[ Index ] |
PHP Cross Reference of Joomla 4.2.2 documentation |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * Part of the Joomla Framework LDAP Package 4 * 5 * @copyright Copyright (C) 2005 - 2021 Open Source Matters, Inc. All rights reserved. 6 * @license GNU General Public License version 2 or later; see LICENSE 7 */ 8 9 namespace Joomla\Ldap; 10 11 /** 12 * LDAP client class 13 * 14 * @since 1.0 15 * @deprecated The joomla/ldap package is deprecated 16 */ 17 class LdapClient 18 { 19 /** 20 * Hostname of LDAP server 21 * 22 * @var string 23 * @since 1.0 24 */ 25 public $host = null; 26 27 /** 28 * Authorization Method to use 29 * 30 * @var boolean 31 * @since 1.0 32 */ 33 public $auth_method = null; 34 35 /** 36 * Port of LDAP server 37 * 38 * @var integer 39 * @since 1.0 40 */ 41 public $port = null; 42 43 /** 44 * Base DN (e.g. o=MyDir) 45 * 46 * @var string 47 * @since 1.0 48 */ 49 public $base_dn = null; 50 51 /** 52 * User DN (e.g. cn=Users,o=MyDir) 53 * 54 * @var string 55 * @since 1.0 56 */ 57 public $users_dn = null; 58 59 /** 60 * Search String 61 * 62 * @var string 63 * @since 1.0 64 */ 65 public $search_string = null; 66 67 /** 68 * Use LDAP Version 3 69 * 70 * @var boolean 71 * @since 1.0 72 */ 73 public $use_ldapV3 = null; 74 75 /** 76 * No referrals (server transfers) 77 * 78 * @var boolean 79 * @since 1.0 80 */ 81 public $no_referrals = null; 82 83 /** 84 * Negotiate TLS (encrypted communications) 85 * 86 * @var boolean 87 * @since 1.0 88 */ 89 public $negotiate_tls = null; 90 91 /** 92 * Username to connect to server 93 * 94 * @var string 95 * @since 1.0 96 */ 97 public $username = null; 98 99 /** 100 * Password to connect to server 101 * 102 * @var string 103 * @since 1.0 104 */ 105 public $password = null; 106 107 /** 108 * LDAP Resource Identifier 109 * 110 * @var resource 111 * @since 1.0 112 */ 113 private $resource = null; 114 115 /** 116 * Current DN 117 * 118 * @var string 119 * @since 1.0 120 */ 121 private $dn = null; 122 123 /** 124 * Flag tracking whether the connection has been bound 125 * 126 * @var boolean 127 * @since 1.3.0 128 */ 129 private $isBound = false; 130 131 /** 132 * Constructor 133 * 134 * @param object $configObj An object of configuration variables 135 * 136 * @since 1.0 137 */ 138 public function __construct($configObj = null) 139 { 140 if (is_object($configObj)) 141 { 142 $vars = get_class_vars(get_class($this)); 143 144 foreach (array_keys($vars) as $var) 145 { 146 if (substr($var, 0, 1) != '_') 147 { 148 $param = $configObj->get($var); 149 150 if ($param) 151 { 152 $this->$var = $param; 153 } 154 } 155 } 156 } 157 } 158 159 /** 160 * Class destructor. 161 * 162 * @since 1.3.0 163 */ 164 public function __destruct() 165 { 166 $this->close(); 167 } 168 169 /** 170 * Connect to an LDAP server 171 * 172 * @return boolean 173 * 174 * @since 1.0 175 */ 176 public function connect() 177 { 178 if ($this->host == '') 179 { 180 return false; 181 } 182 183 $this->resource = ldap_connect($this->host, $this->port); 184 185 if (!$this->resource) 186 { 187 return false; 188 } 189 190 if ($this->use_ldapV3 && !ldap_set_option($this->resource, LDAP_OPT_PROTOCOL_VERSION, 3)) 191 { 192 return false; 193 } 194 195 if (!ldap_set_option($this->resource, LDAP_OPT_REFERRALS, (int) $this->no_referrals)) 196 { 197 return false; 198 } 199 200 if ($this->negotiate_tls && !ldap_start_tls($this->resource)) 201 { 202 return false; 203 } 204 205 return true; 206 } 207 208 /** 209 * Close the connection 210 * 211 * @return void 212 * 213 * @since 1.0 214 */ 215 public function close() 216 { 217 if ($this->isConnected()) 218 { 219 $this->unbind(); 220 } 221 222 $this->resource = null; 223 } 224 225 /** 226 * Sets the DN with some template replacements 227 * 228 * @param string $username The username 229 * @param string $nosub ... 