| commit | author | age | ||
| d1d2c4 | 1 | <?php |
| S | 2 | /* |
| 3 | +-----------------------------------------------------------------------+ | |
| 47124c | 4 | | program/include/rcube_ldap.php | |
| d1d2c4 | 5 | | | |
| e019f2 | 6 | | This file is part of the Roundcube Webmail client | |
| A | 7 | | Copyright (C) 2006-2009, Roundcube Dev. - Switzerland | |
| d1d2c4 | 8 | | Licensed under the GNU GPL | |
| S | 9 | | | |
| 10 | | PURPOSE: | | |
| f11541 | 11 | | Interface to an LDAP address directory | |
| d1d2c4 | 12 | | | |
| S | 13 | +-----------------------------------------------------------------------+ |
| f11541 | 14 | | Author: Thomas Bruederli <roundcube@gmail.com> | |
| d1d2c4 | 15 | +-----------------------------------------------------------------------+ |
| S | 16 | |
| 17 | $Id$ | |
| 18 | ||
| 19 | */ | |
| 20 | ||
| 6d969b | 21 | |
| T | 22 | /** |
| 23 | * Model class to access an LDAP address directory | |
| 24 | * | |
| 25 | * @package Addressbook | |
| 26 | */ | |
| cc97ea | 27 | class rcube_ldap extends rcube_addressbook |
| f11541 | 28 | { |
| d1d2c4 | 29 | var $conn; |
| f11541 | 30 | var $prop = array(); |
| T | 31 | var $fieldmap = array(); |
| 32 | ||
| 33 | var $filter = ''; | |
| 34 | var $result = null; | |
| 35 | var $ldap_result = null; | |
| 36 | var $sort_col = ''; | |
| 010274 | 37 | var $mail_domain = ''; |
| A | 38 | var $debug = false; |
| f11541 | 39 | |
| T | 40 | /** public properties */ |
| 41 | var $primary_key = 'ID'; | |
| 42 | var $readonly = true; | |
| 43 | var $list_page = 1; | |
| 44 | var $page_size = 10; | |
| 45 | var $ready = false; | |
| 46 | ||
| 47 | ||
| 48 | /** | |
| 49 | * Object constructor | |
| 50 | * | |
| 010274 | 51 | * @param array LDAP connection properties |
| A | 52 | * @param boolean Enables debug mode |
| 53 | * @param string Current user mail domain name | |
| f11541 | 54 | * @param integer User-ID |
| T | 55 | */ |
| 010274 | 56 | function __construct($p, $debug=false, $mail_domain=NULL) |
| f11541 | 57 | { |
| T | 58 | $this->prop = $p; |
| 6855ce | 59 | |
| f11541 | 60 | foreach ($p as $prop => $value) |
| T | 61 | if (preg_match('/^(.+)_field$/', $prop, $matches)) |
| 4368a0 | 62 | $this->fieldmap[$matches[1]] = $this->_attr_name(strtolower($value)); |
| A | 63 | |
| 380662 | 64 | // make sure 'required_fields' is an array |
| A | 65 | if (!is_array($this->prop['required_fields'])) |
| 66 | $this->prop['required_fields'] = (array) $this->prop['required_fields']; | |
| 67 | ||
| 4368a0 | 68 | foreach ($this->prop['required_fields'] as $key => $val) |
| A | 69 | $this->prop['required_fields'][$key] = $this->_attr_name(strtolower($val)); |
| 4f9c83 | 70 | |
| 0131ec | 71 | $this->sort_col = $p['sort']; |
| 010274 | 72 | $this->debug = $debug; |
| A | 73 | $this->mail_domain = $mail_domain; |
| 4f9c83 | 74 | |
| f11541 | 75 | $this->connect(); |
| d1d2c4 | 76 | } |
| S | 77 | |
| f11541 | 78 | |
| T | 79 | /** |
| 80 | * Establish a connection to the LDAP server | |
| 81 | */ | |
| 82 | function connect() | |
| 83 | { | |
| b9f9f1 | 84 | global $RCMAIL; |
| T | 85 | |
| f11541 | 86 | if (!function_exists('ldap_connect')) |
| 10eedb | 87 | raise_error(array('code' => 100, 'type' => 'ldap', |
| A | 88 | 'file' => __FILE__, 'line' => __LINE__, |
| 89 | 'message' => "No ldap support in this installation of PHP"), true); | |
| f11541 | 90 | |
| T | 91 | if (is_resource($this->conn)) |
| 92 | return true; | |
