Subversion Repositories ALCASAR

<?php

<?php

/*

/*

This class handled of ldap configuration.

This class handled of ldap configuration.

WARNING! This class can't says if the configuration is valid or not.

WARNING! This class can't says if the configuration is valid or not.

*/

*/

class ldapConfig

class ldapConfig

{

{

	protected $_items = Array();

	protected $_items = Array();

	protected $_tls = array();

	protected $_tls = array();

	protected $instanceName;

	protected $instanceName;

	public function __construct($instanceName=null) {

	public function __construct($instanceName=null) {

		if ($instanceName!== null)

		if ($instanceName!== null)

			$this->instanceName = $instanceName;

			$this->instanceName = $instanceName;

		// LDAP setting

		// LDAP setting

		$this->_items['protocol']			= 'ldap';

		$this->_items['protocol']			= 'ldap';

		$this->_items['host']				= 'test';

		$this->_items['host']				= 'test';

		$this->_items['server']				= $this->_items['protocol'].'://'.$this->_items['host'];

		$this->_items['server']				= $this->_items['protocol'].'://'.$this->_items['host'];

		$this->_items['port']				= '389';//not use yet (689 = ldaps)

		$this->_items['port']				= '389';//not use yet (689 = ldaps)

		$this->_items['identity']			= '';

		$this->_items['identity']			= '';

		$this->_items['password']			= '';

		$this->_items['password']			= '';

		$this->_items['basedn']				= 'dc=example,dc=com';

		$this->_items['basedn']				= 'dc=example,dc=com';

		$this->_items['uid']				= 'uid';

		$this->_items['uid']				= 'uid';

		$this->_items['base_filter']			= '';

		$this->_items['base_filter']			= '';

		$this->_items['ldap_connections_number']	= '5';

		$this->_items['ldap_connections_number']	= '5';

		$this->_items['timeout']			= '4';

		$this->_items['timeout']			= '4';

		$this->_items['timelimit']			= '3';

		$this->_items['timelimit']			= '3';

		// TLS setting related items

		// TLS setting related items

		$this->_tls['start_tls']			= 'no'; // if no all tls config are comments

		$this->_tls['start_tls']			= 'no'; // if no all tls config are comments

		$this->_tls['cacertfile']			= '#';

		$this->_tls['cacertfile']			= '#';

		$this->_tls['cacertdir']			= '#';

		$this->_tls['cacertdir']			= '#';

		$this->_tls['certfile']				= '#';

		$this->_tls['certfile']				= '#';

		$this->_tls['keyfile']				= '#';

		$this->_tls['keyfile']				= '#';

		$this->_tls['randfile']				= '#';

		$this->_tls['randfile']				= '#';

		$this->_tls['require_cert']			= '#';

		$this->_tls['require_cert']			= '#';

		// others ldap setting (optional)

		// others ldap setting (optional)

		$this->_items['default_profile']		= '#';

		$this->_items['default_profile']		= '#';

		$this->_items['profile_attribute']		= '#';

		$this->_items['profile_attribute']		= '#';

		$this->_items['access_attr']			= '#';

		$this->_items['access_attr']			= '#';

		// Mapping of RADIUS dictionary attributes to LDAP

		// Mapping of RADIUS dictionary attributes to LDAP

		// directory attributes.

		// directory attributes.

		// for ldap like NOVEL

		// for ldap like NOVEL

		$this->_items['password_attribute']		= '#';

		$this->_items['password_attribute']		= '#';

		$this->_items['edir_account_policy_check']	= 'no';

		$this->_items['edir_account_policy_check']	= 'no';

		//  Group membership checking.  Disabled by default.

		//  Group membership checking.  Disabled by default.

		$this->_items['groupname_attribute']		= '#';

		$this->_items['groupname_attribute']		= '#';

		$this->_items['groupmembership_filter']		= '#';

		$this->_items['groupmembership_filter']		= '#';

		$this->_items['groupmembership_attribute']	= '#';

		$this->_items['groupmembership_attribute']	= '#';

		$this->_items['compare_check_items']		= '#';

		$this->_items['compare_check_items']		= '#';

		$this->_items['do_xlat']			= '#';

		$this->_items['do_xlat']			= '#';

		$this->_items['access_attr_used_for_allow']	= '#';

		$this->_items['access_attr_used_for_allow']	= '#';

		// auth option

		// auth option

		$this->_items['set_auth_type']			= '#';

		$this->_items['set_auth_type']			= '#';

		// debug option

		// debug option

		$this->_items['ldap_debug']			= '#';

		$this->_items['ldap_debug']			= '#';

	}

	}

	public function __get($attr){ // to get an $item

	public function __get($attr){ // to get an $item

		if ($attr==='tls'){

		if ($attr==='tls'){

			return $this->_tls;

			return $this->_tls;

		} elseif (array_key_exists($attr, $this->_items)){

		} elseif (array_key_exists($attr, $this->_items)){

			return $this->_items[$attr];

			return $this->_items[$attr];

		} elseif (array_key_exists($attr, $this->_tls)){

		} elseif (array_key_exists($attr, $this->_tls)){

			return $this->_tls[$attr];

			return $this->_tls[$attr];

		}

		}

		// nothing else!

		// nothing else!

	}

	}

	public function __set($attr, $value){// to set an $item

	public function __set($attr, $value){// to set an $item

		if (array_key_exists($attr, $this->_items)){

		if (array_key_exists($attr, $this->_items)){

			switch ($attr){

			switch ($attr){

				case "protocol":

				case "protocol":

					$this->_items['protocol']	= $value;

					$this->_items['protocol']	= $value;

					$this->_items['server']		= $this->_items['protocol'].'://'.$this->_items['host'];

					$this->_items['server']		= $this->_items['protocol'].'://'.$this->_items['host'];

					break;

					break;

				case "host":

				case "host":

					$this->_items['host']		= $value;

					$this->_items['host']		= $value;

					$this->_items['server']		= $this->_items['protocol'].'://'.$this->_items['host'];

					$this->_items['server']		= $this->_items['protocol'].'://'.$this->_items['host'];

					break;

					break;

				case "server":

				case "server":

					// extract protocole & host

					// extract protocole & host

					$tmp = explode("://",$value,2);

					$tmp = explode("://",$value,2);

					if (count($tmp) == 2){

					if (count($tmp) == 2){

						$this->_items['protocol'] = $tmp[0];

						$this->_items['protocol'] = $tmp[0];

						$this->_items['host'] 	= $tmp[1];

						$this->_items['host'] 	= $tmp[1];

					} else {

					} else {

						$this->_items['protocol'] = 'ldap';

						$this->_items['protocol'] = 'ldap';

						$this->_items['host'] 	= $tmp[0];

						$this->_items['host'] 	= $tmp[0];

					}

					}

					$this->_items['server'] = $this->_items['protocol'].'://'.$this->_items['host'];

					$this->_items['server'] = $this->_items['protocol'].'://'.$this->_items['host'];

					break;

					break;

				case "uid":

				case "uid":

					$this->_items['uid']		= $value;

					$this->_items['uid']		= $value;

					$this->_items['filter']		= "(".$this->_items['uid']."=%{User-Name})";

					$this->_items['filter']		= "(".$this->_items['uid']."=%{User-Name})";

					break;

					break;

				case "filter":

				case "filter":

					// extract uid

					// extract uid

					if (preg_match('`^[\(]([\sa-zA-Z0-9_-]*)=\%\{User-Name\}\)`',$value)){

					if (preg_match('`^[\(]([\sa-zA-Z0-9_-]*)=\%\{User-Name\}\)`',$value)){

						$this->_items['uid'] = preg_replace('`^[\(]([\sa-zA-Z0-9_-]*)=\%\{User-Name\}\)`','$1',$value);

						$this->_items['uid'] = preg_replace('`^[\(]([\sa-zA-Z0-9_-]*)=\%\{User-Name\}\)`','$1',$value);

					} else {

					} else {

						$this->_items['uid'] = 'uid';

						$this->_items['uid'] = 'uid';

					}

					}

					break;

					break;

				default:

				default:

					$this->_items[$attr] = $value;

					$this->_items[$attr] = $value;

			}

			}

		} elseif (array_key_exists($attr, $this->_tls)){

		} elseif (array_key_exists($attr, $this->_tls)){

			$this->_tls[$attr] = $value;

			$this->_tls[$attr] = $value;

		}

		}

	}

	}

	public function load($confFile){

	public function load($confFile){

		// use here the parsing class

		// use here the parsing class

		require_once("configreader.php");

		require_once("configreader.php");

		$r = new configReader($confFile);

		$r = new configReader($confFile);

		/*

		/*

		loading only if the file containt only one ldap instance.

		loading only if the file containt only one ldap instance.

		If more instance are found, we use the default values instead.

		If more instance are found, we use the default values instead.

		*/

		*/

		if (is_object($r->ldap)){

		if (is_object($r->ldap)){

			$this->instanceName = $r->ldap->getInstanceName();

			$this->instanceName = $r->ldap->getInstanceName();

			$items = $r->ldap->getpair();

			$items = $r->ldap->getpair();

			foreach ($items as $pair){

			foreach ($items as $pair){

				$pairName = $pair->getName();

				$pairName = $pair->getName();

				$pairValue = $pair->getPair($pairName);

				$pairValue = $pair->getPair($pairName);

				if (array_key_exists($pairName , $this->_items))

				if (array_key_exists($pairName , $this->_items))

					$this->$pairName = $pairValue; // we use __set() function to have all exceptions!

					$this->$pairName = $pairValue; // we use __set() function to have all exceptions!

			}

			}

			if (is_object($r->ldap->tls)){

			if (is_object($r->ldap->tls)){

				$tls = $r->ldap->tls->getpair();

				$tls = $r->ldap->tls->getpair();

				foreach ($tls as $pair){

				foreach ($tls as $pair){

					$tlsPairName = $pair->getName();

					$tlsPairName = $pair->getName();

					$tlsPairValue = $pair->getPair($tlsPairName);

					$tlsPairValue = $pair->getPair($tlsPairName);

					if (array_key_exists($tlsPairName , $this->_tls))

					if (array_key_exists($tlsPairName , $this->_tls))

						$this->$tlsPairName = $pairValue; // we use __set() function to have all exceptions!

						$this->$tlsPairName = $pairValue; // we use __set() function to have all exceptions!

				}

				}

			}

			}

		}

		}

	}

	}

	public function __toString() {

	public function __toString() {

		return $this->save(null, true);

		return $this->save(null, true);

    }

    }

	protected function _noComment($name, $value, $quote = false){

	protected function _noComment($name, $value, $quote = false){

		if ($value !== '#'){

		if ($value !== '#'){

			if ($quote === true){

			if ($quote === true){

				return $name." = \"".$value."\"";

				return $name." = \"".$value."\"";

			} else {

			} else {

				return $name." = ".$value;

				return $name." = ".$value;

			}

			}

		}

		}

	}

	}

	public function save($savefile = null, $returnconfig = false){

	public function save($savefile = null, $returnconfig = false){

	// make config file

	// make config file

	$config = "

	$config = "

