PHP - Php Login Ldap
Hello everyone,
I'm new to PHP and I have a question about a PHP Login page using LDAP. I have received a project from my boss. A project to digitizing a form. Well having that part done, my boss said to make login page that uses LDAP. A page that using the username and password from the AD to login and redirected to a different page. So that the person doesn't have to remember different usernames and passwords. Is there a simple script, doing this? Kind regards, Rinse Ringma ( Don't mind my bad English ) Similar TutorialsI am new to PHP. I have been trying to do some research online for a few days and not getting very far. I feel like I know less now than I did before I started. Here's the story: I've set up a LAMP server that runs a Wiki and AppGini (http://www.bigprof.com/appgini/) - AppGini allows you to "Create web database applications instantly without writing any code" - The only downside we have with it, is it's got it's own set of user accounts. My team all logs in with the default admin account which isn't a big deal but we'd prefer to use LDAP to AD for reasons I won't get into right now. I emailed AppGini support and asked about LDAP integration. Their response was that it's "a little bit of work" and "You can modify the login authentication function to authenticate using LDAP ... please see the example code he http://code.activestate.com/recipes/101525-ldap-authentication/ (needs some modifications to work with AppGini)" I've googled around and found 2 dozen different LDAP PHP samples. I've gotten some of them to work. By work I mean they connect to my domain controller and say "success" I'm not actually logged into anything. So I'm looking for a little help from square one. I need to have a better understanding of how things are supposed to work so I know where I'm supposed to go with all of this. Where do I start? What do I do? What would YOU do? This is the current "index.php" that logs you into the site. Code: [Select] <?php error_reporting(E_ALL ^ E_NOTICE); $d=dirname(__FILE__); include("$d/defaultLang.php"); include("$d/language.php"); include("$d/incCommon.php"); $x->TableTitle=$Translation['homepage']; include("$d/header.php"); if($_GET['signOut']==1){ logOutMember(); } $tablesPerRow=2; $arrTables=getTableList(); ?> <div align="center"><table cellpadding="8"> <?php if($_GET['loginFailed']==1 || $_GET['signIn']==1){ ?> <tr><td colspan="2" align="center"> <?php if($_GET['loginFailed']){ ?> <div class="Error"><?php echo $Translation['login failed']; ?></div> <?php } ?> <form method="post" action="index.php"> <table border="0" cellspacing="1" cellpadding="4" align="center"> <tr> <td colspan="2" class="TableHeader"> <div class="TableTitle"><?php echo $Translation['sign in here']; ?></div> </td> </tr> <tr> <td align="right" class="TableHeader"> <?php echo $Translation['username']; ?> </td> <td align="left" class="TableBody"> <input type="text" name="username" value="" size="20" class="TextBox"> </td> </tr> <tr> <td align="right" class="TableHeader"> <?php echo $Translation['password']; ?> </td> <td align="left" class="TableBody"> <input type="password" name="password" value="" size="20"class="TextBox"> </td> </tr> <tr> <td colspan="2" align="right" class="TableHeader"> <span style="margin: 0 20px;"><input type="checkbox" name="rememberMe" id="rememberMe" value="1"> <label for="rememberMe"><?php echo $Translation['remember me']; ?></label></span> <input type="submit" name="signIn" value="<?php echo $Translation['sign in']; ?>"> </td> </tr> <tr> <td colspan="2" align="left" class="TableHeader"> <?php echo $Translation['go to signup']; ?> <br /><br /> </td> </tr> <tr> <td colspan="2" align="left" class="TableHeader"> <?php echo $Translation['forgot password']; ?> <br /><br /> </td> </tr> <tr> <td colspan="2" align="left" class="TableHeader"> <?php echo $Translation['browse as guest']; ?> <br /><br /> </td> </tr> </table> </form> <script>document.getElementsByName('username')[0].focus();</script> </td></tr> <?php } ?> <?php if(!$_GET['signIn'] && !