/**
* Update the entry on the directory server
*
* This will evaluate all changes made so far and send them
* to the directory server.
* Please note, that if you make changes to objectclasses wich
* have mandatory attributes set, update() will currently fail.
* Remove the entry from the server and readd it as new in such cases.
* This also will deal with problems with setting structural object classes.
*
* @param Net_LDAP2 $ldap If passed, a call to setLDAP() is issued prior update, thus switching the LDAP-server. This is for perl-ldap interface compliance
*
* @access public
* @return true|Net_LDAP2_Error
* @todo Entry rename with a DN containing special characters needs testing!
*/
public function update($ldap = null)
{
if ($ldap) {
$msg = $this->setLDAP($ldap);
if (Net_LDAP2::isError($msg)) {
return PEAR::raiseError('You passed an invalid $ldap variable to update()');
}
}
// ensure we have a valid LDAP object
$ldap =& $this->getLDAP();
if (!$ldap instanceof Net_LDAP2) {
return PEAR::raiseError("The entries LDAP object is not valid");
}
// Get and check link
$link = $ldap->getLink();
if (!is_resource($link)) {
return PEAR::raiseError("Could not update entry: internal LDAP link is invalid");
}
/*
* Delete the entry
*/
if (true === $this->_delete) {
return $ldap->delete($this);
}
/*
* New entry
*/
if (true === $this->_new) {
$msg = $ldap->add($this);
if (Net_LDAP2::isError($msg)) {
return $msg;
}
$this->_new = false;
$this->_changes['add'] = array();
$this->_changes['delete'] = array();
$this->_changes['replace'] = array();
$this->_original = $this->_attributes;
$return = true;
return $return;
}
/*
* Rename/move entry
*/
if (false == is_null($this->_newdn)) {
if ($ldap->getLDAPVersion() !== 3) {
return PEAR::raiseError("Renaming/Moving an entry is only supported in LDAPv3");
}
// make dn relative to parent (needed for ldap rename)
$parent = Net_LDAP2_Util::ldap_explode_dn($this->_newdn, array('casefolding' => 'none', 'reverse' => false, 'onlyvalues' => false));
if (Net_LDAP2::isError($parent)) {
return $parent;
}
$child = array_shift($parent);
// maybe the dn consist of a multivalued RDN, we must build the dn in this case
// because the $child-RDN is an array!
if (is_array($child)) {
$child = Net_LDAP2_Util::canonical_dn($child);
}
$parent = Net_LDAP2_Util::canonical_dn($parent);
// rename/move
if (false == @ldap_rename($link, $this->_dn, $child, $parent, true)) {
return PEAR::raiseError("Entry not renamed: " . @ldap_error($link), @ldap_errno($link));
}
// reflect changes to local copy
$this->_dn = $this->_newdn;
$this->_newdn = null;
}
/*
* Carry out modifications to the entry
*/
// ADD
foreach ($this->_changes["add"] as $attr => $value) {
// if attribute exists, add new values
if ($this->exists($attr)) {
if (false === @ldap_mod_add($link, $this->dn(), array($attr => $value))) {
return PEAR::raiseError("Could not add new values to attribute {$attr}: " . @ldap_error($link), @ldap_errno($link));
}
} else {
// new attribute
if (false === @ldap_modify($link, $this->dn(), array($attr => $value))) {
return PEAR::raiseError("Could not add new attribute {$attr}: " . @ldap_error($link), @ldap_errno($link));
}
}
// all went well here, I guess
unset($this->_changes["add"][$attr]);
}
// DELETE
foreach ($this->_changes["delete"] as $attr => $value) {
// In LDAPv3 you need to specify the old values for deleting
if (is_null($value) && $ldap->getLDAPVersion() === 3) {
$value = $this->_original[$attr];
}
if (false === @ldap_mod_del($link, $this->dn(), array($attr => $value))) {
return PEAR::raiseError("Could not delete attribute {$attr}: " . @ldap_error($link), @ldap_errno($link));
}
unset($this->_changes["delete"][$attr]);
}
// REPLACE
foreach ($this->_changes["replace"] as $attr => $value) {
if (false === @ldap_modify($link, $this->dn(), array($attr => $value))) {
return PEAR::raiseError("Could not replace attribute {$attr} values: " . @ldap_error($link), @ldap_errno($link));
}
unset($this->_changes["replace"][$attr]);
}
// all went well, so _original (server) becomes _attributes (local copy)
$this->_original = $this->_attributes;
$return = true;
return $return;
}
public function removeUser($dn)
{
$entry = array();
$entry['member'] = $dn;
if (ldap_mod_del($this->ldapconn, $this->dn, $entry) === false) {
return false;
} else {
return true;
}
}
/**
* Delete an LDAP entry
*
* @param string|Zend_Ldap_Dn $dn
* @param array $data
* @return Zend_Ldap *Provides a fluid interface*
* @throws Zend_Ldap_Exception
*/
public function deleteProperty($dn, array $data)
{
if ($dn instanceof Zend_Ldap_Dn) {
$dn = $dn->toString();
}
$isDeleted = @ldap_mod_del($this->getResource(), $dn, $data);
if ($isDeleted === false) {
/**
* @see Zend_Ldap_Exception
*/
require_once 'Zend/Ldap/Exception.php';
throw new Zend_Ldap_Exception($this, 'deleting: ' . $dn);
}
return $this;
}
/**
* Delete a LDAP attribute in entry
* Ldap object connect and bind must have been done
*
* @param string $dn DN entry key
