modules/ldap_integration/ldapdata.admin.inc

<?php
// $Id: ldapdata.admin.inc,v 1.8 2009/03/30 08:33:26 miglius Exp $

/**
 * @file
 * Module admin page callbacks.
 */

//////////////////////////////////////////////////////////////////////////////
// ldapdata settings

 /**
 * Implements the settings page.
 *
 * @return
 *   The form structure.
 */
function ldapdata_admin_settings() {
  $form['sync'] = array(
    '#type' => 'fieldset',
    '#title' => t('Synchronizing options'),
    '#collapsible' => TRUE,
    '#collapsed' => FALSE,
  );
  $form['sync']['ldapdata_sync'] = array(
    '#type' => 'radios',
    '#title' => t('Synchronize LDAP data with Drupal profiles'),
    '#options' => array(t('When user logs in. (Use when LDAP rarely changes.)'), t('On each page load.'), t('Every time user object loaded in Drupal. (May cause high LDAP traffic.)')),
    '#default_value' => LDAPDATA_SYNC,
    '#description' => t('User edition will always synchronize the data despite the selection above.'),
  );

  $form['submit'] = array(
   '#type'  => 'submit',
    '#value' => t('Save configuration'),
  );
  $form['reset'] = array(
    '#type'  => 'submit',
    '#value' => t('Reset to defaults'),
  );

  $form['list']['#value'] = ldapdata_admin_list();

  return $form;
}

/**
 * Submit hook for the settings form.
 */
function ldapdata_admin_settings_submit($form, &$form_state) {
  $op = $form_state['clicked_button']['#value'];
  $values = $form_state['values'];
  switch ($op) {
    case t('Save configuration'):
      variable_set('ldapdata_sync', $values['ldapdata_sync']);

      drupal_set_message(t('The configuration options have been saved.'));
      break;
    case t('Reset to defaults'):
      variable_del('ldapdata_sync');

      drupal_set_message(t('The configuration options have been reset to their default values.'));
      break;
  }
}

/**
 * Implements the LDAP servers list.
 *
 * @return
 *   The HTML table with the servers list.
 */
function ldapdata_admin_list() {
  $rows = array();
  $result = db_query("SELECT sid, name, status FROM {ldapauth} ORDER BY weight");
  while ($row = db_fetch_object($result)) {
    $rows[] = array(
      'data' => array(
        $row->name,
        l(t('edit'), 'admin/settings/ldap/ldapdata/edit/'. $row->sid),
        l(t('reset'), 'admin/settings/ldap/ldapdata/reset/'. $row->sid),
      ),
      'class' => $row->status ? 'menu-enabled' : 'menu-disabled',
    );
  }

  $header = array(
    t('Server'),
    array('data' => t('Operations'), 'colspan' => 2),
  );

  return theme('table', $header, $rows);
}

/**
 * Implements the LDAP server edit page.
 *
 * @param $form_state
 *   A form state array.
 * @param $op
 *   An operatin - edit or reset.
 * @param $sid
 *   A LDAP server ID.
 *
 * @return
 *   The form structure.
 */
function ldapdata_admin_edit(&$form_state, $op, $sid) {
  drupal_add_js(drupal_get_path('module', 'ldapdata') .'/ldapdata.admin.js');

  if ($op == "reset" && $sid) {
    $form['sid'] = array(
      '#type' => 'value',
      '#value' => $sid,
      );
    return confirm_form(
      $form,
      t('Are you sure you want to reset the fields mapping to defaults ?'),
      'admin/settings/ldap/ldapdata',
      t('<em>This action cannot be undone.</p>'),
      t('Reset'),
      t('Cancel')
    );
  }
  elseif ($op == "edit" && $sid) {
    $edit = db_fetch_array(db_query("SELECT * FROM {ldapauth} WHERE sid = %d", $sid));

    $ldapdata_mappings = $edit['ldapdata_mappings'] ? unserialize($edit['ldapdata_mappings']) : array();
    $ldapdata_roattrs = $edit['ldapdata_roattrs'] ? unserialize($edit['ldapdata_roattrs']) : array();
    $ldapdata_rwattrs = $edit['ldapdata_rwattrs'] ? unserialize($edit['ldapdata_rwattrs']) : array();
    $ldapdata_attrs = $edit['ldapdata_attrs'] ? unserialize($edit['ldapdata_attrs']) : array();

    $form['description'] = array(
      '#value' => t('Configure profile synchronization settings for %server.', array('%server' => $edit['name'])),
    );

