Révision 32700c57
Ajouté par Assos Assos il y a environ 5 ans
drupal7/sites/all/modules/ldap/ldap_servers/ldap_servers.settings.inc | ||
---|---|---|
2 | 2 |
|
3 | 3 |
/** |
4 | 4 |
* @file |
5 |
* admin interface for general ldap api settings |
|
6 |
* |
|
5 |
* Admin interface for general ldap api settings. |
|
7 | 6 |
*/ |
8 | 7 |
|
8 |
/** |
|
9 |
* |
|
10 |
*/ |
|
9 | 11 |
function ldap_servers_settings() { |
10 | 12 |
ldap_servers_module_load_include('inc', 'ldap_servers', 'ldap_servers.functions'); |
11 | 13 |
|
12 |
if (! ldap_servers_ldap_extension_loaded()) {
|
|
14 |
if (!ldap_servers_ldap_extension_loaded()) { |
|
13 | 15 |
drupal_set_message(t('PHP LDAP Extension is not loaded.'), "warning"); |
14 | 16 |
} |
15 | 17 |
|
16 | 18 |
$form['#title'] = "Configure LDAP Preferences"; |
17 | 19 |
|
20 |
$options = ldap_servers_encrypt_types(); |
|
18 | 21 |
|
19 |
$options = ldap_servers_encrypt_types('encrypt'); |
|
20 |
|
|
21 |
/** when this is changed, need to decrypt and possibly encrypt pwd in newly selected format |
|
22 |
/** when this is changed, need to decrypt and possibly encrypt pwd in newly selected format |
|
22 | 23 |
* ... thus default needs to be "No Encryption" to avoid confusion. |
23 | 24 |
*/ |
24 | 25 |
|
25 |
$form['previous_encryption'] = array('#type' => 'hidden', '#default_value' => variable_get('ldap_servers_encryption', LDAP_SERVERS_ENC_TYPE_CLEARTEXT));
|
|
26 |
$form['encryption'] = array('#type' => 'fieldset', '#title' => t('Encryption'));
|
|
27 |
$form['encryption']['ldap_servers_encryption'] = array(
|
|
26 |
$form['previous_encryption'] = ['#type' => 'hidden', '#default_value' => variable_get('ldap_servers_encryption', LDAP_SERVERS_ENC_TYPE_CLEARTEXT)];
|
|
27 |
$form['encryption'] = ['#type' => 'fieldset', '#title' => t('Encryption')];
|
|
28 |
$form['encryption']['ldap_servers_encryption'] = [
|
|
28 | 29 |
'#type' => 'select', |
29 | 30 |
'#options' => $options, |
30 |
'#title' => t('Encrypt Stored LDAP Passwords?'),
|
|
31 |
'#title' => t('Obfuscate LDAP Passwords?'),
|
|
31 | 32 |
'#default_value' => variable_get('ldap_servers_encryption', LDAP_SERVERS_ENC_TYPE_CLEARTEXT), |
32 |
'#description' => t('With encryption, passwords will be stored in encrypted form. |
|
33 |
This is two way encryption because the actual password needs to used to bind to LDAP. |
|
34 |
So it offers minimal defense if someone gets in the filespace. It mainly helps avoid the accidental |
|
35 |
discovery of a clear text password.'), |
|
36 |
); |
|
33 |
'#description' => t('With obfuscation enabled, passwords will be stored in encrypted form and decrypted with the site hash.'), |
|
34 |
]; |
|
37 | 35 |
|
38 |
|
|
39 |
// $options will be empty if server does not support mcrypt. |
|
40 | 36 |
// Disable the form field and explain this to the user. |
41 |
if (empty($options)) { |
|
42 |
$form['encryption']['ldap_servers_encryption']['#options'] = array(LDAP_SERVERS_ENC_TYPE_CLEARTEXT => t('Not available.')); |
|
37 |
if (count($options) == 1) { |
|
43 | 38 |
$form['encryption']['ldap_servers_encryption']['#disabled'] = TRUE; |
44 |
$form['encryption']['ldap_servers_encryption']['#description'] .= ' <strong>' . t('Encryption is not supported on this web server.') . '</strong>';
|
|
39 |
$form['encryption']['ldap_servers_encryption']['#description'] = ' <strong>' . t('Obfuscation is not supported on this web server.') . '</strong>';
|
|
45 | 40 |
} |
46 | 41 |
|
47 | 42 |
$form = system_settings_form($form); |
48 |
array_unshift($form['#submit'], 'ldap_servers_settings_submit'); // needs to be first |
|
43 |
// Needs to be first. |
|
44 |
array_unshift($form['#submit'], 'ldap_servers_settings_submit'); |
|
49 | 45 |
return $form; |
50 | 46 |
} |
51 | 47 |
|
48 |
/** |
|
49 |
* |
|
50 |
*/ |
|
52 | 51 |
function ldap_servers_settings_submit($form, &$form_state) { |
53 | 52 |
if ($form_state['submitted']) { |
54 | 53 |
$new_encyption = $form_state['values']['ldap_servers_encryption']; |
55 | 54 |
$old_encyption = $form_state['values']['previous_encryption']; |
56 | 55 |
|
57 |
// use db instead of functions to avoid classes encryption and decryption
|
|
56 |
// Use db instead of functions to avoid classes encryption and decryption.
|
|
58 | 57 |
if ($new_encyption != $old_encyption) { |
59 | 58 |
$servers = db_query("SELECT sid, bindpw FROM {ldap_servers} WHERE bindpw is not NULL AND bindpw <> ''")->fetchAllAssoc('sid'); |
60 | 59 |
foreach ($servers as $sid => $server) { |
... | ... | |
65 | 64 |
else { |
66 | 65 |
$rencrypted = ''; |
67 | 66 |
} |
68 |
db_query("UPDATE {ldap_servers} SET bindpw = :bindpw WHERE sid = :sid", array(':bindpw' => $rencrypted, ':sid' => $sid));
|
|
67 |
db_query("UPDATE {ldap_servers} SET bindpw = :bindpw WHERE sid = :sid", [':bindpw' => $rencrypted, ':sid' => $sid]);
|
|
69 | 68 |
} |
70 | 69 |
} |
71 | 70 |
} |
Formats disponibles : Unified diff
Weekly update of contrib modules