lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #19365 from hregis/fix_add_ldap_hash_type_select

Browse Source 
NEW add ldap password hash type select
This commit is contained in:
Laurent Destailleur 2021-11-15 11:16:33 +01:00 committed by GitHub
commit 7a6d84f0d5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
19 changed files with 409 additions and 151 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
htdocs/adherents/class/adherent.class.php
View File

@ -2703,7 +2703,7 @@ class Adherent extends CommonObject
$info[$conf->global->LDAP_MEMBER_FIELD_PASSWORD] = $this->pass; // this->pass = mot de passe non crypte
}
if (!empty($conf->global->LDAP_MEMBER_FIELD_PASSWORD_CRYPTED)) {
$info[$conf->global->LDAP_MEMBER_FIELD_PASSWORD_CRYPTED] = dol_hash($this->pass, 4); // Create OpenLDAP MD5 password (TODO add type of encryption)
$info[$conf->global->LDAP_MEMBER_FIELD_PASSWORD_CRYPTED] = dol_hash($this->pass, 'openldap'); // Create OpenLDAP password (see LDAP_PASSWORD_HASH_TYPE)
}
} elseif ($conf->global->LDAP_SERVER_PROTOCOLVERSION !== '3') {
// Set LDAP password if possible
@ -2714,7 +2714,7 @@ class Adherent extends CommonObject
if ($this->pass_indatabase_crypted && !empty($conf->global->LDAP_MEMBER_FIELD_PASSWORD_CRYPTED)) {
// Create OpenLDAP MD5 password from Dolibarr MD5 password
// Note: This suppose that "pass_indatabase_crypted" is a md5 (guaranted by the previous test if "(empty($conf->global->MAIN_SECURITY_HASH_ALGO))"
$info[$conf->global->LDAP_MEMBER_FIELD_PASSWORD_CRYPTED] = '{md5}'.base64_encode(hex2bin($this->pass_indatabase_crypted));
$info[$conf->global->LDAP_MEMBER_FIELD_PASSWORD_CRYPTED] = dolGetLdapPasswordHash($this->pass_indatabase_crypted, 'md5frommd5');
}
}
} elseif (!empty($this->pass_indatabase)) {
@ -2723,7 +2723,7 @@ class Adherent extends CommonObject
$info[$conf->global->LDAP_MEMBER_FIELD_PASSWORD] = $this->pass_indatabase; // $this->pass_indatabase = mot de passe non crypte
}
if (!empty($conf->global->LDAP_MEMBER_FIELD_PASSWORD_CRYPTED)) {
$info[$conf->global->LDAP_MEMBER_FIELD_PASSWORD_CRYPTED] = dol_hash($this->pass_indatabase, 4); // md5 for OpenLdap TODO add type of encryption
$info[$conf->global->LDAP_MEMBER_FIELD_PASSWORD_CRYPTED] = dol_hash($this->pass_indatabase, 'openldap'); // Create OpenLDAP password (see LDAP_PASSWORD_HASH_TYPE)
}
}
}

28
htdocs/adherents/ldap.php
View File

@ -1,6 +1,6 @@
<?php
/* Copyright (C) 2006 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2006-2017 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2006-2021 Regis Houssin <regis.houssin@inodbox.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -50,14 +50,14 @@ if ($id > 0 || !empty($ref)) {
$result = $object->fetch($id, $ref);
// Define variables to know what current user can do on users
$canadduser = ($user->admin || $user->rights->user->user->creer);
$canadduser = (!empty($user->admin) || !empty($user->rights->user->user->creer));
// Define variables to know what current user can do on properties of user linked to edited member
if ($object->user_id) {
// $User is the user who edits, $object->user_id is the id of the related user in the edited member
$caneditfielduser = ((($user->id == $object->user_id) && $user->rights->user->self->creer)
|| (($user->id != $object->user_id) && $user->rights->user->user->creer));
$caneditfielduser = ((($user->id == $object->user_id) && !empty($user->rights->user->self->creer))
|| (($user->id != $object->user_id) && !empty($user->rights->user->user->creer)));
$caneditpassworduser = ((($user->id == $object->user_id) && $user->rights->user->self->password)
|| (($user->id != $object->user_id) && $user->rights->user->user->password));
|| (($user->id != $object->user_id) && !empty($user->rights->user->user->password)));
}
}
@ -135,17 +135,17 @@ $adht->fetch($object->typeid);
print '<tr><td>'.$langs->trans("Type").'</td><td class="valeur">'.$adht->getNomUrl(1)."</td></tr>\n";
// LDAP DN
print '<tr><td>LDAP '.$langs->trans("LDAPMemberDn").'</td><td class="valeur">'.$conf->global->LDAP_MEMBER_DN."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPMemberDn").'</td><td class="valeur">'.getDolGlobalString('LDAP_MEMBER_DN')."</td></tr>\n";
// LDAP Cle
print '<tr><td>LDAP '.$langs->trans("LDAPNamingAttribute").'</td><td class="valeur">'.$conf->global->LDAP_KEY_MEMBERS."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPNamingAttribute").'</td><td class="valeur">'.getDolGlobalString('LDAP_KEY_MEMBERS')."</td></tr>\n";
// LDAP Server
print '<tr><td>LDAP '.$langs->trans("Type").'</td><td class="valeur">'.$conf->global->LDAP_SERVER_TYPE."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("Version").'</td><td class="valeur">'.$conf->global->LDAP_SERVER_PROTOCOLVERSION."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPPrimaryServer").'</td><td class="valeur">'.$conf->global->LDAP_SERVER_HOST."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPSecondaryServer").'</td><td class="valeur">'.$conf->global->LDAP_SERVER_HOST_SLAVE."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPServerPort").'</td><td class="valeur">'.$conf->global->LDAP_SERVER_PORT."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("Type").'</td><td class="valeur">'.getDolGlobalString('LDAP_SERVER_TYPE')."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("Version").'</td><td class="valeur">'.getDolGlobalString('LDAP_SERVER_PROTOCOLVERSION')."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPPrimaryServer").'</td><td class="valeur">'.getDolGlobalString('LDAP_SERVER_HOST')."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPSecondaryServer").'</td><td class="valeur">'.getDolGlobalString('LDAP_SERVER_HOST_SLAVE')."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPServerPort").'</td><td class="valeur">'.getDolGlobalString('LDAP_SERVER_PORT')."</td></tr>\n";
print '</table>';
@ -158,13 +158,13 @@ print dol_get_fiche_end();
*/
print '<div class="tabsAction">';
if (!empty($conf->global->LDAP_MEMBER_ACTIVE) && $conf->global->LDAP_MEMBER_ACTIVE != 'ldap2dolibarr') {
if (!empty($conf->global->LDAP_MEMBER_ACTIVE) && getDolGlobalString('LDAP_MEMBER_ACTIVE') != Ldap::SYNCHRO_LDAP_TO_DOLIBARR) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=dolibarr2ldap">'.$langs->trans("ForceSynchronize").'</a></div>';
}
print "</div>\n";
if (!empty($conf->global->LDAP_MEMBER_ACTIVE) && $conf->global->LDAP_MEMBER_ACTIVE != 'ldap2dolibarr') {
if (!empty($conf->global->LDAP_MEMBER_ACTIVE) && getDolGlobalString('LDAP_MEMBER_ACTIVE') != Ldap::SYNCHRO_LDAP_TO_DOLIBARR) {
print "<br>\n";
}

4
htdocs/adherents/type_ldap.php
View File

@ -124,13 +124,13 @@ print dol_get_fiche_end();
print '<div class="tabsAction">';
if ($conf->global->LDAP_MEMBER_TYPE_ACTIVE == 1) {
if (getDolGlobalInt('LDAP_MEMBER_TYPE_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?rowid='.$object->id.'&action=dolibarr2ldap">'.$langs->trans("ForceSynchronize").'</a>';
}
print "</div>\n";
if ($conf->global->LDAP_MEMBER_TYPE_ACTIVE == 1) {
if (getDolGlobalInt('LDAP_MEMBER_TYPE_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
print "<br>\n";
}

