Differences
This shows you the differences between two versions of the page.
— |
lpro:ldap:php2 [2017/12/18 14:40] (current) jbaudry |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | * Exemple 1 | ||
+ | |||
+ | <code php> | ||
+ | function connectLdap($host,$userDn,$userPasswd) { | ||
+ | $ds=ldap_connect($host); | ||
+ | ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); | ||
+ | $r=@ldap_bind($ds,$userDn,$userPasswd); | ||
+ | return $r ; | ||
+ | } | ||
+ | </code> | ||
+ | |||
+ | <code php> | ||
+ | connectLdap("monserveur.com", "cn=admin,dc=univ-lehavre,dc=fr", "lemotdepasse"); | ||
+ | </code> | ||
+ | |||
+ | * Exemple 2 | ||
+ | |||
+ | <code php> | ||
+ | function list_of_people($host, $path, $userDn, $userPasswd) { | ||
+ | $ds=ldap_connect($host); | ||
+ | ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); | ||
+ | $r=@ldap_bind($ds,$userDn,$userPasswd); | ||
+ | if($ds) { | ||
+ | $sr=ldap_search($ds, $path, "objectclass=*"); | ||
+ | $info = ldap_get_entries($ds, $sr); | ||
+ | |||
+ | // Affiche toutes les données | ||
+ | foreach($info as $k=>$v) { | ||
+ | if(is_array($v)) { | ||
+ | foreach($v as $k1=>$v1) { | ||
+ | if(is_array($v1)) { | ||
+ | foreach($v1 as $k2=>$v2) { | ||
+ | echo $k1."=".$v2."<br/>"; | ||
+ | } | ||
+ | } | ||
+ | } | ||
+ | } | ||
+ | } | ||
+ | |||
+ | //affiche une partie des données | ||
+ | for ($i=0;$i<$info["count"];$i++) { | ||
+ | $res[$i]["uid"]=$info[$i]["uid"][0]; | ||
+ | $res[$i]["cn"]=$info[$i]["cn"][0]; | ||
+ | } | ||
+ | return $res ; | ||
+ | } | ||
+ | else { | ||
+ | return "Erreur de connexion" ; | ||
+ | } | ||
+ | } | ||
+ | </code> | ||
+ | |||
+ | <code php> | ||
+ | list_of_people("monserveur.com", "ou=users,ou=iut,dc=univ-lehavre,dc=fr", "cn=admin,dc=univ-lehavre,dc=fr", "motdepasse") | ||
+ | </code> | ||
+ | |||
+ | * Exemple 3 | ||
+ | |||
+ | <code php> | ||
+ | function show_a_person2($host, $uidPerson, $rootdn, $rootpasswd) { | ||
+ | $ds=ldap_connect($host); | ||
+ | ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); | ||
+ | $r=@ldap_bind($ds,$rootdn,$rootpw); | ||
+ | if($ds && $r) { | ||
+ | $sr=ldap_search($ds, $uidPerson, "objectclass=*"); | ||
+ | $info = ldap_get_entries($ds, $sr); | ||
+ | if(count($info)>0) { | ||
+ | $res["cn"] = $info[$i]["cn"][0]; | ||
+ | $res["gecos"] = $info[$i]["gecos"][0]; | ||
+ | $res["gidnumber"] = $info[$i]["gidnumber"][0]; | ||
+ | $res["homedirectory"] = $info[$i]["homedirectory"][0]; | ||
+ | $res["loginshell"] = $info[$i]["loginshell"][0]; | ||
+ | $res["uid"] = $info[$i]["uid"][0]; | ||
+ | $res["uidnumber"] = $info[$i]["uidnumber"][0]; | ||
+ | $res["userpassword"] = $info[$i]["userpassword"][0]; | ||
+ | } | ||
+ | return $res ; | ||
+ | } | ||
+ | else { | ||
+ | return "Erreur de connexion" ; | ||
+ | } | ||
+ | } | ||
+ | </code> | ||
+ | |||
+ | * Exemple 4 | ||
+ | |||
+ | <code php> | ||
+ | /* | ||
+ | * Ajouter une personne dans le LDAP | ||
+ | */ | ||
+ | function ldapAddUser($login, $clearpass, $loginshell, $gidnumber, $uidnumber, $homedirectory) { | ||
+ | $host=""; | ||
+ | $rootdn=""; | ||
+ | $rootpasswd=""; | ||
+ | $ds = ldap_connect($host); | ||
+ | if($ds) { | ||
+ | $r=ldap_bind($ds,$rootdn,$rootpasswd); | ||
+ | $info["uid"] = $login ; | ||
+ | $info["cn"] = $login ; | ||
+ | $info["objectClass"][0] = "account" ; | ||
+ | $info["objectClass"][1] = "posixAccount" ; | ||
+ | $info["objectClass"][2] = "top" ; | ||
+ | $info["userPassword"] = "{crypt}".constructPass($clearpass); | ||
+ | $info["loginShell"] = $loginshell ; | ||
+ | $info["uidNumber"] = $uidnumber ; | ||
+ | $info["gidNumber"] = $gidnumber ; | ||
+ | $info["homeDirectory"] = $homedirectory ; | ||
+ | $dn = "uid=".$login.",ou=people,ou=iut,ou=univ-lehavre,dc=fr"; | ||
+ | $res = ldap_add($ds, $dn, $info); | ||
+ | $res = ldap_err2str( ldap_errno($ds) ); | ||
+ | ldap_close($ds); | ||
+ | return $res ; | ||
+ | } | ||
+ | } | ||
+ | |||
+ | /** | ||
+ | * Genere un salt aléatoire de 8 caracteres | ||
+ | */ | ||
+ | function generateSalt($length) { | ||
+ | return substr(str_shuffle("abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, $length); | ||
+ | } | ||
+ | |||
+ | function constructPass($text) { | ||
+ | return crypt($text,'$1$'.generateSalt('8')); | ||
+ | } | ||
+ | </code> | ||
+ | |||
+ | * Controleur PHP | ||
+ | |||
+ | <code php> | ||
+ | if($_SERVER['REQUEST_METHOD']=='POST') { | ||
+ | if(isset($_POST['f_submit'])) { | ||
+ | $res=authLdap($_POST['login'], $_POST['passwd']); | ||
+ | if($res) { | ||
+ | // creation d'une session | ||
+ | session_start(); | ||
+ | $_SESSION['login'] = $_POST['login'] ; | ||
+ | header('Location:index.php'); | ||
+ | exit ; | ||
+ | } | ||
+ | else { | ||
+ | echo "identifiant ou mot de passe incorrect" ; | ||
+ | } | ||
+ | } | ||
+ | } | ||
+ | else { | ||
+ | //code par défaut | ||
+ | } | ||
+ | </code> | ||
+ | |||
+ | <code> | ||
+ | dn: olcDatabase={-1}frontend,cn=config | ||
+ | changetype: modify | ||
+ | delete: olcAccess | ||
+ | |||
+ | dn: olcDatabase={1}hdb,cn=config | ||
+ | changetype: modify | ||
+ | delete: olcAccess | ||
+ | </code> |