| [ Index ] |
PHP Cross Reference of Joomla 1.5.26 DE |
[Summary view] [Print] [Text view]
1 <?php 2 3 /** 4 * @version $Id: ldap.php 14401 2010-01-26 14:10:00Z louis $ 5 * @package Joomla.Framework 6 * @subpackage Client 7 * @copyright Copyright (C) 2005 - 2010 Open Source Matters. All rights reserved. 8 * @license GNU/GPL, see LICENSE.php 9 * Joomla! is free software and parts of it may contain or be derived from the 10 * GNU General Public License or other free or open source software licenses. 11 * See COPYRIGHT.php for copyright notices and details. 12 */ 13 14 /** 15 * LDAP client class 16 * 17 * @package Joomla.Framework 18 * @subpackage Client 19 * @since 1.5 20 */ 21 22 // no direct access 23 defined('_JEXEC') or die('Restricted access'); 24 25 class JLDAP extends JObject 26 { 27 /** @var string Hostname of LDAP server 28 @access public */ 29 var $host = null; 30 /** @var bool Authorization Method to use 31 @access public */ 32 var $auth_method = null; 33 /** @var int Port of LDAP server 34 @access public */ 35 var $port = null; 36 /** @var string Base DN (e.g. o=MyDir) 37 @access public */ 38 var $base_dn = null; 39 /** @var string User DN (e.g. cn=Users,o=MyDir) 40 @access public */ 41 var $users_dn = null; 42 /** @var string Search String 43 @access public */ 44 var $search_string = null; 45 /** @var boolean Use LDAP Version 3 46 @access public */ 47 var $use_ldapV3 = null; 48 /** @var boolean No referrals (server transfers) 49 @access public */ 50 var $no_referrals = null; 51 /** @var boolean Negotiate TLS (encrypted communications) 52 @access public */ 53 var $negotiate_tls = null; 54 55 /** @var string Username to connect to server 56 @access public */ 57 var $username = null; 58 /** @var string Password to connect to server 59 @access public */ 60 var $password = null; 61 62 /** @var mixed LDAP Resource Identifier 63 @access private */ 64 var $_resource = null; 65 /** @var string Current DN 66 @access private */ 67 var $_dn = null; 68 69 /** 70 * Constructor 71 * 72 * @param object An object of configuration variables 73 * @access public 74 */ 75 function __construct($configObj = null) 76 { 77 if (is_object($configObj)) 78 { 79 $vars = get_class_vars(get_class($this)); 80 foreach (array_keys($vars) as $var) 81 { 82 if (substr($var, 0, 1) != '_') { 83 if ($param = $configObj->get($var)) { 84 $this-> $var = $param; 85 } 86 } 87 } 88 } 89 } 90 91 /** 92 * Connect to server 93 * @return boolean True if successful 94 * @access public 95 */ 96 function connect() 97 { 98 if ($this->host == '') { 99 return false; 100 } 101 $this->_resource = @ ldap_connect($this->host, $this->port); 102 if ($this->_resource) 103 { 104 if ($this->use_ldapV3) { 105 if (!@ldap_set_option($this->_resource, LDAP_OPT_PROTOCOL_VERSION, 3)) { 106 return false; 107 } 108 } 109 if (!@ldap_set_option($this->_resource, LDAP_OPT_REFERRALS, intval($this->no_referrals))) { 110 return false; 111 } 112 if ($this->negotiate_tls) { 113 if (!@ldap_start_tls($this->_resource)) { 114 return false; 115 } 116 } 117 return true; 118 } else { 119 return false; 120 } 121 } 122 123 /** 124 * Close the connection 125 * @access public 126 */ 127 function close() { 128 @ ldap_close($this->_resource); 129 } 130 131 /** 132 * Sets the DN with some template replacements 133 * 134 * @param string The username 135 * @access public 136 */ 137 function setDN($username,$nosub = 0) 138 { 139 if ($this->users_dn == '' || $nosub) { 140 $this->_dn = $username; 141 } else if(strlen($username)) { 142 $this->_dn = str_replace('[username]', $username, $this->users_dn); 143 } else { 144 $this->_dn = ''; 145 } 146 } 147 148 /** 149 * @return string The current dn 150 * @access public 151 */ 152 function getDN() { 153 return $this->_dn; 154 } 155 156 /** 157 * Anonymously Binds to LDAP Directory 158 */ 159 function anonymous_bind() 160 { 161 $bindResult = @ldap_bind($this->_resource); 162 return $bindResult; 163 } 164 165 /** 166 * Binds to the LDAP directory 167 * 168 * @param string The username 169 * @param string The password 170 * @return boolean Result 171 * @access public 172 */ 173 function bind($username = null, $password = null, $nosub = 0) 174 { 175 if (is_null($username)) { 176 $username = $this->username; 177 } 178 if (is_null($password)) { 179 $password = $this->password; 180 } 181 $this->setDN($username,$nosub); 182 //if(strlen($this->getDN())) 183 $bindResult = @ldap_bind($this->_resource, $this->getDN(), $password); 184 return $bindResult; 185 } 186 187 /** 188 * Perform an LDAP search using comma seperated search strings 189 * 190 * @param string search string of search values 191 */ 192 function simple_search($search) 193 { 194 $results = explode(';', $search); 195 foreach($results as $key=>$result) { 196 $results[$key] = '('.