• Home
  • Horde_Ldap_Util

PHP Class Horde_Ldap_Util, horde

This class servers some functionality to the other classes of Horde_Ldap but most of the methods can be used separately as well. Copyright 2009 Benedikt Hallinger Copyright 2010-2016 Horde LLC (http://www.horde.org/)
Author: Benedikt Hallinger ([email protected])
Author: Jan Schneider ([email protected])
ファイルを表示 Open project: horde/horde Class Usage Examples

Public Methods

Method Description
asc2hex32 ( string $string ) : string Converts all ASCII chars < 32 to "\HEX".
canonicalDN ( array | string $dn, array $options = [] ) : boolean | string Converts a DN into a canonical form.
escapeDNValue ( string | array $values ) : array Escapes DN values according to RFC 2253.
escapeFilterValue ( array $values ) : array Escapes the given values according to RFC 2254 so that they can be safely used in LDAP filters.
explodeDN ( string $dn, array $options = [] ) : array Explodes the given DN into its elements
hex2asc ( string $string ) : string Converts all hexadecimal expressions ("\HEX") to their original ASCII characters.
splitAttributeString ( string $attr ) : array Splits a attribute=value syntax into an array.
splitRDNMultivalue ( string $rdn ) : array Splits a multivalued RDN value into an array.
unescapeDNValue ( array $values ) : array Unescapes DN values according to RFC 2253.
unescapeFilterValue ( array $values = [] ) : array Unescapes the given values according to RFC 2254.

Protected Methods

Method Description
_correctDNSplitting ( array $dn = [], array $separator = ',' ) : array Corrects splitting of DN parts.

Method Details

_correctDNSplitting() protected static method

Corrects splitting of DN parts.
protected static _correctDNSplitting ( array $dn = [], array $separator = ',' ) : array
$dn array Raw DN array.
$separator array Separator that was used when splitting.
return array Corrected array.

asc2hex32() public static method

Converts all ASCII chars < 32 to "\HEX".
public static asc2hex32 ( string $string ) : string
$string string String to convert.
return string Hexadecimal representation of $string.

canonicalDN() public static method

DN can either be a string or an array as returned by explodeDN(), which is useful when constructing a DN. The DN array may have be indexed (each array value is a OCL=VALUE pair) or associative (array key is OCL and value is VALUE). It performs the following operations on the given DN: - Removes the leading 'OID.' characters if the type is an OID instead of a name. - Escapes all RFC 2253 special characters (",", "+", """, "\", "<", ">", ";", "#", "="), slashes ("/"), and any other character where the ASCII code is < 32 as \hexpair. - Converts all leading and trailing spaces in values to be \20. - If an RDN contains multiple parts, the parts are re-ordered so that the attribute type names are in alphabetical order. $options is a list of name/value pairs, valid options are: - casefold: Controls case folding of attribute type names. Attribute values are not affected by this option. The default is to uppercase. Valid values are: - lower: Lowercase attribute type names. - upper: Uppercase attribute type names. - none: Do not change attribute type names. - reverse: If true, the RDN sequence is reversed. - separator: Separator to use between RDNs. Defaults to comma (','). The empty string "" is a valid DN, so be sure not to do a "$can_dn == false" test, because an empty string evaluates to false. Use the "===" operator instead.
public static canonicalDN ( array | string $dn, array $options = [] ) : boolean | string
$dn array | string The DN.
$options array Options to use.
return boolean | string The canonical DN or false if the DN is not valid.

escapeDNValue() public static method

Escapes the given VALUES according to RFC 2253 so that they can be safely used in LDAP DNs. The characters ",", "+", """, "\", "<", ">", ";", "#", "=" with a special meaning in RFC 2252 are preceeded by ba backslash. Control characters with an ASCII code < 32 are represented as \hexpair. Finally all leading and trailing spaces are converted to sequences of \20.
public static escapeDNValue ( string | array $values ) : array
$values string | array DN values that should be escaped.
return array The escaped values.

escapeFilterValue() public static method

Any control characters with an ACII code < 32 as well as the characters with special meaning in LDAP filters "*", "(", ")", and "\" (the backslash) are converted into the representation of a backslash followed by two hex digits representing the hexadecimal value of the character.
public static escapeFilterValue ( array $values ) : array
$values array Values to escape.
return array Escaped values.

