fix bugs for ldap plugin

fixes issue #1

README.md

@@ -3,11 +3,11 @@ zarafa-webapp-passwd
 
 The Passwd plugin allows the user to change his password inside of WebApp.
 
-This plugin is largely based on the "Passwd" plugin by Andreas Brodowski.
+This plugin is largely based on the Passwd plugin by Andreas Brodowski.
 For his original work check this [link](https://community.zarafa.com/pg/plugins/project/157/developer/dw2412/passwd-plugin)
 
 ## How to install
-1. If you want to use this plugin with production / debug version of webapp then please download package from [community](__link_to_come__)
+1. If you want to use this plugin with production / debug version of webapp then please download package from [community](https://community.zarafa.com/pg/plugins/project/23147/developer/silentsakky/webapp-password-change)
 2. If you want to use this plugin with source copy of webapp then you can just download this whole project
 3. Extract contents of this plugin to <webapp_path>/plugins directory
 4. Give read permissions to apache for <webapp_path>/plugins/passwd directory
@@ -31,8 +31,8 @@ For his original work check this [link](https://community.zarafa.com/pg/plugins/
 
 ## Notes
 - Feedback/Bug Reports are welcome
-- if anyone is good at creating icons then please help me add a good icon to change password tab (credits will be given)
+- If anyone is good at creating icons then please help me add a good icon to change password tab (credits will be given)
 
 ## Todo
-- add password strength meter on client side, so user can create complex passwords
-- check on client side for empty fields
+- Add password strength meter on client side, so user can create complex passwords
+- Check on client side for empty fields

php/class.passwdmodule.php

@@ -89,20 +89,24 @@ public function saveInLDAP($data)
 
 		// check connection is successfull
 		if(ldap_errno($ldapconn) === 0) {
+			// get the users uid, if we have a multi tenant installation then remove company name from user name
+			$parts = explode('@', $data['username']);
+			$uid = $parts[0];
+
 			// search for the user dn that will be used to do login into LDAP
 			$userdn = ldap_search (
 				$ldapconn,						// connection-identify
 				PLUGIN_PASSWD_LDAP_BASEDN,		// basedn
-				"uid=".$uid,					// search filter
-				array("dn")						// needed attributes. we need the dn
+				'uid=' . $uid,		// search filter
+				array('dn')						// needed attributes. we need the dn
 			);
 
 			if ($userdn) {
 				$userdn = ldap_get_entries($ldapconn, $userdn);
 				$userdn = $userdn[0]['dn'];
 
 				// bind to ldap directory
-				ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
+				ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
 
 				// login with current password if that fails then current password is wrong
 				$bind = ldap_bind($ladpconn, $userdn, $data['current_password']);
@@ -117,6 +121,13 @@ public function saveInLDAP($data)
 						$return_mod = ldap_modify($ldapconn, $userdn, $entry);
 						if (ldap_errno($ldapconn) === 0) {
 							// password changed successfully
+
+							// write new password to session because we don't want user to re-authenticate
+							session_start();
+							$_SESSION['password'] = $passwd;
+							session_write_close();
+
+							// send feedback to client
 							$this->sendFeedback(true, array(
 								'info' => array(
 									'display_message' => _('Password is changed successfully.')
@@ -161,14 +172,21 @@ public function saveInDB($data)
 		$passwdRepeat = $data['new_password_repeat'];
 
 		if($this->checkPasswordStrenth($passwd)) {
-			$passwd_cmd = "/usr/bin/zarafa-passwd -u %s -o %s -p %s";
+			$passwd_cmd = '/usr/bin/zarafa-passwd -u %s -o %s -p %s';
 
 			// all information correct, change password
 			$cmd = sprintf($passwd_cmd, $data['username'], $data['current_password'], $passwd);
 			exec($cmd, $arrayout, $retval);
 
 			if ($retval === 0) {
 				// password changed successfully
+
+				// write new password to session because we don't want user to re-authenticate
+				session_start();
+				$_SESSION['password'] = $passwd;
+				session_write_close();
+
+				// send feedback to client
 				$this->sendFeedback(true, array(
 					'info' => array(
 						'display_message' => _('Password is changed successfully.')
@@ -222,7 +240,7 @@ function sshaEncode($text)
 			$salt .= substr('0123456789abcdef', rand(0, 15), 1);
 		}
 
-		$hash = '{SSHA}' . base64_encode(pack("H*",sha1($text . $salt)) . $salt);
+		$hash = '{SSHA}' . base64_encode(pack('H*',sha1($text . $salt)) . $salt);
 
 		return $hash;
 	}