我正在尝试进行LDAP身份验证但是我被困了。我无法弄清楚如何继续。
我在互联网上找到了这段代码并进行了一些编辑。问题是这没有提示任何东西。我不确定这是否有效。有人能帮我吗?我不确定,但我认为连接和绑定功能有效。
感谢您的帮助
<?php
$server = "127.0.0.1";
$basedn = "ou=people,dc=nodomain";
$script = $_SERVER['SCRIPT_NAME'];
if (isset($HTTP_COOKIE_VARS['cookie'])) {
$cookie = $HTTP_COOKIE_VARS['cookie'];
}
if (isset($cookie)) {
$username = $cookie['user'];
$password = ($cookie['token']);
$fullname = $cookie['fullname'];
$fqdn = $cookie['fqdn'];
$dn = "uid=$username, ";
if (!($connect = ldap_connect($server))) {
die("Could not connect to LDAP server");
}
if (!($bind = ldap_bind($connect, "$dn" . "$basedn", $password))) {
die("Could not bind to $dn$basedn");
}
} else {
if ((isset($_POST['username'])) && (isset($_POST['password']))) {
$username = $_POST['username'];
$password = $_POST['password'];
$filter = "(&(|(!(displayname=Administrator*))(!
(displayname=Admin*)))(cn=$username))";
$dn = "uid=$username, ";
if (!($connect = ldap_connect($server))) {
die("Could not connect to LDAP server");
}
ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
if (!($bind = ldap_bind($connect, "$dn" . "$basedn",
$password))) {
die("Could not bind to $dn --- $connect");
}
$sr = ldap_search($connect, $basedn, "$filter");
$info = ldap_get_entries($connect, $sr);
$fullname = $info[0]["displayname"][0];
$fqdn = $info[0]["dn"];
setcookie("cookie[user]", $username);
setcookie("cookie[token]", $password);
setcookie("cookie[fullname]", $fullname);
setcookie("cookie[fqdn]", $fqdn);
} else {
?>
<html>
<head>
<title>OTP Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="expires" content="0">
<meta http-equiv="pragma" content="no-cache">
</head>
<SCRIPT LANGUAGE="JavaScript">
<!--
document.onmousedown=click;
function click()
{
if (event.button==2) {alert('Right-clicking has been
disabled by
the administrator.');}
}
//-->
</SCRIPT>
<div align="center">
<form method="post" action="<? echo $script; ?>">
<div align="center">
<table width="210" border="0" cellspacing="0" cellpadding="0">
<tr>
<td align="center">
<fieldset>
<Legend><font face="Verdana,Tahoma,Arial,sans-serif" size="1"
color="gray">Enter Credentials</font></Legend>
<table border="0" cellspacing="3" cellpadding="0">
<tr>
<td align="right" valign="middle"><b><font
face="Verdana,Tahoma,Arial,sans-
serif" size="1" color="gray">Username:</font></td>
<td align="center" valign="middle">
<input class="clear" type="text" size="15" name="username">
</td>
</tr>
<tr>
<td align="right" valign="middle"><b><font
face="Verdana,Tahoma,Arial,sans-
serif" size="1" color="gray">Password:</font></td>
<td align="center" valign="middle">
<input class="pass" type="password" size="15"
name="password">
</td>
</tr>
</table>
<input type=image src="images/login.gif" alt="Login"
name="image">
<br>
</div>
</td>
</tr>
</fieldset>
</table>
<br>
<table width="640"><tr><td align="center">
<font face="Verdana,Tahoma,Arial,sans-serif" size="1"
color="silver">This System is
for the use of authorized users only. Please enter your username and password as well as your OTP</font>
</td></tr></table>
</div>
</form>
</div>
</body>
</html>
<?
die ();
}
}
$>
答案 0 :(得分:0)
在密码中存储密码通常是个坏主意,应该从代码中删除。
代码:
if (!($connect = ldap_connect($server))) {
die("Could not connect to LDAP server");
}
ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
if (!($bind = ldap_bind($connect, "$dn" . "$basedn",
$password))) {
die("Could not bind to $dn --- $connect");
}
正在进行身份验证,应该是有效的。虽然如果绑定失败,死亡有点苛刻,因为这意味着身份验证被拒绝。我宁愿输出一些说错误登录的文字。