Drupal investigation

ldap.php 40KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189
  1. <?php
  2. // Update knei: impüortuser um objectGUID erweitert (analog SID angelegt)
  3. /*
  4. Examples:
  5. include 'myldap.php';
  6. $myldap = new MyLDAP;
  7. $myldap->Login("praes", "vortrag"); -> TRUE
  8. $myldap->Login("preas", "vortrag"); -> FALSE
  9. $myldap->ImportUsers(); -> Import Users from LDAP to MySQL
  10. $myldap->GetSid($username); -> Get SID from Username
  11. $myldap->GetObjectGUID($username); -> Get object from Username (hex as str whitout separators)
  12. $myldap->GetUsername($sid); -> Get Username from SID
  13. $myldap->GetGroups($username); -> Get groups (comma separated) // username or sid
  14. $myldap->IsUserInGroup($username, $groupname); return true or false
  15. $myldap->GetUserInformation($username); -> will return an array // username, displayname or sid is allowed
  16. array: $user["sid"] $user["username"] $user["email"] $user["displayname"] $user["description"] $user["title"] $user["forename"] $user["surname"]
  17. $user["room"] $user["department"] $user["departmentnumber"] $user["telephone"] $user["mobilephone"] $user["manager"] $user["groups"]
  18. $myldap->$myldap->GetUsersFromGroup("group"); -> will return an array with usernames
  19. */
  20. class MyLDAP
  21. {
  22. // Config
  23. protected $ldaphost = "ads.iwmh.fraunhofer.de";
  24. protected $ldapuser = "unix";
  25. protected $ldappasswd = "tunix+-";
  26. protected $ldapbasedn = "CN=Users,DC=iwmh,DC=fraunhofer,DC=de";
  27. protected $mysqlhost = "localhost";
  28. protected $mysqldb = "adsiwmh";
  29. protected $mysqluser = "unix";
  30. protected $mysqlpasswd = "tunix+-";
  31. protected $ignoreUsers = "Administrator,opsihelper,mailer,unix,ASPNET,netapp-ad,ILS_ANONYMOUS_US,IWAM_SRV-ADS1,standard,Gast,dirxml-user,pcpatch,orgadmin,blackberry,Johnson.Controls,olat-admin,pwdsync,bereitschaft,SP_Dienste,Xpression";
  32. public function Login($username, $passwd)
  33. {
  34. $ldaphost = $this->ldaphost;
  35. $ldapbasedn = $this->ldapbasedn;
  36. if ( ($username == "") || ($username == "NULL") || ($username == null)) return false;
  37. $attribut = array("displayname", "sAMAccountName");
  38. $username = str_replace("IWMH\\", "", $username);
  39. $username = str_replace("Iwmh\\", "", $username);
  40. $ldapuser = $username."@iwmh.fhg.de";
  41. $ldappasswd = $passwd;
  42. $ldapquery = "(&(objectClass=Person)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(sAMAccountName=$username))";
  43. $ds = ldap_connect("LDAP://".$ldaphost);
  44. if (!$ds) exit ("Verbindung zum LDAP Server nicht m?glich");
  45. if (!ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3)) exit ("LDAP: Kann das Protokoll nicht auf Version 3 setzen");
  46. $ldapbind = ldap_bind($ds, $ldapuser, $ldappasswd);
  47. if (!$ldapbind) return false;
  48. $sr = ldap_search($ds, $ldapbasedn, $ldapquery);
  49. if (!$sr) exit ("LDAP search fehlgeschlagen...");
  50. for ($entry=ldap_first_entry($ds,$sr), $i=0; $entry!=false; $entry=ldap_next_entry($ds,$entry), $i++)
  51. {
  52. for ($j=0; $j<count($attribut); $j++)
  53. {
  54. $tmp = ldap_get_values($ds, $entry, $attribut[$j]);
  55. $info[$i][$j] = $tmp[0];
  56. }
  57. }
  58. ldap_close($ds);
  59. for ($i=0; $i<count($info); $i++)
  60. {
  61. if ((strcasecmp($info[$i][1], $username) == 0))
  62. return true;
  63. }
  64. return false;
  65. }
  66. public function GetSid($username)
  67. {
  68. if ($username == "") return "";
  69. $ldaphost = $this->ldaphost;
  70. $ldapbasedn = $this->ldapbasedn;
  71. $ldapuser = $this->ldapuser;
  72. $ldappasswd = $this->ldappasswd;
  73. // echo "GetSid:".$username."\n";
  74. $ds = ldap_connect("LDAP://".$ldaphost);
  75. ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
  76. ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
  77. $ldapbind = ldap_bind($ds, $ldapuser, $ldappasswd);
  78. if (!$ldapbind) return "ERROR";
  79. // echo $username."\n";
  80. $sr = ldap_search($ds, $ldapbasedn, "(sAMAccountName=".$username.")");
  81. $entries = ldap_get_entries($ds, $sr);
  82. if (is_bool($sr)) echo "GetSid:".$username."\n";
  83. if (count($entries) == 2)
  84. {
  85. // All SID's begin with S-
  86. $sid = "S-"; // Convert Bin to Hex and split into byte chunks
  87. $sidinhex = str_split(bin2hex($entries[0]['objectsid'][0]), 2); // Byte 0 = Revision Level
  88. if (count($sidinhex) == 28)
  89. {
  90. $sid = $sid.hexdec($sidinhex[0])."-"; // Byte 1-7 = 48 Bit Authority
  91. $sid = $sid.hexdec($sidinhex[6].$sidinhex[5].$sidinhex[4].$sidinhex[3].$sidinhex[2].$sidinhex[1]); // Byte 8 count of sub authorities - Get number of sub-authorities
  92. $subauths = hexdec($sidinhex[7]); //Loop through Sub Authorities
