http://www.fsf.org/ or write * to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, * MA 02111-1307, USA. * */ // WARNING: on many openldap systems there is a limit with anonymous binds for the number of // entry to be returned when a search is made!! If you encounter this limit, you must change your // ldap config to make rootdn logins, or modify your ldap server config! // NOTE: LDAP support is read only for now!! You cannot create or modify LDAP users and groups! /* LDAP RELATIVES */ /** * Yeah!! One of the things that make cmsdam a cool Content Management System Framework: LDAP support. * LDAP support in cmsdam is integrated in the users and group classes, so you don't need to call * these methods from your sections. This is only for developers.

* Class instance: $cms->ldap * @author dAm2K (Dino Ciuffetti) <dam2k@users.sourceforge.net> */ class cmsdam_ldap { /** * You should not use this variable from your section. * Configuration class instance. * @access private */ var $conf; /** * You should not use this variable from your section. * Logging class instance. * @access private */ var $logs; /** * You should not use this variable from your section. * Debugging class instance. * @access private */ var $debug; /** * You should not use this variable from your section. * Error Handling class instance. * @access private */ var $errors; /** * You should not use this variable from your section. * This is the LDAP connection pointer. * @access private */ var $ldapcon; /** * You should not use this variable from your section. * This is the LDAP bind pointer. * @access private */ var $ldapbind; /** * Makes the LDAP connection and bind. * Returns False on errors and True on success. * @return bool False on errors and True on success * @author dAm2K (Dino Ciuffetti) <dam2k@users.sourceforge.net> */ function ldap_ldapconnect () { // Connect to ldap server if (($this->conf->LDAP_servername != "") && ($this->conf->LDAP_exclusive != 0)) { // We want to use LDAP! if (!function_exists('ldap_connect')) { // PHP LDAP module is not included, handle this error!! $this->errors->error_handler('ldap_connect', false); } $this->ldapcon = @ldap_connect($this->conf->LDAP_servername); if ($this->ldapcon != FALSE) { // Connection successful,is not ever true, so we bind anonymously. // Some PHP version has a bug that make ldap_connect returning a valid identifier even on errors. // We use this work around to let us know if the LDAP identifier is valid by making a anonymous // bind. If anonymous bind doesn't have success the LDAP identifier is not valid. Simple, isn't it? if (@ldap_bind ($this->ldapcon) == FALSE) { // Not a valid bind, so LDAP server is not running!! $this->debug->debug_write(3, "LDAP connection to server failed!!"); $this->logs->log_note(3, "LDAP connection to server failed!!"); return false; } // Make a rootdb bind... $this->ldapbind = @ldap_bind($this->ldapcon, $this->conf->LDAP_rootdn, $this->conf->LDAP_rootdnpass); if ($this->ldapbind != FALSE) { // LDAP bind successful $this->debug->debug_write(8, "NOTE: LDAP rootdn bind successful"); $this->logs->log_note(8, "NOTE: LDAP rootdn bind successful"); return true; } else { $this->debug->debug_write(5, "WARNING: LDAP rootdn bind NOT successful"); $this->logs->log_note(4, "WARNING: LDAP rootdn bind NOT successful"); return false; } } else { // LDAP connection unsuccessful $this->debug->debug_write(3, "LDAP connection to server failed!!"); $this->logs->log_note(3, "LDAP connection to server failed!!"); return false; } } else { // We don't want to use LDAP $this->debug->debug_write(8, "LDAP support disabled by configuration options, check etc/config.php!"); $this->logs->log_note(5, "LDAP support disabled by configuration options, check etc/config.php!"); return false; } return true; } /** * Writes to debug and logs that the "$method" method is not implemented on LDAP and returns false. * @param str method The method name not valid for LDAP * @return bool Always returns False * @author dAm2K (Dino Ciuffetti) <dam2k@users.sourceforge.net> */ function ldap_not_implemented($method) { // This api method returns false! $this->debug->debug_write(3, "Method $method NOT implemented in