pandorafms/pandora_console/include/auth/ldap.php

605 lines
17 KiB
PHP
Raw Normal View History

<?php
// Pandora FMS - http://pandorafms.com
// ==================================================
// Copyright (c) 2005-2009 Artica Soluciones Tecnologicas
// Please see http://pandorafms.org for full contribution list
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU Lesser General Public License
// as published by the Free Software Foundation; version 2
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
2009-08-24 Miguel de Dios <miguel.dedios@artica.es> * include/functions_menu.php, include/functions_html.php, include/functions_events.php, include/functions_messages.php, include/functions_modules.php, include/functions_exportserver.php, include/functions_reporting.php, include/functions_filemanager.php, include/pchart_graph.php, include/pandora_graph.php, include/auth/dev.php, include/auth/ldap.php, include/auth/mysql.php, include/config.inc.php, include/functions_networkmap.php, include/functions_servers.php, include/FusionCharts/FusionCharts_Gen.php, include/FusionCharts/FusionCharts.php, include/functions_network_profiles.php, include/gettext.php, include/functions_network_components.php, include/functions_visual_map.php, include/fgraph2.php, include/Image/image_functions.php, include/functions_config.php, include/help/en/help_plugin_parameters.php, include/help/en/help_snmpcommunity.php, include/help/en/help_wmiquery.php, include/help/en/help_postprocess.php, include/help/en/help_prediction_source_module.php, include/help/en/help_date_format.php, include/help/en/help_recontask.php, include/help/en/help_alert-matches.php, include/help/en/help_tcp_send.php, include/help/en/help_wmifield.php, include/help/en/help_duplicateconfig.php, include/help/en/help_agent_status.php, include/help/en/help_manage_alerts.php, include/help/en/help_wmikey.php, include/help/en/help_alert_type.php, include/help/en/help_network_component.php, include/help/en/help_time_stamp-comparation.php, include/help/en/help_eventview.php, include/help/en/help_timesource.php, include/help/en/help_alert_validation.php, include/help/en/help_map_builder.php, include/help/en/help_alert_recovery.php, include/help/en/help_module_type.php, include/help/en/help_planned_downtime.php, include/help/en/help_serverlag.php, include/help/en/help_alerts.php, include/help/en/help_snmpwalk.php, include/help/en/help_module_definition.php, include/help/en/help_plugin_definition.php, include/help/en/help_wminamespace.php, include/help/en/help_snmpoid.php include/help/en/help_manageconfig.php, include/help/es/help_alert_validation.php, include/help/es/help_plugin_parameters.php, include/help/es/help_snmpcommunity.php, include/help/es/help_wmiquery.php, include/help/es/help_map_builder.php, include/help/es/help_postprocess.php, include/help/es/help_date_format.php, include/help/es/help_alert_recovery.php, include/help/es/help_prediction_source_module.php, include/help/es/help_module_type.php, include/help/es/help_planned_downtime.php, include/help/es/help_alert-matches.php, include/help/es/help_recontask.php, include/help/es/help_alerts.php, include/help/es/help_serverlag.php, include/help/es/help_snmpwalk.php, include/help/es/help_module_definition.php, include/help/es/help_tcp_send.php, include/help/es/help_duplicateconfig.php, include/help/es/help_wmifield.php, include/help/es/help_manage_alerts.php, include/help/es/help_wmikey.php, include/help/es/help_plugin_definition.php, include/help/es/help_alert_type.php, include/help/es/help_snmpoid.php, include/help/es/help_wminamespace.php, include/help/es/help_network_component.php, include/help/es/help_time_stamp-comparation.php, include/help/es/help_manageconfig.php, include/help/es/help_timesource.php, include/config_process.php, include/functions_ui.php, include/htmlawed.php, include/functions_custom_graphs.php, include/fgraph.php, include/functions_incidents.php, include/functions.php, include/functions_agents.php, include/functions_db.php, include/functions_themes.php, include/streams.php, include/functions_fsgraph.php, include/functions_alerts.php, include/functions_reports.php, include/functions_extensions.php, include/functions_ui_renders.php: change comments blocks for delete the warnings to construct phpDoc Files, give a struct and order in the phpDoc files. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1881 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-08-25 19:39:28 +02:00
/**
* @package Include/auth
*/
if (!isset ($config)) {
die ('
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Pandora FMS - The Flexible Monitoring System - Console error</title>
<meta http-equiv="expires" content="0">
<meta http-equiv="content-type" content="text/html; charset=utf8">
<meta name="resource-type" content="document">
<meta name="distribution" content="global">
<meta name="author" content="Sancho Lerena">
<meta name="copyright" content="This is GPL software. Created by Sancho Lerena and others">
<meta name="keywords" content="pandora, monitoring, system, GPL, software">
<meta name="robots" content="index, follow">
<link rel="icon" href="../../images/pandora.ico" type="image/ico">
<link rel="stylesheet" href="../styles/pandora.css" type="text/css">
</head>
<body>
<div id="main" style="float:left; margin-left: 100px">
<div align="center">
<div id="login_f">
<h1 id="log_f" class="error">You cannot access this file</h1>
<div>
<img src="../../images/pandora_logo.png" border="0"></a>
</div>
<div class="msg">
<span class="error"><b>ERROR:</b>
You can\'t access this file directly!</span>
</div>
</div>
</div>
</div>
</body>
</html>
');
}
* include/functions_graph.php include/functions_html.php include/functions_messages.php include/db/postgresql.php include/db/mysql.php include/db/oracle.php include/functions_reporting.php include/functions_filemanager.php include/functions_gis.php include/auth/ldap.php include/auth/mysql.php include/functions_networkmap.php include/functions_network_components.php include/ajax/skins.ajax.php include/ajax/reporting.ajax.php include/ajax/visual_console_builder.ajax.php include/ajax/alert_list.ajax.php include/ajax/module.php include/functions_config.php include/functions_api.php include/help/en/help_timesource.php include/help/es/help_timesource.php include/help/ja/help_timesource.php include/config_process.php include/functions_ui.php include/functions_custom_graphs.php include/fgraph.php include/functions_incidents.php include/api.php include/functions_reports.php include/functions_ui_renders.php extensions/insert_data.php extensions/system_info.php extensions/extension_uploader.php extensions/pandora_logs.php extensions/agents_modules.php extensions/update_manager.php extensions/ssh_console.php extensions/dbmanager.php extensions/vnc_view.php extensions/resource_registration.php extensions/resource_exportation.php extensions/users_connected.php extensions/module_groups.php extensions/update_manager/load_updatemanager.php extensions/update_manager/lib/libupdate_manager_client.php extensions/update_manager/lib/libupdate_manager.php extensions/update_manager/lib/libupdate_manager_components.php extensions/update_manager/lib/libupdate_manager_updates.php extensions/update_manager/settings.php extensions/update_manager/main.php extensions/plugin_registration.php operation/incidents/incident.php operation/incidents/incident_detail.php operation/incidents/incident_statistics.php operation/search_modules.php operation/visual_console/render_view.php operation/visual_console/index.php operation/extensions.php operation/agentes/status_monitor.php operation/agentes/export_csv.php operation/agentes/estado_ultimopaquete.php operation/agentes/datos_agente.php operation/agentes/alerts_status.php operation/agentes/estado_generalagente.php operation/agentes/custom_fields.php operation/agentes/estado_agente.php operation/agentes/networkmap.topology.php operation/agentes/networkmap.groups.php operation/agentes/sla_view.php operation/agentes/exportdata.php operation/agentes/gis_view.php operation/agentes/estado_monitores.php operation/agentes/ver_agente.php operation/agentes/graphs.php operation/agentes/agent_fields.php operation/agentes/tactical.php operation/agentes/group_view.php operation/agentes/networkmap.php operation/agentes/stat_win.php operation/servers/view_server.php operation/servers/view_server_detail.php operation/menu.php operation/search_agents.php operation/search_graphs.php operation/snmpconsole/snmp_view.php operation/users/user_edit.php operation/gis_maps/render_view.php operation/gis_maps/ajax.php operation/integria_incidents/incident.php operation/integria_incidents/incident_detail.php operation/integria_incidents/incident_statistics.php operation/events/event_statistics.php operation/events/events_rss.php operation/events/export_csv.php operation/events/sound_events.php operation/events/events_validate.php operation/events/events_list.php operation/events/events_marquee.php operation/events/events.php operation/search_alerts.php operation/messages/message.php operation/reporting/reporting_xml.php operation/reporting/reporting_viewer.php operation/reporting/graph_viewer.php operation/search_reports.php operation/search_maps.php operation/search_users.php extras/pandora_diag.php mobile/operation/agents/monitor_status.php mobile/operation/agents/view_agents.php mobile/operation/agents/view_alerts.php mobile/operation/agents/group_view.php mobile/operation/events/events.php mobile/index.php general/error_authconfig.php general/links_menu.php general/logon_ok.php general/error_dbconfig.php general/ui/agents_list.php general/header.php godmode/groups/modu_group_list.php godmode/groups/configure_group.php godmode/groups/configure_modu_group.php godmode/groups/group_list.php godmode/admin_access_logs.php godmode/db/db_main.php godmode/db/db_audit.php godmode/db/db_sanity.php godmode/db/db_refine.php godmode/db/db_info.php godmode/db/db_event.php godmode/db/db_purge.php godmode/extensions.php godmode/agentes/agent_template.php godmode/agentes/module_manager_editor_common.php godmode/agentes/fields_manager.php godmode/agentes/agent_conf_gis.php godmode/agentes/module_manager_editor_prediction.php godmode/agentes/module_manager.php godmode/agentes/modificar_agente.php godmode/agentes/configurar_agente.php godmode/agentes/configure_field.php godmode/agentes/module_manager_editor.php godmode/agentes/planned_downtime.php godmode/agentes/manage_config_remote.php godmode/agentes/agent_manager.php godmode/servers/recon_script.php godmode/servers/plugin.php godmode/servers/manage_recontask.php godmode/servers/modificar_server.php godmode/servers/manage_recontask_form.php godmode/alerts/alert_list.list.php godmode/alerts/configure_alert_compound.php godmode/alerts/alert_compounds.php godmode/alerts/alert_list.php godmode/alerts/configure_alert_template.php godmode/alerts/alert_templates.php godmode/alerts/configure_alert_action.php godmode/alerts/configure_alert_command.php godmode/alerts/alert_actions.php godmode/alerts/alert_list.builder.php godmode/alerts/alert_commands.php godmode/setup/file_manager.php godmode/setup/os.list.php godmode/setup/news.php godmode/setup/gis_step_2.php godmode/setup/links.php godmode/setup/setup.php godmode/setup/os.php godmode/setup/performance.php godmode/setup/setup_auth.php godmode/setup/gis.php godmode/setup/os.builder.php godmode/setup/setup_visuals.php godmode/snmpconsole/snmp_alert.php godmode/snmpconsole/snmp_filters.php godmode/users/user_list.php godmode/users/configure_profile.php godmode/gis_maps/configure_gis_map.php godmode/gis_maps/index.php godmode/massive/massive_add_alerts.php godmode/massive/massive_copy_modules.php godmode/massive/massive_delete_agents.php godmode/massive/massive_enable_disable_alerts.php godmode/massive/massive_operations.php godmode/massive/massive_delete_profiles.php godmode/massive/massive_edit_agents.php godmode/massive/massive_delete_action_alerts.php godmode/massive/massive_delete_modules.php godmode/massive/massive_add_profiles.php godmode/massive/massive_delete_alerts.php godmode/massive/massive_edit_modules.php godmode/massive/massive_standby_alerts.php godmode/massive/massive_add_action_alerts.php godmode/modules/manage_network_components_form.php godmode/modules/manage_nc_groups_form.php godmode/modules/manage_network_templates.php godmode/modules/module_list.php godmode/modules/manage_network_components_form_common.php godmode/modules/manage_network_components_form_network.php godmode/modules/manage_network_templates_form.php godmode/modules/manage_network_components_form_wmi.php godmode/modules/manage_network_components.php godmode/modules/manage_nc_groups.php godmode/reporting/visual_console_builder.wizard.php godmode/reporting/graph_builder.main.php godmode/reporting/reporting_builder.list_items.php