diff --git a/thirdparty/pear/Net/LDAP.php b/thirdparty/pear/Net/LDAP.php new file mode 100644 index 0000000..ada5f65 --- /dev/null +++ b/thirdparty/pear/Net/LDAP.php @@ -0,0 +1,1065 @@ + '', + 'host' => 'localhost', + 'password' => '', + 'tls' => false, + 'base' => '', + 'port' => 389, + 'version' => 3, + 'options' => array(), + 'filter' => '(objectClass=*)', + 'scope' => 'sub'); + + /** + * LDAP resource link. + * + * @access private + * @var resource + */ + var $_link; + + /** + * Net_LDAP Release Version + * + * @access private + * @var string + */ + var $_version = "0.6.6"; + + /** + * Net_LDAP_Schema object + * + * @access private + * @var object Net_LDAP_Schema + */ + var $_schema = null; + + /** + * Cache for attribute encoding checks + * + * @access private + * @var array Hash with attribute names as key and boolean value + * to determine whether they should be utf8 encoded or not. + */ + var $_schemaAttrs = array(); + + /** + * Net_LDAP constructor + * + * Sets the config array + * + * @access protected + * @param array Configuration array + * @return void + * @see $_config + */ + function Net_LDAP($_config = array()) + { + $this->PEAR('Net_LDAP_Error'); + + foreach ($_config as $k => $v) { + $this->_config[$k] = $v; + } + } + + /** + * Creates the initial ldap-object + * + * Static function that returns either an error object or the new Net_LDAP object. + * Something like a factory. Takes a config array with the needed parameters. + * + * @access public + * @param array Configuration array + * @return mixed object Net_LDAP_Error or Net_LDAP + * @see $_config + */ + function &connect($config = array()) + { + if (!function_exists('ldap_connect')){ + return $this->raiseError("It seems that you do not have the ldap-extension installed. Please install it before using this package."); + } + @$obj =& new Net_LDAP($config); + $err = $obj->bind(); + + if (Net_LDAP::isError($err)) { + return $err; + } + return $obj; + } + + /** + * Bind to the ldap-server + * + * The function may be used if you do not create the object using Net_LDAP::connect. + * + * @access public + * @param array Configuration array + * @return mixed Net_LDAP_Error or true + * @see $_config + */ + function bind($config = array()) + { + foreach ($config as $k => $v) { + $this->_config[$k] = $v; + } + + if ($this->_config['host']) { + $this->_link = @ldap_connect($this->_config['host'], $this->_config['port']); + } else { + return $this->raiseError("Host not defined in config. {$this->_config['host']}"); + } + + if (!$this->_link) { + // there is no good errorcode for this one! I chose 52. + return $this->raiseError("Could not connect to server. ldap_connect failed.", 52); + } + // You must set the version and start tls BEFORE binding! + + if ($this->_config['version'] != 2 && Net_LDAP::isError($msg = $this->setLDAPVersion())) { + return $msg; + } + + if ($this->_config['tls'] && Net_LDAP::isError($msg = $this->startTLS())) { + return $msg; + } + + if (isset($this->_config['options']) && + is_array($this->_config['options']) && + count($this->_config['options'])) + { + foreach ($this->_config['options'] as $opt => $val) { + $err = $this->setOption($opt, $val); + if (Net_LDAP::isError($err)) { + return $err; + } + } + } + + if (isset($this->_config['dn']) && isset($this->_config['password'])) { + $bind = @ldap_bind($this->_link, $this->_config['dn'], $this->_config['password']); + } else { + $bind = @ldap_bind($this->_link); + } + + if (!$bind) { + return $this->raiseError("Bind failed " . @ldap_error($this->_link), @ldap_errno($this->_link)); + } + + return true; + } + + /** + * ReBind to the ldap-server using another dn and password + * + * The function may be used if you do not create the object using Net_LDAP::connect. + * + * @access public + * @param string $dn - the DN to bind as. + * string $password - the bassword to use. + * @return mixed Net_LDAP_Error or true + * @see $_config + */ + + function reBind ($dn = null, $password = null) + { + + if ($dn && $password ) { + $bind = @ldap_bind($this->_link, $dn, $password); + } else { + $bind = @ldap_bind($this->_link); + } + + if (!$bind) { + return $this->raiseError("Bind failed " . @ldap_error($this->_link), @ldap_errno($this->_link)); + } + return true; + } + + /** + * Starts an encrypted session + * + * @access public + * @return mixed True or Net_LDAP_Error + */ + function startTLS() + { + if (!@ldap_start_tls($this->_link)) { + return $this->raiseError("TLS not started. Error:" . @ldap_error($this->_link), @ldap_errno($this->_link)); + } + return true; + } + + /** + * alias function of startTLS() for perl-ldap interface + * + * @see startTLS() + */ + function start_tls() + { + $args = func_get_args(); + return call_user_func_array(array($this, 'startTLS' ), $args); + } + + /** + * Close LDAP connection. + * + * Closes the connection. Use this when the session is over. + * + * @return void + */ + function done() + { + $this->_Net_LDAP(); + } + + /** + * Destructor + * + * @access private + */ + function _Net_LDAP() + { + @ldap_close($this->_link); + } + + /** + * Add a new entryobject to a directory. + * + * Use add to add a new Net_LDAP_Entry object to the directory. + * + * @param object Net_LDAP_Entry + * @return mixed Net_LDAP_Error or true + */ + function add($entry) + { + if (@ldap_add($this->_link, $entry->dn(), $entry->attributes())) { + return true; + } else { + return $this->raiseError("Could not add entry " . $entry->dn() . " " . @ldap_error($this->_link), + @ldap_errno($this->_link)); + } + } + + /** + * Delete an entry from the directory + * + * The object may either be a string representing the dn or a Net_LDAP_Entry object. + * The param array may contain a boolean value named recursive. When set, all subentries + * of the Entry will be deleted as well + * + * @access public + * @param mixed string or Net_LDAP_Entry + * @param array + * @return mixed Net_LDAP_Error or true + */ + function delete($dn, $param = array()) + { + if (is_object($dn) && strtolower(get_class($dn)) == 'net_ldap_entry') { + $dn = $dn->dn(); + } else { + if (!is_string($dn)) { + // this is what the server would say: invalid_dn_syntax. + return $this->raiseError("$dn not a string nor an entryobject!", 34); + } + } + + if ($param['recursive'] ) { + $searchresult = @ldap_list($this->_link, $dn, '(objectClass=*)', array()); + + if ($searchresult) { + $entries = @ldap_get_entries($this->_link, $searchresult); + + for ($i=0; $i<$entries['count']; $i++) { + $result = $this->delete($entries[$i]['dn'], array('recursive' => true)); + if (!$result) { + $errno = @ldap_errno($this->_link); + return $this->raiseMessage ("Net_LDAP::delete: " . $this->errorMessage($errno), $errno); + } + if(PEAR::isError($result)){ + return $result; + } + } + } + } + if (!