1<?php 2/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org> 3 * Copyright (C) 2004 Sebastien Di Cintio <sdicintio@ressource-toi.org> 4 * Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be> 5 * Copyright (C) 2005-2017 Regis Houssin <regis.houssin@inodbox.com> 6 * Copyright (C) 2006-2020 Laurent Destailleur <eldy@users.sourceforge.net> 7 * Copyright (C) 2011-2013 Juanjo Menent <jmenent@2byte.es> 8 * 9 * This program is free software; you can redistribute it and/or modify 10 * it under the terms of the GNU General Public License as published by 11 * the Free Software Foundation; either version 3 of the License, or 12 * (at your option) any later version. 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU General Public License for more details. 18 * 19 * You should have received a copy of the GNU General Public License 20 * along with this program. If not, see <https://www.gnu.org/licenses/>. 21 */ 22 23/** 24 * \file htdocs/admin/ldap.php 25 * \ingroup ldap 26 * \brief Page to setup module LDAP 27 */ 28 29require '../main.inc.php'; 30require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php'; 31require_once DOL_DOCUMENT_ROOT.'/core/class/ldap.class.php'; 32require_once DOL_DOCUMENT_ROOT.'/core/lib/ldap.lib.php'; 33 34// Load translation files required by the page 35$langs->load("admin"); 36 37if (!$user->admin) 38 accessforbidden(); 39 40$action = GETPOST('action', 'aZ09'); 41 42// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context 43$hookmanager->initHooks(array('adminldap', 'globaladmin')); 44 45/* 46 * Actions 47 */ 48 49$parameters = array(); 50$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks 51if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); 52 53if (empty($reshook)) 54{ 55 if ($action == 'setvalue' && $user->admin) 56 { 57 $error = 0; 58 59 $db->begin(); 60 61 if (!dolibarr_set_const($db, 'LDAP_SERVER_TYPE', GETPOST("type", 'aZ09'), 'chaine', 0, '', $conf->entity)) $error++; 62 if (!dolibarr_set_const($db, 'LDAP_SERVER_PROTOCOLVERSION', GETPOST("LDAP_SERVER_PROTOCOLVERSION", 'aZ09'), 'chaine', 0, '', $conf->entity)) $error++; 63 if (!dolibarr_set_const($db, 'LDAP_SERVER_HOST', GETPOST("host", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) $error++; 64 if (!dolibarr_set_const($db, 'LDAP_SERVER_HOST_SLAVE', GETPOST("slave", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) $error++; 65 if (!dolibarr_set_const($db, 'LDAP_SERVER_PORT', GETPOST("port", 'int'), 'chaine', 0, '', $conf->entity)) $error++; 66 if (!dolibarr_set_const($db, 'LDAP_SERVER_DN', GETPOST("dn", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) $error++; 67 if (!dolibarr_set_const($db, 'LDAP_ADMIN_DN', GETPOST("admin", 'alphanohtml'), 'chaine', 0, '', $conf->entity)) $error++; 68 if (!dolibarr_set_const($db, 'LDAP_ADMIN_PASS', GETPOST("pass", 'none'), 'chaine', 0, '', $conf->entity)) $error++; 69 if (!dolibarr_set_const($db, 'LDAP_SERVER_USE_TLS', GETPOST("usetls", 'aZ09'), 'chaine', 0, '', $conf->entity)) $error++; 70 if (!dolibarr_set_const($db, 'LDAP_SYNCHRO_ACTIVE', GETPOST("activesynchro", 'aZ09'), 'chaine', 0, '', $conf->entity)) $error++; 71 if (!dolibarr_set_const($db, 'LDAP_CONTACT_ACTIVE', GETPOST("activecontact", 'aZ09'), 'chaine', 0, '', $conf->entity)) $error++; 72 if (!dolibarr_set_const($db, 'LDAP_MEMBER_ACTIVE', GETPOST("activemembers", 'aZ09'), 'chaine', 0, '', $conf->entity)) $error++; 73 if (!dolibarr_set_const($db, 'LDAP_MEMBER_TYPE_ACTIVE', GETPOST("activememberstypes", 'aZ09'), 'chaine', 0, '', $conf->entity)) $error++; 74 75 if (!$error) 76 { 77 $db->commit(); 78 setEventMessages($langs->trans("SetupSaved"), null, 'mesgs'); 79 } else { 80 $db->rollback(); 81 dol_print_error($db); 82 } 83 } 84} 85 86/* 87 * View 88 */ 89 90llxHeader('', $langs->trans("LDAPSetup"), 'EN:Module_LDAP_En|FR:Module_LDAP|ES:Módulo_LDAP'); 91 92$linkback = '<a href="'.DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1">'.$langs->trans("BackToModuleList").'</a>'; 93 94print load_fiche_titre($langs->trans("LDAPSetup"), $linkback, 'title_setup'); 95 96$head = ldap_prepare_head(); 97 98// Test si fonction LDAP actives 99if (!function_exists("ldap_connect")) 100{ 101 setEventMessages($langs->trans("LDAPFunctionsNotAvailableOnPHP"), null, 'errors'); 102} 103 104 105$form = new Form($db); 106 107 108print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue">'; 109print '<input type="hidden" name="token" value="'.newToken().'">'; 110 111print dol_get_fiche_head($head, 'ldap', $langs->trans("LDAPSetup"), -1); 112 113print '<table class="noborder centpercent">'; 114 115// Liste de synchro actives 116print '<tr class="liste_titre">'; 117print '<td colspan="3">'.$langs->trans("LDAPSynchronization").'</td>'; 118print "</tr>\n"; 119 120// Synchro utilisateurs/groupes active 121 122print '<tr class="oddeven"><td>'.$langs->trans("LDAPDnSynchroActive").'</td><td>'; 123$arraylist = array(); 124$arraylist['0'] = $langs->trans("No"); 125$arraylist['ldap2dolibarr'] = $langs->trans("LDAPToDolibarr"); 126$arraylist['dolibarr2ldap'] = $langs->trans("DolibarrToLDAP"); 127print $form->selectarray('activesynchro', $arraylist, $conf->global->LDAP_SYNCHRO_ACTIVE); 128print '</td><td>'.$langs->trans("LDAPDnSynchroActiveExample"); 129if ($conf->global->LDAP_SYNCHRO_ACTIVE && !$conf->global->LDAP_USER_DN) 130{ 131 print '<br><font class="error">'.$langs->trans("LDAPSetupNotComplete").'</font>'; 132} 133print '</td></tr>'; 134 135// Synchro contact active 136if (!empty($conf->societe->enabled)) 137{ 138 print '<tr class="oddeven"><td>'.$langs->trans("LDAPDnContactActive").'</td><td>'; 139 $arraylist = array(); 140 $arraylist['0'] = $langs->trans("No"); 141 $arraylist['1'] = $langs->trans("DolibarrToLDAP"); 142 print $form->selectarray('activecontact', $arraylist, $conf->global->LDAP_CONTACT_ACTIVE); 143 print '</td><td>'.$langs->trans("LDAPDnContactActiveExample").'</td></tr>'; 144} 145 146// Synchro member active 147if (!empty($conf->adherent->enabled)) 148{ 149 print '<tr class="oddeven"><td>'.$langs->trans("LDAPDnMemberActive").'</td><td>'; 150 $arraylist = array(); 151 $arraylist['0'] = $langs->trans("No"); 152 $arraylist['1'] = $langs->trans("DolibarrToLDAP"); 153 $arraylist['ldap2dolibarr'] = $langs->trans("LDAPToDolibarr").' ('.$langs->trans("SupportedForLDAPImportScriptOnly").')'; 154 print $form->selectarray('activemembers', $arraylist, $conf->global->LDAP_MEMBER_ACTIVE); 155 print '</td><td>'.$langs->trans("LDAPDnMemberActiveExample").'</td></tr>'; 156} 157 158// Synchro member type active 159if (!empty($conf->adherent->enabled)) 160{ 161 print '<tr class="oddeven"><td>'.$langs->trans("LDAPDnMemberTypeActive").'