コード例 #1
1
ファイル: SearchIterator.php プロジェクト: 81square/ldap
 protected function loadPage()
 {
     if (!ldap_control_paged_result($this->connection, $this->pageSize, true, $this->pageToken)) {
         throw new SearchException("Unable to set paged control pageSize: " . $this->pageSize);
     }
     $search = ldap_search($this->connection, $this->baseDn, $this->filter, is_array($this->attributes) ? $this->attributes : []);
     if (!$search) {
         // Something went wrong in search
         throw Connection::createLdapSearchException(ldap_errno($this->connection), $this->baseDn, $this->filter, $this->pageSize);
     }
     $this->entries = ldap_get_entries($this->connection, $search);
     $this->entriesPosition = 0;
     if (!$this->entries) {
         throw Connection::createLdapSearchException(ldap_errno($this->connection), $this->baseDn, $this->filter, $this->pageSize);
     }
     // check if on first page
     if (empty($this->pageToken)) {
         $this->currentPage = 0;
     } else {
         $this->currentPage++;
     }
     // Ok go to next page
     ldap_control_paged_result_response($this->connection, $search, $this->pageToken);
     if (empty($this->pageToken)) {
         $this->isLastPage = true;
     }
 }
コード例 #2
1
ファイル: ldap.php プロジェクト: Kevin-ZK/vaneDisk
 /**
  * @param LDAP $link
  * @param LDAP $result
  * @param string $cookie
  * @return bool|LDAP
  */
 public function controlPagedResultResponse($link, $result, &$cookie)
 {
     $this->preFunctionCall('ldap_control_paged_result_response', array($link, $result, $cookie));
     $result = ldap_control_paged_result_response($link, $result, $cookie);
     $this->postFunctionCall();
     return $result;
 }
コード例 #3
0
ファイル: ResultSet.php プロジェクト: daverandom/ldapi
 /**
  * @param int $estimated
  * @return string
  * @throws PaginationFailureException
  */
 public function controlPagedResult(&$estimated = null)
 {
     if (!ldap_control_paged_result_response($this->link, $this->result, $cookie, $estimated)) {
         throw new PaginationFailureException(ldap_error($this->link), ldap_errno($this->link));
     }
     return $cookie;
 }
コード例 #4
0
 public function getAvailableValues()
 {
     if (!empty($this->fields['values'])) {
         $ldap_values = json_decode($this->fields['values']);
         $ldap_dropdown = new RuleRightParameter();
         if (!$ldap_dropdown->getFromDB($ldap_values->ldap_attribute)) {
             return array();
         }
         $attribute = array($ldap_dropdown->fields['value']);
         $config_ldap = new AuthLDAP();
         if (!$config_ldap->getFromDB($ldap_values->ldap_auth)) {
             return array();
         }
         if (!function_exists('warning_handler')) {
             function warning_handler($errno, $errstr, $errfile, $errline, array $errcontext)
             {
                 if (0 === error_reporting()) {
                     return false;
                 }
                 throw new ErrorException($errstr, 0, $errno, $errfile, $errline);
             }
         }
         set_error_handler("warning_handler", E_WARNING);
         try {
             $tab_values = array();
             $ds = $config_ldap->connect();
             ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
             $cookie = '';
             do {
                 if (AuthLDAP::isLdapPageSizeAvailable($config_ldap)) {
                     ldap_control_paged_result($ds, $config_ldap->fields['pagesize'], true, $cookie);
                 }
                 $result = ldap_search($ds, $config_ldap->fields['basedn'], $ldap_values->ldap_filter, $attribute);
                 $entries = ldap_get_entries($ds, $result);
                 array_shift($entries);
                 foreach ($entries as $id => $attr) {
                     if (isset($attr[$attribute[0]]) && !in_array($attr[$attribute[0]][0], $tab_values)) {
                         $tab_values[$id] = $attr[$attribute[0]][0];
                     }
                 }
                 if (AuthLDAP::isLdapPageSizeAvailable($config_ldap)) {
                     ldap_control_paged_result_response($ds, $result, $cookie);
                 }
             } while ($cookie !== null && $cookie != '');
             if ($this->fields['show_empty']) {
                 $tab_values = array('' => '-----') + $tab_values;
             }
             asort($tab_values);
             return $tab_values;
         } catch (Exception $e) {
             return array();
         }
         restore_error_handler();
     } else {
         return array();
     }
 }
コード例 #5
0
ファイル: Result.php プロジェクト: dreamscapes/ldap-core
 /**
  * Retrieve the LDAP pagination cookie
  *
  * @param  string       $key    Optionally return only one of the keys: 'cookie' or 'estimated'
  * @return array|mixed          Array with two keys: 'cookie' and 'estimated' or, if `$key` was
  *                              specified, returns the value of only that key
  */
 public function pagedResultResponse($key = null)
 {
     $cookie = null;
     $estimated = null;
     @ldap_control_paged_result_response($this->link, $this->resource, $cookie, $estimated);
     switch ($key) {
         case 'cookie':
             return $cookie;
         case 'estimated':
             return $estimated;
         default:
             return ['cookie' => $cookie, 'estimated' => $estimated];
     }
 }
コード例 #6
0
ファイル: Response.php プロジェクト: alaneor/ldap
 public function __construct(Ldap $link, $result = null)
 {
     $this->result = $result;
     if (is_resource($result)) {
         // Get the status code, matched DN and referrals from the response
         ldap_parse_result($link->resource(), $result, $this->code, $this->matchedDN, $this->message, $this->referrals);
         // Get the string representation of the status code
         $this->message = ldap_err2str($this->code);
         // Extract the data from the resource
         $this->data = ldap_get_entries($link->resource(), $result);
         $this->data = $this->cleanup_result($this->data);
         // Remove the referrals array if there's nothing inside
         count($this->referrals) == 0 && ($this->referrals = null);
         // Try to extract pagination cookie and estimated number of objects to be returned
         // Since there's no way to tell if pagination has been enabled or not, I am suppressing php errors
         @ldap_control_paged_result_response($link->resource(), $result, $this->cookie, $this->estimated);
     } else {
         $this->code = ldap_errno($link->resource());
         $this->message = ldap_error($link->resource());
     }
     // Active Directory conceals some additional error codes in the ErrorMessage of the response
     // that we cannot get to with ldap_errno() in authentication failures - let's try to
     // extract them!
     if ($this->code == 49) {
         $message = null;
         ldap_get_option($link->resource(), Option::ErrorString, $message);
         if (stripos($message, 'AcceptSecurityContext') !== false) {
             $message = explode(', ', $message);
             end($message);
             $message = prev($message);
             $this->code = explode(' ', $message)[1];
             // For compatibility reasons with standard ldap, if the error code
             // is 52e let's replace it with 49 ( their meanings are equal, it's just
             // Microsoft doing it its own way again )
             if ($this->code == '52e') {
                 $this->code = ResponseCode::InvalidCredentials;
             }
         }
     }
 }
コード例 #7
0
ファイル: Ldap.php プロジェクト: diskerror/utilities
 /**
  * Search LDAP registry for entries matching filter and optional attributes
  * and return ALL values, including those beyond the usual 1000 entries, as an array.
  *
  * @param  string	$filter
  * @param  array	$attributes -OPTIONAL
  * @return array
  * @throws Exception\LdapException
  */
 public function searchAll($filter, array $attributes = [])
 {
     $ldap = $this->getResource();
     // $ds is a valid link identifier (see ldap_connect)
     ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
     $cookie = '';
     $result = [];
     do {
         ldap_control_paged_result($ldap, self::PAGE_SIZE, true, $cookie);
         Stdlib\ErrorHandler::start(E_WARNING);
         $search = ldap_search($ldap, $this->getBaseDn(), $filter, $attributes);
         Stdlib\ErrorHandler::stop();
         if ($search === false) {
             throw new Lp\Exception\LdapException($this, 'searching: ' . $filter);
         }
         $entries = $this->createCollection(new Lp\Collection\DefaultIterator($this, $search), null);
         foreach ($entries as $es) {
             $result[] = $es;
         }
         ldap_control_paged_result_response($ldap, $search, $cookie);
     } while ($cookie !== null && $cookie != '');
     return $result;
 }
コード例 #8
0
ファイル: Ldap.php プロジェクト: jbirdkerr/snipe-it
 /**
  * Searches LDAP
  *
  * @author [A. Gianotto] [<*****@*****.**>]
  * @since [v3.0]
  * @param $ldapatttibutes
  * @return array|bool
  */
 static function findLdapUsers()
 {
     $ldapconn = Ldap::connectToLdap();
     $ldap_bind = Ldap::bindAdminToLdap($ldapconn);
     $base_dn = Setting::getSettings()->ldap_basedn;
     $filter = Setting::getSettings()->ldap_filter;
     // Set up LDAP pagination for very large databases
     // @author Richard Hofman
     $page_size = 500;
     $cookie = '';
     $result_set = array();
     $global_count = 0;
     // Perform the search
     do {
         // Paginate (non-critical, if not supported by server)
         ldap_control_paged_result($ldapconn, $page_size, false, $cookie);
         $search_results = ldap_search($ldapconn, $base_dn, '(' . $filter . ')');
         if (!$search_results) {
             return redirect()->route('users')->with('error', trans('admin/users/message.error.ldap_could_not_search') . ldap_error($ldapconn));
         }
         // Get results from page
         $results = ldap_get_entries($ldapconn, $search_results);
         if (!$results) {
             return redirect()->route('users')->with('error', trans('admin/users/message.error.ldap_could_not_get_entries') . ldap_error($ldapconn));
         }
         // Add results to result set
         $global_count += $results['count'];
         $result_set = array_merge($result_set, $results);
         ldap_control_paged_result_response($ldapconn, $search_results, $cookie);
     } while ($cookie !== null && $cookie != '');
     // Clean up after search
     $result_set['count'] = $global_count;
     $results = $result_set;
     ldap_control_paged_result($ldapconn, 0);
     return $results;
 }
コード例 #9
0
 /**
  * Wrapper function for ldap_control_paged_result_response().
