PHP - 2020 Ldap Channel Binding And Ldap Signing Requirement For Windows

I am having trouble using ldap_start_tls().

I am using the same code I have seen in a dozen different forums:

$ds = ldap_connect($ldap['host'],$ldap['port']); 
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
ldap_start_tls($ds);
ldap_bind($ds,$ldap['user'],$ldap['pass'])
ldap_close($ds);

but I still receive the same error message: Warning: ldap_start_tls() [function.ldap-start-tls]: Unable to start TLS: Connect error

The LDAP authentication had been working fine without the ldap_start_tls.

I feel like I must have missed something big - is ldap_start_tls() dependent on having a local certificate? is OpenSSL a pre-requisite? I've seen lots of discussions turn towards OpenLDAP, but I had assumed this was only on the target server. Can anyone confirm that?

Any help would greatly appreciated.
Darren

I'm using Active Directory and PHP with LDAP.

I have been trying to create a script that will list all the members of each group in a OU.  When I run this script in an OU with Users, it will return an array with all the available attributes of each User.  However when I use it with a group, it doesn't return any attributes of the group.

Code: [Select]
<?php
$ig_ldaphost="LDAP://domain/"; //filtered for security
$ig_ldapou="OU=Drive Security,OU=Groups,DC=this,DC=and,dc=that"; //filtered for security

$ig_ldapconn=ldap_connect($ig_ldaphost)
    or die("Could not connect to {$ig_ldaphost}");
$ig_ldapopt=ldap_set_option($ig_ldapconn,LDAP_OPT_PROTOCOL_VERSION,3)
    or die("Could not set options: {$ig_ldapopt}");
$ig_ldapbind=ldap_bind($ig_ldapconn)
    or die("Could not bind: {$ig_ldapbind}");
   
$ig_ldapsearch=ldap_search($ig_ldapconn,$ig_ldapou,"objectClass=*");

for ($ig_ldapentry=ldap_first_entry($ig_ldapconn,$ig_ldapsearch);$ig_ldapentry!=FALSE;$ig_ldapentry=ldap_next_entry($ig_ldapconn,$ig_ldapentry))
{
    $ig_ldapvalues=ldap_get_attributes($ig_ldapconn,$ig_ldapentry);
   $ig_ldapdn=ldap_explode_dn(ldap_get_dn($ig_ldapconn,$ig_ldapentry),1);
   echo "/".$ig_ldapdn[1]."/".$ig_ldapdn[0]."<br />";
   var_dump($ig_ldapvalues);
   echo "<br /><br />";
}
ldap_close($ig_ldapconn);
?>
Can anyone help with this?

I am having trouble authenticating users with LDAP. I can authenticate users when I use "CN" or "givenName" but not when I use "samaccountname", which is the username. CN is just the first + last name.

Does anyone know why only CN and not samaccountname works?


$strUsername = "test"; 
$strPassword = "pass";

$dn = 'samaccountname=' . $strUsername . ',OU=Staff,DC=mydomain,DC=com';

$strDomain = "ldap://localhost/";

$bolAuth = false;

// connect to ldap server
$port = "389";
$objConn = ldap_connect($strDomain);

if ($objConn)
{
if ( $strPassword != null )
{
$bolAuth = ldap_bind($objConn, $dn, $strPassword);
if ( $bolAuth ) {

$search_id = ldap_search($objConn, "OU=Staff,DC=mydomain,DC=com", "(samaccountname=".$strUsername.")");
$entries = ldap_get_entries($objConn, $search_id);
if ($entries["count"] == 1) {
$first_name = $entries[0]["givenname"][0];;
$last_name = $entries[0]["cn"][0]; 

}
}  

}


ldap_close($objConn);
}

if($bolAuth==false){
echo "fail";
return false;
}

Hi I am finding that I get a random LDAP search fail the initial time i run a script against 2008R2 when I refresh all is ok ? PHP 5.2.5 get the same thing with the latest version of PHP. any ideas ? its as if the DC is sleeping until you give it a nudge, running on 2008R2 running on vmware.

