63,9 → 63,17 |
$l_ldap_user_text = "CN=Common Name. Laissez vide pour utiliser un accès invité (ou anonyme). Obligatoire sur un AD.<br> - Exemple LDAP : 'uid=username,ou=my_lan,o=mycompany,c=FR'.<br> - Exemple AD : 'username' ou 'cn=username,cn=Users,dc=server_name,dc=localdomain'"; |
$l_ldap_password_label = "Mot de passe:"; |
$l_ldap_password_text = "Laissez vide pour un accès invité (ou anonyme). Obligatoire sur un AD."; |
$l_ldap_ssl_label = "Connexion chiffré"; |
$l_ldap_ssl_text = "Utiliser une connexion chiffré avec SSL (LDAPS)"; |
$l_ldap_cert_required_label = "Vérifier le certificat SSL"; |
$l_ldap_cert_required_text = "Vérifier que le serveur LDAP utilise un certificat connu"; |
$l_ldap_cert_label = "Certificat SSL (CA)"; |
$l_ldap_cert_text = "Certificat de l'authorité de certification signant celui du serveur LDAP"; |
$l_ldap_cert_status_cur = "Certificat actuel : "; |
$l_ldap_cert_status_no = "Aucun certificat installé"; |
$l_ldap_submit = "Enregistrer"; |
$l_ldap_test_service_failed = "Service LDAP injoignable sur ce serveur (vérifiez l'@IP)."; |
$l_ldap_test_service_ok = "Un port 389 est actif sur ce serveur"; |
$l_ldap_test_service_ok = "Un port 389 (636 avec SSL) est actif sur ce serveur"; |
$l_ldap_test_connection_failed = "Connexion LDAP impossible (vérifiez le service LDAP sur ce serveur)"; |
$l_ldap_test_connection_ok = "Une connexion LDAP a été établie"; |
$l_ldap_test_bind_failed = "Echec d'authentification (vérifiez l'utilisateur et le mot de passe)"; |
74,6 → 82,7 |
$l_ldap_test_dn_ok = "Le DN de la base semble correct"; |
$l_ldap_error = "erreur LDAP"; |
$l_ldap_entries = "entrées dans la base"; |
$l_ldap_cert_cn_diff_dn = "Le CommonName du certificat (§cert_domainName§) est différent du nom de domaine du serveur"; |
$l_check = "Vérifier cette configuration"; |
$l_checkingConf = "Vérification de cette configuration..."; |
} else { // English |
95,9 → 104,17 |
$l_ldap_user_text = "CN=Common Name. Leave blank to use anonymous binding. Mandatory for AD.<br> e.g. LDAP :'uid=Username,ou=my_lan,o=mycompany,c=US'.<br> e.g. AD : 'username' or 'cn=username,cn=Users,dc=server_name,dc=localdomain'"; |
$l_ldap_password_label = "Password:"; |
$l_ldap_password_text = "Leave blank to use anonymous binding. Mandatory for AD."; |
$l_ldap_ssl_label = "Secure connection"; |
$l_ldap_ssl_text = "Use an encrypted connection with SSL (LDAPS)"; |
$l_ldap_cert_required_label = "Check the SSL certificate"; |
$l_ldap_cert_required_text = "Verify that the LDAP server uses a trusted certificate"; |
$l_ldap_cert_label = "SSL certificate (CA)"; |
$l_ldap_cert_text = "Certificate of the certification authority that signed the LDAP server certificate"; |
$l_ldap_cert_status_cur = "Current certificate:"; |
$l_ldap_cert_status_no = "No certificate imported"; |
$l_ldap_submit = "Save"; |
$l_ldap_test_service_failed = "LDAP service is not reachable on that server (check IP)"; |
$l_ldap_test_service_ok = "A port 389 is open on this server"; |
$l_ldap_test_service_ok = "A port 389 (636 with SSL) is open on this server"; |
