index 1f2baab3e41cfef1fa6d308329bb6b7b27c4fcd6..bac40e5e07fd0a947cc96ca68801d06d1f1feb2b 100644 (file)
$this->hostname=$hostname;
/* Check if MAX_LDAP_QUERY_TIME is defined */
- if(is_object($config) && $config->get_cfg_value("ldapMaxQueryTime") != ""){
- $str = $config->get_cfg_value("ldapMaxQueryTime");
+ if(is_object($config) && $config->get_cfg_value("core","ldapMaxQueryTime") != ""){
+ $str = $config->get_cfg_value("core","ldapMaxQueryTime");
$this->max_ldap_query_time = (float)($str);
}
if($this->max_ldap_query_time){
$diff = microtime(true) - $start;
if($diff > $this->max_ldap_query_time){
- msg_dialog::display(_("Performance warning"), sprintf(_("LDAP performance is poor: last query took about %.2fs!"), $diff), WARNING_DIALOG);
+ msg_dialog::display(_("Performance warning"), sprintf(_("LDAP performance is poor: last query took %.2fs!"), $diff), WARNING_DIALOG);
}
}
$this->log("LDAP operation: time=".(microtime(true)-$start)." operation=search('".LDAP::fix($this->basedn)."', '$filter')");
+
+ // Create statistic table entry
+ stats::log('ldap', $class = get_class($this), $category = array(), $action = __FUNCTION__,
+ $amount = 1, $duration = (microtime(TRUE) - $start));
return($this->sr[$srp]);
}else{
$this->error = "Could not connect to LDAP server";
if($this->max_ldap_query_time){
$diff = microtime(true) - $start;
if($diff > $this->max_ldap_query_time){
- msg_dialog::display(_("Performance warning"), sprintf(_("LDAP performance is poor: last query took about %.2fs!"), $diff), WARNING_DIALOG);
+ msg_dialog::display(_("Performance warning"), sprintf(_("LDAP performance is poor: last query took %.2fs!"), $diff), WARNING_DIALOG);
}
}
$this->log("LDAP operation: time=".(microtime(true) - $start)." operation=ls('".LDAP::fix($basedn)."', '$filter')");
+ // Create statistic table entry
+ stats::log('ldap', $class = get_class($this), $category = array(), $action = __FUNCTION__,
+ $amount = 1, $duration = (microtime(TRUE) - $start));
+
return($this->sr[$srp]);
}else{
$this->error = "Could not connect to LDAP server";
return (0);
}
if($this->hascon){
+ $start = microtime(TRUE);
if ($this->reconnect) $this->connect();
$r = @ldap_modify($this->cid, LDAP::fix($this->basedn), $attrs);
$this->error = @ldap_error($this->cid);
if(!$this->success()){
$this->error.= $this->makeReadableErrors($this->error,$attrs);
}
+
+ // Create statistic table entry
+ stats::log('ldap', $class = get_class($this), $category = array(), $action = __FUNCTION__,
+ $amount = 1, $duration = (microtime(TRUE) - $start));
return($r ? $r : 0);
}else{
$this->error = "Could not connect to LDAP server";
function add($attrs)
{
if($this->hascon){
+ $start = microtime(TRUE);
if ($this->reconnect) $this->connect();
$r = @ldap_add($this->cid, LDAP::fix($this->basedn), $attrs);
$this->error = @ldap_error($this->cid);
if(!$this->success()){
$this->error.= $this->makeReadableErrors($this->error,$attrs);
}
+
+ // Create statistic table entry
+ stats::log('ldap', $class = get_class($this), $category = array(), $action = __FUNCTION__,
+ $amount = 1, $duration = (microtime(TRUE) - $start));
+
return($r ? $r : 0);
}else{
$this->error = "Could not connect to LDAP server";
} else {
$type= preg_replace('/^([^=]+)=.*$/', '\\1', $cdn);
- $param= preg_replace('/^[^=]+=([^,]+).*$/', '\\1', $cdn);
+ $param= LDAP::fix(preg_replace('/^[^=]+=([^,]+).*$/', '\\1', $cdn));
+ $param=preg_replace(array('/\\\\,/','/\\\\"/'),array(',','"'),$param);
$na= array();
/* Get name of first matching objectClass */
$ocname= "";
foreach($classes as $class){
- if (isset($class['MUST']) && $class['MUST'] == "$type"){
+ if (isset($class['MUST']) && in_array($type, $class['MUST'])){
/* Look for first classes that is structural... */
if (isset($class['STRUCTURAL'])){
/* Bail out, if we've nothing to do... */
if ($ocname == ""){
- msg_dialog::display(_("Internal error"), sprintf(_("Cannot automatically create subtrees with RDN '%s': no object class found!"),$type), FATAL_ERROR_DIALOG);
+ msg_dialog::display(_("Internal error"), sprintf(_("Cannot automatically create subtrees with RDN %s: no object class found"), bold($type)), FATAL_ERROR_DIALOG);
exit();
}
$na['objectClass'][]= 'locality';
}
$na[$type]= $param;
+
+ // Fill in MUST values - but do not overwrite existing ones.
