/**
* @return array
* @throws ValueRetrievalFailureException
*/
public function getAttributes()
{
if (!($attributes = ldap_get_attributes($this->link, $this->entry))) {
throw new ValueRetrievalFailureException(ldap_error($this->link), ldap_errno($this->link));
}
return $attributes;
}
/**
* @return mixed resource
*/
public function fetchEntry()
{
if (!$this->result_resource) {
return null;
}
if (null === $this->entry_resource) {
$this->entry_resource = ldap_first_entry($this->resource, $this->result_resource);
} else {
$this->entry_resource = ldap_next_entry($this->resource, $this->entry_resource);
}
if (!$this->entry_resource) {
return null;
}
$dn = ldap_get_dn($this->resource, $this->entry_resource);
$rawAttributes = ldap_get_attributes($this->resource, $this->entry_resource);
$count = $rawAttributes['count'];
$attributes = array();
for ($i = 0; $i < $count; $i++) {
$attribute = $rawAttributes[$i];
$values = array();
$subCount = $rawAttributes[$attribute]['count'];
for ($j = 0; $j < $subCount; $j++) {
$values[] = $rawAttributes[$attribute][$j];
}
$attributes[$attribute] = $values;
}
$object = new Object($dn, $attributes);
return $object;
}
/**
* Authenticates a user to LDAP
*
* @param $username
* @param $password
* @param bool|false $returnUser
* @return bool true if the username and/or password provided are valid
* false if the username and/or password provided are invalid
* array of ldap_attributes if $returnUser is true
*/
function ldap($username, $password, $returnUser = false)
{
$ldaphost = Setting::getSettings()->ldap_server;
$ldaprdn = Setting::getSettings()->ldap_uname;
$ldappass = Crypt::decrypt(Setting::getSettings()->ldap_pword);
$baseDn = Setting::getSettings()->ldap_basedn;
$filterQuery = Setting::getSettings()->ldap_auth_filter_query . $username;
$ldapversion = Setting::getSettings()->ldap_version;
// Connecting to LDAP
$connection = ldap_connect($ldaphost) or die("Could not connect to {$ldaphost}");
// Needed for AD
ldap_set_option($connection, LDAP_OPT_REFERRALS, 0);
ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, $ldapversion);
try {
if ($connection) {
// binding to ldap server
$ldapbind = ldap_bind($connection, $ldaprdn, $ldappass);
if (($results = @ldap_search($connection, $baseDn, $filterQuery)) != false) {
$entry = ldap_first_entry($connection, $results);
if (($userDn = @ldap_get_dn($connection, $entry)) !== false) {
if (($isBound = ldap_bind($connection, $userDn, $password)) == "true") {
return $returnUser ? array_change_key_case(ldap_get_attributes($connection, $entry), CASE_LOWER) : true;
}
}
}
}
} catch (Exception $e) {
LOG::error($e->getMessage());
}
ldap_close($connection);
return false;
}
/**
* Binds/authenticates the user to LDAP, and returns their attributes.
*
* @author [A. Gianotto] [<*****@*****.**>]
* @since [v3.0]
* @param $username
* @param $password
* @param bool|false $user
* @return bool true if the username and/or password provided are valid
* false if the username and/or password provided are invalid
* array of ldap_attributes if $user is true
*
*/
static function findAndBindUserLdap($username, $password)
{
$settings = Setting::getSettings();
$connection = Ldap::connectToLdap();
$ldap_username_field = $settings->ldap_username_field;
$baseDn = $settings->ldap_basedn;
if ($settings->is_ad == '1') {
// In case they haven't added an AD domain
if ($settings->ad_domain == '') {
$userDn = $username . '@' . $settings->email_domain;
} else {
$userDn = $username . '@' . $settings->ad_domain;
}
} else {
$userDn = $ldap_username_field . '=' . $username . ',' . $settings->ldap_basedn;
}
$filterQuery = $settings->ldap_auth_filter_query . $username;
if (!($ldapbind = @ldap_bind($connection, $userDn, $password))) {
return false;
}
if (!($results = ldap_search($connection, $baseDn, $filterQuery))) {
throw new Exception('Could not search LDAP: ');
}
if (!($entry = ldap_first_entry($connection, $results))) {
return false;
}
if (!($user = array_change_key_case(ldap_get_attributes($connection, $entry), CASE_LOWER))) {
return false;
}
return $user;
}
private static function readFromLdapEntry($ldapconn, $entry)
{
$newUser = new User();
$newUser->dn = ldap_get_dn($ldapconn, $entry);
// Load attributes
$att = ldap_get_attributes($ldapconn, $entry);
if (isset($att['cn']) && $att['cn']['count'] == 1) {
$newUser->cn = $att['cn'][0];
}
if (isset($att['mail']) && $att['mail']['count'] == 1) {
$newUser->mail = $att['mail'][0];
}
if (isset($att['displayName']) && $att['displayName']['count'] == 1) {
$newUser->displayName = $att['displayName'][0];
}
if (isset($att['sn']) && $att['sn']['count'] == 1) {
$newUser->sn = $att['sn'][0];
}
if (isset($att['givenName']) && $att['givenName']['count'] == 1) {
$newUser->givenName = $att['givenName'][0];
}
$groups = [];
if (isset($att['memberOf'])) {
for ($i = 0; $i < $att['memberOf']['count']; $i++) {
$groups[] = $att['memberOf'][$i];
}
}
$newUser->group_dns = $groups;
$newUser->ldapconn = $ldapconn;
return $newUser;
}
function get_user_old_ldap($email)
{
$attributes = ["uid" => "uid", "mail" => "mail", "givenName" => "firstname", "sn" => "lastname", "displayName" => "nick", "gender" => "gender", "birthdate" => "dob", "o" => "organization", "c" => "country", "l" => "location"];
$this->load_library("ldap_lib", "ldap");
$ds = $this->ldap->get_link();
$dn = "dc=felicity,dc=iiit,dc=ac,dc=in";
$filter = '(&(mail=' . $email . '))';
$sr = ldap_search($ds, $dn, $filter, array_keys($attributes));
$entry = ldap_first_entry($ds, $sr);
if (!$entry) {
return false;
}
$entry_data = ldap_get_attributes($ds, $entry);
$user_data = [];
foreach ($attributes as $key => $value) {
if (isset($entry_data[$key]) && isset($entry_data[$key][0])) {
$user_data[$value] = $entry_data[$key][0];
}
}
if (isset($user_data["dob"])) {
$date = date_create_from_format('d/m/Y', $user_data["dob"]);
if ($date) {
$user_data["dob"] = date_format($date, "Y-m-d");
}
}
if (isset($user_data["firstname"]) && isset($user_data["lastname"])) {
$user_data["name"] = implode(" ", [$user_data["firstname"], $user_data["lastname"]]);
unset($user_data["firstname"]);
unset($user_data["lastname"]);
}
if (isset($user_data["gender"])) {
$user_data["gender"] = strtolower($user_data["gender"]);
}
return $user_data;
}
/**
* @brief reads a given attribute for an LDAP record identified by a DN
* @param $dn the record in question
* @param $attr the attribute that shall be retrieved
* @returns the values in an array on success, false otherwise
*
* Reads an attribute from an LDAP entry
*/
public function readAttribute($dn, $attr)
{
if (!$this->checkConnection()) {
\OCP\Util::writeLog('user_ldap', 'No LDAP Connector assigned, access impossible for readAttribute.', \OCP\Util::WARN);
return false;
}
$cr = $this->connection->getConnectionResource();
if (!is_resource($cr)) {
//LDAP not available
\OCP\Util::writeLog('user_ldap', 'LDAP resource not available.', \OCP\Util::DEBUG);
return false;
}
$rr = @ldap_read($cr, $dn, 'objectClass=*', array($attr));
if (!is_resource($rr)) {
\OCP\Util::writeLog('user_ldap', 'readAttribute ' . $attr . ' failed for DN ' . $dn, \OCP\Util::DEBUG);
//in case an error occurs , e.g. object does not exist
return false;
}
$er = ldap_first_entry($cr, $rr);
//LDAP attributes are not case sensitive
$result = \OCP\Util::mb_array_change_key_case(ldap_get_attributes($cr, $er), MB_CASE_LOWER, 'UTF-8');
$attr = mb_strtolower($attr, 'UTF-8');
if (isset($result[$attr]) && $result[$attr]['count'] > 0) {
$values = array();
for ($i = 0; $i < $result[$attr]['count']; $i++) {
$values[] = $this->resemblesDN($attr) ? $this->sanitizeDN($result[$attr][$i]) : $result[$attr][$i];
}
return $values;
}
\OCP\Util::writeLog('user_ldap', 'Requested attribute ' . $attr . ' not found for ' . $dn, \OCP\Util::DEBUG);
return false;
}
private function setEntry($entry)
{
if ($entry) {
$this->_current_entry = $entry;
$row = ldap_get_attributes($this->_link, $entry);
$row["dn"] = ldap_get_dn($this->_link, $entry);
return $row;
}
}
/**
* Fetches the current entry.
*
* @return Entry
*/
public function current()
{
$attributes = ldap_get_attributes($this->connection, $this->current);
if (false === $attributes) {
throw new LdapException(sprintf('Could not fetch attributes: %s', ldap_error($this->connection)));
}
$dn = ldap_get_dn($this->connection, $this->current);
if (false === $dn) {
throw new LdapException(sprintf('Could not fetch DN: %s', ldap_error($this->connection)));
}
return new Entry($dn, $attributes);
}
/**
* Retrieves entry attributes
*
* @return array(attribute => array(values))
*/
public function getAttributes()
{
$data = @ldap_get_attributes($this->connection, $this->entry);
$result = array();
for ($i = 0; $i < $data['count']; $i++) {
$key = $data[$i];
$result[$key] = array();
for ($j = 0; $j < $data[$key]['count']; $j++) {
$result[$key][] = $data[$key][$j];
}
}
return $result;
}
private function getSingleEntry($con, $current)
{
$attributes = ldap_get_attributes($con, $current);
if (false === $attributes) {
throw new LdapException(sprintf('Could not fetch attributes: %s', ldap_error($con)));
}
$attributes = $this->cleanupAttributes($attributes);
$dn = ldap_get_dn($con, $current);
if (false === $dn) {
throw new LdapException(sprintf('Could not fetch DN: %s', ldap_error($con)));
}
return new Entry($dn, $attributes);
}
/**
* fetches all attributes
*
* @return array NodeAttributes
*/
public final function get_attributes()
{
if ($this->get_changed()) {
$this->refresh_entry();
}
$data = ldap_get_attributes($this->get_ldapconn()->get_conn(), $this->get_entry());
$result = array();
for ($i = 0; $i < $data['count']; $i++) {
$key = $data[$i];
$result[] = $this->get_attribute($key);
}
return $result;
}
/**
* @brief reads a given attribute for an LDAP record identified by a DN
* @param $dn the record in question
* @param $attr the attribute that shall be retrieved
* if empty, just check the record's existence
* @returns an array of values on success or an empty
* array if $attr is empty, false otherwise
*
* Reads an attribute from an LDAP entry or check if entry exists
*/
public function readAttribute($dn, $attr, $filter = 'objectClass=*')
{
if (!$this->checkConnection()) {
\OCP\Util::writeLog('user_ldap', 'No LDAP Connector assigned, access impossible for readAttribute.', \OCP\Util::WARN);
return false;
}
$cr = $this->connection->getConnectionResource();
if (!is_resource($cr)) {
//LDAP not available
\OCP\Util::writeLog('user_ldap', 'LDAP resource not available.', \OCP\Util::DEBUG);
return false;
}
$dn = $this->DNasBaseParameter($dn);
$rr = @ldap_read($cr, $dn, $filter, array($attr));
if (!is_resource($rr)) {
if (!empty($attr)) {
//do not throw this message on userExists check, irritates
\OCP\Util::writeLog('user_ldap', 'readAttribute failed for DN ' . $dn, \OCP\Util::DEBUG);
}
//in case an error occurs , e.g. object does not exist
return false;
}
if (empty($attr)) {
\OCP\Util::writeLog('user_ldap', 'readAttribute: ' . $dn . ' found', \OCP\Util::DEBUG);
return array();
}
$er = ldap_first_entry($cr, $rr);
if (!is_resource($er)) {
//did not match the filter, return false
return false;
}
//LDAP attributes are not case sensitive
$result = \OCP\Util::mb_array_change_key_case(ldap_get_attributes($cr, $er), MB_CASE_LOWER, 'UTF-8');
$attr = mb_strtolower($attr, 'UTF-8');
if (isset($result[$attr]) && $result[$attr]['count'] > 0) {
$values = array();
for ($i = 0; $i < $result[$attr]['count']; $i++) {
if ($this->resemblesDN($attr)) {
$values[] = $this->sanitizeDN($result[$attr][$i]);
} elseif (strtolower($attr) == 'objectguid' || strtolower($attr) == 'guid') {
$values[] = $this->convertObjectGUID2Str($result[$attr][$i]);
} else {
$values[] = $result[$attr][$i];
}
}
return $values;
}
\OCP\Util::writeLog('user_ldap', 'Requested attribute ' . $attr . ' not found for ' . $dn, \OCP\Util::DEBUG);
return false;
}
protected function search($ldap, $user)
{
$srch = ldap_search($ldap, 'DC=' . implode(',DC=', explode('.', $this->domain)), '(&(objectclass=person)(|(userprincipalname=' . $user . ')(distinguishedname=' . $user . '))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))');
$data = ldap_first_entry($ldap, $srch);
if (!$data) {
return null;
}
$temp = [];
foreach (ldap_get_attributes($ldap, $data) as $k => $v) {
if ($v && isset($v['count']) && $v['count'] === 1) {
$temp[$k] = $v[0];
}
}
return $temp;
}
function ldap_flatresults($ad, $sr, $key = false)
{
for ($entry = ldap_first_entry($ad, $sr); $entry != false; $entry = ldap_next_entry($ad, $entry)) {
$user = array();
$attributes = ldap_get_attributes($ad, $entry);
for ($i = $attributes['count']; $i-- > 0;) {
$user[strtolower($attributes[$i])] = $attributes[$attributes[$i]][0];
}
if ($key && $user[$key]) {
$users[strtolower($user[$key])] = $user;
} else {
$users[] = $user;
}
}
return $users;
}
/**
* Get all attributes with values in a key value array
*
* @return array
*/
public function getAttributes()
{
$keyToLowerCase = true;
if (!isset($this->_attributes)) {
$attributes = ldap_get_attributes($this->_ldapConn->getLink(), $this->_entryId);
//var_dump($attributes);
for ($i = 0; $i < $attributes['count']; $i++) {
//echo $attributes[$i]." : ".$attributes[$attributes[$i]]."\n";
$key = $keyToLowerCase ? strtolower($attributes[$i]) : $attributes[$i];
$this->_attributes[$key] = $this->_convertUTF8($attributes[$attributes[$i]]);
unset($this->_attributes[$key]['count']);
}
unset($this->_attributes['objectclass']);
}
return $this->_attributes;
}
protected function getUserLdapPhoto($contactID)
{
$ldap_context = $_SESSION['phpgw_info']['expressomail']['ldap_server']['dn'];
$justthese = array("dn", 'jpegPhoto', 'givenName', 'sn');
$this->getLdapCatalog()->ldapConnect(true);
$ds = $this->getLdapCatalog()->ds;
if ($ds) {
$resource = @ldap_read($ds, $contactID, "phpgwaccounttype=u");
$n_entries = @ldap_count_entries($ds, $resource);
if ($n_entries == 1) {
$first_entry = ldap_first_entry($ds, $resource);
$obj = ldap_get_attributes($ds, $first_entry);
if ($obj['jpegPhoto']) {
return ldap_get_values_len($ds, $first_entry, "jpegPhoto");
}
}
}
return false;
}
public function loadUsers()
{
$search = ldap_read($this->ldapconn, $this->dn, Group::FILTER_GROUPS, array("member"));
if (ldap_count_entries($this->ldapconn, $search) > 0) {
$entry = ldap_first_entry($this->ldapconn, $search);
$att = ldap_get_attributes($this->ldapconn, $entry);
if (isset($att['member'])) {
$this->members = [];
for ($i = 0; $i < $att['member']['count']; $i++) {
$dn = $att['member'][$i];
if ($dn != DUMMY_USER_DN) {
$this->members[] = User::readUser($this->ldapconn, $dn);
}
}
} else {
$this->members = [];
}
}
}
/**
* Genera array con los datos extraídos de LDAP
*
* @param $items
* @return array
*/
protected function _generateArray($items)
{
$arrItems = [];
$atributos = $this->config->get('ldapsearch::attributes');
$entry = ldap_first_entry($this->connection, $items);
# Si no hay resultado, devuelvo vacío
if (!$entry) {
return $arrItems;
}
do {
$attrs = ldap_get_attributes($this->connection, $entry);
$items = [];
foreach ($atributos as $attr) {
$items["{$attr}"] = array_search($attr, $attrs) != false ? $attrs["{$attr}"][0] : null;
}
array_push($arrItems, $items);
} while ($entry = ldap_next_entry($this->connection, $entry));
return $arrItems;
}
public function getUser()
{
if ($this->_user === false) {
self::getConn();
self::bind();
$filter = str_replace('${username}', $this->username, self::$_configs['accountPattern']);
$sr = ldap_search(self::$_conn, self::$_configs['accountBase'], $filter);
unset($filter);
if (ldap_count_entries(self::$_conn, $sr) == 0) {
ldap_close(self::$_conn);
return array();
}
$entry = ldap_first_entry(self::$_conn, $sr);
$attributes = ldap_get_attributes(self::$_conn, $entry);
$this->_user = new LdapUser();
foreach ($attributes as $key => $value) {
if ($key == 'userPassword') {
$this->_user->setPassword($value[0]);
}
if (isset(self::$_configs['attributesMap']) == true && is_array(self::$_configs['attributesMap']) == true) {
if (isset(self::$_configs['attributesMap'][$key]) == true && is_string(self::$_configs['attributesMap'][$key]) == true) {
$field = self::$_configs['attributesMap'][$key];
$this->_user->setAttribute($field, $value[0]);
unset($field);
}
} else {
if (is_string($key) == true) {
$this->_user->{$key} = $value[0];
}
}
}
ldap_close(self::$_conn);
$user = User::findByUsername(array('username' => $this->username));
if ($user == null) {
$attributes['username'] = $this->username;
$user = $this->register($attributes);
}
$this->_user->setId($user->getId());
unset($attributes, $user);
}
return $this->_user;
}
public function current()
{
$obj = new LdapEntry();
// new empty object
$obj->dn = ldap_get_dn($this->ds, $this->entry);
// attach dn
$attrs = ldap_get_attributes($this->ds, $this->entry);
// attach attributes
for ($i = 0; $i < $attrs['count']; $i++) {
unset($attrs[$i]);
}
unset($attrs['count']);
foreach ($attrs as $key => $a) {
$key = preg_replace("/\\;/", "_", $key);
// change ';' => '_' as ';' is not valid in object key name
$kname = strtolower($key);
$obj->{$kname} = $a;
}
return $obj;
}
protected function isUserInAnyGroup($ps_username, $pa_group_cn_list)
{
$vs_base_dn = $this->getConfigValue("ldap_base_dn");
$vs_user_ou = $this->getConfigValue("ldap_user_ou");
$vs_user_search_dn = $this->getProcessedConfigValue("ldap_user_search_dn_format", $ps_username, $vs_user_ou, $vs_base_dn);
$vs_user_search_filter = $this->getProcessedConfigValue("ldap_user_search_filter_format", $ps_username, $vs_user_ou, $vs_base_dn);
$vo_results = ldap_search($this->getLinkIdentifier(), $vs_user_search_dn, $vs_user_search_filter);
if (!$vo_results) {
// search error
return false;
}
$vo_entry = ldap_first_entry($this->getLinkIdentifier(), $vo_results);
if (!$vo_entry) {
// no results returned
return false;
}
$va_attrs = ldap_get_attributes($this->getLinkIdentifier(), $vo_entry);
$vs_member_of_attr = $this->getConfigValue("ldap_attribute_member_of");
return sizeof(array_intersect(array_map('strtolower', $pa_group_cn_list), array_map('strtolower', $va_attrs[$vs_member_of_attr]))) > 0;
}
/**
Initialise the weeLDAPEntry object.
@param $rLink The connection link identifier.
@param $rEntry The entry link identifier.
*/
public function __construct($rLink, $rEntry)
{
$this->rEntry = $rEntry;
$this->rLink = $rLink;
$this->aAttributes = ldap_get_attributes($this->rLink, $this->rEntry);
if ($this->aAttributes === false) {
throw new LDAPException(_WT('Failed to get the attributes of the current entry.') . "\n" . ldap_error($this->rLink), ldap_errno($this->rLink));
}
// Clean the array $aAttributes.
// Remove the "count" elements and attribute indexes, for avoiding LDAPException in weeLDAPEntry::save.
// The array will be like: array('attribute1' => array(value1, value2), 'attribute2' => ...) instead of the array returned by ldap_get_attributes.
foreach ($this->aAttributes as $mAttrKey => $mAttrValue) {
if (is_string($mAttrKey)) {
$this->aAttributes[$mAttrKey] = $mAttrValue;
unset($this->aAttributes[$mAttrKey]['count']);
} else {
unset($this->aAttributes[$mAttrKey]);
}
}
unset($this->aAttributes['count']);
}
private function _searchUser($login, $filter = "")
{
global $conf;
# Search for user
if ($filter == "") {
#$filter = "(&(objectClass=person)(" . $conf->auth_ldap->username_attr . "={search}))";
$filter = "(&" . $conf->auth_ldap->filter . "(" . $conf->auth_ldap->username_attr . "={search}))";
}
$filter = str_replace("{search}", $login, $filter);
#error_log($filter);
$search = ldap_search($this->ldap, $conf->auth_ldap->base, $filter);
error_log(print_r($search, true));
$errno = ldap_errno($this->ldap);
if ($errno) {
error_log("LDAP - Search error {$errno} (" . ldap_error($this->ldap) . ")");
return NULL;
} else {
# Get user DN
$entry = ldap_first_entry($this->ldap, $search);
error_log("Entry");
error_log(print_r($entry, true));
$userdn = ldap_get_dn($this->ldap, $entry);
if (!$userdn) {
error_log("LDAP - User " . $login . " not found");
return false;
} else {
$user_attrs = ldap_get_attributes($this->ldap, $entry);
$user_attrs_cpy = array();
// XXX: Probably fine for most attributes we will use.
