4 * abook_ldap_server.php
6 * Copyright (c) 1999-2002 The Squirrelmail Project Team
7 * Licensed under the GNU GPL. For full terms see the file COPYING.
9 * Address book backend for LDAP server
11 * An array with the following elements must be passed to
12 * the class constructor (elements marked ? are optional):
14 * host => LDAP server hostname/IP-address
15 * base => LDAP server root (base dn). Empty string allowed.
16 * ? port => LDAP server TCP port number (default: 389)
17 * ? charset => LDAP server charset (default: utf-8)
18 * ? name => Name for LDAP server (default "LDAP: hostname")
19 * Used to tag the result data
20 * ? maxrows => Maximum # of rows in search result
21 * ? timeout => Timeout for LDAP operations (in seconds, default: 30)
22 * Might not work for all LDAP libraries or servers.
24 * NOTE. This class should not be used directly. Use the
25 * "AddressBook" class instead.
30 /*****************************************************************/
31 /*** THIS FILE NEEDS TO HAVE ITS FORMATTING FIXED!!! ***/
32 /*** PLEASE DO SO AND REMOVE THIS COMMENT SECTION. ***/
33 /*** + Base level indent should begin at left margin, as ***/
34 /*** the first line of the class definition below. ***/
35 /*** + All identation should consist of four space blocks ***/
36 /*** + Tab characters are evil. ***/
37 /*** + all comments should use "slash-star ... star-slash" ***/
38 /*** style -- no pound characters, no slash-slash style ***/
39 /*** + FLOW CONTROL STATEMENTS (if, while, etc) SHOULD ***/
40 /*** ALWAYS USE { AND } CHARACTERS!!! ***/
41 /*** + Please use ' instead of ", when possible. Note " ***/
42 /*** should always be used in _( ) function calls. ***/
43 /*** Thank you for your help making the SM code more readable. ***/
44 /*****************************************************************/
46 class abook_ldap_server
extends addressbook_backend
{
47 var $btype = 'remote';
48 var $bname = 'ldap_server';
50 // Parameters changed by class
51 var $sname = 'LDAP'; // Service name
52 var $server = ''; // LDAP server name
53 var $port = 389; // LDAP server port
54 var $basedn = ''; // LDAP base DN
55 var $charset = 'utf-8'; // LDAP server charset
56 var $linkid = false; // PHP LDAP link ID
57 var $bound = false; // True if LDAP server is bound
58 var $maxrows = 250; // Max rows in result
59 var $timeout = 30; // Timeout for LDAP operations (in seconds)
61 // Constructor. Connects to database
62 function abook_ldap_server($param) {
63 if(!function_exists('ldap_connect')) {
64 $this->set_error('LDAP support missing from PHP');
67 if(is_array($param)) {
68 $this->server
= $param['host'];
69 $this->basedn
= $param['base'];
70 if(!empty($param['port']))
71 $this->port
= $param['port'];
72 if(!empty($param['charset']))
73 $this->charset
= strtolower($param['charset']);
74 if(isset($param['maxrows']))
75 $this->maxrows
= $param['maxrows'];
76 if(isset($param['timeout']))
77 $this->timeout
= $param['timeout'];
78 if(empty($param['name']))
79 $this->sname
= 'LDAP: ' . $param['host'];
81 $this->sname
= $param['name'];
85 $this->set_error('Invalid argument to constructor');
90 // Open the LDAP server. New connection if $new is true
91 function open($new = false) {
94 // Connection is already open
95 if($this->linkid
!= false && !$new)
98 $this->linkid
= @ldap_connect
($this->server
, $this->port
);
100 if(function_exists('ldap_error'))
101 return $this->set_error(ldap_error($this->linkid
));
103 return $this->set_error('ldap_connect failed');
105 if(!@ldap_bind
($this->linkid
))
106 if(function_exists('ldap_error'))
107 return $this->set_error(ldap_error($this->linkid
));
109 return $this->set_error('ldap_bind failed');
117 // Encode iso8859-1 string to the charset used by this LDAP server
118 function charset_encode($str) {
119 if($this->charset
== 'utf-8') {
120 if(function_exists('utf8_encode'))
121 return utf8_encode($str);
130 // Decode from charset used by this LDAP server to iso8859-1
131 function charset_decode($str) {
132 if($this->charset
== 'utf-8') {
133 if(function_exists('utf8_decode'))
134 return utf8_decode($str);
143 // ========================== Public ========================
145 // Search the LDAP server
146 function search($expr) {
148 // To be replaced by advanded search expression parsing
149 if(is_array($expr)) return false;
151 // Encode the expression
152 $expr = $this->charset_encode($expr);
153 if(strstr($expr, "*") === false)
155 $expression = "cn=$expr";
157 // Make sure connection is there
161 // Do the search. Use improved ldap_search() if PHP version is
163 if(sqCheckPHPVersion(4, 0, 2)) {
164 $sret = @ldap_search
($this->linkid
, $this->basedn
, $expression,
165 array('dn', 'o', 'ou', 'sn', 'givenname',
166 'cn', 'mail', 'telephonenumber'),
167 0, $this->maxrows
, $this->timeout
);
169 $sret = @ldap_search
($this->linkid
, $this->basedn
, $expression,
170 array('dn', 'o', 'ou', 'sn', 'givenname',
171 'cn', 'mail', 'telephonenumber'));
174 // Should get error from server using the ldap_error() function,
175 // but it only exist in the PHP LDAP documentation.
177 if(function_exists('ldap_error'))
178 return $this->set_error(ldap_error($this->linkid
));
180 return $this->set_error('ldap_search failed');
182 if(@ldap_count_entries
($this->linkid
, $sret) <= 0)
188 $res = @ldap_get_entries
($this->linkid
, $sret);
189 for($i = 0 ; $i < $res['count'] ; $i++
) {
192 // Extract data common for all e-mail addresses
193 // of an object. Use only the first name
194 $nickname = $this->charset_decode($row['dn']);
195 $fullname = $this->charset_decode($row['cn'][0]);
197 if(empty($row['telephonenumber'][0])) $phone = '';
198 else $phone = $this->charset_decode($row['telephonenumber'][0]);
200 if(!empty($row['ou'][0]))
201 $label = $this->charset_decode($row['ou'][0]);
202 else if(!empty($row['o'][0]))
203 $label = $this->charset_decode($row['o'][0]);
207 if(empty($row['givenname'][0])) $firstname = '';
208 else $firstname = $this->charset_decode($row['givenname'][0]);
210 if(empty($row['sn'][0])) $surname = '';
211 else $surname = $this->charset_decode($row['sn'][0]);
213 // Add one row to result for each e-mail address
214 if(isset($row['mail']['count'])) {
215 for($j = 0 ; $j < $row['mail']['count'] ; $j++
) {
216 array_push($ret, array('nickname' => $nickname,
218 'firstname' => $firstname,
219 'lastname' => $surname,
220 'email' => $row['mail'][$j],
223 'backend' => $this->bnum
,
224 'source' => &$this->sname
));
226 // Limit number of hits
228 if(($returned_rows >= $this->maxrows
) &&
229 ($this->maxrows
> 0) ) {
230 ldap_free_result($sret);
236 } // isset($row['mail']['count'])
240 ldap_free_result($sret);
245 // If you run a tiny LDAP server and you want the "List All" button
246 // to show EVERYONE, then uncomment this tiny block of code:
248 // function list_addr() {
249 // return $this->search("*");
252 // Careful with this -- it could get quite large for big sites.