230 * 231 * @return void 232 * 233 * @since 1.0 234 */ 235 public function setDn($username, $nosub = 0) 236 { 237 if ($this->users_dn == '' || $nosub) 238 { 239 $this->dn = $username; 240 } 241 elseif (strlen($username)) 242 { 243 $this->dn = str_replace('[username]', $username, $this->users_dn); 244 } 245 else 246 { 247 $this->dn = ''; 248 } 249 } 250 251 /** 252 * Get the configured DN 253 * 254 * @return string 255 * 256 * @since 1.0 257 */ 258 public function getDn() 259 { 260 return $this->dn; 261 } 262 263 /** 264 * Anonymously binds to LDAP directory 265 * 266 * @return boolean 267 * 268 * @since 1.0 269 */ 270 public function anonymous_bind() 271 { 272 if (!$this->isConnected()) 273 { 274 if (!$this->connect()) 275 { 276 return false; 277 } 278 } 279 280 $this->isBound = ldap_bind($this->resource); 281 282 return $this->isBound; 283 } 284 285 /** 286 * Binds to the LDAP directory 287 * 288 * @param string $username The username 289 * @param string $password The password 290 * @param string $nosub ... 291 * 292 * @return boolean 293 * 294 * @since 1.0 295 */ 296 public function bind($username = null, $password = null, $nosub = 0) 297 { 298 if (!$this->isConnected()) 299 { 300 if (!$this->connect()) 301 { 302 return false; 303 } 304 } 305 306 if (is_null($username)) 307 { 308 $username = $this->username; 309 } 310 311 if (is_null($password)) 312 { 313 $password = $this->password; 314 } 315 316 $this->setDn($username, $nosub); 317 318 $this->isBound = ldap_bind($this->resource, $this->getDn(), $password); 319 320 return $this->isBound; 321 } 322 323 /** 324 * Unbinds from the LDAP directory 325 * 326 * @return boolean 327 * 328 * @since 1.3.0 329 */ 330 public function unbind() 331 { 332 if ($this->isBound && $this->resource && is_resource($this->resource)) 333 { 334 return ldap_unbind($this->resource); 335 } 336 337 return true; 338 } 339 340 /** 341 * Perform an LDAP search using comma separated search strings 342 * 343 * @param string $search search string of search values 344 * 345 * @return array Search results 346 * 347 * @since 1.0 348 */ 349 public function simple_search($search) 350 { 351 $results = explode(';', $search); 352 353 foreach ($results as $key => $result) 354 { 355 $results[$key] = '(' . $result . ')'; 356 } 357 358 return $this->search($results); 359 } 360 361 /** 362 * Performs an LDAP search 363 * 364 * @param array $filters Search Filters (array of strings) 365 * @param string $dnoverride DN Override 366 * @param array $attributes An array of attributes to return (if empty, all fields are returned). 367 * 368 * @return array Multidimensional array of results 369 * 370 * @since 1.0 371 */ 372 public function search(array $filters, $dnoverride = null, array $attributes = array()) 373 { 374 $result = array(); 375 376 if (!$this->isBound || !