public function verifyPassword($login, $password) { $dao = jDao::get($this->_params['dao'], $this->_params['profile']); $user = $dao->getByLogin($login); if ($login == 'admin') { if (!$user) { return false; } $result = $this->checkPassword($password, $user->password); if ($result === false) { return false; } if ($result !== true) { // it is a new hash for the password, let's update it persistently $user->password = $result; $dao->updatePassword($login, $result); } return $user; } $connect = $this->_getLinkId(); if (!$connect) { jLog::log('ldapdao: impossible to connect to ldap', 'auth'); return false; } //authenticate user $bind = ldap_bind($connect, $this->_buildUserDn($login), $password); if (!$bind) { jLog::log('ldapdao: bind failed with ' . $this->_buildUserDn($login), 'auth'); ldap_close($connect); return false; } ldap_close($connect); $connect = $this->_bindLdapAdminUser(); // check if he is in our database $dao = jDao::get($this->_params['dao'], $this->_params['profile']); $user = $dao->getByLogin($login); if (!$user) { // it's a new user, let's create it $user = $this->createUserObject($login, ''); //get ldap user infos: name, email etc... $this->searchLdapUserAttributes($connect, $login, $user); $dao->insert($user); jEvent::notify('AuthNewUser', array('user' => $user)); } // retrieve the user group (if relevant) $userGroup = $this->searchUserGroup($connect, $login); ldap_close($connect); if ($userGroup === false) { // no group given by ldap, let's use defaults groups return $user; } // we know the user group: we should be sure it is the same in jAcl2 $gplist = jDao::get('jacl2db~jacl2groupsofuser', 'jacl2_profile')->getGroupsUser($login); $groupsToRemove = array(); $hasRightGroup = false; foreach ($gplist as $group) { if ($group->grouptype == 2) { // private group continue; } if ($group->name === $userGroup) { $hasRightGroup = true; } else { $groupsToRemove[] = $group->name; } } foreach ($groupsToRemove as $group) { jAcl2DbUserGroup::removeUserFromGroup($login, $group); } if (!$hasRightGroup && jAcl2DbUserGroup::getGroup($userGroup)) { jAcl2DbUserGroup::addUserToGroup($login, $userGroup); } return $user; }