Peter M. Groen / knowledgetree

Commit 4c8280fbef2dea855495371d6ba327e7025b236b

Authored by nbm
1 parent 5d45e263

Add Net_LDAP 0.6.6 from PEAR, licensed under the GNU LGPL 


git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@4831 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 7 changed files with 2551 additions and 0 deletions
thirdparty/pear/Net/LDAP.php 0 → 100644
  View file @4c8280f
  1 +<?php
  2 +/* vim: set expandtab tabstop=4 shiftwidth=4: */
  3 +// +--------------------------------------------------------------------------+
  4 +// | Net_LDAP |
  5 +// +--------------------------------------------------------------------------+
  6 +// | Copyright (c) 1997-2003 The PHP Group |
  7 +// +--------------------------------------------------------------------------+
  8 +// | This library is free software; you can redistribute it and/or |
  9 +// | modify it under the terms of the GNU Lesser General Public |
  10 +// | License as published by the Free Software Foundation; either |
  11 +// | version 2.1 of the License, or (at your option) any later version. |
  12 +// | |
  13 +// | This library is distributed in the hope that it will be useful, |
  14 +// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
  15 +// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
  16 +// | Lesser General Public License for more details. |
  17 +// | |
  18 +// | You should have received a copy of the GNU Lesser General Public |
  19 +// | License along with this library; if not, write to the Free Software |
  20 +// | Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
  21 +// +--------------------------------------------------------------------------+
  22 +// | Authors: Tarjej Huse |
  23 +// | Jan Wagner |
  24 +// +--------------------------------------------------------------------------+
  25 +//
  26 +// $Id$
  27 +
  28 +require_once('PEAR.php');
  29 +require_once('LDAP/Entry.php');
  30 +require_once('LDAP/Search.php');
  31 +
  32 +
  33 +/**
  34 + * Error constants for errors that are not LDAP errors
  35 + */
  36 +
  37 +define ('NET_LDAP_ERROR', 1000);
  38 +
  39 +
  40 +/**
  41 + * Net_LDAP - manipulate LDAP servers the right way!
  42 + *
  43 + * @author Tarjei Huse
  44 + * @author Jan Wagner
  45 + * @version $Revision$
  46 + * @package Net_LDAP
  47 + */
  48 + class Net_LDAP extends PEAR
  49 +{
  50 + /**
  51 + * Class configuration array
  52 + *
  53 + * dn = the DN to bind as.
  54 + * host = the ldap host to connect to
  55 + * password = no explanation needed
  56 + * base = ldap base
  57 + * port = the server port
  58 + * tls = when set, ldap_start_tls() is run after connecting.
  59 + * version = ldap version (defaults to v 3)
  60 + * filter = default search filter
  61 + * scope = default search scope
  62 + *
  63 + * @access private
  64 + * @var array
  65 + */
  66 + var $_config = array('dn' => '',
  67 + 'host' => 'localhost',
  68 + 'password' => '',
  69 + 'tls' => false,
  70 + 'base' => '',
  71 + 'port' => 389,
  72 + 'version' => 3,
  73 + 'options' => array(),
  74 + 'filter' => '(objectClass=*)',
  75 + 'scope' => 'sub');
  76 +
  77 + /**
  78 + * LDAP resource link.
  79 + *
  80 + * @access private
  81 + * @var resource
  82 + */
  83 + var $_link;
  84 +
  85 + /**
  86 + * Net_LDAP Release Version
  87 + *
  88 + * @access private
  89 + * @var string
  90 + */
  91 + var $_version = "0.6.6";
  92 +
  93 + /**
  94 + * Net_LDAP_Schema object
  95 + *
  96 + * @access private
  97 + * @var object Net_LDAP_Schema
  98 + */
  99 + var $_schema = null;
  100 +
  101 + /**
  102 + * Cache for attribute encoding checks
  103 + *
  104 + * @access private
  105 + * @var array Hash with attribute names as key and boolean value
  106 + * to determine whether they should be utf8 encoded or not.
  107 + */
  108 + var $_schemaAttrs = array();
  109 +
  110 + /**
  111 + * Net_LDAP constructor
  112 + *
  113 + * Sets the config array
  114 + *
  115 + * @access protected
  116 + * @param array Configuration array
  117 + * @return void
  118 + * @see $_config
  119 + */
  120 + function Net_LDAP($_config = array())
  121 + {
  122 + $this->PEAR('Net_LDAP_Error');
  123 +
  124 + foreach ($_config as $k => $v) {
  125 + $this->_config[$k] = $v;
  126 + }
  127 + }
  128 +
  129 + /**
  130 + * Creates the initial ldap-object
  131 + *
  132 + * Static function that returns either an error object or the new Net_LDAP object.
  133 + * Something like a factory. Takes a config array with the needed parameters.
  134 + *
  135 + * @access public
  136 + * @param array Configuration array
  137 + * @return mixed object Net_LDAP_Error or Net_LDAP
  138 + * @see $_config
  139 + */
  140 + function &connect($config = array())
  141 + {
  142 + if (!function_exists('ldap_connect')){
  143 + return $this->raiseError("It seems that you do not have the ldap-extension installed. Please install it before using this package.");
  144 + }
  145 + @$obj =& new Net_LDAP($config);
  146 + $err = $obj->bind();
  147 +
  148 + if (Net_LDAP::isError($err)) {
  149 + return $err;
  150 + }
  151 + return $obj;
  152 + }
  153 +
  154 + /**
  155 + * Bind to the ldap-server
  156 + *
  157 + * The function may be used if you do not create the object using Net_LDAP::connect.
  158 + *
  159 + * @access public
  160 + * @param array Configuration array
  161 + * @return mixed Net_LDAP_Error or true
  162 + * @see $_config
  163 + */
  164 + function bind($config = array())
  165 + {
  166 + foreach ($config as $k => $v) {
  167 + $this->_config[$k] = $v;
  168 + }
  169 +
  170 + if ($this->_config['host']) {
  171 + $this->_link = @ldap_connect($this->_config['host'], $this->_config['port']);
  172 + } else {
  173 + return $this->raiseError("Host not defined in config. {$this->_config['host']}");
  174 + }
  175 +
  176 + if (!$this->_link) {
  177 + // there is no good errorcode for this one! I chose 52.
  178 + return $this->raiseError("Could not connect to server. ldap_connect failed.", 52);
  179 + }
  180 + // You must set the version and start tls BEFORE binding!
  181 +
  182 + if ($this->_config['version'] != 2 && Net_LDAP::isError($msg = $this->setLDAPVersion())) {
  183 + return $msg;
  184 + }
  185 +
  186 + if ($this->_config['tls'] && Net_LDAP::isError($msg = $this->startTLS())) {
  187 + return $msg;
  188 + }
  189 +
  190 + if (isset($this->_config['options']) &&
  191 + is_array($this->_config['options']) &&
  192 + count($this->_config['options']))
  193 + {
  194 + foreach ($this->_config['options'] as $opt => $val) {
  195 + $err = $this->setOption($opt, $val);
  196 + if (Net_LDAP::isError($err)) {
  197 + return $err;
  198 + }
  199 + }
  200 + }
  201 +
  202 + if (isset($this->_config['dn']) && isset($this->_config['password'])) {
  203 + $bind = @ldap_bind($this->_link, $this->_config['dn'], $this->_config['password']);
  204 + } else {
  205 + $bind = @ldap_bind($this->_link);
  206 + }
  207 +
  208 + if (!$bind) {
  209 + return $this->raiseError("Bind failed " . @ldap_error($this->_link), @ldap_errno($this->_link));
  210 + }
  211 +
  212 + return true;
  213 + }
  214 +
  215 + /**
  216 + * ReBind to the ldap-server using another dn and password
  217 + *
  218 + * The function may be used if you do not create the object using Net_LDAP::connect.
  219 + *
  220 + * @access public
  221 + * @param string $dn - the DN to bind as.
  222 + * string $password - the bassword to use.
  223 + * @return mixed Net_LDAP_Error or true
  224 + * @see $_config
  225 + */
  226 +
  227 + function reBind ($dn = null, $password = null)
  228 + {
  229 +
  230 + if ($dn && $password ) {
  231 + $bind = @ldap_bind($this->_link, $dn, $password);
  232 + } else {
  233 + $bind = @ldap_bind($this->_link);
  234 + }
  235 +
  236 + if (!$bind) {
  237 + return $this->raiseError("Bind failed " . @ldap_error($this->_link), @ldap_errno($this->_link));
  238 + }
  239 + return true;
  240 + }
  241 +
  242 + /**
  243 + * Starts an encrypted session
  244 + *
  245 + * @access public
  246 + * @return mixed True or Net_LDAP_Error
  247 + */
  248 + function startTLS()
  249 + {
  250 + if (!@ldap_start_tls($this->_link)) {
  251 + return $this->raiseError("TLS not started. Error:" . @ldap_error($this->_link), @ldap_errno($this->_link));
  252 + }
  253 + return true;
  254 + }
  255 +
  256 + /**
  257 + * alias function of startTLS() for perl-ldap interface
  258 + *
  259 + * @see startTLS()
  260 + */
  261 + function start_tls()
  262 + {
  263 + $args = func_get_args();
  264 + return call_user_func_array(array($this, 'startTLS' ), $args);
  265 + }
  266 +
  267 + /**
  268 + * Close LDAP connection.
  269 + *
  270 + * Closes the connection. Use this when the session is over.
  271 + *
  272 + * @return void
  273 + */
  274 + function done()
  275 + {
  276 + $this->_Net_LDAP();
  277 + }
  278 +
  279 + /**
  280 + * Destructor
  281 + *
  282 + * @access private
  283 + */
  284 + function _Net_LDAP()
  285 + {
  286 + @ldap_close($this->_link);
  287 + }
  288 +
  289 + /**
  290 + * Add a new entryobject to a directory.
  291 + *
  292 + * Use add to add a new Net_LDAP_Entry object to the directory.
  293 + *
  294 + * @param object Net_LDAP_Entry
  295 + * @return mixed Net_LDAP_Error or true
  296 + */
  297 + function add($entry)
  298 + {
  299 + if (@ldap_add($this->_link, $entry->dn(), $entry->attributes())) {
  300 + return true;
  301 + } else {
  302 + return $this->raiseError("Could not add entry " . $entry->dn() . " " . @ldap_error($this->_link),
  303 + @ldap_errno($this->_link));
  304 + }
  305 + }
  306 +
  307 + /**
  308 + * Delete an entry from the directory
  309 + *
  310 + * The object may either be a string representing the dn or a Net_LDAP_Entry object.
  311 + * The param array may contain a boolean value named recursive. When set, all subentries
  312 + * of the Entry will be deleted as well
  313 + *
  314 + * @access public
  315 + * @param mixed string or Net_LDAP_Entry
  316 + * @param array
  317 + * @return mixed Net_LDAP_Error or true
  318 + */
  319 + function delete($dn, $param = array())
  320 + {
  321 + if (is_object($dn) && strtolower(get_class($dn)) == 'net_ldap_entry') {
  322 + $dn = $dn->dn();
  323 + } else {
  324 + if (!is_string($dn)) {
  325 + // this is what the server would say: invalid_dn_syntax.