$this->isConnected()) 377 { 378 return $result; 379 } 380 381 if ($dnoverride) 382 { 383 $dn = $dnoverride; 384 } 385 else 386 { 387 $dn = $this->base_dn; 388 } 389 390 foreach ($filters as $searchFilter) 391 { 392 $searchResult = ldap_search($this->resource, $dn, $searchFilter, $attributes); 393 394 if ($searchResult && ($count = ldap_count_entries($this->resource, $searchResult)) > 0) 395 { 396 for ($i = 0; $i < $count; $i++) 397 { 398 $result[$i] = array(); 399 400 if (!$i) 401 { 402 $firstentry = ldap_first_entry($this->resource, $searchResult); 403 } 404 else 405 { 406 $firstentry = ldap_next_entry($this->resource, $firstentry); 407 } 408 409 // Load user-specified attributes 410 $attributeResult = ldap_get_attributes($this->resource, $firstentry); 411 412 // LDAP returns an array of arrays, fit this into attributes result array 413 foreach ($attributeResult as $ki => $ai) 414 { 415 if (is_array($ai)) 416 { 417 $subcount = $ai['count']; 418 $result[$i][$ki] = array(); 419 420 for ($k = 0; $k < $subcount; $k++) 421 { 422 $result[$i][$ki][$k] = $ai[$k]; 423 } 424 } 425 } 426 427 $result[$i]['dn'] = ldap_get_dn($this->resource, $firstentry); 428 } 429 } 430 } 431 432 return $result; 433 } 434 435 /** 436 * Replace attribute values with new ones 437 * 438 * @param string $dn The DN which contains the attribute you want to replace 439 * @param string $attribute The attribute values you want to replace 440 * 441 * @return boolean 442 * 443 * @since 1.0 444 */ 445 public function replace($dn, $attribute) 446 { 447 if (!$this->isBound || !$this->isConnected()) 448 { 449 return false; 450 } 451 452 return ldap_mod_replace($this->resource, $dn, $attribute); 453 } 454 455 /** 456 * Modify an LDAP entry 457 * 458 * @param string $dn The DN which contains the attribute you want to modify 459 * @param string $attribute The attribute values you want to modify 460 * 461 * @return boolean 462 * 463 * @since 1.0 464 */ 465 public function modify($dn, $attribute) 466 { 467 if (!$this->isBound || !$this->isConnected()) 468 { 469 return false; 470 } 471 472 return ldap_modify($this->resource, $dn, $attribute); 473 } 474 475 /** 476 * Delete attribute values from current attributes 477 * 478 * @param string $dn The DN which contains the attribute you want to remove 479 * @param string $attribute The attribute values you want to remove 480 * 481 * @return boolean 482 * 483 * @since 1.0 484 */ 485 public function remove($dn, $attribute) 486 { 487 if (!$this->isBound || !$this->isConnected()) 488 { 489 return false; 490 } 491 492 return ldap_mod_del($this->resource, $dn, $attribute); 493 } 494 495 /** 496 * Compare value of attribute found in entry specified with DN 497 * 498 * @param string $dn The DN which contains the attribute you want to compare 499 * @param string $attribute The attribute whose value you want to compare 500 * @param string $value The value you want to check against the LDAP attribute 501 * 502 * @return boolean|integer Boolean result of the comparison or -1 on error 503 * 504 * @since 1.0 505 */ 506 public function compare($dn, $attribute, $value) 507 { 508 if (!$this->isBound || !$this->isConnected()) 509 { 510 return false; 511 } 512 513 return ldap_compare($this->resource, $dn, $attribute, $value); 514 } 515 516 /** 517 * Read attributes of a given DN 518 * 519 * @param string $dn The DN of the object you want to read 520 * 521 * @return array|boolean Array of attributes for the given DN or boolean false on failure 522 * 523 * @since 1.0 524 */ 525 public function read($dn) 526 { 527 if (!$this->isBound || !