Error 500 on Log in #15

Closed
opened 2024-10-28 15:49:34 +01:00 by gcolpart · 3 comments
Owner

When login with unknown login, we have an error 500 with PHP error:

PHP Fatal error: Uncaught TypeError: ldap_get_entries(): Argument #2 ($result) must be of type LDAP\\Result, bool given in /usr/share/evoadmin-mail/lib/LdapServer.php:80\nStack trace:\n#0 /usr/share/evoadmin-mail/lib/LdapServer.php(80): ldap_get_entries()\n#1 /usr/share/evoadmin-mail/index.php(31): LdapServer->login()\n#2 {main}\n thrown in /usr/share/evoadmin-mail/lib/LdapServer.php on line 80

PHP 7.4 did not produce a fatal error but gave us these messages :

PHP Warning:  ldap_search(): Search: No such object in /usr/share/evoadmin-mail/lib/LdapServer.php on line 79
PHP Warning:  ldap_get_entries() expects parameter 2 to be resource, bool given in /usr/share/evoadmin-mail/lib/LdapServer.php on line 80
PHP Notice:  Trying to access array offset on value of type null in /usr/share/evoadmin-mail/lib/LdapServer.php on line 81
When login with unknown login, we have an error 500 with PHP error: `PHP Fatal error: Uncaught TypeError: ldap_get_entries(): Argument #2 ($result) must be of type LDAP\\Result, bool given in /usr/share/evoadmin-mail/lib/LdapServer.php:80\nStack trace:\n#0 /usr/share/evoadmin-mail/lib/LdapServer.php(80): ldap_get_entries()\n#1 /usr/share/evoadmin-mail/index.php(31): LdapServer->login()\n#2 {main}\n thrown in /usr/share/evoadmin-mail/lib/LdapServer.php on line 80` PHP 7.4 did not produce a fatal error but gave us these messages : ``` PHP Warning: ldap_search(): Search: No such object in /usr/share/evoadmin-mail/lib/LdapServer.php on line 79 PHP Warning: ldap_get_entries() expects parameter 2 to be resource, bool given in /usr/share/evoadmin-mail/lib/LdapServer.php on line 80 PHP Notice: Trying to access array offset on value of type null in /usr/share/evoadmin-mail/lib/LdapServer.php on line 81 ```
Owner

@gcolpart @dprevot This seems to fix the issue:

diff --git a/htdocs/lib/LdapServer.php b/htdocs/lib/LdapServer.php
index 7bef328..004637d 100644
--- a/htdocs/lib/LdapServer.php
+++ b/htdocs/lib/LdapServer.php
@@ -77,10 +77,13 @@ class LdapServer {
 
     public function login($password) {
         $sr=ldap_search($this->conn, self::getBaseDN($this), "(&(uid=".$this->login.")(isAdmin=TRUE))");
+
+        if ($sr !== false) {
         $info = ldap_get_entries($this->conn, $sr);
-        if (!$info['count']) {
-            Logger::error('Invalid login for '.$this->login);
-            throw new Exception("Échec de l'authentification, utilisateur ou mot de passe incorrect.");
+            if ($info == false || !$info['count']) {
+                Logger::error('Invalid login for '.$this->login);
+                throw new Exception("Échec de l'authentification, utilisateur ou mot de passe incorrect.");
+            }
         }
 
         if (!@ldap_bind($this->conn, $info[0]['dn'], $password)) {

Changes were introduced to ldap_get_entries() (and other ldap_*() functions) in PHP 8.1 and it broke our error handling code.

@gcolpart @dprevot This seems to fix the issue: ``` diff --git a/htdocs/lib/LdapServer.php b/htdocs/lib/LdapServer.php index 7bef328..004637d 100644 --- a/htdocs/lib/LdapServer.php +++ b/htdocs/lib/LdapServer.php @@ -77,10 +77,13 @@ class LdapServer { public function login($password) { $sr=ldap_search($this->conn, self::getBaseDN($this), "(&(uid=".$this->login.")(isAdmin=TRUE))"); + + if ($sr !== false) { $info = ldap_get_entries($this->conn, $sr); - if (!$info['count']) { - Logger::error('Invalid login for '.$this->login); - throw new Exception("Échec de l'authentification, utilisateur ou mot de passe incorrect."); + if ($info == false || !$info['count']) { + Logger::error('Invalid login for '.$this->login); + throw new Exception("Échec de l'authentification, utilisateur ou mot de passe incorrect."); + } } if (!@ldap_bind($this->conn, $info[0]['dn'], $password)) { ``` Changes were introduced to [`ldap_get_entries()`](https://www.php.net/manual/en/function.ldap-get-entries.php) (and other `ldap_*()` functions) in PHP 8.1 and it broke our error handling code.
mgauthier added the
bug
label 2024-10-29 16:55:16 +01:00
mgauthier added reference fix_issue15_error_500_on_log_in 2024-10-29 17:46:41 +01:00
Owner

There is now a pull request right here

There is now a pull request [right here](https://gitea.evolix.org/evolix/evoadmin-mail/pulls/18)
Owner

Fixed in 1.0.12, thanks!

Fixed in 1.0.12, thanks!
Sign in to join this conversation.
No milestone
No project
No assignees
3 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: evolix/evoadmin-mail#15
No description provided.