#6 install.txt is moronic, sorry

[Juhan Kundla]

The install instructions (edit this file, change this
to that etc) are really a lousy way to incorporate the
changes into the phpBB source tree. Really, guys,
haven't you ever heard about the diff and patch? Those
tools are around for several decades now, and used
everywhere and by everyone and their grandmother.

Please, replace the install.txt with a LDAP.patch
created by

diff -Naur vanilla_phpBB/ LDAPmodified_phpBB/ > LDAP.patch

That way everyone could incorporate your changes to
vanilla phpBB as simply as:

patch -p1 <../LDAP.patch

[Torsten Martinsen]

Logged In: YES
user_id=382855

I concur.

I really don't understand the reasoning behind choosing to
make the installation a MANUAL process.

[Kurt Werle]

Logged In: YES
user_id=6449

Yes, please. Is there some reason you chose this "method"?

[killermood]

Logged In: YES
user_id=1297016

any of those claiming for a patch...
..why you don't just provide one?

[Alexey Guseynov]

Logged In: YES
user_id=1428057

>any of those claiming for a patch...
>..why you don't just provide one?
Take it! I have replaced spacebars with tabs, so text now looks better. Beside this I have partially fixed this bug:
http://sourceforge.net/tracker/index.php?func=detail&aid=1008918&group_id=80579&atid=560280
It sertanly works for looging in, may be there are another places where it is needed to insert this strings.
Patch should be applyed from root of phpBB forum. It was generated for 2.0.21, but patch utility is able to determine offsets, so
it should be OK for another versions of phpBB.
Installation using this method takes 30 seconds, rather than 1 hour using your. Beside this it is safer, because you can't make a
mistake, insert code in wrong place. And it is aesier to maintain, just edit your version of phpBB, than delete configs and
generate patch.

diff -Naur ./admin/admin_board.php ../phpBBLDAP/admin/admin_board.php
--- ./admin/admin_board.php 2006-11-08 10:34:07.000000000 +0000
+++ ../phpBBLDAP/admin/admin_board.php 2006-11-08 01:27:24.000000000 +0000
@@ -82,6 +82,7 @@
$style_select = style_select($new['default_style'], 'default_style', "../templates");
$lang_select = language_select($new['default_lang'], 'default_lang', "language");
$timezone_select = tz_select($new['board_timezone'], 'board_timezone');
+$auth_mode_select = auth_select($new['auth_mode'], 'auth_mode');

$disable_board_yes = ( $new['board_disable'] ) ? "checked=\"checked\"" : "";
$disable_board_no = ( !$new['board_disable'] ) ? "checked=\"checked\"" : "";
@@ -116,6 +117,13 @@
$gzip_yes = ( $new['gzip_compress'] ) ? "checked=\"checked\"" : "";
$gzip_no = ( !$new['gzip_compress'] ) ? "checked=\"checked\"" : "";

+$disable_guest_yes = ( $new['disable_guest'] ) ? "checked=\"checked\"" : "";
+$disable_guest_no = ( !$new['disable_guest'] ) ? "checked=\"checked\"" : "";
+$enable_ldap_group_sync_yes = ( $new['ldap_group_sync'] ) ? "checked=\"checked\"" : "";
+$enable_ldap_group_sync_no = ( !$new['ldap_group_sync'] ) ? "checked=\"checked\"" : "";
+$tls_yes = ( $new['ldap_start_tls'] ) ? "checked=\"checked\"" : "";
+$tls_no = ( !$new['ldap_start_tls'] ) ? "checked=\"checked\"" : "";
+
$privmsg_on = ( !$new['privmsg_disable'] ) ? "checked=\"checked\"" : "";
$privmsg_off = ( $new['privmsg_disable'] ) ? "checked=\"checked\"" : "";

@@ -173,6 +181,30 @@
"L_NONE" => $lang['Acc_None'],
"L_USER" => $lang['Acc_User'],
"L_ADMIN" => $lang['Acc_Admin'],
+ "L_AUTH_SETTINGS" => $lang['Auth_settings'],
+ "L_DISABLE_GUEST" => $lang['Disable_Guest'],
+ "L_AUTH_MODE" => $lang['Auth_mode'],
+ "L_LDAP_HOST" => $lang['Ldap_host'],
+ "L_LDAP_PORT" => $lang['Ldap_port'],
+ "L_LDAP_HOST2" => $lang['Ldap_host2'],
+ "L_LDAP_PORT2" => $lang['Ldap_port2'],
+ "L_LDAP_DN" => $lang['Ldap_dn'],
+ "L_LDAP_DN_EXPLAIN" => $lang['Ldap_dn_explain'],
+ "L_LDAP_UID" => $lang['Ldap_uid'],
+ "L_LDAP_UID_EXPLAIN" => $lang['Ldap_uid_explain'],
+ "L_LDAP_GROUP_SYNC" => $lang['ldap_group_sync'],
+ "L_LDAP_GID" => $lang['ldap_gid'],
+ "L_LDAP_GID_EXPLAIN" => $lang['ldap_gid_explain'],
+ "L_LDAP_EMAIL" => $lang['ldap_email'],
+ "L_LDAP_WEB" => $lang['ldap_web'],
+ "L_LDAP_LOCATION" => $lang['ldap_location'],
+ "L_LDAP_OCCUPATION" => $lang['ldap_occupation'],
+ "L_LDAP_SIGNATURE" => $lang['ldap_signature'],
+ "L_LDAP_PROXY_DN" => $lang['Ldap_proxy_dn'],
+ "L_LDAP_PROXY_DN_EXPLAIN" => $lang['Ldap_proxy_dn_explain'],
+ "L_LDAP_PROXY_DN_PASS" => $lang['Ldap_proxy_dn_pass'],
+ "L_LDAP_PROXY_DN_PASS_EXPLAIN" => $lang['Ldap_proxy_dn_pass_explain'],
+ "L_LDAP_START_TLS" => $lang['Ldap_start_tls'],
"L_VISUAL_CONFIRM" => $lang['Visual_confirm'],
"L_VISUAL_CONFIRM_EXPLAIN" => $lang['Visual_confirm_explain'],
"L_ALLOW_AUTOLOGIN" => $lang['Allow_autologin'],
@@ -311,6 +343,27 @@
"GZIP_NO" => $gzip_no,
"PRUNE_YES" => $prune_yes,
"PRUNE_NO" => $prune_no,
+ "AUTH_MODE_SELECT" => $auth_mode_select,
+ "DISABLE_GUEST_YES" => $disable_guest_yes,
+ "DISABLE_GUEST_NO" => $disable_guest_no,
+ "LDAP_HOST" => $new['ldap_host'],
+ "LDAP_PORT" => $new['ldap_port'],
+ "LDAP_HOST2" => $new['ldap_host2'],
+ "LDAP_PORT2" => $new['ldap_port2'],
+ "LDAP_DN" => $new['ldap_dn'],
+ "LDAP_UID" => $new['ldap_uid'],
+ "ENABLE_LDAP_GROUP_SYNC_YES" => $enable_ldap_group_sync_yes,
+ "ENABLE_LDAP_GROUP_SYNC_NO" => $enable_ldap_group_sync_no,
+ "LDAP_GID" => $new['ldap_gid'],
+ "LDAP_EMAIL" => $new['ldap_email'],
+ "LDAP_WEB" => $new['ldap_web'],
+ "LDAP_LOCATION" => $new['ldap_location'],
+ "LDAP_OCCUPATION" => $new['ldap_occupation'],
+ "LDAP_SIGNATURE" => $new['ldap_signature'],
+ "LDAP_PROXY_DN" => $new['ldap_proxy_dn'],
+ "LDAP_PROXY_DN_PASS" => $new['ldap_proxy_dn_pass'],
+ "TLS_YES" => $tls_yes,
+ "TLS_NO" => $tls_no,
"HTML_TAGS" => $html_tags,
"HTML_YES" => $html_yes,
"HTML_NO" => $html_no,
diff -Naur ./admin/admin_groups.php ../phpBBLDAP/admin/admin_groups.php
--- ./admin/admin_groups.php 2006-11-08 10:34:07.000000000 +0000
+++ ../phpBBLDAP/admin/admin_groups.php 2006-11-08 01:40:16.000000000 +0000
@@ -129,6 +129,7 @@
$group_open = ( $group_info['group_type'] == GROUP_OPEN ) ? ' checked="checked"' : '';
$group_closed = ( $group_info['group_type'] == GROUP_CLOSED ) ? ' checked="checked"' : '';
$group_hidden = ( $group_info['group_type'] == GROUP_HIDDEN ) ? ' checked="checked"' : '';
+ $group_ldap_update = ( $group_info['group_ldap_update'] == 1) ? 'checked' : '';

$s\_hidden\_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="' . POST\_GROUPS\_URL

. '" value="' . $group_id . '" />';

@@ -154,6 +155,7 @@
'L_DELETE_MODERATOR' => $lang['delete_group_moderator'],
'L_DELETE_MODERATOR_EXPLAIN' => $lang['delete_moderator_explain'],
'L_YES' => $lang['Yes'],
+ 'L_GROUP_LDAP_UPDATE' => $lang['group_ldap_update'],

    'U\_SEARCH\_USER' => append\_sid\("../search.$phpEx?mode=searchuser"\),

@@ -164,6 +166,7 @@
'S_GROUP_CLOSED_CHECKED' => $group_closed,
'S_GROUP_HIDDEN_CHECKED' => $group_hidden,
'S_GROUP_ACTION' => append_sid("admin_groups.$phpEx"),
+ 'S_GROUP_LDAP_UPDATE' => $group_ldap_update,
'S_HIDDEN_FIELDS' => $s_hidden_fields)
);

@@ -259,6 +262,7 @@
$group_description = isset($HTTP_POST_VARS['group_description']) ? trim($HTTP_POST_VARS['group_description']) : '';
$group_moderator = isset($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : '';
$delete_old_moderator = isset($HTTP_POST_VARS['delete_old_moderator']) ? true : false;
+ $group_ldap_update= isset($HTTP_POST_VARS['group_ldap_update']) ? 1 : 0;

    if \( $group\_name == '' \)
    \{

@@ -327,7 +331,7 @@
}

        $sql = "UPDATE " . GROUPS\_TABLE . "

- SET group_type = $group_type, group_name = '" . str_replace("\'", "''", $group_name) . "',
group_description = '" . str_replace("\'", "''", $group_description) . "', group_moderator = $group_moderator
+ SET group_type = $group_type, group_name = '" . str_replace("\'", "''", $group_name) . "',
group_description = '" . str_replace("\'", "''", $group_description) . "', group_moderator = $group_moderator , group_ldap_update
= $group_ldap_update
WHERE group_id = $group_id";
if ( !$db->sql_query($sql) )
{
@@ -340,8 +344,8 @@
}
else if( $mode == 'newgroup' )
{
- $sql = "INSERT INTO " . GROUPS_TABLE . " (group_type, group_name, group_description, group_moderator,
group_single_user)
- VALUES ($group_type, '" . str_replace("\'", "''", $group_name) . "', '" . str_replace("\'", "''",
$group_description) . "', $group_moderator, '0')";
+ $sql = "INSERT INTO " . GROUPS_TABLE . " (group_type, group_name, group_description, group_moderator,
group_ldap_update, group_single_user)
+ VALUES ($group_type, '" . str_replace("\'", "''", $group_name) . "', '" . str_replace("\'", "''",
$group_description) . "', $group_moderator, $group_ldap_update, '0')";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not insert new group', '', __LINE__, __FILE__, $sql);
diff -Naur ./admin/admin_users.php ../phpBBLDAP/admin/admin_users.php
--- ./admin/admin_users.php 2006-11-08 10:34:07.000000000 +0000
+++ ../phpBBLDAP/admin/admin_users.php 2006-11-08 01:31:06.000000000 +0000
@@ -233,6 +233,7 @@

    $username = \( \!empty\($HTTP\_POST\_VARS\['username'\]\) \) ? phpbb\_clean\_username\($HTTP\_POST\_VARS\['username'\]\) : '';
    $email = \( \!empty\($HTTP\_POST\_VARS\['email'\]\) \) ? trim\(strip\_tags\(htmlspecialchars\( $HTTP\_POST\_VARS\['email'\] \) \)\) : '';

+ $user_type = ( !empty($HTTP_POST_VARS['usertype']) ) ? trim(strip_tags(htmlspecialchars(
$HTTP_POST_VARS['usertype'] ) )) : User_Type_Both;

    $password = \( \!empty\($HTTP\_POST\_VARS\['password'\]\) \) ? trim\(strip\_tags\(htmlspecialchars\(

