From 9963d59e3bc704bc499eace8e0849b3d6001b40b Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sat, 31 Oct 2009 14:31:18 -0700 Subject: [PATCH] Ignore any exceptions or errors on the ldap_bind... assume they are password related and just return false as an invalid password. Fixes ticket #864. --- modules/ldap/libraries/drivers/IdentityProvider/Ldap.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/ldap/libraries/drivers/IdentityProvider/Ldap.php b/modules/ldap/libraries/drivers/IdentityProvider/Ldap.php index e118d1fc..1f82b56f 100644 --- a/modules/ldap/libraries/drivers/IdentityProvider/Ldap.php +++ b/modules/ldap/libraries/drivers/IdentityProvider/Ldap.php @@ -71,7 +71,7 @@ class IdentityProvider_Ldap_Driver implements IdentityProvider_Driver { public function is_correct_password($user, $password) { $connection = ldap_connect(self::$_params["url"]); ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, 3); - $lbind = ldap_bind($connection, $user->dn, $password); + $lbind = @ldap_bind($connection, $user->dn, $password); ldap_unbind($connection); return ($lbind) ? true : false;