	# Lightweight Directory Access Protocol (LDAP)

	# Lightweight Directory Access Protocol (LDAP)

	#

	#

	#  This module definition allows you to use LDAP for

	#  This module definition allows you to use LDAP for

	#  authorization and authentication.

	#  authorization and authentication.

	#

	#

	#  See raddb/sites-available/default for reference to the

	#  See raddb/sites-available/default for reference to the

	#  ldap module in the authorize and authenticate sections.

	#  ldap module in the authorize and authenticate sections.

	#

	#

	#  However, LDAP can be used for authentication ONLY when the

	#  However, LDAP can be used for authentication ONLY when the

	#  Access-Request packet contains a clear-text User-Password

	#  Access-Request packet contains a clear-text User-Password

	#  attribute.  LDAP authentication will NOT work for any other

	#  attribute.  LDAP authentication will NOT work for any other

	#  authentication method.

	#  authentication method.

	#

	#

	#  This means that LDAP servers don't understand EAP.  If you

	#  This means that LDAP servers don't understand EAP.  If you

	#  force \"Auth-Type = LDAP\", and then send the server a

	#  force \"Auth-Type = LDAP\", and then send the server a

	#  request containing EAP authentication, then authentication

	#  request containing EAP authentication, then authentication

	#  WILL NOT WORK.

	#  WILL NOT WORK.

	#

	#

	#  The solution is to use the default configuration, which does

	#  The solution is to use the default configuration, which does

	#  work.

	#  work.

	#

	#

	#  Setting \"Auth-Type = LDAP\" is ALMOST ALWAYS WRONG.  We

	#  Setting \"Auth-Type = LDAP\" is ALMOST ALWAYS WRONG.  We

	#  really can't emphasize this enough.

	#  really can't emphasize this enough.

	#	

	#	

	ldap ".$this->instanceName."{

	ldap ".$this->instanceName."{

		#

		#

		#  Note that this needs to match the name in the LDAP

		#  Note that this needs to match the name in the LDAP

		#  server certificate, if you're using ldaps.

		#  server certificate, if you're using ldaps.

		server = \"".$this->_items['server']."\"

		server = \"".$this->_items['server']."\"

		identity = \"".$this->_items['identity']."\"

		identity = \"".$this->_items['identity']."\"

		password = ".$this->_items['password']."

		password = ".$this->_items['password']."

		basedn = \"".$this->_items['basedn']."\"

		basedn = \"".$this->_items['basedn']."\"

		filter = \"".$this->_items['filter']."\"

		filter = \"".$this->_items['filter']."\"

		base_filter = \"".$this->_items['base_filter']."\"

		base_filter = \"".$this->_items['base_filter']."\"

		#  How many connections to keep open to the LDAP server.

		#  How many connections to keep open to the LDAP server.

		#  This saves time over opening a new LDAP socket for

		#  This saves time over opening a new LDAP socket for

		#  every authentication request.

		#  every authentication request.

		ldap_connections_number = ".$this->_items['ldap_connections_number']."

		ldap_connections_number = ".$this->_items['ldap_connections_number']."

		# seconds to wait for LDAP query to finish. default: 20

		# seconds to wait for LDAP query to finish. default: 20

		timeout = ".$this->_items['timeout']."

		timeout = ".$this->_items['timeout']."

		#  seconds LDAP server has to process the query (server-side

		#  seconds LDAP server has to process the query (server-side

		#  time limit). default: 20

		#  time limit). default: 20

		#

		#

		#  LDAP_OPT_TIMELIMIT is set to this value.

		#  LDAP_OPT_TIMELIMIT is set to this value.

		timelimit = ".$this->_items['timelimit']."

		timelimit = ".$this->_items['timelimit']."

		#

		#

		#  seconds to wait for response of the server. (network

		#  seconds to wait for response of the server. (network

		#   failures) default: 10

		#   failures) default: 10

		#

		#

		#  LDAP_OPT_NETWORK_TIMEOUT is set to this value.

		#  LDAP_OPT_NETWORK_TIMEOUT is set to this value.

		net_timeout = ".$this->_items['net_timeout']."

		net_timeout = ".$this->_items['net_timeout']."

