LDAP code error control abuse
Brought to you by:
jberanek
Menu
▾
▴
#425 LDAP code error control abuse
Hi,
When the ldap host variable is not set correctly, MRBS just croaks with a generic error message and there's nothing in the log. A quick look at the relevant code (at https://sourceforge.net/p/mrbs/hg-code/ci/default/tree/web/auth/auth_ldap.inc) indicates that the MRBS code is intentionally hiding all error output from ldap_connect and all other ldap calls, using the @ error control operator (http://php.net/manual/en/language.operators.errorcontrol.php).
This is an old anti-pattern in PHP code which assumed there's display_errors=on, which hasn't been true for basically decades on normal systems like Debian, with display_errors=off and log_errors=on.
Please remove the hiding of valuable debug information from the logs.
TIA.
I've now fixed this in the default branch in 93362c.