Ldap.php
inherited
Classes
Zend Framework
LICENSE
This source file is subject to the new BSD license that is bundled with this package in the file LICENSE.txt. It is also available through the world-wide-web at this URL: http://framework.zend.com/license/new-bsd If you did not receive a copy of the license and are unable to obtain it through the world-wide-web, please send an email to [email protected] so we can send you a copy immediately.
- Category
- Zend
- Copyright
- Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
- License
- New BSD License
- Package
- Zend_Ldap
- Version
- $Id: Ldap.php 24593 2012-01-05 20:35:02Z matthew $
\Zend_Ldap
- Category
- Zend
- Copyright
- Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)
- License
- New BSD License
Constants
SEARCH_SCOPE_SUB
= 1
SEARCH_SCOPE_ONE
= 2
SEARCH_SCOPE_BASE
= 3
ACCTNAME_FORM_DN
= 1
ACCTNAME_FORM_USERNAME
= 2
ACCTNAME_FORM_BACKSLASH
= 3
ACCTNAME_FORM_PRINCIPAL
= 4
Properties
boolean|null|string $_boundUser = falseFALSE if no user is bound to the LDAP resource NULL if there has been an anonymous bind username of the currently bound user
falseDetails- Type
- boolean | null | string
string $_connectString = String used with ldap_connect for error handling purposes.
- Type
- string
array $_options = nullThe options used in connecting, binding, etc.
nullDetails- Type
- array
resource $_resource = nullThe raw LDAP extension resource.
nullDetails- Type
- resource
Methods
__construct(array | \Zend_Config $options = array()) : voidConstructor.
| Name | Type | Description |
|---|---|---|
| $options | array | \Zend_Config | Options used in connecting, binding, etc. |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception | if ext/ldap is not installed |
__destruct() : voidDestructor.
_createCollection(\Zend_Ldap_Collection_Iterator_Default $iterator, string | null $collectionClass) : \Zend_Ldap_CollectionExtension point for collection creation
| Name | Type | Description |
|---|---|---|
| $iterator | \Zend_Ldap_Collection_Iterator_Default | |
| $collectionClass | string | null |
| Type | Description |
|---|---|
| \Zend_Ldap_Collection |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
_getAccount( $acctname, array $attrs = null) : array| Name | Type | Description |
|---|---|---|
| $acctname | ||
| $attrs | array | An array of names of desired attributes |
| Type | Description |
|---|---|
| array | An array of the attributes representing the account |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
_getAccountCanonicalForm() : integer| Type | Description |
|---|---|
| integer | Either ACCTNAME_FORM_BACKSLASH, ACCTNAME_FORM_PRINCIPAL or ACCTNAME_FORM_USERNAME indicating the form usernames should be canonicalized to. |
_getAccountDn(string $acctname) : string| Name | Type | Description |
|---|---|---|
| $acctname | string | The name of the account |
| Type | Description |
|---|---|
| string | The DN of the specified account |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
_getAccountDomainName() : string| Type | Description |
|---|---|
| string | The account domain name |
_getAccountDomainNameShort() : string| Type | Description |
|---|---|
| string | The short account domain name |
_getAccountFilter( $acctname) : string| Name | Type | Description |
|---|---|---|
| $acctname |
| Type | Description |
|---|---|
| string | The LDAP search filter for matching directory accounts |
_getAccountFilterFormat() : string| Type | Description |
|---|---|
| string | A format string for building an LDAP search filter to match an account |
_getAllowEmptyPassword() : boolean| Type | Description |
|---|---|
| boolean | Allow empty passwords |
_getBindRequiresDn() : boolean| Type | Description |
|---|---|
| boolean | Bind requires DN |
_getChildrenDns(string | \Zend_Ldap_Dn $parentDn) : arrayRetrieve the immediate children DNs of the given $parentDn
This method is used in recursive methods like {@see delete()} or {@see copy()}
| Name | Type | Description |
|---|---|---|
| $parentDn | string | \Zend_Ldap_Dn |
| Type | Description |
|---|---|
| array | of DNs |
_getHost() : string| Type | Description |
|---|---|
| string | The hostname of the LDAP server being used to authenticate accounts |
_getOptReferrals() : boolean| Type | Description |
|---|---|
| boolean | Opt. Referrals |
_getPassword() : string| Type | Description |
|---|---|
| string | The default password for binding |
_getPort() : int| Type | Description |
|---|---|
