Meine vor einigen Wochen erwähnten LDAP-Funktionen in PHP habe ich mittlerweile etwas umgebaut und in eine PHP-Klasse gepackt. Das gibt mir die Möglichkeit, etwas flexibler mit LDAP-Session umzugehen und zum Beispiel mehrere Instanzen des LDAP-Handlers zu kreieren. Die Klasse ist weit davon entfernt fertig zu sein, aber ich kann sie schon für einige Anwendungsfälle nutzen.
Die größte Änderung dürfte wohl sein, dass eine LDAP-Fehlermeldung zurückgegeben wird, falls die Bind-Operation oder ein LDAP-Kommando nicht klappt:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
| <?php
/**
* Connecting to LDAP-Directory. Searching and modifying entries, closing the connection.
*
* @author mkriesten
*/
class ldapHandling {
private $ldapResourceId = NULL;
public function __construct() {
}
public function __destruct() {
}
/**
* Connects to LDAP Server with specified options and performs LDAP bind for LDAP version 3.
*
* @param String $ldapServer IP address of LDAP Server
* @param int $ldapPort TCP Port the LDAP Server is listening on
* @param String $ldapUser User for LDAP Bind
* @param String $ldapPass Password for LDAP Bind
* @param long $ldapDeref Options for handling of dereferencing; only works in combination with $ldapDerefInt
* @param int $ldapDerefInt Integer value for $ldapDeref; only works in combination with $ldapDeref
*/
public function LDAPCONNECT ($ldapServer, $ldapPort, $ldapUser, $ldapPass, $ldapDeref, $ldapDerefInt) {
$ldapResourceId = ldap_connect($ldapServer, $ldapPort) or die ("Could not connect to LDAP Host.");
ldap_set_option($ldapResourceId, LDAP_OPT_PROTOCOL_VERSION, 3) or die ("LDAP option could not be set.");
ldap_set_option($ldapResourceId, $ldapDeref, $ldapDerefInt) or die ("LDAP option could not be set.");
$this->ldapResourceId = $ldapResourceId;
if (!ldap_bind($ldapResourceId, $ldapUser, $ldapPass)) { $this->error();}
}
/**
* Undbind from LDAP Server
*
* @param int $ldapResourceId Resource ID (LDAP Session) you want to unbind from
*/
public function LDAPDISCONN ($ldapResourceId) {
ldap_unbind($ldapResourceId) or die ("LDAP unbind not successful.");
}
/**
* LDAP Search for a specified DN including filters for objectClass and Attributes.
*
* @param String $ldapDn Base DN to search
* @param String $ldapFilter ObjectClass to filter for
* @param array $ldapAttributes Array of attributes to filter for
* @param int $ldapResourceId Resource ID from LDAPCONNECT to be used for LDAP Search
* @return array $ldapResult Results will be returned in form of a multidimensional array
*/
public function LDAPSEARCH ($ldapDn, $ldapFilter, $ldapAttributes, $ldapResourceId) {
$sri = ldap_search($ldapResourceId, $ldapDn, $ldapFilter, $ldapAttributes);
if (!$sri) {
$this->error();
}
$ldapResult = ldap_get_entries($ldapResourceId, $sri);
return $ldapResult;
}
public function LDAPMODIFY ($ldapResourceId, $ldapDn, $modificationEntry) {
$res = ldap_modify($ldapResourceId, $ldapDn, $modificationEntry);
if (!$res) {
$this->error();
}
}
/**
* Error function printing LDAP Error code an message to screen.
*/
protected function error() {
if (ldap_error($this->ldapResourceId)) {
echo 'LDAP Error: ('. ldap_errno($this->ldapResourceId).') - '.ldap_error($this->ldapResourceId);
}
die();
}
public function getLdapResourceId() {
return $this->ldapResourceId;
}
}
?> |
<?php
/**
* Connecting to LDAP-Directory. Searching and modifying entries, closing the connection.