$l_ldap_test_connection_failed = "LDAP connexion failed (check the LDAP service on this server)"; |
$l_ldap_test_connection_ok = "A LDAP connexion is established"; |
$l_ldap_test_bind_failed = "LDAP authentication failed (check the LDAP user and password)"; |
104,6 → 121,7 |
$l_ldap_test_bind_ok = "Successful authentication"; |
$l_ldap_test_dn_failed = "DN of the base seems to be wrong (check it)"; |
$l_ldap_test_dn_ok = "DN of the base seems to be ok"; |
$l_ldap_cert_cn_diff_dn = "Certificate CommonName (§cert_domainName§) is different from the server domain name"; |
$l_ldap_error = "LDAP error"; |
$l_ldap_entries = "entries in the base"; |
$l_check = "Check this config"; |
110,29 → 128,43 |
$l_checkingConf = "Checking this configuration..."; |
} |
|
|
function ldap_checkServerConfig($f_ldap_server, $f_ldap_identity, $f_ldap_password, $f_ldap_basedn, $f_ldap_uid, $f_ldap_port = 389) { |
function ldap_checkServerConfig($f_ldap_server, $f_ldap_identity, $f_ldap_password, $f_ldap_basedn, $f_ldap_uid, $f_ldap_ssl, $f_ldap_cert, $f_ldap_cert_required) { |
// Socket to the LDAP port of the server |
if (!$sock = @fsockopen($f_ldap_server, $f_ldap_port, $num, $error, 2)) { |
if (!$sock = @fsockopen($f_ldap_server, (($f_ldap_ssl) ? 636 : 389), $num, $error, 2)) { |
// no network connection |
return -2; |
} |
fclose($sock); |
|
// Set LDAP SSL options |
if ($f_ldap_ssl) { |
if ($f_ldap_cert_required) { |
if ($f_ldap_cert) { |
// ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, $f_ldap_cert); |
} |
ldap_set_option(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, LDAP_OPT_X_TLS_DEMAND); |
|
} else { |
// ldap_set_option(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, LDAP_OPT_X_TLS_NEVER); |
} |
} |
|
// if ok, Test LDAP connection |
$ldapconn = ldap_connect($f_ldap_server, $f_ldap_port); |
ldap_set_option($ldapconn, LDAP_OPT_TIMELIMIT, 2); |
$ldapconn = @ldap_connect((($f_ldap_ssl)?'ldaps':'ldap').'://'.$f_ldap_server); |
if (!$ldapconn) { |
// LDAP connection failed |
return -1; |
} |
|
ldap_set_option($ldapconn, LDAP_OPT_TIMELIMIT, 2); |
// ldap_get_option($ldapconn, LDAP_OPT_X_KEEPALIVE_INTERVAL, $tmp); var_dump($tmp); ////////// TODO : opti keep-alive |
|
// if ok, test a ldap-bind with the user used by ALCASAR |
$ldapbind = ldap_bind($ldapconn, $f_ldap_identity, $f_ldap_password); |
$ldapbind = @ldap_bind($ldapconn, $f_ldap_identity, $f_ldap_password); |
if (!$ldapbind) { |
// Test LDAP Version 3 |
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3); |
$ldapbind = ldap_bind($ldapconn, $f_ldap_identity, $f_ldap_password); |
$ldapbind = @ldap_bind($ldapconn, $f_ldap_identity, $f_ldap_password); |
if (!$ldapbind) { |
// LDAP Bind failed |
return 0; |
141,7 → 173,7 |
|
// if ok, try to query the directory of users |
$query = $f_ldap_uid.'=*'; |
$ldap_result = ldap_search($ldapconn, $f_ldap_basedn, $query); |
$ldap_result = @ldap_search($ldapconn, $f_ldap_basedn, $query); |
if ($ldap_result) { |
$ldap_users_count = ldap_count_entries($ldapconn, $ldap_result); |
return ($ldap_users_count + 2); |
152,25 → 184,32 |
} |
|
$messages = ''; |
$LDAPS_CERT_LOC = '/etc/raddb/certs/alcasar-ldaps.crt'; |