godmode/reporting/visual_console_builder.php godmode/reporting/reporting_builder.preview.php godmode/reporting/reporting_builder.main.php godmode/reporting/visual_console_builder.data.php godmode/reporting/visual_console_builder.elements.php godmode/reporting/graph_builder.php godmode/reporting/visual_console_builder.preview.php godmode/reporting/graph_builder.graph_editor.php godmode/reporting/reporting_builder.php godmode/reporting/visual_console_builder.editor.php godmode/reporting/reporting_builder.item_editor.php godmode/reporting/map_builder.php godmode/reporting/graphs.php godmode/reporting/graph_builder.preview.php include/functions_db.php: Added some includes and functions of this code have "db_" prefix. * include/functions.php: Moved function check_login(), check_acl(), dame_nombre_pluginid(), get_os_name() from functions_db.php to functions.php. * include/functions_groups.php: Moved functions get_childrens(), safe_acl_group() and get_parents(), give_disabled_group(), isAllGroups(), get_group_icon(), get_all_groups(), get_id_groups_recursive(), get_user_groups_tree_recursive(), get_group_status(), get_group_name(), get_group_users() from functions_db.php to this code. * include/functions_profile.php: New library with profile functions. Moved functions get_profile_name(), get_profiles(), create_user_profile(), delete_user_profile(), delete_profile() from functions_db.php to this code. Added new parameter in function get_profile() to retrieve profiles with filter conditions applied. * include/functions_users.php: New library with users functions. Moved functions get_users_info(), get_all_model_groups(), get_user_groups(), get_user_groups_tree(), get_user_first_group(), user_access_to_agent() from funtions_db.php to this code. * godmode/users/configure_user.php: Changed get_profile_filter() function to get_profile(). * include/functions_agents.php: Moved functions get_group_agents(), get_agent_modules(), get_agent_module_id(), get_agent_id(), get_agent_name(), get_agent_modules_data_count(), check_alert_fired(), get_agent_interval(), get_agent_os(), give_agentmodule_flag(), agent_add_address(), agent_delete_address(), get_agent_address(), get_agent_with_ip(), get_agent_addresses(), get_agent_status(), delete_agent(), get_agentmodule_group(), get_agent_group() from functions_db.php to this code. * include/functions_modules.php: Moved functions get_agentmodule(), get_agentmodule_id(), get_agentmodule_is_init(), get_agent_modules_count(), get_module_type_name(), get_module_type_icon(), get_agentmodule_agent(), get_agentmodule_agent_name(), get_agentmodule_name(), get_agentmodule_type(), get_monitor_downs_in_period(), get_monitor_last_down_timestamp_in_period(), get_monitors_in_group(), get_monitors_in_agent(), get_monitors_down(), get_moduletype_name(), get_moduletype_description(), get_moduletypes(), get_module_interval(), show_icon_type(), give_modulecategory_name(), give_agent_id_from_module_id(), get_module_status(), get_agent_module_last_value(), get_previous_data(), get_agentmodule_modulegroup(), get_modulegroups(), get_modulegroup_name() from functions_db.php to this code. * include/functions_alerts.php: Moved functions get_alert_type(), get_agent_alert_fired(), get_module_alert_fired(), get_alert_fires_in_period(), get_group_alerts(), get_alerts_fired(), get_alert_last_fire_timestamp_in_period(), get_agentmodule_status(), get_agentmodule_last_status() from functions_db.php to this code. * include/functions_exportserver.php: Moved function dame_nombre_servidorexportacion() from functions_db.php to this code. * include/functions_events.php: Moved functions get_group_events(), get_agent_events(), get_module_events() from functions_db.php to this code. * include/functions_servers.php: Moved functions get_server_name(), show_server_type(), check_server_status(), server_status() from functions_db.php to this code. * include/functions_network_profiles.php: Moved function get_networkprofile_name() from functions_db.php to this code. * include/functions_visual_map.php: Moved functions get_layoutdata_x(), get_layoutdata_y() from fucntions_db.php to this code. * include/functions_io.php: Moved function __() from functions_db.php to this code. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4258 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2011-04-19 20:42:49 +02:00
include_once($config['homedir'] . "/include/functions_profile.php");
$config["user_can_update_info"] = false;
$config["user_can_update_password"] = false;
$config["admin_can_add_user"] = false;
$config["admin_can_delete_user"] = false;
$config["admin_can_disable_user"] = false; //Not implemented
$config["admin_can_make_admin"] = false;
//Required and optional keys for this function to work
$req_keys = array ("ldap_server", "ldap_base_dn", "ldap_login_attr", "ldap_admin_group_name", "ldap_admin_group_attr", "ldap_admin_group_type", "ldap_user_filter", "ldap_user_attr");
$opt_keys = array ("ldap_port", "ldap_start_tls", "ldap_version", "ldap_admin_dn", "ldap_admin_pwd");
global $ldap_cache; //Needs to be globalized because config_process_config () function calls this file first and the variable would be local and subsequently lost
$ldap_cache = array ();
$ldap_cache["error"] = "";
$ldap_cache["ds"] = "";
//Put each required key in a variable.
foreach ($req_keys as $key) {
if (!isset ($config["auth"][$key])) {
user_error ("Required key ".$key." not set", E_USER_ERROR);
}
}
// Convert group name to lower case to prevent problems
$config["auth"]["ldap_admin_group_attr"] = strtolower ($config["auth"]["ldap_admin_group_attr"]);
$config["auth"]["ldap_admin_group_type"] = strtolower ($config["auth"]["ldap_admin_group_type"]);
foreach ($opt_keys as $key) {
if (!isset ($config["auth"][$key])) {
switch ($key) {
case "ldap_start_tls":
$config["auth"][$key] = false;
continue;
case "ldap_version":
$config["auth"][$key] = 0;
continue;
case "ldap_admin_dn":
case "ldap_admin_pwd":
$config["auth"][$key] = "";
continue;
default:
//Key not implemented
continue;
}
}
}
//Reference the global use authorization error to last ldap error.
$config["auth_error"] = &$ldap_cache["error"];
unset ($req_keys, $opt_keys);
/**
* process_user_login accepts $login and $pass and handles it according to current authentication scheme
*
* @param string $login
* @param string $pass
*
* @return mixed False in case of error or invalid credentials, the username in case it's correct.
