danno74 Posted August 20, 2009 Share Posted August 20, 2009 I'm at my end with this, because I know this was working when I first started this project. I get all the backend stuff done and am ready to publish, then the damn auth doesn't work! I am able to login without a password! As long as my username is in the LDAP database, it lets me in. I know this used to work, I'm royally confused. I found the original code on this forum http://www.phpbuilder.com/board/arch...-10257921.html Here is my interpretation: <?php if( isset($_POST['login']) && isset($_POST['password']) ) { //LDAP stuff here. $username = trim($_POST['login']); $password = trim($_POST['password']); $ldaphost = "ldap.server"; $ds = ldap_connect($ldaphost); //Can't connect to LDAP. if( !'ds' ) { echo "Error in contacting the LDAP server -- contact "; echo "the Helpdesk (Debug 1)"; exit; } //Connection made -- bind anonymously and get dn for username. $bind = @ldap_bind($ds); //Check to make sure we're bound. if( !'bind' ) { echo "Anonymous bind to LDAP FAILED. Contact the Helpdesk. (Debug 2)"; exit; } $search = ldap_search($ds, "ou=x,dc=x,dc=x", "uid=$username"); //Make sure only ONE result was returned -- if not, they might've thrown a * into the username. Bad user! if( ldap_count_entries($ds,$search) != 1 ) { echo "Error processing username -- please try to login again. (Debug 3)"; redirect("login.php"); exit; } $info = ldap_get_entries($ds, $search); //Now, try to rebind with their full dn and password. $bind = @ldap_bind($ds, $info[0][dn], $password); if( !$bind || !isset($bind)) { echo "Login failed -- please try again. (Debug 4)"; redirect("login.php"); exit; } //Now verify the previous search using their credentials. $search = ldap_search($ds, "ou=x,dc=x,dc=x", "uid=$username"); $info = ldap_get_entries($ds, $search); if( $username == $info[0]['uid'][0] ) { $_SESSION['username'] = $username; $_SESSION['fullname'] = $info[0]['cn'][0]; $_SESSION['affiliation'] = $info[0]['edupersonprimaryaffiliation'][0]; header('Location: https://www/success.php'); exit; } else { echo "Login failed -- please try again." ; exit; } ldap_close($ds); exit; } ?> : Any help in retaining my sanity is greatly appreciated!!!! - Dan Link to comment https://forums.phpfreaks.com/topic/171200-ldap-auth-page-not-working/ Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.