Ldap.php

Show: PublicProtectedPrivateinherited
Table of Contents
Zend Framework
LICENSE This source file is subject to the new BSD license that is bundled with this package in the file LICENSE.txt. It is also available through the world-wide-web at this URL: http://framework.zend.com/license/new-bsd If you did not receive a copy of the license and are unable to obtain it through the world-wide-web, please send an email to license@zend.com so we can send you a copy immediately.
Category
Zend  
Copyright
Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)  
License
New BSD License  
Package
Zend_Ldap  
Version
$Id$  

\Zend_Ldap

Package: Zend_Ldap
Category
Zend  
Copyright
Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)  
License
New BSD License  

Constants

>VConstant  SEARCH_SCOPE_SUB = 1
>VConstant  SEARCH_SCOPE_ONE = 2
>VConstant  SEARCH_SCOPE_BASE = 3
>VConstant  ACCTNAME_FORM_DN = 1
>VConstant  ACCTNAME_FORM_USERNAME = 2
>VConstant  ACCTNAME_FORM_BACKSLASH = 3
>VConstant  ACCTNAME_FORM_PRINCIPAL = 4

Properties

>VPropertyprotectedboolean|null|string $_boundUser = false
FALSE if no user is bound to the LDAP resource NULL if there has been an anonymous bind username of the currently bound user
Default valuefalseDetails
Type
boolean | null | string
>VPropertyprivatestring $_connectString
String used with ldap_connect for error handling purposes.
Details
Type
string
>VPropertyprotectedarray $_options = null
The options used in connecting, binding, etc.
Default valuenullDetails
Type
array
>VPropertyprotectedresource $_resource = null
The raw LDAP extension resource.
Default valuenullDetails
Type
resource
>VPropertyprotected\Zend_Ldap_Node $_rootDse = null
Caches the RootDSE
Default valuenullDetails
Type
\Zend_Ldap_Node
>VPropertyprotected\Zend_Ldap_Node $_schema = null
Caches the schema
Default valuenullDetails
Type
\Zend_Ldap_Node

Methods

methodpublic__construct(array | \Zend_Config $options = array()) : void

Constructor.

Parameters
NameTypeDescription
$optionsarray | \Zend_Config

Options used in connecting, binding, etc.

Throws
ExceptionDescription
\Zend_Ldap_Exceptionif ext/ldap is not installed
methodpublic__destruct() : void

Destructor.

methodprotected_createCollection(\Zend_Ldap_Collection_Iterator_Default $iterator, string | null $collectionClass) : \Zend_Ldap_Collection

Extension point for collection creation

Parameters
NameTypeDescription
$iterator\Zend_Ldap_Collection_Iterator_Default
$collectionClassstring | null
Returns
TypeDescription
\Zend_Ldap_Collection
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodprotected_getAccount( $acctname, array $attrs = null) : array

Parameters
NameTypeDescription
$acctname
$attrsarray

An array of names of desired attributes

Returns
TypeDescription
arrayAn array of the attributes representing the account
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodprotected_getAccountCanonicalForm() : integer

Returns
TypeDescription
integerEither ACCTNAME_FORM_BACKSLASH, ACCTNAME_FORM_PRINCIPAL or ACCTNAME_FORM_USERNAME indicating the form usernames should be canonicalized to.
methodprotected_getAccountDn(string $acctname) : string

Parameters
NameTypeDescription
$acctnamestring

The name of the account

Returns
TypeDescription
stringThe DN of the specified account
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodprotected_getAccountDomainName() : string

Returns
TypeDescription
stringThe account domain name
methodprotected_getAccountDomainNameShort() : string

Returns
TypeDescription
stringThe short account domain name
methodprotected_getAccountFilter( $acctname) : string

Parameters
NameTypeDescription
$acctname
Returns
TypeDescription
stringThe LDAP search filter for matching directory accounts
methodprotected_getAccountFilterFormat() : string

Returns
TypeDescription
stringA format string for building an LDAP search filter to match an account
methodprotected_getAllowEmptyPassword() : boolean

Returns
TypeDescription
booleanAllow empty passwords
methodprotected_getBindRequiresDn() : boolean

Returns
TypeDescription
booleanBind requires DN
methodprotected_getChildrenDns(string | \Zend_Ldap_Dn $parentDn) : array

