From 017d73792c355fc0e6ea68fec42259350e5b1a20 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 13 Mar 2017 15:00:44 +0100 Subject: [PATCH] Fix: add md5 password for OpenLdap --- htdocs/adherents/class/adherent.class.php | 69 ++++++++--------- htdocs/core/lib/security.lib.php | 9 ++- htdocs/user/class/user.class.php | 93 ++++++++++++----------- 3 files changed, 87 insertions(+), 84 deletions(-) diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php index 945ed849f5773..a709e07f3ff3a 100644 --- a/htdocs/adherents/class/adherent.class.php +++ b/htdocs/adherents/class/adherent.class.php @@ -4,7 +4,7 @@ * Copyright (C) 2004-2012 Laurent Destailleur * Copyright (C) 2004 Sebastien Di Cintio * Copyright (C) 2004 Benoit Mortier - * Copyright (C) 2009-2012 Regis Houssin + * Copyright (C) 2009-2017 Regis Houssin * Copyright (C) 2014-2016 Alexandre Spangaro * Copyright (C) 2015 Marcos GarcĂ­a * Copyright (C) 2015 Frederic France @@ -496,7 +496,7 @@ function update($user,$notrigger=0,$nosyncuser=0,$nosyncuserpass=0,$nosyncthirdp if ($this->pass != $this->pass_indatabase && $this->pass != $this->pass_indatabase_crypted) { $isencrypted = empty($conf->global->DATABASE_PWD_ENCRYPTED)?0:1; - + // If password to set differs from the one found into database $result=$this->setPassword($user,$this->pass,$isencrypted,$notrigger,$nosyncuserpass); if (! $nbrowsaffected) $nbrowsaffected++; @@ -862,7 +862,7 @@ function setPassword($user, $password='', $isencrypted=0, $notrigger=0, $nosyncu $this->pass=$password; $this->pass_indatabase=$password_indatabase; $this->pass_indatabase_crypted=$password_crypted; - + if ($this->user_id && ! $nosyncuser) { require_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php'; @@ -1122,7 +1122,7 @@ function fetch($rowid,$ref='',$fk_soc='',$ref_ext='') $this->pass = $obj->pass; $this->pass_indatabase = $obj->pass; $this->pass_indatabase_crypted = $obj->pass_crypted; - + $this->state_id = $obj->state_id; $this->state_code = $obj->state_id?$obj->state_code:''; $this->state = $obj->state_id?$obj->state:''; @@ -1160,7 +1160,7 @@ function fetch($rowid,$ref='',$fk_soc='',$ref_ext='') $this->user_id = $obj->user_id; $this->user_login = $obj->user_login; - + $this->model_pdf = $obj->model_pdf; // Retreive all extrafield for thirdparty @@ -1456,7 +1456,7 @@ function add_to_abo() if (! empty($conf->global->ADHERENT_USE_MAILMAN) && ! empty($conf->mailmanspip->enabled)) { $result=$mailmanspip->add_to_mailman($this); - + if ($result < 0) { if (! empty($mailmanspip->error)) $this->errors[]=$mailmanspip->error; @@ -1815,9 +1815,9 @@ function load_board($user) public function generateDocument($modele, $outputlangs, $hidedetails=0, $hidedesc=0, $hideref=0) { global $conf,$langs; - + $langs->load("orders"); - + // Positionne le modele sur le nom du modele a utiliser if (! dol_strlen($modele)) { @@ -1830,13 +1830,13 @@ public function generateDocument($modele, $outputlangs, $hidedetails=0, $hidedes $modele = 'standard'; } } - + $modelpath = "core/modules/member/doc/"; - + return $this->commonGenerateDocument($modelpath, $modele, $outputlangs, $hidedetails, $hidedesc, $hideref); } - - + + /** * Initialise an instance with random values. * Used to build previews or test instances. @@ -1926,27 +1926,28 @@ function _load_ldap_info() $this->fullname=$this->getFullName($langs); // Member - if ($this->fullname && ! empty($conf->global->LDAP_MEMBER_FIELD_FULLNAME)) $info[$conf->global->LDAP_MEMBER_FIELD_FULLNAME] = $this->fullname; - if ($this->lastname && ! empty($conf->global->LDAP_MEMBER_FIELD_NAME)) $info[$conf->global->LDAP_MEMBER_FIELD_NAME] = $this->lastname; - if ($this->firstname && ! empty($conf->global->LDAP_MEMBER_FIELD_FIRSTNAME)) $info[$conf->global->LDAP_MEMBER_FIELD_FIRSTNAME] = $this->firstname; - if ($this->login && ! empty($conf->global->LDAP_MEMBER_FIELD_LOGIN)) $info[$conf->global->LDAP_MEMBER_FIELD_LOGIN] = $this->login; - if ($this->pass && ! empty($conf->global->LDAP_MEMBER_FIELD_PASSWORD)) $info[$conf->global->LDAP_MEMBER_FIELD_PASSWORD] = $this->pass; // this->pass = mot de passe non crypte - if ($this->poste && ! empty($conf->global->LDAP_MEMBER_FIELD_TITLE)) $info[$conf->global->LDAP_MEMBER_FIELD_TITLE] = $this->poste; - if ($this->address && ! empty($conf->global->LDAP_MEMBER_FIELD_ADDRESS)) $info[$conf->global->LDAP_MEMBER_FIELD_ADDRESS] = $this->address; - if ($this->zip && ! empty($conf->global->LDAP_MEMBER_FIELD_ZIP)) $info[$conf->global->LDAP_MEMBER_FIELD_ZIP] = $this->zip; - if ($this->town && ! empty($conf->global->LDAP_MEMBER_FIELD_TOWN)) $info[$conf->global->LDAP_MEMBER_FIELD_TOWN] = $this->town; - if ($this->country_code && ! empty($conf->global->LDAP_MEMBER_FIELD_COUNTRY)) $info[$conf->global->LDAP_MEMBER_FIELD_COUNTRY] = $this->country_code; - if ($this->email && ! empty($conf->global->LDAP_MEMBER_FIELD_MAIL)) $info[$conf->global->LDAP_MEMBER_FIELD_MAIL] = $this->email; - if ($this->skype && ! empty($conf->global->LDAP_MEMBER_FIELD_SKYPE)) $info[$conf->global->LDAP_MEMBER_FIELD_SKYPE] = $this->skype; - if ($this->phone && ! empty($conf->global->LDAP_MEMBER_FIELD_PHONE)) $info[$conf->global->LDAP_MEMBER_FIELD_PHONE] = $this->phone; - if ($this->phone_perso && ! empty($conf->global->LDAP_MEMBER_FIELD_PHONE_PERSO)) $info[$conf->global->LDAP_MEMBER_FIELD_PHONE_PERSO] = $this->phone_perso; - if ($this->phone_mobile && ! empty($conf->global->LDAP_MEMBER_FIELD_MOBILE)) $info[$conf->global->LDAP_MEMBER_FIELD_MOBILE] = $this->phone_mobile; - if ($this->fax && ! empty($conf->global->LDAP_MEMBER_FIELD_FAX)) $info[$conf->global->LDAP_MEMBER_FIELD_FAX] = $this->fax; - if ($this->note_private && ! empty($conf->global->LDAP_MEMBER_FIELD_DESCRIPTION)) $info[$conf->global->LDAP_MEMBER_FIELD_DESCRIPTION] = $this->note_private; - if ($this->note_public && ! empty($conf->global->LDAP_MEMBER_FIELD_NOTE_PUBLIC)) $info[$conf->global->LDAP_MEMBER_FIELD_NOTE_PUBLIC] = $this->note_public; - if ($this->birth && ! empty($conf->global->LDAP_MEMBER_FIELD_BIRTHDATE)) $info[$conf->global->LDAP_MEMBER_FIELD_BIRTHDATE] = dol_print_date($this->birth,'dayhourldap'); - if (isset($this->statut) && ! empty($conf->global->LDAP_FIELD_MEMBER_STATUS)) $info[$conf->global->LDAP_FIELD_MEMBER_STATUS] = $this->statut; - if ($this->datefin && ! empty($conf->global->LDAP_FIELD_MEMBER_END_LASTSUBSCRIPTION)) $info[$conf->global->LDAP_FIELD_MEMBER_END_LASTSUBSCRIPTION] = dol_print_date($this->datefin,'dayhourldap'); + if ($this->fullname && ! empty($conf->global->LDAP_MEMBER_FIELD_FULLNAME)) $info[$conf->global->LDAP_MEMBER_FIELD_FULLNAME] = $this->fullname; + if ($this->lastname && ! empty($conf->global->LDAP_MEMBER_FIELD_NAME)) $info[$conf->global->LDAP_MEMBER_FIELD_NAME] = $this->lastname; + if ($this->firstname && ! empty($conf->global->LDAP_MEMBER_FIELD_FIRSTNAME)) $info[$conf->global->LDAP_MEMBER_FIELD_FIRSTNAME] = $this->firstname; + if ($this->login && ! empty($conf->global->LDAP_MEMBER_FIELD_LOGIN)) $info[$conf->global->LDAP_MEMBER_FIELD_LOGIN] = $this->login; + if ($this->pass && ! empty($conf->global->LDAP_MEMBER_FIELD_PASSWORD)) $info[$conf->global->LDAP_MEMBER_FIELD_PASSWORD] = $this->pass; // this->pass = mot de passe non crypte + if ($this->pass && ! empty($conf->global->LDAP_MEMBER_FIELD_PASSWORD_CRYPTED)) $info[$conf->global->LDAP_MEMBER_FIELD_PASSWORD_CRYPTED] = dol_hash($this->pass, 4); // md5 for OpenLdap TODO add type of encryption + if ($this->poste && ! empty($conf->global->LDAP_MEMBER_FIELD_TITLE)) $info[$conf->global->LDAP_MEMBER_FIELD_TITLE] = $this->poste; + if ($this->address && ! empty($conf->global->LDAP_MEMBER_FIELD_ADDRESS)) $info[$conf->global->LDAP_MEMBER_FIELD_ADDRESS] = $this->address; + if ($this->zip && ! empty($conf->global->LDAP_MEMBER_FIELD_ZIP)) $info[$conf->global->LDAP_MEMBER_FIELD_ZIP] = $this->zip; + if ($this->town && ! empty($conf->global->LDAP_MEMBER_FIELD_TOWN)) $info[$conf->global->LDAP_MEMBER_FIELD_TOWN] = $this->town; + if ($this->country_code && ! empty($conf->global->LDAP_MEMBER_FIELD_COUNTRY)) $info[$conf->global->LDAP_MEMBER_FIELD_COUNTRY] = $this->country_code; + if ($this->email && ! empty($conf->global->LDAP_MEMBER_FIELD_MAIL)) $info[$conf->global->LDAP_MEMBER_FIELD_MAIL] = $this->email; + if ($this->skype && ! empty($conf->global->LDAP_MEMBER_FIELD_SKYPE)) $info[$conf->global->LDAP_MEMBER_FIELD_SKYPE] = $this->skype; + if ($this->phone && ! empty($conf->global->LDAP_MEMBER_FIELD_PHONE)) $info[$conf->global->LDAP_MEMBER_FIELD_PHONE] = $this->phone; + if ($this->phone_perso && ! empty($conf->global->LDAP_MEMBER_FIELD_PHONE_PERSO)) $info[$conf->global->LDAP_MEMBER_FIELD_PHONE_PERSO] = $this->phone_perso; + if ($this->phone_mobile && ! empty($conf->global->LDAP_MEMBER_FIELD_MOBILE)) $info[$conf->global->LDAP_MEMBER_FIELD_MOBILE] = $this->phone_mobile; + if ($this->fax && ! empty($conf->global->LDAP_MEMBER_FIELD_FAX)) $info[$conf->global->LDAP_MEMBER_FIELD_FAX] = $this->fax; + if ($this->note_private && ! empty($conf->global->LDAP_MEMBER_FIELD_DESCRIPTION)) $info[$conf->global->LDAP_MEMBER_FIELD_DESCRIPTION] = $this->note_private; + if ($this->note_public && ! empty($conf->global->LDAP_MEMBER_FIELD_NOTE_PUBLIC)) $info[$conf->global->LDAP_MEMBER_FIELD_NOTE_PUBLIC] = $this->note_public; + if ($this->birth && ! empty($conf->global->LDAP_MEMBER_FIELD_BIRTHDATE)) $info[$conf->global->LDAP_MEMBER_FIELD_BIRTHDATE] = dol_print_date($this->birth,'dayhourldap'); + if (isset($this->statut) && ! empty($conf->global->LDAP_FIELD_MEMBER_STATUS)) $info[$conf->global->LDAP_FIELD_MEMBER_STATUS] = $this->statut; + if ($this->datefin && ! empty($conf->global->LDAP_FIELD_MEMBER_END_LASTSUBSCRIPTION)) $info[$conf->global->LDAP_FIELD_MEMBER_END_LASTSUBSCRIPTION] = dol_print_date($this->datefin,'dayhourldap'); // Subscriptions if ($this->first_subscription_date && ! empty($conf->global->LDAP_FIELD_MEMBER_FIRSTSUBSCRIPTION_DATE)) $info[$conf->global->LDAP_FIELD_MEMBER_FIRSTSUBSCRIPTION_DATE] = dol_print_date($this->first_subscription_date,'dayhourldap'); @@ -2080,7 +2081,7 @@ public static function replaceThirdparty($db, $origin_id, $dest_id) /** * Return if a member is late (subscription late) or not - * + * * @return boolean True if late, False if not late */ public function hasDelay() diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index c20169270bf86..7870824285a55 