Hi,
I'm working with the LDAP directory, and using PHP to access it.

I am able to extract the name, departments and phone nos. from the directory.

On the display page, i am looking to make the name column sort A-Z. (Like the "name" will be clickable and will sort the names from A-Z and Z-A )

Would appreciate if someone could suggest approaches to achieve this using PHP

Thanks

Hi,
I am trying to search the employeeid value taken from an mssql db against a LDAP database.
It works but when it cannot found the employeeid on the LDAP db it stops with this error:

Catchable fatal error: Object of class variant could not be converted to string in ldap2.php on line 101

Here is the code.
i've tried with ->value without success .

Please help me.

do {
$sql = "SELECT EMPL.MATR
FROM DOS
ORDER BY DOS.MATR";
 
$result = mssql_query($sql);
while ($myrow = mssql_fetch_array($result))
{

$matr = $myrow['MATR'];
$matr = intval($matr);

//echo $matr;

$strRS = "Select givenname,sn,displayName,mail,SAMAccountName,employeeid,cn from 'LDAP://dom.local/DC=dom,DC=local' where objectClass='user' and employeeid='$matr'";

$RS->Open($strRS, $Conn, 1, 1);
echo $RS['cn'];
echo "<br>";

$RS->Close;

}

$item++; // iterate count through ldapresults

}
while ($item < $Result['count']);
echo '<hr />';
$Conn->Close;

Hi Everyone,

Hopefully someone will be able to assist with my problem. Basically, my situation is that we have a server which hosts multiple websites using multiple IP address. One of the new sites we are moving to this server needs an LDAP connection outside of our network. The outside LDAP has already been enabled to accept requests from the specific IP assigned to this site. However, other sites on this server are using other IP addresses.

It seems as if the LDAP authentication request is getting sent by a IP address which is not authorized by the firewall on the outside LDAP server. Thus trouble authenticating.

So, my question is, is there a way to force the ldap_bind request to use a specific IP address to send the request for authentication? Supposedly this can be done using an event handler. However, I don't have much experience with event handlers so am not sure how to go about doing this.

I would appreciate any help or ideas to resolve this situation. Thanks!

- Jodie

I am new to PHP. I have been trying to do some research online for a few days and not getting very far. I feel like I know less now than I did before I started.

Here's the story:

I've set up a LAMP server that runs a Wiki and AppGini (http://www.bigprof.com/appgini/) - AppGini allows you to "Create web database applications instantly without writing any code" - The only downside we have with it, is it's got it's own set of user accounts. My team all logs in with the default admin account which isn't a big deal but we'd prefer to use LDAP to AD for reasons I won't get into right now.

I emailed AppGini support and asked about LDAP integration. Their response was that it's "a little bit of work" and "You can modify the login authentication function to authenticate using LDAP ... please see the example code he http://code.activestate.com/recipes/101525-ldap-authentication/ (needs some modifications to work with AppGini)"

I've googled around and found 2 dozen different LDAP PHP samples. I've gotten some of them to work. By work I mean they connect to my domain controller and say "success" I'm not actually logged into anything.

So I'm looking for a little help from square one. I need to have a better understanding of how things are supposed to work so I know where I'm supposed to go with all of this. Where do I start? What do I do? What would YOU do?


This is the current "index.php" that logs you into the site.
Code: [Select]
<?php

error_reporting(E_ALL ^ E_NOTICE);
$d=dirname(__FILE__);
include("$d/defaultLang.php");
include("$d/language.php");
include("$d/incCommon.php");
$x->TableTitle=$Translation['homepage'];
include("$d/header.php");

if($_GET['signOut']==1){
logOutMember();
}

$tablesPerRow=2;
$arrTables=getTableList();