$result.')'; 197 } 198 return $this->search($results); 199 } 200 201 202 /** 203 * Perform an LDAP search 204 * 205 * @param array Search Filters (array of strings) 206 * @param string DN Override 207 * @return array Multidimensional array of results 208 * @access public 209 */ 210 function search($filters, $dnoverride = null) 211 { 212 $attributes = array (); 213 if ($dnoverride) { 214 $dn = $dnoverride; 215 } else { 216 $dn = $this->base_dn; 217 } 218 219 $resource = $this->_resource; 220 221 foreach ($filters as $search_filter) 222 { 223 $search_result = @ldap_search($resource, $dn, $search_filter); 224 if ($search_result && ($count = @ldap_count_entries($resource, $search_result)) > 0) 225 { 226 for ($i = 0; $i < $count; $i++) 227 { 228 $attributes[$i] = Array (); 229 if (!$i) { 230 $firstentry = @ldap_first_entry($resource, $search_result); 231 } else { 232 $firstentry = @ldap_next_entry($resource, $firstentry); 233 } 234 $attributes_array = @ldap_get_attributes($resource, $firstentry); // load user-specified attributes 235 // ldap returns an array of arrays, fit this into attributes result array 236 foreach ($attributes_array as $ki => $ai) 237 { 238 if (is_array($ai)) 239 { 240 $subcount = $ai['count']; 241 $attributes[$i][$ki] = Array (); 242 for ($k = 0; $k < $subcount; $k++) { 243 $attributes[$i][$ki][$k] = $ai[$k]; 244 } 245 } 246 } 247 $attributes[$i]['dn'] = @ldap_get_dn($resource, $firstentry); 248 } 249 } 250 } 251 return $attributes; 252 } 253 254 /** 255 * Replace an entry and return a true or false result 256 * 257 * @param string dn The DN which contains the attribute you want to replace 258 * @param string attribute The attribute values you want to replace 259 * @return mixed result of comparison (true, false, -1 on error) 260 */ 261 262 function replace($dn, $attribute) { 263 return @ldap_mod_replace($this->_resource, $dn, $attribute); 264 } 265 266 267 /** 268 * Modifies an entry and return a true or false result 269 * 270 * @param string dn The DN which contains the attribute you want to modify 271 * @param string attribute The attribute values you want to modify 272 * @return mixed result of comparison (true, false, -1 on error) 273 */ 274 function modify($dn, $attribute) { 275 return @ldap_modify($this->_resource, $dn, $attribute); 276 } 277 278 /** 279 * Removes attribute value from given dn and return a true or false result 280 * 281 * @param string dn The DN which contains the attribute you want to remove 282 * @param string attribute The attribute values you want to remove 283 * @return mixed result of comparison (true, false, -1 on error) 284 */ 285 function remove($dn, $attribute) 286 { 287 $resource = $this->_resource; 288 return @ldap_mod_del($resource, $dn, $attribute); 289 } 290 291 /** 292 * Compare an entry and return a true or false result 293 * 294 * @param string dn The DN which contains the attribute you want to compare 295 * @param string attribute The attribute whose value you want to compare 296 * @param string value The value you want to check against the LDAP attribute 297 * @return mixed result of comparison (true, false, -1 on error) 298 * @access public 299 */ 300 function compare($dn, $attribute, $value) { 301 return @ldap_compare($this->_resource, $dn, $attribute, $value); 302 } 303 304 /** 305 * Read all or specified attributes of given dn 306 * 307 * @param string dn The DN of the object you want to read 308 * @param string attribute The attribute values you want to read (Optional) 309 * @return array of attributes or -1 on error 310 * @access public 311 */ 312 function read($dn, $attribute = array()) 313 { 314 $base = substr($dn,strpos($dn,',')+1); 315 $cn = substr($dn,0,strpos($dn,',')); 316 $result = @ldap_read($this->_resource, $base, $cn); 317 318 if ($result) { 319 return @ldap_get_entries($this->_resource, $result); 320 } else { 321 return $result; 322 } 323 } 324 325 /** 326 * Deletes a given DN from the tree 327 * 328 * @param string dn The DN of the object you want to delete 329 * @return bool result of operation 330 * @access public 331 */ 332 function delete($dn) { 333 return @ldap_delete($this->_resource, $dn); 334 } 335 336 /** 337 * Create a new DN 338 * 339 * @param string dn The DN where you want to put the object 340 * @param array entries An array of arrays describing the object to add 341 * @return bool result of operation 342 */ 343 function create($dn, $entries) { 344 return @ldap_add($this->_resource, $dn, $entries); 