Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- diff --git a/src/Pluf/User.php b/src/Pluf/User.php
- index 86301f8..3365623 100644
- --- a/src/Pluf/User.php
- +++ b/src/Pluf/User.php
- @@ -259,15 +259,93 @@ class Pluf_User extends Pluf_Model
- {
- $where = 'login = '.$this->_toDb($login, 'login');
- $users = $this->getList(array('filter' => $where));
- - if ($users === false or count($users) !== 1) {
- - return false;
- - }
- - if ($users[0]->active and $users[0]->checkPassword($password)) {
- - return $users[0];
- + $ldap = Pluf::f('ldap_enable');
- + $ret = 2;
- + if ($users === false or count($users) !== 1)
- + {
- + $ret = -1;
- + if ($ldap === true) {
- + if (false === $this->checkCreditentialsLDAP($login,$password))
- + $ret = 0;
- + else $ret = 1;
- + }
- + else return false;
- }
- + if ($ret === 0 || $ret === -1)
- + return false;
- + else if ($ret === 1){
- + $users = $this->getList(array('filter'=>$where));
- + if ($users[0]->active && $users[0]->checkPassword($password)){
- + return $users[0];
- + }
- + }
- + else if ($users[0]->active && $users[0]->checkPassword($password))
- + return $users[0];
- return false;
- }
- + function createUser($fn,$ln,$login,$mail,$pass)
- + {
- + $user = new Pluf_User();
- + $user->first_name = $fn;
- + $user->last_name =$ln;
- + $user->login =$login;
- + $user->email = $mail;
- + $user->password=$pass;
- + $user->administrator = true;
- + $user->active = true;
- + $user->create();
- +
- +}
- +
- + /**
- + * Check if the login and password are valid, if they are not found in the database
- + *
- + */
- +
- +
- + function checkCreditentialsLDAP($login, $password)
- + {
- + //Connect to the LDAP Server having posixaccount users
- + $ldapHost = Pluf::f('ldap_host_port');
- + $binddn = Pluf::f('ldap_user');
- + $bindpass = Pluf::f('ldap_password');
- + $dn = Pluf::f('ldap_baseDn');
- + $version = Pluf::f('ldap_version');
- + $key=Pluf::f('ldap_primaryKey');
- + $ds=ldap_connect($ldapHost);
- + ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, $version);
- + $result=@ldap_bind($ds,$binddn,$bindpass);
- + if ($result)
- + {
- + $filter = "($key=$login)";
- + $sr = ldap_search($ds, $dn, $filter); //the search result
- + $entry = ldap_first_entry($ds, $sr); //returns the first entry of the search result
- + $countE = ldap_get_entries($ds,$sr);
- + if ($countE["count"] === 1)
- + {
- + $values = ldap_get_values($ds, $entry, "userPassword"); // returns the value of the attribute <<userPassword>>
- + $ldappassword = substr($values[0],7);
- + $salt = substr($ldappassword,0,12);
- + $inputpassword = crypt($password,$salt);
- + if ($ldappassword === $inputpassword)
- + {
- + //uid , firstname, lastname, mail, password, false,
- + $sn = ldap_get_values($ds, $entry, "sn");
- + $givenName = ldap_get_values($ds, $entry, "givenName");
- + $mail = ldap_get_values($ds, $entry, "tuMail");
- + $this->createUser($givenName[0],$sn[0],$login,$mail[0],$password);
- + return true;
- + }
- + else return false;
- + }
- + else return false;
- + }
- + else return false;
- + ldap_close($ds);
- + }
- +
- +
- /**
- * Set the last_login and date_joined before creating.
- *
- diff --git a/src/Pluf/Views.php b/src/Pluf/Views.php
- index 9081552..dae56fb 100644
- --- a/src/Pluf/Views.php
- +++ b/src/Pluf/Views.php
- @@ -61,7 +61,7 @@ class Pluf_Views
- and isset($request->POST['login'])
- and isset($request->POST['password'])) {
- $users = new Pluf_User();
- - if (false === ($user = $users->checkCreditentials($request->POST['login'], $request->POST['password']))) {
- + if (false === ($user = $users->checkCreditentials($request->POST['login'], $request->POST['password']))){
- $error = __('The login or the password is not valid. The login and the password are case sensitive.');
- } else {
- if (!$request->session->getTestCookie()) {d
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement