php - LDAP 从登录用户那里获取电子邮件地址
问题描述
如何使用 LDAP 从登录用户(用户来自 ActiveDirectory)获取邮件地址。
现在我可以通过 AD 凭据登录,这工作正常。
但我还想从登录用户那里获得电子邮件地址。
如果我可以将它放在一个变量中,那就太好了,因为我想在之后使用它。
认证.php
<?php
function authenticate($user, $password) {
if(empty($user) || empty($password)) return false;
$ldap_host = " ipaddres ";
$ldap_dn = "DC=mydc,DC=mydc";
$ldap_usr_dom = '@mydc';
$ldap = ldap_connect(" ipaddress ", 389);
ldap_set_option($ldap,LDAP_OPT_PROTOCOL_VERSION,3);
ldap_set_option($ldap,LDAP_OPT_REFERRALS,0);
if($bind = @ldap_bind($ldap, $user.$ldap_usr_dom, $password)) {
$filter = "(sAMAccountName=".$user.")";
$attr = array("mail");
$result = ldap_search($ldap, $ldap_dn, $filter, $attr) or exit("Unable to search LDAP server");
$entries = ldap_get_entries($ldap, $result);
ldap_unbind($ldap);
foreach($entries[0]['mail'] as $mail) {
$access = 1;
if ($mail != ''){
$_SESSION['mail'] = $mail;
}
}
if($access != 0) {
$_SESSION['user'] = $user;
$_SESSION['access'] = $access;
return true;
} else {
return false;
}
} else {
return false;
}
}
?>
登录.php
<?php
// initialize session
session_start();
include("authenticate.php");
// check to see if user is logging out
if(isset($_GET['out'])) {
// destroy session
session_unset();
$_SESSION = array();
unset($_SESSION['user'],$_SESSION['access']);
session_destroy();
}
// check to see if login form has been submitted
if(isset($_POST['userLogin'])){
// run information through authenticator
if(authenticate($_POST['userLogin'],$_POST['userPassword']))
{
// authentication passed
header("Location: protected.php");
die();
} else {
// authentication failed
$error = 1;
}
}
// output error to user
if(isset($error)) echo "Login failed: Incorrect user name, password, or rights<br />";
// output logout success
if(isset($_GET['out'])) echo "Logout successful";
?>
<form action="login.php" method="post">
User: <input type="text" name="userLogin" /><br />
Password: <input type="password" name="userPassword" />
<input type="submit" name="submit" value="Submit" />
</form>
页面.php
<?php
// initialize session
session_start();
if(!isset($_SESSION['user'])) {
// user is not logged in, do something like redirect to login.php
header("Location: login.php");
die();
}
if($_SESSION['access'] != 2) {
// another example...
// user is logged in but not a manager, let's stop him
header("Location: general.php");
die();
}
?>
<p>Hi <?= $_SESSION['user']; $_SESSION['mail']; //there I want to have Hi John Doe (it works) but i don't see mail address?>!</p>
<p><a href="login.php?out=1">Logout</a></p>
解决方案
推荐阅读
- python - 打开文件对话框后无法写入 tkinter spinbox
- node.js - 逐行读取节点中缓冲区的最佳方法
- php - 如何在 Codeigniter 4 中使用 Medoo 数据库
- kubernetes - 单个 HAproxy 暴露多个 kubernetes 集群 kube-api 服务
- python - YouTube-Downloader HTTPError:HTTP 错误 404:未找到
- java - 页面对象模型和页面工厂(如果是 Web 元素列表)
- javascript - 如何在 js puppeteer 中访问 map 函数之外的变量
- node.js - 如何使用节点 js 从 Microsoft Bot for Teams 进行 REST API 调用?
- javascript - Firebase:使用 forEach 函数读取哪些节点?
- php - php页面刷新时Mysql可拖动位置重置