From 38736d8f16348ef13cae37325a352ade79262ca1 Mon Sep 17 00:00:00 2001
From: guruevi <noreply@pandorafms.org>
Date: Fri, 6 Mar 2009 17:30:23 +0000
Subject: [PATCH] 2009-03-05  Evi Vanoost  <vanooste@rcbi.rochester.edu>

	* include/auth/dev.php: Updated examples

	* include/auth/ldap.php: Moved stuff in a more logical order
	and globalized $ldap_cache since now it is called from a function
	so it needs not be local

git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1519 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
---
 pandora_console/ChangeLog             |   8 +++
 pandora_console/include/auth/dev.php  |   2 +
 pandora_console/include/auth/ldap.php | 100 +++++++++++++-------------
 3 files changed, 62 insertions(+), 48 deletions(-)

diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog
index 3f07a9211a..e709a092db 100644
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@@ -1,3 +1,11 @@
+2009-03-05  Evi Vanoost  <vanooste@rcbi.rochester.edu>
+
+	* include/auth/dev.php: Updated examples
+	
+	* include/auth/ldap.php: Moved stuff in a more logical order
+	and globalized $ldap_cache since now it is called from a function
+	so it needs not be local
+
 2009-03-05  Sancho Lerena  <slerena@artica.es>
 
 	*  include/functions_reporting.php: Fixed notice.
diff --git a/pandora_console/include/auth/dev.php b/pandora_console/include/auth/dev.php
index 9d3f90e7f5..77117a2000 100644
--- a/pandora_console/include/auth/dev.php
+++ b/pandora_console/include/auth/dev.php
@@ -25,6 +25,8 @@ $config["admin_can_add_user"] = false;
 $config["admin_can_delete_user"] = false;
 $config["admin_can_disable_user"] = false;
 
+global $dev_cache; //This variable needs to be globalized because this file is called from within a function and thus local
+
 //DON'T USE THIS IF YOU DON'T KNOW WHAT YOU'RE DOING
 die ("This is a very dangerous authentication scheme. Only use for programming in case you should uncomment this line");
 
diff --git a/pandora_console/include/auth/ldap.php b/pandora_console/include/auth/ldap.php
index f5d81489e0..c8cb923d77 100644
--- a/pandora_console/include/auth/ldap.php
+++ b/pandora_console/include/auth/ldap.php
@@ -31,6 +31,48 @@ $config["admin_can_make_admin"] = false;
 $req_keys = array ("ldap_server", "ldap_base_dn", "ldap_login_attr", "ldap_admin_group_name", "ldap_admin_group_attr", "ldap_admin_group_type", "ldap_user_filter", "ldap_user_attr");
 $opt_keys = array ("ldap_port", "ldap_start_tls", "ldap_version", "ldap_admin_dn", "ldap_admin_pwd");
 
+global $ldap_cache; //Needs to be globalized because process_config () function calls this file first and the variable would be local and subsequently lost
+$ldap_cache = array ();
+$ldap_cache["error"] = "";
+$ldap_cache["ds"] = "";
+
+//Put each required key in a variable.
+foreach ($req_keys as $key) {
+	if (!isset ($config["auth"][$key])) {
+		user_error ("Required key ".$key." not set", E_USER_ERROR);
+	}
+}
+
+// Convert group name to lower case to prevent problems
+$config["auth"]["ldap_admin_group_attr"] = strtolower ($config["auth"]["ldap_admin_group_attr"]);
+$config["auth"]["ldap_admin_group_type"] = strtolower ($config["auth"]["ldap_admin_group_type"]);
+
+foreach ($opt_keys as $key) {
+	if (!isset ($config["auth"][$key])) {
+		switch ($key) {
+			case "ldap_start_tls":
+				$config["auth"][$key] = false;
+				continue;
+			case "ldap_version":
+				$config["auth"][$key] = 0;
+				continue;
+			case "ldap_admin_dn":
+			case "ldap_admin_pwd":	
+				$config["auth"][$key] = "";
+				continue;
+			default:
+				//Key not implemented
+				continue;
+		}
+	}
+}
+
+//Reference the global use authorization error to last ldap error.
+$config["auth_error"] = &$ldap_cache["error"];
+
+unset ($req_keys, $opt_keys);
+	
+
 /**
  * process_user_login accepts $login and $pass and handles it according to current authentication scheme
  *
@@ -312,6 +354,7 @@ function ldap_load_user ($login) {
 	global $ldap_cache, $config;
 		