  *
  * @param resource $link
  *   An LDAP link identifier.
  * @param resouce $result
  *   An LDAP search result identifier.
  * @param string $cookie
  *   An opaque structure sent by the server.
  * @param int $estimated
  *   The estimated number of entries to retrieve.
  *
  * @return boolean
  *   TRUE on success.
  *
  * @throw SimpleLdapException
  */
 public static function ldap_control_paged_result_response($link, $result, &$cookie = NULL, &$estimated = NULL)
 {
     // Devel debugging.
     if (variable_get('simple_ldap_devel', FALSE)) {
         dpm(__FUNCTION__);
         dpm(array('$result' => $result, '$cookie' => $cookie, '$estimated' => $estimated));
     }
     // Wrapped function call.
     $return = @ldap_control_paged_result_response($link, $result, $cookie, $estimated);
     // Debugging.
     if (variable_get('simple_ldap_debug', FALSE)) {
         $message = __FUNCTION__ . '($link = @link, $result = @result, $cookie = @cookie, $estimated = @estimated) returns @return';
         $variables = array('@link' => print_r($link, TRUE), '@result' => print_r($result, TRUE), '@cookie' => print_r($cookie, TRUE), '@estimated' => print_r($estimated, TRUE), '@return' => print_r($return, TRUE));
         watchdog('simple_ldap', $message, $variables, WATCHDOG_DEBUG);
     }
     return $return;
 }
コード例 #10
0
ファイル: Ldap.php プロジェクト: HarkiratGhotra/application
 /**
  * Retrieve a paginated result response.
  *
  * @param resource $result
  * @paaram string $cookie
  *
  * @return bool
  *
  * @throws AdldapException
  */
 public function controlPagedResultResponse($result, &$cookie)
 {
     if ($this->isPagingSupported()) {
         if ($this->suppressErrors) {
             return @ldap_control_paged_result_response($this->getConnection(), $result, $cookie);
         }
         return ldap_control_paged_result_response($this->getConnection(), $result, $cookie);
     }
     $message = 'LDAP Pagination is not supported on your current PHP installation.';
     throw new AdldapException($message);
 }
コード例 #11
0
 /**
  * @since version 0.84 new parameter $limitexceeded
  *
  * @param $ldap_connection
  * @param $config_ldap
  * @param $filter
  * @param $search_in_groups         (true by default)
  * @param $groups             array
  * @param $limitexceeded
  **/
 static function getGroupsFromLDAP($ldap_connection, $config_ldap, $filter, $search_in_groups = true, $groups = array(), &$limitexceeded)
 {
     global $DB;
     //First look for groups in group objects
     $extra_attribute = $search_in_groups ? "cn" : $config_ldap->fields["group_field"];
     $attrs = array("dn", $extra_attribute);
     if ($filter == '') {
         if ($search_in_groups) {
             $filter = !empty($config_ldap->fields['group_condition']) ? $config_ldap->fields['group_condition'] : "(objectclass=*)";
         } else {
             $filter = !empty($config_ldap->fields['condition']) ? $config_ldap->fields['condition'] : "(objectclass=*)";
         }
     }
     $cookie = '';
     $count = 0;
     do {
         if (self::isLdapPageSizeAvailable($config_ldap)) {
             ldap_control_paged_result($ldap_connection, $config_ldap->fields['pagesize'], true, $cookie);
         }
         $filter = Toolbox::unclean_cross_side_scripting_deep($filter);
         $sr = @ldap_search($ldap_connection, $config_ldap->fields['basedn'], $filter, $attrs);
         if ($sr) {
             if (in_array(ldap_errno($ldap_connection), array(4, 11))) {
                 // openldap return 4 for Size limit exceeded
                 $limitexceeded = true;
             }
             $infos = self::get_entries_clean($ldap_connection, $sr);
             if (in_array(ldap_errno($ldap_connection), array(4, 11))) {
                 // openldap return 4 for Size limit exceeded
                 $limitexceeded = true;
             }
             $count += $infos['count'];
             //If page results are enabled and the number of results is greater than the maximum allowed
             //warn user that limit is exceeded and stop search
             if (self::isLdapPageSizeAvailable($config_ldap) && $config_ldap->fields['ldap_maxlimit'] && $count > $config_ldap->fields['ldap_maxlimit']) {
                 $limitexceeded = true;
                 break;
             }
             for ($ligne = 0; $ligne < $infos["count"]; $ligne++) {
                 if ($search_in_groups) {
                     // No cn : not a real object
                     if (isset($infos[$ligne]["cn"][0])) {
                         $cn = $infos[$ligne]["cn"][0];
                         $groups[$infos[$ligne]["dn"]] = array("cn" => $infos[$ligne]["cn"][0], "search_type" => "groups");
                     }
                 } else {
                     if (isset($infos[$ligne][$extra_attribute])) {
                         if ($config_ldap->fields["group_field"] == 'dn' || in_array('ou', $groups)) {
                             $dn = $infos[$ligne][$extra_attribute];
                             $ou = array();
                             for ($tmp = $dn; count($tmptab = explode(',', $tmp, 2)) == 2; $tmp = $tmptab[1]) {
                                 $ou[] = $tmptab[1];
                             }
                             /// Search in DB for group with ldap_group_dn
                             if ($config_ldap->fields["group_field"] == 'dn' && count($ou) > 0) {
                                 $query = "SELECT `ldap_value`\n                                     FROM `glpi_groups`\n                                     WHERE `ldap_group_dn`\n                                             IN ('" . implode("', '", Toolbox::addslashes_deep($ou)) . "')";
                                 foreach ($DB->request($query) as $group) {
                                     $groups[$group['ldap_value']] = array("cn" => $group['ldap_value'], "search_type" => "users");
                                 }
                             }
                         } else {
                             for ($ligne_extra = 0; $ligne_extra < $infos[$ligne][$extra_attribute]["count"]; $ligne_extra++) {
                                 $groups[$infos[$ligne][$extra_attribute][$ligne_extra]] = array("cn" => self::getGroupCNByDn($ldap_connection, $infos[$ligne][$extra_attribute][$ligne_extra]), "search_type" => "users");
                             }
                         }
                     }
                 }
             }
         }
         if (self::isLdapPageSizeAvailable($config_ldap)) {
             ldap_control_paged_result_response($ldap_connection, $sr, $cookie);
         }
     } while ($cookie !== null && $cookie != '');
     return $groups;
 }
コード例 #12
0
ファイル: adLDAPUsers.php プロジェクト: reggi49/plansys
 public function searchRaw($search = "*")
 {
     if (!$this->adldap->getLdapBind()) {
         return false;
     }
     // Perform the search and grab all their details
     $filter = "(&(objectClass=user)(samaccounttype=" . adLDAP::ADLDAP_NORMAL_ACCOUNT . ")(objectCategory=person)(cn=" . $search . "))";
     $fields = array("samaccountname", "displayname");
     $pageSize = 25;
     $cookie = '';
     ldap_control_paged_result($this->adldap->getLdapConnection(), $pageSize, true, $cookie);
     $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields);
     $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr);
     ldap_control_paged_result_response($this->adldap->getLdapConnection(), $sr, $cookie);
     $return = [];
     foreach ($entries as $k => $r) {
         $comp = explode(",", $r['dn']);
         $cn = '';
         $ou = '';
         $dc = '';
         foreach ($comp as $c) {
             $x = explode("=", "{$c}");
             switch ($x[0]) {
                 case 'CN':
                     $cn = $x[1];
                     break;
                 case 'OU':
                     $ou = $x[1];
                     break;
                 case 'DC':
                     $dc .= $x[1] . ".";
                     break;
             }
         }
         if (count($r['samaccountname']) == 0) {
             continue;
         }
         $return[] = ['fullname' => isset($r['displayname']) ? @$r['displayname'][0] : @$r['samaccountname'][0], 'username' => @$r['samaccountname'][0], 'cn' => $cn, 'dc' => $dc, 'ou' => $ou];
     }
     return $return;
