Class: LDAPserver
Source Location: /lib/server_functions.php
Class Details
Class Methods
constructor __construct [line 43]
LDAPserver __construct(
int
$server_id)
|
|
Default constructor.
Parameters:
method add [line 1450]
void add(
$dn,
$entry_array)
|
|
Add objects
Parameters:
method attrDelete [line 1483]
void attrDelete(
$dn,
$update_array)
|
|
Parameters:
method attrModify [line 1478]
void attrModify(
$dn,
$update_array)
|
|
Modify attributes
Parameters:
method attrReplace [line 1488]
void attrReplace(
$dn,
$update_array)
|
|
Parameters:
method checkUniqueAttr [line 2721]
void checkUniqueAttr(
dn
$dn, string
$attr_name,
$new_value, string|array
$new)
|
|
This function will check whether the value for an attribute being changed is already assigned to another DN. Inputs:
Parameters:
method connect [line 112]
resource|false connect(
[bool
$process_error = true], [bool
$connect_id = 'user'], [bool
$reconnect = false], [
$readonly = true], [
$dn = null], [
$pass = null])
|
|
Connect to the LDAP server.
Tags:
Parameters:
method delete [line 1496]
Delete objects
Parameters:
method dnExists [line 1562]
bool dnExists(
string
$dn)
|
|
Gets whether an entry exists based on its DN. If the entry exists, returns true. Otherwise returns false. If we are not aware of the dn, and a read results in a hit, then we'll update the info for the tree.
Parameters:
method errno [line 1548]
Return errno from last operation
method error [line 1540]
Return error from last operation
method getBaseDN [line 384]
Gets the root DN of the specified LDAPServer, or null if it can't find it (ie, the server won't give it to us, or it isnt specified in the configuration file). Tested with OpenLDAP 2.0, Netscape iPlanet, and Novell eDirectory 8.7 (nldap.com) Please report any and all bugs!! Please note: On FC systems, it seems that php_ldap uses /etc/openldap/ldap.conf in the search base if it is blank - so edit that file and comment out the BASE line.
Tags:
method getContainerContents [line 1641]
array getContainerContents(
string
$dn, [int
$size_limit = 0], [string
$filter = '(objectClass=*)'], [
$deref = LDAP_DEREF_ALWAYS])
|
|
Gets a list of child entries for an entry. Given a DN, this function fetches the list of DNs of child entries one level beneath the parent. For example, for the following tree: dc=example,dc=com ou=People cn=Dave cn=Fred cn=Joe ou=More People cn=Mark cn=Bob
Calling
would return the following list: cn=Dave cn=Fred cn=Joe ou=More People
Tags:
Parameters:
method getContainerParent [line 2656]
string getContainerParent(
$container, string
$path, string
$dn)
|
|
Given a DN string and a path like syntax, this returns the parent container portion of the string.
Tags:
Parameters:
method getContainerTop [line 2633]
string getContainerTop(
string
$dn)
|
|
Given a DN string, this returns the top container portion of the string.
Tags:
Parameters:
method getDNAttr [line 2611]
array getDNAttr(
string
$dn, string
$attr, [bool
$lower_case_attr_names = false], [int
$deref = LDAP_DEREF_NEVER])
|
|
Much like getDNAttrs(), but only returns the values for one attribute of an object. Example calls:
Array ( [0] => "Smith" ) Array ( [0] => "top" [1] => "person" )
Tags:
Parameters:
method getDNAttrs [line 2549]
array getDNAttrs(
string
$dn, [bool
$lower_case_attr_names = false], [int
$deref = LDAP_DEREF_NEVER])
|
|
Gets the attributes/values of an entry. Returns an associative array whose keys are attribute value names and whose values are arrays of values for said attribute. Optionally, callers may specify true for the parameter $lower_case_attr_names to force all keys in the associate array (attribute names) to be lower case. Sample return value of getDNAttrs( 0, "cn=Bob,ou=pepole,dc=example,dc=com" )
Array ( [objectClass] => Array ( [0] => person [1] => top ) [cn] => Array ( [0] => Bob ) [sn] => Array ( [0] => Jones ) [dn] => Array ( [0] => cn=Bob,ou=pepole,dc=example,dc=com ) )
Tags:
Parameters:
method getDNBase [line 2888]
string getDNBase(
string
$dn)
|
|
Get the LDAP base DN for a named DN.