LDAP!"); $this->logs->log_note(3, "Method $method NOT implemented in LDAP!"); return false; } /** * This api method returns an array with ALL the user names from LDAP! * @return array ALL the user names from LDAP * @author dAm2K (Dino Ciuffetti) <dam2k@users.sourceforge.net> */ function ldap_user_names() { // This api method returns an array with ALL the user names from LDAP! // WARNING: see the begining warning note! if ($this->ldapcon == FALSE) { // LDAP connection is not available $this->debug->debug_write(3, "LDAP connection is not available!"); $this->logs->log_note(3, "LDAP connection is not available!"); return false; } $rs = @ldap_search($this->ldapcon, $this->conf->LDAP_basedn, $this->conf->LDAP_filter); if ($rs == FALSE) { // ldap_search returned an error $this->debug->debug_write(8, "LDAP search returned a error, givin' up!"); $this->logs->log_note(8, "LDAP search returned a error, givin' up!"); } $entries = @ldap_get_entries($this->ldapcon, $rs); if ($entries == FALSE) { // ldap_get_entries returned a error $this->debug->debug_write(4, "LDAP get entries returned a error, givin' up!"); $this->logs->log_note(8, "LDAP get entries returned a error, givin' up!"); } for ($i=0; $i<$entries["count"]; $i++) { $entries_arr[$i] = $entries[$i]["uid"][0]; } return $entries_arr; } /** * This api method returns an array with ALL the group names from LDAP! * @return array ALL the group names from LDAP * @author dAm2K (Dino Ciuffetti) <dam2k@users.sourceforge.net> */ function ldap_group_names() { // This api method returns an array with ALL the group names from LDAP! // WARNING: TODO: Check if the group contains valid users before add the group name to the list!!! if ($this->ldapcon == FALSE) { // LDAP connection is not available $this->debug->debug_write(3, "LDAP connection is not available!"); $this->logs->log_note(3, "LDAP connection is not available!"); return false; } $rs = @ldap_search($this->ldapcon, $this->conf->LDAP_groupbasedn, $this->conf->LDAP_groupfilter); if ($rs == FALSE) { // ldap_search returned an error $this->debug->debug_write(8, "LDAP search returned a error, givin' up!"); $this->logs->log_note(8, "LDAP search returned a error, givin' up!"); } $entries = @ldap_get_entries($this->ldapcon, $rs); if ($entries == FALSE) { // ldap_get_entries returned a error $this->debug->debug_write(8, "LDAP get entries returned a error, givin' up!"); $this->logs->log_note(8, "LDAP get entries returned a error, givin' up!"); } for ($i=0; $i<$entries["count"]; $i++) { $entries_arr[$i] = $entries[$i]["cn"][0]; } return $entries_arr; } /** * Returns an array with all the usernames in "$group" group * @param str group The groupname you want users of * @return array ALL the user names from LDAP for group "$group" * @author dAm2K (Dino Ciuffetti) <dam2k@users.sourceforge.net> */ function ldap_group_users_name($group) { // Returns an array with all the usernames in "$group" group // WARNING: see the begining warning note! if ($this->ldapcon == FALSE) { // LDAP connection is not available $this->debug->debug_write(3, "LDAP connection is not available!"); $this->logs->log_note(3, "LDAP connection is not available!"); return false; } $groupfilter = "(&(" . $this->conf->LDAP_groupstag . "=" . $group . ")"; $rs = @ldap_search($this->ldapcon, $this->conf->LDAP_groupbasedn, $groupfilter . $this->conf->LDAP_groupfilter . ")"); if ($rs == FALSE) { // ldap_search returned an error $this->debug->debug_write(8, "LDAP search returned a error, givin' up!"); $this->logs->log_note(8, "LDAP search returned a error, givin' up!"); } $entry = @ldap_first_entry($this->ldapcon, $rs); if ($entry == FALSE) { // ldap_first_entry returned a error $this->debug->debug_write(8, "LDAP first entry returned a error, givin' up!"); $this->logs->log_note(8, "LDAP first entry returned a error, givin' up!"); } $attributes = @ldap_get_attributes($this->ldapcon, $entry); if ($attributes == FALSE) { // ldap_get_attributes returned a error $this->debug->debug_write(8, "LDAP get attributes returned a error, givin' up!"); $this->logs->log_note(8, "LDAP get attributes returned a error, givin' up!"); } $n_user = 0; $entriesvalid_arr = null; // We now try to verify if the user DN we have found