 }
コード例 #13
0
ファイル: Ldap.php プロジェクト: hardcao/CiProject
 public function ldap()
 {
     set_time_limit(0);
     //$this->db->query("truncate px_tmp");
     $host = "192.168.5.3";
     $user = "******";
     $pswd = "zldc@8888";
     $cookie = '';
     $result = [];
     $result['count'] = 0;
     do {
         $ad = ldap_connect($host) or die("Could not connect!");
         //var_dump($ad);
         if ($ad) {
             //璁剧疆鍙傛暟
             ldap_set_option($ad, LDAP_OPT_PROTOCOL_VERSION, 3);
             ldap_set_option($ad, LDAP_OPT_REFERRALS, 0);
             // bool ldap_bind ( resource $link_identifier [, string $bind_rdn = NULL [, string $bind_password = NULL ]] )
             $bd = ldap_bind($ad, $user, $pswd) or die("Could not bind");
             ldap_control_paged_result($ad, 500, true, $cookie);
             $attrs = array("displayname", "name", "sAMAccountName", "userPrincipalName", "objectclass");
             //鎸囧畾闇�鏌ヨ鐨勭敤鎴疯寖鍥�
             $filter = "(objectclass=*)";
             //ldap_search ( resource $link_identifier , string $base_dn , string $filter [, array $attributes [, int $attrsonly [, int $sizelimit [, int $timelimit [, int $deref ]]]]] )
             $search = ldap_search($ad, 'ou=中梁集团,DC=zldcgroup,DC=com', $filter, $attrs, 0, 0, 0) or die("ldap search failed");
             $entries = ldap_get_entries($ad, $search);
             ldap_set_option($ad, LDAP_OPT_PROTOCOL_VERSION, 3);
             $result = array_merge($result, $entries);
             ldap_control_paged_result_response($ad, $search, $cookie);
             //echo json_encode($entries);
             //		var_dump($entries);
             $data = array();
             if ($entries["count"] > 0) {
                 //echo '返回记录数:'.$entries["count"];
                 for ($i = 0; $i < $entries["count"]; $i++) {
                     //所要获取的字段,都必须小写
                     //if(isset($entries[$i]["displayname"])){
                     //						echo "<p>name: ".$entries[$i]["name"][0]."<br />";//用户名
                     //						echo "<p>sAMAccountName: ".@$entries[$i]["samaccountname"][0]."<br />";//用户名
                     if (isset($entries[$i]["dn"][0])) {
                         //							echo "dn: ".$entries[$i]["dn"]."<br />";//用户名字
                         $is_user = in_array('user', $entries[$i]["objectclass"]) ? 1 : 0;
                         if ($is_user == 0) {
                             continue;
                         }
                         $dn = $entries[$i]["dn"];
                         $dn = explode(",", $dn);
                         $area = array();
                         foreach ($dn as $v) {
                             if (strpos($v, 'OU=') !== false) {
                                 array_push($area, str_replace("OU=", "", $v));
                                 //有的抬头不是OU
                             } else {
                                 if (strpos($v, 'CN=') !== false) {
                                     array_push($area, str_replace("CN=", "", $v));
                                     //有的抬头不是CN
                                 } else {
                                     if (strpos($v, 'DC=') !== false) {
                                         array_push($area, str_replace("DC=", "", $v));
                                         //有的抬头不是DC
                                     }
                                 }
                             }
                         }
                         $area = array_reverse($area);
                         $insertArr = array();
                         $flag = 1;
                         if (is_array($area)) {
                             $flag = count($area, COUNT_NORMAL);
                         }
                         //							var_dump($area);
                         //	list($f6,$f5,$f4,$f3,$f2,$f1) = $area;
                         foreach ($area as $val) {
                             $keyStr = 'F' . $flag;
                             $flag--;
                             $insertArr[$keyStr] = $val;
                         }
                         $insertArr['FISUSER'] = 1;
                         $insertArr['FNUMBER'] = $entries[$i]["samaccountname"][0];
                         $insertArr['FNAME'] = $entries[$i]["name"][0];
                         $insertArr['FORG'] = 'test';
                         if (is_array($area)) {
                             if (count($area, COUNT_NORMAL) >= 7) {
                                 //echo "test 5  ";
                             }
                         }
                         $where = 'FNUMBER = ' . $entries[$i]["samaccountname"][0];
                         $tableName = 'T_USER';
                         $this->db->select('*');
                         $this->db->where('FNUMBER', $entries[$i]["samaccountname"][0]);
                         $row = $this->db->get('T_USER')->row_array();
                         if (isset($row)) {
                             $result = $this->Tools->updateDataWithFID($insertArr, $tableName, $row['FID']);
                         } else {
                             $result = $this->Tools->addData($insertArr, $tableName);
                         }
                     }
                 }
                 //}
             } else {
                 //echo "<p>No results found!</p>";
             }
         }
     } while ($cookie !== null && $cookie != '');
     return $result;
 }
コード例 #14
0
ファイル: adLDAP.php プロジェクト: kc596/cse.nits.ac.in
 /**
  * Group Information.  Returns an array of information about a group.
  * The group name is case sensitive
  * 
  * @param string $group_name The group name to retrieve info about
  * @param array $fields Fields to retrieve
  * @return array
  */
 public function group_info($group_name, $fields = NULL)
 {
     if ($group_name === NULL) {
         return false;
     }
     if (!$this->_bind) {
         return false;
     }
     if (stristr($group_name, '+')) {
         $group_name = stripslashes($group_name);
     }
     $filter = "(&(objectCategory=group)(name=" . $this->ldap_slashes($group_name) . "))";
     //echo ($filter."!!!<br>");
     if ($fields === NULL) {
         $fields = array("member", "memberof", "cn", "description", "distinguishedname", "objectcategory", "samaccountname");
     }
     // Let's use paging if available
     if (function_exists('ldap_control_paged_result')) {
         $pageSize = 500;
         $cookie = '';
         $entries = array();
         $entries_page = array();
         do {
             ldap_control_paged_result($this->_conn, $pageSize, true, $cookie);
             $sr = ldap_search($this->_conn, $this->_base_dn, $filter, $fields);
             $entries_page = ldap_get_entries($this->_conn, $sr);
             if (!is_array($entries_page)) {
                 return false;
             }
             $entries = array_merge($entries, $entries_page);
             ldap_control_paged_result_response($this->_conn, $sr, $cookie);
         } while ($cookie !== null && $cookie != '');
         $entries['count'] = count($entries) - 1;
         // Set a new count value !important!
         ldap_control_paged_result($this->_conn, $pageSize, true, $cookie);
         // RESET is important
     } else {
         // Non-Paged version
         $sr = ldap_search($this->_conn, $this->_base_dn, $filter, $fields);
         $entries = ldap_get_entries($this->_conn, $sr);
     }
     //print_r($entries);
     return $entries;
 }
コード例 #15
0
ファイル: access.php プロジェクト: ryanshoover/core
 /**
  * @brief executes an LDAP search
  * @param $filter the LDAP filter for the search
  * @param $base the LDAP subtree that shall be searched
  * @param $attr optional, when a certain attribute shall be filtered out
  * @returns array with the search result
  *
  * Executes an LDAP search
  */
 private function search($filter, $base, $attr = null, $limit = null, $offset = null, $skipHandling = false)
 {
     if (!is_null($attr) && !is_array($attr)) {
         $attr = array(mb_strtolower($attr, 'UTF-8'));
     }
     // See if we have a resource, in case not cancel with message
     $link_resource = $this->connection->getConnectionResource();
     if (!is_resource($link_resource)) {
         // Seems like we didn't find any resource.
         // Return an empty array just like before.