    // Attribute mapping.
    $form['mapping'] = array(
      '#type' => 'fieldset',
      '#title' => t('Drupal-LDAP fields mapping'),
      '#collapsible' => TRUE,
      '#collapsed' => FALSE,
    );
    $form['mapping']['ldapdata_mapping'] = array(
      '#type' => 'radios',
      '#title' => t('Drupal user profile field mapping'),
      '#default_value' => isset($ldapdata_mappings['access']) ? $ldapdata_mappings['access'] : LDAPDATA_MAP_ATTRIBUTES,
      '#options' => array(
        LDAPDATA_MAP_NOTHING => t('No mapping. (Clears any mappings defined below.)'),
        LDAPDATA_MAP_ATTRIBUTES_READ_ONLY => t('Read only: Drupal user profile fields have LDAP attributes.'),
        LDAPDATA_MAP_ATTRIBUTES => t('Read/write: Drupal user profile fields have LDAP attributes. LDAP attributes updated upon Drupal profile change.'),
      ),
    );
    $profile_fields = _ldapdata_retrieve_profile_fields();
    $standard_fields = _ldapdata_retrieve_standard_user_fields();
    $drupal_fields = $profile_fields + $standard_fields;
    $form['mapping']['mapping_pre'] = array(
      '#value' => t('<div class="form-item"><label>Specify mappings below if you selected the second or third option. </label><table><thead><tr><th> Drupal field</th><th>LDAP attribute</th></tr></thead><tbody>'),
    );
    $ldap_drupal_reverse_mappings = _ldapdata_reverse_mappings($sid);
    foreach ($drupal_fields as $key => $field) {
      $field_tmp = "ldap_amap-". $key;
      $_prefix = "<tr><td><label for=\"edit[$field_tmp]\">$field</label></td><td>";
      $form['mapping'][$field_tmp] = array(
        '#type' => 'textfield',
        '#default_value' => isset($ldapdata_mappings[$field_tmp]) ? $ldapdata_mappings[$field_tmp] : NULL,
        '#size' => '20',
        '#prefix' => $_prefix,
        '#suffix' => '</td>',
      );
    }
    $form['mapping']['mapping_post'] = array(
      '#value' => '</tbody></table></div>',
    );

    // Attribute access control.
    $form["attributes"] = array(
      '#type' => 'fieldset',
      '#title' => t('Attribute visibility & access control'),
      '#collapsible' => TRUE,
      '#collapsed' => FALSE,
      '#description' => t('Allows users to view or edit their LDAP attributes.'),
      '#tree' => TRUE,
    );
    $attributes = '';
    foreach ($ldapdata_attrs as $attr => $data)
      $attributes .= $attr .'|'. implode('|', $data) ."\n";
    $form['attributes']['ldapdata_attrs'] = array(
      '#type' => 'textarea',
      '#title' => t('Attributes'),
      '#default_value' => $attributes,
      '#cols' => 25,
      '#rows' => 5,
      '#description' => t('A list of the LDAP attributes and corresponding form data. If configured, they will be listed in a table below for a more control. The element type may be \'text\' or \'url\', the form element should be \'textfield\'. Please look at the following examples:<br /><code>cn|text|textfield|Common Name|64|64</code><br /><code>homePage|url|textfield|Other web pages|64|64</code>'),
    );
    $fields = $rooptions = $rwoptions = $roattrs = $rwattrs = array();
    foreach ($ldapdata_attrs as $attr => $data) {
      $fields[$attr] = $data[2];
    }
    foreach ($fields as $attr => $attr_name) {
      $rooptions[$attr]  = '';
      $rwoptions[$attr]  = '';

      if (in_array($attr, $ldapdata_roattrs))
        $roattrs[] = $attr;
      if (in_array($attr, $ldapdata_rwattrs))
        $rwattrs[] = $attr;

      $form['attributes']['table'][$attr] = array(
        '#value' => $attr_name,
      );
    }
    $form['attributes']['ldapdata_roattrs'] = array(
      '#type' => 'checkboxes',
      '#options' => $rooptions,
      '#default_value' => $roattrs,
    );
    $form['attributes']['ldapdata_rwattrs'] = array(
      '#type' => 'checkboxes',
      '#options' => $rwoptions,
      '#default_value' => $rwattrs,
    );
    $form['attributes']['header'] = array(
      '#type' => 'value',
      '#value' => array(
        array('data' => t('Attribute name')),
        array('data' => t('Readable by user?')),
        array('data' => t('Editable by user?')),
      )
    );
    $form['attributes']['ldapdata_filter_php'] = array(
      '#type' => 'textarea',
      '#title' => t('PHP to filter attributes'),
      '#default_value' => $edit['ldapdata_filter_php'],
      '#cols' => 25,
      '#rows' => 5,
      '#description' => t('Enter PHP to filter LDAP attributes. Careful, bad PHP code here will break your site. If left empty, no filtering will be done. If filter is set, then attributes will be only readable. The LDAP atributes array <code>$attributes</code> is available in the code context. The code should return a filtered <code>$attributes</code> array as in example bellow:<br /><code>$attributes[\'mail\'][0] = preg_replace(\'/([^@]+@).*/\', \'$1mail.com\', $attributes[\'mail\'][0]);</code><br /><code>return $attributes;</code>'),
    );

