fix: added bypass to database authentication if LDAP is not available

Author: thorsten

phpmyfaq/src/phpMyFAQ/User/CurrentUser.php

@@ -162,15 +162,15 @@ public function login(string $login, #[SensitiveParameter] string $password): bo
             $login = strtok($login, '@\\');
         }
 
-        // Attempt to authenticate user by login and password
+        // Attempt to authenticate a user by login and password
         $this->authContainer = $this->sortAuthContainer($this->authContainer);
         foreach ($this->authContainer as $authSource => $auth) {
             if ($auth->isValidLogin($login, $optData ?? []) === 0) {
-                continue; // Login does not exist, try next auth method
+                continue; // Login does not exist, try the next auth method
             }
 
             if (!$auth->checkCredentials($login, $password, $optData ?? [])) {
-                continue; // Incorrect password, try next auth method
+                continue; // Incorrect password, try the next auth method
             }
 
             // Login successful, proceed with post-login actions
@@ -231,7 +231,7 @@ public function isLoggedIn(): bool
     }
 
     /**
-     * Sets loggedIn to true if the 2FA-auth was successfully and saves the login to session.
+     * Sets loggedIn to true if the 2FA-auth was successful and saves the login to session.
      */
     public function twoFactorSuccess(): bool
     {
@@ -370,7 +370,7 @@ public function updateSessionId(bool $updateLastLogin = false): bool
 
         $requestTime = Request::createFromGlobals()->server->get('REQUEST_TIME');
 
-        // save session information in user table
+        // save session information in the user table
         $update = sprintf(
             "
             UPDATE
@@ -618,7 +618,7 @@ public function setSessionTimeout(int $timeout): void
     }
 
     /**
-     * Enables to remember me decision.
+     * Enables to "remember me" decision.
      */
     public function enableRememberMe(): void
     {

phpmyfaq/src/phpMyFAQ/User/UserAuthentication.php

@@ -97,17 +97,17 @@ public function authenticate(string $username, #[SensitiveParameter] string $pas
         return $this->currentUser;
     }
 
-    /**
-     * @throws UserException
-     */
     private function authenticateLdap(): void
     {
         if ($this->configuration->isLdapActive() && function_exists('ldap_connect')) {
             try {
                 $authLdap = new AuthLdap($this->configuration);
                 $this->currentUser->addAuth($authLdap, 'ldap');
             } catch (Exception $exception) {
-                throw new UserException($exception->getMessage());
+                // LDAP initialization failed - log error and continue with local auth fallback
+                $this->configuration
+                    ->getLogger()
+                    ->error('LDAP authentication initialization failed: ' . $exception->getMessage());
             }
         }
     }