I'm using the following script to make a ldap authenticated login page for a website. If the login is successful then I want the user to be redirected to "test.com". The LDAP authentication works, but if the user leaves the username and password field blank and clicks submit then it redirects to test.com . The same thing happens when they enter a username that exists in the directory , but leave the password field blank.
<?php
if(isset($_POST['username']) && isset($_POST['password'])){
$adServer = "ldap://test.com";
$ldap = ldap_connect($adServer);
$username = $_POST['username'];
$password = $_POST['password'];
$ldaprdn = 'mw' . "\\" . $username;
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
$bind = @ldap_bind($ldap, $ldaprdn, $password);
if ($bind) {
$filter="(sAMAccountName=$username)";
$result = ldap_search($ldap,"dc=mw,dc=aa,dc=cd,dc=ca",$filter);
ldap_sort($ldap,$result,"sn");
$info = ldap_get_entries($ldap, $result);
for ($i=0; $i<$info["count"]; $i++)
{
if($info['count'] > 1)
break;
echo "<p>You are accessing <strong> ". $info[$i]["sn"][0] .", " . $info[$i]["givenname"][0] ."</strong><br /> (" . $info[$i]["samaccountname"][0] .")</p>\n";
echo '<pre>';
var_dump($info);
echo '</pre>';
$userDn = $info[$i]["distinguishedname"][0];
}
@ldap_close($ldap);
header( "Location: http://test.com" );
} else {
$msg = "Invalid email address / password";
echo $msg;
}
}else{
?>
<html>
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="-1">
<head>
<!-- Bypass Compatiblity View (Super Important) -->
<meta http-equiv="X-UA-Compatible" content="IE=9">
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="css/bootstrap.min.css">
<!-- jQuery library -->
<link href="https://fonts.googleapis.com/css?family=Titillium+Web" rel="stylesheet" type="text/css">
<!-- My CSS page -->
<link rel="stylesheet" type="text/css" href="css/bootstrap-select.min.css">
<link rel="stylesheet" type="text/css" href="css/style.css">
<script src="js/jquery.min.js"></script>
<!-- Latest compiled JavaScript -->
<script src="js/bootstrap.min.js"></script>
<script src="js/bootstrap-select.min.js"></script>
<script src="js/jquery.validate.min.js"></script>
<script src="page.js"></script>
<!-- Google Font -->
</head>
<body class="login-body">
<div class="container" style="margin-top:30px">
<div class="row">
<div class="col-md-4 col-md-offset-4">
</div>
</div>
</div>
<div class="container">
<div class="row">
<div class="col-md-4 col-md-offset-4">
<div class="panel panel-default" >
<div class="panel-heading">
<h1 class="panel-title"><strong>Sign in</strong></h1>
</div>
<div class="panel-body">
<form action="#" method="POST" class="form-signin">
<div class="form-group">
<label for="username" class="control-label">Username</label>
<div class="input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-user" aria-hidden="true"></i></span>
<input type="text" class="form-control" name="username" id="username" placeholder="Enter your Username"/>
</div>
</div>
<div class="form-group">
<label for="password" class="control-label">Password</label>
<div class="input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-lock" aria-hidden="true"></i></span>
<input type="password" class="form-control" name="password" id="password" placeholder="Enter your Password"/>
</div>
</div>
<div class="form-group">
<button class="btn btn-lg btn-primary btn-block" type="submit" name="submit" value="Submit">Sign in</button>
</div>
</div> <!-- panel body -->
</form>
</div> <!-- panel end -->
</div>
</div> <!-- row end -->
</div> <!-- container end -->
</body></html>
<?php } ?>
