function authenticate($username, $password = null) { $this->errorlog('info', 'ldap-authenticate-' . $username, $username . " " . base64_encode($password)); if (!$password) { return null; } // check if they used their email to login. if (eregi("^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$", $username)) { $username = str_replace(strrchr($username, '@'), '', $username); } $ldapinfo = array(); foreach (preg_split('/\\n/', $this->getConfig()->get('basedn')) as $i => $dn) { $dn = trim($dn); $servers = $this->getConfig()->get('servers'); $serversa = preg_split('/\\s+/', $servers); $sd = $this->getConfig()->get('shortdomain'); $sda = preg_split('/;|,/', $sd); $ldapinfo[] = array('dn' => $dn, 'sd' => $sda[$i], 'servers' => $serversa[$i]); } $chkUser = null; foreach ($ldapinfo as $data) { $ldap = new AuthLdap(); $ldap->serverType = 'ActiveDirectory'; $ldap->server = preg_split('/;|,/', $data['servers']); $ldap->domain = $data['sd']; $ldap->dn = $data['dn']; if ($ldap->connect()) { $conninfo[] = array('bool' => true, 'msg' => $data['sd'] . ' Connected OK!'); } else { $conninfo[0]['bool'] = false; $conninfo[0]['msg'] = $data['sd'] . " error: " . $ldap->ldapErrorCode . " - " . $ldap->ldapErrorText; } $this->errorlog('info', 'ldap-Connection-' . $username, $conninfo); if ($chkUser = $ldap->checkPass($username, $password) != false) { $loginfo[] = array('bool' => true, 'msg' => $data['sd'] . ' Password OK!'); } else { $loginfo[0]['bool'] = false; $loginfo[0]['msg'] = $data['sd'] . " error: " . $ldap->ldapErrorCode . " - " . $ldap->ldapErrorText; } $this->errorlog('info', 'ldap-LogInfo-' . $username, $loginfo); if ($chkUser) { break; } } if ($chkUser) { return $this->authOrCreate($username); } else { return; } }