         \OCP\Util::writeLog('user_ldap', 'Could not search, because resource is missing.', \OCP\Util::DEBUG);
         return array();
     }
     //check wether paged search should be attempted
     $pagedSearchOK = $this->initPagedSearch($filter, $base, $attr, $limit, $offset);
     $sr = ldap_search($link_resource, $base, $filter, $attr);
     if (!$sr) {
         \OCP\Util::writeLog('user_ldap', 'Error when searching: ' . ldap_error($link_resource) . ' code ' . ldap_errno($link_resource), \OCP\Util::ERROR);
         \OCP\Util::writeLog('user_ldap', 'Attempt for Paging?  ' . print_r($pagedSearchOK, true), \OCP\Util::ERROR);
         return array();
     }
     $findings = ldap_get_entries($link_resource, $sr);
     if ($pagedSearchOK) {
         \OCP\Util::writeLog('user_ldap', 'Paged search successful', \OCP\Util::INFO);
         ldap_control_paged_result_response($link_resource, $sr, $cookie);
         \OCP\Util::writeLog('user_ldap', 'Set paged search cookie ' . $cookie, \OCP\Util::INFO);
         $this->setPagedResultCookie($filter, $limit, $offset, $cookie);
         //browsing through prior pages to get the cookie for the new one
         if ($skipHandling) {
             return;
         }
         //if count is bigger, then the server does not support paged search. Instead, he did a normal search. We set a flag here, so the callee knows how to deal with it.
         if ($findings['count'] <= $limit) {
             $this->pagedSearchedSuccessful = true;
         }
     } else {
         \OCP\Util::writeLog('user_ldap', 'Paged search failed :(', \OCP\Util::INFO);
     }
     // if we're here, probably no connection resource is returned.
     // to make ownCloud behave nicely, we simply give back an empty array.
     if (is_null($findings)) {
         return array();
     }
     if (!is_null($attr)) {
         $selection = array();
         $multiarray = false;
         if (count($attr) > 1) {
             $multiarray = true;
             $i = 0;
         }
         foreach ($findings as $item) {
             if (!is_array($item)) {
                 continue;
             }
             $item = \OCP\Util::mb_array_change_key_case($item, MB_CASE_LOWER, 'UTF-8');
             if ($multiarray) {
                 foreach ($attr as $key) {
                     $key = mb_strtolower($key, 'UTF-8');
                     if (isset($item[$key])) {
                         if ($key != 'dn') {
                             $selection[$i][$key] = $this->resemblesDN($key) ? $this->sanitizeDN($item[$key][0]) : $item[$key][0];
                         } else {
                             $selection[$i][$key] = $this->sanitizeDN($item[$key]);
                         }
                     }
                 }
                 $i++;
             } else {
                 //tribute to case insensitivity
                 $key = mb_strtolower($attr[0], 'UTF-8');
                 if (isset($item[$key])) {
                     if ($this->resemblesDN($key)) {
                         $selection[] = $this->sanitizeDN($item[$key]);
                     } else {
                         $selection[] = $item[$key];
                     }
                 }
             }
         }
         $findings = $selection;
     }
     //we slice the findings, when
     //a) paged search insuccessful, though attempted
     //b) no paged search, but limit set
     if (!$this->pagedSearchedSuccessful && $pagedSearchOK || !$pagedSearchOK && !is_null($limit)) {
         $findings = array_slice($findings, intval($offset), $limit);
     }
     return $findings;
 }
コード例 #16
0
 /**
  * The core of ORM behavior for this bundle: retrieve data
  * from LDAP and convert results into objects.
  *
  * Options maybe:
  *
  *      attributes (array): array of attribute types (strings)
  *
  *      filter (LdapFilter): a filter array or a correctly formatted filter string
  *
  *      max (integer): the maximum limit of entries to return
  *
  *      searchDn (string): the search DN
  *
  *      subentryNodes (array): parameters for the left hand side of a searchDN, useful for mining subentries.
  *
  *      pageSize (integer): employ pagination and return pages of the given size
  *
  *      pageCookie (opaque): The opaque stucture sent by the LDAP server to maintain pagination state. Default is empty string.
  *
  *      pageCritical (boolean): if pagination employed, force paging and return no results on service which do not provide it. Default is true.
  *
  *      checkOnly (boolean): Only check result existence; don't convert search results to Symfony entities. Default is false.
  *
  * @param string $entityName
  * @param array $options
  * @return array
  * @throws MissingSearchDnException
  */
 public function retrieve($entityName, $options = array())
 {
     $paging = !empty($options['pageSize']);
     $instanceMetadataCollection = $this->getClassMetadata($entityName);
     // Discern max result size
     $max = empty($options['max']) ? self::DEFAULT_MAX_RESULT_COUNT : $options['max'];
     // Employ results paging if requested with pageSize option
     if ($paging) {
         if (!isset($options['pageCritical'])) {
             $options['pageCritical'] = FALSE;
         }
         if (isset($options['pageCookie'])) {
             $this->pageCookie = $options['pageCookie'];
         }
         ldap_control_paged_result($this->client->getLdapResource(), $options['pageSize'], $options['pageCritical'], $this->pageCookie);
     }
     // Discern subentryNodes for substituing into searchDN
     $subentryNodes = empty($options['subentryNodes']) ? array() : $options['subentryNodes'];
     // Discern search DN
     if (isset($options['searchDn'])) {
         $searchDn = $options['searchDn'];
     } else {
         $searchDn = $instanceMetadataCollection->getSearchDn();
     }
     if (empty($searchDn)) {
         throw new MissingSearchDnException('Could not discern search DN while searching for ' . $entityName);
     }
     // Discern LDAP filter
     $objectClass = $instanceMetadataCollection->getObjectClass();
     if (empty($options['filter'])) {
         $filter = '(objectClass=' . $objectClass . ')';
     } else {
         if (is_array($options['filter'])) {
             $options['filter'] = array('&' => array('objectClass' => $objectClass, $options['filter']));
             $ldapFilter = new LdapFilter($options['filter']);
             $filter = $ldapFilter->format();
         } else {
             if (is_a($options['filter'], LdapFilter::class)) {
                 $options['filter']->setFilterArray(array('&' => array('objectClass' => $objectClass, $options['filter']->getFilterArray())));
                 $filter = $options['filter']->format();
             } else {
                 // assume pre-formatted scale/string filter value
                 $filter = '(&(objectClass=' . $objectClass . ')' . $options['filter'] . ')';
             }
         }
     }
     // Discern attributes to retrieve
     if (empty($options['attributes'])) {
         $attributes = array_values($instanceMetadataCollection->getMetadatas());
     } else {
         $attributes = $options['attributes'];
     }
     // Search LDAP
     $searchResult = $this->doRawLdapSearch($filter, $attributes, $max, $searchDn);
     $entries = @ldap_get_entries($this->client->getLdapResource(), $searchResult);
     if (!empty($options['checkOnly']) && $options['checkOnly'] == true) {
         return $entries['count'] > 0;
     }
     $entities = array();
     foreach ($entries as $entry) {
         if (is_array($entry)) {
             $entities[] = $this->entryToEntity($entityName, $entry);
         }
     }
     if ($paging) {
         ldap_control_paged_result_response($this->client->getLdapResource(), $searchResult, $this->pageCookie);
         $this->pageMore = !empty($this->pageCookie);
     }
     if ($entries['count'] == 1) {
         return $entities[0];
     }
     return $entities;
 }
コード例 #17
0
ファイル: Connection.php プロジェクト: 81square/ldap
 /**
  * Performs multiple ldap_search calls to retrieve multiple pages of entries
  * 
  * @param int     $pageSize   Page size
  * @param string  $baseDn     Base distinguished name to look below
  * @param string  $filter     Filter for the search
  * @param array   $attributes Names of attributes to retrieve (Default: All)
  * 
  * @return SearchInterface
  */
 protected function searchLdapPaged($pageSize, $baseDn, $filter, $attributes = null)
 {
     $cookie = '';
     $allResults = new SearchPreloaded();
     do {
         if (!ldap_control_paged_result($this->connection, $pageSize, true, $cookie)) {
             throw new SearchException("Unable to set paged control pageSize: " . $pageSize);
         }
         $search = ldap_search($this->connection, $baseDn, $filter, is_array($attributes) ? $attributes : array());
         if (!$search) {
             // Something went wrong in search
             throw self::createLdapSearchException(ldap_errno($this->connection), $baseDn, $filter, $pageSize);
         }
         $entries = ldap_get_entries($this->connection, $search);
         if (!$entries) {
             // No entries?