$HTTP_POST_VARS['password'] ) )) : '';
$password_confirm = ( !empty($HTTP_POST_VARS['password_confirm']) ) ? trim(strip_tags(htmlspecialchars(
$HTTP_POST_VARS['password_confirm'] ) )) : '';
@@ -668,7 +669,7 @@
if( !$error )
{
$sql = "UPDATE " . USERS_TABLE . "
- SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) . "', user_icq =
'" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace("\'", "''", $website) . "', user_occ = '" .
str_replace("\'", "''", $occupation) . "', user_from = '" . str_replace("\'", "''", $location) . "', user_interests = '" .
str_replace("\'", "''", $interests) . "', user_sig = '" . str_replace("\'", "''", $signature) . "', user_viewemail = $viewemail,
user_aim = '" . str_replace("\'", "''", $aim) . "', user_yim = '" . str_replace("\'", "''", $yim) . "', user_msnm = '" .
str_replace("\'", "''", $msn) . "', user_attachsig = $attachsig, user_sig_bbcode_uid = '$signature_bbcode_uid', user_allowsmile =
$allowsmilies, user_allowhtml = $allowhtml, user_allowavatar = $user_allowavatar, user_allowbbcode = $allowbbcode,
user_allow_viewonline = $allowviewonline, user_notify = $notifyreply, user_allow_pm = $user_allowpm, user_notify_pm = $notifypm,
user_popup_pm = $popuppm, user_lang = '" . str_replace("\'", "''", $user_lang) . "', user_style = $user_style, user_timezone =
$user_timezone, user_dateformat = '" . str_replace("\'", "''", $user_dateformat) . "', user_active = $user_status, user_rank =
$user_rank" . $avatar_sql . "
+ SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) . "', user_icq =
'" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace("\'", "''", $website) . "', user_occ = '" .
str_replace("\'", "''", $occupation) . "', user_from = '" . str_replace("\'", "''", $location) . "', user_interests = '" .
str_replace("\'", "''", $interests) . "', user_sig = '" . str_replace("\'", "''", $signature) . "', user_viewemail = $viewemail,
user_aim = '" . str_replace("\'", "''", $aim) . "', user_yim = '" . str_replace("\'", "''", $yim) . "', user_msnm = '" .
str_replace("\'", "''", $msn) . "', user_attachsig = $attachsig, user_sig_bbcode_uid = '$signature_bbcode_uid', user_allowsmile =
$allowsmilies, user_allowhtml = $allowhtml, user_allowavatar = $user_allowavatar, user_allowbbcode = $allowbbcode,
user_allow_viewonline = $allowviewonline, user_notify = $notifyreply, user_allow_pm = $user_allowpm, user_notify_pm = $notifypm,
user_popup_pm = $popuppm, user_lang = '" . str_replace("\'", "''", $user_lang) . "', user_style = $user_style, user_timezone =
$user_timezone, user_dateformat = '" . str_replace("\'", "''", $user_dateformat) . "', user_active = $user_status, user_rank =
$user_rank" . $avatar_sql . ", user_type = $user_type
WHERE user_id = $user_id";

        if\( $result = $db->sql\_query\($sql\) \)

@@ -772,6 +773,7 @@
$user_id = $this_userdata['user_id'];
$username = $this_userdata['username'];
$email = $this_userdata['user_email'];
+ $user_type = $this_userdata['user_type'];
$password = '';
$password_confirm = '';

@@ -903,6 +905,7 @@

        $s\_hidden\_fields .= '<input type="hidden" name="username" value="' . str\_replace\("\"", """, $username\) .

'" />';
$s_hidden_fields .= '<input type="hidden" name="email" value="' . str_replace("\"", "&quot;", $email) . '" />';
+ $s_hidden_fields .= '<input type="hidden" name="usertype" value="' . str_replace("\"", "&quot;", $user_type) .
'" />';
$s_hidden_fields .= '<input type="hidden" name="icq" value="' . str_replace("\"", "&quot;", $icq) . '" />';
$s_hidden_fields .= '<input type="hidden" name="aim" value="' . str_replace("\"", "&quot;", $aim) . '" />';
$s_hidden_fields .= '<input type="hidden" name="msn" value="' . str_replace("\"", "&quot;", $msn) . '" />';
@@ -1009,6 +1012,7 @@
$template->assign_vars(array(
'USERNAME' => $username,
'EMAIL' => $email,
+ 'USER_TYPE_SELECT' => user_type_select($user_type),
'YIM' => $yim,
'ICQ' => $icq,
'MSN' => $msn,
@@ -1052,6 +1056,8 @@
'L_USERNAME' => $lang['Username'],
'L_USER_TITLE' => $lang['User_admin'],
'L_USER_EXPLAIN' => $lang['User_admin_explain'],
+ 'L_USER_TYPE' => $lang['User_Type'],
+ 'L_USER_TYPE_EXPLAIN' => $lang['User_Type_explain'],
'L_NEW_PASSWORD' => $lang['New_password'],
'L_PASSWORD_IF_CHANGED' => $lang['password_if_changed'],
'L_CONFIRM_PASSWORD' => $lang['Confirm_password'],
@@ -1170,4 +1176,4 @@

include('./page_footer_admin.'.$phpEx);

-?>
\ В конце файла нет новой строки
+?>
diff -Naur ./common.php ../phpBBLDAP/common.php
--- ./common.php 2006-11-08 10:34:08.000000000 +0000
+++ ../phpBBLDAP/common.php 2006-11-08 01:13:38.000000000 +0000
@@ -188,6 +188,8 @@
include($phpbb_root_path . 'includes/auth.'.$phpEx);
include($phpbb_root_path . 'includes/functions.'.$phpEx);
include($phpbb_root_path . 'includes/db.'.$phpEx);
+include($phpbb_root_path . 'includes/functions_ldap_groups.'.$phpEx);
+include($phpbb_root_path . 'includes/functions_ldap.'.$phpEx);

// We do not need this any longer, unset for safety purposes
unset($dbpasswd);
@@ -233,4 +235,4 @@
message_die(GENERAL_MESSAGE, 'Board_disable', 'Information');
}