84
htdocs/admin/ldap.php
View File

@ -2,7 +2,7 @@
/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004 Sebastien Di Cintio <sdicintio@ressource-toi.org>
* Copyright (C) 2004 Benoit Mortier <benoit.mortier@opensides.be>
* Copyright (C) 2005-2017 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2005-2021 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2006-2020 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2011-2013 Juanjo Menent <jmenent@2byte.es>
*
@ -29,10 +29,11 @@
require '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/ldap.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formldap.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/ldap.lib.php';
// Load translation files required by the page
$langs->load("admin");
$langs->loadLangs(array("admin", "ldap"));
if (!$user->admin) {
accessforbidden();
@ -99,6 +100,9 @@ if (empty($reshook)) {
if (!dolibarr_set_const($db, 'LDAP_MEMBER_TYPE_ACTIVE', GETPOST("activememberstypes", 'aZ09'), 'chaine', 0, '', $conf->entity)) {
$error++;
}
if (!dolibarr_set_const($db, 'LDAP_PASSWORD_HASH_TYPE', GETPOST("LDAP_PASSWORD_HASH_TYPE", 'aZ09'), 'chaine', 0, '', $conf->entity)) {
$error++;
}
if (!$error) {
$db->commit();
@ -129,7 +133,7 @@ if (!function_exists("ldap_connect")) {
$form = new Form($db);
$formldap = new FormLdap($db);
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue&token='.newToken().'">';
print '<input type="hidden" name="token" value="'.newToken().'">';
@ -146,13 +150,9 @@ print "</tr>\n";
// Synchro utilisateurs/groupes active
print '<tr class="oddeven"><td>'.$langs->trans("LDAPDnSynchroActive").'</td><td>';
$arraylist = array();
$arraylist['0'] = $langs->trans("No");
$arraylist['ldap2dolibarr'] = $langs->trans("LDAPToDolibarr");
$arraylist['dolibarr2ldap'] = $langs->trans("DolibarrToLDAP");
print $form->selectarray('activesynchro', $arraylist, $conf->global->LDAP_SYNCHRO_ACTIVE);
print $formldap->selectLdapDnSynchroActive(getDolGlobalInt('LDAP_SYNCHRO_ACTIVE'), 'activesynchro');
print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPDnSynchroActiveExample").'</span>';
if ($conf->global->LDAP_SYNCHRO_ACTIVE && !$conf->global->LDAP_USER_DN) {
if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && empty($conf->global->LDAP_USER_DN)) {
print '<br><span class="error">'.$langs->trans("LDAPSetupNotComplete").'</span>';
}
print '</td></tr>';
@ -160,32 +160,21 @@ print '</td></tr>';
// Synchro contact active
if (!empty($conf->societe->enabled)) {
print '<tr class="oddeven"><td>'.$langs->trans("LDAPDnContactActive").'</td><td>';
$arraylist = array();
$arraylist['0'] = $langs->trans("No");
$arraylist['1'] = $langs->trans("DolibarrToLDAP");
print $form->selectarray('activecontact', $arraylist, $conf->global->LDAP_CONTACT_ACTIVE);
print $formldap->selectLdapDnSynchroActive(getDolGlobalInt('LDAP_CONTACT_ACTIVE'), 'activecontact', array(Ldap::SYNCHRO_LDAP_TO_DOLIBARR));
print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPDnContactActiveExample").'</span></td></tr>';
}
// Synchro member active
if (!empty($conf->adherent->enabled)) {
print '<tr class="oddeven"><td>'.$langs->trans("LDAPDnMemberActive").'</td><td>';
$arraylist = array();
$arraylist['0'] = $langs->trans("No");
$arraylist['1'] = $langs->trans("DolibarrToLDAP");
$arraylist['ldap2dolibarr'] = $langs->trans("LDAPToDolibarr").' ('.$langs->trans("SupportedForLDAPImportScriptOnly").')';
print $form->selectarray('activemembers', $arraylist, $conf->global->LDAP_MEMBER_ACTIVE);
print $formldap->selectLdapDnSynchroActive(getDolGlobalInt('LDAP_MEMBER_ACTIVE'), 'activemembers', array(), 2);
print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPDnMemberActiveExample").'</span></td></tr>';
}
// Synchro member type active
if (!empty($conf->adherent->enabled)) {
print '<tr class="oddeven"><td>'.$langs->trans("LDAPDnMemberTypeActive").'</td><td>';
$arraylist = array();
$arraylist['0'] = $langs->trans("No");
$arraylist['1'] = $langs->trans("DolibarrToLDAP");
$arraylist['ldap2dolibarr'] = $langs->trans("LDAPToDolibarr").' ('.$langs->trans("SupportedForLDAPImportScriptOnly").')';
print $form->selectarray('activememberstypes', $arraylist, $conf->global->LDAP_MEMBER_TYPE_ACTIVE);
print $formldap->selectLdapDnSynchroActive(getDolGlobalInt('LDAP_MEMBER_TYPE_ACTIVE'), 'activememberstypes', array(), 2);
print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPDnMemberTypeActiveExample").'</span></td></tr>';
}
@ -202,55 +191,46 @@ print "</tr>\n";
// Type
print '<tr class="oddeven"><td>'.$langs->trans("Type").'</td><td>';
$arraylist = array();
$arraylist['activedirectory'] = 'Active Directory';
$arraylist['openldap'] = 'OpenLdap';
$arraylist['egroupware'] = 'Egroupware';
print $form->selectarray('type', $arraylist, $conf->global->LDAP_SERVER_TYPE);
print $formldap->selectLdapServerType(getDolGlobalString('LDAP_SERVER_TYPE'), 'type');
print '</td><td>&nbsp;</td></tr>';
// Version
print '<tr class="oddeven"><td>'.$langs->trans("Version").'</td><td>';
$arraylist = array();
$arraylist['3'] = 'Version 3';
$arraylist['2'] = 'Version 2';
print $form->selectarray('LDAP_SERVER_PROTOCOLVERSION', $arraylist, $conf->global->LDAP_SERVER_PROTOCOLVERSION);
print $formldap->selectLdapServerProtocolVersion(getDolGlobalString('LDAP_SERVER_PROTOCOLVERSION'), 'LDAP_SERVER_PROTOCOLVERSION');
print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPServerProtocolVersion").'</span></td></tr>';
// Serveur primaire
print '<tr class="oddeven"><td>';
print $langs->trans("LDAPPrimaryServer").'</td><td>';
print '<input class="minwidth200" type="text" name="host" value="'.$conf->global->LDAP_SERVER_HOST.'">';
print '<input class="minwidth200" type="text" name="host" value="'.getDolGlobalString('LDAP_SERVER_HOST').'">';
print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPServerExample").'</span></td></tr>';
// Serveur secondaire
print '<tr class="oddeven"><td>';
print $langs->trans("LDAPSecondaryServer").'</td><td>';
print '<input class="minwidth200" type="text" name="slave" value="'.$conf->global->LDAP_SERVER_HOST_SLAVE.'">';
print '<input class="minwidth200" type="text" name="slave" value="'.getDolGlobalString('LDAP_SERVER_HOST_SLAVE').'">';
print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPServerExample").'</span></td></tr>';
// Port
print '<tr class="oddeven"><td>'.$langs->trans("LDAPServerPort").'</td><td>';
if (!empty($conf->global->LDAP_SERVER_PORT)) {
print '<input class="width75" type="text" name="port" value="'.$conf->global->LDAP_SERVER_PORT.'">';
} else {
print '<input class="width75" type="text" name="port" value="389">';
}
print '<input class="width75" type="text" name="port" value="'.getDolGlobalString('LDAP_SERVER_PORT', '389').'">';
print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPServerPortExample").'</span></td></tr>';
// DNserver
print '<tr class="oddeven"><td>'.$langs->trans("LDAPServerDn").'</td><td>';
print '<input class="minwidth300" type="text" name="dn" value="'.$conf->global->LDAP_SERVER_DN.'">';
print '<input class="minwidth300" type="text" name="dn" value="'.getDolGlobalString('LDAP_SERVER_DN').'">';
print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPServerDnExample").'</span></td></tr>';
// Utiliser TLS
print '<tr class="oddeven"><td>'.$langs->trans("LDAPServerUseTLS").'</td><td>';
$arraylist = array();
$arraylist['0'] = $langs->trans("No");
$arraylist['1'] = $langs->trans("Yes");
print $form->selectarray('usetls', $arraylist, $conf->global->LDAP_SERVER_USE_TLS);
print $form->selectyesno('usetls', getDolGlobalInt('LDAP_SERVER_USE_TLS'), 1);
print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPServerUseTLSExample").'</span></td></tr>';
// Password hash type
print '<tr class="oddeven"><td>'.$langs->trans("LDAPPasswordHashType").'</td><td>';
print $formldap->selectLdapPasswordHashType(getDolGlobalString('LDAP_PASSWORD_HASH_TYPE'), 'LDAP_PASSWORD_HASH_TYPE');
print '</td><td><span class="opacitymedium">'.$langs->trans("LDAPPasswordHashTypeExample").'</span></td></tr>';
print '<tr class="liste_titre">';
print '<td colspan="3">'.$langs->trans("ForANonAnonymousAccess").'</td>';
print "</tr>\n";
@ -258,17 +238,13 @@ print "</tr>\n";
// DNAdmin
print '<!-- LDAP_ADMIN_DN -->';
print '<tr class="oddeven"><td>'.$langs->trans("LDAPAdminDn").'</td><td>';
print '<input class="minwidth300" type="text" name="admin" value="'.$conf->global->LDAP_ADMIN_DN.'">';
print '<input class="minwidth300" type="text" name="admin" value="'.getDolGlobalString('LDAP_ADMIN_DN').'">';
print '</td><td class="maxwidthhalf"><span class="opacitymedium">'.$langs->trans("LDAPAdminDnExample").'</span></td></tr>';
// Pass
print '<!-- LDAP_ADMIN_PASS -->';
print '<tr class="oddeven"><td>'.$langs->trans("LDAPPassword").'</td><td>';
if (!empty($conf->global->LDAP_ADMIN_PASS)) {
print '<input class="minwidth150" type="password" name="pass" value="'.$conf->global->LDAP_ADMIN_PASS.'">'; // je le met en visible pour test
} else {
print '<input class="minwidth150" type="text" name="pass" value="'.$conf->global->LDAP_ADMIN_PASS.'">';
}
print '<input class="minwidth150" type="password" name="pass" value="'.$conf->global->LDAP_ADMIN_PASS.'">';
print '</td><td><span class="opacitymedium">'.$langs->trans('Password').' (ex: secret)</span></td></tr>';
print '</table>';
@ -297,17 +273,17 @@ if (function_exists("ldap_connect")) {
if ($result > 0) {
// Test ldap connect and bind
print img_picto('', 'info').' ';
print '<span class="ok">'.$langs->trans("LDAPTCPConnectOK", $ldap->connectedServer, $conf->global->LDAP_SERVER_PORT).'</span>';
print '<span class="ok">'.$langs->trans("LDAPTCPConnectOK", $ldap->connectedServer, getDolGlobalString('LDAP_SERVER_PORT')).'</span>';
print '<br>';
if (!empty($conf->global->LDAP_ADMIN_DN) && !empty($conf->global->LDAP_ADMIN_PASS)) {
if ($result == 2) {
print img_picto('', 'info').' ';
print '<span class="ok">'.$langs->trans("LDAPBindOK", $ldap->connectedServer, $conf->global->LDAP_SERVER_PORT, $conf->global->LDAP_ADMIN_DN, preg_replace('/./i', '*', $conf->global->LDAP_ADMIN_PASS)).'</span>';
print '<span class="ok">'.$langs->trans("LDAPBindOK", $ldap->connectedServer, getDolGlobalString('LDAP_SERVER_PORT'), $conf->global->LDAP_ADMIN_DN, preg_replace('/./i', '*', $conf->global->LDAP_ADMIN_PASS)).'</span>';
print '<br>';
} else {
print img_picto('', 'error').' ';
print '<span class="error">'.$langs->trans("LDAPBindKO", $ldap->connectedServer, $conf->global->LDAP_SERVER_PORT, $conf->global->LDAP_ADMIN_DN, preg_replace('/./i', '*', $conf->global->LDAP_ADMIN_PASS)).'</span>';
print '<span class="error">'.$langs->trans("LDAPBindKO", $ldap->connectedServer, getDolGlobalString('LDAP_SERVER_PORT'), $conf->global->LDAP_ADMIN_DN, preg_replace('/./i', '*', $conf->global->LDAP_ADMIN_PASS)).'</span>';
print '<br>';
print $langs->trans("Error").' '.$ldap->error;
print '<br>';
@ -333,7 +309,7 @@ if (function_exists("ldap_connect")) {
$ldap->unbind();
} else {
print img_picto('', 'error').' ';
print '<span class="error">'.$langs->trans("LDAPTCPConnectKO", $ldap->connectedServer, $conf->global->LDAP_SERVER_PORT).'</span>';
print '<span class="error">'.$langs->trans("LDAPTCPConnectKO", $ldap->connectedServer, getDolGlobalString('LDAP_SERVER_PORT')).'</span>';
print '<br>';
print $langs->trans("Error").' '.$ldap->error;
print '<br>';

