From 72484961ab4195d474891a2071861f7e896ef1fa Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Thu, 28 Oct 2021 12:13:28 +0200 Subject: [PATCH 01/11] FIX show connected server if we have a primary and secondary ldap server --- htdocs/admin/ldap.php | 10 +++++----- htdocs/core/class/ldap.class.php | 12 ++++++++---- 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/htdocs/admin/ldap.php b/htdocs/admin/ldap.php index 4010d724c1a..ddd59cd257b 100644 --- a/htdocs/admin/ldap.php +++ b/htdocs/admin/ldap.php @@ -297,17 +297,17 @@ if (function_exists("ldap_connect")) { if ($result > 0) { // Test ldap connect and bind print img_picto('', 'info').' '; - print ''.$langs->trans("LDAPTCPConnectOK", $conf->global->LDAP_SERVER_HOST, $conf->global->LDAP_SERVER_PORT).''; + print ''.$langs->trans("LDAPTCPConnectOK", $ldap->connectedServer, $conf->global->LDAP_SERVER_PORT).''; print '
'; - if ($conf->global->LDAP_ADMIN_DN && !empty($conf->global->LDAP_ADMIN_PASS)) { + if (!empty($conf->global->LDAP_ADMIN_DN) && !empty($conf->global->LDAP_ADMIN_PASS)) { if ($result == 2) { print img_picto('', 'info').' '; - print ''.$langs->trans("LDAPBindOK", $conf->global->LDAP_SERVER_HOST, $conf->global->LDAP_SERVER_PORT, $conf->global->LDAP_ADMIN_DN, preg_replace('/./i', '*', $conf->global->LDAP_ADMIN_PASS)).''; + print ''.$langs->trans("LDAPBindOK", $ldap->connectedServer, $conf->global->LDAP_SERVER_PORT, $conf->global->LDAP_ADMIN_DN, preg_replace('/./i', '*', $conf->global->LDAP_ADMIN_PASS)).''; print '
'; } else { print img_picto('', 'error').' '; - print ''.$langs->trans("LDAPBindKO", $conf->global->LDAP_SERVER_HOST, $conf->global->LDAP_SERVER_PORT, $conf->global->LDAP_ADMIN_DN, preg_replace('/./i', '*', $conf->global->LDAP_ADMIN_PASS)).''; + print ''.$langs->trans("LDAPBindKO", $ldap->connectedServer, $conf->global->LDAP_SERVER_PORT, $conf->global->LDAP_ADMIN_DN, preg_replace('/./i', '*', $conf->global->LDAP_ADMIN_PASS)).''; print '
'; print $langs->trans("Error").' '.$ldap->error; print '
'; @@ -333,7 +333,7 @@ if (function_exists("ldap_connect")) { $unbind = $ldap->unbind(); } else { print img_picto('', 'error').' '; - print ''.$langs->trans("LDAPTCPConnectKO", $conf->global->LDAP_SERVER_HOST, $conf->global->LDAP_SERVER_PORT).''; + print ''.$langs->trans("LDAPTCPConnectKO", $ldap->connectedServer, $conf->global->LDAP_SERVER_PORT).''; print '
'; print $langs->trans("Error").' '.$ldap->error; print '
'; diff --git a/htdocs/core/class/ldap.class.php b/htdocs/core/class/ldap.class.php index e2ce33cc45f..86754878f9d 100644 --- a/htdocs/core/class/ldap.class.php +++ b/htdocs/core/class/ldap.class.php @@ -1,8 +1,8 @@ * Copyright (C) 2004 Benoit Mortier - * Copyright (C) 2005-2017 Regis Houssin - * Copyright (C) 2006-2015 Laurent Destailleur + * Copyright (C) 2005-2021 Regis Houssin + * Copyright (C) 2006-2021 Laurent Destailleur * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -48,6 +48,11 @@ class Ldap */ public $server = array(); + /** + * Current connected server + */ + public $connectedServer; + /** * Base DN (e.g. "dc=foo,dc=com") */ @@ -159,8 +164,6 @@ class Ldap $this->attr_mobile = $conf->global->LDAP_FIELD_MOBILE; } - - // Connection handling methods ------------------------------------------- // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps @@ -288,6 +291,7 @@ class Ldap $return = -1; dol_syslog(get_class($this)."::connect_bind return=".$return.' - '.$this->error, LOG_WARNING); } + $this->connectedServer = $host; return $return; } From ae6d16c8301b039472c5ad9e940facfb91a3da8f Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Thu, 28 Oct 2021 13:36:53 +0200 Subject: [PATCH 02/11] FIX mhash function is deprecated since php 8.1.0 --- htdocs/core/lib/security.lib.php | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index 89fd9fe590b..7af6b0614fb 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -1,6 +1,6 @@ - * Copyright (C) 2008-2017 Regis Houssin +/* Copyright (C) 2008-2021 Laurent Destailleur + * Copyright (C) 2008-2021 Regis Houssin * Copyright (C) 2020 Ferran Marcet * * This program is free software; you can redistribute it and/or modify @@ -91,7 +91,6 @@ function dol_decode($chain, $key = '1') return $chain; } - /** * Returns a hash of a string. * If constant MAIN_SECURITY_HASH_ALGO is defined, we use this function as hashing function (recommanded value is 'password_hash') @@ -123,7 +122,7 @@ function dol_hash($chain, $type = '0') } elseif ($type == '3' || $type == 'md5') { return md5($chain); } elseif ($type == '4' || $type == 