[squirrelmail.git] / functions / abook_ldap_server.php

<?php

/**
 * abook_ldap_server.php
 *
 * Copyright (c) 1999-2001 The Squirrelmail Development Team
 * Licensed under the GNU GPL. For full terms see the file COPYING.
 *
 * Address book backend for LDAP server
 *
 * An array with the following elements must be passed to
 * the class constructor (elements marked ? are optional):
 *
 *    host      => LDAP server hostname/IP-address
 *    base      => LDAP server root (base dn). Empty string allowed.
 *  ? port      => LDAP server TCP port number (default: 389)
 *  ? charset   => LDAP server charset (default: utf-8)
 *  ? name      => Name for LDAP server (default "LDAP: hostname")
 *                 Used to tag the result data
 *  ? maxrows   => Maximum # of rows in search result
 *  ? timeout   => Timeout for LDAP operations (in seconds, default: 30)
 *                 Might not work for all LDAP libraries or servers.
 *
 * NOTE. This class should not be used directly. Use the
 *       "AddressBook" class instead.
 *
 * $Id$
 */

/*****************************************************************/
/*** THIS FILE NEEDS TO HAVE ITS FORMATTING FIXED!!!           ***/
/*** PLEASE DO SO AND REMOVE THIS COMMENT SECTION.             ***/
/***    + Base level indent should begin at left margin, as    ***/
/***      the first line of the class definition below.        ***/
/***    + All identation should consist of four space blocks   ***/
/***    + Tab characters are evil.                             ***/
/***    + all comments should use "slash-star ... star-slash"  ***/
/***      style -- no pound characters, no slash-slash style   ***/
/***    + FLOW CONTROL STATEMENTS (if, while, etc) SHOULD      ***/
/***      ALWAYS USE { AND } CHARACTERS!!!                     ***/
/***    + Please use ' instead of ", when possible. Note "     ***/
/***      should always be used in _( ) function calls.        ***/
/*** Thank you for your help making the SM code more readable. ***/
/*****************************************************************/

class abook_ldap_server extends addressbook_backend {
     var $btype = 'remote';
     var $bname = 'ldap_server';

     // Parameters changed by class
     var $sname   = 'LDAP';       // Service name
     var $server  = '';           // LDAP server name
     var $port    = 389;          // LDAP server port
     var $basedn  = '';           // LDAP base DN 
     var $charset = 'utf-8';      // LDAP server charset
     var $linkid  = false;        // PHP LDAP link ID
     var $bound   = false;        // True if LDAP server is bound
     var $maxrows = 250;          // Max rows in result
     var $timeout = 30;           // Timeout for LDAP operations (in seconds)

     // Constructor. Connects to database
     function abook_ldap_server($param) {
       if(!function_exists('ldap_connect')) {
         $this->set_error('LDAP support missing from PHP');
         return;
       }
       if(is_array($param)) {
	 $this->server = $param['host'];
	 $this->basedn = $param['base'];
	 if(!empty($param['port']))
	   $this->port = $param['port'];
	 if(!empty($param['charset']))
	   $this->charset = strtolower($param['charset']);
	 if(isset($param['maxrows']))
	   $this->maxrows = $param['maxrows'];
	 if(isset($param['timeout']))
	   $this->timeout = $param['timeout'];
	 if(empty($param['name']))
	   $this->sname = 'LDAP: ' . $param['host'];
	 else
	   $this->sname = $param['name'];
	 
	 $this->open(true);
       } else {
	 $this->set_error('Invalid argument to constructor');
       }
     }


     // Open the LDAP server. New connection if $new is true
     function open($new = false) {
       $this->error = '';

       // Connection is already open
       if($this->linkid != false && !$new) 
	 return true;

       $this->linkid = @ldap_connect($this->server, $this->port);
       if(!$this->linkid) 
	 if(function_exists('ldap_error'))
	   return $this->set_error(ldap_error($this->linkid)); 
	 else
	   return $this->set_error('ldap_connect failed');
       
       if(!@ldap_bind($this->linkid))
	 if(function_exists('ldap_error'))
	   return $this->set_error(ldap_error($this->linkid)); 
	 else
	   return $this->set_error('ldap_bind failed');

       $this->bound = true;
       
       return true;
     }


     // Encode iso8859-1 string to the charset used by this LDAP server
     function charset_encode($str) {
       if($this->charset == 'utf-8') {
	 if(function_exists('utf8_encode'))
	   return utf8_encode($str);
	 else
	   return $str;
       } else {
	 return $str;
       }
     }


     // Decode from charset used by this LDAP server to iso8859-1
     function charset_decode($str) {
       if($this->charset == 'utf-8') {
	 if(function_exists('utf8_decode'))
	   return utf8_decode($str);
	 else
	   return $str;
       } else {
	 return $str;
       }
     }

