LDAP Login using PEAR, cannot redirect after login
Posted: Fri May 19, 2006 11:31 am
I have an authentication scheme using PEAR against our LDAP server. The problem that I am having is that PEAR is inserting headers thus not allowing me to use a redirect in my PHP code after the user sucsessfuly authenticates. Once the user authenticates with the correct username and password, I just get a blank screen (this is without my redirect inserted in my code). If I try to add a redirect in my code I recive this error: Warning: Cannot modify header information - headers already sent by (output started at C:\PHP\PEAR\Auth\Frontend\Html.php:92).
Below I have attached a sample of my code. Any help would be greatly appreciated. I don't know if this redirect is the best way to pass the user to the page that I want protected. If there is a better way of passing the user to the protected page, I am open to any new ideas/options.
Below I have attached a sample of my code. Any help would be greatly appreciated. I don't know if this redirect is the best way to pass the user to the page that I want protected. If there is a better way of passing the user to the protected page, I am open to any new ideas/options.
Code: Select all
<?php
// gotta have PEAR installed, and the Auth package
require_once "Auth/Auth.php";
$container = 'ldap';
$params = array(
'url' => 'ldap://myserver:389/',
'basedn' => 'uid=' . $_POST['username'] . ', ou=sample1, o=sample2',
'userfilter'=> '(objectClass=sample3)'
);
$auth = new Auth($container, $params);
// start an authentication session; this will automatically
// check credentials ($_POST['username'] && $_POST['password'])
// if they were passed.
$auth->start();
//Redirect
if ($auth == TRUE)
{
// If we get here then the password was correct. Send the user on his happy way.
header("Location:test.htm");
} else {
// Bind failed = user entered bad password
header ("Location:nothing.htm");
exit;
}
// process any logout requests. just pass POST variable called
// LOGOUT with any value at all to trigger a logout.
if (isset($_POST['LOGOUT'])) {
$auth->logout();
}
echo $auth->status;
/*
These are the session vars that Auth creates for you.
$_SESSION['auth'] => Array
(
[registered] => 1 // 0/null/false/unset if not logged in
[username] => whoever // username
[timestamp] => 1060785077 // when you started the session
[idle] => 1060785077 // idle since/last activity
)
The $auth object also has its own set of properties; use
print_r($auth) to view them.
*/
?>