diff --git a/CHANGES.md b/CHANGES.md index aca2f6f7b72e04801147f771effb625101270874..139116eb2741b76f79ba3250725a1982acc9fb83 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -6,6 +6,7 @@ Changes ### Unreleased +* 2020-02-19 - Adopt code changes Moodle 3.8 core auth_ldap. * 2020-02-19 - Prepare compatibility for Moodle 3.8. ### v3.7-r1 diff --git a/auth.php b/auth.php index fad0c510bcb1b30ea31041f365c7419553213c40..f89f001dc4df5e05238d29b64a76d1909f73c31c 100644 --- a/auth.php +++ b/auth.php @@ -100,6 +100,7 @@ class auth_plugin_ldap_syncplus extends auth_plugin_ldap { // Get user's list from ldap to sql in a scalable fashion. // Prepare some data we'll need. $filter = '(&('.$this->config->user_attribute.'=*)'.$this->config->objectclass.')'; + $servercontrols = array(); $contexts = explode(';', $this->config->contexts); @@ -117,24 +118,58 @@ class auth_plugin_ldap_syncplus extends auth_plugin_ldap { do { if ($ldappagedresults) { - ldap_control_paged_result($ldapconnection, $this->config->pagesize, true, $ldapcookie); + // TODO: Remove the old branch of code once PHP 7.3.0 becomes required (Moodle 4.1). + if (version_compare(PHP_VERSION, '7.3.0', '<')) { + // Before 7.3, use this function that was deprecated in PHP 7.4. + ldap_control_paged_result($ldapconnection, $this->config->pagesize, true, $ldapcookie); + } else { + // PHP 7.3 and up, use server controls. + $servercontrols = array(array( + 'oid' => LDAP_CONTROL_PAGEDRESULTS, 'value' => array( + 'size' => $this->config->pagesize, 'cookie' => $ldapcookie))); + } } if ($this->config->search_sub) { // Use ldap_search to find first user from subtree. - $ldapresult = ldap_search($ldapconnection, $context, $filter, array($this->config->user_attribute)); + // TODO: Remove the old branch of code once PHP 7.3.0 becomes required (Moodle 4.1). + if (version_compare(PHP_VERSION, '7.3.0', '<')) { + $ldapresult = ldap_search($ldapconnection, $context, $filter, array($this->config->user_attribute)); + } else { + $ldapresult = ldap_search($ldapconnection, $context, $filter, array($this->config->user_attribute), + 0, -1, -1, LDAP_DEREF_NEVER, $servercontrols); + } } else { // Search only in this context. - $ldapresult = ldap_list($ldapconnection, $context, $filter, array($this->config->user_attribute)); + // TODO: Remove the old branch of code once PHP 7.3.0 becomes required (Moodle 4.1). + if (version_compare(PHP_VERSION, '7.3.0', '<')) { + $ldapresult = ldap_list($ldapconnection, $context, $filter, array($this->config->user_attribute)); + } else { + $ldapresult = ldap_list($ldapconnection, $context, $filter, array($this->config->user_attribute), + 0, -1, -1, LDAP_DEREF_NEVER, $servercontrols); + } } if(!$ldapresult) { continue; } if ($ldappagedresults) { - $pagedresp = ldap_control_paged_result_response($ldapconnection, $ldapresult, $ldapcookie); - // Function ldap_control_paged_result_response() does not overwrite $ldapcookie if it fails, by - // setting this to null we avoid an infinite loop. - if ($pagedresp === false) { - $ldapcookie = null; + // Get next server cookie to know if we'll need to continue searching. + $ldapcookie = ''; + // TODO: Remove the old branch of code once PHP 7.3.0 becomes required (Moodle 4.1). + if (version_compare(PHP_VERSION, '7.3.0', '<')) { + // Before 7.3, use this function that was deprecated in PHP 7.4. + $pagedresp = ldap_control_paged_result_response($ldapconnection, $ldapresult, $ldapcookie); + // Function ldap_control_paged_result_response() does not overwrite $ldapcookie if it fails, by + // setting this to null we avoid an infinite loop. + if ($pagedresp === false) { + $ldapcookie = null; + } + } else { + // Get next cookie from controls. + ldap_parse_result($ldapconnection, $ldapresult, $errcode, $matcheddn, + $errmsg, $referrals, $controls); + if (isset($controls[LDAP_CONTROL_PAGEDRESULTS]['value']['cookie'])) { + $ldapcookie = $controls[LDAP_CONTROL_PAGEDRESULTS]['value']['cookie']; + } } } if ($entry = @ldap_first_entry($ldapconnection, $ldapresult)) {