X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-core%2Finclude%2Fclass_ldap.inc;h=45ffae7f4a4b8e8901985ea8ebc611cc49f089f1;hb=4b3498ae8e78a11c7c99663d45bab6a0a14df052;hp=2bbb1d875ee9a5365f04a675af57c5ed22f27b1e;hpb=e2b4b86dd84c941e591f0560dc20a947854312c5;p=gosa.git diff --git a/gosa-core/include/class_ldap.inc b/gosa-core/include/class_ldap.inc index 2bbb1d875..45ffae7f4 100644 --- a/gosa-core/include/class_ldap.inc +++ b/gosa-core/include/class_ldap.inc @@ -60,8 +60,8 @@ class LDAP{ $this->hostname=$hostname; /* Check if MAX_LDAP_QUERY_TIME is defined */ - if(isset($config->data['MAIN']['MAX_LDAP_QUERY_TIME'])){ - $str = $config->data['MAIN']['MAX_LDAP_QUERY_TIME']; + if(is_object($config) && $config->get_cfg_value("ldapMaxQueryTime") != ""){ + $str = $config->get_cfg_value("ldapMaxQueryTime"); $this->max_ldap_query_time = (float)($str); } @@ -81,19 +81,19 @@ class LDAP{ /* Function to replace all problematic characters inside a DN by \001XX, where \001 is decoded to chr(1) [ctrl+a]. It is not impossible, but very unlikely that this character is inside a DN. - + Currently used codes: - , => CO - \2C => CO - ( => OB - ) => CB - / => SL */ + , => CO + \2C => CO + ( => OB + ) => CB + / => SL */ static function convert($dn) { if (SPECIALS_OVERRIDE == TRUE){ $tmp= preg_replace(array("/\\\\,/", "/\\\\2C/", "/\(/", "/\)/", "/\//"), - array("\001CO", "\001CO", "\001OB", "\001CB", "\001SL"), - $dn); + array("\001CO", "\001CO", "\001OB", "\001CB", "\001SL"), + $dn); return (preg_replace('/,\s+/', ',', $tmp)); } else { return ($dn); @@ -109,19 +109,19 @@ class LDAP{ { if (SPECIALS_OVERRIDE == TRUE){ return (preg_replace(array("/\001CO/", "/\001OB/", "/\001CB/", "/\001SL/"), - array("\,", "(", ")", "/"), - $dn)); + array("\,", "(", ")", "/"), + $dn)); } else { return ($dn); } } - /* Function to fix problematic characters in DN's that are used for search requests. I.e. member=.... */ static function prepare4filter($dn) { - return normalizeLdap(preg_replace('/\\\\/', '\\\\\\', LDAP::fix($dn))); + $fixed= normalizeLdap(str_replace('\\\\', '\\\\\\', LDAP::fix($dn))); + return str_replace('\\,', '\\\\,', $fixed); } @@ -160,13 +160,13 @@ class LDAP{ function rebind($ldap, $referral) { $credentials= $this->get_credentials($referral); - if (@ldap_bind($ldap, LDAP::fix($credentials['ADMIN']), $credentials['PASSWORD'])) { + if (@ldap_bind($ldap, LDAP::fix($credentials['ADMINDN']), $credentials['ADMINPASSWORD'])) { $this->error = "Success"; $this->hascon=true; $this->reconnect= true; return (0); } else { - $this->error = "Could not bind to " . $credentials['ADMIN']; + $this->error = "Could not bind to " . $credentials['ADMINDN']; return NULL; } } @@ -293,6 +293,19 @@ class LDAP{ } } + function object_match_filter($dn,$filter) + { + if($this->hascon){ + if ($this->reconnect) $this->connect(); + $res = @ldap_read($this->cid, LDAP::fix($dn), $filter, array("objectClass")); + $rv = @ldap_count_entries($this->cid, $res); + return($rv); + }else{ + $this->error = "Could not connect to LDAP server"; + return(FALSE); + } + } + function set_size_limit($size) { /* Ignore zero settings */ @@ -454,12 +467,14 @@ class LDAP{ /* Check if source and destination are the same entry */ if(strtolower($source) == strtolower($dest)){ trigger_error("Source and destination can't be the same entry."); + $this->error = "Source and destination can't be the same entry."; return(FALSE); } /* Check if destination entry exists */ if($this->dn_exists($dest)){ trigger_error("Destination '$dest' already exists."); + $this->error = "Destination '$dest' already exists."; return(FALSE); } @@ -468,18 +483,18 @@ class LDAP{ parent => ou=department,dc=... dest_rdn => cn=herbert */ - $parent = preg_replace("/^[^,]+,/","",$dest); + $parent = preg_replace("/^[^,]+,/","", $dest); $dest_rdn = preg_replace("/,.