diff options
Diffstat (limited to 'login.php')
| -rw-r--r-- | login.php | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/login.php b/login.php new file mode 100644 index 0000000..a767266 --- /dev/null +++ b/login.php @@ -0,0 +1,47 @@ + +<?php + +function try_login($username,$password) { + global $admins; + if (strlen($username) < 8 or strlen($username) > 100) { + return "failed"; + } + if (strlen($password) < 8 or strlen($password) > 1000) { + return "failed"; + } + $ldapserver = "ldap://ldap.hs-augsburg.de"; + $ldapusertree = 'ou=People, dc=fh-augsburg, dc=de'; + + $ldapconn = ldap_connect($ldapserver) + or die ("Cannot connect to ldap server ".$ldapserver); + ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3); + ldap_set_option($ldapconn, LDAP_OPT_NETWORK_TIMEOUT, 3); + + $ldapbind = ldap_bind($ldapconn,"uid=$username, ".$ldapusertree,$password); + if ($ldapbind) { + // Login was successfull + session_regenerate_id(TRUE); + $sr=ldap_search($ldapconn,$ldapusertree,"uid=$username",["sn","givenname"]); + $info = ldap_get_entries($ldapconn,$sr); + ldap_unbind($ldapconn); + $vorname = $info[0]["givenname"][0]; + $nachname = $info[0]["sn"][0]; + $matrikelnummer = db_find_user($vorname,$nachname); + if (in_array($username,$admins)) { + $_SESSION["login"] = "admin"; + return "admin"; + } elseif ($matrikelnummer) { + $_SESSION["login"] = "user"; + $_SESSION["myusername"] = $username; + $_SESSION["mymatrikelnummer"] = $matrikelnummer; + return "user"; + } else { + $_SESSION["login"] = "nodb"; + return "nodb"; + } + } else { + $_SESSION["login"] = "failed"; + return "failed"; + } +} +?>
\ No newline at end of file |