    // Advanced configuration.
    $form['advanced'] = array(
      '#type' => 'fieldset',
      '#title' => t('Advanced configuration'),
      '#description' => t('<p>When reading/editing attributes, this module logs on to the LDAP directory using the user\'s DN/pass pair. However, many LDAP setups do not allow their users to edit attributes.</p><p>If this is your case, but still you want users to edit their LDAP attributes via Drupal, you should set up an special user on your directory, with special access to edit your users\' attributes. Then this module will use it to log on and edit data.</p>'),
      '#collapsible' => TRUE,
      '#collapsed' => FALSE,
    );
    if (!$edit['ldapdata_bindpw']) {
      $form['advanced']['ldapdata_binddn'] = array(
        '#type' => 'textfield',
        '#title' => t('DN for reading/editing attributes'),
        '#default_value' => $edit['ldapdata_binddn'],
        '#size' => 50,
        '#maxlength' => 255,
      );
      $form['advanced']['ldapdata_bindpw'] = array(
        '#type' => 'password',
        '#title' => t('Password for reading/editing attributes'),
        '#size' => 50,
        '#maxlength' => 255,
      );
    }
    else {
      $form['advanced']['ldapdata_binddn'] =  array(
        '#type' => 'item',
        '#title' => t('DN for non-anonymous search'),
        '#value' => $edit['ldapdata_binddn'],
      );
      // Given an option to clear the password.
      $form['advanced']['ldapdata_bindpw_clear'] = array(
        '#type' => 'checkbox',
        '#default_value' => FALSE,
        '#title' => t('Clear current password and change DN'),
      );
    }
    $form['advanced']['test'] = array(
      '#type'  => 'submit',
      '#value' => t('Test'),
      '#suffix' => '<div id="test-spinner" style="display: none;">'. theme_image(drupal_get_path('module', 'ldapdata') .'/images/spinner.gif') .'</div><div id="test-message" class="messages" style="display: none;"></div>',
    );

    $form['sid'] = array(
      '#type' => 'hidden',
      '#value' => $sid,
    );

    $form['buttons']['submit'] = array(
      '#type' => 'submit',
      '#value' => t('Update'),
    );

    return $form;
  }
  else {
    drupal_goto('admin/settings/ldap/ldapdata');
  }
}

/**
 * Validate hook for the settings form.
 */
function ldapdata_admin_edit_validate($form, &$form_state) {
  $op = $form_state['clicked_button']['#value'];
  $values = $form_state['values'];
  switch ($op) {
    case t('Update'):
      $form_state['ldapdata_attrs'] = array();
      $ldapdata_attrs = TRUE;
      foreach ((trim($values['attributes']['ldapdata_attrs']) ? explode("\n", trim($values['attributes']['ldapdata_attrs'])) : array()) as $line) {
        if (count($data = explode('|', trim($line))) == 6)
          $form_state['ldapdata_attrs'] += array(trim(array_shift($data)) => $data);
        else
          $ldapdata_attrs = FALSE;
      }
      if (!$ldapdata_attrs)
        form_set_error('attributes][ldapdata_attrs', t('Bad attribute syntax.'));

      $form_state['ldapdata_mappings'] = array();
      $form_state['ldapdata_mappings']['access'] = $values['ldapdata_mapping'];
      if ($form_state['ldapdata_mappings']['access'] >= 4) {
        foreach (element_children($values) as $attr) {
          if (preg_match("/ldap_amap/", $attr) && $values[$attr])
            $form_state['ldapdata_mappings'][$attr] = $values[$attr];
        }
      }
      $form_state['ldapdata_mappings'] = !empty($form_state['ldapdata_mappings']) ? serialize($form_state['ldapdata_mappings']) : '';


      $form_state['ldapdata_roattrs'] = isset($values['attributes']['ldapdata_roattrs']) ? array_values(array_intersect($values['attributes']['ldapdata_roattrs'], array_keys($form_state['ldapdata_attrs']))) : array();
      $form_state['ldapdata_roattrs'] = !empty($form_state['ldapdata_roattrs']) ? serialize($form_state['ldapdata_roattrs']) : '';

      $form_state['ldapdata_rwattrs'] = isset($values['attributes']['ldapdata_rwattrs']) ? array_values(array_intersect($values['attributes']['ldapdata_rwattrs'], array_keys($form_state['ldapdata_attrs']))) : array();
      $form_state['ldapdata_rwattrs'] = !empty($form_state['ldapdata_rwattrs']) ? serialize($form_state['ldapdata_rwattrs']) : '';

      $form_state['ldapdata_attrs'] = !empty($form_state['ldapdata_attrs']) ? serialize($form_state['ldapdata_attrs']) : '';

