<?php
// La séquence de base avec LDAP est
// connexion, liaison, recherche, interprétation du résultat
include "const.inc";
include "pwd.inc";
/*
* connexion
*/
function connectLdap($host,$userDn,$userPasswd) {
$ds=ldap_connect($host);
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
$r=@ldap_bind($ds,$userDn,$userPasswd);
return $ds ;
}
function disconnectLdap($ds) {
return ldap_unbind($ds) ;
}
/*************
* People
*************/
function getPeople($ds, $filter) {
$sr=ldap_search($ds, VAR_LAB_PEOPLE_PATH(), $filter);
$info = ldap_get_entries($ds, $sr);
for ($i=0;$i<$info["count"];$i++) {
$res[$i]["uid"]=$info[$i]["uid"][0];
$res[$i]["cn"]=$info[$i]["cn"][0];
$res[$i]["edupersonaffiliation"]=concatEduPersonAffliliation($info[$i]["edupersonaffiliation"]) ;
$res[$i]["sn"]=$info[$i]["sn"][0];
if(array_key_exists('mail', $info[$i]))
{ $res[$i]["mail"] = $info[$i]["mail"][0] ; }
if(array_key_exists('title', $info[$i]))
{ $res[$i]["title"]=split_title($info[$i]["title"][0]); }
if(array_key_exists('telephonenumber', $info[$i]))
{ $res[$i]["telephonenumber"]=$info[$i]["telephonenumber"][0];}
if(array_key_exists('givenname', $info[$i]))
{ $res[$i]["givenname"] = $info[$i]["givenname"][0] ; }
if(array_key_exists('userpassword', $info[$i]))
{ $res[$i]["userpassword"] = $info[$i]["userpassword"][0] ; }
}
return $res ;
}
function concatEduPersonAffliliation($val) {
$res="";
for($i=0 ; $i < $val["count"]-1 ; $i++) {
if($val[$i]!="") {
$res = $res.$val[$i]." / ";
}
}
return $res.$val[$val["count"]-1];
}
function split_title($val) {
$res="";
$tmp=explode("$", $val);
for($i=0 ; $i < count($tmp)-1 ; $i++) {
if($tmp[$i]!="") {
$res = utf8_decode($res.$tmp[$i])." / ";
}
}
return $res.$tmp[count($tmp)-1];
}
/*************
* Groups
**************/
function getGroups($ds, $filter) {
$sr=ldap_search($ds, VAR_LAB_GROUP_PATH(), $filter);
$info = ldap_get_entries($ds, $sr);
return $info ;
}
//lite le contenu d'un group (member)
function getGroupEntry($ds, $filter) {
$sr=ldap_search($ds, VAR_LAB_GROUP_PATH(), $filter);
$info = ldap_get_entries($ds, $sr);
for ($i=0;$i<$info["count"];$i++) {
for ($j=0;$j<$info[$i]["member"]["count"];$j++) {
$res["member"][$j]=$info[$i]["member"][$j];
}
}
return $res ;
}
function getMembers($ds, $filter) {
$groups=getGroupEntry($ds, $filter);
foreach($groups["member"] as $k=>$v) {
print_r($groups);
$f=explode(",", $v);
if(substr_count($v, 'groups')) {
$res=$res."".getMembers($ds, $f[0]);
} else {
$res=$res."[SEP]".$v ;
}
}
return $res ;
}
/*************
* Litislab functions
**************/
/*
* UTILE
*/
function cn($val) {
$r=explode(",",$val);
return $r[0];
}
function cn_path($val) {
$r=explode(",",$val);
$res["cn"]=$r[0];
$res["path"]="";
for($i=1 ; $i < count($r) ; $i++) {
$res["path"]=$res["path"].$r[$i];
}
if(is_group($val)) {
$res["uri"]="groups";
$res["id"]=$res["cn"];
} else {
$res["uri"]="people";
$res["id"]=getUid($res["cn"]);
}
return $res ;
}
function cn_value($val) {
if($val) {
$r=explode("=",$val);
if(count($r)>0) { return $r[1] ; }
else { return $val ; }
}
}
function is_group($val) {
if (preg_match("/groups/i", $val)) {
return true ;
} else {
return false ;
}
}
/*
* get CN
*/
function getCn($uid) {
$ds=connectLitislabAsAdmin();
if($ds) {
$sr=ldap_search($ds, VAR_LAB_PEOPLE_PATH(), "uid=".$uid);
$info = ldap_get_entries($ds, $sr);
for ($i=0;$i<$info["count"];$i++) {
$res[$i]["uid"]=$info[$i]["uid"][0];
$res[$i]["cn"]=$info[$i]["cn"][0];
}
return $res[0]["cn"] ;
}
else {
return 0 ;
}
}
/*
* get Uid
*/
