MatchingRules()
SchemaAttributes()
SchemaObjectClasses()
SchemaSyntaxes()
__construct()
dnExists()
getAuthType()
getBaseDN()
getContainer()
getContainerContents()
getContainerPath()
getContainerTop()
getDNAttrValue()
getDNAttrValues()
getErrorMessage()
getErrorNum()
getIndex()
getLogin()
getLoginID()
getName()
getRootDSE()
getSchemaAttribute()
getSchemaObjectClass()
getValue()
inactivityTime()
isAnonBindAllowed()
isAttrBinary()
isAttrBoolean()
isDNAttr()
isDefaultKey()
isDefaultSetting()
isForceMay()
isJpegPhoto()
isLoggedIn()
isReadOnly()
isSessionValid()
isVisible()
login()
logout()
modify()
query()
setDefaults()
setValue()
untested()
userIsMember()
connect()
escapeDN()
getMethod()
getPassword()
setLogin()
userIsAllowedLogin()
explodeDN()
getLoginBaseDN()
getLoginClass()
getRawSchema()
getSchemaDN()
isProxyEnabled()
isSASLEnabled()
isTLSEnabled()
startProxy()
startSASL()
startTLS()
unescapeDN()
$custom
$default
$index
$type
$_schemaDN
$_schema_entries
$force_may
$noconnect
This abstract class provides the basic variables and methods for LDAP datastores
package | phpLDAPadmin |
---|---|
subpackage | DataStore |
MatchingRules($method, $dn)
The key of each entry is the OID of the matching rule.
SchemaAttributes($method, string $dn) : array
Each array entry's key is the name of the attributeType in lower-case and the value is an AttributeType object.
string
(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).
array
An array of AttributeType objects.SchemaObjectClasses($method, string $dn) : array
Each array entry's key is the name of the objectClass in lower-case and the value is an ObjectClass object.
see | \global\ObjectClass |
---|---|
see | \global\getSchemaObjectClass |
string
(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).
array
An array of ObjectClass objects.SchemaSyntaxes($method, $dn)
The key of each entry is the OID of the Syntax.
__construct($index)
dnExists(string $dn, string $method) : boolean
If the entry exists, returns true. Otherwise returns false.
string
The DN of the entry of interest.
string
Which connection method resource to use
boolean
getAuthType()
inherited_from | \DS::getAuthType() |
---|
getBaseDN(string $method) : array
Tested with OpenLDAP 2.0, Netscape iPlanet, and Novell eDirectory 8.7 (nldap.com) Please report any and all bugs!!
Please note: On FC systems, it seems that php_ldap uses /etc/openldap/ldap.conf in the search base if it is blank - so edit that file and comment out the BASE line.
todo | Sort the entries, so that they are in the correct DN order. |
---|
string
Which connection method resource to use
array
dn|null The root DN of the server on success (string) or null on error.getContainer(string $dn) : string
For example. given 'cn=Manager,dc=example,dc=com', this function returns 'dc=example,dc=com'.
string
The DN whose container string to return.
string
The containergetContainerContents(string $dn, string $method, int $size_limit, string $filter, \constant $deref) : array
Given a DN, this function fetches the list of DNs of child entries one level beneath the parent. For example, for the following tree:
dc=example,dc=com
ou=People
cn=Dave
cn=Fred
cn=Joe
ou=More People
cn=Mark
cn=Bob
Calling
getContainerContents("ou=people,dc=example,dc=com")
would return the following list:
cn=Dave
cn=Fred
cn=Joe
ou=More People
string
The DN of the entry whose children to return.
string
Which connection method resource to use
int
(optional) The maximum number of entries to return. If unspecified, no limit is applied to the number of entries in the returned.
string
(optional) An LDAP filter to apply when fetching children, example: "(objectClass=inetOrgPerson)"
\constant
(optional) The LDAP deref setting to use in the query
array
An array of DN strings listing the immediate children of the specified entry.getContainerPath(string $dn, string $path) : string
string
The DN whose container string to return.
string
Either '/', '.' or something like '../../
string
The containergetContainerTop(string $dn) : string
string
The DN whose container string to return.