'md5openldap') { - return '{md5}'.base64_encode(mhash(MHASH_MD5, $chain)); // For OpenLdap with md5 (based on an unencrypted password in base) + return '{md5}'.base64_encode(pack("H*", md5($chain))); // For OpenLdap with md5 (based on an unencrypted password in base) } elseif ($type == '5' || $type == 'sha256') { return hash('sha256', $chain); } elseif ($type == '6' || $type == 'password_hash') { @@ -168,7 +167,6 @@ function dol_verifyHash($chain, $hash, $type = '0') return dol_hash($chain, $type) == $hash; } - /** * Check permissions of a user to show a page and an object. Check read permission. * If GETPOST('action','aZ09') defined, we also check write and delete permission. From f497492e62c301ffecf1ca205cc16b9042e593f2 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Thu, 28 Oct 2021 15:40:05 +0200 Subject: [PATCH 03/11] FIX compatibility with php8 --- htdocs/adherents/ldap.php | 1 - htdocs/adherents/type_ldap.php | 1 - htdocs/admin/ldap.php | 4 +- htdocs/admin/ldap_users.php | 130 +++++++++++++-------------- htdocs/contact/ldap.php | 1 - htdocs/core/class/ldap.class.php | 48 +++++----- htdocs/core/lib/ldap.lib.php | 9 +- htdocs/core/login/functions_ldap.php | 10 +-- htdocs/user/card.php | 2 +- htdocs/user/class/user.class.php | 2 +- htdocs/user/group/ldap.php | 1 - htdocs/user/ldap.php | 6 +- 12 files changed, 106 insertions(+), 109 deletions(-) diff --git a/htdocs/adherents/ldap.php b/htdocs/adherents/ldap.php index 983e6d9aada..4b64290f107 100644 --- a/htdocs/adherents/ldap.php +++ b/htdocs/adherents/ldap.php @@ -209,7 +209,6 @@ if ($result > 0) { } $ldap->unbind(); - $ldap->close(); } else { setEventMessages($ldap->error, $ldap->errors, 'errors'); } diff --git a/htdocs/adherents/type_ldap.php b/htdocs/adherents/type_ldap.php index f932b65e98c..43902a5e1bf 100644 --- a/htdocs/adherents/type_ldap.php +++ b/htdocs/adherents/type_ldap.php @@ -170,7 +170,6 @@ if ($result > 0) { } $ldap->unbind(); - $ldap->close(); } else { setEventMessages($ldap->error, $ldap->errors, 'errors'); } diff --git a/htdocs/admin/ldap.php b/htdocs/admin/ldap.php index ddd59cd257b..abdf6b75073 100644 --- a/htdocs/admin/ldap.php +++ b/htdocs/admin/ldap.php @@ -290,7 +290,7 @@ if (function_exists("ldap_connect")) { print ''.$langs->trans("LDAPTestConnect").'

'; } - if ($_GET["action"] == 'test') { + if ($action == 'test') { $ldap = new Ldap(); // Les parametres sont passes et recuperes via $conf $result = $ldap->connect_bind(); @@ -330,7 +330,7 @@ if (function_exists("ldap_connect")) { print '
'; } - $unbind = $ldap->unbind(); + $ldap->unbind(); } else { print img_picto('', 'error').' '; print ''.$langs->trans("LDAPTCPConnectKO", $ldap->connectedServer, $conf->global->LDAP_SERVER_PORT).''; diff --git a/htdocs/admin/ldap_users.php b/htdocs/admin/ldap_users.php index e6041650d63..759bcc7addb 100644 --- a/htdocs/admin/ldap_users.php +++ b/htdocs/admin/ldap_users.php @@ -192,7 +192,7 @@ print "\n"; // DN Pour les utilisateurs print ''; print ''.$langs->trans("LDAPUserDn").''; -print ''; +print ''; print ''.$langs->trans("LDAPUserDnExample").''; print ' '; print ''; @@ -200,7 +200,7 @@ print ''; // List of object class used to define attributes in structure print ''; print ''.$langs->trans("LDAPUserObjectClassList").''; -print ''; +print ''; print ''.$langs->trans("LDAPUserObjectClassListExample").''; print ' '; print ''; @@ -208,7 +208,7 @@ print ''; // Filter, used to filter search print ''; print ''.$langs->trans("LDAPFilterConnection").''; -print ''; +print ''; print ''.$langs->trans("LDAPFilterConnectionExample").''; print ''; print ''; @@ -225,168 +225,168 @@ print "\n"; // Common name print ''.$langs->trans("LDAPFieldFullname").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldFullnameExample").''; -print 'global->LDAP_KEY_USERS && $conf->global->LDAP_KEY_USERS == $conf->global->LDAP_FIELD_FULLNAME) ? ' checked' : '').">"; +print '"; print ''; // Name print ''.$langs->trans("LDAPFieldName").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldNameExample").''; -print 'global->LDAP_KEY_USERS && $conf->global->LDAP_KEY_USERS == $conf->global->LDAP_FIELD_NAME) ? ' checked' : '').">"; +print 'LDAP_FIELD_NAME') ? ' checked' : '').">"; print ''; // Firstname print ''.$langs->trans("LDAPFieldFirstName").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldFirstNameExample").''; -print 'global->LDAP_KEY_USERS && $conf->global->LDAP_KEY_USERS == $conf->global->LDAP_FIELD_FIRSTNAME) ? ' checked' : '').">"; +print '"; print ''; // Login unix print ''.$langs->trans("LDAPFieldLoginUnix").