This behaviour is by design, you cannot prevent ldap_bind from triggering a warning on invalid credentials. You still have some options, though:
- Suppress the warning with
@
as you are already doing - Turn all errors into Exceptions, then catch them and handle appropriately
- Ignore warnings by modifying the error reporting level (very, very bad idea)
In my own ldap library I use the @
suppressor, but I have heard that it is quite slow compared to converting an error into Exception, so my suggestion is to go with option 2. If you don't care about super-high performance, then option 1 is a perfectly valid approach.