$_GET['loginFailed']){ if(is_array($arrTables)){ if(getLoggedAdmin()){ ?><tr><td colspan="<?php echo ($tablesPerRow*3-1); ?>" class="TableTitle" style="text-align: center;"><a href="admin/"><img src=table.gif border=0 align="top"></a> <a href="admin/" class="TableTitle" style="color: red;"><?php echo $Translation['admin area']; ?></a><br /><br /></td></tr><?php } $i=0; foreach($arrTables as $tn=>$tc){ $tChk=array_search($tn, array()); if($tChk!==false && $tChk!==null){ $searchFirst='?Filter_x=1'; }else{ $searchFirst=''; } if(!$i % $tablesPerRow){ echo '<tr>'; } ?><td valign="top"><a href=<?php echo $tn; ?>_view.php<?php echo $searchFirst; ?>><img src=<?php echo $tc[2];?> border=0></a></td><td valign="top" align="left"><a href=<?php echo $tn; ?>_view.php<?php echo $searchFirst; ?> class="TableTitle"><?php echo $tc[0]; ?></a><br /><?php echo $tc[1]; ?></td><?php if($i % $tablesPerRow == ($tablesPerRow - 1)){ echo '</tr>'; }else{ echo '<td width="50"> </td>'; } $i++; } }else{ ?><tr><td><div class="Error"><?php echo $Translation['no table access']; ?><script language="javaScript">setInterval("window.location='index.php?signOut=1'", 2000);</script></div></td></tr><?php } } ?> </table><br /><br /><div class="TableFooter"><b><a href=http://bigprof.com/appgini/>BigProf Software</a> - <?php echo $Translation['powered by']; ?> AppGini 4.61</b></div> </div> </html> I have an application that uses the PHP LDAP library to connect to the Windows Active Directory:
$ds = ldap_connect($ini['ad_server']) or die("Could not connect");
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); I am wondering if anyone knows if this upcoming patch "2020 LDAP channel binding and LDAP signing" coming from Microsoft will break any PHP applications that are using this ldap library. Thanks in advance,
M I wrote wrong LDAP server for test but my script dont die! why ? in php.ini I wrote extension=php_ldap.dll and I have this lib in php/ext/ error_reporting(1); $ldaphost = 'my.office.company.com'; // Connecting to LDAP $ip = gethostbyname($ldaphost); $ldapconn = ldap_connect($ip) or die("Could not connect to $ldaphost"); echo 'done'; I am having trouble using ldap_start_tls(). I am using the same code I have seen in a dozen different forums: $ds = ldap_connect($ldap['host'],$ldap['port']); ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($ds, LDAP_OPT_REFERRALS, 0); ldap_start_tls($ds); ldap_bind($ds,$ldap['user'],$ldap['pass']) ldap_close($ds); but I still receive the same error message: Warning: ldap_start_tls() [function.ldap-start-tls]: Unable to start TLS: Connect error The LDAP authentication had been working fine without the ldap_start_tls. I feel like I must have missed something big - is ldap_start_tls() dependent on having a local certificate? is OpenSSL a pre-requisite? I've seen lots of discussions turn towards OpenLDAP, but I had assumed this was only on the target server. Can anyone confirm that? Any help would greatly appreciated. Darren Hi guys, I have this problem and id appreciate all your advice in helping solve it. I'm working on a service with is "cloud" hosted. However I want it so when a person employed by Corporation A logs onto myservice.corporationa.com they enter their Corporation A LDAP details but somehow that sends them to myservice.com and authenticates them. I know how to do the get LDAP details part to put on myservice.corporationa.com but no idea how to do the rest and make it send back etc. Any ideas? Many many thanks in advance. (PS - If this all makes sense please do let me know) Hi, I'm completely new to LDAP authentication but have managed to get a fairly smooth working script. However, I was wondering what is the easiest way to get a BASEDN from a Fully Qualified Domain Name. At the moment I have a loop which would take: example.com and turn it into dc=examplem,dc=com But is that the best way? Hi,
I haven't worked with PHP in years and was asked to debug something. Maybe you can help me out since I'm stuck. This error popped up when we upgraded from PHP 5.3 to 5.4.
It is setting LDAP options.