@ldap_delete($this->_link, $dn)) { + $error = ldap_errno($this->_link ); + if ($error == 66) { + /* entry has subentries */ + return $this->raiseError('Net_LDAP::delete: Cound not delete entry ' . $dn . + ' because of subentries. Use the recursive param to delete them.'); + } else { + return $this->raiseError("Net_LDAP::delete: Could not delete entry " . $dn ." because: ". + $this->errorMessage($error), $error); + } + } + return true; + } + + /** + * Modify an ldapentry + * + * This is taken from the perlpod of net::ldap, and explains things quite nicely. + * modify ( DN, OPTIONS ) + * Modify the contents of DN on the server. DN May be a + * string or a Net::LDAP::Entry object. + * + * dn This option is here for compatibility only, and + * may be removed in future. Previous releases did + * not take the DN argument which replaces this + * option. + * + * add The add option should be a reference to a HASH. + * The values of the HASH are the attributes to add, + * and the values may be a string or a reference to a + * list of values. + * + * delete + * A reference to an ARRAY of attributes to delete. + * TODO: This does not support deleting one or two values yet - use + * replace. + * + * replace + * The option takes a argument in the same + * form as add, but will cause any existing + * attributes with the same name to be replaced. If + * the value for any attribute in the årray is a ref­ + * erence to an empty string the all instances of the + * attribute will be deleted. + * + * changes + * This is an alternative to add, delete and replace + * where the whole operation can be given in a single + * argument. The argument should be a array + * + * Values in the ARRAY are used in pairs, the first + * is the operation add, delete or replace and the + * second is a reference to an ARRAY of attribute + * values. + * + * The attribute value list is also used in pairs. + * The first value in each pair is the attribute name + * and the second is a reference to a list of values. + * + * Example: + * $ldap->modify ( $dn, array (changes => array( + * 'delete' => array('faxNumber' => ''), + * 'add' => array('sn' => 'Barr'), + * 'replace' => array(email => 'tarjei@nu.no')))); + * + * @access public + * @param string + * @param array + * @return mixed Net_LDAP_Error or true + */ + function modify($dn , $params = array()) + { + if (is_object($dn)) { + $dn = $dn->dn(); + } + // since $params['dn'] is not used in net::ldap now: + if (isset($params['dn'])) { + return $this->raiseError("This feature will not be implemented!"); + } + // new code from rafael at krysciak dot de + if(array_key_exists('changes', $params)) { + $_params = $params; + } else { + $_params['changes'] = $params; + } + if (is_array($_params['changes'])) { + foreach($_params['changes'] AS $option => $atrr) { + switch($option) { + case 'add': + $command = $dn_exists ? 'ldap_mod_add':'ldap_add'; + break; + case 'replace': + $command = 'ldap_mod_replace'; + break; + case 'delete': + $command = 'ldap_mod_del'; + // to delete an attribute with a specific value you + // need a hash array('attr_name' => array('attr_value_1', ... ,'attr_value_n')) + // the hash array('attr_name' => 'attr_value') will be converted + // automatically to array('attr_name' => array('attr_value')) + foreach($atrr AS $atrr_field => $atrr_value) { + if(!is_array($atrr_value)) { + $atrr[$atrr_field] = array($atrr_value); + } + } + break; + default: + return $this->raiseError("Net_LDAP::modify: not supported option " . $option); + break; + } // end switch($option) { + + if(!@call_user_func($command, $this->_link, $dn, $atrr)) { + return $this->raiseError("Net_LDAP::modify: $dn not modified because:" . ldap_error($this->_link), ldap_errno($this->_link)); + } + } // end foreach($_params['changes'] AS $option => $atrr) { + } // end if (is_array($_params['changes'])) { + // everything went fine :) + return true; + + /* old broken code see bug#2987 + if (isset($params['changes'])) { + + if (isset($params['changes']['add']) && + !@ldap_modify($this->_link, $dn, $params['changes']['add'])) { + + return $this->raiseError("Net_LDAP::modify: $dn not modified because:" . ldap_error($this->_link), + ldap_errno($this->_link)); + } + + if (isset($params['changes']['replace']) && + !@ldap_modify($this->_link, $dn, $params['changes']['replace'])) { + + return $this->raiseError("Net_LDAP::modify: replace change didn't work: " . ldap_error($this->_link), + ldap_errno($this->_link)); + } + + if (isset($params['changes']['delete']) && + !@ldap_mod_del($this->_link, $dn, $params['changes']['delete'])) { + + return $this->raiseError("Net_LDAP::modify:delete did not work" . ldap_error($this->_link), + ldap_errno($this->_link)); + } + } + + if (isset($params['add']) && !@ldap_add($this->_link, $dn, $params['add'])) { + return $this->raiseError(ldap_error($this->_link), ldap_errno($this->_link)); + } + + if (isset($params['replace']) && !@ldap_modify($this->_link, $dn, $params['replace'])) { + return $this->raiseError(ldap_error($this->_link), ldap_errno($this->_link)); + } + + if (isset($params['delete'])) { + // since you delete an attribute by making it empty: + foreach ($params['delete'] as $k) { + $params['delete'][$k] = ''; + } + + if (!@ldap_modify($this->_link, $dn, $params['delete'])) { + return $this->raiseError(ldap_error($this->_link), ldap_errno($this->_link)); + } + } + // everything went fine :) + return true; + */ + + } + + /** + * Run a ldap query + * + * Search is used to query the ldap-database. + * $base and $filter may be ommitted. BaseDN and default filter will then be used. + * Params may contain: + * + * scope: The scope which will be used for searching + * base - Just one entry + * sub - The whole tree + * one - Immediately below $base + * sizelimit: Limit the number of entries returned (default: 0), + * timelimit: Limit the time spent for searching (default: 0), + * attrsonly: If true, the search will only return the attribute names, NO values + * attributes: Array of attribute names, which the entry should contain. It is good practice + * to limit this to just the ones you need, so by default this function does not + * return any attributes at all. + * [NOT IMPLEMENTED] + * deref: By default aliases are dereferenced to locate the base object for the search, but not when + * searching subordinates of the base object. This may be changed by specifying one of the + * following values: + * + * never - Do not dereference aliases in searching or in locating the base object of the search. + * search - Dereference aliases in subordinates of the base object in searching, but not in + * locating the base object of the search. + * find + * always + * + * @access public + * @param string LDAP searchbase + * @param string LDAP search filter + * @param array Array of options + * @return object mixed Net_LDAP_Search or Net_LDAP_Error + */ + function search($base = null, $filter = null, $params = array()) + { + if (is_null($base)) { + $base = $this->_config['base']; + } + if (is_null($filter)) { + $filter = $this->_config['filter']; + } + + /* setting searchparameters */ + (isset($params['sizelimit'])) ? $sizelimit = $params['sizelimit'] : $sizelimit = 0; + (isset($params['timelimit'])) ? $timelimit = $params['timelimit'] : $timelimit = 0; + (isset($params['attrsonly'])) ? $attrsonly = $params['attrsonly'] : $attrsonly = 0; + (isset($params['attributes'])) ? $attributes = $params['attributes'] : $attributes = array(''); + + if (!is_array($attributes)) { + $this->raiseError("The param attributes must be an array!"); + } + + /* scoping makes searches faster! */ + $scope = (isset($params['scope']) ? $params['scope'] : $this->_config['scope']); + + switch ($scope) { + case 'one': + $search_function = 'ldap_list'; + break; + case 'base': + $search_function = 'ldap_read'; + break; + default: + $search_function = 'ldap_search'; + } + + $search = @call_user_func($search_function, + $this->_link, + $base, + $filter, + $attributes, + $attrsonly, + $sizelimit, + $timelimit); + + if ($err = ldap_errno($this->_link)) { + + if ($err == 32) { + // Errorcode 32 = no such object, i.e. a nullresult. + return $obj =& new Net_LDAP_Search ($search, $this->_link); + + // Errorcode 4 = sizelimit exeeded. this will be handled better in time... + //} elseif ($err == 4) { + // return $obj = & new Net_LDAP_Search ($search, $this->_link); + + } elseif ($err == 87) { + // bad search filter + return $this->raiseError($this->errorMessage($err) . "($filter)", $err); + } else { + $msg = "\nParameters:\nBase: $base\nFilter: $filter\nScope: $scope"; + return $this->raiseError($this->errorMessage($err) . $msg, $err); + } + } else { + @$obj =& new Net_LDAP_Search($search, $this->_link); + return $obj; + } + + } + + /** + * Set an LDAP option + * + * @access public + * @param string Option to set + * @param mixed Value to set Option to + * @return mixed Net_LDAP_Error or true + */ + function setOption($option, $value) + { + if ($this->_link) { + if (defined($option)) { + if (@ldap_set_option($this->_link, constant($option), $value)) { + return true; + } else { + $err = @ldap_errno($this->_link); + if ($err) { + $msg = @ldap_err2str($err); + } else { + $err = NET_LDAP_ERROR; + $msg = $this->errorMessage($err); + } + return $this->raiseError($msg, $err); + } + } else { + return $this->raiseError("Unkown Option requested"); + } + } else { + return $this->raiseError("No LDAP connection"); + } + } + + /** + * Get an LDAP option value + * + * @access public + * @param string Option to get + * @return mixed Net_LDAP_Error or option value + */ + function getOption($option) + { + if ($this->_link) { + if (defined($option)) { + if (@ldap_get_option($this->_link, constant($option), $value)) { + return $value; + } else { + $err = @ldap_errno($this->_link); + if ($err) { + $msg = @ldap_err2str($err); + } else { + $err = NET_LDAP_ERROR; + $msg = $this->errorMessage($err); + } + return $this->raiseError($msg, $err); + } + } else { + $this->raiseError("Unkown Option requested"); + } + } else { + $this->raiseError("No LDAP connection"); + } + } + + /** + * Get the LDAP_PROTOCOL_VERSION that is used on the connection. + * + * A lot of ldap functionality is defined by what protocol version the ldap server speaks. + * This might be 2 or 3. + * + * @return int + */ + function getLDAPVersion() + { + if($this->_link) { + $version = $this->getOption("LDAP_OPT_PROTOCOL_VERSION"); + } else { + $version = $this->_config['version']; + } + return $version; + } + + /** + * Set the LDAP_PROTOCOL_VERSION that is used on the connection. + * + * @param int Version to set + * @return mixed Net_LDAP_Error or TRUE + */ + function setLDAPVersion($version = 0) + { + if (!$version) { + $version = $this->_config['version']; + } + return $this->setOption("LDAP_OPT_PROTOCOL_VERSION", $version); + } + + /** + * Get the Net_LDAP version. + * + * Return the Net_LDAP version + * + * @return string Net_LDAP version + */ + function getVersion () + { + return $this->_version; + } + + /** + * Tell if a dn already exists + * + * @param string + * @return boolean + */ + function dnExists($dn) + { + $dns = explode(",",$dn); + $filter = array_shift($dns); + $base= implode($dns,','); + //$base = $dn; + //$filter = '(objectclass=*)'; + + $result = @ldap_list($this->_link, $base, $filter, array(), 1, 1); + if (ldap_errno($this->_link) == 32) { + return false; + } + if (ldap_errno($this->_link) != 0) { + $this->raiseError(ldap_error($this->_link), ldap_errno($this->_link)); + } + if (@ldap_count_entries($this->_link, $result)) { + return true; + } + return false; + } + + + /** + * Get a specific entry based on the dn + * + * @param string dn + * @param array Array of Attributes to select + * @return object Net_LDAP_Entry or Net_LDAP_Error + */ + function &getEntry($dn, $attr = array('')) + { + $result = $this->search($dn, '(objectClass=*)', array('scope' => 'base', 'attributes' => $attr)); + if (Net_LDAP::isError($result)) { + return $result; + } + $entry = $result->shiftEntry(); + if (false == $entry) { + return $this->raiseError('Could not fetch entry'); + } + return $entry; + } + + + /** + * Returns the string for an ldap errorcode. + * + * Made to be able to make better errorhandling + * Function based on DB::errorMessage() + * Tip: The best description of the errorcodes is found here: http://www.directory-info.com/LDAP/LDAPErrorCodes.html + * + * @param int Error code + * @return string The errorstring for the error. + */ + function errorMessage($errorcode) + { + $errorMessages = array( + 0x00 => "LDAP_SUCCESS", + 0x01 => "LDAP_OPERATIONS_ERROR", + 0x02 => "LDAP_PROTOCOL_ERROR", + 0x03 => "LDAP_TIMELIMIT_EXCEEDED", + 0x04 => "LDAP_SIZELIMIT_EXCEEDED", + 0x05 => "LDAP_COMPARE_FALSE", + 0x06 => "LDAP_COMPARE_TRUE", + 0x07 => "LDAP_AUTH_METHOD_NOT_SUPPORTED", + 0x08 => "LDAP_STRONG_AUTH_REQUIRED", + 0x09 => "LDAP_PARTIAL_RESULTS", + 0x0a => "LDAP_REFERRAL", + 0x0b => "LDAP_ADMINLIMIT_EXCEEDED", + 0x0c => "LDAP_UNAVAILABLE_CRITICAL_EXTENSION", + 0x0d => "LDAP_CONFIDENTIALITY_REQUIRED", + 0x0e => "LDAP_SASL_BIND_INPROGRESS", + 0x10 => "LDAP_NO_SUCH_ATTRIBUTE", + 0x11 => "LDAP_UNDEFINED_TYPE", + 0x12 => "LDAP_INAPPROPRIATE_MATCHING", + 0x13 => "LDAP_CONSTRAINT_VIOLATION", + 0x14 => "LDAP_TYPE_OR_VALUE_EXISTS", + 0x15 => "LDAP_INVALID_SYNTAX", + 0x20 => "LDAP_NO_SUCH_OBJECT", + 0x21 => "LDAP_ALIAS_PROBLEM", + 0x22 => "LDAP_INVALID_DN_SYNTAX", + 0x23 => "LDAP_IS_LEAF", + 0x24 => "LDAP_ALIAS_DEREF_PROBLEM", + 0x30 => "LDAP_INAPPROPRIATE_AUTH", + 0x31 => "LDAP_INVALID_CREDENTIALS", + 0x32 => "LDAP_INSUFFICIENT_ACCESS", + 0x33 => "LDAP_BUSY", + 0x34 => "LDAP_UNAVAILABLE", + 0x35 => "LDAP_UNWILLING_TO_PERFORM", + 0x36 => "LDAP_LOOP_DETECT", + 0x3C => "LDAP_SORT_CONTROL_MISSING", + 0x3D => "LDAP_INDEX_RANGE_ERROR", + 0x40 => "LDAP_NAMING_VIOLATION", + 0x41 => "LDAP_OBJECT_CLASS_VIOLATION", + 0x42 => "LDAP_NOT_ALLOWED_ON_NONLEAF", + 0x43 => "LDAP_NOT_ALLOWED_ON_RDN", + 0x44 => "LDAP_ALREADY_EXISTS", + 0x45 => "LDAP_NO_OBJECT_CLASS_MODS", + 0x46 => "LDAP_RESULTS_TOO_LARGE", + 0x47 => "LDAP_AFFECTS_MULTIPLE_DSAS", + 0x50 => "LDAP_OTHER", + 0x51 => "LDAP_SERVER_DOWN", + 0x52 => "LDAP_LOCAL_ERROR", + 0x53 => "LDAP_ENCODING_ERROR", + 0x54 => "LDAP_DECODING_ERROR", + 0x55 => "LDAP_TIMEOUT", + 0x56 => "LDAP_AUTH_UNKNOWN", + 0x57 => "LDAP_FILTER_ERROR", + 0x58 => "LDAP_USER_CANCELLED", + 0x59 => "LDAP_PARAM_ERROR", + 0x5a => "LDAP_NO_MEMORY", + 0x5b => "LDAP_CONNECT_ERROR", + 0x5c => "LDAP_NOT_SUPPORTED", + 0x5d => "LDAP_CONTROL_NOT_FOUND", + 0x5e => "LDAP_NO_RESULTS_RETURNED", + 0x5f => "LDAP_MORE_RESULTS_TO_RETURN", + 0x60 => "LDAP_CLIENT_LOOP", + 