if (is_array($classes[$ocname]['MUST'])){
foreach($classes[$ocname]['MUST'] as $attr){
+ if(isset($na[$attr]) && !empty($na[$attr])) continue;
$na[$attr]= "filled";
}
}
$na["dc"]= $param;
break;
default:
- msg_dialog::display(_("Internal error"), sprintf(_("Cannot automatically create subtrees with RDN '%s': not supported"),$type), FATAL_ERROR_DIALOG);
+ msg_dialog::display(_("Internal error"), sprintf(_("Cannot automatically create subtrees with RDN %s: not supported"), bold($type)), FATAL_ERROR_DIALOG);
exit();
}
} else {
$adderror= $this->get_additional_error();
if ($adderror != ""){
- $error= $this->error." (".$this->get_additional_error().", ".sprintf(_("while operating on '%s' using LDAP server '%s'"), $this->basedn, $this->hostname).")";
+ $error= $this->error." (".$this->get_additional_error().", ".sprintf(_("while operating on %s using LDAP server %s"), bold($this->basedn), bold($this->hostname)).")";
} else {
- $error= $this->error." (".sprintf(_("while operating on LDAP server %s"), $this->hostname).")";
+ $error= $this->error." (".sprintf(_("while operating on LDAP server %s"), bold($this->hostname)).")";
}
return $error;
}
}
- function gen_ldif ($srp, $dn, $filter= "(objectClass=*)", $attributes= array('*'), $recursive= TRUE)
+ /*! \brief Generates an ldif for all entries matching the filter settings, scope and limit.
+ * @param $dn The entry to export.
+ * @param $filter Limit the exported object to those maching this filter.
+ * @param $attributes Specify the attributes to export here, empty means all.
+ * @param $scope 'base', 'sub' .. see manpage for 'ldapmodify' for details.
+ * @param $limit Limits the result.
