can bind successfully to the ldap server, but needs to know how to find user w/i AD

Posted by Brad on Stack Overflow See other posts from Stack Overflow or by Brad
Published on 2010-03-19T20:50:23Z Indexed on 2010/03/19 21:01 UTC
Read the original article Hit count: 214

I create a login form to bind to the ldap server, if successful, it creates a session (which the user's username is stored within), then I go to another page that has session_start(); and it works fine.

What I want to do now, is add code to test if that user is a member of a specific group.

So in theory, this is what I want to do

if(username session is valid) {
  search ldap for user -> get list of groups user is member of

  foreach(group they are member of) {
    switch(group) {
      case STAFF:
      print 'they are member of staff group';
      $access = true;
      break;

      default:
      print 'not a member of STAFF group';
      $access = false;
      break;
    }

    if(group == STAFF) {
     break;
    }

   }

   if($access == TRUE) {
    // you have access to the content on this page
   } else {
    // you do not have access to this page
   }
}

How do I do a ldap_search w/o binding? I don't want to keep asking for their password on each page, and I can't pass their password thru a session.

Any help is appreciated.

© Stack Overflow or respective owner

Related posts about php

Related posts about ldap