diff options
| -rw-r--r-- | inc/auth/ldap.class.php | 407 | ||||
| -rw-r--r-- | inc/auth/ldap.php | 293 | ||||
| -rw-r--r-- | inc/auth/mysql.class.php | 231 | ||||
| -rw-r--r-- | inc/auth/mysql.php | 196 | ||||
| -rw-r--r-- | inc/auth/plain.class.php | 12 | ||||
| -rw-r--r-- | inc/auth/plain.php | 120 |
6 files changed, 527 insertions, 732 deletions
diff --git a/inc/auth/ldap.class.php b/inc/auth/ldap.class.php new file mode 100644 index 000000000..cfaf93ca7 --- /dev/null +++ b/inc/auth/ldap.class.php @@ -0,0 +1,407 @@ +<?php +/** + * auth/basic.class.php + * + * foundation authorisation class + * all auth classes should inherit from this class + * + * @author Chris Smith <chris@jalakaic.co.uk> + */ + +class auth_ldap extends auth_basic { + var $cnf = null; + var $con = null; + + /** + * Constructor + */ + function auth_ldap(){ + global $conf; + $this->cnf = $conf['auth']['ldap']; + } + + + /** + * Check user+password + * + * Checks if the given user exists and the given + * plaintext password is correct by trying to bind + * to the LDAP server + * + * @author Andreas Gohr <andi@splitbrain.org> + * @return bool + */ + function checkPass($user,$pass){ + // reject empty password + if(empty($pass)) return false; + if(!$this->_openLDAP()) return false; + + // indirect user bind + if($this->cnf['binddn'] && $this->cnf['bindpw']){ + // use superuser credentials + if(!@ldap_bind($this->con,$this->cnf['binddn'],$this->cnf['bindpw'])){ + if($this->cnf['debug']) + msg('LDAP errstr: '.htmlspecialchars(ldap_error($this->con)),0); + return false; + } + + }else if($this->cnf['binddn'] && + $this->cnf['usertree'] && + $this->cnf['userfilter']) { + // special bind string + $dn = $this->_makeFilter($this->cnf['binddn'], + array('user'=>$user,'server'=>$this->cnf['server'])); + + }else if(strpos($cnf['usertree'], '%{user}')) { + // direct user bind + $dn = $this->_makeFilter($this->cnf['usertree'], + array('user'=>$user,'server'=>$this->cnf['server'])); + + }else{ + // Anonymous bind + if(!@ldap_bind($this->con)){ + msg("LDAP: can not bind anonymously",-1); + if($this->cnf['debug']) + msg('LDAP errstr: '.htmlspecialchars(ldap_error($this->con)),0); + return false; + } + } + + // Try to bind to with the dn if we have one. + if(!empty($dn)) { + // User/Password bind + if(!@ldap_bind($this->con,$dn,$pass)){ + if($this->cnf['debug']){ + msg("LDAP: bind with $dn failed", -1); + msg('LDAP errstr: '.htmlspecialchars(ldap_error($this->con)),0); + } + return false; + } + return true; + }else{ + // See if we can find the user + $info = $this->getUserData($user); + if(empty($info['dn'])) { + return false; + } else { + $dn = $info['dn']; + } + + // Try to bind with the dn provided + if(!@ldap_bind($this->con,$dn,$pass)){ + if($this->cnf['debug']){ + msg("LDAP: bind with $dn failed", -1); + msg('LDAP errstr: '.htmlspecialchars(ldap_error($this->con)),0); + } + return false; + } + return true; + } + + return false; + } + + /** + * Return user info [ MUST BE OVERRIDDEN ] + * + * Returns info about the given user needs to contain + * at least these fields: + * + * name string full name of the user + * mail string email addres of the user + * grps array list of groups the user is in + * + * This LDAP specific function returns the following + * addional fields: + * + * dn string distinguished name (DN) + * uid string Posix User ID + * + * @author Andreas Gohr <andi@splitbrain.org> + * @author Trouble + * @author Dan Allen <dan.j.allen@gmail.com> + * @auhtor <evaldas.auryla@pheur.org> + * @return array containing user data or false + */ + function getUserData($user) { + global $conf; + if(!$this->_openLDAP()) return false; + + $info['user'] = $user; + $info['server'] = $this->cnf['server']; + + //get info for given user + $base = $this->_makeFilter($this->cnf['usertree'], $info); + if(!empty($this->cnf['userfilter'])) { + $filter = $this->_makeFilter($this->cnf['userfilter'], $info); + } else { + $filter = "(ObjectClass=*)"; + } + + $sr = @ldap_search($this->con, $base, $filter); + $result = @ldap_get_entries($this->con, $sr); + if($this->cnf['debug']) + msg('LDAP errstr: '.htmlspecialchars(ldap_error($this->con)),0); + + // Don't accept more or less than one response + if($result['count'] != 1){ + return false; //user not found + } + + $user_result = $result[0]; + ldap_free_result($sr); + + // general user info + $info['dn'] = $user_result['dn']; + $info['mail'] = $user_result['mail'][0]; + $info['name'] = $user_result['cn'][0]; + $info['grps'] = array(); + + // overwrite if other attribs are specified. + if(is_array($this->cnf['mapping'])){ + foreach($this->cnf['mapping'] as $localkey => $key) { + if(is_array($key)) { + // use regexp to clean up user_result + list($key, $regexp) = each($key); + foreach($user_result[$key] as $grp){ + if (preg_match($regexp,$grp,$match)) { + if($localkey == 'grps') { + $info[$localkey][] = $match[1]; + } else { + $info[$localkey] = $match[1]; + } + } + } + } else { + $info[$localkey] = $user_result[$key][0]; + } + } + } + $user_result = array_merge($info,$user_result); + + //get groups for given user if grouptree is given + if ($this->cnf['grouptree'] && $this->cnf['groupfilter']) { + $base = $this->_makeFilter($this->cnf['grouptree'], $user_result); + $filter = $this->_makeFilter($this->cnf['groupfilter'], $user_result); + + $sr = @ldap_search($this->con, $base, $filter, array('cn')); + if(!