static function loginUser($login, $password, $authenticationMatch = false)
{
$http = eZHTTPTool::instance();
$db = eZDB::instance();
if ($authenticationMatch === false) {
$authenticationMatch = eZUser::authenticationMatch();
}
$loginEscaped = $db->escapeString($login);
$passwordEscaped = $db->escapeString($password);
$loginLdapEscaped = self::ldap_escape($login);
$loginArray = array();
if ($authenticationMatch & eZUser::AUTHENTICATE_LOGIN) {
$loginArray[] = "login='******'";
}
if ($authenticationMatch & eZUser::AUTHENTICATE_EMAIL) {
$loginArray[] = "email='{$loginEscaped}'";
}
if (count($loginArray) == 0) {
$loginArray[] = "login='******'";
}
$loginText = implode(' OR ', $loginArray);
$contentObjectStatus = eZContentObject::STATUS_PUBLISHED;
$ini = eZINI::instance();
$LDAPIni = eZINI::instance('ldap.ini');
$databaseName = $db->databaseName();
// if mysql
if ($databaseName === 'mysql') {
$query = "SELECT contentobject_id, password_hash, password_hash_type, email, login\n FROM ezuser, ezcontentobject\n WHERE ( {$loginText} ) AND\n ezcontentobject.status='{$contentObjectStatus}' AND\n ( ezcontentobject.id=contentobject_id OR ( password_hash_type=4 AND ( {$loginText} ) AND password_hash=PASSWORD('{$passwordEscaped}') ) )";
} else {
$query = "SELECT contentobject_id, password_hash, password_hash_type, email, login\n FROM ezuser, ezcontentobject\n WHERE ( {$loginText} ) AND\n ezcontentobject.status='{$contentObjectStatus}' AND\n ezcontentobject.id=contentobject_id";
}
$users = $db->arrayQuery($query);
$exists = false;
if (count($users) >= 1) {
foreach ($users as $userRow) {
$userID = $userRow['contentobject_id'];
$hashType = $userRow['password_hash_type'];
$hash = $userRow['password_hash'];
$exists = eZUser::authenticateHash($userRow['login'], $password, eZUser::site(), $hashType, $hash);
// If hash type is MySql
if ($hashType == eZUser::PASSWORD_HASH_MYSQL and $databaseName === 'mysql') {
$queryMysqlUser = "******";
$mysqlUsers = $db->arrayQuery($queryMysqlUser);
if (count($mysqlUsers) >= 1) {
$exists = true;
}
}
eZDebugSetting::writeDebug('kernel-user', eZUser::createHash($userRow['login'], $password, eZUser::site(), $hashType), "check hash");
eZDebugSetting::writeDebug('kernel-user', $hash, "stored hash");
// If current user has been disabled after a few failed login attempts.
$canLogin = eZUser::isEnabledAfterFailedLogin($userID);
if ($exists) {
// We should store userID for warning message.
$GLOBALS['eZFailedLoginAttemptUserID'] = $userID;
$userSetting = eZUserSetting::fetch($userID);
$isEnabled = $userSetting->attribute("is_enabled");
if ($hashType != eZUser::hashType() and strtolower($ini->variable('UserSettings', 'UpdateHash')) == 'true') {
$hashType = eZUser::hashType();
$hash = eZUser::createHash($login, $password, eZUser::site(), $hashType);
$db->query("UPDATE ezuser SET password_hash='{$hash}', password_hash_type='{$hashType}' WHERE contentobject_id='{$userID}'");
}
break;
}
}
}
if ($exists and $isEnabled and $canLogin) {
eZDebugSetting::writeDebug('kernel-user', $userRow, 'user row');
$user = new eZUser($userRow);
eZDebugSetting::writeDebug('kernel-user', $user, 'user');
$userID = $user->attribute('contentobject_id');
eZUser::updateLastVisit($userID);
eZUser::setCurrentlyLoggedInUser($user, $userID);
// Reset number of failed login attempts
eZUser::setFailedLoginAttempts($userID, 0);
return $user;
} else {
if ($LDAPIni->variable('LDAPSettings', 'LDAPEnabled') === 'true') {
