Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Preventing PHP Warnings on LDAP Functions

Tags:

php

warnings

suppress-warnings

ldap

Currently I am using the ldap_* functions to handle authentication for one of my web applications. I have logic that is able to check if the login is valid which works fine, however when a user enters an invalid username/password combination ldap_bind() produces a warning which I would like to avoid if possible. At the moment I am suppressing this error with the @ operator but I am curious if there is a better way to block warnings from ldap_* without turning off warnings in PHP completely or suppressing them.

The warning is

A PHP Error was encountered

Severity: Warning

Message: ldap_bind() [function.ldap-bind]: Unable to bind to server: Invalid credentials

Filename: libraries/userauth.php

Line Number: 75

My current code is as follows:

$uid = "uid=".$username;
$ldapUser = $uid.",ou=***,dc=***,dc=***";
$ds = ldap_connect( $this->ldapURL ); 
$lb = @ldap_bind( $ds, $ldapUser, $password );
$sr = ldap_search( $ds, $this->ldapBaseDN, $uid );
$info = ldap_get_entries( $ds, $sr );

Is there any way to prevent this warning without turning of PHP warnings altogether or suppressing it?

like image 303
Bad Wolf Avatar asked Aug 16 '13 23:08

Bad Wolf

People also ask

How can I tell if PHP supports LDAP?

You can try and check it with extension_loaded() like this: $builtWithLdap = extension_loaded('ldap'); or alternativly as a crowbar approach, just check if one of the functions exists: $builtWithLdap = function_exists('ldap_add');

What is LDAP PHP?

LDAP is the Lightweight Directory Access Protocol, and is a protocol used to access "Directory Servers". The Directory is a special kind of database that holds information in a tree structure.

What is Ldap_bind?

The ldap_bind function asynchronously authenticates a client with the LDAP server. The bind operation identifies a client to the directory server by providing a distinguished name and some type of authentication credential, such as a password. The authentication method used determines the type of required credential.

1 Answers

This behaviour is by design, you cannot prevent ldap_bind from triggering a warning on invalid credentials. You still have some options, though:

  1. Suppress the warning with @ as you are already doing
  2. Turn all errors into Exceptions, then catch them and handle appropriately
  3. Ignore warnings by modifying the error reporting level (very, very bad idea)

In my own ldap library I use the @ suppressor, but I have heard that it is quite slow compared to converting an error into Exception, so my suggestion is to go with option 2. If you don't care about super-high performance, then option 1 is a perfectly valid approach.

like image 135
Robert Rossmann Avatar answered Sep 30 '22 05:09

Robert Rossmann
Sign in to Comment

Related questions

using array merge into a foreach loop
Get magento shipping tax rate from order object
Keep unique values of array, preserving order, retaining last occurrence of each
Run code only between certain hours
What does htmlentities with ENT_QUOTES and UTF-8 do?
PHP Regex preg_match extraction
Extracting data from Wikipedia API
ajax php javascript : error when using POST method
Remove trailing zeros from a string
ZF2: Module could not be initialized
Is it OK to put conditional logic on CodeIgniter Views? [closed]
Signature pad and dompdf
Add item to select box with an Eloquent collection
Implementing Transactions in mysql via php
PHP - remove empty values from array [duplicate]
Search array and return multiple matches [duplicate]
http_build_query() dot is converted to underscore
Parse HTML and Get All h3's After an h2 Before the Next h2 Using PHP
Begin Transaction not defined
PHP basename( __DIR__ ) is returning _DIR_ on some servers

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!