$this->isConnected()) 528 { 529 return false; 530 } 531 532 $base = substr($dn, strpos($dn, ',') + 1); 533 $cn = substr($dn, 0, strpos($dn, ',')); 534 $result = ldap_read($this->resource, $base, $cn); 535 536 if ($result === false) 537 { 538 return false; 539 } 540 541 return ldap_get_entries($this->resource, $result); 542 } 543 544 /** 545 * Delete an entry from a directory 546 * 547 * @param string $dn The DN of the object you want to delete 548 * 549 * @return boolean 550 * 551 * @since 1.0 552 */ 553 public function delete($dn) 554 { 555 if (!$this->isBound || !$this->isConnected()) 556 { 557 return false; 558 } 559 560 return ldap_delete($this->resource, $dn); 561 } 562 563 /** 564 * Add entries to LDAP directory 565 * 566 * @param string $dn The DN where you want to put the object 567 * @param array $entries An array of arrays describing the object to add 568 * 569 * @return boolean 570 * 571 * @since 1.0 572 */ 573 public function create($dn, array $entries) 574 { 575 if (!$this->isBound || !$this->isConnected()) 576 { 577 return false; 578 } 579 580 return ldap_add($this->resource, $dn, $entries); 581 } 582 583 /** 584 * Add attribute values to current attributes 585 * 586 * @param string $dn The DN of the entry to add the attribute 587 * @param array $entry An array of arrays with attributes to add 588 * 589 * @return boolean 590 * 591 * @since 1.0 592 */ 593 public function add($dn, array $entry) 594 { 595 if (!$this->isBound || !$this->isConnected()) 596 { 597 return false; 598 } 599 600 return ldap_mod_add($this->resource, $dn, $entry); 601 } 602 603 /** 604 * Modify the name of an entry 605 * 606 * @param string $dn The DN of the entry at the moment 607 * @param string $newdn The DN of the entry should be (only cn=newvalue) 608 * @param string $newparent The full DN of the parent (null by default) 609 * @param boolean $deleteolddn Delete the old values (default) 610 * 611 * @return boolean 612 * 613 * @since 1.0 614 */ 615 public function rename($dn, $newdn, $newparent, $deleteolddn) 616 { 617 if (!$this->isBound || !$this->isConnected()) 618 { 619 return false; 620 } 621 622 return ldap_rename($this->resource, $dn, $newdn, $newparent, $deleteolddn); 623 } 624 625 /** 626 * Escape a string 627 * 628 * @param string $value The subject string 629 * @param string $ignore Characters to ignore when escaping. 630 * @param integer $flags The context the escaped string will be used in LDAP_ESCAPE_FILTER or LDAP_ESCAPE_DN 631 * 632 * @return string 633 * 634 * @since 1.2.0 635 */ 636 public function escape($value, $ignore = '', $flags = 0) 637 { 638 return ldap_escape($value, $ignore, $flags); 639 } 640 641 /** 642 * Return the LDAP error message of the last LDAP command 643 * 644 * @return string 645 * 646 * @since 1.0 647 */ 648 public function getErrorMsg() 649 { 650 if (!$this->isBound || !$this->isConnected()) 651 { 652 return ''; 653 } 654 655 return ldap_error($this->resource); 656 } 657 658 /** 659 * Check if the connection is established 660 * 661 * @return boolean 662 * 663 * @since 1.3.0 664 */ 665 public function isConnected() 666 { 667 return $this->resource && is_resource($this->resource); 668 } 669 670 /** 671 * Converts a dot notation IP address to net address (e.g. for Netware, etc) 672 * 673 * @param string $ip IP Address (e.g. xxx.xxx.xxx.xxx) 674 * 675 * @return string 676 * 677 * @since 1.0 678 */ 679 public static function ipToNetAddress($ip) 680 { 681 $parts = explode('.', $ip); 682 $address = '1#'; 683 684 foreach ($parts as $int) 685 { 686 $tmp = dechex($int); 687 688 if (strlen($tmp) != 2) 689 { 690 $tmp = '0' . $tmp; 691 } 692 693 $address .