Overview

Packages

  • Ldap

Classes

  • Horde_Ldap
  • Horde_Ldap_Entry
  • Horde_Ldap_Exception
  • Horde_Ldap_Filter
  • Horde_Ldap_Ldif
  • Horde_Ldap_RootDse
  • Horde_Ldap_Schema
  • Horde_Ldap_Search
  • Horde_Ldap_Util
  • Overview
  • Package
  • Class
  • Tree

Class Horde_Ldap_Util

Utility Class for Horde_Ldap

This class servers some functionality to the other classes of Horde_Ldap but most of the methods can be used separately as well.

Copyright 2009 Benedikt Hallinger Copyright 2010-2012 Horde LLC (http://www.horde.org/)

Package: Ldap
Category: Horde
License: LGPL-3.0
Author: Benedikt Hallinger beni@php.net
Author: Jan Schneider jan@horde.org
Located at Horde/Ldap/Util.php
Methods summary
public static array
# explodeDN( string $dn, array $options = array() )

Explodes the given DN into its elements

Explodes the given DN into its elements

RFC 2253 says, a Distinguished Name is a sequence of Relative Distinguished Names (RDNs), which themselves are sets of Attributes. For each RDN a array is constructed where the RDN part is stored.

For example, the DN 'OU=Sales+CN=J. Smith,DC=example,DC=net' is exploded to:

array(array('OU=Sales', 'CN=J. Smith'),
      'DC=example',
      'DC=net')

[NOT IMPLEMENTED] DNs might also contain values, which are the bytes of the BER encoding of the X.500 AttributeValue rather than some LDAP string syntax. These values are hex-encoded and prefixed with a #. To distinguish such BER values, explodeDN uses references to the actual values, e.g. '1.3.6.1.4.1.1466.0=#04024869,DC=example,DC=com' is exploded to: array(array('1.3.6.1.4.1.1466.0' => "\004\002Hi"), array('DC' => 'example', array('DC' => 'com')) See http://www.vijaymukhi.com/vmis/berldap.htm for more information on BER.

It also performs the following operations on the given DN: - Unescape "\" followed by ",", "+", """, "\", "<", ">", ";", "#", "=", " ", or a hexpair and strings beginning with "#". - Removes the leading 'OID.' characters if the type is an OID instead of a name. - If an RDN contains multiple parts, the parts are re-ordered so that the attribute type names are in alphabetical order.

$options is a list of name/value pairs, valid options are: - casefold: Controls case folding of attribute types names. Attribute values are not affected by this option. The default is to uppercase. Valid values are: - lower: Lowercase attribute types names. - upper: Uppercase attribute type names. This is the default. - none: Do not change attribute type names. - reverse: If true, the RDN sequence is reversed. - onlyvalues: If true, then only attributes values are returned ('foo' instead of 'cn=foo')

Parameters

$dn
The DN that should be exploded.
$options
Options to use.

Returns

array
Parts of the exploded DN.
public static array
# escapeDNValue( string|array $values )

Escapes DN values according to RFC 2253.

Escapes DN values according to RFC 2253.

Escapes the given VALUES according to RFC 2253 so that they can be safely used in LDAP DNs. The characters ",", "+", """, "\", "<", ">", ";", "#", "=" with a special meaning in RFC 2252 are preceeded by ba backslash. Control characters with an ASCII code < 32 are represented as \hexpair. Finally all leading and trailing spaces are converted to sequences of \20.

Parameters

$values
DN values that should be escaped.

Returns

array
The escaped values.
public static array
# unescapeDNValue( array $values )

Unescapes DN values according to RFC 2253.

Unescapes DN values according to RFC 2253.

Reverts the conversion done by escapeDNValue().

Any escape sequence starting with a baskslash - hexpair or special character - will be transformed back to the corresponding character.

Parameters

$values
DN values.

Returns

array
Unescaped DN values.
public static boolean|string
# canonicalDN( array|string $dn, array $options = array() )

Converts a DN into a canonical form.

Converts a DN into a canonical form.

DN can either be a string or an array as returned by explodeDN(), which is useful when constructing a DN. The DN array may have be indexed (each array value is a OCL=VALUE pair) or associative (array key is OCL and value is VALUE).

