我正在尝试实现LDAP用户身份验证,但出于某种原因,无论输入是什么,ldap_bind始终返回true。输入是否是乱码,空白或合法
$ds = ldap_connect($ldaphost)
or die("Could not connect to $ds");
if($bind = ldap_bind($ds,$username, $password))
{
// login successful
}
else {
// error message
}
任何想法?
注意:使用下面的代码会产生同样的问题:
$bind = ldap_bind($ds,$username, $password);
if($bind)
{
// login successful
}
else {
// error message
}
提前致谢!
答案 0 :(得分:3)
For anyone else that finds this question- It's possible that you are attempting an 'anonymous simple bind' if you're passing a zero length password, which will always return true.
See the comment for better description check out php.net
答案 1 :(得分:1)
就这样做......
if(ldap_bind($ds,$username, $password))
而不是
if($bind = ldap_bind($ds,$username, $password))
答案 2 :(得分:0)
您可以使用ldapmanagment.php:
class Connection {
protected $server;
protected $port;
protected $user;
protected $password;
protected $ldapconn;
public function __construct($server, $port, $user, $password){
$this->server = $server;
$this->port = $port;
$this->user = $user;
$this->password = $password;
}
public function connect() {
$this->ldapconn = ldap_connect($this->server,$this->port) or die("Could not connect to LDAP server.");
ldap_set_option($this->ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($this->ldapconn, LDAP_OPT_REFERRALS, 0);
if ($this->ldapconn) {
$ldapbind = @ldap_bind($this->ldapconn, $this->user, $this->password);
}
}
并在你的文件php中:
include('ldapmanagement.php');
$connection = new Connection ($LDAPHOST,$LDAPPORT,$ldaprdn,$ldappass);
$connection->connect();