PHP Класс Horde_Ldap, horde

Автор: Tarjej Huse ([email protected])

Автор: Jan Wagner ([email protected])

Автор: Del ([email protected])

Автор: Benedikt Hallinger ([email protected])

Автор: Ben Klang ([email protected])

Автор: Chuck Hagenbuch ([email protected])

Автор: Jan Schneider ([email protected])

Показать файл Открыть проект Примеры использования класса

Защищенные свойства (Protected)

Свойство	Тип	Описание
$_config	array	- hostspec: the LDAP host to connect to (may be an array of several hosts to try). - port: the server port. - version: LDAP version (defaults to 3). - tls: when set, ldap_start_tls() is run after connecting. - binddn: the DN to bind as when searching. - bindpw: password to use when searching LDAP. - basedn: LDAP base. - options: hash of LDAP options to set. - filter: default search filter. - scope: default search scope. - user: configuration parameters for {@link findUserDN()}, must contain 'uid', and may contain 'basedn' entries. - timeout: Connection timeout in seconds (defaults to 5). - auto_reconnect: if true, the class will automatically attempt to reconnect to the LDAP server in certain failure conditions when attempting a search, or other LDAP operations. Defaults to false. Note that if you set this to true, calls to search() may block indefinitely if there is a catastrophic server failure. - min_backoff: minimum reconnection delay period (in seconds). - current_backof: initial reconnection delay period (in seconds). - max_backoff: maximum reconnection delay period (in seconds). - cache a Horde_Cache instance for caching schema requests.
$_downHostList	array	List of hosts that are known to be down.
$_hostList	array	List of hosts we try to establish a connection to.
$_link	resource	LDAP resource link.
$_rootDSECache	array	Hash with requested rootDSE attr names as key and rootDSE object as value. Since the RootDSE object itself may request a rootDSE object, {@link rootDSE()} caches successful requests. Internally, Horde_Ldap needs several lookups to this object, so caching increases performance significally.
$_schema	Horde_Ldap_Schema	Schema object.
$_schemaAttrs		Cache for attribute encoding checks.
$_schemaCache	string	Schema cache function callback.

Открытые методы

Метод	Описание
__construct ( array $config = [] )	Constructor.
__destruct ( )	Destructor.
add ( Horde_Ldap_Entry $entry )	Adds a new entry to the directory.
bind ( string $dn = null, string $password = null )	Bind or rebind to the LDAP server.
buildClause ( string $lhs, string $op, string $rhs, array $params = [] ) : string	Builds an LDAP search filter fragment.
checkLDAPExtension ( )	Checks if PHP's LDAP extension is loaded.
copy ( Horde_Ldap_Entry $entry, string $newdn ) : Horde_Ldap_Entry	Copies an entry to a new location.
delete ( string \| Horde_Ldap_Entry $dn, boolean $recursive = false )	Deletes an entry from the directory.
disconnect ( )	Closes the LDAP connection.
errorName ( integer $errorcode ) : string	Returns the string for an LDAP errorcode.
exists ( string \| Horde_Ldap_Entry $dn ) : boolean	Returns whether a DN exists in the directory.
findUserDN ( string $user ) : string	Returns the DN of a user.
getEntry ( string $dn, array $attributes = [] ) : Horde_Ldap_Entry	Returns a specific entry based on the DN.
getLink ( ) : resource	Returns the LDAP link resource.
getOption ( string $option ) : Horde_Ldap_Error \| string	Returns an LDAP option value.
getVersion ( ) : integer	Returns the LDAP protocol version that is used on the connection.
modify ( string \| Horde_Ldap_Entry $entry, array $parms = [] )	Modifies an LDAP entry on the server.
move ( string \| Horde_Ldap_Entry $entry, string $newdn, Horde_Ldap $target_ldap = null )	Renames or moves an entry.
quote ( string $clause ) : string	Escapes characters with special meaning in LDAP searches.
quoteDN ( array $parts ) : string	Takes an array of DN elements and properly quotes it according to RFC 1485.
rootDSE ( array $attrs = [] ) : Horde_Ldap_RootDse	Returns a rootDSE object
schema ( string $dn = null ) : Horde_Ldap_Schema	Returns a schema object
search ( string \| Horde_Ldap_Entry $base = null, string \| Horde_Ldap_Filter $filter = null, array $params = [] ) : Horde_Ldap_Search	Runs an LDAP search query.
setOption ( string $option, mixed $value )	Sets an LDAP option.
setVersion ( integer $version, boolean $force = false )	Sets the LDAP protocol version that is used on the connection.
startTLS ( )	Starts an encrypted session.
utf8Decode ( array $attributes ) : array \| Horde_Ldap_Error
utf8Encode ( array $attributes ) : array \| Horde_Ldap_Error