points to a valid user for ($j=0; $j<$attributes[$this->conf->LDAP_groupsuserstag]["count"]; $j++) { // Users DNs for the group $group $entries_arr[$j] = $attributes[$this->conf->LDAP_groupsuserstag][$j]; // In this search, the base db is the DN we previously found $rs2 = @ldap_search($this->ldapcon, $entries_arr[$j], $this->conf->LDAP_filter); if ($rs2 == FALSE) { // ldap_search returned an error $this->debug->debug_write(8, "LDAP search returned a error, givin' up!"); $this->logs->log_note(8, "LDAP search returned a error, givin' up!"); } $entry2 = @ldap_first_entry($this->ldapcon, $rs2); if ($entry2 == FALSE) { // ldap_first_entry returned a error $this->debug->debug_write(8, "LDAP first entry returned a error, givin' up!"); $this->logs->log_note(8, "LDAP first entry returned a error, givin' up!"); } $attributes2 = @ldap_get_attributes($this->ldapcon, $entry2); if ($attributes2 == FALSE) { // ldap_get_attributes returned a error $this->debug->debug_write(8, "LDAP get attributes returned a error, givin' up!"); $this->logs->log_note(8, "LDAP get attributes returned a error, givin' up!"); } else { // This is a valid user if (trim($attributes2["uid"][0]) != "") { $entriesvalid_arr[$n_user] = trim($attributes2["uid"][0]); $n_user++; } } } if (count($entriesvalid_arr) == 0) { return false; } return $entriesvalid_arr; } /** * Returns the email of the user "$username" from LDAP * @param str username The username you want email of * @return str The email of the user "$username" * @author dAm2K (Dino Ciuffetti) <dam2k@users.sourceforge.net> */ function ldap_user_email($username) { // This api method returns the username email from LDAP! if ($this->ldapcon == FALSE) { // LDAP connection is not available $this->debug->debug_write(3, "LDAP connection is not available!"); $this->logs->log_note(3, "LDAP connection is not available!"); return false; } $rs = @ldap_search($this->ldapcon, $this->conf->LDAP_basedn, "(&" . $this->conf->LDAP_filter . "(uid=$username))"); if ($rs == FALSE) { // ldap_search returned an error $this->debug->debug_write(8, "LDAP search returned a error, givin' up!"); $this->logs->log_note(8, "LDAP search returned a error, givin' up!"); } $entries = @ldap_get_entries($this->ldapcon, $rs); if ($entries == FALSE) { // ldap_get_entries returned a error $this->debug->debug_write(8, "LDAP get entries returned a error, givin' up!"); $this->logs->log_note(8, "LDAP get entries returned a error, givin' up!"); } for ($i=0; $i<$entries["count"]; $i++) { $entries_arr[$i] = $entries[$i]["mail"][0]; } // Return the first entry return $entries_arr[0]; } /** * Returns the given attribute of the user "$username" from LDAP (users tree) * @param str username The username you want to retrieve * @param str attribute The LDAP attribute you want to retrieve for the user "$username" * @return str The attribute "$attribute" of the user "$username" * @author dAm2K (Dino Ciuffetti) <dam2k@users.sourceforge.net> */ function ldap_user_attr($username, $attribute) { // This api method returns username attributes from LDAP! if ($this->ldapcon == FALSE) { // LDAP connection is not available $this->debug->debug_write(3, "LDAP connection is not available!"); $this->logs->log_note(3, "LDAP connection is not available!"); return false; } $rs = @ldap_search($this->ldapcon, $this->conf->LDAP_basedn, "(&" . $this->conf->LDAP_filter . "(uid=$username))"); if ($rs == FALSE) { // ldap_search returned an error $this->debug->debug_write(8, "LDAP search returned a error, givin' up!"); $this->logs->log_note(8, "LDAP search returned a error, givin' up!"); } $entries = @ldap_get_entries($this->ldapcon, $rs); if ($entries == FALSE) { // ldap_get_entries returned a error $this->debug->debug_write(8, "LDAP get entries returned a error, givin' up!"); $this->logs->log_note(8, "LDAP get entries returned a error, givin' up!"); } for ($i=0; $i<$entries["count"]; $i++) { if ($attribute == "dn") { $entries_arr[$i] = $entries[0]["dn"]; return $entries_arr[$i]; } else { $entries_arr[$i] = $entries[$i][$attribute][0]; } } // Return the first entry return $entries_arr; } /** * Returns True if the user "$username" exists in LDAP or False if don't. * @param str username The username