fix ldap authentication

2025-06-18 02:59:27 +00:00 · 2016-04-04 08:46:03 +02:00 · 2016-04-04 08:46:03 +02:00 · 194c6c4fe8
commit 194c6c4fe8
parent 8cd3e6cada
1 changed files with 18 additions and 33 deletions
--- a/op/op.Login.php
+++ b/op/op.Login.php
@ -129,11 +129,11 @@ if (isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
 		$dn = false;
 		/* If bind succeed, then get the dn of for the user */
 		if ($bind) {
-            if (isset($settings->_ldapFilter) && strlen($settings->_ldapFilter) > 0) {
+			if (isset($settings->_ldapFilter) && strlen($settings->_ldapFilter) > 0) {
-			    $search = ldap_search($ds, $settings->_ldapBaseDN, "(&(".$ldapSearchAttribut.$login.")".$settings->_ldapFilter.")");
+				$search = ldap_search($ds, $settings->_ldapBaseDN, "(&(".$ldapSearchAttribut.$login.")".$settings->_ldapFilter.")");
-            } else {
+			} else {
-			    $search = ldap_search($ds, $settings->_ldapBaseDN, $ldapSearchAttribut.$login);
+				$search = ldap_search($ds, $settings->_ldapBaseDN, $ldapSearchAttribut.$login);
-            }
+			}
 			if (!is_bool($search)) {
 				$info = ldap_get_entries($ds, $search);
 				if (!is_bool($info) && $info["count"]>0) {
@ -158,39 +158,24 @@ if (isset($settings->_ldapHost) && strlen($settings->_ldapHost)>0) {
 			$user = $dms->getUserByLogin($login);
 			if (is_bool($user) && !$settings->_restricted) {
 				// Retrieve the user's LDAP information.
-        if (isset($settings->_ldapFilter) && strlen($settings->_ldapFilter) > 0) {
+				if (isset($settings->_ldapFilter) && strlen($settings->_ldapFilter) > 0) {
-			    $search = ldap_search($ds, $settings->_ldapBaseDN, "(&(".$ldapSearchAttribut.$login.")".$settings->_ldapFilter.")");
+					$search = ldap_search($ds, $settings->_ldapBaseDN, "(&(".$ldapSearchAttribut.$login.")".$settings->_ldapFilter.")");
-        } else {
+				} else {
-					$search = ldap_search($ds, $settings->_ldapBaseDN, $ldapSearchAttribut . $login); 
+					$search = ldap_search($ds, $settings->_ldapBaseDN, $ldapSearchAttribut.$login); 
 				}
 			}
 			$bind = @ldap_bind($ds, $dn, $pwd);
 			if ($bind) {
 				// Successfully authenticated. Now check to see if the user exists within
 				// the database. If not, add them in, but do not add their password.
 				$user = $dms->getUserByLogin($login);
 				if (is_bool($user) && !$settings->_restricted) {
 					// Retrieve the user's LDAP information.
-					
+				if (!is_bool($search)) {
-					/* new code by doudoux  - TO BE TESTED */
+					$info = ldap_get_entries($ds, $search);
-					$search = ldap_search($ds, $settings->_ldapBaseDN, $ldapSearchAttribut . $login); 
+					if (!is_bool($info) && $info["count"]==1 && $info[0]["count"]>0) {
-					/* old code */
+						$user = $dms->addUser($login, null, $info[0]['cn'][0], $info[0]['mail'][0], $settings->_language, $settings->_theme, "");
 					//$search = ldap_search($ds, $dn, "uid=".$login);
 					if (!is_bool($search)) {
 						$info = ldap_get_entries($ds, $search);
 						if (!is_bool($info) && $info["count"]==1 && $info[0]["count"]>0) {
 							$user = $dms->addUser($login, null, $info[0]['cn'][0], $info[0]['mail'][0], $settings->_language, $settings->_theme, "");
 						}
 					}
 				}
 				if (!is_bool($user)) {
 					$userid = $user->getID();
 				}
 			}
-			ldap_close($ds);
+			if (!is_bool($user)) {
 				$userid = $user->getID();
 			}
 		}
 		ldap_close($ds);
 	}
 }
 }