Support » Plugin: Active Directory Integration » HTTP 500 Error

  • andre.thomas

    (@andrethomas)



    I maintain a multi-site environment. Yesterday morning, all of a sudden the sites became inactive without me doing anything to it. Before I got off the computer the day before, the site was working just fine.

    Today, I started going through the plugins and renaming them to see if one was the culprit and it is your plugin version 0.9.9.9

    Once I changed the folder name, the site came back up. However, when I went to log into the admin site, I got another error saying that “[the name of my site] refused to connect”

    I got curious. I clicked into the adi_multisite_patch and saw two text file. I’m for sure the first file named “ad-integration” is the issue. The file reads:

    <?php
    
    /*
    Plugin Name: Active Directory Integration
    Version: 0.9.9.9
    Plugin URI: http://blog.ecw.de/wp-ad-integration
    Description: Allows WordPress to authenticate, authorize, create and update users through Active Directory
    Author: Christoph Steindorff, ECW GmbH
    Author URI: http://blog.ecw.de/
    
    The work is derived from version 1.0.5 of the plugin Active Directory Authentication:
    OriginalPlugin URI: http://soc.qc.edu/jonathan/wordpress-ad-auth
    OriginalDescription: Allows WordPress to authenticate users through Active Directory
    OriginalAuthor: Jonathan Marc Bearak
    OriginalAuthor URI: http://soc.qc.edu/jonathan
    */
    
    /*
       This library is free software; you can redistribute it and/or
       modify it under the terms of the GNU Lesser General Public
       License as published by the Free Software Foundation; either
       version 2.1 of the License, or (at your option) any later version.
    
       This library is distributed in the hope that it will be useful,
       but WITHOUT ANY WARRANTY; without even the implied warranty of
       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
       Lesser General Public License for more details.
    */
    
    if (!class_exists('ADIntegrationPlugin')) {
    
    // LOG LEVEL
    
    define('ADI_LOG_DEBUG', 6);
    define('ADI_LOG_INFO',  5);
    define('ADI_LOG_NOTICE',4);
    define('ADI_LOG_WARN',  3);
    define('ADI_LOG_ERROR', 2);
    define('ADI_LOG_FATAL', 1);
    define('ADI_LOG_NONE',  0);
    
    define('ADI_DUPLICATE_EMAIL_ADDRESS_PREVENT', 'prevent');
    define('ADI_DUPLICATE_EMAIL_ADDRESS_ALLOW', 'allow');
    define('ADI_DUPLICATE_EMAIL_ADDRESS_CREATE', 'create');
    
    class ADIntegrationPlugin {
    
       // version of needed DB table structure
       const DB_VERSION = "0.9";
    
       // name of our own table
       const TABLE_NAME = 'adintegration';
    
       // is the user authenticated?
       public $_authenticated = false;
    
       protected $_minium_WPMU_version = '2.8';
       protected $_minium_WP_version = '2.8';
    
       // log level
       protected $_loglevel = ADI_LOG_NONE;
    
       // adLDAP-object
       protected $_adldap;
    
       // Should a new user be created automatically if not already in the WordPress database?
       protected $_auto_create_user = false;
    
       // Should the users be updated in the WordPress database everytime they logon? (Works only if automatic user creation is set.
       protected $_auto_update_user = false;
    
       // Account Suffix (will be appended to all usernames created in WordPress, as well as used in the Active Directory authentication process
       protected $_account_suffix = '';
    
       // Should the account suffix be appended to the usernames created in WordPress?
       protected $_append_suffix_to_new_users = false;
    
       // Domain Controllers (separate with semicolons)
       protected $_domain_controllers = '';
    
       // LDAP/AD BASE DN
       protected $_base_dn = '';
    
       // Role Equivalent Groups (wp-role1=ad-group1;wp-role2=ad-group2;...)
       protected $_role_equivalent_groups = '';
    
       // Default Email Domain (eg. 'domain.tld')
       protected $_default_email_domain = '';
    
       // Port on which AD listens (default 389)
       protected $_port = 389;
    
       // Username for non-anonymous requests to AD
       protected $_bind_user = '';
    
       // Password for non-anonymous requests to AD
       protected $_bind_pwd = '';
    
       // Secure the connection between the Drupal and the LDAP servers using TLS.
       protected $_use_tls = false;
    
       // Check Login authorization by group membership
       protected $_authorize_by_group = false;
    
       // Group name for authorization.
       protected $_authorization_group = '';
    
       // Maximum number of failed login attempts before the account is blocked
       protected $_max_login_attempts = 3;
    
       // Number of seconds an account is blocked after the maximum number of failed login attempts is reached.
       protected $_block_time = 30;
    
       // Send email to user if his account is blocked.
       protected $_user_notification = false;
    
       // Send email to admin if a user account is blocked.
       protected $_admin_notification = false;
    
       // Administrator's e-mail address(es) where notifications should be sent to.
       protected $_admin_email = '';
    
       // Set user's display_name to an AD attribute or to username if left blank
       // Possible values: description, displayname, mail, sn, cn, givenname, samaccountname
       protected $_display_name = '';
    
       // Enable/Disable password changes
       protected $_enable_password_change = false;
    
       protected $_duplicate_email_prevention = ADI_DUPLICATE_EMAIL_ADDRESS_PREVENT;
    
       // All options and its types
       protected $_all_options = array(
             array('name' => 'AD_Integration_account_suffix', 'type' => 'string'),
             array('name' => 'AD_Integration_auto_create_user', 'type' => 'bool'),
             array('name' => 'AD_Integration_auto_update_user', 'type' => 'bool'),
             array('name' => 'AD_Integration_append_suffix_to_new_users', 'type' => 'bool'),
             array('name' => 'AD_Integration_domain_controllers', 'type' => 'string'),
             array('name' => 'AD_Integration_base_dn', 'type' => 'string'),
             array('name' => 'AD_Integration_prefix_dn', 'type' => 'string'),
             array('name' => 'AD_Integration_role_equivalent_groups', 'type' => 'string'),
             array('name' => 'AD_Integration_default_email_domain', 'type' => 'string'),
             array('name' => 'AD_Integration_port', 'type' => 'int'),
             array('name' => 'AD_Integration_bind_user', 'type' => 'string'),
             array('name' => 'AD_Integration_bind_pwd', 'type' => 'string'),
             array('name' => 'AD_Integration_use_tls', 'type' => 'bool'),
             array('name' => 'AD_Integration_authorize_by_group', 'type' => 'bool'),
             array('name' => 'AD_Integration_authorization_group', 'type' => 'string'),
             array('name' => 'AD_Integration_max_login_attempts', 'type' => 'int'),
             array('name' => 'AD_Integration_block_time', 'type' => 'int'),
             array('name' => 'AD_Integration_user_notification', 'type' => 'bool'),
             array('name' => 'AD_Integration_admin_notification', 'type' => 'bool'),
             array('name' => 'AD_Integration_admin_email', 'type' => 'string'),
             array('name' => 'AD_Integration_display_name', 'type' => 'string'),
             array('name' => 'AD_Integration_enable_password_change', 'type' => 'bool'),
             array('name' => 'AD_Integration_duplicate_email_prevention', 'type' => 'string')
          );
    
