This is Avi Flamholz's php script for LDAP authentication: given a netid and a password, it verifies that the user is legit. Note that the password is sent in the clear and is readable by the server, so this is not a complete solution. Caveat user.


Class Authenticator {
   var $user;
   var $pass;
   var $host;
   var $fields;
   var $filter;
   var $maindn;
   var $auth;

   function Authenticator($username, $password) {
     $this->user = $username;
     $this->pass = $password;
     $this->auth = FALSE;
     $this->host = "ldap://ldap.princeton.edu";
     $this->fields = array("dn", "cn");
     $this->filter = "(uid=" . $username . ")";
     $this->maindn = "o=Princeton University, c=US";
   }

   function Authenticate() {
     $connect = ldap_connect($this->host);
     if(ldap_bind($connect)) {
       $sr = ldap_search($connect, $this->maindn,
			$this->filter, $this->fields);
       $info = ldap_get_entries($connect, $sr);
       if($info['count'] == 1) {
	foreach ($info as $i) $dn = $i['dn'];
	if(ldap_bind($connect, $dn, $this->pass)) {
	  $this->auth = TRUE;
	  return True;
	} else { return False; }
       } else { return False; }
     }
     ldap_close($connect);
   }
}