| int | The port of the LDAP server or 0 to indicate that no port value is set |
_getTryUsernameSplit() : boolean| Type | Description |
|---|---|
| boolean | Try splitting the username into username and domain |
_getUseSsl() : boolean| Type | Description |
|---|---|
| boolean | The default SSL / TLS encrypted transport control |
_getUseStartTls() : boolean| Type | Description |
|---|---|
| boolean | The default SSL / TLS encrypted transport control |
_getUsername() : string| Type | Description |
|---|---|
| string | The default acctname for binding |
_isPossibleAuthority(string $dname) : boolean| Name | Type | Description |
|---|---|---|
| $dname | string | The domain name to check |
| Type | Description |
|---|---|
| boolean |
_splitName(string $name, string $dname, string $aname) : void| Name | Type | Description |
|---|---|---|
| $name | string | The name to split |
| $dname | string | The resulting domain name (this is an out parameter) |
| $aname | string | The resulting account name (this is an out parameter) |
add(string | \Zend_Ldap_Dn $dn, array $entry) : \Zend_LdapAdd new information to the LDAP repository
| Name | Type | Description |
|---|---|---|
| $dn | string | \Zend_Ldap_Dn | |
| $entry | array |
| Type | Description |
|---|---|
| \Zend_Ldap | Provides a fluid interface |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
bind(string $username = null, string $password = null) : \Zend_Ldap| Name | Type | Description |
|---|---|---|
| $username | string | The username for authenticating the bind |
| $password | string | The password for authenticating the bind |
| Type | Description |
|---|---|
| \Zend_Ldap | Provides a fluent interface |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
connect(string $host = null, int $port = null, boolean $useSsl = null, boolean $useStartTls = null) : \Zend_LdapTo connect using SSL it seems the client tries to verify the server certificate by default.
One way to disable this behavior is to set 'TLS_REQCERT never' in OpenLDAP's ldap.conf and restarting Apache. Or, if you really care about the server's cert you can put a cert on the web server.
| Name | Type | Description |
|---|---|---|
| $host | string | The hostname of the LDAP server to connect to |
| $port | int | The port number of the LDAP server to connect to |
| $useSsl | boolean | Use SSL |
| $useStartTls | boolean | Use STARTTLS |
| Type | Description |
|---|---|
| \Zend_Ldap | Provides a fluent interface |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
copy(string | \Zend_Ldap_Dn $from, string | \Zend_Ldap_Dn $to, boolean $recursively = false) : \Zend_LdapCopies a LDAP entry from one DN to another DN.
| Name | Type | Description |
|---|---|---|
| $from | string | \Zend_Ldap_Dn | |
| $to | string | \Zend_Ldap_Dn | |
| $recursively | boolean |
| Type | Description |
|---|---|
| \Zend_Ldap | Provides a fluid interface |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
copyToSubtree(string | \Zend_Ldap_Dn $from, string | \Zend_Ldap_Dn $to, boolean $recursively = false) : \Zend_LdapCopies a LDAP entry from one DN to another subtree.
| Name | Type | Description |
|---|---|---|
| $from | string | \Zend_Ldap_Dn | |
| $to | string | \Zend_Ldap_Dn | |
| $recursively | boolean |
| Type | Description |
|---|---|
| \Zend_Ldap | Provides a fluid interface |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
count(string | \Zend_Ldap_Filter_Abstract $filter, string | \Zend_Ldap_Dn | null $basedn = null, integer $scope = self::SEARCH_SCOPE_SUB) : integerCount items found by given filter.
| Name | Type | Description |
|---|---|---|
| $filter | string | \Zend_Ldap_Filter_Abstract | |
| $basedn | string | \Zend_Ldap_Dn | null | |
| $scope | integer |
| Type | Description |
|---|---|
| integer |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
countChildren(string | \Zend_Ldap_Dn $dn) : integerCount children for a given DN.
| Name | Type | Description |
|---|---|---|
| $dn | string | \Zend_Ldap_Dn |
| Type | Description |
|---|---|
| integer |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
delete(string | \Zend_Ldap_Dn $dn, boolean $recursively = false) : \Zend_LdapDelete an LDAP entry
| Name | Type | Description |
|---|---|---|
| $dn | string | \Zend_Ldap_Dn | |
| $recursively | boolean |
| Type | Description |
|---|---|
| \Zend_Ldap | Provides a fluid interface |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
exists(string | \Zend_Ldap_Dn $dn) : booleanCheck if a given DN exists.
