templates/3rdParty/pla/lib/ds_myldap.php

Properties

Description

Classes and functions for communication of Data Stores

Classes

myldap

Properties

 
 
No 
No 

Description

This abstract class provides the basic variables and methods for LDAP datastores

Methods

MatchingRules, SchemaAttributes, SchemaObjectClasses, SchemaSyntaxes, __construct, connect, dnExists, escapeDN, explodeDN, getBaseDN, getContainer, getContainerContents, getContainerPath, getContainerTop, getDNAttrValue, getDNAttrValues, getErrorMessage, getErrorNum, getLoginBaseDN, getLoginClass, getLoginID, getRawSchema, getRootDSE, getSchemaAttribute, getSchemaDN, getSchemaObjectClass, isAnonBindAllowed, isAttrBinary, isAttrBoolean, isDNAttr, isForceMay, isJpegPhoto, isProxyEnabled, isSASLEnabled, isTLSEnabled, login, modify, query, startProxy, startSASL, startTLS, userIsAllowedLogin, userIsMember,

MatchingRules(   $method = null,   $dn = '', ) : n/a

Description

Returns an array of MatchingRule objects for the specified server.
The key of each entry is the OID of the matching rule.

Arguments

Name Type Description Default
$method n/a null
$dn n/a ''

Return value

Type Description
n/a n/a

SchemaAttributes(   $method = null, string   $dn = '', ) : array

Description

Gets an associative array of AttributeType objects for the specified server. Each array entry's key is the name of the attributeType in lower-case and the value is an AttributeType object.

Arguments

Name Type Description Default
$method n/a null
$dn string

(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).

''

Return value

Type Description
array An array of AttributeType objects.

SchemaObjectClasses(   $method = null, string   $dn = '', ) : array

Description

Gets an associative array of ObjectClass objects for the specified server. Each array entry's key is the name of the objectClass in lower-case and the value is an ObjectClass object.

Arguments

Name Type Description Default
$method n/a null
$dn string

(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).

''

Return value

Type Description
array An array of ObjectClass objects.

Tags

Name Description
see
see

SchemaSyntaxes(   $method = null,   $dn = '', ) : n/a

Description

Returns an array of Syntax objects that this LDAP server uses mapped to their descriptions. The key of each entry is the OID of the Syntax.

Arguments

Name Type Description Default
$method n/a null
$dn n/a ''

Return value

Type Description
n/a n/a

__construct(   $index, ) : n/a

Arguments

Name Type Description Default
$index n/a

Return value

Type Description
n/a n/a

connect(   $method,   $debug = false,   $new = false, ) : resource|null

Description

Connect and Bind to the Database

Arguments

Name Type Description Default
$method n/a
$debug n/a false
$new n/a false

Return value

Type Description
resource|null Connection resource if successful, null if not.

dnExists(   $dn,   $method = null, ) : boolean

Description

Gets whether an entry exists based on its DN. If the entry exists, returns true. Otherwise returns false.

Arguments

Name Type Description Default
$dn n/a
$method n/a null

Return value

Type Description
boolean

escapeDN(   $dn, ) : n/a

Description

Parse a DN and escape any special characters

Arguments

Name Type Description Default
$dn n/a

Return value

Type Description
n/a n/a

explodeDN(   $dn,   $with_attributes = 0, ) : array

Description

Explode a DN into an array of its RDN parts.

Arguments

Name Type Description Default
$dn n/a
$with_attributes n/a 0

Return value

Type Description
array An array of RDN parts of this format: <code> Array ( [0] => uid=ppratt [1] => ou=People [2] => dc=example [3] => dc=com ) </code> NOTE: When a multivalue RDN is passed to ldap_explode_dn, the results returns with 'value + value';

getBaseDN(   $method = null, ) : array

Description

Gets the root DN of the specified LDAPServer, or null if it can't find it (ie, the server won't give it to us, or it isnt specified in the configuration file).
Tested with OpenLDAP 2.0, Netscape iPlanet, and Novell eDirectory 8.7 (nldap.com) Please report any and all bugs!! Please note: On FC systems, it seems that php_ldap uses /etc/openldap/ldap.conf in the search base if it is blank - so edit that file and comment out the BASE line.

