/**
* Execute a LDAP query stement and fetch all results.
*
* @param mixed $query The SQL query as a string or an array.
* @param string $configPath The config path; used for exception messages.
*
* @return array An array of records.
* @throws XML_Query2XML_LDAPException If Net_LDAP::search() returns an error.
* @see XML_Query2XML_Driver::getAllRecords()
*/
public function getAllRecords($query, $configPath)
{
$base = null;
$filter = null;
$options = array();
if (isset($query['base'])) {
$base = $query['base'];
}
if (isset($query['filter'])) {
$filter = $query['filter'];
}
if (isset($query['options'])) {
$options = $query['options'];
}
if (isset($options['query2xml_placeholder'])) {
$placeholder = $options['query2xml_placeholder'];
} else {
$placeholder = '?';
}
unset($options['query2xml_placeholder']);
if (isset($query['data']) && is_array($query['data'])) {
$data = Net_LDAP_Util::escape_filter_value($query['data']);
$base = self::_replacePlaceholders($base, $data, $placeholder);
if (is_string($filter)) {
$filter = self::_replacePlaceholders($filter, $data, $placeholder);
}
}
$search = $this->_ldap->search($base, $filter, $options);
if (PEAR::isError($search)) {
/*
* unit test: getXML/throwLDAPException_queryError.phpt
*/
throw new XML_Query2XML_LDAPException($configPath . ': Could not run LDAP search query: ' . $search->toString());
}
$records = array();
$entries = $search->entries();
foreach ($entries as $key => $entry) {
$records[] = $entry->getValues();
}
$search->done();
$records = self::_processMultiValueAttributes($records);
// set missing attriubtes to null
if (isset($options['attributes']) && is_array($options['attributes'])) {
foreach ($options['attributes'] as $attribute) {
for ($i = 0; $i < count($records); $i++) {
if (!array_key_exists($attribute, $records[$i])) {
$records[$i][$attribute] = null;
}
}
}
}
return $records;
}
/**
* Encodes or decodes attribute values if needed
*
* @access private
* @param array Array of attributes
* @param array Function to apply to attribute values
* @return array Array of attributes with function applied to values
*/
function _utf8($attributes, $function)
{
if (!$this->_ldap || !$this->_schema || !function_exists($function)) {
return $attributes;
}
if (is_array($attributes) && count($attributes) > 0) {
foreach ($attributes as $k => $v) {
$attr = $this->_schema->get('attribute', $k);
if (Net_LDAP::isError($attr)) {
continue;
}
if (false !== strpos($attr['syntax'], '1.3.6.1.4.1.1466.115.121.1.15')) {
if (is_array($v)) {
foreach ($v as $ak => $av) {
$v[$ak] = call_user_func($function, $av);
}
} else {
$v = call_user_func($function, $v);
}
}
$attributes[$k] = $v;
}
}
return $attributes;
}
/**
* Returns last error message if error was found.
*
* Example:
* <code>
* $ldif->someAction();
* if ($ldif->error()) {
* echo "Error: ".$ldif->error()." at input line: ".$ldif->error_lines();
* }
* </code>
*
* @param boolean $as_string If set to true, only the message is returned
*
* @return false|Net_LDAP_Error
*/
function error($as_string = false)
{
if (Net_LDAP::isError($this->_error['error'])) {
return $as_string ? $this->_error['error']->getMessage() : $this->_error['error'];
} else {
return false;
}
}
define('LDAP_LAYER', 'LDAP2');
} else {
define('LDAP_LAYER', 'LDAP');
}
}
}
if (LDAP_LAYER == 'LDAP2') {
if (!@(include_once 'Net/LDAP2.php')) {
print 'skip could not find Net/LDAP2.php';
exit;
} else {
include_once dirname(dirname(__FILE__)) . '/settings.php';
$ldap = Net_LDAP2::connect($ldapConfig);
if (PEAR::isError($ldap)) {
print 'skip could not connect to LDAP directory';
exit;
}
}
} else {
if (!@(include_once 'Net/LDAP.php')) {
print 'skip could not find Net/LDAP.php';
exit;
} else {
include_once dirname(dirname(__FILE__)) . '/settings.php';
$ldap = Net_LDAP::connect($ldapConfig);
if (PEAR::isError($ldap)) {
print 'skip could not connect to LDAP directory';
exit;
}
}
}
function checkSignupPassword($sUsername, $sPassword)
{
$aUsers = $this->findUser($sUsername);
if (empty($aUsers)) {
return false;
}
if (count($aUsers) !== 1) {
return false;
}
$dn = $aUsers[0]['dn'];
