使用UID的POST变量进行LDAP绑定吗? [英] LDAP bind using POST variable for UID?

问题描述

我正在使用LDAP验证用户身份的登录表单.但是，我不知道如何将用户名与DN凭证一起作为POST变量传递.这可以让我从登录表单发送密码:

I am working on a login form that uses LDAP to authenticate users. However I do not know how to pass the username as a POST variable along with the DN credentials. This is working allowing me to send a password from a login form:

<?php
// using ldap bind
$ldaprdn  = 'uid=my.name,cn=XXX,dc=XXX,dc=XXX,dc=XXX';     // ldap rdn or dn
$ldappass = $_POST['userPassword'];  // user password

// connect to ldap server
$ldapconn = ldap_connect("server.domain.com")
        or die("Could not connect to LDAP server.");

// Set some ldap options for talking to 
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);

if ($ldapconn) {

        // binding to ldap server
        $ldapbind = @ldap_bind($ldapconn, $ldaprdn, $ldappass);

        // verify binding
        if ($ldapbind) {
            echo "LDAP bind successful...\n";
        } else {
            echo "LDAP bind failed...\n";
        }
}
?>

但是，当尝试将POST变量中包含的值附加到CN和DN值时，这不会.

However this does not when trying to append the value contained within the POST variable to the CN and DN values.

<?php
// using ldap bind
$ldaprdn  = "uid = . $_POST['userLogin'] . 'cn=XXX,dc=XXX,dc=XXX,dc=XXX'";    // ldap  rdn or dn
$ldappass = $_POST['userPassword'];  // user password

// connect to ldap server
$ldapconn = ldap_connect("server.domain.com")
        or die("Could not connect to LDAP server.");

// Set some ldap options for talking to 
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);

if ($ldapconn) {

        // binding to ldap server
        $ldapbind = @ldap_bind($ldapconn, $ldaprdn, $ldappass);

        // verify binding
        if ($ldapbind) {
            echo "LDAP bind successful...\n";
        } else {
            echo "LDAP bind failed...\n";
        }
}
?>

可以通过这种方式实现吗?我相信我只能使用LDAP_bind函数传递三个变量，

Can this be achieved this way? I believe I can only pass three variables using the LDAP_bind function,

非常感谢

推荐答案

您在此处错误地使用了引号，并且错过了逗号:

You are incorrectly using quotes here and have missed a comma:

$ldaprdn  = "uid = . $_POST['userLogin'] . 'cn=XXX,dc=XXX,dc=XXX,dc=XXX'";

应该是

$ldaprdn  = 'uid =' . $_POST['userLogin'] . ',cn=XXX,dc=XXX,dc=XXX,dc=XXX';

或

$ldaprdn  = "uid =$_POST['userLogin'],cn=XXX,dc=XXX,dc=XXX,dc=XXX";

请记住，在变量周围使用单引号不会将变量解析为其值(因此需要连接)，但会使用双引号. 最重要的是:永远不要直接在脚本中使用用户输入的数据-验证输入或至少使用htmlentities()或strip_tags()...

Remember that using single quotes around variables will not resolve the variable to its value (and thus concatenation is required), but using double quotes will. And on top of that: never work with user-inputted-data directly in your scripts - validate the input or at the very least use htmlentities() or strip_tags()...

这篇关于使用UID的POST变量进行LDAP绑定吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！