mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-11-23 00:13:35 +01:00
fix error ldap_get_entries(): Argument #2 ($result) must be of type LDAP\Result, bool given (0)
This commit is contained in:
ralf
parent
b3899e86dd
commit
af633af45d
@ -72,13 +72,12 @@ class Ldap implements Backend
|
|||||||
{
|
{
|
||||||
$filter = "(&$filter(objectclass=posixaccount))";
|
$filter = "(&$filter(objectclass=posixaccount))";
|
||||||
}
|
}
|
||||||
$sri = ldap_search($ldap, $GLOBALS['egw_info']['server']['ldap_context'], $filter, $attributes);
|
|
||||||
$allValues = ldap_get_entries($ldap, $sri);
|
|
||||||
|
|
||||||
if ($allValues['count'] > 0)
|
if (($sri = ldap_search($ldap, $GLOBALS['egw_info']['server']['ldap_context'], $filter, $attributes)) &&
|
||||||
|
($allValues = ldap_get_entries($ldap, $sri)) && $allValues['count'] > 0)
|
||||||
{
|
{
|
||||||
if ($GLOBALS['egw_info']['server']['case_sensitive_username'] == true &&
|
if (!empty($GLOBALS['egw_info']['server']['case_sensitive_username']) &&
|
||||||
$allValues[0]['uid'][0] != $username)
|
$allValues[0]['uid'][0] !== $username)
|
||||||
{
|
{
|
||||||
if ($this->debug) error_log(__METHOD__."('$username',\$password) wrong case in username!");
|
if ($this->debug) error_log(__METHOD__."('$username',\$password) wrong case in username!");
|
||||||
return false;
|
return false;
|
||||||
@ -93,7 +92,7 @@ class Ldap implements Backend
|
|||||||
|
|
||||||
// try to bind as the user with user suplied password
|
// try to bind as the user with user suplied password
|
||||||
// only if a non-empty password given, in case anonymous search is enabled
|
// only if a non-empty password given, in case anonymous search is enabled
|
||||||
if (!empty($passwd) && ($ret = @ldap_bind($ldap, $userDN, $passwd)))
|
if (!empty($passwd) && ($ret = ldap_bind($ldap, $userDN, $passwd)))
|
||||||
{
|
{
|
||||||
if ($GLOBALS['egw_info']['server']['account_repository'] != 'ldap')
|
if ($GLOBALS['egw_info']['server']['account_repository'] != 'ldap')
|
||||||
{
|
{
|
||||||
@ -141,7 +140,7 @@ class Ldap implements Backend
|
|||||||
{
|
{
|
||||||
$matches = null;
|
$matches = null;
|
||||||
// try to query password from ldap server (might fail because of ACL) and check if we need to migrate the hash
|
// try to query password from ldap server (might fail because of ACL) and check if we need to migrate the hash
|
||||||
if (($sri = @ldap_search($ldap, $userDN,"(objectclass=*)", array('userPassword'))) &&
|
if (($sri = ldap_search($ldap, $userDN,"(objectclass=*)", array('userPassword'))) &&
|
||||||
($values = ldap_get_entries($ldap, $sri)) && isset($values[0]['userpassword'][0]) &&
|
($values = ldap_get_entries($ldap, $sri)) && isset($values[0]['userpassword'][0]) &&
|
||||||
($type = preg_match('/^{(.+)}/',$values[0]['userpassword'][0],$matches) ? strtolower($matches[1]) : 'plain') &&
|
($type = preg_match('/^{(.+)}/',$values[0]['userpassword'][0],$matches) ? strtolower($matches[1]) : 'plain') &&
|
||||||
// for crypt use Api\Auth::crypt_compare to detect correct sub-type, strlen("{crypt}")=7
|
// for crypt use Api\Auth::crypt_compare to detect correct sub-type, strlen("{crypt}")=7
|
||||||
@ -183,16 +182,15 @@ class Ldap implements Backend
|
|||||||