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldLoginExample").''; -print 'global->LDAP_KEY_USERS && $conf->global->LDAP_KEY_USERS == $conf->global->LDAP_FIELD_LOGIN) ? ' checked' : '').">"; +print '"; print ''; // Login samba print ''.$langs->trans("LDAPFieldLoginSamba").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldLoginSambaExample").''; -print 'global->LDAP_KEY_USERS && $conf->global->LDAP_KEY_USERS == $conf->global->LDAP_FIELD_LOGIN_SAMBA) ? ' checked' : '').">"; +print '"; print ''; // Password not crypted print ''.$langs->trans("LDAPFieldPasswordNotCrypted").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldPasswordExample").''; print ' '; print ''; // Password crypted print ''.$langs->trans("LDAPFieldPasswordCrypted").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldPasswordExample").''; print ' '; print ''; // Mail print ''.$langs->trans("LDAPFieldMail").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldMailExample").''; -print 'global->LDAP_KEY_USERS && $conf->global->LDAP_KEY_USERS == $conf->global->LDAP_FIELD_MAIL) ? ' checked' : '').">"; +print '"; print ''; // Phone print ''.$langs->trans("LDAPFieldPhone").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldPhoneExample").''; -print 'global->LDAP_KEY_USERS && $conf->global->LDAP_KEY_USERS == $conf->global->LDAP_FIELD_PHONE) ? ' checked' : '').">"; +print '"; print ''; // Mobile print ''.$langs->trans("LDAPFieldMobile").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldMobileExample").''; -print 'global->LDAP_KEY_USERS && $conf->global->LDAP_KEY_USERS == $conf->global->LDAP_FIELD_MOBILE) ? ' checked' : '').">"; +print '"; print ''; // Skype print ''.$langs->trans("LDAPFieldSkype").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldSkypeExample").''; -print 'global->LDAP_KEY_USERS && $conf->global->LDAP_KEY_USERS == $conf->global->LDAP_FIELD_SKYPE) ? ' checked' : '').">"; +print '"; print ''; // Fax print ''.$langs->trans("LDAPFieldFax").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldFaxExample").''; -print 'global->LDAP_KEY_USERS && $conf->global->LDAP_KEY_USERS == $conf->global->LDAP_FIELD_FAX) ? ' checked' : '').">"; +print '"; print ''; // Company print ''.$langs->trans("LDAPFieldCompany").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldCompanyExample").''; print ' '; print ''; // Address print ''.$langs->trans("LDAPFieldAddress").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldAddressExample").''; print ' '; print ''; // ZIP print ''.$langs->trans("LDAPFieldZip").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldZipExample").''; print ' '; print ''; // TOWN print ''.$langs->trans("LDAPFieldTown").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldTownExample").''; print ' '; print ''; // COUNTRY print ''.$langs->trans("LDAPFieldCountry").''; -print ''; +print ''; print ' '; print ' '; print ''; // Title print ''.$langs->trans("LDAPFieldTitle").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldTitleExample").''; print ' '; print ''; // Note print ''.$langs->trans("Note").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldDescriptionExample").''; print ' '; print ''; // Sid print ''.$langs->trans("LDAPFieldSid").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldSidExample").''; -print 'global->LDAP_KEY_USERS && $conf->global->LDAP_KEY_USERS == $conf->global->LDAP_FIELD_SID) ? ' checked' : '').">"; +print '"; print ''; // Group id print ''.$langs->trans("LDAPFieldGroupid").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldGroupidExample").''; print ' '; print ''; // Userid print ''.$langs->trans("LDAPFieldUserid").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldUseridExample").''; print ' '; print ''; // Home Directory print ''.$langs->trans("LDAPFieldHomedirectory").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldHomedirectoryExample").''; print ' '; print ''; // Home Directory Prefix print ''.