3v4l.org

run code in 300+ PHP versions simultaneously
<?php // http://sudobash.net/?p=736 session_start(); session_destroy(); if(!isset($_POST['user'])){?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr"> <!-- <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> --> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <title>LOGIN TITLE</title> </head> <body> <table align="center" height="200px" id="content"> <tr> <td valign="middle"> <h2>TITLE Login</h2> <form action="login.php" method="POST"> <tt>RAC Username:</tt> <input type="text" name="user" size="30" /><br /> <tt>RAC Password:</tt> <input type="password" name="password" size="30" /> <input type="submit" value="Login" name="submit" /> </form> </td> </tr> </table> </body> </html> <?}?> <?php if(isset($_POST['user'])){?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr"> <!-- <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> --> <head> <title>LOGIN RESULTS TITLE</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> </head> <body> <?php include 'conf.php'; // Don't display the warnings - we are already setup to annoy the user ini_set( "display_errors", 0); // No funny stuff! $user = htmlspecialchars($_POST['user']); $user = explode(" ", $user); $user = $user[0]; $user = preg_replace("/[^a-zA-Z0-9_]/", "", $user); $filter = "admin=" . $user; // Connect to the LDAP server. $ldapconn = ldap_connect($server, $port) or die("Could not connect to " . $server . ":" . $port . "."); // Bind with rootreader to the LDAP server to search and retrieve DN. $ldapbind = ldap_bind($ldapconn) or die("Could not bind - contact admin@adamskalicky.com"); $result = ldap_search($ldapconn,$basedn,$filter) or die ("Search error."); $entries = ldap_get_entries($ldapconn, $result); $binddn = $entries[0]["dn"]; // Bind again using the DN retrieved. If this bind is successful, // then the user has managed to authenticate. $ldapbind = ldap_bind($ldapconn, $binddn, $_POST['password']); if ($ldapbind) { echo "<center><h2>Successful authentication for <span style='color: #000;'>" . $user . "</span></center>"; ?> <table align="center" height="200px" id="content"> <tr> <td valign="middle"> <form action="restricted.php" method="post"> <input type="hidden" name='user' value="<?=$user;?>" > <input type="submit" value="Great, Let's go!" > </form> </td> </tr> </table> <? } else { echo "<center><h2>Failed authentication for <span style='color: #000;'>" . $user . "</span><br /><br /> <a href='login.php'>Try again</a></center>"; } ldap_close($ldapconn); ?> </body> </html> <?}?>

preferences:
33.55 ms | 402 KiB | 5 Q