WebSVN – ALCASAR – Diff – /web/acc/admin/ldap.php


<?php
# $Id: ldap.php 2475 2017-12-30 02:25:12Z tom.houdayer $
 
/* written by steweb57, Rexy & Tom HOUDAYER */
/****************************************************************
*			GLOBAL FILE PATHS			*
*****************************************************************/
define('CONF_FILE', '/usr/local/etc/alcasar.conf');
 
/****************************************************************
*			FILE reading test			*
*****************************************************************/
$conf_files = array(CONF_FILE);
foreach ($conf_files as $file) {
	if (!file_exists($file)) {
		exit("Fichier $file non présent");
	}
	if (!is_readable($file)) {
		exit("Vous n'avez pas les droits de lecture sur le fichier $file");
	}
}
 
/****************************************************************
*			Read CONF_FILE				*
*****************************************************************/
$file_conf = fopen(CONF_FILE, 'r');
if (!$file_conf) {
	exit('Error opening the file '.CONF_FILE);
}
while (!feof($file_conf)) {
	$buffer = fgets($file_conf, 4096);
	if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
		$tmp = explode('=', $buffer, 2);
		$conf[trim($tmp[0])] = trim($tmp[1]);
	}
}
fclose($file_conf);
 
/****************************************************************
*			Choice of language			*
*****************************************************************/
$Language = 'en';
if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
	$Langue	  = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
	$Language = strtolower(substr(chop($Langue[0]), 0, 2));
}
if ($Language === 'fr') {		// French
	$l_ldap_update			= "Mise à jour des paramètres LDAP effectuée";
	$l_ldap_title			= "Authentification externe : LDAP";
	$l_ldap_legend			= "Authentification LDAP";
	$l_ldap_auth_enable_label	= "Éditer la configuration LDAP:";
	$l_ldap_YES			= "OUI";
	$l_ldap_NO			= "NON";
	$l_ldap_server_label		= "Serveur LDAP:";
	$l_ldap_server_text		= "Adresse IP du serveur";
	$l_ldap_base_dn_label		= "DN de la base:";
	$l_ldap_base_dn_text		= "Le DN (Distinguished Name) définit où se situent les informations des utilisateurs dans l'annuaire.<br> - Exemple LDAP: 'o=mycompany, c=FR'.<br> - Exemple AD 'cn=Users,dc=server_name,dc=localdomain'";
	$l_ldap_uid_label		= "Identifiant d'utilisateur (UID):";
	$l_ldap_uid_text		= "Clé utilisée pour rechercher un identifiant de connexion.<br> - Exemple LDAP: 'uid', 'sn', etc.<br> - Pour A.D. mettre 'sAMAccountName'.";
	$l_ldap_base_filter_label	= "Filtre de recherche des utilisateurs (optionnel):";
	$l_ldap_base_filter_text	= "Vous pouvez limiter les objets recherchés avec des filtres additionnels.<br> Exemple 'objectClass=posixGroup' ajouterait le filtre '(&amp;(uid=username)(objectClass=posixGroup))'";
	$l_ldap_user_label		= "CN de l'utilisateur exploité par ALCASAR:";
	$l_ldap_user_text		= "CN=Common Name. Laissez vide pour utiliser un accès invité (ou anonyme). Obligatoire sur un AD.<br> - Exemple LDAP : 'uid=username,ou=my_lan,o=mycompany,c=FR'.<br> - Exemple AD : 'username' ou 'cn=username,cn=Users,dc=server_name,dc=localdomain'";
	$l_ldap_password_label		= "Mot de passe:";
	$l_ldap_password_text		= "Laissez vide pour un accès invité (ou anonyme). Obligatoire sur un AD.";
	$l_ldap_submit			= "Enregistrer";
	$l_ldap_test_service_failed	= "Service LDAP injoignable sur ce serveur (vérifiez l'@IP).";
	$l_ldap_test_service_ok		= "Un port 389 est actif sur ce serveur";
	$l_ldap_test_connection_failed	= "Connexion LDAP impossible (vérifiez le service LDAP sur ce serveur)";
	$l_ldap_test_connection_ok	= "Une connexion LDAP a été établie";
	$l_ldap_test_bind_failed	= "Echec d'authentification (vérifiez l'utilisateur et le mot de passe)";
	$l_ldap_test_bind_ok		= "L'authentification a réussie";
	$l_ldap_test_dn_failed		= "Le DN de la base semble incorrect (vérifiez le)";
	$l_ldap_test_dn_ok		= "Le DN de la base semble correct";
	$l_ldap_error			= "erreur LDAP";
	$l_ldap_entries			= "entrées dans la base";
	$l_check			= "Vérifier cette configuration";
	$l_checkingConf			= "Vérification de cette configuration...";
} else {				// English
	$l_ldap_update			= "LDAP settings updated";
	$l_ldap_title			= "External authentication : LDAP";
	$l_ldap_legend			= "LDAP authentication";
	$l_ldap_auth_enable_label	= "Edit the LDAP configuration :";
	$l_ldap_YES			= "YES";
	$l_ldap_NO			= "NO";
	$l_ldap_server_label		= "LDAP server :";
	$l_ldap_server_text		= "IP address of the LDAP server.";
	$l_ldap_base_dn_label		= "DN of the base:";
	$l_ldap_base_dn_text		= "The DN (Distinguished Name) is used to locate the users information in the directory.<br> e.g. LDAP : 'o=MyCompany,c=US'.<br> e.g. AD : 'cn=Users,dc=server_name,dc=localdomain'";
	$l_ldap_uid_label		= "User IDentifier (UID):";
	$l_ldap_uid_text		= "Key used to search for a given login identity.<br>e.g. 'uid', 'sn', etc.. For AD use 'sAMAccountName'.";
	$l_ldap_base_filter_label	= "User search filter (optional):";
	$l_ldap_base_filter_text	= "You can further limit the searched objects with additional filters.<br> For example 'objectClass=posixGroup' would result in the use of '(&amp;(uid=username)(objectClass=posixGroup))'";
	$l_ldap_user_label		= "CN of the user operated by ALCASAR:";
	$l_ldap_user_text		= "CN=Common Name. Leave blank to use anonymous binding. Mandatory for AD.<br> e.g. LDAP :'uid=Username,ou=my_lan,o=mycompany,c=US'.<br> e.g. AD : 'username' or 'cn=username,cn=Users,dc=server_name,dc=localdomain'";
	$l_ldap_password_label		= "Password:";
	$l_ldap_password_text		= "Leave blank to use anonymous binding. Mandatory for AD.";
	$l_ldap_submit			= "Save";
	$l_ldap_test_service_failed	= "LDAP service is not reachable on that server (check IP)";
	$l_ldap_test_service_ok		= "A port 389 is open on this server";
	$l_ldap_test_connection_failed	= "LDAP connexion failed (check the LDAP service on this server)";
	$l_ldap_test_connection_ok	= "A LDAP connexion is established";
	$l_ldap_test_bind_failed	= "LDAP authentication failed (check the LDAP user and password)";
	$l_ldap_test_bind_ok		= "Successful authentication";
	$l_ldap_test_dn_failed		= "DN of the base seems to be wrong (check it)";
	$l_ldap_test_dn_ok		= "DN of the base seems to be ok";
	$l_ldap_error			= "LDAP error";
	$l_ldap_entries			= "entries in the base";
	$l_check			= "Check this config";
	$l_checkingConf			= "Checking this configuration...";
}
 
 
function ldap_checkServerConfig($f_ldap_server, $f_ldap_identity, $f_ldap_password, $f_ldap_basedn, $f_ldap_uid, $f_ldap_port = 389) {
	// Socket to the LDAP port of the server
	if (!$sock = @fsockopen($f_ldap_server, $f_ldap_port, $num, $error, 2)) {
		// no network connection
		return -2;
	}
	fclose($sock);
 
	// if ok, Test LDAP connection
	$ldapconn = ldap_connect($f_ldap_server, $f_ldap_port);
	ldap_set_option($ldapconn, LDAP_OPT_TIMELIMIT, 2);
	if (!$ldapconn) {
		// LDAP connection failed
		return -1;
	}
 
	// if ok, test a ldap-bind with the user used by ALCASAR
	$ldapbind = ldap_bind($ldapconn, $f_ldap_identity, $f_ldap_password);
	if (!$ldapbind) {
		// Test LDAP Version 3
		ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
		$ldapbind = ldap_bind($ldapconn, $f_ldap_identity, $f_ldap_password);
		if (!$ldapbind) {
			// LDAP Bind failed
			return 0;
		}
	}
 
	// if ok, try to query the directory of users
	$query = $f_ldap_uid."=*";
	$ldap_result = ldap_search($ldapconn, $f_ldap_basedn, $query);
	if (ldap_search($ldapconn, $f_ldap_basedn, $query)) {
		$ldap_users_count = ldap_count_entries($ldapconn, $ldap_result);
		return ($ldap_users_count + 2);
	} else {
		return 1;
	}
	ldap_unbind($ldapconn);
}
 
$messages = '';
 
if (isset($_POST['auth_enable'])) {
	if ($_POST['auth_enable'] === '1') {
		$varErrors = [];
		if (isset($_POST['ldap_server']))      $ldap_server      = $_POST['ldap_server'];      else array_push($varErrors, 'Variable error "ldap_server"');
		if (isset($_POST['ldap_base_dn']))     $ldap_base_dn     = $_POST['ldap_base_dn'];     else array_push($varErrors, 'Variable error "ldap_base_dn"');
		if (isset($_POST['ldap_uid']))         $ldap_uid         = $_POST['ldap_uid'];         else array_push($varErrors, 'Variable error "ldap_uid"');
		if (isset($_POST['ldap_base_filter'])) $ldap_base_filter = $_POST['ldap_base_filter']; else array_push($varErrors, 'Variable error "ldap_base_filter"');
		if (isset($_POST['ldap_user']))        $ldap_user        = $_POST['ldap_user'];        else array_push($varErrors, 'Variable error "ldap_user"');
		if (isset($_POST['ldap_password']))    $ldap_password    = $_POST['ldap_password'];    else array_push($varErrors, 'Variable error "ldap_password"');
 
