This is a little bit of code i’ve written over the years here at RIT to connect to the rit ldap server, authenticate a username, password and then return some information about them in a session if you want (commented out right now). Go ahead and put it in your code, and call it when you are doing things like login pages.

Return 0 = Wrong username or password

Return 1 = Username and password are good!

Update: updated the scripts per Mario’s suggestions

 

function authenticate($username,$password) { 
	######################## 
	## RIT LDAP Authentication Function 
	## Bradley Coudriet - bjcpgd@rit.edu ######################## 
	$server="ldap.rit.edu"; //RIT LDAP Server 
	$basedn="ou=people,dc=rit,dc=edu"; 
	$filter = "(uid=$username)";$dn = "uid=$username, "; 
	
	if (!($connect = ldap_connect('ldaps://'.$server.636))) { return 0; } 
	
	//The LDAP functions will always return an error if the username and password are not correct, this line disables the error messages 
	if ( !(@ldap_bind($connect, "$dn" . $basedn, $password)) || empty($password) ) {
		$error = "You either have a wrong username or wrong password";
		return 0;
	}
	
	$sr = ldap_search($connect, $basedn,"$filter");
	$info = ldap_get_entries($connect, $sr); 
	/* Uncomment these lines if you are using sessions and want to put some of the information you got LDAP in your session 
	$_SESSION['accountUserName'] = $username; 
	$_SESSION['accountFirstName'] = $info[0]['givenname'][0]; 
	$_SESSION['accountLastName'] = $info[0]['sn'][0]; 
	$_SESSION['accountPhone'] = $info[0]['telephonenumber'][0]; 
	$_SESSION['accountEmail'] = $info[0]['mail'][0]; 
	$_SESSION['accountType'] = $info[0]['riteduaccounttype'][0]; */
	return 1;
}

Leave a Reply