$attributes = array('uid','dn','shadowexpire','shadowlastchange','sambaPwdLastSet','krb5PasswordEnd');
|
$attributes = array('uid','dn','shadowexpire','shadowlastchange','sambaPwdLastSet','krb5PasswordEnd');
|
||||||
|
|
||||||
$filter = str_replace(array('%user','%domain'),array(Api\Ldap::quote($username),$GLOBALS['egw_info']['user']['domain']),
|
$filter = str_replace(array('%user','%domain'),array(Api\Ldap::quote($username),$GLOBALS['egw_info']['user']['domain']),
|
||||||
$GLOBALS['egw_info']['server']['ldap_search_filter'] ? $GLOBALS['egw_info']['server']['ldap_search_filter'] : '(uid=%user)');
|
$GLOBALS['egw_info']['server']['ldap_search_filter'] ?? '(uid=%user)');
|
||||||
|
|
||||||
if ($GLOBALS['egw_info']['server']['account_repository'] == 'ldap')
|
if ($GLOBALS['egw_info']['server']['account_repository'] == 'ldap')
|
||||||
{
|
{
|
||||||
$filter = "(&$filter(objectclass=posixaccount))";
|
$filter = "(&$filter(objectclass=posixaccount))";
|
||||||
}
|
}
|
||||||
$sri = @ldap_search($ldap, $GLOBALS['egw_info']['server']['ldap_context'], $filter, $attributes);
|
|
||||||
$allValues = $sri ? ldap_get_entries($ldap, $sri) : [];
|
|
||||||
|
|
||||||
if ($allValues['count'] > 0)
|
if (($sri = ldap_search($ldap, $GLOBALS['egw_info']['server']['ldap_context'], $filter, $attributes)) &&
|
||||||
|
($allValues = ldap_get_entries($ldap, $sri)) && $allValues['count'] > 0)
|
||||||
{
|
{
|
||||||
// there are several schema-specific ways to express the user must change the password
|
// there are several schema-specific ways to express the user must change the password
|
||||||
if (isset($allValues[0]['shadowlastchange']) && (string)$allValues[0]['shadowlastchange'][0] === '0' ||
|
if (isset($allValues[0]['shadowlastchange']) && (string)$allValues[0]['shadowlastchange'][0] === '0' ||
|
||||||
@ -207,8 +205,8 @@ class Ldap implements Backend
|
|||||||
if ($this->debug) error_log(__METHOD__."('$username') no shadowlastchange attribute!");
|
if ($this->debug) error_log(__METHOD__."('$username') no shadowlastchange attribute!");
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if ($GLOBALS['egw_info']['server']['case_sensitive_username'] == true &&
|
if (!empty($GLOBALS['egw_info']['server']['case_sensitive_username']) &&
|
||||||
$allValues[0]['uid'][0] != $username)
|
$allValues[0]['uid'][0] !== $username)
|
||||||
{
|
{
|
||||||
if ($this->debug) error_log(__METHOD__."('$username') wrong case in username!");
|
if ($this->debug) error_log(__METHOD__."('$username') wrong case in username!");
|
||||||
return false;
|
return false;
|
||||||
@ -253,9 +251,12 @@ class Ldap implements Backend
|
|||||||
$filter = str_replace(array('%user','%domain'),array($username,$GLOBALS['egw_info']['user']['domain']),
|
$filter = str_replace(array('%user','%domain'),array($username,$GLOBALS['egw_info']['user']['domain']),
|
||||||
$GLOBALS['egw_info']['server']['ldap_search_filter'] ? $GLOBALS['egw_info']['server']['ldap_search_filter'] : '(uid=%user)');
|
$GLOBALS['egw_info']['server']['ldap_search_filter'] ? $GLOBALS['egw_info']['server']['ldap_search_filter'] : '(uid=%user)');
|
||||||
|
|
||||||
$ds = Api\Ldap::factory();
|
if (!($ds = Api\Ldap::factory()) ||
|
||||||
$sri = ldap_search($ds, $GLOBALS['egw_info']['server']['ldap_context'], $filter);
|