      $form_state['ldapdata_filter_php'] = trim($values['attributes']['ldapdata_filter_php']);
      $form_state['ldapdata_rwattrs'] = empty($form_state['ldapdata_filter_php']) ? $form_state['ldapdata_rwattrs'] : '';
      break;
  }
}

/**
 * Submit hook for the settings form.
 */
function ldapdata_admin_edit_submit($form, &$form_state) {
  $op = $form_state['clicked_button']['#value'];
  $values = $form_state['values'];
  switch ($op) {
    case t('Update'):
      if (isset($values['ldapdata_bindpw_clear'])) {
        db_query("UPDATE {ldapauth} SET ldapdata_mappings = '%s', ldapdata_roattrs = '%s', ldapdata_rwattrs = '%s', ldapdata_attrs = '%s', ldapdata_filter_php = '%s' WHERE sid = %d", $form_state['ldapdata_mappings'], $form_state['ldapdata_roattrs'], $form_state['ldapdata_rwattrs'], $form_state['ldapdata_attrs'], $form_state['ldapdata_filter_php'], $values['sid']);
        if ($values['ldapdata_bindpw_clear']) {
          db_query("UPDATE {ldapauth} SET ldapdata_bindpw = '' WHERE sid = %d", $values['sid']);
        }
      }
      else {
        db_query("UPDATE {ldapauth} SET ldapdata_mappings = '%s', ldapdata_roattrs = '%s', ldapdata_rwattrs = '%s', ldapdata_binddn = '%s', ldapdata_bindpw = '%s', ldapdata_attrs = '%s', ldapdata_filter_php = '%s' WHERE sid = %d", $form_state['ldapdata_mappings'], $form_state['ldapdata_roattrs'], $form_state['ldapdata_rwattrs'], $values['ldapdata_binddn'], $values['ldapdata_bindpw'], $form_state['ldapdata_attrs'], $form_state['ldapdata_filter_php'], $values['sid']);
      }
      drupal_set_message(t('The configuration options have been saved.'));
      $form_state['redirect'] = 'admin/settings/ldap/ldapdata';
      break;
    case t('Reset'):
      if ($values['confirm'] == 1) {

        // Settings reset.
        db_query("UPDATE {ldapauth} SET ldapdata_mappings = '', ldapdata_roattrs = '', ldapdata_rwattrs = '', ldapdata_binddn = '', ldapdata_bindpw = '', ldapdata_attrs = '', ldapdata_filter_php = '' WHERE sid = %d", $values['sid']);
        drupal_set_message(t('The configuration options have been reset to their default values.'));
      }
      $form_state['redirect'] = 'admin/settings/ldap/ldapdata';
      break;
    case t('Test'):
      global $_ldapdata_ldap;
      if (isset($values['sid']) && _ldapdata_init($values['sid'])) {
        // Try to authenticate.
        $bind_info = _ldapdata_edition($values['sid']);
        if (!$_ldapdata_ldap->connect($bind_info['dn'], $bind_info['pass'])) {
          drupal_set_message(t('Authentication with the LDAP server for the dn %dn and saved password failed.', array('%dn' => $bind_info['dn'])), 'error');
        }
        else {
          drupal_set_message(t('Authentication with the LDAP server for the dn %dn and saved password succeeded.', array('%dn' => $bind_info['dn'])));
        }
      }
      else {
        drupal_set_message(t('Cannot load server settings. Please save configuration first.'), 'error');
      }
      break;
  }
}

/**
 * Implements the AJAX server test.
 *
 * @param $sid
 *   LDAP server ID.
 *
 * @return
 *   The JSON data.
 */
function _ldapdata_ajax_test($sid) {
  global $_ldapdata_ldap;

  if (!is_numeric($sid)) {
    return;
  }

  _ldapdata_init($sid);

  if ($_POST['bindpw_clear'] == 'undefined') {
    $binddn = $_POST['binddn'];
    $bindpw = $_POST['bindpw'];
  }
  else {
    $binddn = $_ldapdata_ldap->getOption('binddn');
    $bindpw = $_ldapdata_ldap->getOption('bindpw');
  }

  drupal_json($_ldapdata_ldap->connect($binddn, $bindpw) ? array('status' => 1, 'message' => t('Authentication with the LDAP server succeeded.')) : array('status' => 0, 'message' => t('Authentication with the LDAP server failed.')));
  exit;
}