  93. for($i = 0; $i < $subauths; $i++)
  94. {
  95. $start = 8 + (4 * $i); // X amount of 32Bit (4 Byte) Sub Authorities
  96. $sid = $sid."-".hexdec($sidinhex[$start+3].$sidinhex[$start+2].$sidinhex[$start+1].$sidinhex[$start]);
  97. }
  98. }
  99. }
  100. else
  101. return "S-0-0";
  102. return $sid;
  103. }
  104. public function getObjectGUID($username)
  105. {
  106. if ($username == "") return "";
  107. $ldaphost = $this->ldaphost;
  108. $ldapbasedn = $this->ldapbasedn;
  109. $ldapuser = $this->ldapuser;
  110. $ldappasswd = $this->ldappasswd;
  111. $ds = ldap_connect("LDAP://".$ldaphost);
  112. ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
  113. ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
  114. $ldapbind = ldap_bind($ds, $ldapuser, $ldappasswd);
  115. if (!$ldapbind) return "ERROR";
  116. $sr = ldap_search($ds, $ldapbasedn, "(sAMAccountName=".$username.")");
  117. $entries = ldap_first_entry($ds, $sr);
  118. $object_guid = ldap_get_values_len($ds, $entries, 'objectGUID');
  119. if(count($object_guid) ==2)
  120. $result = strtoupper(bin2hex($object_guid[0]));
  121. else
  122. $result = "0";
  123. return $result;
  124. }
  125. public function GetwhenCreated($username)
  126. {
  127. if ($username == "") return "";
  128. $ldaphost = $this->ldaphost;
  129. $ldapbasedn = $this->ldapbasedn;
  130. $ldapuser = $this->ldapuser;
  131. $ldappasswd = $this->ldappasswd;
  132. $ds = ldap_connect("LDAP://".$ldaphost);
  133. ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
  134. ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
  135. $ldapbind = ldap_bind($ds, $ldapuser, $ldappasswd);
  136. if (!$ldapbind) return "ERROR";
  137. $sr = ldap_search($ds, $ldapbasedn, "(sAMAccountName=".$username.")");
  138. $entries = ldap_first_entry($ds, $sr);
  139. $whenCreated = ldap_get_values($ds, $entries, 'whenCreated');
  140. if(count($whenCreated) ==2)
  141. {
  142. $timeStrInUTC = preg_replace("/(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2}).+/","$1-$2-$3 $4:$5:$6", $whenCreated[0]);
  143. $timeInUTC = strtotime($timeStrInUTC.' UTC');
  144. $result = date("Y-m-d H:i:s", $timeInUTC);
  145. }
  146. else
  147. $result = "0";
  148. return $result;
  149. }
  150. private function Ldap_Query($ldapquery, $attribut)
  151. {
  152. $ldaphost = $this->ldaphost;
  153. $ldapbasedn = $this->ldapbasedn;
  154. $ldapuser = $this->ldapuser;
  155. $ldappasswd = $this->ldappasswd;
  156. $ds = ldap_connect("LDAP://".$ldaphost);
  157. $ldapbind = ldap_bind($ds, $ldapuser, $ldappasswd);
  158. $sr = ldap_search($ds, $ldapbasedn, $ldapquery);
  159. $i=0;
  160. $j=0;
  161. for ($entry=ldap_first_entry($ds,$sr), $i=0; $entry!=false; $entry=ldap_next_entry($ds,$entry), $i++)
  162. {
  163. $test = ldap_get_attributes($ds, $entry);
  164. for ($j=0; $j<count($attribut); $j++)
  165. {
  166. if(array_search($attribut[$j], $test))
  167. $tmp = ldap_get_values($ds, $entry, $attribut[$j]);
  168. else
  169. $tmp = array("");
  170. $ldap_result[$i][$attribut[$j]] = ""; // set array
  171. for($k=0; $k<count($tmp); $k++)
  172. {
  173. if (isset($tmp[$k])) $ldap_result[$i][$attribut[$j]] .= $tmp[$k];
  174. }
  175. $ldap_result[$i][$attribut[$j]] = str_replace("CN=Builtin,DC=iwmh,DC=fraunhofer,DC=de", "", $ldap_result[$i][$attribut[$j]]); // trim groups
  176. $ldap_result[$i][$attribut[$j]] = str_replace($ldapbasedn, "", $ldap_result[$i][$attribut[$j]]); // trim groups
  177. $ldap_result[$i][$attribut[$j]] = str_replace(",CN=", ";", $ldap_result[$i][$attribut[$j]]); // trim groups
  178. $ldap_result[$i][$attribut[$j]] = str_replace("CN=", "", $ldap_result[$i][$attribut[$j]]); // trim groups
  179. $ldap_result[$i][$attribut[$j]] = str_replace("\,", ",", $ldap_result[$i][$attribut[$j]]); // trim displaynames
  180. $ldap_result[$i][$attribut[$j]] = rtrim($ldap_result[$i][$attribut[$j]], ",");
  181. //echo $attribut[$j]." - ".$ldap_result[$i][$attribut[$j]]."<br>";
  182. }
  183. }
  184. ldap_close($ds);
  185. return $ldap_result;
  186. }
  187. private function MySQLConnect()
  188. {
  189. $mysqlhost = $this->mysqlhost;
  190. $mysqldb = $this->mysqldb;
  191. $mysqluser = $this->mysqluser;
  192. $mysqlpasswd = $this->mysqlpasswd;
  193. $mysql = mysqli_connect($mysqlhost, $mysqluser, $mysqlpasswd) or die("Keine MySQL-Verbindung: " . mysqli_error($mysql));
  194. mysqli_select_db($mysql, $mysqldb) or die("Auswahl der Datenbank fehlgeschlagen!"."<br>". mysqli_error($mysql)."<br>DB:".$mysqldb);
  195. mysqli_query($mysql,"SET NAMES 'utf8'");
  196. mysqli_query($mysql,"SET CHARACTER SET 'utf8'");
  197. return $mysql;
  198. }
  199. private function CreateMySQLUserTable($ldap)
  200. {
  201. // $apos = "&apos;"; Apostroph ersetzen
  202. $apos = "\'";
