From 4e8b759612efeccec22810b27e38248a0da844e1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marc=20W=C3=A4ckerlin?= <marc@mrw.sh>
Date: Wed, 1 Mar 2017 09:08:27 +0000
Subject: [PATCH] fix get user data; fix qrcode library

---
 etc/authentication.php | 14 +++++++++++---
 etc/settings.php       |  2 +-
 html/index.php         |  8 +-------
 3 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/etc/authentication.php b/etc/authentication.php
index 8817208..f6ce2cc 100644
--- a/etc/authentication.php
+++ b/etc/authentication.php
@@ -23,11 +23,19 @@ if (!isset($_SERVER['PHP_AUTH_USER'])) {
         ldap_start_tls($ldapconn)
             or error_die($ldapconn, "cannot start LDAP TLS");
     if ($ldapbind = @ldap_bind($ldapconn, $checkuser.'='.$tstusername.','.$ldapbase, $password)) {
-        ldap_bind($ldap, 'username', 'password');
-        $search = ldap_search($ldapconn, 'base_dn', 'search_filter', array('mail', 'cn'));
-        $data = ldap_get_entries($ldap, $search);
+        $search = ldap_search($ldapconn, $ldapbase, $checkuser.'='.$tstusername, array('mail\
+', 'cn'));
+        $data = ldap_get_entries($ldapconn, $search);
         ldap_close($ldapconn);
         $username = $tstusername;
+        $email = array('count' => 1, 0 => $username.'@'.$_SERVER[HTTP_HOST]);
+        $fullname = $username;
+        if ($data['count']==1) {
+            if (isset($data[0]['mail']))
+                $email = $data[0]['mail'];
+            if (isset($data[0]['cn'][0]))
+                $fullname = $data[0]['cn'][0];
+        }
     } else {
         error_log("user login failed: ".$checkuser.'='.$tstusername.','.$ldapbase);
         error_log(ldap_error($ldapconn));
diff --git a/etc/settings.php b/etc/settings.php
index c9bfdd5..82dc755 100644
--- a/etc/settings.php
+++ b/etc/settings.php
@@ -1,5 +1,5 @@
 <?php
-require_once('qrlib.php'); 
+require_once('/usr/share/phpqrcode/qrlib.php'); // configure path to phpqrcode
 $imagepath = "/path/to/your/files";
 $thumbpath = "/var/tmp/sharing-gallery/thumbnails/";
 $max_validity_days = "30";
diff --git a/html/index.php b/html/index.php
index 7547641..e88f8a9 100644
--- a/html/index.php
+++ b/html/index.php
@@ -158,12 +158,6 @@
    }
    if (!isset($_REQUEST['secret'])) {
      if ($username=="") error_die('not authorized', '403 Forbidden');
-     ?>
-     <h1>Your Login Data</h2>
-     <pre>
-<?php print_r($data) ?>
-     </pre>
-     <?php
      if (isset($_REQUEST['path'])) checkPath($_REQUEST['path']);
      if (isset($_REQUEST['folder']) && !preg_match('/\//', $_REQUEST['folder'])) {
        $file = $thumbpath.'/folders/'.$subpath.'/'.$_REQUEST['folder'].'.png';
@@ -210,7 +204,7 @@
            foreach ($secret['elements'] as $f) {
              checkFile($f);
              $size += 512 + ceil(filesize($file)/512)*512;
-  	     $files[] = $file;
+             $files[] = $file;
            }
            header('Content-Description: File Transfer');
            header('Content-Type: application/x-tar');