you want to know if it exists * @return bool True or False * @author dAm2K (Dino Ciuffetti) <dam2k@users.sourceforge.net> */ function ldap_user_exist($username) { // The user exists in LDAP? True or False. if ($this->ldapcon == FALSE) { // LDAP connection is not available $this->debug->debug_write(3, "LDAP connection is not available!"); $this->logs->log_note(3, "LDAP connection is not available!"); return false; } $rs = @ldap_search($this->ldapcon, $this->conf->LDAP_basedn, "(&" . $this->conf->LDAP_filter . "(uid=$username))"); if ($rs == FALSE) { // ldap_search returned an error $this->debug->debug_write(8, "LDAP search returned a error, givin' up!"); $this->logs->log_note(8, "LDAP search returned a error, givin' up!"); } $entries = @ldap_get_entries($this->ldapcon, $rs); if ($entries == FALSE) { // ldap_get_entries returned a error $this->debug->debug_write(8, "LDAP get entries returned a error, givin' up!"); $this->logs->log_note(8, "LDAP get entries returned a error, givin' up!"); } if ($entries["count"] > 0) { // LDAP returned something, the user exists return true; } else { // The user does NOT exists return false; } } /** * Add a user into ldap. Please check etc/ldap_user.php. * @param str username The username you want to add * @param str useremail The user email address * @param str userpassword The user's password * @return bool True or False * @author dAm2K (Dino Ciuffetti) <dam2k@users.sourceforge.net> */ function ldap_user_add($username, $useremail, $userpassword) { // This file is useful to include personal LDAP schema $basedn = $this->conf->LDAP_basedn; include ("etc/ldap_user.php"); if ($this->ldapcon == FALSE) { // LDAP connection is not available $this->debug->debug_write(3, "LDAP connection is not available!"); $this->logs->log_note(3, "LDAP connection is not available!"); return false; } $rs = @ldap_search($this->ldapcon, $this->conf->LDAP_basedn, "(&" . $this->conf->LDAP_filter . "(uid=$username))"); if ($rs == FALSE) { // ldap_search returned an error $this->debug->debug_write(8, "LDAP search returned a error, givin' up!"); $this->logs->log_note(8, "LDAP search returned a error, givin' up!"); } $entries = @ldap_get_entries($this->ldapcon, $rs); if ($entries == FALSE) { // ldap_get_entries returned a error $this->debug->debug_write(8, "LDAP get entries returned a error, givin' up!"); $this->logs->log_note(8, "LDAP get entries returned a error, givin' up!"); } if ($entries["count"] > 0) { // LDAP returned something, the user exists $this->debug->debug_write(4, "The user you want to add already exists in LDAP ($username)"); $this->logs->log_note(4, "The user you want to add already exists in LDAP ($username)"); return false; } // Here you have to add the user // Here add the user into LDAP return ldap_add($this->ldapcon, $userldapdn, $ldapadd); } /** * Add a user into ldap group, or create a group if it does not exists. Please check etc/ldap_user.php. * @param str groupname The groupname you want to create/add * @param str username The username you want to add to the group groupname * @return bool True or False * @author dAm2K (Dino Ciuffetti) <dam2k@users.sourceforge.net> */ function ldap_group_add($groupname, $username) { // This file is useful to include personal LDAP schema $basedn = $this->conf->LDAP_basedn; $groupbasedn = $this->conf->LDAP_groupbasedn; $groupstag = $this->conf->LDAP_groupstag; $groupsuserstag = $this->conf->LDAP_groupsuserstag; $usernameCN = $this->ldap_user_attr($username, "cn"); $usernameCN = $usernameCN[0]; include ("etc/ldap_group.php"); //echo "DEBUG: " . $usernameCN; if ($this->ldapcon == FALSE) { // LDAP connection is not available $this->debug->debug_write(3, "LDAP connection is not available!"); $this->logs->log_note(3, "LDAP connection is not available!"); return false; } // Check if the given group already exists in LDAP $rs = @ldap_search($this->ldapcon, $this->conf->LDAP_groupbasedn, "(&" . $this->conf->LDAP_groupfilter . "($groupstag=$groupname))"); //echo "DEBUGTEMP: " . "(&" . $this->conf->LDAP_groupfilter . "($groupstag=$groupname))"; if ($rs == FALSE) { // ldap_search returned an error $this->debug->debug_write(8, "LDAP search returned a