$sr){ + msg("LDAP: Reading group memberships failed",-1); + if($this->cnf['debug']) + msg('LDAP errstr: '.htmlspecialchars(ldap_error($this->con)),0); + return false; + } + $result = ldap_get_entries($this->con, $sr); + ldap_free_result($sr); + + foreach($result as $grp){ + if(!empty($grp['cn'][0])) $info['grps'][] = $grp['cn'][0]; + } + } + + // always add the default group to the list of groups + if(!in_array($conf['defaultgroup'],$info['grps'])){ + $info['grps'][] = $conf['defaultgroup']; + } + + return $info; + } + + /** + * Create a new User [implement only where required/possible] + * + * Returns false if the user already exists, null when an error + * occured and the cleartext password of the new user if + * everything went well. + * + * The new user HAS TO be added to the default group by this + * function! + * + * @author Andreas Gohr <andi@splitbrain.org> + */ +# function createUser($user,$pass,$name,$mail,$grps=null){ +# +# msg("authorisation method does not allow creation of new users", -1); +# return null; +# } + + /** + * Modify user data [implement only where required/possible] + * + * @author Chris Smith <chris@jalakai.co.uk> + * @param $user nick of the user to be changed + * @param $changes array of field/value pairs to be changed (password will be clear text) + * @return bool + */ +# function modifyUser($user, $changes) { +# msg("authorisation method does not allow modifying of user data", -1); +# return false; +# } + + /** + * Delete one or more users [implement only where required/possible] + * + * @author Chris Smith <chris@jalakai.co.uk> + * @param array $users + * @return int number of users deleted + */ +# function deleteUsers($users) { +# msg("authorisation method does not allow deleting of users", -1); +# return false; +# } + + /** + * Return a count of the number of user which meet $filter criteria + * [should be implemented whenever retrieveUsers is implemented] + * + * @author Chris Smith <chris@jalakai.co.uk> + */ +# function getUserCount($filter=array()) { +# +# msg("authorisation method does not provide user counts", -1); +# return 0; +# } + + /** + * Bulk retrieval of user data [implement only where required/possible] + * + * @author Chris Smith <chris@jalakai.co.uk> + * @param start index of first user to be returned + * @param limit max number of users to be returned + * @param filter array of field/pattern pairs, null for no filter + * @return array of userinfo (refer getUserData for internal userinfo details) + */ +# function retrieveUsers($start=0,$limit=-1,$filter=null) { +# msg("authorisation method does not support mass retrieval of user data", -1); +# return array(); +# } + + /** + * Define a group [implement only where required/possible] + * + * @author Chris Smith <chris@jalakai.co.uk> + * @return bool + */ +# function addGroup($group) { +# msg("authorisation method does not support independent group creation", -1); +# return false; +# } + + /** + * Retrieve groups [implement only where required/possible] + * + * @author Chris Smith <chris@jalakai.co.uk> + * @return array + */ +# function retrieveGroups($start=0,$limit=0) { +# msg("authorisation method does not support group list retrieval", -1); +# return array(); +# } + + /** + * Give user membership of a group [implement only where required/possible] + * + * @author Chris Smith <chris@jalakai.co.uk> + * @return bool + */ +# function joinGroup($user, $group) { +# msg("authorisation method does not support alteration of group memberships", -1); +# return false; +# } + + /** + * Remove user from a group [implement only where required/possible] + * + * @author Chris Smith <chris@jalakai.co.uk> + * @return bool + */ +# function leaveGroup($user, $group) { +# msg("authorisation method does not support alteration of group memberships", -1); +# return false; +# } + + /** + * Make LDAP filter strings. + * + * Used by auth_getUserData to make the filter + * strings for grouptree and groupfilter + * + * filter string ldap search filter with placeholders + * placeholders array array with the placeholders + * + * @author Troels Liebe Bentsen <tlb@rapanden.dk> + * @return string + */ + function _makeFilter($filter, $placeholders) { + preg_match_all("/%{([^}]+)/", $filter, $matches, PREG_PATTERN_ORDER); + //replace each match + foreach ($matches[1] as $match) { + //take first element if array + if(is_array($placeholders[$match])) { + $value = $placeholders[$match][0]; + } else { + $value = $placeholders[$match]; + } + $filter = str_replace('%{'.$match.'}', $value, $filter); + } + return $filter; + } + + /** + * Opens a connection to the configured LDAP server and sets the wnated + * option on the connection + * + * @author Andreas Gohr <andi@splitbrain.org> + */ + function _openLDAP(){ + if($this->con) return true; // connection already established + + if(!$this->cnf['port']) $port = 636; + $this->con = @ldap_connect($this->cnf['server'],$this->cnf['port']); + if(!$this->con){ + msg("LDAP: couldn't connect to LDAP server",-1); + return false; + } + + //set protocol version and dependend options + if($this->cnf['version']){ + if(!@ldap_set_option($this->con, LDAP_OPT_PROTOCOL_VERSION, + $this->cnf['version'])){ + msg('Setting LDAP Protocol version '.$this->cnf['version'].' failed',-1); + if($this->cnf['debug']) + msg('LDAP errstr: '.htmlspecialchars(ldap_error($this->con)),0); + }else{ + //use TLS (needs version 3) + if($this->cnf['starttls']) { + if (!@ldap_start_tls($this->con)){ + msg('Starting TLS failed',-1); + if($this->cnf['debug']) + msg('LDAP errstr: '.htmlspecialchars(ldap_error($this->con)),0); + } + } + // needs version 3 + if(isset($this->cnf['referrals'])) { + if(!@ldap_set_option($this->con, LDAP_OPT_REFERRALS, + $this->cnf['referrals'])){ + msg('Setting LDAP referrals to off failed',-1); + if($this->cnf['debug']) + msg('LDAP errstr: '.htmlspecialchars(ldap_error($this->con)),0); + } + } + } + } + + //set deref mode + if($this->cnf['deref']){ + if(!@ldap_set_option($this->con, LDAP_OPT_DEREF, $this->cnf['deref'])){ + msg('Setting LDAP Deref mode '.