egroupware_official/admin/inc/accounts_ldap.inc.php

<?php
  /**************************************************************************\
  * phpGroupWare - administration                                            *
  * http://www.phpgroupware.org                                              *
  * --------------------------------------------                             *
  *  This program is free software; you can redistribute it and/or modify it *
  *  under the terms of the GNU General Public License as published by the   *
  *  Free Software Foundation; either version 2 of the License, or (at your  *
  *  option) any later version.                                              *
  \**************************************************************************/
  
  /* $Id$ */
  
  // Sections of code where taking from slapda http://www.jeremias.net/projects/sldapa  by
  // Jason Jeremias <jason@jeremias.net>
  
  
  $ldap = ldap_connect($phpgw_info["server"]["ldap_host"]);

  if (! @ldap_bind($ldap, $phpgw_info["server"]["ldap_root_dn"], $phpgw_info["server"]["ldap_root_pw"])) {
     echo "<p><b>Error binding to LDAP server.  Check your config</b>";
     exit;
  }

  function getSearchLine($searchstring)
  {
     if (($searchstring=="*") || ($searchstring=="")) {
        $searchline = "cn=*";
     } else {
        $searchline = sprintf("cn=*%s*",$searchstring);
     }
     return $searchline;
  }
  
  // Not the best method, but it works for now.
  function account_total()
  {
    global $phpgw_info, $ldap;

    $filter = "(|(uid=*))";
    $sr = ldap_search($ldap,$phpgw_info["server"]["ldap_context"],$filter,array("uid"));
    $info = ldap_get_entries($ldap, $sr);

    return count($info);
  }
  
  function account_view($loginid)
  {
    global $phpgw_info, $ldap;

    $filter = "(|(uid=$loginid))";
    $sr = ldap_search($ldap,$phpgw_info["server"]["ldap_context"],$filter,array("sn","givenname","uid","uidnumber"));
    $aci = ldap_get_entries($ldap, $sr);
    
    $account_info["account_id"]        = $aci[0]["uid"][0];
    $account_info["account_lid"]       = $aci[0]["uidnumber"][0];
    $account_info["account_lastname"]  = $aci[0]["sn"][0];
    $account_info["account_firstname"] = $aci[0]["givenname"][0];

    return $account_info;
  }

  function account_read($method,$start,$sort,$order)
  {
    global $phpgw_info, $ldap;
  
    $filter = "(|(uid=*))";
    $sr = ldap_search($ldap,$phpgw_info["server"]["ldap_context"],$filter,array("sn","givenname","uid","uidnumber"));
    $info = ldap_get_entries($ldap, $sr);
  
    for ($i=0; $i<count($info); $i++) {
       if (! $phpgw_info["server"]["global_denied_users"][$info[$i]["uid"][0]]) {
          $account_info[$i]["account_id"]        = $info[$i]["uidnumber"][0];
          $account_info[$i]["account_lid"]       = $info[$i]["uid"][0];
          $account_info[$i]["account_firstname"] = $info[$i]["givenname"][0];
          $account_info[$i]["account_lastname"]  = $info[$i]["sn"][0];
       }
    }

    return $account_info;
  }
  
  function account_add($account_info)
  {
     global $phpgw_info, $phpgw, $ldap;

     if ($phpgw_info["server"]["ldap_encryption_type"] == "DES") {
        $salt = $phpgw->common->randomstring(2);
        $account_info["passwd"] = $phpgw->common->des_cryptpasswd($account_info["passwd"], $salt);
     }

     if ($phpgw_info["server"]["ldap_encryption_type"] == "MD5") {
        $salt = $phpgw->common->randomstring(9);
        $account_info["passwd"] = $phpgw->common->md5_cryptpasswd($account_info["passwd"], $salt);
     }

     // This method is only temp.  We need to figure out the best way to assign uidnumbers and
     // guidnumbers.
     
     $phpgw->db->query("select (max(account_id)+1) from accounts");
     $phpgw->db->next_record();
     
     $account_info["account_id"] = $phpgw->db->f(0);

     // Much of this is going to be guess work for now, until we get things planned out.
     $entry["uid"]              = $account_info["loginid"];
     $entry["uidNumber"]        = $account_info["account_id"];
     $entry["gidNumber"]		= $account_info["account_id"];
     $entry["userpassword"]	 = $account_info["passwd"];
     $entry["loginShell"]	   = "/bin/bash";
     $entry["homeDirectory"]	= "/home/" . $account_info["loginid"];
     $entry["cn"]			   = sprintf("%s %s", $account_info["firstname"], $account_info["lastname"]);
     $entry["sn"]			   = $account_info["lastname"];
     $entry["givenname"]		= $account_info["firstname"];
     //$entry["company"]		  = $company;
     //$entry["title"] 		   = $title;
     $entry["mail"]			 = $account_info["loginid"] . "@" . $phpgw_info["server"]["mail_suffix"];
     //$entry["telephonenumber"]  = $telephonenumber;
     //$entry["homephone"]		= $homephone;
     //$entry["pagerphone"]	   = $pagerphone;
     //$entry["cellphone"]		= $cellphone;
     //$entry["streetaddress"]	= $streetaddress;
     //$entry["locality"]		 = $locality;
     //$entry["st"] 			  = $st;
     //$entry["postalcode"]	   = $postalcode;
     //$entry["countryname"] 	 = $countryname;
     //$entry["homeurl"]		  = $homeurl;
     //$entry["description"]	  = $description;
     $entry["objectclass"][0]   = "account";
     $entry["objectclass"][1]   = "posixAccount";
     $entry["objectclass"][2]   = "shadowAccount";
     $entry["objectclass"][3]   = "inetOrgperson";
     $entry["objectclass"][4]   = "person";
     $entry["objectclass"][5]   = "top";
     /* $dn=sprintf("cn=%s %s, %s", $givenname, $sn, $BASEDN);*/
     $dn=sprintf("uid=%s, %s", $account_info["loginid"], $phpgw_info["server"]["ldap_context"]);
      
     // add the entries
     if (ldap_add($ldap, $dn, $entry)) {
        $cd = 28;
     } else {
        $cd = 99;		// Come out with a code for this
     }
  
     @ldap_close($ldap);
     
     $phpgw->db->lock(array("accounts","preferences"));

     $phpgw->common->preferences_add($account_info["loginid"],"maxmatchs","common","15");
     $phpgw->common->preferences_add($account_info["loginid"],"theme","common","default");
     $phpgw->common->preferences_add($account_info["loginid"],"tz_offset","common","0");
     $phpgw->common->preferences_add($account_info["loginid"],"dateformat","common","m/d/Y");
     $phpgw->common->preferences_add($account_info["loginid"],"timeformat","common","12");
     $phpgw->common->preferences_add($account_info["loginid"],"lang","common","en");
     $phpgw->common->preferences_add($account_info["loginid"],"company","addressbook","True");
     $phpgw->common->preferences_add($account_info["loginid"],"lastname","addressbook","True");
     $phpgw->common->preferences_add($account_info["loginid"],"firstname","addressbook","True");

     // Even if they don't have access to the calendar, we will add these.
     // Its better then the calendar being all messed up, they will be deleted
     // the next time the update there preferences.
     $phpgw->common->preferences_add($account_info["loginid"],"weekstarts","calendar","Monday");
     $phpgw->common->preferences_add($account_info["loginid"],"workdaystarts","calendar","9");
     $phpgw->common->preferences_add($account_info["loginid"],"workdayends","calendar","17");

     while ($permission = each($account_info["permissions"])) {
       if ($phpgw_info["apps"][$permission[0]]["enabled"]) {
          $phpgw->accounts->add_app($permission[0]);
       }
     }

     $sql = "insert into accounts (account_id,account_lid,account_pwd,account_firstname,"
          . "account_lastname,account_permissions,account_groups,account_status,"
          . "account_lastpwd_change) values ('" . $account_info["account_id"] . "','"
          . $account_info["loginid"] . "','x','". addslashes($account_info["firstname"]) . "','"
          . addslashes($account_info["lastname"]) . "','" . $phpgw->accounts->add_app("",True)
          . "','" . $account_info["groups"] . "','A',0)";

     $phpgw->db->query($sql);
     $phpgw->db->unlock();

     $sep = $phpgw->common->filesystem_separator();

     $basedir = $phpgw_info["server"]["files_dir"] . $sep . "users" . $sep;

     if (! @mkdir($basedir . $n_loginid, 0707)) {
        $cd = 36;
     } else {
        $cd = 28;
     }

     return $cd;
  }
  
  function account_edit($account_info)
  {
  
  }
  
  function account_delete($account_id)
  {
    global $phpgw_info, $phpgw, $ldap;