* @param array $info Attributes array
* @param User $user Objet user that create
* @return int <0 if KO, >0 if OK
*/
function deleteAttribute($dn, $info, $user)
{
global $conf;
dol_syslog(get_class($this) . "::deleteAttribute dn=" . $dn . " info=" . join(',', $info));
// Check parameters
if (!$this->connection) {
$this->error = "NotConnected";
return -2;
}
if (!$this->bind) {
$this->error = "NotConnected";
return -3;
}
// Encode to LDAP page code
$dn = $this->convFromOutputCharset($dn, $this->ldapcharset);
foreach ($info as $key => $val) {
if (!is_array($val)) {
$info[$key] = $this->convFromOutputCharset($val, $this->ldapcharset);
}
}
$this->dump($dn, $info);
//print_r($info);
$result = @ldap_mod_del($this->connection, $dn, $info);
if ($result) {
dol_syslog(get_class($this) . "::deleteAttribute successfull", LOG_DEBUG);
return 1;
} else {
$this->error = @ldap_error($this->connection);
dol_syslog(get_class($this) . "::deleteAttribute failed: " . $this->error, LOG_ERR);
return -1;
}
}
/**
* Remove a contact from a group
*
* @param string $group The group to remove a user from
* @param string $contactDn The DN of a contact to remove from the group
* @return bool
*/
public function removeContact($group, $contactDn)
{
// Find the parent dn
$groupInfo = $this->info($group, array("cn"));
if ($groupInfo[0]["dn"] === NULL) {
return false;
}
$groupDn = $groupInfo[0]["dn"];
$del = array();
$del["member"] = $contactDn;
$result = @ldap_mod_del($this->adldap->getLdapConnection(), $groupDn, $del);
if ($result == false) {
return false;
}
return true;
}
if ($oldchildcn != "" && $childcn != "" && $oldchildcn != $childcn) {
echo "CN aendern<br>";
# hier noch Syntaxcheck
$entry['cn'] = $childcn;
$result = ldap_mod_replace($ds, $childDN, $entry);
if ($result) {
$mesg = "AU Name erfolgreich geaendert<br><br>";
} else {
$mesg = "Fehler beim aendern des AU Namen<br><br>";
}
}
if ($oldchildcn != "" && $childcn == "") {
echo "CN loeschen<br>";
# hier noch Syntaxcheck
$entry['cn'] = $oldchildcn;
$result = ldap_mod_del($ds, $childDN, $entry);
if ($result) {
$mesg = "AU Name erfolgreich geloescht<br><br>";
} else {
$mesg = "Fehler beim loeschen des AU Namen<br><br>";
}
}
#######################################
# OU
if ($oldchildou == $childou) {
#$mesg = "keine Aenderung<br>";
}
if ($oldchildou != "" && $childou != "" && $oldchildou != $childou) {
echo "OU aendern<br>";
# hier noch Syntaxcheck
# Formulareingaben anpassen
/**
* Sets a script running on the backend.
*
* @param array $script The filter script information. Passed elements:
* - 'name': (string) the script name.
* - 'recipes': (array) the filter recipe objects.
* - 'script': (string) the filter script.
*
* @throws Ingo_Exception
*/
public function setScriptActive($script)
{
$ldapcn = $this->_connect();
$values = $this->_getScripts($ldapcn, $userDN);
$found = false;
foreach ($values as $i => $value) {
if (strpos($value, "# Sieve Filter\n") !== false) {
if (empty($script['script'])) {
unset($values[$i]);
} else {
$values[$i] = $script['script'];
}
$found = true;
break;
}
}
if (!$found && !empty($script['script'])) {
$values[] = $script['script'];
}
$replace = array(Horde_String::lower($this->_params['script_attribute']) => $values);
$r = empty($values) ? @ldap_mod_del($ldapcn, $userDN, $replace) : @ldap_mod_replace($ldapcn, $userDN, $replace);
if (!$r) {
throw new Ingo_Exception(sprintf(_("Activating the script for \"%s\" failed: (%d) %s"), $userDN, ldap_errno($ldapcn), ldap_error($ldapcn)));
}
@ldap_close($ldapcn);
}
public function delAttribute($dn, $attrib)
{
$arr = array();
$arr[$attrib] = array();
$status = ldap_mod_del($this->conn, $dn, $arr);
if (!$status) {
$status = ldap_error($this->conn);
}
return $status;
}
function removeValues($dn, $Attributes)
{
ldap_mod_del($this->LC, $dn, $Attributes);
}
$entry["macAddress"][0] = "aa:bb:cc:dd:ee:ff";
ldap_modify($ds, $dn, $entry);
/* #### DELETE ENTRIE ### */
$dn = "cn=MyDeleter,ou=Networks,dc=example,dc=com";
echo "\nDelete " . $dn;
ldap_delete($ds, $dn);
/* #### MOD ADD ### */
$dn = "cn=groupname,cn=groups,dc=example,dc=com";
echo "\nModAdd " . $dn;
$entry['memberuid'] = "username";
ldap_mod_add($ds, $dn, $entry);
/* #### MOD DELETE ### */
$dn = "cn=groupname,cn=groups,dc=example,dc=com";
echo "\nModDel " . $dn;
$entry['memberuid'] = "username";
ldap_mod_del($ds, $dn, $entry);
/* #### MOD REPLACE ### */
$dn = "cn=groupname,cn=groups,dc=example,dc=com";
echo "\nModReplace " . $dn;
$entry['memberuid'] = "username";
ldap_mod_replace($ds, $dn, $entry);
/* ### SEARCH ### */
$dn = "o=My Company, c=USs";
echo "\nSearch " . $dn;
$filter = "(|(sn=jeantet)(givenname=jeantet*))";
$justthese = array("ou", "sn", "givenname", "mail");
$cookie = 'cookie';
ldap_control_paged_result($ds, 23, true, $cookie);
$sr = ldap_search($ds, $dn, $filter, $justthese);
$info = ldap_get_entries($ds, $sr);
echo "\n\t" . $info["count"] . " entries returned";
/**
* Delete attribute values from current attributes.