explodeDN() public static method

{@link http://www.ietf.org/rfc/rfc2253.txt RFC 2253} says, a Distinguished Name is a sequence of Relative Distinguished Names (RDNs), which themselves are sets of Attributes. For each RDN a array is constructed where the RDN part is stored. For example, the DN 'OU=Sales+CN=J. Smith,DC=example,DC=net' is exploded to: array(array('OU=Sales', 'CN=J. Smith'), 'DC=example', 'DC=net') [NOT IMPLEMENTED] DNs might also contain values, which are the bytes of the BER encoding of the X.500 AttributeValue rather than some LDAP string syntax. These values are hex-encoded and prefixed with a #. To distinguish such BER values, explodeDN uses references to the actual values, e.g. '1.3.6.1.4.1.1466.0=#04024869,DC=example,DC=com' is exploded to: array(array('1.3.6.1.4.1.1466.0' => "\004\002Hi"), array('DC' => 'example', array('DC' => 'com')) See {@link http://www.vijaymukhi.com/vmis/berldap.htm} for more information on BER. It also performs the following operations on the given DN: - Unescape "\" followed by ",", "+", """, "\", "<", ">", ";", "#", "=", " ", or a hexpair and strings beginning with "#". - Removes the leading 'OID.' characters if the type is an OID instead of a name. - If an RDN contains multiple parts, the parts are re-ordered so that the attribute type names are in alphabetical order. $options is a list of name/value pairs, valid options are: - casefold: Controls case folding of attribute types names. Attribute values are not affected by this option. The default is to uppercase. Valid values are: - lower: Lowercase attribute types names. - upper: Uppercase attribute type names. This is the default. - none: Do not change attribute type names. - reverse: If true, the RDN sequence is reversed. - onlyvalues: If true, then only attributes values are returned ('foo' instead of 'cn=foo')
public static explodeDN ( string $dn, array $options = [] ) : array
$dn string The DN that should be exploded.
$options array Options to use.
return array Parts of the exploded DN.

hex2asc() public static method

Converts all hexadecimal expressions ("\HEX") to their original ASCII characters.
Author: [email protected], heavily based on work from [email protected]
public static hex2asc ( string $string ) : string
$string string String to convert.
return string ASCII representation of $string.

splitAttributeString() public static method

The split will occur at the first unescaped '=' character.
public static splitAttributeString ( string $attr ) : array
$attr string An attribute-value string.
return array Indexed array: 0=attribute name, 1=attribute value.

splitRDNMultivalue() public static method

A RDN can contain multiple values, spearated by a plus sign. This method returns each separate ocl=value pair of the RDN part. If no multivalued RDN is detected, an array containing only the original RDN part is returned. For example, the multivalued RDN 'OU=Sales+CN=J. Smith' is exploded to: array([0] => 'OU=Sales', [1] => 'CN=J. Smith') The method tries to be smart if it encounters unescaped "+" characters, but may fail, so better ensure escaped "+" in attribute names and values. [BUG] If you have a multivalued RDN with unescaped plus characters and there is a unescaped plus sign at the end of an value followed by an attribute name containing an unescaped plus, then you will get wrong splitting: $rdn = 'OU=Sales+C+N=J. Smith'; returns: array('OU=Sales+C', 'N=J. Smith'); The "C+" is treaten as the value of the first pair instead of as the attribute name of the second pair. To prevent this, escape correctly.
public static splitRDNMultivalue ( string $rdn ) : array
$rdn string Part of a (multivalued) escaped RDN (e.g. ou=foo or ou=foo+cn=bar)
return array The components of the multivalued RDN.

unescapeDNValue() public static method

Reverts the conversion done by escapeDNValue(). Any escape sequence starting with a baskslash - hexpair or special character - will be transformed back to the corresponding character.
public static unescapeDNValue ( array $values ) : array
$values array DN values.
return array Unescaped DN values.

unescapeFilterValue() public static method

Reverses the conversion done by {@link escapeFilterValue()}. Converts any sequences of a backslash followed by two hex digits into the corresponding character.
public static unescapeFilterValue ( array $values = [] ) : array
$values array Values to unescape.
return array Unescaped values.