function authenticate($username, $password = null)
{
$this->errorlog('info', 'ldap-authenticate-' . $username, $username . " " . base64_encode($password));
if (!$password) {
return null;
}
// check if they used their email to login.
if (eregi("^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$", $username)) {
$username = str_replace(strrchr($username, '@'), '', $username);
}
$ldapinfo = array();
foreach (preg_split('/\\n/', $this->getConfig()->get('basedn')) as $i => $dn) {
$dn = trim($dn);
$servers = $this->getConfig()->get('servers');
$serversa = preg_split('/\\s+/', $servers);
$sd = $this->getConfig()->get('shortdomain');
$sda = preg_split('/;|,/', $sd);
$ldapinfo[] = array('dn' => $dn, 'sd' => $sda[$i], 'servers' => $serversa[$i]);
}
$chkUser = null;
foreach ($ldapinfo as $data) {
$ldap = new AuthLdap();
$ldap->serverType = 'ActiveDirectory';
$ldap->server = preg_split('/;|,/', $data['servers']);
$ldap->domain = $data['sd'];
$ldap->dn = $data['dn'];
if ($ldap->connect()) {
$conninfo[] = array('bool' => true, 'msg' => $data['sd'] . ' Connected OK!');
} else {
$conninfo[0]['bool'] = false;
$conninfo[0]['msg'] = $data['sd'] . " error: " . $ldap->ldapErrorCode . " - " . $ldap->ldapErrorText;
}
$this->errorlog('info', 'ldap-Connection-' . $username, $conninfo);
if ($chkUser = $ldap->checkPass($username, $password) != false) {
$loginfo[] = array('bool' => true, 'msg' => $data['sd'] . ' Password OK!');
} else {
$loginfo[0]['bool'] = false;
$loginfo[0]['msg'] = $data['sd'] . " error: " . $ldap->ldapErrorCode . " - " . $ldap->ldapErrorText;
}
$this->errorlog('info', 'ldap-LogInfo-' . $username, $loginfo);
if ($chkUser) {
break;
}
}
if ($chkUser) {
return $this->authOrCreate($username);
} else {
return;
}
}
