mirror of
https://github.com/fusionpbx/fusionpbx.git
synced 2025-12-30 09:03:49 +00:00
08001488f4
* remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove class_exists wrapper for class definitions * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove include statement of class file * remove closing tag * remove invalid method params * remove closing tag * remove closing tag * Update auto_loader to load each class file in the project Update the auto_loader class to use an include statement on each file in the project to load the class within the file. This will allow mismatched names within the file to be loaded and mapped according to the declaration instead of the filename. The class is then checked against the parsed classes from the PHP engine so that namespaces are available and mapped to the file they were declared in. An update was also made to the search algorithm used to find a file that was not already loaded by collapsing the array to have only valid matches to increase performance on a cache miss. Logging within the auto_loader has been moved to a function. Multiple files were modified to allow the include statement. When the class has the `if(class_exists())` statement, the auto_loader is called to check for the class. This caused an infinite loop scenario so all wrappers have been removed. The auto_loader will now break the loop by directly modifying the internal classes array instead of trying to restart with the 'reload_classes' method. - APCu is used to cache classes so any loading of the classes is done only once. To clear the APCu cache, restart php-fpm or call the auto_loader::clear_cache() function. - Cache file is used when APCu is not available. To clear the cache remove it from the tmp folder or call the auto_loader::clear_cache() function. - All classes must no longer have a class_exists wrapper to benefit from the performance boost. - Classes should not be directly included when the auto_loader is used. * remove include statement of class file * Update destinations.php
212 lines
8.0 KiB
PHP
212 lines
8.0 KiB
PHP
<?php
|
|
|
|
/**
|
|
* plugin_ldap
|
|
*
|
|
* @method ldap checks a local or remote ldap database to authenticate the user
|
|
*/
|
|
class plugin_ldap {
|
|
|
|
/**
|
|
* Define variables and their scope
|
|
*/
|
|
public $debug;
|
|
public $domain_name;
|
|
public $username;
|
|
public $password;
|
|
public $user_uuid;
|
|
public $contact_uuid;
|
|
|
|
/**
|
|
* ldap checks a local or remote ldap database to authenticate the user
|
|
* @return array [authorized] => true or false
|
|
*/
|
|
function ldap() {
|
|
|
|
//show the authentication code view
|
|
if ($_REQUEST["username"]) {
|
|
|
|
//pre-process some settings
|
|
$settings['theme']['favicon'] = !empty($_SESSION['theme']['favicon']['text']) ? $_SESSION['theme']['favicon']['text'] : PROJECT_PATH.'/themes/default/favicon.ico';
|
|
$settings['login']['destination'] = !empty($_SESSION['login']['destination']['text']) ? $_SESSION['login']['destination']['text'] : '';
|
|
$settings['users']['unique'] = !empty($_SESSION['users']['unique']['text']) ? $_SESSION['users']['unique']['text'] : '';
|
|
$settings['theme']['logo'] = !empty($_SESSION['theme']['logo']['text']) ? $_SESSION['theme']['logo']['text'] : PROJECT_PATH.'/themes/default/images/logo_login.png';
|
|
$settings['theme']['login_logo_width'] = !empty($_SESSION['theme']['login_logo_width']['text']) ? $_SESSION['theme']['login_logo_width']['text'] : 'auto; max-width: 300px';