Защищенные методы

Метод	Описание
_connect ( )	Connects to the LDAP server.
_quoteRDN ( array $attribute ) : string	Takes an RDN array with an attribute name and value and properly quotes it according to RFC 1485.
_quoteRDNs ( array $attribute ) : string	Takes a single or a list of RDN arrays with an attribute name and value and properly quotes it according to RFC 1485.
_reconnect ( )	Reconnects to the LDAP server.
setConfig ( array $config )	Sets the internal configuration array.
utf8 ( array $attributes, array $function ) : array

Описание методов

__construct() публичный Метод

Constructor.

public __construct ( array $config = [] )
$config	array	Configuration array.

__destruct() публичный Метод

Destructor.

public __destruct ( )

_connect() защищенный Метод

This function connects to the LDAP server specified in the configuration, binds and set up the LDAP protocol as needed.

protected _connect ( )

_quoteRDN() защищенный статический Метод

Takes an RDN array with an attribute name and value and properly quotes it according to RFC 1485.

protected static _quoteRDN ( array $attribute ) : string
$attribute	array	A tuple containing the attribute name and that attribute's value which make up the RDN.
Результат	string	The properly quoted string RDN.

_quoteRDNs() защищенный статический Метод

Takes a single or a list of RDN arrays with an attribute name and value and properly quotes it according to RFC 1485.

protected static _quoteRDNs ( array $attribute ) : string
$attribute	array	A tuple or array of tuples containing the attribute name and that attribute's value which make up the RDN.
Результат	string	The properly quoted string RDN.

_reconnect() защищенный Метод

In case the connection to the LDAP service has dropped out for some reason, this function will reconnect, and re-bind if a bind has been attempted in the past. It is probably most useful when the server list provided to the new() or _connect() function is an array rather than a single host name, because in that case it will be able to connect to a failover or secondary server in case the primary server goes down. This method just tries to re-establish the current connection. It will sleep for the current backoff period (seconds) before attempting the connect, and if the connection fails it will double the backoff period, but not try again. If you want to ensure a reconnection during a transient period of server downtime then you need to call this function in a loop.

protected _reconnect ( )

add() публичный Метод

This also links the entry to the connection used for the add, if it was a fresh entry.

См. также: HordeLdap_Entry::createFresh()

public add ( Horde_Ldap_Entry $entry )
$entry	Horde_Ldap_Entry	An LDAP entry.

bind() публичный Метод

This function binds with the given DN and password to the server. In case no connection has been made yet, it will be started and STARTTLS issued if appropiate. The internal bind configuration is not being updated, so if you call bind() without parameters, you can rebind with the credentials provided at first connecting to the server.

public bind ( string $dn = null, string $password = null )
$dn	string	DN for binding.
$password	string	Password for binding.

buildClause() публичный статический Метод

Builds an LDAP search filter fragment.

public static buildClause ( string $lhs, string $op, string $rhs, array $params = [] ) : string
$lhs	string	The attribute to test.
$op	string	The operator.
$rhs	string	The comparison value.
$params	array	Any additional parameters for the operator.
Результат	string	The LDAP search fragment.

checkLDAPExtension() публичный статический Метод

If it is not loaded, it tries to load it manually using PHP's dl(). It knows both windows-dll and *nix-so.

public static checkLDAPExtension ( )

copy() публичный Метод

The entry will be immediately copied. Only attributes you have selected will be copied.

public copy ( Horde_Ldap_Entry $entry, string $newdn ) : Horde_Ldap_Entry
$entry	Horde_Ldap_Entry	An LDAP entry.
$newdn	string	New FQF-DN of the entry.
Результат	Horde_Ldap_Entry	The copied entry.

delete() публичный Метод

Deletes an entry from the directory.

public delete ( string \| Horde_Ldap_Entry $dn, boolean $recursive = false )
$dn	string \| Horde_Ldap_Entry	DN string or Horde_Ldap_Entry.
$recursive	boolean	Should we delete all children recursivelx as well?

disconnect() публичный Метод

Closes the LDAP connection.

public disconnect ( )

errorName() публичный статический Метод

Made to be able to make better errorhandling. Function based on DB::errorMessage(). Hint: The best description of the errorcodes is found here: http://www.directory-info.com/Ldap/LDAPErrorCodes.html

public static errorName ( integer $errorcode ) : string
$errorcode	integer	An error code.
Результат	string	The description for the error.

exists() публичный Метод

Returns whether a DN exists in the directory.

public exists ( string \| Horde_Ldap_Entry $dn ) : boolean
$dn	string \| Horde_Ldap_Entry	The DN of the object to test.
Результат	boolean	True if the DN exists.