		// Validation
		if (isset($ldap_server)) {
			if ((!preg_match('/^([0-9]{1,3}\.){3}([0-9]{1,3})$/', $ldap_server)) && (preg_match('/^[a-zA-Z0-9-_.]+$/', $ldap_server))) {
				$ldap_server = gethostbyname($ldap_server);
			}
			if (!preg_match('/^([0-9]{1,3}\.){3}([0-9]{1,3})$/', $ldap_server)) {
				array_push($varErrors, 'Invalid LDAP server IP');
			}
		}
 
		if (!empty($varErrors)) { 
			foreach ($varErrors as $error) {
				$messages .= '<span style="font-weight: bold; color: red;">'.$error.'</span><br>';
			}
		} else {
			exec('sed -i '.escapeshellarg("s/^LDAP_SERVER=.*/LDAP_SERVER=$ldap_server/g").' '.CONF_FILE);
			exec('sed -i '.escapeshellarg("s/^LDAP_BASE=.*/LDAP_BASE=$ldap_base_dn/g").' '.CONF_FILE);
			exec('sed -i '.escapeshellarg("s/^LDAP_UID=.*/LDAP_UID=$ldap_uid/g").' '.CONF_FILE);
			exec('sed -i '.escapeshellarg("s/^LDAP_FILTER=.*/LDAP_FILTER=$ldap_base_filter/g").' '.CONF_FILE);
			exec('sed -i '.escapeshellarg("s/^LDAP_USER=.*/LDAP_USER=$ldap_user/g").' '.CONF_FILE);
			exec('sed -i '.escapeshellarg("s/^LDAP_PASSWORD=.*/LDAP_PASSWORD=$ldap_password/g").' '.CONF_FILE);
			exec('sed -i \'s/^LDAP=.*/LDAP=on/g\' '.CONF_FILE);
			exec('sudo /usr/local/bin/alcasar-ldap.sh --on');
			$messages .= '<span style="font-weight: bold; color: green;">'.$l_ldap_update.'</span><br>';
		}
	} else {
		exec('sed -i "s/^LDAP=.*/LDAP=off/g" '.CONF_FILE);
		exec('sudo /usr/local/bin/alcasar-ldap.sh --off');
		$messages .= '<span style="font-weight: bold; color: green;">'.$l_ldap_update.'</span><br>';
	}
 
	// Reload configuration
	$file_conf = fopen(CONF_FILE, 'r');
	if (!$file_conf) {
		exit('Error opening the file '.CONF_FILE);
	}
	while (!feof($file_conf)) {
		$buffer = fgets($file_conf, 4096);
		if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
			$tmp = explode('=', $buffer, 2);
			$conf[trim($tmp[0])] = trim($tmp[1]);
		}
	}
	fclose($file_conf);
}
 
// LDAP configuration params
$ldap_status      = ($conf['LDAP'] === 'on');
$ldap_server      = $conf['LDAP_SERVER'];
$ldap_user        = $conf['LDAP_USER'];
$ldap_password    = $conf['LDAP_PASSWORD'];
$ldap_base_dn     = $conf['LDAP_BASE'];
$ldap_uid	  = $conf['LDAP_UID'];
$ldap_base_filter = $conf['LDAP_FILTER'];
 
 
 
 
 
 
 
 
 
 
 
 
 
 
// AJAX LDAP configuration checker
if (isset($_GET['conf_check'])) {
	$response = [
		'enable' => $ldap_status
	];
	if ($ldap_status || ($_SERVER['REQUEST_METHOD'] === 'POST')) {
		$varErrors = [];
		if ($_SERVER['REQUEST_METHOD'] === 'POST') {
			if (isset($_POST['ldap_server']))      $ldap_server      = $_POST['ldap_server'];      else array_push($varErrors, 'Variable error "ldap_server"');		// TODO: need to translate
			if (isset($_POST['ldap_base_dn']))     $ldap_base_dn     = $_POST['ldap_base_dn'];     else array_push($varErrors, 'Variable error "ldap_base_dn"');		// TODO: need to translate
			if (isset($_POST['ldap_uid']))         $ldap_uid         = $_POST['ldap_uid'];         else array_push($varErrors, 'Variable error "ldap_uid"');		// TODO: need to translate
			if (isset($_POST['ldap_base_filter'])) $ldap_base_filter = $_POST['ldap_base_filter']; else array_push($varErrors, 'Variable error "ldap_base_filter"');	// TODO: need to translate
			if (isset($_POST['ldap_user']))        $ldap_user        = $_POST['ldap_user'];        else array_push($varErrors, 'Variable error "ldap_user"');		// TODO: need to translate
			if (isset($_POST['ldap_password']))    $ldap_password    = $_POST['ldap_password'];    else array_push($varErrors, 'Variable error "ldap_password"');		// TODO: need to translate
		}
 
		// Validation
		if (isset($ldap_server)) {
			if ((!preg_match('/^([0-9]{1,3}\.){3}([0-9]{1,3})$/', $ldap_server)) && (preg_match('/^[a-zA-Z0-9-_.]+$/', $ldap_server))) {
				$ldap_server = gethostbyname($ldap_server);
			}
			if (!preg_match('/^([0-9]{1,3}\.){3}([0-9]{1,3})$/', $ldap_server)) {
				array_push($varErrors, 'Invalid LDAP server IP');	// TODO: need to translate
			}
		}
 
		if (!empty($varErrors)) {
			$response['errors'] = $varErrors;
		} else {
			$response['result'] = ldap_checkServerConfig($ldap_server, $ldap_user, $ldap_password, $ldap_base_dn, $ldap_uid);
		}
	}
 
	header('Content-Type: application/json');
	echo json_encode($response);
	exit();
}
 
?>
<!DOCTYPE html>
<html>
<head>
	<meta charset="UTF-8">
	<title><?= $l_ldap_title ?></title>
	<link type="text/css" href="/css/style.css" rel="stylesheet">
	<link type="text/css" href="/css/acc.css" rel="stylesheet">
	<link type="text/css" href="/css/ldap.css" rel="stylesheet">
	<script>
	function onLdapStatusChange() {
		var listToDisables = ['ldap_server', 'ldap_dn', 'ldap_uid', 'ldap_base_filter', 'ldap_user', 'ldap_password'];
		var formSubmit = document.querySelector('form input[type="submit"]');
		var btn_checkConf = document.getElementById('btn-checkconf');
		var isChecked = false;
 
		if (document.getElementById('auth_enable').value === '1') {
			for (var i=0; i<listToDisables.length; i++) {
				document.getElementById(listToDisables[i]).style.backgroundColor = '#ffffff';
				document.getElementById(listToDisables[i]).disabled = false;
			}
			formSubmit.style.display = 'none';
			btn_checkConf.style.display = null;
		} else {
			for (var i=0; i<listToDisables.length; i++) {
				document.getElementById(listToDisables[i]).style.backgroundColor = '#c0c0c0';
				document.getElementById(listToDisables[i]).disabled = true;
			}
			formSubmit.style.display = null;
			btn_checkConf.style.display = 'none';
		}
	}
 
	function checkConfig() {
		var messagesElem = document.querySelector('fieldset > legend > div');
		var formSubmit   = document.querySelector('form input[type="submit"]');
		var btn_checkConf = document.getElementById('btn-checkconf');
 
		var ldap_config = {
			ldap_status:     (document.getElementById('auth_enable').value === '1'),
			ldap_server:      document.getElementById('ldap_server').value,
			ldap_user:        document.getElementById('ldap_user').value,
			ldap_password:    document.getElementById('ldap_password').value,
			ldap_base_dn:     document.getElementById('ldap_dn').value,
			ldap_uid:         document.getElementById('ldap_uid').value,
			ldap_base_filter: document.getElementById('ldap_base_filter').value
		};
 
		// Format HTTP POST data
		var post_data = Object.keys(ldap_config).map( function (k) { return encodeURIComponent(k) + '=' + encodeURIComponent(ldap_config[k]) } ).join('&');
 
		messagesElem.innerHTML = '<?= $l_checkingConf ?>';
 
		var xhr = new XMLHttpRequest();
		xhr.onreadystatechange = function() {
			if (this.readyState == 4) {
				if (this.status == 200) {
					var data = JSON.parse(this.responseText);
 
					var messages = '';
 
					if (typeof data.result !== 'undefined') {
						if (data.result === -2) {
							messages += "<span style=\"color: red\"><?= $l_ldap_test_service_failed ?></span>";
						} else {
							messages += "<span style=\"color: green\"><?= $l_ldap_test_service_ok ?></span>";
							if (data.result === -1) {
								messages += "<br><span style=\"color: red\"><?= $l_ldap_test_connection_failed ?></span>";
							} else {
								messages += "<br><span style=\"color: green\"><?= $l_ldap_test_connection_ok ?></span>";
								if (data.result === 0) {
									messages += "<br><span style=\"color: red\"><?= $l_ldap_test_bind_failed ?></span>";
								} else {
									messages += "<br><span style=\"color: green\"><?= $l_ldap_test_bind_ok ?></span>";
									if (data.result === 1) {
										messages += "<br><span style=\"color: red\"><?= $l_ldap_test_dn_failed ?></span>";
									} else {
										messages += "<br><span style=\"color: green\"><?= $l_ldap_test_dn_ok ?> (" + (data.result - 2) + " <?= $l_ldap_entries?>)</span>";
									}
								}
							}
						}
					}
 
