Untitled

<?php

$json= json_decode(file_get_contents ('php://input'),true);
$user=$json['username'];
$pw=$json['password'];


function JSONError($msg){
	header('Content-type: application/json');
	$arr=array();
	$arr['error']=1;
	$arr['errorMsg']=$msg;
	$arr=array_map('utf8_encode',$arr);
	echo json_encode($arr);
	die;
}

function JSONResponse($msg){
	header('Content-type: application/json');
	$arr=array();
	$arr['error']=0;
	$arr['login']=$msg;
	$arr=array_map('utf8_encode',$arr);
	echo json_encode($arr);
	die;
}

define ("LDAPHOST", "ldap://172.16.3.249");
define ("LDAPUSER" , "cn=manager,dc=email2,dc=brontecollege,dc=ca");
define ("LDAPPASS", "88bcldap");
define ("LDAPPORT", 389);
define ("dn" , "dc=email2,dc=brontecollege,dc=ca");

try{
	$conn=new PDO('mysql:host=127.0.0.1:3306;dbname=bronte_db','root','bronte',array(
			PDO::ATTR_ERRMODE=>PDO::ERRMODE_EXCEPTION,
	));
	$login=$conn->prepare('select user_id,type,user_pw from system_users where user_id=?');
	$login->execute(array($user));
	$loginResult=$login->fetchAll();
	if (!count($loginResult))
		JSONResponse("No");
	if ($loginResult[0]['type']!='S'&&$loginResult[0]['type']!='P'){
       $ldapconn = ldap_connect(LDAPHOST, LDAPPORT);
        if(!$ldapconn){
            JSONError('Cannot connect to LDAP server: ' . ldap_error (ldapconn));
        }
         $ldapbind = ldap_bind($ldapconn, LDAPUSER, LDAPPASS)
         or JSONError("Error trying to bind: ".ldap_error($ldapconn));

         if ($ldapbind) {
            $filter = "(&(uid=".$user.")(userpassword=".$pw."))";
            $result = ldap_search($ldapconn, dn, $filter);
            $data1 = ldap_get_entries($ldapconn, $result);

            if(sizeof($data1)>1) {
                JSONResponse("Yes");
            }
            else
            	JSONResponse("Yes");

         }
         ldap_close($ldapconn);
	}
	else{
		if ($loginResult[0]['user_pw']===$pw)
			JSONResponse("Yes");
	}
}catch(PDOException $e){
	JSONError('ERROR: '.$e->getMessage());
}

?>