1<?php 2# --------------------------------------------------------------------- 3# truc is a tool for requirement and use case tracking 4# Copyright (C) 2006 ASDIS - http://sf.net/projects/truc 5# 6# (rth) Initial truc version based on rth 7# Copyright (C) 2005 George Holbrook - rth@lists.sourceforge.net 8# 9# This program is distributed under the terms and conditions of the GPL 10# See the README and LICENSE files for details 11#---------------------------------------------------------------------- 12 13# ---------------------------------------------------------------------- 14# Attempt to authenticate the user against the LDAP directory 15# INPUT: 16# userid and password on LDAP directory 17# OUTPUT: 18# True if user details match those in LDAP directory, otherwise False 19# ---------------------------------------------------------------------- 20function ldap_authenticate( $user_id, $password ) { 21 22 $ldap_server = LDAP_SERVER; 23 $ldap_port = LDAP_PORT; 24 $ldap_id = LDAP_ID; 25 $ldap_pwd = LDAP_PWD; 26 $ldap_root_dn = LDAP_DN; 27 28 $ldap_user = '(&(lmaccessstatusid=active)(uid=' . $user_id . '))'; 29 30 $ldapconn = ldap_connect($ldap_server, $ldap_port); 31 32 if ( !$ldapconn) { 33 error_report_show("login.php", LDAP_CONNECTION_FAILED); 34 } 35 36 $ldapbind = ldap_bind($ldapconn, $ldap_id, $ldap_pwd); 37 38 if ( !$ldapbind) { 39 error_report_show("login.php", INVALID_LOGIN ); 40 } 41 42 $ldapsearch = ldap_search($ldapconn, $ldap_root_dn, $ldap_user); 43 $ldapentries = ldap_get_entries($ldapconn, $ldapsearch); 44 45 $authenticated = false; 46 if ( $ldapentries ) { 47 # Try to authenticate to each until we get a match 48 for ( $i = 0 ; $i < $ldapentries['count'] ; $i++ ) { 49 $dn = $ldapentries[$i]['dn']; 50 51 # Attempt to bind with the DN and password 52 if ( @ldap_bind( $ldapconn, $dn, $password ) ) { 53 $authenticated = true; 54 break; 55 } 56 57 } 58 } 59 60 ldap_close($ldapconn); 61 ldap_free_result( $ldapsearch ) ; 62 63 return $authenticated; 64} 65?>