             throw self::createLdapSearchException(ldap_errno($this->connection), $baseDn, $filter, $pageSize);
         }
         // Ok add all entries
         $allResults->addEntries($entries);
         // Ok go to next page
         ldap_control_paged_result_response($this->connection, $search, $cookie);
     } while ($cookie !== null && $cookie != '');
     return $allResults;
 }
コード例 #18
0
ファイル: ldap.php プロジェクト: DarneoStudio/bitrix
 function QueryArray($str = '(ObjectClass=*)', $fields = false)
 {
     global $APPLICATION;
     if (strlen($this->arFields['BASE_DN']) <= 0) {
         return false;
     }
     $arBaseDNs = explode(";", $this->arFields['BASE_DN']);
     $info = false;
     $i = 0;
     if ($this->arFields["CONVERT_UTF8"] == "Y") {
         $str = $APPLICATION->ConvertCharset($str, SITE_CHARSET, "utf-8");
     }
     foreach ($arBaseDNs as $BaseDN) {
         global $APPLICATION;
         $BaseDN = trim($BaseDN);
         if ($BaseDN == "") {
             continue;
         }
         if ($this->arFields["CONVERT_UTF8"] == "Y") {
             $BaseDN = $APPLICATION->ConvertCharset($BaseDN, SITE_CHARSET, "utf-8");
         }
         $defaultMaxPageSizeAD = 1000;
         $pageSize = isset($this->arFields['MAX_PAGE_SIZE']) && intval($this->arFields['MAX_PAGE_SIZE'] > 0) ? intval($this->arFields['MAX_PAGE_SIZE']) : $defaultMaxPageSizeAD;
         $cookie = '';
         do {
             if (CLdapUtil::isLdapPaginationAviable()) {
                 ldap_control_paged_result($this->conn, $pageSize, false, $cookie);
             }
             if ($fields === false) {
                 $sr = @ldap_search($this->conn, $BaseDN, $str);
             } else {
                 $sr = @ldap_search($this->conn, $BaseDN, $str, $fields);
             }
             if ($sr) {
                 $entry = ldap_first_entry($this->conn, $sr);
                 if ($entry) {
                     if (!is_array($info)) {
                         $info = array();
                         $i = 0;
                     }
                     do {
                         $attributes = ldap_get_attributes($this->conn, $entry);
                         for ($j = 0; $j < $attributes['count']; $j++) {
                             $values = @ldap_get_values_len($this->conn, $entry, $attributes[$j]);
                             if ($values === false) {
                                 continue;
                             }
                             $bPhotoAttr = in_array($attributes[$j], self::$PHOTO_ATTRIBS);
                             $info[$i][strtolower($attributes[$j])] = $bPhotoAttr ? $values : $this->WorkAttr($values);
                         }
                         if (!is_set($info[$i], 'dn')) {
                             if ($this->arFields["CONVERT_UTF8"] == "Y") {
                                 $info[$i]['dn'] = $APPLICATION->ConvertCharset(ldap_get_dn($this->conn, $entry), "utf-8", SITE_CHARSET);
                             } else {
                                 $info[$i]['dn'] = ldap_get_dn($this->conn, $entry);
                             }
                         }
                         $i++;
                     } while ($entry = ldap_next_entry($this->conn, $entry));
                 }
             } elseif ($sr === false) {
                 $APPLICATION->ThrowException("LDAP_SEARCH_ERROR");
             }
             if (CLdapUtil::isLdapPaginationAviable()) {
                 ldap_control_paged_result_response($this->conn, $sr, $cookie);
             }
         } while ($cookie !== null && $cookie != '');
     }
     return $info;
 }
コード例 #19
0
ファイル: Connection.php プロジェクト: chrmorandi/yii2-ldap
 /**
  * Retrieve a paginated result response.
  * @param resource $result
  * @param string $cookie
  * @return bool
  */
 public function setControlPagedResultResponse($result, &$cookie)
 {
     return ldap_control_paged_result_response($this->resource, $result, $cookie);
 }
コード例 #20
0
ファイル: LdapConnection.php プロジェクト: 0svald/icingaweb2
 /**
  * Run the given LDAP query and return the resulting entries
  *
  * This utilizes paged search requests as defined in RFC 2696.
  *
  * @param   LdapQuery   $query      The query to fetch results with
  * @param   array       $fields     Request these attributes instead of the ones registered in the given query
  * @param   int         $pageSize   The maximum page size, defaults to self::PAGE_SIZE
  *
  * @return  array
  *
  * @throws  LdapException           In case an error occured while fetching the results
  */
 protected function runPagedQuery(LdapQuery $query, array $fields = null, $pageSize = null)
 {
     if ($pageSize === null) {
         $pageSize = static::PAGE_SIZE;
     }
     $limit = $query->getLimit();
     $offset = $query->hasOffset() ? $query->getOffset() : 0;
     if ($fields === null) {
         $fields = $query->getColumns();
     }
     $ds = $this->getConnection();
     $serverSorting = false;
     //$this->getCapabilities()->hasOid(LdapCapabilities::LDAP_SERVER_SORT_OID);
     if (!$serverSorting && $query->hasOrder() && !empty($fields)) {
         foreach ($query->getOrder() as $rule) {
             if (!in_array($rule[0], $fields, true)) {
                 $fields[] = $rule[0];
             }
         }
     }
     $unfoldAttribute = $query->getUnfoldAttribute();
     if ($unfoldAttribute) {
         foreach ($query->getFilter()->listFilteredColumns() as $filterColumn) {
             $fieldKey = array_search($filterColumn, $fields, true);
             if ($fieldKey === false || is_string($fieldKey)) {
                 $fields[] = $filterColumn;
             }
         }
     }
     $count = 0;
     $cookie = '';
     $entries = array();
     do {
         // Do not request the pagination control as a critical extension, as we want the
         // server to return results even if the paged search request cannot be satisfied
         ldap_control_paged_result($ds, $pageSize, false, $cookie);
         if ($serverSorting && $query->hasOrder()) {
             ldap_set_option($ds, LDAP_OPT_SERVER_CONTROLS, array(array('oid' => LdapCapabilities::LDAP_SERVER_SORT_OID, 'value' => $this->encodeSortRules($query->getOrder()))));
         }
         $results = $this->ldapSearch($query, array_values($fields), 0, $serverSorting && $limit ? $offset + $limit : 0);
         if ($results === false) {
             if (ldap_errno($ds) === self::LDAP_NO_SUCH_OBJECT) {
                 break;
             }
             throw new LdapException('LDAP query "%s" (base %s) failed. Error: %s', (string) $query, $query->getBase() ?: $this->getDn(), ldap_error($ds));
         } elseif (ldap_count_entries($ds, $results) === 0) {
             if (in_array(ldap_errno($ds), array(static::LDAP_SIZELIMIT_EXCEEDED, static::LDAP_ADMINLIMIT_EXCEEDED), true)) {
                 Logger::warning('Unable to request more than %u results. Does the server allow paged search requests? (%s)', $count, ldap_error($ds));
             }
             break;
         }
         $entry = ldap_first_entry($ds, $results);
         do {
             if ($unfoldAttribute) {
                 $rows = $this->cleanupAttributes(ldap_get_attributes($ds, $entry), $fields, $unfoldAttribute);
                 if (is_array($rows)) {
                     // TODO: Register the DN the same way as a section name in the ArrayDatasource!
                     foreach ($rows as $row) {
                         if ($query->getFilter()->matches($row)) {
                             $count += 1;
                             if (!$serverSorting || $offset === 0 || $offset < $count) {
                                 $entries[] = $row;
                             }
                             if ($serverSorting && $limit > 0 && $limit === count($entries)) {
                                 break;
                             }
                         }
                     }
                 } else {
                     $count += 1;
                     if (!$serverSorting || $offset === 0 || $offset < $count) {
                         $entries[ldap_get_dn($ds, $entry)] = $rows;
                     }
                 }
             } else {
                 $count += 1;
                 if (!$serverSorting || $offset === 0 || $offset < $count) {
                     $entries[ldap_get_dn($ds, $entry)] = $this->cleanupAttributes(ldap_get_attributes($ds, $entry), $fields);
                 }
             }
         } while ((!$serverSorting || $limit === 0 || $limit !== count($entries)) && ($entry = ldap_next_entry($ds, $entry)));
         if (false === @ldap_control_paged_result_response($ds, $results, $cookie)) {
             // If the page size is greater than or equal to the sizeLimit value, the server should ignore the
             // control as the request can be satisfied in a single page: https://www.ietf.org/rfc/rfc2696.txt
             // This applies no matter whether paged search requests are permitted or not. You're done once you
             // got everything you were out for.
             if ($serverSorting && count($entries) !== $limit) {
                 // The server does not support pagination, but still returned a response by ignoring the
                 // pagedResultsControl. We output a warning to indicate that the pagination control was ignored.