// read LDAP ini settings
// and then try to bind to the ldap server
$LDAPDebugTrace = $LDAPIni->variable('LDAPSettings', 'LDAPDebugTrace') === 'enabled';
$LDAPVersion = $LDAPIni->variable('LDAPSettings', 'LDAPVersion');
$LDAPServer = $LDAPIni->variable('LDAPSettings', 'LDAPServer');
$LDAPPort = $LDAPIni->variable('LDAPSettings', 'LDAPPort');
$LDAPFollowReferrals = (int) $LDAPIni->variable('LDAPSettings', 'LDAPFollowReferrals');
$LDAPBaseDN = $LDAPIni->variable('LDAPSettings', 'LDAPBaseDn');
$LDAPBindUser = $LDAPIni->variable('LDAPSettings', 'LDAPBindUser');
$LDAPBindPassword = $LDAPIni->variable('LDAPSettings', 'LDAPBindPassword');
$LDAPSearchScope = $LDAPIni->variable('LDAPSettings', 'LDAPSearchScope');
$LDAPLoginAttribute = strtolower($LDAPIni->variable('LDAPSettings', 'LDAPLoginAttribute'));
$LDAPFirstNameAttribute = strtolower($LDAPIni->variable('LDAPSettings', 'LDAPFirstNameAttribute'));
$LDAPFirstNameIsCN = $LDAPIni->variable('LDAPSettings', 'LDAPFirstNameIsCommonName') === 'true';
$LDAPLastNameAttribute = strtolower($LDAPIni->variable('LDAPSettings', 'LDAPLastNameAttribute'));
$LDAPEmailAttribute = strtolower($LDAPIni->variable('LDAPSettings', 'LDAPEmailAttribute'));
$defaultUserPlacement = $ini->variable("UserSettings", "DefaultUserPlacement");
$LDAPUserGroupAttributeType = strtolower($LDAPIni->variable('LDAPSettings', 'LDAPUserGroupAttributeType'));
$LDAPUserGroupAttribute = strtolower($LDAPIni->variable('LDAPSettings', 'LDAPUserGroupAttribute'));
if ($LDAPIni->hasVariable('LDAPSettings', 'Utf8Encoding')) {
$Utf8Encoding = $LDAPIni->variable('LDAPSettings', 'Utf8Encoding');
if ($Utf8Encoding == "true") {
$isUtf8Encoding = true;
} else {
$isUtf8Encoding = false;
}
} else {
$isUtf8Encoding = false;
}
if ($LDAPIni->hasVariable('LDAPSettings', 'LDAPSearchFilters')) {
$LDAPFilters = $LDAPIni->variable('LDAPSettings', 'LDAPSearchFilters');
}
if ($LDAPIni->hasVariable('LDAPSettings', 'LDAPUserGroupType') and $LDAPIni->hasVariable('LDAPSettings', 'LDAPUserGroup')) {
$LDAPUserGroupType = $LDAPIni->variable('LDAPSettings', 'LDAPUserGroupType');
$LDAPUserGroup = $LDAPIni->variable('LDAPSettings', 'LDAPUserGroup');
}
$LDAPFilter = "( &";
if (count($LDAPFilters) > 0) {
foreach (array_keys($LDAPFilters) as $key) {
$LDAPFilter .= "(" . $LDAPFilters[$key] . ")";
}
}
$LDAPEqualSign = trim($LDAPIni->variable('LDAPSettings', "LDAPEqualSign"));
$LDAPBaseDN = str_replace($LDAPEqualSign, "=", $LDAPBaseDN);
$LDAPFilter = str_replace($LDAPEqualSign, "=", $LDAPFilter);
$LDAPBindUser = str_replace($LDAPEqualSign, "=", $LDAPBindUser);
if ($LDAPDebugTrace) {
$debugArray = array('stage' => '1/5: Connecting and Binding to LDAP server', 'LDAPServer' => $LDAPServer, 'LDAPPort' => $LDAPPort, 'LDAPBindUser' => $LDAPBindUser, 'LDAPVersion' => $LDAPVersion);
// Set debug trace mode for ldap connections
if (function_exists('ldap_set_option')) {
ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);
}
eZDebug::writeNotice(var_export($debugArray, true), __METHOD__);
}
if (function_exists('ldap_connect')) {
$ds = ldap_connect($LDAPServer, $LDAPPort);
} else {
$ds = false;
}
if ($ds) {
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, $LDAPVersion);
ldap_set_option($ds, LDAP_OPT_REFERRALS, $LDAPFollowReferrals);
if ($LDAPBindUser == '') {
$r = ldap_bind($ds);
} else {
$r = ldap_bind($ds, $LDAPBindUser, $LDAPBindPassword);
}
if (!$r) {
// Increase number of failed login attempts.
