nikgod Posted February 11, 2008 Report Share Posted February 11, 2008 So, I've recently took it upon myself to develop a "little" intranet site for my office to use to track things like employee phone numbers, and all the statuses for all of our clients looking to immigrate to the US. You know, the little stuff. Anyway, I'm building most of this system from the ground up and as I do so I'll post the non-sensitive bits up here for you all to look at and critique. Before you do so, however, I'm going to insist that any code or code fragments posted here be treated as open for someone else to copy and put into their own projects. In that spirit, all my code that I post here is licensed under the Apache 2.0 license. If you do use my code, please let me know, it makes me feel all warm and tingly inside. I'll start things off with my login script. I decided that I would use my office's existing Active Directory infrastructure for authentication, and user information (which I put to use in the Employee Directory code which I'll post later). So, the login code takes in the username and password, and then compares it to the LDAP schema running as a part of Active Directory. <?php require_once('config.php'); session_start(); $_SESSION["lastact"] = time(); if(!isset($_SESSION["login"])) { //THIS IS A NEW SESSION $_SESSION["login"] = 0; $_SESSION["message"] = ""; $_SESSION["username"] = ""; $_SESSION["fullname"] = ""; $_SESSION["password"] = ""; } // connect to LDAP server $ldapc = ldap_connect($ldap["host"]) or die("Cannot connect to the ldap server :/"); $auth = false; //look up OU if (!($res = ldap_bind($ldapc,$ldap["authdn"],$ldap["authpass"]))) { print(ldap_error($ldapc) . "<br>"); die("Could not bind to $dn"); } else { // set search critia for OU $filter = "samaccountname=".$_POST['username']; // search OU $sr = ldap_search($ldapc,$ldap["rootdc"],$filter); if (!$sr) { die("search failedn"); } else { // get fields from search $info = ldap_get_entries($ldapc,$sr); if ($info["count"] == 0) { $auth = false; } else { $auth = true; $user_cn = $info[0]["cn"][0]; } // disconnect from LDAP server ldap_unbind($ldapc); } } if ($auth == false) { die("Could not authenticate you to the Active Directory Server."); } $ldapc = ldap_connect($ldap["host"]) or die("Cannot connect to AD server :/"); $authdn = "cn=".$user_cn.", ".$ldap["rootdc"]; $authpass = $_POST['password']; //look up OU if (!($res = ldap_bind($ldapc,$authdn,$authpass))) { $_SESSION["login"] = 0; $_SESSION["message"] = "Invalid Password."; } else { $sr = ldap_search($ldapc,$ldap["rootdc"],"cn=".$user_cn); $info = ldap_get_entries($ldapc,$sr); $_SESSION["login"] = 1; $_SESSION["username"] = $info[0]['samaccountname'][0]; $_SESSION["fullname"] = $info[0]['cn'][0]; $_SESSION["message"] = "Welcome ".$_SESSION["fullname"]; $_SESSION["password"] = $authpass; header('Location: /index2.php'); } ?> Quote Link to comment Share on other sites More sharing options...
alexander Posted February 11, 2008 Report Share Posted February 11, 2008 require_once('config.php'); session_start(); $_SESSION["lastact"] = time(); if(!isset($_SESSION["login"])) { //THIS IS A NEW SESSION $_SESSION["login"] = 0; $_SESSION["message"] = ""; $_SESSION["username"] = ""; $_SESSION["fullname"] = ""; $_SESSION["password"] = ""; } // connect to LDAP server $ldapc = ldap_connect($ldap["host"]) or die("Cannot connect to the ldap server :/"); $auth = false; //look up OU if (!($res = ldap_bind($ldapc,$ldap["authdn"],$ldap["authpass"]))) { print(ldap_error($ldapc) . "<br>"); die("Could not bind to $dn"); } else { // set search critia for OU $filter = "samaccountname=".$_POST['username']; // search OU $sr = ldap_search($ldapc,$ldap["rootdc"],$filter); if (!$sr) { die("search failedn"); } else { // get fields from search $info = ldap_get_entries($ldapc,$sr); if ($info["count"] == 0) { $auth = false; } else { $auth = true; $user_cn = $info[0]["cn"][0]; } // disconnect from LDAP server ldap_unbind($ldapc); } } if ($auth == false) { die("Could not authenticate you to the Active Directory Server."); } $ldapc = ldap_connect($ldap["host"]) or die("Cannot connect to AD server :/"); $authdn = "cn=".$user_cn.", ".$ldap["rootdc"]; $authpass = $_POST['password']; //look up OU if (!($res = ldap_bind($ldapc,$authdn,$authpass))) { $_SESSION["login"] = 0; $_SESSION["message"] = "Invalid Password."; } else { $sr = ldap_search($ldapc,$ldap["rootdc"],"cn=".$user_cn); $info = ldap_get_entries($ldapc,$sr); $_SESSION["login"] = 1; $_SESSION["username"] = $info[0]['samaccountname'][0]; $_SESSION["fullname"] = $info[0]['cn'][0]; $_SESSION["message"] = "Welcome ".$_SESSION["fullname"]; $_SESSION["password"] = $authpass; header('Location: /index2.php'); } Crash, for future reference, using tags for php code wields a prettier result :D Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.