                 Logger::warning('Unable to request paged LDAP results. Does the server allow paged search requests?');
             }
         }
         ldap_free_result($results);
     } while ($cookie && (!$serverSorting || $limit === 0 || count($entries) < $limit));
     if ($cookie) {
         // A sequence of paged search requests is abandoned by the client sending a search request containing a
         // pagedResultsControl with the size set to zero (0) and the cookie set to the last cookie returned by
         // the server: https://www.ietf.org/rfc/rfc2696.txt
         ldap_control_paged_result($ds, 0, false, $cookie);
         // Returns no entries, due to the page size
         ldap_search($ds, $query->getBase() ?: $this->getDn(), (string) $query);
     }
     if (!$serverSorting && $query->hasOrder()) {
         uasort($entries, array($query, 'compare'));
         if ($limit && $count > $limit) {
             $entries = array_splice($entries, $query->hasOffset() ? $query->getOffset() : 0, $limit);
         }
     }
     return $entries;
 }
コード例 #21
0
ファイル: ldap.php プロジェクト: enoch85/owncloud-testserver
 /**
  * @brief search a list in ldap server
  * @param $ldapbasedn the base dn
  * @param $bindsearch the search filter
  * @param $entries the ldap entries to reach
  * @param $start the starting point
  * @param $num the number of entries to return
  * @return array|false
  */
 public function ldapFindMultiple($ldapbasedn, $bindsearch, $entriesName, $start = null, $num = null)
 {
     if ($entriesName != null && self::ldapCreateAndBindConnection() && $ldapbasedn != null && $bindsearch != null) {
         if ($start == null) {
             $start = 0;
         }
         if ($num == null) {
             $num = PHP_INT_MAX;
         }
         $pageSize = isset($this->ldapParams['ldappagesize']) ? $this->ldapParams['ldappagesize'] : "20";
         $cookie = '';
         $entries = array();
         $cpt = 0;
         \OC_Log::write('contacts_ldap', __METHOD__ . " - search what {$ldapbasedn}, {$bindsearch} {$pageSize}", \OC_Log::DEBUG);
         do {
             ldap_control_paged_result($this->ldapConnection, $pageSize, true, $cookie);
             $ldap_results = ldap_search($this->ldapConnection, $ldapbasedn, $bindsearch, $entriesName);
             $LdapEntries = ldap_get_entries($this->ldapConnection, $ldap_results);
             for ($i = 0; $i < $LdapEntries['count']; $i++) {
                 $entries[] = $LdapEntries[$i];
             }
             ldap_control_paged_result_response($this->ldapConnection, $ldap_results, $cookie);
             $cpt++;
         } while ($cookie !== null && $cookie != '' && $cpt < 10);
         $entries['count'] = count($entries);
         return $entries;
         self::ldapCloseConnection();
     }
     return false;
 }
コード例 #22
0
 /**
  * @link http://php.net/manual/en/function.ldap-control-paged-result-response.php
  * @param $link
  * @param $result
  * @param null $cookie
  * @param null $estimated
  * @return bool
  */
 public function controlPagedResultResponse($link, $result, &$cookie = null, &$estimated = null)
 {
     return ldap_control_paged_result_response($link, $result, $cookie, $estimated);
 }
コード例 #23
0
ファイル: auth.php プロジェクト: jeffthestampede/excelsior
 /**
  * Returns all usernames from LDAP
  *
  * @param $filter An LDAP search filter to select desired users
  * @return array of LDAP user names converted to UTF-8
  */
 function ldap_get_userlist($filter = '*')
 {
     $fresult = array();
     $ldapconnection = $this->ldap_connect();
     if ($filter == '*') {
         $filter = '(&(' . $this->config->user_attribute . '=*)' . $this->config->objectclass . ')';
     }
     $contexts = explode(';', $this->config->contexts);
     if (!empty($this->config->create_context)) {
         array_push($contexts, $this->config->create_context);
     }
     $ldap_cookie = '';
     $ldap_pagedresults = ldap_paged_results_supported($this->config->ldap_version);
     foreach ($contexts as $context) {
         $context = trim($context);
         if (empty($context)) {
             continue;
         }
         do {
             if ($ldap_pagedresults) {
                 ldap_control_paged_result($ldapconnection, $this->config->pagesize, true, $ldap_cookie);
             }
             if ($this->config->search_sub) {
                 // Use ldap_search to find first user from subtree.
                 $ldap_result = ldap_search($ldapconnection, $context, $filter, array($this->config->user_attribute));
             } else {
                 // Search only in this context.
                 $ldap_result = ldap_list($ldapconnection, $context, $filter, array($this->config->user_attribute));
             }
             if (!$ldap_result) {
                 continue;
             }
             if ($ldap_pagedresults) {
                 ldap_control_paged_result_response($ldapconnection, $ldap_result, $ldap_cookie);
             }
             $users = ldap_get_entries_moodle($ldapconnection, $ldap_result);
             // Add found users to list.
             for ($i = 0; $i < count($users); $i++) {
                 $extuser = core_text::convert($users[$i][$this->config->user_attribute][0], $this->config->ldapencoding, 'utf-8');
                 array_push($fresult, $extuser);
             }
             unset($ldap_result);
             // Free mem.
         } while ($ldap_pagedresults && !empty($ldap_cookie));
     }
     // If paged results were used, make sure the current connection is completely closed
     $this->ldap_close($ldap_pagedresults);
     return $fresult;
 }
コード例 #24
0
ファイル: PageControl.php プロジェクト: ldaptools/ldaptools
 /**
  * Updating the paging operation based on the result resource returned from a query.
  *
  * @param resource $result
  * @throws LdapConnectionException
  */
 public function update($result)
 {
     if (!$this->isEnabled) {
         return;
     }
     $this->resultNumber += $this->pageSize;
     if (!@ldap_control_paged_result_response($this->connection->getConnection(), $result, $this->cookie)) {
         throw new LdapConnectionException(sprintf('Unable to set paged results response: %s', $this->connection->getLastError()));
     }
 }
コード例 #25
0
ファイル: lib.php プロジェクト: abhilash1994/moodle
 /**
  * Return multidimensional array with details of user courses (at
  * least dn and idnumber).
  *
  * @param string $memberuid user idnumber (without magic quotes).
  * @param object role is a record from the mdl_role table.
  * @return array
  */
 protected function find_ext_enrolments($memberuid, $role)
 {
     global $CFG;
     require_once $CFG->libdir . '/ldaplib.php';
     if (empty($memberuid)) {
         // No "idnumber" stored for this user, so no LDAP enrolments
         return array();
     }
     $ldap_contexts = trim($this->get_config('contexts_role' . $role->id));
     if (empty($ldap_contexts)) {
         // No role contexts, so no LDAP enrolments
         return array();
     }
     $extmemberuid = core_text::convert($memberuid, 'utf-8', $this->get_config('ldapencoding'));
     if ($this->get_config('memberattribute_isdn')) {
         if (!($extmemberuid = $this->ldap_find_userdn($extmemberuid))) {
             return array();
         }
     }
     $ldap_search_pattern = '';
     if ($this->get_config('nested_groups')) {
         $usergroups = $this->ldap_find_user_groups($extmemberuid);
         if (count($usergroups) > 0) {
             foreach ($usergroups as $group) {
                 $ldap_search_pattern .= '(' . $this->get_config('memberattribute_role' . $role->id) . '=' . $group . ')';
             }
         }
     }
     // Default return value
     $courses = array();
     // Get all the fields we will want for the potential course creation
     // as they are light. don't get membership -- potentially a lot of data.
     $ldap_fields_wanted = array('dn', $this->get_config('course_idnumber'));
     $fullname = $this->get_config('course_fullname');
     $shortname = $this->get_config('course_shortname');
     $summary = $this->get_config('course_summary');
     if (isset($fullname)) {
         array_push($ldap_fields_wanted, $fullname);
     }
     if (isset($shortname)) {
         array_push($ldap_fields_wanted, $shortname);
     }
     if (isset($summary)) {
         array_push($ldap_fields_wanted, $summary);
     }
     // Define the search pattern
     if (empty($ldap_search_pattern)) {
         $ldap_search_pattern = '(' . $this->get_config('memberattribute_role' . $role->id) . '=' . ldap_filter_addslashes($extmemberuid) . ')';
     } else {
         $ldap_search_pattern = '(|' . $ldap_search_pattern . '(' . $this->get_config('memberattribute_role' . $role->id) . '=' . ldap_filter_addslashes($extmemberuid) . ')' . ')';
     }
     $ldap_search_pattern = '(&' . $this->get_config('objectclass') . $ldap_search_pattern . ')';
     // Get all contexts and look for first matching user
     $ldap_contexts = explode(';', $ldap_contexts);
     $ldap_pagedresults = ldap_paged_results_supported($this->get_config('ldap_version'));
     foreach ($ldap_contexts as $context) {
         $context = trim($context);
         if (empty($context)) {
             continue;
         }
         $ldap_cookie = '';
         $flat_records = array();
         do {
             if ($ldap_pagedresults) {
                 ldap_control_paged_result($this->ldapconnection, $this->config->pagesize, true, $ldap_cookie);
             }
             if ($this->get_config('course_search_sub')) {
                 // Use ldap_search to find first user from subtree
                 $ldap_result = @ldap_search($this->ldapconnection, $context, $ldap_search_pattern, $ldap_fields_wanted);
             } else {
                 // Search only in this context
                 $ldap_result = @ldap_list($this->ldapconnection, $context, $ldap_search_pattern, $ldap_fields_wanted);
             }
             if (!$ldap_result) {
                 continue;
             }
             if ($ldap_pagedresults) {
                 ldap_control_paged_result_response($this->ldapconnection, $ldap_result, $ldap_cookie);
             }
             // Check and push results. ldap_get_entries() already
             // lowercases the attribute index, so there's no need to
             // use array_change_key_case() later.
