 'abcdef', $dc);
Ldap::add($connection, 'Ruşinică Piţigoi', '12345', $dc);
Ldap::fetchAll($connection, $dc);
Ldap::close($connection);
/**
 * Support for LDAP functions connect, add, delete and get_entries.
 */
class Ldap
{
    /**
     * Connects to an LDAP server specified by $uri, with admin $user and $password.
     *
     * Returns a resource which can be used in LDAP functions like add, delete, search.
     *
     * @param string $uri Uri for LDAP, such as 'ldap://example.com'
     * @param string $format Format for an entry, like 'cn=%s,dc=example,dc=com'. %s is a literal placeholder for username
     * @param string $user Admin username
 /**
  * Function called when a Dolibarrr business event is done.
  * All functions "runTrigger" are triggered if file is inside directory htdocs/core/triggers or htdocs/module/code/triggers (and declared)
  *
  * @param string		$action		Event action code
  * @param Object		$object     Object
  * @param User		    $user       Object user
  * @param Translate 	$langs      Object langs
  * @param conf		    $conf       Object conf
  * @return int         				<0 if KO, 0 if no triggered ran, >0 if OK
  */
 public function runTrigger($action, $object, User $user, Translate $langs, Conf $conf)
 {
     if (empty($conf->ldap->enabled)) {
         return 0;
     }
     // Module not active, we do nothing
     if (!function_exists('ldap_connect')) {
         dol_syslog("Warning, module LDAP is enabled but LDAP functions not available in this PHP", LOG_WARNING);
         return 0;
     }
     // Users
     if ($action == 'USER_CREATE') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->add($dn, $info, $user);
             if ($result < 0) {
                 $this->error = "ErrorLDAP " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'USER_MODIFY') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') {
             $ldap = new Ldap();
             $ldap->connect_bind();
             if (empty($object->oldcopy) || !is_object($object->oldcopy)) {
                 dol_syslog("Trigger " . $action . " was called by a function that did not set previously the property ->oldcopy onto object", LOG_WARNING);
                 $object->oldcopy = dol_clone($object);
             }
             $oldinfo = $object->oldcopy->_load_ldap_info();
             $olddn = $object->oldcopy->_load_ldap_dn($oldinfo);
             // Verify if entry exist
             $container = $object->oldcopy->_load_ldap_dn($oldinfo, 1);
             $search = "(" . $object->oldcopy->_load_ldap_dn($oldinfo, 2) . ")";
             $records = $ldap->search($container, $search);
             if (count($records) && $records['count'] == 0) {
                 $olddn = '';
             }
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->update($dn, $info, $user, $olddn);
             if ($result < 0) {
                 $this->error = "ErrorLDAP " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'USER_NEW_PASSWORD') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') {
             $ldap = new Ldap();
             $ldap->connect_bind();
             if (empty($object->oldcopy) || !is_object($object->oldcopy)) {
                 dol_syslog("Trigger " . $action . " was called by a function that did not set previously the property ->oldcopy onto object", LOG_WARNING);
                 $object->oldcopy = dol_clone($object);
             }
             $oldinfo = $object->oldcopy->_load_ldap_info();
             $olddn = $object->oldcopy->_load_ldap_dn($oldinfo);
             // Verify if entry exist
             $container = $object->oldcopy->_load_ldap_dn($oldinfo, 1);
             $search = "(" . $object->oldcopy->_load_ldap_dn($oldinfo, 2) . ")";
             $records = $ldap->search($container, $search);
             if (count($records) && $records['count'] == 0) {
                 $olddn = '';
             }
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->update($dn, $info, $user, $olddn);
             if ($result < 0) {
                 $this->error = "ErrorLDAP " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'USER_ENABLEDISABLE') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
     } elseif ($action == 'USER_DELETE') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->delete($dn);
             if ($result < 0) {
                 $this->error = "ErrorLDAP " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'USER_SETINGROUP') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') {
             $ldap = new Ldap();
             $ldap->connect_bind();
             // Must edit $object->newgroupid
             $usergroup = new UserGroup($this->db);
             if ($object->newgroupid > 0) {
                 $usergroup->fetch($object->newgroupid);
                 $oldinfo = $usergroup->_load_ldap_info();
                 $olddn = $usergroup->_load_ldap_dn($oldinfo);
                 // Verify if entry exist
                 $container = $usergroup->_load_ldap_dn($oldinfo, 1);
                 $search = "(" . $usergroup->_load_ldap_dn($oldinfo, 2) . ")";
                 $records = $ldap->search($container, $search);
                 if (count($records) && $records['count'] == 0) {
                     $olddn = '';
                 }
                 $info = $usergroup->_load_ldap_info();
                 // Contains all members, included the new one (insert already done before trigger call)
                 $dn = $usergroup->_load_ldap_dn($info);
                 $result = $ldap->update($dn, $info, $user, $olddn);