|
|
$settings['theme']['login_logo_height'] = !empty($_SESSION['theme']['login_logo_height']['text']) ? $_SESSION['theme']['login_logo_height']['text'] : 'auto; max-height: 300px';
|
|
$settings['theme']['background_video'] = isset($_SESSION['theme']['background_video'][0]) ? $_SESSION['theme']['background_video'][0] : null;
|
|
|
|
//get the domain
|
|
$domain_array = explode(":", $_SERVER["HTTP_HOST"]);
|
|
$domain_name = $domain_array[0];
|
|
|
|
//create token
|
|
//$object = new token;
|
|
//$token = $object->create('login');
|
|
|
|
//add multi-lingual support
|
|
$language = new text;
|
|
$text = $language->get(null, '/core/authentication');
|
|
|
|
//initialize a template object
|
|
$view = new template();
|
|
$view->engine = 'smarty';
|
|
$view->template_dir = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/core/authentication/resources/views/';
|
|
$view->cache_dir = sys_get_temp_dir();
|
|
$view->init();
|
|
|
|
//add translations
|
|
$view->assign("login_title", $text['button-login']);
|
|
$view->assign("label_username", $text['label-username']);
|
|
$view->assign("label_password", $text['label-password']);
|
|
$view->assign("button_login", $text['button-login']);
|
|
|
|
//assign default values to the template
|
|
$view->assign("project_path", PROJECT_PATH);
|
|
$view->assign("login_destination_url", $settings['login']['destination']);
|
|
$view->assign("favicon", $settings['theme']['favicon']);
|
|
$view->assign("login_logo_width", $settings['theme']['login_logo_width']);
|
|
$view->assign("login_logo_height", $settings['theme']['login_logo_height']);
|
|
$view->assign("login_logo_source", $settings['theme']['logo']);
|
|
$view->assign("background_video", $settings['theme']['background_video']);
|
|
|
|
//add the token name and hash to the view
|
|
//$view->assign("token_name", $token['name']);
|
|
//$view->assign("token_hash", $token['hash']);
|
|
|
|
//show the views
|
|
$content = $view->render('login.htm');
|
|
echo $content;
|
|
exit;
|
|
}
|
|
|
|
//use ldap to validate the user credentials
|
|
if (isset($_SESSION["ldap"]["certpath"])) {
|
|
$s = "LDAPTLS_CERT=" . $_SESSION["ldap"]["certpath"]["text"];
|
|
putenv($s);
|
|
}
|
|
if (isset($_SESSION["ldap"]["certkey"])) {
|
|
$s = "LDAPTLS_KEY=" . $_SESSION["ldap"]["certkey"]["text"];
|
|
putenv($s);
|
|
}
|
|
$host = $_SESSION["ldap"]["server_host"]["text"];
|
|
$port = $_SESSION["ldap"]["server_port"]["numeric"];
|
|
$connect = ldap_connect($host, $port)
|
|
or die("Could not connect to the LDAP server.");
|
|
//ldap_set_option($connect, LDAP_OPT_NETWORK_TIMEOUT, 10);
|
|
ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
|
|
//ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);
|
|
|
|
//set the default status
|
|
$user_authorized = false;
|
|
|
|
//provide backwards compatability
|
|
if (!empty($_SESSION["ldap"]["user_dn"]["text"])) {
|
|
$_SESSION["ldap"]["user_dn"][] = $_SESSION["ldap"]["user_dn"]["text"];
|
|
}
|
|
|
|
//check all user_dn in the array
|
|
foreach ($_SESSION["ldap"]["user_dn"] as $user_dn) {
|
|
$bind_dn = $_SESSION["ldap"]["user_attribute"]["text"]."=".$this->username.",".$user_dn;
|
|
$bind_pw = $this->password;
|
|
//Note: As of 4/16, the call below will fail randomly. PHP debug reports ldap_bind
|
|
//called below with all arguments '*uninitialized*'. However, the debugger
|
|
//single-stepping just before the failing call correctly displays all the values.