= '\\' . $tmp; 694 } 695 696 return $address; 697 } 698 699 /** 700 * Extract readable network address from the LDAP encoded networkAddress attribute. 701 * 702 * Please keep this document block and author attribution in place. 703 * 704 * Novell Docs, see: http://developer.novell.com/ndk/doc/ndslib/schm_enu/data/sdk5624.html#sdk5624 705 * for Address types: http://developer.novell.com/ndk/doc/ndslib/index.html?page=/ndk/doc/ndslib/schm_enu/data/sdk4170.html 706 * LDAP Format, String: 707 * taggedData = uint32String "#" octetstring 708 * byte 0 = uint32String = Address Type: 0= IPX Address; 1 = IP Address 709 * byte 1 = char = "#" - separator 710 * byte 2+ = octetstring - the ordinal value of the address 711 * Note: with eDirectory 8.6.2, the IP address (type 1) returns 712 * correctly, however, an IPX address does not seem to. eDir 8.7 may correct this. 713 * Enhancement made by Merijn van de Schoot: 714 * If addresstype is 8 (UDP) or 9 (TCP) do some additional parsing like still returning the IP address 715 * 716 * @param string $networkaddress The network address 717 * 718 * @return array 719 * 720 * @author Jay Burrell, Systems & Networks, Mississippi State University 721 * @since 1.0 722 */ 723 public static function ldapNetAddr($networkaddress) 724 { 725 $addr = ""; 726 $addrtype = (int) substr($networkaddress, 0, 1); 727 728 // Throw away bytes 0 and 1 which should be the addrtype and the "#" separator 729 $networkaddress = substr($networkaddress, 2); 730 731 if (($addrtype == 8) || ($addrtype = 9)) 732 { 733 // TODO 1.6: If UDP or TCP, (TODO fill addrport and) strip portnumber information from address 734 $networkaddress = substr($networkaddress, (strlen($networkaddress) - 4)); 735 } 736 737 $addrtypes = array( 738 'IPX', 739 'IP', 740 'SDLC', 741 'Token Ring', 742 'OSI', 743 'AppleTalk', 744 'NetBEUI', 745 'Socket', 746 'UDP', 747 'TCP', 748 'UDP6', 749 'TCP6', 750 'Reserved (12)', 751 'URL', 752 'Count' 753 ); 754 755 $len = strlen($networkaddress); 756 757 if ($len > 0) 758 { 759 for ($i = 0; $i < $len; $i++) 760 { 761 $byte = substr($networkaddress, $i, 1); 762 $addr .= ord($byte); 763 764 if (($addrtype == 1) || ($addrtype == 8) || ($addrtype = 9)) 765 { 766 // Dot separate IP addresses... 767 $addr .= "."; 768 } 769 } 770 771 if (($addrtype == 1) || ($addrtype == 8) || ($addrtype = 9)) 772 { 773 // Strip last period from end of $addr 774 $addr = substr($addr, 0, strlen($addr) - 1); 775 } 776 } 777 else 778 { 779 $addr .= 'Address not available.'; 780 } 781 782 return array('protocol' => $addrtypes[$addrtype], 'address' => $addr); 783 } 784 785 /** 786 * Generates a LDAP compatible password 787 * 788 * @param string $password Clear text password to encrypt 789 * @param string $type Type of password hash, either md5 or SHA 790 * 791 * @return string 792 * 793 * @since 1.0 794 */ 795 public static function generatePassword($password, $type = 'md5') 796 { 797 switch (strtolower($type)) 798 { 799 case 'sha': 800 return '{SHA}' . base64_encode(pack('H*', sha1($password))); 801 802 case 'md5': 803 default: 804 return '{MD5}' . base64_encode(pack('H*', md5($password))); 805 } 806 } 807 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Wed Sep 7 05:41:13 2022 | Chilli.vc Blog - For Webmaster,Blog-Writer,System Admin and Domainer |