Révision 32700c57
Ajouté par Assos Assos il y a environ 5 ans
| drupal7/sites/all/modules/ldap/ldap_servers/ldap_servers.settings.inc | ||
|---|---|---|
| 2 | 2 |
|
| 3 | 3 |
/** |
| 4 | 4 |
* @file |
| 5 |
* admin interface for general ldap api settings |
|
| 6 |
* |
|
| 5 |
* Admin interface for general ldap api settings. |
|
| 7 | 6 |
*/ |
| 8 | 7 |
|
| 8 |
/** |
|
| 9 |
* |
|
| 10 |
*/ |
|
| 9 | 11 |
function ldap_servers_settings() {
|
| 10 | 12 |
ldap_servers_module_load_include('inc', 'ldap_servers', 'ldap_servers.functions');
|
| 11 | 13 |
|
| 12 |
if (! ldap_servers_ldap_extension_loaded()) {
|
|
| 14 |
if (!ldap_servers_ldap_extension_loaded()) {
|
|
| 13 | 15 |
drupal_set_message(t('PHP LDAP Extension is not loaded.'), "warning");
|
| 14 | 16 |
} |
| 15 | 17 |
|
| 16 | 18 |
$form['#title'] = "Configure LDAP Preferences"; |
| 17 | 19 |
|
| 20 |
$options = ldap_servers_encrypt_types(); |
|
| 18 | 21 |
|
| 19 |
$options = ldap_servers_encrypt_types('encrypt');
|
|
| 20 |
|
|
| 21 |
/** when this is changed, need to decrypt and possibly encrypt pwd in newly selected format |
|
| 22 |
/** when this is changed, need to decrypt and possibly encrypt pwd in newly selected format |
|
| 22 | 23 |
* ... thus default needs to be "No Encryption" to avoid confusion. |
| 23 | 24 |
*/ |
| 24 | 25 |
|
| 25 |
$form['previous_encryption'] = array('#type' => 'hidden', '#default_value' => variable_get('ldap_servers_encryption', LDAP_SERVERS_ENC_TYPE_CLEARTEXT));
|
|
| 26 |
$form['encryption'] = array('#type' => 'fieldset', '#title' => t('Encryption'));
|
|
| 27 |
$form['encryption']['ldap_servers_encryption'] = array(
|
|
| 26 |
$form['previous_encryption'] = ['#type' => 'hidden', '#default_value' => variable_get('ldap_servers_encryption', LDAP_SERVERS_ENC_TYPE_CLEARTEXT)];
|
|
| 27 |
$form['encryption'] = ['#type' => 'fieldset', '#title' => t('Encryption')];
|
|
| 28 |
$form['encryption']['ldap_servers_encryption'] = [
|
|
| 28 | 29 |
'#type' => 'select', |
| 29 | 30 |
'#options' => $options, |
| 30 |
'#title' => t('Encrypt Stored LDAP Passwords?'),
|
|
| 31 |
'#title' => t('Obfuscate LDAP Passwords?'),
|
|
| 31 | 32 |
'#default_value' => variable_get('ldap_servers_encryption', LDAP_SERVERS_ENC_TYPE_CLEARTEXT),
|
| 32 |
'#description' => t('With encryption, passwords will be stored in encrypted form.
|
|
| 33 |
This is two way encryption because the actual password needs to used to bind to LDAP. |
|
| 34 |
So it offers minimal defense if someone gets in the filespace. It mainly helps avoid the accidental |
|
| 35 |
discovery of a clear text password.'), |
|
| 36 |
); |
|
| 33 |
'#description' => t('With obfuscation enabled, passwords will be stored in encrypted form and decrypted with the site hash.'),
|
|
| 34 |
]; |
|
| 37 | 35 |
|
| 38 |
|
|
| 39 |
// $options will be empty if server does not support mcrypt. |
|
| 40 | 36 |
// Disable the form field and explain this to the user. |
| 41 |
if (empty($options)) {
|
|
| 42 |
$form['encryption']['ldap_servers_encryption']['#options'] = array(LDAP_SERVERS_ENC_TYPE_CLEARTEXT => t('Not available.'));
|
|
| 37 |
if (count($options) == 1) {
|
|
| 43 | 38 |
$form['encryption']['ldap_servers_encryption']['#disabled'] = TRUE; |
| 44 |
$form['encryption']['ldap_servers_encryption']['#description'] .= ' <strong>' . t('Encryption is not supported on this web server.') . '</strong>';
|
|
| 39 |
$form['encryption']['ldap_servers_encryption']['#description'] = ' <strong>' . t('Obfuscation is not supported on this web server.') . '</strong>';
|
|
| 45 | 40 |
} |
| 46 | 41 |
|
| 47 | 42 |
$form = system_settings_form($form); |
| 48 |
array_unshift($form['#submit'], 'ldap_servers_settings_submit'); // needs to be first |
|
| 43 |
// Needs to be first. |
|
| 44 |
array_unshift($form['#submit'], 'ldap_servers_settings_submit'); |
|
| 49 | 45 |
return $form; |
| 50 | 46 |
} |
| 51 | 47 |
|
| 48 |
/** |
|
| 49 |
* |
|
| 50 |
*/ |
|
| 52 | 51 |
function ldap_servers_settings_submit($form, &$form_state) {
|
| 53 | 52 |
if ($form_state['submitted']) {
|
| 54 | 53 |
$new_encyption = $form_state['values']['ldap_servers_encryption']; |
| 55 | 54 |
$old_encyption = $form_state['values']['previous_encryption']; |
| 56 | 55 |
|
| 57 |
// use db instead of functions to avoid classes encryption and decryption
|
|
| 56 |
// Use db instead of functions to avoid classes encryption and decryption.
|
|
| 58 | 57 |
if ($new_encyption != $old_encyption) {
|
| 59 | 58 |
$servers = db_query("SELECT sid, bindpw FROM {ldap_servers} WHERE bindpw is not NULL AND bindpw <> ''")->fetchAllAssoc('sid');
|
| 60 | 59 |
foreach ($servers as $sid => $server) {
|
| ... | ... | |
| 65 | 64 |
else {
|
| 66 | 65 |
$rencrypted = ''; |
| 67 | 66 |
} |
| 68 |
db_query("UPDATE {ldap_servers} SET bindpw = :bindpw WHERE sid = :sid", array(':bindpw' => $rencrypted, ':sid' => $sid));
|
|
| 67 |
db_query("UPDATE {ldap_servers} SET bindpw = :bindpw WHERE sid = :sid", [':bindpw' => $rencrypted, ':sid' => $sid]);
|
|
| 69 | 68 |
} |
| 70 | 69 |
} |
| 71 | 70 |
} |
Formats disponibles : Unified diff
Weekly update of contrib modules