| 93 | ||
| 94 | if (!is_array($this->prop['hosts'])) | |
| 95 | $this->prop['hosts'] = array($this->prop['hosts']); | |
| 96 | ||
| 03b271 | 97 | if (empty($this->prop['ldap_version'])) |
| T | 98 | $this->prop['ldap_version'] = 3; |
| 99 | ||
| f11541 | 100 | foreach ($this->prop['hosts'] as $host) |
| T | 101 | { |
| bb8721 | 102 | $host = rcube_parse_host($host); |
| 010274 | 103 | $this->_debug("C: Connect [$host".($this->prop['port'] ? ':'.$this->prop['port'] : '')."]"); |
| A | 104 | |
| f11541 | 105 | if ($lc = @ldap_connect($host, $this->prop['port'])) |
| T | 106 | { |
| b4b31d | 107 | if ($this->prop['use_tls']===true) |
| T | 108 | if (!ldap_start_tls($lc)) |
| 109 | continue; | |
| cd6749 | 110 | |
| 010274 | 111 | $this->_debug("S: OK"); |
| A | 112 | |
| 03b271 | 113 | ldap_set_option($lc, LDAP_OPT_PROTOCOL_VERSION, $this->prop['ldap_version']); |
| f11541 | 114 | $this->prop['host'] = $host; |
| T | 115 | $this->conn = $lc; |
| 116 | break; | |
| 117 | } | |
| 010274 | 118 | $this->_debug("S: NOT OK"); |
| f11541 | 119 | } |
| T | 120 | |
| 121 | if (is_resource($this->conn)) | |
| e3caaf | 122 | { |
| f11541 | 123 | $this->ready = true; |
| 4f9c83 | 124 | |
| b9f9f1 | 125 | // User specific access, generate the proper values to use. |
| 0131ec | 126 | if ($this->prop['user_specific']) { |
| b9f9f1 | 127 | // No password set, use the session password |
| 4f9c83 | 128 | if (empty($this->prop['bind_pass'])) { |
| 2471d3 | 129 | $this->prop['bind_pass'] = $RCMAIL->decrypt($_SESSION['password']); |
| b9f9f1 | 130 | } |
| 4f9c83 | 131 | |
| S | 132 | // Get the pieces needed for variable replacement. |
| b9f9f1 | 133 | $fu = $RCMAIL->user->get_username(); |
| T | 134 | list($u, $d) = explode('@', $fu); |
| f76765 | 135 | $dc = 'dc='.strtr($d, array('.' => ',dc=')); // hierarchal domain string |
| A | 136 | |
| b9f9f1 | 137 | // Replace the bind_dn and base_dn variables. |
| f76765 | 138 | $replaces = array('%dc' => $dc, '%d' => $d, '%fu' => $fu, '%u' => $u); |
| b9f9f1 | 139 | $this->prop['bind_dn'] = strtr($this->prop['bind_dn'], $replaces); |
| T | 140 | $this->prop['base_dn'] = strtr($this->prop['base_dn'], $replaces); |
| 141 | } | |
| f76765 | 142 | |
| b9f9f1 | 143 | if (!empty($this->prop['bind_dn']) && !empty($this->prop['bind_pass'])) |
| e3caaf | 144 | $this->ready = $this->bind($this->prop['bind_dn'], $this->prop['bind_pass']); |
| T | 145 | } |
| f11541 | 146 | else |
| 10eedb | 147 | raise_error(array('code' => 100, 'type' => 'ldap', |
| A | 148 | 'file' => __FILE__, 'line' => __LINE__, |
| 149 | 'message' => "Could not connect to any LDAP server, last tried $host:{$this->prop[port]}"), true); | |
| 4f9c83 | 150 | |
| S | 151 | // See if the directory is writeable. |
| 152 | if ($this->prop['writable']) { | |
| 153 | $this->readonly = false; | |
| 154 | } // end if | |
| 155 | ||
| f11541 | 156 | } |
| T | 157 | |
| 158 | ||
| 159 | /** | |
| e3caaf | 160 | * Bind connection with DN and password |
| 6d969b | 161 | * |
| T | 162 | * @param string Bind DN |
| 163 | * @param string Bind password | |
| 164 | * @return boolean True on success, False on error | |
| f11541 | 165 | */ |
| e3caaf | 166 | function bind($dn, $pass) |
| f11541 | 167 | { |
| 736307 | 168 | if (!$this->conn) { |
| e3caaf | 169 | return false; |
| 736307 | 170 | } |
| e3caaf | 171 | |
| 010274 | 172 | $this->_debug("C: Bind [dn: $dn] [pass: $pass]"); |
| A | 173 | |
