MAJ 4.5.2

2024-09-03 20:36:10 +02:00 · 2016-05-23 17:38:52 +02:00 · 2016-05-23 17:38:52 +02:00 · 9a80bfb400
commit 9a80bfb400
parent d611b16267
7 changed files with 385 additions and 345 deletions
--- a/manifest.json
+++ b/manifest.json
@ -9,7 +9,7 @@
        "en": "Create a beautiful blog or website easily",
        "fr": "Logiciel de création de blog ou de site Web"
    },
-	"version": "4.4",
+	"version": "4.5.2",
 	"url": "https://wordpress.org/",
    "licence": "free",
    "maintainer": {
--- a/manifest2.2.json
+++ b/manifest2.2.json
@ -6,7 +6,7 @@
        "en": "Create a beautiful blog or website easily",
        "fr": "Logiciel de création de blog ou de site Web"
    },
-	"version": "4.4",
+	"version": "4.5.2",
 	"url": "https://wordpress.org/",
    "licence": "free",
    "maintainer": {
--- a/sources/ajouts/wp-content/plugins/simple-ldap-login/Simple-LDAP-Login-Admin.php
+++ b/sources/ajouts/wp-content/plugins/simple-ldap-login/Simple-LDAP-Login-Admin.php
@ -15,6 +15,7 @@ if( isset( $_GET[ 'tab' ] ) ) {
    <h2 class="nav-tab-wrapper">
        <a href="<?php echo add_query_arg( array('tab' => 'simple'), $_SERVER['REQUEST_URI'] ); ?>" class="nav-tab <?php echo $active_tab == 'simple' ? 'nav-tab-active' : ''; ?>">Simple</a>
        <a href="<?php echo add_query_arg( array('tab' => 'advanced'), $_SERVER['REQUEST_URI'] ); ?>" class="nav-tab <?php echo $active_tab == 'advanced' ? 'nav-tab-active' : ''; ?>">Advanced</a>
        <a href="<?php echo add_query_arg( array('tab' => 'user'), $_SERVER['REQUEST_URI'] ); ?>" class="nav-tab <?php echo $active_tab == 'user' ? 'nav-tab-active' : ''; ?>">User</a>
        <a href="<?php echo add_query_arg( array('tab' => 'help'), $_SERVER['REQUEST_URI'] ); ?>" class="nav-tab <?php echo $active_tab == 'help' ? 'nav-tab-active' : ''; ?>">Help</a>
    </h2>
@ -45,7 +46,7 @@ if( isset( $_GET[ 'tab' ] ) ) {
 					<td>
 						<input type="text" name="<?php echo $this->get_field_name('base_dn'); ?>" value="<?php echo $SimpleLDAPLogin->get_setting('base_dn'); ?>" />
 						<br/>
-						Example: For subdomain.domain.suffix, use DC=subdomain,DC=domain,DC=suffix. Do not specify an OU here.
+						Example: For subdomain.domain.suffix, use DC=subdomain,DC=domain,DC=suffix. In most cases you should not specify an ou here.
 					</td>
 				</tr>
 				<tr>
@ -106,12 +107,28 @@ if( isset( $_GET[ 'tab' ] ) ) {
    	<p>Most users should leave these alone.</p>
    	<table class="form-table">
 			<tbody>
                <tr>
                    <th scope="row" valign="top">Group Base DN (optional)</th>
                    <td>
                        <input type="text" name="<?php echo $this->get_field_name('group_base_dn'); ?>" value="<?php echo $SimpleLDAPLogin->get_setting('group_base_dn'); ?>" />
                        <br/>
                        If you need to specify a different Base DN for group searches. Example: For subdomain.domain.suffix, use ou=groups,DC=subdomain,DC=domain,DC=suffix.
                    </td>
                </tr>
 	    		<tr>
 					<th scope="row" valign="top">LDAP Login Attribute</th>
 					<td>
 						<input type="text" name="<?php echo $this->get_field_name('ol_login'); ?>" value="<?php echo $SimpleLDAPLogin->get_setting('ol_login'); ?>" />
 						<br />
-						In case your installation uses something other than <b>uid</b>; 
+						Default: <b>uid</b>;
 					</td>
 				</tr>
 	    		<tr>
 					<th scope="row" valign="top">LDAP Group Attribute</th>
 					<td>
 						<input type="text" name="<?php echo $this->get_field_name('ol_group'); ?>" value="<?php echo $SimpleLDAPLogin->get_setting('ol_group'); ?>" />
 						<br />
 						In case your installation uses something other than <b>cn</b>;
 					</td>
 				</tr>
 				<tr>
@ -135,6 +152,77 @@ if( isset( $_GET[ 'tab' ] ) ) {
 						Only applies to Open LDAP. Typically 3.
 					</td>
 				</tr>
                <tr>
                    <th scope="row" valign="top">Search Sub OUs</th>
                    <td>
                        <input type="hidden" name="<?php echo $this->get_field_name('search_sub_ous'); ?>" value="false" />
                        <label><input type="checkbox" name="<?php echo $this->get_field_name('search_sub_ous'); ?>" value="true" <?php if( str_true($this->get_setting('search_sub_ous')) ) echo "checked"; ?> /> Also search sub-OUs of Base DN. For example, if the base DN is "ou=People,dc=example,dc=com", also search "ou=Staff,ou=People,dc=example,dc=com for uid=<i>username</i></label><br/>
                    </td>
                </tr>
  		        <tr>
                    <th scope="row" valign="top">Login Domain</th>
                    <td>
                        <input type="text" name="<?php echo $this->get_field_name('login_domain'); ?>" value="<?php echo $SimpleLDAPLogin->get_setting('login_domain'); ?>" /><br/>
 						prefixes login names with this domain, f.i. mydomain\username
 					</td>
 		        </tr>
 			</tbody>
    	</table>
    	<p><input class="button-primary" type="submit" value="Save Settings" /></p>
    	<?php elseif ( $active_tab == "user" ): ?>
    	<h3>User Data</h3>
 		<p>These settings give you control over which LDAP attributes are used for user creation.</p>
    	<table class="form-table" style="margin-bottom: 20px;">
 			<tbody>
 				<tr>
 					<th scope="row" valign="top">First name</th>
 					<td>
 						<input type="text" name="<?php echo $this->get_field_name('user_first_name_attribute'); ?>" value="<?php echo $SimpleLDAPLogin->get_setting('user_first_name_attribute'); ?>" />
                        <br/>
 						The LDAP attribute for the first name.