1	<?php
2	// $Id: ldapdata.admin.inc,v 1.8 2009/03/30 08:33:26 miglius Exp $
3
4	/**
5	* @file
6	* Module admin page callbacks.
7	*/
8
9	//////////////////////////////////////////////////////////////////////////////
10	// ldapdata settings
11
12	/**
13	* Implements the settings page.
14	*
15	* @return
16	* The form structure.
17	*/
18	function ldapdata_admin_settings() {
19	$form['sync'] = array(
20	'#type' => 'fieldset',
21	'#title' => t('Synchronizing options'),
22	'#collapsible' => TRUE,
23	'#collapsed' => FALSE,
24	);
25	$form['sync']['ldapdata_sync'] = array(
26	'#type' => 'radios',
27	'#title' => t('Synchronize LDAP data with Drupal profiles'),
28	'#options' => array(t('When user logs in. (Use when LDAP rarely changes.)'), t('On each page load.'), t('Every time user object loaded in Drupal. (May cause high LDAP traffic.)')),
29	'#default_value' => LDAPDATA_SYNC,
30	'#description' => t('User edition will always synchronize the data despite the selection above.'),
31	);
32
33	$form['submit'] = array(
34	'#type' => 'submit',
35	'#value' => t('Save configuration'),
36	);
37	$form['reset'] = array(
38	'#type' => 'submit',
39	'#value' => t('Reset to defaults'),
40	);
41
42	$form['list']['#value'] = ldapdata_admin_list();
43
44	return $form;
45	}
46
47	/**
48	* Submit hook for the settings form.
49	*/
50	function ldapdata_admin_settings_submit($form, &$form_state) {
51	$op = $form_state['clicked_button']['#value'];
52	$values = $form_state['values'];
53	switch ($op) {
54	case t('Save configuration'):
55	variable_set('ldapdata_sync', $values['ldapdata_sync']);
56
57	drupal_set_message(t('The configuration options have been saved.'));
58	break;
59	case t('Reset to defaults'):
60	variable_del('ldapdata_sync');
61
62	drupal_set_message(t('The configuration options have been reset to their default values.'));
63	break;
64	}
65	}
66
67	/**
68	* Implements the LDAP servers list.
69	*
70	* @return
71	* The HTML table with the servers list.
72	*/
73	function ldapdata_admin_list() {
74	$rows = array();
75	$result = db_query("SELECT sid, name, status FROM {ldapauth} ORDER BY weight");
76	while ($row = db_fetch_object($result)) {
77	$rows[] = array(
78	'data' => array(
79	$row->name,
80	l(t('edit'), 'admin/settings/ldap/ldapdata/edit/'. $row->sid),
81	l(t('reset'), 'admin/settings/ldap/ldapdata/reset/'. $row->sid),
82	),
83	'class' => $row->status ? 'menu-enabled' : 'menu-disabled',
84	);
85	}
86
87	$header = array(
88	t('Server'),
89	array('data' => t('Operations'), 'colspan' => 2),
90	);
91
92	return theme('table', $header, $rows);
93	}
94
95	/**
96	* Implements the LDAP server edit page.
97	*
98	* @param $form_state
99	* A form state array.
100	* @param $op
101	* An operatin - edit or reset.
102	* @param $sid
103	* A LDAP server ID.
104	*
105	* @return
106	* The form structure.
107	*/
108	function ldapdata_admin_edit(&$form_state, $op, $sid) {
109	drupal_add_js(drupal_get_path('module', 'ldapdata') .'/ldapdata.admin.js');
110
111	if ($op == "reset" && $sid) {
112	$form['sid'] = array(
113	'#type' => 'value',
114	'#value' => $sid,
115	);
116	return confirm_form(
117	$form,
118	t('Are you sure you want to reset the fields mapping to defaults ?'),
119	'admin/settings/ldap/ldapdata',
120	t('<em>This action cannot be undone.</p>'),
121	t('Reset'),
122	t('Cancel')
123	);
124	}
125	elseif ($op == "edit" && $sid) {
126	$edit = db_fetch_array(db_query("SELECT * FROM {ldapauth} WHERE sid = %d", $sid));
127
128	$ldapdata_mappings = $edit['ldapdata_mappings'] ? unserialize($edit['ldapdata_mappings']) : array();
129	$ldapdata_roattrs = $edit['ldapdata_roattrs'] ? unserialize($edit['ldapdata_roattrs']) : array();
130	$ldapdata_rwattrs = $edit['ldapdata_rwattrs'] ? unserialize($edit['ldapdata_rwattrs']) : array();
131	$ldapdata_attrs = $edit['ldapdata_attrs'] ? unserialize($edit['ldapdata_attrs']) : array();
132
133	$form['description'] = array(
134	'#value' => t('Configure profile synchronization settings for %server.', array('%server' => $edit['name'])),
135	);
136
137	// Attribute mapping.
138	$form['mapping'] = array(
139	'#type' => 'fieldset',
140	'#title' => t('Drupal-LDAP fields mapping'),
141	'#collapsible' => TRUE,