Parameters:
method getDNSysAttrs [line 2487]
array getDNSysAttrs(
string
$dn, [int
$deref = LDAP_DEREF_NEVER])
|
|
Gets the operational attributes for an entry. Given a DN, this function fetches that entry's operational (ie, system or internal) attributes. These attributes include "createTimeStamp", "creatorsName", and any other attribute that the LDAP server sets automatically. The returned associative array is of this form: Array ( [creatorsName] => Array ( [0] => "cn=Admin,dc=example,dc=com" ) [createTimeStamp]=> Array ( [0] => "10401040130" ) [hasSubordinates] => Array ( [0] => "FALSE" ) )
Tags:
Parameters:
method getLoggedInDN [line 2356]
Returns the DN who is logged in currently to the given server, which may either be a DN or the string 'anonymous'. This applies only for auth_types "cookie", "session" and "http". One place where this function is used is the tree viewer: After a user logs in, the text "Logged in as: " is displayed under the server name. This information is retrieved from this function.
Tags:
method getLoggedInPass [line 2296]
string getLoggedInPass(
)
|
|
Fetches the password of the currently logged in user (for auth_types "cookie", "session" and "http" only) or false if the current login is anonymous.
Tags:
method getLoginAttr [line 912]
Return the attribute used for login
method getLoginString [line 977]
string|false getLoginString(
)
|
|
Fetches the login_attr string if enabled for a specified server. This is configured in config.php thus: $ldapservers->SetValue($i,'login','login_string','uid=<username>,ou=People,dc=example,dc=com');
method getRawSchema [line 674]
array getRawSchema(
string
$schema_to_fetch, [dn
$dn = ''])
|
|
Fetches the raw schema array for the subschemaSubentry of the server. Note, this function has grown many hairs to accomodate more LDAP servers. It is needfully complicated as it now supports many popular LDAP servers that don't necessarily expose their schema "the right way". Please note: On FC systems, it seems that php_ldap uses /etc/openldap/ldap.conf in the search base if it is blank - so edit that file and comment out the BASE line.
Tags:
Parameters:
method getSchemaAttribute [line 1138]
AttributeType getSchemaAttribute(
$attr_name, [string
$dn = null], string
$oclass_name)
|
|
Gets a single AttributeType object specified by name.
Tags:
Parameters:
method getSchemaDN [line 570]
array|false getSchemaDN(
[
$dn = ''])
|
|
This function will query the ldap server and request the subSchemaSubEntry which should be the Schema DN. If we cant connect to the LDAP server, we'll return false. If we can connect but cant get the entry, then we'll return null.
Tags:
Parameters:
method getSchemaObjectClass [line 1112]
ObjectClass getSchemaObjectClass(
string
$oclass_name, [string
$dn = ''])
|
|
Gets a single ObjectClass object specified by name.
Tags:
Parameters:
method haveAuthInfo [line 70]
Check if there is sufficent information to Authenticate to the LDAP server. Given a server, returns whether or not we have enough information to authenticate against the server. For example, if the user specifies auth_type of 'cookie' in the config for that server, it checks the $_COOKIE array to see if the cookie username and password is set for the server. If the auth_type is 'session', the $_SESSION array is checked. If the auth_type is 'http', the $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] is checked. There are three cases for this function depending on the auth_type configured for the specified server. If the auth_type is session or cookie or http, then getLoggedInDN() is called to verify that the user has logged in. If the auth_type is config, then the $ldapservers configuration in config.php is checked to ensure that the user has specified login information. In any case, if phpLDAPadmin has enough information to login to the server, true is returned. Otherwise false is returned.
Tags:
method isAnonBindAllowed [line 994]
bool isAnonBindAllowed(
)
|
|
Fetch whether the user has configured a certain server login to be non anonymous $ldapservers->SetValue($i,'login','anon_bind','true|false');
method isAttrBinary [line 2116]
bool isAttrBinary(
string
$attr_name)
|
|
Given an attribute name and server ID number, this function returns whether the attrbiute may contain binary data. This is useful for developers who wish to display the contents of an arbitrary attribute but don't want to dump binary data on the page.
Tags:
Parameters:
method isAttrBoolean [line 2090]
bool isAttrBoolean(
string
$attr_name)
|
|
Given an attribute name and server ID number, this function returns whether the attrbiute contains boolean data. This is useful for developers who wish to display the contents of a boolean attribute with a drop-down.