*/
function process_user_login ($login, $pass) {
if (!ldap_valid_login ($login, $pass)) {
return false;
}
global $config;
* include/functions_graph.php include/functions_html.php include/functions_messages.php include/db/postgresql.php include/db/mysql.php include/db/oracle.php include/functions_reporting.php include/functions_filemanager.php include/functions_gis.php include/auth/ldap.php include/auth/mysql.php include/functions_networkmap.php include/functions_network_components.php include/ajax/skins.ajax.php include/ajax/reporting.ajax.php include/ajax/visual_console_builder.ajax.php include/ajax/alert_list.ajax.php include/ajax/module.php include/functions_config.php include/functions_api.php include/help/en/help_timesource.php include/help/es/help_timesource.php include/help/ja/help_timesource.php include/config_process.php include/functions_ui.php include/functions_custom_graphs.php include/fgraph.php include/functions_incidents.php include/api.php include/functions_reports.php include/functions_ui_renders.php extensions/insert_data.php extensions/system_info.php extensions/extension_uploader.php extensions/pandora_logs.php extensions/agents_modules.php extensions/update_manager.php extensions/ssh_console.php extensions/dbmanager.php extensions/vnc_view.php extensions/resource_registration.php extensions/resource_exportation.php extensions/users_connected.php extensions/module_groups.php extensions/update_manager/load_updatemanager.php extensions/update_manager/lib/libupdate_manager_client.php extensions/update_manager/lib/libupdate_manager.php extensions/update_manager/lib/libupdate_manager_components.php extensions/update_manager/lib/libupdate_manager_updates.php extensions/update_manager/settings.php extensions/update_manager/main.php extensions/plugin_registration.php operation/incidents/incident.php operation/incidents/incident_detail.php operation/incidents/incident_statistics.php operation/search_modules.php operation/visual_console/render_view.php operation/visual_console/index.php operation/extensions.php operation/agentes/status_monitor.php operation/agentes/export_csv.php operation/agentes/estado_ultimopaquete.php operation/agentes/datos_agente.php operation/agentes/alerts_status.php operation/agentes/estado_generalagente.php operation/agentes/custom_fields.php operation/agentes/estado_agente.php operation/agentes/networkmap.topology.php operation/agentes/networkmap.groups.php operation/agentes/sla_view.php operation/agentes/exportdata.php operation/agentes/gis_view.php operation/agentes/estado_monitores.php operation/agentes/ver_agente.php operation/agentes/graphs.php operation/agentes/agent_fields.php operation/agentes/tactical.php operation/agentes/group_view.php operation/agentes/networkmap.php operation/agentes/stat_win.php operation/servers/view_server.php operation/servers/view_server_detail.php operation/menu.php operation/search_agents.php operation/search_graphs.php operation/snmpconsole/snmp_view.php operation/users/user_edit.php operation/gis_maps/render_view.php operation/gis_maps/ajax.php operation/integria_incidents/incident.php operation/integria_incidents/incident_detail.php operation/integria_incidents/incident_statistics.php operation/events/event_statistics.php operation/events/events_rss.php operation/events/export_csv.php operation/events/sound_events.php operation/events/events_validate.php operation/events/events_list.php operation/events/events_marquee.php operation/events/events.php operation/search_alerts.php operation/messages/message.php operation/reporting/reporting_xml.php operation/reporting/reporting_viewer.php operation/reporting/graph_viewer.php operation/search_reports.php operation/search_maps.php operation/search_users.php extras/pandora_diag.php mobile/operation/agents/monitor_status.php mobile/operation/agents/view_agents.php mobile/operation/agents/view_alerts.php mobile/operation/agents/group_view.php mobile/operation/events/events.php mobile/index.php general/error_authconfig.php general/links_menu.php general/logon_ok.php general/error_dbconfig.php general/ui/agents_list.php general/header.php godmode/groups/modu_group_list.php godmode/groups/configure_group.php godmode/groups/configure_modu_group.php godmode/groups/group_list.php godmode/admin_access_logs.php godmode/db/db_main.php godmode/db/db_audit.php godmode/db/db_sanity.php godmode/db/db_refine.php godmode/db/db_info.php godmode/db/db_event.php godmode/db/db_purge.php godmode/extensions.php godmode/agentes/agent_template.php godmode/agentes/module_manager_editor_common.php godmode/agentes/fields_manager.php godmode/agentes/agent_conf_gis.php godmode/agentes/module_manager_editor_prediction.php godmode/agentes/module_manager.php godmode/agentes/modificar_agente.php godmode/agentes/configurar_agente.php godmode/agentes/configure_field.php godmode/agentes/module_manager_editor.php godmode/agentes/planned_downtime.php godmode/agentes/manage_config_remote.php godmode/agentes/agent_manager.php godmode/servers/recon_script.php godmode/servers/plugin.php godmode/servers/manage_recontask.php godmode/servers/modificar_server.php godmode/servers/manage_recontask_form.php godmode/alerts/alert_list.list.php godmode/alerts/configure_alert_compound.php godmode/alerts/alert_compounds.php godmode/alerts/alert_list.php godmode/alerts/configure_alert_template.php godmode/alerts/alert_templates.php godmode/alerts/configure_alert_action.php godmode/alerts/configure_alert_command.php godmode/alerts/alert_actions.php godmode/alerts/alert_list.builder.php godmode/alerts/alert_commands.php godmode/setup/file_manager.php godmode/setup/os.list.php godmode/setup/news.php godmode/setup/gis_step_2.php godmode/setup/links.php godmode/setup/setup.php godmode/setup/os.php godmode/setup/performance.php godmode/setup/setup_auth.php godmode/setup/gis.php godmode/setup/os.builder.php godmode/setup/setup_visuals.php godmode/snmpconsole/snmp_alert.php godmode/snmpconsole/snmp_filters.php godmode/users/user_list.php godmode/users/configure_profile.php godmode/gis_maps/configure_gis_map.php godmode/gis_maps/index.php godmode/massive/massive_add_alerts.php godmode/massive/massive_copy_modules.php godmode/massive/massive_delete_agents.php godmode/massive/massive_enable_disable_alerts.php godmode/massive/massive_operations.php godmode/massive/massive_delete_profiles.php godmode/massive/massive_edit_agents.php godmode/massive/massive_delete_action_alerts.php godmode/massive/massive_delete_modules.php godmode/massive/massive_add_profiles.php godmode/massive/massive_delete_alerts.php godmode/massive/massive_edit_modules.php godmode/massive/massive_standby_alerts.php godmode/massive/massive_add_action_alerts.php godmode/modules/manage_network_components_form.php godmode/modules/manage_nc_groups_form.php godmode/modules/manage_network_templates.php godmode/modules/module_list.php godmode/modules/manage_network_components_form_common.php