142	'#collapsed' => FALSE,
143	);
144	$form['mapping']['ldapdata_mapping'] = array(
145	'#type' => 'radios',
146	'#title' => t('Drupal user profile field mapping'),
147	'#default_value' => isset($ldapdata_mappings['access']) ? $ldapdata_mappings['access'] : LDAPDATA_MAP_ATTRIBUTES,
148	'#options' => array(
149	LDAPDATA_MAP_NOTHING => t('No mapping. (Clears any mappings defined below.)'),
150	LDAPDATA_MAP_ATTRIBUTES_READ_ONLY => t('Read only: Drupal user profile fields have LDAP attributes.'),
151	LDAPDATA_MAP_ATTRIBUTES => t('Read/write: Drupal user profile fields have LDAP attributes. LDAP attributes updated upon Drupal profile change.'),
152	),
153	);
154	$profile_fields = _ldapdata_retrieve_profile_fields();
155	$standard_fields = _ldapdata_retrieve_standard_user_fields();
156	$drupal_fields = $profile_fields + $standard_fields;
157	$form['mapping']['mapping_pre'] = array(
158	'#value' => t('<div class="form-item"><label>Specify mappings below if you selected the second or third option. </label><table><thead><tr><th> Drupal field</th><th>LDAP attribute</th></tr></thead><tbody>'),
159	);
160	$ldap_drupal_reverse_mappings = _ldapdata_reverse_mappings($sid);
161	foreach ($drupal_fields as $key => $field) {
162	$field_tmp = "ldap_amap-". $key;
163	$_prefix = "<tr><td><label for=\"edit[$field_tmp]\">$field</label></td><td>";
164	$form['mapping'][$field_tmp] = array(
165	'#type' => 'textfield',
166	'#default_value' => isset($ldapdata_mappings[$field_tmp]) ? $ldapdata_mappings[$field_tmp] : NULL,
167	'#size' => '20',
168	'#prefix' => $_prefix,
169	'#suffix' => '</td>',
170	);
171	}
172	$form['mapping']['mapping_post'] = array(
173	'#value' => '</tbody></table></div>',
174	);
175
176	// Attribute access control.
177	$form["attributes"] = array(
178	'#type' => 'fieldset',
179	'#title' => t('Attribute visibility & access control'),
180	'#collapsible' => TRUE,
181	'#collapsed' => FALSE,
182	'#description' => t('Allows users to view or edit their LDAP attributes.'),
183	'#tree' => TRUE,
184	);
185	$attributes = '';
186	foreach ($ldapdata_attrs as $attr => $data)
187	$attributes .= $attr .'\|'. implode('\|', $data) ."\n";
188	$form['attributes']['ldapdata_attrs'] = array(
189	'#type' => 'textarea',
190	'#title' => t('Attributes'),
191	'#default_value' => $attributes,
192	'#cols' => 25,
193	'#rows' => 5,
194	'#description' => t('A list of the LDAP attributes and corresponding form data. If configured, they will be listed in a table below for a more control. The element type may be \'text\' or \'url\', the form element should be \'textfield\'. Please look at the following examples:<br /><code>cn\|text\|textfield\|Common Name\|64\|64</code><br /><code>homePage\|url\|textfield\|Other web pages\|64\|64</code>'),
195	);
196	$fields = $rooptions = $rwoptions = $roattrs = $rwattrs = array();
197	foreach ($ldapdata_attrs as $attr => $data) {
198	$fields[$attr] = $data[2];
199	}
200	foreach ($fields as $attr => $attr_name) {
201	$rooptions[$attr] = '';
202	$rwoptions[$attr] = '';
203
204	if (in_array($attr, $ldapdata_roattrs))
205	$roattrs[] = $attr;
206	if (in_array($attr, $ldapdata_rwattrs))
207	$rwattrs[] = $attr;
208
209	$form['attributes']['table'][$attr] = array(
210	'#value' => $attr_name,
211	);
212	}
213	$form['attributes']['ldapdata_roattrs'] = array(
214	'#type' => 'checkboxes',
215	'#options' => $rooptions,
216	'#default_value' => $roattrs,
217	);
218	$form['attributes']['ldapdata_rwattrs'] = array(
219	'#type' => 'checkboxes',
220	'#options' => $rwoptions,
221	'#default_value' => $rwattrs,
222	);
223	$form['attributes']['header'] = array(
224	'#type' => 'value',
225	'#value' => array(
226	array('data' => t('Attribute name')),
227	array('data' => t('Readable by user?')),
228	array('data' => t('Editable by user?')),
229	)
230	);
231	$form['attributes']['ldapdata_filter_php'] = array(
232	'#type' => 'textarea',
233	'#title' => t('PHP to filter attributes'),
234	'#default_value' => $edit['ldapdata_filter_php'],
235	'#cols' => 25,
236	'#rows' => 5,