					if (data.result > 1) {
						formSubmit.style.display = null;
						btn_checkConf.style.display = 'none';
					} else {
						formSubmit.style.display = 'none';
						btn_checkConf.style.display = null;
					}
 
					if (typeof data.errors !== 'undefined') {
						messages = '<span style=\"color: red\">' + data.errors.join('</span><br><span style=\"color: red\">') + '</span><br>';
					}
 
					messagesElem.innerHTML = messages;
				} else {
					messagesElem.innerHTML = 'server error';
				}
			}
		};
		xhr.open('POST', 'ldap.php?conf_check', true);
		xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
		xhr.send(post_data);
	}
	</script>
</head>
<body onLoad="onLdapStatusChange();">
	<div class="panel">
		<div class="panel-header"><?= $l_ldap_legend ?></div>
		<div class="panel-body">
			<form name="config_ldap" method="POST" action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>">
				<fieldset>
					<legend>
						<br>
						<div style="text-align: center">
							<?php if ($messages): ?>
								<?= $messages ?>
							<?php endif; ?>
						</div>
					</legend>
					<dl>
						<dt>
							<label for="auth_enable"><?= $l_ldap_auth_enable_label ?></label>
						</dt>
						<dd>
							<select id="auth_enable" name="auth_enable" onchange="onLdapStatusChange();">
								<option value="1"<?= ($ldap_status)  ? ' selected="selected"' : '' ?>><?= $l_ldap_YES ?></option>
								<option value="0"<?= (!$ldap_status) ? ' selected="selected"' : '' ?>><?= $l_ldap_NO ?></option>
							</select>
						</dd>
					</dl>
					<dl>
						<dt>
							<label for="ldap_server"><?= $l_ldap_server_label ?></label><br>
							<?= $l_ldap_server_text ?>
						</dt>
						<dd>
							<input type="text" id="ldap_server" size="40" name="ldap_server" value="<?= htmlspecialchars($ldap_server) ?>" oninput="onLdapStatusChange();">
						</dd>
					</dl>
					<dl>
						<dt>
							<label for="ldap_dn"><?= $l_ldap_base_dn_label ?></label><br>
							<?= $l_ldap_base_dn_text ?>
						</dt>
						<dd>
							<input type="text" id="ldap_dn" size="40" name="ldap_base_dn" value="<?= htmlspecialchars($ldap_base_dn) ?>" oninput="onLdapStatusChange();">
						</dd>
					</dl>
					<dl>
						<dt>
							<label for="ldap_uid"><?= $l_ldap_uid_label ?></label><br>
							<?= $l_ldap_uid_text ?>
						</dt>
						<dd>
							<input type="text" id="ldap_uid" size="40" name="ldap_uid" value="<?= htmlspecialchars($ldap_uid) ?>" oninput="onLdapStatusChange();">
						</dd>
					</dl>
					<dl>
						<dt>
							<label for="ldap_base_filter"><?= $l_ldap_base_filter_label ?></label><br>
							<?= $l_ldap_base_filter_text ?>
						</dt>
						<dd>
							<input type="text" id="ldap_base_filter" size="40" name="ldap_base_filter" value="<?= htmlspecialchars($ldap_base_filter) ?>" oninput="onLdapStatusChange();">
						</dd>
					</dl>
					<dl>
						<dt>
							<label for="ldap_user"><?= $l_ldap_user_label ?></label><br>
							<?= $l_ldap_user_text ?>
						</dt>
						<dd>
							<input type="text" id="ldap_user" size="40" name="ldap_user" value="<?= htmlspecialchars($ldap_user) ?>" oninput="onLdapStatusChange();">
						</dd>
					</dl>
					<dl>
						<dt>
							<label for="ldap_password"><?= $l_ldap_password_label ?></label><br>
							<?= $l_ldap_password_text ?>
						</dt>
						<dd>
							<input type="text" id="ldap_password" type="password" size="40" name="ldap_password" value="<?= htmlspecialchars($ldap_password) ?>" oninput="onLdapStatusChange();">
						</dd>
					</dl>
					<p>
						<button id="btn-checkconf" onclick="checkConfig(); return false;"><?= $l_check ?></button>
						<input id="submit" type="submit" value="<?= $l_ldap_submit ?>" name="submit">
					</p>
				</fieldset>
			</form>
		</div>
	</div>
</body>
</html>
 