$langs->trans("LDAPFieldHomedirectoryprefix").''; -print ''; +print ''; print ''; print ' '; print ''; @@ -405,20 +405,20 @@ print ''; /* * Test de la connexion */ -if ($conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') { +if (getDolGlobalString('LDAP_SYNCHRO_ACTIVE') == 'dolibarr2ldap') { $butlabel = $langs->trans("LDAPTestSynchroUser"); $testlabel = 'testuser'; - $key = $conf->global->LDAP_KEY_USERS; - $dn = $conf->global->LDAP_USER_DN; - $objectclass = $conf->global->LDAP_USER_OBJECT_CLASS; + $key = getDolGlobalString('LDAP_KEY_USERS'); + $dn = getDolGlobalString('LDAP_USER_DN'); + $objectclass = getDolGlobalString('LDAP_USER_OBJECT_CLASS'); show_ldap_test_button($butlabel, $testlabel, $key, $dn, $objectclass); -} elseif ($conf->global->LDAP_SYNCHRO_ACTIVE == 'ldap2dolibarr') { +} elseif (getDolGlobalString('LDAP_SYNCHRO_ACTIVE') == 'ldap2dolibarr') { $butlabel = $langs->trans("LDAPTestSearch"); $testlabel = 'testsearchuser'; - $key = $conf->global->LDAP_KEY_USERS; - $dn = $conf->global->LDAP_USER_DN; - $objectclass = $conf->global->LDAP_USER_OBJECT_CLASS; + $key = getDolGlobalString('LDAP_KEY_USERS'); + $dn = getDolGlobalString('LDAP_USER_DN'); + $objectclass = getDolGlobalString('LDAP_USER_OBJECT_CLASS'); show_ldap_test_button($butlabel, $testlabel, $key, $dn, $objectclass); } @@ -479,29 +479,29 @@ if (function_exists("ldap_connect")) { if ($result > 0) { $required_fields = array( - $conf->global->LDAP_KEY_USERS, - $conf->global->LDAP_FIELD_FULLNAME, - $conf->global->LDAP_FIELD_NAME, - $conf->global->LDAP_FIELD_FIRSTNAME, - $conf->global->LDAP_FIELD_LOGIN, - $conf->global->LDAP_FIELD_LOGIN_SAMBA, - $conf->global->LDAP_FIELD_PASSWORD, - $conf->global->LDAP_FIELD_PASSWORD_CRYPTED, - $conf->global->LDAP_FIELD_PHONE, - $conf->global->LDAP_FIELD_FAX, - $conf->global->LDAP_FIELD_SKYPE, - $conf->global->LDAP_FIELD_MOBILE, - $conf->global->LDAP_FIELD_MAIL, - $conf->global->LDAP_FIELD_TITLE, - $conf->global->LDAP_FIELD_DESCRIPTION, - $conf->global->LDAP_FIELD_SID + getDolGlobalString('LDAP_KEY_USERS'), + getDolGlobalString('LDAP_FIELD_FULLNAME'), + getDolGlobalString('LDAP_FIELD_NAME'), + getDolGlobalString('LDAP_FIELD_FIRSTNAME'), + getDolGlobalString('LDAP_FIELD_LOGIN'), + getDolGlobalString('LDAP_FIELD_LOGIN_SAMBA'), + getDolGlobalString('LDAP_FIELD_PASSWORD'), + getDolGlobalString('LDAP_FIELD_PASSWORD_CRYPTED'), + getDolGlobalString('LDAP_FIELD_PHONE'), + getDolGlobalString('LDAP_FIELD_FAX'), + getDolGlobalString('LDAP_FIELD_SKYPE'), + getDolGlobalString('LDAP_FIELD_MOBILE'), + getDolGlobalString('LDAP_FIELD_MAIL'), + getDolGlobalString('LDAP_FIELD_TITLE'), + getDolGlobalString('LDAP_FIELD_DESCRIPTION'), + getDolGlobalString('LDAP_FIELD_SID') ); // Remove from required_fields all entries not configured in LDAP (empty) and duplicated $required_fields = array_unique(array_values(array_filter($required_fields, "dol_validElement"))); // Get from LDAP database an array of results - $ldapusers = $ldap->getRecords('*', $conf->global->LDAP_USER_DN, $conf->global->LDAP_KEY_USERS, $required_fields, 1); + $ldapusers = $ldap->getRecords('*', getDolGlobalString('LDAP_USER_DN'), getDolGlobalString('LDAP_KEY_USERS'), $required_fields, 1); //$ldapusers = $ldap->getRecords('*', $conf->global->LDAP_USER_DN, $conf->global->LDAP_KEY_USERS, '', 1); if (is_array($ldapusers)) { @@ -523,8 +523,8 @@ if (function_exists("ldap_connect")) { print "
\n"; print "LDAP search for user:
\n"; print "search: *
\n"; - print "userDN: ".$conf->global->LDAP_USER_DN."
\n"; - print "useridentifier: ".$conf->global->LDAP_KEY_USERS."
\n"; + print "userDN: ".getDolGlobalString('LDAP_USER_DN')."
\n"; + print "useridentifier: ".getDolGlobalString('LDAP_KEY_USERS')."
\n"; print "required_fields: ".implode(',', $required_fields)."
\n"; print "=> ".count($liste)." records
\n"; print "\n
"; diff --git a/htdocs/contact/ldap.php b/htdocs/contact/ldap.php index 8babb849e7e..d29aab0386b 100644 --- a/htdocs/contact/ldap.php +++ b/htdocs/contact/ldap.php @@ -182,7 +182,6 @@ if ($result > 0) { } $ldap->unbind(); - $ldap->close(); } else { setEventMessages($ldap->error, $ldap->errors, 'errors'); } diff --git a/htdocs/core/class/ldap.class.php b/htdocs/core/class/ldap.class.php index 86754878f9d..6f42ffb5fac 100644 --- a/htdocs/core/class/ldap.class.php +++ b/htdocs/core/class/ldap.class.php @@ -137,31 +137,31 @@ class Ldap if (!empty($conf->global->LDAP_SERVER_HOST_SLAVE)) { $this->server[] = $conf->global->LDAP_SERVER_HOST_SLAVE; } - $this->serverPort = $conf->global->LDAP_SERVER_PORT; - $this->ldapProtocolVersion = $conf->global->LDAP_SERVER_PROTOCOLVERSION; - $this->dn = $conf->global->LDAP_SERVER_DN; - $this->serverType = $conf->global->LDAP_SERVER_TYPE; + $this->serverPort = getDolGlobalInt('LDAP_SERVER_PORT', 389); + $this->ldapProtocolVersion = getDolGlobalString('LDAP_SERVER_PROTOCOLVERSION'); + $this->dn = getDolGlobalString('LDAP_SERVER_DN'); + $this->serverType = getDolGlobalString('LDAP_SERVER_TYPE'); - $this->domain = $conf->global->LDAP_SERVER_DN; - $this->searchUser = $conf->global->LDAP_ADMIN_DN; - $this->searchPassword = $conf->global->LDAP_ADMIN_PASS; - $this->people = $conf->global->LDAP_USER_DN; - $this->groups = $conf->global->LDAP_GROUP_DN; + $this->domain = getDolGlobalString('LDAP_SERVER_DN'); + $this->searchUser = getDolGlobalString('LDAP_ADMIN_DN'); + $this->searchPassword = getDolGlobalString('LDAP_ADMIN_PASS'); + $this->people = getDolGlobalString('LDAP_USER_DN'); + $this->groups = getDolGlobalString('LDAP_GROUP_DN'); - $this->filter = $conf->global->LDAP_FILTER_CONNECTION; // Filter on user - $this->filtergroup = $conf->global->LDAP_GROUP_FILTER; // Filter on groups - $this->filtermember = $conf->global->LDAP_MEMBER_FILTER; // Filter on member + $this->filter = getDolGlobalString('LDAP_FILTER_CONNECTION'); // Filter on user + $this->filtergroup = getDolGlobalString('LDAP_GROUP_FILTER'); // Filter on groups + $this->filtermember = getDolGlobalString('LDAP_MEMBER_FILTER'); // Filter on member // Users - $this->attr_login = $conf->global->LDAP_FIELD_LOGIN; //unix - $this->attr_sambalogin = $conf->global->LDAP_FIELD_LOGIN_SAMBA; //samba, activedirectory - $this->attr_name = $conf->global->LDAP_FIELD_NAME; - $this->attr_firstname = $conf->global->LDAP_FIELD_FIRSTNAME; - $this->attr_mail = $conf->global->LDAP_FIELD_MAIL; - $this->attr_phone = $conf->global->LDAP_FIELD_PHONE; - $this->attr_skype = $conf->global->LDAP_FIELD_SKYPE; - $this->attr_fax = $conf->global->LDAP_FIELD_FAX; - $this->attr_mobile = $conf->global->LDAP_FIELD_MOBILE; + $this->attr_login = getDolGlobalString('LDAP_FIELD_LOGIN'); //unix + $this->attr_sambalogin = getDolGlobalString('LDAP_FIELD_LOGIN_SAMBA'); //samba, activedirectory + $this->attr_name = getDolGlobalString('LDAP_FIELD_NAME'); + $this->attr_firstname = getDolGlobalString('LDAP_FIELD_FIRSTNAME'); + $this->attr_mail = getDolGlobalString('LDAP_FIELD_MAIL'); + $this->attr_phone = getDolGlobalString('LDAP_FIELD_PHONE'); + $this->attr_skype = getDolGlobalString('LDAP_FIELD_SKYPE'); + $this->attr_fax = getDolGlobalString('LDAP_FIELD_FAX'); + $this->attr_mobile = getDolGlobalString('LDAP_FIELD_MOBILE'); } // Connection handling methods ------------------------------------------- @@ -302,6 +302,8 @@ class Ldap * Returns true if OK, false if there was an error. * * @return boolean true or false + * @deprecated ldap_close is an alias of ldap_unbind + * @see unbind() */ public function close() { @@ -355,7 +357,7 @@ class Ldap /** * Unbind du serveur ldap. * - * @return boolean true or false + * @return boolean true or false */ public function unbind() { @@ -415,7 +417,7 @@ class Ldap */ public function add($dn, $info, $user) { - dol_syslog(get_class($this)."::add dn=".$dn." info=".join(',', $info)); + dol_syslog(get_class($this)."::add dn=".$dn." info=".json_encode($info)); // Check parameters if (!$this->connection) { diff --git a/htdocs/core/lib/ldap.lib.php b/htdocs/core/lib/ldap.lib.php index 9d6e0193108..b3c951c99e9 100644 --- a/htdocs/core/lib/ldap.lib.php +++ b/htdocs/core/lib/ldap.lib.php @@ -1,6 +1,6 @@ - * Copyright (C) 2006-2017 Regis Houssin + * Copyright (C) 2006-2021 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -89,7 +89,6 @@ function ldap_prepare_head() return $head; } - /** * Show button test LDAP synchro * @@ -119,7 +118,6 @@ function show_ldap_test_button($butlabel, $testlabel, $key, $dn, $objectclass) print '

'; } - /** * Show a LDAP array into an HTML output array. * @@ -153,7 +151,7 @@ function show_ldap_content($result, $level, $count, $var, $hide = 0, $subcount = if ("$key" == "dn") { continue; } - if ("$val" == "objectclass") { + if (!is_array($val) && "$val" == "objectclass") { continue; } @@ -181,9 +179,10 @@ function show_ldap_content($result, $level, $count, $var, $hide = 0, $subcount = } print '
'; } - if ("$val" != $lastkey[$level] && !$subcount) { + if (!is_array($val) && "$val" != $lastkey[$level] && !$subcount) { print ''; } } return 1; } + diff --git a/htdocs/core/login/functions_ldap.php b/htdocs/core/login/functions_ldap.php index 6b11474995b..2d55ca2815b 100644 --- a/htdocs/core/login/functions_ldap.php +++ b/htdocs/core/login/functions_ldap.php @@ -120,7 +120,7 @@ function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest) if ($ldapdebug) { print "DEBUG: User ".$usertotest." must change password
\n"; } - $ldap->close(); + $ldap->unbind(); sleep(1); $langs->load('ldap'); $_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("YouMustChangePassNextLogon", $usertotest, $ldap->domainFQDN); @@ -131,7 +131,7 @@ function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest) print "DEBUG: ".$ldap->error."
