From e3776c06c37cc197709dac60892604dfea894ac2 Mon Sep 17 00:00:00 2001 From: Michael Hamann Date: Mon, 29 Nov 2010 01:34:36 +0100 Subject: Remove enc=utf-8 in VIM modeline as it is not allowed in VIM 7.3 As of VIM 7.3 it is no longer possible to specify the encoding in the modeline. This gives an error message whenever such a file is opened, thus this commit removes the enc setting from the modeline. --- inc/auth/ad.class.php | 2 +- inc/auth/basic.class.php | 2 +- inc/auth/ldap.class.php | 2 +- inc/auth/mysql.class.php | 2 +- inc/auth/pgsql.class.php | 2 +- inc/auth/plain.class.php | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) (limited to 'inc/auth') diff --git a/inc/auth/ad.class.php b/inc/auth/ad.class.php index 90fe0266b..41e9d854b 100644 --- a/inc/auth/ad.class.php +++ b/inc/auth/ad.class.php @@ -296,4 +296,4 @@ class auth_ad extends auth_basic { } } -//Setup VIM: ex: et ts=4 enc=utf-8 : +//Setup VIM: ex: et ts=4 : diff --git a/inc/auth/basic.class.php b/inc/auth/basic.class.php index fa38970ae..c7e7031bf 100644 --- a/inc/auth/basic.class.php +++ b/inc/auth/basic.class.php @@ -400,4 +400,4 @@ class auth_basic { } } -//Setup VIM: ex: et ts=2 enc=utf-8 : +//Setup VIM: ex: et ts=2 : diff --git a/inc/auth/ldap.class.php b/inc/auth/ldap.class.php index 7f1eec187..420043238 100644 --- a/inc/auth/ldap.class.php +++ b/inc/auth/ldap.class.php @@ -457,4 +457,4 @@ class auth_ldap extends auth_basic { } } -//Setup VIM: ex: et ts=4 enc=utf-8 : +//Setup VIM: ex: et ts=4 : diff --git a/inc/auth/mysql.class.php b/inc/auth/mysql.class.php index ca607ced5..dbdfe5fda 100644 --- a/inc/auth/mysql.class.php +++ b/inc/auth/mysql.class.php @@ -936,4 +936,4 @@ class auth_mysql extends auth_basic { } } -//Setup VIM: ex: et ts=2 enc=utf-8 : +//Setup VIM: ex: et ts=2 : diff --git a/inc/auth/pgsql.class.php b/inc/auth/pgsql.class.php index 8e68e865e..cf8bf7600 100644 --- a/inc/auth/pgsql.class.php +++ b/inc/auth/pgsql.class.php @@ -407,4 +407,4 @@ class auth_pgsql extends auth_mysql { } -//Setup VIM: ex: et ts=2 enc=utf-8 : +//Setup VIM: ex: et ts=2 : diff --git a/inc/auth/plain.class.php b/inc/auth/plain.class.php index ec9e52beb..3941190e9 100644 --- a/inc/auth/plain.class.php +++ b/inc/auth/plain.class.php @@ -325,4 +325,4 @@ class auth_plain extends auth_basic { } } -//Setup VIM: ex: et ts=2 enc=utf-8 : +//Setup VIM: ex: et ts=2 : -- cgit v1.2.3 From fa7c70ff4d7f9999466436e7d559eb0c81571779 Mon Sep 17 00:00:00 2001 From: Adrian Lang Date: Wed, 8 Dec 2010 17:17:40 +0100 Subject: tmp --- inc/auth/ad.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'inc/auth') diff --git a/inc/auth/ad.class.php b/inc/auth/ad.class.php index 41e9d854b..5478d64b9 100644 --- a/inc/auth/ad.class.php +++ b/inc/auth/ad.class.php @@ -126,7 +126,7 @@ class auth_ad extends auth_basic { * at least these fields: * * name string full name of the user - * mail string email addres of the user + * mail string email address of the user * grps array list of groups the user is in * * This LDAP specific function returns the following -- cgit v1.2.3 From 48176364390fb988f2194074842d84d8a0b8b73e Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Wed, 26 Jan 2011 09:46:24 +0100 Subject: AD auth: allow users to modify their profile data --- inc/auth/ad.class.php | 54 +++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 52 insertions(+), 2 deletions(-) (limited to 'inc/auth') diff --git a/inc/auth/ad.class.php b/inc/auth/ad.class.php index 5478d64b9..7c4f69c67 100644 --- a/inc/auth/ad.class.php +++ b/inc/auth/ad.class.php @@ -51,6 +51,13 @@ class auth_ad extends auth_basic { global $conf; $this->cnf = $conf['auth']['ad']; + // we can change the password if SSL is set + if($this->cnf['use_ssl']){ + $this->cando['modPass'] = true; + } + $this->cando['modName'] = true; + $this->cando['modMail'] = true; + // additional information fields if (isset($this->cnf['additional'])) { $this->cnf['additional'] = str_replace(' ', '', $this->cnf['additional']); @@ -60,7 +67,7 @@ class auth_ad extends auth_basic { // ldap extension is needed if (!function_exists('ldap_connect')) { if ($this->cnf['debug']) - msg("LDAP err: PHP LDAP extension not found.",-1); + msg("AD Auth: PHP LDAP extension not found.",-1); $this->success = false; return; } @@ -246,6 +253,49 @@ class auth_ad extends auth_basic { return $result; } + /** + * Modify user data + * + * @param $user nick of the user to be changed + * @param $changes array of field/value pairs to be changed + * @return bool + */ + function modifyUser($user, $changes) { + $return = true; + + // password changing + if(isset($changes['pass'])){ + try { + $return = $this->adldap->user_password($user,$changes['pass']); + } catch (adLDAPException $e) { + if ($this->cnf['debug']) msg('AD Auth: '.