[英]Issue with ldap login
嘗試登錄時此腳本的問題在於,用戶只能在用戶名字段中使用用戶名登錄,而在密碼字段中沒有密碼登錄。 他們還可以使用正確的用戶名和密碼登錄。 但是,使用正確的用戶名和錯誤的密碼時,登錄將失敗。 我搜索了一下,但找不到很多。 這就是我所擁有的。
<?php
session_start();
include('config/db.php');
//echo phpinfo();
if(isset($_REQUEST['hdn_submit']) && $_REQUEST['hdn_submit']=="1"){
$ldaprdn = $_POST['username'] . '@domain';
$uname = $_POST['username'];
$ldappass = $_POST['password'];
//$ldapconn = ldap_connect(" old IP address",port)or die("Could not connect to LDAP server.");
$ldapconn = ldap_connect("IP address",port)or die("Could not connect to LDAP server.");
//echo $ldaprdn;
if ($ldapconn)
{
//ldap_set_option($ldapconn,LDAP_OPT_PROTOCOL_VERSION,3) or die("Could not set ldap protocol version");
// binding to ldap server
$ldapbind = @ldap_bind($ldapconn,$ldaprdn,$ldappass);
// verify binding
if ($ldapbind)
{
//login successfull
$_SESSION['checkin'] = date('d/m/Y h:i:s A');
$_SESSION['user_name'] = $_REQUEST['username'];
header('Location: index.php');
}
else
{
//echo 'hello';
echo '<script language="javascript">alert("Invalid Login. Please try again!")</script>;';
$_SESSION['LoggedIn'] = '0';
}
}
}
?>
<?php include_once('template/header.php'); ?>
<div class="row page-area">
<div class="panel panel-primary" style="width:300px; margin:100px auto;">
<div class="panel-heading">User Login</div>
<div class="panel-body">
<form class="form-signin" method="post" action="">
<?php if($msg!=''){ ?>
<p class="bg-primary"><?php echo $msg; ?></p>
<?php } ?>
<input name="username" type="text" class="form-control" placeholder="User Name" required autofocus><br/>
<input type="password" name="password" class="form-control" placeholder="User Password" required><br/>
<button class="btn btn-lg btn-primary btn-block" type="submit">
Sign In
</button>
<input type="hidden" name="hdn_submit" value="1">
</form>
</div>
</div>
</div>
<?php include_once('template/footer.php'); ?>
當他們不使用密碼“登錄”時,后端目錄服務器很可能anonymously
綁定會話。
如果在目錄服務器上禁用了匿名綁定,則應該失敗。
<?php
session_start();
include('config/db.php');
//echo phpinfo();
if(isset($_REQUEST['hdn_submit']) && $_REQUEST['hdn_submit']=="1"){
$ldaprdn = $_POST['username'] . '@domain';
$uname = $_POST['username'];
$ldappass = $_POST['password'];
//$ldapconn = ldap_connect("IP",port)or die("Could not connect to LDAP server.");
$ldapconn = ldap_connect("IP",port)or die("Could not connect to LDAP server.");
//echo $ldaprdn;
if ($ldapconn)
{
//ldap_set_option($ldapconn,LDAP_OPT_PROTOCOL_VERSION,3) or die("Could not set ldap protocol version");
// binding to ldap server
if($ldaprdn!="" && $ldappass!=""){
$ldapbind = @ldap_bind($ldapconn,$ldaprdn,$ldappass);
// verify binding
if ($ldapbind)
{
//login successfull
$_SESSION['checkin'] = date('d/m/Y h:i:s A');
$_SESSION['user_name'] = $_REQUEST['username'];
header('Location: index.php');
}
else
{
//echo 'hello';
echo '<script language="javascript">alert("Invalid Login. Please try again!")</script>;';
$_SESSION['LoggedIn'] = '0';
}
}else{
echo '<script language="javascript">alert("Invalid Login. Please try again!")</script>;';
$_SESSION['LoggedIn'] = '0';
}
}
}
?>
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.