| b4b31d | 174 | if (@ldap_bind($this->conn, $dn, $pass)) { |
| 010274 | 175 | $this->_debug("S: OK"); |
| e3caaf | 176 | return true; |
| 736307 | 177 | } |
| 010274 | 178 | |
| A | 179 | $this->_debug("S: ".ldap_error($this->conn)); |
| 736307 | 180 | |
| T | 181 | raise_error(array( |
| 10eedb | 182 | 'code' => ldap_errno($this->conn), 'type' => 'ldap', |
| A | 183 | 'file' => __FILE__, 'line' => __LINE__, |
| e3caaf | 184 | 'message' => "Bind failed for dn=$dn: ".ldap_error($this->conn)), |
| 736307 | 185 | true); |
| T | 186 | |
| e3caaf | 187 | return false; |
| T | 188 | } |
| f11541 | 189 | |
| T | 190 | |
| 191 | /** | |
| 192 | * Close connection to LDAP server | |
| 193 | */ | |
| 194 | function close() | |
| 195 | { | |
| 196 | if ($this->conn) | |
| 6b603d | 197 | { |
| 010274 | 198 | $this->_debug("C: Close"); |
| 0131ec | 199 | ldap_unbind($this->conn); |
| 6b603d | 200 | $this->conn = null; |
| T | 201 | } |
| f11541 | 202 | } |
| T | 203 | |
| 204 | ||
| 205 | /** | |
| 206 | * Set internal list page | |
| 207 | * | |
| 208 | * @param number Page number to list | |
| 209 | * @access public | |
| 210 | */ | |
| 211 | function set_page($page) | |
| 212 | { | |
| 213 | $this->list_page = (int)$page; | |
| 214 | } | |
| 215 | ||
| 216 | ||
| 217 | /** | |
| 218 | * Set internal page size | |
| 219 | * | |
| 220 | * @param number Number of messages to display on one page | |
| 221 | * @access public | |
| 222 | */ | |
| 223 | function set_pagesize($size) | |
| 224 | { | |
| 225 | $this->page_size = (int)$size; | |
| 226 | } | |
| 227 | ||
| 228 | ||
| 229 | /** | |
| 230 | * Save a search string for future listings | |
| 231 | * | |
| 6d969b | 232 | * @param string Filter string |
| f11541 | 233 | */ |
| T | 234 | function set_search_set($filter) |
| 235 | { | |
| 236 | $this->filter = $filter; | |
| 237 | } | |
| 238 | ||
| 239 | ||
| 240 | /** | |
| 241 | * Getter for saved search properties | |
| 242 | * | |
| 243 | * @return mixed Search properties used by this class | |
| 244 | */ | |
| 245 | function get_search_set() | |
| 246 | { | |
| 247 | return $this->filter; | |
| 248 | } | |
| 249 | ||
| 250 | ||
| 251 | /** | |
| 252 | * Reset all saved results and search parameters | |
| 253 | */ | |
| 254 | function reset() | |
| 255 | { | |
| 256 | $this->result = null; | |
| 257 | $this->ldap_result = null; | |
| 258 | $this->filter = ''; | |
| 259 | } | |
| 260 | ||
| 261 | ||
| 262 | /** | |
| 263 | * List the current set of contact records | |
| 264 | * | |
| 265 | * @param array List of cols to show | |
| 4f9c83 | 266 | * @param int Only return this number of records |
| f11541 | 267 | * @return array Indexed list of contact records, each a hash array |
| T | 268 | */ |
| 269 | function list_records($cols=null, $subset=0) | |
| 270 | { | |
| 6b603d | 271 | // add general filter to query |
| 3c884a | 272 | if (!empty($this->prop['filter']) && empty($this->filter)) |
| 6b603d | 273 | { |
| T | 274 | $filter = $this->prop['filter']; |
| 275 | $this->set_search_set($filter); | |
| 276 | } | |
| 08ff05 | 277 | |
| f11541 | 278 | // exec LDAP search if no result resource is stored |
| T | 279 | if ($this->conn && !$this->ldap_result) |
| 280 | $this->_exec_search(); | |
| 281 | ||
| 282 | // count contacts for this user | |
| 283 | $this->result = $this->count(); | |
| 0131ec | 284 | |
| f11541 | 285 | // we have a search result resource |