  326 + return $this->raiseError("$dn not a string nor an entryobject!", 34);
  327 + }
  328 + }
  329 +
  330 + if ($param['recursive'] ) {
  331 + $searchresult = @ldap_list($this->_link, $dn, '(objectClass=*)', array());
  332 +
  333 + if ($searchresult) {
  334 + $entries = @ldap_get_entries($this->_link, $searchresult);
  335 +
  336 + for ($i=0; $i<$entries['count']; $i++) {
  337 + $result = $this->delete($entries[$i]['dn'], array('recursive' => true));
  338 + if (!$result) {
  339 + $errno = @ldap_errno($this->_link);
  340 + return $this->raiseMessage ("Net_LDAP::delete: " . $this->errorMessage($errno), $errno);
  341 + }
  342 + if(PEAR::isError($result)){
  343 + return $result;
  344 + }
  345 + }
  346 + }
  347 + }
  348 + if (!@ldap_delete($this->_link, $dn)) {
  349 + $error = ldap_errno($this->_link );
  350 + if ($error == 66) {
  351 + /* entry has subentries */
  352 + return $this->raiseError('Net_LDAP::delete: Cound not delete entry ' . $dn .
  353 + ' because of subentries. Use the recursive param to delete them.');
  354 + } else {
  355 + return $this->raiseError("Net_LDAP::delete: Could not delete entry " . $dn ." because: ".
  356 + $this->errorMessage($error), $error);
  357 + }
  358 + }
  359 + return true;
  360 + }
  361 +
  362 + /**
  363 + * Modify an ldapentry
  364 + *
  365 + * This is taken from the perlpod of net::ldap, and explains things quite nicely.
  366 + * modify ( DN, OPTIONS )
  367 + * Modify the contents of DN on the server. DN May be a
  368 + * string or a Net::LDAP::Entry object.
  369 + *
  370 + * dn This option is here for compatibility only, and
  371 + * may be removed in future. Previous releases did
  372 + * not take the DN argument which replaces this
  373 + * option.
  374 + *
  375 + * add The add option should be a reference to a HASH.
  376 + * The values of the HASH are the attributes to add,
  377 + * and the values may be a string or a reference to a
  378 + * list of values.
  379 + *
  380 + * delete
  381 + * A reference to an ARRAY of attributes to delete.
  382 + * TODO: This does not support deleting one or two values yet - use
  383 + * replace.
  384 + *
  385 + * replace
  386 + * The <replace> option takes a argument in the same
  387 + * form as add, but will cause any existing
  388 + * attributes with the same name to be replaced. If
  389 + * the value for any attribute in the årray is a ref­
  390 + * erence to an empty string the all instances of the
  391 + * attribute will be deleted.
  392 + *
  393 + * changes
  394 + * This is an alternative to add, delete and replace
  395 + * where the whole operation can be given in a single
  396 + * argument. The argument should be a array
  397 + *
  398 + * Values in the ARRAY are used in pairs, the first
  399 + * is the operation add, delete or replace and the
  400 + * second is a reference to an ARRAY of attribute
  401 + * values.
  402 + *
  403 + * The attribute value list is also used in pairs.
  404 + * The first value in each pair is the attribute name
  405 + * and the second is a reference to a list of values.
  406 + *
  407 + * Example:
  408 + * $ldap->modify ( $dn, array (changes => array(
  409 + * 'delete' => array('faxNumber' => ''),
  410 + * 'add' => array('sn' => 'Barr'),
  411 + * 'replace' => array(email => 'tarjei@nu.no'))));
  412 + *
  413 + * @access public
  414 + * @param string
  415 + * @param array
  416 + * @return mixed Net_LDAP_Error or true
  417 + */
  418 + function modify($dn , $params = array())
  419 + {
  420 + if (is_object($dn)) {
  421 + $dn = $dn->dn();
  422 + }
  423 + // since $params['dn'] is not used in net::ldap now:
  424 + if (isset($params['dn'])) {
  425 + return $this->raiseError("This feature will not be implemented!");
  426 + }
  427 + // new code from rafael at krysciak dot de
  428 + if(array_key_exists('changes', $params)) {
  429 + $_params = $params;
  430 + } else {
  431 + $_params['changes'] = $params;
  432 + }
  433 + if (is_array($_params['changes'])) {
  434 + foreach($_params['changes'] AS $option => $atrr) {
  435 + switch($option) {
  436 + case 'add':
  437 + $command = $dn_exists ? 'ldap_mod_add':'ldap_add';
  438 + break;
  439 + case 'replace':
  440 + $command = 'ldap_mod_replace';
  441 + break;
  442 + case 'delete':
  443 + $command = 'ldap_mod_del';
  444 + // to delete an attribute with a specific value you
  445 + // need a hash array('attr_name' => array('attr_value_1', ... ,'attr_value_n'))
  446 + // the hash array('attr_name' => 'attr_value') will be converted
  447 + // automatically to array('attr_name' => array('attr_value'))
  448 + foreach($atrr AS $atrr_field => $atrr_value) {
  449 + if(!is_array($atrr_value)) {
  450 + $atrr[$atrr_field] = array($atrr_value);
  451 + }
  452 + }
  453 + break;
  454 + default:
  455 + return $this->raiseError("Net_LDAP::modify: not supported option " . $option);
  456 + break;
  457 + } // end switch($option) {
  458 +
  459 + if(!@call_user_func($command, $this->_link, $dn, $atrr)) {
  460 + return $this->raiseError("Net_LDAP::modify: $dn not modified because:" . ldap_error($this->_link), ldap_errno($this->_link));
  461 + }
  462 + } // end foreach($_params['changes'] AS $option => $atrr) {
  463 + } // end if (is_array($_params['changes'])) {
  464 + // everything went fine :)
  465 + return true;
  466 +
  467 + /* old broken code see bug#2987
  468 + if (isset($params['changes'])) {
  469 +
  470 + if (isset($params['changes']['add']) &&
  471 + !@ldap_modify($this->_link, $dn, $params['changes']['add'])) {
  472 +
  473 + return $this->raiseError("Net_LDAP::modify: $dn not modified because:" . ldap_error($this->_link),
  474 + ldap_errno($this->_link));
  475 + }
  476 +
  477 + if (isset($params['changes']['replace']) &&
  478 + !@ldap_modify($this->_link, $dn, $params['changes']['replace'])) {
  479 +
  480 + return $this->raiseError("Net_LDAP::modify: replace change didn't work: " . ldap_error($this->_link),
  481 + ldap_errno($this->_link));
  482 + }
  483 +
  484 + if (isset($params['changes']['delete']) &&
  485 + !@ldap_mod_del($this->_link, $dn, $params['changes']['delete'])) {
  486 +
  487 + return $this->raiseError("Net_LDAP::modify:delete did not work" . ldap_error($this->_link),
  488 + ldap_errno($this->_link));
  489 + }
  490 + }
  491 +
  492 + if (isset($params['add']) && !@ldap_add($this->_link, $dn, $params['add'])) {
  493 + return $this->raiseError(ldap_error($this->_link), ldap_errno($this->_link));
  494 + }
  495 +
  496 + if (isset($params['replace']) && !@ldap_modify($this->_link, $dn, $params['replace'])) {
  497 + return $this->raiseError(ldap_error($this->_link), ldap_errno($this->_link));
  498 + }
  499 +
  500 + if (isset($params['delete'])) {
  501 + // since you delete an attribute by making it empty:
  502 + foreach ($params['delete'] as $k) {
  503 + $params['delete'][$k] = '';
  504 + }
  505 +
  506 + if (!@ldap_modify($this->_link, $dn, $params['delete'])) {
  507 + return $this->raiseError(ldap_error($this->_link), ldap_errno($this->_link));
  508 + }
  509 + }
  510 + // everything went fine :)
  511 + return true;
  512 + */
  513 +
  514 + }
  515 +
  516 + /**
  517 + * Run a ldap query
  518 + *
  519 + * Search is used to query the ldap-database.
  520 + * $base and $filter may be ommitted. BaseDN and default filter will then be used.
  521 + * Params may contain:
  522 + *
  523 + * scope: The scope which will be used for searching
  524 + * base - Just one entry
  525 + * sub - The whole tree
  526 + * one - Immediately below $base
  527 + * sizelimit: Limit the number of entries returned (default: 0),
  528 + * timelimit: Limit the time spent for searching (default: 0),
  529 + * attrsonly: If true, the search will only return the attribute names, NO values
  530 + * attributes: Array of attribute names, which the entry should contain. It is good practice
  531 + * to limit this to just the ones you need, so by default this function does not
  532 + * return any attributes at all.
  533 + * [NOT IMPLEMENTED]
  534 + * deref: By default aliases are dereferenced to locate the base object for the search, but not when
  535 + * searching subordinates of the base object. This may be changed by specifying one of the
  536 + * following values:
  537 + *
  538 + * never - Do not dereference aliases in searching or in locating the base object of the search.
  539 + * search - Dereference aliases in subordinates of the base object in searching, but not in
  540 + * locating the base object of the search.
  541 + * find
  542 + * always
  543 + *
  544 + * @access public
  545 + * @param string LDAP searchbase
  546 + * @param string LDAP search filter
  547 + * @param array Array of options
  548 + * @return object mixed Net_LDAP_Search or Net_LDAP_Error
  549 + */
  550 + function search($base = null, $filter = null, $params = array())
  551 + {
  552 + if (is_null($base)) {
  553 + $base = $this->_config['base'];
  554 + }
  555 + if (is_null($filter)) {
  556 + $filter = $this->_config['filter'];
  557 + }
  558 +
  559 + /* setting searchparameters */
  560 + (isset($params['sizelimit'])) ? $sizelimit = $params['sizelimit'] : $sizelimit = 0;
  561 + (isset($params['timelimit'])) ? $timelimit = $params['timelimit'] : $timelimit = 0;
  562 + (isset($params['attrsonly'])) ? $attrsonly = $params['attrsonly'] : $attrsonly = 0;
  563 + (isset($params['attributes'])) ? $attributes = $params['attributes'] : $attributes = array('');
  564 +
  565 + if (!is_array($attributes)) {
  566 + $this->raiseError("The param attributes must be an array!");
  567 + }
  568 +
  569 + /* scoping makes searches faster! */
  570 + $scope = (isset($params['scope']) ? $params['scope'] : $this->_config['scope']);
  571 +
  572 + switch ($scope) {
  573 + case 'one':
  574 + $search_function = 'ldap_list';
  575 + break;
  576 + case 'base':
  577 + $search_function = 'ldap_read';
  578 + break;
  579 + default:
  580 + $search_function = 'ldap_search';
  581 + }
  582 +
  583 + $search = @call_user_func($search_function,
  584 + $this->_link,
  585 + $base,
  586 + $filter,
  587 + $attributes,
  588 + $attrsonly,
  589 + $sizelimit,
  590 + $timelimit);
  591 +
  592 + if ($err = ldap_errno($this->_link)) {
  593 +
  594 + if ($err == 32) {
  595 + // Errorcode 32 = no such object, i.e. a nullresult.
  596 + return $obj =& new Net_LDAP_Search ($search, $this->_link);
  597 +
  598 + // Errorcode 4 = sizelimit exeeded. this will be handled better in time...