 					</td>
 				</tr>
 				<tr>
 					<th scope="row" valign="top">Last name</th>
 					<td>
 						<input type="text" name="<?php echo $this->get_field_name('user_last_name_attribute'); ?>" value="<?php echo $SimpleLDAPLogin->get_setting('user_last_name_attribute'); ?>" />
                        <br/>
 						The LDAP attribute for the last name.
 					</td>
 				</tr>
 				<tr>
 					<th scope="row" valign="top">Email</th>
 					<td>
 						<input type="text" name="<?php echo $this->get_field_name('user_email_attribute'); ?>" value="<?php echo $SimpleLDAPLogin->get_setting('user_email_attribute'); ?>" />
                        <br/>
 						The LDAP attribute for the email.
 					</td>
 				</tr>
 				<tr>
 					<th scope="row" valign="top">Website</th>
 					<td>
 						<input type="text" name="<?php echo $this->get_field_name('user_url_attribute'); ?>" value="<?php echo $SimpleLDAPLogin->get_setting('user_url_attribute'); ?>" />
                        <br/>
 						The LDAP attribute for the website.
 					</td>
 				</tr>
 			</tbody>
    	</table>
    	<hr />
    	<h3>Additional user data</h3>
 		<p>Additional user data can be stored as user meta data. You can specify the LDAP
 		attributes and the associated wordpress meta keys in the format <i>&lt;ldap_attribute_name&gt;:&lt;wordpress_meta_key&gt;</i>. Multiple attributes can be given on separate lines.</p>
 		<p> Example:<br/><i>phone:user_phone_number</i><br/><i>adress:user_home_address</i></p>
 		<table class="form-table" style="margin-bottom: 20px;">
 			<tbody>
 				<tr>
 					<th scope="row" valign="top">Meta data</th>
 					<td>
 <textarea name="<?php echo $this->get_field_name('user_meta_data'); ?>">
 <?php echo join("\n", array_map(function ($attr) { return join(':', $attr); }, $SimpleLDAPLogin->get_setting('user_meta_data'))); ?>
 </textarea>
 					</td>
 				</tr>
 			</tbody>
    	</table>
    	<p><input class="button-primary" type="submit" value="Save Settings" /></p>
@ -142,7 +230,7 @@ if( isset( $_GET[ 'tab' ] ) ) {
 		<h3>Help</h3>
 		<p>Here's a brief primer on how to effectively use and test Simple LDAP Login.</p>
 		<h4>Testing</h4>
-		<p>The most effective way to test logins is to use two browsers. In other words, keep WordPress Admin open in Chrome, and use Firefox to try logging in. This will give you real time feedback on your settings and prevent you from inadvertently locking yourself out.</p>
+		<p>The most effective way to test logins is to use two browsers. In other words, keep the WordPress Dashboard open in Chrome, and use Firefox to try logging in. This will give you real time feedback on your settings and prevent you from inadvertently locking yourself out.</p>
 		<h4>Which raises the question, what happens if I get locked out?</h4>
 		<p>If you accidentally lock yourself out, the easiest way to get back in is to rename <strong><?php echo plugin_dir_path(__FILE__); ?></strong> to something else and then refresh. WordPress will detect the change and disable Simple LDAP Login. You can then rename the folder back to its previous name.</p>
    	<?php endif; ?>
--- a/sources/ajouts/wp-content/plugins/simple-ldap-login/Simple-LDAP-Login.php
+++ b/sources/ajouts/wp-content/plugins/simple-ldap-login/Simple-LDAP-Login.php
@ -3,7 +3,7 @@
 Plugin Name: Simple LDAP Login
 Plugin URI: http://clifgriffin.com/simple-ldap-login/
 Description:  Authenticate WordPress against LDAP.
-Version: 1.5.5
+Version: 1.6.0
 Author: Clif Griffin Development Inc.
