MatchingRules()
SchemaAttributes()
SchemaObjectClasses()
SchemaSyntaxes()
__construct()
dnExists()
getAuthType()
getBaseDN()
getContainer()
getContainerContents()
getContainerPath()
getContainerTop()
getDNAttrValue()
getDNAttrValues()
getErrorMessage()
getErrorNum()
getIndex()
getLogin()
getLoginID()
getName()
getRootDSE()
getSchemaAttribute()
getSchemaObjectClass()
getValue()
inactivityTime()
isAnonBindAllowed()
isAttrBinary()
isAttrBoolean()
isDNAttr()
isDefaultKey()
isDefaultSetting()
isForceMay()
isJpegPhoto()
isLoggedIn()
isReadOnly()
isSessionValid()
isVisible()
login()
logout()
modify()
query()
setDefaults()
setValue()
untested()
userIsMember()
connect()
escapeDN()
getMethod()
getPassword()
setLogin()
userIsAllowedLogin()
explodeDN()
getLoginBaseDN()
getLoginClass()
getRawSchema()
getSchemaDN()
isProxyEnabled()
isSASLEnabled()
isTLSEnabled()
startProxy()
startSASL()
startTLS()
unescapeDN()
$custom
$default
$index
$type
$_schemaDN
$_schema_entries
$force_may
$noconnect
This abstract class provides the basic variables and methods for LDAP datastores
| package | phpLDAPadmin |
|---|---|
| subpackage | DataStore |
MatchingRules($method, $dn)
The key of each entry is the OID of the matching rule.
SchemaAttributes($method, string $dn) : array
Each array entry's key is the name of the attributeType in lower-case and the value is an AttributeType object.
string(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).
arrayAn array of AttributeType objects.SchemaObjectClasses($method, string $dn) : array
Each array entry's key is the name of the objectClass in lower-case and the value is an ObjectClass object.
| see | \global\ObjectClass |
|---|---|
| see | \global\getSchemaObjectClass |
string(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).
arrayAn array of ObjectClass objects.SchemaSyntaxes($method, $dn)
The key of each entry is the OID of the Syntax.
__construct($index)
dnExists(string $dn, string $method) : boolean
If the entry exists, returns true. Otherwise returns false.
stringThe DN of the entry of interest.
stringWhich connection method resource to use
booleangetAuthType()
| inherited_from | \DS::getAuthType() |
|---|
getBaseDN(string $method) : array
Tested with OpenLDAP 2.0, Netscape iPlanet, and Novell eDirectory 8.7 (nldap.com) Please report any and all bugs!!
Please note: On FC systems, it seems that php_ldap uses /etc/openldap/ldap.conf in the search base if it is blank - so edit that file and comment out the BASE line.
| todo | Sort the entries, so that they are in the correct DN order. |
|---|
stringWhich connection method resource to use
arraydn|null The root DN of the server on success (string) or null on error.getContainer(string $dn) : string
For example. given 'cn=Manager,dc=example,dc=com', this function returns 'dc=example,dc=com'.
stringThe DN whose container string to return.
stringThe containergetContainerContents(string $dn, string $method, int $size_limit, string $filter, \constant $deref) : array
Given a DN, this function fetches the list of DNs of child entries one level beneath the parent. For example, for the following tree:
dc=example,dc=com
ou=People
cn=Dave
cn=Fred
cn=Joe
ou=More People
cn=Mark
cn=Bob
Calling
getContainerContents("ou=people,dc=example,dc=com")
would return the following list:
cn=Dave
cn=Fred
cn=Joe
ou=More People
stringThe DN of the entry whose children to return.
stringWhich connection method resource to use
int(optional) The maximum number of entries to return. If unspecified, no limit is applied to the number of entries in the returned.
string(optional) An LDAP filter to apply when fetching children, example: "(objectClass=inetOrgPerson)"
\constant(optional) The LDAP deref setting to use in the query
arrayAn array of DN strings listing the immediate children of the specified entry.getContainerPath(string $dn, string $path) : string
stringThe DN whose container string to return.
stringEither '/', '.' or something like '../../
stringThe containergetContainerTop(string $dn) : string
stringThe DN whose container string to return.
stringThe containergetDNAttrValue(string $dn, string $attr, string $method, \constant $deref) : array
Example calls:
print_r(getDNAttrValue('cn=Bob,ou=people,dc=example,dc=com','sn'));
Array (
[0] => Smith
)
print_r(getDNAttrValue('cn=Bob,ou=people,dc=example,dc=com','objectClass'));
Array (
[0] => top
[1] => person
)
| see | \global\getDNAttrValues |
|---|---|
| todo | Caching these values may be problematic with multiple calls and different deref values. |
stringThe distinguished name (DN) of the entry whose attributes/values to fetch.