Parameters:
method isAttrHidden [line 2246]
bool isAttrHidden(
string
$attr)
|
|
Returns true if the specified attribute is configured as hidden in config.php with the $hidden_attrs array or the $hidden_attrs_ro array. Attributes are configured as hidden in config.php thus: $hidden_attrs = array( "objectClass", "givenName" );
or $hidden_attrs_ro = array( "objectClass", "givenName", "shadowWarning", "shadowLastChange", "shadowMax", "shadowFlag", "shadowInactive", "shadowMin", "shadowExpire" );
Parameters:
method isAttrReadOnly [line 2200]
bool isAttrReadOnly(
string
$attr)
|
|
Returns true if the specified attribute is configured as read only in config.php with the $read_only_attrs array. Attributes are configured as read-only in config.php thus: $read_only_attrs = array( "objectClass", "givenName" );
Parameters:
method isBranchRenameEnabled [line 1037]
bool isBranchRenameEnabled(
int
$server_id)
|
|
Returns true if the user has configured the specified server to enable branch (non-leaf) renames. This is configured in config.php thus: $ldapservers->SetValue($i,'server','branch_rename','true|false');
Parameters:
method isDNAttr [line 1877]
bool isDNAttr(
string
$attr_name)
|
|
Returns true if the attribute specified is required to take as input a DN. Some examples include 'distinguishedName', 'member' and 'uniqueMember'.
Parameters:
method isJpegPhoto [line 2059]
bool isJpegPhoto(
string
$attr_name)
|
|
Used to determine if the specified attribute is indeed a jpegPhoto. If the specified attribute is one that houses jpeg data, true is returned. Otherwise this function returns false.
Tags:
Parameters:
method isLoginAttrEnabled [line 930]
bool isLoginAttrEnabled(
)
|
|
Fetches whether the login_attr feature is enabled for a specified server. This is configured in config.php thus: $ldapservers->SetValue($i,'login','attr','<ldap attr>');
By virtue of the fact that the login_attr is not blank and not 'dn', the feature is configured to be enabled.
method isLoginStringEnabled [line 952]
bool isLoginStringEnabled(
)
|
|
Fetches whether the login_attr feature is enabled for a specified server. This is configured in config.php thus: $ldapservers->SetValue($i,'login','attr','string');
method isLowBandwidth [line 533]
Fetch whether the user has configured a certain server as "low bandwidth". Users may choose to configure a server as "low bandwidth" in config.php thus: $ldapservers->SetValue($i,'server','low_bandwidth','true|false');
method isMassDeleteEnabled [line 485]
bool isMassDeleteEnabled(
)
|
|
Returns true if the user has configured the specified server to enable mass deletion. Mass deletion is enabled in config.php this: $config->custom->commands['all'] = array('entry_delete' => array('mass_delete' => true));
Notice that mass deletes are not enabled on a per-server basis, but this function checks that the server is not in a read-only state as well.
method isMultiLineAttr [line 1833]
bool isMultiLineAttr(
string
$attr_name, [string
$val = null])
|
|
Determines if an attribute's value can contain multiple lines. Attributes that fall in this multi-line category may be configured in config.php. Hence, this function accesses the global variable $_SESSION[APPCONFIG]->custom->appearance['multi_line_attributes']; Usage example:
echo "<textarea name=\"postalAddress\"></textarea>"; else echo "<input name=\"postalAddress\" type=\"text\">";
Parameters:
method isReadOnly [line 455]
Returns true if the specified server is configured to be displayed in read only mode. If a user has logged in via anonymous bind, and config.php specifies $config->custom->appearance['anonymous_bind_implies_read_only'] = true;
then this also returns true. Servers can be configured read-only in config.php thus: $ldapservers->SetValue($i,'server','read_only',false);
method isShowCreateEnabled [line 514]
bool isShowCreateEnabled(
)
|
|
Gets whether the admin has configured phpLDAPadmin to show the "Create New" link in the tree viewer. $ldapservers->SetValue($i,'appearance','show_create','true|false');
If NOT set, then default to show the Create New item. If IS set, then return the value (it should be true or false). The entry creation command must be available. $config->custom->commands['all'] = array('entry_create' => true);
Tags:
method isTLSEnabled [line 1018]
Fetches whether TLS has been configured for use with a certain server. Users may configure phpLDAPadmin to use TLS in config,php thus: $ldapservers->SetValue($i,'login','tls','true|false');
method isUniqueAttr [line 2696]
bool isUniqueAttr(
$attr_name)
|
|
Determins if the specified attribute is contained in the $unique_attrs list configured in config.php.
