diff --git a/authLdap.php b/authLdap.php index c75617e..caae922 100644 --- a/authLdap.php +++ b/authLdap.php @@ -104,11 +104,6 @@ function authLdap_options_panel() $roles = new WP_Roles(); $action = $_SERVER['REQUEST_URI']; - if (! extension_loaded('ldap')) { - echo '
The LDAP-Extension is not available on your ' - . 'WebServer. Therefore Everything you can alter here does not ' - . 'make any sense!
'; - } include dirname(__FILE__) . '/view/admin.phtml'; } @@ -183,7 +178,8 @@ function authLdap_login($user, $username, $password, $already_md5 = false) if ($user instanceof WP_User) { authLdap_debug(sprintf( 'User %s has already been authenticated - skipping LDAP-Authentication', - $user->get('nickname'))); + $user->get('nickname') + )); return $user; } @@ -291,7 +287,6 @@ function authLdap_login($user, $username, $password, $already_md5 = false) if (! isset($attribs[0][strtolower($authLDAPUidAttr)][0])) { authLdap_debug('could not get user attributes from LDAP'); throw new UnexpectedValueException('The user-ID attribute has not been returned'); - } $dn = $attribs[0]['dn']; @@ -384,7 +379,7 @@ function authLdap_login($user, $username, $password, $already_md5 = false) } } $user_info['user_nicename'] = substr($user_info['user_nicename'], 0, 50); - + // optionally store the password into the wordpress database if (authLdap_get_option('CachePW')) { // Password will be hashed inside wp_update_user or wp_insert_user @@ -399,7 +394,7 @@ function authLdap_login($user, $username, $password, $already_md5 = false) // found user in the database authLdap_debug('The LDAP user has an entry in the WP-Database'); $user_info['ID'] = $uid; - unset ($user_info['display_name'], $user_info['nickname']); + unset($user_info['display_name'], $user_info['nickname']); $userid = wp_update_user($user_info); } else { // new wordpress account will be created diff --git a/src/LdapList.php b/src/LdapList.php index 44b5402..63b2297 100644 --- a/src/LdapList.php +++ b/src/LdapList.php @@ -42,7 +42,7 @@ public function authenticate($username, $password, $filter = '(uid=%s)') { foreach ($this->items as $key => $item) { if (! $item->authenticate($username, $password, $filter)) { - unset ($this->items[$key]); + unset($this->items[$key]); continue; } return true; @@ -65,7 +65,7 @@ public function bind() } if ($allFailed) { - throw new AuthLDAP_Exception('No bind successfull'); + throw new AuthLDAP_Exception('Bind unsuccessful'); } return true; diff --git a/view/admin.phtml b/view/admin.phtml index 95861b0..24ff4c1 100644 --- a/view/admin.phtml +++ b/view/admin.phtml @@ -30,9 +30,9 @@ */ ?>
-
Caveat: The LDAP-extension is not loaded! - Without that extension it is not possible to query an LDAP-Server! Please have a look - at the PHP-Installation page +
The PHP LDAP Extension is not loaded! + Without that extension it is not possible to query an LDAP Server. Please have a look + at the PHP Installation page

AuthLDAP Options

@@ -58,21 +58,21 @@ - + />

- Shall we prohibit authenticating already in WordPress created users using LDAP? If you enable this, LDAP-Users with the same user-ID - as existing WordPress-Users can no longer take over the WordPress-Users account. This also means that LDAP-Users with the same User-ID as existing - WordPress-Users will not be able to authenticate anymore! Accounts that have been taken over already will not be affected by this setting. + Shall we prohibit authenticating already in WordPress created users using LDAP? If you enable this, LDAP Users with the same user ID + as existing WordPress Users can no longer take over the WordPress User account. This also means that LDAP Users with the same User ID as existing + WordPress Users will not be able to authenticate anymore! Accounts that have been taken over already will not be affected by this setting.

This should only be checked if you know what you are doing!

- + /> @@ -80,12 +80,12 @@ - + />

- Search LDAP for user's groups and map to Wordpress Roles. + Search LDAP for User's groups and map to Wordpress Roles.

@@ -99,34 +99,34 @@ -

The URI - for connecting to the LDAP-Server. This usualy takes the form + for connecting to the LDAP Server. This usualy takes the form <scheme>://<user>:<password>@<server>/<path> according to RFC 1738.

- In this case it schould be something like + In this case it should be something like ldap://uid=adminuser,dc=example,c=com:secret@ldap.example.com/dc=basePath,dc=example,c=com.

- If your LDAP accepts anonymous login, you can ommit the user and - password-Part of the URI + If your LDAP accepts anonymous login, you can omit the user and + password part of the URI

- + -

- A separator that separates multiple LDAP-URIs from one another. - You can use that feature to try to authenticate against multiple LDAP-Servers - as long as they all have the same attribute-settings. The first LDAP-Server the user can + A separator that separates multiple LDAP URIs from one another. + You can use that feature to try to authenticate against multiple LDAP Servers + as long as they all have the same attribute settings. The first LDAP Server the user can authenticate against will be used to handle the user. @@ -193,8 +193,8 @@

- If the above Name-Attribute only contains the First Name of the - user you can here specify an Attribute that contains the second name. + If the above Name Attribute only contains the First Name of the + user you can here specify an Attribute that contains the Second Name.

This field is empty by default @@ -203,14 +203,14 @@ - +

- Please give the Attribute, that is used to identify the user. This - should be the same as you used in the above Filter-Option + The Attribute that is used to identify the user. This + should be the same as you used in the above Filter Option

This field defaults to uid @@ -225,10 +225,10 @@

- Which Attribute holds the eMail-Address of the user? + The Attribute which defines the email address of the user

- If more than one eMail-Address are stored in the LDAP, only the first given is used + If more than one email address is stored, only the first given is used

This field defaults to mail @@ -237,7 +237,7 @@ - +

- This is the base dn to lookup groups. + This is the Base DN to lookup groups.

- If empty the base dn of the LDAP URI will be used + If empty the Base DN of the LDAP URI will be used

- +

- This is the attribute that defines the Group-ID that can be matched + This is the Attribute that defines the Group ID that can be matched against the Groups defined further down

@@ -327,15 +327,15 @@ - +

- This attribute defines the separator used for the Group-IDs listed in the - Groups defined further down. This is useful if the value of Group-Attribute - listed above can contain a comma (for example, when using the memberof attribute) + This attribute defines the separator used for the Group IDs listed in the + Groups defined further down. This is useful if the value of Group Attribute + listed above can contain a comma (for example, when using the memberOf attribute)

This field defaults to , (comma) @@ -344,24 +344,24 @@ - +

- Here you can add the filter for selecting groups for ther - currentlly logged in user + Here you can add the filter for selecting groups for the + currently logged in user

The Filter should contain the string %s which will be replaced by - the login-name of the currently logged in user + the login name of the currently logged in user

Alternatively the string %dn% will be replaced by the - DN of the currently logged in user. This can be helpfull if - group-memberships are defined with DNs rather than UIDs + DN of the currently logged in user. This can be helpful if + group memberships are defined with DNs rather than UIDs

This field defaults to (&(objectClass=posixGroup)(memberUid=%s)) @@ -371,7 +371,7 @@ -

Role - group mapping

+

Role - Group Mapping

-

What LDAP-Groups shall be matched to the -Role?

-

Please provide a coma-separated list of values

+

What LDAP Groups should be matched to the Role?

+

Please provide a comma-separated list of values

This field is empty by default