 Author URI: http://cgd.io
 */
@ -14,8 +14,11 @@ class SimpleLDAPLogin {
 	var $settings = array();
 	var $adldap;
 	var $ldap;
 	var $network_version = null;
 	var $version = "160";
 	public function __construct () {
 		$this->settings = $this->get_settings_obj( $this->prefix );
 		if( $this->get_setting('directory') == "ad" ) {
@ -32,7 +35,14 @@ class SimpleLDAPLogin {
 		}
 		add_action('admin_init', array($this, 'save_settings') );
 		if ($this->is_network_version()) {
 			add_action('network_admin_menu', array($this, 'menu') );
 		}
 		else {
 			add_action('admin_menu', array($this, 'menu') );
 		}
 		if ( str_true($this->get_setting('enabled')) ) {
 			add_filter('authenticate', array($this, 'authenticate'), 1, 3);
@ -41,7 +51,9 @@ class SimpleLDAPLogin {
 		register_activation_hook( __FILE__, array($this, 'activate') );
 		// If version is false, and old version detected, run activation
-		if( $this->get_setting('version') === false || get_option('simpleldap_domain_controllers', false) !== false ) $this->activate();
+		if( $this->get_setting('version') === false || $this->get_setting('version') != $version ) {
 			$this->upgrade_settings();
 		}
 	}
 	public static function getInstance () {
@ -57,91 +69,140 @@ class SimpleLDAPLogin {
 		$this->add_setting('base_dn', "DC=mydomain,DC=org");
 		$this->add_setting('domain_controllers', array("dc01.mydomain.local") );
 		$this->add_setting('directory', "ad");
-		$this->add_setting('role', "Contributor");
+		$this->add_setting('role', "contributor");
 		$this->add_setting('high_security', "true");
 		$this->add_setting('ol_login', "uid");
 		$this->add_setting('ol_group', "cn");
 		$this->add_setting('use_tls', "false");
 		$this->add_setting('ldap_port', 389);
 		$this->add_setting('ldap_version', 3);
 		$this->add_setting('create_users', "false");
 		$this->add_setting('enabled', "false");
        $this->add_setting('search_sub_ous', "false");
 		$this->add_setting('group_dn', "");
 		$this->add_setting('group_uid', "memberUid");
        // User attribute settings
        $this->add_setting('user_first_name_attribute', "givenname");
        $this->add_setting('user_last_name_attribute', "sn");
        $this->add_setting('user_email_attribute', "mail");
        $this->add_setting('user_url_attribute', "wwwhomepage");
        $this->add_setting('user_meta_data', array() );
 	}
 	function upgrade_settings() {
 		if( $this->get_setting('version') === false ) {
 			$this->set_setting('version', '1.5');
 			$this->set_setting('enabled', 'true');
-			if ( $this->set_setting('account_suffix', get_option('simpleldap_account_suffix')) ) {
+			if ($this->is_network_version()) {
-				//delete_option('simpleldap_account_suffix');
+				$account_suffix = get_site_option('simpleldap_account_suffix');
 				$simpleldap_base_dn = get_site_option('simpleldap_base_dn');
 				$simpleldap_domain_controllers = get_site_option('simpleldap_domain_controllers');
 				$simpleldap_directory_type = get_site_option('simpleldap_directory_type');
 				$simpleldap_group = get_site_option('simpleldap_group');
 				$simpleldap_account_type = get_site_option('simpleldap_account_type');
 				$simpleldap_ol_login = get_site_option('simpleldap_ol_login');
 				$simpleldap_use_tls = get_site_option('simpleldap_use_tls');
 				$simpleldap_login_mode = get_site_option('simpleldap_login_mode');
 				$simpleldap_security_mode = get_site_option('simpleldap_security_mode');
 			}
 			else {
 				$account_suffix = get_option('simpleldap_account_suffix');
 				$simpleldap_base_dn = get_option('simpleldap_base_dn');
 				$simpleldap_domain_controllers = get_option('simpleldap_domain_controllers');
 				$simpleldap_directory_type = get_option('simpleldap_directory_type');
 				$simpleldap_group = get_option('simpleldap_group');
 				$simpleldap_account_type = get_option('simpleldap_account_type');
 				$simpleldap_ol_login = get_option('simpleldap_ol_login');
 				$simpleldap_use_tls = get_option('simpleldap_use_tls');
 				$simpleldap_login_mode = get_option('simpleldap_login_mode');
 				$simpleldap_security_mode = get_option('simpleldap_security_mode');
 			}
-			if ( $this->set_setting('base_dn', get_option('simpleldap_base_dn')) ) {
+			$this->set_setting('account_suffix', $account_suffix );
-				//delete_option('simpleldap_base_dn');
+			$this->set_setting('base_dn', $simpleldap_base_dn);
-			}
+			$this->set_setting('domain_controllers', $simpleldap_domain_controllers);
 			$this->set_setting('groups', (array)$simpleldap_group );
 			$this->set_setting('role', $simpleldap_account_type);
 			$this->set_setting('ol_login', $simpleldap_ol_login);
 			$this->set_setting('use_tls', str_true( $simpleldap_use_tls ) );
-			if ( $this->set_setting('domain_controllers', get_option('simpleldap_domain_controllers')) ) {
+			// Directory Type
-				//delete_option('simpleldap_domain_controllers');
+			if ( $simpleldap_directory_type == "directory_ad" ) {
-			}
+				$this->set_setting('directory', 'ad');
 			$directory_result = false;
 			if ( get_option('simpleldap_directory_type') == "directory_ad" ) {
 				$directory_result = $this->set_setting('directory', 'ad');
 			} else {
-				$directory_result = $this->set_setting('directory', 'ol');
+				$this->set_setting('directory', 'ol');
 			}
 			//if( $directory_result ) delete_option('simpleldap_directory_type');
 			unset($directory_result);
 			if ( $this->set_setting('groups', (array)get_option('simpleldap_group') ) ) {
