/**
* (LDAP helper for ocf_get_members_groups) Get a list of the usergroups a member is in (keys say the usergroups, values are irrelevant).
*
* @param ?MEMBER The member to find the usergroups of (NULL: current member).
* @return array The list (e.g. array(1=>1,2=>1,3=>1) for someone in (1,2,3)). The keys are all that matters, values are arbitrary.
*/
function ocf_get_members_groups_ldap($member_id)
{
$groups = array();
global $LDAP_CONNECTION;
$cn = ocf_member_ocfid_to_ldapcn($member_id);
if (get_option('ldap_is_windows') == '0') {
// Members under group (secondary)
$results = ldap_search($LDAP_CONNECTION, group_search_qualifier() . get_option('ldap_base_dn'), '(&(objectclass=' . get_member_class() . ')(memberuid=' . ocp_ldap_escape($cn) . '))', array(group_property()), 1);
$entries = ldap_get_entries($LDAP_CONNECTION, $results);
foreach ($entries as $key => $entry) {
if ($key === 'dn') {
$group_cn = ocf_long_cn_to_short_cn(ldap_unescape($entry['dn']), 'dn');
$group_id = ocf_group_ldapcn_to_ocfid($group_cn);
if (!is_null($group_id)) {
$groups[$group_id] = 1;
}
}
if (!is_numeric($key)) {
continue;
}
if (!array_key_exists(group_property(), $entry)) {
continue;
}
if (!array_key_exists(0, $entry[group_property()])) {
continue;
}
$group_cn = ocf_long_cn_to_short_cn(ldap_unescape($entry[group_property()][0]), group_property());
$group_id = ocf_group_ldapcn_to_ocfid($group_cn);
if (!is_null($group_id)) {
$groups[$group_id] = 1;
}
}
ldap_free_result($results);
// Groups under member (primary)
$results = ldap_search($LDAP_CONNECTION, member_search_qualifier() . get_option('ldap_base_dn'), '(&(objectclass=' . get_member_class() . ')(' . member_property() . '=' . ocp_ldap_escape($cn) . '))', array('gidnumber'));
$entries = ldap_get_entries($LDAP_CONNECTION, $results);
$group_id_use = NULL;
foreach ($entries as $key => $group) {
if (!is_numeric($key)) {
continue;
}
$group_id = ocf_group_ldapgid_to_ocfid($group['gidnumber'][0]);
if (!is_null($group_id)) {
$group_id_use = $group_id;
}
}
ldap_free_result($results);
if (is_null($group_id_use)) {
$group_id_use = get_first_default_group();
}
$groups[$group_id_use] = 1;
} else {
// Groups under member (Active Directory makes no distinction)
$results = ldap_search($LDAP_CONNECTION, member_search_qualifier() . get_option('ldap_base_dn'), '(&(objectclass=' . get_member_class() . ')(' . member_property() . '=' . ocp_ldap_escape($cn) . '))', array('memberof'));
$entries = ldap_get_entries($LDAP_CONNECTION, $results);
$group_id_use = NULL;
if (array_key_exists(0, $entries) && array_key_exists('memberof', $entries[0])) {
foreach ($entries[0]['memberof'] as $key => $group) {
if (!is_numeric($key)) {
continue;
}
$group_id = ocf_group_ldapcn_to_ocfid(ocf_long_cn_to_short_cn($group, group_property()));
if (!is_null($group_id)) {
$groups[$group_id] = 1;
}
}
}
ldap_free_result($results);
if (count($groups) == 0) {
$groups = array_flip(ocf_get_all_default_groups(true));
}
}
return $groups;
}
/**
* Apply escaping to special characters in search values.
* @access private
* @param string $value User provided value
* @return string
*/
function escape_input($value)
{
return reason_sql_string_escape(ldap_unescape($value));
}
/**
* Apply escaping to special characters in search values.
* @access private
* @param string $value User provided value
* @return string
*/
function escape_input($value) {
return addslashes(ldap_unescape($value));
}