Here is the code:
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3); ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0) or die ("Could not set option referrals"); Both of these statement are throwing the following error message to the log. 52 is not a valid ldap link resource Anything I can check or look at? I am a little clueless here. Thanks I'm using Active Directory and PHP with LDAP. I have been trying to create a script that will list all the members of each group in a OU. When I run this script in an OU with Users, it will return an array with all the available attributes of each User. However when I use it with a group, it doesn't return any attributes of the group. Code: [Select] <?php $ig_ldaphost="LDAP://domain/"; //filtered for security $ig_ldapou="OU=Drive Security,OU=Groups,DC=this,DC=and,dc=that"; //filtered for security $ig_ldapconn=ldap_connect($ig_ldaphost) or die("Could not connect to {$ig_ldaphost}"); $ig_ldapopt=ldap_set_option($ig_ldapconn,LDAP_OPT_PROTOCOL_VERSION,3) or die("Could not set options: {$ig_ldapopt}"); $ig_ldapbind=ldap_bind($ig_ldapconn) or die("Could not bind: {$ig_ldapbind}"); $ig_ldapsearch=ldap_search($ig_ldapconn,$ig_ldapou,"objectClass=*"); for ($ig_ldapentry=ldap_first_entry($ig_ldapconn,$ig_ldapsearch);$ig_ldapentry!=FALSE;$ig_ldapentry=ldap_next_entry($ig_ldapconn,$ig_ldapentry)) { $ig_ldapvalues=ldap_get_attributes($ig_ldapconn,$ig_ldapentry); $ig_ldapdn=ldap_explode_dn(ldap_get_dn($ig_ldapconn,$ig_ldapentry),1); echo "/".$ig_ldapdn[1]."/".$ig_ldapdn[0]."<br />"; var_dump($ig_ldapvalues); echo "<br /><br />"; } ldap_close($ig_ldapconn); ?> Can anyone help with this? Hi, I'm working with the LDAP directory, and using PHP to access it. I am able to extract the name, departments and phone nos. from the directory. On the display page, i am looking to make the name column sort A-Z. (Like the "name" will be clickable and will sort the names from A-Z and Z-A ) Would appreciate if someone could suggest approaches to achieve this using PHP Thanks I am having trouble authenticating users with LDAP. I can authenticate users when I use "CN" or "givenName" but not when I use "samaccountname", which is the username. CN is just the first + last name. Does anyone know why only CN and not samaccountname works? $strUsername = "test"; $strPassword = "pass"; $dn = 'samaccountname=' . $strUsername . ',OU=Staff,DC=mydomain,DC=com'; $strDomain = "ldap://localhost/"; $bolAuth = false; // connect to ldap server $port = "389"; $objConn = ldap_connect($strDomain); if ($objConn) { if ( $strPassword != null ) { $bolAuth = ldap_bind($objConn, $dn, $strPassword); if ( $bolAuth ) { $search_id = ldap_search($objConn, "OU=Staff,DC=mydomain,DC=com", "(samaccountname=".$strUsername.")"); $entries = ldap_get_entries($objConn, $search_id); if ($entries["count"] == 1) { $first_name = $entries[0]["givenname"][0];; $last_name = $entries[0]["cn"][0]; } } } ldap_close($objConn); } if($bolAuth==false){ echo "fail"; return false; } Hi I am finding that I get a random LDAP search fail the initial time i run a script against 2008R2 when I refresh all is ok ? PHP 5.2.5 get the same thing with the latest version of PHP. any ideas ? its as if the DC is sleeping until you give it a nudge, running on 2008R2 running on vmware. Hi Everyone, Hopefully someone will be able to assist with my problem. Basically, my situation is that we have a server which hosts multiple websites using multiple IP address. One of the new sites we are moving to this server needs an LDAP connection outside of our network. The outside LDAP has already been enabled to accept requests from the specific IP assigned to this site. However, other sites on this server are using other IP addresses. It seems as if the LDAP authentication request is getting sent by a IP address which is not authorized by the firewall on the outside LDAP server. Thus trouble authenticating. So, my question is, is there a way to force the ldap_bind request to use a specific IP address to send the request for authentication? Supposedly this can be done using an event handler. However, I don't have much experience with event handlers so am not sure how to go about doing this. I would appreciate any help or ideas to resolve this situation. Thanks! - Jodie Hi, I