| T | 286 | if ($this->ldap_result && $this->result->count > 0) |
| 287 | { | |
| 0131ec | 288 | if ($this->sort_col && $this->prop['scope'] !== 'base') |
| A | 289 | ldap_sort($this->conn, $this->ldap_result, $this->sort_col); |
| 4f9c83 | 290 | |
| S | 291 | $start_row = $subset < 0 ? $this->result->first + $this->page_size + $subset : $this->result->first; |
| 292 | $last_row = $this->result->first + $this->page_size; | |
| 293 | $last_row = $subset != 0 ? $start_row + abs($subset) : $last_row; | |
| 294 | ||
| f11541 | 295 | $entries = ldap_get_entries($this->conn, $this->ldap_result); |
| 4f9c83 | 296 | for ($i = $start_row; $i < min($entries['count'], $last_row); $i++) |
| f11541 | 297 | $this->result->add($this->_ldap2result($entries[$i])); |
| T | 298 | } |
| 299 | ||
| 300 | return $this->result; | |
| 301 | } | |
| 302 | ||
| 303 | ||
| 304 | /** | |
| 305 | * Search contacts | |
| 306 | * | |
| 307 | * @param array List of fields to search in | |
| 308 | * @param string Search value | |
| eb27aa | 309 | * @param boolean True for strict, False for partial (fuzzy) matching |
| f11541 | 310 | * @param boolean True if results are requested, False if count only |
| 25fdec | 311 | * @param boolean (Not used) |
| A | 312 | * @param array List of fields that cannot be empty |
| 6d969b | 313 | * @return array Indexed list of contact records and 'count' value |
| f11541 | 314 | */ |
| 25fdec | 315 | function search($fields, $value, $strict=false, $select=true, $nocount=false, $required=array()) |
| f11541 | 316 | { |
| T | 317 | // special treatment for ID-based search |
| 318 | if ($fields == 'ID' || $fields == $this->primary_key) | |
| 319 | { | |
| 320 | $ids = explode(',', $value); | |
| 321 | $result = new rcube_result_set(); | |
| 322 | foreach ($ids as $id) | |
| 323 | if ($rec = $this->get_record($id, true)) | |
| 324 | { | |
| 325 | $result->add($rec); | |
| 326 | $result->count++; | |
| 327 | } | |
| 328 | ||
| 329 | return $result; | |
| 330 | } | |
| 331 | ||
| 332 | $filter = '(|'; | |
| 3fc00e | 333 | $wc = !$strict && $this->prop['fuzzy_search'] ? '*' : ''; |
| f11541 | 334 | if (is_array($this->prop['search_fields'])) |
| T | 335 | { |
| 336 | foreach ($this->prop['search_fields'] as $k => $field) | |
| 337 | $filter .= "($field=$wc" . rcube_ldap::quote_string($value) . "$wc)"; | |
| 338 | } | |
| 339 | else | |
| 340 | { | |
| 341 | foreach ((array)$fields as $field) | |
| 342 | if ($f = $this->_map_field($field)) | |
| 343 | $filter .= "($f=$wc" . rcube_ldap::quote_string($value) . "$wc)"; | |
| 344 | } | |
| 345 | $filter .= ')'; | |
| 25fdec | 346 | |
| A | 347 | // add required (non empty) fields filter |
| 348 | $req_filter = ''; | |
| 349 | foreach ((array)$required as $field) | |
| 350 | if ($f = $this->_map_field($field)) | |
| 351 | $req_filter .= "($f=*)"; | |
| 352 | ||
| 353 | if (!empty($req_filter)) | |
| 354 | $filter = '(&' . $req_filter . $filter . ')'; | |
| 355 | ||
| 72c722 | 356 | // avoid double-wildcard if $value is empty |
| T | 357 | $filter = preg_replace('/\*+/', '*', $filter); |
| 25fdec | 358 | |
| e3caaf | 359 | // add general filter to query |
| T | 360 | if (!empty($this->prop['filter'])) |
| 72c722 | 361 | $filter = '(&(' . preg_replace('/^\(|\)$/', '', $this->prop['filter']) . ')' . $filter . ')'; |
| f11541 | 362 | |
| T | 363 | // set filter string and execute search |
| 364 | $this->set_search_set($filter); | |
| 365 | $this->_exec_search(); | |