       /**
        * Constructor
        */
       public function __construct() {
          global $wp_version, $wpmu_version, $wpdb, $wpmuBaseTablePrefix;
    
          if (!defined('IS_WPMU')) {
             define('IS_WPMU', ($wpmu_version != ''));
          }
    
          // define folder constant
          if (!defined('ADINTEGRATION_FOLDER')) {
             define('ADINTEGRATION_FOLDER', basename(dirname(__FILE__)));
          }
    
          // Load up the localization file if we're using WordPress in a different language
          // Place it in this plugin's folder and name it "ad-auth-[value in wp-config].mo"
          load_plugin_textdomain( 'ad-integration', WP_PLUGIN_URL.'/'.ADINTEGRATION_FOLDER, ADINTEGRATION_FOLDER );
          load_plugin_textdomain( 'ad-integration', ( (IS_WPMU) ? WPMU_PLUGIN_URL : WP_PLUGIN_URL ).'/'.ADINTEGRATION_FOLDER, ADINTEGRATION_FOLDER );
    
          // Load Options
          $this->_load_options();
    
          if (isset($_GET['activate']) and $_GET['activate'] == 'true') {
             add_action('init', array(&$this, 'initialize_options'));
          }
    
          add_action('admin_menu', array(&$this, 'add_options_page'));
          add_filter('contextual_help', array(&$this, 'contextual_help'), 10, 2);
    
          // DO WE HAVE LDAP SUPPORT?
          if (function_exists('ldap_connect')) {
    
             // WP 2.8 and above?
             if (version_compare($wp_version, '2.8', '>=')) {
                add_filter('authenticate', array(&$this, 'authenticate'), 10, 3);
             } else {
                add_action('wp_authenticate', array(&$this, 'authenticate'), 10, 2);
             }
    
             add_action('lost_password', array(&$this, 'disable_function'));
             add_action('retrieve_password', array(&$this, 'disable_function'));
             add_action('password_reset', array(&$this, 'disable_function'));
              add_action('admin_print_styles', array(&$this, 'load_styles'));
              add_action('admin_print_scripts', array(&$this, 'load_scripts'));
    
             add_filter('check_password', array(&$this, 'override_password_check'), 10, 4);
    
             // Is local password change disallowed?
             if (!$this->_enable_password_change) {
    
                // disable password fields
                add_filter('show_password_fields', array(&$this, 'disable_password_fields'));
    
                // generate a random passwords for manually added users
                add_action('check_passwords', array(&$this, 'generate_password'), 10, 3);
             }
    
             if (!class_exists('adLDAP')) {
                require 'ad_ldap/adLDAP.php';
             }
          }
       }
    
       public function load_styles() {
    
          wp_register_style('adintegration', ( (IS_WPMU) ? WPMU_PLUGIN_URL : WP_PLUGIN_URL ).'/'.ADINTEGRATION_FOLDER.'/css/adintegration.css',false, '1.7.1', 'screen');
          wp_enqueue_style('adintegration');
       }
    
       public function load_scripts() {
          wp_enqueue_script( 'jquery-ui-tabs' );
       }
    
       /*************************************************************
        * Plugin hooks
        *************************************************************/
    
       /**
        * Add options for this plugin to the database.
        */
       public function initialize_options() {
    
          if (IS_WPMU) {
             if (is_site_admin()) {
                add_site_option('AD_Integration_account_suffix', '', 'Account Suffix (will be appended to all usernames created in WordPress, as well as used in the Active Directory authentication process');
                add_site_option('AD_Integration_auto_create_user', false, 'Should a new user be created automatically if not already in the WordPress database?');
                add_site_option('AD_Integration_auto_update_user', false, 'Should the users be updated in the WordPress database everytime they logon? (Works only if automatic user creation is set.)');
                add_site_option('AD_Integration_append_suffix_to_new_users', '', false, 'Should the account suffix be appended to the usernames created in WordPress?');
                add_site_option('AD_Integration_domain_controllers', '', 'Domain Controllers (separate with semicolons)');
                add_site_option('AD_Integration_base_dn', '', 'Base DN');
                add_site_option('AD_Integration_prefix_dn', '', 'before userid in DN (e.g., CN, UID, ...)');
                add_site_option('AD_Integration_role_equivalent_groups', '', 'Role Equivalent Groups');
                add_site_option('AD_Integration_default_email_domain', '', 'Default Email Domain');
                add_site_option('AD_Integration_port', '389', 'Port on which AD listens (default 389).');
                add_site_option('AD_Integration_bind_user', '', 'Username for non-anonymous requests to AD.');
                add_site_option('AD_Integration_bind_pwd', '', 'Password for non-anonymous requests to AD.');
                add_site_option('AD_Integration_use_tls', false, 'Secure the connection between the Drupal and the LDAP servers using TLS.');
                add_site_option('AD_Integration_authorize_by_group', false, 'Check Login authorization by group membership.');
                add_site_option('AD_Integration_authorization_group', '', 'Group name for authorization.');
                add_site_option('AD_Integration_max_login_attempts', '3', 'Maximum number of failed login attempts before the account is blocked.');
                add_site_option('AD_Integration_block_time', '30', 'Number of seconds an account is blocked after the maximum number of failed login attempts is reached.');
                add_site_option('AD_Integration_user_notification', false, 'Send email to user if his account is blocked.');
                add_site_option('AD_Integration_admin_notification', false, 'Send email to admin if a user account is blocked.');
                add_site_option('AD_Integration_admin_email', '', "Administrator's email address where notifications should be sent to.");
                add_site_option('AD_Integration_display_name', '', "Set user's display_name to an AD attribute or to username if left blank.");
                add_site_option('AD_Integration_enable_password_change', false, 'Enable the ability of the users to change their WP passwords.');
                add_site_option('AD_Integration_duplicate_email_prevention', ADI_DUPLICATE_EMAIL_ADDRESS_PREVENT, 'Prevent duplicate email addresses?');
             }
          } else {
             if (current_user_can('manage_options')) {
                add_option('AD_Integration_account_suffix', '', 'Account Suffix (will be appended to all usernames created in WordPress, as well as used in the Active Directory authentication process');
                add_option('AD_Integration_auto_create_user', false, 'Should a new user be created automatically if not already in the WordPress database?');
                add_option('AD_Integration_auto_update_user', false, 'Should the users be updated in the WordPress database everytime they logon? (Works only if automatic user creation is set.)');
                add_option('AD_Integration_append_suffix_to_new_users', '', false, 'Should the account suffix be appended to the usernames created in WordPress?');
                add_option('AD_Integration_domain_controllers', '', 'Domain Controllers (separate with semicolons)');
                add_option('AD_Integration_base_dn', '', 'Base DN');
                add_option('AD_Integration_prefix_dn', '', 'before userid in DN (e.g., CN, UID, ...)');
                add_option('AD_Integration_role_equivalent_groups', '', 'Role Equivalent Groups');
                add_option('AD_Integration_default_email_domain', '', 'Default Email Domain');
                add_option('AD_Integration_port', '389', 'Port on which AD listens (default 389).');
                add_option('AD_Integration_bind_user', '', 'Username for non-anonymous requests to AD.');
                add_option('AD_Integration_bind_pwd', '', 'Password for non-anonymous requests to AD.');
                add_option('AD_Integration_use_tls', false, 'Secure the connection between the Drupal and the LDAP servers using TLS.');
                add_option('AD_Integration_authorize_by_group', false, 'Check Login authorization by group membership.');
                add_option('AD_Integration_authorization_group', '', 'Group name for authorization.');
                add_option('AD_Integration_max_login_attempts', '3', 'Maximum number of failed login attempts before the account is blocked.');
                add_option('AD_Integration_block_time', '30', 'Number of seconds an account is blocked after the maximum number of failed login attempts is reached.');
                add_option('AD_Integration_user_notification', false, 'Send email to user if his account is blocked.');
                add_option('AD_Integration_admin_notification', false, 'Send email to admin if a user account is blocked.');
                add_option('AD_Integration_admin_email', '', "Administrator's email address where notifications should be sent to.");
                add_option('AD_Integration_display_name', '', "Set user's display_name to an AD attribute or to username if left blank.");
                add_option('AD_Integration_enable_password_change', false, 'Enable or disabled the ability to the change user WP passwords.');
                add_option('AD_Integration_duplicate_email_prevention', ADI_DUPLICATE_EMAIL_ADDRESS_PREVENT, 'Prevent duplicate email addresses?');
    