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -1,6 +1,6 @@ - * Copyright (C) 2008-2012 Regis Houssin + * Copyright (C) 2008-2017 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -74,7 +74,7 @@ function dol_decode($chain) * If constant MAIN_SECURITY_SALT is defined, we use it as a salt. * * @param string $chain String to hash - * @param int $type Type of hash (0:auto, 1:sha1, 2:sha1+md5, 3:md5). Use 3 here, if hash is not needed for security purpose, for security need, prefer 0. + * @param int $type Type of hash (0:auto, 1:sha1, 2:sha1+md5, 3:md5, 4:md5 for OpenLdap). Use 3 here, if hash is not needed for security purpose, for security need, prefer 0. * @return string Hash of string */ function dol_hash($chain,$type=0) @@ -87,6 +87,7 @@ function dol_hash($chain,$type=0) if ($type == 1) return sha1($chain); else if ($type == 2) return sha1(md5($chain)); else if ($type == 3) return md5($chain); + else if ($type == 4) return '{md5}'.base64_encode(mhash(MHASH_MD5,$chain)); // For OpenLdap with md5 else if (! empty($conf->global->MAIN_SECURITY_HASH_ALGO) && $conf->global->MAIN_SECURITY_HASH_ALGO == 'sha1') return sha1($chain); else if (! empty($conf->global->MAIN_SECURITY_HASH_ALGO) && $conf->global->MAIN_SECURITY_HASH_ALGO == 'sha1md5') return sha1(md5($chain)); @@ -343,7 +344,7 @@ function restrictedArea($user, $features, $objectid=0, $tableandshare='', $featu * This function is also called by restrictedArea * * @param User $user User to check - * @param array $featuresarray Features/modules to check. Example: ('user','service') + * @param array $featuresarray Features/modules to check. Example: ('user','service') * @param int $objectid Object ID if we want to check a particular record (optional) is linked to a owned thirdparty (optional). * @param string $tableandshare 'TableName&SharedElement' with Tablename is table where object is stored. SharedElement is an optional key to define where to check entity for multicompany modume. Param not used if objectid is null (optional). * @param string $feature2 Feature to check, second level of permission (optional). Can be or check with 'level1|level2'. @@ -367,7 +368,7 @@ function checkUserAccessToObject($user, $featuresarray, $objectid=0, $tableandsh // For backward compatibility if ($feature == 'member') $feature='adherent'; - + $check = array('adherent','banque','user','usergroup','produit','service','produit|service','categorie'); // Test on entity only (Objects with no link to company) $checksoc = array('societe'); // Test for societe object $checkother = array('contact'); // Test on entity and link to societe. Allowed if link is empty (Ex: contacts...). diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 9715abfd77b63..af411045533bf 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -4,7 +4,7 @@ * Copyright (c) 2004-2012 Laurent Destailleur * Copyright (C) 2004 Sebastien Di Cintio * Copyright (C) 2004 Benoit Mortier - * Copyright (C) 2005-2016 Regis Houssin + * Copyright (C) 2005-2017 Regis Houssin * Copyright (C) 2005 Lionel Cousteix * Copyright (C) 2011 Herve Prot * Copyright (C) 2013-2014 Philippe Grand @@ -115,21 +115,21 @@ class User extends CommonObject public $parentof; // To store an array of all parents for all ids. public $accountancy_code; // Accountancy code in prevision of the complete accountancy module - + public $thm; // Average cost of employee - Used for valuation of time spent public $tjm; // Average cost of