Rev 2465	Rev 2475
1	`<?php`	1	`<?php`
2	`# $Id: ldap.php 2465 2017-12-17 23:00:14Z richard $`	2	`# $Id: ldap.php 2475 2017-12-30 02:25:12Z tom.houdayer $`
3		3
4	`/* written by steweb57, Rexy & Tom HOUDAYER */`	4	`/* written by steweb57, Rexy & Tom HOUDAYER */`
5	`/****************************************************************`	5	`/****************************************************************`
6	`* GLOBAL FILE PATHS *`	6	`* GLOBAL FILE PATHS *`
7	`*****************************************************************/`	7	`*****************************************************************/`
8	`define('CONF_FILE', '/usr/local/etc/alcasar.conf');`	8	`define('CONF_FILE', '/usr/local/etc/alcasar.conf');`
9		9
10	`/****************************************************************`	10	`/****************************************************************`
11	`* FILE reading test *`	11	`* FILE reading test *`
12	`*****************************************************************/`	12	`*****************************************************************/`
13	`$conf_files = array(CONF_FILE);`	13	`$conf_files = array(CONF_FILE);`
14	`foreach ($conf_files as $file) {`	14	`foreach ($conf_files as $file) {`
15	`if (!file_exists($file)) {`	15	`if (!file_exists($file)) {`
16	`exit("Fichier $file non présent");`	16	`exit("Fichier $file non présent");`
17	`}`	17	`}`
18	`if (!is_readable($file)) {`	18	`if (!is_readable($file)) {`
19	`exit("Vous n'avez pas les droits de lecture sur le fichier $file");`	19	`exit("Vous n'avez pas les droits de lecture sur le fichier $file");`
20	`}`	20	`}`
21	`}`	21	`}`
22		22
23	`/****************************************************************`	23	`/****************************************************************`
24	`* Read CONF_FILE *`	24	`* Read CONF_FILE *`
25	`*****************************************************************/`	25	`*****************************************************************/`
26	`$file_conf = fopen(CONF_FILE, 'r');`	26	`$file_conf = fopen(CONF_FILE, 'r');`
27	`if (!$file_conf) {`	27	`if (!$file_conf) {`
28	`exit('Error opening the file '.CONF_FILE);`	28	`exit('Error opening the file '.CONF_FILE);`
29	`}`	29	`}`
30	`while (!feof($file_conf)) {`	30	`while (!feof($file_conf)) {`
31	`$buffer = fgets($file_conf, 4096);`	31	`$buffer = fgets($file_conf, 4096);`
32	`if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {`	32	`if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {`
33	`$tmp = explode('=', $buffer, 2);`	33	`$tmp = explode('=', $buffer, 2);`
34	`$conf[trim($tmp[0])] = trim($tmp[1]);`	34	`$conf[trim($tmp[0])] = trim($tmp[1]);`
35	`}`	35	`}`
36	`}`	36	`}`
37	`fclose($file_conf);`	37	`fclose($file_conf);`
38		38
39	`/****************************************************************`	39	`/****************************************************************`
40	`* Choice of language *`	40	`* Choice of language *`
41	`*****************************************************************/`	41	`*****************************************************************/`
42	`$Language = 'en';`	42	`$Language = 'en';`
43	`if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {`	43	`if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {`
44	`$Langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);`	44	`$Langue = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);`
45	`$Language = strtolower(substr(chop($Langue[0]), 0, 2));`	45	`$Language = strtolower(substr(chop($Langue[0]), 0, 2));`
46	`}`	46	`}`
47	`if ($Language === 'fr') { // French`	47	`if ($Language === 'fr') { // French`
48	`$l_ldap_update = "Mise à jour des paramètres LDAP effectuée";`	48	`$l_ldap_update = "Mise à jour des paramètres LDAP effectuée";`
49	`$l_ldap_title = "Authentification externe : LDAP";`	49	`$l_ldap_title = "Authentification externe : LDAP";`
50	`$l_ldap_legend = "Authentification LDAP";`	50	`$l_ldap_legend = "Authentification LDAP";`
51	`$l_ldap_auth_enable_label = "Éditer la configuration LDAP:";`	51	`$l_ldap_auth_enable_label = "Éditer la configuration LDAP:";`
52	`$l_ldap_YES = "OUI";`	52	`$l_ldap_YES = "OUI";`
53	`$l_ldap_NO = "NON";`	53	`$l_ldap_NO = "NON";`
54	`$l_ldap_server_label = "Serveur LDAP:";`	54	`$l_ldap_server_label = "Serveur LDAP:";`
55	`$l_ldap_server_text = "Adresse IP du serveur";`	55	`$l_ldap_server_text = "Adresse IP du serveur";`
56	`$l_ldap_base_dn_label = "DN de la base:";`	56	`$l_ldap_base_dn_label = "DN de la base:";`
57	`$l_ldap_base_dn_text = "Le DN (Distinguished Name) définit où se situent les informations des utilisateurs dans l'annuaire.<br> - Exemple LDAP: 'o=mycompany, c=FR'.<br> - Exemple AD 'cn=Users,dc=server_name,dc=localdomain'";`	57	`$l_ldap_base_dn_text = "Le DN (Distinguished Name) définit où se situent les informations des utilisateurs dans l'annuaire.<br> - Exemple LDAP: 'o=mycompany, c=FR'.<br> - Exemple AD 'cn=Users,dc=server_name,dc=localdomain'";`
58	`$l_ldap_uid_label = "Identifiant d'utilisateur (UID):";`	58	`$l_ldap_uid_label = "Identifiant d'utilisateur (UID):";`
59	`$l_ldap_uid_text = "Clé utilisée pour rechercher un identifiant de connexion.<br> - Exemple LDAP: 'uid', 'sn', etc.<br> - Pour A.D. mettre 'sAMAccountName'.";`	59	`$l_ldap_uid_text = "Clé utilisée pour rechercher un identifiant de connexion.<br> - Exemple LDAP: 'uid', 'sn', etc.<br> - Pour A.D. mettre 'sAMAccountName'.";`
60	`$l_ldap_base_filter_label = "Filtre de recherche des utilisateurs (optionnel):";`	60	`$l_ldap_base_filter_label = "Filtre de recherche des utilisateurs (optionnel):";`
61	`$l_ldap_base_filter_text = "Vous pouvez limiter les objets recherchés avec des filtres additionnels.<br> Exemple 'objectClass=posixGroup' ajouterait le filtre '(&(uid=username)(objectClass=posixGroup))'";`	61	`$l_ldap_base_filter_text = "Vous pouvez limiter les objets recherchés avec des filtres additionnels.<br> Exemple 'objectClass=posixGroup' ajouterait le filtre '(&(uid=username)(objectClass=posixGroup))'";`
62	`$l_ldap_user_label = "CN de l'utilisateur exploité par ALCASAR:";`	62	`$l_ldap_user_label = "CN de l'utilisateur exploité par ALCASAR:";`
63	`$l_ldap_user_text = "CN=Common Name. Laissez vide pour utiliser un accès invité (ou anonyme). Obligatoire sur un AD.<br> - Exemple LDAP : 'uid=username,ou=my_lan,o=mycompany,c=FR'.<br> - Exemple AD : 'username' ou 'cn=username,cn=Users,dc=server_name,dc=localdomain'";`	63	`$l_ldap_user_text = "CN=Common Name. Laissez vide pour utiliser un accès invité (ou anonyme). Obligatoire sur un AD.<br> - Exemple LDAP : 'uid=username,ou=my_lan,o=mycompany,c=FR'.<br> - Exemple AD : 'username' ou 'cn=username,cn=Users,dc=server_name,dc=localdomain'";`
64	`$l_ldap_password_label = "Mot de passe:";`	64	`$l_ldap_password_label = "Mot de passe:";`
65	`$l_ldap_password_text = "Laissez vide pour un accès invité (ou anonyme). Obligatoire sur un AD.";`	65	`$l_ldap_password_text = "Laissez vide pour un accès invité (ou anonyme). Obligatoire sur un AD.";`
66	`$l_ldap_submit = "Enregistrer";`	66	`$l_ldap_submit = "Enregistrer";`
67	`$l_ldap_test_service_failed = "Service LDAP injoignable sur ce serveur (vérifiez l'@IP).";`	67	`$l_ldap_test_service_failed = "Service LDAP injoignable sur ce serveur (vérifiez l'@IP).";`
68	`$l_ldap_test_service_ok = "Un port 389 est actif sur ce serveur";`	68	`$l_ldap_test_service_ok = "Un port 389 est actif sur ce serveur";`
69	`$l_ldap_test_connection_failed = "Connexion LDAP impossible (vérifiez le service LDAP sur ce serveur)";`	69	`$l_ldap_test_connection_failed = "Connexion LDAP impossible (vérifiez le service LDAP sur ce serveur)";`
70	`$l_ldap_test_connection_ok = "Une connexion LDAP a été établie";`	70	`$l_ldap_test_connection_ok = "Une connexion LDAP a été établie";`
71	`$l_ldap_test_bind_failed = "Echec d'authentification (vérifiez l'utilisateur et le mot de passe)";`	71	`$l_ldap_test_bind_failed = "Echec d'authentification (vérifiez l'utilisateur et le mot de passe)";`
72	`$l_ldap_test_bind_ok = "L'authentification a réussie";`	72	`$l_ldap_test_bind_ok = "L'authentification a réussie";`
73	`$l_ldap_test_dn_failed = "Le DN de la base semble incorrect (vérifiez le)";`	73	`$l_ldap_test_dn_failed = "Le DN de la base semble incorrect (vérifiez le)";`
74	`$l_ldap_test_dn_ok = "Le DN de la base semble correct";`	74	`$l_ldap_test_dn_ok = "Le DN de la base semble correct";`
75	`$l_ldap_error = "erreur LDAP";`	75	`$l_ldap_error = "erreur LDAP";`
76	`$l_ldap_entries = "entrées dans la base";`	76	`$l_ldap_entries = "entrées dans la base";`
77	`$l_check = "Vérifier cette configuration";`	77	`$l_check = "Vérifier cette configuration";`