 				//delete_option('simpleldap_group');
 			}
 			if ( $this->set_setting('role', get_option('simpleldap_account_type')) ) {
 				//delete_option('simpleldap_account_type');
 			}
 			if ( $this->set_setting('ol_login', get_option('simpleldap_ol_login')) ) {
 				//delete_option('simpleldap_ol_login');
 			}
 			if ( $this->set_setting('use_tls', str_true( get_option('simpleldap_use_tls') ) ) ) {
 				//delete_option('simpleldap_use_tls');
 			}
 			// Create User Setting
 			$create_users = false;
-			if ( get_option('simpleldap_login_mode') == "mode_create_all" || get_option('simpleldap_login_mode') == "mode_create_group" ) {
+			if ( $simpleldap_login_mode == "mode_create_all" || $simpleldap_login_mode == "mode_create_group" ) {
-				$create_users = true;
+				$this->set_setting('create_users', true);
 			}
 			if ( $this->set_setting('create_users', $create_users) ) {
 				//delete_option('simpleldap_login_mode');
 			}
 			// High Security Setting
 			$high_security = false;
-			if ( get_option('simpleldap_security_mode') == "security_high" ) {
+			if ( $simpleldap_security_mode == "security_high" ) {
-				$high_security = true;
+				$this->set_setting('high_security', true);
 			}
 			if ( $this->set_setting('high_security', $high_security) ) {
 				//delete_option('simpleldap_security_mode');
 			}
 		}
 		if ( $this->get_setting('version') < $this->version || $this->get_setting('version') === false ) {
 			$this->add_setting('search_sub_ous', "false");
 			$this->add_setting('group_base_dn', "");
 			$this->add_setting('group_uid', "memberUid");
 			// User attribute settings
 			$this->add_setting('user_first_name_attribute', "givenname");
 			$this->add_setting('user_last_name_attribute', "sn");
 			$this->add_setting('user_email_attribute', "mail");
 			$this->add_setting('user_url_attribute', "wwwhomepage");
 			$this->add_setting('user_meta_data', array() );
 		}
 		// Update version
 		$this->set_setting( 'version', $this->version );
 	}
 	function menu () {
 		if ($this->is_network_version()) {
 			add_submenu_page(
 				"settings.php",
 				"Simple LDAP Login",
 				"Simple LDAP Login",
 				'manage_network_plugins',
 				"simple-ldap-login",
 				array($this, 'admin_page')
 			);
 		}
 		else {
 			add_options_page("Simple LDAP Login", "Simple LDAP Login", 'manage_options', "simple-ldap-login", array($this, 'admin_page') );
 		}
 	}
 	function admin_page () {
 		include 'Simple-LDAP-Login-Admin.php';
 	}
 	function get_settings_obj () {
 		if ( $this->is_network_version() ) {
 			return get_site_option("{$this->prefix}settings", false);
 		}
 		else {
 			return get_option("{$this->prefix}settings", false);
 		}
 	}
 	function set_settings_obj ( $newobj ) {
 		if ( $this->is_network_version() ) {
 			return update_site_option("{$this->prefix}settings", $newobj);
 		}
 		else {
 			return update_option("{$this->prefix}settings", $newobj);
 		}
 	}
 	function set_setting ( $option = false, $newvalue ) {
 		if( $option === false ) return false;
@ -175,7 +236,12 @@ class SimpleLDAPLogin {
 			foreach( $new_settings as $setting_name => $setting_value  ) {
 				foreach( $setting_value as $type => $value ) {
-					if( $type == "array" ) {
+					if( $setting_name == 'user_meta_data') {
 						$this->set_setting($setting_name,
 								array_map( function ($attr) { return explode(':', $attr); },
 								array_filter(preg_split('/\r\n|\n|\r|;/', $value))));
 					}
 					elseif( $type == "array") {
 						$this->set_setting($setting_name, explode(";", $value));
 					} else {
 						$this->set_setting($setting_name, $value);
@ -208,6 +274,11 @@ class SimpleLDAPLogin {
 		$user_obj = get_user_by('login', $username);
 		if( user_can($user_obj, 'update_core') ) $local_admin = true;
 		$local_admin = apply_filters( 'sll_force_ldap', $local_admin );
 		$password = stripslashes($password);
 		// To force LDAP authentication, the filter should return boolean false
 		if ( empty($username) || empty($password) ) {
 			$error = new WP_Error();
@ -221,7 +292,7 @@ class SimpleLDAPLogin {
 		}
 		// If high security mode is enabled, remove default WP authentication hook
-		if ( str_true( $this->get_setting('high_security') ) && ! $local_admin ) {
+		if ( apply_filters('sll_remove_default_authentication_hook', str_true( $this->get_setting('high_security') ) && ! $local_admin ) ) {
 			remove_filter('authenticate', 'wp_authenticate_username_password', 20, 3);
 		}
@ -237,13 +308,19 @@ class SimpleLDAPLogin {
 				if ( ! $user || ( strtolower($user->user_login) !== strtolower($username) ) )  {
 					if( ! str_true($this->get_setting('create_users')) ) {
 						do_action( 'wp_login_failed', $username );
-						return new WP_Error('invalid_username', __('<strong>Simple LDAP Login Error</strong>: LDAP credentials are correct, but there is no matching WordPress user and user creation is not enabled.'));
+						return $this->ldap_auth_error('invalid_username', __('<strong>Simple LDAP Login Error</strong>: LDAP credentials are correct, but there is no matching WordPress user and user creation is not enabled.'));
 					}
 					$new_user = wp_insert_user( $this->get_user_data( $username, $this->get_setting('directory') ) );
 					if( ! is_wp_error($new_user) )
 					{
 						// Add user meta data
 						$user_meta_data = $this->get_user_meta_data( $username, $this->get_setting('directory'));
 						foreach( $user_meta_data as $meta_key => $meta_value ) {
