diff --git a/apps/maarch_entreprise/log.php b/apps/maarch_entreprise/log.php
index b55c44ffd38d1de8a599159cbadd01bb54fa3414..874ea58966cbf1efcd0c61e645d4ea778299692b 100755
--- a/apps/maarch_entreprise/log.php
+++ b/apps/maarch_entreprise/log.php
@@ -132,115 +132,128 @@ if (!empty($_SESSION['error'])) {
exit($e->getMessage());
}
- $xpLdapConf = new domxpath($ldapConf);
-
- foreach ($xpLdapConf->query('/root/config/*') as $cf) {
- ${$cf->nodeName} = $cf->nodeValue;
+ if (!file_exists($pathtoConfig)) {
+ exit();
}
- //On inclus la class LDAP qui correspond à l'annuaire
- if (strtolower($type_ldap) == 'openldap') {
- $classLdap = 'class_openLDAP.php';
- } else {
- $classLdap = 'class_adLDAP.php';
- }
- //customized or not
- if (!@include $_SESSION['config']['corepath'].'/custom/'.$_SESSION['custom_override_id'].'/modules/ldap/class/'.$classLdap) {
- if (!@include $_SESSION['config']['corepath'].'modules/ldap/class/'.$classLdap) {
- exit('Impossible de charger class_'.$_SESSION['config']['corepath'].'/modules/ldap/class/'.$classLdap."\n");
- }
- }
+ $xpLdapConf = new domxpath($ldapConf);
+ $ldapConfig = simplexml_load_file($pathtoConfig);
- if (!empty($prefix_login)) {
- $login_admin = $prefix_login.'\\'.$login_admin;
- }
+// foreach ($xpLdapConf->query('/root/config/*') as $cf) {
+// ${$cf->nodeName} = $cf->nodeValue;
+// }
- if (!empty($suffix_login)) {
- $login_admin = $login_admin.$suffix_login;
- }
+ foreach ($ldapConfig->config->ldap as $ldap) {
+ $_SESSION['error'] = '';
+ foreach ($ldap as $node => $value) {
+ ${$node} = (string)$value;
+ }
- //Try to create a new ldap instance
- try {
+ //On inclus la class LDAP qui correspond à l'annuaire
if (strtolower($type_ldap) == 'openldap') {
- $ad = new LDAP($domain, $login_admin, $pass, $ssl, $hostname);
+ $classLdap = 'class_openLDAP.php';
} else {
- $ad = new LDAP($domain, $login_admin, $pass, $ssl);
+ $classLdap = 'class_adLDAP.php';
}
- } catch (Exception $conFailure) {
- if (!empty($standardConnect) && $standardConnect == 'true') {
- $res = $sec->login($login, $password);
- $_SESSION['user'] = $res['user'];
- if (empty($res['error'])) {
- \SrcCore\models\AuthenticationModel::setCookieAuth(['userId' => $login]);
- \SrcCore\models\AuthenticationModel::resetFailedAuthentication(['userId' => $login]);
- $user = \User\models\UserModel::getByUserId(['userId' => $login, 'select' => ['id']]);
- \User\models\UserModel::updatePassword(['id' => $user['id'], 'password' => $password]);
- $core->load_menu($_SESSION['modules']);
+
+ //customized or not
+ if (!@include_once $_SESSION['config']['corepath'] . '/custom/' . $_SESSION['custom_override_id'] . '/modules/ldap/class/' . $classLdap) {
+ if (!@include_once $_SESSION['config']['corepath'] . 'modules/ldap/class/' . $classLdap) {
+ exit('Impossible de charger class_' . $_SESSION['config']['corepath'] . '/modules/ldap/class/' . $classLdap . "\n");
+ }
+ }
+
+ if (!empty($prefix_login)) {
+ $login_admin = $prefix_login . '\\' . $login_admin;
+ }
+
+ if (!empty($suffix_login)) {
+ $login_admin = $login_admin . $suffix_login;
+ }
+
+ //Try to create a new ldap instance
+ try {