| 366 | ||
| 367 | if ($select) | |
| 368 | $this->list_records(); | |
| 369 | else | |
| 370 | $this->result = $this->count(); | |
| 371 | ||
| 372 | return $this->result; | |
| 373 | } | |
| 374 | ||
| 375 | ||
| 376 | /** | |
| 377 | * Count number of available contacts in database | |
| 378 | * | |
| 6d969b | 379 | * @return object rcube_result_set Resultset with values for 'count' and 'first' |
| f11541 | 380 | */ |
| 2b8207 | 381 | function count() |
| f11541 | 382 | { |
| T | 383 | $count = 0; |
| 4f9c83 | 384 | if ($this->conn && $this->ldap_result) { |
| f11541 | 385 | $count = ldap_count_entries($this->conn, $this->ldap_result); |
| 4f9c83 | 386 | } // end if |
| S | 387 | elseif ($this->conn) { |
| 388 | // We have a connection but no result set, attempt to get one. | |
| 389 | if (empty($this->filter)) { | |
| 390 | // The filter is not set, set it. | |
| 391 | $this->filter = $this->prop['filter']; | |
| 392 | } // end if | |
| 393 | $this->_exec_search(); | |
| 394 | if ($this->ldap_result) { | |
| 395 | $count = ldap_count_entries($this->conn, $this->ldap_result); | |
| 396 | } // end if | |
| 397 | } // end else | |
| f11541 | 398 | |
| T | 399 | return new rcube_result_set($count, ($this->list_page-1) * $this->page_size); |
| 400 | } | |
| 401 | ||
| 402 | ||
| 403 | /** | |
| 404 | * Return the last result set | |
| 405 | * | |
| 6d969b | 406 | * @return object rcube_result_set Current resultset or NULL if nothing selected yet |
| f11541 | 407 | */ |
| T | 408 | function get_result() |
| 409 | { | |
| 410 | return $this->result; | |
| 411 | } | |
| 412 | ||
| 413 | ||
| 414 | /** | |
| 415 | * Get a specific contact record | |
| 416 | * | |
| 6d969b | 417 | * @param mixed Record identifier |
| T | 418 | * @param boolean Return as associative array |
| 419 | * @return mixed Hash array or rcube_result_set with all record fields | |
| f11541 | 420 | */ |
| T | 421 | function get_record($dn, $assoc=false) |
| 422 | { | |
| 423 | $res = null; | |
| 424 | if ($this->conn && $dn) | |
| 425 | { | |
| 100440 | 426 | $dn = base64_decode($dn); |
| A | 427 | |
| 428 | $this->_debug("C: Read [dn: $dn] [(objectclass=*)]"); | |
| 010274 | 429 | |
| 100440 | 430 | if ($this->ldap_result = @ldap_read($this->conn, $dn, '(objectclass=*)', array_values($this->fieldmap))) |
| 4aaecb | 431 | $entry = ldap_first_entry($this->conn, $this->ldap_result); |
| 010274 | 432 | else |
| A | 433 | $this->_debug("S: ".ldap_error($this->conn)); |
| 0131ec | 434 | |
| f11541 | 435 | if ($entry && ($rec = ldap_get_attributes($this->conn, $entry))) |
| T | 436 | { |
| 010274 | 437 | $this->_debug("S: OK"); |
| A | 438 | |
| 0131ec | 439 | $rec = array_change_key_case($rec, CASE_LOWER); |
| A | 440 | |
| 4f9c83 | 441 | // Add in the dn for the entry. |
| 100440 | 442 | $rec['dn'] = $dn; |
| f11541 | 443 | $res = $this->_ldap2result($rec); |
| T | 444 | $this->result = new rcube_result_set(1); |
| 445 | $this->result->add($res); | |
| 446 | } | |
| 447 | } | |
| 448 | ||
| 449 | return $assoc ? $res : $this->result; | |
| 450 | } | |
| 451 | ||
| 452 | ||
| 453 | /** | |
| 454 | * Create a new contact record | |
| 455 | * | |
| 6d969b | 456 | * @param array Hash array with save data |
| 4f9c83 | 457 | * @return encoded record ID on success, False on error |
| f11541 | 458 | */ |
| T | 459 | function insert($save_cols) |
| 460 | { | |
| 4f9c83 | 461 | // Map out the column names to their LDAP ones to build the new entry. |