*$/","",$dest); - + if($this->hascon){ if ($this->reconnect) $this->connect(); - $r= @ldap_rename($this->cid,$source,$dest_rdn,$parent,TRUE); - $this->error = @ldap_error($this->cid); + $r= ldap_rename($this->cid,@LDAP::fix($source), @LDAP::fix($dest_rdn),@LDAP::fix($parent),TRUE); + $this->error = ldap_error($this->cid); /* Check if destination dn exists, if not the server may not support this operation */ - $r &= $this->dn_exists($dest); - return(!$r ? $r : TRUE); + $r &= is_resource($this->dn_exists($dest)); + return($r); }else{ $this->error = "Could not connect to LDAP server"; return(FALSE); @@ -581,7 +596,7 @@ class LDAP{ /* Ignore referrals */ $found= false; foreach($this->referrals as $ref){ - $base= preg_replace('!^[^:]+://[^/]+/([^?]+).*$!', '\\1', $ref['URL']); + $base= preg_replace('!^[^:]+://[^/]+/([^?]+).*$!', '\\1', $ref['URI']); if ($base == $cdn){ $found= true; break; @@ -604,7 +619,7 @@ class LDAP{ } else { $type= preg_replace('/^([^=]+)=.*$/', '\\1', $cdn); - $param= preg_replace('/^[^=]+=([^,]+),.*$/', '\\1', $cdn); + $param= preg_replace('/^[^=]+=([^,]+).*$/', '\\1', $cdn); $na= array(); @@ -688,6 +703,9 @@ class LDAP{ $this->add($na); if (!$this->success()){ + + print_a(array($cdn,$na)); + msg_dialog::display(_("LDAP error"), msgPool::ldaperror($this->get_error(), $cdn, LDAP_ADD, get_class())); return FALSE; } @@ -784,8 +802,8 @@ class LDAP{ if (isset($referrals[$server])){ return ($referrals[$server]); } else { - $ret['ADMIN']= LDAP::fix($this->binddn); - $ret['PASSWORD']= $this->bindpw; + $ret['ADMINDN']= LDAP::fix($this->binddn); + $ret['ADMINPASSWORD']= $this->bindpw; } return ($ret); @@ -1183,30 +1201,26 @@ class LDAP{ } - function get_objectclasses() + function get_objectclasses( $force_reload = FALSE) { $objectclasses = array(); global $config; /* Only read schema if it is allowed */ if(isset($config) && preg_match("/config/i",get_class($config))){ - if(!isset($config->data['MAIN']['SCHEMA_CHECK']) || !preg_match("/true/i",$config->data['MAIN']['SCHEMA_CHECK'])){ + if ($config->get_cfg_value("schemaCheck") != "true"){ return($objectclasses); } } /* Return the cached results. */ - if(class_available('session') && session::is_set("LDAP_CACHE::get_objectclasses")){ - $objectclasses = session::get("LDAP_CACHE::get_objectclasses"); + if(class_available('session') && session::global_is_set("LDAP_CACHE::get_objectclasses") && !$force_reload){ + $objectclasses = session::global_get("LDAP_CACHE::get_objectclasses"); return($objectclasses); } # Get base to look for schema - $sr = @ldap_read ($this->cid, NULL, "objectClass=*", array("subschemaSubentry")); - if(!$sr){ - $sr = @ldap_read ($this->cid, "", "objectClass=*", array("subschemaSubentry")); - } - + $sr = @ldap_read ($this->cid, "", "objectClass=*", array("subschemaSubentry")); $attr = @ldap_get_entries($this->cid,$sr); if (!isset($attr[0]['subschemasubentry'][0])){ return array(); @@ -1264,8 +1278,9 @@ class LDAP{ } if(class_available("session")){ - session::set("LDAP_CACHE::get_objectclasses",$objectclasses); + session::global_set("LDAP_CACHE::get_objectclasses",$objectclasses); } + return $objectclasses; } @@ -1294,8 +1309,8 @@ class LDAP{ function log($string) { - if (session::is_set('config')){ - $cfg = session::get('config'); + if (session::global_is_set('config')){ + $cfg = session::global_get('config'); if (isset($cfg->current['LDAPSTATS']) && preg_match('/true/i', $cfg->current['LDAPSTATS'])){ syslog (LOG_INFO, $string); }