             }
          }
       }
    
       /**
        * Add an options pane for this plugin.
        */
       public function add_options_page() {
    
          if (IS_WPMU && is_site_admin()) {
             // WordPress MU
             if (function_exists('add_submenu_page')) {
                add_submenu_page('wpmu-admin.php', __('Active Directory Integration'), __('Active Directory Integration'), 'manage_options', __FILE__, array(&$this, '_display_options_page'));
             }
          }
    
          if (!IS_WPMU) {
             // WordPress Standard
             if (function_exists('add_options_page')) {
                add_options_page('Active Directory Integration', 'Active Directory Integration', 'manage_options', __FILE__, array(&$this, '_display_options_page'));
             }
          }
       }
    
       /**
        * Wrapper
        *
        * @param $arg1 WP_User or username
        * @param $arg2 username or password
        * @param $arg3 passwprd or empty
        * @return WP_User
        */
       public function authenticate($arg1 = NULL, $arg2 = NULL, $arg3 = NULL) {
          global $wp_version, $wpmu_version;
    
          $this->_log(ADI_LOG_INFO,'method authenticate() called');
    
          if (IS_WPMU) {
             $version = $wpmu_version;
          } else {
             $version = $wp_version;
          }
    
          $this->_log(ADI_LOG_INFO,'WP version: '.$version);
    
          if (version_compare($version, '2.8', '>=')) {
             return $this->ad_authenticate($arg1, $arg2, $arg3);
          } else {
             return $this->ad_authenticate(NULL, $arg1, $arg2);
          }
       }
    
       /**
        * If the REMOTE_USER evironment is set, use it as the username.
        * This assumes that you have externally authenticated the user.
        */
       public function ad_authenticate($user = NULL, $username = '', $password = '') {
    
          $user_id = NULL;
    
          $this->_authenticated = false;
    
          // IMPORTANT!
          $username = strtolower($username);
    
          $this->_log(ADI_LOG_NOTICE,'username: '.$username);
          $this->_log(ADI_LOG_DEBUG,'password: '.$password);
    
          // Load options from WordPress-DB.
          $this->_load_options();
    
          // Log informations
          $this->_log(ADI_LOG_INFO,"Options for adLDAP connection:\n".
                     "- account_suffix: $this->_account_suffix\n".
                     "- base_dn: $this->_base_dn\n".
                     "- domain_controllers: $this->_domain_controllers\n".
                     "- ad_username: $this->_bind_user\n".
                     "- ad_password: $this->_bind_pwd\n".
                     "- ad_port: $this->_port\n".
                     "- use_tls: $this->_use_tls");
    
          // Connect to Active Directory
          try {
             $this->_adldap = @new adLDAP(array(
                      "account_suffix" => $this->_account_suffix,
                      "base_dn" => $this->_base_dn,
                      "domain_controllers" => explode(';', $this->_domain_controllers),
                      "ad_username" => $this->_bind_user,      // AD Bind User
                      "ad_password" => $this->_bind_pwd,       // password
                      "ad_port" => $this->_port,               // AD port
                      "use_tls" => $this->_use_tls             // secure?
                      ));
          } catch (Exception $e) {
              $this->_log(ADI_LOG_ERROR,'adLDAP exception: ' . $e->getMessage());
              return false;
          }
    
          $this->_log(ADI_LOG_NOTICE,'adLDAP object created.');
    
          // Check for maximum login attempts
          $this->_log(ADI_LOG_INFO,'max_login_attempts: '.$this->_max_login_attempts);
          if ($this->_max_login_attempts > 0) {
             $failed_logins = $this->_get_failed_logins_within_block_time($username);
             $this->_log(ADI_LOG_INFO,'users failed logins: '.$failed_logins);
             if ($failed_logins >= $this->_max_login_attempts) {
                $this->_authenticated = false;
    
                $this->_log(ADI_LOG_ERROR,'Authentication failed');
                $this->_log(ADI_LOG_ERROR,"Account '$username' blocked for $this->_block_time seconds");
    
                // e-mail notfications if user is blocked
                if ($this->_user_notification) {
                   $this->_notify_user($username);
                   $this->_log(ADI_LOG_NOTICE,"Notification send to user.");
                }
                if ($this->_admin_notification) {
                   $this->_notify_admin($username);
                   $this->_log(ADI_LOG_NOTICE,"Notification send to admin(s).");
                }
    
                // Show the blocking page to the user (only if we are not in debug/log mode)
                if ($this->_loglevel == ADI_LOG_NONE) {
                   $this->_display_blocking_page($username);
                }
                die(); // important !
             }
          }
    
          // This is where the action is.
          if ( $this->_adldap->authenticate($username, $password) )
          {
             $this->_log(ADI_LOG_NOTICE,'Authentication successfull');
             $this->_authenticated = true;
          }
    
          if ( $this->_authenticated == false )
          {
             $this->_log(ADI_LOG_ERROR,'Authentication failed');
             $this->_authenticated = false;
             $this->_store_failed_login($username);
             return false;
          }
    
