From e0a82bc70d6a3e380ee3d5caa53e11c033335dd6 Mon Sep 17 00:00:00 2001 From: Roland Gruber Date: Mon, 5 Aug 2019 21:56:06 +0200 Subject: [PATCH] removed decrypt_login() --- lam/lib/account.inc | 6 ++-- lam/lib/adminHeader.inc | 8 ++--- lam/lib/ldap.inc | 27 +++++----------- lam/lib/modules.inc | 34 ++++++++++---------- lam/lib/modules/windowsGroup.inc | 13 +++----- lam/lib/modules/windowsUser.inc | 12 +++---- lam/lib/remote.inc | 8 ++--- lam/lib/security.inc | 4 +-- lam/templates/3rdParty/pla/config/config.php | 5 ++- lam/templates/login2Factor.php | 7 ++-- lam/templates/logout.php | 6 ++-- lam/templates/tests/lamdaemonTest.php | 6 ++-- 12 files changed, 56 insertions(+), 80 deletions(-) diff --git a/lam/lib/account.inc b/lam/lib/account.inc index c2ee1658..d822ae75 100644 --- a/lam/lib/account.inc +++ b/lam/lib/account.inc @@ -955,14 +955,12 @@ function deleteDN($dn, $recursive) { } // delete parent DN $success = @ldap_delete($_SESSION['ldap']->server(), $dn); - $ldapUser = $_SESSION['ldap']->decrypt_login(); - $ldapUser = $ldapUser[0]; if (!$success) { - logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete DN: ' . $dn . ' (' . ldap_error($_SESSION['ldap']->server()) . ').'); + logNewMessage(LOG_ERR, 'Unable to delete DN: ' . $dn . ' (' . ldap_error($_SESSION['ldap']->server()) . ').'); $errors[] = array ('ERROR', sprintf(_('Was unable to delete DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server())); } else { - logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Deleted DN: ' . $dn); + logNewMessage(LOG_NOTICE, 'Deleted DN: ' . $dn); } return $errors; } diff --git a/lam/lib/adminHeader.inc b/lam/lib/adminHeader.inc index 38e5075a..0ee771df 100644 --- a/lam/lib/adminHeader.inc +++ b/lam/lib/adminHeader.inc @@ -101,12 +101,12 @@ foreach ($toSort as $key => $value) { decrypt_login(); - $userName = extractRDNValue($userData[0]); + $userData = $_SESSION['ldap']->getUserName(); + $userName = extractRDNValue($userData); ?> '; + echo '  '; $serverProfileLabel = $_SESSION['config']->getName() . ' - '; $serverProfileNames = getConfigProfiles(); if (sizeof($serverProfileNames) < 2) { @@ -118,7 +118,7 @@ foreach ($toSort as $key => $value) { '; + echo '  '; echo $userName; echo ''; ?> diff --git a/lam/lib/ldap.inc b/lam/lib/ldap.inc index 287786a6..c2bbc238 100644 --- a/lam/lib/ldap.inc +++ b/lam/lib/ldap.inc @@ -1,9 +1,8 @@ server); + else { + return ldap_errno($this->server); + } + } + else { + return false; } - else return false; } /** Closes connection to server */ @@ -118,8 +121,7 @@ class Ldap{ */ public function server() { if (!$this->is_connected) { - $data = $this->decrypt_login(); - $this->connect($data[0], $data[1]); + $this->connect($this->getUserName(), $this->getPassword()); $this->is_connected = true; } return $this->server; @@ -179,19 +181,6 @@ class Ldap{ $this->password = base64_encode(lamEncrypt($password)); } - /** - * Decrypts username and password - * - * @return array array(user name, password) - */ - public function decrypt_login() { - // decrypt username and password - $username = lamDecrypt(base64_decode($this->username)); - $password = lamDecrypt(base64_decode($this->password)); - $ret = array($username, $password); - return $ret; - } - /** * Returns the LDAP user name. * diff --git a/lam/lib/modules.inc b/lam/lib/modules.inc index 4d887095..d7876e13 100644 --- a/lam/lib/modules.inc +++ b/lam/lib/modules.inc @@ -138,8 +138,8 @@ function get_ldap_filter($typeId) { else { $finalFilter = "(&" . implode("", $filters['and']) . ")"; } - $loginData = $_SESSION['ldap']->decrypt_login(); - return str_replace('@@LOGIN_DN@@', $loginData[0], $finalFilter); + $loginData = $_SESSION['ldap']->getUserName(); + return str_replace('@@LOGIN_DN@@', $loginData, $finalFilter); } /** @@ -186,7 +186,9 @@ function getRDNAttributes($typeId, $selectedModules=null) { // merge arrays $return = array_values(array_unique($attrs_high)); for ($i = 0; $i < sizeof($attrs_normal); $i++) { - if (!in_array($attrs_normal[$i], $return)) $return[] = $attrs_normal[$i]; + if (!in_array($attrs_normal[$i], $return)) { + $return[] = $attrs_normal[$i]; + } } for ($i = 0; $i < sizeof($attrs_low); $i++) { if (!in_array($attrs_low[$i], $return)) { @@ -1812,8 +1814,6 @@ class accountContainer { } $this->finalDN = $this->dn_orig; $errors = array(); - $ldapUser = $_SESSION['ldap']->decrypt_login(); - $ldapUser = $ldapUser[0]; $module = array_keys($this->module); $attributes = array(); // load attributes @@ -1958,7 +1958,7 @@ class accountContainer { logNewMessage(LOG_DEBUG, 'Rename ' . $this->dn_orig . ' to ' . $this->finalDN); $success = ldap_rename($_SESSION['ldap']->server(), $this->dn_orig, $this->getRDN($this->finalDN), $this->getParentDN($this->finalDN), $removeOldRDN); if ($success) { - logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Renamed DN ' . $this->dn_orig . " to " . $this->finalDN); + logNewMessage(LOG_NOTICE, 'Renamed DN ' . $this->dn_orig . " to " . $this->finalDN); // do not add attribute value as new one if added via rename operation if (!empty($attributes[$this->finalDN]['add'][$rdnAttr]) && in_array(extractRDNValue($this->finalDN), $attributes[$this->finalDN]['add'][$rdnAttr])) { $attributes[$this->finalDN]['add'][$rdnAttr] = array_delete(array(extractRDNValue($this->finalDN)), $attributes[$this->finalDN]['add'][$rdnAttr]); @@ -1968,7 +1968,7 @@ class accountContainer { } } else { - logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to rename DN: ' . $this->dn_orig . ' (' . ldap_error($_SESSION['ldap']->server()) . '). ' + logNewMessage(LOG_ERR, 'Unable to rename DN: ' . $this->dn_orig . ' (' . ldap_error($_SESSION['ldap']->server()) . '). ' . getExtendedLDAPErrorMessage($_SESSION['ldap']->server())); $errors[] = array('ERROR', sprintf(_('Was unable to rename DN: %s.'), $this->dn_orig), getDefaultLDAPErrorString($_SESSION['ldap']->server())); $stopprocessing = true; @@ -1988,13 +1988,13 @@ class accountContainer { } $success = @ldap_add($_SESSION['ldap']->server(), $this->finalDN, $attr); if (!$success) { - logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to create DN: ' . $this->finalDN . ' (' . ldap_error($_SESSION['ldap']->server()) . '). ' + logNewMessage(LOG_ERR, 'Unable to create DN: ' . $this->finalDN . ' (' . ldap_error($_SESSION['ldap']->server()) . '). ' . getExtendedLDAPErrorMessage($_SESSION['ldap']->server())); $errors[] = array('ERROR', sprintf(_('Was unable to create DN: %s.'), $this->finalDN), getDefaultLDAPErrorString($_SESSION['ldap']->server())); $stopprocessing = true; } else { - logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Created DN: ' . $this->finalDN); + logNewMessage(LOG_NOTICE, 'Created DN: ' . $this->finalDN); } unset($attributes[$this->finalDN]); } @@ -2007,16 +2007,16 @@ class accountContainer { if (!empty($attributes[$DNs[$i]]['modify']) && !$stopprocessing) { $success = @ldap_mod_replace($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['modify']); if (!$success) { - logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to modify attributes of DN: ' . $DNs[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . '). ' + logNewMessage(LOG_ERR, 'Unable to modify attributes of DN: ' . $DNs[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . '). ' . getExtendedLDAPErrorMessage($_SESSION['ldap']->server())); $errors[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $DNs[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server())); $stopprocessing = true; } else { - logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Modified DN: ' . $DNs[$i]); + logNewMessage(LOG_NOTICE, 'Modified DN: ' . $DNs[$i]); // check if the password of the currently logged in user was changed - $lamAdmin = $_SESSION['ldap']->decrypt_login(); - if ((strtolower($DNs[$i]) == strtolower($lamAdmin[0])) && isset($attributes[$DNs[$i]]['info']['userPasswordClearText'][0])) { + $lamAdmin = $_SESSION['ldap']->getUserName(); + if ((strtolower($DNs[$i]) == strtolower($lamAdmin)) && isset($attributes[$DNs[$i]]['info']['userPasswordClearText'][0])) { $_SESSION['ldap']->encrypt_login($DNs[$i], $attributes[$DNs[$i]]['info']['userPasswordClearText'][0]); } } @@ -2025,26 +2025,26 @@ class accountContainer { if (!empty($attributes[$DNs[$i]]['add']) && !$stopprocessing) { $success = @ldap_mod_add($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['add']); if (!