BIM/auth.php

<?php

session_start();

if ($_SERVER['REQUEST_METHOD'] != 'POST') {
    header('Location: signin.php');
    exit();
}

if (!isset($_POST['id'], $_POST['password'])) {
    header('Location: signin.php');
    exit();
}

$id = htmlspecialchars($_POST['id']);

$ini = parse_ini_file('includes/config.ini');

try {
    $ldapconn = ldap_connect($ini['hostname'], $ini['port']);
    ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
    ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
} catch (Exception $e) {
    die ('ERROR: ' . $e->getMessage());
}

if ($ldapconn) {
    $ldapbind = @ldap_bind($ldapconn, "uid=" . ldap_escape($id) . ',' . $ini["basedn"], $_POST['password']);
    if ($ldapbind) {
        $_SESSION['user'] = $id;
        header('Location: home.php');
        exit();
    } else {
       $_SESSION['message'] = "Wrong username or password";
       header('Location: signin.php');
       exit();
    }
}