godmode/modules/manage_network_components_form_network.php godmode/modules/manage_network_templates_form.php godmode/modules/manage_network_components_form_wmi.php godmode/modules/manage_network_components.php godmode/modules/manage_nc_groups.php godmode/reporting/visual_console_builder.wizard.php godmode/reporting/graph_builder.main.php godmode/reporting/reporting_builder.list_items.php godmode/reporting/visual_console_builder.php godmode/reporting/reporting_builder.preview.php godmode/reporting/reporting_builder.main.php godmode/reporting/visual_console_builder.data.php godmode/reporting/visual_console_builder.elements.php godmode/reporting/graph_builder.php godmode/reporting/visual_console_builder.preview.php godmode/reporting/graph_builder.graph_editor.php godmode/reporting/reporting_builder.php godmode/reporting/visual_console_builder.editor.php godmode/reporting/reporting_builder.item_editor.php godmode/reporting/map_builder.php godmode/reporting/graphs.php godmode/reporting/graph_builder.preview.php include/functions_db.php: Added some includes and functions of this code have "db_" prefix. * include/functions.php: Moved function check_login(), check_acl(), dame_nombre_pluginid(), get_os_name() from functions_db.php to functions.php. * include/functions_groups.php: Moved functions get_childrens(), safe_acl_group() and get_parents(), give_disabled_group(), isAllGroups(), get_group_icon(), get_all_groups(), get_id_groups_recursive(), get_user_groups_tree_recursive(), get_group_status(), get_group_name(), get_group_users() from functions_db.php to this code. * include/functions_profile.php: New library with profile functions. Moved functions get_profile_name(), get_profiles(), create_user_profile(), delete_user_profile(), delete_profile() from functions_db.php to this code. Added new parameter in function get_profile() to retrieve profiles with filter conditions applied. * include/functions_users.php: New library with users functions. Moved functions get_users_info(), get_all_model_groups(), get_user_groups(), get_user_groups_tree(), get_user_first_group(), user_access_to_agent() from funtions_db.php to this code. * godmode/users/configure_user.php: Changed get_profile_filter() function to get_profile(). * include/functions_agents.php: Moved functions get_group_agents(), get_agent_modules(), get_agent_module_id(), get_agent_id(), get_agent_name(), get_agent_modules_data_count(), check_alert_fired(), get_agent_interval(), get_agent_os(), give_agentmodule_flag(), agent_add_address(), agent_delete_address(), get_agent_address(), get_agent_with_ip(), get_agent_addresses(), get_agent_status(), delete_agent(), get_agentmodule_group(), get_agent_group() from functions_db.php to this code. * include/functions_modules.php: Moved functions get_agentmodule(), get_agentmodule_id(), get_agentmodule_is_init(), get_agent_modules_count(), get_module_type_name(), get_module_type_icon(), get_agentmodule_agent(), get_agentmodule_agent_name(), get_agentmodule_name(), get_agentmodule_type(), get_monitor_downs_in_period(), get_monitor_last_down_timestamp_in_period(), get_monitors_in_group(), get_monitors_in_agent(), get_monitors_down(), get_moduletype_name(), get_moduletype_description(), get_moduletypes(), get_module_interval(), show_icon_type(), give_modulecategory_name(), give_agent_id_from_module_id(), get_module_status(), get_agent_module_last_value(), get_previous_data(), get_agentmodule_modulegroup(), get_modulegroups(), get_modulegroup_name() from functions_db.php to this code. * include/functions_alerts.php: Moved functions get_alert_type(), get_agent_alert_fired(), get_module_alert_fired(), get_alert_fires_in_period(), get_group_alerts(), get_alerts_fired(), get_alert_last_fire_timestamp_in_period(), get_agentmodule_status(), get_agentmodule_last_status() from functions_db.php to this code. * include/functions_exportserver.php: Moved function dame_nombre_servidorexportacion() from functions_db.php to this code. * include/functions_events.php: Moved functions get_group_events(), get_agent_events(), get_module_events() from functions_db.php to this code. * include/functions_servers.php: Moved functions get_server_name(), show_server_type(), check_server_status(), server_status() from functions_db.php to this code. * include/functions_network_profiles.php: Moved function get_networkprofile_name() from functions_db.php to this code. * include/functions_visual_map.php: Moved functions get_layoutdata_x(), get_layoutdata_y() from fucntions_db.php to this code. * include/functions_io.php: Moved function __() from functions_db.php to this code. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4258 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2011-04-19 20:42:49 +02:00
$profile = db_get_value ("id_usuario", "tusuario_perfil", "id_usuario", $login);
if ($profile === false && empty ($config["auth"]["create_user_undefined"])) {
$config["auth_error"] = "No profile"; //Error message, don't translate
return false; //User doesn't have a profile so doesn't have access
}
elseif ($profile === false && !empty ($config["auth"]["create_user_undefined"])) {
2011-05-10 Juan Manuel Ramon <juanmanuel.ramon@artica.es> * include/functions_graph.php include/functions_users.php include/functions_html.php include/functions_menu.php include/functions_messages.php include/functions_modules.php include/functions_reporting.php include/functions_groups.php include/functions_gis.php include/auth/ldap.php include/auth/mysql.php include/functions_networkmap.php include/functions_network_components.php include/functions_visual_map.php include/functions_profile.php include/ajax/visual_console_builder.ajax.php include/ajax/alert_list.ajax.php include/ajax/module.php include/functions_config.php include/functions_api.php include/functions_ui.php include/functions_custom_graphs.php include/fgraph.php include/functions_agents.php include/functions_db.php include/functions_alerts.php include/functions_reports.php index.php extensions/insert_data.php extensions/agents_modules.php extensions/resource_registration.php extensions/resource_exportation.php extensions/module_groups.php operation/incidents/incident_detail.php operation/search_modules.php operation/agentes/status_monitor.php operation/agentes/export_csv.php operation/agentes/estado_ultimopaquete.php operation/agentes/datos_agente.php operation/agentes/alerts_status.php operation/agentes/estado_generalagente.php operation/agentes/estado_agente.php operation/agentes/sla_view.php operation/agentes/exportdata.php operation/agentes/gis_view.php operation/agentes/estado_monitores.php operation/agentes/ver_agente.php operation/agentes/graphs.php operation/agentes/group_view.php operation/search_agents.php operation/snmpconsole/snmp_view.php operation/users/user_edit.php operation/integria_incidents/incident_detail.php operation/gis_maps/render_view.php