Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

English fixes and minor code tidyup #175

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

English fixes and minor code tidyup #175

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
785cfb4
code tidyup and English improvements
Jul 9, 2019
0a77b47
minor English fixes
Jul 9, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 4 additions & 9 deletions authLdap.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,11 +104,6 @@ function authLdap_options_panel()
$roles = new WP_Roles();

$action = $_SERVER['REQUEST_URI'];
if (! extension_loaded('ldap')) {
echo '<div class="warning">The LDAP-Extension is not available on your '
. 'WebServer. Therefore Everything you can alter here does not '
. 'make any sense!</div>';
}

include dirname(__FILE__) . '/view/admin.phtml';
}
Expand Down Expand Up @@ -183,7 +178,8 @@ function authLdap_login($user, $username, $password, $already_md5 = false)
if ($user instanceof WP_User) {
authLdap_debug(sprintf(
'User %s has already been authenticated - skipping LDAP-Authentication',
$user->get('nickname')));
$user->get('nickname')
));
return $user;
}

Expand Down Expand Up @@ -291,7 +287,6 @@ function authLdap_login($user, $username, $password, $already_md5 = false)
if (! isset($attribs[0][strtolower($authLDAPUidAttr)][0])) {
authLdap_debug('could not get user attributes from LDAP');
throw new UnexpectedValueException('The user-ID attribute has not been returned');

}

$dn = $attribs[0]['dn'];
Expand Down Expand Up @@ -384,7 +379,7 @@ function authLdap_login($user, $username, $password, $already_md5 = false)
}
}
$user_info['user_nicename'] = substr($user_info['user_nicename'], 0, 50);

// optionally store the password into the wordpress database
if (authLdap_get_option('CachePW')) {
// Password will be hashed inside wp_update_user or wp_insert_user
Expand All @@ -399,7 +394,7 @@ function authLdap_login($user, $username, $password, $already_md5 = false)
// found user in the database
authLdap_debug('The LDAP user has an entry in the WP-Database');
$user_info['ID'] = $uid;
unset ($user_info['display_name'], $user_info['nickname']);
unset($user_info['display_name'], $user_info['nickname']);
$userid = wp_update_user($user_info);
} else {
// new wordpress account will be created
Expand Down
4 changes: 2 additions & 2 deletions src/LdapList.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ public function authenticate($username, $password, $filter = '(uid=%s)')
{
foreach ($this->items as $key => $item) {
if (! $item->authenticate($username, $password, $filter)) {
unset ($this->items[$key]);
unset($this->items[$key]);
continue;
}
return true;
Expand All @@ -65,7 +65,7 @@ public function bind()
}

if ($allFailed) {
throw new AuthLDAP_Exception('No bind successfull');
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This wording was used deliberately as the library tries multiple binds and none of these is successful.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok I misunderstood the context, 'No bind successful' is a viable alternative :)

throw new AuthLDAP_Exception('Bind unsuccessful');
}

return true;
Expand Down
94 changes: 47 additions & 47 deletions view/admin.phtml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,9 +30,9 @@
*/
?><div class="wrap">
<?php if (! extension_loaded('ldap')) : ?>
<div class="error"><strong>Caveat:</strong> The LDAP-extension is not loaded!
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why did you remove the strong marking here?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This was more of a personal opinion, the alert is already inside a