 	$ret =  false;
+	$time = get_system_time ();
 	if (ldap_connect_bind ()) {
 		
 		$sr = ldap_search ($ldap_cache["ds"], $config["auth"]["ldap_base_dn"], "(&(".$config["auth"]["ldap_login_attr"]."=".$login.")".$config["auth"]["ldap_user_filter"].")", array_values ($config["auth"]["ldap_user_attr"]));
@@ -326,8 +369,8 @@ function ldap_load_user ($login) {
 			} else {
 				$ret = array ();
 				foreach ($config["auth"]["ldap_user_attr"] as $internal_key => $ldap_key) {
-					$ret["last_connect"] = get_system_time ();
-					$ret["registered"] = get_system_time ();
+					$ret["last_connect"] = $time;
+					$ret["registered"] = $time;
 					$ret["is_admin"] = is_user_admin ($info[0][$config["auth"]["ldap_user_attr"]["id_user"]][0]);
 					if (isset ($info[0][$ldap_key])) {
 						$ret[$internal_key] = $info[0][$ldap_key][0];
@@ -354,7 +397,7 @@ function ldap_load_user ($login) {
 function create_user () {
 	global $ldap_cache;
 	
-	$ldap_cache["error"] = 'Not yet supported.';
+	$ldap_cache["error"] .= 'Creating users not supported.';
 	return false;
 }
 
@@ -366,7 +409,7 @@ function create_user () {
 function process_user () {
 	global $ldap_cache;
 	
-	$ldap_cache["error"] = 'Not yet supported.';
+	$ldap_cache["error"] .= 'Updating users not supported.';
 	return false;
 }
 
@@ -378,7 +421,7 @@ function process_user () {
 function process_user_password ( $user, $password_old, $password_new ) {
 	global $ldap_cache;
 	
-	$ldap_cache["error"] = 'Not yet supported';
+	$ldap_cache["error"] = 'Changing passwords not supported';
 	return false;
 }
 
@@ -392,7 +435,7 @@ function process_user_password ( $user, $password_old, $password_new ) {
 function delete_user ($user) {
 	global $ldap_cache;
 	
-	$ldap_cache["error"] = 'Not yet supported';
+	$ldap_cache["error"] = 'Deleting users not supported';
 	return false;
 }
 
@@ -466,9 +509,9 @@ function ldap_connect_bind () {
 	
 	$ret = false;
 	
-	if (!empty ($config["auth"]["ldap_port"]) && (empty ($ldap_cache["ds"]) || !is_resource ($ldap_cache["ds"]))) {
+	if (!empty ($config["auth"]["ldap_port"]) && !is_resource ($ldap_cache["ds"])) {
 		$ldap_cache["ds"] = @ldap_connect ($config["auth"]["ldap_server"], $config["auth"]["ldap_port"]);
-	} elseif (empty ($ldap_cache["ds"]) || !is_resource ($ldap_cache["ds"])) {
+	} elseif (!is_resource ($ldap_cache["ds"])) {
 		$ldap_cache["ds"] = @ldap_connect ($config["auth"]["ldap_server"]);
 	} else {
 		return true;
@@ -503,43 +546,4 @@ function ldap_connect_bind () {
 	}
 }
 
-$ldap_cache = array ();
-$ldap_cache["error"] = "";
-$ldap_cache["ds"] = "";
-
-//Put each required key in a variable.
-foreach ($req_keys as $key) {
-	if (!isset ($config["auth"][$key])) {
-		user_error ("Required key ".$key." not set", E_USER_ERROR);
-	}
-}
-
-// Convert group name to lower case to prevent problems
-$config["auth"]["ldap_admin_group_attr"] = strtolower ($config["auth"]["ldap_admin_group_attr"]);
-$config["auth"]["ldap_admin_group_type"] = strtolower ($config["auth"]["ldap_admin_group_type"]);
-
-foreach ($opt_keys as $key) {
-	if (!isset ($config["auth"][$key])) {
-		switch ($key) {
-		case "ldap_start_tls":
-			$config["auth"][$key] = false;
-		continue;
-		case "ldap_version":
-			$config["auth"][$key] = 0;
-		continue;
-		case "ldap_admin_dn":
-		case "ldap_admin_pwd":	
-			$config["auth"][$key] = "";
-		continue;
-		default:
-			//Key not implemented
-		continue;
-		}
-	}
-}
-
-//Reference the global use authorization error to last ldap error.
-$config["auth_error"] = &$ldap_cache["error"];
-
-unset ($req_keys, $opt_keys);
-?>
+?>
\ No newline at end of file