/**
* Checks the password for the given user account.
*
* Returns true if the given password for the user account specified by
* is correct, otherwise false.
* Error messages are added to the array errors.
*
* This function is only called when local authentication has failed, so
* we are about to create user account.
*
* @param string $login Loginname
* @param string $password Password
* @param array $optionalData Optional data
*
* @return boolean
*/
public function checkPassword($login, $password, array $optionalData = null)
{
if ('' === trim($password)) {
$this->errors[] = PMF_User::ERROR_USER_INCORRECT_PASSWORD;
return false;
}
$bindLogin = $login;
if ($this->_ldapConfig['ldap_use_domain_prefix']) {
if (array_key_exists('domain', $optionalData)) {
$bindLogin = $optionalData['domain'] . '\\' . $login;
}
} else {
$this->ldap = new PMF_Ldap($this->_config);
$this->ldap->connect($this->_ldapConfig['ldap_server'], $this->_ldapConfig['ldap_port'], $this->_ldapConfig['ldap_base'], $this->_ldapConfig['ldap_user'], $this->_ldapConfig['ldap_password']);
if ($this->ldap->error) {
$this->errors[] = $this->ldap->error;
}
$bindLogin = $this->ldap->getDn($login);
}
// Check user in LDAP
$this->ldap = new PMF_Ldap($this->_config);
$this->ldap->connect($this->_ldapConfig['ldap_server'], $this->_ldapConfig['ldap_port'], $this->_ldapConfig['ldap_base'], $bindLogin, $password);
if (!$this->ldap->bind($bindLogin, $password)) {
$this->errors[] = $this->ldap->error;
return false;
} else {
$this->add($login, $password);
return true;
}
}