MatchingRules()
SchemaAttributes()
SchemaObjectClasses()
SchemaSyntaxes()
__construct()
__get()
add()
checkUniqueAttrs()
delete()
dnExists()
getAuthType()
getBaseDN()
getContainer()
getContainerContents()
getContainerPath()
getContainerTop()
getDNAttrValue()
getDNAttrValues()
getErrorMessage()
getErrorNum()
getIndex()
getLogin()
getLoginID()
getName()
getRootDSE()
getSchemaAttribute()
getSchemaObjectClass()
getValue()
inactivityTime()
isAnonBindAllowed()
isAttrBinary()
isAttrBoolean()
isAttrHidden()
isAttrReadOnly()
isAttrUnique()
isBranchRenameEnabled()
isDNAttr()
isDefaultKey()
isDefaultSetting()
isForceMay()
isJpegPhoto()
isLoggedIn()
isMultiLineAttr()
isReadOnly()
isSessionValid()
isShowCreateEnabled()
isVisible()
login()
logout()
modify()
query()
rename()
setDefaults()
setValue()
untested()
userIsMember()
connect()
escapeDN()
getMethod()
getPassword()
setLogin()
userIsAllowedLogin()
explodeDN()
getLoginBaseDN()
getLoginClass()
getRawSchema()
getSchemaDN()
isAttrTest()
isProxyEnabled()
isSASLEnabled()
isTLSEnabled()
startProxy()
startSASL()
startTLS()
unescapeDN()
$custom
$default
$index
$type
$_schemaDN
$_schema_entries
$force_may
$noconnect
This abstract class provides variables and methods for LDAP datastores for use by PLA.
| package | phpLDAPadmin |
|---|---|
| subpackage | DataStore |
MatchingRules($method, $dn)
The key of each entry is the OID of the matching rule.
| inherited_from | \myldap::MatchingRules() |
|---|
SchemaAttributes($method, string $dn) : array
Each array entry's key is the name of the attributeType in lower-case and the value is an AttributeType object.
| inherited_from | \myldap::SchemaAttributes() |
|---|
string(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).
arrayAn array of AttributeType objects.SchemaObjectClasses($method, string $dn) : array
Each array entry's key is the name of the objectClass in lower-case and the value is an ObjectClass object.
| see | \global\ObjectClass |
|---|---|
| see | \global\getSchemaObjectClass |
| inherited_from | \myldap::SchemaObjectClasses() |
string(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).
arrayAn array of ObjectClass objects.SchemaSyntaxes($method, $dn)
The key of each entry is the OID of the Syntax.
| inherited_from | \myldap::SchemaSyntaxes() |
|---|
__construct($index)
__get($key)
add($dn, $entry_array, $method)
checkUniqueAttrs(\dn $dn, string $attrs)
Returns the bad value, or null if all values are OK
\dnDN that is being changed
stringAttribute being changed
delete($dn, $method)
dnExists(string $dn, string $method) : boolean
If the entry exists, returns true. Otherwise returns false.
| inherited_from | \myldap::dnExists() |
|---|
stringThe DN of the entry of interest.
stringWhich connection method resource to use
booleangetAuthType()
| inherited_from | \DS::getAuthType() |
|---|---|
| inherited_from | \myldap::getAuthType() |
getBaseDN(string $method) : array
Tested with OpenLDAP 2.0, Netscape iPlanet, and Novell eDirectory 8.7 (nldap.com) Please report any and all bugs!!