It performs the following operations on the given DN: - Removes the leading 'OID.' characters if the type is an OID instead of a name. - Escapes all RFC 2253 special characters (",", "+", """, "\", "<", ">", ";", "#", "="), slashes ("/"), and any other character where the ASCII code is < 32 as \hexpair. - Converts all leading and trailing spaces in values to be \20. - If an RDN contains multiple parts, the parts are re-ordered so that the attribute type names are in alphabetical order.

$options is a list of name/value pairs, valid options are:

  • casefold: Controls case folding of attribute type names. Attribute values are not affected by this option. The default is to uppercase. Valid values are: - lower: Lowercase attribute type names. - upper: Uppercase attribute type names. - none: Do not change attribute type names.
  • reverse: If true, the RDN sequence is reversed.
  • separator: Separator to use between RDNs. Defaults to comma (',').

The empty string "" is a valid DN, so be sure not to do a "$can_dn == false" test, because an empty string evaluates to false. Use the "===" operator instead.

Parameters

$dn
The DN.
$options
Options to use.

Returns

boolean|string
The canonical DN or false if the DN is not valid.
public static array
# escapeFilterValue( array $values )

Escapes the given values according to RFC 2254 so that they can be safely used in LDAP filters.

Escapes the given values according to RFC 2254 so that they can be safely used in LDAP filters.

Any control characters with an ACII code < 32 as well as the characters with special meaning in LDAP filters "*", "(", ")", and "\" (the backslash) are converted into the representation of a backslash followed by two hex digits representing the hexadecimal value of the character.

Parameters

$values
Values to escape.

Returns

array
Escaped values.
public static array
# unescapeFilterValue( array $values = array() )

Unescapes the given values according to RFC 2254.

Unescapes the given values according to RFC 2254.

Reverses the conversion done by Horde_Ldap_Util::escapeFilterValue().

Converts any sequences of a backslash followed by two hex digits into the corresponding character.

Parameters

$values
Values to unescape.

Returns

array
Unescaped values.
public static string
# asc2hex32( string $string )

Converts all ASCII chars < 32 to "\HEX".

Converts all ASCII chars < 32 to "\HEX".

Parameters

$string
String to convert.

Returns

string
Hexadecimal representation of $string.
public static string
# hex2asc( string $string )

Converts all hexadecimal expressions ("\HEX") to their original ASCII characters.

Converts all hexadecimal expressions ("\HEX") to their original ASCII characters.

Parameters

$string
String to convert.

Returns

string
ASCII representation of $string.

Author

beni@php.net, heavily based on work from DavidSmith@byu.net
public static array
# splitRDNMultivalue( string $rdn )

Splits a multivalued RDN value into an array.

Splits a multivalued RDN value into an array.

A RDN can contain multiple values, spearated by a plus sign. This method returns each separate ocl=value pair of the RDN part.

If no multivalued RDN is detected, an array containing only the original RDN part is returned.

For example, the multivalued RDN 'OU=Sales+CN=J. Smith' is exploded to: array([0] => 'OU=Sales', [1] => 'CN=J. Smith')

The method tries to be smart if it encounters unescaped "+" characters, but may fail, so better ensure escaped "+" in attribute names and values.

[BUG] If you have a multivalued RDN with unescaped plus characters and there is a unescaped plus sign at the end of an value followed by an attribute name containing an unescaped plus, then you will get wrong splitting: $rdn = 'OU=Sales+C+N=J. Smith'; returns: array('OU=Sales+C', 'N=J. Smith'); The "C+" is treaten as the value of the first pair instead of as the attribute name of the second pair. To prevent this, escape correctly.

Parameters

$rdn
<p>Part of a (multivalued) escaped RDN (e.g. ou=foo or ou=foo+cn=bar)</p>

Returns

array
The components of the multivalued RDN.
public static array
# splitAttributeString( string $attr )

Splits a attribute=value syntax into an array.

Splits a attribute=value syntax into an array.

The split will occur at the first unescaped '=' character.

Parameters

$attr
An attribute-value string.

Returns

array
Indexed array: 0=attribute name, 1=attribute value.
API documentation generated by ApiGen