stringThe attribute whose value(s) to return (ie, "objectClass", "cn", "userPassword")
stringWhich connection method resource to use
\constantFor aliases and referrals, this parameter specifies whether to follow references to the referenced DN or to fetch the attributes for the referencing DN. See http://php.net/ldap_search for the 4 valid options.
arraygetDNAttrValues(string $dn, string $method, \constant $deref, $attrs) : array
Returns an associative array whose keys are attribute value names and whose values are arrays of values for said attribute.
Optionally, callers may specify true for the parameter $lower_case_attr_names to force all keys in the associate array (attribute names) to be lower case.
Example of its usage:
print_r(getDNAttrValues('cn=Bob,ou=pepole,dc=example,dc=com')
Array (
[objectClass] => Array (
[0] => person
[1] => top
)
[cn] => Array (
[0] => Bob
)
[sn] => Array (
[0] => Jones
)
[dn] => Array (
[0] => cn=Bob,ou=pepole,dc=example,dc=com
)
)
| see | \global\getDNSysAttrs |
|---|---|
| see | \global\getDNAttrValue |
stringThe distinguished name (DN) of the entry whose attributes/values to fetch.
stringWhich connection method resource to use
\constantFor aliases and referrals, this parameter specifies whether to follow references to the referenced DN or to fetch the attributes for the referencing DN. See http://php.net/ldap_search for the 4 valid options.
arraygetErrorMessage(string $method)
stringWhich connection method resource to use
getErrorNum(string $method)
stringWhich connection method resource to use
getIndex()
| inherited_from | \DS::getIndex() |
|---|
getLogin($method)
If this returns '', we are logged in with anonymous
| inherited_from | \DS::getLogin() |
|---|
getLoginID(string $user, $method)
stringWhich connection method resource to use
getName()
| inherited_from | \DS::getName() |
|---|
getRootDSE($method)
getSchemaAttribute($attr_name, $method, string $dn) : \AttributeType
| see | \global\AttributeType |
|---|---|
| see | \global\SchemaAttributes |
string(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).
\AttributeTypeThe specified AttributeType object or false on error.getSchemaObjectClass(string $oclass_name, $method, string $dn) : \ObjectClass
| see | \global\ObjectClass |
|---|---|
| see | \global\SchemaObjectClasses |
stringThe name of the objectClass to fetch.
string(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).
\ObjectClassThe specified ObjectClass object or false on error.getValue($key, $setting, $fatal)
| inherited_from | \DS::getValue() |
|---|
inactivityTime()
If there is not timeout, this function will return null.
| inherited_from | \DS::inactivityTime() |
|---|
isAnonBindAllowed()
isAttrBinary(string $attr_name) : boolean
This is useful for developers who wish to display the contents of an arbitrary attribute but don't want to dump binary data on the page.
| see | \global\isJpegPhoto |
|---|
stringThe name of the attribute to test.
booleanisAttrBoolean(string $attr_name) : boolean
This is useful for developers who wish to display the contents of a boolean attribute with a drop-down.
stringThe name of the attribute to test.
booleanisDNAttr(string $attr_name, $method) : boolean
Some examples include 'distinguishedName', 'member' and 'uniqueMember'.
stringThe name of the attribute of interest (case insensitive)
booleanisDefaultKey($key)
| inherited_from | \DS::isDefaultKey() |
|---|
isDefaultSetting($key, $setting)
| inherited_from | \DS::isDefaultSetting() |
|---|
isForceMay($attr_name) : boolean
booleanTrue if the specified attribute is in the $force_may list and false otherwise.isJpegPhoto(string $attr_name) : boolean
If the specified attribute is one that houses jpeg data, true is returned. Otherwise this function returns false.
| see | \global\draw_jpeg_photo |
|---|
stringThe name of the attribute to test.