string
The containergetDNAttrValue(string $dn, string $attr, string $method, \constant $deref) : array
Example calls:
print_r(getDNAttrValue('cn=Bob,ou=people,dc=example,dc=com','sn'));
Array (
[0] => Smith
)
print_r(getDNAttrValue('cn=Bob,ou=people,dc=example,dc=com','objectClass'));
Array (
[0] => top
[1] => person
)
see | \global\getDNAttrValues |
---|---|
todo | Caching these values may be problematic with multiple calls and different deref values. |
string
The distinguished name (DN) of the entry whose attributes/values to fetch.
string
The attribute whose value(s) to return (ie, "objectClass", "cn", "userPassword")
string
Which connection method resource to use
\constant
For aliases and referrals, this parameter specifies whether to follow references to the referenced DN or to fetch the attributes for the referencing DN. See http://php.net/ldap_search for the 4 valid options.
array
getDNAttrValues(string $dn, string $method, \constant $deref, $attrs) : array
Returns an associative array whose keys are attribute value names and whose values are arrays of values for said attribute.
Optionally, callers may specify true for the parameter $lower_case_attr_names to force all keys in the associate array (attribute names) to be lower case.
Example of its usage:
print_r(getDNAttrValues('cn=Bob,ou=pepole,dc=example,dc=com')
Array (
[objectClass] => Array (
[0] => person
[1] => top
)
[cn] => Array (
[0] => Bob
)
[sn] => Array (
[0] => Jones
)
[dn] => Array (
[0] => cn=Bob,ou=pepole,dc=example,dc=com
)
)
see | \global\getDNSysAttrs |
---|---|
see | \global\getDNAttrValue |
string
The distinguished name (DN) of the entry whose attributes/values to fetch.
string
Which connection method resource to use
\constant
For aliases and referrals, this parameter specifies whether to follow references to the referenced DN or to fetch the attributes for the referencing DN. See http://php.net/ldap_search for the 4 valid options.
array
getErrorMessage(string $method)
string
Which connection method resource to use
getErrorNum(string $method)
string
Which connection method resource to use
getIndex()
inherited_from | \DS::getIndex() |
---|
getLogin($method)
If this returns '', we are logged in with anonymous
inherited_from | \DS::getLogin() |
---|
getLoginID(string $user, $method)
string
Which connection method resource to use
getName()
inherited_from | \DS::getName() |
---|
getRootDSE($method)
getSchemaAttribute($attr_name, $method, string $dn) : \AttributeType
see | \global\AttributeType |
---|---|
see | \global\SchemaAttributes |
string
(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).
\AttributeType
The specified AttributeType object or false on error.getSchemaObjectClass(string $oclass_name, $method, string $dn) : \ObjectClass
see | \global\ObjectClass |
---|---|
see | \global\SchemaObjectClasses |
string
The name of the objectClass to fetch.
string
(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).
\ObjectClass
The specified ObjectClass object or false on error.getValue($key, $setting, $fatal)
inherited_from | \DS::getValue() |
---|
inactivityTime()
If there is not timeout, this function will return null.
inherited_from | \DS::inactivityTime() |
---|
isAnonBindAllowed()
isAttrBinary(string $attr_name) : boolean
This is useful for developers who wish to display the contents of an arbitrary attribute but don't want to dump binary data on the page.
see | \global\isJpegPhoto |
---|
string
The name of the attribute to test.
boolean
isAttrBoolean(string $attr_name) : boolean
This is useful for developers who wish to display the contents of a boolean attribute with a drop-down.
string
The name of the attribute to test.
boolean
isDNAttr(string $attr_name, $method) : boolean
Some examples include 'distinguishedName', 'member' and 'uniqueMember'.
string
The name of the attribute of interest (case insensitive)
boolean
isDefaultKey($key)
inherited_from | \DS::isDefaultKey() |
---|
isDefaultSetting($key, $setting)
inherited_from | \DS::isDefaultSetting() |
---|
isForceMay($attr_name) : boolean
boolean
True if the specified attribute is in the $force_may list and false otherwise.isJpegPhoto(string $attr_name) : boolean
If the specified attribute is one that houses jpeg data, true is returned. Otherwise this function returns false.
see | \global\draw_jpeg_photo |
---|
string
The name of the attribute to test.