operation/gis_maps/ajax.php operation/events/events_rss.php operation/events/export_csv.php operation/events/events_list.php operation/events/events_marquee.php operation/events/events.php operation/search_alerts.php operation/messages/message.php operation/search_users.php mobile/operation/agents/monitor_status.php mobile/operation/agents/view_agents.php mobile/operation/agents/view_alerts.php mobile/operation/agents/group_view.php mobile/operation/events/events.php ajax.php general/ui/agents_list.php godmode/groups/configure_group.php godmode/groups/group_list.php godmode/db/db_refine.php godmode/db/db_info.php godmode/db/db_purge.php godmode/agentes/module_manager_editor_common.php godmode/agentes/module_manager_editor_network.php godmode/agentes/module_manager_editor_wmi.php godmode/agentes/module_manager_editor_plugin.php godmode/agentes/module_manager_editor_prediction.php godmode/agentes/agent_conf_gis.php godmode/agentes/module_manager.php godmode/agentes/modificar_agente.php godmode/agentes/configurar_agente.php godmode/agentes/module_manager_editor.php godmode/agentes/planned_downtime.php godmode/agentes/manage_config_remote.php godmode/agentes/agent_manager.php godmode/servers/manage_recontask_form.php godmode/alerts/alert_list.list.php godmode/alerts/configure_alert_compound.php godmode/alerts/alert_compounds.php godmode/alerts/alert_list.php godmode/alerts/configure_alert_template.php godmode/alerts/alert_templates.php godmode/alerts/configure_alert_action.php godmode/alerts/alert_actions.php godmode/alerts/alert_list.builder.php godmode/setup/setup_auth.php godmode/users/user_list.php godmode/users/configure_user.php godmode/users/configure_profile.php godmode/massive/massive_add_alerts.php godmode/massive/massive_copy_modules.php godmode/massive/massive_delete_agents.php godmode/massive/massive_enable_disable_alerts.php godmode/massive/massive_delete_profiles.php godmode/massive/massive_edit_agents.php godmode/massive/massive_delete_action_alerts.php godmode/massive/massive_delete_modules.php godmode/massive/massive_add_profiles.php godmode/massive/massive_delete_alerts.php godmode/massive/massive_edit_modules.php godmode/massive/massive_standby_alerts.php godmode/massive/massive_add_action_alerts.php godmode/reporting/visual_console_builder.wizard.php godmode/reporting/reporting_builder.list_items.php godmode/reporting/visual_console_builder.php godmode/reporting/reporting_builder.main.php godmode/reporting/visual_console_builder.data.php godmode/reporting/visual_console_builder.elements.php godmode/reporting/graph_builder.graph_editor.php godmode/reporting/reporting_builder.php godmode/reporting/reporting_builder.item_editor.php: Functions in functions_profile.php, functions_agents.php, functions_users.php, functions_massive_policies.php, functions_audit.php, functions_backup.php, functions_collection.php, functions_skins.php, functions_enterprise.php, functions_groups.php, functions_local_components.php, functions_metaconsole.php, functions_policies.php, functions_reporting.php, functions_reporting_csv.php, functions_reporting_pdf2.php, functions_services.php have their own prefixes. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@4333 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2011-05-10 20:51:09 +02:00
$ret = profile_create_user_profile ($login); //User doesn't have a profile but we are asked to create one
if ($ret === false) {
$config["auth_error"] = "Profile creation failed"; //Error message, don't translate
return false; //We couldn't create the profile for some or another reason
}
}
return $login;
}
/**
* Checks if a user is administrator.
*
* @param string User id.
*
* @return bool True is the user is admin
*/
function is_user_admin ($user_id) {
$admins = get_user_admins ();
if (in_array ($user_id, $admins)) {
return true;
}
return false;
}
/**
* Checks if a user exists
*
* @param string User id.
*
* @return bool True if the user exists
*/
function is_user ($id_user) {
$user = get_user_info ($id_user);
if (empty ($user))
return false;
return true;
}
/**
* Gets the users real name
*
* @param string User id.
*
* @return string The users full name
*/
function get_user_fullname ($id_user) {
$info = get_user_info ($id_user);
if (empty ($info)) {
//User doesn't exist
return '';
}
return (string) $info["fullname"];
}
/**
* Gets the users email
*
* @param string User id.
*
* @return string The users email address
*/
function get_user_email ($id_user) {
$info = get_user_info ($id_user);
return (string) $info["email"];
}
/**
* Get the user id field on a mixed structure.
*
* This function is needed to make auth system more compatible and independant.
*
* @param mixed User structure to get id. It might be a row returned from
* tusuario or tusuario_perfil. If it's not a row, the int value is returned.
*/
function get_user_id ($user) {
if (is_array ($user))
/* FIXME: Is this right? */
return $user['id_user'];
return (int) $user;
}
/**
* Gets the users info
*
* @param string User id.
*
* @return array User info
*/
function get_user_info ($id_user) {
global $ldap_cache;
if (!empty ($ldap_cache[$id_user])) {
return $ldap_cache[$id_user];
}
$ldap_cache[$id_user] = ldap_load_user ($id_user);
if ($ldap_cache[$id_user] === false) {
return array ();
}
return $ldap_cache[$id_user];
}
/**
* Get all users that are defined in the admin group in LDAP
*
* @return array Array of users or empty array
*/
function get_user_admins () {
global $ldap_cache, $config;
if (! empty ($ldap_cache["cached_admins"])) {
return $ldap_cache["cached_admins"];
}
else {
$ldap_cache["cached_admins"] = array ();
}
if (ldap_connect_bind ()) {
$search_filter = "(".$config["auth"]["ldap_admin_group_attr"]."=*)";
$sr = ldap_search ( $ldap_cache["ds"], $config["auth"]["ldap_admin_group_name"], $search_filter, array ($config["auth"]["ldap_admin_group_attr"]));
if (!$sr) {
$ldap_cache["error"] .= 'Error searching LDAP server (get_user_admins): ' . ldap_error ($ldap_cache["ds"]);
}
else {
$admins = ldap_get_entries( $ldap_cache["ds"], $sr);
for( $x = 0; $x < $admins[0][$config["auth"]["ldap_admin_group_attr"]]['count']; $x++) {
if ($config["auth"]["ldap_admin_group_type"] != 'posixgroup') {
$ldap_cache["cached_admins"][] = stripdn ($admins[0][$config["auth"]["ldap_admin_group_attr"]][$x]);
}
else {
$ldap_cache["cached_admins"][] = $admins[0][$config["auth"]["ldap_admin_group_attr"]][$x];
}
}
@ldap_free_result($sr);
}
@ldap_close ($ldap_cache["ds"]);
}
return $ldap_cache["cached_admins"];
}
/**
* Sets the last login for a user. LDAP doesn't have this (or it's inherent to the login process)
*
* @param string User id
*/
function process_user_contact ($id_user) {
//Empty function
}
/**
* LDAP user functions based on webcalendar's implementation
*
* File from webcalendar (GPL) project:
* $Id: user-ldap.php,v 1.42.2.1 2007/08/17 14:39:00 umcesrjones Exp $
*
* Note: this application assumes that usernames (logins) are unique.
