phpBB

Code Changes

File: phpbb/auth/provider/ldap.php

  Unmodified   Added   Modified   Removed
Line 40Line 40
	/**
* LDAP Authentication Constructor
*

	/**
* LDAP Authentication Constructor
*

 
	 * @param	config				$config		Config object

	 * @param	driver_interface	$db			DBAL driver interface

	 * @param	driver_interface	$db			DBAL driver interface

	 * @param	config				$config		Config object

 
	 * @param	language			$language	Language object
* @param user $user User object
*/

	 * @param	language			$language	Language object
* @param user $user User object
*/

Line 83Line 83

if ($this->config['ldap_user'] || $this->config['ldap_password'])
{


if ($this->config['ldap_user'] || $this->config['ldap_password'])
{

			if (!@ldap_bind($ldap, htmlspecialchars_decode($this->config['ldap_user']), htmlspecialchars_decode($this->config['ldap_password'])))

			if (!@ldap_bind($ldap, html_entity_decode($this->config['ldap_user'], ENT_COMPAT), html_entity_decode($this->config['ldap_password'], ENT_COMPAT)))

			{
return $this->language->lang('LDAP_INCORRECT_USER_PASSWORD');
}

			{
return $this->language->lang('LDAP_INCORRECT_USER_PASSWORD');
}

Line 92Line 92
		// ldap_connect only checks whether the specified server is valid, so the connection might still fail
$search = @ldap_search(
$ldap,

		// ldap_connect only checks whether the specified server is valid, so the connection might still fail
$search = @ldap_search(
$ldap,

			htmlspecialchars_decode($this->config['ldap_base_dn']),

			html_entity_decode($this->config['ldap_base_dn'], ENT_COMPAT),

			$this->ldap_user_filter($this->user->data['username']),
(empty($this->config['ldap_email'])) ?

			$this->ldap_user_filter($this->user->data['username']),
(empty($this->config['ldap_email'])) ?

				array(htmlspecialchars_decode($this->config['ldap_uid'])) :
array(htmlspecialchars_decode($this->config['ldap_uid']), htmlspecialchars_decode($this->config['ldap_email'])),

				array(html_entity_decode($this->config['ldap_uid'], ENT_COMPAT)) :
array(html_entity_decode($this->config['ldap_uid'], ENT_COMPAT), html_entity_decode($this->config['ldap_email'], ENT_COMPAT)),

			0,
1
);

			0,
1
);

Line 115Line 115
			return $this->language->lang('LDAP_NO_IDENTITY', $this->user->data['username']);
}


			return $this->language->lang('LDAP_NO_IDENTITY', $this->user->data['username']);
}


		if (!empty($this->config['ldap_email']) && !isset($result[0][htmlspecialchars_decode($this->config['ldap_email'])]))

		if (!empty($this->config['ldap_email']) && !isset($result[0][html_entity_decode($this->config['ldap_email'])]))

		{
return $this->language->lang('LDAP_NO_EMAIL');
}

		{
return $this->language->lang('LDAP_NO_EMAIL');
}

Line 180Line 180

if ($this->config['ldap_user'] || $this->config['ldap_password'])
{


if ($this->config['ldap_user'] || $this->config['ldap_password'])
{

			if (!@ldap_bind($ldap, htmlspecialchars_decode($this->config['ldap_user']), htmlspecialchars_decode($this->config['ldap_password'])))

			if (!@ldap_bind($ldap, html_entity_decode($this->config['ldap_user'], ENT_COMPAT), html_entity_decode($this->config['ldap_password'], ENT_COMPAT)))

			{
return array(
'status' => LOGIN_ERROR_EXTERNAL_AUTH,

			{
return array(
'status' => LOGIN_ERROR_EXTERNAL_AUTH,

Line 192Line 192

$search = @ldap_search(
$ldap,


$search = @ldap_search(
$ldap,

			htmlspecialchars_decode($this->config['ldap_base_dn']),

			html_entity_decode($this->config['ldap_base_dn'], ENT_COMPAT),

			$this->ldap_user_filter($username),
(empty($this->config['ldap_email'])) ?

			$this->ldap_user_filter($username),
(empty($this->config['ldap_email'])) ?

				array(htmlspecialchars_decode($this->config['ldap_uid'])) :
array(htmlspecialchars_decode($this->config['ldap_uid']), htmlspecialchars_decode($this->config['ldap_email'])),

				array(html_entity_decode($this->config['ldap_uid'], ENT_COMPAT)) :
array(html_entity_decode($this->config['ldap_uid'], ENT_COMPAT), html_entity_decode($this->config['ldap_email'], ENT_COMPAT)),

			0,
1
);

			0,
1
);

Line 205Line 205

if (is_array($ldap_result) && count($ldap_result) > 1)
{


if (is_array($ldap_result) && count($ldap_result) > 1)
{

			if (@ldap_bind($ldap, $ldap_result[0]['dn'], htmlspecialchars_decode($password)))

			if (@ldap_bind($ldap, $ldap_result[0]['dn'], html_entity_decode($password, ENT_COMPAT)))

			{
@ldap_close($ldap);


			{
@ldap_close($ldap);


Line 257Line 257
					$ldap_user_row = array(
'username' => $username,
'user_password' => '',

					$ldap_user_row = array(
'username' => $username,
'user_password' => '',

						'user_email'	=> (!empty($this->config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($this->config['ldap_email'])][0]) : '',

						'user_email'	=> (!empty($this->config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][html_entity_decode($this->config['ldap_email'], ENT_COMPAT)][0]) : '',

						'group_id'		=> (int) $row['group_id'],
'user_type' => USER_NORMAL,
'user_ip' => $this->user->ip,

						'group_id'		=> (int) $row['group_id'],
'user_type' => USER_NORMAL,
'user_ip' => $this->user->ip,

Line 337Line 337
	 */
private function ldap_user_filter($username)
{

	 */
private function ldap_user_filter($username)
{

		$filter = '(' . $this->config['ldap_uid'] . '=' . $this->ldap_escape(htmlspecialchars_decode($username)) . ')';

		$filter = '(' . $this->config['ldap_uid'] . '=' . $this->ldap_escape(html_entity_decode($username, ENT_COMPAT)) . ')';

		if ($this->config['ldap_user_filter'])
{
$_filter = ($this->config['ldap_user_filter'][0] == '(' && substr($this->config['ldap_user_filter'], -1) == ')') ? $this->config['ldap_user_filter'] : "({$this->config['ldap_user_filter']})";

		if ($this->config['ldap_user_filter'])
{
$_filter = ($this->config['ldap_user_filter'][0] == '(' && substr($this->config['ldap_user_filter'], -1) == ')') ? $this->config['ldap_user_filter'] : "({$this->config['ldap_user_filter']})";