it is a reply item. Add a comment for that in conf/sql.attrmap.
* Change the way radius attributes are read from the sql database. The change should make things somewhat
faster. Create a reverse mapping from radius attributes to dialup_admin attributes.
* Add a configuration directive called ldap_use_http_credentials. If it is set to yes then we try to
connect to the ldap server with the username/password given in http authentication, not those contained
in admin.conf. That way multiple admins with different permissions on the ldap tree can work on a single
dialup_admin.
* With the same logic we allow for multiple buttons html pages. We now create a folder html/buttons which
by default contains a folder default. If the user logs in with http authentication then we try
to open the file html/buttons/<username>/buttons.html.php3. If we can't we open
html/buttons/default/buttons.html.php3. That way we can create muiltiple views of say the online users
page based on which admin requests the page.
-Ver 1.56:
+Ver 1.60:
* Small html fixes in user_edit.php3 and password.php3
* Show number of failed logins in the last 7 days in the user admin page
* Show date in the user/server test page
after the user tables. As a result user values should in general overwrite default values.
* Add support for the default_user_profile of the sql module in lib/sql/defaults.php3
* In sql.attrmap User-Password should map to User-Password, not Password
+* If an sql attribute is not contained in sql, assume that it has the same name as in dialup_admin and that
+ it is a reply item. Add a comment for that in conf/sql.attrmap.
+* Change the way radius attributes are read from the sql database. The change should make things somewhat
+ faster. Create a reverse mapping from radius attributes to dialup_admin attributes.
+* Add a configuration directive called ldap_use_http_credentials. If it is set to yes then we try to
+ connect to the ldap server with the username/password given in http authentication, not those contained
+ in admin.conf. That way multiple admins with different permissions on the ldap tree can work on a single
+ dialup_admin.
+* With the same logic we allow for multiple buttons html pages. We now create a folder html/buttons which
+ by default contains a folder default. If the user logs in with http authentication then we try
+ to open the file html/buttons/<username>/buttons.html.php3. If we can't we open
+ html/buttons/default/buttons.html.php3. That way we can create muiltiple views of say the online users
+ page based on which admin requests the page.
Ver 1.55:
* Update the FAQ about missing attributes from the user/group edit pages and add a few comments
in the configuration files
ldap_default_new_entry_suffix: ou=dialup,ou=guests,%{ldap_base}
ldap_default_dn: uid=default-dialup,%{ldap_base}
ldap_regular_profile_attr: dialupregularprofile
+#
+# If set to yes then the HTTP credentials (http authentication)
+# will be used to bind to the ldap server instead of ldap_binddn
+# and ldap_bindpw. That way multiple admins with different rights
+# on the ldap database can connect through one dialup_admin interface.
+# The ldap_binddn and ldap_bindpw are still needed to find the DN
+# to bind with (http authentication will only provide us with a
+# username). As a result the ldap_binddn should be able to do a search
+# with a filter of (uid=<username>). Normally, the anonymous (empty DN)
+# user can do that.