4
htdocs/admin/ldap_groups.php
View File

@ -218,7 +218,7 @@ print '</form>';
/*
* Test de la connexion
*/
if ($conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
if (getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
$butlabel = $langs->trans("LDAPTestSynchroGroup");
$testlabel = 'testgroup';
$key = $conf->global->LDAP_KEY_GROUPS;
@ -226,7 +226,7 @@ if ($conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
$objectclass = $conf->global->LDAP_GROUP_OBJECT_CLASS;
show_ldap_test_button($butlabel, $testlabel, $key, $dn, $objectclass);
} elseif ($conf->global->LDAP_SYNCHRO_ACTIVE == 'ldap2dolibarr') {
} elseif (getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_LDAP_TO_DOLIBARR) {
$butlabel = $langs->trans("LDAPTestSearch");
$testlabel = 'testsearchgroup';
$key = $conf->global->LDAP_KEY_GROUPS;

2
htdocs/admin/ldap_members_types.php
View File

@ -188,7 +188,7 @@ print '</form>';
/*
* Test de la connexion
*/
if ($conf->global->LDAP_MEMBER_TYPE_ACTIVE == '1') {
if (getDolGlobalInt('LDAP_MEMBER_TYPE_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
$butlabel = $langs->trans("LDAPTestSynchroMemberType");
$testlabel = 'testmembertype';
$key = $conf->global->LDAP_KEY_MEMBERS_TYPES;