+ */
+ function generateLdif ($dn, $filter= "(objectClass=*)", $attributes= array(), $scope = 'sub', $limit=0)
{
- $display= "";
-
- if ($recursive){
- $this->cd($dn);
- $this->ls($srp, $filter,$dn, array('dn','objectClass'));
- $deps = array();
-
- $display .= $this->gen_one_entry($dn)."\n";
-
- while ($attrs= $this->fetch($srp)){
- $deps[] = $attrs['dn'];
- }
- foreach($deps as $dn){
- $display .= $this->gen_ldif($srp, $dn, $filter,$attributes,$recursive);
- }
- } else {
- $display.= $this->gen_one_entry($dn);
- }
- return ($display);
+ $attrs = (count($attributes))?implode($attributes,' '):'';
+ $scope = (!empty($scope))?' -s '.$scope: '';
+ $limit = (!$limit)?'':' -z '.$limit;
+ $dn = escapeshellarg($dn);
+ $admin = escapeshellarg($this->binddn);
+ $pwd = escapeshellarg($this->bindpw);
+ $filter = escapeshellarg($filter);
+ $host = escapeshellarg($this->hostname);
+ $cmd = "ldapsearch -x -LLLL -D {$admin} -w {$pwd} {$filter} {$limit} {$scope} -H {$host} -b {$dn} $attrs ";
+ ob_start();
+ passthru($cmd);
+ $res=ob_get_contents();
+ ob_end_clean();
+ return($res);
}
}
- function gen_one_entry($dn, $filter= "(objectClass=*)" , $name= array("*"))
- {
- $ret = "";
- $data = "";
- if($this->reconnect){
- $this->connect();
- }
-
- /* Searching Ldap Tree */
- $sr= @ldap_read($this->cid, LDAP::fix($dn), $filter, $name);
-
- /* Get the first entry */
- $entry= @ldap_first_entry($this->cid, $sr);
-
- /* Get all attributes related to that Objekt */
- $atts = array();
-
- /* Assemble dn */
- $atts[0]['name'] = "dn";
- $atts[0]['value'] = array('count' => 1, 0 => $dn);
-
- /* Reset index */
- $i = 1 ;
- $identifier = array();
- $attribute= @ldap_first_attribute($this->cid,$entry,$identifier);
- while ($attribute) {
- $i++;
- $atts[$i]['name'] = $attribute;
- $atts[$i]['value'] = @ldap_get_values_len($this->cid, $entry, "$attribute");
-
- /* Next one */
- $attribute= @ldap_next_attribute($this->cid,$entry,$identifier);
- }
-
- foreach($atts as $at)
- {
- for ($i= 0; $i<$at['value']['count']; $i++){
-
- /* Check if we must encode the data */
- if(!preg_match('/^[a-z0-9+@#.=, \/ -]+$/i', $at['value'][$i])) {
- $ret .= $at['name'].":: ".base64_encode($at['value'][$i])."\n";
- } else {
- $ret .= $at['name'].": ".$at['value'][$i]."\n";
- }
- }
- }
-
- return($ret);
- }
-
-
function dn_exists($dn)
{
return @ldap_list($this->cid, LDAP::fix($dn), "(objectClass=*)", array("objectClass"));
/* Every block must begin with a dn */
if($dn != "dn") {
- $error= sprintf(_("This is not a valid DN: '%s'. A block for import should begin with 'dn: ...' in line %s"), $line, $current_line);
+ $error= sprintf(_("Invalid DN %s: block to be imported should start with 'dn: ...' in line %s"), bold($line), bold($current_line));
return -2;
}
/* If we can't Import, return with a file error */
if(!$this->import_single_entry($srp, $single,$usemodify,$usermdir) ) {
- $error= sprintf(_("Error while importing dn: '%s', please check your LDIF from line %s on!"), $line,
+ $error= sprintf(_("Error while importing DN %s: please check LDIF from line %s on!"), bold($line),
$current_line);
return UNKNOWN_TOKEN_IN_LDIF_FILE; }
}
$objectclasses = array();
global $config;
- /* Only read schema if it is allowed */
- if(isset($config) && preg_match("/config/i",get_class($config))){
- if ($config->get_cfg_value("schemaCheck") != "true"){
- return($objectclasses);
- }
- }
-
/* Return the cached results. */
if(class_available('session') && session::global_is_set("LDAP_CACHE::get_objectclasses") && !$force_reload){
$objectclasses = session::global_get("LDAP_CACHE::get_objectclasses");
break;
case ')': if ($name != ""){
- $objectclasses[$ocname][$name]= $this->value2container($value);
+ $v = $this->value2container($value);
+ if(in_array($name, array('MUST', 'MAY')) && !is_array($v)){
+ $v = array($v);
+ }
+ $objectclasses[$ocname][$name]= $v;
}
$name= "";
$value= "";
case 'MUST':
case 'MAY':
if ($name != ""){
- $objectclasses[$ocname][$name]= $this->value2container($value);
+ $v = $this->value2container($value);
+ if(in_array($name, array('MUST', 'MAY')) && !is_array($v)){
+ $v = array($v);
+ }
+ $objectclasses[$ocname][$name]= $v;
}
$name= $chunk;
$value= "";