Idiot-proofness

5420f8e7 · Imran Hussain · ecbc5ba7 · 5420f8e7
Commit 5420f8e7 authored 10 years ago by Imran Hussain
--- a/lib/ldap-auth.php
+++ b/lib/ldap-auth.php
@@ -27,61 +27,67 @@ if (isAuthd == "sucs"){
 */

 // we don't care about warnings, we write our own
-error_reporting(E_ERROR | E_PARSE);
+//error_reporting(E_ERROR | E_PARSE);

 function ldapAuth($username, $password) {

-	// ldap servers
-	$sucsLDAPServer = 'silver.sucs.swan.ac.uk';
-	$lisLDAPServer = 'ccs-suld1.swan.ac.uk';
+	if ($username != "" && $password != ""){

-	// lis auth stuffs
-	$lisUsernameOu = substr($username, -1);
-	$lisOtherOu = 'moved';
+		// ldap servers
+		$sucsLDAPServer = 'silver.sucs.swan.ac.uk';
+		$lisLDAPServer = 'ccs-suld1.swan.ac.uk';

-	// how to bind
-	$sucsBindDn = "uid=$username,ou=People,dc=sucs,dc=org";
-	$lisBindDn1 = "cn=$username,ou=$lisUsernameOu,ou=students,ou=Swansea,o=swanuni";
-	$lisBindDn2 = "cn=$username,ou=$lisOtherOu,ou=students,ou=Swansea,o=swanuni";
+		// lis auth stuffs
+		$lisUsernameOu = substr($username, -1);
+		$lisOtherOu = "Moved";

-	// Main auth
+		// how to bind
+		$sucsBindDn = "uid=$username,ou=People,dc=sucs,dc=org";
+		$lisBindDn1 = "cn=$username,ou=$lisUsernameOu,ou=Students,ou=SWANSEA,o=SWANUNI";
+		$lisBindDn2 = "cn=$username,ou=$lisOtherOu,ou=Students,ou=SWANSEA,o=SWANUNI";

-	// Try and connect to silver
-	$ldapconnSUCS = ldap_connect($sucsLDAPServer) or die("Could not connect to SUCS LDAP server.");
+		// Main auth

-	if ($ldapconnSUCS) {
+		// Try and connect to silver
+		$ldapconnSUCS = ldap_connect($sucsLDAPServer) or die("Could not connect to SUCS LDAP server.");

-		//echo "Connected to $sucsServer <br>";
+		if ($ldapconnSUCS) {

-		// try and bind to sucs ldap
-		$ldapbindSUCS = ldap_bind($ldapconnSUCS, $sucsBindDn, $password);
-		if ($ldapbindSUCS) {
-			//echo "Auth'd as $username using SUCS LDAP<br>";
-			return "sucs";
-		// turns out they didn't give us valid sucs creds, lets try lis now
-		} else {
+			//echo "Connected to $sucsLDAPServer <br>";

-			// try and connect to the lis ldap server
-			$ldapconnLIS = ldap_connect($lisLDAPServer) or die("Could not connect to uni LDAP server.");
-			//echo "Connected to $lisServer <br>";
+			// try and bind to sucs ldap
+			$ldapbindSUCS = ldap_bind($ldapconnSUCS, $sucsBindDn, $password);

-			// lets try and bind to the uni ldap
-			$ldapbindLIS1 = ldap_bind($ldapconnLIS, $lisBindDn1, $password);
-			if ($ldapbindLIS1) {
-				//echo "Auth'd as $username using uni LDAP using ou=$lisUsernameOu<br>";
-				return "uni";
+			if ($ldapbindSUCS) {
+				//echo "Auth'd as $username using SUCS LDAP<br>";
+				return "sucs";
+			// turns out they didn't give us valid sucs creds, lets try lis now
 			} else {
-				$ldapbindLIS2 = ldap_bind($ldapconnLIS, $lisBindDn2, $password);
-				if ($ldapbindLIS2) {
-					//echo "Auth'd as $username using uni LDAP using ou=moved<br>";
+
+				// try and connect to the lis ldap server
+				$ldapconnLIS = ldap_connect($lisLDAPServer) or die("Could not connect to uni LDAP server.");
+				//echo "Connected to $lisLDAPServer <br>";
+
+				// lets try and bind to the uni ldap
+				$ldapbindLIS1 = ldap_bind($ldapconnLIS, $lisBindDn1, $password);
+				if ($ldapbindLIS1) {
+					//echo "Auth'd as $username using uni LDAP using ou=$lisUsernameOu<br>";
 					return "uni";
-				// shit, couldn't bind to anything
 				} else {
-					//exit("Invalid Username or Password");
-					return "nope";
+					$ldapbindLIS2 = ldap_bind($ldapconnLIS, $lisBindDn2, $password);
+					if ($ldapbindLIS2) {
+						//echo "Auth'd as $username using uni LDAP using ou=moved<br>";
+						return "uni";
+					// shit, couldn't bind to anything
+					} else {
+						//exit("Invalid Username or Password");
+						return "nope";
+					}
 				}
 			}
 		}
+	}else {
+		return "nope";
 	}
 }
 ?>
\ No newline at end of file