\n"; } } - $ldap->close(); + $ldap->unbind(); } // Forge LDAP user and password to test with them @@ -166,14 +166,14 @@ function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest) $now = dol_now(); if ($tmpuser->datestartvalidity && $db->jdate($tmpuser->datestartvalidity) >= $now) { - $ldap->close(); + $ldap->unbind(); // Load translation files required by the page $langs->loadLangs(array('main', 'errors')); $_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorLoginDateValidity"); return '--bad-login-validity--'; } if ($tmpuser->dateendvalidity && $db->jdate($tmpuser->dateendvalidity) <= dol_get_first_hour($now)) { - $ldap->close(); + $ldap->unbind(); // Load translation files required by the page $langs->loadLangs(array('main', 'errors')); $_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorLoginDateValidity"); @@ -271,7 +271,7 @@ function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest) $_SESSION["dol_loginmesg"] = ($ldap->error ? $ldap->error : $langs->transnoentitiesnoconv("ErrorBadLoginPassword")); } - $ldap->close(); + $ldap->unbind(); } return $login; diff --git a/htdocs/user/card.php b/htdocs/user/card.php index 7df2c29dcc2..4885ebd8c31 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -2781,7 +2781,7 @@ if ($action == 'create' || $action == 'adduserldap') { } if (!empty($conf->ldap->enabled) && !empty($object->ldap_sid)) { - $ldap->close(); + $ldap->unbind(); } } } diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 1114aa826d5..d1aa62b25ee 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -2901,7 +2901,7 @@ class User extends CommonObject } } foreach ($socialnetworks as $key => $value) { - if ($this->socialnetworks[$value['label']] && !empty($conf->global->{'LDAP_FIELD_'.strtoupper($value['label'])})) { + if (!empty($this->socialnetworks[$value['label']]) && !empty($conf->global->{'LDAP_FIELD_'.strtoupper($value['label'])})) { $info[$conf->global->{'LDAP_FIELD_'.strtoupper($value['label'])}] = $this->socialnetworks[$value['label']]; } } diff --git a/htdocs/user/group/ldap.php b/htdocs/user/group/ldap.php index 710dab1ee22..d8d1995a847 100644 --- a/htdocs/user/group/ldap.php +++ b/htdocs/user/group/ldap.php @@ -192,7 +192,6 @@ if ($result > 0) { print ''.$langs->trans("LDAPRecordNotFound").' (dn='.dol_escape_htmltag($dn).' - search='.dol_escape_htmltag($search).')'; } $ldap->unbind(); - $ldap->close(); } else { setEventMessages($ldap->error, $ldap->errors, 'errors'); } diff --git a/htdocs/user/ldap.php b/htdocs/user/ldap.php index b7ea48f7734..8e12bf1b461 100644 --- a/htdocs/user/ldap.php +++ b/htdocs/user/ldap.php @@ -31,6 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/ldap.lib.php'; $langs->loadLangs(array('users', 'admin', 'companies', 'ldap')); $id = GETPOST('id', 'int'); +$action = GETPOST('action', 'aZ09'); $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'userldap'; // To manage different context of search // Security check @@ -62,7 +63,7 @@ if ($reshook < 0) { } if (empty($reshook)) { - if ($_GET["action"] == 'dolibarr2ldap') { + if ($action == 'dolibarr2ldap') { $ldap = new Ldap(); $result = $ldap->connect_bind(); @@ -97,7 +98,7 @@ print dol_get_fiche_head($head, 'ldap', $title, 0, 'user'); $linkback = ''; -if ($user->rights->user->user->lire || $user->admin) { +if (!empty($user->rights->user->user->lire) || !empty($user->admin)) { $linkback = ''.$langs->trans("BackToList").''; } @@ -198,7 +199,6 @@ if ($result > 0) { } $ldap->unbind(); - $ldap->close(); } else { setEventMessages($ldap->error, $ldap->errors, 'errors'); } From 36febed123b99499e5741def52d558ac1de89c9f Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Thu, 28 Oct 2021 15:46:52 +0200 Subject: [PATCH 04/11] FIX syntax error --- htdocs/admin/ldap_users.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/admin/ldap_users.php b/htdocs/admin/ldap_users.php index 759bcc7addb..33bec1cb2e8 100644 --- a/htdocs/admin/ldap_users.php +++ b/htdocs/admin/ldap_users.php @@ -232,9 +232,9 @@ print ''; // Name print ''.$langs->trans("LDAPFieldName").''; -print ''; +print ''; print ''.$langs->trans("LDAPFieldNameExample").''; -print 'LDAP_FIELD_NAME') ? ' checked' : '').">"; +print '"; print ''; // Firstname @@ -276,7 +276,7 @@ print ''; print ''.$langs->trans("LDAPFieldMail").''; print ''; print ''.$langs->trans("LDAPFieldMailExample").''; -print '"; +print '"; print ''; // Phone From 134e5cb5e699ca6b36819ee5428aa4a972c730fc Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Thu, 28 Oct 2021 13:52:29 +0000 Subject: [PATCH 05/11] Fixing style errors. --- htdocs/core/lib/ldap.lib.php | 1 - 1 file changed, 1 deletion(-) diff --git a/htdocs/core/lib/ldap.lib.php b/htdocs/core/lib/ldap.lib.php index b3c951c99e9..56a8bcc4285 100644 --- a/htdocs/core/lib/ldap.lib.php +++ b/htdocs/core/lib/ldap.lib.php @@ -185,4 +185,3 @@ function show_ldap_content($result, $level, $count, $var, $hide = 0, $subcount = } return 1; } - From 8ce70aac5d9bec2161d2a73bd40f0dae0b3eb7ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sun, 31 Oct 2021 18:43:11 +0100 Subject: [PATCH 06/11] display spf info from dns --- htdocs/admin/mails.php | 15 +++++++++++++-- htdocs/langs/en_US/admin.lang | 1 + 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/htdocs/admin/mails.php b/htdocs/admin/mails.php index 1283c5698d3..acfafcf9370 100644 --- a/htdocs/admin/mails.php +++ b/htdocs/admin/mails.php @@ -848,8 +848,19 @@ if ($action == 'edit') { $text .= ($text ? '