$config = array('host' => $this->sLdapServer, 'base' => $this->sBaseDN, 'tls' => $this->bTls, 'port' => $this->iLdapPort);
$oLdap =& Net_LDAP::connect($config);
if (PEAR::isError($oLdap)) {
return $oLdap;
}
$res = $oLdap->reBind($dn, $sPassword);
if ($res === true) {
return $dn;
}
return $res;
}
/**
* Returns wether a attribute syntax is binary or not
*
* This method gets used by Net_LDAP_Entry to decide which
* PHP function needs to be used to fetch the value in the
* proper format (e.g. binary or string)
*
* @param string $attribute the name of the attribute (eg.: 'sn')
* @return boolean
*/
function isBinary($attribute)
{
// This list contains all syntax that should be treaten as
// containing binary values
// The Syntax Definitons go into constants at the top of this page
$syntax_binary = array(NET_LDAP_SYNTAX_OCTET_STRING, NET_LDAP_SYNTAX_JPEG);
// Check Syntax
$attr_s = $this->get('attribute', $attribute);
if (false === Net_LDAP::isError($attr_s) && isset($attr_s['syntax']) && in_array($attr_s['syntax'], $syntax_binary)) {
$return = true;
return $return;
} else {
$return = false;
return $return;
}
}
<?php
require_once '../../../../config/dmsDefaults.php';
require_once KT_LIB_DIR . '/authentication/authenticationutil.inc.php';
require_once KT_LIB_DIR . '/authentication/authenticationsource.inc.php';
require_once 'Net/LDAP.php';
$oKTConfig =& KTConfig::getSingleton();
$oAuthenticator = KTAuthenticationUtil::getAuthenticatorForSource(2);
$config = array('dn' => $oAuthenticator->sSearchUser, 'password' => $oAuthenticator->sSearchPassword, 'host' => $oAuthenticator->sLdapServer, 'base' => $oAuthenticator->sBaseDN);
$oLdap =& Net_LDAP::connect($config);
if (PEAR::isError($oLdap)) {
var_dump($oLdap);
exit(0);
}
$aParams = array('scope' => 'sub', 'attributes' => array('cn', 'dn', 'displayClass'));
$rootDn = $oAuthenticator->sBaseDN;
if (is_array($rootDn)) {
$rootDn = join(",", $rootDn);
}
$oResults = $oLdap->search($rootDn, '(objectClass=group)', $aParams);
foreach ($oResults->entries() as $oEntry) {
var_dump($oEntry->dn());
}
/**
* Net_LDAP_Error constructor.
*
* @param mixed Net_LDAP error code, or string with error message.
* @param integer what "error mode" to operate in
* @param integer what error level to use for $mode & PEAR_ERROR_TRIGGER
* @param mixed additional debug info, such as the last query
* @access public
* @see PEAR_Error
*/
function Net_LDAP_Error($code = NET_LDAP_ERROR, $mode = PEAR_ERROR_RETURN, $level = E_USER_NOTICE, $debuginfo = null)
{
$mode = PEAR_ERROR_RETURN;
if (is_int($code)) {
$this->PEAR_Error('Net_LDAP_Error: ' . Net_LDAP::errorMessage($code), $code, $mode, $level, $debuginfo);
} else {
$this->PEAR_Error("Net_LDAP_Error: {$code}", NET_LDAP_ERROR, $mode, $level, $debuginfo);
}
}
/**
* Returns wether a attribute syntax is binary or not
*
* This method gets used by Net_LDAP_Entry to decide which
* PHP function needs to be used to fetch the value in the
* proper format (e.g. binary or string)
*
* @param string $attribute The name of the attribute (eg.: 'sn')
*
* @access public
* @return boolean
*/
function isBinary($attribute)
{
$return = false;
// default to false
// This list contains all syntax that should be treaten as
// containing binary values
// The Syntax Definitons go into constants at the top of this page
$syntax_binary = array(NET_LDAP_SYNTAX_OCTET_STRING, NET_LDAP_SYNTAX_JPEG);
// Check Syntax
$attr_s = $this->get('attribute', $attribute);
if (Net_LDAP::isError($attr_s)) {
// Attribute not found in schema
$return = false;
// consider attr not binary
} elseif (isset($attr_s['syntax']) && in_array($attr_s['syntax'], $syntax_binary)) {
// Syntax is defined as binary in schema
$return = true;
} else {
// Syntax not defined as binary, or not found
// if attribute is a subtype, check superior attribute syntaxes
if (isset($attr_s['sup'])) {
foreach ($attr_s['sup'] as $superattr) {
$return = $this->isBinary($superattr);
if ($return) {
break;
// stop checking parents since we are binary
}
}
}
}
return $return;
}
/**
* Applies a regular expression onto a single- or multivalued attribute (like preg_match())
*
* This method behaves like PHPs preg_match() but with some exceptions.