*
* @param string $dn
* @param array $entry
*
* @return bool
*/
public function modDelete($dn, array $entry)
{
if ($this->suppressErrors) {
return @ldap_mod_del($this->getConnection(), $dn, $entry);
}
return ldap_mod_del($this->getConnection(), $dn, $entry);
}
$del[$attrmap["{$key}"]][] = $item_vals["{$key}"][$j];
$add_r[$attrmap["{$key}"]][] = $val;
} else {
$add_r[$attrmap["{$key}"]][] = $val;
}
}
}
}
if (isset($del)) {
if ($config[ldap_debug] == 'true') {
print "<b>DEBUG(LDAP): ldap_mod_del(): DN='{$dn}'</b><br>\n";
print "<b>DEBUG(LDAP): ldap_mod_del(): Data:";
print_r($del);
print "</b><br>\n";
}
@ldap_mod_del($ds, $dn, $del);
}
if (isset($add_r)) {
if ($config[ldap_debug] == 'true') {
print "<b>DEBUG(LDAP): ldap_mod_add(): DN='{$dn}'</b><br>\n";
print "<b>DEBUG(LDAP): ldap_mod_add(): Data:";
print_r($add_r);
print "</b><br>\n";
}
@ldap_mod_add($ds, $dn, $add_r);
}
}
if (@ldap_error($ds) == 'Success') {
echo "<b>The changes were successfully commited to the directory</b><br>\n";
} else {
echo "<b>LDAP ERROR: " . ldap_error($ds) . "</b><br>\n";
echo "Ändern: ";
print_r($filemod);
echo "<br>";
if (ldap_mod_replace($ds, $pxeDN, $filemod)) {
$mesg = "PXE Dateiname(n) erfolgreich geändert<br><br>";
} else {
$mesg = "Fehler beim ändern des(r) PXE Dateinamens!<br><br>";
}
$modfi = 0;
}
# dann löschen
if ($delfi == 1) {
echo "Löschen: ";
print_r($filedel);
echo "<br>";
if (ldap_mod_del($ds, $pxeDN, $filedel)) {
$mesg = "PXE Dateiname(n) erfolgreich gelöscht<br><br>";
} else {
$mesg = "Fehler beim löschen des PXE Dateinamens !<br><br>";
}
$delfi = 0;
}
}
# PXE Dateiname neu anlegen
if ($newfilename == "") {
}
if ($newfilename != "") {
echo "PXE Dateiname hinzufügen";
$fileadd['filename'] = $newfilename;
if (ldap_mod_add($ds, $pxeDN, $fileadd)) {
$mesg = "PXE Dateiname <b>" . $newfilename . "</b> erfolgreich angelegt<br><br>";
function delMemberFromGroup($object_name, $uid)
{
$group_cn = "cn=" . $object_name . "," . $this->getLdapGroupDn();
$members = $this->getLdapUserDn($uid);
$group_info['member'] = $members;
@ldap_mod_del($this->ldapResource, $group_cn, $group_info);
if (@ldap_error($this->ldapResource) == "Success") {
return true;
} else {
return false;
}
}
function group_del_user($group, $user)
{
//find the parent dn
$group_info = $this->group_info($group, array("cn"));
if ($group_info[0]["dn"] == NULL) {
return false;
}
$group_dn = $group_info[0]["dn"];
//find the child dn
$user_info = $this->user_info($user, array("cn"));
if ($user_info[0]["dn"] == NULL) {
return false;
}
$user_dn = $user_info[0]["dn"];
$del = array();
$del["member"] = $user_dn;
$result = @ldap_mod_del($this->_conn, $group_dn, $del);
if ($result == false) {
return false;
}
return true;
}
echo "<br><b>RemoteBoot Dienst:</b> <br><br>";
for ($j = 0; $j < count($rbs); $j++) {
$rbsadd = array();
$rbsdel = array();
$hostexp = ldap_explode_dn($hostDN[$j], 1);
if ($rbs[$j] != $oldrbs[$j]) {
echo "<b>{$hostexp['0']}</b> - ";
$exp = ldap_explode_dn($rbs[$j], 1);
$rbscn = $exp[0];
$oldexp = ldap_explode_dn($oldrbs[$j], 1);
$oldrbscn = $oldexp[0];
if ($rbs[$j] == "") {
$rbsdel['hlprbservice'] = array();
$rbsdel['dhcpoptnext-server'] = array();
$rbsdel['dhcpoptfilename'] = array();
$result = ldap_mod_del($ds, $hostDN[$j], $rbsdel);
if ($result) {
echo "erfolgreich ausgetragen, alter Wert: <b>{$oldrbscn}</b> <br>";
} else {
echo "Fehler beim austragen aus Remote Boot Dienst <b>{$oldrbscn}</b> <br>";
}
} else {
$rbsdhcpdata = get_node_data($rbs[$j], array("tftpserverip", "initbootfile"));
$rbsadd['hlprbservice'] = $rbs[$j];
$rbsadd['dhcpoptnext-server'] = $rbsdhcpdata['tftpserverip'];
$rbsadd['dhcpoptfilename'] = $rbsdhcpdata['initbootfile'];
if ($oldrbs[$j] == "") {
$result = ldap_mod_add($ds, $hostDN[$j], $rbsadd);
if ($result) {
echo "erfolgreich eingetragen: <b>{$rbscn}</b> (Next-Server: ";
print $rbsadd['dhcpoptnext-server'] . " / Filename: " . $rbsadd['dhcpoptfilename'] . ")<br>";
/**
* Performs a request against the LDAP server
*
* The type of request (and the corresponding PHP ldap function called)
* depend on two additional parameters, added in respect to the
* DB_common interface.
*
* @param string $filter text of the request to send to the LDAP server
* @param string $action type of request to perform, defaults to search (ldap_search())
* @param array $params array of additional parameters to pass to the PHP ldap function requested
* @return result from ldap function or DB Error object if no result
*/
function simpleQuery($filter, $action = null, $params = null)
{
if ($action === null) {
$action = !empty($this->q_action) ? $this->q_action : $this->action;
}
if ($params === null) {
$params = count($this->q_params) > 0 ? $this->q_params : array();
}
if (!$this->isManip($action)) {
$base = $this->q_base ? $this->q_base : $this->base;
$attributes = array();
$attrsonly = 0;
$sizelimit = 0;
$timelimit = 0;
$deref = LDAP_DEREF_NEVER;
$sorting = '';
$sorting_method = '';
reset($params);
while (list($k, $v) = each($params)) {
if (isset(${$k})) {
${$k} = $v;
}
}
$this->sorting = $sorting;
$this->sorting_method = $sorting_method;
$this->attributes = $attributes;
# double escape char for filter: '(o=Przedsi\C4\99biorstwo)' => '(o=Przedsi\\C4\\99biorstwo)'
$filter = str_replace('\\', '\\\\', $filter);
$this->last_query = $filter;
if ($action == 'search') {
$result = @ldap_search($this->connection, $base, $filter, $attributes, $attrsonly, $sizelimit, $timelimit, $deref);
} else {
if ($action == 'list') {
$result = @ldap_list($this->connection, $base, $filter, $attributes, $attrsonly, $sizelimit, $timelimit, $deref);
} else {
if ($action == 'read') {
$result = @ldap_read($this->connection, $base, $filter, $attributes, $attrsonly, $sizelimit, $timelimit, $deref);
} else {
return $this->ldapRaiseError(DB_ERROR_UNKNOWN_LDAP_ACTION);
}
}
}
if (!$result) {
return $this->ldapRaiseError();