    $phpgw->db->query("select account_lid from accounts where account_id='$account_id'");
    $phpgw->db->next_record();
    
    ldap_delete($ldap,"uid=" . $phpgw->db->f("account_lid") . ", ". $phpgw_info["server"]["ldap_context"]);
  }

  function account_exsists($loginid)
  {

  }
  
  function account_close()
  {
     @ldap_close($ldap);  
  }
Started adding the LDAP admin section functions 2000-10-20 04:45:54 +02:00			`<?php`
			`/**************************************************************************\`
			`* phpGroupWare - administration *`
			`* http://www.phpgroupware.org *`
			`* -------------------------------------------- *`
			`* This program is free software; you can redistribute it and/or modify it *`
			`* under the terms of the GNU General Public License as published by the *`
			`* Free Software Foundation; either version 2 of the License, or (at your *`
			`* option) any later version. *`
			`\**************************************************************************/`

			`/* $Id$ */`

Fixed parse error and working on LDAP admin section 2000-10-20 07:43:27 +02:00			`// Sections of code where taking from slapda http://www.jeremias.net/projects/sldapa by`
			`// Jason Jeremias <jason@jeremias.net>`

More work on creating the functions for the LDAP admin section 2000-10-20 07:59:25 +02:00
			`$ldap = ldap_connect($phpgw_info["server"]["ldap_host"]);`

LDAP list users is now working 2000-10-23 04:48:34 +02:00			`if (! @ldap_bind($ldap, $phpgw_info["server"]["ldap_root_dn"], $phpgw_info["server"]["ldap_root_pw"])) {`
More work on creating the functions for the LDAP admin section 2000-10-20 07:59:25 +02:00			`echo "<p><b>Error binding to LDAP server. Check your config</b>";`
			`exit;`
			`}`

LDAP list users is now working 2000-10-23 04:48:34 +02:00			`function getSearchLine($searchstring)`
			`{`
			`if (($searchstring=="*") \|\| ($searchstring=="")) {`
			`$searchline = "cn=*";`
			`} else {`
			`$searchline = sprintf("cn=%s",$searchstring);`
			`}`
			`return $searchline;`
			`}`

			`// Not the best method, but it works for now.`
			`function account_total()`
			`{`
			`global $phpgw_info, $ldap;`

			`$filter = "(\|(uid=*))";`
more work on LDAP 2000-10-23 07:44:39 +02:00			`$sr = ldap_search($ldap,$phpgw_info["server"]["ldap_context"],$filter,array("uid"));`
LDAP list users is now working 2000-10-23 04:48:34 +02:00			`$info = ldap_get_entries($ldap, $sr);`

			`return count($info);`
			`}`
more work on LDAP 2000-10-23 07:44:39 +02:00
			`function account_view($loginid)`
			`{`
			`global $phpgw_info, $ldap;`

			`$filter = "(\|(uid=$loginid))";`
			`$sr = ldap_search($ldap,$phpgw_info["server"]["ldap_context"],$filter,array("sn","givenname","uid","uidnumber"));`
			`$aci = ldap_get_entries($ldap, $sr);`

			`$account_info["account_id"] = $aci[0]["uid"][0];`
			`$account_info["account_lid"] = $aci[0]["uidnumber"][0];`
			`$account_info["account_lastname"] = $aci[0]["sn"][0];`
			`$account_info["account_firstname"] = $aci[0]["givenname"][0];`

			`return $account_info;`
			`}`
Adding users to LDAP is now working 2000-10-23 03:14:21 +02:00
More work on the SQL version of the admin section, editing accounts is now working 2000-10-20 06:43:13 +02:00			`function account_read($method,$start,$sort,$order)`
Started adding the LDAP admin section functions 2000-10-20 04:45:54 +02:00			`{`
LDAP list users is now working 2000-10-23 04:48:34 +02:00			`global $phpgw_info, $ldap;`
Started adding the LDAP admin section functions 2000-10-20 04:45:54 +02:00
LDAP list users is now working 2000-10-23 04:48:34 +02:00			`$filter = "(\|(uid=*))";`
more work on LDAP 2000-10-23 07:44:39 +02:00			`$sr = ldap_search($ldap,$phpgw_info["server"]["ldap_context"],$filter,array("sn","givenname","uid","uidnumber"));`
LDAP list users is now working 2000-10-23 04:48:34 +02:00			`$info = ldap_get_entries($ldap, $sr);`

			`for ($i=0; $i<count($info); $i++) {`
More work on LDAP read accounts 2000-10-23 05:33:30 +02:00			`if (! $phpgw_info["server"]["global_denied_users"][$info[$i]["uid"][0]]) {`
more work on LDAP 2000-10-23 07:44:39 +02:00			`$account_info[$i]["account_id"] = $info[$i]["uidnumber"][0];`
More work on LDAP read accounts 2000-10-23 05:33:30 +02:00			`$account_info[$i]["account_lid"] = $info[$i]["uid"][0];`
			`$account_info[$i]["account_firstname"] = $info[$i]["givenname"][0];`
			`$account_info[$i]["account_lastname"] = $info[$i]["sn"][0];`
			`}`
LDAP list users is now working 2000-10-23 04:48:34 +02:00			`}`