+#ldap_use_http_credentials: yes
#
# can be one of mysql,pg where:
# A mapping between the attributes used by dialup_admin and the attribute
# names that will be stored in the SQL database
#
+# Attributes that are not contained in this file are assumed to be reply
+# items and map to the same name as the one used by dialup_admin
+#
# Format:
# checkItem|replyItem Attribute-In-Dialup-Admin Attribute-In-SQL
#
--- /dev/null
+<?php
+$auth_user = $HTTP_SERVER_VARS["PHP_AUTH_USER"];
+if ($auth_user){
+ if (is_file("../html/buttons/$auth_user/buttons.html.php3"))
+ include("../html/buttons/$auth_user/buttons.html.php3");
+ else{
+ if (is_file("../html/buttons/default/buttons.html.php3"))
+ include("../html/buttons/default/buttons.html.php3");
+ }
+}
+else{
+ if (is_file("../html/buttons/default/buttons.html.php3"))
+ include("../html/buttons/default/buttons.html.php3");
+}
+?>
dialup administration</title>
</head>
<frameset cols="122,*" border="0" frameborder="0" framespacing="0">
- <frame name="buttons" src="buttons.html" marginwidth="8"
+ <frame name="buttons" src="buttons.php3" marginwidth="8"
marginheight="8" noresize >
<frame name="content" src="content.html" marginwidth="8"
marginheight="8" >
<tr><td align=center>
<img src="images/logo2.gif" vspace=2>
</td></tr>
+<?php
+if ($HTTP_SERVER_VARS["PHP_AUTH_USER"])
+ echo "<tr valign=top><td align=center><b>Logged in as " . $HTTP_SERVER_VARS["PHP_AUTH_USER"] . "...</b><br><br></td></tr>\n";
+?>
<tr bgcolor="black" valign=top><td>
<table border=0 width=100% cellpadding=2 cellspacing=0>
<tr bgcolor="#907030" align=center valign=top><th>
<?php
-require('../lib/functions.php3');
+require_once('../lib/ldap/functions.php3');
$ds = @ldap_connect($config[ldap_server]);
if ($ds){
- $r = @ldap_bind($ds,"$config[ldap_binddn]",$config[ldap_bindpw]);
+ $r = @da_ldap_bind($ds,$config);
if ($r){
foreach($show_attrs as $key => $attr){
<?php
+require_once('../lib/ldap/functions.php3');
$ds = @ldap_connect($config[ldap_server]);
if ($ds){
- $r = @ldap_bind($ds,"$config[ldap_binddn]",$config[ldap_bindpw]);
+ $r = @da_ldap_bind($ds,$config);
if ($r){
if ($Fcn != '' && $Fcn != '-' && $Fcn != $cn)
$mod['cn'] = $Fcn;
<?php
+require_once('../lib/ldap/functions.php3');
$ds = @ldap_connect($config[ldap_server]);
if ($ds){
- $r = @ldap_bind($ds,"$config[ldap_binddn]",$config[ldap_bindpw]);
+ $r = @da_ldap_bind($ds,$config);
if ($r){
if (is_file("../lib/crypt/$config[general_encryption_method].php3")){
include("../lib/crypt/$config[general_encryption_method].php3");
<?php
+require_once('../lib/ldap/functions.php3');
$ds = @ldap_connect($config[ldap_server]);
if ($ds){
- $r = @ldap_bind($ds,"$config[ldap_binddn]",$config[ldap_bindpw]);
+ $r = @da_ldap_bind($ds,$config);
if ($r){
list ($givenname,$sn) = split(' ',$Fcn,3);
$dn = 'uid=' . $login . ',' . $config[ldap_default_new_entry_suffix];
<?php
+require_once('../lib/ldap/functions.php3');
if ($config[ldap_default_dn] != ''){
include('../lib/ldap/attrmap.php3');
$regular_profile_attr = $config[ldap_regular_profile_attr];
$ds=@ldap_connect("$config[ldap_server]"); // must be a valid ldap server!
if ($ds) {
- $r=@ldap_bind($ds,"$config[ldap_binddn]",$config[ldap_bindpw]);
+ $r=@da_ldap_bind($ds,$config);
$sr=@ldap_search($ds,"$config[ldap_default_dn]", 'objectclass=*');
if ($info = @ldap_get_entries($ds, $sr)){
$dn = $info[0]['dn'];
<?php
+require_once('../lib/ldap/functions.php3');
$ds = @ldap_connect($config[ldap_server]);
if ($ds){
- $r = @ldap_bind($ds,"$config[ldap_binddn]",$config[ldap_bindpw]);
+ $r = @da_ldap_bind($ds,$config);
if ($r){
@ldap_delete($ds,$dn);
if (@ldap_error($ds) == 'Success')
<?php
+require_once('../lib/ldap/functions.php3');
$ds=@ldap_connect("$config[ldap_server]"); // must be a valid ldap server!