}
} else {
# If first argument is an array, it contains the entry with DN.
if (is_array($filter)) {
$entry = $filter;
$filter = $entry["dn"];
} else {
$entry = array();
}
unset($entry["dn"]);
$attribute = '';
$value = '';
$newrdn = '';
$newparent = '';
$deleteoldrdn = false;
reset($params);
while (list($k, $v) = each($params)) {
if (isset(${$k})) {
${$k} = $v;
}
}
$this->last_query = $filter;
if ($action == 'add') {
$result = @ldap_add($this->connection, $filter, $entry);
} else {
if ($action == 'compare') {
$result = @ldap_add($this->connection, $filter, $attribute, $value);
} else {
if ($action == 'delete') {
$result = @ldap_delete($this->connection, $filter);
} else {
if ($action == 'modify') {
$result = @ldap_modify($this->connection, $filter, $entry);
} else {
if ($action == 'mod_add') {
$result = @ldap_mod_add($this->connection, $filter, $entry);
} else {
if ($action == 'mod_del') {
$result = @ldap_mod_del($this->connection, $filter, $entry);
} else {
if ($action == 'mod_replace') {
$result = @ldap_mod_replace($this->connection, $filter, $entry);
} else {
if ($action == 'rename') {
$result = @ldap_rename($this->connection, $filter, $newrdn, $newparent, $deleteoldrdn);
} else {
return $this->ldapRaiseError(DB_ERROR_UNKNOWN_LDAP_ACTION);
}
}
}
}
}
}
}
}
if (!$result) {
return $this->ldapRaiseError();
}
}
$this->freeQuery();
return $result;
}
public static function save($user)
{
// create LDAP connection
//
$ldapConnectionConfig = Config::get('ldap.connections.' . App::environment());
$ldapHost = $ldapConnectionConfig['host'];
$ldapPort = $ldapConnectionConfig['port'];
$ldapConnection = ldap_connect($ldapHost, $ldapPort);
if ($ldapConnection) {
// query LDAP for user info
//
ldap_set_option($ldapConnection, LDAP_OPT_PROTOCOL_VERSION, 3);
$ldapUser = $ldapConnectionConfig['users']['web_user'];
$ldapbind = ldap_bind($ldapConnection, $ldapUser['user'], $ldapUser['password']);
$dn = 'swampUuid=' . $user->user_uid . ',ou=people,o=SWAMP,dc=cosalab,dc=org';
$entry = self::userToEntry($user);
// LDAP blank affiliation
//
if ($user->affiliation == null) {
// delete empty affiliation attribute
//
unset($entry["o"]);
try {
$response = ldap_mod_del($ldapConnection, $dn, array('o' => array()));
} catch (\ErrorException $e) {
// trying to clear out attribute that is already cleared
//
if ($e->getMessage() != "ldap_mod_del(): Modify: No such attribute") {
throw $e;
}
}
}
// LDAP blank telephone
//
if ($user->phone == null) {
// delete empty phone attribute
//
unset($entry["telephoneNumber"]);
try {
$response = ldap_mod_del($ldapConnection, $dn, array('telephoneNumber' => array()));
} catch (\ErrorException $e) {
// trying to clear out attribute that is already cleared
//
if ($e->getMessage() != "ldap_mod_del(): Modify: No such attribute") {
throw $e;
}
}
}
// modify remaining attributes
//
$response = ldap_modify($ldapConnection, $dn, $entry);
// close LDAP connection
//
ldap_close($ldapConnection);
return $user;
}
}
/**
* Makes changes to a group
*
* @param mixed $group
* @param array $members
* @return boolean
*/
public static function changeGroupMemberships($group, $add, $delete)
{
$db = \App::get('db');
if (empty($db)) {
return false;
}
$conn = self::getLDO();
if (empty($conn)) {
return false;
}
$ldap_params = \Component::params('com_system');
$hubLDAPBaseDN = $ldap_params->get('ldap_basedn', '');
if (is_numeric($group) && $group >= 0) {
$dn = 'ou=groups,' . $hubLDAPBaseDN;
$filter = '(gidNumber=' . $group . ')';
} else {
$dn = "cn={$group},ou=groups," . $hubLDAPBaseDN;
$filter = '(objectclass=*)';
}
$reqattr = array('gidNumber', 'cn');
$entry = ldap_search($conn, $dn, $filter, $reqattr, 0, 1, 0);
$count = ldap_count_entries($conn, $entry);
// If there was a database entry, but there was no ldap entry, create the ldap entry
if ($count <= 0) {
return false;
}
$ldapinfo = null;
if ($count > 0) {
$firstentry = ldap_first_entry($conn, $entry);
$attr = ldap_get_attributes($conn, $firstentry);
if (!empty($attr) && $attr['count'] > 0) {
foreach ($reqattr as $key) {
unset($attr[$key]['count']);
if (isset($attr[$key][0])) {
if (count($attr[$key]) <= 2) {
$ldapinfo[$key] = $attr[$key][0];
} else {
$ldapinfo[$key] = $attr[$key];
}
} else {
$ldapinfo[$key] = null;
}
}
}
}
if (empty($ldapinfo)) {
return false;
}
if (!empty($add)) {
$add = array_map(array($db, "Quote"), $add);
$addin = implode(",", $add);
if (!empty($addin)) {
$query = "SELECT username FROM #__users WHERE id IN ({$addin}) OR username IN ({$addin});";
$db->setQuery($query);
$add = $db->loadColumn();
}
$adds = array();
foreach ($add as $memberUid) {
$adds['memberUid'][] = $memberUid;
}
if (ldap_mod_add($conn, $dn, $adds) == false) {
// if bulk add fails, try individual
foreach ($add as $memberUid) {
ldap_mod_add($conn, $dn, array('memberUid' => $memberUid));
}
}
}
if (!empty($delete)) {
$delete = array_map(array($db, "Quote"), $delete);
$deletein = implode(",", $delete);
if (!empty($deletein)) {
$query = "SELECT username FROM #__users WHERE id IN ({$deletein}) OR username IN ({$deletein});";
$db->setQuery($query);
$delete = $db->loadColumn();
}
$deletes = array();
foreach ($delete as $memberUid) {
$deletes['memberUid'][] = $memberUid;
}
ldap_mod_del($conn, $dn, $deletes);
}
}
function update($id, $owner, $fields, $access = NULL, $cat_id = NULL, $tid = NULL)
{
// access, cat_id and tid can be in $fields now or as extra params