-		78	`$l_checkingConf = "Vérification de cette configuration...";`
78	`} else { // English`	79	`} else { // English`
79	`$l_ldap_update = "LDAP settings updated";`	80	`$l_ldap_update = "LDAP settings updated";`
80	`$l_ldap_title = "External authentication : LDAP";`	81	`$l_ldap_title = "External authentication : LDAP";`
81	`$l_ldap_legend = "LDAP authentication";`	82	`$l_ldap_legend = "LDAP authentication";`
82	`$l_ldap_auth_enable_label = "Edit the LDAP configuration :";`	83	`$l_ldap_auth_enable_label = "Edit the LDAP configuration :";`
83	`$l_ldap_YES = "YES";`	84	`$l_ldap_YES = "YES";`
84	`$l_ldap_NO = "NO";`	85	`$l_ldap_NO = "NO";`
85	`$l_ldap_server_label = "LDAP server :";`	86	`$l_ldap_server_label = "LDAP server :";`
86	`$l_ldap_server_text = "IP address of the LDAP server.";`	87	`$l_ldap_server_text = "IP address of the LDAP server.";`
87	`$l_ldap_base_dn_label = "DN of the base:";`	88	`$l_ldap_base_dn_label = "DN of the base:";`
88	`$l_ldap_base_dn_text = "The DN (Distinguished Name) is used to locate the users information in the directory.<br> e.g. LDAP : 'o=MyCompany,c=US'.<br> e.g. AD : 'cn=Users,dc=server_name,dc=localdomain'";`	89	`$l_ldap_base_dn_text = "The DN (Distinguished Name) is used to locate the users information in the directory.<br> e.g. LDAP : 'o=MyCompany,c=US'.<br> e.g. AD : 'cn=Users,dc=server_name,dc=localdomain'";`
89	`$l_ldap_uid_label = "User IDentifier (UID):";`	90	`$l_ldap_uid_label = "User IDentifier (UID):";`
90	`$l_ldap_uid_text = "Key used to search for a given login identity.<br>e.g. 'uid', 'sn', etc.. For AD use 'sAMAccountName'.";`	91	`$l_ldap_uid_text = "Key used to search for a given login identity.<br>e.g. 'uid', 'sn', etc.. For AD use 'sAMAccountName'.";`
91	`$l_ldap_base_filter_label = "User search filter (optional):";`	92	`$l_ldap_base_filter_label = "User search filter (optional):";`
92	`$l_ldap_base_filter_text = "You can further limit the searched objects with additional filters.<br> For example 'objectClass=posixGroup' would result in the use of '(&(uid=username)(objectClass=posixGroup))'";`	93	`$l_ldap_base_filter_text = "You can further limit the searched objects with additional filters.<br> For example 'objectClass=posixGroup' would result in the use of '(&(uid=username)(objectClass=posixGroup))'";`
93	`$l_ldap_user_label = "CN of the user operated by ALCASAR:";`	94	`$l_ldap_user_label = "CN of the user operated by ALCASAR:";`
94	`$l_ldap_user_text = "CN=Common Name. Leave blank to use anonymous binding. Mandatory for AD.<br> e.g. LDAP :'uid=Username,ou=my_lan,o=mycompany,c=US'.<br> e.g. AD : 'username' or 'cn=username,cn=Users,dc=server_name,dc=localdomain'";`	95	`$l_ldap_user_text = "CN=Common Name. Leave blank to use anonymous binding. Mandatory for AD.<br> e.g. LDAP :'uid=Username,ou=my_lan,o=mycompany,c=US'.<br> e.g. AD : 'username' or 'cn=username,cn=Users,dc=server_name,dc=localdomain'";`
95	`$l_ldap_password_label = "Password:";`	96	`$l_ldap_password_label = "Password:";`
96	`$l_ldap_password_text = "Leave blank to use anonymous binding. Mandatory for AD.";`	97	`$l_ldap_password_text = "Leave blank to use anonymous binding. Mandatory for AD.";`
97	`$l_ldap_submit = "Save";`	98	`$l_ldap_submit = "Save";`
98	`$l_ldap_test_service_failed = "LDAP service is not reachable on that server (check IP)";`	99	`$l_ldap_test_service_failed = "LDAP service is not reachable on that server (check IP)";`
99	`$l_ldap_test_service_ok = "A port 389 is open on this server";`	100	`$l_ldap_test_service_ok = "A port 389 is open on this server";`
100	`$l_ldap_test_connection_failed = "LDAP connexion failed (check the LDAP service on this server)";`	101	`$l_ldap_test_connection_failed = "LDAP connexion failed (check the LDAP service on this server)";`
101	`$l_ldap_test_connection_ok = "A LDAP connexion is established";`	102	`$l_ldap_test_connection_ok = "A LDAP connexion is established";`
102	`$l_ldap_test_bind_failed = "LDAP authentication failed (check the LDAP user and password)";`	103	`$l_ldap_test_bind_failed = "LDAP authentication failed (check the LDAP user and password)";`
103	`$l_ldap_test_bind_ok = "Successful authentication";`	104	`$l_ldap_test_bind_ok = "Successful authentication";`
104	`$l_ldap_test_dn_failed = "DN of the base seems to be wrong (check it)";`	105	`$l_ldap_test_dn_failed = "DN of the base seems to be wrong (check it)";`
105	`$l_ldap_test_dn_ok = "DN of the base seems to be ok";`	106	`$l_ldap_test_dn_ok = "DN of the base seems to be ok";`
106	`$l_ldap_error = "LDAP error";`	107	`$l_ldap_error = "LDAP error";`
107	`$l_ldap_entries = "entries in the base";`	108	`$l_ldap_entries = "entries in the base";`
108	`$l_check = "Check this config";`	109	`$l_check = "Check this config";`
-		110	`$l_checkingConf = "Checking this configuration...";`
109	`}`	111	`}`
110		112
111		113
112	`function ldap_checkServerConfig($f_ldap_server, $f_ldap_identity, $f_ldap_password, $f_ldap_basedn, $f_ldap_uid, $f_ldap_port = 389) {`	114	`function ldap_checkServerConfig($f_ldap_server, $f_ldap_identity, $f_ldap_password, $f_ldap_basedn, $f_ldap_uid, $f_ldap_port = 389) {`
113	`// Socket to the LDAP port of the server`	115	`// Socket to the LDAP port of the server`
114	`if (!$sock = @fsockopen($f_ldap_server, $f_ldap_port, $num, $error, 2)) {`	116	`if (!$sock = @fsockopen($f_ldap_server, $f_ldap_port, $num, $error, 2)) {`
115	`// no network connection`	117	`// no network connection`
116	`return -2;`	118	`return -2;`
117	`}`	119	`}`
118	`fclose($sock);`	120	`fclose($sock);`
119		121
120	`// if ok, Test LDAP connection`	122	`// if ok, Test LDAP connection`
121	`$ldapconn = ldap_connect($f_ldap_server, $f_ldap_port);`	123	`$ldapconn = ldap_connect($f_ldap_server, $f_ldap_port);`
122	`ldap_set_option($ldapconn, LDAP_OPT_TIMELIMIT, 2);`	124	`ldap_set_option($ldapconn, LDAP_OPT_TIMELIMIT, 2);`
123	`if (!$ldapconn) {`	125	`if (!$ldapconn) {`
124	`// LDAP connection failed`	126	`// LDAP connection failed`
125	`return -1;`	127	`return -1;`
126	`}`	128	`}`
127		129
128	`// if ok, test a ldap-bind with the user used by ALCASAR`	130	`// if ok, test a ldap-bind with the user used by ALCASAR`
129	`$ldapbind = ldap_bind($ldapconn, $f_ldap_identity, $f_ldap_password);`	131	`$ldapbind = ldap_bind($ldapconn, $f_ldap_identity, $f_ldap_password);`
130	`if (!$ldapbind) {`	132	`if (!$ldapbind) {`
131	`// Test LDAP Version 3`	133	`// Test LDAP Version 3`
132	`ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);`	134	`ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);`
133	`$ldapbind = ldap_bind($ldapconn, $f_ldap_identity, $f_ldap_password);`	135	`$ldapbind = ldap_bind($ldapconn, $f_ldap_identity, $f_ldap_password);`
134	`if (!$ldapbind) {`	136	`if (!$ldapbind) {`
135	`// LDAP Bind failed`	137	`// LDAP Bind failed`
136	`return 0;`	138	`return 0;`
137	`}`	139	`}`
138	`}`	140	`}`
139		141
140	`// if ok, try to query the directory of users`	142	`// if ok, try to query the directory of users`
141	`$query = $f_ldap_uid."=*";`	143	`$query = $f_ldap_uid."=*";`
142	`$ldap_result = ldap_search($ldapconn, $f_ldap_basedn, $query);`	144	`$ldap_result = ldap_search($ldapconn, $f_ldap_basedn, $query);`
143	`if (ldap_search($ldapconn, $f_ldap_basedn, $query)) {`	145	`if (ldap_search($ldapconn, $f_ldap_basedn, $query)) {`
144	`$ldap_users_count = ldap_count_entries($ldapconn, $ldap_result);`	146	`$ldap_users_count = ldap_count_entries($ldapconn, $ldap_result);`
145	`return ($ldap_users_count + 2);`	147	`return ($ldap_users_count + 2);`
146	`} else {`	148	`} else {`
147	`return 1;`	149	`return 1;`
148	`}`	150	`}`
149	`ldap_unbind($ldapconn);`	151	`ldap_unbind($ldapconn);`
150	`}`	152	`}`
151		153
152	`$messages = '';`	154	`$messages = '';`
153		155
154	`if (isset($_POST['auth_enable'])) {`	156	`if (isset($_POST['auth_enable'])) {`
155	`if ($_POST['auth_enable'] === '1') {`	157	`if ($_POST['auth_enable'] === '1') {`
156	`$varErrors = [];`	158	`$varErrors = [];`
157	`if (isset($_POST['ldap_server'])) $ldap_server = $_POST['ldap_server']; else array_push($varErrors, 'Variable error "ldap_server"');`	159	`if (isset($_POST['ldap_server'])) $ldap_server = $_POST['ldap_server']; else array_push($varErrors, 'Variable error "ldap_server"');`
158	`if (isset($_POST['ldap_base_dn'])) $ldap_base_dn = $_POST['ldap_base_dn']; else array_push($varErrors, 'Variable error "ldap_base_dn"');`	160	`if (isset($_POST['ldap_base_dn'])) $ldap_base_dn = $_POST['ldap_base_dn']; else array_push($varErrors, 'Variable error "ldap_base_dn"');`
