index 1c8b758f287860581b6285bbf18ba288b20f3b0d..5d815810e9134838bb49e6f4e8d0f5f98b6e8b89 100644 (file)
\2C => CO
( => OB
) => CB
\2C => CO
( => OB
) => CB
- / => SL */
+ / => SL
+ \22 => DQ */
static function convert($dn)
{
if (SPECIALS_OVERRIDE == TRUE){
static function convert($dn)
{
if (SPECIALS_OVERRIDE == TRUE){
- $tmp= preg_replace(array("/\\\\,/", "/\\\\2C/", "/\(/", "/\)/", "/\//"),
- array("\001CO", "\001CO", "\001OB", "\001CB", "\001SL"),
+ $tmp= preg_replace(array("/\\\\,/", "/\\\\2C/", "/\(/", "/\)/", "/\//", "/\\\\22/", '/\\\\"/'),
+ array("\001CO", "\001CO", "\001OB", "\001CB", "\001SL", "\001DQ", "\001DQ"),
$dn);
return (preg_replace('/,\s+/', ',', $tmp));
} else {
$dn);
return (preg_replace('/,\s+/', ',', $tmp));
} else {
static function fix($dn)
{
if (SPECIALS_OVERRIDE == TRUE){
static function fix($dn)
{
if (SPECIALS_OVERRIDE == TRUE){
- return (preg_replace(array("/\001CO/", "/\001OB/", "/\001CB/", "/\001SL/"),
- array("\,", "(", ")", "/"),
+ return (preg_replace(array("/\001CO/", "/\001OB/", "/\001CB/", "/\001SL/", "/\001DQ/"),
+ array("\,", "(", ")", "/", '\"'),
$dn));
} else {
return ($dn);
$dn));
} else {
return ($dn);
requests. I.e. member=.... */
static function prepare4filter($dn)
{
requests. I.e. member=.... */
static function prepare4filter($dn)
{
- return normalizeLdap(str_replace('\\\\', '\\\\\\', LDAP::fix($dn)));
+ $fixed= normalizeLdap(str_replace('\\\\', '\\\\\\', LDAP::fix($dn)));
+ return str_replace('\\,', '\\\\,', $fixed);
}
}
if ($basedn==""){
$basedn = $this->basedn;
} else {
if ($basedn==""){
$basedn = $this->basedn;
} else {
- $basedn = LDAP::convert($this->basedn);
+ $basedn = LDAP::convert($basedn);
}
}
- return(ereg_replace("[^,]*[,]*[ ]*(.*)", "\\1", $basedn));
+ return(preg_replace("/[^,]*[,]*[ ]*(.*)/", "$1", $basedn));
}
}
if($this->hascon){
if ($this->reconnect) $this->connect();
if($this->hascon){
if ($this->reconnect) $this->connect();
- $start = microtime();
+ $start = microtime(true);
$this->clearResult($srp);
$this->sr[$srp] = @ldap_search($this->cid, LDAP::fix($this->basedn), $filter, $attrs);
$this->error = @ldap_error($this->cid);
$this->clearResult($srp);
$this->sr[$srp] = @ldap_search($this->cid, LDAP::fix($this->basedn), $filter, $attrs);
$this->error = @ldap_error($this->cid);
/* Check if query took longer as specified in max_ldap_query_time */
if($this->max_ldap_query_time){
/* Check if query took longer as specified in max_ldap_query_time */
if($this->max_ldap_query_time){
- $diff = get_MicroTimeDiff($start,microtime());
+ $diff = microtime(true) - $start;
if($diff > $this->max_ldap_query_time){
if($diff > $this->max_ldap_query_time){
- msg_dialog::display(_("Performance warning"), sprintf(_("LDAP performance is poor: last query took about %.2fs!"), $diff), WARNING_DIALOG);
+ msg_dialog::display(_("Performance warning"), sprintf(_("LDAP performance is poor: last query took %.2fs!"), $diff), WARNING_DIALOG);
}
}
}
}
- $this->log("LDAP operation: time=".get_MicroTimeDiff($start,microtime())." operation=search('".LDAP::fix($this->basedn)."', '$filter')");
