Check if ldap_get_entries returns array FS#1742

darcs-hash:20091004114818-6e07b-0e6be8f61e4201692abdfcc4da93b031c29ac727.gz

Check if ldap_get_entries returns array FS#1742
dcc666a7 · Andreas Gohr · 6733c4d7 · dcc666a7
Commit dcc666a7 authored 15 years ago by Andreas Gohr
--- a/inc/auth/ldap.class.php
+++ b/inc/auth/ldap.class.php
@@ -180,7 +180,7 @@ class auth_ldap extends auth_basic {
            msg('LDAP user search: '.htmlspecialchars(ldap_error($this->con)),0,__LINE__,__FILE__);

        // Don't accept more or less than one response
-        if($result['count'] != 1){
+        if(!is_array($result) || $result['count'] != 1){
            return false; //user not found
        }

@@ -220,18 +220,19 @@ class auth_ldap extends auth_basic {
        if ($this->cnf['grouptree'] && $this->cnf['groupfilter']) {
            $base   = $this->_makeFilter($this->cnf['grouptree'], $user_result);
            $filter = $this->_makeFilter($this->cnf['groupfilter'], $user_result);
-
            $sr = @ldap_search($this->con, $base, $filter, array($this->cnf['groupkey']));
            if(!$sr){
                msg("LDAP: Reading group memberships failed",-1);
-                if($this->cnf['debug'])
+                if($this->cnf['debug']){
                    msg('LDAP group search: '.htmlspecialchars(ldap_error($this->con)),0,__LINE__,__FILE__);
+                    msg('LDAP filter was: '.htmlspecialchars($filter),0,__LINE__,__FILE__);
+                }
                return false;
            }
            $result = ldap_get_entries($this->con, $sr);
            ldap_free_result($sr);

-            foreach($result as $grp){
+            if(is_array($result)) foreach($result as $grp){
                if(!empty($grp[$this->cnf['groupkey']][0])){
                    if($this->cnf['debug'])
                        msg('LDAP usergroup: '.htmlspecialchars($grp[$this->cnf['groupkey']][0]),0,__LINE__,__FILE__);