Please note: On FC systems, it seems that php_ldap uses /etc/openldap/ldap.conf in the search base if it is blank - so edit that file and comment out the BASE line.
| inherited_from | \myldap::getBaseDN() |
|---|
stringWhich connection method resource to use
arraydn|null The root DN of the server on success (string) or null on error.getContainer(string $dn) : string
For example. given 'cn=Manager,dc=example,dc=com', this function returns 'dc=example,dc=com'.
| inherited_from | \myldap::getContainer() |
|---|
stringThe DN whose container string to return.
stringThe containergetContainerContents(string $dn, string $method, int $size_limit, string $filter, \constant $deref) : array
Given a DN, this function fetches the list of DNs of child entries one level beneath the parent. For example, for the following tree:
dc=example,dc=com
ou=People
cn=Dave
cn=Fred
cn=Joe
ou=More People
cn=Mark
cn=Bob
Calling
getContainerContents("ou=people,dc=example,dc=com")
would return the following list:
cn=Dave
cn=Fred
cn=Joe
ou=More People
| inherited_from | \myldap::getContainerContents() |
|---|
stringThe DN of the entry whose children to return.
stringWhich connection method resource to use
int(optional) The maximum number of entries to return. If unspecified, no limit is applied to the number of entries in the returned.
string(optional) An LDAP filter to apply when fetching children, example: "(objectClass=inetOrgPerson)"
\constant(optional) The LDAP deref setting to use in the query
arrayAn array of DN strings listing the immediate children of the specified entry.getContainerPath(string $dn, string $path) : string
| inherited_from | \myldap::getContainerPath() |
|---|
stringThe DN whose container string to return.
stringEither '/', '.' or something like '../../
stringThe containergetContainerTop(string $dn) : string
| inherited_from | \myldap::getContainerTop() |
|---|
stringThe DN whose container string to return.
stringThe containergetDNAttrValue(string $dn, string $attr, string $method, \constant $deref) : array
Example calls:
print_r(getDNAttrValue('cn=Bob,ou=people,dc=example,dc=com','sn'));
Array (
[0] => Smith
)
print_r(getDNAttrValue('cn=Bob,ou=people,dc=example,dc=com','objectClass'));
Array (
[0] => top
[1] => person
)
| see | \global\getDNAttrValues |
|---|---|
| inherited_from | \myldap::getDNAttrValue() |
stringThe distinguished name (DN) of the entry whose attributes/values to fetch.
stringThe attribute whose value(s) to return (ie, "objectClass", "cn", "userPassword")
stringWhich connection method resource to use
\constantFor aliases and referrals, this parameter specifies whether to follow references to the referenced DN or to fetch the attributes for the referencing DN. See http://php.net/ldap_search for the 4 valid options.
arraygetDNAttrValues(string $dn, string $method, \constant $deref, $attrs) : array
Returns an associative array whose keys are attribute value names and whose values are arrays of values for said attribute.
Optionally, callers may specify true for the parameter $lower_case_attr_names to force all keys in the associate array (attribute names) to be lower case.
Example of its usage:
print_r(getDNAttrValues('cn=Bob,ou=pepole,dc=example,dc=com')
Array (
[objectClass] => Array (
[0] => person
[1] => top
)
[cn] => Array (
[0] => Bob
)
[sn] => Array (
[0] => Jones
)
[dn] => Array (
[0] => cn=Bob,ou=pepole,dc=example,dc=com
)
)
| see | \global\getDNSysAttrs |
|---|---|
| see | \global\getDNAttrValue |
| inherited_from | \myldap::getDNAttrValues() |
stringThe distinguished name (DN) of the entry whose attributes/values to fetch.
stringWhich connection method resource to use
\constantFor aliases and referrals, this parameter specifies whether to follow references to the referenced DN or to fetch the attributes for the referencing DN. See http://php.net/ldap_search for the 4 valid options.