Tags:
Parameters:
method isVisible [line 550]
Should this LDAP server be shown in the tree? $ldapservers->SetValue($i,'server','visible','true|false');
Tags:
method MatchingRules [line 1342]
void MatchingRules(
[
$dn = null])
|
|
Returns an array of MatchingRule objects for the specified server. The key of each entry is the OID of the matching rule.
Parameters:
method modify [line 1470]
void modify(
$dn,
$update_array)
|
|
Modify objects
Parameters:
method rename [line 1519]
void rename(
$dn,
$new_rdn,
$container,
$deleteoldrdn)
|
|
Rename objects
Parameters:
method SchemaAttributes [line 1163]
array SchemaAttributes(
[string
$dn = null], int
$server_id)
|
|
Gets an associative array of AttributeType objects for the specified server. Each array entry's key is the name of the attributeType in lower-case and the value is an AttributeType object.
Tags:
Parameters:
method SchemaObjectClasses [line 1056]
array SchemaObjectClasses(
[string
$dn = ''])
|
|
Gets an associative array of ObjectClass objects for the specified server. Each array entry's key is the name of the objectClass in lower-case and the value is an ObjectClass object.
Tags:
Parameters:
method SchemaSyntaxes [line 1411]
void SchemaSyntaxes(
[
$dn = null])
|
|
Returns an array of Syntax objects that this LDAP server uses mapped to their descriptions. The key of each entry is the OID of the Syntax.
Parameters:
method search [line 1704]
void search(
[resource
$resource = null], [string
$base_dn = null], string
$filter, [array
$attrs = array()], [string
$scope = 'sub'], [bool
$sort_results = true], [int
$deref = LDAP_DEREF_NEVER], [int
$size_limit = 0])
|
|
A handy ldap searching function very similar to PHP's ldap_search() with the following exceptions: Callers may specify a search scope and the return value is an array containing the search results rather than an LDAP result resource. Example usage: $samba_users = $ldapserver->search(null,"ou=People,dc=example,dc=com", "(&(objectClass=sambaAccount)(objectClass=posixAccount))", array("uid","homeDirectory")); // prints (for example): // Array ( // [uid=jsmith,ou=People,dc=example,dc=com] => Array ( // [dn] => "uid=jsmith,ou=People,dc=example,dc=com" // [uid] => "jsmith" // [homeDirectory] => "\\server\jsmith" // ) // [uid=byoung,ou=People,dc=example,dc=com] => Array ( // [dn] => "uid=byoung,ou=Samba,ou=People,dc=example,dc=com" // [uid] => "byoung" // [homeDirectory] => "\\server\byoung" // )
WARNING: This function will use a lot of memory on large searches since the entire result set is stored in a single array. For large searches, you should consider sing the less memory intensive PHP LDAP API directly (ldap_search(), ldap_next_entry(), ldap_next_attribute(), etc).
Parameters:
method setLoginDN [line 1929]
bool setLoginDN(
string
$dn, string
$password, bool
$anon_bind)
|
|
Responsible for setting two cookies/session-vars to indicate that a user has logged in, one for the logged in DN and one for the logged in password. This function is only used if 'auth_type' is set to 'cookie' or 'session'. The values written have the name "pla_login_dn_X" and "pla_login_pass_X" where X is the ID of the server to which the user is attempting login. Note that as with all cookie/session operations this function must be called BEFORE any output is sent to the browser. On success, true is returned. On failure, false is returned.
Tags:
Parameters:
method unsetLoginDN [line 1988]
Log a user out of the LDAP server. Removes the cookies/session-vars set by setLoginDN() after a user logs out using "auth_type" of "session" or "cookie". Returns true on success, false on failure.
Tags:
method userIsAllowedLogin [line 2821]
void userIsAllowedLogin(
$user)
|
|
Parameters:
method userIsMember [line 2787]
bool userIsMember(
string
$user, dn
$group)
|
|
This function will test if a user is a member of a group. Inputs:
Tags:
Parameters:
|
|