+ $this->log("LDAP operation: time=".(microtime(true)-$start)." operation=search('".LDAP::fix($this->basedn)."', '$filter')");
return($this->sr[$srp]);
}else{
$this->error = "Could not connect to LDAP server";
return($this->sr[$srp]);
}else{
$this->error = "Could not connect to LDAP server";
else
$basedn= LDAP::convert($basedn);
else
$basedn= LDAP::convert($basedn);
- $start = microtime();
+ $start = microtime(true);
$this->sr[$srp] = @ldap_list($this->cid, LDAP::fix($basedn), $filter,$attrs);
$this->error = @ldap_error($this->cid);
$this->resetResult($srp);
$this->sr[$srp] = @ldap_list($this->cid, LDAP::fix($basedn), $filter,$attrs);
$this->error = @ldap_error($this->cid);
$this->resetResult($srp);
/* Check if query took longer as specified in max_ldap_query_time */
if($this->max_ldap_query_time){
/* Check if query took longer as specified in max_ldap_query_time */
if($this->max_ldap_query_time){
- $diff = get_MicroTimeDiff($start,microtime());
+ $diff = microtime(true) - $start;
if($diff > $this->max_ldap_query_time){
if($diff > $this->max_ldap_query_time){
- msg_dialog::display(_("Performance warning"), sprintf(_("LDAP performance is poor: last query took about %.2fs!"), $diff), WARNING_DIALOG);
+ msg_dialog::display(_("Performance warning"), sprintf(_("LDAP performance is poor: last query took %.2fs!"), $diff), WARNING_DIALOG);
}
}
}
}
- $this->log("LDAP operation: time=".get_MicroTimeDiff($start,microtime())." operation=ls('".LDAP::fix($basedn)."', '$filter')");
+ $this->log("LDAP operation: time=".(microtime(true) - $start)." operation=ls('".LDAP::fix($basedn)."', '$filter')");
return($this->sr[$srp]);
}else{
return($this->sr[$srp]);
}else{
}
}
}
}
- function cat($srp, $dn,$attrs= array("*"))
+ function cat($srp, $dn,$attrs= array("*"), $filter = "(objectclass=*)")
{
if($this->hascon){
if ($this->reconnect) $this->connect();
$this->clearResult($srp);
{
if($this->hascon){
if ($this->reconnect) $this->connect();
$this->clearResult($srp);
- $filter = "(objectclass=*)";
$this->sr[$srp] = @ldap_read($this->cid, LDAP::fix($dn), $filter,$attrs);
$this->error = @ldap_error($this->cid);
$this->resetResult($srp);
$this->sr[$srp] = @ldap_read($this->cid, LDAP::fix($dn), $filter,$attrs);
$this->error = @ldap_error($this->cid);
$this->resetResult($srp);
if ($dn == "")
$dn = $this->basedn;
if ($dn == "")
$dn = $this->basedn;
- $r = @ldap_mod_del($this->cid, LDAP::fix($dn), $attrs);
+ $r = ldap_mod_del($this->cid, LDAP::fix($dn), $attrs);
+ $this->error = @ldap_error($this->cid);
+ return($r);
+ }else{
+ $this->error = "Could not connect to LDAP server";
+ return("");
+ }
+ }
+
+ function mod_add($attrs = "", $dn = "")
+ {
+ if($this->hascon){
+ if ($this->reconnect) $this->connect();
+ if ($dn == "")
+ $dn = $this->basedn;
+
+ $r = @ldap_mod_add($this->cid, LDAP::fix($dn), $attrs);
$this->error = @ldap_error($this->cid);
return($r);
}else{
$this->error = @ldap_error($this->cid);
return($r);
}else{
}
}
}
}
+ function makeReadableErrors($error,$attrs)
+ {
+ global $config;
+
+ if($this->success()) return("");
+
+ $str = "";
+ if(preg_match("/^objectClass: value #([0-9]*) invalid per syntax$/", $this->get_additional_error())){
