From 006b352597254520268646833b9d38895e4f59c3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=B4me=20Chilliet?= <come@opensides.be>
Date: Wed, 24 Jul 2019 16:01:37 +0200
Subject: [PATCH] :ambulance: fix(core) Hide LDAP information from login errors

LDAP errors shown on login page were a bit too chatty

issue #6001
---
 include/class_ldap.inc     | 4 ++--
 include/class_userinfo.inc | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/include/class_ldap.inc b/include/class_ldap.inc
index df4418e12..0f489ac0f 100644
--- a/include/class_ldap.inc
+++ b/include/class_ldap.inc
@@ -963,9 +963,9 @@ class LDAP
   /*!
    * \brief Get the error
    */
-  function get_error ()
+  function get_error ($details = TRUE)
   {
-    if ($this->error == 'Success') {
+    if (($this->error == 'Success') || !$details) {
       return $this->error;
     } else {
       $adderror = $this->get_additional_error();
diff --git a/include/class_userinfo.inc b/include/class_userinfo.inc
index 61a781246..e1995ebaa 100644
--- a/include/class_userinfo.inc
+++ b/include/class_userinfo.inc
@@ -1145,7 +1145,7 @@ class userinfo
     $ldap = $config->get_ldap_link();
     if (!$ldap->success()) {
       msg_dialog::display(_('LDAP error'),
-          msgPool::ldaperror($ldap->get_error(), '', LDAP_AUTH),
+          msgPool::ldaperror($ldap->get_error(FALSE), '', LDAP_AUTH),
           FATAL_ERROR_DIALOG);
       exit();
     }
@@ -1229,10 +1229,10 @@ class userinfo
     );
     $ldap = new ldapMultiplexer($ldapObj);
     if (!$ldap->success()) {
-      if ($ldap->get_error() == 'changeAfterReset') {
+      if ($ldap->get_error(FALSE) == 'changeAfterReset') {
         $ui->forcePasswordChange = TRUE;
       } else {
-        throw new LoginFailureException($ldap->get_error());
+        throw new LoginFailureException($ldap->get_error(FALSE));
       }
     }
 
-- 
GitLab