PHP und LDAP, Teil 2

Meine vor einigen Wochen erwähnten LDAP-Funktionen in PHP habe ich mittlerweile etwas umgebaut und in eine PHP-Klasse gepackt. Das gibt mir die Möglichkeit, etwas flexibler mit LDAP-Session umzugehen und zum Beispiel mehrere Instanzen des LDAP-Handlers zu kreieren. Die Klasse ist weit davon entfernt fertig zu sein, aber ich kann sie schon für einige Anwendungsfälle nutzen.

Die größte Änderung dürfte wohl sein, dass eine LDAP-Fehlermeldung zurückgegeben wird, falls die Bind-Operation oder ein LDAP-Kommando nicht klappt:

<?php
/**
 * Connecting to LDAP-Directory. Searching and modifying entries, closing the connection.
 *
 * @author mkriesten
 */
class ldapHandling {
    private $ldapResourceId = NULL;
 
    public function __construct() {
    }
 
    public function __destruct() {
    }
 
    /**
    * Connects to LDAP Server with specified options and performs LDAP bind for LDAP version 3.
    * 
    * @param String $ldapServer IP address of LDAP Server
    * @param int $ldapPort TCP Port the LDAP Server is listening on
    * @param String $ldapUser User for LDAP Bind
    * @param String $ldapPass Password for LDAP Bind
    * @param long $ldapDeref Options for handling of dereferencing; only works in combination with $ldapDerefInt 
    * @param int $ldapDerefInt Integer value for $ldapDeref; only works in combination with $ldapDeref
    */    
    public function LDAPCONNECT ($ldapServer, $ldapPort, $ldapUser, $ldapPass, $ldapDeref, $ldapDerefInt) {
        $ldapResourceId = ldap_connect($ldapServer, $ldapPort) or die ("Could not connect to LDAP Host."); 
        ldap_set_option($ldapResourceId, LDAP_OPT_PROTOCOL_VERSION, 3) or die ("LDAP option could not be set."); 
        ldap_set_option($ldapResourceId, $ldapDeref, $ldapDerefInt) or die ("LDAP option could not be set."); 
        $this->ldapResourceId = $ldapResourceId;
 
        if (!ldap_bind($ldapResourceId, $ldapUser, $ldapPass)) { $this->error();} 
    }
 
    /**
    * Undbind from LDAP Server
    * 
    * @param int $ldapResourceId Resource ID (LDAP Session) you want to unbind from
    */
    public function LDAPDISCONN ($ldapResourceId) {
        ldap_unbind($ldapResourceId) or die ("LDAP unbind not successful.");
    }
 
    /**
    * LDAP Search for a specified DN including filters for objectClass and Attributes.
    * 
    * @param String $ldapDn Base DN to search
    * @param String $ldapFilter ObjectClass to filter for
    * @param array $ldapAttributes Array of attributes to filter for
    * @param int $ldapResourceId Resource ID from LDAPCONNECT to be used for LDAP Search
    * @return array $ldapResult Results will be returned in form of a multidimensional array
    */
    public function LDAPSEARCH ($ldapDn, $ldapFilter, $ldapAttributes, $ldapResourceId) {
        $sri = ldap_search($ldapResourceId, $ldapDn, $ldapFilter, $ldapAttributes); 
        if (!$sri) {
            $this->error();
        }
        $ldapResult = ldap_get_entries($ldapResourceId, $sri); 
        return $ldapResult;
    }
 
    public function LDAPMODIFY ($ldapResourceId, $ldapDn, $modificationEntry) {
        $res = ldap_modify($ldapResourceId, $ldapDn, $modificationEntry);
        if (!$res) {
            $this->error();
        }
    }
 
    /**
     * Error function printing LDAP Error code an message to screen.
     */
    protected function error() {
        if (ldap_error($this->ldapResourceId)) {
            echo 'LDAP Error: ('. ldap_errno($this->ldapResourceId).') - '.ldap_error($this->ldapResourceId);
        }
       die();
    }
 
    public function getLdapResourceId() {
        return $this->ldapResourceId;
    }
}
?>

<?php /** * Connecting to LDAP-Directory. Searching and modifying entries, closing the connection. * * @author mkriesten */ class ldapHandling { private $ldapResourceId = NULL; public function __construct() { } public function __destruct() { } /** * Connects to LDAP Server with specified options and performs LDAP bind for LDAP version 3. * * @param String $ldapServer IP address of LDAP Server * @param int $ldapPort TCP Port the LDAP Server is listening on * @param String $ldapUser User for LDAP Bind * @param String $ldapPass Password for LDAP Bind * @param long $ldapDeref Options for handling of dereferencing; only works in combination with $ldapDerefInt * @param int $ldapDerefInt Integer value for $ldapDeref; only works in combination with $ldapDeref */ public function LDAPCONNECT ($ldapServer, $ldapPort, $ldapUser, $ldapPass, $ldapDeref, $ldapDerefInt) { $ldapResourceId = ldap_connect($ldapServer, $ldapPort) or die ("Could not connect to LDAP Host."); ldap_set_option($ldapResourceId, LDAP_OPT_PROTOCOL_VERSION, 3) or die ("LDAP option could not be set."); ldap_set_option($ldapResourceId, $ldapDeref, $ldapDerefInt) or die ("LDAP option could not be set."); $this->ldapResourceId = $ldapResourceId; if (!ldap_bind($ldapResourceId, $ldapUser, $ldapPass)) { $this->error();} } /** * Undbind from LDAP Server * * @param int $ldapResourceId Resource ID (LDAP Session) you want to unbind from */ public function LDAPDISCONN ($ldapResourceId) { ldap_unbind($ldapResourceId) or die ("LDAP unbind not successful."); } /** * LDAP Search for a specified DN including filters for objectClass and Attributes. * * @param String $ldapDn Base DN to search * @param String $ldapFilter ObjectClass to filter for * @param array $ldapAttributes Array of attributes to filter for * @param int $ldapResourceId Resource ID from LDAPCONNECT to be used for LDAP Search * @return array $ldapResult Results will be returned in form of a multidimensional array */ public function LDAPSEARCH ($ldapDn, $ldapFilter, $ldapAttributes, $ldapResourceId) { $sri = ldap_search($ldapResourceId, $ldapDn, $ldapFilter, $ldapAttributes); if (!$sri) { $this->error(); } $ldapResult = ldap_get_entries($ldapResourceId, $sri); return $ldapResult; } public function LDAPMODIFY ($ldapResourceId, $ldapDn, $modificationEntry) { $res = ldap_modify($ldapResourceId, $ldapDn, $modificationEntry); if (!$res) { $this->error(); } } /** * Error function printing LDAP Error code an message to screen. */ protected function error() { if (ldap_error($this->ldapResourceId)) { echo 'LDAP Error: ('. ldap_errno($this->ldapResourceId).') - '.ldap_error($this->ldapResourceId); } die(); } public function getLdapResourceId() { return $this->ldapResourceId; } } ?>

<?php
include ("classes/ldapHandling.php");
 
...
 
// connect to LDAP server
$ldapCon = new ldapHandling();
$ldapCon->LDAPCONNECT($ldapServer, $ldapPort, $ldapUser, $ldapPass, $ldapDeref, 2);
$ldapIdent = $ldapCon->getLdapResourceId();
 
...
 
$result = $ldapCon->LDAPSEARCH($ldapDn, $ldapFilter, $ldapAttributes, $ldapIdent); 
 
...
?>

mkriesten.de

PHP und LDAP, Teil 2

Schreibe einen Kommentar Antworten abbrechen

Teilen:

Schreibe einen Kommentar Antworten abbrechen