             $records = ldap_get_entries($this->ldapconnection, $ldap_result);
             // LDAP libraries return an odd array, really. Fix it.
             for ($c = 0; $c < $records['count']; $c++) {
                 array_push($flat_records, $records[$c]);
             }
             // Free some mem
             unset($records);
         } while ($ldap_pagedresults && !empty($ldap_cookie));
         // If LDAP paged results were used, the current connection must be completely
         // closed and a new one created, to work without paged results from here on.
         if ($ldap_pagedresults) {
             $this->ldap_close();
             $this->ldap_connect();
         }
         if (count($flat_records)) {
             $courses = array_merge($courses, $flat_records);
         }
     }
     return $courses;
 }
コード例 #26
0
ファイル: Manager.php プロジェクト: mangati/php-ldap
 /**
  *
  * @param type $baseDn
  * @param type $filter
  * @param array $attributes
  * @param int $pageSize
  * @return \Generator
  * @throws LdapException
  */
 public function pagedSearch($baseDn, $filter, array $attributes = [], $pageSize = 100)
 {
     $this->checkConnection();
     $resource = $this->conn->getResource();
     $cookie = '';
     do {
         ldap_control_paged_result($resource, $pageSize, true, $cookie);
         $search = @ldap_search($resource, $baseDn, $filter, $attributes);
         if ($search === false) {
             ErrorHandler::throwException($this->conn);
         }
         $result = @ldap_get_entries($resource, $search);
         if ($result === false) {
             ErrorHandler::throwException($this->conn);
         }
         for ($i = 0; $i < $result['count']; $i++) {
             $row = $result[$i];
             $entry = $this->parseArray($row);
             (yield $entry);
         }
         ldap_control_paged_result_response($resource, $search, $cookie);
     } while ($cookie !== null && $cookie != '');
 }
コード例 #27
0
 public function getUserEntries($login = null, $countOnly = false, $offset = -1, $limit = -1, $regexpOnSearchAttr = false)
 {
     if ($login == null) {
         $filter = $this->ldapFilter;
     } else {
         if ($regexpOnSearchAttr && !empty($this->options["LDAP_SEARCHUSER_ATTR"])) {
             $searchAttr = $this->options["LDAP_SEARCHUSER_ATTR"];
             $searchAttrArray = explode(",", $searchAttr);
         }
         if (isset($searchAttrArray)) {
             if (count($searchAttrArray) > 1) {
                 $searchAttrFilter = "(|";
                 foreach ($searchAttrArray as $attr) {
                     $searchAttrFilter .= "(" . $attr . "=" . $login . ")";
                 }
                 $searchAttrFilter .= ")";
             } else {
                 $searchAttrFilter = "(" . $searchAttrArray[0] . "=" . $login . ")";
             }
         } else {
             $searchAttrFilter = "(" . $this->ldapUserAttr . "=" . $login . ")";
         }
         if ($this->ldapFilter == "") {
             $filter = $searchAttrFilter;
         } else {
             $filter = "(&" . $this->ldapFilter . $searchAttrFilter . ")";
         }
     }
     if (empty($filter)) {
         if (!empty($this->dynamicFilter)) {
             $filter = $this->dynamicFilter;
         } else {
             $filter = $this->ldapUserAttr . "=*";
         }
     } else {
         if (!empty($this->dynamicFilter)) {
             $filter = "(&(" . $this->dynamicFilter . ")" . $filter . ")";
         }
     }
     if ($this->ldapconn == null) {
         $this->startConnexion();
     }
     $conn = array();
     if (is_array($this->ldapDN)) {
         foreach ($this->ldapDN as $dn) {
             $conn[] = $this->ldapconn;
         }
     } else {
         $conn = array($this->ldapconn);
     }
     $expected = array($this->ldapUserAttr);
     if ($login != null && (!empty($this->customParamsMapping) || !empty($this->paramsMapping))) {
         if (!empty($this->customParamsMapping)) {
             $expected = array_merge($expected, array_keys($this->customParamsMapping));
         }
         if (!empty($this->paramsMapping)) {
             $keys = array();
             foreach ($this->paramsMapping as $param) {
                 $keys[] = $param["MAPPING_LDAP_PARAM"];
             }
             $expected = array_merge($expected, $keys);
         }
     }
     if (is_array($this->dynamicExpected)) {
         $expected = array_merge($expected, $this->dynamicExpected);
     }
     foreach ($conn as $dn => $ldapc) {
         if (!$ldapc) {
             unset($conn[$dn]);
         }
     }
     if (count($conn) < 1) {
         return array("count" => 0);
     }
     //$ret = ldap_search($conn,$this->ldapDN,$filter, $expected);
     $cookie = '';
     if (empty($this->pageSize) || !is_numeric($this->pageSize)) {
         $this->pageSize = 500;
     }
     $allEntries = array("count" => 0);
     $isSupportPagedResult = function_exists("ldap_control_paged_result") && function_exists("ldap_control_paged_result_response");
     $gotAllEntries = false;
     $index = 0;
     //Update progress bar in CLI mode
     $isListAll = $offset == -1 && $limit == -1 && is_null($login) && $regexpOnSearchAttr && php_sapi_name() == "cli";
     if ($isListAll) {
         $total = $this->getCountFromCache();
         $progressBar = new AJXP_ProgressBarCLI();
         $progressBar->init($index, $total["count"], "Get ldap users");
     }
     do {
         if ($isSupportPagedResult) {
             ldap_control_paged_result($this->ldapconn, $this->pageSize, false, $cookie);
         }
         $ret = ldap_search($conn, $this->ldapDN, $filter, $expected, 0, 0);
         if ($ret === false) {
             break;
         }
         foreach ($ret as $i => $resourceResult) {
             if ($resourceResult === false) {
                 continue;
             }
             if ($countOnly) {
                 $allEntries["count"] += ldap_count_entries($conn[$i], $resourceResult);
                 continue;
             }
             if ($limit != -1) {
                 //usort($entries, array($this, "userSortFunction"));
                 ldap_sort($conn[$i], $resourceResult, $this->ldapUserAttr);
             }
             $entries = ldap_get_entries($conn[$i], $resourceResult);
             // for better performance
             if (is_array($entries) && $offset != -1 && $limit != -1 && $index + $this->pageSize < $offset) {
                 $index += $this->pageSize;
                 continue;
             }
             if (!empty($entries["count"])) {
                 $allEntries["count"] += $entries["count"];
                 unset($entries["count"]);
                 foreach ($entries as $entry) {
                     if ($offset != -1 && $index < $offset) {
                         $index++;
                         continue;
                     }
                     // fake memberOf
                     if ($this->fakeAttrMemberOf && method_exists($this, "fakeMemberOf") && in_array(strtolower("memberof"), array_map("strtolower", $expected))) {
                         if ($this->attrMemberInGroup) {
                             $uid = $entry["dn"];
                         } else {
                             $uidWithEqual = explode(",", $entry["dn"]);
                             $uidShort = explode("=", $uidWithEqual[0]);
                             $uid = $uidShort[1];
                         }
                         $strldap = "(&" . $this->ldapGFilter . "(" . $this->fakeAttrMemberOf . "=" . $uid . "))";
                         $this->fakeMemberOf($conn, $this->ldapGDN, $strldap, array("cn"), $entry);
                     }
                     $allEntries[] = $entry;
                     $index++;
                     //Update progress bar in CLI mode
                     if (isset($progressBar)) {
                         $progressBar->update($index);
                     }
                     if ($offset != -1 && $limit != -1 && $index > $offset + $limit) {
                         break;
                     }
                 }
                 if ($index > $offset + $limit && $limit != -1 && $offset != -1) {
                     $gotAllEntries = true;
                 }
             }
         }
         if ($isSupportPagedResult) {
             foreach ($ret as $element) {
                 if (is_resource($element)) {
                     @ldap_control_paged_result_response($this->ldapconn, $element, $cookie);
                 }
             }
         }
     } while ($cookie !== null && $cookie != '' && $isSupportPagedResult && !$gotAllEntries);
     // reset paged_result for other activities (otherwise we will experience ldap error)
     if ($isSupportPagedResult) {
         ldap_control_paged_result($this->ldapconn, 0);
     }
     return $allEntries;
 }
コード例 #28
0
 protected function objectSearchResultCount($conn, $base_dn, $search_filter)
 {
     $base_dn = $this->prepareQueryString($base_dn);
     $search_filter = $this->prepareQueryString($search_filter);
     $resultCount = 0;
     $pageCookie = "";
     do {
         if (function_exists("ldap_control_paged_result") && function_exists("ldap_control_paged_result_response")) {
             ldap_control_paged_result($conn, $this->ldapSearchPageSize, true, $pageCookie);
         }
         // Start search in LDAP directory.