*
* @author mkriesten
*/
class ldapHandling {
private $ldapResourceId = NULL;
public function __construct() {
}
public function __destruct() {
}
/**
* Connects to LDAP Server with specified options and performs LDAP bind for LDAP version 3.
*
* @param String $ldapServer IP address of LDAP Server
* @param int $ldapPort TCP Port the LDAP Server is listening on
* @param String $ldapUser User for LDAP Bind
* @param String $ldapPass Password for LDAP Bind
* @param long $ldapDeref Options for handling of dereferencing; only works in combination with $ldapDerefInt
* @param int $ldapDerefInt Integer value for $ldapDeref; only works in combination with $ldapDeref
*/
public function LDAPCONNECT ($ldapServer, $ldapPort, $ldapUser, $ldapPass, $ldapDeref, $ldapDerefInt) {
$ldapResourceId = ldap_connect($ldapServer, $ldapPort) or die ("Could not connect to LDAP Host.");
ldap_set_option($ldapResourceId, LDAP_OPT_PROTOCOL_VERSION, 3) or die ("LDAP option could not be set.");
ldap_set_option($ldapResourceId, $ldapDeref, $ldapDerefInt) or die ("LDAP option could not be set.");
$this->ldapResourceId = $ldapResourceId;
if (!ldap_bind($ldapResourceId, $ldapUser, $ldapPass)) { $this->error();}
}
/**
* Undbind from LDAP Server
*
* @param int $ldapResourceId Resource ID (LDAP Session) you want to unbind from
*/
public function LDAPDISCONN ($ldapResourceId) {
ldap_unbind($ldapResourceId) or die ("LDAP unbind not successful.");
}
/**
* LDAP Search for a specified DN including filters for objectClass and Attributes.
*
* @param String $ldapDn Base DN to search
* @param String $ldapFilter ObjectClass to filter for
* @param array $ldapAttributes Array of attributes to filter for
* @param int $ldapResourceId Resource ID from LDAPCONNECT to be used for LDAP Search
* @return array $ldapResult Results will be returned in form of a multidimensional array
*/
public function LDAPSEARCH ($ldapDn, $ldapFilter, $ldapAttributes, $ldapResourceId) {
$sri = ldap_search($ldapResourceId, $ldapDn, $ldapFilter, $ldapAttributes);
if (!$sri) {
$this->error();
}
$ldapResult = ldap_get_entries($ldapResourceId, $sri);
return $ldapResult;
}
public function LDAPMODIFY ($ldapResourceId, $ldapDn, $modificationEntry) {
$res = ldap_modify($ldapResourceId, $ldapDn, $modificationEntry);
if (!$res) {
$this->error();
}
}
/**
* Error function printing LDAP Error code an message to screen.
*/
protected function error() {
if (ldap_error($this->ldapResourceId)) {
echo 'LDAP Error: ('. ldap_errno($this->ldapResourceId).') - '.ldap_error($this->ldapResourceId);
}
die();
}
public function getLdapResourceId() {
return $this->ldapResourceId;
}
}
?>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
| <?php
include ("classes/ldapHandling.php");
...
// connect to LDAP server
$ldapCon = new ldapHandling();
$ldapCon->LDAPCONNECT($ldapServer, $ldapPort, $ldapUser, $ldapPass, $ldapDeref, 2);
$ldapIdent = $ldapCon->getLdapResourceId();
...
$result = $ldapCon->LDAPSEARCH($ldapDn, $ldapFilter, $ldapAttributes, $ldapIdent);
...
?> |
<?php
include ("classes/ldapHandling.php");
...
// connect to LDAP server
$ldapCon = new ldapHandling();
$ldapCon->LDAPCONNECT($ldapServer, $ldapPort, $ldapUser, $ldapPass, $ldapDeref, 2);
$ldapIdent = $ldapCon->getLdapResourceId();
...
$result = $ldapCon->LDAPSEARCH($ldapDn, $ldapFilter, $ldapAttributes, $ldapIdent);
...
?>