  599 + //} elseif ($err == 4) {
  600 + // return $obj = & new Net_LDAP_Search ($search, $this->_link);
  601 +
  602 + } elseif ($err == 87) {
  603 + // bad search filter
  604 + return $this->raiseError($this->errorMessage($err) . "($filter)", $err);
  605 + } else {
  606 + $msg = "\nParameters:\nBase: $base\nFilter: $filter\nScope: $scope";
  607 + return $this->raiseError($this->errorMessage($err) . $msg, $err);
  608 + }
  609 + } else {
  610 + @$obj =& new Net_LDAP_Search($search, $this->_link);
  611 + return $obj;
  612 + }
  613 +
  614 + }
  615 +
  616 + /**
  617 + * Set an LDAP option
  618 + *
  619 + * @access public
  620 + * @param string Option to set
  621 + * @param mixed Value to set Option to
  622 + * @return mixed Net_LDAP_Error or true
  623 + */
  624 + function setOption($option, $value)
  625 + {
  626 + if ($this->_link) {
  627 + if (defined($option)) {
  628 + if (@ldap_set_option($this->_link, constant($option), $value)) {
  629 + return true;
  630 + } else {
  631 + $err = @ldap_errno($this->_link);
  632 + if ($err) {
  633 + $msg = @ldap_err2str($err);
  634 + } else {
  635 + $err = NET_LDAP_ERROR;
  636 + $msg = $this->errorMessage($err);
  637 + }
  638 + return $this->raiseError($msg, $err);
  639 + }
  640 + } else {
  641 + return $this->raiseError("Unkown Option requested");
  642 + }
  643 + } else {
  644 + return $this->raiseError("No LDAP connection");
  645 + }
  646 + }
  647 +
  648 + /**
  649 + * Get an LDAP option value
  650 + *
  651 + * @access public
  652 + * @param string Option to get
  653 + * @return mixed Net_LDAP_Error or option value
  654 + */
  655 + function getOption($option)
  656 + {
  657 + if ($this->_link) {
  658 + if (defined($option)) {
  659 + if (@ldap_get_option($this->_link, constant($option), $value)) {
  660 + return $value;
  661 + } else {
  662 + $err = @ldap_errno($this->_link);
  663 + if ($err) {
  664 + $msg = @ldap_err2str($err);
  665 + } else {
  666 + $err = NET_LDAP_ERROR;
  667 + $msg = $this->errorMessage($err);
  668 + }
  669 + return $this->raiseError($msg, $err);
  670 + }
  671 + } else {
  672 + $this->raiseError("Unkown Option requested");
  673 + }
  674 + } else {
  675 + $this->raiseError("No LDAP connection");
  676 + }
  677 + }
  678 +
  679 + /**
  680 + * Get the LDAP_PROTOCOL_VERSION that is used on the connection.
  681 + *
  682 + * A lot of ldap functionality is defined by what protocol version the ldap server speaks.
  683 + * This might be 2 or 3.
  684 + *
  685 + * @return int
  686 + */
  687 + function getLDAPVersion()
  688 + {
  689 + if($this->_link) {
  690 + $version = $this->getOption("LDAP_OPT_PROTOCOL_VERSION");
  691 + } else {
  692 + $version = $this->_config['version'];
  693 + }
  694 + return $version;
  695 + }
  696 +
  697 + /**
  698 + * Set the LDAP_PROTOCOL_VERSION that is used on the connection.
  699 + *
  700 + * @param int Version to set
  701 + * @return mixed Net_LDAP_Error or TRUE
  702 + */
  703 + function setLDAPVersion($version = 0)
  704 + {
  705 + if (!$version) {
  706 + $version = $this->_config['version'];
  707 + }
  708 + return $this->setOption("LDAP_OPT_PROTOCOL_VERSION", $version);
  709 + }
  710 +
  711 + /**
  712 + * Get the Net_LDAP version.
  713 + *
  714 + * Return the Net_LDAP version
  715 + *
  716 + * @return string Net_LDAP version
  717 + */
  718 + function getVersion ()
  719 + {
  720 + return $this->_version;
  721 + }
  722 +
  723 + /**
  724 + * Tell if a dn already exists
  725 + *
  726 + * @param string
  727 + * @return boolean
  728 + */
  729 + function dnExists($dn)
  730 + {
  731 + $dns = explode(",",$dn);
  732 + $filter = array_shift($dns);
  733 + $base= implode($dns,',');
  734 + //$base = $dn;
  735 + //$filter = '(objectclass=*)';
  736 +
  737 + $result = @ldap_list($this->_link, $base, $filter, array(), 1, 1);
  738 + if (ldap_errno($this->_link) == 32) {
  739 + return false;
  740 + }
  741 + if (ldap_errno($this->_link) != 0) {
  742 + $this->raiseError(ldap_error($this->_link), ldap_errno($this->_link));
  743 + }
  744 + if (@ldap_count_entries($this->_link, $result)) {
  745 + return true;
  746 + }
  747 + return false;
  748 + }
  749 +
  750 +
  751 + /**
  752 + * Get a specific entry based on the dn
  753 + *
  754 + * @param string dn
  755 + * @param array Array of Attributes to select
  756 + * @return object Net_LDAP_Entry or Net_LDAP_Error
  757 + */
  758 + function &getEntry($dn, $attr = array(''))
  759 + {
  760 + $result = $this->search($dn, '(objectClass=*)', array('scope' => 'base', 'attributes' => $attr));
  761 + if (Net_LDAP::isError($result)) {
  762 + return $result;
  763 + }
  764 + $entry = $result->shiftEntry();
  765 + if (false == $entry) {
  766 + return $this->raiseError('Could not fetch entry');
  767 + }
  768 + return $entry;
  769 + }
  770 +
  771 +
  772 + /**
  773 + * Returns the string for an ldap errorcode.
  774 + *
  775 + * Made to be able to make better errorhandling
  776 + * Function based on DB::errorMessage()
  777 + * Tip: The best description of the errorcodes is found here: http://www.directory-info.com/LDAP/LDAPErrorCodes.html
  778 + *
  779 + * @param int Error code
  780 + * @return string The errorstring for the error.
  781 + */
  782 + function errorMessage($errorcode)
  783 + {
  784 + $errorMessages = array(
  785 + 0x00 => "LDAP_SUCCESS",
  786 + 0x01 => "LDAP_OPERATIONS_ERROR",
  787 + 0x02 => "LDAP_PROTOCOL_ERROR",
  788 + 0x03 => "LDAP_TIMELIMIT_EXCEEDED",
  789 + 0x04 => "LDAP_SIZELIMIT_EXCEEDED",
  790 + 0x05 => "LDAP_COMPARE_FALSE",
  791 + 0x06 => "LDAP_COMPARE_TRUE",
  792 + 0x07 => "LDAP_AUTH_METHOD_NOT_SUPPORTED",
  793 + 0x08 => "LDAP_STRONG_AUTH_REQUIRED",
  794 + 0x09 => "LDAP_PARTIAL_RESULTS",
  795 + 0x0a => "LDAP_REFERRAL",
  796 + 0x0b => "LDAP_ADMINLIMIT_EXCEEDED",
  797 + 0x0c => "LDAP_UNAVAILABLE_CRITICAL_EXTENSION",
  798 + 0x0d => "LDAP_CONFIDENTIALITY_REQUIRED",
  799 + 0x0e => "LDAP_SASL_BIND_INPROGRESS",
  800 + 0x10 => "LDAP_NO_SUCH_ATTRIBUTE",
  801 + 0x11 => "LDAP_UNDEFINED_TYPE",
  802 + 0x12 => "LDAP_INAPPROPRIATE_MATCHING",
  803 + 0x13 => "LDAP_CONSTRAINT_VIOLATION",
  804 + 0x14 => "LDAP_TYPE_OR_VALUE_EXISTS",
  805 + 0x15 => "LDAP_INVALID_SYNTAX",
  806 + 0x20 => "LDAP_NO_SUCH_OBJECT",
  807 + 0x21 => "LDAP_ALIAS_PROBLEM",
  808 + 0x22 => "LDAP_INVALID_DN_SYNTAX",
  809 + 0x23 => "LDAP_IS_LEAF",
  810 + 0x24 => "LDAP_ALIAS_DEREF_PROBLEM",
  811 + 0x30 => "LDAP_INAPPROPRIATE_AUTH",
  812 + 0x31 => "LDAP_INVALID_CREDENTIALS",
  813 + 0x32 => "LDAP_INSUFFICIENT_ACCESS",
  814 + 0x33 => "LDAP_BUSY",
  815 + 0x34 => "LDAP_UNAVAILABLE",
  816 + 0x35 => "LDAP_UNWILLING_TO_PERFORM",
  817 + 0x36 => "LDAP_LOOP_DETECT",
  818 + 0x3C => "LDAP_SORT_CONTROL_MISSING",
  819 + 0x3D => "LDAP_INDEX_RANGE_ERROR",
  820 + 0x40 => "LDAP_NAMING_VIOLATION",
  821 + 0x41 => "LDAP_OBJECT_CLASS_VIOLATION",
  822 + 0x42 => "LDAP_NOT_ALLOWED_ON_NONLEAF",
  823 + 0x43 => "LDAP_NOT_ALLOWED_ON_RDN",
  824 + 0x44 => "LDAP_ALREADY_EXISTS",
  825 + 0x45 => "LDAP_NO_OBJECT_CLASS_MODS",
  826 + 0x46 => "LDAP_RESULTS_TOO_LARGE",
  827 + 0x47 => "LDAP_AFFECTS_MULTIPLE_DSAS",
  828 + 0x50 => "LDAP_OTHER",
  829 + 0x51 => "LDAP_SERVER_DOWN",
  830 + 0x52 => "LDAP_LOCAL_ERROR",
  831 + 0x53 => "LDAP_ENCODING_ERROR",
  832 + 0x54 => "LDAP_DECODING_ERROR",
  833 + 0x55 => "LDAP_TIMEOUT",
  834 + 0x56 => "LDAP_AUTH_UNKNOWN",
  835 + 0x57 => "LDAP_FILTER_ERROR",
  836 + 0x58 => "LDAP_USER_CANCELLED",
  837 + 0x59 => "LDAP_PARAM_ERROR",
  838 + 0x5a => "LDAP_NO_MEMORY",
  839 + 0x5b => "LDAP_CONNECT_ERROR",
  840 + 0x5c => "LDAP_NOT_SUPPORTED",
  841 + 0x5d => "LDAP_CONTROL_NOT_FOUND",
  842 + 0x5e => "LDAP_NO_RESULTS_RETURNED",
  843 + 0x5f => "LDAP_MORE_RESULTS_TO_RETURN",
  844 + 0x60 => "LDAP_CLIENT_LOOP",
  845 + 0x61 => "LDAP_REFERRAL_LIMIT_EXCEEDED",
  846 + 1000 => "Unknown Net_LDAP error"
  847 + );
  848 +
  849 + return isset($errorMessages[$errorcode]) ? $errorMessages[$errorcode] : $errorMessages[NET_LDAP_ERROR];
  850 + }
  851 +
  852 + /**
  853 + * Tell whether value is a Net_LDAP_Error or not
  854 + *
  855 + * @access public
  856 + * @param mixed
  857 + * @return boolean
  858 + */
  859 + function isError($value)
  860 + {
  861 + return (is_a($value, "Net_LDAP_Error") || parent::isError($value));
  862 + }
  863 +
  864 + /**
  865 + * gets a root dse object
  866 + *
  867 + * @access public
  868 + * @author Jan Wagner <wagner@netsols.de>
  869 + * @param array Array of attributes to search for
  870 + * @return object mixed Net_LDAP_Error or Net_LDAP_RootDSE
  871 + */
  872 + function &rootDse($attrs = null)
  873 + {
  874 + require_once('Net/LDAP/RootDSE.php');
  875 +
  876 + if (is_array($attrs) && count($attrs) > 0 ) {
  877 + $attributes = $attrs;
  878 + } else {
  879 + $attributes = array('namingContexts',
  880 + 'altServer',
  881 + 'supportedExtension',
  882 + 'supportedControl',
  883 + 'supportedSASLMechanisms',
  884 + 'supportedLDAPVersion',
  885 + 'subschemaSubentry' );
  886 + }
  887 + $result = $this->search('', '(objectClass=*)', array('attributes' => $attributes, 'scope' => 'base'));
  888 + if (Net_LDAP::isError($result)) return $result;
  889 +
  890 + $entry = $result->shift_entry();
  891 + if (false === $entry) return $this->raiseError('Could not fetch RootDSE entry');
  892 +
  893 + return new Net_LDAP_RootDSE($entry);
  894 + }
  895 +
  896 + /**
  897 + * alias function of rootDse() for perl-ldap interface
  898 + *
  899 + * @access public
  900 + * @see rootDse()
  901 + */
  902 + function &root_dse()
  903 + {
  904 + $args = func_get_args();
  905 + return call_user_func_array(array($this, 'rootDse'), $args);
  906 + }
  907 +
  908 + /**
  909 + * get a schema object
  910 + *
  911 + * @access public
  912 + * @author Jan Wagner <wagner@netsols.de>
  913 + * @param string Subschema entry dn
  914 + * @return object mixed Net_LDAP_Schema or Net_LDAP_Error
  915 + */
  916 + function &schema($dn = null)
  917 + {
  918 + require_once('Net/LDAP/Schema.php');
  919 +
  920 + $schema =& new Net_LDAP_Schema();
  921 +
  922 + if (is_null($dn)) {
  923 + // get the subschema entry via root dse
  924 + $dse = $this->rootDSE(array('subschemaSubentry'));
  925 + if (false == Net_LDAP::isError($dse)) {
  926 + $base = $dse->getValue('subschemaSubentry', 'single');
  927 + if (!Net_LDAP::isError($base)) {
  928 + $dn = $base;
  929 + }
  930 + }
  931 + }
  932 + if (is_null($dn)) {
  933 + $dn = 'cn=Subschema';
  934 + }
  935 +
  936 + // fetch the subschema entry
  937 + $result = $this->search($dn, '(objectClass=*)',
  938 + array('attributes' => array_values($schema->types), 'scope' => 'base'));
  939 + if (Net_LDAP::isError($result)) {
  940 + return $result;
  941 + }
  942 +
  943 + $entry = $result->shift_entry();
  944 + if (false === $entry) {
  945 + return $this->raiseError('Could not fetch Subschema entry');
  946 + }
  947 +
  948 + $schema->parse($entry);
  949 +
  950 + return $schema;
  951 + }
  952 +
  953 + /**
  954 + * Encodes given attributes to UTF8 if needed
  955 + *
  956 + * This function takes attributes in an array and then checks against the schema if they need
  957 + * UTF8 encoding. If that is so, they will be encoded. An encoded array will be returned and
  958 + * can be used for adding or modifying.