0x61 => "LDAP_REFERRAL_LIMIT_EXCEEDED", + 1000 => "Unknown Net_LDAP error" + ); + + return isset($errorMessages[$errorcode]) ? $errorMessages[$errorcode] : $errorMessages[NET_LDAP_ERROR]; + } + + /** + * Tell whether value is a Net_LDAP_Error or not + * + * @access public + * @param mixed + * @return boolean + */ + function isError($value) + { + return (is_a($value, "Net_LDAP_Error") || parent::isError($value)); + } + + /** + * gets a root dse object + * + * @access public + * @author Jan Wagner + * @param array Array of attributes to search for + * @return object mixed Net_LDAP_Error or Net_LDAP_RootDSE + */ + function &rootDse($attrs = null) + { + require_once('Net/LDAP/RootDSE.php'); + + if (is_array($attrs) && count($attrs) > 0 ) { + $attributes = $attrs; + } else { + $attributes = array('namingContexts', + 'altServer', + 'supportedExtension', + 'supportedControl', + 'supportedSASLMechanisms', + 'supportedLDAPVersion', + 'subschemaSubentry' ); + } + $result = $this->search('', '(objectClass=*)', array('attributes' => $attributes, 'scope' => 'base')); + if (Net_LDAP::isError($result)) return $result; + + $entry = $result->shift_entry(); + if (false === $entry) return $this->raiseError('Could not fetch RootDSE entry'); + + return new Net_LDAP_RootDSE($entry); + } + + /** + * alias function of rootDse() for perl-ldap interface + * + * @access public + * @see rootDse() + */ + function &root_dse() + { + $args = func_get_args(); + return call_user_func_array(array($this, 'rootDse'), $args); + } + + /** + * get a schema object + * + * @access public + * @author Jan Wagner + * @param string Subschema entry dn + * @return object mixed Net_LDAP_Schema or Net_LDAP_Error + */ + function &schema($dn = null) + { + require_once('Net/LDAP/Schema.php'); + + $schema =& new Net_LDAP_Schema(); + + if (is_null($dn)) { + // get the subschema entry via root dse + $dse = $this->rootDSE(array('subschemaSubentry')); + if (false == Net_LDAP::isError($dse)) { + $base = $dse->getValue('subschemaSubentry', 'single'); + if (!Net_LDAP::isError($base)) { + $dn = $base; + } + } + } + if (is_null($dn)) { + $dn = 'cn=Subschema'; + } + + // fetch the subschema entry + $result = $this->search($dn, '(objectClass=*)', + array('attributes' => array_values($schema->types), 'scope' => 'base')); + if (Net_LDAP::isError($result)) { + return $result; + } + + $entry = $result->shift_entry(); + if (false === $entry) { + return $this->raiseError('Could not fetch Subschema entry'); + } + + $schema->parse($entry); + + return $schema; + } + + /** + * Encodes given attributes to UTF8 if needed + * + * This function takes attributes in an array and then checks against the schema if they need + * UTF8 encoding. If that is so, they will be encoded. An encoded array will be returned and + * can be used for adding or modifying. + * + * @access public + * @param array Array of attributes + * @return array Array of UTF8 encoded attributes + */ + function utf8Encode($attributes) + { + return $this->_utf8($attributes, 'utf8_encode'); + } + + /** + * Decodes the given attribute values + * + * @access public + * @param array Array of attributes + * @return array Array with decoded attribute values + */ + function utf8Decode($attributes) + { + return $this->_utf8($attributes, 'utf8_decode'); + } + + /** + * Encodes or decodes attribute values if needed + * + * @access private + * @param array Array of attributes + * @param array Function to apply to attribute values + * @return array Array of attributes with function applied to values + */ + function _utf8($attributes, $function) + { + if (!$this->_schema) { + $this->_schema = $this->schema(); + } + + if (!$this->_link || Net_LDAP::isError($this->_schema) || !function_exists($function)) { + return $attributes; + } + + if (is_array($attributes) && count($attributes) > 0) { + + foreach( $attributes as $k => $v ) { + + if (!isset($this->_schemaAttrs[$k])) { + + $attr = $this->_schema->get('attribute', $k); + if (Net_LDAP::isError($attr)) { + continue; + } + + if (false !== strpos($attr['syntax'], '1.3.6.1.4.1.1466.115.121.1.15')) { + $encode = true; + } else { + $encode = false; + } + $this->_schemaAttrs[$k] = $encode; + + } else { + $encode = $this->_schemaAttrs[$k]; + } + + if ($encode) { + if (is_array($v)) { + foreach ($v as $ak => $av) { + $v[$ak] = call_user_func($function, $av ); + } + } else { + $v = call_user_func($function, $v); + } + } + $attributes[$k] = $v; + } + } + return $attributes; + } +} + +/** + * Net_LDAP_Error implements a class for reporting portable LDAP error messages. + * + * @package Net_LDAP + */ +class Net_LDAP_Error extends PEAR_Error +{ + /** + * Net_LDAP_Error constructor. + * + * @param mixed Net_LDAP error code, or string with error message. + * @param integer what "error mode" to operate in + * @param integer what error level to use for $mode & PEAR_ERROR_TRIGGER + * @param mixed additional debug info, such as the last query + * @access public + * @see PEAR_Error + */ + function Net_LDAP_Error($code = NET_LDAP_ERROR, $mode = PEAR_ERROR_RETURN, + $level = E_USER_NOTICE, $debuginfo = null) + { + $mode = PEAR_ERROR_RETURN; + if (is_int($code)) { + $this->PEAR_Error('Net_LDAP_Error: ' . Net_LDAP::errorMessage($code), $code, $mode, $level, $debuginfo); + } else { + $this->PEAR_Error("Net_LDAP_Error: $code", NET_LDAP_ERROR, $mode, $level, $debuginfo); + } + } +} +?> diff --git a/thirdparty/pear/Net/LDAP/Entry.php b/thirdparty/pear/Net/LDAP/Entry.php new file mode 100644 index 0000000..cae1c13 --- /dev/null +++ b/thirdparty/pear/Net/LDAP/Entry.php @@ -0,0 +1,524 @@ + false, + 'modify' => false, + 'newEntry' => true + ); // since the entry is not changed before the update(); + + /** + * Net_LDAP_Schema object TO BE REMOVED + */ + var $_schema; + /**#@-*/ + + /** Constructor + * + * @param - link - ldap_resource_link, dn = string entry dn, attributes - array entry attributes array. + * @return - none + **/ + function Net_LDAP_Entry($link = null, $dn = null, $attributes = null) + { + if (!is_null($link)) { + $this->_link = $link; + } + if (!is_null($dn)) { + $this->_set_dn($dn); + } + if (is_array($attributes) && count($attributes) > 0) { + $this->_set_attributes($attributes); + } else { + $this->updateCheck['newEntry'] = true; + } + } + + /** + * Set the reasourcelink to the ldapserver. + * + * @access private + * @param resource LDAP link + */ + function _set_link(&$link) + { + $this->_link = $link; + } + + /** + * set the entrys DN + * + * @access private + * @param string + */ + function _set_dn($dn) + { + $this->_dn = $dn; + } + + /** + * sets the internal array of the entrys attributes. + * + * @access private + * @param array + */ + function _set_attributes($attributes= array()) + { + $this->_attrs = $attributes; + // this is the sign that the entry exists in the first place: + $this->updateCheck['newEntry'] = false; + } + + /** + * removes [count] entries from the array. + * + * remove all the count elements in the array: + * Used before ldap_modify, ldap_add + * + * @access private + * @return array Cleaned array of attributes + */ + function _clean_entry() + { + $attributes = array(); + + for ($i=0; $i < $this->_attrs['count'] ; $i++) { + + $attr = $this->_attrs[$i]; + + if ($this->_attrs[$attr]['count'] == 1) { + $attributes[$this->_attrs[$i]] = $this->_attrs[$attr][0]; + } else { + $attributes[$attr] = $this->_attrs[$attr]; + unset ($attributes[ $attr ]['count']); + } + } + + return $attributes; + + } + + /** + * returns an assosiative array of all the attributes in the array + * + * attributes - returns an assosiative array of all the attributes in the array + * of the form array ('attributename'=>'singelvalue' , 'attribute'=>array('multiple','values')) + * + * @param none + * @return array Array of attributes and values. + */ + function attributes() + { + return $this->_clean_entry(); + } + + /** + * Add one or more attribute to the entry + * + * The values given will be added to the values which already exist for the given attributes. + * usage: + * $entry->add ( array('sn'=>'huse',objectclass=>array(top,posixAccount))) + * + * @param array Array of attributes + * @return mixed Net_Ldap_Error if error, else true. + */ + function add($attr = array()) + { + if (!isset($this->_attrs['count'])) { + $this->_attrs['count'] = 0; + } + if (!is_array($attr)) { + return $this->raiseError("Net_LDAP::add : the parameter supplied is not an array, $attr", 1000); + } + /* if you passed an empty array, that is your problem! */ + if (count ($attr)==0) { + return true; + } + foreach ($attr as $k => $v ) { + // empty entrys should not be added to the entry. + if ($v == '') { + continue; + } + + if ($this->exists($k)) { + if (!is_array($this->_attrs[$k])) { + return $this->raiseError("Possible malformed array as parameter to Net_LDAP::add()."); + } + array_push($this->_attrs[$k],$v); + $this->_attrs[$k]['count']++; + } else { + $this->_attrs[$k][0] = $v; + $this->_attrs[$k]['count'] = 1; + $this->_attrs[$this->_attrs['count']] = $k; + $this->_attrs['count']++; + } + // Fix for bug #952 + if (empty($this->_addAttrs[$k])) { + $this->_addAttrs[$k] = array(); + } + if (false == is_array($v)) { + $v = array($v); + } + foreach ($v as $value) { + array_push($this->_addAttrs[$k], $value); + } + } + return true; + } + + /** + * Set or get the DN for the object + * + * If a new dn is supplied, this will move the object when running $obj->update(); + * + * @param string DN + */ + function dn($newdn = '') + { + if ($newdn == '') { + return $this->_dn; + } + + $this->_olddn = $this->_dn; + $this->_dn = $newdn; + $this->updateCheck['newdn'] = true; + } + + /** + * check if a certain attribute exists in the directory + * + * @param string attribute name. + * @return boolean + */ + function exists($attr) + { + if (array_key_exists($attr, $this->_attrs)) { + return true; + } + return false; + } + + /** + * get_value get the values for a attribute + * + * returns either an array or a string + * possible values for option: + * alloptions - returns an array with the values + a countfield. + * i.e.: array (count=>1, 'sn'=>'huse'); + * single - returns the, first value in the array as a string. + * + * @param $attr string attribute name + * @param $options array + */ + function get_value($attr = '', $options = '') + { + if (array_key_exists($attr, $this->_attrs)) { + + if ($options == 'single') { + if (is_array($this->_attrs[$attr])) { + return $this->_attrs[$attr][0]; + } else { + return $this->_attrs[$attr]; + } + } + + $value = $this->_attrs[$attr]; + + if (!$options == 'alloptions') { + unset ($value['count']); + } + return $value; + } else { + return ''; + } + } + + /** + * add/delete/modify attributes + * + * this function tries to do all the things that replace(),delete() and add() does on an object. + * Syntax: + * array ( 'attribute' => newval, 'delattribute' => '', newattrivute => newval); + * Note: You cannot use this function to modify parts of an attribute. You must modify the whole attribute. + * You may call the function many times before running $entry->update(); + * + * @param array attributes to be modified + * @return mixed errorObject if failure, true if success. + */ + function modify($attrs = array()) { + + if (!is_array($attrs) || count ($attrs) < 1 ) { + return $this->raiseError("You did not supply an array as expected",1000); + } + + foreach ($attrs as $k => $v) { + // empty values are deleted (ldap v3 handling is in update() ) + if ($v == '' && $this->exists($k)) { + $this->_delAttrs[$k] = ''; + continue; + } + /* existing attributes are modified*/ + if ($this->exists($k) ) { + if (is_array($v)) { + $this->_modAttrs[$k] = $v; + } else { + $this->_modAttrs[$k][0] = $v; + } + } else { + /* new ones are created */ + if (is_array($v) ) { + // an empty array is deleted... + if (count($v) == 0 ) { + $this->_delAttrs[$k] = ''; + } else { + $this->_addAttrs[$k] = $v; + } + } else { + // dont't add empty attributes + if ($v != null) $this->_addAttrs[$k][0] = $v; + } + } + } + return true; + } + + + /** + * replace a certain attributes value + * + * replace - replace a certain attributes value + * example: + * $entry->replace(array('uid'=>array('tarjei'))); + * + * @param array attributes to be replaced + * @return mixed error if failure, true if sucess. + */ + function replace($attrs = array() ) + { + foreach ($attrs as $k => $v) { + + if ($this->exists($k)) { + + if (is_array($v)) { + $this->_attrs[$k] = $v; + $this->_attrs[$k]['count'] = count($v); + $this->_modAttrs[$k] = $v; + } else { + $this->_attrs[$k]['count'] = 1; + $this->_attrs[$k][0] = $v; + $this->_modAttrs[$k][0] = $v; + } + } else { + return $this->raiseError("Attribute $k does not exist",16); // 16 = no such attribute exists. + } + } + return true; + } + + /** + * delete attributes + * + * Use this function to delete certain attributes from an object. + * + * @param - array of attributes to be deleted + * @return mixed Net_Ldap_Error if failure, true if success. + */ + function delete($attrs = array()) + { + foreach ($attrs as $k => $v) { + + if ($this->exists ($k)) { + // if v is a null, then remove the whole attribute, else only the value. + if ($v == '') { + unset($this->_attrs[$k]); + $this->_delAttrs[$k] = ""; + // else we remove only the correct value. + } else { + for ($i = 0;$i< $this->_attrs[$k]['count'];$i++) { + if ($this->_attrs[$k][$i] == $v ) { + unset ($this->_attrs[$k][$i]); + $this->_delAttrs[$k] = $v; + continue; + } + } + } + } else { + $this->raiseError("You tried to delete a nonexisting attribute!",16); + } + } + return true; + } + + /** + * update the Entry in LDAP + * + * After modifying an object, you must run update() to + * make the updates on the ldap server. Before that, they only exists in the object. + * + * @param object Net_LDAP + * @return mixed Net_LDAP_Error object on failure or true on success + */ + function update ($ldapObject = null) + { + if ($ldapObject == null && $this->_link == null ) { + $this->raiseError("No link to database"); + } + + if ($ldapObject != null) { + $this->_link =& $ldapObject->_link; + } + + //if it's a new + if ($this->updateCheck['newdn'] && !$this->updateCheck['newEntry']) { + if (@ldap_get_option( $this->_link, LDAP_OPT_PROTOCOL_VERSION, $version) && $version != 3) { + return $this->raiseError("Moving or renaming an dn is only supported in LDAP V3!", 80); + } + + $newparent = ldap_explode_dn($this->_dn, 0); + unset($newparent['count']); + $relativeDn = array_shift($newparent); + $newparent = join(',', $newparent); + + if (!@ldap_rename($this->_link, $this->_olddn, $relativeDn, $newparent, true)) { + return $this->raiseError("DN not renamed: " . ldap_error($this->_link), ldap_errno($this->_link)); + } + } + + if ($this->updateCheck['newEntry']) { + //print "