error, givin' up!"); $this->logs->log_note(8, "LDAP search returned a error, givin' up!"); } $entries = @ldap_get_entries($this->ldapcon, $rs); if ($entries == FALSE) { // ldap_get_entries returned a error $this->debug->debug_write(8, "LDAP get entries returned a error, givin' up!"); $this->logs->log_note(8, "LDAP get entries returned a error, givin' up!"); } // Check if the given user is defined in LDAP (users tree) $usersinldap=$this->ldap_user_names(); for ($i=0; $idebug->debug_write(4, "The user ($username) you want to add to the group $groupname does not exists!"); $this->logs->log_note(4, "The user ($username) you want to add to the group $groupname does not exists!"); return false; } if ($entries["count"] > 0) { // LDAP returned something, the group exists $this->debug->debug_write(7, "The group you want to create already exists in LDAP ($groupname)"); $this->logs->log_note(7, "The group you want to create already exists in LDAP ($groupname)"); // Here we check if the given user is already of the given group $usersinthatgroup = $this->ldap_group_users_name($groupname); for ($i=0; $idebug->debug_write(4, "The user $username is already in the group $groupname"); $this->logs->log_note(4, "The user $username is already in the group $groupname"); return false; } else { // The user is not in that group // Only add the user to the group return ldap_mod_add($this->ldapcon, $groupldapdn, $ldapnewadd); } } else { // Here you have to create the group return ldap_add($this->ldapcon, $groupldapdn, $ldapadd); } // Here add the user into LDAP } /** * Returns the number of the users in LDAP! * @return int Returns the number of the users in LDAP * @author dAm2K (Dino Ciuffetti) <dam2k@users.sourceforge.net> */ function ldap_user_count() { // This api method returns the number of the users in LDAP! if ($this->ldapcon == FALSE) { // LDAP connection is not available $this->debug->debug_write(3, "LDAP connection is not available!"); $this->logs->log_note(3, "LDAP connection is not available!"); return false; } $rs = @ldap_search($this->ldapcon, $this->conf->LDAP_basedn, $this->conf->LDAP_filter); if ($rs == FALSE) { // ldap_search returned an error $this->debug->debug_write(8, "LDAP search returned a error, givin' up!"); $this->logs->log_note(8, "LDAP search returned a error, givin' up!"); } $entries = @ldap_get_entries($this->ldapcon, $rs); if ($entries == FALSE) { // ldap_get_entries returned a error $this->debug->debug_write(8, "LDAP get entries returned a error, givin' up!"); $this->logs->log_note(8, "LDAP get entries returned a error, givin' up!"); } return $entries["count"]; } /** * Delete a user from LDAP * @param str username The username you want to delete from ldap * @return bool Returns true on success or false on errors * @author dAm2K (Dino Ciuffetti) <dam2k@users.sourceforge.net> */ function ldap_user_delete($username) { if ($this->ldapcon == FALSE) { // LDAP connection is not available $this->debug->debug_write(3, "LDAP connection is not available!"); $this->logs->log_note(3, "LDAP connection is not available!"); return false; } $rs = @ldap_search($this->ldapcon, $this->conf->LDAP_basedn, "(&" . $this->conf->LDAP_filter . "(uid=$username))"); if ($rs == FALSE) { // ldap_search returned an error $this->debug->debug_write(8, "LDAP search returned a error, givin' up!"); $this->logs->log_note(8, "LDAP search returned a error, givin' up!"); } $entries = @ldap_get_entries($this->ldapcon, $rs); if ($entries == FALSE) { // ldap_get_entries returned a error $this->debug->debug_write(8, "LDAP get entries returned a error, givin' up!"); $this->logs->log_note(8, "LDAP get entries returned a error, givin' up!"); } if ($entries[0]["uid"][0] == "") { // The user doesn't exists in LDAP return false; } $dn = $entries[0]["dn"]; // echo "DEBUG: dn: $dn"; // Delete the given user from LDAP $del = ldap_delete($this->ldapcon, $dn); return $del; } /** * Delete $username user from $groupname group in LDAP * @param str groupname The name of the group * @param str username The username you want to delete from the group in ldap * @return bool False on error, True on success * @author dAm2K (Dino Ciuffetti) <dam2k@users.sourceforge.net> */ function ldap_group_del_user($groupname, $username) { $groupstag = strtolower($this->conf->LDAP_groupstag); $groupsuserstag = strtolower($this->conf->LDAP_groupsuserstag); if ($this->ldapcon == FALSE) { // LDAP connection is not available $this->debug->debug_write(3, "LDAP connection is not available!"); $this->logs->log_note(3, "LDAP connection is not available!"); return false; } // echo "DEBUG: filter: " . "(&" . $this->conf->LDAP_groupfilter . "($groupstag=$groupname))"; $rs = @ldap_search($this->ldapcon, $this->conf->LDAP_groupbasedn, "(&" . $this->conf->LDAP_groupfilter . "($groupstag=$groupname))"); if ($rs == FALSE) { // ldap_search returned an error $this->debug->debug_write(8, "LDAP search returned a error, givin' up!"); $this->logs->log_note(8, "LDAP search returned a error, givin' up!"); } $entries = @ldap_get_entries($this->ldapcon, $rs); if ($entries == FALSE) { // ldap_get_entries returned a error $this->debug->debug_write(8, "LDAP get entries returned a error, givin' up!"); $this->logs->log_note(8, "LDAP get entries returned a error, givin' up!"); } //$dn = $entries[0]["dn"]; //echo "DEBUG: dn: $dn"; if ($entries[0][$groupstag][0] == "") { // The group doesn't exists in LDAP return false; } // echo "DEBUG: again: " . $entries[0][$groupsuserstag]["count"]; $usersinthegroup = $entries[0][$groupsuserstag]["count"]; for ($i=0; $i<$usersinthegroup; $i++) { // Scan all the users in that group // echo "DEBUG: user in group \"dn\": " . $entries[0][$groupsuserstag][$i] . "
"; $rs2 = @ldap_search($this->ldapcon, $entries[0][$groupsuserstag][$i], $this->conf->LDAP_filter); $entries_users = @ldap_get_entries($this->ldapcon, $rs2); $uid_user_to_delete = $entries_users[0]["uid"][0]; //echo "DEBUG: user in group \"uid\": " . $uid_user_to_delete . "
"; if ($uid_user_to_delete == $username) { // This is the user you want to delete from the group $attribute_to_delete[$groupsuserstag] = $entries[0][$groupsuserstag][$i]; //echo "DEBUG: cancella: " . $groupsuserstag . " = " . $entries[0][$groupsuserstag][$i] . "
"; //echo "DEBUG: dn to delete: " . $entries[0]["dn"]; // Going to delete the attribute (users in the group) $del = ldap_mod_del($this->ldapcon, $entries[0]["dn"], $attribute_to_delete); if ($del == true) { if ($usersinthegroup == 2) { // That was the last user in the group // Delete the group $del = ldap_delete($this->ldapcon, $entries[0]['dn']); return $del; } } else { return $del; } } } // Delete the given user from LDAP return $del; } /** * Returns true if user credentials are valid in LDAP. This is made doing LDAP bind. * @param str username The user you want to check * @param str password The password of the user * @return bool True if user credentials are valid, False if NOT * @author dAm2K (Dino Ciuffetti) <dam2k@users.sourceforge.net> */ function ldap_user_check($username, $password) { // Returns true if user and credentials are valid in LDAP if ($this->ldapcon == FALSE) { // LDAP connection is not available $this->debug->debug_write(3, "LDAP connection is not available!"); $this->logs->log_note(3, "LDAP connection is not available!"); return false; } $rs = @ldap_search($this->ldapcon, $this->conf->LDAP_basedn, "(&" . $this->conf->LDAP_filter . "(uid=$username))"); if ($rs == FALSE) { // ldap_search returned an error $this->debug->debug_write(8, "LDAP search returned a error, givin' up!"); $this->logs->log_note(8, "LDAP search returned a error, givin' up!"); } $entries = @ldap_get_entries($this->ldapcon, $rs); if ($entries == FALSE) { // ldap_get_entries returned a error $this->debug->debug_write(8, "LDAP get entries returned a error, givin' up!"); $this->logs->log_note(8, "LDAP get entries returned a error, givin' up!"); } $dn = $entries[0]["dn"]; // Trying to bind as the user $username with password $password $ldapbind = @ldap_bind($this->ldapcon, $dn, $password); if ($ldapbind != FALSE) { // LDAP bind successful $this->debug->debug_write(8, "LDAP bind OK for USER: $username, DN: $dn"); $this->logs->log_note(8, "LDAP bind OK for USER: $username, DN: $dn"); return true; } else { $this->debug->debug_write(7, "LDAP bind NOT OK for USER: $username, DN: $dn"); $this->logs->log_note(7, "LDAP bind NOT OK for USER: $username, DN: $dn"); return false; } } } ?>