Retrieve the immediate children DNs of the given $parentDn

This method is used in recursive methods like {@see delete()} or {@see copy()}
Parameters
NameTypeDescription
$parentDnstring | \Zend_Ldap_Dn
Returns
TypeDescription
arrayof DNs
methodprotected_getHost() : string

Returns
TypeDescription
stringThe hostname of the LDAP server being used to authenticate accounts
methodprotected_getOptReferrals() : boolean

Returns
TypeDescription
booleanOpt. Referrals
methodprotected_getPassword() : string

Returns
TypeDescription
stringThe default password for binding
methodprotected_getPort() : int

Returns
TypeDescription
intThe port of the LDAP server or 0 to indicate that no port value is set
methodprotected_getTryUsernameSplit() : boolean

Returns
TypeDescription
booleanTry splitting the username into username and domain
methodprotected_getUseSsl() : boolean

Returns
TypeDescription
booleanThe default SSL / TLS encrypted transport control
methodprotected_getUseStartTls() : boolean

Returns
TypeDescription
booleanThe default SSL / TLS encrypted transport control
methodprotected_getUsername() : string

Returns
TypeDescription
stringThe default acctname for binding
methodprotected_isPossibleAuthority(string $dname) : boolean

Parameters
NameTypeDescription
$dnamestring

The domain name to check

Returns
TypeDescription
boolean
methodprotected_splitName(string $name, string $dname, string $aname) : void

Parameters
NameTypeDescription
$namestring

The name to split

$dnamestring

The resulting domain name (this is an out parameter)

$anamestring

The resulting account name (this is an out parameter)

methodpublicadd(string | \Zend_Ldap_Dn $dn, array $entry) : \Zend_Ldap

Add new information to the LDAP repository

Parameters
NameTypeDescription
$dnstring | \Zend_Ldap_Dn
$entryarray
Returns
TypeDescription
\Zend_LdapProvides a fluid interface
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpublicbind(string $username = null, string $password = null) : \Zend_Ldap

Parameters
NameTypeDescription
$usernamestring

The username for authenticating the bind

$passwordstring

The password for authenticating the bind

Returns
TypeDescription
\Zend_LdapProvides a fluent interface
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpublicconnect(string $host = null, int $port = null, boolean $useSsl = null, boolean $useStartTls = null) : \Zend_Ldap

To connect using SSL it seems the client tries to verify the server certificate by default. One way to disable this behavior is to set 'TLS_REQCERT never' in OpenLDAP's ldap.conf and restarting Apache. Or, if you really care about the server's cert you can put a cert on the web server.

Parameters
NameTypeDescription
$hoststring

The hostname of the LDAP server to connect to

$portint

The port number of the LDAP server to connect to

$useSslboolean

Use SSL

$useStartTlsboolean

Use STARTTLS

Returns
TypeDescription
\Zend_LdapProvides a fluent interface
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpubliccopy(string | \Zend_Ldap_Dn $from, string | \Zend_Ldap_Dn $to, boolean $recursively = false) : \Zend_Ldap

Copies a LDAP entry from one DN to another DN.

Parameters
NameTypeDescription
$fromstring | \Zend_Ldap_Dn
$tostring | \Zend_Ldap_Dn
$recursivelyboolean
Returns
TypeDescription
\Zend_LdapProvides a fluid interface
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpubliccopyToSubtree(string | \Zend_Ldap_Dn $from, string | \Zend_Ldap_Dn $to, boolean $recursively = false) : \Zend_Ldap

Copies a LDAP entry from one DN to another subtree.

Parameters
NameTypeDescription
$fromstring | \Zend_Ldap_Dn
$tostring | \Zend_Ldap_Dn
$recursivelyboolean
Returns
TypeDescription
\Zend_LdapProvides a fluid interface
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpubliccount(string | \Zend_Ldap_Filter_Abstract $filter, string | \Zend_Ldap_Dn | null $basedn = null, integer $scope = self::SEARCH_SCOPE_SUB) : integer

Count items found by given filter.

Parameters
NameTypeDescription
$filterstring | \Zend_Ldap_Filter_Abstract
$basednstring | \Zend_Ldap_Dn | null
$scopeinteger
Returns
TypeDescription
integer
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpubliccountChildren(string | \Zend_Ldap_Dn $dn) : integer

Count children for a given DN.