if ($ds) {
- $r=@ldap_bind($ds,"$config[ldap_binddn]",$config[ldap_bindpw]);
+ $r=@da_ldap_bind($ds,$config);
if ($search_IN == 'name' || $search_IN == 'ou')
$attr = ($search_IN == 'name') ? 'cn' : 'ou';
else if ($search_IN == 'radius'){
<?php
+function da_ldap_bind($ds,$config)
+{
+ if ($ds){
+ if ($config[ldap_use_http_credentials] == 'yes'){
+ global $HTTP_SERVER_VARS;
+ $din = $HTTP_SERVER_VARS["PHP_AUTH_USER"];
+ $pass = $HTTP_SERVER_VARS["PHP_AUTH_PW"];
+ }
+ if ($config[ldap_use_http_credentials] != 'yes' ||
+ ($din == '' && $pass == '')){
+ $din = $config[ldap_binddn];
+ $pass = $config[ldap_bindpw];
+ }
+ if (preg_match('/[\s,]/',$din)) // It looks like a dn
+ return @ldap_bind($ds,$din,$pass);
+ else{ // It's not a DN. Find a corresponding DN
+ $r=@ldap_bind($ds,"$config[ldap_binddn]",$config[ldap_bindpw]);
+ if ($r){
+ $sr=@ldap_search($ds,"$config[ldap_base]", 'uid=' . $din);
+ $info = @ldap_get_entries($ds, $sr);
+ $din = $info[0]['dn'];
+ if ($din != '')
+ return @ldap_bind($ds,$din,$pass);
+ }
+ }
+ }
+}
+
function connect2db($config)
{
$ds=@ldap_connect("$config[ldap_server]"); // must be a valid ldap server!
if ($ds)
- $r=@ldap_bind($ds,"$config[ldap_binddn]",$config[ldap_bindpw]);
+ $r=@da_ldap_bind($ds,$config);
return $ds;
}
<?php
-require('password.php3');
if ($action == 'checkpass'){
$ds=@ldap_connect("$config[ldap_server]"); // must be a valid ldap server!
<?php
require('../lib/ldap/attrmap.php3');
+require_once('../lib/ldap/functions.php3');
if (is_file("../lib/lang/$config[general_prefered_lang]/utf8.php3"))
include_once("../lib/lang/$config[general_prefered_lang]/utf8.php3");
else
$ds=@ldap_connect("$config[ldap_server]"); // must be a valid ldap server!
if ($ds) {
- $r=@ldap_bind($ds,"$config[ldap_binddn]",$config[ldap_bindpw]);
+ $r=@da_ldap_bind($ds,$config);
$sr=@ldap_search($ds,"$config[ldap_base]", 'uid=' . $login);
$info = @ldap_get_entries($ds, $sr);
$dn = $info[0]['dn'];
continue;
list($type,$key,$v)=split('[[:space:]]+',$val);
$attrmap["$key"]=$v;
+ $rev_attrmap["$v"] = $key;
$attr_type["$key"]=$type;
}
foreach($show_attrs as $key => $desc){
if ($attrmap["$key"] == 'none')
continue;
+ if ($attrmap["$key"] == ''){
+ $attrmap["$key"] = $key;
+ $attr_type["key"] = 'replyItem';
+ $rev_attrmap["$key"] = $key;
+ }
$i = 0;
$j = -1;
$name = $attrmap["$key"] . $i;
foreach($show_attrs as $key => $attr){
if ($attrmap["$key"] == 'none')
continue;
- if ($attr_type[$key] == 'checkItem'){
+ if ($attrmap["$key"] == ''){
+ $attrmap["$key"] = $key;
+ $attr_type["$key"] = 'replyItem';
+ $rev_attrmap["$key"] = $key;
+ }
+ if ($attr_type["$key"] == 'checkItem'){
$table = "$config[sql_groupcheck_table]";
$type = 1;
}
- else if ($attr_type[$key] == 'replyItem'){
