diff --git a/lam/templates/login.php b/lam/templates/login.php
index d0899dd7..74b559e7 100644
--- a/lam/templates/login.php
+++ b/lam/templates/login.php
@@ -189,14 +189,20 @@ function display_LoginPage($config_object) {
-
+
\n";
echo "\n";
echo "\n";
@@ -255,18 +261,21 @@ function display_LoginPage($config_object) {
?>
-
|
@@ -276,7 +285,7 @@ function display_LoginPage($config_object) {
?>
-
+
|
@@ -286,7 +295,7 @@ function display_LoginPage($config_object) {
?>
-
+
- " tabindex="3">
+ " tabindex="4">
|
|
@@ -349,7 +358,7 @@ function display_LoginPage($config_object) {
-
+
@@ -359,7 +368,7 @@ function display_LoginPage($config_object) {
?>
- " tabindex="5">
+ " tabindex="6">
|
@@ -410,10 +419,52 @@ if(!empty($_POST['checklogin']))
if (get_magic_quotes_gpc() == 1) {
$_POST['passwd'] = stripslashes($_POST['passwd']);
}
- $result = $_SESSION['ldap']->connect($_POST['username'],$_POST['passwd']); // Connect to LDAP server for verifing username/password
-
- if($result === 0) // Username/password correct. Do some configuration and load main frame.
- {
+ $username = $_POST['username'];
+ // search user in LDAP if needed
+ if ($_SESSION['config']->getLoginMethod() == LAMConfig::LOGIN_SEARCH) {
+ $searchLDAP = new Ldap($_SESSION['config']);
+ $searchLDAP->connect('', '');
+ $searchFilter = $_SESSION['config']->getLoginSearchFilter();
+ $searchFilter = str_replace('%USER%', $username ,$searchFilter);
+ $searchSuccess = true;
+ $searchError = '';
+ $searchResult = @ldap_search($searchLDAP->server(), $_SESSION['config']->getLoginSearchSuffix(), $searchFilter, array('dn'));
+ if ($searchResult) {
+ $searchInfo = @ldap_get_entries($searchLDAP->server(), $searchResult);
+ if ($searchInfo) {
+ if ($searchInfo['count'] == 0) {
+ $searchSuccess = false;
+ $searchError = _('Wrong password/user name combination. Please try again.');
+ }
+ elseif ($searchInfo['count'] > 1) {
+ $searchSuccess = false;
+ $searchError = _('The given user name matches multiple LDAP entries.');
+ }
+ else {
+ $username = $searchInfo[0]['dn'];
+ }
+ }
+ else {
+ $searchSuccess = false;
+ $searchError = _('Unable to find the user name in LDAP.');
+ }
+ }
+ else {
+ $searchSuccess = false;
+ $searchError = _('Unable to find the user name in LDAP.');
+ }
+ if (!$searchSuccess) {
+ $error_message = $searchError;
+ logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' failed to log in. ' . $searchError . '');
+ $searchLDAP->close();
+ display_LoginPage($_SESSION['config']);
+ exit();
+ }
+ $searchLDAP->close();
+ }
+ // try to connect to LDAP
+ $result = $_SESSION['ldap']->connect($username,$_POST['passwd']); // Connect to LDAP server for verifing username/password
+ if($result === 0) {// Username/password correct. Do some configuration and load main frame.
$_SESSION['loggedIn'] = true;
$_SESSION['language'] = $_POST['language']; // Write selected language in session
$current_language = explode(":",$_SESSION['language']);
@@ -431,27 +482,30 @@ if(!empty($_POST['checklogin']))
metaRefresh("./main.php");
die();
}
- else
- {
+ else {
if ($result === False) {
$error_message = _("Cannot connect to specified LDAP server. Please try again.");
logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' failed to log in (LDAP error: ' . ldap_err2str($result) . ').');
display_LoginPage($_SESSION['config']); // connection failed
+ exit();
}
elseif ($result == 81) {
$error_message = _("Cannot connect to specified LDAP server. Please try again.");
logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' failed to log in (LDAP error: ' . ldap_err2str($result) . ').');
display_LoginPage($_SESSION['config']); // connection failed
+ exit();
}
elseif ($result == 49) {
$error_message = _("Wrong password/user name combination. Please try again.");
logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' failed to log in (wrong password).');
display_LoginPage($_SESSION['config']); // Username/password invalid. Return to login page.
+ exit();
}
else {
$error_message = _("LDAP error, server says:") . "\n
($result) " . ldap_err2str($result);
logNewMessage(LOG_ERR, 'User ' . $_POST['username'] . ' failed to log in (LDAP error: ' . ldap_err2str($result) . ').');
display_LoginPage($_SESSION['config']); // other errors
+ exit();
}
}
}