+ $oc = preg_replace("/^objectClass: value #([0-9]*) invalid per syntax$/","\\1", $this->get_additional_error());
+ if(isset($attrs['objectClass'][$oc])){
+ $str.= " - <b>objectClass: ".$attrs['objectClass'][$oc]."</b>";
+ }
+ }
+ if($error == "Undefined attribute type"){
+ $str = " - <b>attribute: ".preg_replace("/:.*$/","",$this->get_additional_error())."</b>";
+ }
+
+ @DEBUG(DEBUG_LDAP,__LINE__,__FUNCTION__,__FILE__,$attrs,"Erroneous data");
+
+ return($str);
+ }
function modify($attrs)
{
function modify($attrs)
{
if ($this->reconnect) $this->connect();
$r = @ldap_modify($this->cid, LDAP::fix($this->basedn), $attrs);
$this->error = @ldap_error($this->cid);
if ($this->reconnect) $this->connect();
$r = @ldap_modify($this->cid, LDAP::fix($this->basedn), $attrs);
$this->error = @ldap_error($this->cid);
+ if(!$this->success()){
+ $this->error.= $this->makeReadableErrors($this->error,$attrs);
+ }
return($r ? $r : 0);
}else{
$this->error = "Could not connect to LDAP server";
return($r ? $r : 0);
}else{
$this->error = "Could not connect to LDAP server";
if ($this->reconnect) $this->connect();
$r = @ldap_add($this->cid, LDAP::fix($this->basedn), $attrs);
$this->error = @ldap_error($this->cid);
if ($this->reconnect) $this->connect();
$r = @ldap_add($this->cid, LDAP::fix($this->basedn), $attrs);
$this->error = @ldap_error($this->cid);
+ if(!$this->success()){
+ $this->error.= $this->makeReadableErrors($this->error,$attrs);
+ }
return($r ? $r : 0);
}else{
$this->error = "Could not connect to LDAP server";
return($r ? $r : 0);
}else{
$this->error = "Could not connect to LDAP server";
} else {
$type= preg_replace('/^([^=]+)=.*$/', '\\1', $cdn);
} else {
$type= preg_replace('/^([^=]+)=.*$/', '\\1', $cdn);
- $param= preg_replace('/^[^=]+=([^,]+),.*$/', '\\1', $cdn);
+ $param= LDAP::fix(preg_replace('/^[^=]+=([^,]+).*$/', '\\1', $cdn));
+ $param=preg_replace(array('/\\\\,/','/\\\\"/'),array(',','"'),$param);
$na= array();
$na= array();
/* Get name of first matching objectClass */
$ocname= "";
foreach($classes as $class){
/* Get name of first matching objectClass */
$ocname= "";
foreach($classes as $class){
- if (isset($class['MUST']) && $class['MUST'] == "$type"){
+ if (isset($class['MUST']) && in_array($type, $class['MUST'])){
/* Look for first classes that is structural... */
if (isset($class['STRUCTURAL'])){
/* Look for first classes that is structural... */
if (isset($class['STRUCTURAL'])){
/* Bail out, if we've nothing to do... */
if ($ocname == ""){
/* Bail out, if we've nothing to do... */
if ($ocname == ""){
- msg_dialog::display(_("Internal error"), sprintf(_("Cannot automatically create subtrees with RDN '%s': no object class found!"),$type), FATAL_ERROR_DIALOG);
+ msg_dialog::display(_("Internal error"), sprintf(_("Cannot automatically create subtrees with RDN %s: no object class found"), bold($type)), FATAL_ERROR_DIALOG);
exit();
}
exit();
}
$na['objectClass'][]= 'locality';
}
$na[$type]= $param;
$na['objectClass'][]= 'locality';
}
$na[$type]= $param;
+
+ // Fill in MUST values - but do not overwrite existing ones.