$success) { - logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add attributes to DN: ' . $DNs[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . '). ' + logNewMessage(LOG_ERR, 'Unable to add attributes to DN: ' . $DNs[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . '). ' . getExtendedLDAPErrorMessage($_SESSION['ldap']->server())); $errors[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $DNs[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server())); $stopprocessing = true; } else { - logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Modified DN: ' . $DNs[$i]); + logNewMessage(LOG_NOTICE, 'Modified DN: ' . $DNs[$i]); } } // remove attributes if (!empty($attributes[$DNs[$i]]['remove']) && !$stopprocessing) { $success = @ldap_mod_del($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['remove']); if (!$success) { - logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete attributes from DN: ' . $DNs[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . '). ' + logNewMessage(LOG_ERR, 'Unable to delete attributes from DN: ' . $DNs[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . '). ' . getExtendedLDAPErrorMessage($_SESSION['ldap']->server())); $errors[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $DNs[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server())); $stopprocessing = true; } else { - logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Modified DN: ' . $DNs[$i]); + logNewMessage(LOG_NOTICE, 'Modified DN: ' . $DNs[$i]); } } } diff --git a/lam/lib/modules/windowsGroup.inc b/lam/lib/modules/windowsGroup.inc index 5d9009a0..6eee3750 100644 --- a/lam/lib/modules/windowsGroup.inc +++ b/lam/lib/modules/windowsGroup.inc @@ -4,10 +4,9 @@ use \LAM\PDF\PDFTableCell; use \LAM\PDF\PDFTableRow; use \LAM\TYPES\TypeManager; /* -$Id$ This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) - Copyright (C) 2013 - 2017 Roland Gruber + Copyright (C) 2013 - 2019 Roland Gruber This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -1036,18 +1035,16 @@ class windowsGroup extends baseModule { $toAdd = array_values(array_diff($this->attributes['memberOf'], $this->orig['memberOf'])); $toRem = array_values(array_diff($this->orig['memberOf'], $this->attributes['memberOf'])); $toUpdate = array_values(array_intersect($this->attributes['memberOf'], $this->orig['memberOf'])); - $ldapUser = $_SESSION['ldap']->decrypt_login(); - $ldapUser = $ldapUser[0]; // add groups for ($i = 0; $i < sizeof($toAdd); $i++) { if (in_array($toAdd[$i], $groups)) { $success = @ldap_mod_add($_SESSION['ldap']->server(), $toAdd[$i], array('member' => array($this->getAccountContainer()->finalDN))); if (!$success) { - logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add group ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').'); + logNewMessage(LOG_ERR, 'Unable to add group ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').'); $messages[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $toAdd[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server())); } else { - logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Added group ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i]); + logNewMessage(LOG_NOTICE, 'Added group ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i]); } } } @@ -1056,11 +1053,11 @@ class windowsGroup extends baseModule { if (in_array($toRem[$i], $groups)) { $success = @ldap_mod_del($_SESSION['ldap']->server(), $toRem[$i], array('member' => array($this->getAccountContainer()->dn_orig))); if (!$success) { - logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete group ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').'); + logNewMessage(LOG_ERR, 'Unable to delete group ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').'); $messages[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $toRem[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server())); } else { - logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Removed group ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i]); + logNewMessage(LOG_NOTICE, 'Removed group ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i]); } } } diff --git a/lam/lib/modules/windowsUser.inc b/lam/lib/modules/windowsUser.inc index 0b93624f..4849ced7 100644 --- a/lam/lib/modules/windowsUser.inc +++ b/lam/lib/modules/windowsUser.inc @@ -2171,18 +2171,16 @@ class windowsUser extends baseModule implements passwordService { $groups = $this->findGroups(); $toAdd = array_values(array_diff($this->groupList, $this->groupList_orig)); $toRem = array_values(array_diff($this->groupList_orig, $this->groupList)); - $ldapUser = $_SESSION['ldap']->decrypt_login(); - $ldapUser = $ldapUser[0]; // add groups for ($i = 0; $i < sizeof($toAdd); $i++) { if (in_array($toAdd[$i], $groups)) { $success = @ldap_mod_add($_SESSION['ldap']->server(), $toAdd[$i], array('member' => array($this->getAccountContainer()->finalDN))); if (!