findUserDN() публичный Метод

The purpose is to quickly find the full DN of a user so it can be used to re-bind as this user. This method requires the 'user' configuration parameter to be set.

public findUserDN ( string $user ) : string
$user	string	The user to find.
Результат	string	The user's full DN.

getEntry() публичный Метод

Returns a specific entry based on the DN.

public getEntry ( string $dn, array $attributes = [] ) : Horde_Ldap_Entry
$dn	string	DN of the entry that should be fetched.
$attributes	array	Array of Attributes to select. If ommitted, all attributes are fetched.
Результат	Horde_Ldap_Entry	A Horde_Ldap_Entry object.

getLink() публичный Метод

It will loop attempting to re-establish the connection if the connection attempt fails and auto_reconnect has been turned on (see the _config array documentation).

public getLink ( ) : resource
Результат	resource	LDAP link.

getOption() публичный Метод

Returns an LDAP option value.

public getOption ( string $option ) : Horde_Ldap_Error \| string
$option	string	Option to get.
Результат	Horde_Ldap_Error \| string	Horde_Ldap_Error or option value

getVersion() публичный Метод

A lot of LDAP functionality is defined by what protocol version the LDAP server speaks. This might be 2 or 3.

public getVersion ( ) : integer
Результат	integer	The protocol version.

modify() публичный Метод

The $params argument is an array of actions and should be something like this:


array('add' => array('attribute1' => array('val1', 'val2'),
                     'attribute2' => array('val1')),
      'delete' => array('attribute1'),
      'replace' => array('attribute1' => array('val1')),
      'changes' => array('add' => ...,
                         'replace' => ...,
                         'delete' => array('attribute1', 'attribute2' => array('val1')))

The order of execution is as following: 1. adds from 'add' array 2. deletes from 'delete' array 3. replaces from 'replace' array 4. changes (add, replace, delete) in order of appearance The function calls the corresponding functions of an Horde_Ldap_Entry object. A detailed description of array structures can be found there. Unlike the modification methods provided by the Horde_Ldap_Entry object, this method will instantly carry out an update() after each operation, thus modifying "directly" on the server.

См. также: Horde_Ldap_Entry::add()

См. также: Horde_Ldap_Entry::delete()

См. также: Horde_Ldap_Entry::replace()

public modify ( string \| Horde_Ldap_Entry $entry, array $parms = [] )
$entry	string \| Horde_Ldap_Entry	DN string or Horde_Ldap_Entry.
$parms	array	Array of changes

move() публичный Метод

This method will instantly carry out an update() after the move, so the entry is moved instantly. You can pass an optional Horde_Ldap object. In this case, a cross directory move will be performed which deletes the entry in the source (THIS) directory and adds it in the directory $target_ldap. A cross directory move will switch the entry's internal LDAP reference so updates to the entry will go to the new directory. If you want to do a cross directory move, you need to pass an Horde_Ldap_Entry object, otherwise the attributes will be empty.

public move ( string \| Horde_Ldap_Entry $entry, string $newdn, Horde_Ldap $target_ldap = null )
$entry	string \| Horde_Ldap_Entry	An LDAP entry.
$newdn	string	The new location.
$target_ldap	Horde_Ldap	Target directory for cross server move.

quote() публичный статический Метод

Escapes characters with special meaning in LDAP searches.

public static quote ( string $clause ) : string
$clause	string	The string to escape.
Результат	string	The escaped string.

quoteDN() публичный статический Метод

Takes an array of DN elements and properly quotes it according to RFC 1485.

public static quoteDN ( array $parts ) : string
$parts	array	An array of tuples containing the attribute name and that attribute's value which make up the DN. Example: `$parts = array( array('cn', 'John Smith'), array('dc', 'example'), array('dc', 'com') );` Nested arrays are supported since 2.1.0, to form multi-valued RDNs. Example: `$parts = array( array( array('cn', 'John'), array('sn', 'Smith'), array('o', 'Acme Inc.'), ), array('dc', 'example'), array('dc', 'com') );` which will result in cn=John+sn=Smith+o=Acme Inc.,dc=example,dc=com
Результат	string	The properly quoted string DN.

rootDSE() публичный Метод

This either fetches a fresh rootDSE object or returns it from the internal cache for performance reasons, if possible.

