PHP Classes
elePHPant
Icontem

File: SimpleLDAP.class.php

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Classes of Klaus Silveira  >  Simple LDAP  >  SimpleLDAP.class.php  >  Download  
File: SimpleLDAP.class.php
Role: Class source
Content type: text/plain
Description: SimpleLDAP library
Class: Simple LDAP
Manage the records of users in an LDAP server
Author: By
Last change:
Date: 4 years ago
Size: 7,377 bytes
 

Contents

Class file image Download
<?php
/**
 * SimpleLDAP
 *
 * An abstraction layer for LDAP server communication using PHP
 *
 * @author Klaus Silveira <contact@klaussilveira.com>
 * @package simpleldap
 * @license http://www.opensource.org/licenses/bsd-license.php BSD License
 * @version 0.1
 * @link http://github.com/klaussilveira/SimpleLDAP
 */
class SimpleLDAP {
   
   
/**
     * Holds the LDAP server connection
     *
     * @var resource
     * @access private
     */
   
private $ldap;
   
   
/**
     * Holds the default Distinguished Name. Ex.: ou=users,dc=demo,dc=com
     *
     * @var string
     * @access public
     */
   
public $dn;
   
   
/**
     * Holds the administrator-priviledge Distinguished Name and user. Ex.: cn=admin,dc=demo,dc=com
     *
     * @var string
     * @access public
     */
   
public $adn;
   
   
/**
     * Holds the administrator-priviledge user password. Ex.: 123456
     *
     * @var string
     * @access public
     */
   
public $apass;
   
   
/**
     * LDAP server connection
     *
     * In the constructor we initiate a connection with the specified LDAP server
     * and optionally allow the setup of LDAP protocol version
     *
     * @access public
     * @param string $hostname Hostname of your LDAP server
     * @param int $port Port of your LDAP server
     * @param int $protocol (optional) Protocol version of your LDAP server
     */
   
public function __construct($hostname, $port, $protocol = null) {
       
$this->ldap = ldap_connect($hostname, $port);
       
        if(
$protocol != null) {
           
ldap_set_option($this->ldap, LDAP_OPT_PROTOCOL_VERSION, $protocol);
        }
    }
   
   
/**
     * Bind as an administrator in the LDAP server
     *
     * Bind as an administrator in order to execute admin-only tasks,
     * such as add, modify and delete users from the directory.
     *
     * @access private
     * @return bool Returns if the bind was successful or not
     */
   
private function adminBind() {
       
$bind = ldap_bind($this->ldap, $this->adn, $this->apass);
        return
$bind;
    }
   
   
/**
     * Authenticate an user and return it's information
     *
     * In this method we authenticate an user in the LDAP server with the specified username and password
     * If successful, we return the user information. Otherwise, we'll return false and throw exceptions with error information
     *
     * @access public
     * @param string $user Username to be authenticated
     * @param string $password Password to be authenticated
     * @return mixed User information, as an array, on successful authentication, false on error
     */
   
public function auth($user, $password) {
       
/**
         * We bind using the provided information in order to check if the user exists
         * in the directory and his credentials are valid
         */
       
$bind = ldap_bind($this->ldap, "uid=$user," . $this->dn, $password);
       
        if(
$bind) {
       
           
/**
             * If the user is logged in, we bind as an administrator and search the directory
             * for the user information. If successful, we'll return that information as an array
             */
           
if($this->adminBind()) {
               
$search = ldap_search($this->ldap, "uid=$user," . $this->dn, "(uid=$user)");
               
                if(!
$search) {
                   
$error = ldap_errno($this->ldap) . ": " . ldap_error($this->ldap);
                    throw new
Exception($error);
                }
               
               
$data = ldap_get_entries($this->ldap, $search);
               
                if(!
$data) {
                   
$error = ldap_errno($this->ldap) . ": " . ldap_error($this->ldap);
                    throw new
Exception($error);
                }
               
                return
$data;
            } else {
               
$error = ldap_errno($this->ldap) . ": " . ldap_error($this->ldap);
                throw new
Exception($error);
                return
false;
            }
        } else {
           