am trying to search the employeeid value taken from an mssql db against a LDAP database. It works but when it cannot found the employeeid on the LDAP db it stops with this error: Catchable fatal error: Object of class variant could not be converted to string in ldap2.php on line 101 Here is the code. i've tried with ->value without success . Please help me. do { $sql = "SELECT EMPL.MATR FROM DOS ORDER BY DOS.MATR"; $result = mssql_query($sql); while ($myrow = mssql_fetch_array($result)) { $matr = $myrow['MATR']; $matr = intval($matr); //echo $matr; $strRS = "Select givenname,sn,displayName,mail,SAMAccountName,employeeid,cn from 'LDAP://dom.local/DC=dom,DC=local' where objectClass='user' and employeeid='$matr'"; $RS->Open($strRS, $Conn, 1, 1); echo $RS['cn']; echo "<br>"; $RS->Close; } $item++; // iterate count through ldapresults } while ($item < $Result['count']); echo '<hr />'; $Conn->Close; hi i need help an idea how can i separate members from admins since i dont know how to create login form i used tutorial ( http://www.youtube.com/watch?v=4oSCuEtxRK8 ) (its session login form only that i made it work other tutorials wre too old or something) how what i want to do is separate members and admins because admin need more rights to do now i have idea but dont know will it work like that what i want to do is create additional row in table named it flag and create 0 (inactive user) 1 (member) 2 (admin) will that work? and how can i create different navigation bars for users and admins? do you recommend that i use different folders to create it or just script based on session and flag? Hi guys, Can anyone assist me. I am trying to create a login for admin and user (if user not a member click register link) below is my code: But whenever I enter the value as: Username: admin Password:123 - I got an error message "That user does not exist!" Any suggestion and help would be appreciated. Thanks. login.php <?php //Assigned varibale $error_msg as empty //$error_msg = ""; session_start(); $error_msg = ""; if (isset($_POST['submit'])) { if ($a_username = "admin" && $a_password = "123") { //Define $_POST from form text feilds $username = $_POST['username']; $password = $_POST['password']; //Add some stripslashes $username = stripslashes($username); $password = stripslashes($password); //Check if usernmae and password is good, if it is it will start session if ($username == $a_username && $password == $a_password) { session_start(); $_SESSION['session_logged'] = 'true'; $_SESSION['session_username'] = $username; //Redirect to admin page header("Location: admin_area.php"); } } $username = (isset($_POST['username'])) ? $_POST['username'] : ''; $password = (isset($_POST['password'])) ? $_POST['password'] : ''; if($username && $password) { $connect = mysql_connect("localhost", "root", "") or die ("Couldn't connect!"); mysql_select_db("friendsdb") or die ("Couldn't find the DB"); $query = mysql_query ("SELECT * FROM `user` WHERE username = '$username'"); $numrows = mysql_num_rows($query); if ($numrows != 0){ while ($row = mysql_fetch_array($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } //Check to see if they are match! if ($username == $dbusername && md5($password) == $dbpassword) { header ("Location: user_area.php"); $_SESSION['username'] = $username; } else $error_msg = "Incorrect password!"; //code of login }else $error_msg = "That user does not exist!"; //echo $numrows; } else $error_msg = "Please enter a username and password!"; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Login Page</title> </head> <body> <br /> <?php require "header.php"; ?><br /> <div align="center"> <table width="200" border="1"> <?php // If $error_msg not equal to emtpy then display error message if($error_msg!="") echo "<div id=\"error_message\"style=\"color:red; \">$error_msg</div><br />";?> <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post"> <!--form action="login_a.php" method="post"--> Username: <input type="text" name="username" /><br /><br /> Password: <input type="password" name="password" /><br /><br /> <input type="submit" name = "submit" value="Log in" /> </form> <p> </p> Register a <a href="register.php">New User</a> </table> </div> </body> </html> How to add the ability to login with username or email for login?
