I have a question. Currently I am working with ldap connection.
I have no issue with ldap connection as I am using manual ldap codes. My connection with ldap is success.
All seems good when I enter the correct username and password. I have problem when I enter wrong password, the page will show “ErrorException ldap_bind(): Unable to bind to server: Invalid credentials” ang the page also shows all login function codes.
How can I show the proper error message without the page show ErrorException? for information, I am not using any ldap installation framework.
example my codes:
public function process_login(Request $request)
{
$username = $request->username;
$password = $request->password;
$ldaphost= "xxxx";
$ldapconn = ldap_connect($ldaphost) or die("That LDAP-URI was not parseable");
$ldap_credential= 'uid='.$username.',cn=xxx';
$ldappass = $password;
if ($ldapconn)
{
$ldapbind = ldap_bind($ldapconn, $ldap_credential, $ldappass);
if ($ldapbind) {
return redirect()->route('dashboard');
}
else
{
return Redirect::back()->withErrors(['msg', 'Wrong Password/Username']);
}
}
}
login.blade:
@if($errors->any())
<h4>{{$errors->first()}}</h4>
@endif
Anyone can help me?
Advertisement
Answer
I, along with many others, ran into this same problem with LDAP authentication from PHP. Totally agree, it is pretty sloppy to show those errors. Believe it or not, among the most common solutions is to just silence the bind process with the standard PHP@, to avoid showing the unwanted error message.
In your case, something like:
if (@ldap_bind($ldapconn, $ldap_credential, $ldappass)) {
return redirect()->route('dashboard');
}
else
{
return Redirect::back()->withErrors(['msg', 'Wrong Password/Username']);
}