Parameters
NameTypeDescription
$dnstring | \Zend_Ldap_Dn
Returns
TypeDescription
integer
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpublicdelete(string | \Zend_Ldap_Dn $dn, boolean $recursively = false) : \Zend_Ldap

Delete an LDAP entry

Parameters
NameTypeDescription
$dnstring | \Zend_Ldap_Dn
$recursivelyboolean
Returns
TypeDescription
\Zend_LdapProvides a fluid interface
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpublicdisconnect() : \Zend_Ldap

Returns
TypeDescription
\Zend_LdapProvides a fluent interface
methodpublicexists(string | \Zend_Ldap_Dn $dn) : boolean

Check if a given DN exists.

Parameters
NameTypeDescription
$dnstring | \Zend_Ldap_Dn
Returns
TypeDescription
boolean
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpublicexplodeDn(string $dn, array $keys = null, array $vals = null) : boolean
static

Parameters
NameTypeDescription
$dnstring

The DN to parse

$keysarray

An optional array to receive DN keys (e.g. CN, OU, DC, ...)

$valsarray

An optional array to receive DN values

Returns
TypeDescription
booleanTrue if the DN was successfully parsed or false if the string is not a valid DN.
Details
Deprecated
will be removed, use {@see Zend_Ldap_Dn::checkDn()}  
methodpublicfilterEscape(string $str) : string
static

Parameters
NameTypeDescription
$strstring

The string to escape.

Returns
TypeDescription
stringThe escaped string
Details
Deprecated
will be removed, use {@see Zend_Ldap_Filter_Abstract::escapeValue()}  
methodpublicgetBaseDn() : string

Gets the base DN under which objects of interest are located

Returns
TypeDescription
string
methodpublicgetBaseNode() : \Zend_Ldap_Node

Returns the base node as a Zend_Ldap_Node

Returns
TypeDescription
\Zend_Ldap_Node
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpublicgetBoundUser() : false | null | string

Get the currently bound user

FALSE if no user is bound to the LDAP resource NULL if there has been an anonymous bind username of the currently bound user
Returns
TypeDescription
false | null | string
methodpublicgetCanonicalAccountName(string $acctname,  $form = 0) : string

Parameters
NameTypeDescription
$acctnamestring

The name to canonicalize

$form
Returns
TypeDescription
stringThe canonicalized name in the desired form
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpublicgetEntry(string | \Zend_Ldap_Dn $dn, array $attributes = array(), boolean $throwOnNotFound = false) : array

Get LDAP entry by DN

Parameters
NameTypeDescription
$dnstring | \Zend_Ldap_Dn
$attributesarray
$throwOnNotFoundboolean
Returns
TypeDescription
array
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpublicgetLastError(int $errorCode = null, array $errorMessages = null) : string

Return the LDAP error message of the last LDAP command

Parameters
NameTypeDescription
$errorCodeint
$errorMessagesarray
Returns
TypeDescription
string
methodpublicgetLastErrorCode() : int

Return the LDAP error number of the last LDAP command

Returns
TypeDescription
int
methodpublicgetNode(string | \Zend_Ldap_Dn $dn) : \Zend_Ldap_Node | null

Returns the specified DN as a Zend_Ldap_Node

Parameters
NameTypeDescription
$dnstring | \Zend_Ldap_Dn
Returns
TypeDescription
\Zend_Ldap_Node | null
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpublicgetOptions() : array

Returns
TypeDescription
arrayThe current options.
methodpublicgetResource() : resource

Returns
TypeDescription
resourceThe raw LDAP extension resource.
methodpublicgetRootDse() : \Zend_Ldap_Node_RootDse

Returns the RootDSE

Returns
TypeDescription
\Zend_Ldap_Node_RootDse
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpublicgetSchema() : \Zend_Ldap_Node_Schema

Returns the schema

Returns
TypeDescription
\Zend_Ldap_Node_Schema
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpublicmove(string | \Zend_Ldap_Dn $from, string | \Zend_Ldap_Dn $to, boolean $recursively = false, boolean $alwaysEmulate = false) : \Zend_Ldap

Moves a LDAP entry from one DN to another DN.

This is an alias for {@link rename()}
Parameters
NameTypeDescription
$fromstring | \Zend_Ldap_Dn
$tostring | \Zend_Ldap_Dn
$recursivelyboolean
$alwaysEmulateboolean
Returns
TypeDescription
\Zend_LdapProvides a fluid interface
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpublicmoveToSubtree(string | \Zend_Ldap_Dn $from, string | \Zend_Ldap_Dn $to, boolean $recursively = false, boolean $alwaysEmulate = false) : \Zend_Ldap

Moves a LDAP entry from one DN to another subtree.

