/** * Creates an LDAP filter from given request variables search or filter */ function _makeldapfilter() { global $FIELDS; global $conf; //handle given filter if (empty($_REQUEST['filter'])) { $_REQUEST['filter'] = ''; } if (empty($_REQUEST['search'])) { $_REQUEST['search'] = ''; } if (empty($_REQUEST['org'])) { $_REQUEST['org'] = ''; } if (empty($_REQUEST['marker'])) { $_REQUEST['marker'] = ''; } if (is_numeric($_REQUEST['search'])) { $number = $_REQUEST['search']; } $filter = ldap_filterescape($_REQUEST['filter']); $search = ldap_filterescape($_REQUEST['search']); $org = ldap_filterescape($_REQUEST['org']); $marker = ldap_filterescape($_REQUEST['marker']); $_SESSION['ldapab']['filter'] = $_REQUEST['filter']; if (empty($filter)) { $filter = 'a'; } if (!empty($marker)) { // Search by tag $ldapfilter = '(&(objectClass=contactPerson)'; $marker = explode(',', $marker); foreach ($marker as $m) { $m = trim($m); $ldapfilter .= '(' . $FIELDS['_marker'] . '=' . $m . ')'; } $ldapfilter .= ')'; } elseif ($number) { // Search by telephone number $filter = ''; // add wildcards between digits to compensate for any formatting $length = strlen($number); for ($i = 0; $i < $length; $i++) { $filter .= '*' . $number[$i]; } $filter .= '*'; $ldapfilter = '(&' . '(objectClass=inetOrgPerson)' . '(|' . '(|' . '(' . $FIELDS['phone'] . '=' . $filter . ')' . '(' . $FIELDS['homephone'] . '=' . $filter . ')' . ')' . '(' . $FIELDS['mobile'] . '=' . $filter . ')' . ')' . ')'; } elseif (!empty($search)) { // Search name and organization $search = trim($search); $words = preg_split('/\\s+/', $search); $filter = ''; foreach ($words as $word) { $wordfilter = ''; foreach ($conf['searchfields'] as $field) { $wordfilter .= '(' . $field . '=*' . $word . '*)'; } for ($i = 0; $i < count($conf['searchfields']); $i++) { $wordfilter = '(|' . $wordfilter . ')'; } $filter .= '(&' . $wordfilter . ')'; } $ldapfilter = "(&(objectClass=inetOrgPerson){$filter})"; } elseif (!empty($org)) { // List organization members $ldapfilter = '(&(objectClass=inetOrgPerson)(' . $FIELDS['organization'] . "={$org}))"; } elseif ($filter == 'other') { // Alphabetic listing of last names $other = ''; for ($i = ord('a'); $i <= ord('z'); $i++) { $other .= '(!(' . $FIELDS['name'] . '=' . chr($i) . '*))'; } $ldapfilter = "(&(objectClass=inetOrgPerson){$other})"; } elseif ($filter == '\\2a') { //escaped asterisk // List all $ldapfilter = "(objectClass=inetOrgPerson)"; } else { // Search by last name start $ldapfilter = '(&(objectClass=inetOrgPerson)(' . $FIELDS['name'] . "={$filter}*))"; } return $ldapfilter; }
/** * Do a simple lookup in any simple field */ function ajax_lookup($field, $search) { header('Content-Type: text/xml; charset=utf-8'); global $conf; global $LDAP_CON; global $FIELDS; if (!$FIELDS[$field]) { return; } $field = $FIELDS[$field]; $search = ldap_filterescape($search); $filter = "(&(objectClass=inetOrgPerson)({$field}={$search}*))"; $result = ldap_queryabooks($filter, $field); if (!count($result)) { return; } $items = array(); foreach ($result as $entry) { if (isset($entry[$field]) && !empty($entry[$field])) { $items[] = $entry[$field][0]; } } $items = array_unique($items); sort($items, SORT_STRING); echo '<?xml version="1.0"?>' . NL; echo '<ajaxresponse>' . NL; foreach ($items as $out) { echo '<item>' . NL; echo '<value>' . htmlspecialchars($out) . '</value>' . NL; echo '<text>' . htmlspecialchars($out) . '</text>' . NL; echo '</item>' . NL; } echo '</ajaxresponse>' . NL; }