I create a login form to bind to the ldap server, if successful, it creates a session (which the user's username is stored within), then I go to another page that has session_start(); and it works fine.
What I want to do now, is add code to test if that user is a member of a specific group.
So in theory, this is what I want to do
if(username session is valid) {
search ldap for user -> get list of groups user is member of
foreach(group they are member of) {
switch(group) {
case STAFF:
print 'they are member of staff group';
$access = true;
break;
default:
print 'not a member of STAFF group';
$access = false;
break;
}
if(group == STAFF) {
break;
}
}
if($access == TRUE) {
// you have access to the content on this page
} else {
// you do not have access to this page
}
}
How do I do a ldap_search w/o binding? I don't want to keep asking for their password on each page, and I can't pass their password thru a session.
Any help is appreciated.