<?php//define constantsdefine('ldaphost', 'localhost');define('ldapport',

1. <?php
2. //define constants
3. define('ldaphost', 'localhost');
4. define('ldapport', 389);
5. define('ldapbase', 'dc=root');
6. define('ldapvalu', 'mail');
7. ?>
8.  
9. <?php
10. // define functions
11. function do_auth() {
12.   // this is going to need work since reauthenticating every time the page loads is kind of dumb
13.   // perhaps I need some way to shortcut that authentication has already happened?
14.   if (empty($_SESSION['user']) && !empty($_POST['user'])) {
15.     $_REQUEST = array (); //Goodbye Dr. Badplan
16.     //print "SESSION user is not set but POST user is<br>";
17.     $_SESSION['user'] = $_POST['user'];
18.     $_SESSION['pass'] = $_POST['pass'];
19.     $_POST = array(); //No need to keep this longer than necessary
20.     //print "SESSION user is set<br>";
21.     $ldapuser = $_SESSION['user'];
22.     $ldappass = $_SESSION['pass'];
23.     $_SESSION = array(); //No need to keep this longer than necessary
24.     // $ds is a link identifier for a directory server
25.     $ds=@ldap_connect(ldaphost, ldapport) OR die("Could not connect.<br>");
26.     ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3) OR die("Incorrect version.<br>");
27.     // $r is a resource that can be accessed using ldap_get_entries()
28.     if ($r = @ldap_search($ds, $ldapconfig['basedn'], ldapvalu . '=' . $ldapuser)) {
29.       //print "search successful<br>";
30.       $result = @ldap_get_entries($ds, $r);
31.       if ($result['count'] == 1 && $result[0][ldapvalu][0] === $ldapuser) {
32.         if ($bind = @ldap_bind($ds, $result[0]['dn'], $ldappass)) {
33.           //print "auth successful: $bind<br>";
34.           // this likely needs to be built out to clean up the bind and possibly disconnect
35.           return $result[0][ldapvalu][0];
36.         } else {
37.           //print "auth failed: $bind<br>";
38.           return "$bind"; //return NULL;
39.         }
40.       } elseif ($result['count'] > 1) {
41.         print "auth failed: more than one user<br>";
42.         //return UNKNOWN;
43.       } else { //if ($result['count'] == 0) {
44.         //print "auth failed: userid $ldapuser does not exist<br>";
45.         //return 0; //return NULL;
46.       }
47.     } else { //if ($r == 0) {
48.       print "auth failed: search failed<br>";
49.       //return UNKNOWN;
50.     }
51.   } else { //if (empty($_SESSION['user']) && empty($_POST['user']) {
52.     //print "auth failed: you should be seeing a login form<br>";
53.     return 0;
54.   }
55. }
56.  
57. function do_logout() {
58.   print "<form action = " . $_SERVER['PHP_SELF'] . " method = \"POST\">";
59.   print "<input type=submit name='logout' value='logout'><br>";
60.   //this stops processing here
61.   if (isset($_POST['logout'])) {
62.     //print "logout received <br>";
63.     $session_name = session_name();
64.     $_SESSION = array();
65.     session_destroy();
66.     if ( isset( $_COOKIE[ $session_name ] ) ) {
67.       //print "you got a cookie " . $session_name . " : " . $_COOKIE[ $session_name ] . "<br>";
68.       // setcookie() fails when there is output sent prior to calling this function.
69.       if ( setcookie($session_name, '', time()-3600, '/') ) {
70.         print "if you see this you should be logged out<br>";
71.       }
72.       else {
73.         print "if you see this you should be logged out but probably arent<br>";
74.       }
75.     }
76.   }
77. }
78.  
79. function do_reset() {
80.   print"<form action = " . $_SERVER['PHP_SELF'] . " method = \"POST\">";
81.   print "<input type=submit name='reset' value='reset'><br>";
82.   //this stops processing here
83.   if (isset($_POST['reset'])) {
84.     print "reset received <br>";
85.     unset($_POST);
86.     unset($_REQUEST);
87.     unset($_SESSION);
88.   }
89. }
90.  
91. function do_form() {
92.   $auth = do_auth();
93.   if ($auth) {
94.     print "you are logged in as $auth!<br><br>";
95.     do_logout();
96.   } elseif ($auth === 0) {
97.     print "<form action = " . $_SERVER['PHP_SELF'] . " method = \"POST\">";
98.     print "user: <input type=text name='user'><br>";
99.     print "pass: <input type=password name='pass'><br>";
100.     print "<input type=submit name='login' value='login'><br>";
101.   } elseif ($auth === NULL) {
102.     print "login failed: $auth<br><br>"; //userid does not exist
103.     do_reset();
104.   } elseif (isset($auth)) {
105.     print "login failed: $auth<br><br>"; //password incorrect same as userid does not exist
106.     do_reset();
107.   } else {
108.     print "Error Unknown: $auth<br><br>";
109.     do_reset();
110.   }
111. }
112.  
113. function do_header() {
114.   session_start();
115.   $session_name=session_name();
116.   //start output buffer to be flushed in the footer
117.   ob_start();
118.   print "<html>";
119.   print "<head>";
120.   print "<title> My Test Form </title>";
121.   print "</head>";
122.   print "<body>";
123. }
124.  
125. function do_footer() {
126.   print "</body>";
127.   print "</html>";
128.   //flush everything started in the header
129.   ob_end_flush();
130. }
131.  
132. function show_superglobals() {
133.   //print "<br>_POST: " . print_r($_POST, TRUE) . "<br>";
134.   //print "<br>_FILES: " . print_r($_FILES, TRUE) . "<br>";
135.   //print "<br>_COOKIE: " . print_r($_COOKIE, TRUE) . "<br>";
136.   //print "<br>_REQUEST: " . print_r($_REQUEST, TRUE) . "<br>";
137.   //print "<br>_SESSION: " . print_r($_SESSION, TRUE) . "<br>";
138.   //print "<br>_SERVER: " . print_r($_SERVER, TRUE) . "<br>";
139.   //print "<br>_ENV: " . print_r($_ENV, TRUE) . "<br>";
140.   print "<br>GLOBALS: <pre>" . print_r($GLOBALS, TRUE) . "</pre><br>";
141. }
142.  
143. ?>
144.  
145. <?php
146. //main
147.  
148. do_header();
149.  
150. do_form();
151.  
152. show_superglobals();
153.  
154. do_footer();
155.  
156. ?>