     
     // ========================== Public ========================

     // Search the LDAP server
     function search($expr) {

       // To be replaced by advanded search expression parsing
       if(is_array($expr)) return false;

       // Encode the expression
       $expr = $this->charset_encode($expr);
       if(strstr($expr, "*") === false)
	 $expr = "*$expr*";
       $expression = "cn=$expr";

       // Make sure connection is there
       if(!$this->open())
	 return false;

       // Do the search. Use improved ldap_search() if PHP version is
       // 4.0.2 or newer.
       if(sqCheckPHPVersion(4, 0, 2)) {
	  $sret = @ldap_search($this->linkid, $this->basedn, $expression,
			       array('dn', 'o', 'ou', 'sn', 'givenname', 
				     'cn', 'mail', 'telephonenumber'),
			       0, $this->maxrows, $this->timeout);
       } else {
	  $sret = @ldap_search($this->linkid, $this->basedn, $expression,
			       array('dn', 'o', 'ou', 'sn', 'givenname', 
				     'cn', 'mail', 'telephonenumber'));
       }

       // Should get error from server using the ldap_error() function,
       // but it only exist in the PHP LDAP documentation.
       if(!$sret)
	 if(function_exists('ldap_error'))
	   return $this->set_error(ldap_error($this->linkid)); 
	 else
	   return $this->set_error('ldap_search failed');       

       if(@ldap_count_entries($this->linkid, $sret) <= 0)
	 return array();

       // Get results
       $ret = array();
       $returned_rows = 0;
       $res = @ldap_get_entries($this->linkid, $sret);
       for($i = 0 ; $i < $res['count'] ; $i++) {
	 $row = $res[$i];

	 // Extract data common for all e-mail addresses
	 // of an object. Use only the first name
	 $nickname = $this->charset_decode($row['dn']);
	 $fullname = $this->charset_decode($row['cn'][0]);

	 if(empty($row['telephonenumber'][0])) $phone = '';
	 else $phone = $this->charset_decode($row['telephonenumber'][0]);

	 if(!empty($row['ou'][0]))
	   $label = $this->charset_decode($row['ou'][0]);
	 else if(!empty($row['o'][0]))
	   $label = $this->charset_decode($row['o'][0]);
	 else 
	   $label = '';

	 if(empty($row['givenname'][0])) $firstname = '';
	 else $firstname = $this->charset_decode($row['givenname'][0]);

	 if(empty($row['sn'][0])) $surname = '';
	 else $surname = $this->charset_decode($row['sn'][0]);

	 // Add one row to result for each e-mail address
	 if(isset($row['mail']['count'])) {
	   for($j = 0 ; $j < $row['mail']['count'] ; $j++) {
	     array_push($ret, array('nickname'  => $nickname,
				    'name'      => $fullname,
				    'firstname' => $firstname,
				    'lastname'  => $surname,
				    'email'     => $row['mail'][$j],
				    'label'     => $label,
				    'phone'     => $phone,
				    'backend'   => $this->bnum,
				    'source'    => &$this->sname));
	     
	     // Limit number of hits
	     $returned_rows++;
	     if(($returned_rows >= $this->maxrows) && 
		($this->maxrows > 0) ) {
	       ldap_free_result($sret);
	       return $ret;
	     }

	   } // for($j ...)

	 } // isset($row['mail']['count'])

       }

       ldap_free_result($sret);
       return $ret;
     } // end search()


