Line 63 | Line 63 |
---|
// ldap_connect only checks whether the specified server is valid, so the connection might still fail $search = @ldap_search( $ldap,
|
// ldap_connect only checks whether the specified server is valid, so the connection might still fail $search = @ldap_search( $ldap,
|
$config['ldap_base_dn'],
| htmlspecialchars_decode($config['ldap_base_dn']),
|
ldap_user_filter($user->data['username']),
|
ldap_user_filter($user->data['username']),
|
(empty($config['ldap_email'])) ? array($config['ldap_uid']) : array($config['ldap_uid'], $config['ldap_email']),
| (empty($config['ldap_email'])) ? array(htmlspecialchars_decode($config['ldap_uid'])) : array(htmlspecialchars_decode($config['ldap_uid']), htmlspecialchars_decode($config['ldap_email'])),
|
0, 1 );
if ($search === false) {
|
0, 1 );
if ($search === false) {
|
return $user->lang['LDAP_NO_SERVER_CONNECTION'];
| return $user->lang['LDAP_SEARCH_FAILED'];
|
}
$result = @ldap_get_entries($ldap, $search);
| }
$result = @ldap_get_entries($ldap, $search);
|
Line 85 | Line 87 |
---|
return sprintf($user->lang['LDAP_NO_IDENTITY'], $user->data['username']); }
|
return sprintf($user->lang['LDAP_NO_IDENTITY'], $user->data['username']); }
|
if (!empty($config['ldap_email']) && !isset($result[0][$config['ldap_email']]))
| if (!empty($config['ldap_email']) && !isset($result[0][htmlspecialchars_decode($config['ldap_email'])]))
|
{ return $user->lang['LDAP_NO_EMAIL']; }
| { return $user->lang['LDAP_NO_EMAIL']; }
|
Line 152 | Line 154 |
---|
if ($config['ldap_user'] || $config['ldap_password']) {
|
if ($config['ldap_user'] || $config['ldap_password']) {
|
if (!@ldap_bind($ldap, $config['ldap_user'], htmlspecialchars_decode($config['ldap_password'])))
| if (!@ldap_bind($ldap, htmlspecialchars_decode($config['ldap_user']), htmlspecialchars_decode($config['ldap_password'])))
|
{
|
{
|
return $user->lang['LDAP_NO_SERVER_CONNECTION'];
| return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH, 'error_msg' => 'LDAP_NO_SERVER_CONNECTION', 'user_row' => array('user_id' => ANONYMOUS), );
|
} }
$search = @ldap_search( $ldap,
|
} }
$search = @ldap_search( $ldap,
|
$config['ldap_base_dn'],
| htmlspecialchars_decode($config['ldap_base_dn']),
|
ldap_user_filter($username),
|
ldap_user_filter($username),
|
(empty($config['ldap_email'])) ? array($config['ldap_uid']) : array($config['ldap_uid'], $config['ldap_email']),
| (empty($config['ldap_email'])) ? array(htmlspecialchars_decode($config['ldap_uid'])) : array(htmlspecialchars_decode($config['ldap_uid']), htmlspecialchars_decode($config['ldap_email'])),
|
0, 1 );
| 0, 1 );
|
Line 223 | Line 231 |
---|
$ldap_user_row = array( 'username' => $username, 'user_password' => phpbb_hash($password),
|
$ldap_user_row = array( 'username' => $username, 'user_password' => phpbb_hash($password),
|
'user_email' => (!empty($config['ldap_email'])) ? $ldap_result[0][$config['ldap_email']][0] : '',
| 'user_email' => (!empty($config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($config['ldap_email'])][0]) : '',
|
'group_id' => (int) $row['group_id'], 'user_type' => USER_NORMAL, 'user_ip' => $user->ip,
|
'group_id' => (int) $row['group_id'], 'user_type' => USER_NORMAL, 'user_ip' => $user->ip,
|
| 'user_new' => ($config['new_member_post_limit']) ? 1 : 0,
|
);
unset($ldap_result);
| );
unset($ldap_result);
|
Line 273 | Line 282 |
---|
{ global $config;
|
{ global $config;
|
$filter = '(' . $config['ldap_uid'] . '=' . ldap_escape(htmlspecialchars_decode($username)) . ')';
| $filter = '(' . $config['ldap_uid'] . '=' . phpbb_ldap_escape(htmlspecialchars_decode($username)) . ')';
|
if ($config['ldap_user_filter']) {
|
if ($config['ldap_user_filter']) {
|
$filter = "(&$filter({$config['ldap_user_filter']}))";
| $_filter = ($config['ldap_user_filter'][0] == '(' && substr($config['ldap_user_filter'], -1) == ')') ? $config['ldap_user_filter'] : "({$config['ldap_user_filter']})"; $filter = "(&{$filter}{$_filter})";
|
} return $filter; }
| } return $filter; }
|
Line 284 | Line 294 |
---|
/** * Escapes an LDAP AttributeValue */
|
/** * Escapes an LDAP AttributeValue */
|
function ldap_escape($string)
| function phpbb_ldap_escape($string)
|
{ return str_replace(array('*', '\\', '(', ')'), array('\\*', '\\\\', '\\(', '\\)'), $string); }
| { return str_replace(array('*', '\\', '(', ')'), array('\\*', '\\\\', '\\(', '\\)'), $string); }
|
Line 329 | Line 339 |
---|
</dl> <dl> <dt><label for="ldap_password">' . $user->lang['LDAP_PASSWORD'] . ':</label><br /><span>' . $user->lang['LDAP_PASSWORD_EXPLAIN'] . '</span></dt>
|
</dl> <dl> <dt><label for="ldap_password">' . $user->lang['LDAP_PASSWORD'] . ':</label><br /><span>' . $user->lang['LDAP_PASSWORD_EXPLAIN'] . '</span></dt>
|
<dd><input type="password" id="ldap_password" size="40" name="config[ldap_password]" value="' . $new['ldap_password'] . '" /></dd>
| <dd><input type="password" id="ldap_password" size="40" name="config[ldap_password]" value="' . $new['ldap_password'] . '" autocomplete="off" /></dd>
|
</dl> ';
| </dl> ';
|