| S | 462 | $newentry = array(); |
| 0131ec | 463 | $newentry['objectClass'] = $this->prop['LDAP_Object_Classes']; |
| 4f9c83 | 464 | foreach ($save_cols as $col => $val) { |
| S | 465 | $fld = $this->_map_field($col); |
| b4fa59 | 466 | if ($fld && $val) { |
| 4f9c83 | 467 | // The field does exist, add it to the entry. |
| S | 468 | $newentry[$fld] = $val; |
| 469 | } // end if | |
| 470 | } // end foreach | |
| 471 | ||
| 472 | // Verify that the required fields are set. | |
| 473 | // We know that the email address is required as a default of rcube, so | |
| 474 | // we will default its value into any unfilled required fields. | |
| 0131ec | 475 | foreach ($this->prop['required_fields'] as $fld) { |
| 4f9c83 | 476 | if (!isset($newentry[$fld])) { |
| 0131ec | 477 | $newentry[$fld] = $newentry[$this->_map_field('email')]; |
| 4f9c83 | 478 | } // end if |
| S | 479 | } // end foreach |
| 480 | ||
| 481 | // Build the new entries DN. | |
| 100440 | 482 | $dn = $this->prop['LDAP_rdn'].'='.rcube_ldap::quote_string($newentry[$this->prop['LDAP_rdn']], true) |
| A | 483 | .','.$this->prop['base_dn']; |
| 010274 | 484 | |
| A | 485 | $this->_debug("C: Add [dn: $dn]: ".print_r($newentry, true)); |
| 486 | ||
| 0131ec | 487 | $res = ldap_add($this->conn, $dn, $newentry); |
| 4f9c83 | 488 | if ($res === FALSE) { |
| 010274 | 489 | $this->_debug("S: ".ldap_error($this->conn)); |
| 4f9c83 | 490 | return false; |
| S | 491 | } // end if |
| 010274 | 492 | |
| A | 493 | $this->_debug("S: OK"); |
| 4f9c83 | 494 | |
| S | 495 | return base64_encode($dn); |
| f11541 | 496 | } |
| T | 497 | |
| 498 | ||
| 499 | /** | |
| 500 | * Update a specific contact record | |
| 501 | * | |
| 502 | * @param mixed Record identifier | |
| 6d969b | 503 | * @param array Hash array with save data |
| T | 504 | * @return boolean True on success, False on error |
| f11541 | 505 | */ |
| T | 506 | function update($id, $save_cols) |
| 507 | { | |
| 4f9c83 | 508 | $record = $this->get_record($id, true); |
| S | 509 | $result = $this->get_result(); |
| 510 | $record = $result->first(); | |
| 511 | ||
| 512 | $newdata = array(); | |
| 513 | $replacedata = array(); | |
| 514 | $deletedata = array(); | |
| 515 | foreach ($save_cols as $col => $val) { | |
| 516 | $fld = $this->_map_field($col); | |
| b4fa59 | 517 | if ($fld) { |
| 4f9c83 | 518 | // The field does exist compare it to the ldap record. |
| S | 519 | if ($record[$col] != $val) { |
| 520 | // Changed, but find out how. | |
| 521 | if (!isset($record[$col])) { | |
| 522 | // Field was not set prior, need to add it. | |
| 523 | $newdata[$fld] = $val; | |
| 524 | } // end if | |
| 0131ec | 525 | elseif ($val == '') { |
| 4f9c83 | 526 | // Field supplied is empty, verify that it is not required. |
| 0131ec | 527 | if (!in_array($fld, $this->prop['required_fields'])) { |
| 4f9c83 | 528 | // It is not, safe to clear. |
| S | 529 | $deletedata[$fld] = $record[$col]; |
| 530 | } // end if | |
| 531 | } // end elseif | |
| 532 | else { | |
| 533 | // The data was modified, save it out. | |
| 534 | $replacedata[$fld] = $val; | |
| 535 | } // end else | |
| 536 | } // end if | |
| 537 | } // end if | |
| 538 | } // end foreach | |
| 539 | ||
| 540 | $dn = base64_decode($id); | |
| e83f03 | 541 | |
| A | 542 | // Update the entry as required. |
| 4f9c83 | 543 | if (!empty($deletedata)) { |
| S | 544 | // Delete the fields. |