Arguments

Name Type Description Default
$method n/a null

Return value

Type Description
array dn|null The root DN of the server on success (string) or null on error.

Tags

Name Description
todo Sort the entries, so that they are in the correct DN order.

getContainer(   $dn, ) : string

Description

Given a DN string, this returns the parent container portion of the string.
For example. given 'cn=Manager,dc=example,dc=com', this function returns 'dc=example,dc=com'.

Arguments

Name Type Description Default
$dn n/a

Return value

Type Description
string The container

getContainerContents(   $dn,   $method = null,   $size_limit = 0,   $filter = '(objectClass=*)',   $deref = LDAP_DEREF_NEVER, ) : array

Description

Gets a list of child entries for an entry. Given a DN, this function fetches the list of DNs of child entries one level beneath the parent. For example, for the following tree:
dc=example,dc=com ou=People cn=Dave cn=Fred cn=Joe ou=More People cn=Mark cn=Bob Calling getContainerContents("ou=people,dc=example,dc=com") would return the following list: cn=Dave cn=Fred cn=Joe ou=More People

Arguments

Name Type Description Default
$dn n/a
$method n/a null
$size_limit n/a 0
$filter n/a '(objectClass=*)'
$deref n/a LDAP_DEREF_NEVER

Return value

Type Description
array An array of DN strings listing the immediate children of the specified entry.

getContainerPath(   $dn,   $path = '..', ) : string

Description

Given a DN string and a path like syntax, this returns the parent container portion of the string.

Arguments

Name Type Description Default
$dn n/a
$path n/a '..'

Return value

Type Description
string The container

getContainerTop(   $dn, ) : string

Description

Given a DN string, this returns the top container portion of the string.

Arguments

Name Type Description Default
$dn n/a

Return value

Type Description
string The container

getDNAttrValue(   $dn,   $attr,   $method = null,   $deref = LDAP_DEREF_NEVER, ) : array

Description

Much like getDNAttrValues(), but only returns the values for one attribute of an object. Example calls:
print_r(getDNAttrValue('cn=Bob,ou=people,dc=example,dc=com','sn')); Array ( [0] => Smith ) print_r(getDNAttrValue('cn=Bob,ou=people,dc=example,dc=com','objectClass')); Array ( [0] => top [1] => person )

Arguments

Name Type Description Default
$dn n/a
$attr n/a
$method n/a null
$deref n/a LDAP_DEREF_NEVER

Return value

Type Description
array

Tags

Name Description
see
todo Caching these values may be problematic with multiple calls and different deref values.

getDNAttrValues(   $dn,   $method = null,   $deref = LDAP_DEREF_NEVER,   $attrs = array('*', '+'), ) : array

Description

Gets the attributes/values of an entry. Returns an associative array whose keys are attribute value names and whose values are arrays of values for said attribute.
Optionally, callers may specify true for the parameter $lower_case_attr_names to force all keys in the associate array (attribute names) to be lower case. Example of its usage: print_r(getDNAttrValues('cn=Bob,ou=pepole,dc=example,dc=com') Array ( [objectClass] => Array ( [0] => person [1] => top ) [cn] => Array ( [0] => Bob ) [sn] => Array ( [0] => Jones ) [dn] => Array ( [0] => cn=Bob,ou=pepole,dc=example,dc=com ) )

Arguments

Name Type Description Default
$dn n/a
$method n/a null
$deref n/a LDAP_DEREF_NEVER
$attrs n/a array('*', '+')

Return value

Type Description
array

Tags

Name Description
see
see

getErrorMessage(   $method = null, ) : n/a

Description

Get the last error string

Arguments

Name Type Description Default
$method n/a null

Return value

Type Description
n/a n/a

getErrorNum(   $method = null, ) : n/a

Description

Get the last error number

Arguments

Name Type Description Default
$method n/a null

Return value

Type Description
n/a n/a

getLoginBaseDN( ) : n/a

Description

Return the login base DNs If no login base DNs are defined, then the LDAP server Base DNs are used.