                 if ($result < 0) {
                     $this->error = "ErrorLDAP " . $ldap->error;
                 }
             }
             return $result;
         }
     } elseif ($action == 'USER_REMOVEFROMGROUP') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') {
             $ldap = new Ldap();
             $ldap->connect_bind();
             // Must edit $object->newgroupid
             $usergroup = new UserGroup($this->db);
             if ($object->oldgroupid > 0) {
                 $usergroup->fetch($object->oldgroupid);
                 $oldinfo = $usergroup->_load_ldap_info();
                 $olddn = $usergroup->_load_ldap_dn($oldinfo);
                 // Verify if entry exist
                 $container = $usergroup->_load_ldap_dn($oldinfo, 1);
                 $search = "(" . $usergroup->_load_ldap_dn($oldinfo, 2) . ")";
                 $records = $ldap->search($container, $search);
                 if (count($records) && $records['count'] == 0) {
                     $olddn = '';
                 }
                 $info = $usergroup->_load_ldap_info();
                 // Contains all members, included the new one (insert already done before trigger call)
                 $dn = $usergroup->_load_ldap_dn($info);
                 $result = $ldap->update($dn, $info, $user, $olddn);
                 if ($result < 0) {
                     $this->error = "ErrorLDAP " . $ldap->error;
                 }
             }
             return $result;
         }
     } elseif ($action == 'GROUP_CREATE') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             // Get a gid number for objectclass PosixGroup
             if (in_array('posixGroup', $info['objectclass'])) {
                 $info['gidNumber'] = $ldap->getNextGroupGid();
             }
             $result = $ldap->add($dn, $info, $user);
             if ($result < 0) {
                 $this->error = "ErrorLDAP " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'GROUP_MODIFY') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') {
             $ldap = new Ldap();
             $ldap->connect_bind();
             if (empty($object->oldcopy) || !is_object($object->oldcopy)) {
                 dol_syslog("Trigger " . $action . " was called by a function that did not set previously the property ->oldcopy onto object", LOG_WARNING);
                 $object->oldcopy = dol_clone($object);
             }
             $oldinfo = $object->oldcopy->_load_ldap_info();
             $olddn = $object->oldcopy->_load_ldap_dn($oldinfo);
             // Verify if entry exist
             $container = $object->oldcopy->_load_ldap_dn($oldinfo, 1);
             $search = "(" . $object->oldcopy->_load_ldap_dn($oldinfo, 2) . ")";
             $records = $ldap->search($container, $search);
             if (count($records) && $records['count'] == 0) {
                 $olddn = '';
             }
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->update($dn, $info, $user, $olddn);
             if ($result < 0) {
                 $this->error = "ErrorLDAP " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'GROUP_DELETE') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->delete($dn);
             if ($result < 0) {
                 $this->error = "ErrorLDAP " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'CONTACT_CREATE') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if (!empty($conf->global->LDAP_CONTACT_ACTIVE)) {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->add($dn, $info, $user);
             if ($result < 0) {
                 $this->error = "ErrorLDAP " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'CONTACT_MODIFY') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if (!empty($conf->global->LDAP_CONTACT_ACTIVE)) {
             $ldap = new Ldap();
             $ldap->connect_bind();
             if (empty($object->oldcopy) || !is_object($object->oldcopy)) {
                 dol_syslog("Trigger " . $action . " was called by a function that did not set previously the property ->oldcopy onto object", LOG_WARNING);
                 $object->oldcopy = dol_clone($object);
             }
             $oldinfo = $object->oldcopy->_load_ldap_info();
             $olddn = $object->oldcopy->_load_ldap_dn($oldinfo);
             // Verify if entry exist
             $container = $object->oldcopy->_load_ldap_dn($oldinfo, 1);
             $search = "(" . $object->oldcopy->_load_ldap_dn($oldinfo, 2) . ")";
             $records = $ldap->search($container, $search);
             if (count($records) && $records['count'] == 0) {
                 $olddn = '';
             }
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->update($dn, $info, $user, $olddn);
             if ($result < 0) {
                 $this->error = "ErrorLDAP " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'CONTACT_DELETE') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if (!empty($conf->global->LDAP_CONTACT_ACTIVE)) {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->delete($dn);
             if ($result < 0) {
                 $this->error = "ErrorLDAP " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'MEMBER_CREATE') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if (!empty($conf->global->LDAP_MEMBER_ACTIVE)) {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->add($dn, $info, $user);
             if ($result < 0) {
                 $this->error = "ErrorLDAP " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'MEMBER_VALIDATE') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if (!empty($conf->global->LDAP_MEMBER_ACTIVE)) {
