StatusMessage
_get_raw_schema
_get_schema_dn
add_aliases_to_attrs
add_sup_to_attrs
array_delete
boldText
cached_schema_available
checkClientIP
checkIfDeleteEntriesIsAllowed
checkIfNewEntriesAreAllowed
checkIfPasswordChangeIsAllowed
checkIfToolIsActive
checkIfWriteAccessIsAllowed
checkPasswordStrength
cleanLDAPResult
colorText
compareDN
deobfuscateText
escapeDN
extractDNSuffix
extractRDNAttribute
extractRDNValue
formatLDAPTimestamp
generateRandomPassword
generateSalt
getAbstractDN
getLastLDAPError
getSupportedHashTypes
get_cached_schema
get_preg
get_schema_attribute
get_schema_attributes
get_schema_matching_rules
get_schema_objectclass
get_schema_objectclasses
get_schema_syntaxes
getdays
in_array_ignore_case
isObfuscatedText
ldapGetDN
linkText
lmPassword
logNewMessage
logoffAndBackToLoginPage
ntPassword
obfuscateText
parseMessageString
pwd_disable
pwd_enable
pwd_hash
pwd_is_enabled
pwd_is_lockable
searchLDAP
searchLDAPByAttribute
searchLDAPByFilter
search_domains
sendPasswordMail
set_cached_schema
set_schema_cache_unavailable
smbflag
startSecureSession
SCHEMA_SESSION_CACHE_ENABLED
StatusMessage(string $MessageTyp, string $MessageHeadline, string $MessageText, array $MessageVariables, boolean $returnOutput) : String
It can be used to print INFO, WARN and ERROR messages at the moment.
The headline and text may be formated with special tags:
{bold}, {endbold}: All text between these tags is printed bold.
{color=#123456}, {endcolor}: All text between these tags is printed in the given color.
{link=http://nodomain.org}, {endlink}: A link with the given target is created. The link text is the text between the tags.
stringThe type of the message to be printed. It must be one of the following types: 'INFO', 'WARN' or 'ERROR'.
Every other type will lead to an error message indicating an invalid message type.
stringThe headline of the status message.
It may be formatted with special color/link/bold tags.
stringThe text of the status message.
It may be formatted with special color/link/bold tags. This parameter is optional.
arrayThe variables that are used to replace the spacers (%s) in the submitted text. This parameter is optional.
booleanif set to true this function will return the generated HTML code instead of printing it directly (default: false)
StringHTML code if $returnOutput is set to true, otherwise null_get_raw_schema(\$schema_to_fetch $schema_to_fetch, \$dn $dn) : \an
Note, this function has grown many hairs to accomodate more LDAP servers. It is needfully complicated as it now supports many popular LDAP servers that don't necessarily expose their schema "the right way".
\$schema_to_fetch\$dn(optional) This paremeter is the DN of the entry whose schema you would like to fetch. Entries have the option of specifying their own subschemaSubentry that points to the DN of the system schema entry which applies to this attribute. If unspecified, this will try to retrieve the schema from the RootDSE subschemaSubentry. Failing that, we use some commonly known schema DNs. Default value is the Root DSE DN (zero-length string)
\anarray of strings of this form: Array ( [0] => "( 1.3.6.1.4.1.7165.1.2.2.4 NAME 'gidPool' DESC 'Pool ... [1] => "( 1.3.6.1.4.1.7165.2.2.3 NAME 'sambaAccount' DESC 'Sa ... etc._get_schema_dn(string $dn, bool $debug) : string
Entries should set the subSchemaSubEntry attribute pointing to the DN of the server schema. You can specify the DN whose subSchemaSubEntry you wish to retrieve of specify an empty string to fetch the subScehamSubEntry from the Root DSE.
stringThe DN (may be null) which houses the subschemaSubEntry attribute which this function can use to determine the schema entry's DN.
boolSwitch to true to see some nice and copious output. :)
stringThe DN of the entry which houses this LDAP server's schema.add_aliases_to_attrs($attrs)
Ie, attributeType has name 'gn' and 'givenName'. This function will create a unique entry for 'gn' and 'givenName'.