345 } 346 347 /** 348 * Add an attribute to the given DN 349 * Note: DN has to exist already 350 * 351 * @param string dn The DN of the entry to add the attribute 352 * @param array entry An array of arrays with attributes to add 353 * @return bool Result of operation 354 */ 355 function add($dn, $entry) { 356 return @ldap_mod_add($this->_resource, $dn, $entry); 357 } 358 359 /** 360 * Rename the entry 361 * 362 * @param string dn The DN of the entry at the moment 363 * @param string newdn The DN of the entry should be (only cn=newvalue) 364 * @param string newparent The full DN of the parent (null by default) 365 * @param bool deleteolddn Delete the old values (default) 366 * @return bool Result of operation 367 */ 368 function rename($dn, $newdn, $newparent, $deleteolddn) { 369 return @ldap_rename($this->_resource, $dn, $newdn, $newparent, $deleteolddn); 370 } 371 372 /** 373 * Returns the error message 374 * 375 * @return string error message 376 */ 377 function getErrorMsg() { 378 return @ldap_error($this->_resource); 379 } 380 381 /** 382 * Converts a dot notation IP address to net address (e.g. for Netware, etc) 383 * 384 * @param string IP Address (e.g. xxx.xxx.xxx.xxx) 385 * @return string Net address 386 * @access public 387 */ 388 function ipToNetAddress($ip) 389 { 390 $parts = explode('.', $ip); 391 $address = '1#'; 392 393 foreach ($parts as $int) { 394 $tmp = dechex($int); 395 if (strlen($tmp) != 2) { 396 $tmp = '0' . $tmp; 397 } 398 $address .= '\\' . $tmp; 399 } 400 return $address; 401 } 402 403 /** 404 * extract readable network address from the LDAP encoded networkAddress attribute. 405 * @author Jay Burrell, Systems & Networks, Mississippi State University 406 * Please keep this document block and author attribution in place. 407 * 408 * Novell Docs, see: http://developer.novell.com/ndk/doc/ndslib/schm_enu/data/sdk5624.html#sdk5624 409 * for Address types: http://developer.novell.com/ndk/doc/ndslib/index.html?page=/ndk/doc/ndslib/schm_enu/data/sdk4170.html 410 * LDAP Format, String: 411 * taggedData = uint32String "#" octetstring 412 * byte 0 = uint32String = Address Type: 0= IPX Address; 1 = IP Address 413 * byte 1 = char = "#" - separator 414 * byte 2+ = octetstring - the ordinal value of the address 415 * Note: with eDirectory 8.6.2, the IP address (type 1) returns 416 * correctly, however, an IPX address does not seem to. eDir 8.7 may correct this. 417 * Enhancement made by Merijn van de Schoot: 418 * If addresstype is 8 (UDP) or 9 (TCP) do some additional parsing like still returning the IP address 419 */ 420 function LDAPNetAddr($networkaddress) 421 { 422 $addr = ""; 423 $addrtype = intval(substr($networkaddress, 0, 1)); 424 $networkaddress = substr($networkaddress, 2); // throw away bytes 0 and 1 which should be the addrtype and the "#" separator 425 426 if (($addrtype == 8) || ($addrtype = 9)) { 427 // TODO 1.6: If UDP or TCP, (TODO fill addrport and) strip portnumber information from address 428 $networkaddress = substr($networkaddress, (strlen($networkaddress)-4)); 429 } 430 431 $addrtypes = array ( 432 'IPX', 433 'IP', 434 'SDLC', 435 'Token Ring', 436 'OSI', 437 'AppleTalk', 438 'NetBEUI', 439 'Socket', 440 'UDP', 441 'TCP', 442 'UDP6', 443 'TCP6', 444 'Reserved (12)', 445 'URL', 446 'Count' 447 ); 448 $len = strlen($networkaddress); 449 if ($len > 0) 450 { 451 for ($i = 0; $i < $len; $i += 1) 452 { 453 $byte = substr($networkaddress, $i, 1); 454 $addr .= ord($byte); 455 if ( ($addrtype == 1) || ($addrtype == 8) || ($addrtype = 9) ) { // dot separate IP addresses... 456 $addr .= "."; 457 } 458 } 459 if ( ($addrtype == 1) || ($addrtype == 8) || ($addrtype = 9) ) { // strip last period from end of $addr 460 $addr = substr($addr, 0, strlen($addr) - 1); 461 } 462 } else { 463 $addr .= "address not available."; 464 } 465 return Array('protocol'=>$addrtypes[$addrtype], 'address'=>$addr); 466 } 467 468 /** 469 * Generates a LDAP compatible password 470 * 471 * @param string password Clear text password to encrypt 472 * @param string type Type of password hash, either md5 or SHA 473 * @return string encrypted password 474 */ 475 function generatePassword($password, $type='md5') { 476 $userpassword = ''; 477 switch(strtolower($type)) { 478 case 'sha': 479 $userpassword = '{SHA}' . base64_encode( pack( 'H*', sha1( $password ) ) ); 480 case 'md5': 481 default: 482 $userpassword = '{MD5}' . base64_encode( pack( 'H*', md5( $password ) ) ); 483 break; 484 } 485 return $userpassword; 486 } 487 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Mar 28 15:54:07 2012 | Cross-referenced by PHPXref 0.7.1 |