foreach (array('access', 'cat_id', 'tid') as $extra) {
if (!is_null(${$extra})) {
$fields[$extra] = ${$extra};
}
if (isset($fields[$extra])) {
$stock_fields[$extra] = $fields[$extra];
}
}
$nonfields = $this->non_contact_fields;
if (!$GLOBALS['phpgw_info']['server']['ldap_contact_context']) {
return False;
}
/* First make sure that id number exists */
$sri = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_contact_context'], 'uidnumber=' . (int) $id);
$ldap_fields = ldap_get_entries($this->ldap, $sri);
if ($ldap_fields[0]['dn']) {
$dn = $ldap_fields[0]['dn'];
list($stock_fields, $stock_fieldnames, $extra_fields) = $this->split_stock_and_extras($fields);
if (@is_array($stock_fieldnames)) {
/*
Check each value, add our extra attributes if they are missing, and
otherwise fix the entry while we can.
*/
/* Verify uidnumber */
$stock_fields['id'] = $id;
if (empty($ldap_fields[0]['uidnumber'])) {
$err = ldap_modify($this->ldap, $dn, array('uidnumber' => $stock_fields['uidnumber']));
} elseif (!$ldap_fields[0]['uidnumber']) {
$err = ldap_mod_add($this->ldap, $dn, array('uidnumber' => $stock_fields['uidnumber']));
}
/* Verify uid */
$uids = split(',', $dn);
$stock_fields['lid'] = $uids[0];
if (empty($ldap_fields[0]['uid'])) {
$err = ldap_modify($this->ldap, $dn, array('uid' => $stock_fields['lid']));
} elseif (!$ldap_fields[0]['uid']) {
$err = ldap_mod_add($this->ldap, $dn, array('uid' => $stock_fields['lid']));
}
/* Verify objectclasses are there */
if (empty($ldap_fields[0]['objectclass'])) {
/* $stock_fields['objectclass'][0] = 'person'; */
$stock_fields['objectclass'][0] = 'organizationalPerson';
$stock_fields['objectclass'][1] = 'inetOrgPerson';
$stock_fields['objectclass'][2] = 'phpgwContact';
$err = ldap_modify($this->ldap, $dn, array('objectclass' => $stock_fields['objectclass']));
} elseif (!$ldap_fields[0]['objectclass']) {
/* $stock_fields['objectclass'][0] = 'person'; */
$stock_fields['objectclass'][0] = 'organizationalPerson';
$stock_fields['objectclass'][1] = 'inetOrgPerson';
$stock_fields['objectclass'][2] = 'phpgwContact';
$err = ldap_mod_add($this->ldap, $dn, array('objectclass' => $stock_fields['objectclass']));
}
/* Verify owner */
$stock_fields['owner'] = $owner;
if (empty($ldap_fields[0]['phpgwcontactowner'])) {
$err = ldap_modify($this->ldap, $dn, array('phpgwcontactowner' => $stock_fields['owner']));
} elseif (!$ldap_fields[0]['phpgwcontactowner']) {
$err = ldap_mod_add($this->ldap, $dn, array('phpgwcontactowner' => $stock_fields['owner']));
}
/* Verify access */
$stock_fields['access'] = $fields['access'];
if (empty($ldap_fields[0]['phpgwcontactaccess'])) {
$err = ldap_modify($this->ldap, $dn, array('phpgwcontactaccess' => $stock_fields['access']));
} elseif (!$ldap_fields[0]['phpgwcontactaccess']) {
$err = ldap_mod_add($this->ldap, $dn, array('phpgwcontactaccess' => $stock_fields['access']));
}
/* Verify cat_id */
$stock_fields['cat_id'] = $fields['cat_id'] ? $fields['cat_id'] : ' ';
if (empty($ldap_fields[0]['phpgwcontactcatid'])) {
$err = ldap_modify($this->ldap, $dn, array('phpgwcontactcatid' => $stock_fields['cat_id']));
} elseif (!$ldap_fields[0]['phpgwcontactcatid']) {
$err = ldap_mod_add($this->ldap, $dn, array('phpgwcontactcatid' => $stock_fields['cat_id']));
}
/* Verify tid */
$stock_fields['tid'] = $fields['tid'];
if (empty($ldap_fields[0]['phpgwcontacttypeid'])) {
$err = ldap_modify($this->ldap, $dn, array('phpgwcontacttypeid' => $stock_fields['tid']));
} elseif (!$ldap_fields[0]['phpgwcontacttypeid']) {
$err = ldap_mod_add($this->ldap, $dn, array('phpgwcontacttypeid' => $stock_fields['tid']));
}
/* OK, just mod the data already */
$allfields = $stock_fieldnames + $nonfields;
/* Don't try to modify the uid, since this affects the dn */
unset($allfields['lid']);
foreach ($allfields as $fname => $fvalue) {
if ($ldap_fields[0][$fvalue] && $stock_fields[$fname] && $ldap_fields[0][$fvalue][0] != $stock_fields[$fname]) {
//echo "<br>".$fname." => ".$fvalue." was there";
$err = ldap_modify($this->ldap, $dn, array($fvalue => utf8_encode($stock_fields[$fname])));
} elseif (!$ldap_fields[0][$fvalue] && $stock_fields[$fname]) {
//echo "<br>".$fname." not there - '".$fvalue."'";
$err = ldap_mod_add($this->ldap, $dn, array($fvalue => utf8_encode($stock_fields[$fname])));
} elseif ($ldap_fields[0][$fvalue] && !$stock_fields[$fname]) {
//echo "<br>".$fname." gone... deleting - '".$fvalue."'";
/*
NOTE: we use the ldap_fields because we need to send the
_ORIGINAL_ contents as the value. see:
http://www.php.net/manual/en/function.ldap-mod-del.php
*/
$err = ldap_mod_del($this->ldap, $dn, array($fvalue => $ldap_fields[0][$fvalue][0]));
}
/* Else we have nothing to do. */
}
}
//something here to update the last_mod from $GLOBALS['phpgw']->datetime->gmtnow
foreach ($extra_fields as $x_name => $x_value) {
if ($this->field_exists($id, $x_name)) {
if (!$x_value) {
$this->delete_single_extra_field($id, $x_name);
} else {
$this->db->query("UPDATE {$this->ext_table} SET contact_value='" . addslashes($x_value) . "',contact_owner='{$owner}' WHERE contact_name='" . addslashes($x_name) . "' AND contact_id='" . (int) $id . "'", __LINE__, __FILE__);
}
} else {
$this->add_single_extra_field($id, $owner, $x_name, $x_value);
}
}
} else {
return False;
}
}
/**
* Modifies the specified entry in the LDAP directory.
