/** * Checks the password for the given user account. * * Returns true if the given password for the user account specified by * is correct, otherwise false. * Error messages are added to the array errors. * * This function is only called when local authentication has failed, so * we are about to create user account. * * @param string $login Loginname * @param string $password Password * @param array $optionalData Optional data * * @return boolean */ public function checkPassword($login, $password, array $optionalData = null) { if ('' === trim($password)) { $this->errors[] = PMF_User::ERROR_USER_INCORRECT_PASSWORD; return false; } $bindLogin = $login; if ($this->_ldapConfig['ldap_use_domain_prefix']) { if (array_key_exists('domain', $optionalData)) { $bindLogin = $optionalData['domain'] . '\\' . $login; } } else { $this->ldap = new PMF_Ldap($this->_config); $this->ldap->connect($this->_ldapConfig['ldap_server'], $this->_ldapConfig['ldap_port'], $this->_ldapConfig['ldap_base'], $this->_ldapConfig['ldap_user'], $this->_ldapConfig['ldap_password']); if ($this->ldap->error) { $this->errors[] = $this->ldap->error; } $bindLogin = $this->ldap->getDn($login); } // Check user in LDAP $this->ldap = new PMF_Ldap($this->_config); $this->ldap->connect($this->_ldapConfig['ldap_server'], $this->_ldapConfig['ldap_port'], $this->_ldapConfig['ldap_base'], $bindLogin, $password); if (!$this->ldap->bind($bindLogin, $password)) { $this->errors[] = $this->ldap->error; return false; } else { $this->add($login, $password); return true; } }