| Name | Type | Description |
|---|---|---|
| $dn | string | \Zend_Ldap_Dn |
| Type | Description |
|---|---|
| boolean |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
explodeDn(string $dn, array $keys = null, array $vals = null) : boolean| Name | Type | Description |
|---|---|---|
| $dn | string | The DN to parse |
| $keys | array | An optional array to receive DN keys (e.g. CN, OU, DC, ...) |
| $vals | array | An optional array to receive DN values |
| Type | Description |
|---|---|
| boolean | True if the DN was successfully parsed or false if the string is not a valid DN. |
- Deprecated
- will be removed, use {@see Zend_Ldap_Dn::checkDn()}
filterEscape(string $str) : string| Name | Type | Description |
|---|---|---|
| $str | string | The string to escape. |
| Type | Description |
|---|---|
| string | The escaped string |
- Deprecated
- will be removed, use {@see Zend_Ldap_Filter_Abstract::escapeValue()}
getBaseDn() : stringGets the base DN under which objects of interest are located
| Type | Description |
|---|---|
| string |
getBaseNode() : \Zend_Ldap_NodeReturns the base node as a Zend_Ldap_Node
| Type | Description |
|---|---|
| \Zend_Ldap_Node |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
getBoundUser() : false | null | stringGet the currently bound user
FALSE if no user is bound to the LDAP resource NULL if there has been an anonymous bind username of the currently bound user
| Type | Description |
|---|---|
| false | null | string |
getCanonicalAccountName(string $acctname, $form = 0) : string| Name | Type | Description |
|---|---|---|
| $acctname | string | The name to canonicalize |
| $form |
| Type | Description |
|---|---|
| string | The canonicalized name in the desired form |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
getEntry(string | \Zend_Ldap_Dn $dn, array $attributes = array(), boolean $throwOnNotFound = false) : arrayGet LDAP entry by DN
| Name | Type | Description |
|---|---|---|
| $dn | string | \Zend_Ldap_Dn | |
| $attributes | array | |
| $throwOnNotFound | boolean |
| Type | Description |
|---|---|
| array |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
getLastError(int $errorCode = null, array $errorMessages = null) : stringReturn the LDAP error message of the last LDAP command
| Name | Type | Description |
|---|---|---|
| $errorCode | int | |
| $errorMessages | array |
| Type | Description |
|---|---|
| string |
getLastErrorCode() : intReturn the LDAP error number of the last LDAP command
| Type | Description |
|---|---|
| int |
getNode(string | \Zend_Ldap_Dn $dn) : \Zend_Ldap_Node | nullReturns the specified DN as a Zend_Ldap_Node
| Name | Type | Description |
|---|---|---|
| $dn | string | \Zend_Ldap_Dn |
| Type | Description |
|---|---|
| \Zend_Ldap_Node | null |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
getOptions() : array| Type | Description |
|---|---|
| array | The current options. |
getResource() : resource| Type | Description |
|---|---|
| resource | The raw LDAP extension resource. |
getRootDse() : \Zend_Ldap_Node_RootDseReturns the RootDSE
| Type | Description |
|---|---|
| \Zend_Ldap_Node_RootDse |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
getSchema() : \Zend_Ldap_Node_SchemaReturns the schema
| Type | Description |
|---|---|
| \Zend_Ldap_Node_Schema |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
move(string | \Zend_Ldap_Dn $from, string | \Zend_Ldap_Dn $to, boolean $recursively = false, boolean $alwaysEmulate = false) : \Zend_LdapMoves a LDAP entry from one DN to another DN.
This is an alias for rename()
| Name | Type | Description |
|---|---|---|
| $from | string | \Zend_Ldap_Dn | |
| $to | string | \Zend_Ldap_Dn | |
| $recursively | boolean | |
| $alwaysEmulate | boolean |
| Type | Description |
|---|---|
| \Zend_Ldap | Provides a fluid interface |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
moveToSubtree(string | \Zend_Ldap_Dn $from, string | \Zend_Ldap_Dn $to, boolean $recursively = false, boolean $alwaysEmulate = false) : \Zend_LdapMoves a LDAP entry from one DN to another subtree.