|
if (isset($_POST['auth_enable'])) { |
if ($_POST['auth_enable'] === '1') { |
// TODO : need to translate messages |
$varErrors = []; |
if (isset($_POST['ldap_server'])) $ldap_server = $_POST['ldap_server']; else array_push($varErrors, 'Variable error "ldap_server"'); |
if (isset($_POST['ldap_base_dn'])) $ldap_base_dn = $_POST['ldap_base_dn']; else array_push($varErrors, 'Variable error "ldap_base_dn"'); |
if (isset($_POST['ldap_uid'])) $ldap_uid = $_POST['ldap_uid']; else array_push($varErrors, 'Variable error "ldap_uid"'); |
if (isset($_POST['ldap_base_filter'])) $ldap_base_filter = $_POST['ldap_base_filter']; else array_push($varErrors, 'Variable error "ldap_base_filter"'); |
if (isset($_POST['ldap_user'])) $ldap_user = $_POST['ldap_user']; else array_push($varErrors, 'Variable error "ldap_user"'); |
if (isset($_POST['ldap_password'])) $ldap_password = $_POST['ldap_password']; else array_push($varErrors, 'Variable error "ldap_password"'); |
if (isset($_POST['ldap_server'])) $ldap_server = $_POST['ldap_server']; else array_push($varErrors, 'Variable error "ldap_server"'); |
if (isset($_POST['ldap_base_dn'])) $ldap_base_dn = $_POST['ldap_base_dn']; else array_push($varErrors, 'Variable error "ldap_base_dn"'); |
if (isset($_POST['ldap_uid'])) $ldap_uid = $_POST['ldap_uid']; else array_push($varErrors, 'Variable error "ldap_uid"'); |
if (isset($_POST['ldap_base_filter'])) $ldap_base_filter = $_POST['ldap_base_filter']; else array_push($varErrors, 'Variable error "ldap_base_filter"'); |
if (isset($_POST['ldap_user'])) $ldap_user = $_POST['ldap_user']; else array_push($varErrors, 'Variable error "ldap_user"'); |
if (isset($_POST['ldap_password'])) $ldap_password = $_POST['ldap_password']; else array_push($varErrors, 'Variable error "ldap_password"'); |
if (isset($_POST['ldap_ssl'])) $ldap_ssl = $_POST['ldap_ssl']; //else array_push($varErrors, 'Variable error "ldap_ssl"'); |
if (isset($_FILES['ldap_cert'])) $ldap_cert = $_FILES['ldap_cert']; //else array_push($varErrors, 'Variable error "ldap_cert"'); |
if (isset($_POST['ldap_cert_required'])) $ldap_cert_required = $_POST['ldap_cert_required']; //else array_push($varErrors, 'Variable error "ldap_cert_required"'); |
|
// Validation |
if (isset($ldap_server)) { |
if ((!preg_match('/^([0-9]{1,3}\.){3}([0-9]{1,3})$/', $ldap_server)) && (preg_match('/^[a-zA-Z0-9-_.]+$/', $ldap_server))) { |
$ldap_server = gethostbyname($ldap_server); |
if (isset($ldap_cert) && ($ldap_cert['error'] === UPLOAD_ERR_OK)) { |
if ($ldap_cert_required === 'on') { |
$certificateInfos = openssl_x509_parse(file_get_contents($ldap_cert['tmp_name'])); |
if (preg_match_all('@/[a-zA-Z]+=([^/]+)@', $certificateInfos['name'], $matches)) { |
$cert_domainName = implode('.', array_reverse($matches[1])); |
if ($cert_domainName !== $ldap_server) { |
array_push($varErrors, str_replace("§cert_domainName§", $cert_domainName, $l_ldap_cert_cn_diff_dn)); |
} |
} |
} |
if (!preg_match('/^([0-9]{1,3}\.){3}([0-9]{1,3})$/', $ldap_server)) { |
array_push($varErrors, 'Invalid LDAP server IP'); |
} |
} |
|
if (!empty($varErrors)) { |
184,7 → 223,12 |