			`return $account_info;`
Started adding the LDAP admin section functions 2000-10-20 04:45:54 +02:00			`}`

			`function account_add($account_info)`
			`{`
Adding users to LDAP is now working 2000-10-23 03:14:21 +02:00			`global $phpgw_info, $phpgw, $ldap;`
Fixed parse error and working on LDAP admin section 2000-10-20 07:43:27 +02:00
More work on LDAP admin section 2000-10-20 07:51:27 +02:00			`if ($phpgw_info["server"]["ldap_encryption_type"] == "DES") {`
Adding users to LDAP is now working 2000-10-23 03:14:21 +02:00			`$salt = $phpgw->common->randomstring(2);`
Update changepassword to work with LDAP 2000-10-26 00:09:41 +02:00			`$account_info["passwd"] = $phpgw->common->des_cryptpasswd($account_info["passwd"], $salt);`
More work on LDAP admin section 2000-10-20 07:51:27 +02:00			`}`
Fixed parse error and working on LDAP admin section 2000-10-20 07:43:27 +02:00
			`if ($phpgw_info["server"]["ldap_encryption_type"] == "MD5") {`
Adding users to LDAP is now working 2000-10-23 03:14:21 +02:00			`$salt = $phpgw->common->randomstring(9);`
Update changepassword to work with LDAP 2000-10-26 00:09:41 +02:00			`$account_info["passwd"] = $phpgw->common->md5_cryptpasswd($account_info["passwd"], $salt);`
Fixed parse error and working on LDAP admin section 2000-10-20 07:43:27 +02:00			`}`

Adding users to LDAP is now working 2000-10-23 03:14:21 +02:00			`// This method is only temp. We need to figure out the best way to assign uidnumbers and`
			`// guidnumbers.`

			`$phpgw->db->query("select (max(account_id)+1) from accounts");`
			`$phpgw->db->next_record();`

			`$account_info["account_id"] = $phpgw->db->f(0);`

			`// Much of this is going to be guess work for now, until we get things planned out.`
			`$entry["uid"] = $account_info["loginid"];`
			`$entry["uidNumber"] = $account_info["account_id"];`
			`$entry["gidNumber"] = $account_info["account_id"];`
			`$entry["userpassword"] = $account_info["passwd"];`
			`$entry["loginShell"] = "/bin/bash";`
			`$entry["homeDirectory"] = "/home/" . $account_info["loginid"];`
			`$entry["cn"] = sprintf("%s %s", $account_info["firstname"], $account_info["lastname"]);`
			`$entry["sn"] = $account_info["lastname"];`
			`$entry["givenname"] = $account_info["firstname"];`
			`//$entry["company"] = $company;`
			`//$entry["title"] = $title;`
			`$entry["mail"] = $account_info["loginid"] . "@" . $phpgw_info["server"]["mail_suffix"];`
			`//$entry["telephonenumber"] = $telephonenumber;`
			`//$entry["homephone"] = $homephone;`
			`//$entry["pagerphone"] = $pagerphone;`
			`//$entry["cellphone"] = $cellphone;`
			`//$entry["streetaddress"] = $streetaddress;`
			`//$entry["locality"] = $locality;`
			`//$entry["st"] = $st;`
			`//$entry["postalcode"] = $postalcode;`
			`//$entry["countryname"] = $countryname;`
			`//$entry["homeurl"] = $homeurl;`
			`//$entry["description"] = $description;`
Fixed parse error and working on LDAP admin section 2000-10-20 07:43:27 +02:00			`$entry["objectclass"][0] = "account";`
			`$entry["objectclass"][1] = "posixAccount";`
			`$entry["objectclass"][2] = "shadowAccount";`
			`$entry["objectclass"][3] = "inetOrgperson";`
Adding users to LDAP is now working 2000-10-23 03:14:21 +02:00			`$entry["objectclass"][4] = "person";`
Fixed parse error and working on LDAP admin section 2000-10-20 07:43:27 +02:00			`$entry["objectclass"][5] = "top";`
			`/* $dn=sprintf("cn=%s %s, %s", $givenname, $sn, $BASEDN);*/`
Adding users to LDAP is now working 2000-10-23 03:14:21 +02:00			`$dn=sprintf("uid=%s, %s", $account_info["loginid"], $phpgw_info["server"]["ldap_context"]);`
Fixed parse error and working on LDAP admin section 2000-10-20 07:43:27 +02:00
			`// add the entries`
			`if (ldap_add($ldap, $dn, $entry)) {`
			`$cd = 28;`
			`} else {`
			`$cd = 99; // Come out with a code for this`
			`}`
Started adding the LDAP admin section functions 2000-10-20 04:45:54 +02:00
Fixed parse error and working on LDAP admin section 2000-10-20 07:43:27 +02:00			`@ldap_close($ldap);`
Adding users to LDAP is now working 2000-10-23 03:14:21 +02:00
			`$phpgw->db->lock(array("accounts","preferences"));`