         $sr = ldap_search($conn, $base_dn, $search_filter, array(), 0, 0);
         if (!$sr) {
             break;
         }
         // Get number of found results.
         $resultCount += ldap_count_entries($conn, $sr);
         if (function_exists("ldap_control_paged_result") && function_exists("ldap_control_paged_result_response")) {
             ldap_control_paged_result_response($conn, $sr, $pageCookie);
         }
     } while ($pageCookie !== null && $pageCookie != "");
     return $resultCount;
 }
コード例 #29
0
ファイル: LdapServer.class.php プロジェクト: tierce/ppbe
 /**
 * execute a paged ldap query and return entries as one aggregated array
 *
 * $this->searchPageStart and $this->searchPageEnd should be set before calling if
 *   a particular set of pages is desired
 *
 * @param array $ldap_query_params of form:
    'base_dn' => base_dn,
    'filter' =>  filter,
    'attributes' => attributes,
    'attrsonly' => attrsonly,
    'sizelimit' => sizelimit,
    'timelimit' => timelimit,
    'deref' => deref,
    'scope' => scope,
 
    (this array of parameters is primarily passed on to ldapQuery() method)
 *
 * @return array of ldap entries or FALSE on error.
 *
 */
 public function pagedLdapQuery($ldap_query_params)
 {
     if (!($this->searchPagination && $this->paginationEnabled)) {
         watchdog('ldap', "LDAP server pagedLdapQuery() called when functionality not available in php install or\n        not enabled in ldap server configuration.  error. basedn: %basedn| filter: %filter| attributes:\n         %attributes| errmsg: %errmsg| ldap err no: %errno|", $watchdog_tokens);
         return FALSE;
     }
     $paged_entries = array();
     $page_token = '';
     $page = 0;
     $estimated_entries = 0;
     $aggregated_entries = array();
     $aggregated_entries_count = 0;
     $has_page_results = FALSE;
     do {
         ldap_control_paged_result($this->connection, $this->searchPageSize, TRUE, $page_token);
         $result = $this->ldapQuery($ldap_query_params['scope'], $ldap_query_params);
         if ($page >= $this->searchPageStart) {
             $skipped_page = FALSE;
             if ($result && $this->countEntries($result) !== FALSE) {
                 $page_entries = ldap_get_entries($this->connection, $result);
                 unset($page_entries['count']);
                 $has_page_results = is_array($page_entries) && count($page_entries) > 0;
                 $aggregated_entries = array_merge($aggregated_entries, $page_entries);
                 $aggregated_entries_count = count($aggregated_entries);
             } elseif ($this->ldapErrorNumber()) {
                 $watchdog_tokens = array('%basedn' => $ldap_query_params['base_dn'], '%filter' => $ldap_query_params['filter'], '%attributes' => print_r($ldap_query_params['attributes'], TRUE), '%errmsg' => $this->errorMsg('ldap'), '%errno' => $this->ldapErrorNumber());
                 watchdog('ldap', "LDAP ldap_search error. basedn: %basedn| filter: %filter| attributes:\n            %attributes| errmsg: %errmsg| ldap err no: %errno|", $watchdog_tokens);
                 return FALSE;
             } else {
                 return FALSE;
             }
         } else {
             $skipped_page = TRUE;
         }
         @ldap_control_paged_result_response($this->connection, $result, $page_token, $estimated_entries);
         if ($ldap_query_params['sizelimit'] && $this->ldapErrorNumber() == LDAP_SIZELIMIT_EXCEEDED) {
             // false positive error thrown.  do not set result limit error when $sizelimit specified
         } elseif ($this->hasError()) {
             watchdog('ldap_server', 'ldap_control_paged_result_response() function error. LDAP Error: %message, ldap_list() parameters: %query', array('%message' => $this->errorMsg('ldap'), '%query' => $ldap_query_params['query_display']), WATCHDOG_ERROR);
         }
         if (isset($ldap_query_params['sizelimit']) && $ldap_query_params['sizelimit'] && $aggregated_entries_count >= $ldap_query_params['sizelimit']) {
             $discarded_entries = array_splice($aggregated_entries, $ldap_query_params['sizelimit']);
             break;
         } elseif ($this->searchPageEnd !== NULL && $page >= $this->searchPageEnd) {
             // user defined pagination has run out
             break;
         } elseif ($page_token === NULL || $page_token == '') {
             // ldap reference pagination has run out
             break;
         }
         $page++;
     } while ($skipped_page || $has_page_results);
     $aggregated_entries['count'] = count($aggregated_entries);
     return $aggregated_entries;
 }
コード例 #30
0
ファイル: Task.php プロジェクト: alaneor/ad-x
 /**
  * Perform the lookup operation on server and return the resultset
  *
  * This method sends the lookup request to the server with the
  * configuration you provided. If the {@link Link} has pagination enabled,
  * it will return a single page. To get the subsequent pages, call this method
  * again on the object, without modifying the lookup criteria.
  *
  * @uses		Link::$rootDSE		to get the domain base dn ( from <i>defaultnamingcontext</i> ) if no override has been specified
  *
  * @return		Result|false		The Result object with returned Objects or FALSE if maximum number of referrals was chased
  */
 public function run()
 {
     // Prepare the information needed for the operation
     $link_id = $this->adxLink->get_link();
     $baseDN = $this->dn || $this->dn === '' ? $this->dn : $this->adxLink->rootDSE->defaultnamingcontext(0);
     if ($this->use_pages && $this->complete) {
         $this->cookie = '';
     }
     // Reset the cookie if the operation is started again
     $this->complete = false;
     // Reset the completion status
     // Send the pagination control cookie if present
     // I must check explicitly for NULL bcause '' also evaluates to FALSE
     if ($this->cookie !== null) {
         ldap_control_paged_result($link_id, $this->sizelimit, true, $this->cookie);
     }
     // Perform the lookup operation
     // All exceptions thrown here will bubble up!
     $result_id = $this->_directory_lookup($this->operationType, $link_id, $baseDN, $this->filter, $this->attributes);
     // Get the new cookie from the response if pagination is enabled
     // I must check explicitly for NULL bcause '' also evaluates to FALSE
     if ($this->cookie !== null) {
         ldap_control_paged_result_response($link_id, $result_id, $this->cookie);
     }
     // Lookup operation successful - continue processing...
     $referral_link = $this->_parse_referrals($result_id);
     // Check for referrals
     if ($referral_link) {
         if ($this->referral_counter <= $this->max_referrals) {
             // Do we have this connection in the pool already?
             if (isset(static::$connection_pool[$referral_link])) {
                 $link = static::$connection_pool[$referral_link];
                 // Use the existing link to perform the lookup
             } else {
                 $link = $this->adxLink->_redirect($referral_link);
                 // Reconnect to the new server
                 static::$connection_pool[$referral_link] = $link;
                 // Save the connection in the link pool
             }
             $this->referral_counter++;
             $this->adxLink = $link;
             // Replace the current link with the new link
             return $this->run();
             // Only those calls that actually succeed in getting data should continue with code below
         } else {
             return false;
         }
         // Reached maximum number of referrals -> do not continue
     }
     // Successfully retrieved data from server
     $this->referral_counter = 0;
     $result = ldap_get_entries($this->adxLink->get_link(), $result_id);
     unset($result['count']);
     // Clean up some unneeded mess ( more cleanup happens at object instantiation )
     $data = array();
     // Create new objects from result, converting the values to php-compatible data formats on the way
     foreach ($result as $objectData) {
         // Is there a special class defined for this particular object class ( under ADX\Classes namespace )?
         // Use 'Object' if the objectClass attribute is either not present or there is no class override
         if (isset($objectData['objectclass'])) {
             $class = 'ADX\\Classes\\' . end($objectData['objectclass']);
             $class = class_exists($class) ? $class : 'ADX\\Core\\Object';
         } else {
             $class = 'ADX\\Core\\Object';
         }
         $data[] = new $class($this->adxLink, $objectData, true);
     }
     $this->complete = !$this->cookie;
     // As long as cookie is present, the result cannot be complete
     return new Result($data);
 }