Any control characters with an ACII code < 32 as well as the characters
with special meaning in LDAP filters "*", "(", ")", and "\" (the
backslash) are converted into the representation of a backslash followed
by two hex digits representing the hexadecimal value of the character.
public static escapeFilterValue ( array $values ) : array | ||
$values | array | Values to escape. |
return | array | Escaped values. |
/** * Test escaping of filter values. */ public function testEscapeFilterValue() { $expected = 't\\28e,s\\29t\\2av\\5cal\\1eue'; $filterval = 't(e,s)t*v\\al' . chr(30) . 'ue'; // String call $this->assertEquals(array($expected), Horde_Ldap_Util::escapeFilterValue($filterval)); // Array call. $this->assertEquals(array($expected), Horde_Ldap_Util::escapeFilterValue(array($filterval))); // Multiple arrays. $this->assertEquals(array($expected, $expected, $expected), Horde_Ldap_Util::escapeFilterValue(array($filterval, $filterval, $filterval))); }
/** * Test group fetching. * * @return NULL */ public function testGetGroups() { foreach ($this->servers as $server) { $filter = '(&(objectClass=kolabGroupOfNames)(member=' . Horde_Ldap_Util::escapeFilterValue('cn=The Administrator,dc=example,dc=org') . '))'; $result = $server->search($filter, array()); $this->assertTrue(!empty($result)); /* $entry = $server->_firstEntry($result); */ /* $this->assertTrue(!empty($entry)); */ /* $uid = $server->_getDn($entry); */ /* $this->assertTrue(!empty($uid)); */ /* $entry = $server->_nextEntry($entry); */ /* $this->assertTrue(empty($entry)); */ /* $entries = $server->_getDns($result); */ /* $this->assertTrue(!empty($entries)); */ $groups = $server->getGroups('cn=The Administrator,dc=example,dc=org'); $this->assertTrue(!empty($groups)); $groups = $server->getGroups($server->uidForIdOrMailOrAlias('*****@*****.**')); $this->assertContains('cn=group@example.org,dc=example,dc=org', $groups); $groups = $server->getGroupAddresses($server->uidForIdOrMailOrAlias('*****@*****.**')); $this->assertContains('*****@*****.**', $groups); $groups = $server->getGroups($server->uidForIdOrMailOrAlias('*****@*****.**')); $this->assertContains('cn=group@example.org,dc=example,dc=org', $groups); $groups = $server->getGroupAddresses($server->uidForIdOrMailOrAlias('*****@*****.**')); $this->assertContains('*****@*****.**', $groups); $groups = $server->getGroups('nobody'); $this->assertTrue(empty($groups)); } }
/** * Creates a new part of an LDAP filter. * * The following matching rules exists: * - equals: One of the attributes values is exactly $value. * Please note that case sensitiviness depends on the * attributes syntax configured in the server. * - begins: One of the attributes values must begin with $value. * - ends: One of the attributes values must end with $value. * - contains: One of the attributes values must contain $value. * - present | any: The attribute can contain any value but must exist. * - greater: The attributes value is greater than $value. * - less: The attributes value is less than $value. * - greaterOrEqual: The attributes value is greater or equal than $value. * - lessOrEqual: The attributes value is less or equal than $value. * - approx: One of the attributes values is similar to $value. * * If $escape is set to true then $value will be escaped. If set to false * then $value will be treaten as a raw filter value string. You should * then escape it yourself using {@link * Horde_Ldap_Util::escapeFilterValue()}. * * Examples: * <code> * // This will find entries that contain an attribute "sn" that ends with * // "foobar": * $filter = Horde_Ldap_Filter::create('sn', 'ends', 'foobar'); * * // This will find entries that contain an attribute "sn" that has any * // value set: * $filter = Horde_Ldap_Filter::create('sn', 'any'); * </code> * * @param string $attribute Name of the attribute the filter should apply * to. * @param string $match Matching rule (equals, begins, ends, contains, * greater, less, greaterOrEqual, lessOrEqual, * approx, any). * @param string $value If given, then this is used as a filter value. * @param boolean $escape Should $value be escaped? * * @return Horde_Ldap_Filter * @throws Horde_Ldap_Exception */ public static function create($attribute, $match, $value = '', $escape = true) { if ($escape) { $array = Horde_Ldap_Util::escapeFilterValue(array($value)); $value = $array[0]; } switch (Horde_String::lower($match)) { case 'equals': case '=': $filter = '(' . $attribute . '=' . $value . ')'; break; case 'begins': $filter = '(' . $attribute . '=' . $value . '*)'; break; case 'ends': $filter = '(' . $attribute . '=*' . $value . ')'; break; case 'contains': $filter = '(' . $attribute . '=*' . $value . '*)'; break; case 'greater': case '>': $filter = '(' . $attribute . '>' . $value . ')'; break; case 'less': case '<': $filter = '(' . $attribute . '<' . $value . ')'; break; case 'greaterorequal': case '>=': $filter = '(' . $attribute . '>=' . $value . ')'; break; case 'lessorequal': case '<=': $filter = '(' . $attribute . '<=' . $value . ')'; break; case 'approx': case '~=': $filter = '(' . $attribute . '~=' . $value . ')'; break; case 'any': case 'present': $filter = '(' . $attribute . '=*)'; break; default: throw new Horde_Ldap_Exception('Matching rule "' . $match . '" unknown'); } return new Horde_Ldap_Filter(array('filter' => $filter)); }