+ else if ($attr_type["$key"] == 'replyItem'){
$table = "$config[sql_groupreply_table]";
$type = 2;
}
foreach($show_attrs as $key => $attr){
if ($attrmap["$key"] == 'none')
continue;
- if ($attr_type[$key] == 'checkItem'){
+ if ($attrmap["$key"] == ''){
+ $attrmap["$key"] = $key;
+ $attr_type["$key"] = 'replyItem';
+ $rev_attrmap["$key"] = $key;
+ }
+ if ($attr_type["$key"] == 'checkItem'){
$table = "$config[sql_check_table]";
$type = 1;
}
- else if ($attr_type[$key] == 'replyItem'){
+ else if ($attr_type["$key"] == 'replyItem'){
$table = "$config[sql_reply_table]";
$type = 2;
}
}
else
echo "<b>Database query failed: " . da_sql_error($link,$config) . "</b><br>\n";
- foreach($attrmap as $key => $val){
- if (isset($tmp[$val])){
+ if (isset($tmp)){
+ foreach(array_keys($tmp) as $val){
+ if ($val == '')
+ continue;
+ $key = $rev_attrmap["$val"];
+ if ($key == ''){
+ $key = $val;
+ $attrmap["$key"] = $val;
+ $attr_type["$key"] = 'replyItem';
+ $rev_attrmap["$val"] = $key;
+ }
if (isset($default_vals["$key"]) && $overwrite_defaults){
if ($use_op)
$default_vals["$key"][operator] = $tmp["$val"][operator];
}
else if ($search_IN == 'radius' && $radius_attr != ''){
require("../lib/sql/attrmap.php3");
+ if ($attrmap["$radius_attr"] == ''){
+ $attrmap["$radius_attr"] = $radius_attr;
+ $attr_type["$radius_attr"] = 'replyItem';
+ }
$table = ($attr_type[$radius_attr] == 'checkItem') ? $config[sql_check_table] : $config[sql_reply_table];
$attr = $attrmap[$radius_attr];
$res = @da_sql_query($link,$config,
}
else
echo "<b>Database query failed partially: " . da_sql_error($link,$config) . "</b><br>\n";
- foreach($attrmap as $key => $val){
- if (isset($tmp[$val])){
+ if (isset($tmp)){
+ foreach(array_keys($tmp) as $val){
+ if ($val == '')
+ continue;
+ $key = $rev_attrmap["$val"];
+ if ($key == ''){
+ $key = $val;
+ $attrmap["$key"] = $val;
+ $attr_type["$key"] = 'replyItem';
+ $rev_attrmap["$val"] = $key;
+ }
$item_vals["$key"] = $tmp[$val];
$item_vals["$key"][count] = $tmp[$val][count];
if ($use_op)
$item_vals["$key"][operator] = $tmp[$val][operator];
-
}
}
}
else
echo "<b>Database query failed partially: " . da_sql_error($link,$config) . "</b><br>\n";
- foreach($attrmap as $key => $val){
- if (isset($tmp[$val])){
+ if (isset($tmp)){
+ foreach(array_keys($tmp) as $val){
+ if ($val == '')
+ continue;
+ $key = $rev_attrmap["$val"];
+ if ($key == ''){
+ $key = $val;
+ $attrmap["$key"] = $val;
+ $attr_type["$key"] = 'replyItem';
+ $rev_attrmap["$val"] = $key;
+ }
$item_vals["$key"] = $tmp[$val];
$item_vals["$key"][count] = $tmp[$val][count];
if ($use_op)
$item_vals["$key"][operator] = $tmp[$val][operator];
-
}
}
projects / freeradius-dialup-admin.git / commitdiff