Code: Select all
<?php
session_start();
$invalidEntry = "";
$invalidInfo = "";
if ($_POST['process'] == 1) {
$pattern = '/^[a-z\d_]{4,28}$/i';
$username = $_POST['username'];
$password = $_POST['password'];
// save to session and redirect dis outa 'ere if we coo'
if (preg_match($pattern, $_POST['username']) > 0) {
// compare to LDAP - check if user/pass is correct
if (@ldap_connect("serverIP")) { // ensure this is a valid LDAP server
$ds = ldap_connect("serverIP");
if (@ldap_bind($ds,'domainPrefix\\' . $username,$password)){
// search memberOf attribute for pertinent groups for the site
// array("") contains the search filter(s)
$sr=ldap_search($ds, "DC=DC,DC=DC,DC=edu", "samaccountname=$username", array("memberOf", "dn", "description"));
$info = ldap_get_entries($ds, $sr);
$entry = ldap_first_entry($ds, $sr);
$attrs = ldap_get_attributes($ds, $entry);
$manageFunctions = array();
$testing = array();
for ($i=0; $i < $info["count"]; $i++) {
array_push($testing, $info[$i]["dn"]);
array_push($testing, $info[$i]["description"]);
array_push($manageFunctions, $info[$i]["memberOf"]);
}
ldap_close($ds);
$_SESSION['testing'] = $testing[0];
$_SESSION['ID'] = $testing[1];
$_SESSION['testing2'] = $iterateValue;
$_SESSION['loggedIn'] = "Yes";
$_SESSION['samaccountname'] = $username;
$_SESSION['manageFunctions'] = $manageFunctions;
header("location: home.php");
exit();
}else{
$invalidInfo = "Sorry, your username/password is incorrect";
}
}else{
$invalidInfo = "The page cannot contact the authentication server. Please contact an administrator";}
}else{
$invalidEntry = "Please enter a valid username.";}
}
?>