WebSVN – ALCASAR – Diff – /web/acc/admin/ldap.php

 <?php
-# $Id: ldap.php 2449 2017-12-05 21:42:08Z tom.houdayer $
+# $Id: ldap.php 2451 2017-12-05 22:33:27Z tom.houdayer $
 /* written by steweb57 & Rexy */
 /****************************************************************
 *			GLOBAL FILE PATHS			*
 *****************************************************************/
 	$l_ldap_test_dn_failed          = "DN seems to be wrong";
 	$l_ldap_error			= "LDAP error";
+}
-$message = '';
-if ((isset($_GET['erreur'])) && (!empty($_GET['erreur']))) {
-	$message  = '<div style="text-align: center"><br>';
-	$message .= '<span style="font-weight: bold; color: red;">'.htmlspecialchars($erreur).'</span><br>';
-	$message .= '<br></div>';
-} else if (isset($_GET['update']) && ($_GET['update'] === 'ok')) {
-	$message  = '<div style="text-align: center"><br>';
-	$message .= '<span style="font-weight: bold; color: green;">'.$l_ldap_update_sucess.'</span><br>';
-	$message .= '<br></div>';
-}
-// LDAP configuration params
-$ldap_status      = ($conf['LDAP'] === 'on');
-$ldap_server      = $conf['LDAP_SERVER'];
-$ldap_identity    = $conf['LDAP_USER'];
-$ldap_password    = $conf['LDAP_PASSWORD'];
-$ldap_basedn      = $conf['LDAP_BASE'];
-$ldap_filter      = $conf['LDAP_UID'];
-$ldap_base_filter = $conf['LDAP_FILTER'];
 function ldap_checkServerConfig($f_ldap_server, $f_ldap_identity, $f_ldap_password, $f_ldap_basedn, $f_ldap_filter, $f_ldap_port = 389) {
 	// Test connect to the LDAP server
 	if (!$sock = @fsockopen($f_ldap_server, $f_ldap_port, $num, $error, 2)) {
 		// no network connection
 		return -1;
 	} else {
 		return 1;
+	}
+}
+$messages = '';
+if (isset($_POST['auth_enable'])) {
+	if ($_POST['auth_enable'] === '1') {
+		$varErrors = [];
+		if (isset($_POST['ldap_server']))      $ldap_server      = $_POST['ldap_server'];      else array_push($varErrors, 'Variable error "ldap_server"');
+		if (isset($_POST['ldap_base_dn']))     $ldap_base_dn     = $_POST['ldap_base_dn'];     else array_push($varErrors, 'Variable error "ldap_base_dn"');
+		if (isset($_POST['ldap_filter']))      $ldap_filter      = $_POST['ldap_filter'];      else array_push($varErrors, 'Variable error "ldap_filter"');
+		if (isset($_POST['ldap_base_filter'])) $ldap_base_filter = $_POST['ldap_base_filter']; else array_push($varErrors, 'Variable error "ldap_base_filter"');
+		if (isset($_POST['ldap_user']))        $ldap_user        = $_POST['ldap_user'];        else array_push($varErrors, 'Variable error "ldap_user"');
+		if (isset($_POST['ldap_password']))    $ldap_password    = $_POST['ldap_password'];    else array_push($varErrors, 'Variable error "ldap_password"');
+		// Validation
+		if (isset($ldap_server)) {
+			if ((!preg_match('/^([0-9]{1,3}\.){3}([0-9]{1,3})$/', $ldap_server)) && (preg_match('/^[a-zA-Z0-9-_.]+$/', $ldap_server))) {
+				$ldap_server = gethostbyname($ldap_server);
+			}
+			if (!preg_match('/^([0-9]{1,3}\.){3}([0-9]{1,3})$/', $ldap_server)) {
+				array_push($varErrors, 'Invalid LDAP server IP');
