+ }
+ $sr = ldap_search($ds, "dc=cs,dc=curs,dc=pub,dc=ro", "(uid=" . $username . ")");
+ if (ldap_count_entries($ds, $sr) > 1)
+ die("Multiple entries with the same uid in LDAP database??");
+ if (ldap_count_entries($ds, $sr) < 1) {
+ ldap_close($ds);
+ return FALSE;
+ }
+
+ $info = ldap_get_entries($ds, $sr);
+ $dn = $info[0]["dn"];
+ ldap_close($ds);
+
+ // Second connection: connect with user's credentials.
+ $ds = ldap_connect($this->config->item('ldap_server')) or die("Can't connect to ldap server\n");
+ if (!@ldap_bind($ds, $dn, $password) or $password == '') {
+ ldap_close($ds);
+ return FALSE;
+ }
+
+ // Verifify if DN belongs to the requested OU.
+ $info[0]['ou_ok'] = $this->ldap_dn_belongs_ou( $dn, $this->config->item('ldap_req_ou') );
+
+ // Set authentication source.
+ $info[0]['auth_src'] = 'ldap_first_time';
+
+ return $info[0];
+ }
+
+ /**
+ * Verify if a user belongs to a group.
+ *
+ * @param string $dn = "ou=Student,ou=People..."
+ * @param array $ou = array ("Student", etc
+ * @return TRUE or FALSE
+ * @author Răzvan Herișanu, Răzvan Deaconescu, Călin-Andrei Burloiu
+ */
+ public function ldap_dn_belongs_ou($dn, $ou)
+ {
+ if (!is_array($ou))
+ $ou = array ($ou);
+
+ $founded = FALSE;
+ $words = explode(',', $dn);
+ foreach ($words as $c) {
+ $parts = explode("=", $c);
+ $key = $parts[0];
+ $value = $parts[1];
+
+ if (strtolower($key) == "ou" && in_array($value, $ou) )
+ $founded = TRUE;
+ }
+ return $founded;