boolean
isLoggedIn($method)
inherited_from | \DS::isLoggedIn() |
---|
isReadOnly()
inherited_from | \DS::isReadOnly() |
---|
isSessionValid()
inherited_from | \DS::isSessionValid() |
---|
isVisible()
inherited_from | \DS::isVisible() |
---|
login($user, $pass, $method, $new) : boolean
method: 'user', connect with auth_id
method: '
boolean
true|false for successful login.logout($method)
inherited_from | \DS::logout() |
---|
modify($dn, $attrs, $method)
query(string $query, string $method, string $index, boolean $debug) : array | null
string
query to perform $query['base'] $query['filter'] $query['scope'] $query['attrs'] = array(); $query['deref']
string
Which connection method resource to use
string
Index items according to this key
boolean
Enable debugging output
array
null
Results of query.setDefaults($defaults)
inherited_from | \DS::setDefaults() |
---|
setValue($key, $setting, $value)
inherited_from | \DS::setValue() |
---|
untested()
inherited_from | \DS::untested() |
---|
userIsMember(string $user, \dn $group) : bool
Inputs:
string
membership value that is being checked
\dn
DN to see if user is a member
bool
true|falseconnect(string $method, $debug, $new) : resource | null
string
Which connection method resource to use
resource
null
Connection resource if successful, null if not.escapeDN($dn)
getMethod(int $method) : string
If a method is passed, then it will be passed back. If no method is passed, then we'll check to see if the user is logged in. If they are, then 'user' is used, otherwise 'anon' is used.
inherited_from | \DS::getMethod() |
---|
int
Server ID
string
Connection MethodgetPassword($method)
inherited_from | \DS::getPassword() |
---|
setLogin($user, $pass, $method)
inherited_from | \DS::setLogin() |
---|
userIsAllowedLogin($dn)
explodeDN(string $dn, int $with_attributes) : array
string
The DN to explode.
int
(optional) Whether to include attribute names (see http://php.net/ldap_explode_dn for details)
array
An array of RDN parts of this format: Array ( [0] => uid=ppratt [1] => ou=People [2] => dc=example [3] => dc=com )
NOTE: When a multivalue RDN is passed to ldap_explode_dn, the results returns with 'value + value';getLoginBaseDN()
getLoginClass()
getRawSchema(string $method, string $schema_to_fetch, \dn $dn) : array
Note, this function has grown many hairs to accomodate more LDAP servers. It is needfully complicated as it now supports many popular LDAP servers that don't necessarily expose their schema "the right way".
Please note: On FC systems, it seems that php_ldap uses /etc/openldap/ldap.conf in the search base if it is blank - so edit that file and comment out the BASE line.
string
Which connection method resource to use
string
A string indicating which type of schema to fetch. Five valid values: 'objectclasses', 'attributetypes', 'ldapsyntaxes', 'matchingruleuse', or 'matchingrules'. Case insensitive.
\dn
(optional) This paremeter is the DN of the entry whose schema you would like to fetch. Entries have the option of specifying their own subschemaSubentry that points to the DN of the system schema entry which applies to this attribute. If unspecified, this will try to retrieve the schema from the RootDSE subschemaSubentry. Failing that, we use some commonly known schema DNs. Default value is the Root DSE DN (zero-length string)
array
an array of strings of this form: Array ( [0] => "(1.3.6.1.4.1.7165.1.2.2.4 NAME 'gidPool' DESC 'Pool ... [1] => "(1.3.6.1.4.1.7165.2.2.3 NAME 'sambaAccount' DESC 'Sa ... etc.getSchemaDN(string $method, \dn $dn) : array | false
If we cant connect to the LDAP server, we'll return false. If we can connect but cant get the entry, then we'll return null.
string
Which connection method resource to use
\dn
The DN to use to obtain the schema
array
false
Schema if available, null if its not or false if we cant connect.isProxyEnabled() : boolean
Users may configure phpLDAPadmin to use PROXY AUTH in config,php thus:
$servers->setValue('login','auth_type','proxy');
boolean
isSASLEnabled() : boolean
Users may configure phpLDAPadmin to use SASL in config,php thus:
$servers->setValue('server','sasl',true|false);
boolean
isTLSEnabled() : boolean
Users may configure phpLDAPadmin to use TLS in config,php thus:
$servers->setValue('server','tls',true|false);
boolean
startProxy($resource, $method)
startSASL($resource, $method)
todo | This has not been tested, please let the developers know if this function works as expected. |
---|
startTLS($resource)
unescapeDN($dn)
$custom
inherited_from | \DS::$$custom |
---|
$default
inherited_from | \DS::$$default |
---|
$index
inherited_from | \DS::$$index |
---|
$type
inherited_from | \DS::$$type |
---|
$_schemaDN
$_schema_entries
$force_may
$noconnect