/**
* Defined by Zend_Validate_Interface.
*
* Returns true if and only if $value is a valid DN.
*
* @param string $value The value to be validated.
*
* @return boolean
*/
public function isValid($value)
{
$valid = Zend_Ldap_Dn::checkDn($value);
if ($valid === false) {
$this->_error(self::MALFORMED);
return false;
}
return true;
}
/**
* @param string $username The username for authenticating the bind
* @param string $password The password for authenticating the bind
* @return Zend_Ldap Provides a fluent interface
* @throws Zend_Ldap_Exception
*/
public function bind($username = null, $password = null)
{
$moreCreds = true;
if ($username === null) {
$username = $this->_getUsername();
$password = $this->_getPassword();
$moreCreds = false;
}
if (empty($username)) {
/* Perform anonymous bind
*/
$username = null;
$password = null;
} else {
/* Check to make sure the username is in DN form.
*/
/**
* @see Zend_Ldap_Dn
*/
#require_once 'Zend/Ldap/Dn.php';
if (!Zend_Ldap_Dn::checkDn($username)) {
if ($this->_getBindRequiresDn()) {
/* moreCreds stops an infinite loop if _getUsername does not
* return a DN and the bind requires it
*/
if ($moreCreds) {
try {
$username = $this->_getAccountDn($username);
} catch (Zend_Ldap_Exception $zle) {
switch ($zle->getCode()) {
case Zend_Ldap_Exception::LDAP_NO_SUCH_OBJECT:
case Zend_Ldap_Exception::LDAP_X_DOMAIN_MISMATCH:
case Zend_Ldap_Exception::LDAP_X_EXTENSION_NOT_LOADED:
throw $zle;
}
throw new Zend_Ldap_Exception(null, 'Failed to retrieve DN for account: ' . $username . ' [' . $zle->getMessage() . ']', Zend_Ldap_Exception::LDAP_OPERATIONS_ERROR);
}
} else {
/**
* @see Zend_Ldap_Exception
*/
#require_once 'Zend/Ldap/Exception.php';
throw new Zend_Ldap_Exception(null, 'Binding requires username in DN form');
}
} else {
$username = $this->getCanonicalAccountName($username, $this->_getAccountCanonicalForm());
}
}
}
if (!is_resource($this->_resource)) {
$this->connect();
}
if ($username !== null && $password === '' && $this->_getAllowEmptyPassword() !== true) {
/**
* @see Zend_Ldap_Exception
*/
#require_once 'Zend/Ldap/Exception.php';
$zle = new Zend_Ldap_Exception(null, 'Empty password not allowed - see allowEmptyPassword option.');
} else {
if (@ldap_bind($this->_resource, $username, $password)) {
$this->_boundUser = $username;
return $this;
}
$message = $username === null ? $this->_connectString : $username;
/**
* @see Zend_Ldap_Exception
*/
#require_once 'Zend/Ldap/Exception.php';
switch ($this->getLastErrorCode()) {
case Zend_Ldap_Exception::LDAP_SERVER_DOWN:
/* If the error is related to establishing a connection rather than binding,
* the connect string is more informative than the username.
*/
$message = $this->_connectString;
}
$zle = new Zend_Ldap_Exception($this, $message);
}
$this->disconnect();
throw $zle;
}
public function testCoreExplodeDnWithMultiValuedRdn()
{
$dn = 'cn=name1+uid=user,cn=name2,dc=example,dc=org';
$k = array();
$v = array();
$this->assertTrue(Zend_Ldap_Dn::checkDn($dn, $k, $v));
$ke = array(array('cn', 'uid'), 'cn', 'dc', 'dc');
$ve = array(array('name1', 'user'), 'name2', 'example', 'org');
$this->assertEquals($ke, $k);
$this->assertEquals($ve, $v);
$dn = 'cn=name11+cn=name12,cn=name2,dc=example,dc=org';
$this->assertFalse(Zend_Ldap_Dn::checkDn($dn));
$dn = 'CN=name11+Cn=name12,cn=name2,dc=example,dc=org';
$this->assertFalse(Zend_Ldap_Dn::checkDn($dn));
}
