bugs fixed

etc/authentication.php

@@ -5,6 +5,7 @@ $ldaptls = "yes";
 $ldapbase = "dc=my,dc=server,dc=com";
 $checkuser = "cn";
 function basicAuth() {
+    global $realm;
     header('WWW-Authenticate: Basic realm="'.$realm.'"');
     header('HTTP/1.0 401 Unauthorized');
     exit;
@@ -12,7 +13,7 @@ function basicAuth() {
 if (!isset($_SERVER['PHP_AUTH_USER'])) {
     basicAuth();
 } else {
-    $tstusername = preg_replace('/[^a-z]/', '-', $_SERVER['PHP_AUTH_USER']);
+    $tstusername = $_SERVER['PHP_AUTH_USER'];
     $password = $_SERVER['PHP_AUTH_PW'];
     $ldapconn = ldap_connect($ldaphost, 389) 
         or error_die("connection to LDAP host failed");
@@ -21,8 +22,14 @@ if (!isset($_SERVER['PHP_AUTH_USER'])) {
     if ($ldaptls!="no" && $ldaptls!=0 && $ldaptlS)
         ldap_start_tls($ldapconn)
             or error_die($ldapconn, "cannot start LDAP TLS");
-    $ldapbind = @ldap_bind($ldapconn, $checkuser.'='.$tstusername.','.$ldapbase, $password)
-        or basicAuth();
-    $username = $tstuserbname;
+    if ($ldapbind = @ldap_bind($ldapconn, $checkuser.'='.$tstusername.','.$ldapbase, $password)) {
+        ldap_close($ldapconn);
+        $username = $tstusername;
+    } else {
+        error_log("user login failed: ".$checkuser.'='.$tstusername.','.$ldapbase);
+        error_log(ldap_error($ldapconn));
+        ldap_close($ldapconn);
+        basicAuth();
+    }
 }
 ?>