' : '').''.$langs->trans("WarningPHPMailSPF", $conf->global->MAIN_EXTERNAL_SMTP_SPF_STRING_TO_ADD); } } - - + $companyemail = getDolGlobalString('MAIN_INFO_SOCIETE_MAIL'); + $dnsinfo = false; + if (!empty($companyemail)) { + $domain = array_pop(explode('@', $companyemail)); + $dnsinfo = dns_get_record($domain, DNS_TXT); + } + if (!empty($dnsinfo) && is_array($dnsinfo)) { + foreach ($dnsinfo as $info) { + if (strpos($info['txt'], 'v=spf1') !== false) { + $text .= ($text ? '

' : '').$langs->trans("ActualMailSPFRecordFound", $info['txt']); + } + } + } if ($text) { print info_admin($text); } diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index d9099f567fa..4ff9f693cf7 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -501,6 +501,7 @@ WarningPHPMailC=- Using the SMTP server of your own Email Service Provider to se WarningPHPMailD=Also, it is therefore recommended to change the sending method of e-mails to the value "SMTP". If you really want to keep the default "PHP" method to send emails, just ignore this warning, or remove it by setting the MAIN_HIDE_WARNING_TO_ENCOURAGE_SMTP_SETUP constant to 1 in Home - Setup - Other. WarningPHPMail2=If your email SMTP provider need to restrict email client to some IP addresses (very rare), this is the IP address of the mail user agent (MUA) for your ERP CRM application: %s. WarningPHPMailSPF=If the domain name in your sender email address is protected by a SPF record (ask your domain name registar), you must add the following IPs in the SPF record of the DNS of your domain: %s. +ActualMailSPFRecordFound=Actual SPF record found : %s ClickToShowDescription=Click to show description DependsOn=This module needs the module(s) RequiredBy=This module is required by module(s) From 7d60cddaac4f6b2cee06fb7a63c99e79eca1d1d7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sun, 31 Oct 2021 19:36:31 +0100 Subject: [PATCH 07/11] fix warning same test at line 65 --- htdocs/core/tpl/object_discounts.tpl.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/core/tpl/object_discounts.tpl.php b/htdocs/core/tpl/object_discounts.tpl.php index df565aea6f9..38e1967c11b 100644 --- a/htdocs/core/tpl/object_discounts.tpl.php +++ b/htdocs/core/tpl/object_discounts.tpl.php @@ -1,5 +1,6 @@ + * Copyright (C) 2021 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -88,7 +89,7 @@ if ($absolute_discount > 0) { // Is there credit notes availables ? if ($absolute_creditnote > 0) { // If validated, we show link "add credit note to payment" - if ($cannotApplyDiscount || !$isInvoice || $isNewObject || $object->statut != $objclassname::STATUS_VALIDATED || $object->type == $objclassname::TYPE_CREDIT_NOTE) { + if (!empty($cannotApplyDiscount) || !$isInvoice || $isNewObject || $object->statut != $objclassname::STATUS_VALIDATED || $object->type == $objclassname::TYPE_CREDIT_NOTE) { $translationKey = !empty($discount_type) ? 'HasCreditNoteFromSupplier' : 'CompanyHasCreditNote'; $text = $langs->trans($translationKey, price($absolute_creditnote), $langs->transnoentities("Currency".$conf->currency)).'.'; From 033d983f051900f0e6f00429af9c246d4a3afc87 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sun, 31 Oct 2021 20:41:07 +0100 Subject: [PATCH 08/11] fix warning --- htdocs/knowledgemanagement/knowledgerecord_list.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/knowledgemanagement/knowledgerecord_list.php b/htdocs/knowledgemanagement/knowledgerecord_list.php index d4a702f26b8..c2e26fb7a86 100644 --- a/htdocs/knowledgemanagement/knowledgerecord_list.php +++ b/htdocs/knowledgemanagement/knowledgerecord_list.php @@ -1,6 +1,6 @@ - * Copyright (C) ---Put here your own copyright and developer email--- + * Copyright (C) 2021 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -104,7 +104,7 @@ foreach ($object->fields as $key => $val) { // List of fields to search into when doing a "search in all" $fieldstosearchall = array(); foreach ($object->fields as $key => $val) { - if ($val['searchall']) { + if (!empty($val['searchall'])) { $fieldstosearchall['t.'.$key] = $val['label']; } } From af8f74103a0b9401c1906bb57f60aa07ca8515c6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sun, 31 Oct 2021 20:48:13 +0100 Subject: [PATCH 09/11] Update knowledgerecord_list.php --- htdocs/knowledgemanagement/knowledgerecord_list.php | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/htdocs/knowledgemanagement/knowledgerecord_list.php b/htdocs/knowledgemanagement/knowledgerecord_list.php index c2e26fb7a86..aed45b1db26 100644 --- a/htdocs/knowledgemanagement/knowledgerecord_list.php +++ b/htdocs/knowledgemanagement/knowledgerecord_list.php @@ -444,6 +444,7 @@ print ''; foreach ($object->fields as $key => $val) { + $searchkey = empty($search[$key]) ? '' : $search[$key]; $cssforfield = (empty($val['css']) ? '' : $val['css']); if ($key == 'status') { $cssforfield .