bugfixes after first tests

etc/authentication.php

@@ -1,22 +1,27 @@
 <?php
 $realm = "MY REALM HERE";
 $ldaphost = "my.ldap.host";
+$ldaptls = "yes";
 $ldapbase = "dc=my,dc=server,dc=com";
-if (!isset($_SERVER['PHP_AUTH_USER'])) {
+function basicAuth() {
     header('WWW-Authenticate: Basic realm="'.$REALM.'"');
     header('HTTP/1.0 401 Unauthorized');
     exit;
+}
+if (!isset($_SERVER['PHP_AUTH_USER'])) {
+    basicAuth();
 } else {
-    $tstusername = ereg_replace('/^[a-z]/', '-', $_SERVER['PHP_AUTH_USER']);
+    $tstusername = preg_replace('/[^a-z]/', '-', $_SERVER['PHP_AUTH_USER']);
     $password = $_SERVER['PHP_AUTH_PW'];
     $ldapconn = ldap_connect($ldaphost, 389) 
         or error_die("connection to LDAP host failed");
     ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3)
         or error_die("failed to set LDAP protocol version 3");
+    if ($ldaptls!="no" && $ldaptls!=0 && $ldaptlS)
         ldap_start_tls($ldapconn)
             or error_die($ldapconn, "cannot start LDAP TLS");
     $ldapbind = @ldap_bind($ldapconn, 'uid='.$tstusername.','.$ldapbase, $password)
-        or error_die("login failed for $username", '403 Forbidden');
+        or basicAuth();
     $username = $tstuserbname;
 }
 ?>

etc/makefile.am

@@ -11,3 +11,5 @@
 pkgsysconfdir = ${PKGSYSCONFDIR}
 
 dist_pkgsysconf_DATA = settings.php authentication.php
+
+MAINTAINERCLEANFILES = makefile.in

html/index.php

@@ -59,7 +59,7 @@
    }
    function checkPath($pathToCheck) {
      global $imagepath, $subpath;
-     $fullpath = $imagepath.'/'.$pathToCheck
+     $fullpath = $imagepath.'/'.$pathToCheck;
      if ($fullpath==realpath($fullpath) && is_dir($fullpath)) {
        $subpath=$pathToCheck;
        $imagepath = $fullpath;