          // Cleanup old database entries
          $this->_cleanup_failed_logins($username);
    
          // Check the authorization
          if ($this->_authorize_by_group) {
             if ($this->_check_authorization_by_group($username)) {
                $this->_authenticated = true;
             } else {
                $this->_authenticated = false;
                return false;
             }
          }
    
          $ad_username = $username;
    
          // should the account suffix be used for the new username?
          if ($this->_append_suffix_to_new_users) {
             $username .= $this->_account_suffix;
          }
    
          // Create new users automatically, if configured
          $user = get_userdatabylogin($username);
    
          if (!$user OR ($user->user_login != $username)) {
             $user_role = $this->_get_user_role_equiv($ad_username);
             if ($this->_auto_create_user || trim($user_role) != '' ) {
                   // create user
                   $userinfo = $this->_adldap->user_info($ad_username, array('sn', 'givenname', 'mail', 'displayName', 'description', 'cn'));
                   $userinfo = $userinfo[0];
                   $email = $userinfo['mail'][0];
                   $first_name = $userinfo['givenname'][0];
                   $last_name = $userinfo['sn'][0];
                   $display_name = $this->_get_display_name_from_AD($username, $userinfo);
                   $user_id = $this->_create_user($ad_username, $email, $first_name, $last_name, $display_name, $user_role);
             } else {
                // Bail out to avoid showing the login form
                $this->_log(ADI_LOG_ERROR,'This user exists in Active Directory, but has not been granted access to this installation of WordPress.');
                return new WP_Error('invalid_username', __('<strong>ERROR</strong>: This user exists in Active Directory, but has not been granted access to this installation of WordPress.'));
             }
          } else {
    
             //  update known users if configured
             if ($this->_auto_create_user AND $this->_auto_update_user) {
                // Update users role
                $user_role = $this->_get_user_role_equiv($ad_username);
                $userinfo = $this->_adldap->user_info($ad_username, array('sn', 'givenname', 'mail', 'displayName', 'description', 'cn'));
                $userinfo = $userinfo[0];
    
                $email = $userinfo['mail'][0];
                $first_name = $userinfo['givenname'][0];
                $last_name = $userinfo['sn'][0];
                $common_name = $userinfo['cn'][0];
                $display_name = $this->_get_display_name_from_AD($username, $userinfo);
                $user_id = $this->_update_user($ad_username, $email, $first_name, $last_name, $display_name, $user_role);
             }
          }
    
          // load user object
          if (!$user_id) {
             require_once(ABSPATH . WPINC . DIRECTORY_SEPARATOR .'registration.php');
             $user_id = username_exists($username);
             $this->_log(ADI_LOG_NOTICE,'user_id: '.$user_id);
          }
          $user = new WP_User($user_id);
    
          $this->_log(ADI_LOG_NOTICE,'FINISHED');
          return $user;
       }
    
       /*
        * Skip the password check, since we've externally authenticated.
        */
       public function override_password_check($check, $password, $hash, $user_id) {
          if ( $this->_authenticated == true )
          {
             return true;
          }
          else
          {
             return $check;
          }
       }
    
       /*
        * Generate a password for the user. This plugin does not
        * require the user to enter this value, but we want to set it
        * to something nonobvious.
        */
       public function generate_password($username, $password1, $password2) {
          $password1 = $password2 = $this->_get_password();
       }
    
       /*
        * Used to disable certain display elements, e.g. password
        * fields on profile screen.
        */
       public function disable_password_fields($show_password_fields) {
          return false;
       }
    
       /*
        * Used to disable certain login functions, e.g. retrieving a
        * user's password.
        */
       public function disable_function() {
          die('Disabled');
       }
    
       /**
        * Shows the contexual help on the options/admin screen.
        *
        * @param $help
        * @param $screen
        * @return string help message
        */
       public function contextual_help ($help, $screen) {
          if ($screen == 'settings_page_' . ADINTEGRATION_FOLDER . '/ad-integration'
                           || $screen == 'wpmu-admin_page_' . ADINTEGRATION_FOLDER . '/ad-integration') {
             $help .= '<h5>' . __('Active Directory Integration Help','ad-integration') . '</h5><div class="metabox-prefs">';
             $help .= '<a href="http://blog.ecw.de/wp-ad-integration">'.__ ('Overview','ad-integration').'</a><br/>';
             $help .= '<a href="http://wordpress.org/extend/plugins/active-directory-integration/faq/">'.__ ('FAQ', 'ad-integration').'</a><br/>';
             $help .= '<a href="http://wordpress.org/extend/plugins/active-directory-integration/changelog/">'.__ ('Changelog', 'ad-integration').'</a><br/>';
             $help .= '<a href="http://wordpress.org/tags/active-directory-integration">'.__ ('Support-Forum', 'ad-integration').'</a><br/>';
    
             $help .= '</div>';
          }
          return $help;
       }
    
       public function setLogLevel($level = 0) {
          $this->_loglevel = (int)$level;
       }
    
       public function disableDebug() {
          $this->debug = false;
       }
    
       /****************************************************************
        * STATIC FUNCTIONS
        ****************************************************************/
    
       /**
        * Determine global table prefix, usually "wp_".
        *
        * @return string table prefix
        */
       public static function global_db_prefix() {
          global $wpmu_version, $wpdb, $wpmuBaseTablePrefix;
    
          // define table prefix
          if ($wpmu_version != '') {
             return $wpmuBaseTablePrefix;
          } else {
             return $wpdb->prefix;
          }
       }
    
       /**
        * Adding the needed table to database and store the db version in the
        * options table on plugin activation.
        */
       public static function activate() {
          global $wpdb, $wpmu_version;
    
          //$table_name = $wpdb->prefix . ADIntegrationPlugin::TABLE_NAME;
          $table_name = ADIntegrationPlugin::global_db_prefix() . ADIntegrationPlugin::TABLE_NAME;
    
          if ($wpmu_version != '') {
             $db_version = get_site_option('AD_Integration_db_version');
          } else {
             $db_version = get_option('AD_Integration_db_version');
          }
    
          if (($wpdb->get_var("show tables like '$table_name'") != $table_name) OR ($db_version != ADIntegrationPlugin::DB_VERSION)) {
    
              $sql = 'CREATE TABLE ' . $table_name . ' (
                     id bigint(20) NOT NULL AUTO_INCREMENT,
                     user_login varchar(60),
                     failed_login_time bigint(11),
                     UNIQUE KEY id (id)
                  );';
    
             require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
                dbDelta($sql);
    
                // store db version in the options
                if ($wpmu_version != '') {
                   add_site_option('AD_Integration_db_version', ADIntegrationPlugin::DB_VERSION, 'Version of the table structure');
                } else {
                   add_option('AD_Integration_db_version', ADIntegrationPlugin::DB_VERSION, 'Version of the table structure');
                }
          }
       }
    