$this->cnf['deref'].' failed',-1); + if($this->cnf['debug']) + msg('LDAP errstr: '.htmlspecialchars(ldap_error($this->con)),0); + } + } + + return true; + } +} + +//Setup VIM: ex: et ts=4 enc=utf-8 : diff --git a/inc/auth/ldap.php b/inc/auth/ldap.php deleted file mode 100644 index e4a43835a..000000000 --- a/inc/auth/ldap.php +++ /dev/null @@ -1,293 +0,0 @@ -<?php -/** - * LDAP authentication backend - * - * tested with openldap 2.x on Debian only - * - * PHPs LDAP extension is needed - * - * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) - * @author Andreas Gohr <andi@splitbrain.org> - */ - -//check for LDAP extension on load -if(!function_exists('ldap_connect')) - msg("LDAP extension not found",-1); - -/** - * Connect to the LDAP server - * - * Holds the connection in global scope for multiple use - * - * @author Andreas Gohr <andi@splitbrain.org> - */ -function auth_ldap_connect(){ - global $LDAP_CONNECTION; - global $conf; - $cnf = $conf['auth']['ldap']; - - if(!$LDAP_CONNECTION){ - $LDAP_CONNECTION = @ldap_connect($cnf['server']); - if(!$LDAP_CONNECTION){ - msg("LDAP: couldn't connect to LDAP server",-1); - return false; - } - //set protocol version - if($cnf['version']){ - if(!@ldap_set_option($LDAP_CONNECTION, - LDAP_OPT_PROTOCOL_VERSION, - $cnf['version'])){ - msg('Setting LDAP Protocol version '.$cnf['version'].' failed',-1); - if($cnf['debug']) - msg('LDAP errstr: '.htmlspecialchars(ldap_error($LDAP_CONNECTION)),0); - - } else { - //use TLS (needs version 3) - if($cnf['starttls']) { - if (!@ldap_start_tls($LDAP_CONNECTION)){ - msg('Starting TLS failed',-1); - if($cnf['debug']) - msg('LDAP errstr: '.htmlspecialchars(ldap_error($LDAP_CONNECTION)),0); - } - } - // needs version 3 - if(isset($cnf['referrals'])) { - if(!@ldap_set_option($LDAP_CONNECTION, - LDAP_OPT_REFERRALS, - $cnf['referrals'])){ - msg('Setting LDAP referrals to off failed',-1); - if($cnf['debug']) - msg('LDAP errstr: '.htmlspecialchars(ldap_error($LDAP_CONNECTION)),0); - } - } - } - } - //set deref mode - if($cnf['deref']){ - if(!@ldap_set_option($LDAP_CONNECTION, - LDAP_OPT_DEREF, - $cnf['deref'])){ - msg('Setting LDAP Deref mode '.$cnf['deref']. 'failed',-1); - if($cnf['debug']) - msg('LDAP errstr: '.htmlspecialchars(ldap_error($LDAP_CONNECTION)),0); - } - } - } - return $LDAP_CONNECTION; -} - -/** - * Check user+password [required auth function] - * - * Checks if the given user exists and the given - * plaintext password is correct by trying to bind - * to the LDAP server - * - * @author Andreas Gohr <andi@splitbrain.org> - * @return bool - */ -function auth_checkPass($user,$pass){ - global $conf; - $cnf = $conf['auth']['ldap']; - - //reject empty password - if(empty($pass)) return false; - - //connect to LDAP Server - $conn = auth_ldap_connect(); - if(!$conn) return false; - - // indirect user bind - if(!empty($cnf['binddn']) and !empty($cnf['bindpw'])) { - //use superuser credentials - if(!@ldap_bind($conn,$cnf['binddn'],$cnf['bindpw'])){ - if($cnf['debug']) msg('LDAP errstr: '.htmlspecialchars(ldap_error($conn)),0); - return false; - } - - // special bind string - } else if(!empty($cnf['binddn']) and !empty($cnf['usertree']) and !empty($cnf['userfilter'])) { - $dn = auth_ldap_makeFilter($cnf['binddn'], array('user'=>$user,'server'=>$cnf['server'])); - - // direct user bind - } else if(strpos($cnf['usertree'], '%{user}')) { - $dn = auth_ldap_makeFilter($cnf['usertree'], array('user'=>$user,'server'=>$cnf['server'])); - - // Anonymous bind - } else { - if(!@ldap_bind($conn)){ - msg("LDAP: can not bind anonymously",-1); - if($cnf['debug']) msg('LDAP errstr: '.htmlspecialchars(ldap_error($conn)),0); - return false; - } - } - - // Try to bind to with the dn if we have one. - if(!empty($dn)) { - // User/Password bind - if(!@ldap_bind($conn,$dn,$pass)){ - if($cnf['debug']) msg('LDAP errstr: '.htmlspecialchars(ldap_error($conn)),0); - return false; - } - return true; - } else { - // See if we can find the user - $info = auth_getUserData($user); - if(empty($info['dn'])) { - return false; - } else { - $dn = $info['dn']; - } - // Try to bind with the dn provided - if(!@ldap_bind($conn,$dn,$pass)){ - if($cnf['debug']) msg('LDAP errstr: '.htmlspecialchars(ldap_error($conn)),0); - return false; - } - return true; - } - - return false; -} - -/** - * Return user info [required auth function] - * - * Returns info about the given user needs to contain - * at least these fields: - * - * name string full name of the user - * mail string email addres of the user - * grps array list of groups the user is in - * - * This LDAP specific function returns the following - * addional fields: - * - * dn string distinguished name (DN) - * uid string Posix User ID - * - * @author Andreas Gohr <andi@splitbrain.org> - * @author Trouble - * @author Dan Allen <dan.j.allen@gmail.com> - * @auhtor <evaldas.auryla@pheur.org> - */ -function auth_getUserData($user){ - global $conf; - $cnf = $conf['auth']['ldap']; - - //connect to LDAP Server - $conn = auth_ldap_connect(); - if(!$conn) return false; - - $info['user']= $user; - $info['server']= $cnf['server']; - - //get info for given user - $base = auth_ldap_makeFilter($cnf['usertree'], $info); - if(!empty($cnf['userfilter'])) { - $filter = auth_ldap_makeFilter($cnf['userfilter'], $info); - } else { - $filter = "(ObjectClass=*)"; - } - - $sr = @ldap_search($conn, $base, $filter); - $result = @ldap_get_entries($conn, $sr); - if($cnf['debug']) msg('LDAP errstr: '.htmlspecialchars(ldap_error($conn)),0); - - // Don't accept more or less than one response - if($result['count'] != 1){ - return false; //user not found - } - - $user_result = $result[0]; - - //general user info - $info['dn']= $user_result['dn']; - $info['mail']= $user_result['mail'][0]; - $info['name']= $user_result['cn'][0]; - - #overwrite if other attribs are specified. - if(is_array($cnf['mapping'])){ - foreach($cnf['mapping'] as $localkey => $key) { - if(is_array($key)) { - //use regexp to clean up user_result - list($key, $regexp) = each($key); - foreach($user_result[$key] as $grp){ - if (preg_match($regexp,$grp,$match)) { - if($localkey == 'grps') { - $info[$localkey][] = $match[1]; - } else { - $info[$localkey] = $match[1]; - } - } - } - } else { - $info[$localkey] = $user_result[$key][0]; - } - } - } - - //get groups for given user if grouptree is given - if (!empty($cnf['grouptree'])) { - $base = auth_ldap_makeFilter($cnf['grouptree'], $user_result); - $filter = auth_ldap_makeFilter($cnf['groupfilter'], $user_result); - - $sr = @ldap_search($conn, $base, $filter); - if(!