使用UID的POST变量进行LDAP绑定吗? [英] LDAP bind using POST variable for UID?
问题描述
我正在使用LDAP验证用户身份的登录表单.但是,我不知道如何将用户名与DN凭证一起作为POST变量传递.这可以让我从登录表单发送密码:
I am working on a login form that uses LDAP to authenticate users. However I do not know how to pass the username as a POST variable along with the DN credentials. This is working allowing me to send a password from a login form:
<?php
// using ldap bind
$ldaprdn = 'uid=my.name,cn=XXX,dc=XXX,dc=XXX,dc=XXX'; // ldap rdn or dn
$ldappass = $_POST['userPassword']; // user password
// connect to ldap server
$ldapconn = ldap_connect("server.domain.com")
or die("Could not connect to LDAP server.");
// Set some ldap options for talking to
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
if ($ldapconn) {
// binding to ldap server
$ldapbind = @ldap_bind($ldapconn, $ldaprdn, $ldappass);
// verify binding
if ($ldapbind) {
echo "LDAP bind successful...\n";
} else {
echo "LDAP bind failed...\n";
}
}
?>
但是,当尝试将POST变量中包含的值附加到CN和DN值时,这不会.
However this does not when trying to append the value contained within the POST variable to the CN and DN values.
<?php
// using ldap bind
$ldaprdn = "uid = . $_POST['userLogin'] . 'cn=XXX,dc=XXX,dc=XXX,dc=XXX'"; // ldap rdn or dn
$ldappass = $_POST['userPassword']; // user password
// connect to ldap server
$ldapconn = ldap_connect("server.domain.com")
or die("Could not connect to LDAP server.");
// Set some ldap options for talking to
ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
if ($ldapconn) {
// binding to ldap server
$ldapbind = @ldap_bind($ldapconn, $ldaprdn, $ldappass);
// verify binding
if ($ldapbind) {
echo "LDAP bind successful...\n";
} else {
echo "LDAP bind failed...\n";
}
}
?>
可以通过这种方式实现吗?我相信我只能使用LDAP_bind函数传递三个变量,
Can this be achieved this way? I believe I can only pass three variables using the LDAP_bind function,
非常感谢
推荐答案
您在此处错误地使用了引号,并且错过了逗号:
You are incorrectly using quotes here and have missed a comma:
$ldaprdn = "uid = . $_POST['userLogin'] . 'cn=XXX,dc=XXX,dc=XXX,dc=XXX'";
应该是
$ldaprdn = 'uid =' . $_POST['userLogin'] . ',cn=XXX,dc=XXX,dc=XXX,dc=XXX';
或
$ldaprdn = "uid =$_POST['userLogin'],cn=XXX,dc=XXX,dc=XXX,dc=XXX";
请记住,在变量周围使用单引号不会将变量解析为其值(因此需要连接),但会使用双引号. 最重要的是:永远不要直接在脚本中使用用户输入的数据-验证输入或至少使用htmlentities()或strip_tags()...
Remember that using single quotes around variables will not resolve the variable to its value (and thus concatenation is required), but using double quotes will. And on top of that: never work with user-inputted-data directly in your scripts - validate the input or at the very least use htmlentities() or strip_tags()...
这篇关于使用UID的POST变量进行LDAP绑定吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!