		#

		#

		#  This subsection configures the tls related items

		#  This subsection configures the tls related items

		#  that control how FreeRADIUS connects to an LDAP

		#  that control how FreeRADIUS connects to an LDAP

		#  server.  It contains all of the \"tls_*\" configuration

		#  server.  It contains all of the \"tls_*\" configuration

		#  entries used in older versions of FreeRADIUS.  Those

		#  entries used in older versions of FreeRADIUS.  Those

		#  configuration entries can still be used, but we recommend

		#  configuration entries can still be used, but we recommend

		#  using these.

		#  using these.

		#

		#

		tls {

		tls {

			# Set this to 'yes' to use TLS encrypted connections

			# Set this to 'yes' to use TLS encrypted connections

			# to the LDAP database by using the StartTLS extended

			# to the LDAP database by using the StartTLS extended

			# operation.

			# operation.

			#			

			#			

			# The StartTLS operation is supposed to be

			# The StartTLS operation is supposed to be

			# used with normal ldap connections instead of

			# used with normal ldap connections instead of

			# using ldaps (port 689) connections

			# using ldaps (port 689) connections

			start_tls = ".$this->_tls['start_tls']."

			start_tls = ".$this->_tls['start_tls']."

			# cacertfile	= /path/to/cacert.pem

			# cacertfile	= /path/to/cacert.pem

			# cacertdir		= /path/to/ca/dir/

			# cacertdir		= /path/to/ca/dir/

			# certfile		= /path/to/radius.crt

			# certfile		= /path/to/radius.crt

			# keyfile		= /path/to/radius.key

			# keyfile		= /path/to/radius.key

			# randfile		= /path/to/rnd

			# randfile		= /path/to/rnd

			".$this->_noComment("cacertfile", $this->_tls['cacertfile'])."

			".$this->_noComment("cacertfile", $this->_tls['cacertfile'])."

			".$this->_noComment("cacertdir", $this->_tls['cacertdir'])."

			".$this->_noComment("cacertdir", $this->_tls['cacertdir'])."

			".$this->_noComment("certfile", $this->_tls['certfile'])."

			".$this->_noComment("certfile", $this->_tls['certfile'])."

			".$this->_noComment("keyfile", $this->_tls['keyfile'])."

			".$this->_noComment("keyfile", $this->_tls['keyfile'])."

			".$this->_noComment("randfile", $this->_tls['randfile'])."

			".$this->_noComment("randfile", $this->_tls['randfile'])."

			#  Certificate Verification requirements.  Can be:

			#  Certificate Verification requirements.  Can be:

			#    \"never\" (don't even bother trying)

			#    \"never\" (don't even bother trying)

			#    \"allow\" (try, but don't fail if the cerificate

			#    \"allow\" (try, but don't fail if the cerificate

			#		can't be verified)

			#		can't be verified)

			#    \"demand\" (fail if the certificate doesn't verify.)

			#    \"demand\" (fail if the certificate doesn't verify.)

			#

			#

			#	The default is \"allow\"

			#	The default is \"allow\"

			# require_cert	= \"demand\"

			# require_cert	= \"demand\"

			".$this->_noComment("require_cert", $this->_tls['require_cert'], true)."

			".$this->_noComment("require_cert", $this->_tls['require_cert'], true)."

		}

		}

		# default_profile = \"cn=radprofile,ou=dialup,o=My Org,c=UA\"

		# default_profile = \"cn=radprofile,ou=dialup,o=My Org,c=UA\"

		# profile_attribute = \"radiusProfileDn\"

		# profile_attribute = \"radiusProfileDn\"

		# access_attr = \"dialupAccess\"

		# access_attr = \"dialupAccess\"

		".$this->_noComment("default_profile", $this->_items['default_profile'], true)."

		".$this->_noComment("default_profile", $this->_items['default_profile'], true)."

		".$this->_noComment("profile_attribute", $this->_items['profile_attribute'], true)."

		".$this->_noComment("profile_attribute", $this->_items['profile_attribute'], true)."