-?>
\ В конце файла нет новой строки
+?>
diff -Naur ./includes/functions_ldap_groups.php ../phpBBLDAP/includes/functions_ldap_groups.php
--- ./includes/functions_ldap_groups.php 1970-01-01 00:00:00.000000000 +0000
+++ ../phpBBLDAP/includes/functions_ldap_groups.php 2004-06-21 18:51:08.000000000 +0000
@@ -0,0 +1,227 @@
+<?php
+
+/***************************************************************************
+ * functions_ldap_groups.php
+ * -------------------
+ * begin : March 10, 2004
+ * copyright : (C)2004 Adam Larsen
+ * email : Adam@ACSoft.net
+ * package : LDAP Group Manager Mod
+ * version : 1.1.8
+ * Notes : This mod is a part of
+ * 'LDAP auth Mod' version 1.1.8
+ *
+ ***************************************************************************/
+
+/***************************************************************************
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ ***************************************************************************/
+
+function ldapUpdateGroups($username) {
+ // turn off reporting errors in case the password will be incorrect during binding
+ $reporting = error_reporting( E_ERROR | E_PARSE | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR );
+
+ global $db;
+ $ldapGroup = new ldapGroups();
+ $ldapGroup->ldap_members_set($username);
+
+ // Get the User_id from the DB
+ $sql = "SELECT user_id FROM ".USERS_TABLE." WHERE username = '".$username."'";
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not query User information', '', __LINE__, __FILE__, $sql);
+ }
+ $user_data = $db->sql_fetchrow($result);
+ $userid = $user_data['user_id'];
+
+ // Get the list of group that are LDAP updated that the user is a member of
+ // But not moderator (we don't want to delete the moderator).
+ $sql = "SELECT gt.group_id, gt.group_name FROM " . GROUPS_TABLE . " gt, ".USER_GROUP_TABLE." ugt
+ WHERE gt.group_id = ugt.group_id
+ AND gt.group_ldap_update = " . TRUE . "
+ AND ugt.user_id = " . $userid . "
+ AND gt.group_moderator <>" . $userid;
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not query Group membership information', '', __LINE__, __FILE__, $sql);
+ }
+ $user_group = array();
+ while( $user_group_data = $db->sql_fetchrow($result) )
+ {
+ // See if they are apart of any phpBB groups and not in LDAP
+ $user_group[] = array($user_group_data['group_name'], $user_group_data['group_id']);
+ }
+
+ foreach ($user_group as $group)
+ {
+ if (!in_array($group[0], $ldapGroup->ldapMembers))
+ {
+ // If they are not members of the LDAP group, remove them from the phpBB group
+ $sql = "DELETE FROM " . USER_GROUP_TABLE . "
+ WHERE group_id = " . $group[1] . "
+ AND user_id = " . $userid;
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not remove user from group', '', __LINE__, __FILE__, $sql);
+ }
+ }
+ }
+
+ // Get the new list of memberships
+ // Include the groups the user moderates
+ $sql = "SELECT gt.group_id, gt.group_name FROM " . GROUPS_TABLE . " gt , ".USER_GROUP_TABLE." ugt
+ WHERE gt.group_id = ugt.group_id
+ AND gt.group_ldap_update = " . TRUE . "
+ AND ugt.user_id = " . $userid;
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not query Group membership information', '', __LINE__, __FILE__, $sql);
+ }
+ // Fill an array
+ $user_group = array();
+ while( $user_group_data = $db->sql_fetchrow($result) )
+ {
+ $user_group[] = $user_group_data['group_name'];
+ }
+
+ // Get list of groups in phpBB that are LDAP updated
+ $sql = "SELECT gt.group_id, gt.group_name FROM " . GROUPS_TABLE . " gt
+ WHERE gt.group_ldap_update = 1";
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not query Group LDAP information', '', __LINE__, __FILE__, $sql);
+ }
+ // Fill an array
+ $group_ldap = array();
+ while( $group_ldap_data = $db->sql_fetchrow($result) )
+ {
+ $group_ldap[$group_ldap_data['group_name']] = $group_ldap_data['group_id'];
+ }
+
+ // Go thought the list and see if they are not members of any groups that they are in LDAP
+ foreach($ldapGroup->ldapMembers as $value)
+ {
+
+ if (!in_array($value,$user_group) && array_key_exists($value,$group_ldap))
+ {
+ // Add user the Groups
+ $sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending)
+ VALUES (" . $userid . ", " . $group_ldap[$value] . ", 0)";
+ if( !($result = $db->sql_query($sql, END_TRANSACTION)) ) {
+ message_die(GENERAL_ERROR, 'Could not insert data into user_group table', '', __LINE__, __FILE__, $sql);
+ }
+ }
+ }
+
+ unset ($ldapGroup);
+}
+
+class ldapGroups
+{
+ var $ldapConn;
+ var $ldapMembers;
+ var $userDN;
+ // ----------------------------------------------------
+ // ldap_memberof_set
+ //
+ // unsets LdapMembersOf and reloads it
+ // ----------------------------------------------------
+ function ldap_members_set ($username) {
+ // turn off reporting errors in case the password will be incorrect during binding
+ $reporting = error_reporting( E_ERROR | E_PARSE | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR );
+
+ global $board_config ;
+ $this->ldapMembers = array();
+ $this->ldapConn = ldap_connect_ex();
+ if ($this->ldapConn == false) {
+ message_die(GENERAL_ERROR, 'Could not connect to LDAP directory.', '', __LINE__, __FILE__, '');
+ return false;
+ }
+ else {
+ if ($board_config["ldap_proxy_dn"] != "") {
+ $bind = ldap_bind($this->ldapConn, $board_config["ldap_proxy_dn"], $board_config["ldap_proxy_dn_pass"]);
+ }
+ else {
+ $bind = ldap_bind($this->ldapConn);
+ }
+ if ($bind == false) {
+ message_die(GENERAL_ERROR, 'Could not bind to LDAP directory.', '', __LINE__, __FILE__, '');
+ return false;
+ }
+ else {
+
+ //-------------------------------------
+ // Get Primary Group ID
+ //-------------------------------------
+ $ldapSearch = ldap_search($this->ldapConn, $board_config["ldap_dn"], $board_config['ldap_uid'].'='.
$username,array("primarygroupid"));
+ //$ldapSearch = ldap_read($this->ldapConn, $ObjectDN, 'objectClass=*',array("primarygroupid"));
+ $ldapResults = ldap_get_entries($this->ldapConn, $ldapSearch);
+ if ($ldapResults["count"] != 1) {
+ message_die(GENERAL_ERROR, 'Could not find user in LDAP directory.', '', __LINE__, __FILE__, '');
+ return false;
+ }
+ else
+ {
+ $this->userDN = $ldapResults[0]["dn"];
+ if ($this->userDN == '')
+ message_die(GENERAL_ERROR, 'Could not find DN.', '', __LINE__, __FILE__, '');
+ if (isset($ldapResults[0]['primarygroupid'][0]))
+ $this->ldapMembers[] = $ldapResults[0]['primarygroupid'][0];
+ //else - Non AD systems don't have PrimaryGroupID's so no need for an error.
+ //message_die(GENERAL_ERROR, 'Could did find Primary Group ID.', '', __LINE__, __FILE__, '');
+ ldap_free_result($ldapSearch);
+ //-------------------------------------
+ // Get the other Groups
+ //-------------------------------------
+
+ $this->ldap_members ($this->userDN);
+ return true;
+ }
+ //-------------------------------------
+ // Clean up
+ //-------------------------------------
+ ldap_unbind($this->ldapConn);
+ }
+ }
+ }
+
+ // ----------------------------------------------------
+ // ldap_member()
+ //
+ // Fill array with the list of group this CN is a member of
+ // ----------------------------------------------------
+ function ldap_members ($ObjectDN) {
+ // turn off reporting errors in case the password will be incorrect during binding
+ $reporting = error_reporting( E_ERROR | E_PARSE | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR );
+
+ global $board_config;
+
+ $attribute = $board_config['ldap_gid'];
+ $ldapUserName = $board_config['ldap_uid'];
+
+ $ldapSearch = ldap_read($this->ldapConn, $ObjectDN, 'objectclass=*', array($ldapUserName,"cn",$attribute) );
+ $ldapResults = ldap_get_entries($this->ldapConn, $ldapSearch);
+ // Find any sub groups
+ if (isset($ldapResults[0][$attribute]))
+ {
+ for ($detail = 0; $detail < $ldapResults[0][$attribute]['count']; $detail++)
+ {
+ $MemberCN = $ldapResults[0][$attribute][$detail];
+ $this->ldap_members ($MemberCN);
+ }
+ }
+ // Add the current CN to the list
+ // and check for duplicits
+ if (isset($ldapResults[0][$ldapUserName][0]) && !in_array($ldapResults[0][$ldapUserName][0],$this->ldapMembers)){
+
+ $this->ldapMembers[] = $ldapResults[0][$ldapUserName][0];
+ }
+ ldap_free_result($ldapSearch);
+ }
+}
+?>
\ В конце файла нет новой строки
diff -Naur ./includes/functions_ldap.php ../phpBBLDAP/includes/functions_ldap.php
--- ./includes/functions_ldap.php 1970-01-01 00:00:00.000000000 +0000
+++ ../phpBBLDAP/includes/functions_ldap.php 2006-11-08 02:29:15.000000000 +0000
@@ -0,0 +1,312 @@
+<?php
+
+/***************************************************************************
+ functions_ldap.php
+ * -------------------
+ * begin : Thursday, May 1, 2003
+ * copyright : (C)2003 Piotr Kuczyñski
+ * email : pkuczynski@hypode.net
+ * package : LDAP Auth MOD
+ * version : 1.1.8
+ *
+ ***************************************************************************/
+
+/***************************************************************************
+ * Updated : Monday, March 15, 2004
+ * copyright : (C)2004 Adam Larsen
+ * email : Adam@ACSoft.net
+ * package : LDAP Auth MOD
+ ***************************************************************************/
+
+/***************************************************************************
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ ***************************************************************************/
+
+define('LDAP_AUTH_OK', 1);
+define('LDAP_INVALID_USERNAME', 2);
+define('LDAP_INVALID_PASSWORD', 4);
+define('ALLOW_BASIC_AUTH', true);
+define('User_Type_Both',0);
+define('User_Type_phpBB',1);
+define('User_Type_LDAP',2);
+
+// ----------------------------------------------------
+// ldap_auth()
+//
+// Authenticate user using LDAP directory
+// ----------------------------------------------------
+function ldap_auth ($username, $password) {
+ global $db, $board_config;
+
+if ($username == "" || ($password == "" && !ntlm_check()))
+ {
+ message_die(GENERAL, "No Username and/or Password. Can't authenticate", '', __LINE__, __FILE__, '');
+ }
+
+ // turn off reporting errors in case the password will be incorrect during binding
+ $reporting = error_reporting( E_ERROR | E_PARSE | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR );
+
+ $connection = ldap_connect_ex();
+ if ($connection == false) {
+ message_die(GENERAL_ERROR, 'Could not connect to LDAP directory.', '', __LINE__, __FILE__, '');
+ }
+ else {
+ ldap_set_option($connection,LDAP_OPT_PROTOCOL_VERSION,3);
+ if ($board_config["ldap_proxy_dn"] != "") {
+ $bind = ldap_bind($connection, $board_config["ldap_proxy_dn"], $board_config["ldap_proxy_dn_pass"]);
+ }
+ else {
+ $bind = ldap_bind($connection);
+ }
+ if ($bind == false) {
+ message_die(GENERAL_ERROR, 'Could not bind to LDAP directory.', '', __LINE__, __FILE__, '');
+ }
+ else {
+ $query = ldap_search($connection, $board_config["ldap_dn"], $board_config['ldap_uid'].'='. $username);
+ if ($query == false) {
+ message_die(GENERAL_ERROR, 'Could not perform query to LDAP directory.', '', __LINE__, __FILE__, 'User
Name: ' . $board_config['ldap_uid'] . '=' . $username . ' Base DN: ' . $board_config["ldap_dn"]);
+ }
+ else {
+ $query_result = ldap_get_entries($connection, $query);
+
+ if ($query_result["count"] != 1) {
+ $result = LDAP_INVALID_USERNAME;
+ }
+ else {
+ $userdn = $query_result[0]["dn"];
+ $email = " user_email = '" . str_replace("\'", "''",
$query_result[0][$board_config["ldap_email"]][0]) . "', ";
+ $web = ( !$board_config["ldap_web"]== "") ? "user_website = '" . str_replace("\'", "''",
$query_result[0][$board_config["ldap_web"]][0]) . "', " : "";
+ $location = ( !$board_config["ldap_location"]== "") ? "user_from = '" . str_replace("\'", "''",
$query_result[0][$board_config["ldap_location"]][0]) . "', " : "";
+ $occupation = ( !$board_config["ldap_occupation"]== "") ? "user_occ = '" . str_replace("\'", "''",
$query_result[0][$board_config["ldap_occupation"]][0]) . "', " : "";
+ $signature = ( !$board_config["ldap_signature"] == "") ? "user_sig = ' " . str_replace("\'", "''",
$query_result[0][$board_config["ldap_signature"]][0]) . "', " : "";
+
+ // Update user
+ $sql = "UPDATE " . USERS_TABLE . ' SET '
+ . $email
+ . $web
+ . $occupation
+ . $location
+ . $signature;
+ $sql = substr($sql,0,strlen($sql) - 2);
+ $sql = $sql . " WHERE username = '" . $username . "'";
+
+ if ( !($result = $db->sql_query($sql)) ) {
+ message_die(GENERAL_ERROR, 'Could not insert data into users table', '', __LINE__, __FILE__,
$sql);
+ }
+ if (ntlm_check()){
+ //Logon using NTLM
+ $result = LDAP_AUTH_OK;
+ }
+ else
+ {
+ ldap_close($connection);
+ // bind using user's DN and given $password to check if the password is correct
+ $connection = ldap_connect_ex();
+ ldap_set_option($connection,LDAP_OPT_PROTOCOL_VERSION,3);
+ $bind = ldap_bind($connection, $userdn, $password);
+
+ if ($bind == false or $password=='') {
+ $result = LDAP_INVALID_PASSWORD;
+ }
+ else {
+ $result = LDAP_AUTH_OK;
+ }
+ }
+ }
+ }
+ }
+ }
+
+ ldap_close($connection);
+ error_reporting($reporting);
+
+ return $result;
+}
+
+// ----------------------------------------------------
+// ldap_connect_ex()
+//
+// Connects to LDAP on specifing port, if it was configured
+// using Authentication Settings in Control Panel
+// ----------------------------------------------------
+function ldap_connect_ex() {
+ global $board_config;
+
+ if ($board_config['ldap_port'] != '') {
+ $connection = ldap_connect($board_config['ldap_host'], $board_config['ldap_port']);
+ if (!$connection && $board_config['ldap_host2'] != '')
+ {
+ //Unable to connect the host 1, try host 2
+ $connection = ldap_connect($board_config['ldap_host2'], $board_config['ldap_port2']);
+ }
+ }
+ else {
+ $connection = ldap_connect($board_config['ldap_host']);
+ if (!$connection && $board_config['ldap_host2'] != '')
+ {
+ //Unable to connect the host 1, try host 2
+ $connection = ldap_connect($board_config['ldap_host2']);
+ }
+ }
+ if ($board_config['ldap_start_tls'] != '0') {
+ ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, 3);
+ ldap_start_tls($connection);
+ }
+ return $connection;
+}
+
+// ----------------------------------------------------
+// add_ldap_user()
+//
+// Adds new user to phpBB database, basing on the information
+// found in LDAP directory.
+// ----------------------------------------------------
+function add_ldap_user ($username) {
+ global $db, $board_config;
+
+ // reading user informations from ldap
+ $connection = ldap_connect_ex();
+ ldap_set_option($connection,LDAP_OPT_PROTOCOL_VERSION,3);
+
+ if ($board_config["ldap_proxy_dn"] != "") {
+ $bind = ldap_bind($connection, $board_config["ldap_proxy_dn"], $board_config["ldap_proxy_dn_pass"]);
+ }
+ else {
+ $bind = ldap_bind($connection);
+ }
+ $query = ldap_search($connection, $board_config["ldap_dn"], $board_config['ldap_uid'].'='.$username);
+ $query_result = ldap_get_entries($connection, $query);
+
+ $email = $query_result[0][$board_config["ldap_email"]][0];
+ $web = $query_result[0][$board_config["ldap_web"]][0];
+ $location = $query_result[0][$board_config["ldap_location"]][0];
+ $occupation = $query_result[0][$board_config["ldap_occupation"]][0];
+ $signature = $query_result[0][$board_config["ldap_signature"]][0];
+
+ ldap_close($connection);
+
+ // obtaining new user id
+ $sql = "SELECT MAX(user_id) AS total
+ FROM " . USERS_TABLE;
+
+ if ( !($result = $db->sql_query($sql)) ) {
+ message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
+ }
+
+ if ( !($row = $db->sql_fetchrow($result)) ) {
+ message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
+ }
+ $user_id = $row['total'] + 1;
+
+ // creating new user
+ $sql = "INSERT INTO " . USERS_TABLE .
+ "( user_id, "
+ . "username, "
+ . "user_regdate, "
+ . "user_password, "
+ . "user_email, "
+ . "user_website, "
+ . "user_occ, "
+ . "user_from, "
+ . "user_sig, "
+ . "user_viewemail, "
+ . "user_attachsig, "
+ . "user_allowsmile, "
+ . "user_allowhtml, "
+ . "user_allowbbcode, "
+ . "user_allow_viewonline, "
+ . "user_notify, "
+ . "user_notify_pm, "
+ . "user_popup_pm, "
+ . "user_timezone, "
+ . "user_dateformat, "
+ . "user_lang, "
+ . "user_style, "
+ . "user_level, "
+ . "user_allow_pm, "
+ . "user_active,"
+ . "user_type"
+ .")"
+ ."VALUES ("
+ . "$user_id, " // user_id
+ . "'" . str_replace("\'", "''", $username) . "', " // username
+ . time() . ", " // user_regdate
+ . "'', " // user_password
+ . "'" . str_replace("\'", "''", $email) . "', " // user_email
+ . "'" . str_replace("\'", "''", $web) . "', " // user_website
+ . "'" . str_replace("\'", "''", $occupation) . "', " // user_occ
+ . "'" . str_replace("\'", "''", $location) . "', " // user_from
+ . "'" . str_replace("\'", "''", $signature) . "', " // user_sig
+ . "1, " //
user_viewemail
+ . $board_config['allow_sig'] . ", " // user_attachsig
+ . $board_config['allow_smilies'] . ", " // user_allowsmile
+ . $board_config['allow_html'] . ", " // user_allowhtml
+ . $board_config['allow_bbcode'] . ", " // user_allowbbcode
+ . "1, " //
user_allow_viewonline
+ . "0, " //
user_notify
+ . "1, " //
user_notify_pm
+ . "1, " //
user_popup_pm
+ . $board_config['board_timezone'] . ", " // user_timezone
+ . "'" . $board_config['default_dateformat'] . "', " // user_dateformat
+ . "'" . $board_config['default_lang'] . "', " // user_lang
+ . $board_config['default_style'] . ", " // user_style
+ . "0, " //
user_level
+ . "1, " //
user_allow_pm
+ . "1, "
+ . User_Type_LDAP . " " //
user_active
+ .")";
+
+ if ( !($result = $db->sql_query($sql, BEGIN_TRANSACTION)) ) {
+ message_die(GENERAL_ERROR, 'Could not insert data into users table', '', __LINE__, __FILE__, $sql);
+ }
+
+ // creating new 'personal user' group
+ $sql = "INSERT INTO " . GROUPS_TABLE . " (group_name, group_description, group_single_user, group_moderator)
+ VALUES ('', 'Personal User', 1, 0)";
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not insert data into groups table', '', __LINE__, __FILE__, $sql);
+ }
+
+ $group_id = $db->sql_nextid();
+
+ // assigning new user to the new 'personal user' group
+ $sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending)
+ VALUES ($user_id, $group_id, 0)";
+ if( !($result = $db->sql_query($sql, END_TRANSACTION)) ) {
+ message_die(GENERAL_ERROR, 'Could not insert data into user_group table', '', __LINE__, __FILE__, $sql);
+ }
+}
+
+function ntlm_check () {
+ global $board_config;
+ if (isset($_SERVER['AUTH_TYPE']) && (($_SERVER['AUTH_TYPE'] == 'Basic' && ALLOW_BASIC_AUTH) || $_SERVER['AUTH_TYPE'] ==
'NTLM' || $_SERVER['AUTH_TYPE'] == 'Negotiate') && $board_config['auth_mode'] == 'ldap')
+ return true;
+ else
+ return false;
+}
+
+function ntlm_get_user() {
+ if (ntlm_check())
+ {
+ $ntlm_user = $_SERVER['REMOTE_USER'];
+ $strloc = strpos($ntlm_user,"\\");
+ $strloc++;
+ if (substr($ntlm_user, $strloc, 1) == "\\" )
+ $strloc++;
+ if ($strloc > 2)
+ $username = substr($ntlm_user,$strloc);
+ else
+ $username = $ntlm_user;
+ return $username;
+ }
+ else
+ return false;
+}
+
+?>
diff -Naur ./includes/functions_selects.php ../phpBBLDAP/includes/functions_selects.php
--- ./includes/functions_selects.php 2006-11-08 10:34:07.000000000 +0000
+++ ../phpBBLDAP/includes/functions_selects.php 2006-11-08 01:41:07.000000000 +0000
@@ -108,4 +108,35 @@
return $tz_select;
}