*/
/**
* Function to search the dn for a given user. Error messages in $ldap_cache["error"];
*
* @param string User login
*
* @return mixed The DN if the user is found, false in other case
*/
function ldap_search_user ($login) {
global $ldap_cache, $config;
$nick = false;
if (ldap_connect_bind ()) {
$sr = @ldap_search ($ldap_cache["ds"], $config["auth"]["ldap_base_dn"], "(&(".$config["auth"]["ldap_login_attr"]."=".$login.")".$config["auth"]["ldap_user_filter"].")", array_values ($config["auth"]["ldap_user_attr"]));
if (!$sr) {
$ldap_cache["error"] .= 'Error searching LDAP server: ' . ldap_error ($ldap_cache["ds"]);
}
else {
$info = @ldap_get_entries ($ldap_cache["ds"], $sr );
if ( $info['count'] != 1 ) {
$ldap_cache["error"] .= 'Invalid user';
}
else {
$nick = $info[0]['dn'];
}
@ldap_free_result ($sr);
}
@ldap_close ($ldap_cache["ds"]);
}
return $nick;
}
/**
* Function to validate the user and password for a given login. Error messages in $ldap_cache["error"];
*
* @param string User login
* @param string User password (plain text)
*
* @return bool True if the login is correct, false in other case
*/
function ldap_valid_login ($login, $password) {
global $ldap_cache, $config;
if (! function_exists ("ldap_connect")) {
die ("Your installation of PHP does not support LDAP");
}
$ret = false;
if (!empty ($config["auth"]["ldap_port"])) {
$ds = @ldap_connect ($config["auth"]["ldap_server"], $config["auth"]["ldap_port"]); //Since this is a separate bind, we don't store it global
}
else {
$ds = @ldap_connect ($config["auth"]["ldap_server"]); //Since this is a separate bind we don't store it global
}
if ($ds) {
if ($config["auth"]["ldap_version"] > 0) {
ldap_set_option ($ds, LDAP_OPT_PROTOCOL_VERSION, $config["auth"]["ldap_version"]);
}
if ($config["auth"]["ldap_start_tls"] && !@ldap_start_tls ($ds)) {
$ldap_cache["error"] .= 'Could not start TLS for LDAP connection';
return $ret;
}
if (ldap_search_user ($login)) {
$r = @ldap_bind ($ds, $config["auth"]["ldap_login_attr"]."=".$login.",".$config["auth"]["ldap_base_dn"], $password);
if (!$r) {
$ldap_cache["error"] .= 'Invalid login';
//$ldap_cache["error"] .= ': incorrect password'; // uncomment for debugging
}
else {
$ret = true;
}
}
else {
$ldap_cache["error"] .= 'Invalid login';
//$ldap_cache["error"] .= ': no such user';
}
@ldap_close ($ds);
}
else {
$ldap_cache["error"] .= 'Error connecting to LDAP server';
}
return $ret;
}
/**
* Function to load user information according to PandoraFMS structure. Error messages in $ldap_cache["error"];
*
* @param string User login
*
* @return mixed Array with the information, false in other case
*/
function ldap_load_user ($login) {
global $ldap_cache, $config;
$ret = false;
$time = get_system_time ();
if (ldap_connect_bind ()) {
$sr = ldap_search ($ldap_cache["ds"], $config["auth"]["ldap_base_dn"], "(&(".$config["auth"]["ldap_login_attr"]."=".$login.")".$config["auth"]["ldap_user_filter"].")", array_values ($config["auth"]["ldap_user_attr"]));
if (!$sr) {
$ldap_cache["error"] .= 'Error searching LDAP server (load_user): ' . ldap_error( $ldap_cache["ds"] );
}
else {
$info = @ldap_get_entries ($ldap_cache["ds"], $sr);
if ($info['count'] != 1) {
$ldap_cache["error"] .= 'Invalid login';
//$ldap_cache["error"] .= ', could not load user'; //Uncomment for debugging
}
else {
$ret = array ();
foreach ($config["auth"]["ldap_user_attr"] as $internal_key => $ldap_key) {
$ret["last_connect"] = $time;
$ret["registered"] = $time;
$ret["is_admin"] = is_user_admin ($info[0][$config["auth"]["ldap_user_attr"]["id_user"]][0]);
if (isset ($info[0][$ldap_key])) {
$ret[$internal_key] = $info[0][$ldap_key][0];
}
else {
$ret[$internal_key] = '';
}
}
}
@ldap_free_result ($sr);
}
@ldap_close ( $ldap_cache["ds"] );
}
else {
$ldap_cache["error"] .= 'Could not connect to LDAP server';
}
return $ret;
}
/**
* Function to create a new user. We don't do LDAP admin in Pandora, so not implemented.
*
* @return bool false
*/
function create_user () {
global $ldap_cache;
$ldap_cache["error"] .= 'Creating users not supported.';
return false;
}
/**
* Function to update a user. We don't do LDAP admin in Pandora, so not implemented.
*
* @return bool false
*/
function process_user () {
global $ldap_cache;
$ldap_cache["error"] .= 'Updating users not supported.';
return false;
}
/**
* Function to update a user password. We don't do LDAP admin in Pandora, so not implemented.