+ if (strtolower($type_ldap) == 'openldap') {
+ $ad = new LDAP($domain, $login_admin, $pass, $ssl, $hostname);
} else {
- $_SESSION['error'] = $res['error'];
+ $ad = new LDAP($domain, $login_admin, $pass, $ssl);
}
+ } catch (Exception $conFailure) {
+ if (!empty($standardConnect) && $standardConnect == 'true') {
+ $res = $sec->login($login, $password);
+ $_SESSION['user'] = $res['user'];
+ if (empty($res['error'])) {
+ \SrcCore\models\AuthenticationModel::setCookieAuth(['userId' => $login]);
+ \SrcCore\models\AuthenticationModel::resetFailedAuthentication(['userId' => $login]);
+ $user = \User\models\UserModel::getByUserId(['userId' => $login, 'select' => ['id']]);
+ \User\models\UserModel::updatePassword(['id' => $user['id'], 'password' => $password]);
+ $core->load_menu($_SESSION['modules']);
+ } else {
+ $_SESSION['error'] = $res['error'];
+ }
- header('location: '.$_SESSION['config']['businessappurl'].$res['url']);
- exit();
- } else {
- echo functions::xssafe($conFailure->getMessage());
- exit;
+ header('location: ' . $_SESSION['config']['businessappurl'] . $res['url']);
+ continue;
+ } else {
+ echo functions::xssafe($conFailure->getMessage());
+ exit;
+ }
}
- }
- if ($prefix_login != '') {
- $loginToAd = $prefix_login.'\\'.$login;
- } else {
- $loginToAd = $login;
- }
+ if ($prefix_login != '') {
+ $loginToAd = $prefix_login . '\\' . $login;
+ } else {
+ $loginToAd = $login;
+ }
- if ($suffix_login != '') {
- $loginToAd = $loginToAd.$suffix_login;
- }
+ if ($suffix_login != '') {
+ $loginToAd = $loginToAd . $suffix_login;
+ }
- if ($ad->authenticate($loginToAd, $password)) {
- //TODO: protect sql injection with PDO
- require_once 'core/class/class_db_pdo.php';
+ if ($ad->authenticate($loginToAd, $password)) {
+ //TODO: protect sql injection with PDO
+ require_once 'core/class/class_db_pdo.php';
- // Instantiate database.
- $database = new Database();
- $stmt = $database->query(
+ // Instantiate database.
+ $database = new Database();
+ $stmt = $database->query(
'SELECT * FROM users WHERE user_id ILIKE ?',
array($login)
); //permet de rechercher les utilisateurs dans le LDAP sans prendre en compte la casse
- $result = $stmt->fetch();
+ $result = $stmt->fetch();
- if ($result) {
- $_SESSION['error'] = '';
- $res = $sec->login($login, $password, 'ldap');
- $_SESSION['user'] = $res['user'];
- if ($res['error'] == '') {
- \SrcCore\models\AuthenticationModel::setCookieAuth(['userId' => $login]);
+ if ($result) {
+ $_SESSION['error'] = '';
+ $res = $sec->login($login, $password, 'ldap');
+ $_SESSION['user'] = $res['user'];
+ if ($res['error'] == '') {
+ \SrcCore\models\AuthenticationModel::setCookieAuth(['userId' => $login]);
+ } else {
+ $_SESSION['error'] = $res['error'];
+ }
+ $core->load_menu($_SESSION['modules']);
+ header(
+ 'location: ' . $_SESSION['config']['businessappurl']
+ . $res['url']
+ );
+ exit();
} else {
- $_SESSION['error'] = $res['error'];
+ $_SESSION['error'] = _BAD_LOGIN_OR_PSW;
+ header(
+ 'location: ' . $_SESSION['config']['businessappurl']
+ . 'index.php?display=true&page=login'
+ );
+ continue;
}
- $core->load_menu($_SESSION['modules']);