*
* @param Turba_Object $object The object we wish to save.
*
* @return string The object id, possibly updated.
* @throw Turba_Exception
*/
protected function _save(Turba_Object $object)
{
$this->_connect();
list($object_key, $object_id) = each($this->toDriverKeys(array('__key' => $object->getValue('__key'))));
$attributes = $this->toDriverKeys($object->getAttributes());
/* Get the old entry so that we can access the old
* values. These are needed so that we can delete any
* attributes that have been removed by using ldap_mod_del. */
if (empty($this->_params['objectclass'])) {
$filter = null;
} else {
$filter = (string) Horde_Ldap_Filter::build(array('objectclass' => $this->_params['objectclass']), 'or');
}
$oldres = @ldap_read($this->_ds, Horde_String::convertCharset($object_id, 'UTF-8', $this->_params['charset']), $filter, array_merge(array_keys($attributes), array('objectclass')));
$info = ldap_get_attributes($this->_ds, ldap_first_entry($this->_ds, $oldres));
if ($this->_params['version'] == 3 && Horde_String::lower(str_replace(array(',', '"'), array('\\2C', ''), $this->_makeKey($attributes))) != Horde_String::lower(str_replace(',', '\\2C', $object_id))) {
/* Need to rename the object. */
$newrdn = $this->_makeRDN($attributes);
if ($newrdn == '') {
throw new Turba_Exception(_("Missing DN in LDAP source configuration."));
}
if (ldap_rename($this->_ds, Horde_String::convertCharset($object_id, 'UTF-8', $this->_params['charset']), Horde_String::convertCharset($newrdn, 'UTF-8', $this->_params['charset']), $this->_params['root'], true)) {
$object_id = $newrdn . ',' . $this->_params['root'];
} else {
throw new Turba_Exception(sprintf(_("Failed to change name: (%s) %s; Old DN = %s, New DN = %s, Root = %s"), ldap_errno($this->_ds), ldap_error($this->_ds), $object_id, $newrdn, $this->_params['root']));
}
}
/* Work only with lowercase keys. */
$info = array_change_key_case($info, CASE_LOWER);
$attributes = array_change_key_case($attributes, CASE_LOWER);
foreach ($info as $key => $var) {
$oldval = null;
/* Check to see if the old value and the new value are
* different and that the new value is empty. If so then
* we use ldap_mod_del to delete the attribute. */
if (isset($attributes[$key]) && $var[0] != $attributes[$key] && $attributes[$key] == '') {
$oldval[$key] = $var[0];
if (!@ldap_mod_del($this->_ds, Horde_String::convertCharset($object_id, 'UTF-8', $this->_params['charset']), $oldval)) {
throw new Turba_Exception(sprintf(_("Modify failed: (%s) %s"), ldap_errno($this->_ds), ldap_error($this->_ds)));
}
unset($attributes[$key]);
} elseif (isset($attributes[$key]) && $var[0] == $attributes[$key]) {
/* Drop unchanged elements from list of attributes to write. */
unset($attributes[$key]);
}
}
unset($attributes[Horde_String::lower($object_key)]);
$this->_encodeAttributes($attributes);
$attributes = array_filter($attributes, array($this, '_emptyAttributeFilter'));
/* Modify objectclasses only if they really changed. */
$oldClasses = array_map(array('Horde_String', 'lower'), $info['objectclass']);
array_shift($oldClasses);
$attributes['objectclass'] = array_unique(array_map('strtolower', array_merge($info['objectclass'], $this->_params['objectclass'])));
unset($attributes['objectclass']['count']);
$attributes['objectclass'] = array_values($attributes['objectclass']);
/* Do not handle object classes unless they have changed. */
if (!array_diff($oldClasses, $attributes['objectclass'])) {
unset($attributes['objectclass']);
}
if (!@ldap_modify($this->_ds, Horde_String::convertCharset($object_id, 'UTF-8', $this->_params['charset']), $attributes)) {
throw new Turba_Exception(sprintf(_("Modify failed: (%s) %s"), ldap_errno($this->_ds), ldap_error($this->_ds)));
}
return $object_id;
}
/**
* @param Object $object
* @param string $action
* @param array $entry
*
* @return bool
*/
public function modify(Object $object, $action, $entry)
{
switch ($action) {
case 'add':
@ldap_mod_add($this->server->getResource(), $object->getDistinguishedName(), $entry);
break;
case 'del':
@ldap_mod_del($this->server->getResource(), $object->getDistinguishedName(), $entry);
break;
case 'replace':
@ldap_mod_replace($this->server->getResource(), $object->getDistinguishedName(), $entry);
break;
}
return true;
}
/**
* NOT TESTED
* remove a member from a group
*
* @param string $group_dn as ldap dn
* @param mixed $user
* - drupal user object (stdClass Object)
* - ldap entry of user (array) (with top level keys of 'dn', 'mail', 'sid' and 'attr' )
* - ldap dn of user (array)
* - drupal username of user (string)
*/
public function groupRemoveMember($group_dn, $user)
{
$user_ldap_entry = $this->userUserToExistingLdapEntry($user);
$result = FALSE;
if ($user_ldap_entry && $this->groupGroupEntryMembershipsConfigured) {
$del = array();
$del[$this->groupMembershipsAttr] = $user_ldap_entry['dn'];
$this->connectAndBindIfNotAlready();
$result = @ldap_mod_del($this->connection, $group_dn, $del);
}
return $result;
}
/**
* Updates the entry on the directory server.
