From c6998e2fcce7db21a2a8aedf25a39a0cfca7a971 Mon Sep 17 00:00:00 2001
From: jalaloedien <jalaloedien@c91229c3-7414-0410-bfa2-8a42b809f60b>
Date: Thu, 17 May 2007 10:51:56 +0000
Subject: [PATCH] KTC-89 "Unregistered Users from Active Directory Authenticated Sources can log onto KT without needing to enter a password. " Fixed.

---
 lib/authentication/authenticationutil.inc.php | 8 ++++++++
 1 file changed, 8 insertions(+), 0 deletions(-)

diff --git a/lib/authentication/authenticationutil.inc.php b/lib/authentication/authenticationutil.inc.php
index 18f2ab1..3fc770c 100644
--- a/lib/authentication/authenticationutil.inc.php
+++ b/lib/authentication/authenticationutil.inc.php
@@ -76,6 +76,14 @@ class KTAuthenticationUtil {
             $oProvider = KTAuthenticationUtil::getAuthenticationProviderForSource($oSource);
             $res = $oProvider->autoSignup($sUsername, $sPassword, $aExtra, $oSource);
             if ($res) {
+                $oUser = User::getByUsername($sUsername);
+                // TODO: The check for this lower down....checkPassword
+                if(empty($sPassword) || is_null($oUser) || PEAR::isError($oUser)){
+                	return false;
+                }
+                if(!KTAuthenticationUtil::checkPassword($oUser, $sPassword)){
+		        	return false;
+		        }
                 return $res;
             }
         }
--
libgit2 0.21.4