  203. $mysql = $this->MySQLConnect();
  204. $ignoreUsers = explode(",",$this->ignoreUsers);
  205. $error = true;
  206. mysqli_query($mysql,"TRUNCATE adsuser;"); // Delete Data
  207. for($i=0; $i<count($ldap); $i++)
  208. {
  209. $import = true;
  210. if("" == $ldap[$i]["sAMAccountName"]) $import = false;
  211. if("" == $ldap[$i]["sid"]) $import = false;
  212. for($j=0; $j < count($ignoreUsers); $j++)
  213. {
  214. if($ignoreUsers[$j] == $ldap[$i]["sAMAccountName"]) $import = false;
  215. }
  216. if ($import == true)
  217. {
  218. $sqlquery = "INSERT INTO `adsuser` (`sid`, `username`, `fhgusername`, `email`, `forename`, `surname`, `room`, `institute`, `department`, `departmentnumber`, `telephone`, `fax`, `mobilephone`, `displayname`,`groups`, `manager`, `description`,`title`, `employeeid`, `employeetype`, `accountexpires`, `lastlogin`, `whencreated`, `objectGUID`) VALUES";
  219. $sqlquery .= "('".$ldap[$i]["sid"]."', ";
  220. $sqlquery .= "'".strtolower($ldap[$i]["sAMAccountName"])."', ";
  221. $sqlquery .= "'".$ldap[$i]["extensionAttribute6"]."', ";
  222. $sqlquery .= "'".strtolower(str_replace("'", $apos, $ldap[$i]["mail"]))."', ";
  223. $sqlquery .= "'".str_replace("'", $apos, $ldap[$i]["givenName"])."', ";
  224. $sqlquery .= "'".str_replace("'", $apos, $ldap[$i]["sn"])."', ";
  225. $sqlquery .= "'".$ldap[$i]["physicalDeliveryOfficeName"]."', ";
  226. $sqlquery .= "'".$ldap[$i]["extensionAttribute5"]."', ";
  227. $sqlquery .= "'".$ldap[$i]["department"]."', ";
  228. $sqlquery .= "'".$ldap[$i]["departmentNumber"]."', ";
  229. $sqlquery .= "'".$ldap[$i]["telephoneNumber"]."', ";
  230. $sqlquery .= "'".$ldap[$i]["facsimileTelephoneNumber"]."', ";
  231. $sqlquery .= "'".$ldap[$i]["mobile"]."', ";
  232. $sqlquery .= "'".str_replace("'", $apos, $ldap[$i]["displayName"])."', ";
  233. $sqlquery .= "'".$ldap[$i]["memberOf"]."', ";
  234. $sqlquery .= "'".$ldap[$i]["manager"]."', ";
  235. $sqlquery .= "'".str_replace("'", $apos, $ldap[$i]["description"])."', ";
  236. $sqlquery .= "'".$ldap[$i]["personalTitle"]."', ";
  237. $sqlquery .= "'".$ldap[$i]["employeeID"]."', ";
  238. $sqlquery .= "'".$ldap[$i]["employeeType"]."', ";
  239. // ADS Eintrag (nie) abfangen
  240. if ($ldap[$i]["accountExpires"] != "" and $ldap[$i]["accountExpires"] != "0" and $ldap[$i]["accountExpires"] != "9223372036854775807")
  241. $sqlquery .= "'".date('Y-m-d H:i:s', $ldap[$i]["accountExpires"] / 10000000 - 11644473600)."', "; // ADS Epoch -> Unix Timestamp
  242. else
  243. $sqlquery .= "NULL, ";
  244. // ADS Eintrag (nie) abfangen
  245. if ($ldap[$i]["lastLogon"] != "" and $ldap[$i]["lastLogon"] != "0" and $ldap[$i]["lastLogon"] != "9223372036854775807")
  246. $sqlquery .= "'".date('Y-m-d H:i:s', $ldap[$i]["lastLogon"] / 10000000 - 11644473600)."', "; // ADS Epoch -> Unix Timestamp
  247. else
  248. $sqlquery .= "NULL, ";
  249. $sqlquery .= "'".$ldap[$i]["whenCreated"]."', ";
  250. $sqlquery .= "'".$ldap[$i]["objectGUID"]."'); ";
  251. // $sqlquery .= "'".date('Y-m-d H:i:s', $ldap[$i]["accountExpires"])."', ";
  252. // $sqlquery .= "'".date('Y-m-d H:i:s', $ldap[$i]["lastLogon"])."'); ";
  253. $sqlquery = utf8_encode($sqlquery);
  254. //echo $sqlquery."\n\n";
  255. if (!mysqli_query($mysql,$sqlquery))
  256. {
  257. error_log("ERROR:".$sqlquery."".mysqli_error($mysql)."<br>");
  258. $error = false;
  259. }
  260. }
  261. }
  262. return $error;
  263. }
  264. private function CreateMySQLGroupTable($ldap)
  265. {
  266. $mysql = $this->MySQLConnect();
  267. // $apos = "&apos;";
  268. $apos = "\'";
  269. $error = true;
  270. mysql_query("TRUNCATE adsgroup;", $mysql); // Delete Data
  271. for($i=0; $i<count($ldap); $i++)
  272. {
  273. if($ldap[$i]["sid"] != "S-0-0")
  274. {
  275. $sqlquery = "INSERT INTO `adsgroup` (`sid`, `name`, `members`, `description`, `email`) VALUES";
  276. $sqlquery .= "('".$ldap[$i]["sid"]."', ";
  277. $sqlquery .= "'".str_replace("'", $apos, $ldap[$i]["name"])."', ";
  278. $sqlquery .= "'".str_replace("'", $apos, $ldap[$i]["member"])."', ";
  279. $sqlquery .= "'".$ldap[$i]["description"]."', ";
  280. $sqlquery .= "'".$ldap[$i]["mail"]."'); ";
  281. $sqlquery = utf8_encode($sqlquery);
  282. if (!query($sqlquery, $mysql))
  283. {
  284. error_log("ERROR:".$sqlquery."".mysql_error()."<br>");
  285. $error = false;
  286. }
  287. }
  288. }
  289. return $error;
  290. }
  291. public function ImportUsers()
  292. {
  293. $ldapquery = "(&(objectClass=Person)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(cn=*))";
  294. $search = array("sAMAccountName", "extensionAttribute6", "mail", "givenName", "sn", "physicalDeliveryOfficeName", "extensionAttribute5", "department", "departmentNumber", "description", "telephoneNumber", "mobile", "memberOf", "title", "personalTitle", "manager", "displayName", "sn", "employeeID", "employeeType", "lastLogon", "accountExpires", "facsimileTelephoneNumber");