*
* This will evaluate all changes made so far and send them to the
* directory server.
*
* If you make changes to objectclasses wich have mandatory attributes set,
* update() will currently fail. Remove the entry from the server and readd
* it as new in such cases. This also will deal with problems with setting
* structural object classes.
*
* @todo Entry rename with a DN containing special characters needs testing!
*
* @throws Horde_Ldap_Exception
*/
public function update()
{
/* Ensure we have a valid LDAP object. */
$ldap = $this->getLDAP();
/* Get and check link. */
$link = $ldap->getLink();
if (!is_resource($link)) {
throw new Horde_Ldap_Exception('Could not update entry: internal LDAP link is invalid');
}
/* Delete the entry. */
if ($this->_delete) {
return $ldap->delete($this);
}
/* New entry. */
if ($this->_new) {
$ldap->add($this);
$this->_new = false;
$this->_changes['add'] = array();
$this->_changes['delete'] = array();
$this->_changes['replace'] = array();
$this->_original = $this->_attributes;
return;
}
/* Rename/move entry. */
if (!is_null($this->_newdn)) {
if ($ldap->getVersion() != 3) {
throw new Horde_Ldap_Exception('Renaming/Moving an entry is only supported in LDAPv3');
}
/* Make DN relative to parent (needed for LDAP rename). */
$parent = Horde_Ldap_Util::explodeDN($this->_newdn, array('casefolding' => 'none', 'reverse' => false, 'onlyvalues' => false));
$child = array_shift($parent);
/* Maybe the DN consist of a multivalued RDN, we must build the DN
* in this case because the $child RDN is an array. */
if (is_array($child)) {
$child = Horde_Ldap_Util::canonicalDN($child);
}
$parent = Horde_Ldap_Util::canonicalDN($parent);
/* Rename/move. */
if (!@ldap_rename($link, $this->_dn, $child, $parent, true)) {
throw new Horde_Ldap_Exception('Entry not renamed: ' . @ldap_error($link), @ldap_errno($link));
}
/* Reflect changes to local copy. */
$this->_dn = $this->_newdn;
$this->_newdn = null;
}
/* Carry out modifications to the entry. */
foreach ($this->_changes['add'] as $attr => $value) {
/* If attribute exists, add new values. */
if ($this->exists($attr)) {
if (!@ldap_mod_add($link, $this->dn(), array($attr => $value))) {
throw new Horde_Ldap_Exception('Could not add new values to attribute ' . $attr . ': ' . @ldap_error($link), @ldap_errno($link));
}
} else {
/* New attribute. */
if (!@ldap_modify($link, $this->dn(), array($attr => $value))) {
throw new Horde_Ldap_Exception('Could not add new attribute ' . $attr . ': ' . @ldap_error($link), @ldap_errno($link));
}
}
unset($this->_changes['add'][$attr]);
}
foreach ($this->_changes['delete'] as $attr => $value) {
/* In LDAPv3 you need to specify the old values for deleting. */
if (is_null($value) && $ldap->getVersion() == 3) {
$value = $this->_original[$attr];
}
if (!@ldap_mod_del($link, $this->dn(), array($attr => $value))) {
throw new Horde_Ldap_Exception('Could not delete attribute ' . $attr . ': ' . @ldap_error($link), @ldap_errno($link));
}
unset($this->_changes['delete'][$attr]);
}
foreach ($this->_changes['replace'] as $attr => $value) {
if (!@ldap_modify($link, $this->dn(), array($attr => $value))) {
throw new Horde_Ldap_Exception('Could not replace attribute ' . $attr . ' values: ' . @ldap_error($link), @ldap_errno($link));
}
unset($this->_changes['replace'][$attr]);
}
/* All went well, so $_attributes (local copy) becomes $_original
* (server). */
$this->_original = $this->_attributes;
}
/**
* Remove an address to Exchange
* If you remove a default address the account will no longer have a default,
* we recommend changing the default address first
*
* @param string $username The username of the user to add the Exchange account to
* @param string $emailAddress The email address to add to this user
* @param bool $isGUID Is the username passed a GUID or a samAccountName
* @return bool
*/
public function deleteAddress($username, $emailAddress, $isGUID = false)
{
if ($username === NULL) {
return "Missing compulsory field [username]";
}
if ($emailAddress === NULL) {
return "Missing compulsory fields [emailAddress]";
}
// Find the dn of the user
$user = $this->adldap->user()->info($username, array("cn", "proxyaddresses"), $isGUID);
if ($user[0]["dn"] === NULL) {
return false;
}
$userDn = $user[0]["dn"];
if (is_array($user[0]["proxyaddresses"])) {
$mod = array();
for ($i = 0; $i < sizeof($user[0]['proxyaddresses']); $i++) {
if (strstr($user[0]['proxyaddresses'][$i], 'SMTP:') !== false && $user[0]['proxyaddresses'][$i] == 'SMTP:' . $emailAddress) {
$mod['proxyAddresses'][0] = 'SMTP:' . $emailAddress;
} elseif (strstr($user[0]['proxyaddresses'][$i], 'smtp:') !== false && $user[0]['proxyaddresses'][$i] == 'smtp:' . $emailAddress) {
$mod['proxyAddresses'][0] = 'smtp:' . $emailAddress;
}
}
$result = @ldap_mod_del($this->adldap->getLdapConnection(), $userDn, $mod);