<?php ob_start(); include('../header.php'); include_once("../db_connect.php"); session_start(); if(isset($_SESSION['user_id'])!="") { header("Location: ../dashboard"); } if (isset($_POST['login'])) { $email = mysqli_real_escape_string($conn, $_POST['email']); $password = mysqli_real_escape_string($conn, $_POST['password']); $result = mysqli_query($conn, "SELECT * FROM users WHERE email = '" . $email. "' and pass = '" . md5($password). "'"); if ($row = mysqli_fetch_array($result)) { $_SESSION['user_id'] = $row['uid']; $_SESSION['user_name'] = $row['user']; $_SESSION['user_email'] = $row['email']; header("Location: ../dashboard"); } else { $error_message = "Incorrect Email or Password!!!"; } } ?>
Hi guys. What I want to create is really complicated. Well I have a login system that works with post on an external website. I have my own website, but they do not give me access to the database for security reasons, therefore I have to use their login system to verify my users. What their website does is that it has a post, with username and password. The POST website is lets say "https://www.example.com/login". If login is achieved (i.e. username and password are correct), it will redirect me to "https://www.example.com/login/success" else it will redirect me to "https://www.example.com/login/retry". So I want a PHP script that will do that post, and then according to the redirected website address it will return me TRUE for success, FALSE for not successful login. Any idea?? Thanks Hello guys, Is there on web any updated tutorial on how can I add Facebook login on my simple php login script? Hi everyone i wonder if you can help me he I need a script for a login and check login- create cookie. Here is my form: <form method="post" action="check_login.php"> <p> <input type="submit" name="Submit2" value="go" /> </fieldset> </p> </form> that sends it to check_login (which BEFORE i deleted something by accident, used to take me to a username and password box) But now all it does is send me straight to the memebrs area??? Can i change the check_login.php script to make it work correctly: Code: [Select] <?php // Connects to your Database mysql_connect("server", "user", "password") or die(mysql_error()); mysql_select_db("DB") or die(mysql_error()); //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])) //if there is, it logs you in and directes you to the members page { $username = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['upassword']) { } else { header("Location: members_area.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['username'] | !$_POST['upassword']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>'); } while($info = mysql_fetch_array( $check )) { $_POST['upassword'] = stripslashes($_POST['upassword']); $info['upassword'] = stripslashes($info['upassword']); $_POST['upassword'] = md5($_POST['upassword']); //gives error if the password is wrong if ($_POST['upassword'] != $info['upassword']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['username'], $hour); setcookie(Key_my_site, $_POST['upassword'], $hour); //then redirect them to the members area header("Location: members_area.php"); } } } else { // if they are not logged in ?> <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table width="316" height="120" border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="40"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="upassword" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> <?php } ?> Hello, I am once again desperately asking for your help, I am working on a simple login page and I am having trouble actually getting it to login. I display error messages for if the user doesn't enter anything but I can't seem to get it to work for if the credentials are wrong. It logs the user in whether the information is right or not and i dont even know what to do now
This is the code any suggestions would be greatly appreciated <?php /* Name: Deanna Slotegraaf Course Code: WEBD3201 Date: 2020-09-22 */ $file = "sign-in.php"; $date = "2020-09-22"; $title = "WEBD3201 Login Page"; $description = "This page was created for WEBD3201 as a login page for a real estate website"; $banner = "Login Page"; require 'header.php'; $error = ""; if($_SERVER["REQUEST_METHOD"] == "GET") { $username = ""; $password = ""; $lastaccess = ""; $error = ""; $result = ""; $validUser = ""; } else if($_SERVER["REQUEST_METHOD"] == "POST") { $conn; $username = trim($_POST['username']); //Remove trailing white space $password = trim($_POST['password']); //Remove trailing white space if (!isset($username) || $username == "") { $error .= "<br/>Username is required"; } if (!isset($password) || $password == ""){ $error .= "<br/>Password is required"; } if ($error == "") { $password = md5($password); $query = "SELECT * FROM users WHERE EmailAddress='$username' AND Password='$password'"; $results = pg_query($conn, $query); //$_SESSION['username'] = $username; //$_SESSION['success'] = "You are now logged in"; header('location: dashboard.php'); }else { $error .= "Username and/or Password is incorrect"; } } ?> <div class = "form-signin"> <?php echo "<h2 style='color:red; font-size:20px'>".$error."</h2>"; ?> <form action = "<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <label for="uname"><b>Login ID</b></label> <input type="text" name="username" value="<?php echo $username; ?>"/> <br/> <label for="psw"><b>Password</b></label> <input type="password" name="password" value="<?php echo $password; ?>"/> <br/> <button type="submit" name="login_user">Login</button> <button type="reset">Reset</button></div> </form> </div> <?php require "footer.php"; ?>
|