159	`if (isset($_POST['ldap_uid'])) $ldap_uid = $_POST['ldap_uid']; else array_push($varErrors, 'Variable error "ldap_uid"');`	161	`if (isset($_POST['ldap_uid'])) $ldap_uid = $_POST['ldap_uid']; else array_push($varErrors, 'Variable error "ldap_uid"');`
160	`if (isset($_POST['ldap_base_filter'])) $ldap_base_filter = $_POST['ldap_base_filter']; else array_push($varErrors, 'Variable error "ldap_base_filter"');`	162	`if (isset($_POST['ldap_base_filter'])) $ldap_base_filter = $_POST['ldap_base_filter']; else array_push($varErrors, 'Variable error "ldap_base_filter"');`
161	`if (isset($_POST['ldap_user'])) $ldap_user = $_POST['ldap_user']; else array_push($varErrors, 'Variable error "ldap_user"');`	163	`if (isset($_POST['ldap_user'])) $ldap_user = $_POST['ldap_user']; else array_push($varErrors, 'Variable error "ldap_user"');`
162	`if (isset($_POST['ldap_password'])) $ldap_password = $_POST['ldap_password']; else array_push($varErrors, 'Variable error "ldap_password"');`	164	`if (isset($_POST['ldap_password'])) $ldap_password = $_POST['ldap_password']; else array_push($varErrors, 'Variable error "ldap_password"');`
163		165
164	`// Validation`	166	`// Validation`
165	`if (isset($ldap_server)) {`	167	`if (isset($ldap_server)) {`
166	`if ((!preg_match('/^([0-9]{1,3}\.){3}([0-9]{1,3})$/', $ldap_server)) && (preg_match('/^[a-zA-Z0-9-_.]+$/', $ldap_server))) {`	168	`if ((!preg_match('/^([0-9]{1,3}\.){3}([0-9]{1,3})$/', $ldap_server)) && (preg_match('/^[a-zA-Z0-9-_.]+$/', $ldap_server))) {`
167	`$ldap_server = gethostbyname($ldap_server);`	169	`$ldap_server = gethostbyname($ldap_server);`
168	`}`	170	`}`
169	`if (!preg_match('/^([0-9]{1,3}\.){3}([0-9]{1,3})$/', $ldap_server)) {`	171	`if (!preg_match('/^([0-9]{1,3}\.){3}([0-9]{1,3})$/', $ldap_server)) {`
170	`array_push($varErrors, 'Invalid LDAP server IP');`	172	`array_push($varErrors, 'Invalid LDAP server IP');`
171	`}`	173	`}`
172	`}`	174	`}`
173		175
174	`if (!empty($varErrors)) {`	176	`if (!empty($varErrors)) {`
175	`foreach ($varErrors as $error) {`	177	`foreach ($varErrors as $error) {`
176	`$messages .= '<span style="font-weight: bold; color: red;">'.$error.'</span><br>';`	178	`$messages .= '<span style="font-weight: bold; color: red;">'.$error.'</span><br>';`
177	`}`	179	`}`
178	`} else {`	180	`} else {`
179	`exec('sed -i '.escapeshellarg("s/^LDAP_SERVER=.*/LDAP_SERVER=$ldap_server/g").' '.CONF_FILE);`	181	`exec('sed -i '.escapeshellarg("s/^LDAP_SERVER=.*/LDAP_SERVER=$ldap_server/g").' '.CONF_FILE);`
180	`exec('sed -i '.escapeshellarg("s/^LDAP_BASE=.*/LDAP_BASE=$ldap_base_dn/g").' '.CONF_FILE);`	182	`exec('sed -i '.escapeshellarg("s/^LDAP_BASE=.*/LDAP_BASE=$ldap_base_dn/g").' '.CONF_FILE);`
181	`exec('sed -i '.escapeshellarg("s/^LDAP_UID=.*/LDAP_UID=$ldap_uid/g").' '.CONF_FILE);`	183	`exec('sed -i '.escapeshellarg("s/^LDAP_UID=.*/LDAP_UID=$ldap_uid/g").' '.CONF_FILE);`
182	`exec('sed -i '.escapeshellarg("s/^LDAP_FILTER=.*/LDAP_FILTER=$ldap_base_filter/g").' '.CONF_FILE);`	184	`exec('sed -i '.escapeshellarg("s/^LDAP_FILTER=.*/LDAP_FILTER=$ldap_base_filter/g").' '.CONF_FILE);`
183	`exec('sed -i '.escapeshellarg("s/^LDAP_USER=.*/LDAP_USER=$ldap_user/g").' '.CONF_FILE);`	185	`exec('sed -i '.escapeshellarg("s/^LDAP_USER=.*/LDAP_USER=$ldap_user/g").' '.CONF_FILE);`
184	`exec('sed -i '.escapeshellarg("s/^LDAP_PASSWORD=.*/LDAP_PASSWORD=$ldap_password/g").' '.CONF_FILE);`	186	`exec('sed -i '.escapeshellarg("s/^LDAP_PASSWORD=.*/LDAP_PASSWORD=$ldap_password/g").' '.CONF_FILE);`
185	`exec('sed -i \'s/^LDAP=.*/LDAP=on/g\' '.CONF_FILE);`	187	`exec('sed -i \'s/^LDAP=.*/LDAP=on/g\' '.CONF_FILE);`
186	`exec('sudo /usr/local/bin/alcasar-ldap.sh --on');`	188	`exec('sudo /usr/local/bin/alcasar-ldap.sh --on');`
187	`$messages .= '<span style="font-weight: bold; color: green;">'.$l_ldap_update.'</span><br>';`	189	`$messages .= '<span style="font-weight: bold; color: green;">'.$l_ldap_update.'</span><br>';`
188	`}`	190	`}`
189	`} else {`	191	`} else {`
190	`exec('sed -i "s/^LDAP=.*/LDAP=off/g" '.CONF_FILE);`	192	`exec('sed -i "s/^LDAP=.*/LDAP=off/g" '.CONF_FILE);`
191	`exec('sudo /usr/local/bin/alcasar-ldap.sh --off');`	193	`exec('sudo /usr/local/bin/alcasar-ldap.sh --off');`
192	`$messages .= '<span style="font-weight: bold; color: green;">'.$l_ldap_update.'</span><br>';`	194	`$messages .= '<span style="font-weight: bold; color: green;">'.$l_ldap_update.'</span><br>';`
193	`}`	195	`}`
194		196
195	`// Reload configuration`	197	`// Reload configuration`
196	`$file_conf = fopen(CONF_FILE, 'r');`	198	`$file_conf = fopen(CONF_FILE, 'r');`
197	`if (!$file_conf) {`	199	`if (!$file_conf) {`
198	`exit('Error opening the file '.CONF_FILE);`	200	`exit('Error opening the file '.CONF_FILE);`
199	`}`	201	`}`
200	`while (!feof($file_conf)) {`	202	`while (!feof($file_conf)) {`
201	`$buffer = fgets($file_conf, 4096);`	203	`$buffer = fgets($file_conf, 4096);`
202	`if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {`	204	`if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {`
203	`$tmp = explode('=', $buffer, 2);`	205	`$tmp = explode('=', $buffer, 2);`
204	`$conf[trim($tmp[0])] = trim($tmp[1]);`	206	`$conf[trim($tmp[0])] = trim($tmp[1]);`
205	`}`	207	`}`
206	`}`	208	`}`
207	`fclose($file_conf);`	209	`fclose($file_conf);`
208	`}`	210	`}`
209		211
210	`// LDAP configuration params`	212	`// LDAP configuration params`
211	`$ldap_status = ($conf['LDAP'] === 'on');`	213	`$ldap_status = ($conf['LDAP'] === 'on');`
212	`$ldap_server = $conf['LDAP_SERVER'];`	214	`$ldap_server = $conf['LDAP_SERVER'];`
213	`$ldap_user = $conf['LDAP_USER'];`	215	`$ldap_user = $conf['LDAP_USER'];`
214	`$ldap_password = $conf['LDAP_PASSWORD'];`	216	`$ldap_password = $conf['LDAP_PASSWORD'];`
215	`$ldap_base_dn = $conf['LDAP_BASE'];`	217	`$ldap_base_dn = $conf['LDAP_BASE'];`
216	`$ldap_uid = $conf['LDAP_UID'];`	218	`$ldap_uid = $conf['LDAP_UID'];`
217	`$ldap_base_filter = $conf['LDAP_FILTER'];`	219	`$ldap_base_filter = $conf['LDAP_FILTER'];`
218		220
219	`// TODO : check LDAP PHP extension loaded?`	-
220	`// if (!extension_loaded('ldap')) {`	-
221	`// exit();`	-
222	`// }`	-
223		-
224	`$pos = strpos($ldap_server, '//');`	-
225	`if ($pos !== false) {`	-
226	`// TODO : useless?`	-
227	`$new_ldap_server = explode('//', $ldap_server); // pour discriminer le host et le protocole dans la notation "ldap://192.168.182.10" ou "ldaps://monldap.monentreperise.com"`	-
228	`} else {`	-
229	`$new_ldap_server = $ldap_server;`	-
230	`}`	-
231		-
232	`// AJAX LDAP configuration checker`	221	`// AJAX LDAP configuration checker`
233	`if (isset($_GET['conf_check'])) {`	222	`if (isset($_GET['conf_check'])) {`
234	`$response = [`	223	`$response = [`
235	`'enable' => $ldap_status`	224	`'enable' => $ldap_status`
236	`];`	225	`];`
237	`if ($ldap_status \|\| ($_SERVER['REQUEST_METHOD'] === 'POST')) {`	226	`if ($ldap_status \|\| ($_SERVER['REQUEST_METHOD'] === 'POST')) {`
238	`$varErrors = [];`	227	`$varErrors = [];`
239	`if ($_SERVER['REQUEST_METHOD'] === 'POST') {`	228	`if ($_SERVER['REQUEST_METHOD'] === 'POST') {`
240	`if (isset($_POST['ldap_server'])) $ldap_server = $_POST['ldap_server']; else array_push($varErrors, 'Variable error "ldap_server"'); // TODO: need to translate`	229	`if (isset($_POST['ldap_server'])) $ldap_server = $_POST['ldap_server']; else array_push($varErrors, 'Variable error "ldap_server"'); // TODO: need to translate`
241	`if (isset($_POST['ldap_base_dn'])) $ldap_base_dn = $_POST['ldap_base_dn']; else array_push($varErrors, 'Variable error "ldap_base_dn"'); // TODO: need to translate`	230	`if (isset($_POST['ldap_base_dn'])) $ldap_base_dn = $_POST['ldap_base_dn']; else array_push($varErrors, 'Variable error "ldap_base_dn"'); // TODO: need to translate`
242	`if (isset($_POST['ldap_uid'])) $ldap_uid = $_POST['ldap_uid']; else array_push($varErrors, 'Variable error "ldap_uid"'); // TODO: need to translate`	231	`if (isset($_POST['ldap_uid'])) $ldap_uid = $_POST['ldap_uid']; else array_push($varErrors, 'Variable error "ldap_uid"'); // TODO: need to translate`
243	`if (isset($_POST['ldap_base_filter'])) $ldap_base_filter = $_POST['ldap_base_filter']; else array_push($varErrors, 'Variable error "ldap_base_filter"'); // TODO: need to translate`	232	`if (isset($_POST['ldap_base_filter'])) $ldap_base_filter = $_POST['ldap_base_filter']; else array_push($varErrors, 'Variable error "ldap_base_filter"'); // TODO: need to translate`
244	`if (isset($_POST['ldap_user'])) $ldap_user = $_POST['ldap_user']; else array_push($varErrors, 'Variable error "ldap_user"'); // TODO: need to translate`	233	`if (isset($_POST['ldap_user'])) $ldap_user = $_POST['ldap_user']; else array_push($varErrors, 'Variable error "ldap_user"'); // TODO: need to translate`