 							add_user_meta($new_user, $meta_key, $meta_value);
 						}
 						// Successful Login
 						$new_user = new WP_User($new_user);
 						do_action_ref_array($this->prefix . 'auth_success', array($new_user) );
@ -253,42 +330,79 @@ class SimpleLDAPLogin {
 					else
 					{
 						do_action( 'wp_login_failed', $username );
-						return new WP_Error("{$this->prefix}login_error", __('<strong>Simple LDAP Login Error</strong>: LDAP credentials are correct and user creation is allowed but an error occurred creating the user in WordPress. Actual error: '.$new_user->get_error_message() ));
+						return $this->ldap_auth_error("{$this->prefix}login_error", __('<strong>Simple LDAP Login Error</strong>: LDAP credentials are correct and user creation is allowed but an error occurred creating the user in WordPress. Actual error: '.$new_user->get_error_message() ));
 					}
 				} else {
 					return new WP_User($user->ID);
 				}
 			} else {
-				return new WP_Error("{$this->prefix}login_error", __('<strong>Simple LDAP Login Error</strong>: Your LDAP credentials are correct, but you are not in an authorized LDAP group.'));
+				return $this->ldap_auth_error("{$this->prefix}login_error", __('<strong>Simple LDAP Login Error</strong>: Your LDAP credentials are correct, but you are not in an authorized LDAP group.'));
 			}
 		} elseif ( str_true($this->get_setting('high_security')) ) {
-			return new WP_Error('invalid_username', __('<strong>Simple LDAP Login</strong>: Simple LDAP Login could not authenticate your credentials. The security settings do not permit trying the WordPress user database as a fallback.'));
+			return $this->ldap_auth_error('invalid_username', __('<strong>Simple LDAP Login</strong>: Simple LDAP Login could not authenticate your credentials. The security settings do not permit trying the WordPress user database as a fallback.'));
 		}
 		do_action($this->prefix . 'auth_failure');
 		return false;
 	}
 	function get_domain_username( $username ) {
 		// Format username with domain prefix, if login_domain is set
 		$login_domain = $this->get_setting('login_domain');
 		if ( ! empty($login_domain) ) {
 			return $login_domain . '\\' . $username;
 		}
 		return $username;
 	}
 	function ldap_auth( $username, $password, $directory ) {
 		$result = false;
 		if ( $directory == "ad" ) {
-			$result = $this->adldap->authenticate( $username, $password );
+			$result = $this->adldap->authenticate( $this->get_domain_username($username), $password );
 		} elseif ( $directory == "ol" ) {
 			$this->ldap = ldap_connect( join(' ', (array)$this->get_setting('domain_controllers')), (int)$this->get_setting('ldap_port') );
 			ldap_set_option($this->ldap, LDAP_OPT_PROTOCOL_VERSION, (int)$this->get_setting('ldap_version'));
 			if ( str_true($this->get_setting('use_tls')) ) {
 				ldap_start_tls($this->ldap);
 			}
-			$ldapbind = @ldap_bind($this->ldap, $this->get_setting('ol_login') .'=' . $username . ',' . $this->get_setting('base_dn'), $password);
+                        $dn = $this->get_setting('ol_login') .'=' . $username . ',' . $this->get_setting('base_dn');
                        if (str_true($this->get_setting('search_sub_ous'))) {
                            // search for user's DN in the base DN and below
                            $filter = $this->get_setting('ol_login') .'=' . $username;
                            $sr = @ldap_search($this->ldap, $this->get_setting('base_dn'), $filter, array('cn'));
                            if ($sr !== FALSE) {
                                $info = @ldap_get_entries($this->ldap, $sr);
                                if ($info !== FALSE && $info['count'] > 0) {
                                    $dn = $info[0]['dn'];
                                }
                            }
                        }
                        $ldapbind = @ldap_bind($this->ldap, $dn, $password);
                        $this->dn = $dn;
 						$result = $ldapbind;
 		}
 		return apply_filters($this->prefix . 'ldap_auth', $result);
 	}
 	/**
 	 * Prevent modification of the error message by other authenticate hooks
 	 * before it is shown to the user
 	 *
 	 * @param string $code
 	 * @param string $message
 	 * @return WP_Error
 	 */
 	function ldap_auth_error( $code, $message ) {
 		remove_all_filters( 'authenticate' );
 		return new WP_Error( $code, $message );
 	}
 	function user_has_groups( $username = false, $directory ) {
 		$result = false;
 		$groups = (array)$this->get_setting('groups');
@ -307,14 +421,15 @@ class SimpleLDAPLogin {
 		} elseif ( $directory == "ol" ) {
 			if( $this->ldap === false ) return false;
-			$result = ldap_search($this->ldap, $this->get_setting('base_dn'), '(' . $this->get_setting('ol_login') . '=' . $username . ')', array('cn'));
+			$group_base_dn = $this->get_setting('group_base_dn') !== false ? $this->get_setting('group_base_dn') : $this->get_setting('base_dn');
 			$result = ldap_search($this->ldap, $group_base_dn, '(|(&(objectClass=groupOfUniqueNames)(uniquemember=' . $this->dn . '))(&(objectClass=groupOfNames)(member=' . $this->dn . '))(' . $this->get_setting('group_uid') . '=' . $username . '))', array($this->get_setting('ol_group')));
 			$ldapgroups = ldap_get_entries($this->ldap, $result);
 			// Ok, we should have the user, all the info, including which groups he is a member of.
 			// Let's make sure he's in the right group before proceeding.