237	'#description' => t('Enter PHP to filter LDAP attributes. Careful, bad PHP code here will break your site. If left empty, no filtering will be done. If filter is set, then attributes will be only readable. The LDAP atributes array <code>$attributes</code> is available in the code context. The code should return a filtered <code>$attributes</code> array as in example bellow:<br /><code>$attributes[\'mail\'][0] = preg_replace(\'/([^@]+@).*/\', \'$1mail.com\', $attributes[\'mail\'][0]);</code><br /><code>return $attributes;</code>'),
238	);
239
240	// Advanced configuration.
241	$form['advanced'] = array(
242	'#type' => 'fieldset',
243	'#title' => t('Advanced configuration'),
244	'#description' => t('<p>When reading/editing attributes, this module logs on to the LDAP directory using the user\'s DN/pass pair. However, many LDAP setups do not allow their users to edit attributes.</p><p>If this is your case, but still you want users to edit their LDAP attributes via Drupal, you should set up an special user on your directory, with special access to edit your users\' attributes. Then this module will use it to log on and edit data.</p>'),
245	'#collapsible' => TRUE,
246	'#collapsed' => FALSE,
247	);
248	if (!$edit['ldapdata_bindpw']) {
249	$form['advanced']['ldapdata_binddn'] = array(
250	'#type' => 'textfield',
251	'#title' => t('DN for reading/editing attributes'),
252	'#default_value' => $edit['ldapdata_binddn'],
253	'#size' => 50,
254	'#maxlength' => 255,
255	);
256	$form['advanced']['ldapdata_bindpw'] = array(
257	'#type' => 'password',
258	'#title' => t('Password for reading/editing attributes'),
259	'#size' => 50,
260	'#maxlength' => 255,
261	);
262	}
263	else {
264	$form['advanced']['ldapdata_binddn'] = array(
265	'#type' => 'item',
266	'#title' => t('DN for non-anonymous search'),
267	'#value' => $edit['ldapdata_binddn'],
268	);
269	// Given an option to clear the password.
270	$form['advanced']['ldapdata_bindpw_clear'] = array(
271	'#type' => 'checkbox',
272	'#default_value' => FALSE,
273	'#title' => t('Clear current password and change DN'),
274	);
275	}
276	$form['advanced']['test'] = array(
277	'#type' => 'submit',
278	'#value' => t('Test'),
279	'#suffix' => '<div id="test-spinner" style="display: none;">'. theme_image(drupal_get_path('module', 'ldapdata') .'/images/spinner.gif') .'</div><div id="test-message" class="messages" style="display: none;"></div>',
280	);
281
282	$form['sid'] = array(
283	'#type' => 'hidden',
284	'#value' => $sid,
285	);
286
287	$form['buttons']['submit'] = array(
288	'#type' => 'submit',
289	'#value' => t('Update'),
290	);
291
292	return $form;
293	}
294	else {
295	drupal_goto('admin/settings/ldap/ldapdata');
296	}
297	}
298
299	/**
300	* Validate hook for the settings form.
301	*/
302	function ldapdata_admin_edit_validate($form, &$form_state) {
303	$op = $form_state['clicked_button']['#value'];
304	$values = $form_state['values'];
305	switch ($op) {
306	case t('Update'):
307	$form_state['ldapdata_attrs'] = array();
308	$ldapdata_attrs = TRUE;
309	foreach ((trim($values['attributes']['ldapdata_attrs']) ? explode("\n", trim($values['attributes']['ldapdata_attrs'])) : array()) as $line) {
310	if (count($data = explode('\|', trim($line))) == 6)
311	$form_state['ldapdata_attrs'] += array(trim(array_shift($data)) => $data);
312	else
313	$ldapdata_attrs = FALSE;
314	}
315	if (!$ldapdata_attrs)
316	form_set_error('attributes][ldapdata_attrs', t('Bad attribute syntax.'));
317
318	$form_state['ldapdata_mappings'] = array();
319	$form_state['ldapdata_mappings']['access'] = $values['ldapdata_mapping'];
320	if ($form_state['ldapdata_mappings']['access'] >= 4) {
321	foreach (element_children($values) as $attr) {
322	if (preg_match("/ldap_amap/", $attr) && $values[$attr])
323	$form_state['ldapdata_mappings'][$attr] = $values[$attr];
324	}
325	}
326	$form_state['ldapdata_mappings'] = !empty($form_state['ldapdata_mappings']) ? serialize($form_state['ldapdata_mappings']) : '';
327
328
329	$form_state['ldapdata_roattrs'] = isset($values['attributes']['ldapdata_roattrs']) ? array_values(array_intersect($values['attributes']['ldapdata_roattrs'], array_keys($form_state['ldapdata_attrs']))) : array();
330	$form_state['ldapdata_roattrs'] = !empty($form_state['ldapdata_roattrs']) ? serialize($form_state['ldapdata_roattrs']) : '';
331
