-function ldapauth_authenticate($username, $password)
-{
- $ldap_server = Config::get('ldapauth', 'ldap_server');
- $ldap_binddn = Config::get('ldapauth', 'ldap_binddn');
- $ldap_bindpw = Config::get('ldapauth', 'ldap_bindpw');
- $ldap_searchdn = Config::get('ldapauth', 'ldap_searchdn');
- $ldap_userattr = Config::get('ldapauth', 'ldap_userattr');
- $ldap_group = Config::get('ldapauth', 'ldap_group');
- $ldap_autocreateaccount = Config::get('ldapauth', 'ldap_autocreateaccount');
- $ldap_autocreateaccount_emailattribute = Config::get('ldapauth', 'ldap_autocreateaccount_emailattribute');
- $ldap_autocreateaccount_nameattribute = Config::get('ldapauth', 'ldap_autocreateaccount_nameattribute');
-
- if (!(strlen($password) && function_exists('ldap_connect') && strlen($ldap_server))) {
- logger("ldapauth: not configured or missing php-ldap module");
- return false;
- }
-
- $connect = @ldap_connect($ldap_server);
-
- if ($connect === false) {
- logger("ldapauth: could not connect to $ldap_server");
- return false;
- }
-
- @ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
- @ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
- if ((@ldap_bind($connect, $ldap_binddn, $ldap_bindpw)) === false) {
- logger("ldapauth: could not bind $ldap_server as $ldap_binddn");
- return false;
- }
-
- $res = @ldap_search($connect, $ldap_searchdn, $ldap_userattr . '=' . $username);
-
- if (!$res) {
- logger("ldapauth: $ldap_userattr=$username,$ldap_searchdn not found");
- return false;
- }
-
- $id = @ldap_first_entry($connect, $res);
-
- if (!$id) {
- return false;
- }
-
- $dn = @ldap_get_dn($connect, $id);
-
- if (!@ldap_bind($connect, $dn, $password)) {
- return false;
- }
-
- $emailarray = [];
- $namearray = [];
- if ($ldap_autocreateaccount == "true") {
- if (!strlen($ldap_autocreateaccount_emailattribute)) {
- $ldap_autocreateaccount_emailattribute = "mail";
- }
- if (!strlen($ldap_autocreateaccount_nameattribute)) {
- $ldap_autocreateaccount_nameattribute = "givenName";
- }
- $emailarray = @ldap_get_values($connect, $id, $ldap_autocreateaccount_emailattribute);
- $namearray = @ldap_get_values($connect, $id, $ldap_autocreateaccount_nameattribute);
- }
-
- if (!strlen($ldap_group)) {
- ldap_autocreateaccount($ldap_autocreateaccount, $username, $password, $emailarray[0], $namearray[0]);
- return true;
- }
-
- $r = @ldap_compare($connect, $ldap_group, 'member', $dn);
- if ($r === -1) {
- $err = @ldap_error($connect);
- $eno = @ldap_errno($connect);
- @ldap_close($connect);
-
- if ($eno === 32) {
- logger("ldapauth: access control group Does Not Exist");
- return false;
- } elseif ($eno === 16) {
- logger('ldapauth: membership attribute does not exist in access control group');
- return false;
- } else {
- logger('ldapauth: error: ' . $err);
- return false;
- }
- } elseif ($r === false) {
- @ldap_close($connect);
- return false;
- }
-
- ldap_autocreateaccount($ldap_autocreateaccount, $username, $password, $emailarray[0], $namearray[0]);
- return true;
+function ldapauth_authenticate($username,$password) {
+
+ $ldap_server = get_config('ldapauth','ldap_server');
+ $ldap_binddn = get_config('ldapauth','ldap_binddn');
+ $ldap_bindpw = get_config('ldapauth','ldap_bindpw');
+ $ldap_searchdn = get_config('ldapauth','ldap_searchdn');
+ $ldap_userattr = get_config('ldapauth','ldap_userattr');
+ $ldap_group = get_config('ldapauth','ldap_group');
+ $ldap_autocreateaccount = get_config('ldapauth','ldap_autocreateaccount');
+ $ldap_autocreateaccount_emailattribute = get_config('ldapauth','ldap_autocreateaccount_emailattribute');
+ $ldap_autocreateaccount_nameattribute = get_config('ldapauth','ldap_autocreateaccount_nameattribute');
+
+ if(! ((strlen($password))
+ && (function_exists('ldap_connect'))
+ && (strlen($ldap_server)))) {
+ logger("ldapauth: not configured or missing php-ldap module");
+ return false;
+ }
+
+ $connect = @ldap_connect($ldap_server);
+
+ if($connect === false) {
+ logger("ldapauth: could not connect to $ldap_server");
+ return false;
+ }
+
+ @ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION,3);
+ @ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
+ if((@ldap_bind($connect,$ldap_binddn,$ldap_bindpw)) === false) {
+ logger("ldapauth: could not bind $ldap_server as $ldap_binddn");
+ return false;
+ }
+
+ $res = @ldap_search($connect,$ldap_searchdn, $ldap_userattr . '=' . $username);
+
+ if(! $res) {
+ logger("ldapauth: $ldap_userattr=$username,$ldap_searchdn not found");
+ return false;
+ }
+
+ $id = @ldap_first_entry($connect,$res);
+
+ if(! $id) {
+ return false;
+ }
+
+ $dn = @ldap_get_dn($connect,$id);
+
+ if(! @ldap_bind($connect,$dn,$password))
+ return false;
+
+ $emailarray = [];
+ $namearray = [];
+ if($ldap_autocreateaccount == "true"){
+ if(! strlen($ldap_autocreateaccount_emailattribute))
+ $ldap_autocreateaccount_emailattribute = "mail";
+ if(! strlen($ldap_autocreateaccount_nameattribute))
+ $ldap_autocreateaccount_nameattribute = "givenName";
+ $emailarray = @ldap_get_values($connect, $id, $ldap_autocreateaccount_emailattribute);
+ $namearray = @ldap_get_values($connect, $id, $ldap_autocreateaccount_nameattribute);
+ }
+
+ if(! strlen($ldap_group)){
+ ldap_autocreateaccount($ldap_autocreateaccount,$username,$password,$emailarray[0],$namearray[0]);
+ return true;
+ }
+
+ $r = @ldap_compare($connect,$ldap_group,'member',$dn);
+ if ($r === -1) {
+ $err = @ldap_error($connect);
+ $eno = @ldap_errno($connect);
+ @ldap_close($connect);
+
+ if ($eno === 32) {
+ logger("ldapauth: access control group Does Not Exist");
+ return false;
+ }
+ elseif ($eno === 16) {
+ logger('ldapauth: membership attribute does not exist in access control group');
+ return false;
+ }
+ else {
+ logger('ldapauth: error: ' . $err);
+ return false;
+ }
+ }
+ elseif ($r === false) {
+ @ldap_close($connect);
+ return false;
+ }
+
+ ldap_autocreateaccount($ldap_autocreateaccount,$username,$password,$emailarray[0],$namearray[0]);
+ return true;