  959 + *
  960 + * @access public
  961 + * @param array Array of attributes
  962 + * @return array Array of UTF8 encoded attributes
  963 + */
  964 + function utf8Encode($attributes)
  965 + {
  966 + return $this->_utf8($attributes, 'utf8_encode');
  967 + }
  968 +
  969 + /**
  970 + * Decodes the given attribute values
  971 + *
  972 + * @access public
  973 + * @param array Array of attributes
  974 + * @return array Array with decoded attribute values
  975 + */
  976 + function utf8Decode($attributes)
  977 + {
  978 + return $this->_utf8($attributes, 'utf8_decode');
  979 + }
  980 +
  981 + /**
  982 + * Encodes or decodes attribute values if needed
  983 + *
  984 + * @access private
  985 + * @param array Array of attributes
  986 + * @param array Function to apply to attribute values
  987 + * @return array Array of attributes with function applied to values
  988 + */
  989 + function _utf8($attributes, $function)
  990 + {
  991 + if (!$this->_schema) {
  992 + $this->_schema = $this->schema();
  993 + }
  994 +
  995 + if (!$this->_link || Net_LDAP::isError($this->_schema) || !function_exists($function)) {
  996 + return $attributes;
  997 + }
  998 +
  999 + if (is_array($attributes) && count($attributes) > 0) {
  1000 +
  1001 + foreach( $attributes as $k => $v ) {
  1002 +
  1003 + if (!isset($this->_schemaAttrs[$k])) {
  1004 +
  1005 + $attr = $this->_schema->get('attribute', $k);
  1006 + if (Net_LDAP::isError($attr)) {
  1007 + continue;
  1008 + }
  1009 +
  1010 + if (false !== strpos($attr['syntax'], '1.3.6.1.4.1.1466.115.121.1.15')) {
  1011 + $encode = true;
  1012 + } else {
  1013 + $encode = false;
  1014 + }
  1015 + $this->_schemaAttrs[$k] = $encode;
  1016 +
  1017 + } else {
  1018 + $encode = $this->_schemaAttrs[$k];
  1019 + }
  1020 +
  1021 + if ($encode) {
  1022 + if (is_array($v)) {
  1023 + foreach ($v as $ak => $av) {
  1024 + $v[$ak] = call_user_func($function, $av );
  1025 + }
  1026 + } else {
  1027 + $v = call_user_func($function, $v);
  1028 + }
  1029 + }
  1030 + $attributes[$k] = $v;
  1031 + }
  1032 + }
  1033 + return $attributes;
  1034 + }
  1035 +}
  1036 +
  1037 +/**
  1038 + * Net_LDAP_Error implements a class for reporting portable LDAP error messages.
  1039 + *
  1040 + * @package Net_LDAP
  1041 + */
  1042 +class Net_LDAP_Error extends PEAR_Error
  1043 +{
  1044 + /**
  1045 + * Net_LDAP_Error constructor.
  1046 + *
  1047 + * @param mixed Net_LDAP error code, or string with error message.
  1048 + * @param integer what "error mode" to operate in
  1049 + * @param integer what error level to use for $mode & PEAR_ERROR_TRIGGER
  1050 + * @param mixed additional debug info, such as the last query
  1051 + * @access public
  1052 + * @see PEAR_Error
  1053 + */
  1054 + function Net_LDAP_Error($code = NET_LDAP_ERROR, $mode = PEAR_ERROR_RETURN,
  1055 + $level = E_USER_NOTICE, $debuginfo = null)
  1056 + {
  1057 + $mode = PEAR_ERROR_RETURN;
  1058 + if (is_int($code)) {
  1059 + $this->PEAR_Error('Net_LDAP_Error: ' . Net_LDAP::errorMessage($code), $code, $mode, $level, $debuginfo);
  1060 + } else {
  1061 + $this->PEAR_Error("Net_LDAP_Error: $code", NET_LDAP_ERROR, $mode, $level, $debuginfo);
  1062 + }
  1063 + }
  1064 +}
  1065 +?>
thirdparty/pear/Net/LDAP/Entry.php 0 → 100644
  View file @4c8280f
  1 +<?php
  2 +/* vim: set expandtab tabstop=4 shiftwidth=4: */
  3 +// +--------------------------------------------------------------------------+
  4 +// | Net_LDAP |
  5 +// +--------------------------------------------------------------------------+
  6 +// | Copyright (c) 1997-2003 The PHP Group |
  7 +// +--------------------------------------------------------------------------+
  8 +// | This library is free software; you can redistribute it and/or |
  9 +// | modify it under the terms of the GNU Lesser General Public |
  10 +// | License as published by the Free Software Foundation; either |
  11 +// | version 2.1 of the License, or (at your option) any later version. |
  12 +// | |
  13 +// | This library is distributed in the hope that it will be useful, |
  14 +// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
  15 +// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
  16 +// | Lesser General Public License for more details. |
  17 +// | |
  18 +// | You should have received a copy of the GNU Lesser General Public |
  19 +// | License along with this library; if not, write to the Free Software |
  20 +// | Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
  21 +// +--------------------------------------------------------------------------+
  22 +// | Authors: Tarjej Huse |
  23 +// +--------------------------------------------------------------------------+
  24 +//
  25 +// $Id$
  26 +
  27 +/**
  28 + * This class represents an LDAP entry
  29 + *
  30 + * @package Net_LDAP
  31 + * @author Tarjei Huse
  32 + * @version $Revision$
  33 + */
  34 +class Net_LDAP_Entry extends PEAR
  35 +{
  36 + /**#@+
  37 + * Array of the attributes
  38 + *
  39 + * @access private
  40 + * @var array
  41 + */
  42 + var $_attrs = array();
  43 +
  44 + /**
  45 + * Array of attributes to be deleted upon update()
  46 + */
  47 + var $_delAttrs = array();
  48 +
  49 + /**
  50 + * Array of attributes to be modified upon update()
  51 + */
  52 + var $_modAttrs = array();
  53 +
  54 + /**
  55 + * Array of attributes to be added upon update()
  56 + */
  57 + var $_addAttrs = array();
  58 + /**#@-*/
  59 +
  60 + /**
  61 + * The distinguished name of the entry
  62 + *
  63 + * @access private
  64 + * @var string
  65 + */
  66 + var $_dn = '';
  67 +
  68 + /**
  69 + * LDAP resource link
  70 + *
  71 + * @access private
  72 + * @var resource
  73 + */
  74 + var $_link = null;
  75 +
  76 + /**
  77 + * Value of old DN if DN has changed
  78 + *
  79 + * @access private
  80 + * @var string
  81 + */
  82 + var $_olddn = '';
  83 +
  84 + /**#@+
  85 + * Array of errors for debugging class
  86 + *
  87 + * @access private
  88 + */
  89 + var $_error = array();
  90 +
  91 + /**
  92 + * updatechecks
  93 + */
  94 + var $updateCheck = array('newdn' => false,
  95 + 'modify' => false,
  96 + 'newEntry' => true
  97 + ); // since the entry is not changed before the update();
  98 +
  99 + /**
  100 + * Net_LDAP_Schema object TO BE REMOVED
  101 + */
  102 + var $_schema;
  103 + /**#@-*/
  104 +
  105 + /** Constructor
  106 + *
  107 + * @param - link - ldap_resource_link, dn = string entry dn, attributes - array entry attributes array.
  108 + * @return - none
  109 + **/
  110 + function Net_LDAP_Entry($link = null, $dn = null, $attributes = null)
  111 + {
  112 + if (!is_null($link)) {
  113 + $this->_link = $link;
  114 + }
  115 + if (!is_null($dn)) {
  116 + $this->_set_dn($dn);
  117 + }
  118 + if (is_array($attributes) && count($attributes) > 0) {
  119 + $this->_set_attributes($attributes);
  120 + } else {
  121 + $this->updateCheck['newEntry'] = true;
  122 + }
  123 + }
  124 +
  125 + /**
  126 + * Set the reasourcelink to the ldapserver.
  127 + *
  128 + * @access private
  129 + * @param resource LDAP link
  130 + */
  131 + function _set_link(&$link)
  132 + {
  133 + $this->_link = $link;
  134 + }
  135 +
  136 + /**
  137 + * set the entrys DN
  138 + *
  139 + * @access private
  140 + * @param string
  141 + */
  142 + function _set_dn($dn)
  143 + {
  144 + $this->_dn = $dn;
  145 + }
  146 +
  147 + /**
  148 + * sets the internal array of the entrys attributes.
  149 + *
  150 + * @access private
  151 + * @param array
  152 + */
  153 + function _set_attributes($attributes= array())
  154 + {
  155 + $this->_attrs = $attributes;
  156 + // this is the sign that the entry exists in the first place:
  157 + $this->updateCheck['newEntry'] = false;
  158 + }
  159 +
  160 + /**
  161 + * removes [count] entries from the array.