  295. // Import Groups first
  296. $ldap_groups = $this->ImportGroups();
  297. // Query Attributes
  298. $ldap_result = $this->Ldap_Query($ldapquery, $search);
  299. if (count($ldap_result) < 100) die(); // LDAP-Error
  300. // get SIDs
  301. for($i=0; $i<count($ldap_result); $i++)
  302. {
  303. // Formatierung verschiedener Attribute
  304. $ldap_result[$i]["sid"] = $this->GetSid($ldap_result[$i]["sAMAccountName"]);
  305. $ldap_result[$i]["objectGUID"] = $this->GetObjectGUID($ldap_result[$i]["sAMAccountName"]);
  306. $ldap_result[$i]["whenCreated"] = $this->GetwhenCreated($ldap_result[$i]["sAMAccountName"]);
  307. // Get Groups recursive
  308. $group = explode (",", $ldap_result[$i]["memberOf"]);
  309. for($j=0; $j<count($group); $j++)
  310. {
  311. if (isset($ldap_groups[$group[$j]]))
  312. {
  313. $group[$j] = $ldap_groups[$group[$j]];
  314. }
  315. }
  316. $memberOf = "";
  317. for($j=0; $j<count($group); $j++)
  318. {
  319. $memberOf .= $group[$j].";";
  320. }
  321. //echo "[] ".$ldap_result[$i]["sAMAccountName"]." -> ". $ldap_result[$i]["memberOf"]."<br>";
  322. //echo "[][] ".$ldap_result[$i]["sAMAccountName"]." -> ". $memberOf."<br>";
  323. // add recursive groups to string
  324. //$memberOf = rtrim($memberOf, ",");
  325. $ldap_result[$i]["memberOf"] = $memberOf;
  326. }
  327. //var_dump($ldap_result);
  328. $error = $this->CreateMySQLUserTable($ldap_result);
  329. $this->UpdateSIDs();
  330. return $error;
  331. }
  332. public function getDeletedUsers()
  333. {
  334. $ldapquery = "(&(objectClass=Person)(userAccountControl:1.2.840.113556.1.4.803:=2)(cn=*))";
  335. $search = array("sAMAccountName");
  336. // Query Attributes
  337. $ldap_result = $this->Ldap_Query($ldapquery, $search);
  338. return $ldap_result;
  339. }
  340. public function ImportGroups()
  341. {
  342. $ldapquery = "(&(objectClass=Group)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(cn=*))";
  343. $search = array("sAMAccountName", "memberOf", "member", "mail", "description");
  344. // Query Attributes
  345. $ldap_result = $this->Ldap_Query($ldapquery, $search);
  346. for($i=0; $i<count($ldap_result); $i++)
  347. {
  348. if (!$ldap_result[$i]["memberOf"] == "")
  349. {
  350. // add recursive groups
  351. $group_result[$ldap_result[$i]["sAMAccountName"]] = $ldap_result[$i]["sAMAccountName"].",".$ldap_result[$i]["memberOf"];
  352. //echo $ldap_result[$i]["sAMAccountName"]." - ".$ldap_result[$i]["memberOf"]." - ".$ldap_result[$i]["member"]."<br>";
  353. }
  354. //echo $ldap_result[$i]["sAMAccountName"]." -> ".$this->GetSid($ldap_result[$i]["sAMAccountName"])."<br>";
  355. $group_map[$i]["name"] = $ldap_result[$i]["sAMAccountName"];
  356. $group_map[$i]["member"] = $ldap_result[$i]["member"];
  357. $group_map[$i]["mail"] = $ldap_result[$i]["mail"];
  358. $group_map[$i]["description"] = $ldap_result[$i]["description"];
  359. $group_map[$i]["sid"] = $this->GetSid($ldap_result[$i]["sAMAccountName"]);
  360. }
  361. $this->CreateMySQLGroupTable($group_map);
  362. return $group_result;
  363. }
  364. private function UpdateSIDs()
  365. {
  366. $mysql = $this->MySQLConnect();
  367. // create mapping array
  368. $sql = "SELECT displayname, sid FROM adsuser;";
  369. $result = mysql_query ($sql, $mysql);
  370. while ( $row = mysql_fetch_row ($result))
  371. {
  372. $sidmap[$row[0]] = $row[1];
  373. }
  374. $sql = "SELECT name, sid FROM adsgroup;";
  375. $result = mysql_query ($sql, $mysql);
  376. while ( $row = mysql_fetch_row ( $result ) )
  377. {
  378. $sidmap[$row[0]] = $row[1];
  379. }
  380. // Update SIDs in Grouptable
  381. $sql = "SELECT sid, members FROM adsgroup;";
  382. $i = 0;
  383. $sids="";
  384. $result = mysql_query ($sql, $mysql);
  385. while ( $row = mysql_fetch_row ( $result ) )
  386. {
  387. $names = explode(";", $row[1]);
  388. for ($j = 0; $j < count($names); $j++)
  389. {
  390. if(isset($sidmap[$names[$j]]))
  391. {
  392. $sids .= $sidmap[$names[$j]].";";
  393. }
  394. }
  395. $sids = rtrim($sids, ";");
  396. $sql1[$i] = "UPDATE adsgroup SET membersids='".$sids."' WHERE sid='".$row[0]."'";
  397. $i++;
  398. $sids = "";
  399. }
  400. for($j = 0; $j < count($sql1); $j++)
  401. {
  402. mysql_query ($sql1[$j], $mysql);
  403. //echo $sql1[$j]."<br><br>";
  404. }
  405. // Update SIDs in Usertable
  406. $sql = "SELECT sid, groups FROM adsuser;";
  407. $i = 0;
  408. $result = mysql_query ( $sql, $mysql);
  409. while ( $row = mysql_fetch_row ( $result ) )
  410. {
  411. $groups = explode(";", $row[1]);
  412. //var_dump($groups);
  413. //echo "<br>";
  414. for ($j = 0; $j < count($groups); $j++)