			`$phpgw->common->preferences_add($account_info["loginid"],"maxmatchs","common","15");`
			`$phpgw->common->preferences_add($account_info["loginid"],"theme","common","default");`
			`$phpgw->common->preferences_add($account_info["loginid"],"tz_offset","common","0");`
			`$phpgw->common->preferences_add($account_info["loginid"],"dateformat","common","m/d/Y");`
			`$phpgw->common->preferences_add($account_info["loginid"],"timeformat","common","12");`
			`$phpgw->common->preferences_add($account_info["loginid"],"lang","common","en");`
			`$phpgw->common->preferences_add($account_info["loginid"],"company","addressbook","True");`
			`$phpgw->common->preferences_add($account_info["loginid"],"lastname","addressbook","True");`
			`$phpgw->common->preferences_add($account_info["loginid"],"firstname","addressbook","True");`

			`// Even if they don't have access to the calendar, we will add these.`
			`// Its better then the calendar being all messed up, they will be deleted`
			`// the next time the update there preferences.`
			`$phpgw->common->preferences_add($account_info["loginid"],"weekstarts","calendar","Monday");`
			`$phpgw->common->preferences_add($account_info["loginid"],"workdaystarts","calendar","9");`
			`$phpgw->common->preferences_add($account_info["loginid"],"workdayends","calendar","17");`

			`while ($permission = each($account_info["permissions"])) {`
			`if ($phpgw_info["apps"][$permission[0]]["enabled"]) {`
			`$phpgw->accounts->add_app($permission[0]);`
			`}`
			`}`

			`$sql = "insert into accounts (account_id,account_lid,account_pwd,account_firstname,"`
			`. "account_lastname,account_permissions,account_groups,account_status,"`
			`. "account_lastpwd_change) values ('" . $account_info["account_id"] . "','"`
			`. $account_info["loginid"] . "','x','". addslashes($account_info["firstname"]) . "','"`
			`. addslashes($account_info["lastname"]) . "','" . $phpgw->accounts->add_app("",True)`
			`. "','" . $account_info["groups"] . "','A',0)";`

			`$phpgw->db->query($sql);`
			`$phpgw->db->unlock();`

			`$sep = $phpgw->common->filesystem_separator();`

			`$basedir = $phpgw_info["server"]["files_dir"] . $sep . "users" . $sep;`

			`if (! @mkdir($basedir . $n_loginid, 0707)) {`
			`$cd = 36;`
			`} else {`
			`$cd = 28;`
			`}`
Fixed parse error and working on LDAP admin section 2000-10-20 07:43:27 +02:00
			`return $cd;`
Started adding the LDAP admin section functions 2000-10-20 04:45:54 +02:00			`}`

More work on the SQL version of the admin section, editing accounts is now working 2000-10-20 06:43:13 +02:00			`function account_edit($account_info)`
Started adding the LDAP admin section functions 2000-10-20 04:45:54 +02:00			`{`

			`}`

			`function account_delete($account_id)`
			`{`
LDAP delete users is now working 2000-10-23 08:34:25 +02:00			`global $phpgw_info, $phpgw, $ldap;`
Started adding the LDAP admin section functions 2000-10-20 04:45:54 +02:00
LDAP delete users is now working 2000-10-23 08:34:25 +02:00			`$phpgw->db->query("select account_lid from accounts where account_id='$account_id'");`
			`$phpgw->db->next_record();`

			`ldap_delete($ldap,"uid=" . $phpgw->db->f("account_lid") . ", ". $phpgw_info["server"]["ldap_context"]);`
Started adding the LDAP admin section functions 2000-10-20 04:45:54 +02:00			`}`
More work on the SQL version of the admin section, add and delete account now works 2000-10-20 05:30:28 +02:00
			`function account_exsists($loginid)`
			`{`

			`}`
More work on creating the functions for the LDAP admin section 2000-10-20 07:59:25 +02:00
			`function account_close()`
			`{`
			`@ldap_close($ldap);`
			`}`