= ($cssforfield ? ' ' : '').'center'; @@ -458,9 +459,9 @@ foreach ($object->fields as $key => $val) { print ''; } @@ -522,7 +523,7 @@ print ''."\n"; // Detect if we need a fetch on each output line $needToFetchEachLine = 0; -if (is_array($extrafields->attributes[$object->table_element]['computed']) && count($extrafields->attributes[$object->table_element]['computed']) > 0) { +if (!empty($extrafields->attributes[$object->table_element]['computed']) && is_array($extrafields->attributes[$object->table_element]['computed']) && count($extrafields->attributes[$object->table_element]['computed']) > 0) { foreach ($extrafields->attributes[$object->table_element]['computed'] as $key => $val) { if (preg_match('/\$object/', $val)) { $needToFetchEachLine++; // There is at least one compute field that use $object From e02565190a028ed129d88cb8e837b3b84d3c82bd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Mon, 1 Nov 2021 01:10:30 +0100 Subject: [PATCH 10/11] replace function each deprecated in php 7.2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Warning This function has been DEPRECATED as of PHP 7.2.0, and REMOVED as of PHP 8.0.0. Relying on this function is highly discouraged. Avertissement Cette fonctionnalité est OBSOLÈTE à partir de PHP 7.2.0 et a été SUPPRIMÉE à partir de PHP 8.0.0. --- htdocs/includes/printipp/http_class.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/htdocs/includes/printipp/http_class.php b/htdocs/includes/printipp/http_class.php index 30bb33d663b..27a3d0cb584 100644 --- a/htdocs/includes/printipp/http_class.php +++ b/htdocs/includes/printipp/http_class.php @@ -366,7 +366,9 @@ class http_class $content_length = 0; foreach ($this->arguments["BodyStream"] as $argument) { - list ($type, $value) = each ($argument); + // list ($type, $value) = each ($argument); + $type = key($argument); + $value = current($argument); reset ($argument); if ($type == "Data") { @@ -420,7 +422,9 @@ class http_class } foreach ($this->arguments["BodyStream"] as $argument) { - list ($type, $value) = each ($argument); + // list ($type, $value) = each ($argument); + $type = key($argument); + $value = current($argument); reset ($argument); if ($type == "Data") { From 3c69fb0ea3f866bf6b3449aed13bffcf866dd00c Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 1 Nov 2021 02:35:15 +0100 Subject: [PATCH 11/11] Update mails.php --- htdocs/admin/mails.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/admin/mails.php b/htdocs/admin/mails.php index acfafcf9370..90036b752b0 100644 --- a/htdocs/admin/mails.php +++ b/htdocs/admin/mails.php @@ -850,13 +850,13 @@ if ($action == 'edit') { } $companyemail = getDolGlobalString('MAIN_INFO_SOCIETE_MAIL'); $dnsinfo = false; - if (!empty($companyemail)) { + if (!empty($companyemail) && function_exists('dns_get_record')) { $domain = array_pop(explode('@', $companyemail)); $dnsinfo = dns_get_record($domain, DNS_TXT); } if (!empty($dnsinfo) && is_array($dnsinfo)) { foreach ($dnsinfo as $info) { - if (strpos($info['txt'], 'v=spf1') !== false) { + if (strpos($info['txt'], 'v=spf') !== false) { $text .= ($text ? '

' : '').$langs->trans("ActualMailSPFRecordFound", $info['txt']); } }
'; if (!empty($val['arrayofkeyval']) && is_array($val['arrayofkeyval'])) { - print $form->selectarray('search_'.$key, $val['arrayofkeyval'], $search[$key], $val['notnull'], 0, 0, '', 1, 0, 0, '', 'maxwidth100', 1); + print $form->selectarray('search_'.$key, $val['arrayofkeyval'], $searchkey, $val['notnull'], 0, 0, '', 1, 0, 0, '', 'maxwidth100', 1); } elseif ((strpos($val['type'], 'integer:') === 0) || (strpos($val['type'], 'sellist:')=== 0)) { - print $object->showInputField($val, $key, $search[$key], '', '', 'search_', 'maxwidth125', 1); + print $object->showInputField($val, $key, $searchkey, '', '', 'search_', 'maxwidth125', 1); } elseif (preg_match('/^(date|timestamp|datetime)/', $val['type'])) { print '
'; print $form->selectDate($search[$key.'_dtstart'] ? $search[$key.'_dtstart'] : '', "search_".$key."_dtstart", 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('From')); @@ -469,9 +470,9 @@ foreach ($object->fields as $key => $val) { print $form->selectDate($search[$key.'_dtend'] ? $search[$key.'_dtend'] : '', "search_".$key."_dtend", 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('to')); print '
'; } elseif ($key == 'lang') { - print $formadmin->select_language($search[$key], 'search_lang', 0, null, 1, 0, 0, 'minwidth150 maxwidth200', 2); + print $formadmin->select_language($searchkey, 'search_lang', 0, null, 1, 0, 0, 'minwidth150 maxwidth200', 2); } else { - print ''; + print ''; } print '