| 010274 | 545 | $this->_debug("C: Delete [dn: $dn]: ".print_r($deletedata, true)); |
| A | 546 | if (!ldap_mod_del($this->conn, $dn, $deletedata)) { |
| 547 | $this->_debug("S: ".ldap_error($this->conn)); | |
| 4f9c83 | 548 | return false; |
| 010274 | 549 | } |
| A | 550 | $this->_debug("S: OK"); |
| 4f9c83 | 551 | } // end if |
| S | 552 | |
| 553 | if (!empty($replacedata)) { | |
| e83f03 | 554 | // Handle RDN change |
| A | 555 | if ($replacedata[$this->prop['LDAP_rdn']]) { |
| 100440 | 556 | $newdn = $this->prop['LDAP_rdn'].'=' |
| A | 557 | .rcube_ldap::quote_string($replacedata[$this->prop['LDAP_rdn']], true) |
| 558 | .','.$this->prop['base_dn']; | |
| e83f03 | 559 | if ($dn != $newdn) { |
| 100440 | 560 | $newrdn = $this->prop['LDAP_rdn'].'=' |
| A | 561 | .rcube_ldap::quote_string($replacedata[$this->prop['LDAP_rdn']], true); |
| e83f03 | 562 | unset($replacedata[$this->prop['LDAP_rdn']]); |
| A | 563 | } |
| 564 | } | |
| 4f9c83 | 565 | // Replace the fields. |
| e83f03 | 566 | if (!empty($replacedata)) { |
| 010274 | 567 | $this->_debug("C: Replace [dn: $dn]: ".print_r($replacedata, true)); |
| A | 568 | if (!ldap_mod_replace($this->conn, $dn, $replacedata)) { |
| 569 | $this->_debug("S: ".ldap_error($this->conn)); | |
| e83f03 | 570 | return false; |
| 010274 | 571 | } |
| A | 572 | $this->_debug("S: OK"); |
| 4f9c83 | 573 | } // end if |
| S | 574 | } // end if |
| 575 | ||
| 576 | if (!empty($newdata)) { | |
| 577 | // Add the fields. | |
| 010274 | 578 | $this->_debug("C: Add [dn: $dn]: ".print_r($newdata, true)); |
| A | 579 | if (!ldap_mod_add($this->conn, $dn, $newdata)) { |
| 580 | $this->_debug("S: ".ldap_error($this->conn)); | |
| 4f9c83 | 581 | return false; |
| 010274 | 582 | } |
| A | 583 | $this->_debug("S: OK"); |
| 4f9c83 | 584 | } // end if |
| S | 585 | |
| e83f03 | 586 | // Handle RDN change |
| A | 587 | if (!empty($newrdn)) { |
| 010274 | 588 | $this->_debug("C: Rename [dn: $dn] [dn: $newrdn]"); |
| A | 589 | if (@ldap_rename($this->conn, $dn, $newrdn, NULL, TRUE)) { |
| 590 | $this->_debug("S: ".ldap_error($this->conn)); | |
| e83f03 | 591 | return base64_encode($newdn); |
| 010274 | 592 | } |
| A | 593 | $this->_debug("S: OK"); |
| e83f03 | 594 | } |
| A | 595 | |
| 4f9c83 | 596 | return true; |
| f11541 | 597 | } |
| T | 598 | |
| 599 | ||
| 600 | /** | |
| 601 | * Mark one or more contact records as deleted | |
| 602 | * | |
| 603 | * @param array Record identifiers | |
| 6d969b | 604 | * @return boolean True on success, False on error |
| f11541 | 605 | */ |
| T | 606 | function delete($ids) |
| 607 | { | |
| 4f9c83 | 608 | if (!is_array($ids)) { |
| S | 609 | // Not an array, break apart the encoded DNs. |
| 0131ec | 610 | $dns = explode(',', $ids); |
| 4f9c83 | 611 | } // end if |
| S | 612 | |
| 613 | foreach ($dns as $id) { | |
| 614 | $dn = base64_decode($id); | |
| 010274 | 615 | $this->_debug("C: Delete [dn: $dn]"); |
| 4f9c83 | 616 | // Delete the record. |
| 0131ec | 617 | $res = ldap_delete($this->conn, $dn); |
| 4f9c83 | 618 | if ($res === FALSE) { |
| 010274 | 619 | $this->_debug("S: ".ldap_error($this->conn)); |
| 4f9c83 | 620 | return false; |
| S | 621 | } // end if |
| 010274 | 622 | $this->_debug("S: OK"); |
| 4f9c83 | 623 | } // end foreach |
| S | 624 | |
| b24f2c | 625 | return count($dns); |
| f11541 | 626 | } |
| T | 627 | |
| 628 | ||
| 629 | /** | |
| 630 | * Execute the LDAP search based on the stored credentials | |
