Created
June 23, 2011 16:03
-
-
Save kylesm/1042859 to your computer and use it in GitHub Desktop.
Diff for a hack to add LDAP support to the open source bookmark sharing app Scuttle. Tested with version 0.7.2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff -urN scuttle-0.7.2/config.inc.php.example scuttle-0.7.2-patched/config.inc.php.example | |
| --- scuttle-0.7.2/config.inc.php.example 2008-04-11 16:25:36.000000000 -0400 | |
| +++ scuttle-0.7.2-patched/config.inc.php.example 2008-04-22 21:19:43.000000000 -0400 | |
| @@ -116,5 +116,8 @@ | |
| ); | |
| $reservedusers = array('all', 'watchlist'); | |
| +$use_ldap = false; | |
| +$ldap_host = 'ldap.foo.com'; | |
| + | |
| include_once('debug.inc.php'); | |
| ?> | |
| diff -urN scuttle-0.7.2/register.php scuttle-0.7.2-patched/register.php | |
| --- scuttle-0.7.2/register.php 2008-04-11 16:25:36.000000000 -0400 | |
| +++ scuttle-0.7.2-patched/register.php 2008-04-11 17:42:44.000000000 -0400 | |
| @@ -29,8 +29,8 @@ | |
| $posteduser = trim(utf8_strtolower($_POST['username'])); | |
| // Check if form is incomplete | |
| - if (!($posteduser) || !($_POST['password']) || !($_POST['email'])) { | |
| - $tplVars['error'] = T_('You <em>must</em> enter a username, password and e-mail address.'); | |
| + if (!($posteduser) || !($_POST['password'])) { | |
| + $tplVars['error'] = T_('You <em>must</em> enter a username and password.'); | |
| // Check if username is reserved | |
| } elseif ($userservice->isReserved($posteduser)) { | |
| @@ -40,12 +40,8 @@ | |
| } elseif ($userservice->getUserByUsername($posteduser)) { | |
| $tplVars['error'] = T_('This username already exists, please make another choice.'); | |
| - // Check if e-mail address is valid | |
| - } elseif (!$userservice->isValidEmail($_POST['email'])) { | |
| - $tplVars['error'] = T_('E-mail address is not valid. Please try again.'); | |
| - | |
| // Register details | |
| - } elseif ($userservice->addUser($posteduser, $_POST['password'], $_POST['email'])) { | |
| + } elseif ($userservice->addUser($posteduser, $_POST['password'], "$posteduser@foo.com")) { | |
| // Log in with new username | |
| $login = $userservice->login($posteduser, $_POST['password']); | |
| if ($login) { | |
| diff -urN scuttle-0.7.2/services/userservice.php scuttle-0.7.2-patched/services/userservice.php | |
| --- scuttle-0.7.2/services/userservice.php 2008-04-11 16:25:36.000000000 -0400 | |
| +++ scuttle-0.7.2-patched/services/userservice.php 2008-04-23 10:16:12.000000000 -0400 | |
| @@ -146,12 +146,23 @@ | |
| } | |
| function login($username, $password, $remember = FALSE) { | |
| - $password = $this->sanitisePassword($password); | |
| - $query = 'SELECT '. $this->getFieldName('primary') .' FROM '. $this->getTableName() .' WHERE '. $this->getFieldName('username') .' = "'. $this->db->sql_escape($username) .'" AND '. $this->getFieldName('password') .' = "'. $this->db->sql_escape($password) .'"'; | |
| - | |
| + if (! $GLOBALS['use_ldap']) { | |
| + $password = $this->sanitisePassword($password); | |
| + $query = 'SELECT ' . $this->getFieldName('primary') . | |
| + ' FROM ' . $this->getTableName() . | |
| + ' WHERE ' . $this->getFieldName('username') .' = "'. $this->db->sql_escape($username) . | |
| + '" AND ' . $this->getFieldName('password') . ' = "' . $password . '"'; | |
| + } else { | |
| + if (! ($this->_ldapLogin($username, $password)) ) { | |
| + return false; | |
| + } | |
| + | |
| + $query = 'SELECT '. $this->getFieldName('primary') .' FROM '. $this->getTableName() .' WHERE '. $this->getFieldName('username') .' = "'. $this->db->sql_escape($username) .'"'; | |
| + } | |
| + | |
| if (! ($dbresult =& $this->db->sql_query($query)) ) { | |
| - message_die(GENERAL_ERROR, 'Could not get user', '', __LINE__, __FILE__, $query, $this->db); | |
| - return false; | |
| + message_die(GENERAL_ERROR, 'Error accessing Scuttle database', '', __LINE__, __FILE__, $query, $this->db); | |
| + return false; | |
| } | |
| if ($row =& $this->db->sql_fetchrow($dbresult)) { | |
| @@ -165,6 +176,21 @@ | |
| return false; | |
| } | |
| } | |
| + | |
| + function _ldapLogin($username, $password) { | |
| + $bind_user = $username . "@foo.com"; | |
| + | |
| + if ($ldap_conn = @ldap_connect($GLOBALS['ldap_host'])) { | |
| + if (@ldap_bind($ldap_conn, $bind_user, $password)) { | |
| + ldap_unbind($ldap_conn); | |
| + return true; | |
| + } | |
| + } else { | |
| + message_die(GENERAL_ERROR, 'Unable to connect to LDAP server.', '', __LINE__, __FILE__, NULL, NULL); | |
| + } | |
| + | |
| + return false; | |
| + } | |
| function logout() { | |
| @setcookie($this->cookiekey, NULL, time() - 1); | |
| diff -urN scuttle-0.7.2/templates/register.tpl.php scuttle-0.7.2-patched/templates/register.tpl.php | |
| --- scuttle-0.7.2/templates/register.tpl.php 2008-04-11 16:25:36.000000000 -0400 | |
| +++ scuttle-0.7.2-patched/templates/register.tpl.php 2008-04-11 18:11:16.000000000 -0400 | |
| @@ -10,6 +10,8 @@ | |
| <p><?php echo sprintf(T_('Sign up here to create a free %s account. All the information requested below is required'), $GLOBALS['sitename']); ?>.</p> | |
| +<p><strong>Note:</strong> Enter your LDAP credentials below. For username, enter the first part of your email address (e.g. johndoe if your email address is johndoe@foo.com).</p> | |
| + | |
| <form action="<?php echo $formaction; ?>" method="post"> | |
| <table> | |
| <tr> | |
| @@ -23,11 +25,6 @@ | |
| <td></td> | |
| </tr> | |
| <tr> | |
| - <th align="left"><label for="email"><?php echo T_('E-mail'); ?></label></th> | |
| - <td><input type="text" id="email" name="email" size="40" class="required" /></td> | |
| - <td></td> | |
| -</tr> | |
| -<tr> | |
| <td></td> | |
| <td><input type="submit" name="submitted" value="<?php echo T_('Register'); ?>" /></td> | |
| <td></td> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment