[squirrelmail.git] / functions / abook_ldap_server.php

<?php

/**
 * abook_ldap_server.php
 *
 * Copyright (c) 1999-2003 The SquirrelMail Project Team
 * Licensed under the GNU GPL. For full terms see the file COPYING.
 *
 * Address book backend for LDAP server
 *
 * An array with the following elements must be passed to
 * the class constructor (elements marked ? are optional):
 *
 *    host      => LDAP server hostname/IP-address
 *    base      => LDAP server root (base dn). Empty string allowed.
 *  ? port      => LDAP server TCP port number (default: 389)
 *  ? charset   => LDAP server charset (default: utf-8)
 *  ? name      => Name for LDAP server (default "LDAP: hostname")
 *                 Used to tag the result data
 *  ? maxrows   => Maximum # of rows in search result
 *  ? timeout   => Timeout for LDAP operations (in seconds, default: 30)
 *                 Might not work for all LDAP libraries or servers.
 *
 * NOTE. This class should not be used directly. Use the
 *       "AddressBook" class instead.
 *
 * $Id$
 */

class abook_ldap_server extends addressbook_backend {
    var $btype = 'remote';
    var $bname = 'ldap_server';

    /* Parameters changed by class */
    var $sname   = 'LDAP';       /* Service name */
    var $server  = '';           /* LDAP server name */
    var $port    = 389;          /* LDAP server port */
    var $basedn  = '';           /* LDAP base DN  */
    var $charset = 'utf-8';      /* LDAP server charset */
    var $linkid  = false;        /* PHP LDAP link ID */
    var $bound   = false;        /* True if LDAP server is bound */
    var $maxrows = 250;          /* Max rows in result */
    var $timeout = 30;           /* Timeout for LDAP operations (in seconds) */

    /* Constructor. Connects to database */
    function abook_ldap_server($param) {
        if(!function_exists('ldap_connect')) {
            $this->set_error('LDAP support missing from PHP');
            return;
        }
        if(is_array($param)) {
            $this->server = $param['host'];
            $this->basedn = $param['base'];
            if(!empty($param['port'])) {
                $this->port = $param['port'];
            }
            if(!empty($param['charset'])) {
                $this->charset = strtolower($param['charset']);
            }
            if(isset($param['maxrows'])) {
                $this->maxrows = $param['maxrows'];
            }
            if(isset($param['timeout'])) {
                $this->timeout = $param['timeout'];
            }
            if(empty($param['name'])) {
                $this->sname = 'LDAP: ' . $param['host'];
            }
            else {
                $this->sname = $param['name'];
            }
            
            $this->open(true);
        } else {
            $this->set_error('Invalid argument to constructor');
        }
    }


    /* Open the LDAP server. New connection if $new is true */
    function open($new = false) {
        $this->error = '';
  
        /* Connection is already open */
        if($this->linkid != false && !$new) {
            return true;
        }
  
        $this->linkid = @ldap_connect($this->server, $this->port);
        if(!$this->linkid) {
            if(function_exists('ldap_error')) {
                return $this->set_error(ldap_error($this->linkid)); 
            } else {
                return $this->set_error('ldap_connect failed');
            }
        }
        
        if(!@ldap_bind($this->linkid)) {
            if(function_exists('ldap_error')) {
                return $this->set_error(ldap_error($this->linkid)); 
            } else {
                return $this->set_error('ldap_bind failed');
            }
        }
        
        $this->bound = true;
        
        return true;
    }


    /* Encode iso8859-1 string to the charset used by this LDAP server */
    function charset_encode($str) {
        if($this->charset == 'utf-8') {
            if(function_exists('utf8_encode')) {
                return utf8_encode($str);
            } else {
                return $str;
            }
        } else {
            return $str;
        }
    }


    /* Decode from charset used by this LDAP server to iso8859-1 */
    function charset_decode($str) {
        if($this->charset == 'utf-8') {
            if(function_exists('utf8_decode')) {
                return utf8_decode($str);
            } else {
                return $str;
            }
        } else {
            return $str;
        }
    }

    
    /* ========================== Public ======================== */

    /* Search the LDAP server */
    function search($expr) {
  
        /* To be replaced by advanded search expression parsing */
        if(is_array($expr)) return false;
  
