<?php // La séquence de base avec LDAP est // connexion, liaison, recherche, interprétation du résultat include "const.inc"; include "pwd.inc"; /* * connexion */ function connectLdap($host,$userDn,$userPasswd) { $ds=ldap_connect($host); ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); $r=@ldap_bind($ds,$userDn,$userPasswd); return $ds ; } function disconnectLdap($ds) { return ldap_unbind($ds) ; } /************* * People *************/ function getPeople($ds, $filter) { $sr=ldap_search($ds, VAR_LAB_PEOPLE_PATH(), $filter); $info = ldap_get_entries($ds, $sr); for ($i=0;$i<$info["count"];$i++) { $res[$i]["uid"]=$info[$i]["uid"][0]; $res[$i]["cn"]=$info[$i]["cn"][0]; $res[$i]["edupersonaffiliation"]=concatEduPersonAffliliation($info[$i]["edupersonaffiliation"]) ; $res[$i]["sn"]=$info[$i]["sn"][0]; if(array_key_exists('mail', $info[$i])) { $res[$i]["mail"] = $info[$i]["mail"][0] ; } if(array_key_exists('title', $info[$i])) { $res[$i]["title"]=split_title($info[$i]["title"][0]); } if(array_key_exists('telephonenumber', $info[$i])) { $res[$i]["telephonenumber"]=$info[$i]["telephonenumber"][0];} if(array_key_exists('givenname', $info[$i])) { $res[$i]["givenname"] = $info[$i]["givenname"][0] ; } if(array_key_exists('userpassword', $info[$i])) { $res[$i]["userpassword"] = $info[$i]["userpassword"][0] ; } } return $res ; } function concatEduPersonAffliliation($val) { $res=""; for($i=0 ; $i < $val["count"]-1 ; $i++) { if($val[$i]!="") { $res = $res.$val[$i]." / "; } } return $res.$val[$val["count"]-1]; } function split_title($val) { $res=""; $tmp=explode("$", $val); for($i=0 ; $i < count($tmp)-1 ; $i++) { if($tmp[$i]!="") { $res = utf8_decode($res.$tmp[$i])." / "; } } return $res.$tmp[count($tmp)-1]; } /************* * Groups **************/ function getGroups($ds, $filter) { $sr=ldap_search($ds, VAR_LAB_GROUP_PATH(), $filter); $info = ldap_get_entries($ds, $sr); return $info ; } //lite le contenu d'un group (member) function getGroupEntry($ds, $filter) { $sr=ldap_search($ds, VAR_LAB_GROUP_PATH(), $filter); $info = ldap_get_entries($ds, $sr); for ($i=0;$i<$info["count"];$i++) { for ($j=0;$j<$info[$i]["member"]["count"];$j++) { $res["member"][$j]=$info[$i]["member"][$j]; } } return $res ; } function getMembers($ds, $filter) { $groups=getGroupEntry($ds, $filter); foreach($groups["member"] as $k=>$v) { print_r($groups); $f=explode(",", $v); if(substr_count($v, 'groups')) { $res=$res."".getMembers($ds, $f[0]); } else { $res=$res."[SEP]".$v ; } } return $res ; } /************* * Litislab functions **************/ /* * UTILE */ function cn($val) { $r=explode(",",$val); return $r[0]; } function cn_path($val) { $r=explode(",",$val); $res["cn"]=$r[0]; $res["path"]=""; for($i=1 ; $i < count($r) ; $i++) { $res["path"]=$res["path"].$r[$i]; } if(is_group($val)) { $res["uri"]="groups"; $res["id"]=$res["cn"]; } else { $res["uri"]="people"; $res["id"]=getUid($res["cn"]); } return $res ; } function cn_value($val) { if($val) { $r=explode("=",$val); if(count($r)>0) { return $r[1] ; } else { return $val ; } } } function is_group($val) { if (preg_match("/groups/i", $val)) { return true ; } else { return false ; } } /* * get CN */ function getCn($uid) { $ds=connectLitislabAsAdmin(); if($ds) { $sr=ldap_search($ds, VAR_LAB_PEOPLE_PATH(), "uid=".