Page 1 of 1

LDAP Login using PEAR, cannot redirect after login

Posted: Fri May 19, 2006 11:31 am
by papaxris
I have an authentication scheme using PEAR against our LDAP server. The problem that I am having is that PEAR is inserting headers thus not allowing me to use a redirect in my PHP code after the user sucsessfuly authenticates. Once the user authenticates with the correct username and password, I just get a blank screen (this is without my redirect inserted in my code). If I try to add a redirect in my code I recive this error: Warning: Cannot modify header information - headers already sent by (output started at C:\PHP\PEAR\Auth\Frontend\Html.php:92).

Below I have attached a sample of my code. Any help would be greatly appreciated. I don't know if this redirect is the best way to pass the user to the page that I want protected. If there is a better way of passing the user to the protected page, I am open to any new ideas/options.

Code: Select all

<?php

// gotta have PEAR installed, and the Auth package
    require_once "Auth/Auth.php";
	
    $container = 'ldap';
    $params = array(
        'url'      	=> 'ldap://myserver:389/',
        'basedn'   	=> 'uid=' . $_POST['username'] . ', ou=sample1, o=sample2',
	'userfilter'=> '(objectClass=sample3)'
		);
    
    $auth = new Auth($container, $params);
    
    // start an authentication session; this will automatically
    // check credentials ($_POST['username'] && $_POST['password'])
    // if they were passed.
    $auth->start();
	
	//Redirect
	if ($auth == TRUE) 
    { 
        // If we get here then the password was correct. Send the user on his happy way.
        header("Location:test.htm");

    } else {

        //  Bind failed = user entered bad password
        header ("Location:nothing.htm");
        exit;
    }
	
	
	// process any logout requests.  just pass POST variable called
    // LOGOUT with any value at all to trigger a logout.
    if (isset($_POST['LOGOUT'])) {
        $auth->logout();
    }
    
    echo $auth->status;
	
	/*
    These are the session vars that Auth creates for you.
    $_SESSION['auth'] => Array
        (
            [registered] => 1          // 0/null/false/unset if not logged in
            [username] => whoever      // username
            [timestamp] => 1060785077  // when you started the session
            [idle] => 1060785077       // idle since/last activity
        ) 

    The $auth object also has its own set of properties; use
    print_r($auth) to view them.
    */
	
?>