  162 + *
  163 + * remove all the count elements in the array:
  164 + * Used before ldap_modify, ldap_add
  165 + *
  166 + * @access private
  167 + * @return array Cleaned array of attributes
  168 + */
  169 + function _clean_entry()
  170 + {
  171 + $attributes = array();
  172 +
  173 + for ($i=0; $i < $this->_attrs['count'] ; $i++) {
  174 +
  175 + $attr = $this->_attrs[$i];
  176 +
  177 + if ($this->_attrs[$attr]['count'] == 1) {
  178 + $attributes[$this->_attrs[$i]] = $this->_attrs[$attr][0];
  179 + } else {
  180 + $attributes[$attr] = $this->_attrs[$attr];
  181 + unset ($attributes[ $attr ]['count']);
  182 + }
  183 + }
  184 +
  185 + return $attributes;
  186 +
  187 + }
  188 +
  189 + /**
  190 + * returns an assosiative array of all the attributes in the array
  191 + *
  192 + * attributes - returns an assosiative array of all the attributes in the array
  193 + * of the form array ('attributename'=>'singelvalue' , 'attribute'=>array('multiple','values'))
  194 + *
  195 + * @param none
  196 + * @return array Array of attributes and values.
  197 + */
  198 + function attributes()
  199 + {
  200 + return $this->_clean_entry();
  201 + }
  202 +
  203 + /**
  204 + * Add one or more attribute to the entry
  205 + *
  206 + * The values given will be added to the values which already exist for the given attributes.
  207 + * usage:
  208 + * $entry->add ( array('sn'=>'huse',objectclass=>array(top,posixAccount)))
  209 + *
  210 + * @param array Array of attributes
  211 + * @return mixed Net_Ldap_Error if error, else true.
  212 + */
  213 + function add($attr = array())
  214 + {
  215 + if (!isset($this->_attrs['count'])) {
  216 + $this->_attrs['count'] = 0;
  217 + }
  218 + if (!is_array($attr)) {
  219 + return $this->raiseError("Net_LDAP::add : the parameter supplied is not an array, $attr", 1000);
  220 + }
  221 + /* if you passed an empty array, that is your problem! */
  222 + if (count ($attr)==0) {
  223 + return true;
  224 + }
  225 + foreach ($attr as $k => $v ) {
  226 + // empty entrys should not be added to the entry.
  227 + if ($v == '') {
  228 + continue;
  229 + }
  230 +
  231 + if ($this->exists($k)) {
  232 + if (!is_array($this->_attrs[$k])) {
  233 + return $this->raiseError("Possible malformed array as parameter to Net_LDAP::add().");
  234 + }
  235 + array_push($this->_attrs[$k],$v);
  236 + $this->_attrs[$k]['count']++;
  237 + } else {
  238 + $this->_attrs[$k][0] = $v;
  239 + $this->_attrs[$k]['count'] = 1;
  240 + $this->_attrs[$this->_attrs['count']] = $k;
  241 + $this->_attrs['count']++;
  242 + }
  243 + // Fix for bug #952
  244 + if (empty($this->_addAttrs[$k])) {
  245 + $this->_addAttrs[$k] = array();
  246 + }
  247 + if (false == is_array($v)) {
  248 + $v = array($v);
  249 + }
  250 + foreach ($v as $value) {
  251 + array_push($this->_addAttrs[$k], $value);
  252 + }
  253 + }
  254 + return true;
  255 + }
  256 +
  257 + /**
  258 + * Set or get the DN for the object
  259 + *
  260 + * If a new dn is supplied, this will move the object when running $obj->update();
  261 + *
  262 + * @param string DN
  263 + */
  264 + function dn($newdn = '')
  265 + {
  266 + if ($newdn == '') {
  267 + return $this->_dn;
  268 + }
  269 +
  270 + $this->_olddn = $this->_dn;
  271 + $this->_dn = $newdn;
  272 + $this->updateCheck['newdn'] = true;
  273 + }
  274 +
  275 + /**
  276 + * check if a certain attribute exists in the directory
  277 + *
  278 + * @param string attribute name.
  279 + * @return boolean
  280 + */
  281 + function exists($attr)
  282 + {
  283 + if (array_key_exists($attr, $this->_attrs)) {
  284 + return true;
  285 + }
  286 + return false;
  287 + }
  288 +
  289 + /**
  290 + * get_value get the values for a attribute
  291 + *
  292 + * returns either an array or a string
  293 + * possible values for option:
  294 + * alloptions - returns an array with the values + a countfield.
  295 + * i.e.: array (count=>1, 'sn'=>'huse');
  296 + * single - returns the, first value in the array as a string.
  297 + *
  298 + * @param $attr string attribute name
  299 + * @param $options array
  300 + */
  301 + function get_value($attr = '', $options = '')
  302 + {
  303 + if (array_key_exists($attr, $this->_attrs)) {
  304 +
  305 + if ($options == 'single') {
  306 + if (is_array($this->_attrs[$attr])) {
  307 + return $this->_attrs[$attr][0];
  308 + } else {
  309 + return $this->_attrs[$attr];
  310 + }
  311 + }
  312 +
  313 + $value = $this->_attrs[$attr];
  314 +
  315 + if (!$options == 'alloptions') {
  316 + unset ($value['count']);
  317 + }
  318 + return $value;
  319 + } else {
  320 + return '';
  321 + }
  322 + }
  323 +
  324 + /**
  325 + * add/delete/modify attributes
  326 + *
  327 + * this function tries to do all the things that replace(),delete() and add() does on an object.
  328 + * Syntax:
  329 + * array ( 'attribute' => newval, 'delattribute' => '', newattrivute => newval);
  330 + * Note: You cannot use this function to modify parts of an attribute. You must modify the whole attribute.
  331 + * You may call the function many times before running $entry->update();
  332 + *
  333 + * @param array attributes to be modified
  334 + * @return mixed errorObject if failure, true if success.
  335 + */
  336 + function modify($attrs = array()) {
  337 +
  338 + if (!is_array($attrs) || count ($attrs) < 1 ) {
  339 + return $this->raiseError("You did not supply an array as expected",1000);
  340 + }
  341 +
  342 + foreach ($attrs as $k => $v) {
  343 + // empty values are deleted (ldap v3 handling is in update() )
  344 + if ($v == '' && $this->exists($k)) {
  345 + $this->_delAttrs[$k] = '';
  346 + continue;
  347 + }
  348 + /* existing attributes are modified*/
  349 + if ($this->exists($k) ) {
  350 + if (is_array($v)) {
  351 + $this->_modAttrs[$k] = $v;
  352 + } else {
  353 + $this->_modAttrs[$k][0] = $v;
  354 + }
  355 + } else {
  356 + /* new ones are created */
  357 + if (is_array($v) ) {
  358 + // an empty array is deleted...
  359 + if (count($v) == 0 ) {
  360 + $this->_delAttrs[$k] = '';
  361 + } else {
  362 + $this->_addAttrs[$k] = $v;
  363 + }
  364 + } else {
  365 + // dont't add empty attributes
  366 + if ($v != null) $this->_addAttrs[$k][0] = $v;
  367 + }
  368 + }
  369 + }
  370 + return true;
  371 + }
  372 +
  373 +
  374 + /**
  375 + * replace a certain attributes value
  376 + *
  377 + * replace - replace a certain attributes value
  378 + * example:
  379 + * $entry->replace(array('uid'=>array('tarjei')));
  380 + *
  381 + * @param array attributes to be replaced
  382 + * @return mixed error if failure, true if sucess.
  383 + */
  384 + function replace($attrs = array() )
  385 + {
  386 + foreach ($attrs as $k => $v) {
  387 +
  388 + if ($this->exists($k)) {
  389 +
  390 + if (is_array($v)) {
  391 + $this->_attrs[$k] = $v;
  392 + $this->_attrs[$k]['count'] = count($v);
  393 + $this->_modAttrs[$k] = $v;
  394 + } else {
  395 + $this->_attrs[$k]['count'] = 1;
  396 + $this->_attrs[$k][0] = $v;
  397 + $this->_modAttrs[$k][0] = $v;
  398 + }
  399 + } else {
  400 + return $this->raiseError("Attribute $k does not exist",16); // 16 = no such attribute exists.
  401 + }
  402 + }
  403 + return true;
  404 + }
  405 +
  406 + /**
  407 + * delete attributes
  408 + *
  409 + * Use this function to delete certain attributes from an object.
  410 + *
  411 + * @param - array of attributes to be deleted
  412 + * @return mixed Net_Ldap_Error if failure, true if success.
  413 + */
  414 + function delete($attrs = array())
  415 + {
  416 + foreach ($attrs as $k => $v) {
  417 +
  418 + if ($this->exists ($k)) {
  419 + // if v is a null, then remove the whole attribute, else only the value.
  420 + if ($v == '') {
  421 + unset($this->_attrs[$k]);
  422 + $this->_delAttrs[$k] = "";
  423 + // else we remove only the correct value.
  424 + } else {
  425 + for ($i = 0;$i< $this->_attrs[$k]['count'];$i++) {
  426 + if ($this->_attrs[$k][$i] == $v ) {
  427 + unset ($this->_attrs[$k][$i]);
  428 + $this->_delAttrs[$k] = $v;
  429 + continue;
  430 + }
  431 + }
  432 + }
  433 + } else {
  434 + $this->raiseError("You tried to delete a nonexisting attribute!",16);
  435 + }
  436 + }
  437 + return true;
  438 + }
  439 +
  440 + /**
  441 + * update the Entry in LDAP
  442 + *
  443 + * After modifying an object, you must run update() to
  444 + * make the updates on the ldap server. Before that, they only exists in the object.
  445 + *
  446 + * @param object Net_LDAP
  447 + * @return mixed Net_LDAP_Error object on failure or true on success
  448 + */
  449 + function update ($ldapObject = null)
  450 + {
  451 + if ($ldapObject == null && $this->_link == null ) {
  452 + $this->raiseError("No link to database");
  453 + }
  454 +
  455 + if ($ldapObject != null) {
  456 + $this->_link =& $ldapObject->_link;
  457 + }
  458 +
  459 + //if it's a new
  460 + if ($this->updateCheck['newdn'] && !$this->updateCheck['newEntry']) {
  461 + if (@ldap_get_option( $this->_link, LDAP_OPT_PROTOCOL_VERSION, $version) && $version != 3) {
  462 + return $this->raiseError("Moving or renaming an dn is only supported in LDAP V3!", 80);
  463 + }
  464 +
  465 + $newparent = ldap_explode_dn($this->_dn, 0);
  466 + unset($newparent['count']);
  467 + $relativeDn = array_shift($newparent);
  468 + $newparent = join(',', $newparent);
  469 +
  470 + if (!@ldap_rename($this->_link, $this->_olddn, $relativeDn, $newparent, true)) {
  471 + return $this->raiseError("DN not renamed: " . ldap_error($this->_link), ldap_errno($this->_link));
  472 + }
  473 + }
  474 +
  475 + if ($this->updateCheck['newEntry']) {
  476 + //print "<br>"; print_r($this->_clean_entry());
  477 +
  478 + if (!@ldap_add($this->_link, $this->dn(), $this->_clean_entry()) ) {
  479 + return $this->raiseError("Entry" . $this->dn() . " not added!" .
  480 + ldap_error($this->_link), ldap_errno($this->_link));
  481 + } else {
  482 + return true;
  483 + }
  484 + // update existing entry
  485 + } else {
  486 + $this->_error['first'] = $this->_modAttrs;
  487 + $this->_error['count'] = count($this->_modAttrs);
  488 +
  489 + // modified attributes
  490 + if (( count($this->_modAttrs)>0) &&
  491 + !ldap_modify($this->_link, $this->dn(), $this->_modAttrs))
  492 + {
  493 + return $this->raiseError("Entry " . $this->dn() . " not modified(attribs not modified): " .