if (is_array($classes[$ocname]['MUST'])){
foreach($classes[$ocname]['MUST'] as $attr){
if (is_array($classes[$ocname]['MUST'])){
foreach($classes[$ocname]['MUST'] as $attr){
+ if(isset($na[$attr]) && !empty($na[$attr])) continue;
$na[$attr]= "filled";
}
}
$na[$attr]= "filled";
}
}
$na["dc"]= $param;
break;
default:
$na["dc"]= $param;
break;
default:
- msg_dialog::display(_("Internal error"), sprintf(_("Cannot automatically create subtrees with RDN '%s': not supported"),$type), FATAL_ERROR_DIALOG);
+ msg_dialog::display(_("Internal error"), sprintf(_("Cannot automatically create subtrees with RDN %s: not supported"), bold($type)), FATAL_ERROR_DIALOG);
exit();
}
exit();
}
$this->add($na);
if (!$this->success()){
$this->add($na);
if (!$this->success()){
+
+ print_a(array($cdn,$na));
+
msg_dialog::display(_("LDAP error"), msgPool::ldaperror($this->get_error(), $cdn, LDAP_ADD, get_class()));
return FALSE;
}
msg_dialog::display(_("LDAP error"), msgPool::ldaperror($this->get_error(), $cdn, LDAP_ADD, get_class()));
return FALSE;
}
}
}
}
}
+
function get_attribute($dn, $name,$r_array=0)
{
$data= "";
function get_attribute($dn, $name,$r_array=0)
{
$data= "";
}
}
}
}
}
}
- if($r_array==0)
- return ($data);
- else
- return ($info);
-
-
+ if($r_array==0) {
+ return ($data);
+ } else {
+ return ($info);
+ }
}
}
} else {
$adderror= $this->get_additional_error();
if ($adderror != ""){
} else {
$adderror= $this->get_additional_error();
if ($adderror != ""){
- $error= $this->error." (".$this->get_additional_error().", ".sprintf(_("while operating on '%s' using LDAP server '%s'"), $this->basedn, $this->hostname).")";
+ $error= $this->error." (".$this->get_additional_error().", ".sprintf(_("while operating on %s using LDAP server %s"), bold($this->basedn), bold($this->hostname)).")";
} else {
} else {
- $error= $this->error." (".sprintf(_("while operating on LDAP server %s"), $this->hostname).")";
+ $error= $this->error." (".sprintf(_("while operating on LDAP server %s"), bold($this->hostname)).")";
}
return $error;
}
}
return $error;
}
}
}
- function gen_ldif ($srp, $dn, $filter= "(objectClass=*)", $attributes= array('*'), $recursive= TRUE)
+ function generateLdif ($dn, $filter= "(objectClass=*)", $attributes= array(), $scope = 'sub', $limit=0)
{
{
- $display= "";
-
- if ($recursive){
- $this->cd($dn);
- $this->ls($srp, $filter,$dn, array('dn','objectClass'));
- $deps = array();
-
- $display .= $this->gen_one_entry($dn)."\n";
-
- while ($attrs= $this->fetch($srp)){
- $deps[] = $attrs['dn'];
- }
- foreach($deps as $dn){
- $display .= $this->gen_ldif($srp, $dn, $filter,$attributes,$recursive);
- }
- } else {
- $display.= $this->gen_one_entry($dn);
- }
- return ($display);
+ $host = $this->hostname;
+ $attrs = (count($attributes))?implode($attributes,' '):'';
+ $scope = (!empty($scope))?' -s '.$scope: '';
+ $limit = (!$limit)?'':' -z '.$limit;
+ $dn = escapeshellarg($dn);
+ $cmd = "ldapsearch -x -LLLL '{$filter}' {$limit} {$scope} -H '{$host}' -b {$dn} $attrs";
+ exec($cmd, $ret,$code);
+ $res = implode($ret,"\n");
+ return($res);
}
}
}
}
- function gen_one_entry($dn, $filter= "(objectClass=*)" , $name= array("*"))
- {
- $ret = "";
- $data = "";
- if($this->reconnect){
- $this->connect();
- }
-
- /* Searching Ldap Tree */
- $sr= @ldap_read($this->cid, LDAP::fix($dn), $filter, $name);
-
- /* Get the first entry */
- $entry= @ldap_first_entry($this->cid, $sr);
-
- /* Get all attributes related to that Objekt */
- $atts = array();
-
- /* Assemble dn */
- $atts[0]['name'] = "dn";
- $atts[0]['value'] = array('count' => 1, 0 => $dn);
-
- /* Reset index */
- $i = 1 ;
- $identifier = array();
- $attribute= @ldap_first_attribute($this->cid,$entry,$identifier);
- while ($attribute) {
- $i++;
- $atts[$i]['name'] = $attribute;
- $atts[$i]['value'] = @ldap_get_values_len($this->cid, $entry, "$attribute");
-
- /* Next one */
- $attribute= @ldap_next_attribute($this->cid,$entry,$identifier);
- }
-
- foreach($atts as $at)
- {
- for ($i= 0; $i<$at['value']['count']; $i++){
-
- /* Check if we must encode the data */
- if(!preg_match('/^[a-z0-9+@#.=, \/ -]+$/i', $at['value'][$i])) {
- $ret .= $at['name'].":: ".base64_encode($at['value'][$i])."\n";
- } else {
- $ret .= $at['name'].": ".$at['value'][$i]."\n";
- }
- }
- }
-
- return($ret);
- }
-
-
function dn_exists($dn)
{
return @ldap_list($this->cid, LDAP::fix($dn), "(objectClass=*)", array("objectClass"));
function dn_exists($dn)
{
return @ldap_list($this->cid, LDAP::fix($dn), "(objectClass=*)", array("objectClass"));
{
if($this->reconnect) $this->connect();
{
if($this->reconnect) $this->connect();
- /* First we have to splitt the string ito detect empty lines
+ /* First we have to split the string into empty lines.