        /* Encode the expression */
        $expr = $this->charset_encode($expr);
        if(strstr($expr, '*') === false) {
            $expr = "*$expr*";
        }
        $expression = "cn=$expr";
  
        /* Make sure connection is there */
        if(!$this->open()) {
            return false;
        }
  
        /* Do the search. Use improved ldap_search() if PHP version is
         * 4.0.2 or newer. */
        if(sqCheckPHPVersion(4, 0, 2)) {
            $sret = @ldap_search($this->linkid, $this->basedn, $expression,
                array('dn', 'o', 'ou', 'sn', 'givenname', 
                'cn', 'mail', 'telephonenumber'),
                0, $this->maxrows, $this->timeout);
        } else {
            $sret = @ldap_search($this->linkid, $this->basedn, $expression,
                array('dn', 'o', 'ou', 'sn', 'givenname', 
                'cn', 'mail', 'telephonenumber'));
        }
  
        /* Should get error from server using the ldap_error() function,
         * but it only exist in the PHP LDAP documentation. */
        if(!$sret) {
            if(function_exists('ldap_error')) {
                return $this->set_error(ldap_error($this->linkid)); 
            } else {
                return $this->set_error('ldap_search failed');       
            }
        }
        
        if(@ldap_count_entries($this->linkid, $sret) <= 0) {
            return array();
        }
  
        /* Get results */
        $ret = array();
        $returned_rows = 0;
        $res = @ldap_get_entries($this->linkid, $sret);
        for($i = 0 ; $i < $res['count'] ; $i++) {
            $row = $res[$i];
           
            /* Extract data common for all e-mail addresses
             * of an object. Use only the first name */
            $nickname = $this->charset_decode($row['dn']);
            $fullname = $this->charset_decode($row['cn'][0]);
           
            if(empty($row['telephonenumber'][0])) {
                $phone = '';
            } else {
                $phone = $this->charset_decode($row['telephonenumber'][0]);
            }
           
            if(!empty($row['ou'][0])) {
                $label = $this->charset_decode($row['ou'][0]);
            }
            else if(!empty($row['o'][0])) {
                $label = $this->charset_decode($row['o'][0]);
            } else {
                $label = '';
            }
           
            if(empty($row['givenname'][0])) {
                $firstname = '';
            } else {
                $firstname = $this->charset_decode($row['givenname'][0]);
            }
           
            if(empty($row['sn'][0])) {
                $surname = '';
            } else {
                $surname = $this->charset_decode($row['sn'][0]);
            }
           
            /* Add one row to result for each e-mail address */
            if(isset($row['mail']['count'])) {
                for($j = 0 ; $j < $row['mail']['count'] ; $j++) {
                    array_push($ret, array('nickname'  => $nickname,
                   'name'      => $fullname,
                   'firstname' => $firstname,
                   'lastname'  => $surname,
                   'email'     => $row['mail'][$j],
                   'label'     => $label,
                   'phone'     => $phone,
                   'backend'   => $this->bnum,
                   'source'    => &$this->sname));
                    
                    // Limit number of hits
                    $returned_rows++;
                    if(($returned_rows >= $this->maxrows) && 
                       ($this->maxrows > 0) ) {
                        ldap_free_result($sret);
                        return $ret;
                    }

                } // for($j ...)

            } // isset($row['mail']['count'])
 