-?>
\ В конце файла нет новой строки
+//
+// Pick a auth mode
+//
+function auth_select($default, $select_name = 'auth_mode')
+{
+ $selected = '';
+
+ $auth_mode_select = '<select name="' . $select_name . '">';
+ $auth_mode_select .= '<option value="phpbb"' . (($default == 'phpbb')? 'selected' : '') . '>phpBB</option>';
+ $auth_mode_select .= '<option value="ldap"' . (($default == 'ldap')? 'selected' : '') . '>LDAP</option>';
+ //$auth_mode_select .= '<option value="ldap_phpbb"' . (($default == 'ldap_phpbb')? 'selected' : '') . '>LDAP and phpBB</
option>';
+ $auth_mode_select .= '</select>';
+
+ return $auth_mode_select;
+}
+
+//
+// Pick a user auth type
+//
+function user_type_select($default, $select_name = 'usertype')
+{
+ $type_select = '';
+
+ $type_select = '<select name="' . $select_name . '">';
+ $type_select .= '<option value=' . User_Type_Both . (($default == User_Type_Both)? ' selected' : '') . '>LDAP or phpBB</
option>';
+ $type_select .= '<option value=' . User_Type_LDAP . (($default == User_Type_LDAP)? ' selected' : '') . '>LDAP Only</option>';
+ $type_select .= '<option value=' . User_Type_phpBB . (($default == User_Type_phpBB)? ' selected' : '') . '>phpBB Only</
option>';
+ $type_select .= '</select>';
+
+ return $type_select;
+}
+?>
diff -Naur ./includes/page_header.php ../phpBBLDAP/includes/page_header.php
--- ./includes/page_header.php 2006-11-08 10:34:07.000000000 +0000
+++ ../phpBBLDAP/includes/page_header.php 2006-11-08 01:43:11.000000000 +0000
@@ -74,11 +74,24 @@
{
$u_login_logout = 'login.'.$phpEx.'?logout=true&amp;sid=' . $userdata['session_id'];
$l_login_logout = $lang['Logout'] . ' [ ' . $userdata['username'] . ' ]';
+ if (ntlm_check() && !defined("IN_LOGIN")){
+ if (strcmp(strtolower(ntlm_get_user()), strtolower( $userdata['username']) )) {
+ //Logout if we are logged on as a diffrent user
+ header('Location: ' . append_sid("login.$phpEx?logout=true&amp;redirect=index.$phpEx", true));
+ message_die(GENERAL_MESSAGE, "You have been logged out <BR><BR> Click <A HREF=login.$phpEx>Here</A> to login
again. <BR><BR>Click <A HREF=index.$phpEx>Here</A> to return the the forum index.");
+ exit();
+ }
+ }
}
else
{
$u_login_logout = 'login.'.$phpEx;
$l_login_logout = $lang['Login'];
+ if ($board_config['disable_guest'] == 1 && !defined("IN_LOGIN") && !defined("IN_SEARCHUSER")) {
+ header('Location: ' . append_sid("login.$phpEx?redirect=index.$phpEx", true));
+ message_die(GENERAL_MESSAGE, "This forum doesn't allow guest access <BR><BR> Click <A HREF=login.$phpEx>Here</A> to
login.");
+ exit();
+ }
}

$s_last_visit = ( $userdata['session_logged_in'] ) ? create_date($board_config['default_dateformat'],
$userdata['user_lastvisit'], $board_config['board_timezone']) : '';
@@ -487,4 +500,4 @@

$template->pparse('overall_header');

-?>
\ В конце файла нет новой строки
+?>
diff -Naur ./includes/usercp_register.php ../phpBBLDAP/includes/usercp_register.php
--- ./includes/usercp_register.php 2006-11-08 10:34:07.000000000 +0000
+++ ../phpBBLDAP/includes/usercp_register.php 2006-11-08 01:46:55.000000000 +0000
@@ -794,6 +794,11 @@
else if ( $mode ==
'editprofile' && !isset($HTTP_POST_VARS['avatargallery']) && !isset($HTTP_POST_VARS['submitavatar']) && !isset($HTTP_POST_VARS['cancelavatar']) )
{
$user_id = $userdata['user_id'];
+ $hideldapvalues = ( $userdata['user_type'] == User_Type_LDAP ) ? 'style="display: none"' : '';
+ $hideldapweb = ( !$board_config["ldap_web"]== "") ? $hideldapvalues : '';
+ $hideldaplocation = ( !$board_config["ldap_location"]== "") ? $hideldapvalues : '';
+ $hideldapoccupation = ( !$board_config["ldap_occupation"]== "") ? $hideldapvalues : '';
+ $hideldapsignature = ( !$board_config["ldap_signature"]== "") ? $hideldapvalues : '';
$username = $userdata['username'];
$email = $userdata['user_email'];
$cur_password = '';
@@ -1019,6 +1024,11 @@
$form_enctype = ( @$ini_val('file_uploads') == '0' || strtolower(@$ini_val('file_uploads') == 'off') || phpversion() ==
'4.0.4pl1' || !$board_config['allow_avatar_upload'] || ( phpversion() < '4.0.3' && @$ini_val('open_basedir') != '' ) ) ? '' :
'enctype="multipart/form-data"';

$template->assign\_vars\(array\(

+ 'HIDELDAPVALUES' => $hideldapvalues,
+ 'HIDELDAPWEB' => $hideldapweb,
+ 'HIDELDAPLOCATION' => $hideldaplocation,
+ 'HIDELDAPOCCUPATION' => $hideldapoccupation,
+ 'HIDELDAPSIGNATURE' => $hideldapsignature,
'USERNAME' => isset($username) ? $username : '',
'CUR_PASSWORD' => isset($cur_password) ? $cur_password : '',
'NEW_PASSWORD' => isset($new_password) ? $new_password : '',
@@ -1168,4 +1178,4 @@

include($phpbb_root_path . 'includes/page_tail.'.$phpEx);

-?>
\ В конце файла нет новой строки
+?>
diff -Naur ./includes/usercp_sendpasswd.php ../phpBBLDAP/includes/usercp_sendpasswd.php
--- ./includes/usercp_sendpasswd.php 2006-11-08 10:34:07.000000000 +0000
+++ ../phpBBLDAP/includes/usercp_sendpasswd.php 2006-11-08 01:44:43.000000000 +0000
@@ -32,7 +32,7 @@
$username = ( !empty($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : '';

- $sql = "SELECT user_id, username, user_email, user_active, user_lang
+ $sql = "SELECT user_id, username, user_email, user_active, user_lang, user_type
FROM " . USERS_TABLE . "
WHERE user_email = '" . str_replace("\'", "''", $email) . "'
AND username = '" . str_replace("\'", "''", $username) . "'";
@@ -44,6 +44,10 @@
{
message_die(GENERAL_MESSAGE, $lang['No_send_account_inactive']);
}
+ if ($row['user_type'] == User_Type_LDAP)
+ {
+ message_die(GENERAL_ERROR, $lang['No_send_account_LDAP']);
+ }

        $username = $row\['username'\];
        $user\_id = $row\['user\_id'\];

@@ -135,4 +139,4 @@

include($phpbb_root_path . 'includes/page_tail.'.$phpEx);

-?>
\ В конце файла нет новой строки
+?>
diff -Naur ./language/lang_english/lang_admin.php ../phpBBLDAP/language/lang_english/lang_admin.php
--- ./language/lang_english/lang_admin.php 2006-11-08 10:34:07.000000000 +0000
+++ ../phpBBLDAP/language/lang_english/lang_admin.php 2006-11-08 01:49:05.000000000 +0000
@@ -256,6 +256,30 @@
$lang['Acc_None'] = 'None'; // These three entries are the type of activation
$lang['Acc_User'] = 'User';
$lang['Acc_Admin'] = 'Admin';
+$lang['Auth_settings'] = 'Authentication Settings';
+$lang['Disable_Guest'] = 'Disable Guest Account';
+$lang['Auth_mode'] = 'Authentication Mode';
+$lang['Ldap_host'] = 'LDAP Host Name';
+$lang['Ldap_port'] = 'LDAP Port';
+$lang['Ldap_host2'] = 'LDAP Secondary Host Name (OPTIONAL)';
+$lang['Ldap_port2'] = 'LDAP Secondery Host Port (OPTIONAL)';
+$lang['Ldap_dn'] = 'Base DN';
+$lang['Ldap_dn_explain'] = 'Base DN, which will be used as start point for LDAP directory';
+$lang['Ldap_uid'] = 'LDAP User ID Field';
+$lang['Ldap_uid_explain'] = 'LDAP User ID Field, what LDAP property/field do you want to use as your forum user names. (default
= \'uid\', Active Directory = \'samaccountname\')';
+$lang['ldap_group_sync'] = 'Enable Group sync with LDAP';
+$lang['ldap_gid'] = 'LDAP Group Membership Field';
+$lang['ldap_gid_explain'] = 'What LDAP property/field do you want to use to determen that groups a user is a member of. This
will be a user property. (default = \'member\', Active Directory = \'memberof\')';
+$lang['ldap_email'] = 'LDAP property/field containing user e-mail addresses';
+$lang['ldap_web'] = 'LDAP property/field containing user web site addresses';
+$lang['ldap_location'] = 'LDAP property/field containing user locations';
+$lang['ldap_occupation'] = 'LDAP property/field containing user occupation';
+$lang['ldap_signature'] = 'LDAP property/field containing user signature (I.E. display name)';
+$lang['Ldap_proxy_dn'] = 'Proxy DN (OPTIONAL)';
+$lang['Ldap_proxy_dn_explain'] = 'Used if your LDAP server does not allow anonymous access (I.E. Active Directory). This must
be the FULL distinguished name of a user that has read access to your LDAP server';
+$lang['Ldap_proxy_dn_pass'] = 'Proxy DN Password (OPTIONAL)';
+$lang['Ldap_proxy_dn_pass_explain'] = 'This password is stored in CLEAR text, in your Database!!! Make sure this user only has
read access to LDAP and nothing else (make it a guest). And make sure users can not get to your DB';
+$lang['Ldap_start_tls'] = 'TLS support';

$lang['Abilities_settings'] = 'User and Forum Basic Settings';
$lang['Max_poll_options'] = 'Max number of poll options';
@@ -436,6 +460,8 @@
//
$lang['User_admin'] = 'User Administration';
$lang['User_admin_explain'] = 'Here you can change your users\' information and certain options. To modify the users\'
permissions, please use the user and group permissions system.';
+$lang['User_Type'] = 'User Authentication system';
+$lang['User_Type_explain'] = 'Selects what systems the user can authenticate against. See install file or phpBB.com forum for
more explanation';

$lang['Look_up_user'] = 'Look up user';

@@ -485,6 +511,7 @@
$lang['No_group_action'] = 'No action was specified';
$lang['delete_group_moderator'] = 'Delete the old group moderator?';
$lang['delete_moderator_explain'] = 'If you\'re changing the group moderator, check this box to remove the old moderator from
the group. Otherwise, do not check it, and the user will become a regular member of the group.';
+$lang['group_ldap_update'] = 'Group membership is managed in LDAP';
$lang['Click_return_groupsadmin'] = 'Click %sHere%s to return to Group Administration.';
$lang['Select_group'] = 'Select a group';
$lang['Look_up_group'] = 'Look up group';
@@ -763,4 +790,4 @@
// That's all Folks!
// -------------------------------------------------

-?>
\ В конце файла нет новой строки
+?>
diff -Naur ./language/lang_english/lang_main.php ../phpBBLDAP/language/lang_english/lang_main.php
--- ./language/lang_english/lang_main.php 2006-11-08 10:34:07.000000000 +0000
+++ ../phpBBLDAP/language/lang_english/lang_main.php 2006-11-08 01:50:09.000000000 +0000
@@ -545,6 +545,7 @@
$lang['Incomplete_URL'] = 'The URL you entered is incomplete';
$lang['Wrong_remote_avatar_format'] = 'The URL of the remote avatar is not valid';
$lang['No_send_account_inactive'] = 'Sorry, but your password cannot be retrieved because your account is currently inactive.
Please contact the forum administrator for more information.';
+$lang['No_send_account_LDAP'] = 'Sorry, but your password cannot be retrieved. Please contact the forum administrator for more
information.';

$lang['Always_smile'] = 'Always enable Smilies';
$lang['Always_html'] = 'Always allow HTML';
@@ -1022,4 +1023,4 @@
// That's all, Folks!
// -------------------------------------------------

