Search code examples
phpldappasswordsverification

Creating a PHP script that will check for username and password combo in LDAP

I'm trying to create a php script that checks to see if a username and password combination exists in my ldap directory. I'll post what I have thus far.

<?php

$username  = $_POST["username"];   
$password = $_POST["password"]; 

$ldapconn = ldap_connect("localhost")
or die("Could not connect to LDAP server.");

ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);

$ldaprdn  = "cn=$username,dc=designstudio1,dc=com";
$ldappass = "$password";

if ($ldapconn) {

 $ldapbind = ldap_bind($ldapconn, $ldarprdn, $ldarppass);

if ($ldapbind) {

echo "Welcome back, $username!";

} else {
    echo "Authentication failed. Please check your username/password and try again.";
}
}

?>

If you need it, here's my php with the form.

<!DOCTYPE html>
<html lang="en">
<html>
<head>
<meta charset="UTF-8">
<title>Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<form id="contact-form" action="script.php" method="post">
<input type="hidden" name="redirect" />
<ul>

        <label for="username">Username:</label>
        <input type="text" name="username" id="username" value="" />


        <label for="password">Password:</label>
        <input type="password" name="password" id="password" value="" />
        <input type="submit" value="submit" />
</ul>
</form>
</body>
</html>

Every username and password (valid or not) I input, it always shows me the welcome message.

I'm still quite green in php and ldap as my code clearly display that. Any help would be appreciated.

I'll also edit my code as I make advised changes and anything I spot that doesn't fit.

Solution

  • As pointed out by other user(@Sammitch in comments), there are few spelling mistakes in php variable.

    Try this below code, I have found and fixed spelling mistakes in variables, nothing else, apart from this code looks fine.

    Also consider @Sammitch suggestion of enabling error reporting

    <?php

$username  = $_POST["username"];   
$password = $_POST["password"]; 

$ldapconn = ldap_connect("localhost")
or die("Could not connect to LDAP server.");

ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);

$ldaprdn  = "cn=$username,dc=designstudio1,dc=com";
$ldappass = "$password";

if ($ldapconn) {

    //Below line had several spelling mistakes
    $ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass);

    if ($ldapbind) {
            echo "Welcome back, $username!";
    } else {
        echo "Authentication failed. Please check your username/password and try again.";
    }
}
?>