"; print_r($this->_clean_entry()); + + if (!@ldap_add($this->_link, $this->dn(), $this->_clean_entry()) ) { + return $this->raiseError("Entry" . $this->dn() . " not added!" . + ldap_error($this->_link), ldap_errno($this->_link)); + } else { + return true; + } + // update existing entry + } else { + $this->_error['first'] = $this->_modAttrs; + $this->_error['count'] = count($this->_modAttrs); + + // modified attributes + if (( count($this->_modAttrs)>0) && + !ldap_modify($this->_link, $this->dn(), $this->_modAttrs)) + { + return $this->raiseError("Entry " . $this->dn() . " not modified(attribs not modified): " . + ldap_error($this->_link),ldap_errno($this->_link)); + } + + // attributes to be deleted + if (( count($this->_delAttrs) > 0 )) + { + // in ldap v3 we need to supply the old attribute values for deleting + if (@ldap_get_option( $this->_link, LDAP_OPT_PROTOCOL_VERSION, $version) && $version == 3) { + foreach ( $this->_delAttrs as $k => $v ) { + if ( $v == '' && $this->exists($k) ) { + $this->_delAttrs[$k] = $this->get_value( $k ); + } + } + } + if ( !ldap_mod_del($this->_link, $this->dn(), $this->_delAttrs) ) { + return $this->raiseError("Entry " . $this->dn() . " not modified (attributes not deleted): " . + ldap_error($this->_link),ldap_errno($this->_link)); + } + } + + // new attributes + if ((count($this->_addAttrs)) > 0 && !ldap_modify($this->_link, $this->dn(), $this->_addAttrs)) { + return $this->raiseError( "Entry " . $this->dn() . " not modified (attributes not added): " . + ldap_error($this->_link),ldap_errno($this->_link)); + } + return true; + } + } +} + +?> diff --git a/thirdparty/pear/Net/LDAP/RootDSE.php b/thirdparty/pear/Net/LDAP/RootDSE.php new file mode 100644 index 0000000..54dee47 --- /dev/null +++ b/thirdparty/pear/Net/LDAP/RootDSE.php @@ -0,0 +1,192 @@ + + * @version $Revision$ + */ +class Net_LDAP_RootDSE extends PEAR +{ + /** + * @access private + * @var object Net_LDAP_Entry + **/ + var $_entry; + + /** + * class constructor + * + * @param object Net_LDAP_Entry + */ + function Net_LDAP_RootDSE(&$entry) + { + $this->_entry = $entry; + } + + /** + * Gets the requested attribute value + * + * Same usuage as Net_LDAP_Entry::get_value() + * + * @access public + * @param string Attribute name + * @param array Array of options + * @return mixed Net_LDAP_Error object or attribute values + * @see Net_LDAP_Entry::get_value() + */ + function getValue($attr = '', $options = '') + { + return $this->_entry->get_value($attr, $options); + } + + /** + * alias function of getValue() for perl-ldap interface + * + * @see getValue() + */ + function get_value() + { + $args = func_get_args(); + return call_user_func_array(array($this, 'getValue' ), $args); + } + + /** + * Determines if the extension is supported + * + * @access public + * @param array Array of oids to check + * @return boolean + */ + function supportedExtension($oids) + { + return $this->_checkAttr($oids, 'supportedExtension'); + } + + /** + * alias function of supportedExtension() for perl-ldap interface + * + * @see supportedExtension() + */ + function supported_extension() + { + $args = func_get_args(); + return call_user_func_array(array($this, 'supportedExtension'), $args); + } + + /** + * Determines if the version is supported + * + * @access public + * @param array Versions to check + * @return boolean + */ + function supportedVersion($versions) + { + return $this->_checkAttr($versions, 'supportedLDAPVersion'); + } + + /** + * alias function of supportedVersion() for perl-ldap interface + * + * @see supportedVersion() + */ + function supported_version() + { + $args = func_get_args(); + return call_user_func_array(array($this, 'supportedVersion'), $args); + } + + /** + * Determines if the control is supported + * + * @access public + * @param array Control oids to check + * @return boolean + */ + function supportedControl($oids) + { + return $this->_checkAttr($oids, 'supportedControl'); + } + + /** + * alias function of supportedControl() for perl-ldap interface + * + * @see supportedControl() + */ + function supported_control() + { + $args = func_get_args(); + return call_user_func_array(array($this, 'supportedControl' ), $args); + } + + /** + * Determines if the sasl mechanism is supported + * + * @access public + * @param array SASL mechanisms to check + * @return boolean + */ + function supportedSASLMechanism($mechlist) + { + return $this->_checkAttr($mechlist, 'supportedSASLMechanisms'); + } + + /** + * alias function of supportedSASLMechanism() for perl-ldap interface + * + * @see supportedSASLMechanism() + */ + function supported_sasl_mechanism() + { + $args = func_get_args(); + return call_user_func_array(array($this, 'supportedSASLMechanism'), $args); + } + + /** + * Checks for existance of value in attribute + * + * @access private + * @param array $values values to check + * @param attr $attr attribute name + * @return boolean + */ + function _checkAttr($values, $attr) + { + if (!is_array($values)) $values = array($values); + + foreach ($values as $value) { + if (!@in_array($value, $this->get_value($attr))) { + return false; + } + } + return true; + } +} + +?> \ No newline at end of file diff --git a/thirdparty/pear/Net/LDAP/Schema.php b/thirdparty/pear/Net/LDAP/Schema.php new file mode 100644 index 0000000..75e0322 --- /dev/null +++ b/thirdparty/pear/Net/LDAP/Schema.php @@ -0,0 +1,355 @@ + + * @version $Revision$ + */ + class Net_LDAP_Schema extends PEAR + { + /** + * Map of entry types to ldap attributes of subschema entry + * + * @access public + * @var array + */ + var $types = array('attribute' => 'attributeTypes', + 'ditcontentrule' => 'dITContentRules', + 'ditstructurerule' => 'dITStructureRules', + 'matchingrule' => 'matchingRules', + 'matchingruleuse' => 'matchingRuleUse', + 'nameform' => 'nameForms', + 'objectclass' => 'objectClasses', + 'syntax' => 'ldapSyntaxes'); + + /**#@+ + * Array of entries belonging to this type + * + * @access private + * @var array + */ + var $_attributeTypes = array(); + var $_matchingRules = array(); + var $_matchingRuleUse = array(); + var $_ldapSyntaxes = array(); + var $_objectClasses = array(); + var $_dITContentRules = array(); + var $_dITStructureRules = array(); + var $_nameForms = array(); + /**#@-*/ + + /** + * hash of all fetched oids + * + * @access private + * @var array + */ + var $_oids = array(); + + /** + * constructor of the class + * + * @access protected + */ + function Net_LDAP_Schema() + { + $this->PEAR('Net_LDAP_Error'); // default error class + } + + /** + * Return a hash of entries for the given type + * + * Returns a hash of entry for th