4
htdocs/admin/ldap_users.php
View File

@ -405,7 +405,7 @@ print '</form>';
/*
* Test de la connexion
*/
if (getDolGlobalString('LDAP_SYNCHRO_ACTIVE') == 'dolibarr2ldap') {
if (getDolGlobalString('LDAP_SYNCHRO_ACTIVE') == Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
$butlabel = $langs->trans("LDAPTestSynchroUser");
$testlabel = 'testuser';
$key = getDolGlobalString('LDAP_KEY_USERS');
@ -413,7 +413,7 @@ if (getDolGlobalString('LDAP_SYNCHRO_ACTIVE') == 'dolibarr2ldap') {
$objectclass = getDolGlobalString('LDAP_USER_OBJECT_CLASS');
show_ldap_test_button($butlabel, $testlabel, $key, $dn, $objectclass);
} elseif (getDolGlobalString('LDAP_SYNCHRO_ACTIVE') == 'ldap2dolibarr') {
} elseif (getDolGlobalString('LDAP_SYNCHRO_ACTIVE') == Ldap::SYNCHRO_LDAP_TO_DOLIBARR) {
$butlabel = $langs->trans("LDAPTestSearch");
$testlabel = 'testsearchuser';
$key = getDolGlobalString('LDAP_KEY_USERS');

16
htdocs/contact/ldap.php
View File

@ -1,6 +1,6 @@
<?php
/* Copyright (C) 2006-2010 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2006-2017 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2006-2021 Regis Houssin <regis.houssin@inodbox.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -114,15 +114,15 @@ print $object->getCivilityLabel();
print '</td></tr>';
// LDAP DN
print '<tr><td>LDAP '.$langs->trans("LDAPContactDn").'</td><td class="valeur" colspan="3">'.$conf->global->LDAP_CONTACT_DN."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPContactDn").'</td><td class="valeur" colspan="3">'.getDolGlobalString('LDAP_CONTACT_DN')."</td></tr>\n";
// LDAP Cle
print '<tr><td>LDAP '.$langs->trans("LDAPNamingAttribute").'</td><td class="valeur" colspan="3">'.$conf->global->LDAP_KEY_CONTACTS."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPNamingAttribute").'</td><td class="valeur" colspan="3">'.getDolGlobalString('LDAP_KEY_CONTACTS')."</td></tr>\n";
// LDAP Server
print '<tr><td>LDAP '.$langs->trans("LDAPPrimaryServer").'</td><td class="valeur" colspan="3">'.$conf->global->LDAP_SERVER_HOST."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPSecondaryServer").'</td><td class="valeur" colspan="3">'.$conf->global->LDAP_SERVER_HOST_SLAVE."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPServerPort").'</td><td class="valeur" colspan="3">'.$conf->global->LDAP_SERVER_PORT."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPPrimaryServer").'</td><td class="valeur" colspan="3">'.getDolGlobalString('LDAP_SERVER_HOST')."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPSecondaryServer").'</td><td class="valeur" colspan="3">'.getDolGlobalString('LDAP_SERVER_HOST_SLAVE')."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPServerPort").'</td><td class="valeur" colspan="3">'.getDolGlobalString('LDAP_SERVER_PORT')."</td></tr>\n";
print '</table>';
@ -136,13 +136,13 @@ print dol_get_fiche_end();
*/
print '<div class="tabsAction">';
if (!empty($conf->global->LDAP_CONTACT_ACTIVE) && $conf->global->LDAP_CONTACT_ACTIVE != 'ldap2dolibarr') {
if (!empty($conf->global->LDAP_CONTACT_ACTIVE) && getDolGlobalInt('LDAP_CONTACT_ACTIVE') != Ldap::SYNCHRO_LDAP_TO_DOLIBARR) {
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=dolibarr2ldap">'.$langs->trans("ForceSynchronize").'</a>';
}
print "</div>\n";
if (!empty($conf->global->LDAP_CONTACT_ACTIVE) && $conf->global->LDAP_CONTACT_ACTIVE != 'ldap2dolibarr') {
if (!empty($conf->global->LDAP_CONTACT_ACTIVE) && getDolGlobalInt('LDAP_CONTACT_ACTIVE') != Ldap::SYNCHRO_LDAP_TO_DOLIBARR) {
print "<br>\n";
}

21
htdocs/core/class/conf.class.php
View File

@ -775,8 +775,8 @@ class Conf
$this->contrat->services->expires->warning_delay = (isset($this->global->MAIN_DELAY_RUNNING_SERVICES) ? $this->global->MAIN_DELAY_RUNNING_SERVICES : 0) * 86400;
}
if (isset($this->commande)) {
$this->bank->rappro = new stdClass();
$this->bank->cheque = new stdClass();
$this->bank->rappro = new stdClass();
$this->bank->cheque = new stdClass();
$this->bank->rappro->warning_delay = (isset($this->global->MAIN_DELAY_TRANSACTIONS_TO_CONCILIATE) ? $this->global->MAIN_DELAY_TRANSACTIONS_TO_CONCILIATE : 0) * 86400;
$this->bank->cheque->warning_delay = (isset($this->global->MAIN_DELAY_CHEQUES_TO_DEPOSIT) ? $this->global->MAIN_DELAY_CHEQUES_TO_DEPOSIT : 0) * 86400;
}
@ -845,6 +845,23 @@ class Conf
}
}
// For backward compatibility
if (!empty($this->global->LDAP_SYNCHRO_ACTIVE)) {
if ($this->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
$this->global->LDAP_SYNCHRO_ACTIVE = 1;
} elseif ($this->global->LDAP_SYNCHRO_ACTIVE == 'ldap2dolibarr') {
$this->global->LDAP_SYNCHRO_ACTIVE = 2;
}
}
// For backward compatibility
if (!empty($this->global->LDAP_MEMBER_ACTIVE) && $this->global->LDAP_MEMBER_ACTIVE == 'ldap2dolibarr') {
$this->global->LDAP_MEMBER_ACTIVE = 2;
}
// For backward compatibility
if (!empty($this->global->LDAP_MEMBER_TYPE_ACTIVE) && $this->global->LDAP_MEMBER_TYPE_ACTIVE == 'ldap2dolibarr') {
$this->global->LDAP_MEMBER_TYPE_ACTIVE = 2;
}
if (!empty($this->global->MAIN_TZUSERINPUTKEY)) {
$this->tzuserinputkey = $this->global->MAIN_TZUSERINPUTKEY; // 'tzserver' or 'tzuserrel'
}

