www/dbq/dbq.php

diff --git a/lib/php/nb.php b/lib/php/nb.php
index 127d65c47487b989fbd6732b78a034b2d5880f05..33f012f23834bb79b98c9d11d951bc2d2cf502d7 100644 (file)
--- a/lib/php/nb.php
+++ b/lib/php/nb.php
@@ -1065,24 +1065,22 @@ class NB {
   }
 
   public static function ldap_search($o=[]) {
-               $base = '127.0.0.1';
+               $host = '127.0.0.1';
                if (preg_match('/^.*?([^\.]+\.[^\.]+)$/',$_SERVER['HTTP_HOST'],$m)) {
-                       $base = $m[1];
+                       $host = 'ldap.'.$m[1];
                }
+               if (!isset($o['host'])) $o['host'] = $host;
+               if (!isset($o['base_dn'])) $o['base_dn'] = 'dc=' . str_replace('.',',dc=',preg_replace('/^ldap[^.]*./','',$host));
 
                if (!isset($o['user'])) $o['user'] = $_SERVER['PHP_AUTH_USER'];
 
                if (!isset($o['password'])) $o['password'] = $_SERVER['PHP_AUTH_PW'];
 
-               if (!isset($o['host'])) $o['host'] = "ldap.$base";
-
-               if (!isset($o['base_dn'])) $o['base_dn'] = 'dc=' . str_replace('.',',dc=',$base);
-
                $o['bind_dn_preff'] = isset($o['bind_dn_preff']) ? ','.$o['bind_dn_preff'].',' : '';
 
                if (!isset($o['bind_dn'])) $o['bind_dn'] = 'cn=' . $o['user'] . $o['bind_dn_preff'] . $o['base_dn'];
 
-               if (empty($o['filter'])) $o['filter'] = "(cn=".$o['user'].")";
+               if (empty($o['filter'])) $o['filter'] = "(&(userpassword=*)(cn=".$o['user']."))";
                if (empty($o['attrs'])) $o['attrs'] = [];
 
                #return [$o];

diff --git a/www/dbq/dbq.php b/www/dbq/dbq.php
index 16abac39f2c26679ab8c69fed59e5cc64bfee3e3..5be7fd433468bab3ad5a62674e699ec494c70ac0 100644 (file)
--- a/www/dbq/dbq.php
+++ b/www/dbq/dbq.php
@@ -90,6 +90,14 @@ class DbQ extends nb {
                // Init
                $this->uri_init();
 
+               if (!empty($_SERVER['DBQ_ENVS'])) {
+                       foreach(explode(' ',trim($_SERVER['DBQ_ENVS'])) as $e) {
+                               list($env,$val) = explode('=',trim($e));
+                               #debug([$env,$val]);
+                               $_SERVER['DBQ_'.strtoupper($env)] = $val;
+                       }
+               }
+
                // Envs -> var
                foreach ([
                        'perm',
@@ -1001,7 +1009,8 @@ EOF;
                } elseif ($action == 'ldap') {
                        #debug($this->params);
                        $rows = $this->ldap_search([
-                               'bind_dn_preff' => 'ou=auth',
+                               'bind_dn_preff' => (!empty($_SERVER['DBQ_LDAP_BIND_DN_PREFF']) ? 'ou='.$_SERVER['DBQ_LDAP_BIND_DN_PREFF'] : 'ou=auth'),
+                               #'bind_dn' => 'ou=auth',
                                'filter' => ($this->params['table'] ? $this->params['table'] : ''),
                                'attrs' => ($this->params['action'] ? explode(',',$this->params['action']) : []),
                        ]);

diff --git a/www/dbq/etc/nginx.conf b/www/dbq/etc/nginx.conf
index 002c55bd90bc43b44da14099d5e0f5e068ed23d7..4cf2402ecec9fffd003ae3183fa8cfa34f97040b 100644 (file)
--- a/www/dbq/etc/nginx.conf
+++ b/www/dbq/etc/nginx.conf
@@ -43,6 +43,10 @@ location ~ /index\.php$ {
        if ($DBQ_CONF_FILE = "") { set $DBQ_CONF_FILE $document_root/../../../etc/dbq/000-local.php; }
        fastcgi_param DBQ_CONF_FILE $DBQ_CONF_FILE;
        fastcgi_param DBQ_PERM $DBQ_PERM;
+
        if ($DBQ_PROD = "") { set $DBQ_PROD ""; }
        fastcgi_param PRODUCTION $DBQ_PROD;
+
+       if ($DBQ_ENVS = "") { set $DBQ_ENVS ""; }
+       fastcgi_param DBQ_ENVS $DBQ_ENVS;
 }