$uid); $info = ldap_get_entries($ds, $sr); for ($i=0;$i<$info["count"];$i++) { $res[$i]["uid"]=$info[$i]["uid"][0]; $res[$i]["cn"]=$info[$i]["cn"][0]; } return $res[0]["cn"] ; } else { return 0 ; } } /* * get Uid */ function getUid($cn) { $ds=connectLitislabAsAdmin(); if($ds) { $sr=ldap_search($ds, VAR_LAB_PEOPLE_PATH(), $cn); $info = ldap_get_entries($ds, $sr); for ($i=0;$i<$info["count"];$i++) { $res[$i]["uid"]=$info[$i]["uid"][0]; $res[$i]["cn"]=$info[$i]["cn"][0]; } return $res[0]["uid"] ; } else { return 0 ; } } /* * Get account */ function getAccount($prenom_nom) { $ds=connectLitislabAsAdmin(); if($ds) { $sr=ldap_search($ds, VAR_LAB_PEOPLE_PATH(), "cn=".$prenom_nom); $info = ldap_get_entries($ds, $sr); for ($i=0;$i<$info["count"];$i++) { print_r($info[$i]["objectclass"]); $res[$i]["objectclass"][1]="top"; $res[$i]["objectclass"][2]="person"; $res[$i]["objectclass"][3]="inetOrgPerson"; $res[$i]["objectclass"][4]="organizationalPerson"; $res[$i]["uid"]=$info[$i]["uid"][0]; $res[$i]["cn"]=$info[$i]["cn"][0]; $res[$i]["sn"]=$info[$i]["sn"][0]; $res[$i]["givenname"]=$info[$i]["givenname"][0]; $res[$i]["userPassword"]=$info[$i]["userpassword"][0]; $res[$i]["mail"]=$info[$i]["mail"][0]; } return $res[0] ; } else { return 0 ; } } /* * ADMIN FUNCTIONS */ function addAccount($data) { $ds=connectUlhAsAdmin(); $info["objectclass"][0] = "person" ; $info["objectclass"][1] = "posixAccount" ; $info["objectclass"][2] = "inetOrgPerson"; $info["objectclass"][3] = "organizationalPerson"; $info["cn"] = $data["uid"] ; $info["sn"] = $data["uid"] ; $info["userpassword"] = $data["userpassword"]; $info["loginshell"] = "/bin/bash" ; $info["uidnumber"] = 100 ; $info["gidnumber"] = 200 ; $info["uid"] = 100 ; $info["homedirectory"] = "/home/".$data["uid"] ; $dn = "cn=".$data["uid"].",".VAR_ULH_PEOPLE_PATH(); $res = ldap_add($ds, $dn, $info); $res = ldap_err2str( ldap_errno($ds) ); ldap_close($ds); return $res ; } /* * supprime un compte */ function delAccount($dn) { $ds=connectUlhAsAdmin(); $res=ldap_delete($ds, $dn); ldap_close($ds); return $res; } /* * modifyAccount */ function modifyAccount($uid) { $ds=connectUlhAsAdmin(); $info["objectclass"][0] = "person" ; $info["objectclass"][1] = "posixAccount" ; $info["objectclass"][2] = "inetOrgPerson"; $info["objectclass"][3] = "organizationalPerson"; $info["cn"] = $data["uid"] ; $info["sn"] = $data["uid"] ; $info["userpassword"] = $data["userpassword"]; $info["loginshell"] = "/bin/bash" ; $info["uidnumber"] = 100 ; $info["gidnumber"] = 200 ; $info["uid"] = 100 ; $info["homedirectory"] = "/home/".$data["uid"] ; $dn = "cn=".$data["uid"].",".VAR_ULH_PEOPLE_PATH(); $res = ldap_modify($ds, $dn, $info); $res = ldap_err2str( ldap_errno($ds) ); ldap_close($ds); return $res ; } /* * Modify password */ function modifyPassword($uid, $newpass) { $ds=connectLitislabAsAdmin() ; $info["userpassword"]=$newpass ; $dn = "cn=".getCn($uid).",".VAR_LAB_PEOPLE_PATH(); $res = ldap_modify($ds, $dn, $info); if($res) { return true ; } else { return false ; } } ?>
<?php /** * Litislab */ $LAB_HOST="ldap.litislab.eu"; $LAB_PEOPLE_PATH="ou=people,ou=litis,dc=litislab,dc=eu"; $LAB_GROUP_PATH="ou=groups,ou=litis,dc=litislab,dc=eu"; $LAB_ADMIN_DN="cn=admin,dc=litislab,dc=eu"; $LAB_ADMIN_PASS="xxxxxxx"; function VAR_LAB_HOST() { return "ldap.litislab.eu"; } function VAR_LAB_PEOPLE_PATH() { return "ou=people,ou=litis,dc=litislab,dc=eu"; } function VAR_LAB_GROUP_PATH() { return "ou=groups,ou=litis,dc=litislab,dc=eu"; } function VAR_LAB_ADMIN_DN() { return "cn=admin,dc=litislab,dc=eu"; } function VAR_LAB_ADMIN_PASS() { return "xxxxx"; } /** * * @return unknown_type */ function VAR_ULH_HOST() { return "cyrodiil.recherche"; } function VAR_ULH_PEOPLE_PATH() { return "ou=people,dc=litis,dc=univ-lehavre,dc=fr"; } function VAR_ULH_GROUP_PATH() { return "ou=groups,dc=litis,dc=univ-lehavre,dc=fr"; } function VAR_ULH_ADMIN_DN() { return "cn=admin,dc=litis,dc=univ-lehavre,dc=fr"; } function VAR_ULH_ADMIN_PASS() { return "xxxx"; } function VAR_POSIX_SHELL() { return "/bin/bash" ; } ?>