$success) { - logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to add user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').'); + logNewMessage(LOG_ERR, 'Unable to add user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').'); $messages[] = array('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $toAdd[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server())); } else { - logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Added user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i]); + logNewMessage(LOG_NOTICE, 'Added user ' . $this->getAccountContainer()->finalDN . ' to group: ' . $toAdd[$i]); } } } @@ -2191,11 +2189,11 @@ class windowsUser extends baseModule implements passwordService { if (in_array($toRem[$i], $groups)) { $success = @ldap_mod_del($_SESSION['ldap']->server(), $toRem[$i], array('member' => array($this->getAccountContainer()->dn_orig))); if (!$success) { - logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to delete user ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').'); + logNewMessage(LOG_ERR, 'Unable to delete user ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i] . ' (' . ldap_error($_SESSION['ldap']->server()) . ').'); $messages[] = array('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $toRem[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server())); } else { - logNewMessage(LOG_NOTICE, '[' . $ldapUser .'] Removed user ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i]); + logNewMessage(LOG_NOTICE, 'Removed user ' . $this->getAccountContainer()->finalDN . ' from group: ' . $toRem[$i]); } } } @@ -2204,7 +2202,7 @@ class windowsUser extends baseModule implements passwordService { $attrs = array('pwdLastSet' => array($this->pwdLastSet)); $success = @ldap_modify($_SESSION['ldap']->server(), $this->getAccountContainer()->finalDN, $attrs); if (!$success) { - logNewMessage(LOG_ERR, '[' . $ldapUser .'] Unable to change pwdLastSet for ' . $this->getAccountContainer()->finalDN . ' (' . ldap_error($_SESSION['ldap']->server()) . ').'); + logNewMessage(LOG_ERR, 'Unable to change pwdLastSet for ' . $this->getAccountContainer()->finalDN . ' (' . ldap_error($_SESSION['ldap']->server()) . ').'); $messages[] = array('ERROR', sprintf(_('Was unable to modify attributes of DN: %s.'), $this->getAccountContainer()->finalDN), getDefaultLDAPErrorString($_SESSION['ldap']->server())); } } diff --git a/lam/lib/remote.inc b/lam/lib/remote.inc index 0502a1c1..f5aca48e 100644 --- a/lam/lib/remote.inc +++ b/lam/lib/remote.inc @@ -101,10 +101,10 @@ class Remote { */ private function loginSSH($handle) { $username = $_SESSION['config']->getScriptUserName(); - $credentials = $_SESSION['ldap']->decrypt_login(); + $ldapUser = $_SESSION['ldap']->getUserName(); if (empty($username)) { // get user name from current LAM user - $sr = @ldap_read($_SESSION['ldap']->server(), $credentials[0], "objectClass=posixAccount", array('uid'), 0, 0, 0, LDAP_DEREF_NEVER); + $sr = @ldap_read($_SESSION['ldap']->server(), $ldapUser, "objectClass=posixAccount", array('uid'), 0, 0, 0, LDAP_DEREF_NEVER); if ($sr) { $entry = @ldap_get_entries($_SESSION['ldap']->server(), $sr); if (!empty($entry[0]['uid'])) { @@ -112,10 +112,10 @@ class Remote { } } if (empty($username)) { - throw new LAMException(sprintf(_("Your LAM admin user (%s) must be a valid Unix account to work with lamdaemon!"), getAbstractDN($credentials[0]))); + throw new LAMException(sprintf(_("Your LAM admin user (%s) must be a valid Unix account to work with lamdaemon!"), getAbstractDN($ldapUser))); } } - $password = $credentials[1]; + $password = $_SESSION['ldap']->getPassword(); $keyPath = $_SESSION['config']->getScriptSSHKey(); if (!empty($keyPath)) { // use key authentication diff --git a/lam/lib/security.inc b/lam/lib/security.inc index a51ba3c4..bf9c717a 