From b1058da8a5940e4bb19b417cd7a5e97429f863b4 Mon Sep 17 00:00:00 2001
From: Roland Gruber <post@rolandgruber.de>
Date: Wed, 19 Mar 2003 18:39:09 +0000
Subject: [PATCH] ldap is now correctly (de)serialized username and password
 are not encrypted at the moment

---
 lam/lib/ldap.php         | 42 +++++++++++++++++++++++++++++++++++++++-
 lam/templates/logout.php | 12 +++++++++++-
 2 files changed, 52 insertions(+), 2 deletions(-)

diff --git a/lam/lib/ldap.php b/lam/lib/ldap.php
index b49aeee9..d4284923 100644
--- a/lam/lib/ldap.php
+++ b/lam/lib/ldap.php
@@ -35,6 +35,10 @@ class Ldap{
   // server handle
   var $server;
 
+  // LDAP username and password used for bind
+  var $username;
+  var $password;
+  
   // constructor
   // $config has to be an object of Config (../config/config.php)
   function Ldap($config) {
@@ -98,6 +102,8 @@ class Ldap{
       echo _("No username was specified!");
       exit;
     }
+	// save password und username encrypted
+	$this->encrypt($user, $passwd);
     if ($this->conf->get_SSL() == "True") $this->server = @ldap_connect("ldaps://" . $this->conf->get_Host(), $this->conf->get_Port());
     else $this->server = @ldap_connect("ldap://" . $this->conf->get_Host(), $this->conf->get_Port());
     if ($this->server) {
@@ -143,7 +149,41 @@ class Ldap{
   function server() {
     return $this->server;
   }
-	
+  
+  // closes connection to LDAP server before serialization
+  function __sleep() {
+  	$this->close();
+	return array("conf", "server", "username", "password");
+  }
+  
+  // reconnects to LDAP server when deserialized
+  function __wakeup() {
+  	$data = $this->decrypt();
+  	$this->connect($data[0], $data[1]);
+  }
+  
+  // encrypts username and password
+  // TODO: implement encryption algorithm
+  function encrypt($username, $password) {
+	$this->username = $username;
+	$this->password = $password;
+  }
+
+  // decrypts username and password
+  // TODO: implement encryption algorithm
+  function decrypt() {
+  	$ret = array($this->username, $this->password);
+	return $ret;
+  }
+  
+  // closes connection to LDAP server and deletes encrypted username/password
+  function destroy() {
+  	$this->close();
+	$this->username="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
+	$this->password="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
+	// TODO: delete encryption key
+  }
+
 }
 
 
diff --git a/lam/templates/logout.php b/lam/templates/logout.php
index 5a8fc4e5..4b89a863 100644
--- a/lam/templates/logout.php
+++ b/lam/templates/logout.php
@@ -23,12 +23,22 @@ $Id$
   
 */
 
+include_once("../lib/ldap.php");
+
 @session_start();
 
+// close LDAP connection
+$_SESSION["ldap"]->destroy();
+
 // destroy session
 session_destroy();
 
 // print logout message
-
 ?>
 
+<html>
+	<body>
+	<p align="center"><a href="http://lam.sf.net" target="new_window"><img src="../graphics/banner.jpg" border=1></a></p><hr><br>
+	<p align="center"><big><? echo ("You have been logged off from LDAP Account Manager."); ?></big></p>
+	</body>
+</html>