[ Index ]

PHP Cross Reference of DokuWiki

title

Body

[close]

/lib/plugins/authad/adLDAP/classes/ -> adLDAPUtils.php (source)

   1  <?php
   2  /**
   3   * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY 
   4   * Version 4.0.4
   5   * 
   6   * PHP Version 5 with SSL and LDAP support
   7   * 
   8   * Written by Scott Barnett, Richard Hyland
   9   *   email: scott@wiggumworld.com, adldap@richardhyland.com
  10   *   http://adldap.sourceforge.net/
  11   * 
  12   * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland
  13   * 
  14   * We'd appreciate any improvements or additions to be submitted back
  15   * to benefit the entire community :)
  16   * 
  17   * This library is free software; you can redistribute it and/or
  18   * modify it under the terms of the GNU Lesser General Public
  19   * License as published by the Free Software Foundation; either
  20   * version 2.1 of the License.
  21   * 
  22   * This library is distributed in the hope that it will be useful,
  23   * but WITHOUT ANY WARRANTY; without even the implied warranty of
  24   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  25   * Lesser General Public License for more details.
  26   * 
  27   * @category ToolsAndUtilities
  28   * @package adLDAP
  29   * @subpackage Utils
  30   * @author Scott Barnett, Richard Hyland
  31   * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland
  32   * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1
  33   * @revision $Revision: 97 $
  34   * @version 4.0.4
  35   * @link http://adldap.sourceforge.net/
  36   */
  37  require_once(dirname(__FILE__) . '/../adLDAP.php');
  38  
  39  /**
  40  * UTILITY FUNCTIONS
  41  */
  42  class adLDAPUtils {
  43      const ADLDAP_VERSION = '4.0.4';
  44      
  45      /**
  46      * The current adLDAP connection via dependency injection
  47      * 
  48      * @var adLDAP
  49      */
  50      protected $adldap;
  51      
  52      public function __construct(adLDAP $adldap) {
  53          $this->adldap = $adldap;
  54      }
  55      
  56      
  57      /**
  58      * Take an LDAP query and return the nice names, without all the LDAP prefixes (eg. CN, DN)
  59      *
  60      * @param array $groups
  61      * @return array
  62      */
  63      public function niceNames($groups)
  64      {
  65  
  66          $groupArray = array();
  67          for ($i=0; $i<$groups["count"]; $i++){ // For each group
  68              $line = $groups[$i];
  69              
  70              if (strlen($line)>0) { 
  71                  // More presumptions, they're all prefixed with CN=
  72                  // so we ditch the first three characters and the group
  73                  // name goes up to the first comma
  74                  $bits=explode(",", $line);
  75                  $groupArray[] = substr($bits[0], 3, (strlen($bits[0])-3));
  76              }
  77          }
  78          return $groupArray;    
  79      }
  80      
  81      /**
  82      * Escape characters for use in an ldap_create function
  83      * 
  84      * @param string $str
  85      * @return string
  86      */
  87      public function escapeCharacters($str) {
  88          $str = str_replace(",", "\,", $str);
  89          return $str;
  90      }
  91      
  92      /**
  93      * Escape strings for the use in LDAP filters
  94      * 
  95      * DEVELOPERS SHOULD BE DOING PROPER FILTERING IF THEY'RE ACCEPTING USER INPUT
  96      * Ported from Perl's Net::LDAP::Util escape_filter_value
  97      *
  98      * @param string $str The string the parse
  99      * @author Port by Andreas Gohr <andi@splitbrain.org>
 100      * @return string
 101      */
 102      public function ldapSlashes($str) {
 103          // see https://github.com/adldap/adLDAP/issues/22
 104          return preg_replace_callback(
 105              '/([\x00-\x1F\*\(\)\\\\])/',
 106              function ($matches) {
 107                  return "\\".join("", unpack("H2", $matches[1]));
 108              },
 109              $str
 110          );
 111      }
 112      /**
 113      * Converts a string GUID to a hexdecimal value so it can be queried
 114      *
 115      * @param string $strGUID A string representation of a GUID
 116      * @return string
 117      */
 118      public function strGuidToHex($strGUID)
 119      {
 120          $strGUID = str_replace('-', '', $strGUID);
 121  
 122          $octet_str = '\\' . substr($strGUID, 6, 2);
 123          $octet_str .= '\\' . substr($strGUID, 4, 2);
 124          $octet_str .= '\\' . substr($strGUID, 2, 2);
 125          $octet_str .= '\\' . substr($strGUID, 0, 2);
 126          $octet_str .= '\\' . substr($strGUID, 10, 2);
 127          $octet_str .= '\\' . substr($strGUID, 8, 2);
 128          $octet_str .= '\\' . substr($strGUID, 14, 2);
