From de19fcfe6587f33762f67077aefbe8ece8db8b9d Mon Sep 17 00:00:00 2001
From: Andy Miller <rhuk@mac.com>
Date: Wed, 16 May 2018 16:03:49 -0600
Subject: [PATCH] detect and log invalid  uid mapping throwing attribute error

---
 login-ldap.php | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/login-ldap.php b/login-ldap.php
index 7dd6f43..46bcc6c 100644
--- a/login-ldap.php
+++ b/login-ldap.php
@@ -130,11 +130,18 @@ class LoginLDAPPlugin extends Plugin
 
             // If search_dn is set we can try to get information from LDAP
             if ($search_dn) {
-                $query = $ldap->query($search_dn, $map_username .'='. $credentials['username']);
+                $query_string = $map_username .'='. $credentials['username'];
+                $query = $ldap->query($search_dn, $query_string);
                 $results = $query->execute()->toArray();
 
                 // Get LDAP Data
-                $ldap_data = array_shift($results)->getAttributes();
+                if (empty($results)) {
+                    $this->grav['log']->error('plugin.login-ldap: [401] user search for "' . $query_string . '" returned no user data');
+                    $ldap_data =[];
+                } else {
+                    $ldap_data = array_shift($results)->getAttributes();
+                }
+
                 $userdata = [];
 
                 $userdata['login'] = $this->getLDAPMappedItem($map_username, $ldap_data);