 			$user_groups = array();
 			for ( $i = 0; $i < $ldapgroups['count']; $i++) {
-				$user_groups[] .= $ldapgroups[$i]['cn'][0];
+				$user_groups[] = $ldapgroups[$i][$this->get_setting('ol_group')][0];
 			}
 			$result =  (bool)(count( array_intersect($user_groups, $groups) ) > 0);
@ -332,6 +447,7 @@ class SimpleLDAPLogin {
 			'display_name' => '',
 			'first_name' => '',
 			'last_name' => '',
 			'user_url' => '',
 			'role' => $this->get_setting('role')
 		);
@ -341,7 +457,15 @@ class SimpleLDAPLogin {
 		} elseif ( $directory == "ol" ) {
 			if ( $this->ldap == null ) {return false;}
-			$result = ldap_search($this->ldap, $this->get_setting('base_dn'), '(' . $this->get_setting('ol_login') . '=' . $username . ')', array($this->get_setting('ol_login'), 'sn', 'givenname', 'mail'));
+			$attributes = array(
 				$this->get_setting('ol_login'),
 				$this->get_setting('user_last_name_attribute'),
 				$this->get_setting('user_first_name_attribute'),
 				$this->get_setting('user_email_attribute'),
 				$this->get_setting('user_url_attribute')
 			);
 			$result = ldap_search($this->ldap, $this->get_setting('base_dn'), '(' . $this->get_setting('ol_login') . '=' . $username . ')', $attributes);
 			$userinfo = ldap_get_entries($this->ldap, $result);
 			if ($userinfo['count'] == 1) {
@ -350,15 +474,65 @@ class SimpleLDAPLogin {
 		} else return false;
 		if( is_array($userinfo) ) {
-			$user_data['user_nicename'] = $userinfo['givenname'][0] . ' ' . $userinfo['sn'][0];
+			$user_data['user_nicename'] = strtolower($userinfo[$this->get_setting('user_first_name_attribute')][0]) . '-' . strtolower($userinfo[$this->get_setting('user_last_name_attribute')][0]);
-			$user_data['user_email'] 	= $userinfo['mail'][0];
+			$user_data['user_email'] 	= $userinfo[$this->get_setting('user_email_attribute')][0];
-			$user_data['display_name']	= $user_data['user_nicename'];
+			$user_data['display_name']	= $userinfo[$this->get_setting('user_first_name_attribute')][0] . ' ' . $userinfo[$this->get_setting('user_last_name_attribute')][0];
-			$user_data['first_name']	= $userinfo['givenname'][0];
+			$user_data['first_name']	= $userinfo[$this->get_setting('user_first_name_attribute')][0];
-			$user_data['last_name'] 	= $userinfo['sn'][0];
+			$user_data['last_name'] 	= $userinfo[$this->get_setting('user_last_name_attribute')][0];
 			$user_data['user_url'] 		= $userinfo[$this->get_setting('user_url_attribute')][0];
 		}
 		return apply_filters($this->prefix . 'user_data', $user_data);
 	}
    function get_user_meta_data( $username, $directory ) {
 		if ( $directory == "ad" ) {
 			// TODO: get user meta data for ad
 			return false;
 		} elseif ( $directory == "ol" ) {
 			if ( $this->ldap == null ) {return false;}
 			$attributes = array();
 			foreach( $this->get_setting('user_meta_data') as $attr ) {
 				$attributes[] = $attr[0];
 			}
 		    $result = ldap_search($this->ldap, $this->get_setting('base_dn'), '(' . $this->get_setting('ol_login') . '=' . $username . ')', $attributes);
 			$userinfo = ldap_get_entries($this->ldap, $result);
 			if ($userinfo['count'] == 1) {
 				$userinfo = $userinfo[0];
 			}
 		} else return false;
 		$user_meta_data = array();
        foreach( $this->get_setting('user_meta_data') as $attr ) {
 			$user_meta_data[$attr[1]] = $userinfo[$attr[0]][0];
 		}
 		return apply_filters($this->prefix . 'user_meta_data', $user_meta_data);
 	}
 	/**
 	 * Returns whether this plugin is currently network activated
 	 */
 	function is_network_version() {
 		if ( $this->network_version !== null) {
 			return $this->network_version;
 		}
 		if ( ! function_exists( 'is_plugin_active_for_network' ) ) {
 			require_once( ABSPATH . '/wp-admin/includes/plugin.php' );
 		}
 		if ( is_plugin_active_for_network( plugin_basename(__FILE__) ) ) {
 			$this->network_version = true;
 		}
 		else {
 			$this->network_version = false;
 		}
 		return $this->network_version;
 	}
 }
 if ( ! function_exists('str_true') ) {
--- a/sources/ajouts/wp-content/plugins/simple-ldap-login/readme.md
+++ b/sources/ajouts/wp-content/plugins/simple-ldap-login/readme.md
@ -1,220 +0,0 @@
 # Plugin Name #
 **Contributors:** clifgriffin  
 **Donate link:** http://cgd.io  
 **Tags:** LDAP, authentication, login, active directory, adLDAP  
 **Requires at least:** 3.4  
 **Tested up to:** 3.6  
 **Stable tag:** 1.5.5  
 **License:** GPLv2 or later  
 Integrating WordPress with LDAP shouldn't be difficult. Now it isn't. Simple LDAP Login provides all of the features, none of the hassles.
 ## Description ##
 Having a single login for every service is a must in large organizations. This plugin allows you to integrate WordPress with LDAP quickly and easily. Like, really really easy.
 **Contributing**
 The easiest way to contribute to this plugin is to submit a GitHub pull request. Here's the repo:
 https://github.com/clifgriffin/simple-ldap-login
 **NEW VERSION -- 1.5**
 Just when you thought this project was dead, it sprang to life. I have spent some time completely rewriting Simple LDAP Login from the ground up. Proceed with caution as it's possible I have broken something in the process, but I'm reasonably certain it's fundamentally stable.
 **If you have any problems with 1.5, please let me know:** clifgriffin@gmail.com    
 **Support**
 If you need support, I recommend you leave a comment on the appropriate post on my blog:
 http://clifgriffin.com/2009/05/13/simple-ldap-login-13-for-wordpress/
 **Special Requests**
 **If you need a customization or change specific to your install, I am available for hire. Shoot me an e-mail:** clifgriffin[at]gmail.com  
 ### Features ###
 * Supports Active Directory and OpenLDAP (and other directory systems which comply to the LDAP standard, such as OpenDS)
 * Supports TLS
 * Uses up-to-date methods for WordPress authentication routines.