exec('sed -i '.escapeshellarg("s/^LDAP_FILTER=.*/LDAP_FILTER=$ldap_base_filter/g").' '.CONF_FILE); |
exec('sed -i '.escapeshellarg("s/^LDAP_USER=.*/LDAP_USER=$ldap_user/g").' '.CONF_FILE); |
exec('sed -i '.escapeshellarg("s/^LDAP_PASSWORD=.*/LDAP_PASSWORD=$ldap_password/g").' '.CONF_FILE); |
exec('sed -i '.escapeshellarg("s/^LDAP_SSL=.*/LDAP_SSL=$ldap_ssl/g").' '.CONF_FILE); |
exec('sed -i '.escapeshellarg("s/^LDAP_CERT_REQUIRED=.*/LDAP_CERT_REQUIRED=$ldap_cert_required/g").' '.CONF_FILE); |
exec('sed -i \'s/^LDAP=.*/LDAP=on/g\' '.CONF_FILE); |
if (isset($ldap_cert) && ($ldap_cert['error'] === UPLOAD_ERR_OK)) { |
exec('sudo /usr/local/bin/alcasar-ldap.sh --import-cert '.escapeshellarg($ldap_cert['tmp_name'])); |
} |
exec('sudo /usr/local/bin/alcasar-ldap.sh --on'); |
$messages .= '<span style="font-weight: bold; color: green;">'.$l_ldap_update.'</span><br>'; |
} |
210,14 → 254,24 |
} |
|
// LDAP configuration params |
$ldap_status = ($conf['LDAP'] === 'on'); |
$ldap_server = $conf['LDAP_SERVER']; |
$ldap_user = $conf['LDAP_USER']; |
$ldap_password = $conf['LDAP_PASSWORD']; |
$ldap_base_dn = $conf['LDAP_BASE']; |
$ldap_uid = $conf['LDAP_UID']; |
$ldap_base_filter = $conf['LDAP_FILTER']; |
$ldap_status = ($conf['LDAP'] === 'on'); |
$ldap_server = $conf['LDAP_SERVER']; |
$ldap_user = $conf['LDAP_USER']; |
$ldap_password = $conf['LDAP_PASSWORD']; |
$ldap_base_dn = $conf['LDAP_BASE']; |
$ldap_uid = $conf['LDAP_UID']; |
$ldap_base_filter = $conf['LDAP_FILTER']; |
$ldap_ssl = ($conf['LDAP_SSL'] === 'on'); |
$ldap_cert_required = ($conf['LDAP_CERT_REQUIRED'] === 'on'); |
|
$ldap_cert_subject = NULL; |
if (file_exists($LDAPS_CERT_LOC)) { |
$certificateInfos = openssl_x509_parse(file_get_contents($LDAPS_CERT_LOC)); |
if (preg_match_all('@/[a-zA-Z]+=([^/]+)@', $certificateInfos['name'], $matches)) { |
$ldap_cert_subject = implode('.', array_reverse($matches[1])); |
} |
} |
|
// AJAX LDAP configuration checker |
if (isset($_GET['conf_check'])) { |
$response = [ |
226,28 → 280,51 |
if ($ldap_status || ($_SERVER['REQUEST_METHOD'] === 'POST')) { |
$varErrors = []; |
if ($_SERVER['REQUEST_METHOD'] === 'POST') { |
if (isset($_POST['ldap_server'])) $ldap_server = $_POST['ldap_server']; else array_push($varErrors, 'Variable error "ldap_server"'); // TODO: need to translate |
if (isset($_POST['ldap_base_dn'])) $ldap_base_dn = $_POST['ldap_base_dn']; else array_push($varErrors, 'Variable error "ldap_base_dn"'); // TODO: need to translate |
if (isset($_POST['ldap_uid'])) $ldap_uid = $_POST['ldap_uid']; else array_push($varErrors, 'Variable error "ldap_uid"'); // TODO: need to translate |
if (isset($_POST['ldap_base_filter'])) $ldap_base_filter = $_POST['ldap_base_filter']; else array_push($varErrors, 'Variable error "ldap_base_filter"'); // TODO: need to translate |
if (isset($_POST['ldap_user'])) $ldap_user = $_POST['ldap_user']; else array_push($varErrors, 'Variable error "ldap_user"'); // TODO: need to translate |
if (isset($_POST['ldap_password'])) $ldap_password = $_POST['ldap_password']; else array_push($varErrors, 'Variable error "ldap_password"'); // TODO: need to translate |