-?>
\ В конце файла нет новой строки
+?>
diff -Naur ./LDAPcheck.php ../phpBBLDAP/LDAPcheck.php
--- ./LDAPcheck.php 1970-01-01 00:00:00.000000000 +0000
+++ ../phpBBLDAP/LDAPcheck.php 2004-06-21 16:12:46.000000000 +0000
@@ -0,0 +1,701 @@
+<?php
+
+/***************************************************************************
+ LDAPcheck.php
+ * -------------------
+ * begin : Monday, April 27, 2004
+ * copyright : (C)2004 Adam Larsen
+ * email : Adam@ACSoft.net
+ * package : LDAP Auth MOD
+ * version : 1.1.8
+ *
+ ***************************************************************************/
+
+/***************************************************************************
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ ***************************************************************************/
+
+/*
+ * DEFAULT VALUES for you site (OPTIONAL)
+ */
+$ldapServer = '';
+$ldapBase = '';
+$ldapUser = '';
+$ldappass = '';
+$ldapSearchValue = '';
+
+$ldapSearchField = 'user';
+$ldap_gid = 'member';
+$justthese =
array($ldapSearchField,'uid','samaccountname','displayname','physicaldeliveryofficename','mail','member','memberof') ;
+
+$SearchSelect = 2; // 1 = User Name, 2 = User DN
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+?>
+
+<HTML>
+<HEAD>
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
+<!-- link rel="stylesheet" href="templates/subSilver/subSilver.css" type="text/css" -->
+<style type="text/css">
+<!--
+
+/*
+ The original subSilver Theme for phpBB version 2+
+ Created by subBlue design
+ http://www.subBlue.com
+
+ NOTE: These CSS definitions are stored within the main page body so that you can use the phpBB2
+ theme administration centre. When you have finalised your style you could cut the final CSS code
+ and place it in an external file, deleting this section to save bandwidth.
+*/
+
+
+ /* General page style. The scroll bar colours only visible in IE5.5+ */
+body {
+ background-color: #E5E5E5;
+ scrollbar-face-color: #DEE3E7;
+ scrollbar-highlight-color: #FFFFFF;
+ scrollbar-shadow-color: #DEE3E7;
+ scrollbar-3dlight-color: #D1D7DC;
+ scrollbar-arrow-color: #006699;
+ scrollbar-track-color: #EFEFEF;
+ scrollbar-darkshadow-color: #98AAB1;
+}
+
+/* General font families for common tags */
+font,th,td,p { font-family: Verdana, Arial, Helvetica, sans-serif }
+p, td { font-size : 11; color : #000000; }
+a:link,a:active,a:visited { color : #006699; }
+a:hover { text-decoration: underline; color : #DD6900; }
+hr { height: 0px; border: solid #D1D7DC 0px; border-top-width: 1px;}
+h1,h2 { font-family: "Trebuchet MS", Verdana, Arial, Helvetica, sans-serif; font-size : 22px; font-weight : bold;
text-decoration : none; line-height : 120%; color : #000000;}
+
+
+/* This is the border line & background colour round the entire page */
+.bodyline { background-color: #FFFFFF; border: 1px #98AAB1 solid; }
+
+/* This is the outline round the main forum tables */
+.forumline { background-color: #FFFFFF; border: 2px #006699 solid; }
+
+
+/* Main table cell colours and backgrounds */
+td.row1 { background-color: #EFEFEF; }
+td.row2 { background-color: #DEE3E7; }
+td.row3 { background-color: #D1D7DC; }
+
+
+/*
+ This is for the table cell above the Topics, Post & Last posts on the index.php page
+ By default this is the fading out gradiated silver background.
+ However, you could replace this with a bitmap specific for each forum
+*/
+td.rowpic {
+ background-color: #FFFFFF;
+ background-image: url(templates/subSilver/images/cellpic2.jpg);
+ background-repeat: repeat-y;
+}
+
+/* Header cells - the blue and silver gradient backgrounds */
+th {
+ color: #FFA34F; font-size: 11px; font-weight : bold;
+ background-color: #006699; height: 25px;
+ background-image: url(templates/subSilver/images/cellpic3.gif);
+}
+
+td.cat,td.catHead,td.catSides,td.catLeft,td.catRight,td.catBottom {
+ background-image: url(templates/subSilver/images/cellpic1.gif);
+ background-color:#D1D7DC; border: #FFFFFF; border-style: solid; height: 28px;
+}
+
+
+/*
+ Setting additional nice inner borders for the main table cells.
+ The names indicate which sides the border will be on.
+ Don't worry if you don't understand this, just ignore it :-)
+*/
+td.cat,td.catHead,td.catBottom {
+ height: 29px;
+ border-width: 0px 0px 0px 0px;
+}
+th.thHead,th.thSides,th.thTop,th.thLeft,th.thRight,th.thBottom,th.thCornerL,th.thCornerR {
+ font-weight: bold; border: #FFFFFF; border-style: solid; height: 28px; }
+td.row3Right,td.spaceRow {
+ background-color: #D1D7DC; border: #FFFFFF; border-style: solid; }
+
+th.thHead,td.catHead { font-size: 12px; border-width: 1px 1px 0px 1px; }
+th.thSides,td.catSides,td.spaceRow { border-width: 0px 1px 0px 1px; }
+th.thRight,td.catRight,td.row3Right { border-width: 0px 1px 0px 0px; }
+th.thLeft,td.catLeft { border-width: 0px 0px 0px 1px; }
+th.thBottom,td.catBottom { border-width: 0px 1px 1px 1px; }
+th.thTop { border-width: 1px 0px 0px 0px; }
+th.thCornerL { border-width: 1px 0px 0px 1px; }
+th.thCornerR { border-width: 1px 1px 0px 0px; }
+
+
+/* The largest text used in the index page title and toptic title etc. */
+.maintitle {
+ font-weight: bold; font-size: 22px; font-family: "Trebuchet MS",Verdana, Arial, Helvetica, sans-serif;
+ text-decoration: none; line-height : 120%; color : #000000;
+}
+
+
+/* General text */
+.gen { font-size : 12px; }
+.genmed { font-size : 11px; }
+.gensmall { font-size : 10px; }
+.gen,.genmed,.gensmall { color : #000000; }
+a.gen,a.genmed,a.gensmall { color: #006699; text-decoration: none; }
+a.gen:hover,a.genmed:hover,a.gensmall:hover { color: #DD6900; text-decoration: underline; }
+
+
+/* The register, login, search etc links at the top of the page */
+.mainmenu { font-size : 11px; color : #000000 }
+a.mainmenu { text-decoration: none; color : #006699; }
+a.mainmenu:hover{ text-decoration: underline; color : #DD6900; }
+
+
+/* Forum category titles */
+.cattitle { font-weight: bold; font-size: 12px ; letter-spacing: 1px; color : #006699}
+a.cattitle { text-decoration: none; color : #006699; }
+a.cattitle:hover{ text-decoration: underline; }
+
+
+/* Forum title: Text and link to the forums used in: index.php */
+.forumlink { font-weight: bold; font-size: 12px; color : #006699; }
+a.forumlink { text-decoration: none; color : #006699; }
+a.forumlink:hover{ text-decoration: underline; color : #DD6900; }
+
+
+/* Used for the navigation text, (Page 1,2,3 etc) and the navigation bar when in a forum */
+.nav { font-weight: bold; font-size: 11px; color : #000000;}
+a.nav { text-decoration: none; color : #006699; }
+a.nav:hover { text-decoration: underline; }
+
+
+
+/* Name of poster in viewmsg.php and viewtopic.php and other places */
+.name { font-size : 11px; color : #000000;}
+
+/* Location, number of posts, post date etc */
+.postdetails { font-size : 10px; color : #000000; }
+
+
+/* The content of the posts (body of text) */
+.postbody { font-size : 12px; line-height: 18px}
+a.postlink:link { text-decoration: none; color : #006699 }
+a.postlink:visited { text-decoration: none; color : #5493B4; }
+a.postlink:hover { text-decoration: underline; color : #DD6900}
+
+
+/* Quote & Code blocks */
+.code {
+ font-family: Courier, 'Courier New', sans-serif; font-size: 11px; color: #006600;
+ background-color: #FAFAFA; border: #D1D7DC; border-style: solid;
+ border-left-width: 1px; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px
+}
+
+.quote {
+ font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 11px; color: #444444; line-height: 125%;
+ background-color: #FAFAFA; border: #D1D7DC; border-style: solid;
+ border-left-width: 1px; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px
+}
+
+
+/* Copyright and bottom info */
+.copyright { font-size: 10px; font-family: Verdana, Arial, Helvetica, sans-serif; color: #444444; letter-spacing: -1px;}
+a.copyright { color: #444444; text-decoration: none;}
+a.copyright:hover { color: #000000; text-decoration: underline;}
+
+
+/* Form elements */
+input,textarea, select {
+ color : #000000;
+ font: normal 11px Verdana, Arial, Helvetica, sans-serif;
+ border-color : #000000;
+}
+
+/* The text input fields background colour */
+input.post, textarea.post, select {
+ background-color : #FFFFFF;
+}
+
+input { text-indent : 2px; }
+
+/* The buttons used for bbCode styling in message post */
+input.button {
+ background-color : #EFEFEF;
+ color : #000000;
+ font-size: 11px; font-family: Verdana, Arial, Helvetica, sans-serif;
+}
+
+/* The main submit button option */
+input.mainoption {
+ background-color : #FAFAFA;
+ font-weight : bold;
+}
+
+/* None-bold submit button */
+input.liteoption {
+ background-color : #FAFAFA;
+ font-weight : normal;
+}
+
+/* This is the line in the posting page which shows the rollover
+ help line. This is actually a text box, but if set to be the same
+ colour as the background no one will know ;)
+*/
+.helpline { background-color: #DEE3E7; border-style: none; }
+
+
+/* Import the fancy styles for IE only (NS4.x doesn't use the @import function) */
+@import url("templates/subSilver/formIE.css");
+-->
+</style>
+</HEAD>
+<body bgcolor="#E5E5E5" text="#000000" link="#006699" vlink="#5493B4">
+
+<?php
+
+if (isset($_POST['ServerInfo']))
+ $ldapServer = $_POST['ServerInfo'];
+if (isset($_POST['BaseDN']))
+ $ldapBase = $_POST['BaseDN'];
+if (isset($_POST['User']))
+ $ldapUser = $_POST['User'];
+ $ldapUser = str_replace("\\,", "\,",$ldapUser);
+if (isset($_POST['UserPass']))
+ $ldappass = $_POST['UserPass'];
+if (isset($_POST['SearchValue']))
+ $ldapSearchValue = $_POST['SearchValue'];
+if (isset($_POST['SearchField']))
+ $ldapSearchField = $_POST['SearchField'];
+if (isset($_POST['SearchSelect']))
+ $SearchSelect = $_POST['SearchSelect'];
+if (isset($_POST['ldap_gid']))
+ $ldap_gid = $_POST['ldap_gid'];
+
+ echo '<FORM action="LDAPcheck.php" method="POST">';
+ echo '<table width="99%" cellpadding="4" cellspacing="1" border="0" align="center" class="forumline">';
+ echo '<tr><th class="thHead" colspan="2">Authentication Settings</th></tr>';
+
+ echo '<TR><TD class="row1"><B>LDAP Host Name</B> </TD><TD class="row2"><input size=40 type="text" name="ServerInfo"
value="'.$ldapServer.'"></TD></TR>';
+ echo '<TR><TD class="row1"><B>Base DN</B><br><span class="gensmall">Base DN, which will be used as start point for LDAP
directory</span> </TD><TD class="row2"><input size=60 type="text" name="BaseDN" value="'.$ldapBase.'"></TD></TR>';
+ echo '<TR><TD class="row1"><B>Proxy DN</B> (OPTIONAL)<br><span class="gensmall">Used if your LDAP server does not allow
anonymous access (I.E. Active Directory). This must be the FULL distinguished name of a user that has read access to your LDAP
server</span></TD><TD class="row2"><input size=60 type="text" name="User" value="'.$ldapUser.'"></TD></TR>';
+ echo '<TR><TD class="row1"><B>Proxy DN Password</B> (OPTIONAL)<br><span class="gensmall">This password is stored in CLEAR
text, in your Database!!! Make sure this user only has read access to LDAP and nothing else (make it a guest). And make sure
users can not get to your DB</span> </TD><TD class="row2"><input size=40 type="password" name="UserPass" value="'.$ldappass.'"></
TD></TR>';
+ echo '<tr><th class="thHead" colspan="2">Check User logon</th></tr>';
+ echo '<TR><TD class="row1"><B>LDAP User Name</B> </TD><TD class="row2"><input size=40 type="text" name="SearchValue"
value="'.$ldapSearchValue.'"></TD></TR>';
+ echo '<TR><TD class="row1"><B>LDAP User ID Field</B><br/><span class="gensmall">LDAP User ID Field, what LDAP property/
field do you want to use as your forum user names. (default = \'uid\', Active Directory = \'samaccountname\')</span> </TD><TD
class="row2"><input size=40 type="text" name="SearchField" value="'.$ldapSearchField.'"><BR>lower CASE only</TD></TR>';
+ echo '<tr>
+ <td class="row1"><B>LDAP Group Membership Field</B><br/><span class="gensmall">What LDAP property/field do you
want to use to determen that groups a user is a member of. This will be a user property. (default = \'member\', Active Directory
= \'memberof\')</span></td>
+ <td class="row2"><input class="post" type="text" maxlength="255" size="60" name="ldap_gid" value="' . $ldap_gid
. '" /></td>
+ </tr>';
+ echo '<TR><TD class="row1"><B>Search Type</B>
+ <br><span class="gensmall">
+ Use <I>User Name</I> to run the search they way it\'t run in the forum<BR>
