function ldap_internal_dn_from_username($username) { global $config, $ds, $cache; if (!isset($cache['ldap']['dn'][$username])) { ldap_init(); $filter = "(" . $config['auth_ldap_attr']['uid'] . '=' . $username . ")"; print_debug("LDAP[Filter][{$filter}][" . trim($config['auth_ldap_suffix'], ', ') . "]"); $search = ldap_search($ds, trim($config['auth_ldap_suffix'], ', '), $filter); $entries = ldap_get_entries($ds, $search); if ($entries['count']) { list($cache['ldap']['dn'][$username], ) = ldap_escape_filter_value($entries[0]['dn']); } } return $cache['ldap']['dn'][$username]; }
/** * Constructor of a new part of a LDAP filter. * * Example: * ldap_filter_create('memberOf', 'name', '=') >>> '(memberOf=name)' * * @param string $param Name of the attribute the filter should apply to * @param string $value Filter value * @param string $condition Matching rule * @param boolean $escape Should $value be escaped? (default: yes) * @return string Generated filter */ function ldap_filter_create($param, $value, $condition = '=', $escape = TRUE) { if ($escape) { $value = array_shift(ldap_escape_filter_value($value)); } // Convert common rule name to ldap rule // Default rule is equals $condition = trim(strtolower($condition)); switch ($condition) { case 'ge': case '>=': $filter = '(' . $param . '>=' . $value . ')'; break; case 'le': case '<=': $filter = '(' . $param . '<=' . $value . ')'; break; case 'gt': case 'greater': case '>': $filter = '(' . $param . '>' . $value . ')'; break; case 'lt': case 'less': case '<': $filter = '(' . $param . '<' . $value . ')'; break; case 'match': case 'matches': case '~=': $filter = '(' . $param . '~=' . $value . ')'; break; case 'notmatches': case 'notmatch': case '!match': case '!~=': $filter = '(!(' . $param . '~=' . $value . '))'; break; case 'notequals': case 'isnot': case 'ne': case '!=': case '!': $filter = '(!(' . $param . '=' . $value . '))'; break; case 'equals': case 'eq': case 'is': case '==': case '=': default: $filter = '(' . $param . '=' . $value . ')'; } return $filter; }