  494 + ldap_error($this->_link),ldap_errno($this->_link));
  495 + }
  496 +
  497 + // attributes to be deleted
  498 + if (( count($this->_delAttrs) > 0 ))
  499 + {
  500 + // in ldap v3 we need to supply the old attribute values for deleting
  501 + if (@ldap_get_option( $this->_link, LDAP_OPT_PROTOCOL_VERSION, $version) && $version == 3) {
  502 + foreach ( $this->_delAttrs as $k => $v ) {
  503 + if ( $v == '' && $this->exists($k) ) {
  504 + $this->_delAttrs[$k] = $this->get_value( $k );
  505 + }
  506 + }
  507 + }
  508 + if ( !ldap_mod_del($this->_link, $this->dn(), $this->_delAttrs) ) {
  509 + return $this->raiseError("Entry " . $this->dn() . " not modified (attributes not deleted): " .
  510 + ldap_error($this->_link),ldap_errno($this->_link));
  511 + }
  512 + }
  513 +
  514 + // new attributes
  515 + if ((count($this->_addAttrs)) > 0 && !ldap_modify($this->_link, $this->dn(), $this->_addAttrs)) {
  516 + return $this->raiseError( "Entry " . $this->dn() . " not modified (attributes not added): " .
  517 + ldap_error($this->_link),ldap_errno($this->_link));
  518 + }
  519 + return true;
  520 + }
  521 + }
  522 +}
  523 +
  524 +?>
thirdparty/pear/Net/LDAP/RootDSE.php 0 → 100644
  View file @4c8280f
  1 +<?php
  2 +/* vim: set expandtab tabstop=4 shiftwidth=4: */
  3 +// +--------------------------------------------------------------------------+
  4 +// | Net_LDAP |
  5 +// +--------------------------------------------------------------------------+
  6 +// | Copyright (c) 1997-2003 The PHP Group |
  7 +// +--------------------------------------------------------------------------+
  8 +// | This library is free software; you can redistribute it and/or |
  9 +// | modify it under the terms of the GNU Lesser General Public |
  10 +// | License as published by the Free Software Foundation; either |
  11 +// | version 2.1 of the License, or (at your option) any later version. |
  12 +// | |
  13 +// | This library is distributed in the hope that it will be useful, |
  14 +// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
  15 +// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
  16 +// | Lesser General Public License for more details. |
  17 +// | |
  18 +// | You should have received a copy of the GNU Lesser General Public |
  19 +// | License along with this library; if not, write to the Free Software |
  20 +// | Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
  21 +// +--------------------------------------------------------------------------+
  22 +// | Authors: Jan Wagner |
  23 +// +--------------------------------------------------------------------------+
  24 +//
  25 +// $Id$
  26 +
  27 +/**
  28 + * Getting the rootDSE entry of a LDAP server
  29 + *
  30 + * @package Net_LDAP
  31 + * @author Jan Wagner <wagner@netsols.de>
  32 + * @version $Revision$
  33 + */
  34 +class Net_LDAP_RootDSE extends PEAR
  35 +{
  36 + /**
  37 + * @access private
  38 + * @var object Net_LDAP_Entry
  39 + **/
  40 + var $_entry;
  41 +
  42 + /**
  43 + * class constructor
  44 + *
  45 + * @param object Net_LDAP_Entry
  46 + */
  47 + function Net_LDAP_RootDSE(&$entry)
  48 + {
  49 + $this->_entry = $entry;
  50 + }
  51 +
  52 + /**
  53 + * Gets the requested attribute value
  54 + *
  55 + * Same usuage as Net_LDAP_Entry::get_value()
  56 + *
  57 + * @access public
  58 + * @param string Attribute name
  59 + * @param array Array of options
  60 + * @return mixed Net_LDAP_Error object or attribute values
  61 + * @see Net_LDAP_Entry::get_value()
  62 + */
  63 + function getValue($attr = '', $options = '')
  64 + {
  65 + return $this->_entry->get_value($attr, $options);
  66 + }
  67 +
  68 + /**
  69 + * alias function of getValue() for perl-ldap interface
  70 + *
  71 + * @see getValue()
  72 + */
  73 + function get_value()
  74 + {
  75 + $args = func_get_args();
  76 + return call_user_func_array(array($this, 'getValue' ), $args);
  77 + }
  78 +
  79 + /**
  80 + * Determines if the extension is supported
  81 + *
  82 + * @access public
  83 + * @param array Array of oids to check
  84 + * @return boolean
  85 + */
  86 + function supportedExtension($oids)
  87 + {
  88 + return $this->_checkAttr($oids, 'supportedExtension');
  89 + }
  90 +
  91 + /**
  92 + * alias function of supportedExtension() for perl-ldap interface
  93 + *
  94 + * @see supportedExtension()
  95 + */
  96 + function supported_extension()
  97 + {
  98 + $args = func_get_args();
  99 + return call_user_func_array(array($this, 'supportedExtension'), $args);
  100 + }
  101 +
  102 + /**
  103 + * Determines if the version is supported
  104 + *
  105 + * @access public
  106 + * @param array Versions to check
  107 + * @return boolean
  108 + */
  109 + function supportedVersion($versions)
  110 + {
  111 + return $this->_checkAttr($versions, 'supportedLDAPVersion');
  112 + }
  113 +
  114 + /**
  115 + * alias function of supportedVersion() for perl-ldap interface
  116 + *
  117 + * @see supportedVersion()
  118 + */
  119 + function supported_version()
  120 + {
  121 + $args = func_get_args();
  122 + return call_user_func_array(array($this, 'supportedVersion'), $args);
  123 + }
  124 +
  125 + /**
  126 + * Determines if the control is supported
  127 + *
  128 + * @access public
  129 + * @param array Control oids to check
  130 + * @return boolean
  131 + */
  132 + function supportedControl($oids)
  133 + {
  134 + return $this->_checkAttr($oids, 'supportedControl');
  135 + }
  136 +
  137 + /**
  138 + * alias function of supportedControl() for perl-ldap interface
  139 + *
  140 + * @see supportedControl()
  141 + */
  142 + function supported_control()
  143 + {
  144 + $args = func_get_args();
  145 + return call_user_func_array(array($this, 'supportedControl' ), $args);
  146 + }
  147 +
  148 + /**
  149 + * Determines if the sasl mechanism is supported
  150 + *
  151 + * @access public
  152 + * @param array SASL mechanisms to check
  153 + * @return boolean
  154 + */
  155 + function supportedSASLMechanism($mechlist)
  156 + {
  157 + return $this->_checkAttr($mechlist, 'supportedSASLMechanisms');
  158 + }
  159 +
  160 + /**
  161 + * alias function of supportedSASLMechanism() for perl-ldap interface
  162 + *
  163 + * @see supportedSASLMechanism()
  164 + */
  165 + function supported_sasl_mechanism()
  166 + {
  167 + $args = func_get_args();
  168 + return call_user_func_array(array($this, 'supportedSASLMechanism'), $args);
  169 + }
  170 +
  171 + /**
  172 + * Checks for existance of value in attribute
  173 + *
  174 + * @access private
  175 + * @param array $values values to check
  176 + * @param attr $attr attribute name
  177 + * @return boolean
  178 + */
  179 + function _checkAttr($values, $attr)
  180 + {
  181 + if (!is_array($values)) $values = array($values);
  182 +
  183 + foreach ($values as $value) {
  184 + if (!@in_array($value, $this->get_value($attr))) {
  185 + return false;
  186 + }
  187 + }
  188 + return true;
  189 + }
  190 +}
  191 +
  192 +?>
0 \ No newline at end of file 193 \ No newline at end of file
thirdparty/pear/Net/LDAP/Schema.php 0 → 100644
  View file @4c8280f
  1 +<?php
  2 +/* vim: set expandtab tabstop=4 shiftwidth=4: */
  3 +// +--------------------------------------------------------------------------+
  4 +// | Net_LDAP |
  5 +// +--------------------------------------------------------------------------+
  6 +// | Copyright (c) 1997-2003 The PHP Group |
  7 +// +--------------------------------------------------------------------------+
  8 +// | This library is free software; you can redistribute it and/or |
  9 +// | modify it under the terms of the GNU Lesser General Public |
  10 +// | License as published by the Free Software Foundation; either |
  11 +// | version 2.1 of the License, or (at your option) any later version. |
  12 +// | |
  13 +// | This library is distributed in the hope that it will be useful, |
  14 +// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
  15 +// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
  16 +// | Lesser General Public License for more details. |
  17 +// | |
  18 +// | You should have received a copy of the GNU Lesser General Public |
  19 +// | License along with this library; if not, write to the Free Software |
  20 +// | Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
  21 +// +--------------------------------------------------------------------------+
  22 +// | Authors: Jan Wagner |
  23 +// +--------------------------------------------------------------------------+
  24 +//
  25 +// $Id$
  26 +
  27 +/**
  28 + * Load an LDAP Schema and provide information
  29 + *
  30 + * This class takes a Subschema entry, parses this information
  31 + * and makes it available in an array. Most of the code has been
  32 + * inspired by perl-ldap( http://perl-ldap.sourceforge.net).
  33 + * You will find portions of their implementation in here.
