KTC-89

"Unregistered Users from Active Directory Authenticated Sources can log onto KT without needing to enter a password. " Fixed. Reviewed By: Conrad git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6568 c91229c3-7414-0410-bfa2-8a42b809f60b

KTC-89
"Unregistered Users from Active Directory Authenticated Sources can log onto KT without needing to enter a password. " Fixed. Reviewed By: Conrad git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6568 c91229c3-7414-0410-bfa2-8a42b809f60b
jalaloedien
1 parent acd1ba97
Showing 1 changed file with 8 additions and 0 deletions
lib/authentication/authenticationutil.inc.php
@@ -76,6 +76,14 @@ class KTAuthenticationUtil {
             $oProvider = KTAuthenticationUtil::getAuthenticationProviderForSource($oSource);
             $res = $oProvider->autoSignup($sUsername, $sPassword, $aExtra, $oSource);
             if ($res) {
+                $oUser = User::getByUsername($sUsername);
+                // TODO: The check for this lower down....checkPassword
+                if(empty($sPassword) || is_null($oUser) || PEAR::isError($oUser)){
+                	return false;
+                }
+                if(!KTAuthenticationUtil::checkPassword($oUser, $sPassword)){
+		        	return false;
+		        }
                 return $res;
             }
         }