201
htdocs/core/class/html.formldap.class.php Normal file
View File

@ -0,0 +1,201 @@
<?php
/* Copyright (C) 2021 Regis Houssin <regis.houssin@inodbox.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
/**
* \file htdocs/core/class/html.formldap.class.php
* \ingroup core
* \brief File of class with ldap html predefined components
*/
require_once DOL_DOCUMENT_ROOT.'/core/class/html.form.class.php';
/**
* Class to manage generation of HTML components for ldap module
*/
class FormLdap
{
/**
* @var DoliDB Database handler.
*/
public $db;
/**
* @var string Error code (or message)
*/
public $error = '';
/**
* @var string[] Array of error strings
*/
public $errors = array();
/**
* Constructor
*
* @param DoliDB $db Database handler
*/
public function __construct($db)
{
global $langs, $form;
if (!is_object($form)) {
$form = new Form($this->db);
}
$langs->loadLangs(array("admin", "ldap"));
$this->db = $db;
}
/**
* Return list of types of hash
*
* @param string $selected Preselected type
* @param string $htmlname Name of field in form
* @param int $showempty Add an empty field
* @return string HTML select string
*/
public function selectLdapPasswordHashType($selected = 'md5', $htmlname = 'ldaphashtype', $showempty = 0)
{
global $form;
if (empty($selected)) {
$selected = 'md5';
}
if (empty($htmlname)) {
$htmlname = 'ldaphashtype';
}
$arraylist = array(
//"pbkdf2sha256" => "PBKDF2_SHA256",
"ssha512" => "SSHA-512",
"ssha384" => "SSHA-384",
"ssha256" => "SSHA-256",
"ssha" => "SSHA",
"sha512" => "SHA-512",
"sha384" => "SHA-384",
"sha256" => "SHA-256",
"sha" => "SHA",
"md5" => "MD5",
"smd5" => "SMD5",
//"cryptmd5" => "CRYPT-MD5",
//"cryptsha512" => "CRYPT-SHA512",
//"cryptsha384" => "CRYPT-SHA384",
//"cryptsha256" => "CRYPT-SHA256",
"crypt" => "CRYPT",
"clear" => "CLEAR"
);
return $form->selectarray($htmlname, $arraylist, $selected, $showempty);
}
/**
* Return list of type of synchronization
*
* @param int $selected Preselected type
* @param string $htmlname Name of field in form
* @param array $exclude Exclude values from the list
* @param int $scriptonly Add warning if synchro only work with a script (0 = disable, 1 = Dolibarr2ldap, 2 = ldap2dolibarr, 3 = all)
* @param int $showempty Add an empty field
* @return string HTML select string
*/
public function selectLdapDnSynchroActive($selected = 0, $htmlname = 'activesynchro', $exclude = array(), $scriptonly = 0, $showempty = 0)
{
global $langs, $form;
if (empty($selected)) {
$selected = Ldap::SYNCHRO_NONE;
}
if (empty($htmlname)) {
$htmlname = 'activesynchro';
}
$dolibarr2ldaplabel = $langs->trans("DolibarrToLDAP") . (($scriptonly == 1 || $scriptonly == 3) ? " (".$langs->trans("SupportedForLDAPExportScriptOnly").")" : "");
$ldap2dolibarrlabel = $langs->trans("LDAPToDolibarr") . (($scriptonly == 2 || $scriptonly == 3) ? " (".$langs->trans("SupportedForLDAPImportScriptOnly").")" : "");
$arraylist = array(
Ldap::SYNCHRO_NONE => $langs->trans("No"),
Ldap::SYNCHRO_DOLIBARR_TO_LDAP => $dolibarr2ldaplabel,
Ldap::SYNCHRO_LDAP_TO_DOLIBARR => $ldap2dolibarrlabel
);
if (is_array($exclude) && !empty($exclude)) {
foreach ($exclude as $value) {
if (array_key_exists($value, $arraylist)) {
unset($arraylist[$value]);
}
}
}
return $form->selectarray($htmlname, $arraylist, $selected, $showempty);
}
/**
* Return list of ldap server types
*
* @param string $selected Preselected type
* @param string $htmlname Name of field in form
* @param int $showempty Add an empty field
* @return string HTML select string
*/
public function selectLdapServerType($selected = 'openldap', $htmlname = 'type', $showempty = 0)
{
global $form;
if (empty($selected)) {
$selected = 'openldap';
}
if (empty($htmlname)) {
$htmlname = 'type';
}
$arraylist = array(
'activedirectory' => 'Active Directory',
'openldap' => 'OpenLdap',
'egroupware' => 'Egroupware'
);
return $form->selectarray($htmlname, $arraylist, $selected, $showempty);
}
/**
* Return list of ldap server protocol version
*
* @param string $selected Preselected type
* @param string $htmlname Name of field in form
* @param int $showempty Add an empty field
* @return string HTML select string
*/
public function selectLdapServerProtocolVersion($selected = '3', $htmlname = 'ldapprotocolversion', $showempty = 0)
{
global $form;
if (empty($selected)) {
$selected = '3';
}
if (empty($htmlname)) {
$htmlname = 'ldapprotocolversion';
}
$arraylist = array(
'3' => 'Version 3',
'2' => 'Version 2'
);
return $form->selectarray($htmlname, $arraylist, $selected, $showempty);
}
}

21
htdocs/core/class/ldap.class.php
View File

@ -122,6 +122,21 @@ class Ldap
*/
public $result;
/**
* No Ldap synchronization
*/
const SYNCHRO_NONE = 0;
/**
* Dolibarr to Ldap synchronization
*/
const SYNCHRO_DOLIBARR_TO_LDAP = 1;
/**
* Ldap to Dolibarr synchronization
*/
const SYNCHRO_LDAP_TO_DOLIBARR = 2;
/**
* Constructor
@ -225,6 +240,7 @@ class Ldap
// For test/debug
//ldap_set_option($this->connection, LDAP_OPT_DEBUG_LEVEL, 7);
//ldap_set_option($this->connection, LDAP_OPT_PROTOCOL_VERSION, 3);
//ldap_set_option($this->connection, LDAP_OPT_REFERRALS, 0);
$resulttls = ldap_start_tls($this->connection);
if (!$resulttls) {
@ -299,7 +315,6 @@ class Ldap
return $return;
}
/**
* Simply closes the connection set up earlier. Returns true if OK, false if there was an error.
* This method seems a duplicate/alias of unbind().
@ -920,10 +935,10 @@ class Ldap
return -3;
}
$search = ldap_search($this->connection, $dn, $filter);
$search = @ldap_search($this->connection, $dn, $filter);
// Only one entry should ever be returned
$entry = ldap_first_entry($this->connection, $search);
$entry = @ldap_first_entry($this->connection, $search);
if (!$entry) {
$this->ldapErrorCode = -1;

54
htdocs/core/lib/security.lib.php
View File

@ -97,7 +97,7 @@ function dol_decode($chain, $key = '1')
* If constant MAIN_SECURITY_SALT is defined, we use it as a salt (used only if hashing algorightm is something else than 'password_hash').
*
* @param string $chain String to hash
* @param string $type Type of hash ('0':auto will use MAIN_SECURITY_HASH_ALGO else md5, '1':sha1, '2':sha1+md5, '3':md5, '4':md5 for OpenLdap with no salt, '5':sha256, '6':password_hash). Use '3' here, if hash is not needed for security purpose, for security need, prefer '0'.
* @param string $type Type of hash ('0':auto will use MAIN_SECURITY_HASH_ALGO else md5, '1':sha1, '2':sha1+md5, '3':md5, '4': for OpenLdap, '5':sha256, '6':password_hash). Use '3' here, if hash is not needed for security purpose, for security need, prefer '0'.
* @return string Hash of string
* @see getRandomPassword()
*/
@ -111,7 +111,7 @@ function dol_hash($chain, $type = '0')
}
// Salt value
if (!empty($conf->global->MAIN_SECURITY_SALT) && $type != '4' && $type !== 'md5openldap') {
if (!empty($conf->global->MAIN_SECURITY_SALT) && $type != '4' && $type !== 'openldap') {
$chain = $conf->global->MAIN_SECURITY_SALT.$chain;
}
@ -121,8 +121,8 @@ function dol_hash($chain, $type = '0')
return sha1(md5($chain));
} elseif ($type == '3' || $type == 'md5') {
return md5($chain);
} elseif ($type == '4' || $type == 'md5openldap') {
return '{md5}'.base64_encode(pack("H*", md5($chain))); // For OpenLdap with md5 (based on an unencrypted password in base)
} elseif ($type == '4' || $type == 'openldap') {
return dolGetLdapPasswordHash($chain, getDolGlobalString('LDAP_PASSWORD_HASH_TYPE', 'md5'));
} elseif ($type == '5' || $type == 'sha256') {
return hash('sha256', $chain);
} elseif ($type == '6' || $type == 'password_hash') {
@ -145,7 +145,7 @@ function dol_hash($chain, $type = '0')
*
* @param string $chain String to hash (not hashed string)
* @param string $hash hash to compare
* @param string $type Type of hash ('0':auto, '1':sha1, '2':sha1+md5, '3':md5, '4':md5 for OpenLdap, '5':sha256). Use '3' here, if hash is not needed for security purpose, for security need, prefer '0'.
* @param string $type Type of hash ('0':auto, '1':sha1, '2':sha1+md5, '3':md5, '4': for OpenLdap, '5':sha256). Use '3' here, if hash is not needed for security purpose, for security need, prefer '0'.
* @return bool True if the computed hash is the same as the given one
*/
function dol_verifyHash($chain, $hash, $type = '0')
@ -167,6 +167,50 @@ function dol_verifyHash($chain, $hash, $type = '0')
return dol_hash($chain, $type) == $hash;
}
/**
* Returns a specific ldap hash of a password.
*
* @param string $password Password to hash
* @param string $type Type of hash
* @return string Hash of password
*/
function dolGetLdapPasswordHash($password, $type = 'md5')
{
if (empty($type)) {
$type = 'md5';
}
$salt = substr(sha1(time()), 0, 8);
if ($type === 'md5') {
return '{MD5}' . base64_encode(hash("md5", $password, true)); //For OpenLdap with md5 (based on an unencrypted password in base)
} elseif ($type === 'md5frommd5') {
return '{MD5}' . base64_encode(hex2bin($password)); // Create OpenLDAP MD5 password from Dolibarr MD5 password
} elseif ($type === 'smd5') {
return "{SMD5}" . base64_encode(hash("md5", $password . $salt, true) . $salt);
} elseif ($type === 'sha') {
return '{SHA}' . base64_encode(hash("sha1", $password, true));
} elseif ($type === 'ssha') {
return "{SSHA}" . base64_encode(hash("sha1", $password . $salt, true) . $salt);
} elseif ($type === 'sha256') {
return "{SHA256}" . base64_encode(hash("sha256", $password, true));
} elseif ($type === 'ssha256') {
return "{SSHA256}" . base64_encode(hash("sha256", $password . $salt, true) . $salt);
} elseif ($type === 'sha384') {
return "{SHA384}" . base64_encode(hash("sha384", $password, true));
} elseif ($type === 'ssha384') {
return "{SSHA384}" . base64_encode(hash("sha384", $password . $salt, true) . $salt);
} elseif ($type === 'sha512') {
return "{SHA512}" . base64_encode(hash("sha512", $password, true));
} elseif ($type === 'ssha512') {
return "{SSHA512}" . base64_encode(hash("sha512", $password . $salt, true) . $salt);
} elseif ($type === 'crypt') {
return '{CRYPT}' . crypt($password, $salt);
} elseif ($type === 'clear') {
return '{CLEAR}' . $password; // Just for test, plain text password is not secured !
}
}
/**
* Check permissions of a user to show a page and an object. Check read permission.
* If GETPOST('action','aZ09') defined, we also check write and delete permission.