       /**
        * Delete the table from database and delete the db version from the
        * options table on plugin deactivation.
        */
       public static function deactivate() {
          global $wpdb, $wpmu_version;
    
          $table_name = ADIntegrationPlugin::global_db_prefix() . ADIntegrationPlugin::TABLE_NAME;
    
          // drop table
          $wpdb->query('DROP TABLE IF EXISTS '.$table_name);
    
          // delete option
          if ($wpmu_version != '') {
             delete_site_option('AD_Integration_db_version');
          } else {
             delete_option('AD_Integration_db_version');
          }
       }
    
       /**
        * removes the plugin options from options table.
        */
       public static function uninstall($echo=false) {
          foreach($this->_all_options as $option) {
             $delete_setting = delete_option($option['name']);
             if ($echo) {
                if($delete_setting) {
                   echo '<font color="green">';
                   printf(__('Setting Key \'%s\' has been deleted.', 'ad-integration'), "<strong><em>{$option['name']}</em></strong>");
                   echo '</font><br />';
                } else {
                   echo '<font color="red">';
                   printf(__('Error deleting Setting Key \'%s\'.', 'ad-integration'), "<strong><em>{$option['name']}</em></strong>");
                   echo '</font><br />';
                }
             }
          }
       }
    
       /*************************************************************
        * Functions
        *************************************************************/
    
       /**
        * Loads the options from WordPress-DB
        */
       protected function _load_options() {
          $this->_log(ADI_LOG_INFO,'loading options...');
          if (IS_WPMU) {
             $this->_auto_create_user          = (bool)get_site_option('AD_Integration_auto_create_user');
             $this->_auto_update_user          = (bool)get_site_option('AD_Integration_auto_update_user');
             $this->_account_suffix             = get_site_option('AD_Integration_account_suffix');
             $this->_append_suffix_to_new_users    = get_site_option('AD_Integration_append_suffix_to_new_users');
             $this->_domain_controllers          = get_site_option('AD_Integration_domain_controllers');
             $this->_base_dn                  = get_site_option('AD_Integration_base_dn');
             $this->_prefix_dn                  = get_site_option('AD_Integration_prefix_dn');
             $this->_bind_user                = get_site_option('AD_Integration_bind_user');
             $this->_bind_pwd                = get_site_option('AD_Integration_bind_pwd');
             $this->_port                   = get_site_option('AD_Integration_port');
             $this->_use_tls                = get_site_option('AD_Integration_use_tls');
             $this->_default_email_domain       = get_site_option('AD_Integration_default_email_domain');
             $this->_authorize_by_group          = (bool)get_site_option('AD_Integration_authorize_by_group');
             $this->_authorization_group       = get_site_option('AD_Integration_authorization_group');
             $this->_role_equivalent_groups       = get_site_option('AD_Integration_role_equivalent_groups');
             $this->_max_login_attempts          = (int)get_site_option('AD_Integration_max_login_attempts');
             $this->_block_time                = (int)get_site_option('AD_Integration_block_time');
             $this->_user_notification           = (bool)get_site_option('AD_Integration_user_notification');
             $this->_admin_notification         = (bool)get_site_option('AD_Integration_admin_notification');
             $this->_admin_email               = get_site_option('AD_Integration_admin_email');
             $this->_display_name            = get_site_option('AD_Integration_display_name');
             $this->_enable_password_change      = get_site_option('AD_Integration_enable_password_change');
             $this->_duplicate_email_prevention  = get_site_option('AD_Integration_duplicate_email_prevention');
          } else {
             $this->_auto_create_user          = (bool)get_option('AD_Integration_auto_create_user');
             $this->_auto_update_user          = (bool)get_option('AD_Integration_auto_update_user');
             $this->_account_suffix             = get_option('AD_Integration_account_suffix');
             $this->_append_suffix_to_new_users    = get_option('AD_Integration_append_suffix_to_new_users');
             $this->_domain_controllers          = get_option('AD_Integration_domain_controllers');
             $this->_base_dn                  = get_option('AD_Integration_base_dn');
             $this->_prefix_dn                  = get_option('AD_Integration_prefix_dn');
             $this->_bind_user                = get_option('AD_Integration_bind_user');
             $this->_bind_pwd                = get_option('AD_Integration_bind_pwd');
             $this->_port                   = get_option('AD_Integration_port');
             $this->_use_tls                = get_option('AD_Integration_use_tls');
             $this->_default_email_domain       = get_option('AD_Integration_default_email_domain');
             $this->_authorize_by_group          = (bool)get_option('AD_Integration_authorize_by_group');
             $this->_authorization_group       = get_option('AD_Integration_authorization_group');
             $this->_role_equivalent_groups       = get_option('AD_Integration_role_equivalent_groups');
             $this->_max_login_attempts          = (int)get_option('AD_Integration_max_login_attempts');
             $this->_block_time                = (int)get_option('AD_Integration_block_time');
             $this->_user_notification           = (bool)get_option('AD_Integration_user_notification');
             $this->_admin_notification         = (bool)get_option('AD_Integration_admin_notification');
             $this->_admin_email               = get_option('AD_Integration_admin_email');
             $this->_display_name            = get_option('AD_Integration_display_name');
             $this->_enable_password_change      = get_option('AD_Integration_enable_password_change');
             $this->_duplicate_email_prevention  = get_option('AD_Integration_duplicate_email_prevention');
          }
       }
    
       /**
        * Saves the options to the sitewide options store. This is only needed for WPMU.
        *
        * @param $arrPost the POST-Array with the new options
        * @return unknown_type
        */
       protected function _save_wpmu_options($arrPost) {
           if (IS_WPMU) {
             if ( !empty( $arrPost['AD_Integration_auto_create_user'] ) )
                 update_site_option('AD_Integration_auto_create_user', (bool)$arrPost['AD_Integration_auto_create_user']);
    
             if ( !empty( $arrPost['AD_Integration_auto_update_user'] ) )
                 update_site_option('AD_Integration_auto_update_user', (bool)$arrPost['AD_Integration_auto_update_user']);
    
             if ( !empty( $arrPost['AD_Integration_account_suffix'] ) )
                 update_site_option('AD_Integration_account_suffix', $arrPost['AD_Integration_account_suffix']);
    
             if ( !empty( $arrPost['AD_Integration_append_suffix_to_new_users'] ) )
                 update_site_option('AD_Integration_append_suffix_to_new_users', $arrPost['AD_Integration_append_suffix_to_new_users']);
    
             if ( !empty( $arrPost['AD_Integration_domain_controllers'] ) )
                 update_site_option('AD_Integration_domain_controllers', $arrPost['AD_Integration_domain_controllers']);
    