Return value

Type Description
n/a n/a

getLoginClass( ) : n/a

Description

Return the login classes that a user must have to login

Return value

Type Description
n/a n/a

getLoginID(   $user,   $method = null, ) : n/a

Description

Get a user ID

Arguments

Name Type Description Default
$user n/a
$method n/a null

Return value

Type Description
n/a n/a

getRawSchema(   $method,   $schema_to_fetch,   $dn = '', ) : array

Description

Fetches the raw schema array for the subschemaSubentry of the server. Note, this function has grown many hairs to accomodate more LDAP servers. It is needfully complicated as it now supports many popular LDAP servers that don't necessarily expose their schema "the right way".
Please note: On FC systems, it seems that php_ldap uses /etc/openldap/ldap.conf in the search base if it is blank - so edit that file and comment out the BASE line.

Arguments

Name Type Description Default
$method n/a
$schema_to_fetch n/a
$dn n/a ''

Return value

Type Description
array an array of strings of this form: Array ( [0] => "(1.3.6.1.4.1.7165.1.2.2.4 NAME 'gidPool' DESC 'Pool ... [1] => "(1.3.6.1.4.1.7165.2.2.3 NAME 'sambaAccount' DESC 'Sa ... etc.

getRootDSE(   $method = null, ) : n/a

Arguments

Name Type Description Default
$method n/a null

Return value

Type Description
n/a n/a

getSchemaAttribute(   $attr_name,   $method = null, string   $dn = '', ) : \AttributeType

Description

Gets a single AttributeType object specified by name.

Arguments

Name Type Description Default
$attr_name n/a
$method n/a null
$dn string

(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).

''

Return value

Type Description
\AttributeType The specified AttributeType object or false on error.

Tags

Name Description
see
see

getSchemaDN(   $method = null,   $dn = '', ) : array|false

Description

This function will query the ldap server and request the subSchemaSubEntry which should be the Schema DN.
If we cant connect to the LDAP server, we'll return false. If we can connect but cant get the entry, then we'll return null.

Arguments

Name Type Description Default
$method n/a null
$dn n/a ''

Return value

Type Description
array|false Schema if available, null if its not or false if we cant connect.

getSchemaObjectClass( string   $oclass_name,   $method = null, string   $dn = '', ) : \ObjectClass

Description

Gets a single ObjectClass object specified by name.

Arguments

Name Type Description Default
$oclass_name string

The name of the objectClass to fetch.

$method n/a null
$dn string

(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).

''

Return value

Type Description
\ObjectClass The specified ObjectClass object or false on error.

Tags

Name Description
see
see

isAnonBindAllowed( ) : n/a

Description

Return if anonymous bind is allowed in the configuration

Return value

Type Description
n/a n/a

isAttrBinary( string   $attr_name, ) : boolean

Description

Given an attribute name and server ID number, this function returns whether the attribute may contain binary data. This is useful for developers who wish to display the contents of an arbitrary attribute but don't want to dump binary data on the page.

Arguments

Name Type Description Default
$attr_name string

The name of the attribute to test.

Return value

Type Description
boolean

Tags

Name Description
see

isAttrBoolean( string   $attr_name, ) : boolean

Description

Given an attribute name and server ID number, this function returns whether the attrbiute contains boolean data. This is useful for developers who wish to display the contents of a boolean attribute with a drop-down.

Arguments

Name Type Description Default
$attr_name string

The name of the attribute to test.

Return value

Type Description
boolean

isDNAttr( string   $attr_name,   $method = null, ) : boolean

Description

Returns true if the attribute specified is required to take as input a DN.
Some examples include 'distinguishedName', 'member' and 'uniqueMember'.

