-function ldapauth_authenticate($username,$password) {
-
- $ldap_server = get_config('ldapauth','ldap_server');
- $ldap_binddn = get_config('ldapauth','ldap_binddn');
- $ldap_bindpw = get_config('ldapauth','ldap_bindpw');
- $ldap_searchdn = get_config('ldapauth','ldap_searchdn');
- $ldap_userattr = get_config('ldapauth','ldap_userattr');
- $ldap_group = get_config('ldapauth','ldap_group');
- $ldap_autocreateaccount = get_config('ldapauth','ldap_autocreateaccount');
- $ldap_autocreateaccount_emailattribute = get_config('ldapauth','ldap_autocreateaccount_emailattribute');
- $ldap_autocreateaccount_nameattribute = get_config('ldapauth','ldap_autocreateaccount_nameattribute');
-
- if(! ((strlen($password))
- && (function_exists('ldap_connect'))
- && (strlen($ldap_server)))) {
- logger("ldapauth: not configured or missing php-ldap module");
- return false;
- }
-
- $connect = @ldap_connect($ldap_server);
-
- if($connect === false) {
- logger("ldapauth: could not connect to $ldap_server");
- return false;
- }
-
- @ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION,3);
- @ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
- if((@ldap_bind($connect,$ldap_binddn,$ldap_bindpw)) === false) {
- logger("ldapauth: could not bind $ldap_server as $ldap_binddn");
- return false;
- }
-
- $res = @ldap_search($connect,$ldap_searchdn, $ldap_userattr . '=' . $username);
-
- if(! $res) {
- logger("ldapauth: $ldap_userattr=$username,$ldap_searchdn not found");
- return false;
- }
-
- $id = @ldap_first_entry($connect,$res);
-
- if(! $id) {
- return false;
- }
-
- $dn = @ldap_get_dn($connect,$id);
-
- if(! @ldap_bind($connect,$dn,$password))
- return false;
-
- $emailarray = [];
- $namearray = [];
- if($ldap_autocreateaccount == "true"){
- if(! strlen($ldap_autocreateaccount_emailattribute))
- $ldap_autocreateaccount_emailattribute = "mail";
- if(! strlen($ldap_autocreateaccount_nameattribute))
- $ldap_autocreateaccount_nameattribute = "givenName";
- $emailarray = @ldap_get_values($connect, $id, $ldap_autocreateaccount_emailattribute);
- $namearray = @ldap_get_values($connect, $id, $ldap_autocreateaccount_nameattribute);
- }
-
- if(! strlen($ldap_group)){
- ldap_autocreateaccount($ldap_autocreateaccount,$username,$password,$emailarray[0],$namearray[0]);
- return true;
- }
-
- $r = @ldap_compare($connect,$ldap_group,'member',$dn);
- if ($r === -1) {
- $err = @ldap_error($connect);
- $eno = @ldap_errno($connect);
- @ldap_close($connect);
-
- if ($eno === 32) {
- logger("ldapauth: access control group Does Not Exist");
- return false;
- }
- elseif ($eno === 16) {
- logger('ldapauth: membership attribute does not exist in access control group');
- return false;
- }
- else {
- logger('ldapauth: error: ' . $err);
- return false;
- }
- }
- elseif ($r === false) {
- @ldap_close($connect);
- return false;
- }
-
- ldap_autocreateaccount($ldap_autocreateaccount,$username,$password,$emailarray[0],$namearray[0]);
- return true;
+function ldapauth_authenticate($username, $password)
+{
+ $ldap_server = DI::config()->get('ldapauth', 'ldap_server');
+ $ldap_binddn = DI::config()->get('ldapauth', 'ldap_binddn');
+ $ldap_bindpw = DI::config()->get('ldapauth', 'ldap_bindpw');
+ $ldap_searchdn = DI::config()->get('ldapauth', 'ldap_searchdn');
+ $ldap_userattr = DI::config()->get('ldapauth', 'ldap_userattr');
+ $ldap_group = DI::config()->get('ldapauth', 'ldap_group');
+ $ldap_autocreateaccount = DI::config()->get('ldapauth', 'ldap_autocreateaccount');
+ $ldap_autocreateaccount_emailattribute = DI::config()->get('ldapauth', 'ldap_autocreateaccount_emailattribute');
+ $ldap_autocreateaccount_nameattribute = DI::config()->get('ldapauth', 'ldap_autocreateaccount_nameattribute');
+
+ if (!(strlen($password) && function_exists('ldap_connect') && strlen($ldap_server))) {
+ Logger::log("ldapauth: not configured or missing php-ldap module");
+ return false;
+ }
+
+ $connect = @ldap_connect($ldap_server);
+
+ if ($connect === false) {
+ Logger::log("ldapauth: could not connect to $ldap_server");
+ return false;
+ }
+
+ @ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
+ @ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
+ if ((@ldap_bind($connect, $ldap_binddn, $ldap_bindpw)) === false) {
+ Logger::log("ldapauth: could not bind $ldap_server as $ldap_binddn");
+ return false;
+ }
+
+ $res = @ldap_search($connect, $ldap_searchdn, $ldap_userattr . '=' . $username);
+
+ if (!$res) {
+ Logger::log("ldapauth: $ldap_userattr=$username,$ldap_searchdn not found");
+ return false;
+ }
+
+ $id = @ldap_first_entry($connect, $res);
+
+ if (!$id) {
+ return false;
+ }
+
+ $dn = @ldap_get_dn($connect, $id);
+
+ if (!@ldap_bind($connect, $dn, $password)) {
+ return false;
+ }
+
+ $emailarray = [];
+ $namearray = [];
+ if ($ldap_autocreateaccount == "true") {
+ if (!strlen($ldap_autocreateaccount_emailattribute)) {
+ $ldap_autocreateaccount_emailattribute = "mail";
+ }
+ if (!strlen($ldap_autocreateaccount_nameattribute)) {
+ $ldap_autocreateaccount_nameattribute = "givenName";
+ }
+ $emailarray = @ldap_get_values($connect, $id, $ldap_autocreateaccount_emailattribute);
+ $namearray = @ldap_get_values($connect, $id, $ldap_autocreateaccount_nameattribute);
+ }
+
+ if (!strlen($ldap_group)) {
+ ldap_autocreateaccount($ldap_autocreateaccount, $username, $password, $emailarray[0], $namearray[0]);
+ return true;
+ }
+
+ $r = @ldap_compare($connect, $ldap_group, 'member', $dn);
+ if ($r === -1) {
+ $err = @ldap_error($connect);
+ $eno = @ldap_errno($connect);
+ @ldap_close($connect);
+
+ if ($eno === 32) {
+ Logger::log("ldapauth: access control group Does Not Exist");
+ return false;
+ } elseif ($eno === 16) {
+ Logger::log('ldapauth: membership attribute does not exist in access control group');
+ return false;
+ } else {
+ Logger::log('ldapauth: error: ' . $err);
+ return false;
+ }
+ } elseif ($r === false) {
+ @ldap_close($connect);
+ return false;
+ }
+
+ ldap_autocreateaccount($ldap_autocreateaccount, $username, $password, $emailarray[0], $namearray[0]);
+ return true;