</td><td>'; 162 $arraylist = array(); 163 $arraylist['0'] = $langs->trans("No"); 164 $arraylist['1'] = $langs->trans("DolibarrToLDAP"); 165 $arraylist['ldap2dolibarr'] = $langs->trans("LDAPToDolibarr").' ('.$langs->trans("SupportedForLDAPImportScriptOnly").')'; 166 print $form->selectarray('activememberstypes', $arraylist, $conf->global->LDAP_MEMBER_TYPE_ACTIVE); 167 print '</td><td>'.$langs->trans("LDAPDnMemberTypeActiveExample").'</td></tr>'; 168} 169 170// Fields from hook 171$parameters = array(); 172$reshook = $hookmanager->executeHooks('addAdminLdapOptions', $parameters); // Note that $action and $object may have been modified by hook 173print $hookmanager->resPrint; 174 175print '<tr class="liste_titre">'; 176print '<td>'.$langs->trans("Parameter").'</td>'; 177print '<td>'.$langs->trans("Value").'</td>'; 178print '<td>'.$langs->trans("Example").'</td>'; 179print "</tr>\n"; 180 181// Type 182print '<tr class="oddeven"><td>'.$langs->trans("Type").'</td><td>'; 183$arraylist = array(); 184$arraylist['activedirectory'] = 'Active Directory'; 185$arraylist['openldap'] = 'OpenLdap'; 186$arraylist['egroupware'] = 'Egroupware'; 187print $form->selectarray('type', $arraylist, $conf->global->LDAP_SERVER_TYPE); 188print '</td><td> </td></tr>'; 189 190// Version 191print '<tr class="oddeven"><td>'.$langs->trans("Version").'</td><td>'; 192$arraylist = array(); 193$arraylist['3'] = 'Version 3'; 194$arraylist['2'] = 'Version 2'; 195print $form->selectarray('LDAP_SERVER_PROTOCOLVERSION', $arraylist, $conf->global->LDAP_SERVER_PROTOCOLVERSION); 196print '</td><td>'.$langs->trans("LDAPServerProtocolVersion").'</td></tr>'; 197 198// Serveur primaire 199print '<tr class="oddeven"><td>'; 200print $langs->trans("LDAPPrimaryServer").'</td><td>'; 201print '<input size="25" type="text" name="host" value="'.$conf->global->LDAP_SERVER_HOST.'">'; 202print '</td><td>'.$langs->trans("LDAPServerExample").'</td></tr>'; 203 204// Serveur secondaire 205print '<tr class="oddeven"><td>'; 206print $langs->trans("LDAPSecondaryServer").'</td><td>'; 207print '<input size="25" type="text" name="slave" value="'.$conf->global->LDAP_SERVER_HOST_SLAVE.'">'; 208print '</td><td>'.$langs->trans("LDAPServerExample").'</td></tr>'; 209 210// Port 211print '<tr class="oddeven"><td>'.$langs->trans("LDAPServerPort").'</td><td>'; 212if (!empty($conf->global->LDAP_SERVER_PORT)) 213{ 214 print '<input size="25" type="text" name="port" value="'.$conf->global->LDAP_SERVER_PORT.'">'; 215} else { 216 print '<input size="25" type="text" name="port" value="389">'; 217} 218print '</td><td>'.$langs->trans("LDAPServerPortExample").'</td></tr>'; 219 220// DNserver 221print '<tr class="oddeven"><td>'.$langs->trans("LDAPServerDn").'</td><td>'; 222print '<input size="25" type="text" name="dn" value="'.$conf->global->LDAP_SERVER_DN.'">'; 223print '</td><td>'.$langs->trans("LDAPServerDnExample").'</td></tr>'; 224 225// Utiliser TLS 226print '<tr class="oddeven"><td>'.$langs->trans("LDAPServerUseTLS").'</td><td>'; 227$arraylist = array(); 228$arraylist['0'] = $langs->trans("No"); 229$arraylist['1'] = $langs->trans("Yes"); 230print $form->selectarray('usetls', $arraylist, $conf->global->LDAP_SERVER_USE_TLS); 231print '</td><td>'.$langs->trans("LDAPServerUseTLSExample").'</td></tr>'; 232 233print '<tr class="liste_titre">'; 234print '<td colspan="3">'.$langs->trans("ForANonAnonymousAccess").'</td>'; 235print "</tr>\n"; 236 237// DNAdmin 238print '<tr class="oddeven"><td>'.$langs->trans("LDAPAdminDn").'</td><td>'; 239print '<input size="25" type="text" name="admin" value="'.$conf->global->LDAP_ADMIN_DN.'">'; 240print '</td><td>'.$langs->trans("LDAPAdminDnExample").'</td></tr>'; 241 242// Pass 243print '<tr class="oddeven"><td>'.$langs->trans("LDAPPassword").'</td><td>'; 244if (!empty($conf->global->LDAP_ADMIN_PASS)) 245{ 246 print '<input size="25" type="password" name="pass" value="'.$conf->global->LDAP_ADMIN_PASS.'">'; // je le met en visible pour test 247} else { 248 print '<input size="25" type="text" name="pass" value="'.$conf->global->LDAP_ADMIN_PASS.'">'; 249} 250print '</td><td>'.$langs->trans('Password').' (ex: secret)</td></tr>'; 251 252print '</table>'; 253 254print dol_get_fiche_end(); 255 256print '<div class="center"><input type="submit" class="button" value="'.$langs->trans("Modify").'"></div>'; 257 258print '</form>'; 259 260print '<br>'; 261 262 263/* 264 * Test de la connexion 265 */ 266if (function_exists("ldap_connect")) 267{ 268 if (!empty($conf->global->LDAP_SERVER_HOST)) 269 { 270 print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=test">'.$langs->trans("LDAPTestConnect").'</a><br><br>'; 271 } 272 273 if ($_GET["action"] == 'test') 274 { 275 $ldap = new Ldap(); // Les parametres sont passes et recuperes via $conf 276 277 $result = $ldap->connect_bind(); 278 if ($result > 0) 279 { 280 // Test ldap connect and bind 281 print img_picto('', 'info').' '; 282 print '<font class="ok">'.$langs->trans("LDAPTCPConnectOK", $conf->global->LDAP_SERVER_HOST, $conf->global->LDAP_SERVER_PORT).'</font>'; 283 print '<br>'; 284 285 if ($conf->global->LDAP_ADMIN_DN && !empty($conf->global->LDAP_ADMIN_PASS)) 286 { 287 if ($result == 2) 288 { 289 print img_picto('', 'info').' '; 290 print '<font class="ok">'.$langs->trans("LDAPBindOK", $conf->global->LDAP_SERVER_HOST, $conf->global->LDAP_SERVER_PORT, $conf->global->LDAP_ADMIN_DN, preg_replace('/./i', '*', $conf->global->LDAP_ADMIN_PASS)).'</font>'; 291 print '<br>'; 292 } else { 293 print img_picto('', 'error').' '; 294 print '<font class="error">'.$langs->trans("LDAPBindKO", $conf->global->LDAP_SERVER_HOST, $conf->global->LDAP_SERVER_PORT, $conf->global->LDAP_ADMIN_DN, preg_replace('/./i', '*', $conf->global->LDAP_ADMIN_PASS)).'</font>'; 295 print '<br>'; 296 print $langs->trans("Error").' '.$ldap->error; 297 print '<br>'; 298 } 299 } else { 300 print img_picto('', 'warning').' '; 301 print '<font class="warning">'.$langs->trans("LDAPNoUserOrPasswordProvidedAccessIsReadOnly").'</font>'; 302 print '<br>'; 303 } 304 305 306 // Test ldap_getversion 307 if (($ldap->getVersion() == 3)) 308 { 309 print img_picto('', 'info').' '; 310 print '<font class="ok">'.$langs->trans("LDAPSetupForVersion3").'</font>'; 311 print '<br>'; 312 } else { 313 print img_picto('', 'info').' '; 314 print '<font class="ok">'.$langs->trans("LDAPSetupForVersion2").'</font>'; 315 print '<br>'; 316 } 317 318 $unbind = $ldap->unbind(); 319 } else { 320 print img_picto('', 'error').' '; 321 print '<font class="error">'.$langs->trans("LDAPTCPConnectKO", $conf->global->LDAP_SERVER_HOST, $conf->global->LDAP_SERVER_PORT).'</font>'; 322 print '<br>'; 323 print $langs->trans("Error").' '.$ldap->error; 324 print '<br>'; 325 } 326 } 327} 328 329// End of page 330llxFooter(); 331$db->close(); 332