*
* @return bool false
*/
2009-03-26 Esteban Sanchez <estebans@artica.es> * godmode/users/configure_user.php: Complete rewritten to fix minor errors and fit the Pandora style. * include/auth/ldap.php: Removed process_user_isadmin(). Renamed process_user_password() to update_user_password(). Renamed process_user_info to update_user(). update_user_password() does not require old password anymore. * include/functions_db.php: Added empty checks on create_user_profile(). * include/functions_ui.php: print_error_message() renamed to print_result_message(). * godmode/agentes/configurar_agente.php, godmode/alerts/alert_actions.php, godmode/alerts/alert_commands.php, godmode/alerts/alert_compounds.php, godmode/alerts/alert_list.php, godmode/alerts/alert_templates.php, godmode/alerts/configure_alert_template.php, godmode/modules/manage_nc_groups.php, godmode/modules/manage_network_templates.php, godmode/modules/manage_network_templates_form.php, godmode/reporting/map_builder_wizard.php, godmode/reporting/reporting_builder.php, operation/agentes/alerts_status.php, operation/events/events.php, operation/incidents/incident.php, operation/incidents/incident_detail.php, operation/messages/message.php, operation/snmpconsole/snmp_view.php, operation/users/user_edit.php: Renamed print_result_message(). Some translatable strings reused to simplify i18n work. * godmode/users/user_list.php: Renamed print_result_message(). Use cross.png for deletion links. Style corrections. * godmode/setup/news.php: Renamed print_result_message(). Use process_sql_delete() instead of direct mysql_query. * godmode/reporting/map_builder.php: Renamed print_result_message(). Style correction on process_sql_update(). * godmode/alerts/configure_alert_compound.php: Renamed print_result_message(). Fixed steps_clean div. * godmode/setup/setup.php: Return control to index instead of exit. git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1567 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-03-26 12:14:49 +01:00
function update_user_password ($user, $password_old, $password_new) {
global $ldap_cache;
$ldap_cache["error"] = 'Changing passwords not supported';
return false;
}
/**
* Delete a user (preferences etc.) from the pandora database (NOT from LDAP)
*
* @param string $user User to delete
*
* @return bool True if successfully deleted, false otherwise
*/
function delete_user ($user) {
global $ldap_cache;
$ldap_cache["error"] = 'Deleting users not supported';
return false;
}
/**
* Function to get all users (for LDAP this also includes the admin users which you have to get separate)
*
* @param string Order currently not done for LDAP
*
* @return array List if successful, empty array otherwise
*/
function get_users ($order = false) {
global $ldap_cache, $config;
if (!empty ($ldap_cache["cached_users"])) {
return $ldap_cache["cached_users"];
}
$ldap_cache["cached_users"] = array ();
$time = get_system_time ();
if (ldap_connect_bind ()) {
$sr = @ldap_search ($ldap_cache["ds"], $config["auth"]["ldap_base_dn"], $config["auth"]["ldap_user_filter"], array_values ($config["auth"]["ldap_user_attr"]));
if (!$sr) {
$ldap_cache["error"] .= 'Error searching LDAP server (get_users): ' . ldap_error( $ldap_cache["ds"] );
}
else {
ldap_sort ($ldap_cache["ds"], $sr, $config["auth"]["ldap_user_attr"]["fullname"]);
$info = @ldap_get_entries( $ldap_cache["ds"], $sr );
for ( $i = 0; $i < $info['count']; $i++ ) {
foreach ($config["auth"]["ldap_user_attr"] as $internal_key => $ldap_key) {
$ret[$info[$i][$config["auth"]["ldap_user_attr"]["id_user"]][0]]["last_connect"] = $time;
if (isset ($info[$i][$ldap_key])) {
$ret[$info[$i][$config["auth"]["ldap_user_attr"]["id_user"]][0]][$internal_key] = $info[$i][$ldap_key][0];
}
else {
$ret[$info[$i][$config["auth"]["ldap_user_attr"]["id_user"]][0]][$internal_key] = '';
}
$ret[$info[$i][$config["auth"]["ldap_user_attr"]["id_user"]][0]]["is_admin"] = is_user_admin ($info[$i][$config["auth"]["ldap_user_attr"]["id_user"]][0]);
}
}
@ldap_free_result($sr);
}
@ldap_close ( $ldap_cache["ds"] );
}
//Admins are also users and since they can be in separate channels in LDAP, we merge them
$ldap_cache["cached_users"] = $ret;
return $ldap_cache["cached_users"];
}
/**
* Strip everything but the username (uid) from a dn.
* Example: path description
* stripdn(uid=jeffh,ou=people,dc=example,dc=com) returns jeffh
* @param string dn the dn you want to strip the uid from.
* @return string userid
*/
function stripdn ($dn) {
list ($uid, $trash) = explode (',', $dn, 2);
list ($trash, $user) = explode ('=', $uid);
return ($user);
}
/**
* Connects and binds to the LDAP server
* Tries to connect as $config["auth"]["ldap_admin_dn"] if we set it.
* @return boolean Bind result or false
*/
function ldap_connect_bind () {
global $ldap_cache, $config;
if (! function_exists ('ldap_connect')) {
die ('Your installation of PHP does not support LDAP');
}
$ret = false;
if (!empty ($config["auth"]["ldap_port"]) && !is_resource ($ldap_cache["ds"])) {
$ldap_cache["ds"] = @ldap_connect ($config["auth"]["ldap_server"], $config["auth"]["ldap_port"]);
}
elseif (!is_resource ($ldap_cache["ds"])) {
$ldap_cache["ds"] = @ldap_connect ($config["auth"]["ldap_server"]);
}
else {
return true;
}
if ($ldap_cache["ds"]) {
if (!empty ($config["auth"]["ldap_version"])) {
ldap_set_option($ldap_cache["ds"], LDAP_OPT_PROTOCOL_VERSION, $config["auth"]["ldap_version"]);
}
if (!empty ($config["auth"]["ldap_start_tls"])) {
if (!ldap_start_tls ($ldap_cache["ds"])) {
$ldap_cache["error"] .= 'Could not start TLS for LDAP connection';
return $ret;
}
}
if (!empty ($config["auth"]["ldap_admin_dn"])) {
$r = @ldap_bind ($ldap_cache["ds"], $config["auth"]["ldap_admin_dn"], $config["auth"]["ldap_admin_pwd"]);
}
else {
$r = @ldap_bind ($ldap_cache["ds"]);
}
if (!$r) {
$ldap_cache["error"] .= 'Invalid bind login for LDAP Server or (in case of OpenLDAP 2.x) could not connect';
return $ret;
}
return true;
}
else {
$ldap_cache["error"] .= 'Error connecting to LDAP server';
return $ret;
}
}
?>