WebSVN – ALCASAR – Diff – //web/acc/admin/ldap.php

 <?php
-# $Id: ldap.php 2452 2017-12-05 22:51:01Z tom.houdayer $
+# $Id: ldap.php 2453 2017-12-06 00:06:41Z tom.houdayer $
-/* written by steweb57 & Rexy */
+/* written by steweb57, Rexy & Tom HOUDAYER */
 /****************************************************************
 *			GLOBAL FILE PATHS			*
 *****************************************************************/
 define('CONF_FILE', '/usr/local/etc/alcasar.conf');
+}
 // LDAP configuration params
 $ldap_status      = ($conf['LDAP'] === 'on');
 $ldap_server      = $conf['LDAP_SERVER'];
-$ldap_identity    = $conf['LDAP_USER'];
+$ldap_user        = $conf['LDAP_USER'];
 $ldap_password    = $conf['LDAP_PASSWORD'];
 $ldap_base_dn     = $conf['LDAP_BASE'];
 $ldap_filter      = $conf['LDAP_UID'];
 $ldap_base_filter = $conf['LDAP_FILTER'];
 	$new_ldap_server = explode('//', $ldap_server); // pour discriminer le host et le protocole dans la notation "ldap://192.168.182.10" ou "ldaps://monldap.monentreperise.com"
 } else {
 	$new_ldap_server = $ldap_server;
+}
 if ($ldap_status) {
-	$serverCheckResult = ldap_checkServerConfig($new_ldap_server, $ldap_identity, $ldap_password, $ldap_base_dn, $ldap_filter);
+	$serverCheckResult = ldap_checkServerConfig($new_ldap_server, $ldap_user, $ldap_password, $ldap_base_dn, $ldap_filter);
+}
+// AJAX LDAP configuration checker
+if (isset($_GET['conf_check'])) {
+	$response = [
+		'enable' => $ldap_status
+	];
+	if ($ldap_status || ($_SERVER['REQUEST_METHOD'] === 'POST')) {
+		$varErrors = [];
+		if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+			if (isset($_POST['ldap_server']))      $ldap_server      = $_POST['ldap_server'];      else array_push($varErrors, 'Variable error "ldap_server"');
+			if (isset($_POST['ldap_base_dn']))     $ldap_base_dn     = $_POST['ldap_base_dn'];     else array_push($varErrors, 'Variable error "ldap_base_dn"');
+			if (isset($_POST['ldap_filter']))      $ldap_filter      = $_POST['ldap_filter'];      else array_push($varErrors, 'Variable error "ldap_filter"');
+			if (isset($_POST['ldap_base_filter'])) $ldap_base_filter = $_POST['ldap_base_filter']; else array_push($varErrors, 'Variable error "ldap_base_filter"');
+			if (isset($_POST['ldap_user']))        $ldap_user        = $_POST['ldap_user'];        else array_push($varErrors, 'Variable error "ldap_user"');
+			if (isset($_POST['ldap_password']))    $ldap_password    = $_POST['ldap_password'];    else array_push($varErrors, 'Variable error "ldap_password"');
+		}
+		// Validation
+		if (isset($ldap_server)) {
+			if ((!preg_match('/^([0-9]{1,3}\.){3}([0-9]{1,3})$/', $ldap_server)) && (preg_match('/^[a-zA-Z0-9-_.]+$/', $ldap_server))) {
+				$ldap_server = gethostbyname($ldap_server);
+			}
+			if (!preg_match('/^([0-9]{1,3}\.){3}([0-9]{1,3})$/', $ldap_server)) {
+				array_push($varErrors, 'Invalid LDAP server IP');
+			}
+		}
+		$response['result'] = (ldap_checkServerConfig($ldap_server, $ldap_user, $ldap_password, $ldap_base_dn, $ldap_filter) > 0);
+		if (!empty($varErrors)) {
+			$response['errors'] = $varErrors;
+		}
+	}
+	header('Content-Type: application/json');
+	echo json_encode($response);
+	exit();
+}
 ?>
 <!DOCTYPE html>
 <html>
 	<link type="text/css" href="/css/ldap.css" rel="stylesheet">
 	<script>
 	function onLdapStatusChange() {
 		var listToDisables = ['ldap_server', 'ldap_dn', 'ldap_filter', 'ldap_base_filter', 'ldap_user', 'ldap_password'];
-		if (document.getElementById("auth_enable").value === '1') {
+		if (document.getElementById('auth_enable').value === '1') {
 			for (var i=0; i<listToDisables.length; i++) {
 				document.getElementById(listToDisables[i]).style.backgroundColor = '#ffffff';
 				document.getElementById(listToDisables[i]).disabled = false;
+			}
 		} else {
 				document.getElementById(listToDisables[i]).style.backgroundColor = '#c0c0c0';
 				document.getElementById(listToDisables[i]).disabled = true;
+			}
+		}
+	}
+	function checkConfig() {
+		var ldap_config = {
+			ldap_status:     (document.getElementById('auth_enable').value === '1'),
+			ldap_server:      document.getElementById('ldap_server').value,
+			ldap_user:        document.getElementById('ldap_user').value,
+			ldap_password:    document.getElementById('ldap_password').value,
+			ldap_base_dn:     document.getElementById('ldap_dn').value,
+			ldap_filter:      document.getElementById('ldap_filter').value,
+			ldap_base_filter: document.getElementById('ldap_base_filter').value
+		};
+		console.log(ldap_config);
+		var params = Object.keys(ldap_config).map( function (k) { return encodeURIComponent(k) + '=' + encodeURIComponent(ldap_config[k]) } ).join('&');
+		var xhr = new XMLHttpRequest();
+		xhr.onreadystatechange = function() {
+			if (this.readyState == 4) {
+				if (this.status == 200) {
+					var data = JSON.parse(this.responseText);
+					if (data.result === true) {
+						alert('Configuration valide');
+					} else {
+						alert('Configuration non valide');
+					}
+					if (typeof data.errors !== 'undefined') {
+						alert(data.errors.join("\n"));
+					}
+					console.log(data)
+				} else {
+					console.log(this.responseText)
+				}
+			}
+		};
+		xhr.open('POST', 'ldap.php?conf_check', true);
+		xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
+		xhr.send(params);
+	}
 	</script>
 </head>
 <body onLoad="onLdapStatusChange();">
 	<div class="panel">
 		<div class="panel-header"><?= $l_ldap_legend ?></div>
 						<dt>
 							<label for="ldap_user"><?= $l_ldap_user_label ?></label><br>
 							<?= $l_ldap_user_text ?>
 						</dt>
 						<dd>
-							<input id="ldap_user" size="40" name="ldap_user" value="<?= htmlspecialchars($ldap_identity) ?>">
+							<input id="ldap_user" size="40" name="ldap_user" value="<?= htmlspecialchars($ldap_user) ?>">
 						</dd>
 					</dl>
 					<dl>
 						<dt>
 							<label for="ldap_password"><?= $l_ldap_password_label ?></label><br>
 						</dd>
 					</dl>
 					<p>
 						<input id="submit" type="submit" value="<?= $l_ldap_submit ?>" name="submit">
 						<input id="reset" type="reset" value="<?= $l_ldap_reset ?>" name="reset">
+						<button onclick="checkConfig(); return false;">Check [BETA]</button>
 					</p>
 				</fieldset>
 			</form>
 		</div>
 	</div>

Subversion Repositories ALCASAR

(root)//web/acc/admin/ldap.php – Rev 2452 → 2453