public rootDSE ( array $attrs = [] ) : Horde_Ldap_RootDse
$attrs	array	Array of attributes to search for.
Результат	Horde_Ldap_RootDse	Horde_Ldap_RootDse object

schema() публичный Метод

Returns a schema object

public schema ( string $dn = null ) : Horde_Ldap_Schema
$dn	string	Subschema entry dn.
Результат	Horde_Ldap_Schema	Horde_Ldap_Schema object

search() публичный Метод

$base and $filter may be ommitted. The one from config will then be used. $base is either a DN-string or an Horde_Ldap_Entry object in which case its DN will be used. $params may contain: - scope: The scope which will be used for searching, defaults to 'sub': - base: Just one entry - sub: The whole tree - one: Immediately below $base - sizelimit: Limit the number of entries returned (default: 0 = unlimited) - timelimit: Limit the time spent for searching (default: 0 = unlimited) - attrsonly: If true, the search will only return the attribute names - attributes: Array of attribute names, which the entry should contain. It is good practice to limit this to just the ones you need. You cannot override server side limitations to sizelimit and timelimit: You can always only lower a given limit.

public search ( string \| Horde_Ldap_Entry $base = null, string \| Horde_Ldap_Filter $filter = null, array $params = [] ) : Horde_Ldap_Search
$base	string \| Horde_Ldap_Entry	LDAP searchbase.
$filter	string \| Horde_Ldap_Filter	LDAP search filter.
$params	array	Array of options.
Результат	Horde_Ldap_Search	The search result.

setConfig() защищенный Метод

Sets the internal configuration array.

protected setConfig ( array $config )
$config	array	Configuration hash.

setOption() публичный Метод

Sets an LDAP option.

public setOption ( string $option, mixed $value )
$option	string	Option to set.
$value	mixed	Value to set option to.

setVersion() публичный Метод

Sets the LDAP protocol version that is used on the connection.

public setVersion ( integer $version, boolean $force = false )
$version	integer	LDAP version that should be used.
$force	boolean	If set to true, the check against the rootDSE will be skipped.

startTLS() публичный Метод

Starts an encrypted session.

public startTLS ( )

utf8() защищенный Метод

protected utf8 ( array $attributes, array $function ) : array
$attributes	array	Array of attributes
$function	array	Function to apply to attribute values
Результат	array	Array of attributes with function applied to values.

utf8Decode() публичный Метод

См. также: utf8Encode()

public utf8Decode ( array $attributes ) : array \| Horde_Ldap_Error
$attributes	array	Array of attributes
Результат	array \| Horde_Ldap_Error	Array with decoded attribute values or Error

utf8Encode() публичный Метод

public utf8Encode ( array $attributes ) : array \| Horde_Ldap_Error
$attributes	array	An array of attributes.
Результат	array \| Horde_Ldap_Error	An array of UTF8 encoded attributes or an error.

Описание свойств

$_config защищенное свойство

- hostspec: the LDAP host to connect to (may be an array of several hosts to try). - port: the server port. - version: LDAP version (defaults to 3). - tls: when set, ldap_start_tls() is run after connecting. - binddn: the DN to bind as when searching. - bindpw: password to use when searching LDAP. - basedn: LDAP base. - options: hash of LDAP options to set. - filter: default search filter. - scope: default search scope. - user: configuration parameters for {@link findUserDN()}, must contain 'uid', and may contain 'basedn' entries. - timeout: Connection timeout in seconds (defaults to 5). - auto_reconnect: if true, the class will automatically attempt to reconnect to the LDAP server in certain failure conditions when attempting a search, or other LDAP operations. Defaults to false. Note that if you set this to true, calls to search() may block indefinitely if there is a catastrophic server failure. - min_backoff: minimum reconnection delay period (in seconds). - current_backof: initial reconnection delay period (in seconds). - max_backoff: maximum reconnection delay period (in seconds). - cache a Horde_Cache instance for caching schema requests.

protected array $_config
Результат	array

$_downHostList защищенное свойство

List of hosts that are known to be down.

protected array $_downHostList
Результат	array

$_hostList защищенное свойство

List of hosts we try to establish a connection to.

protected array $_hostList
Результат	array

$_link защищенное свойство

LDAP resource link.

protected resource $_link
Результат	resource

$_rootDSECache защищенное свойство

Hash with requested rootDSE attr names as key and rootDSE object as value. Since the RootDSE object itself may request a rootDSE object, {@link rootDSE()} caches successful requests. Internally, Horde_Ldap needs several lookups to this object, so caching increases performance significally.

protected array $_rootDSECache
Результат	array

$_schema защищенное свойство

Schema object.

См. также: schema()

protected Horde_Ldap_Schema $_schema
Результат	Horde_Ldap_Schema

$_schemaAttrs защищенное свойство

Cache for attribute encoding checks.

protected $_schemaAttrs

$_schemaCache защищенное свойство

Schema cache function callback.

См. также: registerSchemaCache()

protected string $_schemaCache
Результат	string