  34 + *
  35 + * @package Net_LDAP
  36 + * @author Jan Wagner <wagner@netsols.de>
  37 + * @version $Revision$
  38 + */
  39 + class Net_LDAP_Schema extends PEAR
  40 + {
  41 + /**
  42 + * Map of entry types to ldap attributes of subschema entry
  43 + *
  44 + * @access public
  45 + * @var array
  46 + */
  47 + var $types = array('attribute' => 'attributeTypes',
  48 + 'ditcontentrule' => 'dITContentRules',
  49 + 'ditstructurerule' => 'dITStructureRules',
  50 + 'matchingrule' => 'matchingRules',
  51 + 'matchingruleuse' => 'matchingRuleUse',
  52 + 'nameform' => 'nameForms',
  53 + 'objectclass' => 'objectClasses',
  54 + 'syntax' => 'ldapSyntaxes');
  55 +
  56 + /**#@+
  57 + * Array of entries belonging to this type
  58 + *
  59 + * @access private
  60 + * @var array
  61 + */
  62 + var $_attributeTypes = array();
  63 + var $_matchingRules = array();
  64 + var $_matchingRuleUse = array();
  65 + var $_ldapSyntaxes = array();
  66 + var $_objectClasses = array();
  67 + var $_dITContentRules = array();
  68 + var $_dITStructureRules = array();
  69 + var $_nameForms = array();
  70 + /**#@-*/
  71 +
  72 + /**
  73 + * hash of all fetched oids
  74 + *
  75 + * @access private
  76 + * @var array
  77 + */
  78 + var $_oids = array();
  79 +
  80 + /**
  81 + * constructor of the class
  82 + *
  83 + * @access protected
  84 + */
  85 + function Net_LDAP_Schema()
  86 + {
  87 + $this->PEAR('Net_LDAP_Error'); // default error class
  88 + }
  89 +
  90 + /**
  91 + * Return a hash of entries for the given type
  92 + *
  93 + * Returns a hash of entry for th givene type. Types may be:
  94 + * objectclasses, attributes, ditcontentrules, ditstructurerules, matchingrules,
  95 + * matchingruleuses, nameforms, syntaxes
  96 + *
  97 + * @access public
  98 + * @param string Type to fetch
  99 + * @return mixed Array or Net_LDAP_Error
  100 + */
  101 + function &getAll($type)
  102 + {
  103 + $map = array('objectclasses' => &$this->_objectClasses,
  104 + 'attributes' => &$this->_attributeTypes,
  105 + 'ditcontentrules' => &$this->_dITContentRules,
  106 + 'ditstructurerules' => &$this->_dITStructureRules,
  107 + 'matchingrules' => &$this->_matchingRules,
  108 + 'matchingruleuses' => &$this->_matchingRuleUse,
  109 + 'nameforms' => &$this->_nameForms,
  110 + 'syntaxes' => &$this->_ldapSyntaxes );
  111 +
  112 + $key = strtolower($type);
  113 + return ((key_exists($key, $map)) ? $map[$key] : $this->raiseError("Unknown type $type"));
  114 + }
  115 +
  116 + /**
  117 + * Return a specific entry
  118 + *
  119 + * @access public
  120 + * @param string Type of name
  121 + * @param string Name or OID to fetch
  122 + * @return mixed Entry or Net_LDAP_Error
  123 + */
  124 + function &get($type, $name)
  125 + {
  126 + $type = strtolower($type);
  127 + if (false == key_exists($type, $this->types)) {
  128 + return $this->raiseError("No such type $type");
  129 + }
  130 +
  131 + $name = strtolower($name);
  132 + $type_var = &$this->{'_' . $this->types[$type]};
  133 +
  134 + if( key_exists($name, $type_var)) {
  135 + return $type_var[$name];
  136 + } elseif(key_exists($name, $this->_oids) && $this->_oids[$name]['type'] == $type) {
  137 + return $this->_oids[$name];
  138 + } else {
  139 + return $this->raiseError("Could not find $type $name");
  140 + }
  141 + }
  142 +
  143 +
  144 + /**
  145 + * Fetches attributes that MAY be present in the given objectclass
  146 + *
  147 + * @access public
  148 + * @param string Name or OID of objectclass
  149 + * @return mixed Array with attributes or Net_LDAP_Error
  150 + */
  151 + function may($oc)
  152 + {
  153 + return $this->_getAttr($oc, 'may');
  154 + }
  155 +
  156 + /**
  157 + * Fetches attributes that MUST be present in the given objectclass
  158 + *
  159 + * @access public
  160 + * @param string Name or OID of objectclass
  161 + * @return mixed Array with attributes or Net_LDAP_Error
  162 + */
  163 + function must($oc)
  164 + {
  165 + return $this->_getAttr($oc, 'must');
  166 + }
  167 +
  168 + /**
  169 + * Fetches the given attribute from the given objectclass
  170 + *
  171 + * @access private
  172 + * @param string Name or OID of objectclass
  173 + * @param string Name of attribute to fetch
  174 + * @return mixed The attribute or Net_LDAP_Error
  175 + */
  176 + function _getAttr($oc, $attr)
  177 + {
  178 + $oc = strtolower($oc);
  179 + if (key_exists($oc, $this->_objectClasses) && key_exists($attr, $this->_objectClasses[$oc])) {
  180 + return $this->_objectClasses[$oc][$attr];
  181 + }
  182 + elseif (key_exists($oc, $this->_oids) &&
  183 + $this->_oids[$oc]['type'] == 'objectclass' &&
  184 + key_exists($attr, $this->_oids[$oc])) {
  185 + return $this->_oids[$oc][$attr];
  186 + } else {
  187 + return $this->raiseError("Could not find $attr attributes for $oc ");
  188 + }
  189 + }
  190 +
  191 + /**
  192 + * Returns the name(s) of the immediate superclass(es)
  193 + *
  194 + * @param string Name or OID of objectclass
  195 + * @return mixed Array of names or Net_LDAP_Error
  196 + */
  197 + function superclass($oc)
  198 + {
  199 + $o = $this->get('objectclass', $oc);
  200 + if (Net_LDAP::isError($o)) {
  201 + return $o;
  202 + }
  203 + return (key_exists('sup', $o) ? $o['sup'] : array());
  204 + }
  205 +
  206 + /**
  207 + * Parses the schema of the given Subschema entry
  208 + *
  209 + * @access public
  210 + * @param object Net_LDAP_Entry Subschema entry
  211 + */
  212 + function parse(&$entry)
  213 + {
  214 + foreach ($this->types as $type => $attr)
  215 + {
  216 + // initialize map type to entry
  217 + $type_var = '_' . $attr;
  218 + $this->{$type_var} = array();
  219 +
  220 + // get values for this type
  221 + $values = $entry->get_value($attr);
  222 +
  223 + if (is_array($values))
  224 + {
  225 + foreach ($values as $value) {
  226 +
  227 + unset($schema_entry); // this was a real mess without it
  228 +
  229 + // get the schema entry
  230 + $schema_entry = $this->_parse_entry($value);
  231 +
  232 + // set the type
  233 + $schema_entry['type'] = $type;
  234 +
  235 + // save a ref in $_oids
  236 + $this->_oids[$schema_entry['oid']] =& $schema_entry;
  237 +
  238 + // save refs for all names in type map
  239 + $names = $schema_entry['aliases'];
  240 + array_push($names, $schema_entry['name']);
  241 + foreach ($names as $name) {
  242 + $this->{$type_var}[strtolower($name)] =& $schema_entry;
  243 + }
  244 + }
  245 + }
  246 + }
  247 + }
  248 +
  249 + /**
  250 + * parses an attribute value into a schema entry
  251 + *
  252 + * @access private
  253 + * @param string Attribute value
  254 + * @return mixed Schema entry array or false
  255 + */
  256 + function &_parse_entry($value)
  257 + {
  258 + // tokens that have no value associated
  259 + $noValue = array('single-value',
  260 + 'obsolete',
  261 + 'collective',
  262 + 'no-user-modification',
  263 + 'abstract',
  264 + 'structural',
  265 + 'auxiliary');
  266 +
  267 + // tokens that can have multiple values
  268 + $multiValue = array('must', 'may', 'sup');
  269 +
  270 + $schema_entry = array('aliases' => array()); // initilization
  271 +
  272 + $tokens = $this->_tokenize($value); // get an array of tokens
  273 +
  274 + // remove surrounding brackets
  275 + if ($tokens[0] == '(') array_shift($tokens);
  276 + if ($tokens[count($tokens) - 1] == ')') array_pop($tokens); // -1 doesnt work on arrays :-(
  277 +
  278 + $schema_entry['oid'] = array_shift($tokens); // first token is the oid
  279 +
  280 + // cycle over the tokens until none are left
  281 + while (count($tokens) > 0) {
  282 + $token = strtolower(array_shift($tokens));
  283 + if (in_array($token, $noValue)) {
  284 + $schema_entry[$token] = 1; // single value token
  285 + } else {
  286 + // this one follows a string or a list if it is multivalued
  287 + if (($schema_entry[$token] = array_shift($tokens)) == '(') {
  288 + // this creates the list of values and cycles through the tokens
  289 + // until the end of the list is reached ')'
  290 + $schema_entry[$token] = array();
  291 + while ($tmp = array_shift($tokens)) {
  292 + if ($tmp == ')') break;
  293 + if ($tmp != '$') array_push($schema_entry[$token], $tmp);
  294 + }
  295 + }
  296 + // create a array if the value should be multivalued but was not
  297 + if (in_array($token, $multiValue ) && !is_array($schema_entry[$token])) {
  298 + $schema_entry[$token] = array($schema_entry[$token]);
  299 + }
  300 + }
  301 + }
  302 + // get max length from syntax
  303 + if (key_exists('syntax', $schema_entry)) {
  304 + if (preg_match('/{(\d+)}/', $schema_entry['syntax'], $matches)) {
  305 + $schema_entry['max_length'] = $matches[1];
  306 + }
  307 + }
  308 + // force a name
  309 + if (empty($schema_entry['name'])) {
  310 + $schema_entry['name'] = $schema_entry['oid'];
  311 + }
  312 + // make one name the default and put the other ones into aliases
  313 + if (is_array($schema_entry['name'])) {
  314 + $aliases = $schema_entry['name'];
  315 + $schema_entry['name'] = array_shift($aliases);
  316 + $schema_entry['aliases'] = $aliases;
  317 + }
  318 + return $schema_entry;
  319 + }
  320 +
  321 + /**
  322 + * tokenizes the given value into an array of tokens
  323 + *
  324 + * @access private
  325 + * @param string String to parse
  326 + * @return array Array of tokens
  327 + */
  328 + function _tokenize($value)
  329 + {
  330 + $tokens = array(); // array of tokens
  331 + $matches = array(); // matches[0] full pattern match, [1,2,3] subpatterns
  332 +
  333 + // this one is taken from perl-ldap, modified for php
  334 + $pattern = "/\s* (?:([()]) | ([^'\s()]+) | '((?:[^']+|'[^\s)])*)') \s*/x";
  335 +
  336 + /**
  337 + * This one matches one big pattern wherin only one of the three subpatterns matched
  338 + * We are interested in the subpatterns that matched. If it matched its value will be
  339 + * non-empty and so it is a token. Tokens may be round brackets, a string, or a string
  340 + * enclosed by '
  341 + */
  342 + preg_match_all($pattern, $value, $matches);
  343 +
  344 + for ($i = 0; $i < count($matches[0]); $i++) { // number of tokens (full pattern match)
  345 + for ($j = 1; $j < 4; $j++) { // each subpattern
  346 + if (null != trim($matches[$j][$i])) { // pattern match in this subpattern
  347 + $tokens[$i] = trim($matches[$j][$i]); // this is the token
  348 + }
  349 + }
  350 + }
  351 + return $tokens;
  352 + }
  353 + }
  354 +
  355 +?>
0 \ No newline at end of file 356 \ No newline at end of file
thirdparty/pear/Net/LDAP/Search.php 0 → 100644
  View file @4c8280f
  1 +<?php
  2 +/* vim: set expandtab tabstop=4 shiftwidth=4: */
  3 +// +--------------------------------------------------------------------------+
  4 +// | Net_LDAP |
  5 +// +--------------------------------------------------------------------------+
  6 +// | Copyright (c) 1997-2003 The PHP Group |
  7 +// +--------------------------------------------------------------------------+
  8 +// | This library is free software; you can redistribute it and/or |
  9 +// | modify it under the terms of the GNU Lesser General Public |
  10 +// | License as published by the Free Software Foundation; either |
  11 +// | version 2.1 of the License, or (at your option) any later version. |
  12 +// | |
  13 +// | This library is distributed in the hope that it will be useful, |
  14 +// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
  15 +// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
  16 +// | Lesser General Public License for more details. |
  17 +// | |
  18 +// | You should have received a copy of the GNU Lesser General Public |
  19 +// | License along with this library; if not, write to the Free Software |
  20 +// | Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
  21 +// +--------------------------------------------------------------------------+
  22 +// | Authors: Tarjej Huse |
  23 +// +--------------------------------------------------------------------------+
  24 +//
  25 +// $Id$
  26 +
  27 +/**
  28 + * Result set of an LDAP search
  29 + *
  30 + * @author Tarjei Huse
  31 + * @version $Revision$
  32 + * @package Net_LDAP
  33 + */
  34 +class Net_LDAP_Search extends PEAR
  35 +{
  36 + /**
  37 + * Search result identifier
  38 + *
  39 + * @access private
  40 + * @var resource
  41 + */
  42 + var $_search;
  43 +
  44 + /**
  45 + * LDAP resource link
  46 + *
  47 + * @access private
  48 + * @var resource
  49 + */
  50 + var $_link;
  51 +
  52 + /**
  53 + * Array of entries
  54 + *
  55 + * @access private
  56 + * @var array
  57 + */
  58 + var $_entries = array();
  59 +
  60 + /**
  61 + * Result entry identifier
  62 + *
  63 + * @access private
  64 + * @var resource
  65 + */
  66 + var $_elink = null;
  67 +
  68 + /**
  69 + * The errorcode the search got
  70 + *
  71 + * Some errorcodes might be of interest, but might not be best handled as errors.
  72 + * examples: 4 - LDAP_SIZELIMIT_EXCEEDED - indecates a huge search.
  73 + * Incomplete results are returned. If you just want to check if there's anything in the search.
  74 + * than this is a point to handle.
  75 + * 32 - no such object - search here returns a count of 0.
