This is Avi Flamholz's php script for LDAP authentication: given a netid and a password, it verifies that the user is legit. Note that the password is sent in the clear and is readable by the server, so this is not a complete solution. Caveat user.
Class Authenticator { var $user; var $pass; var $host; var $fields; var $filter; var $maindn; var $auth; function Authenticator($username, $password) { $this->user = $username; $this->pass = $password; $this->auth = FALSE; $this->host = "ldap://ldap.princeton.edu"; $this->fields = array("dn", "cn"); $this->filter = "(uid=" . $username . ")"; $this->maindn = "o=Princeton University, c=US"; } function Authenticate() { $connect = ldap_connect($this->host); if(ldap_bind($connect)) { $sr = ldap_search($connect, $this->maindn, $this->filter, $this->fields); $info = ldap_get_entries($connect, $sr); if($info['count'] == 1) { foreach ($info as $i) $dn = $i['dn']; if(ldap_bind($connect, $dn, $this->pass)) { $this->auth = TRUE; return True; } else { return False; } } else { return False; } } ldap_close($connect); } }