function getUid($cn) {
$ds=connectLitislabAsAdmin();
if($ds) {
$sr=ldap_search($ds, VAR_LAB_PEOPLE_PATH(), $cn);
$info = ldap_get_entries($ds, $sr);
for ($i=0;$i<$info["count"];$i++) {
$res[$i]["uid"]=$info[$i]["uid"][0];
$res[$i]["cn"]=$info[$i]["cn"][0];
}
return $res[0]["uid"] ;
}
else {
return 0 ;
}
}
/*
* Get account
*/
function getAccount($prenom_nom) {
$ds=connectLitislabAsAdmin();
if($ds) {
$sr=ldap_search($ds, VAR_LAB_PEOPLE_PATH(), "cn=".$prenom_nom);
$info = ldap_get_entries($ds, $sr);
for ($i=0;$i<$info["count"];$i++) {
print_r($info[$i]["objectclass"]);
$res[$i]["objectclass"][1]="top";
$res[$i]["objectclass"][2]="person";
$res[$i]["objectclass"][3]="inetOrgPerson";
$res[$i]["objectclass"][4]="organizationalPerson";
$res[$i]["uid"]=$info[$i]["uid"][0];
$res[$i]["cn"]=$info[$i]["cn"][0];
$res[$i]["sn"]=$info[$i]["sn"][0];
$res[$i]["givenname"]=$info[$i]["givenname"][0];
$res[$i]["userPassword"]=$info[$i]["userpassword"][0];
$res[$i]["mail"]=$info[$i]["mail"][0];
}
return $res[0] ;
}
else {
return 0 ;
}
}
/*
* ADMIN FUNCTIONS
*/
function addAccount($data) {
$ds=connectUlhAsAdmin();
$info["objectclass"][0] = "person" ;
$info["objectclass"][1] = "posixAccount" ;
$info["objectclass"][2] = "inetOrgPerson";
$info["objectclass"][3] = "organizationalPerson";
$info["cn"] = $data["uid"] ;
$info["sn"] = $data["uid"] ;
$info["userpassword"] = $data["userpassword"];
$info["loginshell"] = "/bin/bash" ;
$info["uidnumber"] = 100 ;
$info["gidnumber"] = 200 ;
$info["uid"] = 100 ;
$info["homedirectory"] = "/home/".$data["uid"] ;
$dn = "cn=".$data["uid"].",".VAR_ULH_PEOPLE_PATH();
$res = ldap_add($ds, $dn, $info);
$res = ldap_err2str( ldap_errno($ds) );
ldap_close($ds);
return $res ;
}
/*
* supprime un compte
*/
function delAccount($dn) {
$ds=connectUlhAsAdmin();
$res=ldap_delete($ds, $dn);
ldap_close($ds);
return $res;
}
/*
* modifyAccount
*/
function modifyAccount($uid) {
$ds=connectUlhAsAdmin();
$info["objectclass"][0] = "person" ;
$info["objectclass"][1] = "posixAccount" ;
$info["objectclass"][2] = "inetOrgPerson";
$info["objectclass"][3] = "organizationalPerson";
$info["cn"] = $data["uid"] ;
$info["sn"] = $data["uid"] ;
$info["userpassword"] = $data["userpassword"];
$info["loginshell"] = "/bin/bash" ;
$info["uidnumber"] = 100 ;
$info["gidnumber"] = 200 ;
$info["uid"] = 100 ;
$info["homedirectory"] = "/home/".$data["uid"] ;
$dn = "cn=".$data["uid"].",".VAR_ULH_PEOPLE_PATH();
$res = ldap_modify($ds, $dn, $info);
$res = ldap_err2str( ldap_errno($ds) );
ldap_close($ds);
return $res ;
}
/*
* Modify password
*/
function modifyPassword($uid, $newpass) {
$ds=connectLitislabAsAdmin() ;
$info["userpassword"]=$newpass ;
$dn = "cn=".getCn($uid).",".VAR_LAB_PEOPLE_PATH();
$res = ldap_modify($ds, $dn, $info);
if($res) { return true ; }
else { return false ; }
}
?>
<?php
/**
* Litislab
*/
$LAB_HOST="ldap.litislab.eu";
$LAB_PEOPLE_PATH="ou=people,ou=litis,dc=litislab,dc=eu";
$LAB_GROUP_PATH="ou=groups,ou=litis,dc=litislab,dc=eu";
$LAB_ADMIN_DN="cn=admin,dc=litislab,dc=eu";
$LAB_ADMIN_PASS="xxxxxxx";
function VAR_LAB_HOST() {
return "ldap.litislab.eu";
}
function VAR_LAB_PEOPLE_PATH() {
return "ou=people,ou=litis,dc=litislab,dc=eu";
}
function VAR_LAB_GROUP_PATH() {
return "ou=groups,ou=litis,dc=litislab,dc=eu";
}
function VAR_LAB_ADMIN_DN() {
return "cn=admin,dc=litislab,dc=eu";
}
function VAR_LAB_ADMIN_PASS() {
return "xxxxx";
}
/**
*
* @return unknown_type
*/
function VAR_ULH_HOST() {
return "cyrodiil.recherche";
}
function VAR_ULH_PEOPLE_PATH() {