Parameters
NameTypeDescription
$fromstring | \Zend_Ldap_Dn
$tostring | \Zend_Ldap_Dn
$recursivelyboolean
$alwaysEmulateboolean
Returns
TypeDescription
\Zend_LdapProvides a fluid interface
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpublicprepareLdapEntryArray(array $entry) : void
static

Prepares an ldap data entry array for insert/update operation

Parameters
NameTypeDescription
$entryarray
Throws
ExceptionDescription
\InvalidArgumentException
methodpublicrename(string | \Zend_Ldap_Dn $from, string | \Zend_Ldap_Dn $to, boolean $recursively = false, boolean $alwaysEmulate = false) : \Zend_Ldap

Renames a LDAP entry from one DN to another DN.

This method implicitely moves the entry to another location within the tree.
Parameters
NameTypeDescription
$fromstring | \Zend_Ldap_Dn
$tostring | \Zend_Ldap_Dn
$recursivelyboolean
$alwaysEmulateboolean
Returns
TypeDescription
\Zend_LdapProvides a fluid interface
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpublicsave(string | \Zend_Ldap_Dn $dn, array $entry) : \Zend_Ldap

Save entry to LDAP registry.

Internally decides if entry will be updated to added by calling {@link exists()}.
Parameters
NameTypeDescription
$dnstring | \Zend_Ldap_Dn
$entryarray
Returns
TypeDescription
\Zend_LdapProvides a fluid interface
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpublicsearch(string | \Zend_Ldap_Filter_Abstract | array $filter, string | \Zend_Ldap_Dn | null $basedn = null, integer $scope = self::SEARCH_SCOPE_SUB, array $attributes = array(), string | null $sort = null, string | null $collectionClass = null, integer $sizelimit = 0, integer $timelimit = 0) : \Zend_Ldap_Collection

A global LDAP search routine for finding information.

Options can be either passed as single parameters according to the method signature or as an array with one or more of the following keys - filter - baseDn - scope - attributes - sort - collectionClass - sizelimit - timelimit
Parameters
NameTypeDescription
$filterstring | \Zend_Ldap_Filter_Abstract | array
$basednstring | \Zend_Ldap_Dn | null
$scopeinteger
$attributesarray
$sortstring | null
$collectionClassstring | null
$sizelimitinteger
$timelimitinteger
Returns
TypeDescription
\Zend_Ldap_Collection
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpublicsearchEntries(string | \Zend_Ldap_Filter_Abstract | array $filter, string | \Zend_Ldap_Dn | null $basedn = null, integer $scope = self::SEARCH_SCOPE_SUB, array $attributes = array(), string | null $sort = null, boolean $reverseSort = false, integer $sizelimit = 0, integer $timelimit = 0) : array

Search LDAP registry for entries matching filter and optional attributes

Options can be either passed as single parameters according to the method signature or as an array with one or more of the following keys - filter - baseDn - scope - attributes - sort - reverseSort - sizelimit - timelimit
Parameters
NameTypeDescription
$filterstring | \Zend_Ldap_Filter_Abstract | array
$basednstring | \Zend_Ldap_Dn | null
$scopeinteger
$attributesarray
$sortstring | null
$reverseSortboolean
$sizelimitinteger
$timelimitinteger
Returns
TypeDescription
array
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpublicsetOptions(array | \Zend_Config $options) : \Zend_Ldap

Sets the options used in connecting, binding, etc.

Valid option keys: host port useSsl username password bindRequiresDn baseDn accountCanonicalForm accountDomainName accountDomainNameShort accountFilterFormat allowEmptyPassword useStartTls optRefferals tryUsernameSplit
Parameters
NameTypeDescription
$optionsarray | \Zend_Config

Options used in connecting, binding, etc.

Returns
TypeDescription
\Zend_LdapProvides a fluent interface
Throws
ExceptionDescription
\Zend_Ldap_Exception
methodpublicupdate(string | \Zend_Ldap_Dn $dn, array $entry) : \Zend_Ldap

Update LDAP registry

Parameters
NameTypeDescription
$dnstring | \Zend_Ldap_Dn
$entryarray
Returns
TypeDescription
\Zend_LdapProvides a fluid interface
Throws
ExceptionDescription
\Zend_Ldap_Exception
Documentation was generated by phpDocumentor 2.2.0 .