employee - - public $salary; // Monthly salary - Denormalized value from llx_user_employment + + public $salary; // Monthly salary - Denormalized value from llx_user_employment public $salaryextra; // Monthly salary extra - Denormalized value from llx_user_employment public $weeklyhours; // Weekly hours - Denormalized value from llx_user_employment public $color; // Define background color for user in agenda - + public $dateemployment; // Define date of employment by company private $cache_childids; - - + + /** * Constructor de la classe * @@ -462,13 +462,13 @@ function addrights($rid, $allmodule='', $allperms='', $entity=0, $notrigger=0) if (! $error && ! $notrigger) { $this->context = array('audit'=>$langs->trans("PermissionsAdd")); - + // Call trigger $result=$this->call_trigger('USER_MODIFY',$user); if ($result < 0) { $error++; } // End call triggers } - + if ($error) { $this->db->rollback(); return -$error; @@ -571,13 +571,13 @@ function delrights($rid, $allmodule='', $allperms='', $entity=0, $notrigger=0) if (! $error && ! $notrigger) { $this->context = array('audit'=>$langs->trans("PermissionsDelete")); - + // Call trigger $result=$this->call_trigger('USER_MODIFY',$user); if ($result < 0) { $error++; } // End call triggers } - + if ($error) { $this->db->rollback(); return -$error; @@ -965,7 +965,7 @@ function create($user,$notrigger=0) $sql = "SELECT login FROM ".MAIN_DB_PREFIX."user"; $sql.= " WHERE login ='".$this->db->escape($this->login)."'"; $sql.= " AND entity IN (0,".$this->db->escape($conf->entity).")"; - + dol_syslog(get_class($this)."::create", LOG_DEBUG); $resql=$this->db->query($sql); if ($resql) @@ -998,7 +998,7 @@ function create($user,$notrigger=0) $this->db->rollback(); return -5; } - + // Update minor fields $result = $this->update($user,1,1); if ($result < 0) @@ -1018,7 +1018,7 @@ function create($user,$notrigger=0) $entrepot->country_id = $mysoc->country_id; $entrepot->create($user); } - + if (! $notrigger) { // Call trigger @@ -1087,7 +1087,7 @@ function create_from_contact($contact,$login='',$password='') $this->state_id = $contact->state_id; $this->country_id = $contact->country_id; $this->employee = 0; - + if (empty($login)) $login=strtolower(substr($contact->firstname, 0, 4)) . strtolower(substr($contact->lastname, 0, 4)); $this->login = $login; @@ -1350,7 +1350,7 @@ function update($user,$notrigger=0,$nosyncmember=0,$nosyncmemberpass=0) $sql.= ", weeklyhours= ".($this->weeklyhours != ''?"'".$this->db->escape($this->weeklyhours)."'":"null"); $sql.= ", entity = '".$this->db->escape($this->entity)."'"; $sql.= " WHERE rowid = ".$this->id; - + dol_syslog(get_class($this)."::update", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) @@ -1387,7 +1387,7 @@ function update($user,$notrigger=0,$nosyncmember=0,$nosyncmemberpass=0) if ($this->fk_member > 0 && ! $nosyncmember) { dol_syslog(get_class($this)."::update user is linked with a member. We try to update member too.", LOG_DEBUG); - + require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php'; // This user is linked with a member, so we also update members informations @@ -1401,9 +1401,9 @@ function update($user,$notrigger=0,$nosyncmember=0,$nosyncmemberpass=0) $adh->lastname=$this->lastname; $adh->login=$this->login; $adh->gender=$this->gender; - + $adh->pass=$this->pass; - + $adh->societe=(empty($adh->societe) && $this->societe_id ? $this->societe_id : $adh->societe); $adh->email=$this->email; @@ -1686,7 +1686,7 @@ function send_password($user, $password='', $changelater=0) $appli=constant('DOL_APPLICATION_TITLE'); if (!empty($conf->global->MAIN_APPLICATION_TITLE)) $appli=$conf->global->MAIN_APPLICATION_TITLE; - + $subject = $outputlangs->transnoentitiesnoconv("SubjectNewPassword", $appli); // Define $urlwithroot @@ -1696,23 +1696,23 @@ function send_password($user, $password='', $changelater=0) if (! $changelater) { $url = $urlwithroot.'