| 631 | * | |
| 6d969b | 632 | * @access private |
| f11541 | 633 | */ |
| 4368a0 | 634 | private function _exec_search() |
| f11541 | 635 | { |
| 08ff05 | 636 | if ($this->ready) |
| f11541 | 637 | { |
| 08ff05 | 638 | $filter = $this->filter ? $this->filter : '(objectclass=*)'; |
| f11541 | 639 | $function = $this->prop['scope'] == 'sub' ? 'ldap_search' : ($this->prop['scope'] == 'base' ? 'ldap_read' : 'ldap_list'); |
| 4aaecb | 640 | |
| 010274 | 641 | $this->_debug("C: Search [".$filter."]"); |
| A | 642 | |
| 93c018 | 643 | if ($this->ldap_result = @$function($this->conn, $this->prop['base_dn'], $filter, |
| A | 644 | array_values($this->fieldmap), 0, (int) $this->prop['sizelimit'], (int) $this->prop['timelimit']) |
| 645 | ) { | |
| 010274 | 646 | $this->_debug("S: ".ldap_count_entries($this->conn, $this->ldap_result)." record(s)"); |
| 4aaecb | 647 | return true; |
| 010274 | 648 | } else |
| A | 649 | $this->_debug("S: ".ldap_error($this->conn)); |
| f11541 | 650 | } |
| 4aaecb | 651 | |
| A | 652 | return false; |
| f11541 | 653 | } |
| T | 654 | |
| 655 | ||
| 656 | /** | |
| 6d969b | 657 | * @access private |
| f11541 | 658 | */ |
| 4368a0 | 659 | private function _ldap2result($rec) |
| f11541 | 660 | { |
| ea18c5 | 661 | global $RCMAIL; |
| A | 662 | |
| f11541 | 663 | $out = array(); |
| T | 664 | |
| 665 | if ($rec['dn']) | |
| 666 | $out[$this->primary_key] = base64_encode($rec['dn']); | |
| 667 | ||
| 668 | foreach ($this->fieldmap as $rf => $lf) | |
| 669 | { | |
| ea18c5 | 670 | if ($rec[$lf]['count']) { |
| 4fc7a7 | 671 | if ($rf == 'email' && $this->mail_domain && !strpos($rec[$lf][0], '@')) |
| 010274 | 672 | $out[$rf] = sprintf('%s@%s', $rec[$lf][0], $this->mail_domain); |
| ea18c5 | 673 | else |
| A | 674 | $out[$rf] = $rec[$lf][0]; |
| 675 | } | |
| f11541 | 676 | } |
| T | 677 | |
| 678 | return $out; | |
| 679 | } | |
| 680 | ||
| 681 | ||
| 682 | /** | |
| 6d969b | 683 | * @access private |
| f11541 | 684 | */ |
| 4368a0 | 685 | private function _map_field($field) |
| f11541 | 686 | { |
| T | 687 | return $this->fieldmap[$field]; |
| 688 | } | |
| 689 | ||
| 690 | ||
| 691 | /** | |
| 4368a0 | 692 | * @access private |
| A | 693 | */ |
| 694 | private function _attr_name($name) | |
| 695 | { | |
| 696 | // list of known attribute aliases | |
| 697 | $aliases = array( | |
| 698 | 'gn' => 'givenname', | |
| 5ffceb | 699 | 'rfc822mailbox' => 'email', |
| 4368a0 | 700 | 'userid' => 'uid', |
| A | 701 | 'emailaddress' => 'email', |
| 702 | 'pkcs9email' => 'email', | |
| 703 | ); | |
| 704 | return isset($aliases[$name]) ? $aliases[$name] : $name; | |
| 705 | } | |
| 706 | ||
| 707 | ||
| 708 | /** | |
| 010274 | 709 | * @access private |
| A | 710 | */ |
| 711 | private function _debug($str) | |
| 712 | { | |
| 713 | if ($this->debug) | |
| 714 | write_log('ldap', $str); | |
| 715 | } | |
| 716 | ||
| 717 | ||
| 718 | /** | |
| f11541 | 719 | * @static |
| T | 720 | */ |
| 100440 | 721 | function quote_string($str, $dn=false) |
| f11541 | 722 | { |
| 100440 | 723 | if ($dn) |
| A | 724 | $replace = array(','=>'\2c', '='=>'\3d', '+'=>'\2b', '<'=>'\3c', |
| 725 | '>'=>'\3e', ';'=>'\3b', '\\'=>'\5c', '"'=>'\22', '#'=>'\23'); | |
| 726 | else | |
| 727 | $replace = array('*'=>'\2a', '('=>'\28', ')'=>'\29', '\\'=>'\5c', | |
| 728 | '/'=>'\2f'); | |
| 729 | ||
| 730 | return strtr($str, $replace); | |
| f11541 | 731 | } |
| T | 732 | |
| 733 | } | |
| 734 | ||