245	`if (isset($_POST['ldap_password'])) $ldap_password = $_POST['ldap_password']; else array_push($varErrors, 'Variable error "ldap_password"'); // TODO: need to translate`	234	`if (isset($_POST['ldap_password'])) $ldap_password = $_POST['ldap_password']; else array_push($varErrors, 'Variable error "ldap_password"'); // TODO: need to translate`
246	`}`	235	`}`
247		236
248	`// Validation`	237	`// Validation`
249	`if (isset($ldap_server)) {`	238	`if (isset($ldap_server)) {`
250	`if ((!preg_match('/^([0-9]{1,3}\.){3}([0-9]{1,3})$/', $ldap_server)) && (preg_match('/^[a-zA-Z0-9-_.]+$/', $ldap_server))) {`	239	`if ((!preg_match('/^([0-9]{1,3}\.){3}([0-9]{1,3})$/', $ldap_server)) && (preg_match('/^[a-zA-Z0-9-_.]+$/', $ldap_server))) {`
251	`$ldap_server = gethostbyname($ldap_server);`	240	`$ldap_server = gethostbyname($ldap_server);`
252	`}`	241	`}`
253	`if (!preg_match('/^([0-9]{1,3}\.){3}([0-9]{1,3})$/', $ldap_server)) {`	242	`if (!preg_match('/^([0-9]{1,3}\.){3}([0-9]{1,3})$/', $ldap_server)) {`
254	`array_push($varErrors, 'Invalid LDAP server IP'); // TODO: need to translate`	243	`array_push($varErrors, 'Invalid LDAP server IP'); // TODO: need to translate`
255	`}`	244	`}`
256	`}`	245	`}`
257		246
258	`if (!empty($varErrors)) {`	247	`if (!empty($varErrors)) {`
259	`$response['errors'] = $varErrors;`	248	`$response['errors'] = $varErrors;`
260	`} else {`	249	`} else {`
261	`$response['result'] = ldap_checkServerConfig($ldap_server, $ldap_user, $ldap_password, $ldap_base_dn, $ldap_uid);`	250	`$response['result'] = ldap_checkServerConfig($ldap_server, $ldap_user, $ldap_password, $ldap_base_dn, $ldap_uid);`
262	`}`	251	`}`
263	`}`	252	`}`
264		253
265	`header('Content-Type: application/json');`	254	`header('Content-Type: application/json');`
266	`echo json_encode($response);`	255	`echo json_encode($response);`
267	`exit();`	256	`exit();`
268	`}`	257	`}`
269		258
270	`?>`	259	`?>`
271	`<!DOCTYPE html>`	260	`<!DOCTYPE html>`
272	`<html>`	261	`<html>`
273	`<head>`	262	`<head>`
274	`<meta charset="UTF-8">`	263	`<meta charset="UTF-8">`
275	`<title><?= $l_ldap_title ?></title>`	264	`<title><?= $l_ldap_title ?></title>`
276	`<link type="text/css" href="/css/style.css" rel="stylesheet">`	265	`<link type="text/css" href="/css/style.css" rel="stylesheet">`
277	`<link type="text/css" href="/css/acc.css" rel="stylesheet">`	266	`<link type="text/css" href="/css/acc.css" rel="stylesheet">`
278	`<link type="text/css" href="/css/ldap.css" rel="stylesheet">`	267	`<link type="text/css" href="/css/ldap.css" rel="stylesheet">`
279	`<script>`	268	`<script>`
280	`function onLdapStatusChange() {`	269	`function onLdapStatusChange() {`
281	`var listToDisables = ['ldap_server', 'ldap_dn', 'ldap_uid', 'ldap_base_filter', 'ldap_user', 'ldap_password'];`	270	`var listToDisables = ['ldap_server', 'ldap_dn', 'ldap_uid', 'ldap_base_filter', 'ldap_user', 'ldap_password'];`
282	`var formSubmit = document.querySelector('form input[type="submit"]');`	271	`var formSubmit = document.querySelector('form input[type="submit"]');`
283	`var btn_checkConf = document.getElementById('btn-checkconf');`	272	`var btn_checkConf = document.getElementById('btn-checkconf');`
284	`var isChecked = false;`	273	`var isChecked = false;`
285		274
286	`if (document.getElementById('auth_enable').value === '1') {`	275	`if (document.getElementById('auth_enable').value === '1') {`
287	`for (var i=0; i<listToDisables.length; i++) {`	276	`for (var i=0; i<listToDisables.length; i++) {`
288	`document.getElementById(listToDisables[i]).style.backgroundColor = '#ffffff';`	277	`document.getElementById(listToDisables[i]).style.backgroundColor = '#ffffff';`
289	`document.getElementById(listToDisables[i]).disabled = false;`	278	`document.getElementById(listToDisables[i]).disabled = false;`
290	`}`	279	`}`
291	`formSubmit.style.display = 'none';`	280	`formSubmit.style.display = 'none';`
292	`btn_checkConf.style.display = null;`	281	`btn_checkConf.style.display = null;`
293	`} else {`	282	`} else {`
294	`for (var i=0; i<listToDisables.length; i++) {`	283	`for (var i=0; i<listToDisables.length; i++) {`
295	`document.getElementById(listToDisables[i]).style.backgroundColor = '#c0c0c0';`	284	`document.getElementById(listToDisables[i]).style.backgroundColor = '#c0c0c0';`
296	`document.getElementById(listToDisables[i]).disabled = true;`	285	`document.getElementById(listToDisables[i]).disabled = true;`
297	`}`	286	`}`
298	`formSubmit.style.display = null;`	287	`formSubmit.style.display = null;`
299	`btn_checkConf.style.display = 'none';`	288	`btn_checkConf.style.display = 'none';`
300	`}`	289	`}`
301	`}`	290	`}`
302		291
303	`function checkConfig() {`	292	`function checkConfig() {`
304	`var messagesElem = document.querySelector('fieldset > legend > div');`	293	`var messagesElem = document.querySelector('fieldset > legend > div');`
305	`var formSubmit = document.querySelector('form input[type="submit"]');`	294	`var formSubmit = document.querySelector('form input[type="submit"]');`
306	`var btn_checkConf = document.getElementById('btn-checkconf');`	295	`var btn_checkConf = document.getElementById('btn-checkconf');`
307		296
308	`var ldap_config = {`	297	`var ldap_config = {`
309	`ldap_status: (document.getElementById('auth_enable').value === '1'),`	298	`ldap_status: (document.getElementById('auth_enable').value === '1'),`
310	`ldap_server: document.getElementById('ldap_server').value,`	299	`ldap_server: document.getElementById('ldap_server').value,`
311	`ldap_user: document.getElementById('ldap_user').value,`	300	`ldap_user: document.getElementById('ldap_user').value,`
312	`ldap_password: document.getElementById('ldap_password').value,`	301	`ldap_password: document.getElementById('ldap_password').value,`
313	`ldap_base_dn: document.getElementById('ldap_dn').value,`	302	`ldap_base_dn: document.getElementById('ldap_dn').value,`
314	`ldap_uid: document.getElementById('ldap_uid').value,`	303	`ldap_uid: document.getElementById('ldap_uid').value,`
315	`ldap_base_filter: document.getElementById('ldap_base_filter').value`	304	`ldap_base_filter: document.getElementById('ldap_base_filter').value`
316	`};`	305	`};`
317		306
318	`// Format HTTP POST data`	307	`// Format HTTP POST data`
319	`var post_data = Object.keys(ldap_config).map( function (k) { return encodeURIComponent(k) + '=' + encodeURIComponent(ldap_config[k]) } ).join('&');`	308	`var post_data = Object.keys(ldap_config).map( function (k) { return encodeURIComponent(k) + '=' + encodeURIComponent(ldap_config[k]) } ).join('&');`
320		309
321	`messagesElem.innerHTML = '<?= 'Checking configuration...' /* TODO: need to translate */ ?>';`	310	`messagesElem.innerHTML = '<?= $l_checkingConf ?>';`
322		311
323	`var xhr = new XMLHttpRequest();`	312	`var xhr = new XMLHttpRequest();`
324	`xhr.onreadystatechange = function() {`	313	`xhr.onreadystatechange = function() {`
325	`if (this.readyState == 4) {`	314	`if (this.readyState == 4) {`
326	`if (this.status == 200) {`	315	`if (this.status == 200) {`
327	`var data = JSON.parse(this.responseText);`	316	`var data = JSON.parse(this.responseText);`
328		317
329	`var messages = '';`	318	`var messages = '';`
330		319
331	`if (typeof data.result !== 'undefined') {`	320	`if (typeof data.result !== 'undefined') {`
332	`if (data.result === -2) {`	321	`if (data.result === -2) {`
333	`messages += "<span style=\"color: red\"><?= $l_ldap_test_service_failed ?></span>";`	322	`messages += "<span style=\"color: red\"><?= $l_ldap_test_service_failed ?></span>";`
334	`} else {`	323	`} else {`
335	`messages += "<span style=\"color: green\"><?= $l_ldap_test_service_ok ?></span>";`	324	`messages += "<span style=\"color: green\"><?= $l_ldap_test_service_ok ?></span>";`
336	`if (data.result === -1) {`	325	`if (data.result === -1) {`
337	`messages += "<br><span style=\"color: red\"><?= $l_ldap_test_connection_failed ?></span>";`	326	`messages += "<br><span style=\"color: red\"><?= $l_ldap_test_connection_failed ?></span>";`
338	`} else {`	327	`} else {`
339	`messages += "<br><span style=\"color: green\"><?= $l_ldap_test_connection_ok ?></span>";`	328	`messages += "<br><span style=\"color: green\"><?= $l_ldap_test_connection_ok ?></span>";`
340	`if (data.result === 0) {`	329	`if (data.result === 0) {`
341	`messages += "<br><span style=\"color: red\"><?= $l_ldap_test_bind_failed ?></span>";`	330	`messages += "<br><span style=\"color: red\"><?= $l_ldap_test_bind_failed ?></span>";`
342	`} else {`	331	`} else {`
343	`messages += "<br><span style=\"color: green\"><?= $l_ldap_test_bind_ok ?></span>";`	332	`messages += "<br><span style=\"color: green\"><?= $l_ldap_test_bind_ok ?></span>";`