 * Authenticates existing WordPress usernames against LDAP.
 * Can be configured to automatically create WordPress users for valid LDAP logins.
 * You can restrict logins based on one or more LDAP groups.
 * Intuitive control panel.
 ### Architecture ###
 Simple LDAP Login adds an authentication filter to WordPress that authentication requests must pass. In doing so, it makes several decisions.
 * Can the provided credentials be authenticated against LDAP?
 * * If so, is the LDAP user a member of the required LDAP groups (if any)?
 * * * Does a matching WordPress user exist?
 * * * * If so, log the user in.
 * * * * If not, is user creation enabled?
 * * * * * Create the user and log them in.
 This is high level overview. This should answer the philosophical questions about how the plugin works. If the plugin is unable to authenticate the user, it should pass it down the chain to WordPress. (Unless LDAP Exclusive is turned on, in which case it won't.)
 ## Upgrade Notice ##
 I have spent some time completely rewriting Simple LDAP Login from the ground up. Proceed with caution as it's possible I have broken something in the process, but I'm reasonably certain it's fundamentally stable.
 **If you have any problems with 1.5, please let me know:** clifgriffin@gmail.com    
 ## Changelog ##
 **Version 1.5.5**
 * Fix syntax error.
 * Don’t sanitize user info.
 **Version 1.5.4**
 * Local admins will always fall back to local WP password. 
 * Fixes bug where new users do not have name or other information from LDAP directory 
 **Version 1.5.3**
 * Fixing apparent security problem with blank passwords. (!)
 * Fixing typo in filter name (did not affect any functionality)
 * Local admin exception coming soon, as well as more bug fixes. 
 * Possible fix for login error upon arriving at login page when LDAP exclusive enabled.
 **Version 1.5.2**
 * Fixed bug with groups setting.
 * Removed delete_option references in upgrade code to allow for easier rollbacks (sorry about that!)
 * Fixed a few bugs in the user creation code. 
 * Fixed bug with storing default user role. 
 **Version 1.5.1**
 * Fixed a bug where the domain controllers are passed as a string. 
 **Version 1.5**
 * Complete rewritten from the ground up.
 * It's Object Oriented, DRY and Singleton. 
 * The options have been overhauled to make configuration much easier. Focuses on individual features rather than "modes" that encapsulate several behaviors. 
 * Admin pages now use WordPress admin styles and behaviors. 
 * Tested with Active Directory. I recommend OpenLDAP users test carefully before implementing in their production environments. 
 * Added global on off switch so you can easily disable LDAP authentication without deactivating.  
 **Version 1.4.0.5.1** 
 * I broke it. Sorry guys! :(
 * Downgraded adLDAP as some referenced functions no longer exist. 
 **Version 1.4.0.5**
 * Updated adLDAP to version 4.x
 * Fixed error in OpenLDAP group membership check
 * As always TEST this first. Don't assume it works...I don't have a testing environment to ensure it will work correctly. 
 **Version 1.4.0.4**
 * Fixes nickname bug accidentally put back in in last version. (My bad!)
 **Version 1.4.0.3**
 * Reverts bug introduced in 1.4.0.2
 * If you installed 1.4.0.2 and use OpenLDAP, please update as soon as possible and verify users cannot login with incorrect passwords (and vice versa).
 **Version 1.4.0.2 - Patches submitted by Jonas Genannt and Ilya Kozlov**
 * Updates adLDAP to 3.3.2
 * Fixes issue with users in recursive OUs not being found. 
 * Fixes issues with different Base DN formats.
 *** NOTE:** Please be catious in updating. As I don't have an OpenLDAP install, I am unable to independently confirm these fix the problems. If you have issues, revert to 1.4.0.1 and e-mail me: clifgriffin[at]gmail.com.  Likewise, If you can confirm these changes are effective, also let me know. :)  
 **Version 1.4.0.1**
 * Fix for e-mail exists issue with WP 3.0+ for LDAP installations that don't populate the e-mail address attribute.
 * Shows actual error message from WordPress upon failure.
 **Version 1.4**
 * First update in about a year. Thanks for your patience. 
 * Completely rewritten to support changes in WordPress 2.8+.  Now fully supports WordPress 3.0.
 * Much more manageable and efficient code structure. Less code repetition.
 * Includes TLS support. 
 * Allows OpenLDAP users to specify an alternate LDAP attribute to use for logins for those not using UID.
 **Version 1.3.0.3**
 * Test form now implements wp_authenticate and uses the same routines as the actual login. This also means account creation and group membership are tested. 
 * Implemented stripslashes() to correct issue with some special characters such as a single quote and backslash. 
 * WordPress account "admin" is now allowed to login using local password even when security mode is set to high. For safety.
 * Made some minor wording changes to the admin panel. 
 **Version 1.3.0.2.1**
 * Fixed case sensitivity issue that could result in multiple accounts. There may be lingering case insensitivity issues due to the get_userdatabylogin function being case-sensitive. We'll figure this out in due time. 
 * Sorry for posting two updates on the same day!
 **Version 1.3.0.2**
 * Fixes several tickets including role assignment, case sensitivity, and potential compatibility issues with other themes/plugins.
 * Added security mode setting to allow security to be tightened. 
 * Changed auto created accounts to use a random password rather than the LDAP password given. 
 * Fixed error with the way announcements are displayed in the admin panel. 
 * More code clean up.
 **Version 1.3.0.1**
 * Never officially released. 
 * Contained code cleanup and some attempted fixes. 
 **Version 1.3 Beta**
 * Support for both Active Directory and OpenLDAP.
 * The ability to create WordPress users automatically upon login based on LDAP group membership OR by LDAP authentication alone.
 * The ability to test domain settings straight from admin panel.