if ($result == false) {
return false;
}
return true;
} else {
return false;
}
}
print_r($entryrbs);
echo "<br>";
if ($result = ldap_mod_add($ds, $hostDN, $entryrbs)) {
update_dhcpmtime(array());
rbs_adjust_host($hostDN, $rbs);
$mesg = "Remote Boot Service erfolgreich zu <b>" . $rbscn . " [Abt.: " . $rbsau . "]</b> geändert<br><br>";
} else {
$mesg = "Fehler beim ändern des Remote Boot Services zu <b>" . $rbscn . "</b>!<br><br>";
}
}
} else {
$entryrbs['hlprbservice'] = array();
$entryrbs['dhcpoptnext-server'] = array();
$entryrbs['dhcpoptfilename'] = array();
echo "RBS delete ";
echo "<br>";
if ($result = ldap_mod_del($ds, $hostDN, $entryrbs)) {
update_dhcpmtime(array());
$mesg = "Rechner erfolgreich aus RBS gelöscht<br><br>";
} else {
$mesg = "Fehler beim löschen aus RBS!<br><br>";
}
}
}
if ($rbs == "none") {
echo "RBS none <br>";
}
#####################
$mesg .= "<br>Sie werden automatisch auf die vorherige Seite zurückgeleitet. <br>\t\t\t\t\n\t\t\tFalls nicht, klicken Sie hier <a href=" . $url . " style='publink'>back</a>";
redirect($seconds, $url, $mesg, $addSessionId = TRUE);
echo "</td></tr></table></body>\n</html>";
/**
* Removes attribute value from given dn and return a true or false result
*
* @param string $dn The DN which contains the attribute you want to remove
* @param string $attribute The attribute values you want to remove
*
* @return mixed result of comparison (true, false, -1 on error)
*
* @since 12.1
*/
public function remove($dn, $attribute)
{
$resource = $this->_resource;
return @ldap_mod_del($resource, $dn, $attribute);
}
/**
* Deletes attributes from that entry.
*
* @param array $attribs The attributes to delete.
* @return boolean Returns true on success and false on failure.
*/
public function delete($attribs)
{
return ldap_mod_del($this->conn, $this->dn, $attribs);
}
<?php
require "connect.inc";
$link = ldap_connect_and_bind($host, $port, $user, $passwd, $protocol_version);
insert_dummy_data($link, $base);
$entry = array("description" => "user A");
var_dump(ldap_mod_del($link, "cn=userA,{$base}", $entry), ldap_get_entries($link, ldap_search($link, "{$base}", "(description=user A)")));
?>
===DONE===
/**
* Update a specific contact record
*
* @param mixed Record identifier
* @param array Hash array with save data
* @return boolean True on success, False on error
*/
function update($id, $save_cols)
{
$record = $this->get_record($id, true);
$result = $this->get_result();
$record = $result->first();
$newdata = array();
$replacedata = array();
$deletedata = array();
foreach ($save_cols as $col => $val) {
$fld = $this->_map_field($col);
if ($fld) {
// The field does exist compare it to the ldap record.
if ($record[$col] != $val) {
// Changed, but find out how.
if (!isset($record[$col])) {
// Field was not set prior, need to add it.
$newdata[$fld] = $val;
} elseif ($val == '') {
// Field supplied is empty, verify that it is not required.
if (!in_array($fld, $this->prop['required_fields'])) {
// It is not, safe to clear.
$deletedata[$fld] = $record[$col];
}
// end if
} else {
// The data was modified, save it out.
$replacedata[$fld] = $val;
}
// end else
}
// end if
}
// end if
}
// end foreach
$dn = base64_decode($id);
// Update the entry as required.
if (!empty($deletedata)) {
// Delete the fields.
$this->_debug("C: Delete [dn: {$dn}]: " . print_r($deletedata, true));
if (!ldap_mod_del($this->conn, $dn, $deletedata)) {
$this->_debug("S: " . ldap_error($this->conn));
return false;
}
$this->_debug("S: OK");
}
// end if
if (!empty($replacedata)) {
// Handle RDN change
if ($replacedata[$this->prop['LDAP_rdn']]) {
$newdn = $this->prop['LDAP_rdn'] . '=' . rcube_ldap::quote_string($replacedata[$this->prop['LDAP_rdn']], true) . ',' . $this->prop['base_dn'];
if ($dn != $newdn) {
$newrdn = $this->prop['LDAP_rdn'] . '=' . rcube_ldap::quote_string($replacedata[$this->prop['LDAP_rdn']], true);
unset($replacedata[$this->prop['LDAP_rdn']]);
}
}
// Replace the fields.
if (!empty($replacedata)) {
$this->_debug("C: Replace [dn: {$dn}]: " . print_r($replacedata, true));
if (!ldap_mod_replace($this->conn, $dn, $replacedata)) {
$this->_debug("S: " . ldap_error($this->conn));
return false;
}
$this->_debug("S: OK");
}
// end if
}
// end if
if (!empty($newdata)) {
// Add the fields.
$this->_debug("C: Add [dn: {$dn}]: " . print_r($newdata, true));
if (!ldap_mod_add($this->conn, $dn, $newdata)) {
$this->_debug("S: " . ldap_error($this->conn));
return false;
}
$this->_debug("S: OK");
}
// end if
// Handle RDN change
if (!empty($newrdn)) {
$this->_debug("C: Rename [dn: {$dn}] [dn: {$newrdn}]");
if (@ldap_rename($this->conn, $dn, $newrdn, NULL, TRUE)) {
$this->_debug("S: " . ldap_error($this->conn));
return base64_encode($newdn);
}
$this->_debug("S: OK");
}
return true;
}