<?php class Ldap extends CI_Controller { function Ldap() { parent::__construct(); $this->load->helper("url"); $this->load->helper("form"); $this->load->helper("html"); $this->load->file("/var/www/ldap_ci203/application/libraries/ldap/auth.inc"); $this->data['sub']['heading']="LDAP"; $this->data["sub"]['topbar']=""; session_start(); is_connected(); } /* * Index */ function index() { $this->data['page']="Accueil"; $this->data['content']='ldap'; $this->load->view('_template', $this->data); } /* * People */ function people() { if($this->uri->rsegment(3)) { $this->people_profile($this->uri->rsegment(3)); } else { $this->people_list(); } } /* * */ function people_list() { $this->data['page']="Membres"; $this->data['content']='ldap_people'; $ds=connectLitislabAsAdmin(); $this->data["sub"]["people"]=getPeople($ds, "eduPersonAffiliation=*"); $this->data["sub"]['topbar']="People"; $this->load->view('_template', $this->data); } /* * */ function people_profile($uid) { $this->data["sub"]['topbar']=anchor("/ldap/people", "Membres")." > ".$uid ; $this->data['page']=$uid ; $this->data['content']='ldap_people_profile'; $ds=connectLitislabAsAdmin(); $this->data["sub"]["profile"]=getPeople($ds, "uid=".$uid); $this->load->view('_template', $this->data); } /* * Groups */ function groups() { $this->data['page']="Groupes"; $ds=connectLitislabAsAdmin(); if($this->uri->rsegment(3)=="show") { if($this->uri->rsegment(4)) { $val=explode("@", $this->uri->rsegment(4)); $this->data["sub"]["groups"]=getGroups($ds, "cn=".$val[0]); } $this->data['content']='ldap_group_entry'; $this->data["sub"]['topbar']="<a href=/ci203/index.php/ldap/groups>Groupes</a> > ".$val[0]; } else { $this->data['content']='ldap_groups'; $this->data["sub"]["groups"]=getGroups($ds, "cn=*"); } $this->load->view('_template', $this->data); } function group_profile() { } /** * add account */ function people_add($data) { $this->data['page']="Add"; $this->data["sub"]['topbar']="addAccount"; $this->data['content']='ldap_people_add'; addAccount($data); //$this->load->view('_template', $this->data); } /** * load from litislab */ function people_load_from_litislab() { $ds=connectLitislabAsAdmin(); $people=getPeople($ds, "eduPersonAffiliation=*"); foreach($people as $k=>$person) { echo "<br/>"; addAccount($person); //echo $k."-".$person["uid"] ; } } /* * update data from litislab */ function people_update_from_litislab() { $ds=connectLitislabAsAdmin(); $people=getPeople($ds, "eduPersonAffiliation=*"); foreach($people as $k=>$person) { echo "<br/>"; updateAccount($person); //echo $k."-".$person["uid"] ; } } /* * passwd change */ function newpwd() { $ds=connectLitislabAsAdmin(); $this->data['page']="Password"; $this->data["sub"]['topbar']="Password"; if($this->uri->segment(3)=="done") { $this->data['content']='ldap_pwd_done'; $this->data['sub']['topbar']='pwd'; } else { $this->data['content']='ldap_pwd'; $this->data['sub']['topbar']='pwd'; } $this->load->view('_template', $this->data); } function newpwd_control() { if(modifyPassword($_SESSION["login"], litislabPwd($_POST["pwd1"]))) { redirect("/ldap/newpwd/done"); } else { redirect("/ldap/newpwd"); } } } ?>