$error = ldap_errno($this->ldap) . ": " . ldap_error($this->ldap);
            throw new
Exception($error);
            return
false;
        }
    }
   
   
/**
     * Get users based on a query
     *
     * Returns information from users within the directory that match a certain query
     *
     * @access public
     * @param string $filter The search filter used to query the directory. For more info, see: http://www.mozilla.org/directory/csdk-docs/filter.htm
     * @param array $attributes (optional) An array containing all the attributes you want to request
     * @return mixed Returns the information if successful or false on error
     */
   
public function getUsers($filter, $attributes = null) {
        if(
$this->adminBind()) {
            if(
$attributes !== null) {
               
$search = ldap_search($this->ldap, $this->dn, $filter, $attributes);
                if(!
$search) {
                   
$error = ldap_errno($this->ldap) . ": " . ldap_error($this->ldap);
                    throw new
Exception($error);
                    return
false;
                }
               
$data = ldap_get_entries($this->ldap, $search);
                return
$data;
            } else {
               
$search = ldap_search($this->ldap, $this->dn, $filter);
                if(!
$search) {
                   
$error = ldap_errno($this->ldap) . ": " . ldap_error($this->ldap);
                    throw new
Exception($error);
                    return
false;
                }
               
$data = ldap_get_entries($this->ldap, $search);
                return
$data;
            }
        } else {
           
$error = ldap_errno($this->ldap) . ": " . ldap_error($this->ldap);
            throw new
Exception($error);
            return
false;
        }
    }
   
   
/**
     * Inserts a new user in LDAP
     *
     * This method will take an array of information and create a new entry in the
     * LDAP directory using that information.
     *
     * @access public
     * @param string $uid Username that will be created
     * @param array $data Array of user information to be inserted
     * @return bool Returns true on success and false on error
     */
   
public function addUser($user, $data) {
        if(
$this->adminBind()) {
           
$add = ldap_add($this->ldap, "uid=$user," . $this->dn, $data);
            if(!
$add) {
               
$error = ldap_errno($this->ldap) . ": " . ldap_error($this->ldap);
                throw new
Exception($error);
                return
false;
            } else {
                return
true;
            }
        } else {
           
$error = ldap_errno($this->ldap) . ": " . ldap_error($this->ldap);
            throw new
Exception($error);
            return
false;
        }
    }
   
   
/**
     * Removes an existing user in LDAP
     *
     * This method will remove an existing user from the LDAP directory
     *
     * @access public
     * @param string $uid Username that will be removed
     * @return bool Returns true on success and false on error
     */
   
public function removeUser($user) {
        if(
$this->adminBind()) {
           
$delete = ldap_delete($this->ldap, "uid=$user," . $this->dn);
            if(!
$delete) {
               
$error = ldap_errno($this->ldap) . ": " . ldap_error($this->ldap);
                throw new
Exception($error);
                return
false;
            } else {
                return
true;
            }
        } else {
           
$error = ldap_errno($this->ldap) . ": " . ldap_error($this->ldap);
            throw new
Exception($error);
            return
false;
        }
    }
   
   
/**
     * Modifies an existing user in LDAP
     *
     * This method will take an array of information and modify an existing entry
     * in the LDAP directory using that information.
     *
     * @access public
     * @param string $uid Username that will be modified
     * @param array $data Array of user information to be modified
     * @return bool Returns true on success and false on error
     */
   
public function modifyUser($user, $data) {
        if(
$this->adminBind()) {
           
$modify = ldap_modify($this->ldap, "uid=$user," . $this->dn, $data);
            if(!
$modify) {
               
$error = ldap_errno($this->ldap) . ": " . ldap_error($this->ldap);
                throw new
Exception($error);
                return
false;
            } else {
                return
true;
            }
        } else {
           
$error = ldap_errno($this->ldap) . ": " . ldap_error($this->ldap);
            throw new
Exception($error);
            return
false;
        }
    }
   
   
/**
     * Close the LDAP connection
     *
     * @access public
     */
   
public function close() {
       
ldap_close($this->ldap);
    }
}