Compare value of attribute found in entry specified with DN

Description

ldap_compare(
    LDAP\Connection $ldap,
    string $dn,
    string $attribute,
    string $value,
    ?array $controls = null
): bool|int

Compare value of attribute with value of same attribute in an LDAP directory entry.

Parameters

ldap: An LDAP\Connection instance, returned by ldap_connect().
dn: The distinguished name of an LDAP entity.
attribute: The attribute name.
value: The compared value.
controls: Array of LDAP Controls to send with the request.

Return Values

Returns true if value matches otherwise returns false. Returns -1 on error.

Changelog

Version	Description
8.1.0	The `ldap` parameter expects an LDAP\Connection instance now; previously, a resource was expected.
8.0.0	`controls` is nullable now; previously, it defaulted to `[]`.
7.3	Support for `controls` added

Examples

The following example demonstrates how to check whether or not given password matches the one defined in DN specified entry.

Example #1 Complete example of password check


<?php

$ds=ldap_connect("localhost");  // assuming the LDAP server is on this host

if ($ds) {

    // bind
    if (ldap_bind($ds)) {

        // prepare data
        $dn = "cn=Matti Meikku, ou=My Unit, o=My Company, c=FI";
        $value = "secretpassword";
        $attr = "password";

        // compare value
        $r=ldap_compare($ds, $dn, $attr, $value);

        if ($r === -1) {
            echo "Error: " . ldap_error($ds);
        } elseif ($r === true) {
            echo "Password correct.";
        } elseif ($r === false) {
            echo "Wrong guess! Password incorrect.";
        }

    } else {
        echo "Unable to bind to LDAP server.";
    }

    ldap_close($ds);

} else {
    echo "Unable to connect to LDAP server.";
}
?>

Notes

Warning

ldap_compare() can NOT be used to compare BINARY values!