  415. {
  416. if(isset($sidmap[$groups[$j]]))
  417. {
  418. $sids .= $sidmap[$groups[$j]].";";
  419. }
  420. }
  421. $sids = rtrim($sids, ";");
  422. $sql2[$i] = "UPDATE adsuser SET groupsids='".$sids."' WHERE sid='".$row[0]."'";
  423. $i++;
  424. $sids="";
  425. }
  426. for($j = 0; $j < count($sql2); $j++)
  427. {
  428. mysql_query ($sql2[$j], $mysql);
  429. //echo $sql2[$j]."<br><br>";
  430. }
  431. }
  432. /*
  433. ****************************
  434. */
  435. public function SQLQuery($sql)
  436. {
  437. $mysql = $this->MySQLConnect();
  438. $result = mysql_query($sql, $mysql);
  439. if ($result == false) error_log("ERROR: " . $sql);
  440. if (!is_resource($result)) return $result;
  441. $i = 0;
  442. while ($row = mysql_fetch_array($result))
  443. {
  444. $array[$i] = $row;
  445. $i++;
  446. }
  447. if (!isset($array)) return "";
  448. return $array;
  449. }
  450. // sid or username
  451. public function GetGroups($sid)
  452. {
  453. $mysql = $this->MySQLConnect();
  454. $sql = "SELECT groups, groupsids FROM adsuser WHERE username='".$sid."' OR sid='".$sid."';";
  455. $result = mysql_query ($sql, $mysql);
  456. while ( $row = mysql_fetch_row ( $result ) )
  457. {
  458. return $row[0].";".$row[1];
  459. }
  460. return "";
  461. }
  462. // alle Gruppen
  463. public function GetAllGroups()
  464. {
  465. $mysql = $this->MySQLConnect();
  466. $sql = "SELECT DISTINCT groupname FROM groupmembership ORDER BY groupname;";
  467. $result = mysql_query ($sql, $mysql);
  468. $i = 0;
  469. while ( $row = mysql_fetch_row ( $result ) )
  470. {
  471. $groups[$i] = $row[0];
  472. $i++;
  473. }
  474. return $groups;
  475. }
  476. // Username or SID
  477. public function IsUserInGroup($sid, $groupsid)
  478. {
  479. $mysql = $this->MySQLConnect();
  480. // $sql = "SELECT * FROM groupmembership WHERE user_sid='".$sid."' AND group_sid = '".$groupsid."';";
  481. $sql = "SELECT * FROM groupmembership WHERE (user_sid='".$sid."' OR username='".$sid."') AND (group_sid = '".$groupsid."' OR groupname = '".$groupsid."');";
  482. $result = mysql_query ($sql, $mysql);
  483. while ( $row = mysql_fetch_array ( $result ) )
  484. {
  485. return true;
  486. }
  487. return false;
  488. /*
  489. $groups = $this->GetGroups($sid);
  490. $group = explode (";", $groups);
  491. for ($i=0; $i<count($group); $i++)
  492. {
  493. if ($group[$i] == $groupsid) return true;
  494. }
  495. return false;
  496. */
  497. }
  498. public function GetUsername($sid)
  499. {
  500. $mysql = $this->MySQLConnect();
  501. $sql = "SELECT username FROM adsuser WHERE sid='".$sid."';";
  502. $result = mysql_query ($sql, $mysql);
  503. while ( $row = mysql_fetch_row ( $result ) )
  504. {
  505. return $row[0];
  506. }
  507. return "";
  508. }
  509. public function GetDisplayname($sid)
  510. {
  511. $mysql = $this->MySQLConnect();
  512. $sql = "SELECT displayname FROM adsuser WHERE sid='".$sid."';";
  513. $result = mysql_query ($sql, $mysql);
  514. while ( $row = mysql_fetch_row ( $result ) )
  515. {
  516. return $row[0];
  517. }
  518. return "";
  519. }
  520. public function GetTelephone($sid)
  521. {
  522. $mysql = $this->MySQLConnect();
  523. $sql = "SELECT telephone FROM adsuser WHERE sid='".$sid."';";
  524. $result = mysql_query ($sql, $mysql);
  525. while ( $row = mysql_fetch_row ( $result ) )
  526. {
  527. return $row[0];
  528. }
  529. return "";
  530. }
  531. public function GetUserData($sids)
  532. {
  533. $mysql = $this->MySQLConnect();
  534. foreach ($sids as $sid)
  535. {
  536. $sql = "SELECT username, display FROM adsuser WHERE sid='".$sid."';";
  537. $result = mysql_query ($sql, $mysql);
  538. while ( $row = mysql_fetch_row ( $result ) )
  539. {
  540. return $row[0];
  541. }
  542. }
  543. return "";
  544. }
  545. public function GetTransponder($sid)
  546. {
  547. $mysql = $this->MySQLConnect();
  548. $sql = "SELECT transponder.id FROM transponder, adsuser WHERE adsuser.displayname = transponder.name AND (adsuser.username='".$sid."' OR adsuser.sid='".$sid."');";
  549. $result = mysql_query ($sql, $mysql);
  550. while ( $row = mysql_fetch_row ( $result ) )
  551. {
  552. return $row[0];
  553. }
  554. return "";
  555. }
  556. public function GetSIDfromGroups()
  557. {
  558. $mysql = $this->MySQLConnect();
  559. $sql = "SELECT sid, name FROM adsgroup";
  560. $result = mysql_query($sql, $mysql);
  561. $groupmap = "";
  562. while ($row = mysql_fetch_row($result))
  563. {
  564. $groupmap[$row[1]] = $row[0];
  565. }
  566. return $groupmap;
  567. }
  568. // SID, Username or Displayname
  569. /* public function GetUserInformation($sid)
  570. {
  571. $mysql = $this->MySQLConnect();
