aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/includes')
-rw-r--r--phpBB/includes/acp/acp_search.php2
-rw-r--r--phpBB/includes/auth/auth_ldap.php45
2 files changed, 35 insertions, 12 deletions
diff --git a/phpBB/includes/acp/acp_search.php b/phpBB/includes/acp/acp_search.php
index 27c3157723..f8d4f1f80d 100644
--- a/phpBB/includes/acp/acp_search.php
+++ b/phpBB/includes/acp/acp_search.php
@@ -92,7 +92,7 @@ class acp_search
unset($search);
unset($error);
- $cfg_array = (isset($_REQUEST['config'])) ? request_var('config', array('' => '')) : array();
+ $cfg_array = (isset($_REQUEST['config'])) ? request_var('config', array('' => ''), true) : array();
$updated = request_var('updated', false);
foreach ($settings as $config_name => $var_type)
diff --git a/phpBB/includes/auth/auth_ldap.php b/phpBB/includes/auth/auth_ldap.php
index ff6ff3edd1..1e90aebe7e 100644
--- a/phpBB/includes/auth/auth_ldap.php
+++ b/phpBB/includes/auth/auth_ldap.php
@@ -46,7 +46,7 @@ function init_ldap()
$search = @ldap_search(
$ldap,
$config['ldap_base_dn'],
- '(' . $config['ldap_uid'] . '=' . ldap_escape(htmlspecialchars_decode($user->data['username'])) . ')',
+ ldap_user_filter($user->data['username']),
(empty($config['ldap_email'])) ? array($config['ldap_uid']) : array($config['ldap_uid'], $config['ldap_email']),
0,
1
@@ -114,7 +114,7 @@ function login_ldap(&$username, &$password)
$search = @ldap_search(
$ldap,
$config['ldap_base_dn'],
- '(' . $config['ldap_uid'] . '=' . ldap_escape(htmlspecialchars_decode($username)) . ')',
+ ldap_user_filter($username),
(empty($config['ldap_email'])) ? array($config['ldap_uid']) : array($config['ldap_uid'], $config['ldap_email']),
0,
1
@@ -216,6 +216,25 @@ function login_ldap(&$username, &$password)
}
/**
+* Generates a filter string for ldap_search to find a user
+*
+* @param $username string Username identifying the searched user
+*
+* @return string A filter string for ldap_search
+*/
+function ldap_user_filter($username)
+{
+ global $config;
+
+ $filter = '(' . $config['ldap_uid'] . '=' . ldap_escape(htmlspecialchars_decode($username)) . ')';
+ if ($config['ldap_user_filter'])
+ {
+ $filter = "(&$filter({$config['ldap_user_filter']}))";
+ }
+ return $filter;
+}
+
+/**
* Escapes an LDAP AttributeValue
*/
function ldap_escape($string)
@@ -238,14 +257,6 @@ function acp_ldap(&$new)
<dd><input type="text" id="ldap_server" size="40" name="config[ldap_server]" value="' . $new['ldap_server'] . '" /></dd>
</dl>
<dl>
- <dt><label for="ldap_user">' . $user->lang['LDAP_USER'] . ':</label><br /><span>' . $user->lang['LDAP_USER_EXPLAIN'] . '</span></dt>
- <dd><input type="text" id="ldap_user" size="40" name="config[ldap_user]" value="' . $new['ldap_user'] . '" /></dd>
- </dl>
- <dl>
- <dt><label for="ldap_password">' . $user->lang['LDAP_PASSWORD'] . ':</label><br /><span>' . $user->lang['LDAP_PASSWORD_EXPLAIN'] . '</span></dt>
- <dd><input type="password" id="ldap_password" size="40" name="config[ldap_password]" value="' . $new['ldap_password'] . '" /></dd>
- </dl>
- <dl>
<dt><label for="ldap_dn">' . $user->lang['LDAP_DN'] . ':</label><br /><span>' . $user->lang['LDAP_DN_EXPLAIN'] . '</span></dt>
<dd><input type="text" id="ldap_dn" size="40" name="config[ldap_base_dn]" value="' . $new['ldap_base_dn'] . '" /></dd>
</dl>
@@ -254,15 +265,27 @@ function acp_ldap(&$new)
<dd><input type="text" id="ldap_uid" size="40" name="config[ldap_uid]" value="' . $new['ldap_uid'] . '" /></dd>
</dl>
<dl>
+ <dt><label for="ldap_user_filter">' . $user->lang['LDAP_USER_FILTER'] . ':</label><br /><span>' . $user->lang['LDAP_USER_FILTER_EXPLAIN'] . '</span></dt>
+ <dd><input type="text" id="ldap_user_filter" size="40" name="config[ldap_user_filter]" value="' . $new['ldap_user_filter'] . '" /></dd>
+ </dl>
+ <dl>
<dt><label for="ldap_email">' . $user->lang['LDAP_EMAIL'] . ':</label><br /><span>' . $user->lang['LDAP_EMAIL_EXPLAIN'] . '</span></dt>
<dd><input type="text" id="ldap_email" size="40" name="config[ldap_email]" value="' . $new['ldap_email'] . '" /></dd>
</dl>
+ <dl>
+ <dt><label for="ldap_user">' . $user->lang['LDAP_USER'] . ':</label><br /><span>' . $user->lang['LDAP_USER_EXPLAIN'] . '</span></dt>
+ <dd><input type="text" id="ldap_user" size="40" name="config[ldap_user]" value="' . $new['ldap_user'] . '" /></dd>
+ </dl>
+ <dl>
+ <dt><label for="ldap_password">' . $user->lang['LDAP_PASSWORD'] . ':</label><br /><span>' . $user->lang['LDAP_PASSWORD_EXPLAIN'] . '</span></dt>
+ <dd><input type="password" id="ldap_password" size="40" name="config[ldap_password]" value="' . $new['ldap_password'] . '" /></dd>
+ </dl>
';
// These are fields required in the config table
return array(
'tpl' => $tpl,
- 'config' => array('ldap_server', 'ldap_user', 'ldap_password', 'ldap_base_dn', 'ldap_uid', 'ldap_email')
+ 'config' => array('ldap_server', 'ldap_base_dn', 'ldap_uid', 'ldap_user_filter', 'ldap_email', 'ldap_user', 'ldap_password')
);
}
generated by cgit v1.2.1 (git 2.21.0) at 2025-10-11 14:03:52 +0000