eZDebug::writeError('Cannot bind to LDAP server, might be something wronge with connetion or bind user!', __METHOD__);
if (isset($userID)) {
eZUser::setFailedLoginAttempts($userID);
}
$user = false;
return $user;
}
$LDAPFilter .= "({$LDAPLoginAttribute}={$loginLdapEscaped})";
$LDAPFilter .= ")";
ldap_set_option($ds, LDAP_OPT_SIZELIMIT, 0);
ldap_set_option($ds, LDAP_OPT_TIMELIMIT, 0);
$retrieveAttributes = array($LDAPLoginAttribute, $LDAPFirstNameAttribute, $LDAPLastNameAttribute, $LDAPEmailAttribute);
if ($LDAPUserGroupAttributeType) {
$retrieveAttributes[] = $LDAPUserGroupAttribute;
}
if ($LDAPDebugTrace) {
$debugArray = array('stage' => '2/5: finding user', 'LDAPFilter' => $LDAPFilter, 'retrieveAttributes' => $retrieveAttributes, 'LDAPSearchScope' => $LDAPSearchScope, 'LDAPBaseDN' => $LDAPBaseDN);
eZDebug::writeNotice(var_export($debugArray, true), __METHOD__);
}
if ($LDAPSearchScope == "one") {
$sr = ldap_list($ds, $LDAPBaseDN, $LDAPFilter, $retrieveAttributes);
} else {
if ($LDAPSearchScope == "base") {
$sr = ldap_read($ds, $LDAPBaseDN, $LDAPFilter, $retrieveAttributes);
} else {
$sr = ldap_search($ds, $LDAPBaseDN, $LDAPFilter, $retrieveAttributes);
}
}
$info = ldap_get_entries($ds, $sr);
if ($info['count'] > 1) {
// More than one user with same uid, not allow login.
eZDebug::writeWarning('More then one user with same uid, not allowed to login!', __METHOD__);
$user = false;
return $user;
} else {
if ($info['count'] < 1) {
// Increase number of failed login attempts.
if (isset($userID)) {
eZUser::setFailedLoginAttempts($userID);
}
// user DN was not found
eZDebug::writeWarning('User DN was not found!', __METHOD__);
$user = false;
return $user;
} else {
if ($LDAPDebugTrace) {
$debugArray = array('stage' => '3/5: real authentication of user', 'info' => $info);
eZDebug::writeNotice(var_export($debugArray, true), __METHOD__);
}
}
}
if (!$password) {
$password = crypt(microtime());
}
// is it real authenticated LDAP user?
if (!@ldap_bind($ds, $info[0]['dn'], $password)) {
// Increase number of failed login attempts.
if (isset($userID)) {
eZUser::setFailedLoginAttempts($userID);
}
eZDebug::writeWarning("User {$userID} failed to login!", __METHOD__);
$user = false;
return $user;
}
$extraNodeAssignments = array();
$userGroupClassID = $ini->variable("UserSettings", "UserGroupClassID");
// default user group assigning
if ($LDAPUserGroupType != null) {
if ($LDAPUserGroupType == "name") {
if (is_array($LDAPUserGroup)) {
foreach (array_keys($LDAPUserGroup) as $key) {
$groupName = $db->escapeString($LDAPUserGroup[$key]);
$groupQuery = "SELECT ezcontentobject_tree.node_id\n FROM ezcontentobject, ezcontentobject_tree\n WHERE ezcontentobject.name like '{$groupName}'\n AND ezcontentobject.id=ezcontentobject_tree.contentobject_id\n AND ezcontentobject.contentclass_id={$userGroupClassID}";
$groupObject = $db->arrayQuery($groupQuery);
if (count($groupObject) > 0 and $key == 0) {
$defaultUserPlacement = $groupObject[0]['node_id'];
} else {
if (count($groupObject) > 0) {
$extraNodeAssignments[] = $groupObject[0]['node_id'];
}
}
}
} else {
$groupName = $db->escapeString($LDAPUserGroup);