An empty line indicates an new Entry */
An empty line indicates an new Entry */
- $entries = split("\n",$str_attr);
+ $entries = preg_split("/\n/",$str_attr);
$data = "";
$cnt = 0;
$data = "";
$cnt = 0;
/* Append lines ... */
if(!empty($tmp2)) {
/* check if we need base64_decode for this line */
/* Append lines ... */
if(!empty($tmp2)) {
/* check if we need base64_decode for this line */
- if(ereg("::",$tmp2))
+ if(strstr($tmp2, "::") !== false)
{
{
- $encoded = split("::",$entry);
+ $encoded = explode("::",$entry);
$attr = trim($encoded[0]);
$value = base64_decode(trim($encoded[1]));
/* Add linenumber */
$attr = trim($encoded[0]);
$value = base64_decode(trim($encoded[1]));
/* Add linenumber */
Now we check every insertblock and try to insert */
foreach ( $all as $single) {
Now we check every insertblock and try to insert */
foreach ( $all as $single) {
- $lineone = split("\n",$single);
- $ndn = split("#", $lineone[0]);
+ $lineone = preg_split("/\n/",$single);
+ $ndn = explode("#", $lineone[0]);
$line = base64_decode($ndn[1]);
$line = base64_decode($ndn[1]);
- $dnn = split (":",$line,2);
+ $dnn = explode (":",$line,2);
$current_line = $ndn[0];
$dn = $dnn[0];
$value = $dnn[1];
/* Every block must begin with a dn */
if($dn != "dn") {
$current_line = $ndn[0];
$dn = $dnn[0];
$value = $dnn[1];
/* Every block must begin with a dn */
if($dn != "dn") {
- $error= sprintf(_("This is not a valid DN: '%s'. A block for import should begin with 'dn: ...' in line %s"), $line, $current_line);
+ $error= sprintf(_("Invalid DN %s: block to be imported should start with 'dn: ...' in line %s"), bold($line), bold($current_line));
return -2;
}
return -2;
}
/* If we can't Import, return with a file error */
if(!$this->import_single_entry($srp, $single,$usemodify,$usermdir) ) {
/* If we can't Import, return with a file error */
if(!$this->import_single_entry($srp, $single,$usemodify,$usermdir) ) {
- $error= sprintf(_("Error while importing dn: '%s', please check your LDIF from line %s on!"), $line,
+ $error= sprintf(_("Error while importing DN %s: please check LDIF from line %s on!"), bold($line),
$current_line);
return UNKNOWN_TOKEN_IN_LDIF_FILE; }
}
$current_line);
return UNKNOWN_TOKEN_IN_LDIF_FILE; }
}
if($this->reconnect) $this->connect();
$ret = false;
if($this->reconnect) $this->connect();
$ret = false;
- $rows= split("\n",$str_attr);
+ $rows= preg_split("/\n/",$str_attr);
$data= false;
foreach($rows as $row) {
$data= false;
foreach($rows as $row) {
/* We are using line numbers
Because there is a # before a : */
/* We are using line numbers
Because there is a # before a : */
- $tmp1= split("#",$row);
+ $tmp1= explode("#",$row);
$current_line= $tmp1[0];
$row= base64_decode($tmp1[1]);
}
/* Split the line into attribute and value */
$current_line= $tmp1[0];
$row= base64_decode($tmp1[1]);
}
/* Split the line into attribute and value */
- $attr = split(":", $row,2);
+ $attr = explode(":", $row,2);
$attr[0]= trim($attr[0]); /* attribute */
$attr[1]= $attr[1]; /* value */
$attr[0]= trim($attr[0]); /* attribute */
$attr[1]= $attr[1]; /* value */
function importcsv($str)
{
function importcsv($str)
{
- $lines = split("\n",$str);
+ $lines = preg_split("/\n/",$str);
foreach($lines as $line)
{
/* continue if theres a comment */
