Author: patrick.holz
Description:
Hi,
I'm using the current version of LdapAuthentication in Mediawiki 1.19.9 LTS. The following problem occured when I tried to block an old user (which had been created in Mediawiki before we used the extension): Mediawiki asked me if I really want to block myself. I checked other blocked users and it turned out that instead of the expired users some other, currently active users could not log in.
So I went on doing some debugging in the php code and I found out that the problem has its origin in "functions/User.php", more precisely in the function "newFromName":
$name = $wgAuth->getCanonicalName( $t->getText() );
So there the LDAP server is asked for the canonical name of the user and it seems that it returns incorrect values in a way that confuses mediawiki extremely. Suddenly a complete different user is used as the "target" of the operation.
I change the line mentioned above to:
$name = $t->getText();
...and now it works for me. I think that the plugin should check for invalid values coming as result of "getCanonicalName" from the LDAP server and use the unchecked version "$t->getText();" instead.
Kind regards,
Patrick Holz
Version: master
Severity: normal
OS: Linux