arraygetErrorMessage(string $method)
| inherited_from | \myldap::getErrorMessage() |
|---|
stringWhich connection method resource to use
getErrorNum(string $method)
| inherited_from | \myldap::getErrorNum() |
|---|
stringWhich connection method resource to use
getIndex()
| inherited_from | \DS::getIndex() |
|---|---|
| inherited_from | \myldap::getIndex() |
getLogin($method)
If this returns '', we are logged in with anonymous
| inherited_from | \DS::getLogin() |
|---|---|
| inherited_from | \myldap::getLogin() |
getLoginID(string $user, $method)
| inherited_from | \myldap::getLoginID() |
|---|
stringWhich connection method resource to use
getName()
| inherited_from | \DS::getName() |
|---|---|
| inherited_from | \myldap::getName() |
getRootDSE($method)
| inherited_from | \myldap::getRootDSE() |
|---|
getSchemaAttribute($attr_name, $method, string $dn) : \AttributeType
| see | \global\AttributeType |
|---|---|
| see | \global\SchemaAttributes |
| inherited_from | \myldap::getSchemaAttribute() |
string(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).
\AttributeTypeThe specified AttributeType object or false on error.getSchemaObjectClass(string $oclass_name, $method, string $dn) : \ObjectClass
| see | \global\ObjectClass |
|---|---|
| see | \global\SchemaObjectClasses |
| inherited_from | \myldap::getSchemaObjectClass() |
stringThe name of the objectClass to fetch.
string(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).
\ObjectClassThe specified ObjectClass object or false on error.getValue($key, $setting, $fatal)
| inherited_from | \DS::getValue() |
|---|---|
| inherited_from | \myldap::getValue() |
inactivityTime()
If there is not timeout, this function will return null.
| inherited_from | \DS::inactivityTime() |
|---|---|
| inherited_from | \myldap::inactivityTime() |
isAnonBindAllowed() : boolean
$servers->setValue('login','anon_bind',true|false);
booleanisAttrBinary(string $attr_name) : boolean
This is useful for developers who wish to display the contents of an arbitrary attribute but don't want to dump binary data on the page.
| see | \global\isJpegPhoto |
|---|---|
| inherited_from | \myldap::isAttrBinary() |
stringThe name of the attribute to test.
booleanisAttrBoolean(string $attr_name) : boolean
This is useful for developers who wish to display the contents of a boolean attribute with a drop-down.
| inherited_from | \myldap::isAttrBoolean() |
|---|
stringThe name of the attribute to test.
booleanisAttrHidden(string $attr) : boolean
Attributes are configured as hidden in config.php thus:
$config->custom->appearance['hide_attrs'] = array('objectClass');
stringThe name of the attribute to test.
booleanisAttrReadOnly(string $attr) : boolean
Attributes are configured as read-only in config.php thus:
$config->custom->appearance['readonly_attrs'] = array('objectClass');
stringThe name of the attribute to test.
booleanisAttrUnique(string $attr) : boolean
Attributes are configured as hidden in config.php thus:
$servers->setValue('unique','attrs',array('mail','uid','uidNumber'));
stringThe name of the attribute to test.
booleanisBranchRenameEnabled() : boolean
This is configured in config.php thus:
$servers->setValue('server','branch_rename',true|false);
booleanisDNAttr(string $attr_name, $method) : boolean
Some examples include 'distinguishedName', 'member' and 'uniqueMember'.
| inherited_from | \myldap::isDNAttr() |
|---|
stringThe name of the attribute of interest (case insensitive)
booleanisDefaultKey($key)
| inherited_from | \DS::isDefaultKey() |
|---|---|
| inherited_from | \myldap::isDefaultKey() |
isDefaultSetting($key, $setting)
| inherited_from | \DS::isDefaultSetting() |
|---|---|
| inherited_from | \myldap::isDefaultSetting() |
isForceMay($attr_name) : boolean
| inherited_from | \myldap::isForceMay() |
|---|
booleanTrue if the specified attribute is in the $force_may list and false otherwise.isJpegPhoto(string $attr_name) : boolean
If the specified attribute is one that houses jpeg data, true is returned. Otherwise this function returns false.
| see | \global\draw_jpeg_photo |
|---|---|
| inherited_from | \myldap::isJpegPhoto() |
stringThe name of the attribute to test.