+ Use <I>User DN</I> to see what basic Fields are avalable in your LDAP server<BR>
+ note: NOT ALL fields are shown in <I>User DN</I> check you vender documention to all all fields avalable to you.
+ </span>
+ </TD><TD class="row2"><SELECT name="SearchSelect"><OPTION ';
+ if ($SearchSelect == 1) echo 'selected';
+ echo ' value="1">User Name</OPTION><OPTION ';
+ if ($SearchSelect == 2) echo 'selected';
+ echo ' value="2">User DN</OPTION>
+ </SELECT></TD></TR>';
+ echo '<TR><TD colspan=2 class="catBottom"><P ALIGN=\'center\'><input type="submit" name="submit" value="Submit"
class="mainoption" /></P></TD></TR>';
+ echo '</TABLE></FORM>';
+
+
+ echo '<HR><CENTER><B>LDAP Auth Values Check</B><BR> PM this section to TehTarget at <A HREF="http://
www.phpbb.com">www.phpbb.com</A> if you have questions.</CENTER><HR>';
+
+ echo 'Base DN...<B>'.$ldapBase.'</B><BR> ';
+ echo 'User Name...<B>'.$ldapUser.'</B><BR> ';
+ echo 'Search Value...<B>'.$ldapSearchValue.'</B><BR> ';
+ echo 'Search Field...<B>'.$ldapSearchField.'</B><BR> ';
+ echo 'Search Mode...<B>'.$SearchSelect.'</B><BR> ';
+
+/*
+ * Setup
+ */
+
+define('LDAP_AUTH_OK', 1);
+define('LDAP_INVALID_USERNAME', 2);
+define('LDAP_INVALID_PASSWORD', 4);
+define('ALLOW_BASIC_AUTH', true);
+include('includes/functions_ldap_groups.php');
+global $board_config;
+$board_config["ldap_proxy_dn"] = $ldapUser;
+$board_config["ldap_proxy_dn_pass"] = $ldappass;
+$board_config['ldap_dn'] = $ldapBase;
+$board_config['ldap_uid'] = $ldapSearchField;
+$board_config['ldap_host'] = $ldapServer;
+$board_config['ldap_port'] = '389';
+$board_config['ldap_gid'] = $ldap_gid;
+
+echo '<pre>';
+/*
+ * try to connect to the server
+ */
+echo 'Connecting to LDAP Server... ';
+$ldapConn = ldap_connect($ldapServer);
+$aldapConn = ldap_connect($ldapServer);
+if (!$ldapConn || !$aldapConn)
+{
+ echo 'Check that the server you entered is correct and that you can connect to it';
+ die('<B>Cannot connect to LDAP directory</B><BR> ');
+}
+else
+ echo '<B>OK</B><BR> ';
+
+/*
+ * bind
+ */
+ echo 'anonymous bind to LDAP Server...';
+$aldapBind = ldap_bind($aldapConn);
+if ($aldapBind == false)
+{
+ echo('<B> Cannot anonymous Bind to LDAP server</B><BR> ');
+}
+else
+ echo '<B>OK</B><BR> ';
+
+echo 'Proxy bind to LDAP Server...';
+If ($ldapUser == '' || $ldappass == '')
+{
+ echo 'no user name or password giving, bypassing proxy bind<BR> ';
+ $ldapBind = false;
+}
+else
+{
+
+ $ldapBind = ldap_bind($ldapConn,$ldapUser,$ldappass);
+ if ($ldapBind == false)
+ {
+ echo '<B> Cannot Proxy Bind to LDAP server</B><BR> ';
+ echo ' If you can get data via anonymouse binding then you don\'t need Proxy.<BR> <BR> ';
+ echo ' If you do need proxy binding then check the following;<BR> ';
+ echo ' Check that your User Name is the Full distinguished name for you LDAP Server<BR> ';
+ echo ' and that your password is correct<BR> ';
+ }
+ else
+ echo '<B>OK</B><BR> ';
+}
+if ($ldapBind == false && $aldapBind == false)
+ die ('<CENTER><H2>CRITICAL ERROR: Could not BIND to server</H2></CENTER>');
+
+/*
+ * set the ldap options
+ */
+ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3);
+ldap_set_option($aldapConn, LDAP_OPT_PROTOCOL_VERSION, 3);
+
+/*
+ * Check that we have the correct Search Field and the other fields we need are there
+ */
+echo 'Checking User info...';
+if ($ldapSearchValue == '')
+{
+ echo '<B>Can\'t check LDAP values with out a User Name</B><BR> ';
+ die (' Please enter a Full Distinguished Name<BR> ');
+}
+else
+ echo '<B>OK</B><BR> ';
+echo 'Checking Proxy LDAP values...';
+if ($ldapBind == false)
+{
+ echo '<B>Didn\'t Bind - Bypassing</B><BR> ';
+}
+else
+{
+ $pldapSearch = ldap_read($ldapConn, $ldapUser, 'objectclass=user',$justthese);
+ $pldapResults = ldap_get_entries($ldapConn, $pldapSearch);
+ $rtnOK = true;
+ $rtnstr = ' Open User...';
+ if ($pldapSearch == false)
+ {
+ $rtnstr = $rtnstr.'<B>ERROR</B><BR> ';
+ $rtnOK = false;
+ }
+ else
+ {
+ if (!$pldapResults['count'] == 1)
+ {
+ $rtnstr = $rtnstr.'<B>ERROR</B><BR> ';
+ $rtnOK = false;
+ }
+ else
+ {
+ $rtnstr = $rtnstr.'<B>OK</B><BR> ';
+ $rtnstr = $rtnstr." User Defind - Search Field...";
+ if (isset($pldapResults[0][$ldapSearchField]))
+ $rtnstr = $rtnstr.' <B>OK</B> : '.$pldapResults[0][$ldapSearchField][0].'<BR> ';
+ else
+ $rtnstr = $rtnstr."<B>NOT FOUND</B><BR> ";
+
+ $rtnstr = $rtnstr." UID - Search Field...";
+ if (isset($pldapResults[0]['uid']))
+ $rtnstr = $rtnstr.' <B>OK</B> : '.$pldapResults[0]['uid'][0].'<BR> ';
+ else
+ $rtnstr = $rtnstr."<B>NOT FOUND</B><BR> ";
+
+ $rtnstr = $rtnstr." SamAccountname - Search Field...";
+ if (isset($pldapResults[0]['samaccountname']))
+ $rtnstr = $rtnstr.' <B>OK</B> : '.$pldapResults[0]['samaccountname'][0].'<BR> ';
+ else
+ $rtnstr = $rtnstr."<B>NOT FOUND</B><BR> ";
+
+ $rtnstr = $rtnstr." DisplayName Field...";
+ if (isset($pldapResults[0]['displayname']))
+ $rtnstr = $rtnstr.' <B>OK</B> : '.$pldapResults[0]['displayname'][0].'<BR> ';
+ else
+ $rtnstr = $rtnstr."<B>NOT FOUND</B><BR> ";
+
+ $rtnstr = $rtnstr." physical delivery office name Field...";
+ if (isset($pldapResults[0]['physicaldeliveryofficename']))
+ $rtnstr = $rtnstr.' <B>OK</B> : '.$pldapResults[0]['physicaldeliveryofficename'][0].'<BR> ';
+ else
+ $rtnstr = $rtnstr."<B>NOT FOUND</B><BR> ";
+
+ $rtnstr = $rtnstr." Mail Field...";
+ if (isset($pldapResults[0]['mail']))
+ $rtnstr = $rtnstr.' <B>OK</B> : '.$pldapResults[0]['mail'][0].'<BR>';
+ else
+ $rtnstr = $rtnstr."<B>NOT FOUND</B><BR>";
+ }
+
+ }
+
+ if (!$rtnOK)
+ echo '<B>ERROR</B><BR>'.$rtnstr;
+ else
+ echo '<B>OK</B><BR>'.$rtnstr;
+}
+$rtnstr = '';
+
+echo ' <BR>';
+echo 'Checking anonymous LDAP values...';
+if ($aldapBind == false)
+{
+ echo '<B>Didn\'t Bind - Bypassing</B><BR>';
+}
+else
+{
+ $aldapSearch = ldap_read($aldapConn, $ldapUser, 'objectclass=user', $justthese);
+ //$aldapSearch = $pldapSearch;
+ if ($aldapSearch != true)
+ {
+ $rtnOK = false;
+ $rtnstr = ' Open User...';
+ $rtnstr = $rtnstr.'<B>ERROR</B><BR>';
+ }
+ else
+ {
+ $aldapResults = ldap_get_entries($aldapConn, $aldapSearch);
+ $rtnOK = true;
+ $rtnstr = ' Open User...';
+ if ($aldapSearch == false)
+ {
+ $rtnstr = $rtnstr.'<B>ERROR</B><BR>';
+ $rtnOK = false;
+ }
+ else
+ {
+ if (!$aldapResults['count'] == 1)
+ {
+ $rtnstr = $rtnstr.'<B>ERROR</B><BR>';
+ $rtnOK = false;
+ }
+ else
+ {
+ $rtnstr = $rtnstr.'<B>OK</B><BR>';
+ $rtnstr = $rtnstr." User Defind - Search Field...";
+ if (isset($aldapResults[0][$ldapSearchField]))
+ $rtnstr = $rtnstr.' <B>OK</B> : '.$aldapResults[0][$ldapSearchField][0].'<BR>';
+ else
+ $rtnstr = $rtnstr."<B>NOT FOUND</B><BR>";
+
+ $rtnstr = $rtnstr." UID - Search Field...";
+ if (isset($aldapResults[0]['uid']))
+ $rtnstr = $rtnstr.' <B>OK</B> : '.$aldapResults[0]['uid'][0].'<BR>';
+ else
+ $rtnstr = $rtnstr."<B>NOT FOUND</B><BR>";
+
+ $rtnstr = $rtnstr." SamAccountname - Search Field...";
+ if (isset($aldapResults[0]['samaccountname']))
+ $rtnstr = $rtnstr.' <B>OK</B> : '.$aldapResults[0]['samaccountname'][0].'<BR>';
+ else
+ $rtnstr = $rtnstr."<B>NOT FOUND</B><BR>";
+
+ $rtnstr = $rtnstr." DisplayName Field...";
+ if (isset($aldapResults[0]['displayname']))
+ $rtnstr = $rtnstr.' <B>OK</B> : '.$aldapResults[0]['displayname'][0].'<BR>';
+ else
+ $rtnstr = $rtnstr."<B>NOT FOUND</B><BR>";
+
+ $rtnstr = $rtnstr." physical delivery office name Field...";
+ if (isset($aldapResults[0]['physicaldeliveryofficename']))
+ $rtnstr = $rtnstr.' <B>OK</B> : '.$aldapResults[0]['physicaldeliveryofficename'][0].'<BR>';
+ else
+ $rtnstr = $rtnstr."<B>NOT FOUND</B><BR>";
+
+ $rtnstr = $rtnstr." Mail Field...";
+ if (isset($aldapResults[0]['mail']))
+ $rtnstr = $rtnstr.' <B>OK</B> : '.$aldapResults[0]['mail'][0].'<BR>';
+ else
+ $rtnstr = $rtnstr."<B>NOT FOUND</B><BR>";
+ }
+ }
+ }
+
+ if (!$rtnOK)
+ echo $rtnstr;
+ //echo '<B>ERROR</B><BR>'.$rtnstr;
+ else
+ echo '<B>OK</B><BR>'.$rtnstr;
+}
+
+ echo ' <BR><B>NOTE:</B> Some values maybe good, but say <B>NOT FOUND </B>if the user you entered does not have them set.
<BR>See if they are set in the next section.<BR>';
+
+/*
+ * search the LDAP server
+ */
+//$ldapSearch = ldap_search($ldapConn, $ldapBase, $ldapSearch . '=' . $ldapSearchValue, $justthese);
+if ($SearchSelect == 2)
+ $ldapSearch = ldap_search($ldapConn, $ldapBase, 'distinguishedname='.$ldapUser);
+else
+ $ldapSearch = ldap_search($ldapConn, $ldapBase, $ldapSearchField . '=' . $ldapSearchValue);
+If ($ldapSearch == false)
+{
+ die('Search Faild');
+}
+
+echo "".$ldapSearch."";
+$ldapResults = ldap_get_entries($ldapConn, $ldapSearch);
+echo $ldapResults["count"]." entries returned";
+
+
+echo '<HR><CENTER><B>ALL Data Returned</B><BR>Data from LDAP search, if empty then search failed. <BR> And your forum is not
going to work.</CENTER><HR>';
+
+for ($item = 0; $item < $ldapResults['count']; $item++)
+{
+ echo $ldapResults[$item]['dn']."\n";
+ for ($attribute = 0; $attribute < $ldapResults[$item]['count']; $attribute++)
+ {
+ $data = $ldapResults[$item][$attribute];
+ //echo $data." ".$ldapResults[$item][$data][0]."";
+ echo " --------------$data--------------------\n";
+ for ($detail = 0; $detail < $ldapResults[$item][$data]['count']; $detail++)
+ {
+ if ($data == 'objectsid' | $data == 'objectguid')
+ {
+ $entry = ldap_first_entry($ldapConn, $ldapSearch);
+ $value = ldap_get_values_len($ldapConn, $entry, $data);
+ echo (" ".$value[0])." Len = ".strlen($value[0])."\n";
+ }
+ else
+ {
+ $called = $ldapResults[$item][$data][$detail];
+ echo " ".$called."\n";
+ }
+ }
+ }
+ echo "=====================================================================================\n";
+if ($SearchSelect != 2)
+{
+ echo " LDAP Group this user is apart of\n";
+ echo "=====================================================================================\n";
+$ldapGroup = new ldapGroups();
+$ldapGroup->ldap_members_set($ldapSearchValue);
+
+ // Go thought the list of groups that they are members of in LDAP
+ foreach($ldapGroup->ldapMembers as $value)
+ {
+ echo " ". $value."\n";
+ }
+}
+}
+echo '</pre>';
+// ----------------------------------------------------
+// ldap_connect_ex()
+//
+// Connects to LDAP on specifing port, if it was configured
+// using Authentication Settings in Control Panel
+// ----------------------------------------------------
+function ldap_connect_ex() {
+ global $board_config;
+
+ if ($board_config['ldap_port'] != '') {
+ $connection = ldap_connect($board_config['ldap_host'], $board_config['ldap_port']);
+ if (!$connection && $board_config['ldap_host2'] != '')
+ {
+ //Unable to connect the host 1, try host 2
+ $connection = ldap_connect($board_config['ldap_host2'], $board_config['ldap_port2']);
+ }
+ }
+ else {
+ $connection = ldap_connect($board_config['ldap_host']);
+ if (!$connection && $board_config['ldap_host2'] != '')
+ {
+ //Unable to connect the host 1, try host 2
+ $connection = ldap_connect($board_config['ldap_host2']);
+ }
+ }
+ return $connection;
+}
+
+function message_die($msg_code, $msg_text = '', $msg_title = '', $err_line = '', $err_file = '', $sql = '')
+{
+ echo '<HR>ERROR: ' . $msg_text . '<BR> line: ' . $err_line . '<BR> File: ' . $err_file . '<HR>';
+}
+class ldapraw {
+ var $rawData;
+ var $conn;
+ var $srchRslt;
+
+ function ldap_get_values_raw()
+ {
+ // will use ldap_get_values_len() instead and build the array
+ // note: it's similar with the array returned by
+ // ldap_get_entries() except it has no "count" elements
+ $i=0;
+ $entry = ldap_first_entry($this->conn, $this->srchRslt);
+ do {
+ $attributes = ldap_get_attributes($this->conn, $entry);
+ for($j=0; $j<$attributes['count']; $j++) {
+ $values = ldap_get_values_len($this->conn, $entry,$attributes[$j]);
+ $this->rawData[$i][$attributes[$j]] = $values;
+ }
+ $i++;
+ }
+ while ($entry = ldap_next_entry($this->conn, $entry));
+ //we're done
+ return ($this->rawData);
+ }
+}
+
+?>
+
+</BODY>
\ В конце файла нет новой строки
diff -Naur ./login.php ../phpBBLDAP/login.php
--- ./login.php 2006-11-08 10:34:08.000000000 +0000
+++ ../phpBBLDAP/login.php 2006-11-08 01:23:28.000000000 +0000
@@ -54,10 +54,13 @@
{
if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && (!$userdata['session_logged_in'] ||
isset($HTTP_POST_VARS['admin'])) )
{
+ if (ntlm_check())
+ $username = ntlm_get_user();
+ else
$username = isset($HTTP_POST_VARS['username']) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
$password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : '';