100644 --- a/lam/lib/security.inc +++ b/lam/lib/security.inc @@ -173,8 +173,8 @@ function checkClientIP() { function logoffAndBackToLoginPage() { // log message if (isset($_SESSION['ldap'])) { - $ldapUser = $_SESSION['ldap']->decrypt_login(); - logNewMessage(LOG_WARNING, 'Session of user ' . $ldapUser[0] . ' expired.'); + $ldapUser = $_SESSION['ldap']->getUserName(); + logNewMessage(LOG_WARNING, 'Session of user ' . $ldapUser . ' expired.'); // close LDAP connection @$_SESSION["ldap"]->destroy(); } diff --git a/lam/templates/3rdParty/pla/config/config.php b/lam/templates/3rdParty/pla/config/config.php index bf182f7f..d9d9d676 100644 --- a/lam/templates/3rdParty/pla/config/config.php +++ b/lam/templates/3rdParty/pla/config/config.php @@ -4,7 +4,6 @@ app_session_start(); $lamConfig = $_SESSION['config']; $lamCfgMain = $_SESSION['cfgMain']; $lamLdap = $_SESSION['ldap']; -$lamLogin = $lamLdap->decrypt_login(); $servers = new Datastore(); $servers->newServer('ldap_pla'); @@ -12,8 +11,8 @@ $servers->setValue('server','name',null); $servers->setValue('server','host',$lamConfig->get_ServerURL()); $servers->setValue('server','base',array($lamConfig->get_Suffix('tree'))); $servers->setValue('login','auth_type','config'); -$servers->setValue('login','bind_id',$lamLogin[0]); -$servers->setValue('login','bind_pass',$lamLogin[1]); +$servers->setValue('login','bind_id', $lamLdap->getUserName()); +$servers->setValue('login','bind_pass',$lamLdap->getPassword()); if ($lamConfig->getUseTLS() == 'yes') { $servers->setValue('server','tls',true); } diff --git a/lam/templates/login2Factor.php b/lam/templates/login2Factor.php index 9c5060b7..9f4b4383 100644 --- a/lam/templates/login2Factor.php +++ b/lam/templates/login2Factor.php @@ -9,10 +9,9 @@ use \htmlSelect; use \htmlInputField; use \htmlButton; /* -$Id$ This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) - Copyright (C) 2017 Roland Gruber + Copyright (C) 2017 - 2019 Roland Gruber This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -46,9 +45,7 @@ startSecureSession(); setlanguage(); $config = $_SESSION['config']; -$ldap = $_SESSION['ldap']; -$credentials = $ldap->decrypt_login(); -$password = $credentials[1]; +$password = $_SESSION['ldap']->getPassword(); $user = $_SESSION['user2factor']; if (get_preg($user, 'dn')) { $user = extractRDNValue($user); diff --git a/lam/templates/logout.php b/lam/templates/logout.php index 42a34d14..73385605 100644 --- a/lam/templates/logout.php +++ b/lam/templates/logout.php @@ -1,9 +1,8 @@ decrypt_login(); - logNewMessage(LOG_NOTICE, 'User ' . $ldapUser[0] . ' logged off.'); + logNewMessage(LOG_NOTICE, 'User logged off.'); // close LDAP connection if (!empty($_SESSION["ldap"])) { diff --git a/lam/templates/tests/lamdaemonTest.php b/lam/templates/tests/lamdaemonTest.php index bd9bc984..f69043af 100644 --- a/lam/templates/tests/lamdaemonTest.php +++ b/lam/templates/tests/lamdaemonTest.php @@ -210,13 +210,13 @@ function lamRunTestSuite($serverName, $serverTitle, $testQuota, $container) { $container->addVerticalSpacer('0.5rem'); // check Unix account of LAM admin - $credentials = $_SESSION['ldap']->decrypt_login(); + $ldapUser = $_SESSION['ldap']->getUserName(); if (!$stopTest) { $scriptUserName = $_SESSION['config']->getScriptUserName(); if (empty($scriptUserName)) { $container->add(new htmlOutputText(_("Unix account")), 10, 4); $unixOk = false; - $sr = @ldap_read($_SESSION['ldap']->server(), $credentials[0], "objectClass=posixAccount", array('uid'), 0, 0, 0, LDAP_DEREF_NEVER); + $sr = @ldap_read($_SESSION['ldap']->server(), $ldapUser, "objectClass=posixAccount", array('uid'), 0, 0, 0, LDAP_DEREF_NEVER); if ($sr) { $entry = @ldap_get_entries($_SESSION['ldap']->server(), $sr); $userName = $entry[0]['uid'][0]; @@ -230,7 +230,7 @@ function lamRunTestSuite($serverName, $serverTitle, $testQuota, $container) { } else { $container->add(new htmlImage($failImage), 2); - $container->add(new htmlOutputText(sprintf(_("Your LAM admin user (%s) must be a valid Unix account to work with lamdaemon!"), $credentials[0])), 12, 6); + $container->add(new htmlOutputText(sprintf(_("Your LAM admin user (%s) must be a valid Unix account to work with lamdaemon!"), $ldapUser)), 12, 6); $stopTest = true; } $container->addVerticalSpacer('0.5rem');