function _ldapauth_auth in LDAP integration 6
Authenticate the user against LDAP servers.
Note: Related server information is passed via the global _ldapauth_ldap variable.
Parameters
$name: A username.
$pass: A password.
Return value
User's LDAP dn success, FALSE otherwise.
1 call to _ldapauth_auth()
- ldapauth_authenticate in ./
ldapauth.module - Main user authentication function. Called by form validator.
File
- ./
ldapauth.module, line 547 - ldapauth provides authentication against ldap server.
Code
function _ldapauth_auth($name, $pass, $create_account = FALSE) {
global $_ldapauth_ldap;
// Don't allow empty passwords because they cause problems on some setups.
// http://drupal.org/node/87831
if (empty($pass)) {
return FALSE;
}
// Cycle through LDAP configurations. First one to succeed wins.
$result = db_query("SELECT sid FROM {ldapauth} WHERE status = 1 ORDER BY weight");
while ($row = db_fetch_object($result)) {
// Initialize LDAP.
if (!_ldapauth_init($row->sid)) {
return FALSE;
}
// Look up the user in LDAP.
if (!($ldap = _ldapauth_user_lookup($name)) || !isset($ldap['dn'])) {
continue;
}
// Filter users based on their LDAP data.
if (($code = _ldapauth_ldap_info($row->sid, 'filter_php')) && !eval($code)) {
continue;
}
// Try to authenticate.
if (!$_ldapauth_ldap
->connect($ldap['dn'], $pass)) {
ldapauth_debug_msg(t("authenticate: Matching LDAP entry found, but password was not valid. sid=@sid, dn=@dn", array(
'@dn' => $ldap['dn'],
'@sid' => $row->sid,
)));
continue;
}
// Register this new user. See http://drupal.org/node/553482 and http://drupal.org/node/551738
if ($create_account) {
$error = '';
$account = ldapauth_drupal_user_create($_ldapauth_ldap, $name, $ldap['dn'], $error);
if ($account === FALSE) {
drupal_set_message(check_plain($error), 'error');
return;
}
}
return $ldap['dn'];
}
return FALSE;
}