X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=functions%2Fabook_ldap_server.php;h=8b596964932e214c659f505982c9d2fd7818e2b3;hb=1cbd87548bd63a925cb3d4ce025ae40b616b7c64;hp=cb1bb70ff64ba0d69b22a7d8f81615f708117193;hpb=9ab998a6b77b6fd434d5193cb18707cf4f8f1137;p=squirrelmail.git diff --git a/functions/abook_ldap_server.php b/functions/abook_ldap_server.php index cb1bb70f..8b596964 100644 --- a/functions/abook_ldap_server.php +++ b/functions/abook_ldap_server.php @@ -18,7 +18,7 @@ * and inetOrgPerson (RFC2798) objects and dn, description, sn, givenname, * cn, mail attributes. Other attributes are ignored. * - * @copyright © 1999-2006 The SquirrelMail Project Team + * @copyright © 1999-2007 The SquirrelMail Project Team * @license http://opensource.org/licenses/gpl-license.php GNU Public License * @version $Id$ * @package squirrelmail @@ -49,7 +49,22 @@ * * Advanced settings: *
- * ? filter => Filter expression to limit ldap searches + * ? filter => Filter expression to limit ldap search results. + * You can use this to *limit* the result set, based on specific + * requirements. The filter must be enclosed in parentheses, e.g.: + * '(objectclass=mailRecipient)' + * or '(&(objectclass=mailRecipient)(obectclass=myCustomClass))' + * The default value is empty. + * + * ? search_expression => Custom expression to expand ldap searches. + * This can help *expand* the result set, because of hits in more + * LDAP attributes. It must be a printf()-style string with either + * one placeholder '%s', or, if you want to repeat the expression + * many times, '%1$s'. The default value is: + * '(|(cn=*%1$s*)(mail=*%1$s*)(sn=*%1$s*))' + * that is, the search expression is search in the fields cn (common + * name), sn (surname) and mail. + * * ? limit_scope => Limits scope to base DN (Specific to Win2k3 ADS). * ? listing => Controls listing of LDAP directory. * ? writeable => Controls write access to address book @@ -109,6 +124,12 @@ class abook_ldap_server extends addressbook_backend { * @since 1.5.1 */ var $filter = ''; + /** + * @var string printf()-style ldap search expression. + * The default is to search for same string in cn, mail and sn. + * @since 1.5.2 + */ + var $search_expression = '(|(cn=*%1$s*)(mail=*%1$s*)(sn=*%1$s*))'; /** * @var integer timeout of LDAP operations (in seconds) */ @@ -193,6 +214,11 @@ class abook_ldap_server extends addressbook_backend { if(isset($param['filter'])) $this->filter = trim($param['filter']); + + if(isset($param['search_expression']) && + (strstr($param['search_expression'], '%s') || strstr($param['search_expression'], '%1$s'))) { + $this->search_expression = trim($param['search_expression']); + } if(isset($param['limit_scope'])) $this->limit_scope = (bool) $param['limit_scope']; @@ -475,8 +501,7 @@ class abook_ldap_server extends addressbook_backend { $surname = trim($this->charset_decode($row['sn'][0])); } - // FIXME: Write generic function to handle name order - $fullname = trim($firstname . " " . $surname); + $fullname = $this->fullname($firstname,$surname); /* Add one row to result for each e-mail address */ if(isset($row['mail']['count'])) { @@ -668,11 +693,24 @@ class abook_ldap_server extends addressbook_backend { /* Convert search from user's charset to the one used in ldap and sanitize */ $expr = $this->quotevalue($expr); - /* Search for same string in cn, main and sn */ - $expression = '(|(cn=*'.$expr.'*)(mail=*'.$expr.'*)(sn=*'.$expr.'*))'; + /* If search expr contains %s or %1$s, replace them with escaped values, + * so that a wrong printf()-style string is not created by mistake. + * (Probably overkill but who knows...) */ + $expr = str_replace('%s', '\\25s', $expr); + $expr = str_replace('%1$s', '\\251$s', $expr); + + /* Substitute %s or %1$s in printf()-formatted search_expresison with + * the value that the user searches for. */ + $expression = sprintf($this->search_expression, $expr); /* Undo sanitizing of * symbol */ $expression = str_replace('\2a','*',$expression); + + /* Replace '**', '***' etc. with '*' in case it occurs in final + * search expression */ + while(strstr($expression, '**')) { + $expression = str_replace('**', '*', $expression); + } } /* Add search filtering */