| | |
| | | return PASSWORD_CONNECT_ERROR; |
| | | } |
| | | |
| | | /* Set protocol version */ |
| | | /* Set protocol version */ |
| | | if (!ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, $rcmail->config->get('password_ldap_version'))) { |
| | | ldap_unbind($ds); |
| | | return PASSWORD_CONNECT_ERROR; |
| | |
| | | } else { |
| | | $user_dn = ldap_simple_search_userdn($rcmail, $ds); |
| | | } |
| | | |
| | | |
| | | if (empty($user_dn)) { |
| | | ldap_unbind($ds); |
| | | return PASSWORD_CONNECT_ERROR; |
| | | } |
| | | |
| | | |
| | | /* Connection method */ |
| | | switch ($rcmail->config->get('password_ldap_method')) { |
| | | case 'admin': |
| | |
| | | ldap_unbind($ds); |
| | | return PASSWORD_CONNECT_ERROR; |
| | | } |
| | | |
| | | |
| | | /* Crypting new password */ |
| | | $passwd = ldap_simple_hash_password($passwd, $rcmail->config->get('password_ldap_encodage')); |
| | | if (!$passwd) { |
| | | ldap_unbind($ds); |
| | | return PASSWORD_CRYPT_ERROR; |
| | | } |
| | | |
| | | |
| | | $entree[$rcmail->config->get('password_ldap_pwattr')] = $passwd; |
| | | |
| | | /* Updating PasswordLastChange Attribute if desired */ |
| | | if ($lchattr = $rcmail->config->get('password_ldap_lchattr')) { |
| | | $entree[$lchattr] = (int)(time() / 86400) |
| | | $entree[$lchattr] = (int)(time() / 86400); |
| | | } |
| | | |
| | | |
| | | |
| | | if (!ldap_modify($ds, $user_dn, $entree)) { |
| | | ldap_unbind($ds); |
| | | return PASSWORD_CONNECT_ERROR; |
| | | } |
| | | |
| | | |
| | | /* All done, no error */ |
| | | ldap_unbind($ds); |
| | | return PASSWORD_SUCCESS; |
| | |
| | | if (!ldap_bind($ds, $rcmail->config->get('password_ldap_searchDN'), $rcmail->config->get('password_ldap_searchPW'))) { |
| | | return false; |
| | | } |
| | | |
| | | |
| | | /* Search for the DN */ |
| | | if (!$sr = ldap_search($ds, $rcmail->config->get('password_ldap_search_base'), ldap_simple_substitute_vars($rcmail->config->get('password_ldap_search_filter')))) { |
| | | return false; |
| | | } |
| | | |
| | | |
| | | /* If no or more entries were found, return false */ |
| | | if (ldap_count_entries($ds, $sr) != 1) { |
| | | return false; |
| | | } |
| | | |
| | | |
| | | return ldap_get_dn($ds, ldap_first_entry($ds, $sr)); |
| | | } |
| | | |
| | | /** |
| | | * Substitute %login, %name and %domain in $str |
| | | * Substitute %login, %name, %domain, %dc in $str |
| | | * See plugin config for details |
| | | */ |
| | | function ldap_simple_substitute_vars($str) |
| | | { |
| | | $str = str_replace('%login', $_SESSION['username'], $str); |
| | | $str = str_replace('%l', $_SESSION['username'], $str); |
| | | |
| | | |
| | | $parts = explode('@', $_SESSION['username']); |
| | | |
| | | if (count($parts) == 2) { |
| | | $dc = 'dc='.strtr($parts[1], array('.' => ',dc=')); // hierarchal domain string |
| | | |
| | | $str = str_replace('%name', $parts[0], $str); |
| | | $str = str_replace('%n', $parts[0], $str); |
| | | |
| | | $str = str_replace('%n', $parts[0], $str); |
| | | $str = str_replace('%dc', $dc, $str); |
| | | $str = str_replace('%domain', $parts[1], $str); |
| | | $str = str_replace('%d', $parts[1], $str); |
| | | } |
| | |
| | | while (strlen($str) < $length) { |
| | | $str .= substr($possible, (rand() % strlen($possible)), 1); |
| | | } |
| | | |
| | | |
| | | return $str; |
| | | } |