?>
<div align="center"><table cellpadding="8">
<?php if($_GET['loginFailed']==1 || $_GET['signIn']==1){ ?>
<tr><td colspan="2" align="center">
<?php if($_GET['loginFailed']){ ?>
<div class="Error"><?php echo $Translation['login failed']; ?></div>
<?php } ?>
<form method="post" action="index.php">
<table border="0" cellspacing="1" cellpadding="4" align="center">
<tr>
<td colspan="2" class="TableHeader">
<div class="TableTitle"><?php echo $Translation['sign in here']; ?></div>
</td>
</tr>
<tr>
<td align="right" class="TableHeader">
<?php echo $Translation['username']; ?>
</td>
<td align="left" class="TableBody">
<input type="text" name="username" value="" size="20" class="TextBox">
</td>
</tr>
<tr>
<td align="right" class="TableHeader">
<?php echo $Translation['password']; ?>
</td>
<td align="left" class="TableBody">
<input type="password" name="password" value="" size="20"class="TextBox">
</td>
</tr>
<tr>
<td colspan="2" align="right" class="TableHeader">
<span style="margin: 0 20px;"><input type="checkbox" name="rememberMe" id="rememberMe" value="1"> <label for="rememberMe"><?php echo $Translation['remember me']; ?></label></span>
<input type="submit" name="signIn" value="<?php echo $Translation['sign in']; ?>">
</td>
</tr>
<tr>
<td colspan="2" align="left" class="TableHeader">
<?php echo $Translation['go to signup']; ?>
<br /><br />
</td>
</tr>
<tr>
<td colspan="2" align="left" class="TableHeader">
<?php echo $Translation['forgot password']; ?>
<br /><br />
</td>
</tr>
<tr>
<td colspan="2" align="left" class="TableHeader">
<?php echo $Translation['browse as guest']; ?>
<br /><br />
</td>
</tr>
</table>
</form>
<script>document.getElementsByName('username')[0].focus();</script>
</td></tr>
<?php } ?>
<?php
if(!$_GET['signIn'] && !$_GET['loginFailed']){
if(is_array($arrTables)){
if(getLoggedAdmin()){
?><tr><td colspan="<?php echo ($tablesPerRow*3-1); ?>" class="TableTitle" style="text-align: center;"><a href="admin/"><img src=table.gif border=0 align="top"></a> <a href="admin/" class="TableTitle" style="color: red;"><?php echo $Translation['admin area']; ?></a><br /><br /></td></tr><?php
}
$i=0;
foreach($arrTables as $tn=>$tc){
$tChk=array_search($tn, array());
if($tChk!==false && $tChk!==null){
$searchFirst='?Filter_x=1';
}else{
$searchFirst='';
}
if(!$i % $tablesPerRow){ echo '<tr>'; }
?><td valign="top"><a href=<?php echo $tn; ?>_view.php<?php echo $searchFirst; ?>><img src=<?php echo $tc[2];?> border=0></a></td><td valign="top" align="left"><a href=<?php echo $tn; ?>_view.php<?php echo $searchFirst; ?> class="TableTitle"><?php echo $tc[0]; ?></a><br /><?php echo $tc[1]; ?></td><?php
if($i % $tablesPerRow == ($tablesPerRow - 1)){ echo '</tr>'; }else{ echo '<td width="50">&nbsp;</td>'; }
$i++;
}
}else{
?><tr><td><div class="Error"><?php echo $Translation['no table access']; ?><script language="javaScript">setInterval("window.location='index.php?signOut=1'", 2000);</script></div></td></tr><?php
}
}
?>

</table><br /><br /><div class="TableFooter"><b><a href=http://bigprof.com/appgini/>BigProf Software</a> - <?php echo $Translation['powered by']; ?> AppGini 4.61</b></div>

</div>
</html>

Hi there, can someone help to write a code for Copyright tag at the footer of the page. The format needs to be webpage start year - current year (eg © 2015-2020 ). I need to use function and parameters. The code should be as simple as possible as i am just a beginer! Thanks

Ok so now i have almost finished my registration page but i have this odd problem..

I could explain it but i'll show you a picture instead so you understand better..
 


This is before and after pictures when i click sign up.

As you can see, when you click sign up, all the form fields and the sign up button (wich isn't even in this file and uses a different css doc) change. Also there is a big invisible layer ontop of the page after you have clicked sign up so you cant use anything as you can see in picture 5. Any ideas what the problem can be?