* If you want to retrieve match information, then you MUST pass the
* $matches parameter via reference! otherwise you will get no matches.
* Since it is possible to have multi valued attributes the $matches
* array will have a additionally numerical dimension (one for each value):
* <code>
* $matches = array(
* 0 => array (usual preg_match() returnarray),
* 1 => array (usual preg_match() returnarray)
* )
* </code>
* Please note, that $matches will be initialized to an empty array inside.
*
* Usage example:
* <code>
* $result = $entry->preg_match('/089(\d+)/', 'telephoneNumber', &$matches);
* if ( $result === true ){
* echo "First match: ".$matches[0][1]; // Match of value 1, content of first bracket
* } else {
* if ( Net_LDAP::isError($result) ) {
* echo "Error: ".$result->getMessage();
* } else {
* echo "No match found.";
* }
* }
* </code>
*
* Please note that it is important to test for an Net_LDAP_Error, because objects are
* evaluating to true by default, thus if a error occured, and you only check using "==" then
* you get misleading results. Use the "identical" (===) operator to test for matches to
* avoid this as shown above.
*
* @param string $regex The regular expression
* @param string $attr_name The attribute to search in
* @param array $matches (optional, PASS BY REFERENCE!) Array to store matches in
* @return boolean|Net_LDAP_Error TRUE, if we had a match in one of the values, otherwise false. Net_LDAP_Error in case something went wrong
*/
function preg_match($regex, $attr_name, $matches = array())
{
$matches = array();
// fetch attribute values
$attr = $this->getValue($attr_name, 'all');
if (Net_LDAP::isError($attr)) {
return $attr;
} else {
unset($attr['count']);
}
// perform preg_match() on all values
$match = false;
foreach ($attr as $thisvalue) {
$matches_int = array();
if (preg_match($regex, $thisvalue, $matches_int)) {
$match = true;
array_push($matches, $matches_int);
// store matches in reference
}
}
return $match;
}
/**
* Net_LDAP_Error constructor.
*
* @param string $message String with error message.
* @param integer $code Net_LDAP error code
* @param integer $mode what "error mode" to operate in
* @param mixed $level what error level to use for $mode &
* PEAR_ERROR_TRIGGER
* @param mixed $debuginfo additional debug info, such as the last query
*
* @access public
* @see PEAR_Error
*/
function Net_LDAP_Error($message = 'Net_LDAP_Error', $code = NET_LDAP_ERROR, $mode = PEAR_ERROR_RETURN, $level = E_USER_NOTICE, $debuginfo = null)
{
$error_code = NET_LDAP_ERROR;
$msg = "{$message}: {$code}";
if (is_int($code)) {
$msg = $message . ': ' . Net_LDAP::errorMessage($code);
$error_code = $code;
}
$this->PEAR_Error($msg, $error_code, $mode, $level, $debuginfo);
}
/**
* Returns the name(s) of the immediate superclass(es)
*
* @param string Name or OID of objectclass
* @return mixed Array of names or Net_LDAP_Error
*/
function superclass($oc)
{
$o = $this->get('objectclass', $oc);
if (Net_LDAP::isError($o)) {
return $o;
}
return key_exists('sup', $o) ? $o['sup'] : array();
}
/**
* Establishes datasource connections settings
*
* @return boolean success
*/
public function setConnection()
{
// Inclusion of the Net_LDAP package:
require_once 'Net/LDAP.php';
// The configuration array:
$config = array('binddn' => $this->params['binddn'], 'bindpw' => $this->params['bindpw'], 'basedn' => $this->params['basedn'], 'host' => $this->params['hostname']);
// Connecting using the configuration:
$this->ldap = Net_LDAP::connect($config);
// Testing for connection error
if (PEAR::isError($ldap)) {
die('Could not connect to LDAP-server: ' . $ldap->getMessage());
}
}
