phpBB

Code Changes

File: includes/auth/auth_ldap.php

  Unmodified   Added   Modified   Removed
Line 63Line 63
	// ldap_connect only checks whether the specified server is valid, so the connection might still fail
$search = @ldap_search(
$ldap,

	// ldap_connect only checks whether the specified server is valid, so the connection might still fail
$search = @ldap_search(
$ldap,

		$config['ldap_base_dn'],

		htmlspecialchars_decode($config['ldap_base_dn']),

		ldap_user_filter($user->data['username']),

		ldap_user_filter($user->data['username']),

		(empty($config['ldap_email'])) ? array($config['ldap_uid']) : array($config['ldap_uid'], $config['ldap_email']),



		(empty($config['ldap_email'])) ?
array(htmlspecialchars_decode($config['ldap_uid'])) :
array(htmlspecialchars_decode($config['ldap_uid']), htmlspecialchars_decode($config['ldap_email'])),

		0,
1
);

if ($search === false)
{

		0,
1
);

if ($search === false)
{

		return $user->lang['LDAP_NO_SERVER_CONNECTION'];

		return $user->lang['LDAP_SEARCH_FAILED'];

	}

$result = @ldap_get_entries($ldap, $search);

	}

$result = @ldap_get_entries($ldap, $search);

Line 85Line 87
		return sprintf($user->lang['LDAP_NO_IDENTITY'], $user->data['username']);
}


		return sprintf($user->lang['LDAP_NO_IDENTITY'], $user->data['username']);
}


	if (!empty($config['ldap_email']) && !isset($result[0][$config['ldap_email']]))

	if (!empty($config['ldap_email']) && !isset($result[0][htmlspecialchars_decode($config['ldap_email'])]))

	{
return $user->lang['LDAP_NO_EMAIL'];
}

	{
return $user->lang['LDAP_NO_EMAIL'];
}

Line 104Line 106
	if (!$password)
{
return array(

	if (!$password)
{
return array(

			'status'	=> LOGIN_BREAK,

			'status'	=> LOGIN_ERROR_PASSWORD,

			'error_msg'	=> 'NO_PASSWORD_SUPPLIED',

			'error_msg'	=> 'NO_PASSWORD_SUPPLIED',

 
			'user_row'	=> array('user_id' => ANONYMOUS),
);
}

if (!$username)
{
return array(
'status' => LOGIN_ERROR_USERNAME,
'error_msg' => 'LOGIN_ERROR_USERNAME',
'user_row' => array('user_id' => ANONYMOUS),

		);
}


		);
}


Line 142Line 154

if ($config['ldap_user'] || $config['ldap_password'])
{


if ($config['ldap_user'] || $config['ldap_password'])
{

		if (!@ldap_bind($ldap, $config['ldap_user'], htmlspecialchars_decode($config['ldap_password'])))

		if (!@ldap_bind($ldap, htmlspecialchars_decode($config['ldap_user']), htmlspecialchars_decode($config['ldap_password'])))

		{

		{

			return $user->lang['LDAP_NO_SERVER_CONNECTION'];





			return array(
'status' => LOGIN_ERROR_EXTERNAL_AUTH,
'error_msg' => 'LDAP_NO_SERVER_CONNECTION',
'user_row' => array('user_id' => ANONYMOUS),
);

		}
}

$search = @ldap_search(
$ldap,

		}
}

$search = @ldap_search(
$ldap,

		$config['ldap_base_dn'],

		htmlspecialchars_decode($config['ldap_base_dn']),

		ldap_user_filter($username),

		ldap_user_filter($username),

		(empty($config['ldap_email'])) ? array($config['ldap_uid']) : array($config['ldap_uid'], $config['ldap_email']),



		(empty($config['ldap_email'])) ?
array(htmlspecialchars_decode($config['ldap_uid'])) :
array(htmlspecialchars_decode($config['ldap_uid']), htmlspecialchars_decode($config['ldap_email'])),

		0,
1
);

		0,
1
);

Line 213Line 231
				$ldap_user_row = array(
'username' => $username,
'user_password' => phpbb_hash($password),

				$ldap_user_row = array(
'username' => $username,
'user_password' => phpbb_hash($password),

					'user_email'	=> (!empty($config['ldap_email'])) ? $ldap_result[0][$config['ldap_email']][0] : '',

					'user_email'	=> (!empty($config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($config['ldap_email'])][0]) : '',

					'group_id'		=> (int) $row['group_id'],
'user_type' => USER_NORMAL,
'user_ip' => $user->ip,

					'group_id'		=> (int) $row['group_id'],
'user_type' => USER_NORMAL,
'user_ip' => $user->ip,

 
					'user_new'		=> ($config['new_member_post_limit']) ? 1 : 0,

				);

unset($ldap_result);

				);

unset($ldap_result);

Line 263Line 282
{
global $config;


{
global $config;


	$filter = '(' . $config['ldap_uid'] . '=' . ldap_escape(htmlspecialchars_decode($username)) . ')';

	$filter = '(' . $config['ldap_uid'] . '=' . phpbb_ldap_escape(htmlspecialchars_decode($username)) . ')';

	if ($config['ldap_user_filter'])
{

	if ($config['ldap_user_filter'])
{

		$filter = "(&$filter({$config['ldap_user_filter']}))";


		$_filter = ($config['ldap_user_filter'][0] == '(' && substr($config['ldap_user_filter'], -1) == ')') ? $config['ldap_user_filter'] : "({$config['ldap_user_filter']})";
$filter = "(&{$filter}{$_filter})";

	}
return $filter;
}

	}
return $filter;
}

Line 274Line 294
/**
* Escapes an LDAP AttributeValue
*/

/**
* Escapes an LDAP AttributeValue
*/

function ldap_escape($string)

function phpbb_ldap_escape($string)

{
return str_replace(array('*', '\\', '(', ')'), array('\\*', '\\\\', '\\(', '\\)'), $string);
}

{
return str_replace(array('*', '\\', '(', ')'), array('\\*', '\\\\', '\\(', '\\)'), $string);
}

Line 319Line 339
	</dl>
<dl>
<dt><label for="ldap_password">' . $user->lang['LDAP_PASSWORD'] . ':</label><br /><span>' . $user->lang['LDAP_PASSWORD_EXPLAIN'] . '</span></dt>

	</dl>
<dl>
<dt><label for="ldap_password">' . $user->lang['LDAP_PASSWORD'] . ':</label><br /><span>' . $user->lang['LDAP_PASSWORD_EXPLAIN'] . '</span></dt>

		<dd><input type="password" id="ldap_password" size="40" name="config[ldap_password]" value="' . $new['ldap_password'] . '" /></dd>

		<dd><input type="password" id="ldap_password" size="40" name="config[ldap_password]" value="' . $new['ldap_password'] . '" autocomplete="off" /></dd>

	</dl>
';


	</dl>
';