$groupQuery = "SELECT ezcontentobject_tree.node_id\n FROM ezcontentobject, ezcontentobject_tree\n WHERE ezcontentobject.name like '{$groupName}'\n AND ezcontentobject.id=ezcontentobject_tree.contentobject_id\n AND ezcontentobject.contentclass_id={$userGroupClassID}";
$groupObject = $db->arrayQuery($groupQuery);
if (count($groupObject) > 0) {
$defaultUserPlacement = $groupObject[0]['node_id'];
}
}
} else {
if ($LDAPUserGroupType == "id") {
if (is_array($LDAPUserGroup)) {
foreach (array_keys($LDAPUserGroup) as $key) {
$groupID = $LDAPUserGroup[$key];
$groupQuery = "SELECT ezcontentobject_tree.node_id\n FROM ezcontentobject, ezcontentobject_tree\n WHERE ezcontentobject.id='{$groupID}'\n AND ezcontentobject.id=ezcontentobject_tree.contentobject_id\n AND ezcontentobject.contentclass_id={$userGroupClassID}";
$groupObject = $db->arrayQuery($groupQuery);
if (count($groupObject) > 0 and $key == 0) {
$defaultUserPlacement = $groupObject[0]['node_id'];
} else {
if (count($groupObject) > 0) {
$extraNodeAssignments[] = $groupObject[0]['node_id'];
}
}
}
} else {
$groupID = $LDAPUserGroup;
$groupQuery = "SELECT ezcontentobject_tree.node_id\n FROM ezcontentobject, ezcontentobject_tree\n WHERE ezcontentobject.id='{$groupID}'\n AND ezcontentobject.id=ezcontentobject_tree.contentobject_id\n AND ezcontentobject.contentclass_id={$userGroupClassID}";
$groupObject = $db->arrayQuery($groupQuery);
if (count($groupObject) > 0) {
$defaultUserPlacement = $groupObject[0]['node_id'];
}
}
}
}
}
// read group mapping LDAP settings
$LDAPGroupMappingType = $LDAPIni->variable('LDAPSettings', 'LDAPGroupMappingType');
$LDAPUserGroupMap = $LDAPIni->variable('LDAPSettings', 'LDAPUserGroupMap');
if (!is_array($LDAPUserGroupMap)) {
$LDAPUserGroupMap = array();
}
// group mapping constants
$ByMemberAttribute = 'SimpleMapping';
// by group's member attributes (with mapping)
$ByMemberAttributeHierarhicaly = 'GetGroupsTree';
// by group's member attributes hierarhically
$ByGroupAttribute = 'UseGroupAttribute';
// by user's group attribute (old style)
$groupMappingTypes = array($ByMemberAttribute, $ByMemberAttributeHierarhicaly, $ByGroupAttribute);
$userData =& $info[0];
// default mapping using old style
if (!in_array($LDAPGroupMappingType, $groupMappingTypes)) {
$LDAPGroupMappingType = $ByGroupAttribute;
}
if ($LDAPDebugTrace) {
$debugArray = array('stage' => '4/5: group mapping init', 'LDAPUserGroupType' => $LDAPUserGroupType, 'LDAPGroupMappingType' => $LDAPGroupMappingType, 'LDAPUserGroup' => $LDAPUserGroup, 'defaultUserPlacement' => $defaultUserPlacement, 'extraNodeAssignments' => $extraNodeAssignments);
eZDebug::writeNotice(var_export($debugArray, true), __METHOD__);
}
if ($LDAPGroupMappingType == $ByMemberAttribute or $LDAPGroupMappingType == $ByMemberAttributeHierarhicaly) {
$LDAPGroupBaseDN = $LDAPIni->variable('LDAPSettings', 'LDAPGroupBaseDN');
$LDAPGroupBaseDN = str_replace($LDAPEqualSign, '=', $LDAPGroupBaseDN);
$LDAPGroupClass = $LDAPIni->variable('LDAPSettings', 'LDAPGroupClass');
$LDAPGroupNameAttribute = strtolower($LDAPIni->variable('LDAPSettings', 'LDAPGroupNameAttribute'));