     // If you run a tiny LDAP server and you want the "List All" button
     // to show EVERYONE, then uncomment this tiny block of code:
     //
     // function list_addr() {
     //    return $this->search("*");
     // }
     //
     // Careful with this -- it could get quite large for big sites.
   }
?>
Commit	Line	Data
5100704d	1	<?php
5100704d	2
35586184	3	/**
	4	* abook_ldap_server.php
	5	*
	6	* Copyright (c) 1999-2001 The Squirrelmail Development Team
	7	* Licensed under the GNU GPL. For full terms see the file COPYING.
	8	*
	9	* Address book backend for LDAP server
	10	*
	11	* An array with the following elements must be passed to
	12	* the class constructor (elements marked ? are optional):
	13	*
	14	* host => LDAP server hostname/IP-address
	15	* base => LDAP server root (base dn). Empty string allowed.
	16	* ? port => LDAP server TCP port number (default: 389)
	17	* ? charset => LDAP server charset (default: utf-8)
	18	* ? name => Name for LDAP server (default "LDAP: hostname")
	19	* Used to tag the result data
	20	* ? maxrows => Maximum # of rows in search result
	21	* ? timeout => Timeout for LDAP operations (in seconds, default: 30)
	22	* Might not work for all LDAP libraries or servers.
	23	*
	24	* NOTE. This class should not be used directly. Use the
	25	* "AddressBook" class instead.
	26	*
	27	* $Id$
	28	*/
5100704d	29
35586184	30	/*****************************************************************/
	31	/* THIS FILE NEEDS TO HAVE ITS FORMATTING FIXED!!! */
	32	/* PLEASE DO SO AND REMOVE THIS COMMENT SECTION. */
	33	/* + Base level indent should begin at left margin, as */
	34	/* the first line of the class definition below. */
	35	/* + All identation should consist of four space blocks */
	36	/* + Tab characters are evil. */
	37	/* + all comments should use "slash-star ... star-slash" */
	38	/* style -- no pound characters, no slash-slash style */
	39	/* + FLOW CONTROL STATEMENTS (if, while, etc) SHOULD */
	40	/* ALWAYS USE { AND } CHARACTERS!!! */
	41	/* + Please use ' instead of ", when possible. Note " */
	42	/* should always be used in _( ) function calls. */
	43	/* Thank you for your help making the SM code more readable. */
	44	/*****************************************************************/
	45
	46	class abook_ldap_server extends addressbook_backend {
91be2362	47	var $btype = 'remote';
91be2362	48	var $bname = 'ldap_server';
5100704d	49
5100704d	50	// Parameters changed by class
91be2362	51	var $sname = 'LDAP'; // Service name
91be2362	52	var $server = ''; // LDAP server name
5100704d	53	var $port = 389; // LDAP server port
91be2362	54	var $basedn = ''; // LDAP base DN
91be2362	55	var $charset = 'utf-8'; // LDAP server charset
5100704d	56	var $linkid = false; // PHP LDAP link ID
	57	var $bound = false; // True if LDAP server is bound
	58	var $maxrows = 250; // Max rows in result
b33afbcf	59	var $timeout = 30; // Timeout for LDAP operations (in seconds)
5100704d	60
	61	// Constructor. Connects to database
	62	function abook_ldap_server($param) {
91be2362	63	if(!function_exists('ldap_connect')) {
91be2362	64	$this->set_error('LDAP support missing from PHP');
1688203f	65	return;
1688203f	66	}
5100704d	67	if(is_array($param)) {
91be2362	68	$this->server = $param['host'];
	69	$this->basedn = $param['base'];
	70	if(!empty($param['port']))
	71	$this->port = $param['port'];
	72	if(!empty($param['charset']))
	73	$this->charset = strtolower($param['charset']);
	74	if(isset($param['maxrows']))
	75	$this->maxrows = $param['maxrows'];
	76	if(isset($param['timeout']))
	77	$this->timeout = $param['timeout'];
	78	if(empty($param['name']))
	79	$this->sname = 'LDAP: ' . $param['host'];
5100704d	80	else
91be2362	81	$this->sname = $param['name'];
5100704d	82
	83	$this->open(true);
	84	} else {
91be2362	85	$this->set_error('Invalid argument to constructor');
5100704d	86	}
	87	}
	88
	89
	90	// Open the LDAP server. New connection if $new is true
	91	function open($new = false) {
91be2362	92	$this->error = '';
5100704d	93
	94	// Connection is already open
	95	if($this->linkid != false && !$new)
	96	return true;
	97
	98	$this->linkid = @ldap_connect($this->server, $this->port);
	99	if(!$this->linkid)
91be2362	100	if(function_exists('ldap_error'))
5100704d	101	return $this->set_error(ldap_error($this->linkid));
5100704d	102	else
91be2362	103	return $this->set_error('ldap_connect failed');
5100704d	104
5100704d	105	if(!@ldap_bind($this->linkid))
91be2362	106	if(function_exists('ldap_error'))
5100704d	107	return $this->set_error(ldap_error($this->linkid));
5100704d	108	else