        }
  
        ldap_free_result($sret);
        return $ret;
    } /* end search() */


    /* If you run a tiny LDAP server and you want the "List All" button
     * to show EVERYONE, then uncomment this tiny block of code:
     *
     * function list_addr() {
     *    return $this->search('*');
     * }
     *
     * Careful with this -- it could get quite large for big sites. */
}
?>
Commit	Line	Data
5100704d	1	<?php
5100704d	2
35586184	3	/**
	4	* abook_ldap_server.php
	5	*
76911253	6	* Copyright (c) 1999-2003 The SquirrelMail Project Team
35586184	7	* Licensed under the GNU GPL. For full terms see the file COPYING.
	8	*
	9	* Address book backend for LDAP server
	10	*
	11	* An array with the following elements must be passed to
	12	* the class constructor (elements marked ? are optional):
	13	*
	14	* host => LDAP server hostname/IP-address
	15	* base => LDAP server root (base dn). Empty string allowed.
	16	* ? port => LDAP server TCP port number (default: 389)
	17	* ? charset => LDAP server charset (default: utf-8)
	18	* ? name => Name for LDAP server (default "LDAP: hostname")
	19	* Used to tag the result data
	20	* ? maxrows => Maximum # of rows in search result
	21	* ? timeout => Timeout for LDAP operations (in seconds, default: 30)
	22	* Might not work for all LDAP libraries or servers.
	23	*
	24	* NOTE. This class should not be used directly. Use the
	25	* "AddressBook" class instead.
	26	*
	27	* $Id$
	28	*/
5100704d	29
35586184	30	class abook_ldap_server extends addressbook_backend {
06b4facd	31	var $btype = 'remote';
	32	var $bname = 'ldap_server';
	33
	34	/* Parameters changed by class */
	35	var $sname = 'LDAP'; /* Service name */
	36	var $server = ''; /* LDAP server name */
	37	var $port = 389; /* LDAP server port */
	38	var $basedn = ''; /* LDAP base DN */
	39	var $charset = 'utf-8'; /* LDAP server charset */
	40	var $linkid = false; /* PHP LDAP link ID */
	41	var $bound = false; /* True if LDAP server is bound */
	42	var $maxrows = 250; /* Max rows in result */
	43	var $timeout = 30; /* Timeout for LDAP operations (in seconds) */
	44
	45	/* Constructor. Connects to database */
	46	function abook_ldap_server($param) {
	47	if(!function_exists('ldap_connect')) {
	48	$this->set_error('LDAP support missing from PHP');
	49	return;
	50	}
	51	if(is_array($param)) {
	52	$this->server = $param['host'];
	53	$this->basedn = $param['base'];
	54	if(!empty($param['port'])) {
	55	$this->port = $param['port'];
	56	}
	57	if(!empty($param['charset'])) {
	58	$this->charset = strtolower($param['charset']);
	59	}
	60	if(isset($param['maxrows'])) {
	61	$this->maxrows = $param['maxrows'];
	62	}
	63	if(isset($param['timeout'])) {
	64	$this->timeout = $param['timeout'];
	65	}
	66	if(empty($param['name'])) {
	67	$this->sname = 'LDAP: ' . $param['host'];
	68	}
	69	else {
	70	$this->sname = $param['name'];
	71	}
	72
	73	$this->open(true);
	74	} else {
	75	$this->set_error('Invalid argument to constructor');
	76	}
	77	}
	78
	79
	80	/* Open the LDAP server. New connection if $new is true */
	81	function open($new = false) {
	82	$this->error = '';
	83
	84	/* Connection is already open */
	85	if($this->linkid != false && !$new) {
	86	return true;
	87	}
	88
	89	$this->linkid = @ldap_connect($this->server, $this->port);
	90	if(!$this->linkid) {
	91	if(function_exists('ldap_error')) {
	92	return $this->set_error(ldap_error($this->linkid));
	93	} else {
	94	return $this->set_error('ldap_connect failed');
95	}
96	}
97
98	if(!@ldap_bind($this->linkid)) {
99	if(function_exists('ldap_error')) {
100	return $this->set_error(ldap_error($this->linkid));
101	} else {
102	return $this->set_error('ldap_bind failed');
103	}
104	}
105
106	$this->bound = true;
107
108	return true;
109	}
110
111
112	/* Encode iso8859-1 string to the charset used by this LDAP server */
113	function charset_encode($str) {
114	if($this->charset == 'utf-8') {
115	if(function_exists('utf8_encode')) {
116	return utf8_encode($str);
117	} else {