             // If status field is setup to be synchronized
             if (!empty($conf->global->LDAP_FIELD_MEMBER_STATUS)) {
                 $ldap = new Ldap();
                 $ldap->connect_bind();
                 $info = $object->_load_ldap_info();
                 $dn = $object->_load_ldap_dn($info);
                 $olddn = $dn;
                 // We know olddn=dn as we change only status
                 $result = $ldap->update($dn, $info, $user, $olddn);
                 if ($result < 0) {
                     $this->error = "ErrorLDAP " . $ldap->error;
                 }
                 return $result;
             }
         }
     } elseif ($action == 'MEMBER_SUBSCRIPTION') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if (!empty($conf->global->LDAP_MEMBER_ACTIVE)) {
             // If subscriptions fields are setup to be synchronized
             if ($conf->global->LDAP_FIELD_MEMBER_FIRSTSUBSCRIPTION_DATE || $conf->global->LDAP_FIELD_MEMBER_FIRSTSUBSCRIPTION_AMOUNT || $conf->global->LDAP_FIELD_MEMBER_LASTSUBSCRIPTION_DATE || $conf->global->LDAP_FIELD_MEMBER_LASTSUBSCRIPTION_AMOUNT || $conf->global->LDAP_FIELD_MEMBER_END_LASTSUBSCRIPTION) {
                 $ldap = new Ldap();
                 $ldap->connect_bind();
                 $info = $object->_load_ldap_info();
                 $dn = $object->_load_ldap_dn($info);
                 $olddn = $dn;
                 // We know olddn=dn as we change only subscriptions
                 $result = $ldap->update($dn, $info, $user, $olddn);
                 if ($result < 0) {
                     $this->error = "ErrorLDAP " . $ldap->error;
                 }
                 return $result;
             }
         }
     } elseif ($action == 'MEMBER_MODIFY') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if (!empty($conf->global->LDAP_MEMBER_ACTIVE)) {
             $ldap = new Ldap();
             $ldap->connect_bind();
             if (empty($object->oldcopy) || !is_object($object->oldcopy)) {
                 dol_syslog("Trigger " . $action . " was called by a function that did not set previously the property ->oldcopy onto object", LOG_WARNING);
                 $object->oldcopy = dol_clone($object);
             }
             $oldinfo = $object->oldcopy->_load_ldap_info();
             $olddn = $object->oldcopy->_load_ldap_dn($oldinfo);
             // Verify if entry exist
             $container = $object->oldcopy->_load_ldap_dn($oldinfo, 1);
             $search = "(" . $object->oldcopy->_load_ldap_dn($oldinfo, 2) . ")";
             $records = $ldap->search($container, $search);
             if (count($records) && $records['count'] == 0) {
                 $olddn = '';
             }
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->update($dn, $info, $user, $olddn);
             if ($result < 0) {
                 $this->error = "ErrorLDAP " . $ldap->error;
             }
             return $result;
         }
     } elseif ($action == 'MEMBER_NEW_PASSWORD') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if (!empty($conf->global->LDAP_MEMBER_ACTIVE)) {
             // If password field is setup to be synchronized
             if ($conf->global->LDAP_FIELD_PASSWORD || $conf->global->LDAP_FIELD_PASSWORD_CRYPTED) {
                 $ldap = new Ldap();
                 $ldap->connect_bind();
                 $info = $object->_load_ldap_info();
                 $dn = $object->_load_ldap_dn($info);
                 $olddn = $dn;
                 // We know olddn=dn as we change only password
                 $result = $ldap->update($dn, $info, $user, $olddn);
                 if ($result < 0) {
                     $this->error = "ErrorLDAP " . $ldap->error;
                 }
                 return $result;
             }
         }
     } elseif ($action == 'MEMBER_RESILIATE') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if (!empty($conf->global->LDAP_MEMBER_ACTIVE)) {
             // If status field is setup to be synchronized
             if (!empty($conf->global->LDAP_FIELD_MEMBER_STATUS)) {
                 $ldap = new Ldap();
                 $ldap->connect_bind();
                 $info = $object->_load_ldap_info();
                 $dn = $object->_load_ldap_dn($info);
                 $olddn = $dn;
                 // We know olddn=dn as we change only status
                 $result = $ldap->update($dn, $info, $user, $olddn);
                 if ($result < 0) {
                     $this->error = "ErrorLDAP " . $ldap->error;
                 }
                 return $result;
             }
         }
     } elseif ($action == 'MEMBER_DELETE') {
         dol_syslog("Trigger '" . $this->name . "' for action '{$action}' launched by " . __FILE__ . ". id=" . $object->id);
         if (!empty($conf->global->LDAP_MEMBER_ACTIVE)) {
             $ldap = new Ldap();
             $ldap->connect_bind();
             $info = $object->_load_ldap_info();
             $dn = $object->_load_ldap_dn($info);
             $result = $ldap->delete($dn);
             if ($result < 0) {
                 $this->error = "ErrorLDAP " . $ldap->error;
             }
             return $result;
         }
     }
     // If not found
     /*
             else
             {
                 dol_syslog("Trigger '".$this->name."' for action '$action' was ran by ".__FILE__." but no handler found for this action.");
     			return -1;
             }
     */
     return 0;
 }