| Name | Type | Description |
|---|---|---|
| $from | string | \Zend_Ldap_Dn | |
| $to | string | \Zend_Ldap_Dn | |
| $recursively | boolean | |
| $alwaysEmulate | boolean |
| Type | Description |
|---|---|
| \Zend_Ldap | Provides a fluid interface |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
prepareLdapEntryArray(array $entry) : voidPrepares an ldap data entry array for insert/update operation
| Name | Type | Description |
|---|---|---|
| $entry | array |
| Exception | Description |
|---|---|
| \InvalidArgumentException |
rename(string | \Zend_Ldap_Dn $from, string | \Zend_Ldap_Dn $to, boolean $recursively = false, boolean $alwaysEmulate = false) : \Zend_LdapRenames a LDAP entry from one DN to another DN.
This method implicitely moves the entry to another location within the tree.
| Name | Type | Description |
|---|---|---|
| $from | string | \Zend_Ldap_Dn | |
| $to | string | \Zend_Ldap_Dn | |
| $recursively | boolean | |
| $alwaysEmulate | boolean |
| Type | Description |
|---|---|
| \Zend_Ldap | Provides a fluid interface |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
save(string | \Zend_Ldap_Dn $dn, array $entry) : \Zend_LdapSave entry to LDAP registry.
Internally decides if entry will be updated to added by calling exists().
| Name | Type | Description |
|---|---|---|
| $dn | string | \Zend_Ldap_Dn | |
| $entry | array |
| Type | Description |
|---|---|
| \Zend_Ldap | Provides a fluid interface |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
search(string | \Zend_Ldap_Filter_Abstract | array $filter, string | \Zend_Ldap_Dn | null $basedn = null, integer $scope = self::SEARCH_SCOPE_SUB, array $attributes = array(), string | null $sort = null, string | null $collectionClass = null, integer $sizelimit = 0, integer $timelimit = 0) : \Zend_Ldap_CollectionA global LDAP search routine for finding information.
Options can be either passed as single parameters according to the method signature or as an array with one or more of the following keys - filter - baseDn - scope - attributes - sort - collectionClass - sizelimit - timelimit
| Name | Type | Description |
|---|---|---|
| $filter | string | \Zend_Ldap_Filter_Abstract | array | |
| $basedn | string | \Zend_Ldap_Dn | null | |
| $scope | integer | |
| $attributes | array | |
| $sort | string | null | |
| $collectionClass | string | null | |
| $sizelimit | integer | |
| $timelimit | integer |
| Type | Description |
|---|---|
| \Zend_Ldap_Collection |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
searchEntries(string | \Zend_Ldap_Filter_Abstract | array $filter, string | \Zend_Ldap_Dn | null $basedn = null, integer $scope = self::SEARCH_SCOPE_SUB, array $attributes = array(), string | null $sort = null, boolean $reverseSort = false, integer $sizelimit = 0, integer $timelimit = 0) : arraySearch LDAP registry for entries matching filter and optional attributes
Options can be either passed as single parameters according to the method signature or as an array with one or more of the following keys - filter - baseDn - scope - attributes - sort - reverseSort - sizelimit - timelimit
| Name | Type | Description |
|---|---|---|
| $filter | string | \Zend_Ldap_Filter_Abstract | array | |
| $basedn | string | \Zend_Ldap_Dn | null | |
| $scope | integer | |
| $attributes | array | |
| $sort | string | null | |
| $reverseSort | boolean | |
| $sizelimit | integer | |
| $timelimit | integer |
| Type | Description |
|---|---|
| array |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
setOptions(array | \Zend_Config $options) : \Zend_LdapSets the options used in connecting, binding, etc.
Valid option keys: host port useSsl username password bindRequiresDn baseDn accountCanonicalForm accountDomainName accountDomainNameShort accountFilterFormat allowEmptyPassword useStartTls optRefferals tryUsernameSplit
| Name | Type | Description |
|---|---|---|
| $options | array | \Zend_Config | Options used in connecting, binding, etc. |
| Type | Description |
|---|---|
| \Zend_Ldap | Provides a fluent interface |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |
update(string | \Zend_Ldap_Dn $dn, array $entry) : \Zend_LdapUpdate LDAP registry
| Name | Type | Description |
|---|---|---|
| $dn | string | \Zend_Ldap_Dn | |
| $entry | array |
| Type | Description |
|---|---|
| \Zend_Ldap | Provides a fluid interface |
| Exception | Description |
|---|---|
| \Zend_Ldap_Exception |