$sr){ - msg("LDAP: Reading group memberships failed",-1); - if($cnf['debug']) msg('LDAP errstr: '.htmlspecialchars(ldap_error($conn)),0); - return false; - } - $result = ldap_get_entries($conn, $sr); - foreach($result as $grp){ - if(!empty($grp['cn'][0])) - $info['grps'][] = $grp['cn'][0]; - } - } - - //if no groups were found always return the default group - if(!count($info['grps'])) $info['grps'][] = $conf['defaultgroup']; - - return $info; -} - -/** - * Create a new User [required auth function] - * - * Not implemented - * - * @author Andreas Gohr <andi@splitbrain.org> - */ -function auth_createUser($user,$pass,$name,$mail){ - msg("Sorry. Creating users is not supported by the LDAP backend",-1); - return null; -} - - -/** - * Make ldap filter strings. - * - * Used by auth_getUserData to make the filter - * strings for grouptree and groupfilter - * - * filter string ldap search filter with placeholders - * placeholders array array with the placeholders - * - * @author Troels Liebe Bentsen <tlb@rapanden.dk> - * @return string - */ -function auth_ldap_makeFilter($filter, $placeholders) { - preg_match_all("/%{([^}]+)/", $filter, $matches, PREG_PATTERN_ORDER); - //replace each match - foreach ($matches[1] as $match) { - //take first element if array - if(is_array($placeholders[$match])) { - $value = $placeholders[$match][0]; - } else { - $value = $placeholders[$match]; - } - $filter = str_replace('%{'.$match.'}', $value, $filter); - } - return $filter; -} - -//Setup VIM: ex: et ts=2 enc=utf-8 : diff --git a/inc/auth/mysql.class.php b/inc/auth/mysql.class.php index 8fdb16122..5017d5b83 100644 --- a/inc/auth/mysql.class.php +++ b/inc/auth/mysql.class.php @@ -42,8 +42,6 @@ class auth_mysql extends auth_basic { } /** - * [public function] - * * Checks if the given user exists and the given plaintext password * is correct. Furtheron it might be checked wether the user is * member of the right group @@ -61,11 +59,11 @@ class auth_mysql extends auth_basic { function checkPass($user,$pass){ $rc = false; - if($this->openDB()) { - $sql = str_replace('%u',addslashes($user),$this->cnf['checkPass']); - $sql = str_replace('%p',addslashes($pass),$sql); - $sql = str_replace('%g',addslashes($this->defaultgroup),$sql); - $result = $this->queryDB($sql); + if($this->_openDB()) { + $sql = str_replace('%{user}',addslashes($user),$this->cnf['checkPass']); + $sql = str_replace('%{pass}',addslashes($pass),$sql); + $sql = str_replace('%{dgroup}',addslashes($this->defaultgroup),$sql); + $result = $this->_queryDB($sql); if($result !== false && count($result) == 1) { if($this->cnf['encryptPass'] == 1) @@ -73,7 +71,7 @@ class auth_mysql extends auth_basic { else $rc = auth_verifyPassword($pass,$result[0]['pass']); } - $this->closeDB(); + $this->_closeDB(); } return $rc; } @@ -93,11 +91,11 @@ class auth_mysql extends auth_basic { * @author Matthias Grimm <matthiasgrimm@users.sourceforge.net> */ function getUserData($user){ - if($this->openDB()) { - $this->lockTables("READ"); - $info = $this->getUserInfo($user); - $this->unlockTables(); - $this->closeDB(); + if($this->_openDB()) { + $this->_lockTables("READ"); + $info = $this->_getUserInfo($user); + $this->_unlockTables(); + $this->_closeDB(); } else $info = false; return $info; @@ -124,19 +122,19 @@ class auth_mysql extends auth_basic { * @author Matthias Grimm <matthiasgrimm@users.sourceforge.net> */ function createUser($user,$pwd,$name,$mail,$grps=null){ - if($this->openDB()) { - if (($info = $this->getUserInfo($user)) !== false) + if($this->_openDB()) { + if (($info = $this->_getUserInfo($user)) !== false) return false; // user already exists // set defaultgroup if no groups were given if ($grps == null) $grps = array($this->defaultgroup); - $this->lockTables("WRITE"); + $this->_lockTables("WRITE"); $pwd = $this->cnf['encryptPass'] ? $pwd : auth_cryptPassword($pwd); - $rc = $this->addUser($user,$pwd,$name,$mail,$grps); - $this->unlockTables(); - $this->closeDB(); + $rc = $this->_addUser($user,$pwd,$name,$mail,$grps); + $this->_unlockTables(); + $this->_closeDB(); if ($rc) return $pwd; } return null; // return error @@ -164,9 +162,9 @@ class auth_mysql extends auth_basic { if (!is_array($changes) || !count($changes)) return true; // nothing to change - if($this->openDB()) { - $this->lockTables("WRITE"); - if (($info = $this->getUserInfo($user)) !== false) { + if($this->_openDB()) { + $this->_lockTables("WRITE"); + if (($info = $this->_getUserInfo($user)) !== false) { $newuser = $user; foreach ($changes as $field => $value) { if ($field == 'user') @@ -176,14 +174,14 @@ class auth_mysql extends auth_basic { $info[$field] = $value; // update user record } - $rc = $this->delUser($user); // remove user from database + $rc = $this->_delUser($user); // remove user from database if ($rc) - $rc = $this->addUser($newuser,$info['pass'],$info['name'],$info['mail'],$info['grps']); + $rc = $this->_addUser($newuser,$info['pass'],$info['name'],$info['mail'],$info['grps']); if (!