// TODO : need to translate messages |
if (isset($_POST['ldap_server'])) $ldap_server = $_POST['ldap_server']; else array_push($varErrors, 'Variable error "ldap_server"'); |
if (isset($_POST['ldap_base_dn'])) $ldap_base_dn = $_POST['ldap_base_dn']; else array_push($varErrors, 'Variable error "ldap_base_dn"'); |
if (isset($_POST['ldap_uid'])) $ldap_uid = $_POST['ldap_uid']; else array_push($varErrors, 'Variable error "ldap_uid"'); |
if (isset($_POST['ldap_base_filter'])) $ldap_base_filter = $_POST['ldap_base_filter']; else array_push($varErrors, 'Variable error "ldap_base_filter"'); |
if (isset($_POST['ldap_user'])) $ldap_user = $_POST['ldap_user']; else array_push($varErrors, 'Variable error "ldap_user"'); |
if (isset($_POST['ldap_password'])) $ldap_password = $_POST['ldap_password']; else array_push($varErrors, 'Variable error "ldap_password"'); |
if (isset($_POST['ldap_ssl'])) $ldap_ssl = ($_POST['ldap_ssl'] === 'on'); //else array_push($varErrors, 'Variable error "ldap_ssl"'); |
if (isset($_FILES['ldap_cert'])) $ldap_cert = $_FILES['ldap_cert']; //else array_push($varErrors, 'Variable error "ldap_cert"'); |
if (isset($_POST['ldap_cert_required'])) $ldap_cert_required = ($_POST['ldap_cert_required'] === 'on'); //else array_push($varErrors, 'Variable error "ldap_cert_required"'); |
} |
|
// Validation |
if (isset($ldap_server)) { |
if ((!preg_match('/^([0-9]{1,3}\.){3}([0-9]{1,3})$/', $ldap_server)) && (preg_match('/^[a-zA-Z0-9-_.]+$/', $ldap_server))) { |
$ldap_server = gethostbyname($ldap_server); |
} |
if (!preg_match('/^([0-9]{1,3}\.){3}([0-9]{1,3})$/', $ldap_server)) { |
array_push($varErrors, 'Invalid LDAP server IP'); // TODO: need to translate |
} |
if (($ldap_cert_required) && isset($ldap_cert) && ($ldap_cert['error'] === UPLOAD_ERR_OK)) { |
$ldap_cert_tmpFilename = $ldap_cert['tmp_name']; |
} else { |
$ldap_cert_tmpFilename = NULL; |
} |
|
if (!empty($varErrors)) { |
$response['errors'] = $varErrors; |
} else { |
$response['result'] = ldap_checkServerConfig($ldap_server, $ldap_user, $ldap_password, $ldap_base_dn, $ldap_uid); |
$result = ldap_checkServerConfig($ldap_server, $ldap_user, $ldap_password, $ldap_base_dn, $ldap_uid, $ldap_ssl, $ldap_cert_tmpFilename, $ldap_cert_required); |
|
if (($result === 0) && ($ldap_ssl && $ldap_cert_required && ((isset($ldap_cert) && ($ldap_cert['error'] === UPLOAD_ERR_OK)) || (file_exists($LDAPS_CERT_LOC))))) { |
if (filter_var($ldap_server, FILTER_VALIDATE_IP) !== false) { |
if (isset($ldap_cert) && ($ldap_cert['error'] === UPLOAD_ERR_OK)) { |
$certificateInfos = openssl_x509_parse(file_get_contents($ldap_cert['tmp_name'])); |
} else { |
$certificateInfos = openssl_x509_parse(file_get_contents($LDAPS_CERT_LOC)); |
} |
if (preg_match_all('@/[a-zA-Z]+=([^/]+)@', $certificateInfos['name'], $matches)) { |
$cert_domainName = implode('.', array_reverse($matches[1])); |
if ($cert_domainName !== $ldap_server) { |
$response['warnings'][] = str_replace("§cert_domainName§", $cert_domainName, $l_ldap_cert_cn_diff_dn); |
} |
} |
$res = ldap_checkServerConfig($cert_domainName, $ldap_user, $ldap_password, $ldap_base_dn, $ldap_uid, $ldap_ssl, $ldap_cert_tmpFilename, $ldap_cert_required); |