		".$this->_noComment("access_attr", $this->_items['access_attr'], true)."

		".$this->_noComment("access_attr", $this->_items['access_attr'], true)."

		# Mapping of RADIUS dictionary attributes to LDAP

		# Mapping of RADIUS dictionary attributes to LDAP

		# directory attributes.

		# directory attributes.

		dictionary_mapping = ".$this->_items['dictionary_mapping']."

		dictionary_mapping = ".$this->_items['dictionary_mapping']."

		#  Set password_attribute = nspmPassword to get the

		#  Set password_attribute = nspmPassword to get the

		#  user's password from a Novell eDirectory

		#  user's password from a Novell eDirectory

		#  backend. This will work ONLY IF FreeRADIUS has been

		#  backend. This will work ONLY IF FreeRADIUS has been

		#  built with the --with-edir configure option.

		#  built with the --with-edir configure option.

		#

		#

		#  See also the following links:

		#  See also the following links:

		#

		#

		#  http://www.novell.com/coolsolutions/appnote/16745.html

		#  http://www.novell.com/coolsolutions/appnote/16745.html

		#  https://secure-support.novell.com/KanisaPlatform/Publishing/558/3009668_f.SAL_Public.html

		#  https://secure-support.novell.com/KanisaPlatform/Publishing/558/3009668_f.SAL_Public.html

		#

		#

		#  Novell may require TLS encrypted sessions before returning

		#  Novell may require TLS encrypted sessions before returning

		#  the user's password.

		#  the user's password.

		#

		#

		# password_attribute = userPassword

		# password_attribute = userPassword

		".$this->_noComment("access_attr", $this->_items['access_attr'])."

		".$this->_noComment("access_attr", $this->_items['access_attr'])."

		#  Un-comment the following to disable Novell

		#  Un-comment the following to disable Novell

		#  eDirectory account policy check and intruder

		#  eDirectory account policy check and intruder

		#  detection. This will work *only if* FreeRADIUS is

		#  detection. This will work *only if* FreeRADIUS is

		#  configured to build with --with-edir option.

		#  configured to build with --with-edir option.

		#

		#

		edir_account_policy_check = no

		edir_account_policy_check = no

		".$this->_noComment("access_attr", $this->_items['access_attr'])."

		".$this->_noComment("access_attr", $this->_items['access_attr'])."

		#

		#

		#  Group membership checking.  Disabled by default.

		#  Group membership checking.  Disabled by default.

		#

		#

		# groupname_attribute = cn

		# groupname_attribute = cn

		# groupmembership_filter = \"(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))\"

		# groupmembership_filter = \"(|(&(objectClass=GroupOfNames)(member=%{Ldap-UserDn}))(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))\"

		# groupmembership_attribute = radiusGroupName

		# groupmembership_attribute = radiusGroupName

		".$this->_noComment("groupname_attribute", $this->_items['groupname_attribute'])."

		".$this->_noComment("groupname_attribute", $this->_items['groupname_attribute'])."

		".$this->_noComment("groupmembership_filter", $this->_items['groupmembership_filter'], true)."

		".$this->_noComment("groupmembership_filter", $this->_items['groupmembership_filter'], true)."

		".$this->_noComment("groupmembership_attribute", $this->_items['groupmembership_attribute'])."

		".$this->_noComment("groupmembership_attribute", $this->_items['groupmembership_attribute'])."

		# compare_check_items = yes

		# compare_check_items = yes

		# do_xlat = yes

		# do_xlat = yes

		# access_attr_used_for_allow = yes

		# access_attr_used_for_allow = yes

		".$this->_noComment("compare_check_items", $this->_items['compare_check_items'])."

		".$this->_noComment("compare_check_items", $this->_items['compare_check_items'])."

		".$this->_noComment("do_xlat", $this->_items['do_xlat'])."

		".$this->_noComment("do_xlat", $this->_items['do_xlat'])."

