Line 40 | Line 40 |
---|
/** * LDAP Authentication Constructor *
|
/** * LDAP Authentication Constructor *
|
| * @param config $config Config object
|
* @param driver_interface $db DBAL driver interface
|
* @param driver_interface $db DBAL driver interface
|
* @param config $config Config object
| |
* @param language $language Language object * @param user $user User object */
| * @param language $language Language object * @param user $user User object */
|
Line 83 | Line 83 |
---|
if ($this->config['ldap_user'] || $this->config['ldap_password']) {
|
if ($this->config['ldap_user'] || $this->config['ldap_password']) {
|
if (!@ldap_bind($ldap, htmlspecialchars_decode($this->config['ldap_user']), htmlspecialchars_decode($this->config['ldap_password'])))
| if (!@ldap_bind($ldap, html_entity_decode($this->config['ldap_user'], ENT_COMPAT), html_entity_decode($this->config['ldap_password'], ENT_COMPAT)))
|
{ return $this->language->lang('LDAP_INCORRECT_USER_PASSWORD'); }
| { return $this->language->lang('LDAP_INCORRECT_USER_PASSWORD'); }
|
Line 92 | Line 92 |
---|
// ldap_connect only checks whether the specified server is valid, so the connection might still fail $search = @ldap_search( $ldap,
|
// ldap_connect only checks whether the specified server is valid, so the connection might still fail $search = @ldap_search( $ldap,
|
htmlspecialchars_decode($this->config['ldap_base_dn']),
| html_entity_decode($this->config['ldap_base_dn'], ENT_COMPAT),
|
$this->ldap_user_filter($this->user->data['username']), (empty($this->config['ldap_email'])) ?
|
$this->ldap_user_filter($this->user->data['username']), (empty($this->config['ldap_email'])) ?
|
array(htmlspecialchars_decode($this->config['ldap_uid'])) : array(htmlspecialchars_decode($this->config['ldap_uid']), htmlspecialchars_decode($this->config['ldap_email'])),
| array(html_entity_decode($this->config['ldap_uid'], ENT_COMPAT)) : array(html_entity_decode($this->config['ldap_uid'], ENT_COMPAT), html_entity_decode($this->config['ldap_email'], ENT_COMPAT)),
|
0, 1 );
| 0, 1 );
|
Line 115 | Line 115 |
---|
return $this->language->lang('LDAP_NO_IDENTITY', $this->user->data['username']); }
|
return $this->language->lang('LDAP_NO_IDENTITY', $this->user->data['username']); }
|
if (!empty($this->config['ldap_email']) && !isset($result[0][htmlspecialchars_decode($this->config['ldap_email'])]))
| if (!empty($this->config['ldap_email']) && !isset($result[0][html_entity_decode($this->config['ldap_email'])]))
|
{ return $this->language->lang('LDAP_NO_EMAIL'); }
| { return $this->language->lang('LDAP_NO_EMAIL'); }
|
Line 180 | Line 180 |
---|
if ($this->config['ldap_user'] || $this->config['ldap_password']) {
|
if ($this->config['ldap_user'] || $this->config['ldap_password']) {
|
if (!@ldap_bind($ldap, htmlspecialchars_decode($this->config['ldap_user']), htmlspecialchars_decode($this->config['ldap_password'])))
| if (!@ldap_bind($ldap, html_entity_decode($this->config['ldap_user'], ENT_COMPAT), html_entity_decode($this->config['ldap_password'], ENT_COMPAT)))
|
{ return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH,
| { return array( 'status' => LOGIN_ERROR_EXTERNAL_AUTH,
|
Line 192 | Line 192 |
---|
$search = @ldap_search( $ldap,
|
$search = @ldap_search( $ldap,
|
htmlspecialchars_decode($this->config['ldap_base_dn']),
| html_entity_decode($this->config['ldap_base_dn'], ENT_COMPAT),
|
$this->ldap_user_filter($username), (empty($this->config['ldap_email'])) ?
|
$this->ldap_user_filter($username), (empty($this->config['ldap_email'])) ?
|
array(htmlspecialchars_decode($this->config['ldap_uid'])) : array(htmlspecialchars_decode($this->config['ldap_uid']), htmlspecialchars_decode($this->config['ldap_email'])),
| array(html_entity_decode($this->config['ldap_uid'], ENT_COMPAT)) : array(html_entity_decode($this->config['ldap_uid'], ENT_COMPAT), html_entity_decode($this->config['ldap_email'], ENT_COMPAT)),
|
0, 1 );
| 0, 1 );
|
Line 205 | Line 205 |
---|
if (is_array($ldap_result) && count($ldap_result) > 1) {
|
if (is_array($ldap_result) && count($ldap_result) > 1) {
|
if (@ldap_bind($ldap, $ldap_result[0]['dn'], htmlspecialchars_decode($password)))
| if (@ldap_bind($ldap, $ldap_result[0]['dn'], html_entity_decode($password, ENT_COMPAT)))
|
{ @ldap_close($ldap);
| { @ldap_close($ldap);
|
Line 257 | Line 257 |
---|
$ldap_user_row = array( 'username' => $username, 'user_password' => '',
|
$ldap_user_row = array( 'username' => $username, 'user_password' => '',
|
'user_email' => (!empty($this->config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($this->config['ldap_email'])][0]) : '',
| 'user_email' => (!empty($this->config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][html_entity_decode($this->config['ldap_email'], ENT_COMPAT)][0]) : '',
|
'group_id' => (int) $row['group_id'], 'user_type' => USER_NORMAL, 'user_ip' => $this->user->ip,
| 'group_id' => (int) $row['group_id'], 'user_type' => USER_NORMAL, 'user_ip' => $this->user->ip,
|
Line 337 | Line 337 |
---|
*/ private function ldap_user_filter($username) {
|
*/ private function ldap_user_filter($username) {
|
$filter = '(' . $this->config['ldap_uid'] . '=' . $this->ldap_escape(htmlspecialchars_decode($username)) . ')';
| $filter = '(' . $this->config['ldap_uid'] . '=' . $this->ldap_escape(html_entity_decode($username, ENT_COMPAT)) . ')';
|
if ($this->config['ldap_user_filter']) { $_filter = ($this->config['ldap_user_filter'][0] == '(' && substr($this->config['ldap_user_filter'], -1) == ')') ? $this->config['ldap_user_filter'] : "({$this->config['ldap_user_filter']})";
| if ($this->config['ldap_user_filter']) { $_filter = ($this->config['ldap_user_filter'][0] == '(' && substr($this->config['ldap_user_filter'], -1) == ')') ? $this->config['ldap_user_filter'] : "({$this->config['ldap_user_filter']})";
|