!($sri = ldap_search($ds, $GLOBALS['egw_info']['server']['ldap_context'], $filter)) ||
|
||||||
$allValues = ldap_get_entries($ds, $sri);
|
!($allValues = ldap_get_entries($ds, $sri)))
|
||||||
|
{
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
$entry['shadowlastchange'] = (is_null($lastpwdchange) || $lastpwdchange<0 ? round((time()-date('Z')) / (24*3600)):$lastpwdchange);
|
$entry['shadowlastchange'] = (is_null($lastpwdchange) || $lastpwdchange<0 ? round((time()-date('Z')) / (24*3600)):$lastpwdchange);
|
||||||
|
|
||||||
@ -265,7 +266,7 @@ class Ldap implements Backend
|
|||||||
{
|
{
|
||||||
$ds = Api\Ldap::factory(true, '', $dn, $passwd);
|
$ds = Api\Ldap::factory(true, '', $dn, $passwd);
|
||||||
}
|
}
|
||||||
if (!@ldap_modify($ds, $dn, $entry))
|
if (!$ds || !ldap_modify($ds, $dn, $entry))
|
||||||
{
|
{
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
@ -300,11 +301,14 @@ class Ldap implements Backend
|
|||||||
if ($this->debug) error_log(__METHOD__."('$old_passwd','$new_passwd',$account_id, $update_lastchange) username='$username'");
|
if ($this->debug) error_log(__METHOD__."('$old_passwd','$new_passwd',$account_id, $update_lastchange) username='$username'");
|
||||||
|
|
||||||
$filter = str_replace(array('%user','%domain'),array($username,$GLOBALS['egw_info']['user']['domain']),
|
$filter = str_replace(array('%user','%domain'),array($username,$GLOBALS['egw_info']['user']['domain']),
|
||||||
$GLOBALS['egw_info']['server']['ldap_search_filter'] ? $GLOBALS['egw_info']['server']['ldap_search_filter'] : '(uid=%user)');
|
$GLOBALS['egw_info']['server']['ldap_search_filter'] ?? '(uid=%user)');
|
||||||
|
|
||||||
$ds = $ds_admin = Api\Ldap::factory();
|
if (!($ds = $ds_admin = Api\Ldap::factory()) ||
|
||||||
$sri = ldap_search($ds, $GLOBALS['egw_info']['server']['ldap_context'], $filter);
|
!($sri = ldap_search($ds, $GLOBALS['egw_info']['server']['ldap_context'], $filter)) ||
|
||||||
$allValues = ldap_get_entries($ds, $sri);
|
!($allValues = ldap_get_entries($ds, $sri)))
|
||||||
|
{
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
$entry['userpassword'] = Api\Auth::encrypt_password($new_passwd);
|
$entry['userpassword'] = Api\Auth::encrypt_password($new_passwd);
|
||||||
if ($update_lastchange)
|
if ($update_lastchange)
|
||||||
@ -326,7 +330,7 @@ class Ldap implements Backend
|
|||||||
}
|
}
|
||||||
// try changing password bind as user or as admin, to cater for all sorts of ldap configuration
|
// try changing password bind as user or as admin, to cater for all sorts of ldap configuration
|
||||||
// where either only user is allowed to change his password, or only admin user is allowed to
|
// where either only user is allowed to change his password, or only admin user is allowed to
|
||||||
if (!@ldap_modify($ds, $dn, $entry) && (!$old_passwd || !@ldap_modify($ds_admin, $dn, $entry)))
|
if (!ldap_modify($ds, $dn, $entry) && (!$old_passwd || !ldap_modify($ds_admin, $dn, $entry)))
|
||||||
{
|
{
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
@ -337,4 +341,4 @@ class Ldap implements Backend
|
|||||||
}
|
}
|
||||||
return $entry['userpassword'];
|
return $entry['userpassword'];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
Loading…
Reference in New Issue
Block a user