/'; - + $mesg.= $outputlangs->transnoentitiesnoconv("RequestToResetPasswordReceived").".\n"; $mesg.= $outputlangs->transnoentitiesnoconv("NewKeyIs")." :\n\n"; $mesg.= $outputlangs->transnoentitiesnoconv("Login")." = ".$this->login."\n"; $mesg.= $outputlangs->transnoentitiesnoconv("Password")." = ".$password."\n\n"; $mesg.= "\n"; - + $mesg.= $outputlangs->transnoentitiesnoconv("ClickHereToGoTo", $appli).': '.$url."\n\n"; $mesg.= "--\n"; $mesg.= $user->getFullName($outputlangs); // Username that make then sending - + dol_syslog(get_class($this)."::send_password changelater is off, url=".$url); } else { $url = $urlwithroot.'/user/passwordforgotten.php?action=validatenewpassword&username='.$this->login."&passwordhash=".dol_hash($password); - + $mesg.= $outputlangs->transnoentitiesnoconv("RequestToResetPasswordReceived")."\n"; $mesg.= $outputlangs->transnoentitiesnoconv("NewKeyWillBe")." :\n\n"; $mesg.= $outputlangs->transnoentitiesnoconv("Login")." = ".$this->login."\n"; @@ -1721,7 +1721,7 @@ function send_password($user, $password='', $changelater=0) $mesg.= $outputlangs->transnoentitiesnoconv("YouMustClickToChange")." :\n"; $mesg.= $url."\n\n"; $mesg.= $outputlangs->transnoentitiesnoconv("ForgetIfNothing")."\n\n"; - + dol_syslog(get_class($this)."::send_password changelater is on, url=".$url); } @@ -1870,7 +1870,7 @@ function SetInGroup($group, $entity, $notrigger=0) { $this->newgroupid=$group; // deprecated. Remove this. $this->context = array('audit'=>$langs->trans("UserSetInGroup"), 'newgroupid'=>$group); - + // Call trigger $result=$this->call_trigger('USER_SETINGROUP',$user); if ($result < 0) { $error++; } @@ -1925,7 +1925,7 @@ function RemoveFromGroup($group, $entity, $notrigger=0) { $this->oldgroupid=$group; // deprecated. Remove this. $this->context = array('audit'=>$langs->trans("UserRemovedFromGroup"), 'oldgroupid'=>$group); - + // Call trigger $result=$this->call_trigger('USER_REMOVEFROMGROUP',$user); if ($result < 0) { $error++; } @@ -2000,7 +2000,7 @@ function getNomUrl($withpictoimg=0, $option='', $infologin=0, $notooltip=0, $max $result = ''; $companylink = ''; $link = ''; - + $label = '' . $langs->trans("User") . ''; $label.= '
'; $label.= '' . $langs->trans('Name') . ': ' . $this->getFullName($langs,'',''); @@ -2047,10 +2047,10 @@ function getNomUrl($withpictoimg=0, $option='', $infologin=0, $notooltip=0, $max if (! empty($_SESSION["disablemodules"])) $label.= '
'.$langs->trans("DisabledModules").':
'.join(', ',explode(',',$_SESSION["disablemodules"])); } - + if ($option == 'leave') $link.