givene type. Types may be: + * objectclasses, attributes, ditcontentrules, ditstructurerules, matchingrules, + * matchingruleuses, nameforms, syntaxes + * + * @access public + * @param string Type to fetch + * @return mixed Array or Net_LDAP_Error + */ + function &getAll($type) + { + $map = array('objectclasses' => &$this->_objectClasses, + 'attributes' => &$this->_attributeTypes, + 'ditcontentrules' => &$this->_dITContentRules, + 'ditstructurerules' => &$this->_dITStructureRules, + 'matchingrules' => &$this->_matchingRules, + 'matchingruleuses' => &$this->_matchingRuleUse, + 'nameforms' => &$this->_nameForms, + 'syntaxes' => &$this->_ldapSyntaxes ); + + $key = strtolower($type); + return ((key_exists($key, $map)) ? $map[$key] : $this->raiseError("Unknown type $type")); + } + + /** + * Return a specific entry + * + * @access public + * @param string Type of name + * @param string Name or OID to fetch + * @return mixed Entry or Net_LDAP_Error + */ + function &get($type, $name) + { + $type = strtolower($type); + if (false == key_exists($type, $this->types)) { + return $this->raiseError("No such type $type"); + } + + $name = strtolower($name); + $type_var = &$this->{'_' . $this->types[$type]}; + + if( key_exists($name, $type_var)) { + return $type_var[$name]; + } elseif(key_exists($name, $this->_oids) && $this->_oids[$name]['type'] == $type) { + return $this->_oids[$name]; + } else { + return $this->raiseError("Could not find $type $name"); + } + } + + + /** + * Fetches attributes that MAY be present in the given objectclass + * + * @access public + * @param string Name or OID of objectclass + * @return mixed Array with attributes or Net_LDAP_Error + */ + function may($oc) + { + return $this->_getAttr($oc, 'may'); + } + + /** + * Fetches attributes that MUST be present in the given objectclass + * + * @access public + * @param string Name or OID of objectclass + * @return mixed Array with attributes or Net_LDAP_Error + */ + function must($oc) + { + return $this->_getAttr($oc, 'must'); + } + + /** + * Fetches the given attribute from the given objectclass + * + * @access private + * @param string Name or OID of objectclass + * @param string Name of attribute to fetch + * @return mixed The attribute or Net_LDAP_Error + */ + function _getAttr($oc, $attr) + { + $oc = strtolower($oc); + if (key_exists($oc, $this->_objectClasses) && key_exists($attr, $this->_objectClasses[$oc])) { + return $this->_objectClasses[$oc][$attr]; + } + elseif (key_exists($oc, $this->_oids) && + $this->_oids[$oc]['type'] == 'objectclass' && + key_exists($attr, $this->_oids[$oc])) { + return $this->_oids[$oc][$attr]; + } else { + return $this->raiseError("Could not find $attr attributes for $oc "); + } + } + + /** + * Returns the name(s) of the immediate superclass(es) + * + * @param string Name or OID of objectclass + * @return mixed Array of names or Net_LDAP_Error + */ + function superclass($oc) + { + $o = $this->get('objectclass', $oc); + if (Net_LDAP::isError($o)) { + return $o; + } + return (key_exists('sup', $o) ? $o['sup'] : array()); + } + + /** + * Parses the schema of the given Subschema entry + * + * @access public + * @param object Net_LDAP_Entry Subschema entry + */ + function parse(&$entry) + { + foreach ($this->types as $type => $attr) + { + // initialize map type to entry + $type_var = '_' . $attr; + $this->{$type_var} = array(); + + // get values for this type + $values = $entry->get_value($attr); + + if (is_array($values)) + { + foreach ($values as $value) { + + unset($schema_entry); // this was a real mess without it + + // get the schema entry + $schema_entry = $this->_parse_entry($value); + + // set the type + $schema_entry['type'] = $type; + + // save a ref in $_oids + $this->_oids[$schema_entry['oid']] =& $schema_entry; + + // save refs for all names in type map + $names = $schema_entry['aliases']; + array_push($names, $schema_entry['name']); + foreach ($names as $name) { + $this->{$type_var}[strtolower($name)] =& $schema_entry; + } + } + } + } + } + + /** + * parses an attribute value into a schema entry + * + * @access private + * @param string Attribute value + * @return mixed Schema entry array or false + */ + function &_parse_entry($value) + { + // tokens that have no value associated + $noValue = array('single-value', + 'obsolete', + 'collective', + 'no-user-modification', + 'abstract', + 'structural', + 'auxiliary'); + + // tokens that can have multiple values + $multiValue = array('must', 'may', 'sup'); + + $schema_entry = array('aliases' => array()); // initilization + + $tokens = $this->_tokenize($value); // get an array of tokens + + // remove surrounding brackets + if ($tokens[0] == '(') array_shift($tokens); + if ($tokens[count($tokens) - 1] == ')') array_pop($tokens); // -1 doesnt work on arrays :-( + + $schema_entry['oid'] = array_shift($tokens); // first token is the oid + + // cycle over the tokens until none are left + while (count($tokens) > 0) { + $token = strtolower(array_shift($tokens)); + if (in_array($token, $noValue)) { + $schema_entry[$token] = 1; // single value token + } else { + // this one follows a string or a list if it is multivalued + if (($schema_entry[$token] = array_shift($tokens)) == '(') { + // this creates the list of values and cycles through the tokens + // until the end of the list is reached ')' + $schema_entry[$token] = array(); + while ($tmp = array_shift($tokens)) { + if ($tmp == ')') break; + if ($tmp != '$') array_push($schema_entry[$token], $tmp); + } + } + // create a array if the value should be multivalued but was not + if (in_array($token, $multiValue ) && !is_array($schema_entry[$token])) { + $schema_entry[$token] = array($schema_entry[$token]); + } + } + } + // get max length from syntax + if (key_exists('syntax', $schema_entry)) { + if (preg_match('/{(\d+)}/', $schema_entry['syntax'], $matches)) { + $schema_entry['max_length'] = $matches[1]; + } + } + // force a name + if (empty($schema_entry['name'])) { + $schema_entry['name'] = $schema_entry['oid']; + } + // make one name the default and put the other ones into aliases + if (is_array($schema_entry['name'])) { + $aliases = $schema_entry['name']; + $schema_entry['name'] = array_shift($aliases); + $schema_entry['aliases'] = $aliases; + } + return $schema_entry; + } + + /** + * tokenizes the given value into an array of tokens + * + * @access private + * @param string String to parse + * @return array Array of tokens + */ + function _tokenize($value) + { + $tokens = array(); // array of tokens + $matches = array(); // matches[0] full pattern match, [1,2,3] subpatterns + + // this one is taken from perl-ldap, modified for php + $pattern = "/\s* (?:([()]) | ([^'\s()]+) | '((?:[^']+|'[^\s)])*)') \s*/x"; + + /** + * This one matches one big pattern wherin only one of the three subpatterns matched + * We are interested in the subpatterns that matched. If it matched its value will be + * non-empty and so it is a token. Tokens may be round brackets, a string, or a string + * enclosed by ' + */ + preg_match_all($pattern, $value, $matches); + + for ($i = 0; $i < count($matches[0]); $i++) { // number of tokens (full pattern match) + for ($j = 1; $j < 4; $j++) { // each subpattern + if (null != trim($matches[$j][$i])) { // pattern match in this subpattern + $tokens[$i] = trim($matches[$j][$i]); // this is the token + } + } + } + return $tokens; + } + } + +?