booleanisLoggedIn($method)
| inherited_from | \DS::isLoggedIn() |
|---|
isReadOnly()
| inherited_from | \DS::isReadOnly() |
|---|
isSessionValid()
| inherited_from | \DS::isSessionValid() |
|---|
isVisible()
| inherited_from | \DS::isVisible() |
|---|
login($user, $pass, $method, $new) : boolean
method: 'user', connect with auth_id
method: '
booleantrue|false for successful login.logout($method)
| inherited_from | \DS::logout() |
|---|
modify($dn, $attrs, $method)
query(string $query, string $method, string $index, boolean $debug) : array | null
stringquery to perform $query['base'] $query['filter'] $query['scope'] $query['attrs'] = array(); $query['deref']
stringWhich connection method resource to use
stringIndex items according to this key
booleanEnable debugging output
arraynullResults of query.setDefaults($defaults)
| inherited_from | \DS::setDefaults() |
|---|
setValue($key, $setting, $value)
| inherited_from | \DS::setValue() |
|---|
untested()
| inherited_from | \DS::untested() |
|---|
userIsMember(string $user, \dn $group) : bool
Inputs:
stringmembership value that is being checked
\dnDN to see if user is a member
booltrue|falseconnect(string $method, $debug, $new) : resource | null
stringWhich connection method resource to use
resourcenullConnection resource if successful, null if not.escapeDN($dn)
getMethod(int $method) : string
If a method is passed, then it will be passed back. If no method is passed, then we'll check to see if the user is logged in. If they are, then 'user' is used, otherwise 'anon' is used.
| inherited_from | \DS::getMethod() |
|---|
intServer ID
stringConnection MethodgetPassword($method)
| inherited_from | \DS::getPassword() |
|---|
setLogin($user, $pass, $method)
| inherited_from | \DS::setLogin() |
|---|
userIsAllowedLogin($dn)
explodeDN(string $dn, int $with_attributes) : array
stringThe DN to explode.
int(optional) Whether to include attribute names (see http://php.net/ldap_explode_dn for details)
arrayAn array of RDN parts of this format: Array ( [0] => uid=ppratt [1] => ou=People [2] => dc=example [3] => dc=com ) NOTE: When a multivalue RDN is passed to ldap_explode_dn, the results returns with 'value + value';getLoginBaseDN()
getLoginClass()
getRawSchema(string $method, string $schema_to_fetch, \dn $dn) : array
Note, this function has grown many hairs to accomodate more LDAP servers. It is needfully complicated as it now supports many popular LDAP servers that don't necessarily expose their schema "the right way".
Please note: On FC systems, it seems that php_ldap uses /etc/openldap/ldap.conf in the search base if it is blank - so edit that file and comment out the BASE line.
stringWhich connection method resource to use
stringA string indicating which type of schema to fetch. Five valid values: 'objectclasses', 'attributetypes', 'ldapsyntaxes', 'matchingruleuse', or 'matchingrules'. Case insensitive.
\dn(optional) This paremeter is the DN of the entry whose schema you would like to fetch. Entries have the option of specifying their own subschemaSubentry that points to the DN of the system schema entry which applies to this attribute. If unspecified, this will try to retrieve the schema from the RootDSE subschemaSubentry. Failing that, we use some commonly known schema DNs. Default value is the Root DSE DN (zero-length string)
arrayan array of strings of this form: Array ( [0] => "(1.3.6.1.4.1.7165.1.2.2.4 NAME 'gidPool' DESC 'Pool ... [1] => "(1.3.6.1.4.1.7165.2.2.3 NAME 'sambaAccount' DESC 'Sa ... etc.getSchemaDN(string $method, \dn $dn) : array | false
If we cant connect to the LDAP server, we'll return false. If we can connect but cant get the entry, then we'll return null.
stringWhich connection method resource to use
\dnThe DN to use to obtain the schema
arrayfalseSchema if available, null if its not or false if we cant connect.isProxyEnabled() : boolean
Users may configure phpLDAPadmin to use PROXY AUTH in config,php thus:
$servers->setValue('login','auth_type','proxy');
booleanisSASLEnabled() : boolean
Users may configure phpLDAPadmin to use SASL in config,php thus:
$servers->setValue('server','sasl',true|false);
booleanisTLSEnabled() : boolean
Users may configure phpLDAPadmin to use TLS in config,php thus:
$servers->setValue('server','tls',true|false);
booleanstartProxy($resource, $method)
startSASL($resource, $method)
| todo | This has not been tested, please let the developers know if this function works as expected. |
|---|
startTLS($resource)
unescapeDN($dn)
$custom
| inherited_from | \DS::$$custom |
|---|
$default
| inherited_from | \DS::$$default |
|---|
$index
| inherited_from | \DS::$$index |
|---|
$type
| inherited_from | \DS::$$type |
|---|
$_schemaDN
$_schema_entries
$force_may
$noconnect