diff --git a/ldap-auth.php b/ldap-auth.php
new file mode 100644
index 0000000000000000000000000000000000000000..475a0335ab9b25db8046141a0a9d237261814f6a
--- /dev/null
+++ b/ldap-auth.php
@@ -0,0 +1,105 @@
+<?php
+
+/*
+Written by Imran Hussain ~imranh
+
+Used to auth people, will check SUCS then the uni ldap, will only check
+students on the uni ldap.
+
+will return "sucs" if the username/password passed is a sucs member
+will return "uni" if the user/pass passed has a student swan uni account
+will return "nope" if the user/pass passed is inavlid
+
+Example usage:
+
+include_once("ldap-auth.php");
+
+isAuthd = ldapAuth("usaername", "password");
+
+if (isAuthd == "sucs"){
+ //do stuff for sucs auth
+}elseif (isAuthd == "uni"){
+ //do stuff for uni auth
+}else{
+ //do stuff for not authd peeps
+}
+
+*/
+
+// we don't care about warnings, we write our own
+error_reporting(E_ERROR | E_PARSE);
+
+function ldapAuth($username, $password)
+{
+
+ if ($username != "" && $password != "") {
+
+ // people like to use emails to login so lets detect and strip
+ if (filter_var($username, FILTER_VALIDATE_EMAIL)) {
+ //valid email, lets strip
+ // split the email into a string array "@" as a delim
+ $s = explode("@", $username);
+ // remove the last element (domain)
+ array_pop($s);
+ // put the array back togther using "@" as a seperator
+ $username = implode("@", $s);
+ }
+
+ // ldap servers
+ $sucsLDAPServer = 'silver.sucs.swan.ac.uk';
+ $lisLDAPServer = 'ccs-suld1.swan.ac.uk';
+
+ // lis auth stuffs
+ $lisUsernameOu = substr($username, -1);
+ $lisOtherOu = "Moved";
+
+ // how to bind
+ $sucsBindDn = "uid=$username,ou=People,dc=sucs,dc=org";
+ $lisBindDn1 = "cn=$username,ou=$lisUsernameOu,ou=Students,ou=SWANSEA,o=SWANUNI";
+ $lisBindDn2 = "cn=$username,ou=$lisOtherOu,ou=Students,ou=SWANSEA,o=SWANUNI";
+
+ // Main auth
+
+ // Try and connect to silver
+ $ldapconnSUCS = ldap_connect($sucsLDAPServer) or die("Could not connect to SUCS LDAP server.");
+
+ if ($ldapconnSUCS) {
+
+ //echo "Connected to $sucsLDAPServer <br>";
+
+ // try and bind to sucs ldap
+ $ldapbindSUCS = ldap_bind($ldapconnSUCS, $sucsBindDn, $password);
+
+ if ($ldapbindSUCS) {
+ //echo "Auth'd as $username using SUCS LDAP<br>";
+ return "sucs";
+ // turns out they didn't give us valid sucs creds, lets try lis now
+ } else {
+
+ // try and connect to the lis ldap server
+ $ldapconnLIS = ldap_connect($lisLDAPServer) or die("Could not connect to uni LDAP server.");
+ //echo "Connected to $lisLDAPServer <br>";
+
+ // lets try and bind to the uni ldap
+ $ldapbindLIS1 = ldap_bind($ldapconnLIS, $lisBindDn1, $password);
+ if ($ldapbindLIS1) {
+ //echo "Auth'd as $username using uni LDAP using ou=$lisUsernameOu<br>";
+ return "uni";
+ } else {
+ $ldapbindLIS2 = ldap_bind($ldapconnLIS, $lisBindDn2, $password);
+ if ($ldapbindLIS2) {
+ //echo "Auth'd as $username using uni LDAP using ou=moved<br>";
+ return "uni";
+ // shit, couldn't bind to anything
+ } else {
+ //exit("Invalid Username or Password");
+ return "nope";
+ }
+ }
+ }
+ }
+ } else {
+ return "nope";
+ }
+}
+