= 'fullname=$this->getFullName($langs); // Champs - if ($this->fullname && ! empty($conf->global->LDAP_FIELD_FULLNAME)) $info[$conf->global->LDAP_FIELD_FULLNAME] = $this->fullname; - if ($this->lastname && ! empty($conf->global->LDAP_FIELD_NAME)) $info[$conf->global->LDAP_FIELD_NAME] = $this->lastname; - if ($this->firstname && ! empty($conf->global->LDAP_FIELD_FIRSTNAME)) $info[$conf->global->LDAP_FIELD_FIRSTNAME] = $this->firstname; - if ($this->login && ! empty($conf->global->LDAP_FIELD_LOGIN)) $info[$conf->global->LDAP_FIELD_LOGIN] = $this->login; - if ($this->login && ! empty($conf->global->LDAP_FIELD_LOGIN_SAMBA)) $info[$conf->global->LDAP_FIELD_LOGIN_SAMBA] = $this->login; - if ($this->pass && ! empty($conf->global->LDAP_FIELD_PASSWORD)) $info[$conf->global->LDAP_FIELD_PASSWORD] = $this->pass; // this->pass = mot de passe non crypte - if ($this->ldap_sid && ! empty($conf->global->LDAP_FIELD_SID)) $info[$conf->global->LDAP_FIELD_SID] = $this->ldap_sid; + if ($this->fullname && ! empty($conf->global->LDAP_FIELD_FULLNAME)) $info[$conf->global->LDAP_FIELD_FULLNAME] = $this->fullname; + if ($this->lastname && ! empty($conf->global->LDAP_FIELD_NAME)) $info[$conf->global->LDAP_FIELD_NAME] = $this->lastname; + if ($this->firstname && ! empty($conf->global->LDAP_FIELD_FIRSTNAME)) $info[$conf->global->LDAP_FIELD_FIRSTNAME] = $this->firstname; + if ($this->login && ! empty($conf->global->LDAP_FIELD_LOGIN)) $info[$conf->global->LDAP_FIELD_LOGIN] = $this->login; + if ($this->login && ! empty($conf->global->LDAP_FIELD_LOGIN_SAMBA)) $info[$conf->global->LDAP_FIELD_LOGIN_SAMBA] = $this->login; + if ($this->pass && ! empty($conf->global->LDAP_FIELD_PASSWORD)) $info[$conf->global->LDAP_FIELD_PASSWORD] = $this->pass; // this->pass = mot de passe non crypte + if ($this->pass && ! empty($conf->global->LDAP_FIELD_PASSWORD_CRYPTED)) $info[$conf->global->LDAP_FIELD_PASSWORD_CRYPTED] = dol_hash($this->pass, 4); // md5 for OpenLdap TODO add type of encryption + if ($this->ldap_sid && ! empty($conf->global->LDAP_FIELD_SID)) $info[$conf->global->LDAP_FIELD_SID] = $this->ldap_sid; if ($this->societe_id > 0) { $soc = new Societe($this->db); @@ -2466,7 +2467,7 @@ function update_ldap2dolibarr(&$ldapuser) * Return and array with all instanciated first level children users of current user * * @return void - * @see getAllChildIds + * @see getAllChildIds */ function get_children() { @@ -2597,7 +2598,7 @@ function get_full_tree($deleteafterid=0, $filter='') foreach($this->users as $key => $val) { $result = $this->build_path_from_id_user($key,0); // Process a branch from the root user key (this user has no parent) - if ($result < 0) + if ($result < 0) { $this->error='ErrorLoopInHierarchy'; return -1; @@ -2640,7 +2641,7 @@ function get_full_tree($deleteafterid=0, $filter='') function getAllChildIds($addcurrentuser=0) { $childids=array(); - + if (isset($this->cache_childids[$this->id])) { $childids = $this->cache_childids[$this->id]; @@ -2649,20 +2650,20 @@ function getAllChildIds($addcurrentuser=0) { // Init this->users $this->get_full_tree(); - + $idtoscan=$this->id; - + dol_syslog("Build childid for id = ".$idtoscan); foreach($this->users as $id => $val) { //var_dump($val['fullpath']); if (preg_match('/_'.$idtoscan.'_/', $val['fullpath'])) $childids[$val['id']]=$val['id']; } - } + } $this->cache_childids[$this->id] = $childids; - + if ($addcurrentuser) $childids[$this->id]=$this->id; - + return $childids; } @@ -2693,7 +2694,7 @@ function build_path_from_id_user($id_user,$protection=0) $useridfound=array($id_user); while (! empty($this->parentof[$cursor_user])) { - if (in_array($this->parentof[$cursor_user], $useridfound)) + if (in_array($this->parentof[$cursor_user], $useridfound)) { dol_syslog("The hierarchy of user has a recursive loop", LOG_WARNING); return -1; // Should not happen. Protection against looping hierarchy