             if ( !empty( $arrPost['AD_Integration_base_dn'] ) )
                 update_site_option('AD_Integration_base_dn', $arrPost['AD_Integration_base_dn']);
    
             if ( !empty( $arrPost['AD_Integration_prefix_dn'] ) )
                 update_site_option('AD_Integration_prefix_dn', $arrPost['AD_Integration_prefix_dn']);
    
             if ( !empty( $arrPost['AD_Integration_bind_user'] ) )
                 update_site_option('AD_Integration_bind_user', $arrPost['AD_Integration_bind_user']);
    
             if ( !empty( $arrPost['AD_Integration_bind_pwd'] ) )
                 update_site_option('AD_Integration_bind_pwd', $arrPost['AD_Integration_bind_pwd']);
    
             if ( !empty( $arrPost['AD_Integration_port'] ) )
                 update_site_option('AD_Integration_port', $arrPost['AD_Integration_port']);
    
             if ( !empty( $arrPost['AD_Integration_use_tls'] ) )
                 update_site_option('AD_Integration_use_tls', $arrPost['AD_Integration_use_tls']);
    
             if ( !empty( $arrPost['AD_Integration_default_email_domain'] ) )
                 update_site_option('AD_Integration_default_email_domain', $arrPost['AD_Integration_default_email_domain']);
    
             if ( !empty( $arrPost['AD_Integration_authorize_by_group'] ) )
                 update_site_option('AD_Integration_authorize_by_group', (bool)$arrPost['AD_Integration_authorize_by_group']);
    
             if ( !empty( $arrPost['AD_Integration_authorization_group'] ) )
                 update_site_option('AD_Integration_authorization_group', $arrPost['AD_Integration_authorization_group']);
    
             if ( !empty( $arrPost['AD_Integration_role_equivalent_groups'] ) )
                 update_site_option('AD_Integration_role_equivalent_groups', $arrPost['AD_Integration_role_equivalent_groups']);
    
             if ( !empty( $arrPost['AD_Integration_max_login_attempts'] ) )
                 update_site_option('AD_Integration_max_login_attempts', (int)$arrPost['AD_Integration_max_login_attempts']);
    
             if ( !empty( $arrPost['AD_Integration_block_time'] ) )
                 update_site_option('AD_Integration_block_time', (int)$arrPost['AD_Integration_block_time']);
    
             if ( !empty( $arrPost['AD_Integration_user_notification'] ) )
                 update_site_option('AD_Integration_user_notification', (bool)$arrPost['AD_Integration_user_notification']);
    
             if ( !empty( $arrPost['AD_Integration_admin_notification'] ) )
                 update_site_option('AD_Integration_admin_notification', (bool)$arrPost['AD_Integration_admin_notification']);
    
             if ( !empty( $arrPost['AD_Integration_admin_email'] ) )
                 update_site_option('AD_Integration_admin_email', $arrPost['AD_Integration_admin_email']);
    
             if ( !empty( $arrPost['AD_Integration_display_name'] ) )
                 update_site_option('AD_Integration_display_name', $arrPost['AD_Integration_display_name']);
    
             if ( !empty( $arrPost['AD_Integration_enable_password_change'] ) )
                update_site_option('AD_Integration_enable_password_change', $arrPost['AD_Integration_enable_password_change']);
    
             // let's load the new values
             $this->_load_options();
          }
       }
    
       /**
        * Determine the display_name to be stored in WP database.
        * @param $username  the username used to login
        * @param $userinfo  the array with data returned from AD
        * @return string  display_name
        */
       protected function _get_display_name_from_AD($username, $userinfo) {
          if (($this->_display_name == '') OR ($this->_display_name == 'sAMAccountName')) {
             return $username;
          }
          $display_name = $userinfo[$this->_display_name][0];
          if ($display_name == '') {
             return $username;
          } else {
             return $display_name;
          }
       }
    
       /**
        * Stores the username and the current time in the db.
        *
        * @param $username
        * @return unknown_type
        */
       protected function _store_failed_login($username) {
          global $wpdb;
    
          $this->_log(ADI_LOG_WARN,'storing failed login for user "'.$username.'"');
          $table_name = ADIntegrationPlugin::global_db_prefix() . ADIntegrationPlugin::TABLE_NAME;
    
          $sql = "INSERT INTO $table_name (user_login, failed_login_time) VALUES ('" . $wpdb->escape($username)."'," . time() . ")";
          $result = $wpdb->query($sql);
    
       }
    
       /**
        * Determines the number of failed login attempts of specific user within a specific time from now to the past.
        *
        * @param $username
        * @param $seconds number of seconds
        * @return number of failed login attempts
        */
       protected function _get_failed_logins_within_block_time($username) {
          global $wpdb;
          $table_name = ADIntegrationPlugin::global_db_prefix() . ADIntegrationPlugin::TABLE_NAME;
          $time = time() - (int)$this->_block_time;
    
          $sql = "SELECT count(*) AS count from $table_name WHERE user_login = '".$wpdb->escape($username)."' AND failed_login_time >= $time";
          return $wpdb->get_var($sql);
       }
    
       /**
        * Deletes entries from store where the time of failed logins is more than the specified block time ago.
        * Deletes also all entries of a user, if its username is given .
        *
        * @param $username
        * @return
        */
       protected function _cleanup_failed_logins($username = NULL) {
          global $wpdb;
    
          $this->_log(ADI_LOG_NOTICE,'cleaning up failed logins for user "'.$username.'"');
          $table_name = ADIntegrationPlugin::global_db_prefix() . ADIntegrationPlugin::TABLE_NAME;
          $time = time() - $this->_block_time;
    
          $sql = "DELETE FROM $table_name WHERE failed_login_time < $time";
          if ($username != NULL) {
             $sql .= " OR user_login = '".$wpdb->escape($username)."'";
          }
    
          $results = $wpdb->query($sql);
       }
    
       /**
        * Get the rest of the time an account is blocked.
        *
        * @param $username
        * @return int seconds the account is blocked, or 0
        */
       protected function _get_rest_of_blocking_time($username) {
          global $wpdb;
    
          $table_name = ADIntegrationPlugin::global_db_prefix() . ADIntegrationPlugin::TABLE_NAME;
    
          $sql = "SELECT max(failed_login_time) FROM $table_name WHERE user_login = '".$wpdb->escape($username)."'";
          $max_time = $wpdb->get_var($sql);
    
          if ($max_time == NULL ) {
             return 0;
          }
          return ($max_time + $this->_block_time) - time();
    
       }
    
       /**
        * Generate a random password.
        *
        * @param int $length Length of the password
        * @return password as string
        */
       protected function _get_password($length = 10) {
          return substr(md5(uniqid(microtime())), 0, $length);
       }
    