332	$form_state['ldapdata_rwattrs'] = isset($values['attributes']['ldapdata_rwattrs']) ? array_values(array_intersect($values['attributes']['ldapdata_rwattrs'], array_keys($form_state['ldapdata_attrs']))) : array();
333	$form_state['ldapdata_rwattrs'] = !empty($form_state['ldapdata_rwattrs']) ? serialize($form_state['ldapdata_rwattrs']) : '';
334
335	$form_state['ldapdata_attrs'] = !empty($form_state['ldapdata_attrs']) ? serialize($form_state['ldapdata_attrs']) : '';
336
337	$form_state['ldapdata_filter_php'] = trim($values['attributes']['ldapdata_filter_php']);
338	$form_state['ldapdata_rwattrs'] = empty($form_state['ldapdata_filter_php']) ? $form_state['ldapdata_rwattrs'] : '';
339	break;
340	}
341	}
342
343	/**
344	* Submit hook for the settings form.
345	*/
346	function ldapdata_admin_edit_submit($form, &$form_state) {
347	$op = $form_state['clicked_button']['#value'];
348	$values = $form_state['values'];
349	switch ($op) {
350	case t('Update'):
351	if (isset($values['ldapdata_bindpw_clear'])) {
352	db_query("UPDATE {ldapauth} SET ldapdata_mappings = '%s', ldapdata_roattrs = '%s', ldapdata_rwattrs = '%s', ldapdata_attrs = '%s', ldapdata_filter_php = '%s' WHERE sid = %d", $form_state['ldapdata_mappings'], $form_state['ldapdata_roattrs'], $form_state['ldapdata_rwattrs'], $form_state['ldapdata_attrs'], $form_state['ldapdata_filter_php'], $values['sid']);
353	if ($values['ldapdata_bindpw_clear']) {
354	db_query("UPDATE {ldapauth} SET ldapdata_bindpw = '' WHERE sid = %d", $values['sid']);
355	}
356	}
357	else {
358	db_query("UPDATE {ldapauth} SET ldapdata_mappings = '%s', ldapdata_roattrs = '%s', ldapdata_rwattrs = '%s', ldapdata_binddn = '%s', ldapdata_bindpw = '%s', ldapdata_attrs = '%s', ldapdata_filter_php = '%s' WHERE sid = %d", $form_state['ldapdata_mappings'], $form_state['ldapdata_roattrs'], $form_state['ldapdata_rwattrs'], $values['ldapdata_binddn'], $values['ldapdata_bindpw'], $form_state['ldapdata_attrs'], $form_state['ldapdata_filter_php'], $values['sid']);
359	}
360	drupal_set_message(t('The configuration options have been saved.'));
361	$form_state['redirect'] = 'admin/settings/ldap/ldapdata';
362	break;
363	case t('Reset'):
364	if ($values['confirm'] == 1) {
365
366	// Settings reset.
367	db_query("UPDATE {ldapauth} SET ldapdata_mappings = '', ldapdata_roattrs = '', ldapdata_rwattrs = '', ldapdata_binddn = '', ldapdata_bindpw = '', ldapdata_attrs = '', ldapdata_filter_php = '' WHERE sid = %d", $values['sid']);
368	drupal_set_message(t('The configuration options have been reset to their default values.'));
369	}
370	$form_state['redirect'] = 'admin/settings/ldap/ldapdata';
371	break;
372	case t('Test'):
373	global $_ldapdata_ldap;
374	if (isset($values['sid']) && _ldapdata_init($values['sid'])) {
375	// Try to authenticate.
376	$bind_info = _ldapdata_edition($values['sid']);
377	if (!$_ldapdata_ldap->connect($bind_info['dn'], $bind_info['pass'])) {
378	drupal_set_message(t('Authentication with the LDAP server for the dn %dn and saved password failed.', array('%dn' => $bind_info['dn'])), 'error');
379	}
380	else {
381	drupal_set_message(t('Authentication with the LDAP server for the dn %dn and saved password succeeded.', array('%dn' => $bind_info['dn'])));
382	}
383	}
384	else {
385	drupal_set_message(t('Cannot load server settings. Please save configuration first.'), 'error');
386	}
387	break;
388	}
389	}
390
391	/**
392	* Implements the AJAX server test.
393	*
394	* @param $sid
395	* LDAP server ID.
396	*
397	* @return
398	* The JSON data.
399	*/
400	function _ldapdata_ajax_test($sid) {
401	global $_ldapdata_ldap;
402
403	if (!is_numeric($sid)) {
404	return;
405	}
406
407	_ldapdata_init($sid);
408
409	if ($_POST['bindpw_clear'] == 'undefined') {
410	$binddn = $_POST['binddn'];
411	$bindpw = $_POST['bindpw'];
412	}
413	else {
414	$binddn = $_ldapdata_ldap->getOption('binddn');
415	$bindpw = $_ldapdata_ldap->getOption('bindpw');
416	}
417
418	drupal_json($_ldapdata_ldap->connect($binddn, $bindpw) ? array('status' => 1, 'message' => t('Authentication with the LDAP server succeeded.')) : array('status' => 0, 'message' => t('Authentication with the LDAP server failed.')));
419	exit;
420	}
421