foreach($lines as $line)
{
/* continue if theres a comment */
$line= str_replace ("\t" ,"," ,$line);
echo $line;
$line= str_replace ("\t" ,"," ,$line);
echo $line;
- $cells = split(",",$line ) ;
+ $cells = explode(",",$line ) ;
$linet= str_replace ("\t\t",",",$line);
$linet= str_replace ("\t\t",",",$line);
- $cells = split("\t",$line);
+ $cells = preg_split("/\t/",$line);
$count = count($cells);
}
}
$count = count($cells);
}
}
- function get_objectclasses()
+ function get_objectclasses( $force_reload = FALSE)
{
$objectclasses = array();
global $config;
{
$objectclasses = array();
global $config;
}
/* Return the cached results. */
}
/* Return the cached results. */
- if(class_available('session') && session::is_set("LDAP_CACHE::get_objectclasses")){
- $objectclasses = session::get("LDAP_CACHE::get_objectclasses");
+ if(class_available('session') && session::global_is_set("LDAP_CACHE::get_objectclasses") && !$force_reload){
+ $objectclasses = session::global_get("LDAP_CACHE::get_objectclasses");
return($objectclasses);
}
return($objectclasses);
}
continue;
}
$name= "OID";
continue;
}
$name= "OID";
- $pattern= split(' ', $val);
+ $pattern= explode(' ', $val);
$ocname= preg_replace("/^.* NAME\s+\(*\s*'([^']+)'\s*\)*.*$/", '\\1', $val);
$objectclasses[$ocname]= array();
$ocname= preg_replace("/^.* NAME\s+\(*\s*'([^']+)'\s*\)*.*$/", '\\1', $val);
$objectclasses[$ocname]= array();
break;
case ')': if ($name != ""){
break;
case ')': if ($name != ""){
- $objectclasses[$ocname][$name]= $this->value2container($value);
+ $v = $this->value2container($value);
+ if(in_array($name, array('MUST', 'MAY')) && !is_array($v)){
+ $v = array($v);
+ }
+ $objectclasses[$ocname][$name]= $v;
}
$name= "";
$value= "";
}
$name= "";
$value= "";
case 'MUST':
case 'MAY':
if ($name != ""){
case 'MUST':
case 'MAY':
if ($name != ""){
- $objectclasses[$ocname][$name]= $this->value2container($value);
+ $v = $this->value2container($value);
+ if(in_array($name, array('MUST', 'MAY')) && !is_array($v)){
+ $v = array($v);
+ }
+ $objectclasses[$ocname][$name]= $v;
}
$name= $chunk;
$value= "";
}
$name= $chunk;
$value= "";
}
if(class_available("session")){
}
if(class_available("session")){
- session::set("LDAP_CACHE::get_objectclasses",$objectclasses);
+ session::global_set("LDAP_CACHE::get_objectclasses",$objectclasses);
}
return $objectclasses;
}
return $objectclasses;
function log($string)
{
function log($string)
{
- if (session::is_set('config')){
- $cfg = session::get('config');
+ if (session::global_is_set('config')){
+ $cfg = session::global_get('config');
if (isset($cfg->current['LDAPSTATS']) && preg_match('/true/i', $cfg->current['LDAPSTATS'])){
syslog (LOG_INFO, $string);
}
if (isset($cfg->current['LDAPSTATS']) && preg_match('/true/i', $cfg->current['LDAPSTATS'])){
syslog (LOG_INFO, $string);
}
/* added by Guido Serra aka Zeph <zeph@purotesto.it> */
function getCn($dn){
/* added by Guido Serra aka Zeph <zeph@purotesto.it> */
function getCn($dn){
- $simple= split(",", $dn);
+ $simple= explode(",", $dn);
foreach($simple as $piece) {
foreach($simple as $piece) {
- $partial= split("=", $piece);
+ $partial= explode("=", $piece);
if($partial[0] == "cn"){
return $partial[1];
if($partial[0] == "cn"){
return $partial[1];