diff options
Diffstat (limited to 'sync.php')
-rwxr-xr-x | sync.php | 85 |
1 files changed, 85 insertions, 0 deletions
diff --git a/sync.php b/sync.php new file mode 100755 index 0000000..c65a1d5 --- /dev/null +++ b/sync.php @@ -0,0 +1,85 @@ +#!/usr/bin/env php +<?php + +// include required stuff from phpBB +define('IN_PHPBB', true); +define('IN_CRON', true); +$phpbb_root_path = '/var/www/localhost/htdocs/phpBB/'; +$phpEx = substr(strrchr(__FILE__, '.'), 1); +include($phpbb_root_path . 'common.' . $phpEx); +include($phpbb_root_path . 'includes/functions_user.' . $phpEx); +include($phpbb_root_path . 'includes/auth/auth_ldap.' . $phpEx); +init_ldap(); + +// config +$dry_run = in_array('--dryrun', $argv) || in_array('-n', $argv); +$verbose = in_array('--verbose', $argv) || in_array('-v', $argv); + +/** + * Check if a given username exist in the ldap tree. Uses the configured ldap settings + * and simply returns true or false. If an error occures this function will exit this + * script. + */ +function check_ldap($username) { + global $config; + + $config['ldap_port'] = (int) $config['ldap_port']; + if ($config['ldap_port']) { + $ldap = ldap_connect($config['ldap_server'], $config['ldap_port']); + } + else { + $ldap = ldap_connect($config['ldap_server']); + } + + if (!$ldap) { + print("Could not connect to LDAP server: '${config['ldap_server']}'\n"); + exit; + } + + @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); + @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); + + if ($config['ldap_user'] || $config['ldap_password']) { + if (!ldap_bind($ldap, htmlspecialchars_decode($config['ldap_user']), + htmlspecialchars_decode($config['ldap_password']))) { + print("LDAP bind failed for user: '${config['ldap_user']}'.\n"); + exit; + } + } + + $search = ldap_search($ldap, htmlspecialchars_decode($config['ldap_base_dn']), + ldap_user_filter($username), array(htmlspecialchars_decode($config['ldap_uid'])), + 0, 1); + if ($search === false) { + print("LDAP search failed.\n"); + exit; + } + + $ldap_results = ldap_get_entries($ldap, $search); + return ($ldap_results['count'] == 1) ? true : false; +} + +$sql = 'SELECT user_id, username + FROM ' . USERS_TABLE . ' + WHERE user_password = "*LDAP*"'; +$result = $db->sql_query($sql); + +while ($user_row = $db->sql_fetchrow($result)) { + if (!check_ldap($user_row['username'])) { + if ($dryrun) { + print("${user_row['username']} would be deleted.\n"); + } + else { + print("${user_row['username']} deleted.\n"); + // user_delete('retain', $user_row['user_id'], $user_row['username']); + } + } + else { + if ($verbose) { + print("${user_row['username']} ok\n"); + } + } +} + +$db->sql_freeresult($result); +?> |