element so it seemed unnecessary to add extra emphasis on any text

Without that extension it is not possible to query an LDAP-Server! Please have a look
at <a href="http://php.net/manual/install.php">the PHP-Installation page</a>
<div class="error">The PHP LDAP Extension is not loaded!
Without that extension it is not possible to query an LDAP Server. Please have a look
at <a href="http://php.net/manual/install.php">the PHP Installation page</a>
</div>
<?php endif ?>
<h2>AuthLDAP Options</h2>
Expand All @@ -58,34 +58,34 @@
</tr>
<tr>
<th>
<label for="authLDAPDoNotOverwriteNonLdapUsers">Do not authenticate existing WordPress-Users</label>
<label for="authLDAPDoNotOverwriteNonLdapUsers">Do not authenticate existing WordPress Users</label>
</th>
<td>
<input type="checkbox" name="authLDAPDoNotOverwriteNonLdapUsers" id="authLDAPDoNotOverwriteNonLdapUsers" value="1"<?php echo $tDoNotOverwriteNonLdapUsers; ?>/>
<p class="description">
Shall we prohibit authenticating already in WordPress created users using LDAP? If you enable this, LDAP-Users with the same user-ID
as existing WordPress-Users can no longer take over the WordPress-Users account. This also means that LDAP-Users with the same User-ID as existing
WordPress-Users will <strong>not</strong> be able to authenticate anymore! Accounts that have been taken over already will not be affected by this setting.
Shall we prohibit authenticating already in WordPress created users using LDAP? If you enable this, LDAP Users with the same user ID
as existing WordPress Users can no longer take over the WordPress User account. This also means that LDAP Users with the same User ID as existing
WordPress Users will <strong>not</strong> be able to authenticate anymore! Accounts that have been taken over already will not be affected by this setting.
</p>
<p class="description">This should only be checked if you know what you are doing!</p>
</td>
</tr>
<tr>
<th>
<label for="authLDAPCachePW">Save entered passwords in the wordpress user table?</label>
<label for="authLDAPCachePW">Save entered passwords in the WordPress User table?</label>
</th>
<td>
<input type="checkbox" name="authLDAPCachePW" id="authLDAPCachePW" value="1"<?php echo $tPWChecked; ?>/>
</td>
</tr>
<tr>
<th>
<label for="authLDAPGroupEnable">Map LDAP Groups to wordpress Roles?</label>
<label for="authLDAPGroupEnable">Map LDAP Groups to WordPress Roles?</label>
</th>
<td>
<input type="checkbox" name="authLDAPGroupEnable" id="authLDAPGroupEnable" value="1"<?php echo $tGroupChecked; ?>/>
<p class="description">
Search LDAP for user's groups and map to Wordpress Roles.
Search LDAP for User's groups and map to Wordpress Roles.
</p>
</td>
</tr>
Expand All @@ -99,34 +99,34 @@
<label for="authLDAPURI">LDAP URI</label>
</th>
<td>
<input type="text" name="authLDAPURI" id="authLDAPURI" placeholder="LDAP-URI"
<input type="text" name="authLDAPURI" id="authLDAPURI" placeholder="LDAP URI"
class="regular-text" value="<?php echo $authLDAPURI; ?>"/>
<p class="description">
The <abbr title="Uniform Ressource Identifier">URI</abbr>
for connecting to the LDAP-Server. This usualy takes the form
for connecting to the LDAP Server. This usualy takes the form
<var>&lt;scheme&gt;://&lt;user&gt;:&lt;password&gt;@&lt;server&gt;/&lt;path&gt;</var>
according to RFC 1738.</p>
<p class="description">
In this case it schould be something like
In this case it should be something like
<var>ldap://uid=adminuser,dc=example,c=com:[email protected]/dc=basePath,dc=example,c=com</var>.
</p>
<p class="description">
If your LDAP accepts anonymous login, you can ommit the user and
password-Part of the URI
If your LDAP accepts anonymous login, you can omit the user and
password part of the URI
</p>
</td>
</tr>
<tr>
<th>
<label for="authLDAPURISeparator">LDAP URI-Separator</label>
<label for="authLDAPURISeparator">LDAP URISeparator</label>
</th>
<td>
<input type="text" name="authLDAPURISeparator" id="authLDAPURISeparator" placeholder="LDAP-URI Separator"
<input type="text" name="authLDAPURISeparator" id="authLDAPURISeparator" placeholder="LDAP URI Separator"
class="regular-text" value="<?php echo $authLDAPURISeparator; ?>"/>
<p class="description">
A separator that separates multiple LDAP-URIs from one another.
You can use that feature to try to authenticate against multiple LDAP-Servers
as long as they all have the same attribute-settings. The first LDAP-Server the user can
A separator that separates multiple LDAP URIs from one another.
You can use that feature to try to authenticate against multiple LDAP Servers
as long as they all have the same attribute settings. The first LDAP Server the user can
authenticate against will be used to handle the user.
</td>
</tr>
Expand Down Expand Up @@ -193,8 +193,8 @@
<input type="text" name="authLDAPSecName" id="authLDAPSecName" placeholder=""
class="regular-text" value="<?php echo $authLDAPSecName; ?>" />
<p class="description">
If the above Name-Attribute only contains the First Name of the
user you can here specify an Attribute that contains the second name.
If the above Name Attribute only contains the First Name of the
user you can here specify an Attribute that contains the Second Name.
</p>
<p class="description">
This field is empty by default
Expand All @@ -203,14 +203,14 @@
</tr>
<tr>
<th scope="row">
<label for="authLDAPUidAttr">User-ID Attribute</label>
<label for="authLDAPUidAttr">User ID Attribute</label>
</th>
<td>
<input type="text" name="authLDAPUidAttr" id="authLDAPUidAttr" placeholder="uid"
class="regular-text" value="<?php echo $authLDAPUidAttr; ?>" />
<p class="description">
Please give the Attribute, that is used to identify the user. This