5
htdocs/core/login/functions_ldap.php
View File

@ -1,5 +1,6 @@
<?php
/* Copyright (C) 2007-2011 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2008-2021 Regis Houssin <regis.houssin@inodbox.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -156,7 +157,7 @@ function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest)
// we need to get the real login to use in the ldap answer.
if (!empty($conf->global->LDAP_FIELD_LOGIN) && !empty($ldap->login)) {
$login = $ldap->login;
dol_syslog("functions_ldap::check_user_password_ldap login is now $login (LDAP_FIELD_LOGIN=".$conf->global->LDAP_FIELD_LOGIN.")");
dol_syslog("functions_ldap::check_user_password_ldap login is now $login (LDAP_FIELD_LOGIN=".getDolGlobalString('LDAP_FIELD_LOGIN').")");
}
require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
@ -181,7 +182,7 @@ function check_user_password_ldap($usertotest, $passwordtotest, $entitytotest)
}
// ldap2dolibarr synchronisation
if ($login && !empty($conf->ldap->enabled) && $conf->global->LDAP_SYNCHRO_ACTIVE == 'ldap2dolibarr') { // ldap2dolibarr synchronisation
if ($login && !empty($conf->ldap->enabled) && getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') == Ldap::SYNCHRO_LDAP_TO_DOLIBARR) { // ldap2dolibarr synchronization
dol_syslog("functions_ldap::check_user_password_ldap Sync ldap2dolibarr");
// On charge les attributs du user ldap