  572. $sql = "SELECT sid, username, email, displayname, description, title, forename, surname, room, department, departmentnumber, telephone, mobilephone, manager, groups, employeeid FROM adsuser ";
  573. $sql .= "WHERE username='".$sid."' OR sid='".$sid."' OR displayname='".$sid."';";
  574. $result = mysql_query($sql, $mysql);
  575. if ($result == false) error_log("ERROR: " . $sql);
  576. while ($row = mysql_fetch_row($result))
  577. {
  578. $userdata["sid"] = $row[0];
  579. $userdata["username"] = $row[1];
  580. $userdata["email"] = $row[2];
  581. $userdata["displayname"] = $row[3];
  582. $userdata["description"] = $row[4];
  583. $userdata["title"] = $row[5];
  584. $userdata["forename"] = $row[6];
  585. $userdata["surname"] = $row[7];
  586. $userdata["room"] = $row[8];
  587. $userdata["department"] = $row[9];
  588. $userdata["departmentnumber"] = $row[10];
  589. $userdata["telephone"] = $row[11];
  590. $userdata["mobilephone"] = $row[12];
  591. $userdata["manager"] = $row[13];
  592. $userdata["groups"] = $row[14];
  593. $userdata["employeeid"] = $row[15];
  594. return $userdata;
  595. }
  596. return false;
  597. }
  598. */
  599. public function GetUserInformation($sid)
  600. {
  601. $mysql = $this->MySQLConnect();
  602. $sql = "SELECT sid, username, email, displayname, description, title, forename, surname, room, department, departmentnumber, telephone, mobilephone, manager,";
  603. $sql .= "groups, employeeid, position_de, position_en, proxy, proxy2, secretary, transponder, access, employeetype, institute, accountexpires, lastlogin FROM adsuser ";
  604. $sql .= "WHERE username='".$sid."' OR sid='".$sid."' OR displayname='".$sid."';";
  605. $result = mysql_query($sql, $mysql);
  606. if ($result == false) error_log("ERROR: " . $sql);
  607. while ($row = mysql_fetch_row($result))
  608. {
  609. $userdata["sid"] = $row[0];
  610. $userdata["username"] = $row[1];
  611. $userdata["email"] = $row[2];
  612. $userdata["displayname"] = $row[3];
  613. $userdata["description"] = $row[4];
  614. $userdata["title"] = $row[5];
  615. $userdata["forename"] = $row[6];
  616. $userdata["surname"] = $row[7];
  617. $userdata["room"] = $row[8];
  618. $userdata["department"] = $row[9];
  619. $userdata["departmentnumber"] = $row[10];
  620. $userdata["telephone"] = $row[11];
  621. $userdata["mobilephone"] = $row[12];
  622. $userdata["manager"] = $row[13];
  623. $userdata["groups"] = $row[14];
  624. $userdata["employeeid"] = $row[15];
  625. $userdata["position_de"] = $row[16];
  626. $userdata["position_en"] = $row[17];
  627. $userdata["proxy"] = $row[18];
  628. $userdata["proxy2"] = $row[19];
  629. $userdata["secretary"] = $row[20];
  630. $userdata["transponder"] = $row[21];
  631. $userdata["access"] = $row[22];
  632. $userdata["employeetype"] = $row[23];
  633. $userdata["institute"] = $row[24];
  634. $userdata["accountexpires"] = $row[25];
  635. $userdata["lastlogin"] = $row[26];
  636. return $userdata;
  637. }
  638. return false;
  639. }
  640. public function GetGroupInformation($sid)
  641. {
  642. $mysql = $this->MySQLConnect();
  643. $sql = "SELECT sid, name, email, description FROM adsgroup ";
  644. $sql .= "WHERE name='".$sid."' OR sid='".$sid."';";
  645. $result = mysql_query($sql, $mysql);
  646. if ($result == false) error_log("ERROR: " . $sql);
  647. while ($row = mysql_fetch_row($result))
  648. {
  649. $userdata["sid"] = $row[0];
  650. $userdata["name"] = $row[1];
  651. $userdata["email"] = $row[2];
  652. $userdata["description"] = $row[3];
  653. return $userdata;
  654. }
  655. return false;
  656. }
  657. // sid or name
  658. public function GetUserInformationFromGroup($group)
  659. {
  660. $mysql = $this->MySQLConnect();
  661. $sql = "SELECT sid, username, email, displayname, description, title, forename, surname, room, department, departmentnumber, telephone, mobilephone, manager, groups FROM adsuser ";
  662. $sql .= "WHERE groups LIKE '%".$group."%' OR groupsids LIKE '%".$group."%' ORDER BY displayname;";
  663. $result = mysql_query($sql, $mysql);
  664. if ($result == false) echo "ERROR: " . $sql;
  665. $userdata[0][0] = "";
  666. $i = 0;
  667. while ($row = mysql_fetch_row($result))
  668. {
  669. $userdata[$i]["sid"] = $row[0];
  670. $userdata[$i]["username"] = $row[1];
  671. $userdata[$i]["email"] = $row[2];
  672. $userdata[$i]["displayname"] = $row[3];
  673. $userdata[$i]["description"] = $row[4];
  674. $userdata[$i]["title"] = $row[5];
  675. $userdata[$i]["forename"] = $row[6];
  676. $userdata[$i]["surname"] = $row[7];
  677. $userdata[$i]["room"] = $row[8];
  678. $userdata[$i]["department"] = $row[9];
  679. $userdata[$i]["departmentnumber"] = $row[10];
  680. $userdata[$i]["telephone"] = $row[11];
  681. $userdata[$i]["mobilephone"] = $row[12];
