. # # # #################################################################################### if (isset($_POST['username']) && $_POST['password']) { //both username and password have been entered //connect to ldap server $ldap['conn'] = @ldap_connect( $ldap['host'], $ldap['port']); if (!$ldap['conn']) { echo '

' . $LANG['connect_error'] . ' ' . $ldap['host'] . '

'; exit; } //if connects OK we bind with hard coded bind user and pass $ldap['bind'] = @ldap_bind( $ldap['conn'], $ldap['binddn'], $ldap['bindpass'] ); if(!$ldap['bind']) { echo '

' . $LANG['bind_error'] . '

'; exit; } //search ldap for the supplied username in the basedn $ldap['result'] = @ldap_search($ldap['conn'], $ldap['base'], $ldap['user_context'] . '=' . $_POST['username']); $ldap['result_count'] = @ldap_get_entries($ldap['conn'], $ldap['result']); //if not exsists EXIT "unknown username!" if ($ldap['result_count']['count'] == 0) { //echo '

User: ' . $_POST['username'] . ' does not exist in the directory.

' . "\n"; require_once('inc/header.inc.php'); echo '

' . $LANG['logon_error'] . '.

'; require_once('inc/footer.inc.php'); exit; } else { //if user exists return users dn // retrieve all the entries from the search result $ldap['user_info'] = @ldap_get_entries( $ldap['conn'], $ldap['result'] ); $ldap['user_dn'] = $ldap['user_info'][0]['distinguishedname'][0]; } //attempt to bind to ldap again with supplied user (in returned dn) and supplied password $ldap['new_bind'] = @ldap_bind($ldap['conn'], $ldap['user_dn'], $_POST['password'] ); if(!$ldap['new_bind']) { //if error - EXIT BAD PASSWORD! require_once('inc/header.inc.php'); echo '

' . $LANG['logon_error'] . '.

'; require_once('inc/footer.inc.php'); exit; } else { //if true - user and password correct! //now we write the results of the user we want to an array $user_info['mail'] = $ldap['user_info'][0]['mail'][0]; $user_info['first_name'] = $ldap['user_info'][0]['givenname'][0]; $user_info['surname'] = $ldap['user_info'][0]['sn'][0]; $user_info['username'] = $ldap['user_info'][0]['cn'][0]; //and also write the username to the session... $_SESSION['username'] = $user_info['username']; $_SESSION['user_mail'] = $user_info['mail']; $_SESSION['user_fn'] = $user_info['first_name']; $_SESSION['user_sn'] = $user_info['surname']; } //close bind to ldap. ldap_unbind($ldap['conn']); } else { //user has not entered details - create the login form... require_once('inc/header.inc.php'); ?>