127 lines
3.5 KiB
PHP
127 lines
3.5 KiB
PHP
<?php
|
|
/**
|
|
* ExchAuth class
|
|
* @version 07-23-2005
|
|
* @Author Bogdan Baliuc <b.baliuc@rogers.com>
|
|
* @package ExchAuth
|
|
*
|
|
* Copyright (C) 2005 - 2007 MailZu
|
|
* License: GPL, see LICENSE
|
|
*/
|
|
/**
|
|
* Base directory of application
|
|
*/
|
|
@define('BASE_DIR', dirname(__FILE__) . '/..');
|
|
/**
|
|
* CmnFns class
|
|
*/
|
|
include_once('CmnFns.class.php');
|
|
|
|
/**
|
|
* Provide all database access/manipulation functionality for Exchange Auth
|
|
*/
|
|
class ExchAuth {
|
|
|
|
// The exchange hostname with port (hostname[:port])
|
|
var $exchHost;
|
|
// The exchange LDAP URI (ldap://hostname[:port])
|
|
var $exchLDAP;
|
|
// The user's logon name
|
|
var $logonName;
|
|
// The user's first name
|
|
var $firstName;
|
|
// The user's mail address(es)
|
|
var $emailAddress;
|
|
|
|
var $err_msg = '';
|
|
|
|
/**
|
|
* Constructor to initialize object
|
|
* @param none
|
|
*/
|
|
function ExchAuth() {
|
|
global $conf;
|
|
|
|
$this->exchHost = $conf['auth']['exch_host'];
|
|
$this->exchLDAP = $conf['auth']['exch_ldap'];
|
|
}
|
|
|
|
// User methods -------------------------------------------
|
|
|
|
/**
|
|
* Authenticates user
|
|
* @param string $username
|
|
* @param string $password
|
|
* @param string $domain
|
|
* @return boolean
|
|
*/
|
|
function authUser($username, $password, $domain) {
|
|
|
|
$fulluser = $domain.'/'.$username;
|
|
$mbox = imap_open('{'.$this->exchHost.'/imap}Inbox', $fulluser, $password);
|
|
if ($mbox === false) {
|
|
$this->err_msg = translate('Invalid Username/Password');
|
|
return false;
|
|
} else {
|
|
$ignore = imap_errors();
|
|
imap_close($mbox);
|
|
}
|
|
$ldapconn = ldap_connect($this->exchLDAP);
|
|
if ($ldapconn === false) {
|
|
$this->err_msg = translate('Can not connect to LDAP server');
|
|
return false;
|
|
}
|
|
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
|
|
ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
|
|
$ldapbind = ldap_bind($ldapconn);
|
|
if ($ldapbind === false) {
|
|
$this->err_msg = translate('Can not bind to LDAP server');
|
|
return false;
|
|
}
|
|
$ldapattr = array('cn', 'rfc822Mailbox' ,'otherMailbox');
|
|
$read = ldap_search($ldapconn, '', '(uid='.$username.')', $ldapattr);
|
|
if ($read === false) {
|
|
$this->err_msg = translate('Unable to search LDAP server');
|
|
return false;
|
|
}
|
|
$info = ldap_get_entries($ldapconn, $read);
|
|
$this->logonName = strtolower($username);
|
|
$this->firstName = $info[0]['cn'][0];
|
|
$this->emailAddress[] = strtolower($info[0]['rfc822mailbox'][0]);
|
|
for ($i=0; $i<$info[0]['othermailbox']['count']; $i++) {
|
|
$data = $info[0]['othermailbox'][$i];
|
|
if (strncasecmp($data, 'smtp$', 5) == 0) {
|
|
$this->emailAddress[] = strtolower(substr($data, 5));
|
|
}
|
|
}
|
|
ldap_close($ldapconn);
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Returns the last error message
|
|
* @param none
|
|
* @return last error message generated
|
|
*/
|
|
function get_err() {
|
|
return $this->err_msg;
|
|
}
|
|
|
|
// Helper methods -------------------------------------------
|
|
|
|
/**
|
|
* Returns user information
|
|
* @return array containing user information
|
|
*/
|
|
function getUserData() {
|
|
$return = array(
|
|
'logonName' => $this->logonName,
|
|
'firstName' => $this->firstName,
|
|
'emailAddress' => $this->emailAddress
|
|
);
|
|
return $return;
|
|
}
|
|
|
|
}
|
|
?>
|