Arguments

Name Type Description Default
$attr_name string

The name of the attribute of interest (case insensitive)

$method n/a null

Return value

Type Description
boolean

isForceMay(   $attr_name, ) : boolean

Description

This function determines if the specified attribute is contained in the force_may list as configured in config.php.

Arguments

Name Type Description Default
$attr_name n/a

Return value

Type Description
boolean True if the specified attribute is in the $force_may list and false otherwise.

isJpegPhoto( string   $attr_name, ) : boolean

Description

Used to determine if the specified attribute is indeed a jpegPhoto. If the specified attribute is one that houses jpeg data, true is returned. Otherwise this function returns false.

Arguments

Name Type Description Default
$attr_name string

The name of the attribute to test.

Return value

Type Description
boolean

Tags

Name Description
see

isProxyEnabled( ) : boolean

Description

Fetches whether PROXY AUTH has been configured for use with a certain server.
Users may configure phpLDAPadmin to use PROXY AUTH in config,php thus: $servers->setValue('login','auth_type','proxy');

Return value

Type Description
boolean

isSASLEnabled( ) : boolean

Description

Fetches whether SASL has been configured for use with a certain server.
Users may configure phpLDAPadmin to use SASL in config,php thus: $servers->setValue('server','sasl',true|false);

Return value

Type Description
boolean

isTLSEnabled( ) : boolean

Description

Fetches whether TLS has been configured for use with a certain server.
Users may configure phpLDAPadmin to use TLS in config,php thus: $servers->setValue('server','tls',true|false);

Return value

Type Description
boolean

login(   $user = null,   $pass = null,   $method = null,   $new = false, ) : boolean

Description

Login to the database with the application user/password

Arguments

Name Type Description Default
$user n/a null
$pass n/a null
$method n/a null
$new n/a false

Return value

Type Description
boolean true|false for successful login.

modify(   $dn,   $attrs,   $method = null, ) : n/a

Description

Modify attributes of a DN

Arguments

Name Type Description Default
$dn n/a
$attrs n/a
$method n/a null

Return value

Type Description
n/a n/a

query(   $query,   $method,   $index = null,   $debug = false, ) : array|null

Description

Perform a query to the Database

Arguments

Name Type Description Default
$query n/a
$method n/a
$index n/a null
$debug n/a false

Return value

Type Description
array|null Results of query.

startProxy(   $resource,   $method, ) : n/a

Description

If PROXY AUTH is configured, then start it

Arguments

Name Type Description Default
$resource n/a
$method n/a

Return value

Type Description
n/a n/a

startSASL(   $resource,   $method, ) : n/a

Description

If SASL is configured, then start it To be able to use SASL, PHP should have been compliled with --with-ldap-sasl=DIR

Arguments

Name Type Description Default
$resource n/a
$method n/a

Return value

Type Description
n/a n/a

Tags

Name Description
todo This has not been tested, please let the developers know if this function works as expected.

startTLS(   $resource, ) : n/a

Description

If TLS is configured, then start it

Arguments

Name Type Description Default
$resource n/a

Return value

Type Description
n/a n/a

userIsAllowedLogin(   $dn, ) : n/a

Description

This function will determine if the user is allowed to login based on a filter

Arguments

Name Type Description Default
$dn n/a

Return value

Type Description
n/a n/a

userIsMember( string   $user, \dn   $group, ) : bool

Description

This function will test if a user is a member of a group.
Inputs:

Arguments

Name Type Description Default
$user string

membership value that is being checked

$group \dn

DN to see if user is a member

Return value

Type Description
bool true|false

Properties

$_schemaDN, $_schema_entries, $force_may, $noconnect,

  private  $_schemaDN = null




  private  $_schema_entries = null




  private  $force_may = array()




  private  $noconnect = false




Documentation was generated by phpDocumentor 2.0.1 .

Namespaces

  • global

    Packages