d49463ae6aee9331b47e6b512224ac53ae1e599f
1 <?php
3 class filterLDAP {
5 static function query($base, $scope, $filter, $attributes, $category, $method,$objectStorage= "")
6 {
7 $config= session::global_get('config');
8 $ldap= $config->get_ldap_link(TRUE);
9 $flag= ($scope == "sub")?GL_SUBSEARCH:0;
10 $result= filterLDAP::get_list($base, $filter, $attributes, $category, $objectStorage,$method, $flag | GL_SIZELIMIT);
11 return $result;
12 }
15 static function unifyResults($results)
16 {
17 $res = array();
18 foreach($results as $entry){
19 if(!isset($res[$entry['dn']])){
20 $res[$entry['dn']] = $entry;
21 }
22 }
23 return(array_values($res));
24 }
27 static function get_list($base, $filter, $attributes, $category, $objectStorage, $method, $flags= GL_SUBSEARCH)
28 {
29 $ui= session::global_get('ui');
30 $config= session::global_get('config');
32 // Move to arrays for category and objectStorage
33 if (!is_array($category)) {
34 $category= array($category);
35 }
36 if (!is_array($objectStorage)) {
37 $objectStorage= array($objectStorage);
38 }
39 if(empty($method)){
40 $method= (empty($objectStorage) && !($flags & GL_SUBSEARCH))?"ls":"search";
41 }
43 // Initialize search bases
44 $bases= array();
46 // Get list of sub bases to search on
47 if (count($objectStorage) == 0) {
48 $bases[$base]= "";
49 } else {
50 foreach ($objectStorage as $oc) {
51 $oc= preg_replace('/,$/', '', $oc);
52 $tmp= split(',', $oc);
53 if (count($tmp) == 1) {
54 preg_match('/([^=]+)=(.*)$/', $oc, $m);
55 if ($flags & GL_SUBSEARCH) {
56 $bases[$base][]= $m[1].":dn:=".$m[2];
57 } else {
58 $bases["$oc,$base"][]= $m[1].":dn:=".$m[2];
59 }
60 } else {
61 // No, there's no \, in pre defined RDN values
62 preg_match('/^([^,]+),(.*)$/', $oc, $matches);
63 preg_match('/([^=]+)=(.*)$/', $matches[1], $m);
64 if ($flags & GL_SUBSEARCH) {
65 $bases[$base][]= $m[1].":dn:=".$m[2];
66 } else {
67 $bases[$matches[2].",$base"][]= $m[1].":dn:=".$m[2];
68 }
69 }
70 }
71 }
73 // Get LDAP link
74 $ldap= $config->get_ldap_link($flags & GL_SIZELIMIT);
76 // Do search for every base
77 $result= array();
78 $limit_exceeded = FALSE;
79 foreach($bases as $base => $dnFilters) {
81 // Break if the size limit is exceeded
82 if($limit_exceeded){
83 return($result);
84 }
86 // Switch to new base and search
87 if (is_array($dnFilters)){
88 $dnFilter= "(|";
89 foreach ($dnFilters as $df) {
90 $dnFilter.= "($df)";
91 }
92 $dnFilter.= ")";
93 } else {
94 $dnFilter= "";
95 }
96 $ldap->cd($base);
97 if ($method == "ls") {
98 $ldap->ls("(&$filter$dnFilter)", $base, $attributes);
99 } else {
100 $ldap->search("(&$filter$dnFilter)", $attributes);
101 }
103 // Check for size limit exceeded messages for GUI feedback
104 if (preg_match("/size limit/i", $ldap->get_error())){
105 session::set('limit_exceeded', TRUE);
106 $limit_exceeded = TRUE;
107 }
109 /* Crawl through result entries and perform the migration to the
110 result array */
111 while($attrs = $ldap->fetch()) {
112 $dn= $ldap->getDN();
114 /* Convert dn into a printable format */
115 if ($flags & GL_CONVERT){
116 $attrs["dn"]= convert_department_dn($dn);
117 } else {
118 $attrs["dn"]= $dn;
119 }
121 /* Skip ACL checks if we are forced to skip those checks */
122 if($flags & GL_NO_ACL_CHECK){
123 $result[]= $attrs;
124 }else{
126 /* Sort in every value that fits the permissions */
127 foreach ($category as $o){
128 if((preg_match("/\//",$o) && preg_match("/r/",$ui->get_permissions($dn,$o))) ||
129 (!preg_match("/\//",$o) && preg_match("/r/",$ui->get_category_permissions($dn, $o)))){
130 $result[]= $attrs;
131 break;
132 }
133 }
134 }
135 }
137 }
139 return $result;
140 }
143 }
145 ?>