Here is my code aswell:

HTML form:
Code: [Select]
<?php
session_start();

if(isset($_POST['register']))
{
  include_once('classes/class.register.php');

  $register = new Register();

  if($register->process())
    echo "Successfully Signed Up!";
  else
    $register->show_errors();
}

$token = $_SESSION['token'] = md5(uniqid(mt_rand(),true));
?>



<!doctype html>
<html>
<head>

<link rel="stylesheet" type="text/css" href="css/main.css">
<link rel="stylesheet" type="text/css" href="css/register.css">
<script type="text/javascript" src="js/passwordmeter.js"></script>

</head>
<body>

<script src="jquery.js"></script>

<div class="center">

<!-- PHP -->
<?php require("html/menu.inc"); ?>
<?php require("html/layout.inc"); ?>
<?php require("html/login.inc"); ?>
<!-- PHP -->

<div class="register">
<header>Sign Up Now!</header>
<form method="POST" action="<?php echo $_SERVER['PHP_SELF'];?>">
<ul>
<li>
<label for="username">* Username: </label><br />
<input name="username" class="rusernamefield" type="text" value="<?php echo $username; ?>"></input>
</li>
<li>
<label for="first_name">* First Name: </label><br />
<input name="first_name" class="rfirstnamefield" type="text" value="<?php echo $first_name; ?>"></input>
</li>
<li>
<label for="last_name">Last Name: </label><br />
<input name="last_name" class="rlastnamefield" type="text" value="<?php echo $last_name; ?>"></input>
</li>
<li>
<label for="password">* Password: </label><br />
<input type="password" name="password" class="rpasswordfield" onkeyup='password_strength(this.value)'></input>
</li>

<div id="password_strength_border">
<div id="password_strength" class="strength0"></div>
</div>