|
|
if (!empty($bind_pw)) {
|
|
$bind = ldap_bind($connect, $bind_dn, $bind_pw);
|
|
if ($bind) {
|
|
//connected and authorized
|
|
$user_authorized = true;
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
//check to see if the user exists
|
|
if ($user_authorized) {
|
|
$sql = "select * from v_users ";
|
|
$sql .= "where username = :username ";
|
|
if ($settings['users']['unique'] != "global") {
|
|
//unique username per domain (not globally unique across system - example: email address)
|
|
$sql .= "and domain_uuid = :domain_uuid ";
|
|
$parameters['domain_uuid'] = $this->domain_uuid;
|
|
}
|
|
$sql .= "and (user_type = 'default' or user_type is null) ";
|
|
$parameters['username'] = $this->username;
|
|
$database = new database;
|
|
$row = $database->select($sql, $parameters, 'row');
|
|
if (is_array($row) && @sizeof($row) != 0) {
|
|
if ($settings['users']['unique'] == "global" && $row["domain_uuid"] != $this->domain_uuid) {
|
|
//get the domain uuid
|
|
$this->domain_uuid = $row["domain_uuid"];
|
|
$this->domain_name = $_SESSION['domains'][$this->domain_uuid]['domain_name'];
|
|
|
|
//set the domain session variables
|
|
$_SESSION["domain_uuid"] = $this->domain_uuid;
|
|
$_SESSION["domain_name"] = $this->domain_name;
|
|
|
|
//set the setting arrays
|
|
$domain = new domains();
|
|
$domain->set();
|
|
}
|
|
$this->user_uuid = $row["user_uuid"];
|
|
$this->contact_uuid = $row["contact_uuid"];
|
|
}
|
|
else {
|
|
//salt used with the password to create a one way hash
|
|
$salt = generate_password('32', '4');
|
|
$password = generate_password('32', '4');
|
|
|
|
//prepare the uuids
|
|
$this->user_uuid = uuid();
|
|
$this->contact_uuid = uuid();
|
|
|
|
//build user insert array
|
|
$array['users'][0]['user_uuid'] = $this->user_uuid;
|
|
$array['users'][0]['domain_uuid'] = $this->domain_uuid;
|
|
$array['users'][0]['contact_uuid'] = $this->contact_uuid;
|
|
$array['users'][0]['username'] = strtolower($this->username);
|
|
$array['users'][0]['password'] = md5($salt.$password);
|
|
$array['users'][0]['salt'] = $salt;
|
|
$array['users'][0]['add_date'] = now();
|
|
$array['users'][0]['add_user'] = strtolower($this->username);
|
|
$array['users'][0]['user_enabled'] = 'true';
|
|
|
|
//build user group insert array
|
|
$array['user_groups'][0]['user_group_uuid'] = uuid();
|
|
$array['user_groups'][0]['domain_uuid'] = $this->domain_uuid;
|
|
$array['user_groups'][0]['group_name'] = 'user';
|
|
$array['user_groups'][0]['user_uuid'] = $this->user_uuid;
|
|
|
|
//grant temporary permissions
|
|
$p = permissions::new();
|
|
$p->add('user_add', 'temp');
|
|
$p->add('user_group_add', 'temp');
|
|
|
|
//execute insert
|
|
$database = new database;
|
|
$database->app_name = 'authentication';
|
|
$database->app_uuid = 'a8a12918-69a4-4ece-a1ae-3932be0e41f1';
|
|
$database->save($array);
|
|
unset($array);
|
|
|
|
//revoke temporary permissions
|
|
$p->delete('user_add', 'temp');
|
|
$p->delete('user_group_add', 'temp');
|
|
}
|
|
unset($sql, $parameters, $row);
|
|
}
|
|
|
|
//result array
|
|
$result["ldap"]["plugin"] = "ldap";
|
|
$result["ldap"]["domain_name"] = $this->domain_name;
|
|
$result["ldap"]["username"] = $this->username;
|
|
if ($this->debug) {
|
|
$result["ldap"]["password"] = $this->password;
|
|
}
|
|
$result["ldap"]["user_uuid"] = $this->user_uuid;
|
|
$result["ldap"]["domain_uuid"] = $this->domain_uuid;
|
|
$result["ldap"]["authorized"] = $user_authorized ? true : false;
|
|
return $result;
|
|
}
|
|
}
|