118	return $str;
119	}
120	} else {
121	return $str;
122	}
123	}
124
125
126	/* Decode from charset used by this LDAP server to iso8859-1 */
127	function charset_decode($str) {
128	if($this->charset == 'utf-8') {
129	if(function_exists('utf8_decode')) {
130	return utf8_decode($str);
97445d7d	131	} else {
06b4facd	132	return $str;
	133	}
	134	} else {
	135	return $str;
	136	}
	137	}
	138
	139
	140	/* ========================== Public ======================== */
	141
	142	/* Search the LDAP server */
	143	function search($expr) {
	144
	145	/* To be replaced by advanded search expression parsing */
	146	if(is_array($expr)) return false;
	147
	148	/* Encode the expression */
	149	$expr = $this->charset_encode($expr);
	150	if(strstr($expr, '*') === false) {
	151	$expr = "$expr";
	152	}
	153	$expression = "cn=$expr";
	154
	155	/* Make sure connection is there */
	156	if(!$this->open()) {
	157	return false;
	158	}
	159
	160	/* Do the search. Use improved ldap_search() if PHP version is
	161	* 4.0.2 or newer. */
	162	if(sqCheckPHPVersion(4, 0, 2)) {
	163	$sret = @ldap_search($this->linkid, $this->basedn, $expression,
	164	array('dn', 'o', 'ou', 'sn', 'givenname',
	165	'cn', 'mail', 'telephonenumber'),
	166	0, $this->maxrows, $this->timeout);
	167	} else {
	168	$sret = @ldap_search($this->linkid, $this->basedn, $expression,
	169	array('dn', 'o', 'ou', 'sn', 'givenname',
	170	'cn', 'mail', 'telephonenumber'));
	171	}
	172
	173	/* Should get error from server using the ldap_error() function,
	174	* but it only exist in the PHP LDAP documentation. */
	175	if(!$sret) {
	176	if(function_exists('ldap_error')) {
	177	return $this->set_error(ldap_error($this->linkid));
	178	} else {
	179	return $this->set_error('ldap_search failed');
	180	}
	181	}
	182
	183	if(@ldap_count_entries($this->linkid, $sret) <= 0) {
	184	return array();
	185	}
	186
	187	/* Get results */
	188	$ret = array();
	189	$returned_rows = 0;
	190	$res = @ldap_get_entries($this->linkid, $sret);
	191	for($i = 0 ; $i < $res['count'] ; $i++) {
	192	$row = $res[$i];
	193
	194	/* Extract data common for all e-mail addresses
	195	* of an object. Use only the first name */
196	$nickname = $this->charset_decode($row['dn']);
197	$fullname = $this->charset_decode($row['cn'][0]);
198
199	if(empty($row['telephonenumber'][0])) {
200	$phone = '';
201	} else {
202	$phone = $this->charset_decode($row['telephonenumber'][0]);
203	}
204
205	if(!empty($row['ou'][0])) {
206	$label = $this->charset_decode($row['ou'][0]);
207	}
208	else if(!empty($row['o'][0])) {
209	$label = $this->charset_decode($row['o'][0]);
210	} else {
211	$label = '';
212	}
213
214	if(empty($row['givenname'][0])) {
215	$firstname = '';
216	} else {
217	$firstname = $this->charset_decode($row['givenname'][0]);
218	}
219
220	if(empty($row['sn'][0])) {
221	$surname = '';
222	} else {
223	$surname = $this->charset_decode($row['sn'][0]);
224	}
225
226	/* Add one row to result for each e-mail address */
227	if(isset($row['mail']['count'])) {
228	for($j = 0 ; $j < $row['mail']['count'] ; $j++) {
229	array_push($ret, array('nickname' => $nickname,
230	'name' => $fullname,
231	'firstname' => $firstname,
232	'lastname' => $surname,
233	'email' => $row['mail'][$j],
234	'label' => $label,
235	'phone' => $phone,
236	'backend' => $this->bnum,
237	'source' => &$this->sname));
238
239	// Limit number of hits
240	$returned_rows++;
241	if(($returned_rows >= $this->maxrows) &&
242	($this->maxrows > 0) ) {
243	ldap_free_result($sret);
244	return $ret;
245	}
246
247	} // for($j ...)
248
249	} // isset($row['mail']['count'])
250
251	}
252
253	ldap_free_result($sret);
254	return $ret;
255	} /* end search() */
256
257
258	/* If you run a tiny LDAP server and you want the "List All" button
259	* to show EVERYONE, then uncomment this tiny block of code:
260	*
261	* function list_addr() {
262	* return $this->search('*');
263	* }
264	*
265	* Careful with this -- it could get quite large for big sites. */
266	}
267	?>