       /**
        * Create a new WordPress account for the specified username.
        * @param $username
        * @param $email
        * @param $first_name
        * @param $last_name
        * @param $display_name
        * @param $role
        * @return integer user_id
        */
       protected function _create_user($username, $email, $first_name, $last_name, $display_name = '', $role = '')
       {
          global $wp_version;
    
          $password = $this->_get_password();
    
          if ( $email == '' )
          {
             if (trim($this->_default_email_domain) != '') {
                $email = $username . '@' . $this->_default_email_domain;
             } else {
                if (strpos($username, '@') !== false) {
                   $email = $username;
                }
             }
          }
    
          // append account suffix to new users?
          if ($this->_append_suffix_to_new_users) {
             $username .= $this->_account_suffix;
          }
    
          $this->_log(ADI_LOG_NOTICE,"Creating user '$username' with following data:\n".
                     "- email: $email\n".
                     "- first name: $first_name\n".
                     "- last name: $last_name\n".
                     "- display name: $display_name\n".
                     "- role: $role");
    
          require_once(ABSPATH . WPINC . DIRECTORY_SEPARATOR . 'registration.php');
    
          if ($this->_duplicate_email_prevention == ADI_DUPLICATE_EMAIL_ADDRESS_ALLOW) {
             if (!defined('WP_IMPORTING')) {
                define('WP_IMPORTING',true); // This is a dirty hack. See wp-includes/registration.php
             }
          }
    
          if ($this->_duplicate_email_prevention == ADI_DUPLICATE_EMAIL_ADDRESS_CREATE) {
             $new_email = $this->_create_non_duplicate_email($email);
             if ($new_email !== $email) {
                $this->_log(ADI_LOG_NOTICE, "Duplicate email address prevention: Email changed from $email to $new_email.");
             }
             $email = $new_email;
          }
    
          // Here we go!
          $return = wp_create_user($username, $password, $email);
    
          // log errors
          if (is_wp_error($return)) {
                $this->_log(ADI_LOG_ERROR, $return->get_error_message());
          }
    
          $user_id = username_exists($username);
          $this->_log(ADI_LOG_NOTICE,' - user_id: '.$user_id);
          if ( !$user_id ) {
             $this->_log(ADI_LOG_FATAL,'Error creating user.');
             die("Error creating user!");
          } else {
             if (version_compare($wp_version, '3', '>=')) {
                // WP 3.0 and above
                update_user_meta($user_id, 'first_name', $first_name);
                update_user_meta($user_id, 'last_name', $last_name);
             } else {
                // WP 2.x
                update_usermeta($user_id, 'first_name', $first_name);
                update_usermeta($user_id, 'last_name', $last_name);
             }
    
             // set display_name
             if ($display_name != '') {
                $return = wp_update_user(array('ID' => $user_id, 'display_name' => $display_name));
             }
    
             // set role
             if ( $role != '' )
             {
                $return = wp_update_user(array("ID" => $user_id, "role" => $role));
             }
          }
    
          return $user_id;
       }
    
       /**
        * Updates a specific WordPress user account
        *
        * @param $username
        * @param $email
        * @param $first_name
        * @param $last_name
        * @param $display_name
        * @param $role
        * @return integer user_id
        */
       protected function _update_user($username, $email, $first_name, $last_name, $display_name='', $role = '')
       {
          global $wp_version;
    
          if ( $email == '' )
          {
             if (trim($this->_default_email_domain) != '') {
                $email = $username . '@' . $this->_default_email_domain;
             } else {
                if (strpos($username, '@') !== false) {
                   $email = $username;
                }
             }
          }
    
          if ($this->_append_suffix_to_new_users) {
             $username .= $this->_account_suffix;
          }
    
          $this->_log(ADI_LOG_NOTICE,'Updating user "'.$username."\" with following data:\n".
                     "- email: $email\n".
                     "- first name: $first_name\n".
                     "- last name: $last_name\n".
                     "- display name: $display_name\n".
                     "- role: $role");
    
          require_once(ABSPATH . WPINC . DIRECTORY_SEPARATOR . 'registration.php');
    
          $user_id = username_exists($username);
          $this->_log(ADI_LOG_NOTICE,' - user_id: '.$user_id);
          if ( !$user_id ) {
             $this->_log(ADI_LOG_FATAL,'Error updating user.');
             die('Error updating user!');
          } else {
             if (version_compare($wp_version, '3', '>=')) {
                // WP 3.0 and above
                update_user_meta($user_id, 'first_name', $first_name);
                update_user_meta($user_id, 'last_name', $last_name);
             } else {
                // WP 2.x
                update_usermeta($user_id, 'first_name', $first_name);
                update_usermeta($user_id, 'last_name', $last_name);
             }
    
             // set display_name
             if ($display_name != '') {
                wp_update_user(array('ID' => $user_id, 'display_name' => $display_name));
             }
    
             // set role
             if ( $role != '' )
             {
                wp_update_user(array('ID' => $user_id, 'role' => $role));
             }
    
             // set email
             if ( $email != '' )
             {
                $return = wp_update_user(array('ID' => $user_id, 'user_email' => $email));
             }
          }
    
          // log errors
          if (isset($return)) {
             if (is_wp_error($return)) {
                   $this->_log(ADI_LOG_ERROR, $return->get_error_message());
             }
          }
    
          return $user_id;
       }
    
       /**
        * Returns the given email address or a newly created so no 2 users
        * can have the same email address.
        *
        * @param $email original email address
        * @return unique email address
        */
       protected function _create_non_duplicate_email($email)
       {
          if (!email_exists($email)) {
             return $email;
          }
    
          // Ok, lets create a new email address that does not already exists in the database
          $arrEmailParts = split('@',$email);
          $counter = 1;
          $ok = false;
          while ($ok !== true) {
             $email = $arrEmailParts[0].$counter.'@'.$arrEmailParts[1];
             $ok = !email_exists($email);
             $counter++;
          }
          return $email;
       }
    
       /**
        * Checks if the user is member of the group(s) allowed to login
        *
        * @param $username
        * @return boolean
        */
       protected function _check_authorization_by_group($username) {
          if ($this->_authorize_by_group) {
             $authorization_groups = explode(';', $this->_authorization_group);
             foreach ($authorization_groups as $authorization_group) {
                if ($this->_adldap->user_ingroup($username, $authorization_group, true)) {
                   $this->_log(ADI_LOG_NOTICE,'Authorized by membership of group "'.$authorization_group.'"');
                   return true;
                }
             }
             $this->_log(ADI_LOG_WARN,'Authorization by group failed. User is not authorized.');
             return false;
          } else {
             return true;
          }
       }
    
       /**
        * Get the first matching role from the list of role equivalent groups the user belongs to.
        *
        * @param $ad_username
        * @return string matching role
        */
       protected function _get_user_role_equiv($ad_username) {
    
          $role_equiv_groups = explode(';', $this->_role_equivalent_groups);
    