<li>
<label for="email">* Email Address: </label><br />
<input name="email" class="remail" type="email" placeholder="email@address.com" value="<?php echo $email; ?>"></input>
</li>
<li>
<label for="confemail">* Confirm Email Address: </label><br />
<input name="confemail" class="rconfirmemail" type="email" placeholder="email@address.com" value="<?php echo $confemail; ?>"></input>
</li>
<li>
<label for="gender">* Gender: </label><br />
<select name="gender">
<option selected="selected" disabled="disabled">Choose</option>
<option value="Man">Man</option>
<option value="Woman">Woman</option>
</select>
</li>
<li>
<label for="birth_month">* Birth Day: </label><br />
<select name="birth_month">
<option disabled="disabled" selected="selected">Month</option>
<option value="01">January</option>
<option value="02">February</option>
<option value="03">March</option>
<option value="04">April</option>
<option value="05">May</option>
<option value="06">June</option>
<option value="07">July</option>
<option value="08">August</option>
<option value="09">September</option>
<option value="10">October</option>
<option value="11">November</option>
<option value="12">December</option>
</select>
<select name="birth_day">
<option disabled="disabled" selected="selected">Day</option>
<option value="01">1</option>
<option value="02">2</option>
<option value="03">3</option>
<option value="04">4</option>
<option value="05">5</option>
<option value="06">6</option>
<option value="07">7</option>
<option value="08">8</option>
<option value="09">9</option>
<option value="10">10</option>
<option value="11">11</option>
<option value="12">12</option>
<option value="13">13</option>
<option value="14">14</option>
<option value="15">15</option>
<option value="16">16</option>
<option value="17">17</option>
<option value="18">18</option>
<option value="19">19</option>
<option value="20">20</option>
<option value="21">21</option>
<option value="22">22</option>
<option value="23">23</option>
<option value="24">24</option>
<option value="25">25</option>
<option value="26">26</option>
<option value="27">27</option>
<option value="28">28</option>
<option value="29">29</option>
<option value="30">30</option>
<option value="31">31</option>
</select>
<select name="birth_year">
<option disabled="disabled" selected="selected">Year</option>
<option value="2011">2011</option>
<option value="2010">2010</option>
<option value="2009">2009</option>
<option value="2008">2008</option>
<option value="2007">2007</option>
<option value="2006">2006</option>
<option value="2005">2005</option>
<option value="2004">2004</option>
<option value="2003">2003</option>
<option value="2002">2002</option>
<option value="2001">2001</option>
<option value="2000">2000</option>
<option value="1999">1999</option>
<option value="1998">1998</option>
<option value="1997">1997</option>
<option value="1996">1996</option>
<option value="1995">1995</option>
<option value="1994">1994</option>
<option value="1993">1993</option>
<option value="1992">1992</option>
<option value="1991">1991</option>
<option value="1990">1990</option>
<option value="1989">1989</option>
<option value="1988">1988</option>
<option value="1987">1987</option>
<option value="1986">1986</option>
<option value="1985">1985</option>
<option value="1984">1984</option>
<option value="1983">1983</option>
<option value="1982">1982</option>
<option value="1981">1981</option>
<option value="1980">1980</option>
<option value="1979">1979</option>
<option value="1978">1978</option>
<option value="1977">1977</option>
<option value="1976">1976</option>
<option value="1975">1975</option>
<option value="1974">1974</option>
<option value="1973">1973</option>
<option value="1972">1972</option>
<option value="1971">1971</option>
<option value="1970">1970</option>
<option value="1969">1969</option>
<option value="1968">1968</option>
<option value="1967">1967</option>
<option value="1966">1966</option>
<option value="1965">1965</option>
<option value="1964">1964</option>
<option value="1963">1963</option>
<option value="1962">1962</option>
<option value="1961">1961</option>
<option value="1960">1960</option>
<option value="1959">1959</option>
<option value="1958">1958</option>
<option value="1957">1957</option>
<option value="1956">1956</option>
<option value="1955">1955</option>
<option value="1954">1954</option>
<option value="1953">1953</option>
<option value="1952">1952</option>
<option value="1951">1951</option>
<option value="1950">1950</option>
<option value="1949">1949</option>
<option value="1948">1948</option>
<option value="1947">1947</option>
<option value="1946">1946</option>
<option value="1945">1945</option>
<option value="1944">1944</option>
<option value="1943">1943</option>
<option value="1942">1942</option>
<option value="1941">1941</option>
<option value="1940">1940</option>
<option value="1939">1939</option>
<option value="1938">1938</option>
<option value="1937">1937</option>
<option value="1936">1936</option>
<option value="1935">1935</option>
<option value="1934">1934</option>
<option value="1933">1933</option>
<option value="1932">1932</option>
<option value="1931">1931</option>
<option value="1930">1930</option>
<option value="1929">1929</option>
<option value="1928">1928</option>
<option value="1927">1927</option>
<option value="1926">1926</option>
<option value="1925">1925</option>
<option value="1924">1924</option>
<option value="1923">1923</option>
<option value="1922">1922</option>
<option value="1921">1921</option>
<option value="1920">1920</option>
<option value="1919">1919</option>
<option value="1918">1918</option>
<option value="1917">1917</option>
<option value="1916">1916</option>
<option value="1915">1915</option>
<option value="1914">1914</option>
<option value="1913">1913</option>
<option value="1912">1912</option>
<option value="1911">1911</option>
<option value="1910">1910</option>
<option value="1909">1909</option>
<option value="1908">1908</option>
<option value="1907">1907</option>
<option value="1906">1906</option>
<option value="1905">1905</option>
<option value="1904">1904</option>
<option value="1903">1903</option>
<option value="1902">1902</option>
<option value="1901">1901</option>
<option value="1900">1900</option>
</select>
</li>
<li>
<label for="iagree" class="iagreetext">*  I Agree to the <a href="#">Privacy Policy</a> and <a href="#">Terms of Use</a></label>
<input name="iagree" type="checkbox" class="iagreebox"></input>
</li>
<input name="register" class="registerbutton" type="submit" value="Sign Up"></input>
<p class="fieldsmarked">Fields marked with an (*) is required</p>
<input type="hidden" name="token" value="<?php echo $token;?>"/>
</ul>
</form>
</div>