344	`if (data.result === 1) {`	333	`if (data.result === 1) {`
345	`messages += "<br><span style=\"color: red\"><?= $l_ldap_test_dn_failed ?></span>";`	334	`messages += "<br><span style=\"color: red\"><?= $l_ldap_test_dn_failed ?></span>";`
346	`} else {`	335	`} else {`
347	`messages += "<br><span style=\"color: green\"><?= $l_ldap_test_dn_ok ?> (" + (data.result - 2) + " <?= $l_ldap_entries?>)</span>";`	336	`messages += "<br><span style=\"color: green\"><?= $l_ldap_test_dn_ok ?> (" + (data.result - 2) + " <?= $l_ldap_entries?>)</span>";`
348	`}`	337	`}`
349	`}`	338	`}`
350	`}`	339	`}`
351	`}`	340	`}`
352	`}`	341	`}`
353		342
354	`if (data.result > 1) {`	343	`if (data.result > 1) {`
355	`formSubmit.style.display = null;`	344	`formSubmit.style.display = null;`
356	`btn_checkConf.style.display = 'none';`	345	`btn_checkConf.style.display = 'none';`
357	`} else {`	346	`} else {`
358	`formSubmit.style.display = 'none';`	347	`formSubmit.style.display = 'none';`
359	`btn_checkConf.style.display = null;`	348	`btn_checkConf.style.display = null;`
360	`}`	349	`}`
361		350
362	`if (typeof data.errors !== 'undefined') {`	351	`if (typeof data.errors !== 'undefined') {`
363	`messages = '<span style=\"color: red\">' + data.errors.join('</span><br><span style=\"color: red\">') + '</span><br>';`	352	`messages = '<span style=\"color: red\">' + data.errors.join('</span><br><span style=\"color: red\">') + '</span><br>';`
364	`}`	353	`}`
365		354
366	`messagesElem.innerHTML = messages;`	355	`messagesElem.innerHTML = messages;`
367	`} else {`	356	`} else {`
368	`messagesElem.innerHTML = 'server error';`	357	`messagesElem.innerHTML = 'server error';`
369	`}`	358	`}`
370	`}`	359	`}`
371	`};`	360	`};`
372	`xhr.open('POST', 'ldap.php?conf_check', true);`	361	`xhr.open('POST', 'ldap.php?conf_check', true);`
373	`xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');`	362	`xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');`
374	`xhr.send(post_data);`	363	`xhr.send(post_data);`
375	`}`	364	`}`
376	`</script>`	365	`</script>`
377	`</head>`	366	`</head>`
378	`<body onLoad="onLdapStatusChange();">`	367	`<body onLoad="onLdapStatusChange();">`
379	`<div class="panel">`	368	`<div class="panel">`
380	`<div class="panel-header"><?= $l_ldap_legend ?></div>`	369	`<div class="panel-header"><?= $l_ldap_legend ?></div>`
381	`<div class="panel-body">`	370	`<div class="panel-body">`
382	`<form name="config_ldap" method="POST" action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>">`	371	`<form name="config_ldap" method="POST" action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>">`
383	`<fieldset>`	372	`<fieldset>`
384	`<legend>`	373	`<legend>`
385	`<br>`	374	`<br>`
386	`<div style="text-align: center">`	375	`<div style="text-align: center">`
387	`<?php if ($messages): ?>`	376	`<?php if ($messages): ?>`
388	`<?= $messages ?>`	377	`<?= $messages ?>`
389	`<?php endif; ?>`	378	`<?php endif; ?>`
390	`</div>`	379	`</div>`
391	`</legend>`	380	`</legend>`
392	`<dl>`	381	`<dl>`
393	`<dt>`	382	`<dt>`
394	`<label for="auth_enable"><?= $l_ldap_auth_enable_label ?></label>`	383	`<label for="auth_enable"><?= $l_ldap_auth_enable_label ?></label>`
395	`</dt>`	384	`</dt>`
396	`<dd>`	385	`<dd>`
397	`<select id="auth_enable" name="auth_enable" onchange="onLdapStatusChange();">`	386	`<select id="auth_enable" name="auth_enable" onchange="onLdapStatusChange();">`
398	`<option value="1"<?= ($ldap_status) ? ' selected="selected"' : '' ?>><?= $l_ldap_YES ?></option>`	387	`<option value="1"<?= ($ldap_status) ? ' selected="selected"' : '' ?>><?= $l_ldap_YES ?></option>`
399	`<option value="0"<?= (!$ldap_status) ? ' selected="selected"' : '' ?>><?= $l_ldap_NO ?></option>`	388	`<option value="0"<?= (!$ldap_status) ? ' selected="selected"' : '' ?>><?= $l_ldap_NO ?></option>`
400	`</select>`	389	`</select>`
401	`</dd>`	390	`</dd>`
402	`</dl>`	391	`</dl>`
403	`<dl>`	392	`<dl>`
404	`<dt>`	393	`<dt>`
405	`<label for="ldap_server"><?= $l_ldap_server_label ?></label><br>`	394	`<label for="ldap_server"><?= $l_ldap_server_label ?></label><br>`
406	`<?= $l_ldap_server_text ?>`	395	`<?= $l_ldap_server_text ?>`
407	`</dt>`	396	`</dt>`
408	`<dd>`	397	`<dd>`
409	`<input id="ldap_server" size="40" name="ldap_server" value="<?= htmlspecialchars($ldap_server) ?>" oninput="onLdapStatusChange();">`	398	`<input type="text" id="ldap_server" size="40" name="ldap_server" value="<?= htmlspecialchars($ldap_server) ?>" oninput="onLdapStatusChange();">`
410	`</dd>`	399	`</dd>`
411	`</dl>`	400	`</dl>`
412	`<dl>`	401	`<dl>`
413	`<dt>`	402	`<dt>`
414	`<label for="ldap_dn"><?= $l_ldap_base_dn_label ?></label><br>`	403	`<label for="ldap_dn"><?= $l_ldap_base_dn_label ?></label><br>`
415	`<?= $l_ldap_base_dn_text ?>`	404	`<?= $l_ldap_base_dn_text ?>`
416	`</dt>`	405	`</dt>`
417	`<dd>`	406	`<dd>`
418	`<input id="ldap_dn" size="40" name="ldap_base_dn" value="<?= htmlspecialchars($ldap_base_dn) ?>" oninput="onLdapStatusChange();">`	407	`<input type="text" id="ldap_dn" size="40" name="ldap_base_dn" value="<?= htmlspecialchars($ldap_base_dn) ?>" oninput="onLdapStatusChange();">`
419	`</dd>`	408	`</dd>`
420	`</dl>`	409	`</dl>`
421	`<dl>`	410	`<dl>`
422	`<dt>`	411	`<dt>`
423	`<label for="ldap_uid"><?= $l_ldap_uid_label ?></label><br>`	412	`<label for="ldap_uid"><?= $l_ldap_uid_label ?></label><br>`
424	`<?= $l_ldap_uid_text ?>`	413	`<?= $l_ldap_uid_text ?>`
425	`</dt>`	414	`</dt>`
426	`<dd>`	415	`<dd>`
427	`<input id="ldap_uid" size="40" name="ldap_uid" value="<?= htmlspecialchars($ldap_uid) ?>" oninput="onLdapStatusChange();">`	416	`<input type="text" id="ldap_uid" size="40" name="ldap_uid" value="<?= htmlspecialchars($ldap_uid) ?>" oninput="onLdapStatusChange();">`
428	`</dd>`	417	`</dd>`
429	`</dl>`	418	`</dl>`
430	`<dl>`	419	`<dl>`
431	`<dt>`	420	`<dt>`
432	`<label for="ldap_base_filter"><?= $l_ldap_base_filter_label ?></label><br>`	421	`<label for="ldap_base_filter"><?= $l_ldap_base_filter_label ?></label><br>`
433	`<?= $l_ldap_base_filter_text ?>`	422	`<?= $l_ldap_base_filter_text ?>`
434	`</dt>`	423	`</dt>`
435	`<dd>`	424	`<dd>`
436	`<input id="ldap_base_filter" size="40" name="ldap_base_filter" value="<?= htmlspecialchars($ldap_base_filter) ?>" oninput="onLdapStatusChange();">`	425	`<input type="text" id="ldap_base_filter" size="40" name="ldap_base_filter" value="<?= htmlspecialchars($ldap_base_filter) ?>" oninput="onLdapStatusChange();">`
437	`</dd>`	426	`</dd>`
438	`</dl>`	427	`</dl>`
439	`<dl>`	428	`<dl>`
440	`<dt>`	429	`<dt>`
441	`<label for="ldap_user"><?= $l_ldap_user_label ?></label><br>`	430	`<label for="ldap_user"><?= $l_ldap_user_label ?></label><br>`
442	`<?= $l_ldap_user_text ?>`	431	`<?= $l_ldap_user_text ?>`
443	`</dt>`	432	`</dt>`
444	`<dd>`	433	`<dd>`
445	`<input id="ldap_user" size="40" name="ldap_user" value="<?= htmlspecialchars($ldap_user) ?>" oninput="onLdapStatusChange();">`	434	`<input type="text" id="ldap_user" size="40" name="ldap_user" value="<?= htmlspecialchars($ldap_user) ?>" oninput="onLdapStatusChange();">`
446	`</dd>`	435	`</dd>`
447	`</dl>`	436	`</dl>`
448	`<dl>`	437	`<dl>`
449	`<dt>`	438	`<dt>`
450	`<label for="ldap_password"><?= $l_ldap_password_label ?></label><br>`	439	`<label for="ldap_password"><?= $l_ldap_password_label ?></label><br>`
451	`<?= $l_ldap_password_text ?>`	440	`<?= $l_ldap_password_text ?>`
452	`</dt>`	441	`</dt>`
453	`<dd>`	442	`<dd>`
454	`<input id="ldap_password" type="password" size="40" name="ldap_password" value="<?= htmlspecialchars($ldap_password) ?>" oninput="onLdapStatusChange();">`	443	`<input type="text" id="ldap_password" type="password" size="40" name="ldap_password" value="<?= htmlspecialchars($ldap_password) ?>" oninput="onLdapStatusChange();">`
455	`</dd>`	444	`</dd>`
456	`</dl>`	445	`</dl>`
457	`<p>`	446	`<p>`
458	`<button id="btn-checkconf" onclick="checkConfig(); return false;"><?= $l_check ?></button>`	447	`<button id="btn-checkconf" onclick="checkConfig(); return false;"><?= $l_check ?></button>`
459	`<input id="submit" type="submit" value="<?= $l_ldap_submit ?>" name="submit" title="<?= 'You need to check before submit' /* TODO: need to translate */ ?>">`	448	`<input id="submit" type="submit" value="<?= $l_ldap_submit ?>" name="submit">`
460	`</p>`	449	`</p>`
461	`</fieldset>`	450	`</fieldset>`
462	`</form>`	451	`</form>`
463	`</div>`	452	`</div>`
464	`</div>`	453	`</div>`
465	`</body>`	454	`</body>`
466	`</html>`	455	`</html>`
467		456

Subversion Repositories ALCASAR

(root)/web/acc/admin/ldap.php – Rev 2465 → 2475