| 1 |
<?php |
<?php |
| 2 |
// $Id: ldapauth.admin.inc,v 1.3 2009/03/18 12:12:02 miglius Exp $ |
// $Id: ldapauth.admin.inc,v 1.4 2009/03/23 17:58:25 miglius Exp $ |
| 3 |
|
|
| 4 |
/** |
/** |
| 5 |
* @file |
* @file |
| 200 |
* The form structure. |
* The form structure. |
| 201 |
*/ |
*/ |
| 202 |
function ldapauth_admin_form(&$form_state, $op = NULL, $sid = NULL) { |
function ldapauth_admin_form(&$form_state, $op = NULL, $sid = NULL) { |
| 203 |
|
drupal_add_js(drupal_get_path('module', 'ldapauth') .'/ldapauth.admin.js'); |
| 204 |
|
|
| 205 |
if ($op == "edit" && $sid) { |
if ($op == "edit" && $sid) { |
| 206 |
$edit = db_fetch_array(db_query("SELECT * FROM {ldapauth} WHERE sid = %d", $sid)); |
$edit = db_fetch_array(db_query("SELECT * FROM {ldapauth} WHERE sid = %d", $sid)); |
| 207 |
$form['sid'] = array( |
$form['sid'] = array( |
| 321 |
$form['advanced'] = array( |
$form['advanced'] = array( |
| 322 |
'#type' => 'fieldset', |
'#type' => 'fieldset', |
| 323 |
'#title' => t('Advanced configuration'), |
'#title' => t('Advanced configuration'), |
| 324 |
'#description' => t('<p>The process of authentication starts by establishing an anonymous connection to the LDAP directory and looking up for the user on it. Once this user is found, LDAP authentication is performed on them.</p><p>However, some LDAP configurations (specially common in <strong>Active Directory</strong> setups) restrict anonymous searches.</p><p>If your LDAP setup does not allow anonymous searches, or these are restricted in such a way that login names for users cannot be retrieved as a result of them, then you have to specify here a DN//password pair that will be used for these searches.</p><p>For security reasons, this pair should belong to an LDAP account with stripped down permissions.</p><p>"Test" tries authentication with the saved DN and password and prints the result.</p>'), |
'#description' => t('<p>The process of authentication starts by establishing an anonymous connection to the LDAP directory and looking up for the user on it. Once this user is found, LDAP authentication is performed on them.</p><p>However, some LDAP configurations (specially common in <strong>Active Directory</strong> setups) restrict anonymous searches.</p><p>If your LDAP setup does not allow anonymous searches, or these are restricted in such a way that login names for users cannot be retrieved as a result of them, then you have to specify here a DN//password pair that will be used for these searches.</p><p>For security reasons, this pair should belong to an LDAP account with stripped down permissions.</p>'), |
| 325 |
'#collapsible' => TRUE, |
'#collapsible' => TRUE, |
| 326 |
'#collapsed' => TRUE |
'#collapsed' => FALSE, |
|
); |
|
|
$form['advanced']['binddn'] = array( |
|
|
'#type' => 'textfield', |
|
|
'#title' => t('DN for non-anonymous search'), |
|
|
'#default_value' => $edit['binddn'], |
|
|
'#size' => 50, |
|
|
'#maxlength' => 255, |
|
| 327 |
); |
); |
| 328 |
if (!$edit['bindpw']) { |
if (!$edit['bindpw']) { |
| 329 |
|
$form['advanced']['binddn'] = array( |
| 330 |
|
'#type' => 'textfield', |
| 331 |
|
'#title' => t('DN for non-anonymous search'), |
| 332 |
|
'#default_value' => $edit['binddn'], |
| 333 |
|
'#size' => 50, |
| 334 |
|
'#maxlength' => 255, |
| 335 |
|
); |
| 336 |
$form['advanced']['bindpw'] = array( |
$form['advanced']['bindpw'] = array( |
| 337 |
'#type' => 'password', |
'#type' => 'password', |
| 338 |
'#title' => t('Password for non-anonymous search'), |
'#title' => t('Password for non-anonymous search'), |
| 341 |
); |
); |
| 342 |
} |
} |
| 343 |
else { |
else { |
| 344 |
|
$form['advanced']['binddn'] = array( |
| 345 |
|
'#type' => 'item', |