if ($res > 1) { |
$result = $res; |
} |
$result = max($result, $res); |
} |
} |
|
$response['result'] = $result; |
} |
} |
|
267,7 → 344,7 |
<link type="text/css" href="/css/ldap.css" rel="stylesheet"> |
<script> |
function onLdapStatusChange() { |
var listToDisables = ['ldap_server', 'ldap_dn', 'ldap_uid', 'ldap_base_filter', 'ldap_user', 'ldap_password']; |
var listToDisables = ['ldap_server', 'ldap_dn', 'ldap_uid', 'ldap_base_filter', 'ldap_user', 'ldap_password', 'ldap_ssl', 'ldap_cert_required', 'ldap_cert']; |
var formSubmit = document.querySelector('form input[type="submit"]'); |
var btn_checkConf = document.getElementById('btn-checkconf'); |
var isChecked = false; |
274,11 → 351,25 |
|
if (document.getElementById('auth_enable').value === '1') { |
for (var i=0; i<listToDisables.length; i++) { |
document.getElementById(listToDisables[i]).style.backgroundColor = '#ffffff'; |
document.getElementById(listToDisables[i]).style.backgroundColor = null; |
document.getElementById(listToDisables[i]).disabled = false; |
} |
if (document.getElementById('ldap_ssl').value === 'off') { |
document.getElementById('ldap_cert_required').style.backgroundColor = '#c0c0c0'; |
document.getElementById('ldap_cert_required').disabled = true; |
document.getElementById('ldap_cert').style.backgroundColor = '#c0c0c0'; |
document.getElementById('ldap_cert').disabled = true; |
} |
else if (document.getElementById('ldap_cert_required').value === 'off') { |
document.getElementById('ldap_cert').style.backgroundColor = '#c0c0c0'; |
document.getElementById('ldap_cert').disabled = true; |
} |
formSubmit.style.display = 'none'; |
btn_checkConf.style.display = null; |
<?php if (PHP_VERSION_ID < 70100): ?> |
// Compatibility with PHP < 7.1.0 # TODO : remove if ever Mageia 7 is released |
formSubmit.style.display = null; |
<?php endif; ?> |
} else { |
for (var i=0; i<listToDisables.length; i++) { |
document.getElementById(listToDisables[i]).style.backgroundColor = '#c0c0c0'; |
293,20 → 384,10 |
var messagesElem = document.querySelector('fieldset > legend > div'); |
var formSubmit = document.querySelector('form input[type="submit"]'); |
var btn_checkConf = document.getElementById('btn-checkconf'); |
var form = document.getElementById('form-config_ldap'); |
var post_data = new FormData(form); |
post_data.delete('auth_enable'); |
|
var ldap_config = { |
ldap_status: (document.getElementById('auth_enable').value === '1'), |
ldap_server: document.getElementById('ldap_server').value, |
ldap_user: document.getElementById('ldap_user').value, |
ldap_password: document.getElementById('ldap_password').value, |
ldap_base_dn: document.getElementById('ldap_dn').value, |
ldap_uid: document.getElementById('ldap_uid').value, |
ldap_base_filter: document.getElementById('ldap_base_filter').value |
}; |
|
// Format HTTP POST data |
var post_data = Object.keys(ldap_config).map( function (k) { return encodeURIComponent(k) + '=' + encodeURIComponent(ldap_config[k]) } ).join('&'); |
|
messagesElem.innerHTML = '<?= $l_checkingConf ?>'; |
|
