-function ldapauth_authenticate($username,$password) {
-
- $ldap_server = get_config('ldapauth','ldap_server');
- $ldap_binddn = get_config('ldapauth','ldap_binddn');
- $ldap_bindpw = get_config('ldapauth','ldap_bindpw');
- $ldap_searchdn = get_config('ldapauth','ldap_searchdn');
- $ldap_userattr = get_config('ldapauth','ldap_userattr');
- $ldap_group = get_config('ldapauth','ldap_group');
- $ldap_autocreateaccount = get_config('ldapauth','ldap_autocreateaccount');
- $ldap_autocreateaccount_emailattribute = get_config('ldapauth','ldap_autocreateaccount_emailattribute');
- $ldap_autocreateaccount_nameattribute = get_config('ldapauth','ldap_autocreateaccount_nameattribute');
-
- if(! strlen($ldap_autocreateaccount_emailattribute))
- $ldap_autocreateaccount_emailattribute = "mail";
- if(! strlen($ldap_autocreateaccount_nameattribute))
- $ldap_autocreateaccount_nameattribute = "givenName";
-
- if(! ((strlen($password))
- && (function_exists('ldap_connect'))
- && (strlen($ldap_server))))
- return false;
-
- $connect = @ldap_connect($ldap_server);
-
- if(! $connect)
- return false;
-
- @ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION,3);
- @ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
- if((@ldap_bind($connect,$ldap_binddn,$ldap_bindpw)) === false) {
- return false;
- }
-
- $res = @ldap_search($connect,$ldap_searchdn, $ldap_userattr . '=' . $username);
-
- if(! $res) {
- return false;
- }
-
- $id = @ldap_first_entry($connect,$res);
-
- if(! $id) {
- return false;
- }
-
- $dn = @ldap_get_dn($connect,$id);
-
- if(! @ldap_bind($connect,$dn,$password))
- return false;
-
- $emailarray = @ldap_get_values($connect, $id, $ldap_autocreateaccount_emailattribute);
- $namearray = @ldap_get_values($connect, $id, $ldap_autocreateaccount_nameattribute);
-
- if(! strlen($ldap_group)){
- ldap_autocreateaccount($ldap_autocreateaccount,$username,$password,$emailarray[0],$namearray[0]);
- return true;
+ $res = @ldap_search($connect, $ldap_searchdn, $ldap_userattr . '=' . $username);
+
+ if (!$res) {
+ logger("ldapauth: $ldap_userattr=$username,$ldap_searchdn not found");
+ return false;
+ }
+
+ $id = @ldap_first_entry($connect, $res);
+
+ if (!$id) {
+ return false;
+ }
+
+ $dn = @ldap_get_dn($connect, $id);
+
+ if (!@ldap_bind($connect, $dn, $password)) {
+ return false;