| 346 |
|
'#title' => t('DN for non-anonymous search'), |
| 347 |
|
'#value' => $edit['binddn'], |
| 348 |
|
); |
| 349 |
// Give an option to clear the password. |
// Give an option to clear the password. |
| 350 |
$form['advanced']['bindpw_clear'] = array( |
$form['advanced']['bindpw_clear'] = array( |
| 351 |
'#type' => 'checkbox', |
'#type' => 'checkbox', |
| 352 |
'#title' => t('Clear current password'), |
'#title' => t('Clear current password and change DN'), |
| 353 |
'#default_value' => FALSE, |
'#default_value' => FALSE, |
| 354 |
); |
); |
| 355 |
} |
} |
| 356 |
$form['advanced']['test'] = array( |
$form['advanced']['test'] = array( |
| 357 |
'#type' => 'submit', |
'#type' => 'submit', |
| 358 |
'#value' => t('Test'), |
'#value' => t('Test'), |
| 359 |
|
'#suffix' => '<div id="test-spinner" style="display: none;">'. theme_image(drupal_get_path('module', 'ldapauth') .'/images/spinner.gif') .'</div><div id="test-message" class="messages" style="display: none;"></div>', |
| 360 |
); |
); |
| 361 |
|
|
| 362 |
$form['submit'] = array( |
$form['submit'] = array( |
| 398 |
} |
} |
| 399 |
else { |
else { |
| 400 |
if (isset($values['bindpw_clear'])) { |
if (isset($values['bindpw_clear'])) { |
| 401 |
db_query("UPDATE {ldapauth} SET name = '%s', server = '%s', port = %d, tls = %d, encrypted = %d, basedn = '%s', user_attr = '%s', mail_attr = '%s', binddn = '%s', login_php = '%s', filter_php = '%s' WHERE sid = %d", $values['name'], $values['server'], $values['port'], $values['tls'], $values['encrypted'], $values['basedn'], trim($values['user_attr']), trim($values['mail_attr']), $values['binddn'], trim($values['login_php']), trim($values['filter_php']), $values['sid']); |
db_query("UPDATE {ldapauth} SET name = '%s', server = '%s', port = %d, tls = %d, encrypted = %d, basedn = '%s', user_attr = '%s', mail_attr = '%s', login_php = '%s', filter_php = '%s' WHERE sid = %d", $values['name'], $values['server'], $values['port'], $values['tls'], $values['encrypted'], $values['basedn'], trim($values['user_attr']), trim($values['mail_attr']), trim($values['login_php']), trim($values['filter_php']), $values['sid']); |
| 402 |
if ($values['bindpw_clear']) { |
if ($values['bindpw_clear']) { |
| 403 |
db_query("UPDATE {ldapauth} SET bindpw = '' WHERE sid = %d", $values['sid']); |
db_query("UPDATE {ldapauth} SET bindpw = '' WHERE sid = %d", $values['sid']); |
| 404 |
} |
} |
| 523 |
return theme('admin_block_content', system_admin_menu_block(menu_get_item())); |
return theme('admin_block_content', system_admin_menu_block(menu_get_item())); |
| 524 |
} |
} |
| 525 |
|
|
| 526 |
|
/** |
| 527 |
|
* Implements the AJAX server test. |
| 528 |
|
* |
| 529 |
|
* @param $sid |
| 530 |
|
* LDAP server ID. |
| 531 |
|
* |
| 532 |
|
* @return |
| 533 |
|
* The JSON data. |
| 534 |
|
*/ |
| 535 |
|
function _ldapauth_ajax_test($sid) { |
| 536 |
|
global $_ldapauth_ldap; |
| 537 |
|
|
| 538 |
|
if (!is_numeric($sid)) { |
| 539 |
|
return; |
| 540 |
|
} |
| 541 |
|
|
| 542 |
|
_ldapauth_init($sid); |
| 543 |
|
|
| 544 |
|
if ($_POST['bindpw_clear'] == 'undefined') { |
| 545 |
|
$binddn = $_POST['binddn']; |
| 546 |
|
$bindpw = $_POST['bindpw']; |
| 547 |
|
} |
| 548 |
|
else { |
| 549 |
|
$binddn = $_ldapauth_ldap->getOption('binddn'); |
| 550 |
|
$bindpw = $_ldapauth_ldap->getOption('bindpw'); |
| 551 |
|
} |
| 552 |
|
|
| 553 |
|
drupal_json($_ldapauth_ldap->connect($binddn, $bindpw) ? array('status' => 1, 'message' => t('Authentication with the LDAP server succeeded.')) : array('status' => 0, 'message' => t('Authentication with the LDAP server failed.'))); |
| 554 |
|
exit; |
| 555 |
|
} |
| 556 |
|
|
Parent Directory
| 
Revision Log
| 
Revision Graph
| 
Patch