【发布时间】:2011-11-15 23:08:44
【问题描述】:
我有一个登录屏幕,其中包含通过 php 脚本验证的用户名和密码凭据。一旦用户输入他们的用户名和密码并点击提交。 authenticate.php 进行 LDAP 绑定,如果用户的凭据是合法的,他们将被重定向到 www.siteA.com,如果凭据是错误的,则会给出错误提示“登录无效,身份验证失败。我想做这个 AJAX当用户点击提交时,就在该页面上,它会告诉用户他们输入的登录名是有效还是无效。
下面是我的代码:
登录表单:
<form action=authenticate.php method=post name=Auth class="appnitro">
<div class="form_description">
<h2>Login</h2>
</div>
<ul>
<li id="li_1">
<label class="description" for="element_1">Username </label>
<div>
input id="element_1" name="login" class="element text medium" type="text" maxlength="255" value=""/>
</div>
</li>
<li id="li_2" >
<label class="description" for="element_2">Password </label>
<div>
<input id="element_2" name="password" class="element text medium" type="password" maxlength="255" value=""/>
</div>
</li>
<li class="buttons">
<input id="saveForm" class="button_text" type="submit" name="submit" value="Log In" />
</li>
</ul>
</form>
我的 LDAP 绑定,Authenticate.php:
<?php
session_start();
if( isset($_POST['login']) && isset($_POST['password']) )
{
//LDAP stuff here.
$username = trim($_POST['login']);
$password = trim($_POST['password']);
echo("Authenticating...");
$ds = ldap_connect('ldap://ldap:port');
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
//Can't connect to LDAP.
if( !ds )
{
echo "Error in contacting the LDAP server -- contact ";
echo "technical services! (Debug 1)";
exit;
}
//Connection made -- bind anonymously and get dn for username.
$bind = @ldap_bind($ds);
//Check to make sure we're bound.
if( !bind )
{
echo "Anonymous bind to LDAP FAILED. Contact Tech Services! (Debug 2)";
exit;
}
$search = ldap_search($ds, "ou=People,DC=keler,DC=medioa,DC=com", "uid=$username");
//Make sure only ONE result was returned -- if not, they might've thrown a * into the username. Bad user!
if( ldap_count_entries($ds,$search) != 1 )
{
echo "Error processing username -- please try to login again. (Debug 3)";
redirect(_WEBROOT_ . "/try1b.php");
exit;
}
$info = ldap_get_entries($ds, $search);
//Now, try to rebind with their full dn and password.
$bind = @ldap_bind($ds, $info[0][dn], $password);
if( !$bind || !isset($bind))
{
echo "Login failed -- please try again. (Debug 4)";
redirect(_WEBROOT_ . "/try1b.php");
exit;
}
//Now verify the previous search using their credentials.
$search = ldap_search($ds, "ou=People,DC=keler,DC=medioa,DC=com", "uid=$username");
//if the user's login is legit then redirect to the siteA
$info = ldap_get_entries($ds, $search);
if( $username == $info[0][uid][0] )
{
$_SESSION['username'] = $username;
$_SESSION['fullname'] = $info[0][cn][0];
header( "Location: www.siteA.com" );
exit;
}
else
{
echo "Error. Access Denied";
redirect(_WEBROOT_ . "/try1b.php");
exit;
}
ldap_close($ds);
exit;
}
?>
【问题讨论】:
标签: php javascript html ajax openldap