add_sup_to_attrs($attrs, $attrs_oid)
Supports infinite levels of inheritance. Bug 856832: require a second paramter that has all attributes indexed by OID
array_delete(array $values, array $array) : array
arraylist of values which should be removed
arraylist of original values
arraylist of remaining valuesboldText(string $text) : string
| access | private |
|---|
stringThe text that is used to search for {bold} and {endbold} tags.
stringThe submitted text with {bold} and {endbold} replaced with the appropriate HTML tages and cached_schema_available($schema_type)
$schema_type may be one of (lowercase) the following: objectclasses attributetypes ldapsyntaxes matchingrules matchingruleuse Note that _get_raw_schema() takes a similar parameter.
checkClientIP()
The script is stopped if the host is not valid.
checkIfDeleteEntriesIsAllowed(String $scope) : boolean
Stringaccount type (e.g. 'user')
booleantrue, if entries may be deletedcheckIfNewEntriesAreAllowed(String $scope) : boolean
This also checks if general write access is enabled.
Stringaccount type (e.g. 'user')
booleantrue, if new entries are allowedcheckIfPasswordChangeIsAllowed() : boolean
booleantrue, if allowedcheckIfToolIsActive(String $tool)
Otherwise, an error message is logged and the execution is stopped (die()).
Stringtool class name (e.g. toolFileUpload)
checkIfWriteAccessIsAllowed() : boolean
booleantrue, if allowedcheckPasswordStrength(string $password) : mixed
stringpassword
mixedtrue if ok, string with error message if not validcleanLDAPResult(array $entries)
This will remove all 'count' entries and also all numeric array keys.
arrayLDAP entries in format $entries[entry number][attribute name][attribute values]
colorText(string $text) : string
| access | private |
|---|
stringThe text that is used to search for {color} and {endcolor} tags.
stringInput string with HTML-formatted color tagscompareDN(string $a, string $b) : integer
stringfirst argument to compare
stringsecond argument to compare
integer0 if equal, 1 if $a is greater, -1 if $b is greaterdeobfuscateText(String $text)
Stringtext to deobfuscate
escapeDN(String $dn) : String
StringDN
Stringescaped DNextractDNSuffix(String $dn) : String
E.g. ou=people,dc=test,dc=com will result in dc=test,dc=com.
StringDN
StringDN suffixextractRDNAttribute(String $dn) : String
StringDN
StringRDN attribute nameextractRDNValue(String $dn) : String
StringDN
StringRDN attribute valueformatLDAPTimestamp(String $time) : String
from createTimestamp).
StringLDAP time value
Stringformated timegenerateRandomPassword() : String
StringpasswordgenerateSalt(int $len) : String
intsalt length
Stringthe salt stringgetAbstractDN(String $dn) : String
E.g. "dc=company,dc=de" is transformed to "company > de".
StringDN
Stringtransformed DNgetLastLDAPError() : array
arrayparameters for StatusMessage or null if all was okgetSupportedHashTypes() : array
SSHA).
arrayhash typesget_cached_schema($schema_type)
For list of valid $schema_type values, see above schema_cache_available(). Note that internally, this function utilizes a two-layer cache, one in memory using a static variable for multiple calls within the same page load, and one in a session for multiple calls within the same user session (spanning multiple page loads).
Returns an array of SchemaItem objects on success or false on failure.
get_preg(string $argument, string $regexp) : boolean
stringvalue to check
stringpattern name
booleantrue if matches, otherwise falseget_schema_attribute($attr_name, string $dn, $use_cache) : \AttributeType
| see | \global\AttributeType |
|---|---|
| see | \global\get_schema_attributes |
string(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).
\AttributeTypeThe specified AttributeType object or false on error.get_schema_attributes(string $dn, $use_cache) : array
Each array entry's key is the name of the attributeType in lower-case and the value is an AttributeType object.
string(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).
arrayAn array of AttributeType objects.get_schema_matching_rules($dn, $use_cache)
The key of each entry is the OID of the matching rule.
get_schema_objectclass(string $oclass_name, string $dn, $use_cache) : \ObjectClass
| see | \global\ObjectClass |
|---|---|
| see | \global\get_schema_objectclasses |
stringThe name of the objectClass to fetch.
string(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).
