<?php
/**
* Authenticates the user against the given ldap $host by $username and $password.
*
* @param string $host
* @param int $port
* @param string $username
* @param string $password
*
* @return bool
*/
function if_ldap_authenticate($host, $port, $username, $password, $protocolVersion)
{
// Check whether the ldap module is active.
if (!function_exists("ldap_connect"))
return false;
// Connect.
$c = NULL;
if ($port == 0)
{
$c = ldap_connect($host);
}
else
{
$c = ldap_connect($host, $port);
}
// Connection ok?
if (!$c)
return false;
// Bind.
$b = false;
if ($c)
{
// Set protocol version.
ldap_set_option($c, LDAP_OPT_PROTOCOL_VERSION, $protocolVersion);
// Auth now.
if (ldap_bind($c, $username, $password))
{
$b = true;
ldap_unbind($c);
}
}
// Close LDAP connection.
if($c)
{
@ldap_close($c);
}
return $b;
}
class IF_Ldap_Exception extends Exception
{
public function __construct($message="", $code=0, Exception $previous=null)
{
parent::__construct($message, $code, $previous);
}
}
class IF_AbstractLdapConnector
{
/**
* The internaly used LDAP connection identifier.
* This is useful to get the error message of the LDAP connection.
* @var link_identifier The LDAP connection.
*/
public $connection;
/**
* The LDAP protocol version. Best choice: 3
* @var int
*/
private $ldapVersion;
/**
* Constructor.
*/
public function __construct()
{
}
/**
* Create a connection to the given LDAP server.
* The $host can be a URL "ldap://myserver.internal:389/"
* or just the $host "myserver.internal".
* If the second format is used, the $port must be given.
*
* @param string $host
* @param int $port (default=0)
* @param int $procotol_version (default=2)
*
* @return bool
*/
public function connect($host, $port=0, $protocol_version=2)
{
if ($port == 0)
{
$this->connection = ldap_connect($host);
}
else
{
$this->connection = ldap_connect($host, $port);
}
if (!$this->connection)
return false;
// Set protocol version.
if ($this->connection)
ldap_set_option($this->connection, LDAP_OPT_PROTOCOL_VERSION, $protocol_version);
return (!$this->connection) ? FALSE : TRUE;
}
/**
* Closes the ldap connection of this object.
*
* @return bool
*/
public function close()
{
if ($this->connection)
{
if (!ldap_close($this->connection))
return false;
}
return true;
}
/**
* Trys to bind this object connection with the given user data.
*
* @param string $username
* @param string $password
*
* @return bool
*/
public function bind($username, $password)
{
if (ldap_bind($this->connection, $username, $password))
{
return true;
}
return FALSE;
}
/**
* Returns the error string, if an error occured.
* @return string
*/
public function error()
{
return ldap_error($this->connection);
}
/**
* Returns the error code, if an error occured.
* @return int
*/
public function errno()
{
return ldap_errno($this->connection);
}
/**
* Reads a single entry via LDAP and returns it as an object with properties.
*
* @param HANDLE $conn The ldap connection handle.
* @param string $base_dn The base DN in which is to search.
* @param string $search_filter The filter which is to use.
* @param array $return_attributes The attributes of entries which should be fetched.
*
* @return stdClass object with property values defined by $return_attributes or FALSE
*/
protected function objectRead($conn, $base_dn, $search_filter, $return_attributes)
{
$sr = ldap_read($conn, $base_dn, $search_filter, $return_attributes);
if($sr)
{
$entries = ldap_get_entries($conn, $sr);
$entry = $entries[0];
$u = self::createObjectFromEntry($entry);
return $u;
}
return false;
}
/**
* Searches for entries in the ldap.
*
* @param HANDLE $conn The ldap connection handle.
* @param string $base_dn The base DN in which is to search.
* @param string $search_filter The filter which is to use.
* @param array $return_attributes The attributes of entries which should be fetched.
* @param int $limit The maximum number of entries.
*
* @return array of stdClass objects with property values defined by $return_attributes+"dn"
*/
protected function objectSearch($conn, $base_dn, $search_filter, $return_attributes, $limit)
{
$sr = ldap_search(
$conn,
$base_dn,
$search_filter,
$return_attributes,
0,
$limit
);
if($sr)
{
// Get the found entries as array.
$entries = ldap_get_entries($conn,$sr);
if($entries)
{
$ret = array();
$count = $entries["count"];
for($i=0; $i<$count; $i++)
{
// A $entry contains all attributes of a single dataset from ldap.
// (array)
$entry = $entries[$i];
// Create a new user object which will hold the attributes.
// And add the default attribute "dn".
$u = self::createObjectFromEntry($entry);
// Add the user object to the return list.
array_push($ret,$u);
}
return $ret;
}
else
{
return false;
}
}
else
{
return false;
}
}
/**
* Creates a stdClass object with a property for each attribute.
* For example:
* Entry ( "sn" => "Chuck Norris", "kick" => "Round house kick" )
* Will return the stdClass object with following properties:
* stdClass->sn
* stdClass->kick
*
* @return stdClass
*/
protected function createObjectFromEntry(&$entry)
{
// Create a new user object which will hold the attributes.
// And add the default attribute "dn".
$u = new stdClass;
$u->dn = $entry["dn"];
// The number of attributes inside the $entry array.
$att_count = $entry["count"];
for($j=0; $j<$att_count; $j++)
{
$attr_name = $entry[$j];
$attr_value = $entry[$attr_name];
$attr_value_count = $entry[$attr_name]["count"];
// Use single scalar object for the attr value.
if($attr_value_count == 1)
{
$attr_single_value = $attr_value[0];
$u->$attr_name = $attr_single_value;
}
else
{
$attr_multi_value = array();
for($n=0; $n<$attr_value_count; $n++)
{
array_push($attr_multi_value,$attr_value[$n]);
}
$u->$attr_name = $attr_multi_value;
}
}
return $u;
}
}
?>