var xhr = new XMLHttpRequest(); |
347,10 → 428,17 |
formSubmit.style.display = 'none'; |
btn_checkConf.style.display = null; |
} |
<?php if (PHP_VERSION_ID < 70100): ?> |
// Compatibility with PHP < 7.1.0 # TODO : remove if ever Mageia 7 is released |
formSubmit.style.display = null; |
<?php endif; ?> |
|
if (typeof data.errors !== 'undefined') { |
messages = '<span style=\"color: red\">' + data.errors.join('</span><br><span style=\"color: red\">') + '</span><br>'; |
} |
if (typeof data.warnings !== 'undefined') { |
messages += '<br><span style=\"color: orange\">' + data.warnings.join('</span><br><span style=\"color: orange\">') + '</span><br>'; |
} |
|
messagesElem.innerHTML = messages; |
} else { |
359,7 → 447,6 |
} |
}; |
xhr.open('POST', 'ldap.php?conf_check', true); |
xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded'); |
xhr.send(post_data); |
} |
</script> |
368,7 → 455,7 |
<div class="panel"> |
<div class="panel-header"><?= $l_ldap_legend ?></div> |
<div class="panel-body"> |
<form name="config_ldap" method="POST" action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>"> |
<form id="form-config_ldap" name="config_ldap" method="POST" action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>" enctype="multipart/form-data"> |
<fieldset> |
<legend> |
<br> |
440,9 → 527,43 |
<?= $l_ldap_password_text ?> |
</dt> |
<dd> |
<input type="text" id="ldap_password" type="password" size="40" name="ldap_password" value="<?= htmlspecialchars($ldap_password) ?>" oninput="onLdapStatusChange();"> |
<input type="password" id="ldap_password" size="40" name="ldap_password" value="<?= htmlspecialchars($ldap_password) ?>" oninput="onLdapStatusChange();"> |
</dd> |
</dl> |
<dl> |
<dt> |
<label for="ldap_ssl"><?= $l_ldap_ssl_label ?></label><br> |
<?= $l_ldap_ssl_text ?><br> |
</dt> |
<dd> |
<select id="ldap_ssl" name="ldap_ssl" onchange="onLdapStatusChange();"> |
<option value="on"<?= ($ldap_ssl) ? ' selected="selected"' : '' ?>><?= $l_ldap_YES ?></option> |
<option value="off"<?= (!$ldap_ssl) ? ' selected="selected"' : '' ?>><?= $l_ldap_NO ?></option> |
</select> |
</dd> |
</dl> |
<dl> |
<dt> |
<label for="ldap_cert_required"><?= $l_ldap_cert_required_label ?></label><br> |
<?= $l_ldap_cert_required_text ?><br> |
</dt> |
<dd> |
<select id="ldap_cert_required" name="ldap_cert_required" onchange="onLdapStatusChange();"> |
<option value="on"<?= ($ldap_cert_required) ? ' selected="selected"' : '' ?>><?= $l_ldap_YES ?></option> |
<option value="off"<?= (!$ldap_cert_required) ? ' selected="selected"' : '' ?>><?= $l_ldap_NO ?></option> |
</select> |
</dd> |
</dl> |
<dl> |
<dt> |
<label for="ldap_cert"><?= $l_ldap_cert_label ?></label><br> |
<?= $l_ldap_cert_text ?><br> |
<?= (($ldap_cert_subject) ? "$l_ldap_cert_status_cur $ldap_cert_subject" : $l_ldap_cert_status_no ) ?> |
</dt> |
<dd> |
<input type="file" id="ldap_cert" name="ldap_cert" oninput="onLdapStatusChange();"> |
</dd> |
</dl> |
<p> |
<button id="btn-checkconf" onclick="checkConfig(); return false;"><?= $l_check ?></button> |
<input id="submit" type="submit" value="<?= $l_ldap_submit ?>" name="submit"> |