$rc) msg($lang['modUserFailed'], -1); } - $this->unlockTables(); - $this->closeDB(); + $this->_unlockTables(); + $this->_closeDB(); } return $rc; } @@ -202,16 +200,16 @@ class auth_mysql extends auth_basic { function deleteUsers($users) { $count = 0; - if($this->openDB()) { - if (is_array($users) && !empty($users)) { - $this->lockTables("WRITE"); + if($this->_openDB()) { + if (is_array($users) && count($users)) { + $this->_lockTables("WRITE"); foreach ($users as $user) { - if ($this->delUser($user)) + if ($this->_delUser($user)) $count++; } - $this->unlockTables(); + $this->_unlockTables(); } - $this->closeDB(); + $this->_closeDB(); } return $count; } @@ -229,12 +227,12 @@ class auth_mysql extends auth_basic { function getUserCount($filter=array()) { $rc = 0; - if($this->openDB()) { - $sql = $this->createSQLFilter($this->cnf['getUsers'], $filter); - $result = $this->queryDB($sql); + if($this->_openDB()) { + $sql = $this->_createSQLFilter($this->cnf['getUsers'], $filter); + $result = $this->_queryDB($sql); if ($result) $rc = count($result); - $this->closeDB(); + $this->_closeDB(); } return $rc; } @@ -256,14 +254,14 @@ class auth_mysql extends auth_basic { $i = 0; $count = 0; - if($this->openDB()) { - $this->lockTables("READ"); - $sql = $this->createSQLFilter($this->cnf['getUsers'], $filter)." ".$this->cnf['SortOrder']; - $result = $this->queryDB($sql); + if($this->_openDB()) { + $this->_lockTables("READ"); + $sql = $this->_createSQLFilter($this->cnf['getUsers'], $filter)." ".$this->cnf['SortOrder']; + $result = $this->_queryDB($sql); if ($result) { foreach ($result as $user) { if ($i++ >= $start) { - $info = $this->getUserInfo($user['user']); + $info = $this->_getUserInfo($user['user']); if ($info) { $out[$user['user']] = $info; if (($limit > 0) && (++$count >= $limit)) break; @@ -271,8 +269,8 @@ class auth_mysql extends auth_basic { } } } - $this->unlockTables(); - $this->closeDB(); + $this->_unlockTables(); + $this->_closeDB(); } return $out; } @@ -291,11 +289,11 @@ class auth_mysql extends auth_basic { function joinGroup($user, $group) { $rc = false; - if($this->openDB()) { - $this->lockTables("WRITE"); - $rc = addUserToGroup($user, $group); - $this->unlockTables(); - $this->closeDB(); + if($this->_openDB()) { + $this->_lockTables("WRITE"); + $rc = _addUserToGroup($user, $group); + $this->_unlockTables(); + $this->_closeDB(); } return $rc; } @@ -314,22 +312,22 @@ class auth_mysql extends auth_basic { function leaveGroup($user, $group) { $rc = false; - if($this->openDB()) { - $this->lockTables("WRITE"); + if($this->_openDB()) { + $this->_lockTables("WRITE"); - $uid = $this->getUserID($user); + $uid = $this->_getUserID($user); if ($uid) { - $gid = $this->getGroupID($group); + $gid = $this->_getGroupID($group); if ($gid) { - $sql = str_replace('%uid',addslashes($uid),$this->cnf['delUserGroup']); - $sql = str_replace('%u' ,addslashes($user),$sql); - $sql = str_replace('%gid',addslashes($gid),$sql); - $sql = str_replace('%g' ,addslashes($group),$sql); - $rc = $this->modifyDB($sql) == 0 ? true : false; + $sql = str_replace('%{uid}', addslashes($uid),$this->cnf['delUserGroup']); + $sql = str_replace('%{user}', addslashes($user),$sql); + $sql = str_replace('%{gid}', addslashes($gid),$sql); + $sql = str_replace('%{group}',addslashes($group),$sql); + $rc = $this->_modifyDB($sql) == 0 ? true : false; } } - $this->unlochTables(); - $this->closeDB(); + $this->_unlockTables(); + $this->_closeDB(); } return $rc; } @@ -350,32 +348,32 @@ class auth_mysql extends auth_basic { * * @author Matthias Grimm <matthiasgrimm@users.sourceforge.net> */ - function addUserToGroup($user, $group, $force=0) { + function _addUserToGroup($user, $group, $force=0) { $newgroup = 0; - if($this->dbcon) { - $uid = $this->getUserID($user); + if($this->_dbcon) { + $uid = $this->_getUserID($user); if ($uid) { - $gid = $this->getGroupID($group); + $gid = $this->_getGroupID($group); if (!$gid) { if ($force) { // create missing groups $sql = str_replace('%g',addslashes($group),$this->cnf['addGroup']); - $gid = $this->modifyDB($sql); + $gid = $this->_modifyDB($sql); $newgroup = 1; // group newly created } if (!$gid) return false; // group didm't exist and can't be created } - $sql = str_replace('%uid',addslashes($uid),$this->cnf['addUserGroup']); - $sql = str_replace('%u' ,addslashes($user),$sql); - $sql = str_replace('%gid',addslashes($gid),$sql); - $sql = str_replace('%g' ,addslashes($group),$sql); - if ($this->modifyDB($sql) !== false) return true; + $sql = str_replace('%{uid}', addslashes($uid),$this->cnf['addUserGroup']); + $sql = str_replace('%{user}', addslashes($user),$sql); + $sql = str_replace('%{gid}', addslashes($gid),$sql); + $sql = str_replace('%{group}',addslashes($group),$sql); + if ($this->_modifyDB($sql) !== false) return true; if ($newgroup) { // remove previously created group on error - $sql = str_replace('%gid',addslashes($gid),$this->cnf['delGroup']); - $sql = str_replace('%g' ,addslashes($group),$sql); - $this->modifyDB($sql); + $sql = str_replace('%{gid}', addslashes($gid),$this->cnf['delGroup']); + $sql = str_replace('%{group}',addslashes($group),$sql); + $this->_modifyDB($sql); } } } @@ -395,12 +393,12 @@ class auth_mysql extends auth_basic { * * @author Matthias Grimm <matthiasgrimm@users.sourceforge.net> */ - function getGroups($user) { + function _getGroups($user) { $groups = array(); - if($this->dbcon) { + if($this->_dbcon) { $sql = str_replace('%u',addslashes($user),$this->cnf['getGroups']); - $result = $this->queryDB($sql); + $result = $this->_queryDB($sql); if(count($result)) { foreach($result as $row) @@ -423,10 +421,10 @@ class auth_mysql extends auth_basic { * * @author Matthias Grimm <matthiasgrimm@users.sourceforge.net> */ - function getUserID($user) { - if($this->dbcon) { + function _getUserID($user) { + if($this->_dbcon) { $sql = str_replace('%u',addslashes($user),$this->cnf['getUserID']); - $result = $this->queryDB($sql); + $result = $this->_queryDB($sql); return $result === false ? false : $result[0]['id']; } return false; @@ -439,7 +437,7 @@ class auth_mysql extends auth_basic { * for this function to work. Otherwise it will return * 'false'. * - * @param $user nick of the user + * @param $user login of the user * @param $pwd encrypted password * @param $name full name of the user * @param $mail email address @@ -450,17 +448,17 @@ class auth_mysql extends auth_basic { * @author Chris Smith <chris@jalakai.co.uk> * @author Matthias Grimm <matthiasgrimm@users.sourceforge.net> */ - function addUser($user,$pwd,$name,$mail,$grps){ - if($this->dbcon && is_array($grps)) { - $sql = str_replace('%u' ,addslashes($user),$this->cnf['addUser']); - $sql = str_replace('%p' ,addslashes($pwd),$sql); - $sql = str_replace('%n' ,addslashes($name),$sql); - $sql = str_replace('%e' ,addslashes($mail),$sql); - $uid = $this->modifyDB($sql); + function _addUser($user,$pwd,$name,$mail,$grps){ + if($this->_dbcon && is_array($grps)) { + $sql = str_replace('%{user}', addslashes($user),$this->cnf['addUser']); + $sql = str_replace('%{pass}', addslashes($pwd),$sql); + $sql = str_replace('%{name}', addslashes($name),$sql); + $sql = str_replace('%{email}',addslashes($mail),$sql); + $uid = $this->_modifyDB($sql); if ($uid) { foreach($grps as $group) { - $gid = $this->addUserToGroup($user, $group, 1); + $gid = $this->_addUserToGroup($user, $group, 1); if ($gid === false) break; } @@ -471,9 +469,9 @@ class auth_mysql extends auth_basic { * and won't be removed. This might create orphaned groups but * is not a big issue so we ignore this problem here. */ - $this->delUser($user); - $text = str_replace('%u' ,addslashes($user),$this->cnf['joinGroupFailed']); - $text = str_replace('%g' ,addslashes($group),$text); + $this->_delUser($user); + $text = str_replace('%u',addslashes($user),$this->cnf['joinGroupFailed']); + $text = str_replace('%g',addslashes($group),$text); msg($text, -1); } } @@ -493,15 +491,15 @@ class auth_mysql extends auth_basic { * * @author Matthias Grimm <matthiasgrimm@users.sourceforge.net> */ - function delUser($user) { - if($this->dbcon) { - $uid = $this->getUserID($user); + function _delUser($user) { + if($this->_dbcon) { + $uid = $this->_getUserID($user); if ($uid) { - $sql = str_replace('%uid',addslashes($uid),$this->cnf['delUser']); - $sql = str_replace('%u', addslashes($user),$sql); - $this->modifyDB($sql); - $sql = str_replace('%uid',addslashes($uid),$this->cnf['delUserRefs']); - $this->modifyDB($sql); + $sql = str_replace('%{uid}',addslashes($uid),$this->cnf['delUser']); + $sql = str_replace('%{user}', addslashes($user),$sql); + $this->_modifyDB($sql); + $sql = str_replace('%{uid}',addslashes($uid),$this->cnf['delUserRefs']); + $this->_modifyDB($sql); return true; } } @@ -521,12 +519,12 @@ class auth_mysql extends auth_basic { * * @author Matthias Grimm <matthiasgrimm@users.sourceforge.net> */ - function getUserInfo($user){ - $sql = str_replace('%u',addslashes($user),$this->cnf['getUserInfo']); - $result = $this->queryDB($sql); + function _getUserInfo($user){ + $sql = str_replace('%{user}',addslashes($user),$this->cnf['getUserInfo']); + $result = $this->_queryDB($sql); if(count($result)) { $info = $result[0]; - $info['grps'] = $this->getGroups($user); + $info['grps'] = $this->_getGroups($user); return $info; } return false; @@ -544,10 +542,10 @@ class auth_mysql extends auth_basic { * * @author Matthias Grimm <matthiasgrimm@users.sourceforge.net> */ - function getGroupID($group) { + function _getGroupID($group) { if($this->dbcon) { - $sql = str_replace('%g',addslashes($group),$this->cnf['getGroupID']); - $result = $this->queryDB($sql); + $sql = str_replace('%{group}',addslashes($group),$this->cnf['getGroupID']); + $result = $this->_queryDB($sql); return $result === false ? false : $result[0]['id']; } return false; @@ -562,7 +560,7 @@ class auth_mysql extends auth_basic { * * @author Matthias Grimm <matthiasgrimm@users.sourceforge.net> */ - function openDB() { + function _openDB() { global $lang; if (!$this->dbcon) { @@ -591,7 +589,7 @@ class auth_mysql extends auth_basic { * * @author Matthias Grimm <matthiasgrimm@users.sourceforge.net> */ - function closeDB() { + function _closeDB() { if ($this->dbcon) { mysql_close ($this->dbcon); $this->dbcon = 0; @@ -610,7 +608,7 @@ class auth_mysql extends auth_basic { * * @author Matthias Grimm <matthiasgrimm@users.sourceforge.net> */ - function queryDB($query) { + function _queryDB($query) { if ($this->dbcon) { $result = @mysql_query($query,$this->dbcon); if ($result) { @@ -635,7 +633,7 @@ class auth_mysql extends auth_basic { * * @author Matthias Grimm <matthiasgrimm@users.sourceforge.net> */ - function modifyDB($query) { + function _modifyDB($query) { if ($this->dbcon) { $result = @mysql_query($query,$this->dbcon); if ($result) { @@ -665,7 +663,7 @@ class auth_mysql extends auth_basic { * * @author Matthias Grimm <matthiasgrimm@users.sourceforge.net> */ - function lockTables($mode) { + function _lockTables($mode) { if ($this->dbcon) { if (is_array($this->cnf['TablesToLock']) && !empty($this->cnf['TablesToLock'])) { if ($mode == "READ" || $mode == "WRITE") { @@ -689,7 +687,7 @@ class auth_mysql extends auth_basic { * * @author Matthias Grimm <matthiasgrimm@users.sourceforge.net> */ - function unlockTables() { + function _unlockTables() { if ($this->dbcon) { $this->modifyDB("UNLOCK TABLES"); return true; @@ -709,7 +707,7 @@ class auth_mysql extends auth_basic { * * @author Matthias Grimm <matthiasgrimm@users.sourceforge.net> */ - function createSQLFilter($sql, $filter) { + function _createSQLFilter($sql, $filter) { $SQLfilter = ""; $cnt = 0; @@ -718,16 +716,16 @@ class auth_mysql extends auth_basic { $tmp = addslashes('%'.mysql_real_escape_string($pattern, $this->dbcon).'