public function authenticate($user, $pass, $log = true)
{
$base = $this->manager->getConf('login.ldap.base');
$custom = $this->manager->getConf('login.ldap.custom');
$schema = $this->manager->getConf('login.ldap.schema');
$attr = $this->manager->getConf('login.ldap.userName');
$l = $this->manager->getConf('login.ldap.login');
$idPerson = $this->manager->getConf('login.ldap.idperson');
$vars = array('%domain%' => $_SERVER['HOST_NAME'], '%login%' => $user, '%password%' => md5($pass), 'AND(' => '&(', 'OR(' => '|(');
switch ($schema) {
case 'manager':
$search = '(&(login='******')(password='******'))';
$login = false;
break;
case 'system':
$search = 'uid=' . $user;
$login = true;
break;
default:
if ($custom) {
$search = strtr($custom, $vars);
} else {
$search = strtr('(&(|(uid=%login%)(login=%login%))(objectClass=managerUser))', $vars);
}
$login = null;
}
$sr = ldap_search($this->conn, $base, $search, array('dn', $attr, 'password', 'managerGroup', $l, $idPerson));
$info = ldap_get_entries($this->conn, $sr);
for ($i = 0; $i < $info['count']; $i++) {
$bind = $exists = false;
if ($info[$i]['dn']) {
if (!$login) {
$exists = $info[$i]['password'][0] == md5($pass);
}
if (!$exists && ($login || is_null($login))) {
$bind = ldap_bind($this->conn, $info[$i]['dn'], $pass);
}
if ($bind || $exists) {
$r = true;
break;
}
}
}
if ($l) {
$user = $info[$i][$l][0];
}
$groups = array();
if ($info[$i]['managergroup']['count'] > 0) {
unset($info[$i]['managergroup']['count']);
$groups = $info[$i]['managergroup'];
}
if ($log && $r) {
$login = new MLogin($user, $pass, $info[$i][$attr][0], 0);
$login->setIdPerson($info[$i][$idPerson][0]);
$login->setGroups($groups);
$this->setLogin($login);
}
return $r;
}