return "ou=people,dc=litis,dc=univ-lehavre,dc=fr";
}
function VAR_ULH_GROUP_PATH() {
return "ou=groups,dc=litis,dc=univ-lehavre,dc=fr";
}
function VAR_ULH_ADMIN_DN() {
return "cn=admin,dc=litis,dc=univ-lehavre,dc=fr";
}
function VAR_ULH_ADMIN_PASS() {
return "xxxx";
}
function VAR_POSIX_SHELL() {
return "/bin/bash" ;
}
?>
Implémentation des fonctions
<?php
class Ldap extends CI_Controller {
function Ldap() {
parent::__construct();
$this->load->helper("url");
$this->load->helper("form");
$this->load->helper("html");
$this->load->file("/var/www/ldap_ci203/application/libraries/ldap/auth.inc");
$this->data['sub']['heading']="LDAP";
$this->data["sub"]['topbar']="";
session_start();
is_connected();
}
/*
* Index
*/
function index() {
$this->data['page']="Accueil";
$this->data['content']='ldap';
$this->load->view('_template', $this->data);
}
/*
* People
*/
function people() {
if($this->uri->rsegment(3)) {
$this->people_profile($this->uri->rsegment(3));
} else {
$this->people_list();
}
}
/*
*
*/
function people_list() {
$this->data['page']="Membres";
$this->data['content']='ldap_people';
$ds=connectLitislabAsAdmin();
$this->data["sub"]["people"]=getPeople($ds, "eduPersonAffiliation=*");
$this->data["sub"]['topbar']="People";
$this->load->view('_template', $this->data);
}
/*
*
*/
function people_profile($uid) {
$this->data["sub"]['topbar']=anchor("/ldap/people", "Membres")." > ".$uid ;
$this->data['page']=$uid ;
$this->data['content']='ldap_people_profile';
$ds=connectLitislabAsAdmin();
$this->data["sub"]["profile"]=getPeople($ds, "uid=".$uid);
$this->load->view('_template', $this->data);
}
/*
* Groups
*/
function groups() {
$this->data['page']="Groupes";
$ds=connectLitislabAsAdmin();
if($this->uri->rsegment(3)=="show") {
if($this->uri->rsegment(4)) {
$val=explode("@", $this->uri->rsegment(4));
$this->data["sub"]["groups"]=getGroups($ds, "cn=".$val[0]);
}
$this->data['content']='ldap_group_entry';
$this->data["sub"]['topbar']="<a href=/ci203/index.php/ldap/groups>Groupes</a> > ".$val[0];
} else {
$this->data['content']='ldap_groups';
$this->data["sub"]["groups"]=getGroups($ds, "cn=*");
}
$this->load->view('_template', $this->data);
}
function group_profile() {
}
/**
* add account
*/
function people_add($data) {
$this->data['page']="Add";
$this->data["sub"]['topbar']="addAccount";
$this->data['content']='ldap_people_add';
addAccount($data);
//$this->load->view('_template', $this->data);
}
/**
* load from litislab
*/
function people_load_from_litislab() {
$ds=connectLitislabAsAdmin();
$people=getPeople($ds, "eduPersonAffiliation=*");
foreach($people as $k=>$person) {
echo "<br/>";
addAccount($person);
//echo $k."-".$person["uid"] ;
}
}
/*
* update data from litislab
*/
function people_update_from_litislab() {
$ds=connectLitislabAsAdmin();
$people=getPeople($ds, "eduPersonAffiliation=*");
foreach($people as $k=>$person) {
echo "<br/>";
updateAccount($person);
//echo $k."-".$person["uid"] ;
}
}
/*
* passwd change
*/
function newpwd() {
$ds=connectLitislabAsAdmin();
$this->data['page']="Password";
$this->data["sub"]['topbar']="Password";
if($this->uri->segment(3)=="done") {
$this->data['content']='ldap_pwd_done';
$this->data['sub']['topbar']='pwd';
} else {
$this->data['content']='ldap_pwd';
$this->data['sub']['topbar']='pwd';
}
$this->load->view('_template', $this->data);
}
function newpwd_control() {
if(modifyPassword($_SESSION["login"], litislabPwd($_POST["pwd1"]))) {
redirect("/ldap/newpwd/done");
} else {
redirect("/ldap/newpwd");
}
}
}
?>