should be the same as you used in the above <em>Filter</em>-Option
The Attribute that is used to identify the user. This
should be the same as you used in the above <em>Filter</em> Option
</p>
<p class="description">
This field defaults to <strong>uid</strong>
Expand All @@ -225,10 +225,10 @@
<input type="text" name="authLDAPMailAttr" id="authLDAPMailAttr" placeholder="mail"
class="regular-text" value="<?php echo $authLDAPMailAttr; ?>" />
<p class="description">
Which Attribute holds the eMail-Address of the user?
The Attribute which defines the email address of the user
</p>
<p class="description">
If more than one eMail-Address are stored in the LDAP, only the first given is used
If more than one email address is stored, only the first given is used
</p>
<p class="description">
This field defaults to <strong>mail</strong>
Expand All @@ -237,7 +237,7 @@
</tr>
<tr>
<th scope="row">
<label for="authLDAPWebAttr">Web-Attribute</label>
<label for="authLDAPWebAttr">Web Attribute</label>
</th>
<td>
<input type="text" name="authLDAPWebAttr" id="authLDAPWebAttr" placeholder=""
Expand All @@ -257,11 +257,11 @@
</th>
<td>
<select name="authLDAPDefaultRole" id="authLDAPDefaultRole">
<option value="" <?php echo ( $authLDAPDefaultRole == '' ? 'selected="selected"' : '' ); ?>>
<option value="" <?php echo($authLDAPDefaultRole == '' ? 'selected="selected"' : ''); ?>>
None (deny access)
</option>
<?php foreach ($roles->get_names() as $group => $vals) : ?>
<option value="<?php echo $group; ?>" <?php echo ( $authLDAPDefaultRole == $group ? 'selected="selected"' : '' ); ?>>
<option value="<?php echo $group; ?>" <?php echo($authLDAPDefaultRole == $group ? 'selected="selected"' : ''); ?>>
<?php echo $vals; ?>
</option>
<?php endforeach; ?>
Expand Down Expand Up @@ -302,22 +302,22 @@
<input type="text" name="authLDAPGroupBase" id="authLDAPGroupBase" placeholder=""
class="regular-text" value="<?php echo $authLDAPGroupBase; ?>" />
<p class="description">
This is the base dn to lookup groups.
This is the Base DN to lookup groups.
</p>
<p class="description">
If empty the base dn of the LDAP URI will be used
If empty the Base DN of the LDAP URI will be used
</p>
</td>
</tr>
<tr>
<th scope="row">
<label for="authLDAPGroupAttr">Group-Attribute</label>
<label for="authLDAPGroupAttr">Group Attribute</label>
</th>
<td>
<input type="text" name="authLDAPGroupAttr" id="authLDAPGroupAttr" placeholder="gidNumber"
class="regular-text" value="<?php echo $authLDAPGroupAttr; ?>" />
<p class="description">
This is the attribute that defines the Group-ID that can be matched
This is the Attribute that defines the Group ID that can be matched
against the Groups defined further down
</p>
<p class="description">
Expand All @@ -327,15 +327,15 @@
</tr>
<tr>
<th scope="row">
<label for="authLDAPGroupSeparator">Group-Separator</label>
<label for="authLDAPGroupSeparator">Group Separator</label>
</th>
<td>
<input type="text" name="authLDAPGroupSeparator" id="authLDAPGroupSeparator" placeholder=","
class="regular-text" value="<?php echo $authLDAPGroupSeparator; ?>" />
<p class="description">
This attribute defines the separator used for the Group-IDs listed in the
Groups defined further down. This is useful if the value of Group-Attribute
listed above can contain a comma (for example, when using the memberof attribute)
This attribute defines the separator used for the Group IDs listed in the
Groups defined further down. This is useful if the value of Group Attribute
listed above can contain a comma (for example, when using the memberOf attribute)
</p>
<p class="description">
This field defaults to <strong>, (comma)</strong>
Expand All @@ -344,24 +344,24 @@
</tr>
<tr>
<th scope="row">
<label for="authLDAPGroupFilter">Group-Filter</label>
<label for="authLDAPGroupFilter">Group Filter</label>
</th>
<td>
<input type="text" name="authLDAPGroupFilter" id="authLDAPGroupFilter"
placeholder="(&amp;(objectClass=posixGroup)(memberUid=%s))"
class="regular-text" value="<?php echo $authLDAPGroupFilter; ?>" />
<p class="description">
Here you can add the filter for selecting groups for ther
currentlly logged in user
Here you can add the filter for selecting groups for the
currently logged in user
</p>
<p class="description">
The Filter should contain the string <code>%s</code> which will be replaced by
the login-name of the currently logged in user
the login name of the currently logged in user
</p>
<p class="description">
Alternatively the string <code>%dn%</code> will be replaced by the
DN of the currently logged in user. This can be helpfull if
group-memberships are defined with DNs rather than UIDs
DN of the currently logged in user. This can be helpful if
group memberships are defined with DNs rather than UIDs
</p>
<p class="description">This field defaults to
<strong>(&amp;(objectClass=posixGroup)(memberUid=%s))</strong>
Expand All @@ -371,7 +371,7 @@
</table>
</fieldset>

<h3 class="title">Role - group mapping</h3>
<h3 class="title">Role - Group Mapping</h3>
<fieldset class="options">
<table class="form-table">
<?php
Expand All @@ -386,8 +386,8 @@
<td>
<input type="text" name="authLDAPGroups[<?php echo $group; ?>]" id="authLDAPGroups[<?php echo $group; ?>]"
value="<?php echo $aGroup; ?>" />
<p class="description">What LDAP-Groups shall be matched to the <?php echo $vals; ?>-Role?</p>
<p class="description">Please provide a coma-separated list of values</p>
<p class="description">What LDAP Groups should be matched to the <?php echo $vals; ?> Role?</p>
<p class="description">Please provide a comma-separated list of values</p>
<p class="description">This field is empty by default</p>
</td>
</tr>
Expand Down