  76 + *
  77 + * @access private
  78 + * @var int
  79 + */
  80 + var $_errorCode = 0; // if not set - sucess!
  81 +
  82 + /**
  83 + * Constructor
  84 + *
  85 + * @access protected
  86 + * @param resource Search result identifier
  87 + * @param resource Link identifier
  88 + */
  89 + function Net_LDAP_Search (&$search, &$link)
  90 + {
  91 + $this->_setSearch($search, $link);
  92 + $this->_errorCode = ldap_errno($link);
  93 + }
  94 +
  95 + /**
  96 + * Returns an assosiative array of entry objects
  97 + *
  98 + * @return array Array of entry objects.
  99 + */
  100 + function entries()
  101 + {
  102 + if ($this->count() == 0) {
  103 + return array();
  104 + }
  105 +
  106 + $this->_elink = @ldap_first_entry( $this->_link,$this->_search);
  107 + $entry = new Net_LDAP_Entry($this->_link,
  108 + @ldap_get_dn($this->_link, $this->_elink),
  109 + @ldap_get_attributes($this->_link, $this->_elink));
  110 + array_push($this->_entries, $entry);
  111 +
  112 + while ($this->_elink = @ldap_next_entry($this->_link,$this->_elink)) {
  113 + $entry = new Net_LDAP_Entry($this->_link,
  114 + @ldap_get_dn($this->_link, $this->_elink),
  115 + @ldap_get_attributes($this->_link, $this->_elink));
  116 + array_push($this->_entries, $entry);
  117 + }
  118 + return $this->_entries;
  119 + }
  120 +
  121 + /**
  122 + * Get the next entry in the searchresult.
  123 + *
  124 + * @return mixed Net_LDAP_Entry object or false
  125 + */
  126 + function shiftEntry()
  127 + {
  128 + if ($this->count() == 0 ) {
  129 + return false;
  130 + }
  131 +
  132 + if (is_null($this->_elink)) {
  133 + $this->_elink = @ldap_first_entry($this->_link, $this->_search);
  134 + $entry = new Net_LDAP_Entry($this->_link,
  135 + ldap_get_dn($this->_link, $this->_elink),
  136 + ldap_get_attributes($this->_link, $this->_elink));
  137 + } else {
  138 + if (!$this->_elink = ldap_next_entry($this->_link, $this->_elink)) {
  139 + return false;
  140 + }
  141 + $entry = new Net_LDAP_Entry($this->_link,
  142 + ldap_get_dn($this->_link,$this->_elink),
  143 + ldap_get_attributes($this->_link,$this->_elink));
  144 + }
  145 + return $entry;
  146 + }
  147 +
  148 + /**
  149 + * alias function of shiftEntry() for perl-ldap interface
  150 + *
  151 + * @see shiftEntry()
  152 + */
  153 + function shift_entry()
  154 + {
  155 + $args = func_get_args();
  156 + return call_user_func_array(array($this, 'shiftEntry'), $args);
  157 + }
  158 +
  159 + /**
  160 + * Retrieve the last entry of the searchset. NOT IMPLEMENTED
  161 + *
  162 + * @return object Net_LDAP_Error
  163 + */
  164 + function pop_entry ()
  165 + {
  166 + $this->raiseError("Not implemented");
  167 + }
  168 +
  169 + /**
  170 + * Return entries sorted NOT IMPLEMENTED
  171 + *
  172 + * @param array Array of sort attributes
  173 + * @return object Net_LDAP_Error
  174 + */
  175 + function sorted ($attrs = array())
  176 + {
  177 + $this->raiseError("Not impelented");
  178 + }
  179 +
  180 + /**
  181 + * Return entries as object NOT IMPLEMENTED
  182 + *
  183 + * @return object Net_LDAP_Error
  184 + */
  185 + function as_struct ()
  186 + {
  187 + $this->raiseError("Not implemented");
  188 + }
  189 +
  190 + /**
  191 + * Set the searchobjects resourcelinks
  192 + *
  193 + * @access private
  194 + * @param resource Search result identifier
  195 + * @param resource Resource link identifier
  196 + */
  197 + function _setSearch(&$search,&$link)
  198 + {
  199 + $this->_search = $search;
  200 + $this->_link = $link;
  201 + }
  202 +
  203 + /**
  204 + * Returns the number of entries in the searchresult
  205 + *
  206 + * @return int Number of entries in search.
  207 + */
  208 + function count()
  209 + {
  210 + /* this catches the situation where OL returned errno 32 = no such object! */
  211 + if (!$this->_search) {
  212 + return 0;
  213 + }
  214 + return @ldap_count_entries($this->_link, $this->_search);
  215 + }
  216 +
  217 + /**
  218 + * Get the errorcode the object got in its search.
  219 + *
  220 + * @return int The ldap error number.
  221 + */
  222 + function getErrorCode()
  223 + {
  224 + return $this->_errorCode;
  225 + }
  226 +
  227 + /** Destructor
  228 + *
  229 + * @access protected
  230 + */
  231 + function _Net_LDAP_Search()
  232 + {
  233 + @ldap_free_result($this->_search);
  234 + }
  235 +
  236 + /**
  237 + * Closes search result
  238 + */
  239 + function done()
  240 + {
  241 + $this->_Net_LDAP_Search();
  242 + }
  243 +}
  244 +
  245 +?>
thirdparty/pear/Net/LDAP/Util.php 0 → 100644
  View file @4c8280f
  1 +<?php
  2 +/* vim: set expandtab tabstop=4 shiftwidth=4: */
  3 +// +--------------------------------------------------------------------------+
  4 +// | Net_LDAP |
  5 +// +--------------------------------------------------------------------------+
  6 +// | Copyright (c) 1997-2003 The PHP Group |
  7 +// +--------------------------------------------------------------------------+
  8 +// | This library is free software; you can redistribute it and/or |
  9 +// | modify it under the terms of the GNU Lesser General Public |
  10 +// | License as published by the Free Software Foundation; either |
  11 +// | version 2.1 of the License, or (at your option) any later version. |
  12 +// | |
  13 +// | This library is distributed in the hope that it will be useful, |
  14 +// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
  15 +// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
  16 +// | Lesser General Public License for more details. |
  17 +// | |
  18 +// | You should have received a copy of the GNU Lesser General Public |
  19 +// | License along with this library; if not, write to the Free Software |
  20 +// | Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
  21 +// +--------------------------------------------------------------------------+
  22 +// | Authors: Jan Wagner |
  23 +// +--------------------------------------------------------------------------+
  24 +//
  25 +// $Id$
  26 +
  27 +/**
  28 + * Utility Class for Net_LDAP
  29 + *
  30 + * @package Net_LDAP
  31 + * @author Jan Wagner <wagner@netsols.de>
  32 + * @version $Revision$
  33 + */
  34 +class Net_LDAP_Util extends PEAR
  35 +{
  36 + /**
  37 + * Reference to LDAP object
  38 + *
  39 + * @access private
  40 + * @var object Net_LDAP
  41 + */
  42 + var $_ldap = null;
  43 +
  44 + /**
  45 + * Net_LDAP_Schema object
  46 + *
  47 + * @access private
  48 + * @var object Net_LDAP_Schema
  49 + */
  50 + var $_schema = null;
  51 +
  52 + /**
  53 + * Constructur
  54 + *
  55 + * Takes an LDAP object by reference and saves it. Then the schema will be fetched.
  56 + *
  57 + * @access public
  58 + * @param object Net_LDAP
  59 + */
  60 + function Net_LDAP_Util(&$ldap)
  61 + {
  62 + if (is_object($ldap) && (strtolower(get_class($ldap)) == 'net_ldap')) {
  63 + $this->_ldap = $ldap;
  64 + $this->_schema = $this->_ldap->schema();
  65 + if (Net_LDAP::isError($this->_schema)) $this->_schema = null;
  66 + }
  67 + }
  68 +
  69 + /**
  70 + * Encodes given attributes to UTF8 if needed
  71 + *
  72 + * This function takes attributes in an array and then checks against the schema if they need
  73 + * UTF8 encoding. If that is so, they will be encoded. An encoded array will be returned and
  74 + * can be used for adding or modifying.
  75 + *
  76 + * @access public
  77 + * @param array Array of attributes
  78 + * @return array Array of UTF8 encoded attributes
  79 + */
  80 + function utf8Encode($attributes)
  81 + {
  82 + return $this->_utf8($attributes, 'utf8_encode');
  83 + }
  84 +
  85 + /**
  86 + * Decodes the given attribute values
  87 + *
  88 + * @access public
  89 + * @param array Array of attributes
  90 + * @return array Array with decoded attribute values
  91 + */
  92 + function utf8Decode($attributes)
  93 + {
  94 + return $this->_utf8($attributes, 'utf8_decode');
  95 + }
  96 +
  97 + /**
  98 + * Encodes or decodes attribute values if needed
  99 + *
  100 + * @access private
  101 + * @param array Array of attributes
  102 + * @param array Function to apply to attribute values
  103 + * @return array Array of attributes with function applied to values
  104 + */
  105 + function _utf8($attributes, $function)
  106 + {
  107 + if (!$this->_ldap || !$this->_schema || !function_exists($function)) {
  108 + return $attributes;
  109 + }
  110 + if (is_array($attributes) && count($attributes) > 0) {
  111 + foreach( $attributes as $k => $v ) {
  112 + $attr = $this->_schema->get('attribute', $k);
  113 + if (Net_LDAP::isError($attr)) {
  114 + continue;
  115 + }
  116 + if (false !== strpos($attr['syntax'], '1.3.6.1.4.1.1466.115.121.1.15')) {
  117 + if (is_array($v)) {
  118 + foreach ($v as $ak => $av ) {
  119 + $v[$ak] = call_user_func($function, $av );
  120 + }
  121 + } else {
  122 + $v = call_user_func($function, $v);
  123 + }
  124 + }
  125 + $attributes[$k] = $v;
  126 + }
  127 + }
  128 + return $attributes;
  129 + }
  130 +}
  131 +
  132 +?>
thirdparty/pear/Net/LDAP/fg.php 0 → 100644
  View file @4c8280f
  1 +<?php
  2 +
  3 +require_once('../../../../config/dmsDefaults.php');
  4 +require_once(KT_LIB_DIR . '/authentication/authenticationutil.inc.php');
  5 +require_once(KT_LIB_DIR . '/authentication/authenticationsource.inc.php');
  6 +
  7 +require_once('Net/LDAP.php');
  8 +
  9 +$oKTConfig =& KTConfig::getSingleton();
  10 +
  11 +$oAuthenticator = KTAuthenticationUtil::getAuthenticatorForSource(2);
  12 +
  13 +$config = array(
  14 + 'dn' => $oAuthenticator->sSearchUser,
  15 + 'password' => $oAuthenticator->sSearchPassword,
  16 + 'host' => $oAuthenticator->sLdapServer,
  17 + 'base' => $oAuthenticator->sBaseDN,
  18 +);
  19 +
  20 +$oLdap =& Net_LDAP::connect($config);
  21 +if (PEAR::isError($oLdap)) {
  22 + var_dump($oLdap);
  23 + exit(0);
  24 +}
  25 +
  26 +$aParams = array(
  27 + 'scope' => 'sub',
  28 + 'attributes' => array('cn', 'dn', 'displayClass'),
  29 +);
  30 +$rootDn = $oAuthenticator->sBaseDN;
  31 +if (is_array($rootDn)) {
  32 + $rootDn = join(",", $rootDn);
  33 +}
  34 +$oResults = $oLdap->search($rootDn, '(objectClass=group)', $aParams);
  35 +foreach ($oResults->entries() as $oEntry) {
  36 + var_dump($oEntry->dn());
  37 +}
  38 +