foreach ($user_attrs as $key => $value) {
$user_attrs_cpy[$key] = $value[0];
}
$retval = array();
array_push($retval, $userdn);
array_push($retval, $user_attrs_cpy);
return $retval;
}
}
return NULL;
}
function login()
{
$tpl = new templates();
$ldap = new clladp();
$att = array("userPassword", "DisplayName");
$sr = @ldap_search($ldap->ldap_connection, "dc=organizations,{$ldap->suffix}", "(uid={$_POST["uid"]})", $att);
if (!$sr) {
echo $sr;
return $tpl->_ENGINE_parse_body('{unknown_user}');
}
$entry_id = ldap_first_entry($ldap->ldap_connection, $sr);
if (!$entry_id) {
writelogs("INFOS: bad value {$entry_id}: (' . {$entry_id} . ') find: (uid={$_POST["uid"]}) -> aborting function search engine doesn`t found the pattern", __LINE__, __FILE__);
return $tpl->_ENGINE_parse_body('{unknown_user}');
}
$attrs = ldap_get_attributes($ldap->ldap_connection, $entry_id);
$passw = $attrs["userPassword"][0];
$passw = md5($passw);
if (!$_GET["credentials"]) {
$_POST["password"] = md5($_POST["password"]);
}
if ($passw != $_POST["password"]) {
return $tpl->_ENGINE_parse_body('{bad_password}');
}
unset($_SESSION["MLDONKEY_{$_POST["uid"]}"]);
$_SESSION["NOM"] = $attrs["DisplayName"][0];
$privs = $ldap->_Get_privileges_userid($_POST["uid"]);
$_SESSION["privileges"]["ArticaGroupPrivileges"] = $privs;
$users = new usersMenus();
$uid_class = new user($_POST["uid"]);
$_SESSION["ou"] = $uid_class->ou;
$_SESSION["privs"] = $users->_ParsePrivieleges($privs);
if ($_SESSION["privs"]["ForceLanguageUsers"] != null) {
$_COOKIE["ArticaForceLanguageUsers"] = $_SESSION["privs"]["ForceLanguageUsers"];
} else {
unset($_COOKIE["ArticaForceLanguageUsers"]);
}
}
/**
* Gets next entry
*
* @return peer.ldap.LDAPEntry or NULL if nothing was found
* @throws peer.ldap.LDAPException in case of a read error
*/
public function next()
{
// If we have reached the number of results reported by ldap_count_entries()
// - see constructor, return FALSE without trying to read further. Trying
// to read "past the end" results in LDAP error #84 (decoding error) in some
// client/server constellations, which is then incorrectly reported as an error.
if ($this->iteration[1] >= $this->size) {
return null;
}
// Fetch the next entry. Return FALSE if it was the last one (where really,
// we shouldn't be getting here)
$entry = ldap_next_entry($this->conn, $this->iteration[0]);
if (!$entry) {
if ($e = ldap_errno($this->conn)) {
throw new LDAPException('Could not fetch next result entry.', $e);
}
return null;
// EOF
}
// Keep track how many etnries we have fetched so we stop once we
// have reached this number - see above for explanation.
$this->iteration = [$entry, ++$this->iteration[1]];
return LDAPEntry::create(ldap_get_dn($this->conn, $entry), ldap_get_attributes($this->conn, $entry));
}
function _fetch()
{
if ($this->_currentRow >= $this->_numOfRows && $this->_numOfRows >= 0) {
return false;
}
if ($this->_currentRow == 0) {
$this->_entryID = ldap_first_entry($this->connection->_connectionID, $this->_queryID);
} else {
$this->_entryID = ldap_next_entry($this->connection->_connectionID, $this->_entryID);
}
$this->fields = ldap_get_attributes($this->connection->_connectionID, $this->_entryID);
$this->_numOfFields = $this->fields['count'];
switch ($this->fetchMode) {
case LDAP_ASSOC:
$this->fields = $this->GetRowAssoc();
break;
case LDAP_NUM:
$this->fields = $this->GetRowNums();
break;
case LDAP_BOTH:
default:
break;
}
return is_array($this->fields);
}
/**
* Retrieve current user's scripts.
*
* @param resource $ldapcn The connection to the LDAP server.
* @param string $userDN Set to the user object's real DN.
*
* @return array Script sources list.