</div>

</body>
</html>
PHP code to validate and process form:
<?php

if ($_SERVER['REQUEST_METHOD'] == "POST") {
     $username    = isset($_POST['username'])?$_POST['username']:'';

 $first_name  = isset($_POST['first_name'])?$_POST['first_name']:'';

 $last_name   = isset($_POST['last_name'])?$_POST['last_name']:'';

 $email       = isset($_POST['email'])?$_POST['email']:'';

 $confemail   = isset($_POST['confemail'])?$_POST['confemail']:'';

 $gender      = isset($_POST['gender'])?$_POST['gender']:'';

 $birth_month = isset($_POST['birth_month'])?$_POST['birth_month']:'';

 $birth_day   = isset($_POST['birth_day'])?$_POST['birth_day']:'';

 $birth_year  = isset($_POST['birth_year'])?$_POST['birth_year']:'';
     }

 
   $username    = htmlspecialchars($username, ENT_QUOTES);
   $first_name  = htmlspecialchars($first_name, ENT_QUOTES);
   $last_name   = htmlspecialchars($last_name, ENT_QUOTES);
   $email       = htmlspecialchars($email, ENT_QUOTES);
   $confemail   = htmlspecialchars($confemail, ENT_QUOTES);
   $gender      = htmlspecialchars($gender, ENT_QUOTES);
   $birth_month = htmlspecialchars($birth_month, ENT_QUOTES);
   $birth_day   = htmlspecialchars($birth_day, ENT_QUOTES);
   $birth_year  = htmlspecialchars($birth_year, ENT_QUOTES);

class Register
{
  private $username;
  private $first_name;
  private $last_name;
  private $password;
  private $passmd5;
  private $email;
  private $confemail;
  private $gender;
  private $birth_month;
  private $birth_day;
  private $birth_year;
  private $iagree;

  private $errors;
  private $token;

  public function __construct()
  {
    $this->errors = array();

    $this->username     = $this->filter($_POST['username']);

$this->first_name   = $this->filter($_POST['first_name']);

$this->last_name    = $this->filter($_POST['last_name']);
    $this->password     = $this->filter($_POST['password']);
    $this->email        = $this->filter($_POST['email']);

$this->confemail    = $this->filter($_POST['confemail']);

$this->gender       = $this->filter($_POST['gender']);

$this->birth_month  = $this->filter($_POST['birth_month']);

$this->birth_day    = $this->filter($_POST['birth_day']);

$this->birth_year   = $this->filter($_POST['birth_year']);

$this->iagree       = $this->filter($_POST['iagree']);
    $this->token        = $_POST['token'];

    $this->passmd5      = md5($this->password);
  }

  public function process()
  {
    if($this->valid_token() && $this->valid_data())
         $this->register();

    return count($this->errors)? 0 : 1;
  }

  public function filter($var)
  {
    return preg_replace('/[^a-zA-Z0-9@.]/','',$var);
  }

  public function register()
  {
   mysql_connect("localhost","root","") or die(mysql_error());
   mysql_select_db("membership") or die (mysql_error());

   $sql = "INSERT INTO users(username,password,first_name,last_name,email,gender,birth_month,birth_day,birth_year) VALUES ('{$this->username}','{$this->passmd5}','{$this->first_name}','{$this->last_name}','{$this->email}','{$this->gender}','{$this->birth_month}','{$this->birth_day}','{$this->birth_year}')";

mysql_query($sql) or die(mysql_error());

   if(mysql_affected_rows()< 1)
     $this->errors[] = "Could Not Process Form";
  }

  public function user_exists()
  {
    mysql_connect("localhost","root","") or die(mysql_error());
    mysql_select_db("membership") or die (mysql_error());

    $data = mysql_query("SELECT username FROM users WHERE username = '{$this->username}'");

    return mysql_num_rows($data) > 0 ? 1 : 0;
  }

  public function show_errors()
  {

    foreach($this->errors as $key=>$value)
      echo "<div class=errormessages> 

$value

</div>

<br />";
  }

  public function valid_data()
  {
    if ($this->user_exists()){
      $this->errors[] = 'The username is already taken, choose another one!';
      }

if (empty($this->username)){
      $this->errors[] = 'You must enter a username!';