- $sql = "SELECT user_id, username, user_password, user_active, user_level, user_login_tries, user_last_login_try
+ $sql = "SELECT user_id, username, user_password, user_active, user_level, user_type, user_login_tries,
user_last_login_try
FROM " . USERS_TABLE . "
WHERE username = '" . str_replace("\\'", "''", $username) . "'";
if ( !($result = $db->sql_query($sql)) )
@@ -65,7 +68,24 @@
message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql);
}

- if( $row = $db->sql_fetchrow($result) )
+ $row = $db->sql_fetchrow($result);
+ if ( $board_config['auth_mode'] == 'ldap' && $row['user_type'] !== User_Type_phpBB) {
+ $ldap_auth_result = ldap_auth($username, $password);
+ }
+ else {
+ $ldap_auth_result = false;
+ }
+
+ if ( $row == false && $board_config['auth_mode'] == 'ldap' && $ldap_auth_result == LDAP_AUTH_OK ) {
+ add_ldap_user($username);
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql);
+ }
+ $row = $db->sql_fetchrow($result);
+ }
+
+ if( $row )
{
if( $row['user_level'] != ADMIN && $board_config['board_disable'] )
{
@@ -87,8 +107,11 @@
message_die(GENERAL_MESSAGE, sprintf($lang['Login_attempts_exceeded'],
$board_config['max_login_attempts'], $board_config['login_reset_time']));
}

- if( md5($password) == $row['user_password'] && $row['user_active'] )
+ if(( (($row['user_type'] == User_Type_Both || $row['user_type'] == User_Type_LDAP) && ($ldap_auth_result
== LDAP_AUTH_OK || ($ldap_auth_result == LDAP_INVALID_USERNAME && md5($password) == $row['user_password']))) ||
(md5($password) == $row['user_password'] && (($board_config['auth_mode'] == 'phpbb' && $row['user_type'] == User_Type_Both) ||
$row['user_type'] == User_Type_phpBB))) && $row['user_active'] )
{
+ if ($board_config['auth_mode'] == 'ldap' && $ldap_auth_result == LDAP_AUTH_OK &&
$board_config['ldap_group_sync'] == 1) {
+ ldapUpdateGroups($username);
+ }
$autologin = ( isset($HTTP_POST_VARS['autologin']) ) ? TRUE : 0;

                $admin = \(isset\($HTTP\_POST\_VARS\['admin'\]\)\) ? 1 : 0;

@@ -177,6 +200,8 @@
}
else
{
+ if (ntlm_check())
+ message_die(GENERAL_MESSAGE, "You have been logged out <BR><BR> Click <A HREF=login.$phpEx>Here</A> to login
again. <BR><BR>Click <A HREF=index.$phpEx>Here</A> to return the the forum index.");
redirect(append_sid("index.$phpEx", true));
}
}
@@ -262,4 +287,4 @@

}

-?>
\ В конце файла нет новой строки
+?>
diff -Naur ./NTLMcheck.php ../phpBBLDAP/NTLMcheck.php
--- ./NTLMcheck.php 1970-01-01 00:00:00.000000000 +0000
+++ ../phpBBLDAP/NTLMcheck.php 2004-04-28 11:04:40.000000000 +0000
@@ -0,0 +1,57 @@
+<?php
+
+echo "<PRE>";
+echo "--------------------\n";
+echo " NTLM Auth Check\n";
+echo "--------------------\n\n";
+echo "NTLM Type: " . $_SERVER['AUTH_TYPE'] . "\n";
+if (ntlm_check())
+{
+ echo "NTLM Auth detect: OK\n";
+ echo "NTLM User: ";
+ $ntlm_user = $_SERVER['REMOTE_USER'];
+ $Username = ntlm_get_user();
+ if (strpos($ntlm_user,"\\") > 0 && strlen($Username) > 0)
+ echo "OK";
+
+ else
+ echo "FAIL";
+ echo " ( " . $ntlm_user . " ) " . $Username . "\n";
+}
+else
+{
+ echo "NTLM Auth detect: FAIL\n";
+}
+
+echo "NTLM Check DONE.\n";
+echo "</pre>";
+
+function ntlm_check() {
+ global $board_config;
+ if (isset($_SERVER['AUTH_TYPE']) && ($_SERVER['AUTH_TYPE'] == 'NTLM' || $_SERVER['AUTH_TYPE'] == 'Negotiate'))
+ {
+ return true;
+ }
+ else {
+ return false;
+ }
+}
+
+function ntlm_get_user() {
+ if (ntlm_check())
+ {
+ $ntlm_user = $_SERVER['REMOTE_USER'];
+ $strloc = strpos($ntlm_user,"\\");
+ $strloc++;
+ $strloc++;
+ if ($strloc > 2)
+ $username = substr($ntlm_user,$strloc);
+ else
+ $username = false;
+ return $username;
+ }
+ else
+ return false;
+}
+
+?>
\ В конце файла нет новой строки
diff -Naur ./search.php ../phpBBLDAP/search.php
--- ./search.php 2006-11-08 10:34:08.000000000 +0000
+++ ../phpBBLDAP/search.php 2006-11-08 01:23:55.000000000 +0000
@@ -21,6 +21,8 @@
***************************************************************************/

define('IN_PHPBB', true);
+if (isset($_GET['mode']) && $_GET['mode']=='searchuser')
+ define('IN_SEARCHUSER', true);
$phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
@@ -1430,4 +1432,4 @@

include($phpbb_root_path . 'includes/page_tail.'.$phpEx);