  682. $userdata[$i]["manager"] = $row[13];
  683. $userdata[$i]["groups"] = $row[14];
  684. $i++;
  685. }
  686. return $userdata;
  687. }
  688. // sid or name
  689. private function GetMembersFromGroup($group)
  690. {
  691. $mysql = $this->MySQLConnect();
  692. $sql = "SELECT membersids FROM adsgroup WHERE name = '".$group."' OR sid = '".$group."'";
  693. $result = mysql_query($sql, $mysql);
  694. $j = 0;
  695. while ( $row = mysql_fetch_row ( $result ) )
  696. {
  697. $members = $row[0];
  698. $j++;
  699. }
  700. if ($j > 0)
  701. {
  702. $user = explode(";", $members);
  703. for ($i = 0; $i<count($user); $i++)
  704. {
  705. $groups = $this->GetMembersFromGroup($user[$i]);
  706. if ($groups != null)
  707. {
  708. $user[$i] = $groups;
  709. }
  710. }
  711. return $user;
  712. }
  713. return null;
  714. }
  715. // sid or name
  716. public function GetUserSidsFromGroup($group)
  717. {
  718. $user = $this->GetMembersFromGroup($group);
  719. return explode(";",$this->MergeArray($user));
  720. }
  721. // sid
  722. public function GetUsersFromGroup($group)
  723. {
  724. $mysql = $this->MySQLConnect();
  725. $sql = "SELECT DISTINCT group_sid, groupname, user_sid, displayname, username FROM groupmembership ";
  726. $sql .= "WHERE group_sid='".$group."' OR groupname='".$group."' ";
  727. $sql .= "ORDER BY displayname;";
  728. $result = mysql_query($sql, $mysql);
  729. $i = 0;
  730. $user[$i] = "";
  731. while ( $row = mysql_fetch_row ( $result ) )
  732. {
  733. if ($row[0] != "")
  734. {
  735. $user[$i]["sid"] = $row[2];
  736. $user[$i]["displayname"] = $row[3];
  737. $user[$i]["username"] = $row[4];
  738. $i++;
  739. }
  740. }
  741. return $user;
  742. }
  743. public function GetDepartmentNumbers()
  744. {
  745. $mysql = $this->MySQLConnect();
  746. $sql = "SELECT DISTINCT departmentnumber, department FROM adsuser ORDER BY departmentnumber;";
  747. $result = mysql_query($sql, $mysql);
  748. $i = 0;
  749. $user[$i] = "";
  750. while ( $row = mysql_fetch_row ( $result ) )
  751. {
  752. if ($row[0] != "")
  753. {
  754. $user[$i]["nr"] = $row[0];
  755. $user[$i]["name"] = $row[1];
  756. $i++;
  757. }
  758. }
  759. return $user;
  760. }
  761. public function GetUsersFromDepartmentNumber($departmentNumber)
  762. {
  763. $mysql = $this->MySQLConnect();
  764. $sql = "SELECT DISTINCT username, displayname, sid FROM adsuser WHERE departmentnumber = ".$departmentNumber.";";
  765. $result = mysql_query($sql, $mysql);
  766. $i = 0;
  767. $user[$i] = "";
  768. while ( $row = mysql_fetch_row ( $result ) )
  769. {
  770. $user[$i]["username"] = $row[0];
  771. $user[$i]["displayname"] = $row[1];
  772. $user[$i]["sid"] = $row[2];
  773. $i++;
  774. }
  775. return $user;
  776. }
  777. public function GetRooms()
  778. {
  779. $mysql = $this->MySQLConnect();
  780. $sql = "SELECT * FROM telephone ORDER BY roomnr;";
  781. $result = mysql_query($sql, $mysql);
  782. $i = 0;
  783. $room[$i] = "";
  784. while ( $row = mysql_fetch_row ( $result ) )
  785. {
  786. $room[$i]["id"] = $row[0];
  787. $room[$i]["roomnr"] = $row[1];
  788. $room[$i]["description"] = $row[2];
  789. $room[$i]["telephonenr"] = $row[3];
  790. $i++;
  791. }
  792. return $room;
  793. }
  794. public function GetRoom($id)
  795. {
  796. $mysql = $this->MySQLConnect();
  797. $sql = "SELECT * FROM telephone WHERE id = $id;";
  798. $result = mysql_query($sql, $mysql);
  799. $i = 0;
  800. $room = "";
  801. if ( $row = mysql_fetch_row ( $result ) )
  802. {
  803. $room["id"] = $row[0];
  804. $room["roomnr"] = $row[1];
  805. $room["description"] = $row[2];
  806. $room["telephonenr"] = $row[3];
  807. }
  808. return $room;
  809. }
  810. public function GetUserAccessFromDepartmentNumber($departmentNumber, $accessrights)
  811. {
  812. $mysql = $this->MySQLConnect();
  813. $sql = "SELECT DISTINCT username, displayname, sid FROM adsuser WHERE departmentnumber = ".$departmentNumber." AND access = '".$accessrights."';";
  814. $result = mysql_query($sql, $mysql);
  815. $i = 0;
  816. $user[$i] = "";
  817. while ( $row = mysql_fetch_row ( $result ) )
  818. {
  819. $user[$i]["username"] = $row[0];
  820. $user[$i]["displayname"] = $row[1];
  821. $user[$i]["sid"] = $row[2];
  822. $i++;
  823. }
  824. return $user;
  825. }
  826. private function MergeArray($array)
  827. {
  828. $merged = "";
  829. for($i=0; $i<count($array); $i++)
  830. {
  831. if (!is_array($array[$i]))
  832. {
  833. $merged .= $array[$i].";";
  834. }
  835. else
  836. {
  837. $merged .= $this->MergeArray($array[$i]).";";
  838. }
  839. }
  840. $merged = str_replace(";;",";", $merged);
  841. $merged = trim($merged, ";");
  842. return $merged;
  843. }