booleanisLoggedIn($method)
| inherited_from | \DS::isLoggedIn() |
|---|---|
| inherited_from | \myldap::isLoggedIn() |
isMultiLineAttr(string $attr_name, string $val) : boolean
Attributes that fall in this multi-line category may be configured in config.php. Hence, this function accesses the global variable $_SESSION[APPCONFIG]->custom->appearance['multi_line_attributes'];
Usage example:
if ($ldapserver->isMultiLineAttr('postalAddress'))
echo '';
else
echo '';
stringThe name of the attribute of interested (case insensivite)
string(optional) The current value of the attribute (speeds up the process by searching for carriage returns already in the attribute value)
booleanisReadOnly()
| inherited_from | \DS::isReadOnly() |
|---|---|
| inherited_from | \myldap::isReadOnly() |
isSessionValid()
isShowCreateEnabled() : boolean
$servers->setValue('appearance','show_create',true|false);
If NOT set, then default to show the Create New item. If IS set, then return the value (it should be true or false).
The entry creation command must be available.
$config->custom->commands['script'] = array('create' => true);
booleantrue if the feature is enabled and false otherwise.isVisible()
| inherited_from | \DS::isVisible() |
|---|---|
| inherited_from | \myldap::isVisible() |
login($user, $pass, $method, $new) : boolean
method: 'user', connect with auth_id
method: '
| inherited_from | \myldap::login() |
|---|
booleantrue|false for successful login.logout($method)
| inherited_from | \DS::logout() |
|---|---|
| inherited_from | \myldap::logout() |
modify($dn, $attrs, $method)
query(string $query, string $method, string $index, boolean $debug) : array | null
| inherited_from | \myldap::query() |
|---|
stringquery to perform $query['base'] $query['filter'] $query['scope'] $query['attrs'] = array(); $query['deref']
stringWhich connection method resource to use
stringIndex items according to this key
booleanEnable debugging output
arraynullResults of query.rename($dn, $new_rdn, $container, $deleteoldrdn, $method)
setDefaults($defaults)
| inherited_from | \DS::setDefaults() |
|---|---|
| inherited_from | \myldap::setDefaults() |
setValue($key, $setting, $value)
| inherited_from | \DS::setValue() |
|---|---|
| inherited_from | \myldap::setValue() |
untested()
| inherited_from | \DS::untested() |
|---|---|
| inherited_from | \myldap::untested() |
userIsMember(string $user, \dn $group) : bool
Inputs:
| inherited_from | \myldap::userIsMember() |
|---|
stringmembership value that is being checked
\dnDN to see if user is a member
booltrue|falseconnect(string $method, $debug, $new) : resource | null
| inherited_from | \myldap::connect() |
|---|
stringWhich connection method resource to use
resourcenullConnection resource if successful, null if not.escapeDN($dn)
| inherited_from | \myldap::escapeDN() |
|---|
getMethod(int $method) : string
If a method is passed, then it will be passed back. If no method is passed, then we'll check to see if the user is logged in. If they are, then 'user' is used, otherwise 'anon' is used.
| inherited_from | \DS::getMethod() |
|---|---|
| inherited_from | \myldap::getMethod() |
intServer ID
stringConnection MethodgetPassword($method)
| inherited_from | \DS::getPassword() |
|---|---|
| inherited_from | \myldap::getPassword() |
setLogin($user, $pass, $method)
| inherited_from | \DS::setLogin() |
|---|---|
| inherited_from | \myldap::setLogin() |
userIsAllowedLogin($dn)
| inherited_from | \myldap::userIsAllowedLogin() |
|---|
explodeDN(string $dn, int $with_attributes) : array
| inherited_from | \myldap::explodeDN() |
|---|
stringThe DN to explode.
int(optional) Whether to include attribute names (see http://php.net/ldap_explode_dn for details)
arrayAn array of RDN parts of this format: Array ( [0] => uid=ppratt [1] => ou=People [2] => dc=example [3] => dc=com ) NOTE: When a multivalue RDN is passed to ldap_explode_dn, the results returns with 'value + value';getLoginBaseDN()
| inherited_from | \myldap::getLoginBaseDN() |
|---|
getLoginClass()
| inherited_from | \myldap::getLoginClass() |
|---|
getRawSchema(string $method, string $schema_to_fetch, \dn $dn) : array
Note, this function has grown many hairs to accomodate more LDAP servers. It is needfully complicated as it now supports many popular LDAP servers that don't necessarily expose their schema "the right way".
