0012960: Email / Realname lookups against LDAP spew warning when account is not in LDAP - MantisBT - Signup temporarily disabled due to spam

ID	Project	Category	View Status	Date Submitted	Last Update

0012960	mantisbt	ldap	public	2011-04-25 17:57	2014-12-22 08:23

Reporter	Lapinkiller	Assigned To	rombert
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	closed	Resolution	fixed
Product Version	1.2.5
Target Version	1.2.6	Fixed in Version	1.2.6

Summary	0012960: Email / Realname lookups against LDAP spew warning when account is not in LDAP
Description	The following appears on our system when attempting to edit an account that does not exist in AD: SYSTEM WARNING: array_key_exists() [function.array-key-exists]: The second argument should be either an array or an object The warning seems also be visible in other locations where the users information would be displayed.
Steps To Reproduce	Configure for LDAP authentication with AD using "g_use_ldap_realname" and "g_use_ldap_email" = ON. Create valid user from AD Change username to invalid AD user via SQL: update mantis_user_table set username = 'XXXuser' where id = #; Go to edit user page as admin: http://yourmantis/manage_user_edit_page.php?user_id=# Look at the Realname and Email, should display warning as above
Additional Information	This is encountered for us when users have been deleted from LDAP and we look over bugs that they are listed on. The function that seems to cause this is "ldap_get_field_from_username". It appears that $t_info has a length of 1 (valid response) but the object within that array is empty. As a result, it thinks there is a match but in fact there wasn't.
Tags	No tags attached.
Attached Files	0699-fix-bug-when-user-not-in-ldap-mantis-12960.patch (833 bytes) From 6d130ec3c2e40c6010bcc4b156b288430a8b6932 Mon Sep 17 00:00:00 2001 From: Lapinkiller <lapinkiller@hotmail.fr> Date: Thu, 26 May 2011 19:02:33 +0200 Subject: [PATCH 699/699] fix bug when user not in ldap mantis#12960 --- core/ldap_api.php \| 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/core/ldap_api.php b/core/ldap_api.php index 7f9e012..9b605c0 100644 --- a/core/ldap_api.php +++ b/core/ldap_api.php @@ -262,7 +262,7 @@ function ldap_get_field_from_username( $p_username, $p_field ) { } # Make sure the requested field exists - if( array_key_exists( $p_field, $t_info[0] ) ) { + if( is_array($t_info[0]) && array_key_exists( $p_field, $t_info[0] ) ) { $t_value = $t_info[0][$p_field][0]; log_event( LOG_LDAP, "Found value '{$t_value}' for field '{$p_field}'." ); } else { -- 1.7.3.4 0699-fix-bug-when-user-not-in-ldap-mantis-12960.patch (833 bytes)

related to	0015721	closed	grangeway	Functionality to consider porting to master-2.0.x
has duplicate	0010944	closed	dregad	ldap_get_field_from_username does not properly check return value from ldap_get_entries
has duplicate	0013029	closed	rombert	Error when LDAP search doesnt return any objects
has duplicate	0010230	closed	rombert	LDAP: ldap_email_from_username( $p_username ) cannot handle undefined email
related to	0013331	closed	dregad	Email lookup against non-existing LDAP account displays warning

Lapinkiller 2011-04-28 08:49 reporter ~0028716	I confirm the bug, I got the same problem with an old mantis account which isn't not longer in our AD. in core/ldap_api.php (L273), i just add : "is_array($t_info[0]) &&" Make sure the requested field exists if( is_array($t_info[0]) && array_key_exists( $p_field, $t_info[0] ) ) {

rombert 2011-05-26 03:45 reporter ~0028843	A git formatted patch would make this easier to apply. See http://docs.mantisbt.org/master/en/developers.html#DEV.CONTRIB for instructions.

Lapinkiller 2011-05-26 13:07 reporter ~0028852	patch attached i hope it will work, it's my first git patch ^^

rombert 2011-05-26 15:54 reporter ~0028853	Worked like a charm, thanks!

grangeway 2013-04-05 17:57 reporter ~0036398	Marking as 'acknowledged' not resolved/closed to track that change gets ported to master-2.0.x branch