The Mustang Source - Ford Mustang Forums

Off-Topic Chatter Non-Vehicle Related Chat

Anybody a PHP Coder in here?

Thread Tools
 
Search this Thread
 
Old 11/12/04, 03:24 PM
  #1  
The Man... keeping you down.
Thread Starter
 
Sendero's Avatar
 
Join Date: August 15, 2004
Location: Stealin' ur internetz
Posts: 823
Likes: 0
Received 1 Like on 1 Post
Exclamation
I am working on a script to authenticate users that try to access my MRP/Finished Inventory Database with a LDAP server. I've run into a problem with my code that for all tense and purposes seems right, but isnt working the way I want.

Basically, if you don't fill in the Username or Password box, I want it to error out and return you to the logon screen. Well it works for the username, but not the password. Put in a bogus username, no password: Error. Put in no screenname, bogus password: Error. Put in correct username, no password: successful authentication. Its using AD's ability to authenticate anonymously which won't work with some of my other security. Can't have that happening or the department workers won't be sent to the correct program.

I am attaching the code for reference. The top strlen commands are my error checkers.

Code:
<?php
  if ((strlen($_REQUEST["username"]) <= 0) && (strlen($_REQEUST["password"]) <= 0)) {
?>
<html>
<head>
<title>Management System</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
	<link rel="stylesheet" type="text/css" href="./main.css" media="all" />
	<style type="text/css" media="all">@import "./main.css";</style>
</head>

<body bgcolor="#999999">
<br /><br /><br /><br /><br /><br /><br /><br />
<form action="index.php" method="post" name="mainlogin">
 <table width="300" border="0" align="center" cellpadding="6" cellspacing="0" class="std">
  <tr>
   	<th colspan="2" align="center"><b>Sentinel Management System</b></th>
  </tr>
  <tr>
   	<td align="right" nowrap>Username:</td>
   	<td align="left" nowrap><input type="text" size="25" maxlength="20" name="username" class="text" /></td>
  </tr>
  <tr>
   	<td align="right" nowrap>Password:</td>
   	<td align="left" nowrap><input type="password" size="25" maxlength="32" name="password" class="text" /></td>
  </tr>
  <tr>
 <td align="left" nowrap></td>
 <td align="right" valign="bottom" nowrap><input type="submit" name="login" value="login" class="button" /></td>
  </tr>
 </table>
 <div align="center">
	<span style="font-size:7pt">Version 0.1a</span>
</div>
</form>
</body>
</html>
<?php
  }
  else {
  
    $username = $_REQUEST["username"];
    $password = $_REQUEST["password"];
 include 'global.php';

    $ldap = ldap_connect($config['ldapServer']);
    ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
 ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);

    if ($ldap) {

      $bind = @ldap_bind($ldap, $config['ldapUsername'], $config['ldapPassword']);
      $result = @ldap_search($ldap, $config['ldapBase'], "sAMAccountName=" . $username);

      if (ldap_count_entries($ldap, $result) == 1) {

        $info = ldap_get_entries($ldap, $result);

        $userDn = $info[0]["dn"];

        $auth = @ldap_bind($ldap, $userDn, $password);

      }

      if ($auth) {

        print "<p>Successfully authenticated the user '" . $username . "' (" . $userDn . ").</p>\n";

      }
      else {
?>
<html>
<head>
<title>Sentinel Management System</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta HTTP-EQUIV="REFRESH" content="4; url=http://localhost/">
	<link rel="stylesheet" type="text/css" href="./main.css" media="all" />
	<style type="text/css" media="all">@import "./main.css";</style>
</head>

<body>
<body bgcolor="#999999">
<br /><br /><br /><br /><br /><br /><br /><br />
 <table width="300" border="0" align="center" cellpadding="6" cellspacing="0" class="std">
  <tr>
   	<th colspan="2" align="center"><b>ERROR</b></th>
  </tr>
  <tr>
   	<td colspan="2" align="center" nowrap><b>100: Authentication Failed</b></td>
  </tr>
  <tr>
   	<td colspan="2" align="center" nowrap>Check your Username and Password</td>
  </tr>
  <tr>
 <td colspan="2" align="center" valign="bottom" nowrap><a href="http://localhost/"><input type="submit" name="login" value="Return" class="button" /></a></td>
  </tr>
 </table>
</body>
</html>

<?php
      }
 
    }
    else {

      print "<p>Could not connect to the Authentication server. Contact the IT Department.</p>\n";

    }

    @ldap_close($ldap);

  }
?>
Any ideas?
Sendero is offline  
Reply Like
Old 11/12/04, 09:39 PM
  #2  
I had Arin naked in my back seat
 
cntchds's Avatar
 
Join Date: August 23, 2004
Location: Bay Area, California
Posts: 3,599
Likes: 0
Received 3 Likes on 2 Posts
just in case we have enough time to do your work too eh?
cntchds is offline  
Reply Like
Old 11/13/04, 12:04 PM
  #3  
The Man... keeping you down.
Thread Starter
 
Sendero's Avatar
 
Join Date: August 15, 2004
Location: Stealin' ur internetz
Posts: 823
Likes: 0
Received 1 Like on 1 Post
Originally posted by cntchds@November 12, 2004, 11:42 PM
just in case we have enough time to do your work too eh?
Don't really know how to take that, but I am assuming you don't know what I am talking about.
Sendero is offline  
Reply Like
Back to Subforum
Off-Topic Chatter
View Next Unread
gaming systems in car




Advanced Search

All times are GMT -6. The time now is 01:34 AM.