Please note: On FC systems, it seems that php_ldap uses /etc/openldap/ldap.conf in the search base if it is blank - so edit that file and comment out the BASE line.
| inherited_from | \myldap::getRawSchema() |
|---|
stringWhich connection method resource to use
stringA string indicating which type of schema to fetch. Five valid values: 'objectclasses', 'attributetypes', 'ldapsyntaxes', 'matchingruleuse', or 'matchingrules'. Case insensitive.
\dn(optional) This paremeter is the DN of the entry whose schema you would like to fetch. Entries have the option of specifying their own subschemaSubentry that points to the DN of the system schema entry which applies to this attribute. If unspecified, this will try to retrieve the schema from the RootDSE subschemaSubentry. Failing that, we use some commonly known schema DNs. Default value is the Root DSE DN (zero-length string)
arrayan array of strings of this form: Array ( [0] => "(1.3.6.1.4.1.7165.1.2.2.4 NAME 'gidPool' DESC 'Pool ... [1] => "(1.3.6.1.4.1.7165.2.2.3 NAME 'sambaAccount' DESC 'Sa ... etc.getSchemaDN(string $method, \dn $dn) : array | false
If we cant connect to the LDAP server, we'll return false. If we can connect but cant get the entry, then we'll return null.
| inherited_from | \myldap::getSchemaDN() |
|---|
stringWhich connection method resource to use
\dnThe DN to use to obtain the schema
arrayfalseSchema if available, null if its not or false if we cant connect.isAttrTest(string $attr, array $attrs, \dn $except_dn) : boolean
stringThe name of the attribute to test.
arrayThe attributes to test against.
\dnA DN that is exempt from these tests.
booleanisProxyEnabled() : boolean
Users may configure phpLDAPadmin to use PROXY AUTH in config,php thus:
$servers->setValue('login','auth_type','proxy');
| inherited_from | \myldap::isProxyEnabled() |
|---|
booleanisSASLEnabled() : boolean
Users may configure phpLDAPadmin to use SASL in config,php thus:
$servers->setValue('server','sasl',true|false);
| inherited_from | \myldap::isSASLEnabled() |
|---|
booleanisTLSEnabled() : boolean
Users may configure phpLDAPadmin to use TLS in config,php thus:
$servers->setValue('server','tls',true|false);
| inherited_from | \myldap::isTLSEnabled() |
|---|
booleanstartProxy($resource, $method)
| inherited_from | \myldap::startProxy() |
|---|
startSASL($resource, $method)
| inherited_from | \myldap::startSASL() |
|---|
startTLS($resource)
| inherited_from | \myldap::startTLS() |
|---|
unescapeDN($dn)
| inherited_from | \myldap::unescapeDN() |
|---|
$custom
| inherited_from | \DS::$$custom |
|---|---|
| inherited_from | \myldap::$$custom |
$default
| inherited_from | \DS::$$default |
|---|---|
| inherited_from | \myldap::$$default |
$index
| inherited_from | \DS::$$index |
|---|---|
| inherited_from | \myldap::$$index |
$type
| inherited_from | \DS::$$type |
|---|---|
| inherited_from | \myldap::$$type |
$_schemaDN
| inherited_from | \myldap::$$_schemaDN |
|---|
$_schema_entries
| inherited_from | \myldap::$$_schema_entries |
|---|
$force_may
$noconnect
| inherited_from | \myldap::$$noconnect |
|---|