- header(
- 'location: '.$_SESSION['config']['businessappurl']
- .$res['url']
- );
- exit();
} else {
$_SESSION['error'] = _BAD_LOGIN_OR_PSW;
header(
- 'location: '.$_SESSION['config']['businessappurl']
- .'index.php?display=true&page=login'
+ 'location: ' . $_SESSION['config']['businessappurl']
+ . 'index.php?display=true&page=login'
);
- exit;
+ continue;
}
- } else {
- $_SESSION['error'] = _BAD_LOGIN_OR_PSW;
- header(
- 'location: '.$_SESSION['config']['businessappurl']
- .'index.php?display=true&page=login'
- );
- exit;
}
} else {
$_SESSION['error'] = '';
diff --git a/modules/ldap/xml/config.xml.default b/modules/ldap/xml/config.xml.default
index 0f200e65ac7b9d50d543541e615b9f9eb5243986..8c49f5938bce9fc7e1e75d9e946bf521c7e38e0c 100755
--- a/modules/ldap/xml/config.xml.default
+++ b/modules/ldap/xml/config.xml.default
@@ -1,29 +1,31 @@
<?xml version="1.0" encoding="utf-8"?>
<root>
<config>
- <!-- Appel la class_<type_ldap> en fonction du type d'annuaire -->
- <type_ldap>adLDAP</type_ldap>
- <!-- Prefixe les group_id de letterbox par -->
- <group_prefix_ldap>LDAP</group_prefix_ldap>
- <!-- nom / ip du serveur ldap -->
- <domain>192.168.1.1</domain>
- <!-- prefixe les logins si saisi -->
- <prefix_login>MAARCH</prefix_login>
- <!-- suffix les logins si saisi -->
- <suffix_login>@maarch-les-bains.com</suffix_login>
- <!-- login admnistrateur du domaine -->
- <login_admin>Administrateur</login_admin>
- <!-- mot de passe administrateur annuaire ldap -->
- <pass>ThePassword</pass>
- <!-- cryptage de la communication ( true or false) -->
- <ssl>false</ssl>
- <!--Nombre de logs avant purge (si purge_log == 0 alors les logs ne sont jamais purges) -->
- <purge_log>1</purge_log>
- <!-- Import des users qui n'appartiennent a aucun groupe -->
- <lost_users>false</lost_users>
- <!-- Si LDAP est desactive alors le pass de chaque utilisateur est son login -->
- <pass_is_login>true</pass_is_login>
- <standardConnect>false</standardConnect>
+ <ldap>
+ <!-- Appel la class_<type_ldap> en fonction du type d'annuaire -->
+ <type_ldap>adLDAP</type_ldap>
+ <!-- Prefixe les group_id de letterbox par -->
+ <group_prefix_ldap>LDAP</group_prefix_ldap>
+ <!-- nom / ip du serveur ldap -->
+ <domain>192.168.1.1</domain>
+ <!-- prefixe les logins si saisi -->
+ <prefix_login>MAARCH</prefix_login>
+ <!-- suffix les logins si saisi -->
+ <suffix_login>@maarch-les-bains.com</suffix_login>
+ <!-- login admnistrateur du domaine -->
+ <login_admin>Administrateur</login_admin>
+ <!-- mot de passe administrateur annuaire ldap -->
+ <pass>ThePassword</pass>
+ <!-- cryptage de la communication ( true or false) -->
+ <ssl>false</ssl>
+ <!--Nombre de logs avant purge (si purge_log == 0 alors les logs ne sont jamais purges) -->
+ <purge_log>1</purge_log>
+ <!-- Import des users qui n'appartiennent a aucun groupe -->
+ <lost_users>false</lost_users>
+ <!-- Si LDAP est desactive alors le pass de chaque utilisateur est son login -->
+ <pass_is_login>true</pass_is_login>
+ <standardConnect>false</standardConnect>
+ </ldap>
</config>
<!-- Est utile uniquement pour la synchroniqation des donnees -->