_ldapauth_user_authenticate calls _ldapauth_save_user to register new users if not registered. But in this last function, user_save is called twice, the first tackles the register of new users as expected, but the second call seems to be to write 'mail', 'ldap_dn', 'ldap_config' directly in the user data (in user SQL table).

But, these are caught by ldapdata_user_update before the standard mecanism, so ldapdata_user_update calls
$ldapdata_ldap->writeAttributes($user->ldap_dn, $writeout); on 'mail' which is like overwriting with the same value in most cases, except that I have read other critical bugs mention that 'mail' is being overwriten to the empty string. So this could be related.

However, I had bad error msg coming from drupal, as it was refused to write LDAP attribute 'mail' at login time : so I looked in the source. Here is how I kept ldapdata_user_update out of the way when the user_save makes a module_invoke :

Added a global definition to ldapauth.module:

$GLOBALS['ldapstate'] = array(); // Keeps some necessary globals

added these lines before and after the user_save (the second call in _ldapauth_user_save function) :

...
 $ldapstate['deactivate_saving_mail'] = true;
  user_save($user, $userinfo);
  unset($ldapstate['deactivate_saving_mail']);
...

and finally checked the ldapstate in ldapdata.module (in ldapdata_user_update), before the final if ($writeout) ... :

if ($ldapstate['deactivate_saving_mail']) {
    if (isset($writeout['mail'])) unset($writeout['mail']);
  };

And I didn't forget to add $ldapstate to global declaration at the very start of the two involved function.

Hope that will help ? did I miss something ? Could this bug be repared in next versions ?

Comments

johnbarclay’s picture

Status: Active » Closed (won't fix)

Closing 5.x issues to clean out issue queue.