		".$this->_noComment("access_attr_used_for_allow", $this->_items['access_attr_used_for_allow'])."

		".$this->_noComment("access_attr_used_for_allow", $this->_items['access_attr_used_for_allow'])."

		#

		#

		#  By default, if the packet contains a User-Password,

		#  By default, if the packet contains a User-Password,

		#  and no other module is configured to handle the

		#  and no other module is configured to handle the

		#  authentication, the LDAP module sets itself to do

		#  authentication, the LDAP module sets itself to do

		#  LDAP bind for authentication.

		#  LDAP bind for authentication.

		#

		#

		#  THIS WILL ONLY WORK FOR PAP AUTHENTICATION.

		#  THIS WILL ONLY WORK FOR PAP AUTHENTICATION.

		#

		#

		#  THIS WILL NOT WORK FOR CHAP, MS-CHAP, or 802.1x (EAP). 

		#  THIS WILL NOT WORK FOR CHAP, MS-CHAP, or 802.1x (EAP). 

		#

		#

		#  You can disable this behavior by setting the following

		#  You can disable this behavior by setting the following

		#  configuration entry to \"no\".

		#  configuration entry to \"no\".

		#

		#

		#  allowed values: {no, yes}

		#  allowed values: {no, yes}

		# set_auth_type = yes

		# set_auth_type = yes

		# set_auth_type = no

		# set_auth_type = no

		".$this->_noComment("set_auth_type", $this->_items['set_auth_type'])."

		".$this->_noComment("set_auth_type", $this->_items['set_auth_type'])."

		#  ldap_debug: debug flag for LDAP SDK

		#  ldap_debug: debug flag for LDAP SDK

		#  (see OpenLDAP documentation).  Set this to enable

		#  (see OpenLDAP documentation).  Set this to enable

		#  huge amounts of LDAP debugging on the screen.

		#  huge amounts of LDAP debugging on the screen.

		#  You should only use this if you are an LDAP expert.

		#  You should only use this if you are an LDAP expert.

		#

		#

		#	default: 0x0000 (no debugging messages)

		#	default: 0x0000 (no debugging messages)

		#	Example:(LDAP_DEBUG_FILTER+LDAP_DEBUG_CONNS)

		#	Example:(LDAP_DEBUG_FILTER+LDAP_DEBUG_CONNS)

		#ldap_debug = 0x0028

		#ldap_debug = 0x0028

		".$this->_noComment("ldap_debug", $this->_items['ldap_debug'])."

		".$this->_noComment("ldap_debug", $this->_items['ldap_debug'])."

	}

	}

	";

	";

		if ($savefile !== null){

		if ($savefile !== null){

			// save config file

			// save config file

			if (is_file($savefile)){

			if (is_file($savefile)){

				// save the file

				// save the file

				if (!is_writable($savefile))

				if (!is_writable($savefile))

					return false;

					return false;

				$updatedFile = fopen( $savefile, 'w' );

				$updatedFile = fopen( $savefile, 'w' );

				fwrite( $updatedFile, $config );

				fwrite( $updatedFile, $config );

				fclose( $updatedFile );

				fclose( $updatedFile );

			} else {

			} else {

				// create a new file

				// create a new file

				$newFile = fopen($savefile, 'w') or die("can't create file");

				$newFile = fopen($savefile, 'w') or die("can't create file");

				fwrite( $newFile, $config );

				fwrite( $newFile, $config );

				fclose( $newFile );

				fclose( $newFile );

			}

			}

		}	

		}	

		// test $returnconfig

		// test $returnconfig

		if (($returnconfig===true)||($returnconfig==="yes")){

		if (($returnconfig===true)||($returnconfig==="yes")){

			return $config;

			return $config;

		}else{

		}else{

			return true;

			return true;

		}

		}

	}

	}

}

}

?>

?>

Generated by GNU Enscript 1.6.6.

Generated by GNU Enscript 1.6.6.