$e->getMessage(), -1); + $return = false; + } + if(!$return) msg('AD Auth: failed to change the password. Maybe the password policy was not met?',-1); + } + + // changing user data + $adchanges = array(); + if(isset($changes['name'])){ + // get first and last name + $parts = explode(' ',$changes['name']); + $adchanges['surname'] = array_pop($parts); + $adchanges['firstname'] = join(' ',$parts); + $adchanges['display_name'] = $changes['name']; + } + if(isset($changes['mail'])){ + $adchanges['email'] = $changes['mail']; + } + try { + $return = $return & $this->adldap->user_modify($user,$adchanges); + } catch (adLDAPException $e) { + if ($this->cnf['debug']) msg('AD Auth: '.$e->getMessage(), -1); + $return = false; + } + + return $return; + } + /** * Initialize the AdLDAP library and connect to the server */ @@ -261,7 +311,7 @@ class auth_ad extends auth_basic { return true; } catch (adLDAPException $e) { if ($this->cnf['debug']) { - msg($e->getMessage(), -1); + msg('AD Auth: '.$e->getMessage(), -1); } $this->success = false; $this->adldap = null; -- cgit v1.2.3 From 6c3ec20e45addc534ed8337b9b4733df1d51ff02 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Wed, 26 Jan 2011 09:49:50 +0100 Subject: AD auth: password changing works via TLS as well --- inc/auth/ad.class.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'inc/auth') diff --git a/inc/auth/ad.class.php b/inc/auth/ad.class.php index 7c4f69c67..93186d9a1 100644 --- a/inc/auth/ad.class.php +++ b/inc/auth/ad.class.php @@ -24,6 +24,7 @@ * $conf['auth']['ad']['ad_password'] = 'pass'; * $conf['auth']['ad']['real_primarygroup'] = 1; * $conf['auth']['ad']['use_ssl'] = 1; + * $conf['auth']['ad']['use_tls'] = 1; * $conf['auth']['ad']['debug'] = 1; * * // get additional information to the userinfo array @@ -52,7 +53,7 @@ class auth_ad extends auth_basic { $this->cnf = $conf['auth']['ad']; // we can change the password if SSL is set - if($this->cnf['use_ssl']){ + if($this->cnf['use_ssl'] || $this->cnf['use_tls']){ $this->cando['modPass'] = true; } $this->cando['modName'] = true; -- cgit v1.2.3 From 267e765e7f9433997a7e31ccaca5d8b3bfa49fe1 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Wed, 26 Jan 2011 09:54:49 +0100 Subject: AD auth: set capabilities after handling multi domain setups --- inc/auth/ad.class.php | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) (limited to 'inc/auth') diff --git a/inc/auth/ad.class.php b/inc/auth/ad.class.php index 93186d9a1..9ffd3e18b 100644 --- a/inc/auth/ad.class.php +++ b/inc/auth/ad.class.php @@ -52,12 +52,6 @@ class auth_ad extends auth_basic { global $conf; $this->cnf = $conf['auth']['ad']; - // we can change the password if SSL is set - if($this->cnf['use_ssl'] || $this->cnf['use_tls']){ - $this->cando['modPass'] = true; - } - $this->cando['modName'] = true; - $this->cando['modMail'] = true; // additional information fields if (isset($this->cnf['additional'])) { @@ -105,7 +99,12 @@ class auth_ad extends auth_basic { $this->opts['domain_controllers'] = array_map('trim',$this->opts['domain_controllers']); $this->opts['domain_controllers'] = array_filter($this->opts['domain_controllers']); - // we currently just handle authentication, so no capabilities are set + // we can change the password if SSL is set + if($this->opts['use_ssl'] || $this->opts['use_tls']){ + $this->cando['modPass'] = true; + } + $this->cando['modName'] = true; + $this->cando['modMail'] = true; } /** -- cgit v1.2.3 From e7327938e66f43615da3ec05a7f9a89d8dfc0c31 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Je=CC=81ro=CC=82me=20Tamarelle?= Date: Tue, 15 Feb 2011 00:10:41 +0100 Subject: Accept empty MySQL password for database auth. --- inc/auth/mysql.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'inc/auth') diff --git a/inc/auth/mysql.class.php b/inc/auth/mysql.class.php index dbdfe5fda..653c725a3 100644 --- a/inc/auth/mysql.class.php +++ b/inc/auth/mysql.class.php @@ -46,7 +46,7 @@ class auth_mysql extends auth_basic { // set capabilities based upon config strings set if (empty($this->cnf['server']) || empty($this->cnf['user']) || - empty($this->cnf['password']) || empty($this->cnf['database'])){ + !isset($this->cnf['password']) || empty($this->cnf['database'])){ if ($this->cnf['debug']) msg("MySQL err: insufficient configuration.",-1,__LINE__,__FILE__); $this->success = false; -- cgit v1.2.3