58
htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php
View File

@ -1,6 +1,6 @@
<?php
/* Copyright (C) 2005-2012 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2017 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2005-2021 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2014 Marcos García <marcosgdf@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
@ -81,7 +81,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
// Users
if ($action == 'USER_CREATE') {
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') {
if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
$ldap = new Ldap();
$result = $ldap->connect_bind();
@ -98,7 +98,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
}
} elseif ($action == 'USER_MODIFY') {
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') {
if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
$ldap = new Ldap();
$result = $ldap->connect_bind();
@ -177,7 +177,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
}
} elseif ($action == 'USER_NEW_PASSWORD') {
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') {
if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
$ldap = new Ldap();
$result = $ldap->connect_bind();
@ -212,7 +212,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
} elseif ($action == 'USER_DELETE') {
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') {
if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
$ldap = new Ldap();
$result = $ldap->connect_bind();
@ -229,7 +229,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
}
/*} elseif ($action == 'USER_SETINGROUP') {
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') {
if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
$ldap = new Ldap();
$result = $ldap->connect_bind();
@ -263,7 +263,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
}
} elseif ($action == 'USER_REMOVEFROMGROUP') {
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') {
if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
$ldap = new Ldap();
$result = $ldap->connect_bind();
@ -298,7 +298,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
} elseif ($action == 'USERGROUP_CREATE') {
// Groupes
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') {
if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
$ldap = new Ldap();
$result = $ldap->connect_bind();
@ -320,7 +320,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
}
} elseif ($action == 'USERGROUP_MODIFY') {
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') {
if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
$ldap = new Ldap();
$result = $ldap->connect_bind();
@ -353,7 +353,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
}
} elseif ($action == 'USERGROUP_DELETE') {
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') {
if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
$ldap = new Ldap();
$result = $ldap->connect_bind();
@ -439,7 +439,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
} elseif ($action == 'MEMBER_CREATE') {
// Members
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
if (!empty($conf->global->LDAP_MEMBER_ACTIVE) && (string) $conf->global->LDAP_MEMBER_ACTIVE == '1') {
if (!empty($conf->global->LDAP_MEMBER_ACTIVE) && getDolGlobalInt('LDAP_MEMBER_ACTIVE') == Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
$ldap = new Ldap();
$result = $ldap->connect_bind();
@ -450,7 +450,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
$result = $ldap->add($dn, $info, $user);
// For member type
if (!empty($conf->global->LDAP_MEMBER_TYPE_ACTIVE) && (string) $conf->global->LDAP_MEMBER_TYPE_ACTIVE == '1') {
if (!empty($conf->global->LDAP_MEMBER_TYPE_ACTIVE) && getDolGlobalInt('LDAP_MEMBER_TYPE_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
if ($object->typeid > 0) {
require_once DOL_DOCUMENT_ROOT."/adherents/class/adherent_type.class.php";
$membertype = new AdherentType($this->db);
@ -482,7 +482,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
}
} elseif ($action == 'MEMBER_VALIDATE') {
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
if (!empty($conf->global->LDAP_MEMBER_ACTIVE) && (string) $conf->global->LDAP_MEMBER_ACTIVE == '1') {
if (!empty($conf->global->LDAP_MEMBER_ACTIVE) && getDolGlobalInt('LDAP_MEMBER_ACTIVE') == Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
// If status field is setup to be synchronized
if (!empty($conf->global->LDAP_FIELD_MEMBER_STATUS)) {
$ldap = new Ldap();
@ -503,13 +503,13 @@ class InterfaceLdapsynchro extends DolibarrTriggers
}
} elseif ($action == 'MEMBER_SUBSCRIPTION') {
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
if (!empty($conf->global->LDAP_MEMBER_ACTIVE) && (string) $conf->global->LDAP_MEMBER_ACTIVE == '1') {
if (!empty($conf->global->LDAP_MEMBER_ACTIVE) && getDolGlobalInt('LDAP_MEMBER_ACTIVE') == Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
// If subscriptions fields are setup to be synchronized
if ($conf->global->LDAP_FIELD_MEMBER_FIRSTSUBSCRIPTION_DATE
|| $conf->global->LDAP_FIELD_MEMBER_FIRSTSUBSCRIPTION_AMOUNT
|| $conf->global->LDAP_FIELD_MEMBER_LASTSUBSCRIPTION_DATE
|| $conf->global->LDAP_FIELD_MEMBER_LASTSUBSCRIPTION_AMOUNT
|| $conf->global->LDAP_FIELD_MEMBER_END_LASTSUBSCRIPTION) {
if (!empty($conf->global->LDAP_FIELD_MEMBER_FIRSTSUBSCRIPTION_DATE)
|| !empty($conf->global->LDAP_FIELD_MEMBER_FIRSTSUBSCRIPTION_AMOUNT)
|| !empty($conf->global->LDAP_FIELD_MEMBER_LASTSUBSCRIPTION_DATE)
|| !empty($conf->global->LDAP_FIELD_MEMBER_LASTSUBSCRIPTION_AMOUNT)
|| !empty($conf->global->LDAP_FIELD_MEMBER_END_LASTSUBSCRIPTION)) {
$ldap = new Ldap();
$result = $ldap->connect_bind();
@ -528,7 +528,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
}
} elseif ($action == 'MEMBER_MODIFY') {
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
if (!empty($conf->global->LDAP_MEMBER_ACTIVE) && (string) $conf->global->LDAP_MEMBER_ACTIVE == '1') {
if (!empty($conf->global->LDAP_MEMBER_ACTIVE) && getDolGlobalInt('LDAP_MEMBER_ACTIVE') == Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
$ldap = new Ldap();
$result = $ldap->connect_bind();
@ -557,7 +557,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
$result = $ldap->update($dn, $info, $user, $olddn, $newrdn, $newparent);
// For member type
if (!empty($conf->global->LDAP_MEMBER_TYPE_ACTIVE) && (string) $conf->global->LDAP_MEMBER_TYPE_ACTIVE == '1') {
if (!empty($conf->global->LDAP_MEMBER_TYPE_ACTIVE) && getDolGlobalInt('LDAP_MEMBER_TYPE_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
require_once DOL_DOCUMENT_ROOT."/adherents/class/adherent_type.class.php";
/*
@ -616,9 +616,9 @@ class InterfaceLdapsynchro extends DolibarrTriggers
}
} elseif ($action == 'MEMBER_NEW_PASSWORD') {
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
if (!empty($conf->global->LDAP_MEMBER_ACTIVE) && (string) $conf->global->LDAP_MEMBER_ACTIVE == '1') {
if (!empty($conf->global->LDAP_MEMBER_ACTIVE) && getDolGlobalInt('LDAP_MEMBER_ACTIVE') == Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
// If password field is setup to be synchronized
if ($conf->global->LDAP_FIELD_PASSWORD || $conf->global->LDAP_FIELD_PASSWORD_CRYPTED) {
if (!empty($conf->global->LDAP_FIELD_PASSWORD) || !empty($conf->global->LDAP_FIELD_PASSWORD_CRYPTED)) {
$ldap = new Ldap();
$result = $ldap->connect_bind();
@ -637,7 +637,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
}
} elseif ($action == 'MEMBER_RESILIATE') {
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
if (!empty($conf->global->LDAP_MEMBER_ACTIVE) && (string) $conf->global->LDAP_MEMBER_ACTIVE == '1') {
if (!empty($conf->global->LDAP_MEMBER_ACTIVE) && getDolGlobalInt('LDAP_MEMBER_ACTIVE') == Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
// If status field is setup to be synchronized
if (!empty($conf->global->LDAP_FIELD_MEMBER_STATUS)) {
$ldap = new Ldap();
@ -658,7 +658,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
}
} elseif ($action == 'MEMBER_DELETE') {
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
if (!empty($conf->global->LDAP_MEMBER_ACTIVE) && (string) $conf->global->LDAP_MEMBER_ACTIVE == '1') {
if (!empty($conf->global->LDAP_MEMBER_ACTIVE) && getDolGlobalInt('LDAP_MEMBER_ACTIVE') == Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
$ldap = new Ldap();
$result = $ldap->connect_bind();
@ -669,7 +669,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
$result = $ldap->delete($dn);
// For member type
if (!empty($conf->global->LDAP_MEMBER_TYPE_ACTIVE) && (string) $conf->global->LDAP_MEMBER_TYPE_ACTIVE == '1') {
if (!empty($conf->global->LDAP_MEMBER_TYPE_ACTIVE) && getDolGlobalInt('LDAP_MEMBER_TYPE_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
if ($object->typeid > 0) {
require_once DOL_DOCUMENT_ROOT."/adherents/class/adherent_type.class.php";
@ -706,7 +706,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
} elseif ($action == 'MEMBER_TYPE_CREATE') {
// Members types
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
if (!empty($conf->global->LDAP_MEMBER_TYPE_ACTIVE) && (string) $conf->global->LDAP_MEMBER_TYPE_ACTIVE == '1') {
if (!empty($conf->global->LDAP_MEMBER_TYPE_ACTIVE) && getDolGlobalInt('LDAP_MEMBER_TYPE_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
$ldap = new Ldap();
$result = $ldap->connect_bind();
@ -728,7 +728,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
}
} elseif ($action == 'MEMBER_TYPE_MODIFY') {
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
if (!empty($conf->global->LDAP_MEMBER_TYPE_ACTIVE) && (string) $conf->global->LDAP_MEMBER_TYPE_ACTIVE == '1') {
if (!empty($conf->global->LDAP_MEMBER_TYPE_ACTIVE) && getDolGlobalInt('LDAP_MEMBER_TYPE_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
$ldap = new Ldap();
$result = $ldap->connect_bind();
@ -765,7 +765,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
}
} elseif ($action == 'MEMBER_TYPE_DELETE') {
dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id);
if (!empty($conf->global->LDAP_MEMBER_TYPE_ACTIVE) && (string) $conf->global->LDAP_MEMBER_TYPE_ACTIVE == '1') {
if (!empty($conf->global->LDAP_MEMBER_TYPE_ACTIVE) && getDolGlobalInt('LDAP_MEMBER_TYPE_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
$ldap = new Ldap();
$result = $ldap->connect_bind();

4
htdocs/langs/en_US/ldap.lang
View File

@ -25,3 +25,7 @@ ContactSynchronized=Contact synchronized
ForceSynchronize=Force synchronizing Dolibarr -> LDAP
ErrorFailedToReadLDAP=Failed to read LDAP database. Check LDAP module setup and database accessibility.
PasswordOfUserInLDAP=Password of user in LDAP
LDAPPasswordHashType=Password hash type
LDAPPasswordHashTypeExample=Type of password hash used on the server
SupportedForLDAPExportScriptOnly=Only supported by an ldap export script
SupportedForLDAPImportScriptOnly=Only supported by an ldap import script

2
htdocs/user/card.php
View File

@ -731,7 +731,7 @@ if ($action == 'create' || $action == 'adduserldap') {
print "<br>";
if (!empty($conf->ldap->enabled) && (isset($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE == 'ldap2dolibarr')) {
if (!empty($conf->ldap->enabled) && (isset($conf->global->LDAP_SYNCHRO_ACTIVE) && getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_LDAP_TO_DOLIBARR)) {
// Show form to add an account from LDAP if sync LDAP -> Dolibarr is set
$ldap = new Ldap();
$result = $ldap->connect_bind();

