Posted by Gueuselambix on August 21, 2007 at 3:28pm
Jump to:
| Project: | CAS |
| Version: | 5.x-2.2 |
| Component: | Code |
| Category: | bug report |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | closed (won't fix) |
Issue Summary
When a user who is logged in with CAS, is given enough rights to edit information of other users, there goes something wrong.
This comes to outing when trying to retrieve an e-mail address, based on the username ($user->name).
This username is the username of the 'logged in' user, but this is not necessarily the username of the user you're editing.
In the following fragment, $user->name should be replaced by $form['_account']['#value']->init.
<?php
if ($ldap_config_name = _get_ldap_config_name($user->name))
{
_ldapauth_init($ldap_config_name);
$ldap->connect();
$cas_ldap_email_attribute = (string)variable_get('cas_ldap_email_attribute','mail');
$ldap_entries = $ldap->search($ldap->getOption('basedn'), $ldap->getOption('user_attr').'='.$user->name, array($cas_ldap_email_attribute));
?>
Comments
#1
Drupal 5.x and CAS 5.x-x.x have reached their end-of-life (#1104504: End-of-life 5.x-x.x).
Since the referenced code bears no resemblance to the currently supported 6.x-2.x, 6.x-3.x, and 7.x-1.x branches, I'm closing this issue.