 * Announcements pane that allows me to update you with fixes, cautions, new beta versions, or other important information.
 **Version 1.2.0.1**
 * Changed required user level for admin page to 10, Administrators only.
 **Version 1.2**
 * Implemented multiple domain controllers.
 * Changed field sizes on admin page to be more user friendly.
 **Version 1.1**
 * Moved settings to administration pages under settings.
 * Upgraded to latest version of adLDAP 2.1.
 * Got rid of credentials. (They are not neccessary for the authenticate function in adLDAP!)
 * Plugin is now upgrade proof. Settings are stored using WordPress's setting functions.
 **Version 1.0** 
 * Original release.
 ## Installation ##
 1. Use the WordPress plugin directory to install the plugin or upload the directory `simple-ldap-login` to the `/wp-content/plugins/` directory.
 1. Activate the plugin through the 'Plugins' menu in WordPress
 1. Update the settings to those that best match your environment by going to Settings -> Simple LDAP Login
 1. If you don't get the settings right the first time, don't fret! Just use your WordPress credentials. They should always work 
 1. Once you have the settings correct, you can toggle LDAP Exclusive mode (if you like).
 1. To make your life easier, consider using two different browsers (e.g., Chrome and Firefox) to do testing.  Change settings in one. Test in the other. This will prevent any chance of being locked out.
 ## Frequently Asked Questions ##
 ### Other than WordPress, what does my system require? ###
 Your install of PHP must be configured/compiled with LDAP support.
 ### How do I know what the correct settings are? ###
 I have tried to make the settings as self-explanatory as possible. If you are struggling figuring them out, you may need to speak with your LDAP administrator. I realize this is an obnoxious response, but there is no good, fool proof way to help you discover these settings. A good place to start, if you're feeling daring, might be to use ADSIEdit for Windows and Active Directory, or GQ for Linux and OpenLDAP.
 ### It's still not working, what other things can I try? ###
 If you are confident your settings are correct and it still does not work, it may be time to check for port or firewall issues. If your LDAP server is running on a non-standard port or an obsolete version of the LDAP protocol you are going to have issues. Port 389 is the port this plugin, and nearly every other LDAP enabled software expects. They are also expecting protocol version 3. If you are using an old version of LDAP or running a non-standard port you may need to modify the code that the plugin runs or update your LDAP installation.
 Unfortunately I can't be relied upon to assist with these types of requests. I chose not to support these scenarios because they are infrequent and because they confuse everyone else.
 ### It's still not working! How can I get help? ###
 **The easiest way to get help is to post a comment on my blog:** http://clifgriffin.com/simple-ldap-login/. I'll do my best to get you up and running!  
 ## Screenshots ##
 1. Easy to use admin panel. 
 2. Advanced options for power users.
--- a/sources/ajouts/wp-content/plugins/simple-ldap-login/readme.txt
+++ b/sources/ajouts/wp-content/plugins/simple-ldap-login/readme.txt
@ -3,8 +3,8 @@ Contributors: clifgriffin
 Donate link: http://cgd.io
 Tags: LDAP, authentication, login, active directory, adLDAP
 Requires at least: 3.4
-Tested up to: 3.6
+Tested up to: 4.5.0
-Stable tag: 1.5.5
+Stable tag: 1.6.0
 License: GPLv2 or later
 Integrating WordPress with LDAP shouldn't be difficult. Now it isn't. Simple LDAP Login provides all of the features, none of the hassles.
@ -13,19 +13,15 @@ Integrating WordPress with LDAP shouldn't be difficult. Now it isn't. Simple LDA
 Having a single login for every service is a must in large organizations. This plugin allows you to integrate WordPress with LDAP quickly and easily. Like, really really easy.
 **Contributing**
 This is a community project now. Most development is done by users like you who find bugs and fix them, or find new ways to make the plugin more powerful for everyone.
 The easiest way to contribute to this plugin is to submit a GitHub pull request. Here's the repo:
 https://github.com/clifgriffin/simple-ldap-login
 **NEW VERSION -- 1.5**
 Just when you thought this project was dead, it sprang to life. I have spent some time completely rewriting Simple LDAP Login from the ground up. Proceed with caution as it's possible I have broken something in the process, but I'm reasonably certain it's fundamentally stable.
 If you have any problems with 1.5, please let me know: clifgriffin@gmail.com  
 **Support**
-If you need support, I recommend you leave a comment on the appropriate post on my blog:
+If you need support, file an issue here:
-http://clifgriffin.com/2009/05/13/simple-ldap-login-13-for-wordpress/
+https://github.com/clifgriffin/simple-ldap-login/issues
 **Special Requests**
@ -53,12 +49,14 @@ Simple LDAP Login adds an authentication filter to WordPress that authentication
 This is high level overview. This should answer the philosophical questions about how the plugin works. If the plugin is unable to authenticate the user, it should pass it down the chain to WordPress. (Unless LDAP Exclusive is turned on, in which case it won't.)
 == Upgrade Notice ==
 I have spent some time completely rewriting Simple LDAP Login from the ground up. Proceed with caution as it's possible I have broken something in the process, but I'm reasonably certain it's fundamentally stable.
 If you have any problems with 1.5, please let me know: clifgriffin@gmail.com  
 == Changelog ==
 **Version 1.6.0**
 * New filter sll_remove_default_authentication_hook lets you override local password fallback.
 * Lots of new features from various pull requests from contributing users. Most of these focus on new settings for edge cases, and some general improvements.
 * If we did our jobs right, nothing will break. But if it does, rolling back to 1.5.5 is the best place to start.
 **Version 1.5.5**
 * Fix syntax error.
--- a/sources/wordpress.tar.gz
+++ b/sources/wordpress.tar.gz