6
htdocs/user/class/user.class.php
View File

@ -2939,7 +2939,7 @@ class User extends CommonObject
$info[$conf->global->LDAP_FIELD_PASSWORD] = $this->pass; // this->pass = mot de passe non crypte
}
if (!empty($conf->global->LDAP_FIELD_PASSWORD_CRYPTED)) {
$info[$conf->global->LDAP_FIELD_PASSWORD_CRYPTED] = dol_hash($this->pass, 4); // Create OpenLDAP MD5 password (TODO add type of encryption)
$info[$conf->global->LDAP_FIELD_PASSWORD_CRYPTED] = dol_hash($this->pass, 'openldap'); // Create OpenLDAP password (see LDAP_PASSWORD_HASH_TYPE)
}
} elseif ($conf->global->LDAP_SERVER_PROTOCOLVERSION !== '3') {
// Set LDAP password if possible
@ -2948,7 +2948,7 @@ class User extends CommonObject
// Just for the default MD5 !
if (empty($conf->global->MAIN_SECURITY_HASH_ALGO)) {
if ($this->pass_indatabase_crypted && !empty($conf->global->LDAP_FIELD_PASSWORD_CRYPTED)) {
$info[$conf->global->LDAP_FIELD_PASSWORD_CRYPTED] = dol_hash($this->pass_indatabase_crypted, 5); // Create OpenLDAP MD5 password from Dolibarr MD5 password
$info[$conf->global->LDAP_FIELD_PASSWORD_CRYPTED] = dolGetLdapPasswordHash($this->pass_indatabase_crypted, 'md5frommd5'); // Create OpenLDAP MD5 password from Dolibarr MD5 password
}
}
} elseif (!empty($this->pass_indatabase)) {
@ -2957,7 +2957,7 @@ class User extends CommonObject
$info[$conf->global->LDAP_FIELD_PASSWORD] = $this->pass_indatabase; // $this->pass_indatabase = mot de passe non crypte
}
if (!empty($conf->global->LDAP_FIELD_PASSWORD_CRYPTED)) {
$info[$conf->global->LDAP_FIELD_PASSWORD_CRYPTED] = dol_hash($this->pass_indatabase, 4); // md5 for OpenLdap TODO add type of encryption
$info[$conf->global->LDAP_FIELD_PASSWORD_CRYPTED] = dol_hash($this->pass_indatabase, 'openldap'); // Create OpenLDAP password (see LDAP_PASSWORD_HASH_TYPE)
}
}
}

20
htdocs/user/group/ldap.php
View File

@ -46,13 +46,13 @@ $object->fetch($id);
$object->getrights();
// Users/Groups management only in master entity if transverse mode
if (!empty($conf->multicompany->enabled) && $conf->entity > 1 && $conf->global->MULTICOMPANY_TRANSVERSE_MODE) {
if (!empty($conf->multicompany->enabled) && $conf->entity > 1 && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
accessforbidden();
}
$canreadperms = true;
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
$canreadperms = ($user->admin || $user->rights->user->group_advance->read);
$canreadperms = (!empty($user->admin) || !empty($user->rights->user->group_advance->read));
}
@ -100,7 +100,7 @@ print dol_get_fiche_head($head, 'ldap', $langs->trans("Group"), -1, 'group');
$linkback = '<a href="'.DOL_URL_ROOT.'/user/group/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';
dol_banner_tab($object, 'id', $linkback, $user->rights->user->user->lire || $user->admin);
dol_banner_tab($object, 'id', $linkback, (!empty($user->rights->user->user->lire) || !empty($user->admin)));
print '<div class="fichecenter">';
print '<div class="underbanner clearboth"></div>';
@ -125,15 +125,15 @@ print '</td>';
print "</tr>\n";
// LDAP DN
print '<tr><td>LDAP '.$langs->trans("LDAPGroupDn").'</td><td class="valeur">'.$conf->global->LDAP_GROUP_DN."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPGroupDn").'</td><td class="valeur">'.getDolGlobalString('LDAP_GROUP_DN')."</td></tr>\n";
// LDAP Cle
print '<tr><td>LDAP '.$langs->trans("LDAPNamingAttribute").'</td><td class="valeur">'.$conf->global->LDAP_KEY_GROUPS."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPNamingAttribute").'</td><td class="valeur">'.getDolGlobalString('LDAP_KEY_GROUPS')."</td></tr>\n";
// LDAP Server
print '<tr><td>LDAP '.$langs->trans("LDAPPrimaryServer").'</td><td class="valeur">'.$conf->global->LDAP_SERVER_HOST."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPSecondaryServer").'</td><td class="valeur">'.$conf->global->LDAP_SERVER_HOST_SLAVE."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPServerPort").'</td><td class="valeur">'.$conf->global->LDAP_SERVER_PORT."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPPrimaryServer").'</td><td class="valeur">'.getDolGlobalString('LDAP_SERVER_HOST')."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPSecondaryServer").'</td><td class="valeur">'.getDolGlobalString('LDAP_SERVER_HOST_SLAVE')."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPServerPort").'</td><td class="valeur">'.getDolGlobalString('LDAP_SERVER_PORT')."</td></tr>\n";
print "</table>\n";
@ -147,13 +147,13 @@ print dol_get_fiche_end();
*/
print '<div class="tabsAction">';
if ($conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
if (getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=dolibarr2ldap">'.$langs->trans("ForceSynchronize").'</a>';
}
print "</div>\n";
if ($conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
if (getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
print "<br>\n";
}

20
htdocs/user/ldap.php
View File

@ -1,6 +1,6 @@
<?php
/* Copyright (C) 2006-2012 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2006-2017 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2006-2021 Regis Houssin <regis.houssin@inodbox.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -130,17 +130,17 @@ if ($conf->global->LDAP_SERVER_TYPE == "activedirectory") {
}
// LDAP DN
print '<tr><td>LDAP '.$langs->trans("LDAPUserDn").'</td><td class="valeur">'.$conf->global->LDAP_USER_DN."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPUserDn").'</td><td class="valeur">'.getDolGlobalString('LDAP_USER_DN')."</td></tr>\n";
// LDAP Cle
print '<tr><td>LDAP '.$langs->trans("LDAPNamingAttribute").'</td><td class="valeur">'.$conf->global->LDAP_KEY_USERS."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPNamingAttribute").'</td><td class="valeur">'.getDolGlobalString('LDAP_KEY_USERS')."</td></tr>\n";
// LDAP Server
print '<tr><td>LDAP '.$langs->trans("Type").'</td><td class="valeur">'.$conf->global->LDAP_SERVER_TYPE."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("Version").'</td><td class="valeur">'.$conf->global->LDAP_SERVER_PROTOCOLVERSION."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPPrimaryServer").'</td><td class="valeur">'.$conf->global->LDAP_SERVER_HOST."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPSecondaryServer").'</td><td class="valeur">'.$conf->global->LDAP_SERVER_HOST_SLAVE."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPServerPort").'</td><td class="valeur">'.$conf->global->LDAP_SERVER_PORT."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("Type").'</td><td class="valeur">'.getDolGlobalString('LDAP_SERVER_TYPE')."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("Version").'</td><td class="valeur">'.getDolGlobalString('LDAP_SERVER_PROTOCOLVERSION')."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPPrimaryServer").'</td><td class="valeur">'.getDolGlobalString('LDAP_SERVER_HOST')."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPSecondaryServer").'</td><td class="valeur">'.getDolGlobalString('LDAP_SERVER_HOST_SLAVE')."</td></tr>\n";
print '<tr><td>LDAP '.$langs->trans("LDAPServerPort").'</td><td class="valeur">'.getDolGlobalString('LDAP_SERVER_PORT')."</td></tr>\n";
print '</table>';
@ -153,13 +153,13 @@ print dol_get_fiche_end();
*/
print '<div class="tabsAction">';
if ($conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
if (getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=dolibarr2ldap">'.$langs->trans("ForceSynchronize").'</a>';
}
print "</div>\n";
if ($conf->global->LDAP_SYNCHRO_ACTIVE == 'dolibarr2ldap') {
if (getDolGlobalInt('LDAP_SYNCHRO_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDAP) {
print "<br>\n";
}