  }

if (empty($this->first_name)){
      $this->errors[] = 'You must enter your first name';

  }

  
    if (empty($this->password)){
      $this->errors[] = 'You must enter a password!';

  }

elseif (strlen($this->password) < 6){

  $this->errors[] = 'Your password must be longer than 6 characters!';

  }

    if (empty($this->email)){
      $this->errors[] = 'You must enter an email address!';

  }

elseif (!preg_match('/^[a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+\.[a-zA-Z]{2,4}$/',$this->email)){

  $this->errors[] = 'You must enter a valid email address!';

  }

elseif ($this->email != $this->confemail){

  $this->errors[] = 'The email addresses you entered did not match!';

  }

  

if (empty($this->gender)){

  $this->errors[] = 'Choose your gender!';

  }

if (empty($this->birth_month)){
      $this->errors[] = 'Select which month you were born!';

  }

if (empty($this->birth_day)){
      $this->errors[] = 'Select which day you were born!';

  }

if (empty($this->birth_year)){
      $this->errors[] = 'Select which year you were born!';

  }

if (empty($this->iagree)){

  $this->errors[] = 'You must agree to the <a href="#">Privacy Policy</a> and <a href="#">Terms of Use</a> to sign up!';

  }

  return count($this->errors)? 0 : 1;
  }


  public function valid_token()
  {
   if(!isset($_SESSION['token']) || $this->token != $_SESSION['token'])
     $this->errors[] = "Invalid Submission";

   return count($this->errors)? 0 : 1;
  }
}

?>

Hi, I am limbo with this one. What I have makes sense to me, but I know I'm missing something or doing something wrong

I have been able to hash passwords with salt by new people registering to my site by doing this:

if(!$error) {

$alpha = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcedfghijklmnopqrstuvwxyz1234567890";
$rand = str_shuffle($alpha);
$salt = substr($rand,0,40);
$hashed_password = sha1($salt . $_POST['password']);

$query = "INSERT INTO `cysticUsers` (
`FirstName`,
`LastName`,
`Email`,
`Password`,
`salt`,
`RelationshipToCF`,
`State`,
`Gender`,
`Birthday`,
`Status`
)VALUES(
'" . mysql_real_escape_string($_POST['firstName']) . "',
'" . mysql_real_escape_string($_POST['lastName']) . "',
'" . mysql_real_escape_string($_POST['email']) . "',
'" . $hashed_password . "',
'" . $salt . "',
'" . mysql_real_escape_string($_POST['RelationToCF']) . "',
'" . mysql_real_escape_string($_POST['State']) . "',
'" . mysql_real_escape_string($_POST['sex']) . "',
'" . mysql_real_escape_string($_POST['DateOfBirth_Year'] . "-" . $_POST['DateOfBirth_Month'] . "-" . $_POST['DateOfBirth_Day']) . "',
'pending'
)";
mysql_query($query, $connection);




I have been able to to update EXISTING users passwords by doing this:


$query = "SELECT * FROM `cysticUsers`";
$request = mysql_query($query,$connection);


while($result = mysql_fetch_array($request)) {


$alpha = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcedfghijklmnopqrstuvwxyz1234567890";
$rand = str_shuffle($alpha);
$salt = substr($rand,0,40);
$hashed_password = sha1($salt . $result['Password']);
$user = $result['id'];


$query2 = "UPDATE `cysticUsers` SET `salt` = '$salt' WHERE `id` = '$user'";
$request2 = mysql_query($query2,$connection) or die(mysql_error());


$query3 = "UPDATE `cysticUsers` SET `encrypted_passwords` = '$hashed_password' WHERE `id` = '$user'";
$request3 = mysql_query($query3,$connection) or die(mysql_error());

}


Now, I want to be able to SIGN BACK IN with the existing password and I am failing miserably by doing this:

$query = "SELECT `salt`,`id`,`email`,`password` FROM `cysticUsers` WHERE `Email` = '" . $email . "' AND `Password` = '" . $password . "'  && `Status` = 'active' LIMIT 1";
$request = mysql_query($query,$connection) or die(mysql_error());

$email = mysql_real_escape_string($_POST['email']);
$password = mysql_real_escape_string($_POST['password']);


if(@mysql_num_rows($request)) {

$row = mysql_fetch_assoc($request);
if (sha1($row['salt'] . $_POST['password']) === $row['Password']) {


$_SESSION['CLIFE']['AUTH'] = true;
$_SESSION['CLIFE']['ID'] = $result['id'];

// UPDATE LAST ACTIVITY FOR USER
$query = "UPDATE `cysticUsers` SET `LastActivity` = '" . date("Y-m-d") . " " . date("g:i:s") . "' WHERE `id` = '" . mysql_real_escape_string($_SESSION['CLIFE']['ID']) . "' LIMIT 1";
mysql_query($query,$connection);

if(!empty($_POST['return'])) {
header("Location: " . $_POST['return']);

}else{
header("Location: CysticLife-Dashboard.php?id=" . $_SESSION['CLIFE']['ID']);
}
}

}else{

$_SESSION['CLIFE']['AUTH'] = false;
$_SESSION['CLIFE']['ID'] = false;

}
}

I've been scouring resources and am stuck on this. I have a deadline to meet that I am behind on. Needless to say I'm pulling my hair out and some help with this would be GREATLY appreciated.

Thank you in advance!

need a code in php - show all posts from a irc channel on website

if anyone knows how to do it, please let me know... i only need to display all the talking on mirc on my website.

thank you

hello dear linux-community

if a server needs to meed some requirements - eg for installation wordpress and if the server needs to run

eg see he   https://wordpress.or...t/requirements/

    PHP 5.2.4 or greater
    MySQL 5.0 or greater
    The mod_rewrite Apache module



    then i need to have a closer look  at the apache2handler in the php-ini
    
    
Apache Version     Apache
Loaded Modules     core mod_so http_core mod_authn_file mod_authn_core mod_authz_host mod_authz_groupfile mod_authz_user mod_authz_core mod_access_compat mod_auth_basic mod_auth_digest mod_socache_shmcb mod_watchdog mod_ratelimit mod_reqtimeout mod_filter mod_deflate mod_mime mod_log_config mod_env mod_mime_magic mod_expires mod_headers mod_usertrack mod_setenvif mod_version mod_session mod_session_cookie mod_ssl prefork mod_unixd mod_status mod_autoindex mod_dir mod_alias mod_php5




all the mentioned are listed in the php-info.file

note: here are no mod_rewrite Apache module
so what


 

Hey guys, this is just a general question.

I read about late static binding and started developing with it on my local server but I noticed that hostgator still runs on 5.2..

Should I use late static binding? (im planning to code an open source CMS)

Hi I am adapting Jeffery Ways Mysql class to accept multiple where statements however I have got stuck on the final hurdle.
It is when I try to do the bind_results() and I pass in the parameter types and the parameters. Here is that part of the code:

if ($this->_where)
            $values = array_values($this->_where);

         $str = "'";
             $str .= implode('\', \'', $values);
            $str .= "'";
            // echo $str;
         $count = count($this->_where);

         foreach($this->_where as $key => $value){
             $key = $value;
         }
         $user = 'matt25';
         $pass = '6722853cacc4a9649dc75abc852f23c35b1f75cb';

         $stmt->bind_param($this->_paramTypeList, $user, $pass);
      }

It works how it is by setting the parameters as variables, but that obviously isn't practical. as you can see I also tried to make a string with the values from the array which brought up the error:
 Warning: mysqli_stmt::bind_param() [mysqli-stmt.bind-param]: Number of elements in type definition string doesn't match number of bind variables in C:\wamp\www\trick_tips\admin\includes\MysqlDb.php on line 260,

the same as when I try to put the array into there.

So I need some way of setting each value in the array as a variable to then put into the function, or another Idea that I have completely missed.

Any help would be much appreciated.

Cheers,
Matt