* @throws Ingo_Exception
*/
protected function _getScripts($ldapcn, &$userDN)
{
$attrs = array($this->_params['script_attribute'], 'dn');
$filter = $this->_substUser($this->_params['script_filter']);
/* Find the user object. */
$sr = @ldap_search($ldapcn, $this->_params['script_base'], $filter, $attrs);
if ($sr === false) {
throw new Ingo_Exception(sprintf(_("Error retrieving current script: (%d) %s"), ldap_errno($ldapcn), ldap_error($ldapcn)));
}
if (@ldap_count_entries($ldapcn, $sr) != 1) {
throw new Ingo_Exception(sprintf(_("Expected 1 object, got %d."), ldap_count_entries($ldapcn, $sr)));
}
$ent = @ldap_first_entry($ldapcn, $sr);
if ($ent === false) {
throw new Ingo_Exception(sprintf(_("Error retrieving current script: (%d) %s"), ldap_errno($ldapcn), ldap_error($ldapcn)));
}
/* Retrieve the user's DN. */
$v = @ldap_get_dn($ldapcn, $ent);
if ($v === false) {
@ldap_free_result($sr);
throw new Ingo_Exception(sprintf(_("Error retrieving current script: (%d) %s"), ldap_errno($ldapcn), ldap_error($ldapcn)));
}
$userDN = $v;
/* Retrieve the user's scripts. */
$attrs = @ldap_get_attributes($ldapcn, $ent);
@ldap_free_result($sr);
if ($attrs === false) {
throw new Ingo_Exception(sprintf(_("Error retrieving current script: (%d) %s"), ldap_errno($ldapcn), ldap_error($ldapcn)));
}
/* Attribute can be in any case, and can have a ";binary"
* specifier. */
$regexp = '/^' . preg_quote($this->_params['script_attribute'], '/') . '(?:;.*)?$/i';
unset($attrs['count']);
foreach ($attrs as $name => $values) {
if (preg_match($regexp, $name)) {
unset($values['count']);
return array_values($values);
}
}
return array();
}
* server_info.php
* Fetches and displays all information that it can from the specified server
*
* Variables that come in as GET vars:
* - server_id
*/
require 'common.php';
$server_id = $_GET['server_id'];
$server_name = $servers[$server_id]['name'];
$ds = pla_ldap_connect($server_id) or pla_error("Could not connect or authenticate to LDAP server");
$r = @ldap_read($ds, '', 'objectClass=*', array('+'));
if (!$r) {
pla_error("Could not fetch any information from the server");
}
$entry = @ldap_first_entry($ds, $r);
$attrs = @ldap_get_attributes($ds, $entry);
$count = @ldap_count_entries($ds, $r);
//echo "<pre>"; print_r( $attrs ); echo "</pre>";
include 'header.php';
?>
<h3 class="title">Server info for <?php
echo htmlspecialchars($server_name);
?>
</h3>
<h3 class="subtitle">Server reports the following information about itself</h3>
<?php
if ($count == 0 || $attrs['count'] == 0) {
?>
/**
* @param string $sSortField
* @param string $bAsc 'asc' or 'desc'
* @param int $iOffset = null
* @param int $iRequestLimit = null
* @return array
*/
public function SortPaginate($sSortField, $bAsc = true, $iOffset = null, $iRequestLimit = null)
{
$iTotalEntries = @ldap_count_entries($this->rLink, $this->rSearch);
$iEnd = 0;
$iStart = 0;
if ($iOffset === null || $iRequestLimit === null) {
$iStart = 0;
$iEnd = $iTotalEntries - 1;
} else {
$iStart = $iOffset;
$iStart = $iStart < 0 ? 0 : $iStart;
$iEnd = $iStart + $iRequestLimit;
$iEnd = $iEnd > $iTotalEntries ? $iTotalEntries : $iEnd;
}
if (0 < strlen($sSortField)) {
@ldap_sort($this->rLink, $this->rSearch, $sSortField);
}
$aList = array();
for ($iCurrent = 0, $rEntry = ldap_first_entry($this->rLink, $this->rSearch); $iCurrent < $iEnd && is_resource($rEntry); $iCurrent++, $rEntry = ldap_next_entry($this->rLink, $rEntry)) {
if ($iCurrent >= $iStart) {
array_push($aList, ldap_get_attributes($this->rLink, $rEntry));
}
}
return $bAsc ? $aList : array_reverse($aList);
}