-?>
\ В конце файла нет новой строки
+?>
diff -Naur ./templates/subSilver/admin/board_config_body.tpl ../phpBBLDAP/templates/subSilver/admin/board_config_body.tpl
--- ./templates/subSilver/admin/board_config_body.tpl 2006-11-08 10:34:07.000000000 +0000
+++ ../phpBBLDAP/templates/subSilver/admin/board_config_body.tpl 2006-11-08 02:05:01.000000000 +0000
@@ -108,6 +108,82 @@
<td class="row2"><input type="radio" name="prune_enable" value="1" {PRUNE_YES} /> {L_YES}&nbsp;&nbsp;<input
type="radio" name="prune_enable" value="0" {PRUNE_NO} /> {L_NO}</td>
</tr>
<tr>
+ <th class="thHead" colspan="2">{L_AUTH_SETTINGS}</th>
+ </tr>
+ <tr>
+ <td class="row1">{L_DISABLE_GUEST}</td>
+ <td class="row2"><input type="radio" name="disable_guest" value="1" {DISABLE_GUEST_YES} /> {L_YES}&nbsp;&nbsp;<input
type="radio" name="disable_guest" value="0" {DISABLE_GUEST_NO} /> {L_NO}</td>
+ </tr>
+ <tr>
+ <td class="row1">{L_AUTH_MODE}</td>
+ <td class="row2">{AUTH_MODE_SELECT}</td>
+ </tr>
+ <tr>
+ <td class="row1">{L_LDAP_HOST}</td>
+ <td class="row2"><input class="post" type="text" maxlength="255" size="40" name="ldap_host" value="{LDAP_HOST}" /></
td>
+ </tr>
+ <tr>
+ <td class="row1">{L_LDAP_PORT}</td>
+ <td class="row2"><input class="post" type="text" maxlength="5" size="5" name="ldap_port" value="{LDAP_PORT}" /></td>
+ </tr>
+ <tr>
+ <td class="row1">{L_LDAP_HOST2}</td>
+ <td class="row2"><input class="post" type="text" maxlength="255" size="40" name="ldap_host2" value="{LDAP_HOST2}" /></
td>
+ </tr>
+ <tr>
+ <td class="row1">{L_LDAP_PORT2}</td>
+ <td class="row2"><input class="post" type="text" maxlength="5" size="5" name="ldap_port2" value="{LDAP_PORT2}" /></td>
+ </tr>
+ <tr>
+ <td class="row1">{L_LDAP_DN}<br><span class="gensmall">{L_LDAP_DN_EXPLAIN}</span></td>
+ <td class="row2"><input class="post" type="text" maxlength="255" size="60" name="ldap_dn" value="{LDAP_DN}" /></td>
+ </tr>
+ <tr>
+ <td class="row1">{L_LDAP_UID}<br/><span class="gensmall">{L_LDAP_UID_EXPLAIN}</span></td>
+ <td class="row2"><input class="post" type="text" maxlength="255" size="60" name="ldap_uid" value="{LDAP_UID}" /></td>
+ </tr>
+ <tr>
+ <td class="row1">{L_LDAP_GROUP_SYNC}</td>
+ <td class="row2"><input type="radio" name="ldap_group_sync" value="1" {ENABLE_LDAP_GROUP_SYNC_YES} />
{L_YES}&nbsp;&nbsp;<input type="radio" name="ldap_group_sync" value="0" {ENABLE_LDAP_GROUP_SYNC_NO} /> {L_NO}</td>
+ </tr>
+ <tr>
+ <td class="row1">{L_LDAP_GID}<br/><span class="gensmall">{L_LDAP_GID_EXPLAIN}</span></td>
+ <td class="row2"><input class="post" type="text" maxlength="255" size="60" name="ldap_gid" value="{LDAP_GID}" /></td>
+ </tr>
+ <tr>
+ <td class="row1">{L_LDAP_EMAIL}</td>
+ <td class="row2"><input class="post" type="text" maxlength="255" size="25" name="ldap_email" value="{LDAP_EMAIL}" /></
td>
+ </tr>
+ <tr>
+ <td class="row1">{L_LDAP_WEB}</td>
+ <td class="row2"><input class="post" type="text" maxlength="255" size="25" name="ldap_web" value="{LDAP_WEB}" /></td>
+ </tr>
+ <tr>
+ <td class="row1">{L_LDAP_LOCATION}</td>
+ <td class="row2"><input class="post" type="text" maxlength="255" size="25" name="ldap_location"
value="{LDAP_LOCATION}" /></td>
+ </tr>
+ <tr>
+ <td class="row1">{L_LDAP_OCCUPATION}</td>
+ <td class="row2"><input class="post" type="text" maxlength="255" size="25" name="ldap_occupation"
value="{LDAP_OCCUPATION}" /></td>
+ </tr>
+ <tr>
+ <td class="row1">{L_LDAP_SIGNATURE}</td>
+ <td class="row2"><input class="post" type="text" maxlength="255" size="25" name="ldap_signature"
value="{LDAP_SIGNATURE}" /></td>
+ </tr>
+ <tr>
+ <td class="row1">{L_LDAP_PROXY_DN}<br><span class="gensmall">{L_LDAP_PROXY_DN_EXPLAIN}</span></td>
+ <td class="row2"><input class="post" type="text" maxlength="255" size="60" name="ldap_proxy_dn"
value="{LDAP_PROXY_DN}" /></td>
+ </tr>
+ <tr>
+ <td class="row1">{L_LDAP_PROXY_DN_PASS}<br><span class="gensmall">{L_LDAP_PROXY_DN_PASS_EXPLAIN}</span></td>
+ <td class="row2"><input class="post" type="password" maxlength="255" size="60" name="ldap_proxy_dn_pass"
value="{LDAP_PROXY_DN_PASS}" /></td>
+ </tr>
+ <tr>
+ <td class="row1">{L_LDAP_START_TLS}</td>
+ <td class="row2"><input type="radio" name="ldap_start_tls" value="1" {TLS_YES} /> {L_YES}&nbsp;&nbsp;<input
type="radio" name="ldap_start_tls" value="0" {TLS_NO} /> {L_NO}</td>
+ </tr>
+
+ <tr>
<th class="thHead" colspan="2">{L_COOKIE_SETTINGS}</th>
</tr>
<tr>
diff -Naur ./templates/subSilver/admin/group_edit_body.tpl ../phpBBLDAP/templates/subSilver/admin/group_edit_body.tpl
--- ./templates/subSilver/admin/group_edit_body.tpl 2006-11-08 10:34:07.000000000 +0000
+++ ../phpBBLDAP/templates/subSilver/admin/group_edit_body.tpl 2006-11-08 02:00:37.000000000 +0000
@@ -31,6 +31,12 @@
<input type="radio" name="group_type" value="{S_GROUP_OPEN_TYPE}" {S_GROUP_OPEN_CHECKED} />
{L_GROUP_OPEN} &nbsp;&nbsp;<input type="radio" name="group_type" value="{S_GROUP_CLOSED_TYPE}" {S_GROUP_CLOSED_CHECKED} />
{L_GROUP_CLOSED} &nbsp;&nbsp;<input type="radio" name="group_type" value="{S_GROUP_HIDDEN_TYPE}" {S_GROUP_HIDDEN_CHECKED} />
{L_GROUP_HIDDEN}</td>
</tr>
<!-- BEGIN group_edit -->
+ <tr>
+ <td class="row1" width="38%"><span class="gen">{L_GROUP_LDAP_UPDATE}:</span></td>
+ <td class="row2" width="62%">
+ <input type="checkbox" name="group_ldap_update" value="1" {S_GROUP_LDAP_UPDATE}>
+ {L_YES}</td>
+ </tr>
<tr>
<td class="row1" width="38%"><span class="gen">{L_DELETE_MODERATOR}</span>
<br />
diff -Naur ./templates/subSilver/admin/user_edit_body.tpl ../phpBBLDAP/templates/subSilver/admin/user_edit_body.tpl
--- ./templates/subSilver/admin/user_edit_body.tpl 2006-11-08 10:34:07.000000000 +0000
+++ ../phpBBLDAP/templates/subSilver/admin/user_edit_body.tpl 2006-11-08 02:01:28.000000000 +0000
@@ -24,6 +24,13 @@
<input class="post" type="text" name="email" size="35" maxlength="255" value="{EMAIL}" />
</td>
</tr>
+ <tr>
+ <td class="row1"><span class="gen">{L_USER_TYPE}: *</span><br />
+ <span class="gensmall">{L_USER_TYPE_EXPLAIN}</span></td>
+ <td class="row2">
+ {USER_TYPE_SELECT}
+ </td>
+ </tr>
<tr>
<td class="row1"><span class="gen">{L_NEW_PASSWORD}: *</span><br />
<span class="gensmall">{L_PASSWORD_IF_CHANGED}</span></td>
diff -Naur ./templates/subSilver/overall_header.tpl ../phpBBLDAP/templates/subSilver/overall_header.tpl
--- ./templates/subSilver/overall_header.tpl 2006-11-08 10:34:08.000000000 +0000
+++ ../phpBBLDAP/templates/subSilver/overall_header.tpl 2006-11-08 01:51:17.000000000 +0000
@@ -234,8 +234,10 @@
<tr>
<td align="center" valign="top" nowrap="nowrap"><span class="mainmenu">&nbsp;<a
href="{U_FAQ}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_faq.gif" width="12" height="13" border="0"
alt="{L_FAQ}" hspace="3" />{L_FAQ}</a>&nbsp; &nbsp;<a href="{U_SEARCH}" class="mainmenu"><img src="templates/subSilver/images/
icon_mini_search.gif" width="12" height="13" border="0" alt="{L_SEARCH}" hspace="3" />{L_SEARCH}</a>&nbsp; &nbsp;<a
href="{U_MEMBERLIST}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_members.gif" width="12" height="13"
border="0" alt="{L_MEMBERLIST}" hspace="3" />{L_MEMBERLIST}</a>&nbsp; &nbsp;<a href="{U_GROUP_CP}" class="mainmenu"><img
src="templates/subSilver/images/icon_mini_groups.gif" width="12" height="13" border="0" alt="{L_USERGROUPS}" hspace="3" /
>{L_USERGROUPS}</a>&nbsp;
<!-- BEGIN switch_user_logged_out -->
+ <!--
&nbsp;<a href="{U_REGISTER}" class="mainmenu"><img src="templates/subSilver/images/
icon_mini_register.gif" width="12" height="13" border="0" alt="{L_REGISTER}" hspace="3" />{L_REGISTER}</a>&nbsp;
<!-- END switch_user_logged_out -->
+ -->
</span></td>
</tr>
<tr>
diff -Naur ./templates/subSilver/profile_add_body.tpl ../phpBBLDAP/templates/subSilver/profile_add_body.tpl
--- ./templates/subSilver/profile_add_body.tpl 2006-11-08 10:34:08.000000000 +0000
+++ ../phpBBLDAP/templates/subSilver/profile_add_body.tpl 2006-11-08 01:57:32.000000000 +0000
@@ -10,30 +10,30 @@
</table>

<table border="0" cellpadding="3" cellspacing="1" width="100%" class="forumline">
- <tr>
- <th class="thHead" colspan="2" height="25" valign="middle">{L_REGISTRATION_INFO}</th>
+ <tr {HIDELDAPVALUES}>
+ <th class="thHead" colspan="2" height="25" valign="middle">{L_REGISTRATION_INFO}</th>
</tr>
- <tr>
+ <tr {HIDELDAPVALUES}>
<td class="row2" colspan="2"><span class="gensmall">{L_ITEMS_REQUIRED}</span></td>
</tr>
<!-- BEGIN switch_namechange_disallowed -->
- <tr>
+ <tr {HIDELDAPVALUES}>
<td class="row1" width="38%"><span class="gen">{L_USERNAME}: *</span></td>
- <td class="row2"><input type="hidden" name="username" value="{USERNAME}" /><span class="gen"><b>{USERNAME}</b></
span></td>
+ <td class="row2"><input type="hidden" name="username" value="{USERNAME}" /><span class="gen"><b>{USERNAME}</b></
span></td>
</tr>
<!-- END switch_namechange_disallowed -->
<!-- BEGIN switch_namechange_allowed -->
- <tr>
+ <tr {HIDELDAPVALUES}>
<td class="row1" width="38%"><span class="gen">{L_USERNAME}: *</span></td>
<td class="row2"><input type="text" class="post" style="width:200px" name="username" size="25" maxlength="25"
value="{USERNAME}" /></td>
</tr>
<!-- END switch_namechange_allowed -->
- <tr>
+ <tr {HIDELDAPVALUES}>
<td class="row1"><span class="gen">{L_EMAIL_ADDRESS}: *</span></td>
<td class="row2"><input type="text" class="post" style="width:200px" name="email" size="25" maxlength="255"
value="{EMAIL}" /></td>
</tr>
<!-- BEGIN switch_edit_profile -->
- <tr>
+ <tr {HIDELDAPVALUES}>
<td class="row1"><span class="gen">{L_CURRENT_PASSWORD}: *</span><br />
<span class="gensmall">{L_CONFIRM_PASSWORD_EXPLAIN}</span></td>
<td class="row2">
@@ -41,29 +41,31 @@
</td>
</tr>
<!-- END switch_edit_profile -->
- <tr>
+ <tr {HIDELDAPVALUES}>
<td class="row1"><span class="gen">{L_NEW_PASSWORD}: *</span><br />
<span class="gensmall">{L_PASSWORD_IF_CHANGED}</span></td>
<td class="row2">
<input type="password" class="post" style="width: 200px" name="new_password" size="25" maxlength="32"
value="{NEW_PASSWORD}" />
</td>
</tr>
- <tr>
- <td class="row1"><span class="gen">{L_CONFIRM_PASSWORD}: * </span><br />
- <span class="gensmall">{L_PASSWORD_CONFIRM_IF_CHANGED}</span></td>
- <td class="row2">
- <input type="password" class="post" style="width: 200px" name="password_confirm" size="25" maxlength="32"
value="{PASSWORD_CONFIRM}" />
- </td>
+
+ <tr {HIDELDAPVALUES}>
+ <td class="row1"><span class="gen">{L_CONFIRM_PASSWORD}: * </span><br />
+ <span class="gensmall">{L_PASSWORD_CONFIRM_IF_CHANGED}</span></td>
+ <td class="row2">
+ <input type="password" class="post" style="width: 200px" name="password_confirm" size="25" maxlength="32"
value="{PASSWORD_CONFIRM}" />
+ </td>
</tr>
<!-- Visual Confirmation -->
<!-- BEGIN switch_confirm -->
- <tr>
+ <tr {HIDELDAPVALUES}>
<td class="row1" colspan="2" align="center"><span class="gensmall">{L_CONFIRM_CODE_IMPAIRED}</span><br /><br /
>{CONFIRM_IMG}<br /><br /></td>
</tr>
- <tr>
- <td class="row1"><span class="gen">{L_CONFIRM_CODE}: * </span><br /><span class="gensmall">{L_CONFIRM_CODE_EXPLAIN}</
span></td>
- <td class="row2"><input type="text" class="post" style="width: 200px" name="confirm_code" size="6" maxlength="6" value=""
/></td>
+ <tr {HIDELDAPVALUES}>
+ <td class="row1"><span class="gen">{L_CONFIRM_CODE}: * </span><br /><span class="gensmall">{L_CONFIRM_CODE_EXPLAIN}</
span></td>
+ <td class="row2"><input type="text" class="post" style="width: 200px" name="confirm_code" size="6" maxlength="6"
value="" /></td>
</tr>
+
<!-- END switch_confirm -->
<tr>
<td class="catSides" colspan="2" height="28">&nbsp;</td>
@@ -98,19 +100,19 @@
<input type="text" class="post" style="width: 150px" name="yim" size="20" maxlength="255" value="{YIM}" />
</td>
</tr>
- <tr>
+ <tr {HIDELDAPWEB}>
<td class="row1"><span class="gen">{L_WEBSITE}:</span></td>
<td class="row2">
<input type="text" class="post" style="width: 200px" name="website" size="25" maxlength="255" value="{WEBSITE}" />
</td>
</tr>
- <tr>
+ <tr {HIDELDAPWEB}>
<td class="row1"><span class="gen">{L_LOCATION}:</span></td>
<td class="row2">
<input type="text" class="post" style="width: 200px" name="location" size="25" maxlength="100" value="{LOCATION}" />
</td>
</tr>
- <tr>
+ <tr {HIDELDAPWEB}>
<td class="row1"><span class="gen">{L_OCCUPATION}:</span></td>
<td class="row2">
<input type="text" class="post" style="width: 200px" name="occupation" size="25" maxlength="100"
value="{OCCUPATION}" />
@@ -122,7 +124,7 @@
<input type="text" class="post" style="width: 200px" name="interests" size="35" maxlength="150" value="{INTERESTS}" /
>
</td>
</tr>
- <tr>
+ <tr {HIDELDAPWEB}>
<td class="row1"><span class="gen">{L_SIGNATURE}:</span><br /><span class="gensmall">{L_SIGNATURE_EXPLAIN}<br /><br /
>{HTML_STATUS}<br />{BBCODE_STATUS}<br />{SMILIES_STATUS}</span></td>
<td class="row2">
<textarea name="signature" style="width: 300px" rows="6" cols="30" class="post">{SIGNATURE}</textarea>