 129          $octet_str .= '\\' . substr($strGUID, 12, 2);
 130          //$octet_str .= '\\' . substr($strGUID, 16, strlen($strGUID));
 131          for ($i=16; $i<=(strlen($strGUID)-2); $i++) {
 132              if (($i % 2) == 0) {
 133                  $octet_str .= '\\' . substr($strGUID, $i, 2);
 134              }
 135          }
 136          
 137          return $octet_str;
 138      }
 139      
 140      /**
 141      * Convert a binary SID to a text SID
 142      * 
 143      * @param string $binsid A Binary SID
 144      * @return string
 145      */
 146       public function getTextSID($binsid) {
 147          $hex_sid = bin2hex($binsid);
 148          $rev = hexdec(substr($hex_sid, 0, 2));
 149          $subcount = hexdec(substr($hex_sid, 2, 2));
 150          $auth = hexdec(substr($hex_sid, 4, 12));
 151          $result = "$rev-$auth";
 152  
 153          for ($x=0;$x < $subcount; $x++) {
 154              $subauth[$x] =
 155                  hexdec($this->littleEndian(substr($hex_sid, 16 + ($x * 8), 8)));
 156                  $result .= "-" . $subauth[$x];
 157          }
 158  
 159          // Cheat by tacking on the S-
 160          return 'S-' . $result;
 161       }
 162       
 163      /**
 164      * Converts a little-endian hex number to one that hexdec() can convert
 165      * 
 166      * @param string $hex A hex code
 167      * @return string
 168      */
 169       public function littleEndian($hex) 
 170       {
 171          $result = '';
 172          for ($x = strlen($hex) - 2; $x >= 0; $x = $x - 2) {
 173              $result .= substr($hex, $x, 2);
 174          }
 175          return $result;
 176       }
 177       
 178       /**
 179      * Converts a binary attribute to a string
 180      * 
 181      * @param string $bin A binary LDAP attribute
 182      * @return string
 183      */
 184      public function binaryToText($bin) 
 185      {
 186          $hex_guid = bin2hex($bin); 
 187          $hex_guid_to_guid_str = ''; 
 188          for($k = 1; $k <= 4; ++$k) { 
 189              $hex_guid_to_guid_str .= substr($hex_guid, 8 - 2 * $k, 2); 
 190          } 
 191          $hex_guid_to_guid_str .= '-'; 
 192          for($k = 1; $k <= 2; ++$k) { 
 193              $hex_guid_to_guid_str .= substr($hex_guid, 12 - 2 * $k, 2); 
 194          } 
 195          $hex_guid_to_guid_str .= '-'; 
 196          for($k = 1; $k <= 2; ++$k) { 
 197              $hex_guid_to_guid_str .= substr($hex_guid, 16 - 2 * $k, 2); 
 198          } 
 199          $hex_guid_to_guid_str .= '-' . substr($hex_guid, 16, 4); 
 200          $hex_guid_to_guid_str .= '-' . substr($hex_guid, 20); 
 201          return strtoupper($hex_guid_to_guid_str);   
 202      }
 203      
 204      /**
 205      * Converts a binary GUID to a string GUID
 206      * 
 207      * @param string $binaryGuid The binary GUID attribute to convert
 208      * @return string
 209      */
 210      public function decodeGuid($binaryGuid) 
 211      {
 212          if ($binaryGuid === null){ return "Missing compulsory field [binaryGuid]"; }
 213          
 214          $strGUID = $this->binaryToText($binaryGuid);          
 215          return $strGUID; 
 216      }
 217      
 218      /**
 219      * Convert a boolean value to a string
 220      * You should never need to call this yourself
 221      *
 222      * @param bool $bool Boolean value
 223      * @return string
 224      */
 225      public function boolToStr($bool) 
 226      {
 227          return ($bool) ? 'TRUE' : 'FALSE';
 228      }
 229      
 230      /**
 231      * Convert 8bit characters e.g. accented characters to UTF8 encoded characters
 232      */
 233      public function encode8Bit(&$item, $key) {
 234          $encode = false;
 235          if (is_string($item)) {
 236              for ($i=0; $i<strlen($item); $i++) {
 237                  if (ord($item[$i]) >> 7) {
 238                      $encode = true;
 239                  }
 240              }
 241          }
 242          if ($encode === true && $key != 'password') {
 243              $item = utf8_encode($item);   
 244          }
 245      }  
 246      
 247      /**
 248      * Get the current class version number
 249      * 
 250      * @return string
 251      */
 252      public function getVersion() {
 253          return self::ADLDAP_VERSION;
 254      }
 255      
 256      /**
 257      * Round a Windows timestamp down to seconds and remove the seconds between 1601-01-01 and 1970-01-01
 258      * 
 259      * @param long $windowsTime
 260      * @return long $unixTime
 261      */
 262      public static function convertWindowsTimeToUnixTime($windowsTime) {
 263        $unixTime = round($windowsTime / 10000000) - 11644477200; 
 264        return $unixTime; 
 265      }
 266  }
 267  
 268  ?>