          $user_role = '';
          foreach ($role_equiv_groups as $whatever => $role_group)
          {
                $role_group = explode('=', $role_group);
                if ( count($role_group) != 2 )
                {
                   continue;
                }
                $ad_group = $role_group[0];
    
                $corresponding_role = $role_group[1];
                if ( $this->_adldap->user_ingroup($ad_username, $ad_group, true ) )
                {
                   $user_role = $corresponding_role;
                   break;
                }
          }
          $this->_log(ADI_LOG_INFO,'user role: '.$user_role);
          return $user_role;
       }
    
       /**
        * Send an email to the user who's account is blocked
        *
        * @param $username string
        * @return unknown_type
        */
       protected function _notify_user($username)
       {
          // if auto creation is enabled look for the user in AD
          if ($this->_auto_create_user) {
    
             $userinfo = $this->_adldap->user_info($username, array("sn", "givenname", "mail"));
             if ($userinfo) {
                $userinfo = $userinfo[0];
                $email = $userinfo['mail'][0];
                $first_name = $userinfo['givenname'][0];
                $last_name = $userinfo['sn'][0];
             } else {
                return false;
             }
          } else {
             // auto creation is disabled, so look for the user in local database
             require_once(ABSPATH . WPINC . DIRECTORY_SEPARATOR . 'registration.php');
             $user_id = username_exists($username);
             if ($user_id) {
                $user_info = get_userdata($user_id);
                $last_name = $user_info->last_name;
                $first_name = $user_info->first_name;
                $email = $user_info->user_email;
             } else {
                return false;
             }
          }
    
          // do we have a correct email address?
          if (is_email($email)) {
             $blog_url = get_bloginfo('url');
             $blog_name = get_bloginfo('name');
             $blog_domain = preg_replace ('/^(http:\/\/)(.+)\/.*$/i','$2', $blog_url);
    
             $subject = '['.$blog_name.'] '.__('Account blocked','ad-integration');
             $body = sprintf(__('Someone tried to login to %s (%s) with your username (%s) - but in vain. For security reasons your account is now blocked for %d seconds.','ad-integration'), $blog_name, $blog_url, $username, $this->_block_time);
             $body .= "\n\r";
             $body .= __('THIS IS A SYSTEM GENERATED E-MAIL, PLEASE DO NOT RESPOND TO THE E-MAIL ADDRESS SPECIFIED ABOVE.','ad-integration');
    
             $header = 'From: "WordPress" <wordpress@'.$blog_domain.">\r\n";
             return wp_mail($email, $subject, $body, $header);
          } else {
             return false;
          }
       }
    
       /**
        * Notify administrator(s) by e-mail if an account is blocked
        *
        * @param $username username of the blocked account
        * @return boolean false if no e-mail is sent, true on success
        */
       protected function _notify_admin($username)
       {
          $arrEmail = array(); // list of recipients
    
          if ($this->_admin_notification) {
             $email = $this->_admin_email;
    
             // Should we use Blog-Administrator's e-mail
             if (trim($email) == '') {
                // Is this an e-mail address?
                if (is_email($email)) {
                   $arrEmail[0] = trim(get_bloginfo('admin_email '));
                }
             } else {
                // Using own list of notification recipients
                $arrEmail = explode(";",$email);
    
                // remove wrong e-mail addresses from array
                for ($x=0; $x < count($arrEmail); $x++) {
                   $arrEmail[$x] = trim($arrEmail[$x]); // remove possible whitespaces
                   if (!is_email($arrEmail[$x])) {
                      unset($arrEmail[$x]);
                   }
                }
    
             }
    
             // Do we have valid e-mail addresses?
             if (count($arrEmail) > 0) {
    
                if ($this->_auto_create_user) {
    
                   // auto creation is enabled, so look for the user in AD
                   $userinfo = $this->_adldap->user_info($username, array("sn", "givenname", "mail"));
                   if ($userinfo) {
                      $userinfo = $userinfo[0];
                      $first_name = $userinfo['givenname'][0];
                      $last_name = $userinfo['sn'][0];
                   } else {
                      return false;
                   }
                } else {
    
                   // auto creation is disabled, so look for the user in local database
                   require_once(ABSPATH . WPINC . DIRECTORY_SEPARATOR . 'registration.php');
                   $user_id = username_exists($username);
                   if ($user_id) {
                      $user_info = get_userdata($user_id);
                      $last_name = $user_info->last_name;
                      $first_name = $user_info->first_name;
                   } else {
                      return false;
                   }
                }
    
                $blog_url = get_bloginfo('url');
                $blog_name = get_bloginfo('name');
                $blog_domain = preg_replace ('/^(http:\/\/)(.+)\/.*$/i','$2', $blog_url);
    
                $subject = '['.$blog_name.'] '.__('Account blocked','ad-integration');
                $body = sprintf(__('Someone tried to login to %s (%s) with the username "%s" (%s %s) - but in vain. For security reasons this account is now blocked for %d seconds.','ad-integration'), $blog_name, $blog_url, $username, $first_name, $last_name, $this->_block_time);
                $body .= "\n\r";
                $body .= sprintf(__('The login attempt was made from IP-Address: %s','ad-integration'), $_SERVER['REMOTE_ADDR']);
                $body .= "\n\r";
                $body .= __('THIS IS A SYSTEM GENERATED E-MAIL, PLEASE DO NOT RESPOND TO THE E-MAIL ADDRESS SPECIFIED ABOVE.','ad-integration');
                $header = 'From: "WordPress" <wordpress@'.$blog_domain.">\r\n";
    
                // send e-mails
                $blnSuccess = true;
                foreach($arrEmail AS $email)  {
                   $blnSuccess = ($blnSuccess AND wp_mail($email, $subject, $body, $header));
                }
                return $blnSuccess;
    
             } else {
                return false;
             }
          } else {
             return false;
          }
    
          return true;
       }
    
       /**
        * Output debug informations
        *
        * @param integer level
        * @param string $notice
        */
       protected function _log($level = 0, $info = '') {
          if ($level <= $this->_loglevel) {
             echo '[' .$level . '] '.$info."\n\r";
          }
       }
    
       /**
        * Show a blocking page for blocked accounts.
        *
        * @param $username
        */
       protected function _display_blocking_page($username) {
          $seconds = $this->_get_rest_of_blocking_time($username);
    
                ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml" <?php language_attributes(); ?>>
    <head>
       <title><?php bloginfo('name'); ?> &rsaquo; <?php echo $title; ?></title>
       <meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php bloginfo('charset'); ?>" />
       <script type="text/javascript">
       var seconds = <?php echo $seconds;?>;
       function setTimer()   {
          var aktiv = window.setInterval("countdown()", 1000);
       }
    
       function countdown() {
          seconds = seconds - 1;
          if (seconds > 0) {
             document.getElementById('secondsleft').innerHTML = seconds;
          } else {
             window.location.hre
Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘HTTP 500 Error’ is closed to new replies.