> \ No newline at end of file diff --git a/thirdparty/pear/Net/LDAP/Search.php b/thirdparty/pear/Net/LDAP/Search.php new file mode 100644 index 0000000..7e3f117 --- /dev/null +++ b/thirdparty/pear/Net/LDAP/Search.php @@ -0,0 +1,245 @@ +_setSearch($search, $link); + $this->_errorCode = ldap_errno($link); + } + + /** + * Returns an assosiative array of entry objects + * + * @return array Array of entry objects. + */ + function entries() + { + if ($this->count() == 0) { + return array(); + } + + $this->_elink = @ldap_first_entry( $this->_link,$this->_search); + $entry = new Net_LDAP_Entry($this->_link, + @ldap_get_dn($this->_link, $this->_elink), + @ldap_get_attributes($this->_link, $this->_elink)); + array_push($this->_entries, $entry); + + while ($this->_elink = @ldap_next_entry($this->_link,$this->_elink)) { + $entry = new Net_LDAP_Entry($this->_link, + @ldap_get_dn($this->_link, $this->_elink), + @ldap_get_attributes($this->_link, $this->_elink)); + array_push($this->_entries, $entry); + } + return $this->_entries; + } + + /** + * Get the next entry in the searchresult. + * + * @return mixed Net_LDAP_Entry object or false + */ + function shiftEntry() + { + if ($this->count() == 0 ) { + return false; + } + + if (is_null($this->_elink)) { + $this->_elink = @ldap_first_entry($this->_link, $this->_search); + $entry = new Net_LDAP_Entry($this->_link, + ldap_get_dn($this->_link, $this->_elink), + ldap_get_attributes($this->_link, $this->_elink)); + } else { + if (!$this->_elink = ldap_next_entry($this->_link, $this->_elink)) { + return false; + } + $entry = new Net_LDAP_Entry($this->_link, + ldap_get_dn($this->_link,$this->_elink), + ldap_get_attributes($this->_link,$this->_elink)); + } + return $entry; + } + + /** + * alias function of shiftEntry() for perl-ldap interface + * + * @see shiftEntry() + */ + function shift_entry() + { + $args = func_get_args(); + return call_user_func_array(array($this, 'shiftEntry'), $args); + } + + /** + * Retrieve the last entry of the searchset. NOT IMPLEMENTED + * + * @return object Net_LDAP_Error + */ + function pop_entry () + { + $this->raiseError("Not implemented"); + } + + /** + * Return entries sorted NOT IMPLEMENTED + * + * @param array Array of sort attributes + * @return object Net_LDAP_Error + */ + function sorted ($attrs = array()) + { + $this->raiseError("Not impelented"); + } + + /** + * Return entries as object NOT IMPLEMENTED + * + * @return object Net_LDAP_Error + */ + function as_struct () + { + $this->raiseError("Not implemented"); + } + + /** + * Set the searchobjects resourcelinks + * + * @access private + * @param resource Search result identifier + * @param resource Resource link identifier + */ + function _setSearch(&$search,&$link) + { + $this->_search = $search; + $this->_link = $link; + } + + /** + * Returns the number of entries in the searchresult + * + * @return int Number of entries in search. + */ + function count() + { + /* this catches the situation where OL returned errno 32 = no such object! */ + if (!$this->_search) { + return 0; + } + return @ldap_count_entries($this->_link, $this->_search); + } + + /** + * Get the errorcode the object got in its search. + * + * @return int The ldap error number. + */ + function getErrorCode() + { + return $this->_errorCode; + } + + /** Destructor + * + * @access protected + */ + function _Net_LDAP_Search() + { + @ldap_free_result($this->_search); + } + + /** + * Closes search result + */ + function done() + { + $this->_Net_LDAP_Search(); + } +} + +?> diff --git a/thirdparty/pear/Net/LDAP/Util.php b/thirdparty/pear/Net/LDAP/Util.php new file mode 100644 index 0000000..6a99169 --- /dev/null +++ b/thirdparty/pear/Net/LDAP/Util.php @@ -0,0 +1,132 @@ + + * @version $Revision$ + */ +class Net_LDAP_Util extends PEAR +{ + /** + * Reference to LDAP object + * + * @access private + * @var object Net_LDAP + */ + var $_ldap = null; + + /** + * Net_LDAP_Schema object + * + * @access private + * @var object Net_LDAP_Schema + */ + var $_schema = null; + + /** + * Constructur + * + * Takes an LDAP object by reference and saves it. Then the schema will be fetched. + * + * @access public + * @param object Net_LDAP + */ + function Net_LDAP_Util(&$ldap) + { + if (is_object($ldap) && (strtolower(get_class($ldap)) == 'net_ldap')) { + $this->_ldap = $ldap; + $this->_schema = $this->_ldap->schema(); + if (Net_LDAP::isError($this->_schema)) $this->_schema = null; + } + } + + /** + * Encodes given attributes to UTF8 if needed + * + * This function takes attributes in an array and then checks against the schema if they need + * UTF8 encoding. If that is so, they will be encoded. An encoded array will be returned and + * can be used for adding or modifying. + * + * @access public + * @param array Array of attributes + * @return array Array of UTF8 encoded attributes + */ + function utf8Encode($attributes) + { + return $this->_utf8($attributes, 'utf8_encode'); + } + + /** + * Decodes the given attribute values + * + * @access public + * @param array Array of attributes + * @return array Array with decoded attribute values + */ + function utf8Decode($attributes) + { + return $this->_utf8($attributes, 'utf8_decode'); + } + + /** + * Encodes or decodes attribute values if needed + * + * @access private + * @param array Array of attributes + * @param array Function to apply to attribute values + * @return array Array of attributes with function applied to values + */ + function _utf8($attributes, $function) + { + if (!$this->_ldap || !$this->_schema || !function_exists($function)) { + return $attributes; + } + if (is_array($attributes) && count($attributes) > 0) { + foreach( $attributes as $k => $v ) { + $attr = $this->_schema->get('attribute', $k); + if (Net_LDAP::isError($attr)) { + continue; + } + if (false !== strpos($attr['syntax'], '1.3.6.1.4.1.1466.115.121.1.15')) { + if (is_array($v)) { + foreach ($v as $ak => $av ) { + $v[$ak] = call_user_func($function, $av ); + } + } else { + $v = call_user_func($function, $v); + } + } + $attributes[$k] = $v; + } + } + return $attributes; + } +} + +?> diff --git a/thirdparty/pear/Net/LDAP/fg.php b/thirdparty/pear/Net/LDAP/fg.php new file mode 100644 index 0000000..a7f0bfd --- /dev/null +++ b/thirdparty/pear/Net/LDAP/fg.php @@ -0,0 +1,38 @@ + $oAuthenticator->sSearchUser, + 'password' => $oAuthenticator->sSearchPassword, + 'host' => $oAuthenticator->sLdapServer, + 'base' => $oAuthenticator->sBaseDN, +); + +$oLdap =& Net_LDAP::connect($config); +if (PEAR::isError($oLdap)) { + var_dump($oLdap); + exit(0); +} + +$aParams = array( + 'scope' => 'sub', + 'attributes' => array('cn', 'dn', 'displayClass'), +); +$rootDn = $oAuthenticator->sBaseDN; +if (is_array($rootDn)) { + $rootDn = join(",", $rootDn); +} +$oResults = $oLdap->search($rootDn, '(objectClass=group)', $aParams); +foreach ($oResults->entries() as $oEntry) { + var_dump($oEntry->dn()); +} +