%'); if ($item == 'user') { if ($cnt++ > 0) $SQLfilter .= " AND "; - $SQLfilter .= str_replace('%u',$tmp,$this->cnf['FilterLogin']); + $SQLfilter .= str_replace('%{user}',$tmp,$this->cnf['FilterLogin']); } else if ($item == 'name') { if ($cnt++ > 0) $SQLfilter .= " AND "; - $SQLfilter .= str_replace('%n',$tmp,$this->cnf['FilterName']); + $SQLfilter .= str_replace('%{name}',$tmp,$this->cnf['FilterName']); } else if ($item == 'mail') { if ($cnt++ > 0) $SQLfilter .= " AND "; - $SQLfilter .= str_replace('%e',$tmp,$this->cnf['FilterEmail']); + $SQLfilter .= str_replace('%{email}',$tmp,$this->cnf['FilterEmail']); } else if ($item == 'grps') { if ($cnt++ > 0) $SQLfilter .= " AND "; - $SQLfilter .= str_replace('%g',$tmp,$this->cnf['FilterGroup']); + $SQLfilter .= str_replace('%{group}',$tmp,$this->cnf['FilterGroup']); } } @@ -747,4 +745,3 @@ class auth_mysql extends auth_basic { } //Setup VIM: ex: et ts=2 enc=utf-8 : - diff --git a/inc/auth/mysql.php b/inc/auth/mysql.php deleted file mode 100644 index 8f236fe57..000000000 --- a/inc/auth/mysql.php +++ /dev/null @@ -1,196 +0,0 @@ -<?php -/** - * MySQL authentication backend - * - * PHP's MySQL extension is needed - * - * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) - * @author Andreas Gohr <andi@splitbrain.org> - */ - -//check for MySQL extension on load -if(!function_exists('mysql_connect')) - msg("MySQL extension not found",-1); - -/** - * Execute SQL - * - * Executes SQL statements and returns the results as list - * of hashes. Returns false on error. Returns auto_increment - * IDs on INSERT statements. - * - * @author Andreas Gohr <andi@splitbrain.org> - */ -function auth_mysql_runsql($sql_string) { - global $conf; - $cnf = $conf['auth']['mysql']; - - $link = @mysql_connect ($cnf['server'], $cnf['user'], $cnf['password']); - if(!$link){ - msg('MySQL: Connection to database failed!',-1); - return false; - } - $result = @mysql_db_query($cnf['database'],$sql_string,$link); - if(!$result){ - msg('MySQL: '.mysql_error($link)); - return false; - } - - //mysql_db_query returns 1 on a insert statement -> no need to ask for results - if ($result != 1) { - for($i=0; $i< mysql_num_rows($result); $i++) { - $temparray = mysql_fetch_assoc($result); - $resultarray[]=$temparray; - } - mysql_free_result ($result); - } elseif (mysql_insert_id($link)) { - $resultarray = mysql_insert_id($link); //give back ID on insert - } else - $resultarray = 0; // asure that the return value is valid - - mysql_close ($link); - return $resultarray; -} - -/** - * Check user+password [required auth function] - * - * Checks if the given user exists and the given plaintext password - * is correct. Furtheron it might be checked wether the user is - * member of the right group - * - * Depending on which SQL string is defined in the config, password - * checking is done here (getpass) or by the database (passcheck) - * - * @author Andreas Gohr <andi@splitbrain.org> - * @author Matthias Grimm <matthiasgrimm@users.sourceforge.net> - * @return bool - */ -function auth_checkPass($user,$pass){ - global $conf; - $cnf = $conf['auth']['mysql']; - - if($cnf['getpass']){ - // we check the pass ourself against the crypted one - $sql = str_replace('%u',addslashes($user),$cnf['getpass']); - $sql = str_replace('%g',addslashes($conf['defaultgroup']),$sql); - $result = auth_mysql_runsql($sql); - - if(count($result)){ - return(auth_verifyPassword($pass,$result[0]['pass'])); - } - }else{ - // we leave pass checking to the database - $sql = str_replace('%u',addslashes($user),$cnf['passcheck']); - $sql = str_replace('%g',addslashes($conf['defaultgroup']),$sql); - $sql = str_replace('%p',addslashes($pass),$sql); - $result = auth_mysql_runsql($sql); - - if(count($result) == 1){ - return true; - } - } - return false; -} - -/** - * Return user info [required auth function] - * - * Returns info about the given user needs to contain - * at least these fields: - * - * name string full name of the user - * mail string email addres of the user - * grps array list of groups the user is in - * - * @author Andreas Gohr <andi@splitbrain.org> - */ -function auth_getUserData($user){ - global $conf; - $cnf = $conf['auth']['mysql']; - - $sql = str_replace('%u',addslashes($user),$cnf['userinfo']); - $result = auth_mysql_runsql($sql); - if(!count($result)) return false; - $info = $result[0]; - - $sql = str_replace('%u',addslashes($user),$cnf['groups']); - $result = auth_mysql_runsql($sql); - if(!count($result)){ - $info['grps'][] = $conf['defaultgroup']; - }else{ - foreach($result as $row){ - $info['grps'][] = $row['group']; - } - } - - return $info; -} - -/** - * Create a new User [required auth function] - * - * user string username - * pass string password - * name string full name of the user - * mail string email address - * - * Returns false if the user already exists, null when an error - * occoured and the cleartext password of the new user if - * everything went well. - * - * The user HAS TO be added to the default group by this - * function - * - * @author Matthias Grimm <matthiasgrimm@users.sourceforge.net> - */ -function auth_createUser($user,$pass,$name,$mail){ - global $conf; - $cnf = $conf['auth']['mysql']; - - //check if user exists - $info = auth_getUserData($user); - if ($info != false) return false; - - //get groupid of default group - if($cnf['getgroupid']){ - $sql = str_replace('%g',addslashes($conf['defaultgroup']),$cnf['getgroupid']); - $result = auth_mysql_runsql($sql); - if($result === false) return null; - if (count($result) == 1){ - $gid = $result[0]['gid']; - }else{ - msg("MySQL: Couldn't find