我使用以下脚本为网站制作经过ldap身份验证的登录页面。如果登录成功,那么我希望将用户重定向到" test.com"。 LDAP身份验证有效,但如果用户将用户名和密码字段留空并单击“提交”,则会重定向到test.com。当他们输入目录中存在的用户名时会发生同样的事情,但将密码字段留空。
<?php
if(isset($_POST['username']) && isset($_POST['password'])){
$adServer = "ldap://test.com";
$ldap = ldap_connect($adServer);
$username = $_POST['username'];
$password = $_POST['password'];
$ldaprdn = 'mw' . "\\" . $username;
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
$bind = @ldap_bind($ldap, $ldaprdn, $password);
if ($bind) {
$filter="(sAMAccountName=$username)";
$result = ldap_search($ldap,"dc=mw,dc=aa,dc=cd,dc=ca",$filter);
ldap_sort($ldap,$result,"sn");
$info = ldap_get_entries($ldap, $result);
for ($i=0; $i<$info["count"]; $i++)
{
if($info['count'] > 1)
break;
echo "<p>You are accessing <strong> ". $info[$i]["sn"][0] .", " . $info[$i]["givenname"][0] ."</strong><br /> (" . $info[$i]["samaccountname"][0] .")</p>\n";
echo '<pre>';
var_dump($info);
echo '</pre>';
$userDn = $info[$i]["distinguishedname"][0];
}
@ldap_close($ldap);
header( "Location: http://test.com" );
} else {
$msg = "Invalid email address / password";
echo $msg;
}
}else{
?>
<html>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="-1">
<head>
<!-- Bypass Compatiblity View (Super Important) -->
<meta http-equiv="X-UA-Compatible" content="IE=9">
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="css/bootstrap.min.css">
<!-- jQuery library -->
<link href="https://fonts.googleapis.com/css?family=Titillium+Web" rel="stylesheet" type="text/css">
<!-- My CSS page -->
<link rel="stylesheet" type="text/css" href="css/bootstrap-select.min.css">
<link rel="stylesheet" type="text/css" href="css/style.css">
<script src="js/jquery.min.js"></script>
<!-- Latest compiled JavaScript -->
<script src="js/bootstrap.min.js"></script>
<script src="js/bootstrap-select.min.js"></script>
<script src="js/jquery.validate.min.js"></script>
<script src="page.js"></script>
<!-- Google Font -->
</head>
<body class="login-body">
<div class="container" style="margin-top:30px">
<div class="row">
<div class="col-md-4 col-md-offset-4">
</div>
</div>
</div>
<div class="container">
<div class="row">
<div class="col-md-4 col-md-offset-4">
<div class="panel panel-default" >
<div class="panel-heading">
<h1 class="panel-title"><strong>Sign in</strong></h1>
</div>
<div class="panel-body">
<form action="#" method="POST" class="form-signin">
<div class="form-group">
<label for="username" class="control-label">Username</label>
<div class="input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-user" aria-hidden="true"></i></span>
<input type="text" class="form-control" name="username" id="username" placeholder="Enter your Username"/>
</div>
</div>
<div class="form-group">
<label for="password" class="control-label">Password</label>
<div class="input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-lock" aria-hidden="true"></i></span>
<input type="password" class="form-control" name="password" id="password" placeholder="Enter your Password"/>
</div>
</div>
<div class="form-group">
<button class="btn btn-lg btn-primary btn-block" type="submit" name="submit" value="Submit">Sign in</button>
</div>
</div> <!-- panel body -->
</form>
</div> <!-- panel end -->
</div>
</div> <!-- row end -->
</div> <!-- container end -->
</body></html>
<?php } ?>
答案 0 :(得分:0)
<?php
if(isset($_POST['username']) && isset($_POST['password'])){
$adServer = "ldap://test.com";
$ldap = ldap_connect($adServer);
$username = $_POST['username'];
$password = $_POST['password'];
$ldaprdn = 'mw' . "\\" . $username;
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
$bind = @ldap_bind($ldap, $ldaprdn, $password);
if (($username==NULL) or ($password ==NULL)){
$msg = "Invalid email address / password. You will now be redirected to the login page.";
echo $msg;
}
else {
if ($bind) {
$filter="(sAMAccountName=$username)";
$result = ldap_search($ldap,"dc=mw,dc=aa,dc=cd,dc=ca",$filter);
ldap_sort($ldap,$result,"sn");
$info = ldap_get_entries($ldap, $result);
for ($i=0; $i<$info["count"]; $i++)
{
if($info['count'] > 1)
break;
echo "<p>You are accessing <strong> ". $info[$i]["sn"][0] .", " . $info[$i]["givenname"][0] ."</strong><br /> (" . $info[$i]["samaccountname"][0] .")</p>\n";
echo '<pre>';
var_dump($info);
echo '</pre>';
$userDn = $info[$i]["distinguishedname"][0];
}
@ldap_close($ldap);
header( "Location: http://test.com" );
} else {
$msg = "Invalid email address / password";
echo $msg;
}
}}else{
?>
<html>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="-1">
<head>
<!-- Bypass Compatiblity View (Super Important) -->
<meta http-equiv="X-UA-Compatible" content="IE=9">
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="css/bootstrap.min.css">
<!-- jQuery library -->
<link href="https://fonts.googleapis.com/css?family=Titillium+Web" rel="stylesheet" type="text/css">
<!-- My CSS page -->
<link rel="stylesheet" type="text/css" href="css/bootstrap-select.min.css">
<link rel="stylesheet" type="text/css" href="css/style.css">
<script src="js/jquery.min.js"></script>
<!-- Latest compiled JavaScript -->
<script src="js/bootstrap.min.js"></script>
<script src="js/bootstrap-select.min.js"></script>
<script src="js/jquery.validate.min.js"></script>
<script src="page.js"></script>
<!-- Google Font -->
</head>
<body class="login-body">
<div class="container" style="margin-top:30px">
<div class="row">
<div class="col-md-4 col-md-offset-4">
</div>
</div>
</div>
<div class="container">
<div class="row">
<div class="col-md-4 col-md-offset-4">
<div class="panel panel-default" >
<div class="panel-heading">
<h1 class="panel-title"><strong>Sign in</strong></h1>
</div>
<div class="panel-body">
<form action="#" method="POST" class="form-signin">
<div class="form-group">
<label for="username" class="control-label">Username</label>
<div class="input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-user" aria-hidden="true"></i></span>
<input type="text" class="form-control" name="username" id="username" placeholder="Enter your Username"/>
</div>
</div>
<div class="form-group">
<label for="password" class="control-label">Password</label>
<div class="input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-lock" aria-hidden="true"></i></span>
<input type="password" class="form-control" name="password" id="password" placeholder="Enter your Password"/>
</div>
</div>
<div class="form-group">
<button class="btn btn-lg btn-primary btn-block" type="submit" name="submit" value="Submit">Sign in</button>
</div>
</div> <!-- panel body -->
</form>
</div> <!-- panel end -->
</div>
</div> <!-- row end -->
</div> <!-- container end -->
</body></html>
<?php } ?>