+			}
+		}
+		if (!empty($varErrors)) {
+			$messages .= '<div style="text-align: center"><br>';
+			foreach ($varErrors as $error) {
+				$messages .= '<span style="font-weight: bold; color: red;">'.$error.'</span><br>';
+			}
+			$messages .= '<br></div>';
+		} else {
+			exec('sed -i \'s/^LDAP=.*/LDAP=on/g\' '.CONF_FILE);
+			exec('sed -i '.escapeshellarg("s/^LDAP_SERVER=.*/LDAP_SERVER=$ldap_server/g").' '.CONF_FILE);
+			exec('sed -i '.escapeshellarg("s/^LDAP_BASE=.*/LDAP_BASE=$ldap_base_dn/g").' '.CONF_FILE);
+			exec('sed -i '.escapeshellarg("s/^LDAP_UID=.*/LDAP_UID=$ldap_filter/g").' '.CONF_FILE);
+			exec('sed -i '.escapeshellarg("s/^LDAP_FILTER=.*/LDAP_FILTER=$ldap_filter/g").' '.CONF_FILE);
+			exec('sed -i '.escapeshellarg("s/^LDAP_USER=.*/LDAP_USER=$ldap_user/g").' '.CONF_FILE);
+			exec('sed -i '.escapeshellarg("s/^LDAP_PASSWORD=.*/LDAP_PASSWORD=$ldap_password/g").' '.CONF_FILE);
+			exec('sudo /usr/local/bin/alcasar-ldap.sh --on');
+			$messages .= '<div style="text-align: center"><br>';
+			$messages .= '<span style="font-weight: bold; color: green;">'.$l_ldap_update_sucess.'</span><br>';
+			$messages .= '<br></div>';
+		}
+	} else {
+		exec('sed -i "s/^LDAP=.*/LDAP=off/g" '.CONF_FILE);
+		exec('sudo /usr/local/bin/alcasar-ldap.sh --off');
+		$messages .= '<div style="text-align: center"><br>';
+		$messages .= '<span style="font-weight: bold; color: green;">'.$l_ldap_update_sucess.'</span><br>';
+		$messages .= '<br></div>';
+	}
+	// Reload configuration
+	$file_conf = fopen(CONF_FILE, 'r');
+	if (!$file_conf) {
+		exit('Error opening the file '.CONF_FILE);
+	}
+	while (!feof($file_conf)) {
+		$buffer = fgets($file_conf, 4096);
+		if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
+			$tmp = explode('=', $buffer, 2);
+			$conf[trim($tmp[0])] = trim($tmp[1]);
+		}
+	}
+	fclose($file_conf);
+}
+// LDAP configuration params
+$ldap_status      = ($conf['LDAP'] === 'on');
+$ldap_server      = $conf['LDAP_SERVER'];
+$ldap_identity    = $conf['LDAP_USER'];
+$ldap_password    = $conf['LDAP_PASSWORD'];
+$ldap_basedn      = $conf['LDAP_BASE'];
+$ldap_filter      = $conf['LDAP_UID'];
+$ldap_base_filter = $conf['LDAP_FILTER'];
 // TODO : check LDAP PHP extension loaded?
 // if (!extension_loaded('ldap')) {
 // 	exit();
 // }
 </head>
 <body onLoad="onLdapStatusChange();">
 	<div class="panel">
 		<div class="panel-header"><?= $l_ldap_legend ?></div>
 		<div class="panel-body">
-			<form name="config_ldap" method="post" action="update_ldap.php">
+			<form name="config_ldap" method="POST" action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>">
 				<fieldset>
 					<legend>
-						<?= $message ?>
+						<?= $messages ?>
 						<?php if ($ldap_status): ?>
 							<div style="text-align: center"><br>
 								<?php if ($serverCheckResult === -2): ?>
 									<span style="color: red"><?= $l_ldap_test_connection_failed ?></span>
 								<?php elseif ($serverCheckResult === -1): ?>

Subversion Repositories ALCASAR

(root)/web/acc/admin/ldap.php – Rev 2449 → 2451