the default group",-1); - return null; - } - } - - //prepare the insert - $sql = str_replace('%u' ,addslashes($user),$cnf['adduser']); - $sql = str_replace('%p' ,addslashes(auth_cryptPassword($pass)),$sql); - $sql = str_replace('%n' ,addslashes($name),$sql); - $sql = str_replace('%e' ,addslashes($mail),$sql); - $sql = str_replace('%gid',addslashes($gid),$sql); - $sql = str_replace('%g' ,addslashes($conf['defaultgroup']),$sql); - - //do the insert - $uid = auth_mysql_runsql($sql); - if($uid == 0){ - msg("Registering of the new user '$user' failed!", -1); - return null; - } - - //add to default group - if ($cnf['addusergroup']) { - $sql = str_replace('%uid',addslashes($uid),$cnf['addusergroup']); - $sql = str_replace('%u' ,addslashes($user),$sql); - $sql = str_replace('%gid',addslashes($gid),$sql); - $sql = str_replace('%g' ,addslashes($conf['defaultgroup']),$sql); - $result = auth_mysql_runsql($sql); - if($result === false) msg("MySQL: couldn't add user to the default group"); - } - - return $pass; -} - -//Setup VIM: ex: et ts=2 enc=utf-8 : diff --git a/inc/auth/plain.class.php b/inc/auth/plain.class.php index 140bd7519..2331ae908 100644 --- a/inc/auth/plain.class.php +++ b/inc/auth/plain.class.php @@ -39,7 +39,7 @@ class auth_plain extends auth_basic { } /** - * Return user info [required auth function] + * Return user info * * Returns info about the given user needs to contain * at least these fields: @@ -57,7 +57,7 @@ class auth_plain extends auth_basic { } /** - * Create a new User [implement only where required/possible] + * Create a new User * * Returns false if the user already exists, null when an error * occured and the cleartext password of the new user if @@ -94,7 +94,7 @@ class auth_plain extends auth_basic { } /** - * Modify user data [implement only where required/possible] + * Modify user data * * @author Chris Smith <chris@jalakai.co.uk> * @param $user nick of the user to be changed @@ -196,7 +196,7 @@ class auth_plain extends auth_basic { } /** - * Bulk retrieval of user data [implement only where required/possible] + * Bulk retrieval of user data * * @author Chris Smith <chris@jalakai.co.uk> * @param start index of first user to be returned @@ -230,7 +230,7 @@ class auth_plain extends auth_basic { } /** - * Give user membership of a group [implement only where required/possible] + * Give user membership of a group * * @author Chris Smith <chris@jalakai.co.uk> * @return bool @@ -247,7 +247,7 @@ class auth_plain extends auth_basic { } /** - * Remove user from a group [implement only where required/possible] + * Remove user from a group * * @author Chris Smith <chris@jalakai.co.uk> * @return bool diff --git a/inc/auth/plain.php b/inc/auth/plain.php deleted file mode 100644 index d9569c3fd..000000000 --- a/inc/auth/plain.php +++ /dev/null @@ -1,120 +0,0 @@ -<?php -/** - * Plaintext authentication backend - * - * If you want to authenticate against something - * else then the builtin flatfile auth system - * you have to reimplement the "required auth - * functions" - * - * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) - * @author Andreas Gohr <andi@splitbrain.org> - */ - -// we only accept page ids for auth_plain -if(isset($_REQUEST['u'])) - $_REQUEST['u'] = cleanID($_REQUEST['u']); - -/** - * Check user+password [required auth function] - * - * Checks if the given user exists and the given - * plaintext password is correct - * - * @author Andreas Gohr <andi@splitbrain.org> - * @return bool - */ -function auth_checkPass($user,$pass){ - $users = auth_plain_loadUserData(); - - if(!isset($users[$user])) return false; - - return auth_verifyPassword($pass,$users[$user]['pass']); -} - -/** - * Return user info [required auth function] - * - * Returns info about the given user needs to contain - * at least these fields: - * - * name string full name of the user - * mail string email addres of the user - * grps array list of groups the user is in - * - * @author Andreas Gohr <andi@splitbrain.org> - */ -function auth_getUserData($user){ - static $users = null; - - if($users == null) { - $users = auth_plain_loadUserData(); - } - return $users[$user]; -} - -/** - * Create a new User [required auth function] - * - * Returns false if the user already exists, null when an error - * occured and the cleartext password of the new user if - * everything went well. - * - * The new user HAS TO be added to the default group by this - * function! - * - * @author Andreas Gohr <andi@splitbrain.org> - */ -function auth_createUser($user,$pass,$name,$mail){ - global $conf; - - $users = auth_plain_loadUserData(); - if(isset($users[$user])) return false; - - $userline = join(':',array($user, - auth_cryptPassword($pass), - $name, - $mail, - $conf['defaultgroup'])); - $userline .= "\n"; - $fh = fopen(DOKU_CONF.'users.auth.php','a'); - if($fh){ - fwrite($fh,$userline); - fclose($fh); - return $pass; - } - msg('The users.auth.php file is not writable. Please inform the Wiki-Admin',-1); - return null; -} - -/** - * Load all user data - * - * Used by the plaintext auth functions - * loads the user file into a datastructure - * - * @author Andreas Gohr <andi@splitbrain.org> - */ -function auth_plain_loadUserData(){ - $data = array(); - if(!@file_exists(DOKU_CONF.'users.auth.php')){ - return $data; - } - $lines = file(DOKU_CONF.'users.auth.php'); - foreach($lines as $line){ - $line = preg_replace('/#.*$/','',$line); //ignore comments - $line = trim($line); - if(empty($line)) continue; - - $row = split(":",$line,5); - $groups = split(",",$row[4]); - $data[$row[0]]['pass'] = $row[1]; - $data[$row[0]]['name'] = urldecode($row[2]); - $data[$row[0]]['mail'] = $row[3]; - $data[$row[0]]['grps'] = $groups; - } - return $data; -} - - -//Setup VIM: ex: et ts=2 enc=utf-8 : |