91be2362	109	return $this->set_error('ldap_bind failed');
5100704d	110
	111	$this->bound = true;
	112
	113	return true;
	114	}
	115
	116
	117	// Encode iso8859-1 string to the charset used by this LDAP server
	118	function charset_encode($str) {
91be2362	119	if($this->charset == 'utf-8') {
91be2362	120	if(function_exists('utf8_encode'))
5100704d	121	return utf8_encode($str);
	122	else
	123	return $str;
	124	} else {
	125	return $str;
	126	}
	127	}
	128
	129
	130	// Decode from charset used by this LDAP server to iso8859-1
	131	function charset_decode($str) {
91be2362	132	if($this->charset == 'utf-8') {
91be2362	133	if(function_exists('utf8_decode'))
5100704d	134	return utf8_decode($str);
	135	else
	136	return $str;
	137	} else {
	138	return $str;
	139	}
	140	}
	141
	142
	143	// ========================== Public ========================
	144
	145	// Search the LDAP server
	146	function search($expr) {
	147
	148	// To be replaced by advanded search expression parsing
	149	if(is_array($expr)) return false;
	150
	151	// Encode the expression
	152	$expr = $this->charset_encode($expr);
146e0c45	153	if(strstr($expr, "*") === false)
84db4e6c	154	$expr = "$expr";
5100704d	155	$expression = "cn=$expr";
	156
	157	// Make sure connection is there
	158	if(!$this->open())
	159	return false;
	160
b33afbcf	161	// Do the search. Use improved ldap_search() if PHP version is
	162	// 4.0.2 or newer.
	163	if(sqCheckPHPVersion(4, 0, 2)) {
	164	$sret = @ldap_search($this->linkid, $this->basedn, $expression,
91be2362	165	array('dn', 'o', 'ou', 'sn', 'givenname',
91be2362	166	'cn', 'mail', 'telephonenumber'),
b33afbcf	167	0, $this->maxrows, $this->timeout);
	168	} else {
	169	$sret = @ldap_search($this->linkid, $this->basedn, $expression,
91be2362	170	array('dn', 'o', 'ou', 'sn', 'givenname',
91be2362	171	'cn', 'mail', 'telephonenumber'));
b33afbcf	172	}
5100704d	173
	174	// Should get error from server using the ldap_error() function,
	175	// but it only exist in the PHP LDAP documentation.
	176	if(!$sret)
91be2362	177	if(function_exists('ldap_error'))
5100704d	178	return $this->set_error(ldap_error($this->linkid));
5100704d	179	else
91be2362	180	return $this->set_error('ldap_search failed');
5100704d	181
	182	if(@ldap_count_entries($this->linkid, $sret) <= 0)
	183	return array();
	184
	185	// Get results
	186	$ret = array();
	187	$returned_rows = 0;
	188	$res = @ldap_get_entries($this->linkid, $sret);
91be2362	189	for($i = 0 ; $i < $res['count'] ; $i++) {
5100704d	190	$row = $res[$i];
	191
	192	// Extract data common for all e-mail addresses
	193	// of an object. Use only the first name
91be2362	194	$nickname = $this->charset_decode($row['dn']);
91be2362	195	$fullname = $this->charset_decode($row['cn'][0]);
5100704d	196
91be2362	197	if(empty($row['telephonenumber'][0])) $phone = '';
91be2362	198	else $phone = $this->charset_decode($row['telephonenumber'][0]);
5100704d	199
91be2362	200	if(!empty($row['ou'][0]))
	201	$label = $this->charset_decode($row['ou'][0]);
	202	else if(!empty($row['o'][0]))
	203	$label = $this->charset_decode($row['o'][0]);
5100704d	204	else
91be2362	205	$label = '';
5100704d	206
91be2362	207	if(empty($row['givenname'][0])) $firstname = '';
91be2362	208	else $firstname = $this->charset_decode($row['givenname'][0]);
5100704d	209
91be2362	210	if(empty($row['sn'][0])) $surname = '';
91be2362	211	else $surname = $this->charset_decode($row['sn'][0]);
5100704d	212
5100704d	213	// Add one row to result for each e-mail address
7609273d	214	if(isset($row['mail']['count'])) {
	215	for($j = 0 ; $j < $row['mail']['count'] ; $j++) {
	216	array_push($ret, array('nickname' => $nickname,
	217	'name' => $fullname,
	218	'firstname' => $firstname,
	219	'lastname' => $surname,
	220	'email' => $row['mail'][$j],
	221	'label' => $label,
	222	'phone' => $phone,
	223	'backend' => $this->bnum,
	224	'source' => &$this->sname));
	225
	226	// Limit number of hits
	227	$returned_rows++;
	228	if(($returned_rows >= $this->maxrows) &&
	229	($this->maxrows > 0) ) {
	230	ldap_free_result($sret);
	231	return $ret;
	232	}
	233
	234	} // for($j ...)
	235
	236	} // isset($row['mail']['count'])
	237
5100704d	238	}
	239
	240	ldap_free_result($sret);
	241	return $ret;
	242	} // end search()
	243
aeee871f	244
	245	// If you run a tiny LDAP server and you want the "List All" button
	246	// to show EVERYONE, then uncomment this tiny block of code:
	247	//
	248	// function list_addr() {
	249	// return $this->search("*");
	250	// }
	251	//
	252	// Careful with this -- it could get quite large for big sites.
5100704d	253	}
5100704d	254	?>