\ObjectClassThe specified ObjectClass object or false on error.get_schema_objectclasses(string $dn, $use_cache) : array
Each array entry's key is the name of the objectClass in lower-case and the value is an ObjectClass object.
| see | \global\ObjectClass |
|---|---|
| see | \global\get_schema_objectclass |
string(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).
arrayAn array of ObjectClass objects.get_schema_syntaxes($dn, $use_cache)
The key of each entry is the OID of the Syntax.
getdays() : \number
\numberof daysin_array_ignore_case(String $needle, array $haystack)
Stringsearch string
arrayarray
isObfuscatedText(String $text) : boolean
Stringtext to check
booleanobfuscated or notldapGetDN(String $dn, array $attributes, \handle $handle) : array
StringDN
arraylist of attributes to fetch
\handleLDAP handle (optional for admin interface pages)
arrayattributes or null if not foundlinkText(string $text) : string
| access | private |
|---|
stringThe text that is used to search for {link} and {endlink} tags.
stringInput string with HTML-formatted link tagslmPassword(string $password) : string
stringpassword original password
stringpassword hashlogNewMessage(string $level, string $message)
stringlog level (LOG_DEBUG, LOG_NOTICE, LOG_WARNING, LOG_ERR)
stringlog message
logoffAndBackToLoginPage()
ntPassword(string $password) : string
stringpassword original password
stringpassword hashobfuscateText(String $text)
Stringtext to obfuscate
parseMessageString(string $MessageString) : string
| access | private |
|---|
stringThe text that is used to search for replaceable strings.
stringThe processed text.pwd_disable(string $hash) : string
stringhash value to disable
stringdisabled hash valuepwd_enable(string $hash) : string
stringhash value to enable
stringenabled password hashpwd_hash(string $password, boolean $enabled, string $hashType) : string
| see | \global\getSupportedHashTypes() |
|---|
stringthe password string
booleanmarks the hash as enabled/disabled (e.g. by prefixing "!")
stringpassword hash type (CRYPT, CRYPT-SHA512, SHA, SSHA, MD5, SMD5, PLAIN)
stringthe password hashpwd_is_enabled(string $hash) : boolean
stringpassword hash to check
booleantrue if the password is marked as enabledpwd_is_lockable(String $password) : boolean
This checks if the password is not plain text but e.g. contains {SSHA}.
Stringpassword value
booleancan be lockedsearchLDAP(String $suffix, String $filter, array $attributes) : array
StringLDAP suffix
Stringfilter
arraylist of attributes to return
arraylist of found entriessearchLDAPByAttribute(String $name, String $value, String $objectClass, array $attributes, array $scopes) : array
Stringattribute name (may be null)
Stringattribute value
Stringobject class (may be null)
arraylist of attributes to return
arrayaccount types
arraylist of found entriessearchLDAPByFilter(String $filter, array $attributes, array $scopes, boolean $attrsOnly) : array
String
arraylist of attributes to return
arrayaccount types
booleanget only attributes but no values (default: false)
arraylist of found entriessearch_domains(\handle $server, String $suffix) : array
\handleLDAP handle (if null then $_SESSION['ldap']->server() is used)
StringLDAP suffix to search (if null then $_SESSION['config']->get_Suffix('smbDomain') is used)
arraylist of samba3domain objectssendPasswordMail(String $pwd, array $user, String $recipient) : array
Stringnew password
arrayLDAP attributes of user
Stringrecipient address (optional, $user['mail'][0] used by default)
arraylist of arrays that can be used to create status messagesset_cached_schema($schema_type, $schema_items)
$schema_items should be an array of SchemaItem instances (ie, an array of ObjectClass, AttributeType, LDAPSyntax, MatchingRuleUse, or MatchingRule objects.
Returns true on success of false on failure.
set_schema_cache_unavailable()
smbflag(array $input) : string
arrayis an array of Samba flags (e.g. X or D)
stringSamba flag stringstartSecureSession(boolean $redirectToLogin) : boolean
The script is stopped if one of the checks fail (timeout redirection may be overriden).
booleanredirect user to login page
booleantrue if all ok, false if session expiredA simple class for representing AttributeTypes used only by the ObjectClass class.
« More »SCHEMA_SESSION_CACHE_ENABLED