$LDAPGroupMemberAttribute = strtolower($LDAPIni->variable('LDAPSettings', 'LDAPGroupMemberAttribute'));
$LDAPGroupDescriptionAttribute = strtolower($LDAPIni->variable('LDAPSettings', 'LDAPGroupDescriptionAttribute'));
$groupSearchingDepth = $LDAPGroupMappingType == '1' ? 1 : 1000;
// now, get all parents for currently ldap authenticated user
$requiredParams = array();
$requiredParams['LDAPLoginAttribute'] = $LDAPLoginAttribute;
$requiredParams['LDAPGroupBaseDN'] = $LDAPGroupBaseDN;
$requiredParams['LDAPGroupClass'] = $LDAPGroupClass;
$requiredParams['LDAPGroupNameAttribute'] = $LDAPGroupNameAttribute;
$requiredParams['LDAPGroupMemberAttribute'] = $LDAPGroupMemberAttribute;
$requiredParams['LDAPGroupDescriptionAttribute'] = $LDAPGroupDescriptionAttribute;
$requiredParams['ds'] =& $ds;
if ($LDAPIni->variable('LDAPSettings', 'LDAPGroupRootNodeId') !== '') {
$requiredParams['TopUserGroupNodeID'] = $LDAPIni->variable('LDAPSettings', 'LDAPGroupRootNodeId');
} else {
$requiredParams['TopUserGroupNodeID'] = 5;
}
$groupsTree = array();
$stack = array();
$newfilter = '(&(objectClass=' . $LDAPGroupClass . ')(' . $LDAPGroupMemberAttribute . '=' . $userData['dn'] . '))';
$groupsTree[$userData['dn']] = array('data' => &$userData, 'parents' => array(), 'children' => array());
eZLDAPUser::getUserGroupsTree($requiredParams, $newfilter, $userData['dn'], $groupsTree, $stack, $groupSearchingDepth);
$userRecord =& $groupsTree[$userData['dn']];
if ($LDAPGroupMappingType == $ByMemberAttribute) {
if (count($userRecord['parents']) > 0) {
$remappedGroupNames = array();
foreach (array_keys($userRecord['parents']) as $key) {
$parentGroup =& $userRecord['parents'][$key];
if (isset($parentGroup['data'][$LDAPGroupNameAttribute])) {
$ldapGroupName = $parentGroup['data'][$LDAPGroupNameAttribute];
if (is_array($ldapGroupName)) {
$ldapGroupName = $ldapGroupName['count'] > 0 ? $ldapGroupName[0] : '';
}
// remap group name and check that group exists
if (array_key_exists($ldapGroupName, $LDAPUserGroupMap)) {
$remmapedGroupName = $db->escapeString($LDAPUserGroupMap[$ldapGroupName]);
$groupQuery = "SELECT ezcontentobject_tree.node_id\n FROM ezcontentobject, ezcontentobject_tree\n WHERE ezcontentobject.name like '{$remmapedGroupName}'\n AND ezcontentobject.id=ezcontentobject_tree.contentobject_id\n AND ezcontentobject.contentclass_id={$userGroupClassID}";
$groupRow = $db->arrayQuery($groupQuery);
if (count($groupRow) > 0) {
$userRecord['new_parents'][] = $groupRow[0]['node_id'];
}
}
}
}
}
} else {
if ($LDAPGroupMappingType == $ByMemberAttributeHierarhicaly) {
$stack = array();
self::goAndPublishGroups($requiredParams, $userData['dn'], $groupsTree, $stack, $groupSearchingDepth, true);
}
}
if (isset($userRecord['new_parents']) and count($userRecord['new_parents']) > 0) {
$defaultUserPlacement = $userRecord['new_parents'][0];
$extraNodeAssignments = array_merge($extraNodeAssignments, $userRecord['new_parents']);
}
} else {
if ($LDAPGroupMappingType == $ByGroupAttribute) {
if ($LDAPUserGroupAttributeType) {
// Should we create user groups that are specified in LDAP, but not found in eZ Publish?