  844. public function GetUserMap($group)
  845. {
  846. $mysql = $this->MySQLConnect();
  847. $sql = "SELECT username, user_sid FROM groupmembership WHERE groupname = '".$group."';";
  848. //error_log($sql);
  849. $result = mysql_query($sql, $mysql);
  850. while ( $row = mysql_fetch_row ( $result ) )
  851. {
  852. if ($row[0] != "")
  853. {
  854. $user[$row[1]] = $row[0];
  855. }
  856. }
  857. return $user;
  858. }
  859. public function UpdateGroupMembership()
  860. {
  861. $apos = "\'";
  862. $mysql = $this->MySQLConnect();
  863. $groups = $this->GetSIDfromGroups();
  864. $sql = "SELECT sid, username, displayname FROM adsuser;";
  865. $result = mysql_query($sql, $mysql);
  866. while ( $row = mysql_fetch_row ( $result ) )
  867. {
  868. $usersid[$row[0]]["username"] = $row[1];
  869. $usersid[$row[0]]["displayname"] = str_replace("'", $apos, $row[2]);
  870. }
  871. $sql = "SELECT sid, name, description FROM adsgroup;";
  872. $result = mysql_query($sql, $mysql);
  873. while ( $row = mysql_fetch_row ( $result ) )
  874. {
  875. $groupsid[$row[0]]["name"] = $row[1];
  876. $groupsid[$row[0]]["description"] = $row[2];
  877. }
  878. $sql = "TRUNCATE groupmembership;";
  879. mysql_query($sql, $mysql);
  880. foreach ($groups as $group)
  881. {
  882. $users = $this->GetUserSidsFromGroup($group);
  883. foreach ($users as $user)
  884. {
  885. if (isset($usersid[$user]["username"]))
  886. {
  887. $sql = "INSERT INTO groupmembership (group_sid, groupname, user_sid, username, displayname, description) ";
  888. $sql .= "VALUES ('".$group."', '".$groupsid[$group]["name"]."', '".$user."', '".$usersid[$user]["username"]."', '".$usersid[$user]["displayname"]."', '".$groupsid[$group]["description"]."');";
  889. //if ($usersid[$user]["username"] == "mllu") echo $sql."\n";
  890. mysql_query($sql, $mysql);
  891. }
  892. }
  893. }
  894. }
  895. public function UpdatePosition()
  896. {
  897. $mysql = $this->MySQLConnect();
  898. $sql = "SELECT position.sid, position.position_de, position.position_en, position.proxy, position.proxy2, position.access, position.manager FROM adsuser, position WHERE adsuser.sid = position.sid ";
  899. $result = mysql_query($sql, $mysql);
  900. while ( $row = mysql_fetch_row ( $result ) )
  901. {
  902. $proxy = $this->GetDisplayname($row[3]);
  903. $proxy2 = $this->GetDisplayname($row[4]);
  904. $manager = $this->GetDisplayname($row[6]);
  905. $sql = "UPDATE adsuser SET position_de = '".$row[1]."', position_en = '".$row[2]."', proxy = '".$proxy."', proxy2 = '".$proxy2."', access = '".$row[5]."', manager = '".$manager."' ";
  906. $sql .= "WHERE sid = '".$row[0]."';";
  907. //echo $sql."\n";
  908. mysql_query($sql, $mysql);
  909. }
  910. $sql = "SELECT DISTINCT adsuser.sid, adsuser.username, departments.secretary FROM departments, adsuser WHERE departments.oe = adsuser.departmentnumber AND departments.institute = adsuser.institute AND adsuser.departmentnumber != 'all';";
  911. $result = mysql_query($sql, $mysql);
  912. while ( $row = mysql_fetch_row ( $result ) )
  913. {
  914. $secretary = $this->GetDisplayname($row[2]);
  915. $sql = "UPDATE adsuser SET secretary = '".$secretary."' WHERE sid = '".$row[0]."';";
  916. mysql_query($sql, $mysql);
  917. }
  918. }
  919. public function UpdatePresence()
  920. {
  921. $mysql = $this->MySQLConnect();
  922. $sql = "SELECT * FROM presence;";
  923. $i = 0;
  924. $result = mysql_query($sql, $mysql);
  925. while ( $row = mysql_fetch_array ( $result ) )
  926. {
  927. if ($row["sigma"] != NULL or $row["manual"] != NULL)
  928. $sql = "UPDATE adsuser SET present = 'N' ";
  929. else
  930. $sql = "UPDATE adsuser SET present = 'Y' ";
  931. $sql .= "WHERE username = '".$row["username"]."';";
  932. //echo $sql."\n";
  933. mysql_query($sql, $mysql);
  934. }
  935. }
  936. public function UpdateTransponder()
  937. {
  938. $mysql = $this->MySQLConnect();
  939. $sql = "SELECT transponder.id, adsuser.sid FROM transponder, adsuser WHERE adsuser.employeeid = transponder.employeeid AND adsuser.employeeid != ''";
  940. $result = mysql_query($sql, $mysql);
  941. while ( $row = mysql_fetch_row ( $result ) )
  942. {
  943. $sql = "UPDATE adsuser SET transponder = '".$row[0]."' ";
  944. $sql .= "WHERE sid = '".$row[1]."';";
  945. //echo $sql."\n";
  946. mysql_query($sql, $mysql);
  947. }
  948. }
  949. public function Query($query)
  950. {
  951. $mysql = $this->MySQLConnect();
  952. if (isset($_GET["debug"])) echo $query;
  953. //error_log($query);
  954. $result = mysql_query($query,$mysql);
  955. $i = 0;
  956. while ($row = mysql_fetch_array($result))
  957. {
  958. $array[$i] = $row;
  959. $i++;
  960. }
  961. if (!isset($array)) return "";
  962. return $array;
  963. }
  964. }
  965. ?>