makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

- Added init_{$auth_plugin} function which can be used to test a connection to the authentication system before actually saving the new configuration. This will hopefully stop people from locking themselves out by using an authentication system that they cannot connect to.

Browse source 
git-svn-id: file:///svn/phpbb/trunk@5653 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Nils Adermann 2006-03-18 16:19:18 +00:00
parent 9f7bc93125
commit 957502a28b
3 changed files with 88 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
phpBB/includes/acp/acp_board.php
View file

@ -282,6 +282,11 @@ class acp_board
continue; continue;
} }
if ($config_name == 'auth_method')
{
continue;
}
$config_value = $cfg_array[$config_name]; $config_value = $cfg_array[$config_name];
$this->new_config[$config_name] = $config_value; $this->new_config[$config_name] = $config_value;
@ -313,6 +318,8 @@ class acp_board
sort($auth_plugins); sort($auth_plugins);
$updated_auth_settings = false;
$old_auth_config = array();
foreach ($auth_plugins as $method) foreach ($auth_plugins as $method)
{ {
if ($method && file_exists($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx)) if ($method && file_exists($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx))
@ -337,11 +344,13 @@ class acp_board
continue; continue;
} }
$old_auth_config[$field] = $this->new_config[$field];
$config_value = $cfg_array[$field]; $config_value = $cfg_array[$field];
$this->new_config[$field] = $config_value; $this->new_config[$field] = $config_value;
if ($submit) if ($submit)
{ {
$updated_auth_settings = true;
set_config($field, $config_value); set_config($field, $config_value);
} }
} }
@ -350,6 +359,33 @@ class acp_board
} }
} }
} }
if ($submit && (($cfg_array['auth_method'] != $this->new_config['auth_method']) || $updated_auth_settings))
{
$method = $cfg_array['auth_method'];
if ($method && in_array($method, $auth_plugins))
{
include_once($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx);
$method = 'init_' . $method;
if (function_exists($method))
{
if (($error = $method()) == true)
{
foreach ($old_auth_config as $config_name => $config_value)
{
set_config($config_name, $config_value);
}
trigger_error($error . adm_back_link($this->u_action));
}
}
set_config('auth_method', $cfg_array['auth_method']);
}
else
{
trigger_error('NO_AUTH_PLUGIN');
}
}
} }
if ($submit) if ($submit)

42
phpBB/includes/auth/auth_ldap.php
View file

@ -19,6 +19,48 @@
* *
*/ */
/**
* Only allow changing authentication to ldap if we can connect to the ldap server
*/
function init_ldap()
{
global $config, $user;
if (!extension_loaded('ldap'))
{
return $user->lang['LDAP_NO_LDAP_EXTENSION'];
}
if (!($ldap = @ldap_connect($config['ldap_server'])))
{
return $user->lang['LDAP_NO_SERVER_CONNECTION'];
}
@ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
// We'll get a notice here that we don't want, if we cannot connect to the server.
// ldap_connect only checks whether the specified server is valid, so the connection might still fail
ob_start();
$search = @ldap_search($ldap, $config['ldap_base_dn'], $config['ldap_uid'] . '=' . $user->data['username'], array($config['ldap_uid']));
if (ob_get_clean())
{
return $user->lang['LDAP_NO_SERVER_CONNECTION'];
}
$result = @ldap_get_entries($ldap, $search);
@ldap_close($ldap);
if (is_array($result) && sizeof($result) > 1)
{
return false;
}
return sprintf($user->lang['LDAP_NO_IDENTITY'], $user->data['username']);
}
/** /**
* Login function * Login function
*/ */

7
phpBB/language/en/acp/board.php
View file

@ -309,10 +309,13 @@ $lang = array_merge($lang, array(
$lang = array_merge($lang, array( $lang = array_merge($lang, array(
'ACP_AUTH_SETTINGS_EXPLAIN' => 'phpBB2 supports authentication plug-ins, or modules. These allow you determine how users are authenticated when they log into the board. By default three plug-ins are provided; DB, LDAP and Apache. Not all methods require additional information so only fill out fields if they are relevant to the selected method.', 'ACP_AUTH_SETTINGS_EXPLAIN' => 'phpBB2 supports authentication plug-ins, or modules. These allow you determine how users are authenticated when they log into the board. By default three plug-ins are provided; DB, LDAP and Apache. Not all methods require additional information so only fill out fields if they are relevant to the selected method.',
'AUTH_METHOD' => 'Select an authentication method', 'AUTH_METHOD' => 'Select an authentication method',
'LDAP_SERVER' => 'LDAP server name', 'LDAP_NO_IDENTITY' => 'Could not find a login identity for %s',
'LDAP_SERVER_EXPLAIN' => 'If using LDAP this is the name or IP address of the server.', 'LDAP_NO_LDAP_EXTENSION' => 'LDAP extension not availible',
'LDAP_NO_SERVER_CONNECTION' => 'Could not connect to LDAP server',
'LDAP_DN' => 'LDAP base dn', 'LDAP_DN' => 'LDAP base dn',
'LDAP_DN_EXPLAIN' => 'This is the Distinguished Name, locating the user information, e.g. o=My Company,c=US', 'LDAP_DN_EXPLAIN' => 'This is the Distinguished Name, locating the user information, e.g. o=My Company,c=US',
'LDAP_SERVER' => 'LDAP server name',
'LDAP_SERVER_EXPLAIN' => 'If using LDAP this is the name or IP address of the server.',
'LDAP_UID' => 'LDAP uid', 'LDAP_UID' => 'LDAP uid',
'LDAP_UID_EXPLAIN' => 'This is the key under which to search for a given login identity, e.g. uid, sn, etc.', 'LDAP_UID_EXPLAIN' => 'This is the key under which to search for a given login identity, e.g. uid, sn, etc.',
)); ));