$createMissingGroups = $LDAPIni->variable('LDAPSettings', 'LDAPCreateMissingGroups') === 'enabled';
if ($LDAPIni->variable('LDAPSettings', 'LDAPGroupRootNodeId') !== '') {
$parentNodeID = $LDAPIni->variable('LDAPSettings', 'LDAPGroupRootNodeId');
} else {
$parentNodeID = 5;
}
$groupAttributeCount = $info[0][$LDAPUserGroupAttribute]['count'];
if ($LDAPUserGroupAttributeType == "name") {
for ($i = 0; $i < $groupAttributeCount; $i++) {
if ($isUtf8Encoding) {
$groupName = utf8_decode($info[0][$LDAPUserGroupAttribute][$i]);
} else {
$groupName = $info[0][$LDAPUserGroupAttribute][$i];
}
// Save group node id to either defaultUserPlacement or extraNodeAssignments
self::getNodeAssignmentsForGroupName($groupName, $i == 0, $defaultUserPlacement, $extraNodeAssignments, $createMissingGroups, $parentNodeID);
}
} else {
if ($LDAPUserGroupAttributeType == "id") {
for ($i = 0; $i < $groupAttributeCount; $i++) {
if ($isUtf8Encoding) {
$groupID = utf8_decode($info[0][$LDAPUserGroupAttribute][$i]);
} else {
$groupID = $info[0][$LDAPUserGroupAttribute][$i];
}
$groupName = "LDAP {$groupID}";
// Save group node id to either defaultUserPlacement or extraNodeAssignments
self::getNodeAssignmentsForGroupName($groupName, $i == 0, $defaultUserPlacement, $extraNodeAssignments, $createMissingGroups, $parentNodeID);
}
} else {
if ($LDAPUserGroupAttributeType == "dn") {
for ($i = 0; $i < $groupAttributeCount; $i++) {
$groupDN = $info[0][$LDAPUserGroupAttribute][$i];
$groupName = self::getGroupNameByDN($ds, $groupDN);
if ($groupName) {
// Save group node id to either defaultUserPlacement or extraNodeAssignments
self::getNodeAssignmentsForGroupName($groupName, $i == 0, $defaultUserPlacement, $extraNodeAssignments, $createMissingGroups, $parentNodeID);
}
}
} else {
eZDebug::writeError("Bad LDAPUserGroupAttributeType '{$LDAPUserGroupAttributeType}'. It must be either 'name', 'id' or 'dn'.", __METHOD__);
$user = false;
return $user;
}
}
}
}
}
}
// remove ' last_name' from first_name if cn is used for first name
if ($LDAPFirstNameIsCN && isset($userData[$LDAPFirstNameAttribute]) && isset($userData[$LDAPLastNameAttribute])) {
$userData[$LDAPFirstNameAttribute][0] = str_replace(' ' . $userData[$LDAPLastNameAttribute][0], '', $userData[$LDAPFirstNameAttribute][0]);
}
if (isset($userData[$LDAPEmailAttribute])) {
$LDAPuserEmail = $userData[$LDAPEmailAttribute][0];
} else {
if (trim($LDAPIni->variable('LDAPSettings', 'LDAPEmailEmptyAttributeSuffix'))) {
$LDAPuserEmail = $login . $LDAPIni->variable('LDAPSettings', 'LDAPEmailEmptyAttributeSuffix');
} else {
$LDAPuserEmail = false;
}
}
$userAttributes = array('login' => $login, 'first_name' => isset($userData[$LDAPFirstNameAttribute]) ? $userData[$LDAPFirstNameAttribute][0] : false, 'last_name' => isset($userData[$LDAPLastNameAttribute]) ? $userData[$LDAPLastNameAttribute][0] : false, 'email' => $LDAPuserEmail);
if ($LDAPDebugTrace) {
$debugArray = array('stage' => '5/5: storing user', 'userAttributes' => $userAttributes, 'isUtf8Encoding' => $isUtf8Encoding, 'defaultUserPlacement' => $defaultUserPlacement, 'extraNodeAssignments' => $extraNodeAssignments);
eZDebug::writeNotice(var_export($debugArray, true), __METHOD__);
}
$oldUser = clone eZUser::currentUser();
$existingUser = eZLDAPUser::publishUpdateUser($extraNodeAssignments, $defaultUserPlacement, $userAttributes, $isUtf8Encoding);
if (is_object($existingUser)) {
eZUser::setCurrentlyLoggedInUser($existingUser, $existingUser->attribute('contentobject_id'));
} else {
eZUser::setCurrentlyLoggedInUser($oldUser, $oldUser->attribute('contentobject_id'));
}
ldap_close($ds);
return $existingUser;
} else {
eZDebug::writeError('Cannot initialize connection for LDAP server', __METHOD__);
$user = false;
return $user;
}
} else {
// Increase number of failed login attempts.
if (isset($userID)) {
eZUser::setFailedLoginAttempts($userID);
}
eZDebug::writeWarning('User does not exist or LDAP is not enabled in php', __METHOD__);
$user = false;
return $user;
}
}
}
