Roundcubemail devel
parent: 13ffa281 | patch | commit | show whitespace
alecpl
2010-09-30 1148c6e936c487c72740ba93ae430b42837e6999 
- Add option do bind for an individual LDAP address book (#1486997)


3 files modified
32 ■■■■■ changed files
CHANGELOG 1 ●●●● patch | view | raw | blame | history
config/main.inc.php.dist 6 ●●●●● patch | view | raw | blame | history
program/include/rcube_ldap.php 25 ●●●●● patch | view | raw | blame | history 
 CHANGELOG


@@ -9,6 +9,7 @@


- Fix HTML to plain text conversion doesn't handle citation blocks (#1486921)


- Use custom sorting when SORT is disabled by IMAP admin (#1486959)


- Allow setting some washtml options from plugin (#1486578)


- Add option do bind for an individual LDAP address book (#1486997)




RELEASE 0.4.1


-------------




 config/main.inc.php.dist


@@ -414,9 +414,15 @@


  // %u  - The username prior to the '@'.


  // %d  - The domain name after the '@'.


  // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"


  // %dn - DN found by ldap search when search_filter/search_base_dn are used


  'base_dn'       => '',


  'bind_dn'       => '',


  'bind_pass'     => '',


  // It's possible to bind for an individual address book


  // The login name is used to search for the DN to bind with


  'search_base_dn' => '',


  'search_filter'  => '',   // e.g. '(&(objectClass=posixAccount)(uid=%u))'




  'writable'      => false,   // Indicates if we can write to the LDAP directory or not.


  // If writable is true then these fields need to be populated:


  // LDAP_Object_Classes, required_fields, LDAP_rdn




 program/include/rcube_ldap.php


@@ -4,7 +4,7 @@


 | program/include/rcube_ldap.php                                        |


 |                                                                       |


 | This file is part of the Roundcube Webmail client                     |


 | Copyright (C) 2006-2009, Roundcube Dev. - Switzerland                 |


 | Copyright (C) 2006-2010, Roundcube Dev. - Switzerland                 |


 | Licensed under the GNU GPL                                            |


 |                                                                       |


 | PURPOSE:                                                              |


@@ -134,8 +134,29 @@


        list($u, $d) = explode('@', $fu);


        $dc = 'dc='.strtr($d, array('.' => ',dc=')); // hierarchal domain string




        // Replace the bind_dn and base_dn variables.


        $replaces = array('%dc' => $dc, '%d' => $d, '%fu' => $fu, '%u' => $u);




        if ($this->prop['search_base_dn'] && $this->prop['search_filter']) {


          // Search for the dn to use to authenticate


          $this->prop['search_base_dn'] = strtr($this->prop['search_base_dn'], $replaces);


          $this->prop['search_filter'] = strtr($this->prop['search_filter'], $replaces);




          $this->_debug("S: searching with base {$this->prop['search_base_dn']} for {$this->prop['search_filter']}");




          $res = ldap_search($this->conn, $this->prop['search_base_dn'], $this->prop['search_filter'], array('uid'));


          if ($res && ($entry = ldap_first_entry($this->conn, $res))) {


            $bind_dn = ldap_get_dn($this->conn, $entry);




            $this->_debug("S: search returned dn: $bind_dn");




            if ($bind_dn) {


              $this->prop['bind_dn'] = $bind_dn;


              $dn = ldap_explode_dn($bind_dn, 1);


              $replaces['%dn'] = $dn[0];


            }


          }


        }


        // Replace the bind_dn and base_dn variables.


        $this->prop['bind_dn'] = strtr($this->prop['bind_dn'], $replaces);


        $this->prop['base_dn'] = strtr($this->prop['base_dn'], $replaces);


      }