StatusMessage
_get_raw_schema
_get_schema_dn
add_aliases_to_attrs
add_sup_to_attrs
array_delete
boldText
cached_schema_available
checkClientIP
checkIfDeleteEntriesIsAllowed
checkIfNewEntriesAreAllowed
checkIfPasswordChangeIsAllowed
checkIfToolIsActive
checkIfWriteAccessIsAllowed
checkPasswordStrength
cleanLDAPResult
colorText
compareDN
deobfuscateText
escapeDN
extractDNSuffix
extractRDNAttribute
extractRDNValue
formatLDAPTimestamp
generateRandomPassword
generateSalt
getAbstractDN
getLastLDAPError
getSupportedHashTypes
get_cached_schema
get_preg
get_schema_attribute
get_schema_attributes
get_schema_matching_rules
get_schema_objectclass
get_schema_objectclasses
get_schema_syntaxes
getdays
in_array_ignore_case
isObfuscatedText
ldapGetDN
linkText
lmPassword
logNewMessage
logoffAndBackToLoginPage
ntPassword
obfuscateText
parseMessageString
pwd_disable
pwd_enable
pwd_hash
pwd_is_enabled
pwd_is_lockable
searchLDAP
searchLDAPByAttribute
searchLDAPByFilter
search_domains
sendPasswordMail
set_cached_schema
set_schema_cache_unavailable
smbflag
startSecureSession
SCHEMA_SESSION_CACHE_ENABLED
StatusMessage(string $MessageTyp, string $MessageHeadline, string $MessageText, array $MessageVariables, boolean $returnOutput) : String
It can be used to print INFO, WARN and ERROR messages at the moment.
The headline and text may be formated with special tags:
{bold}, {endbold}: All text between these tags is printed bold.
{color=#123456}, {endcolor}: All text between these tags is printed in the given color.
{link=http://nodomain.org}, {endlink}: A link with the given target is created. The link text is the text between the tags.
string
The type of the message to be printed. It must be one of the following types: 'INFO', 'WARN' or 'ERROR'.
Every other type will lead to an error message indicating an invalid message type.
string
The headline of the status message.
It may be formatted with special color/link/bold tags.
string
The text of the status message.
It may be formatted with special color/link/bold tags. This parameter is optional.
array
The variables that are used to replace the spacers (%s) in the submitted text. This parameter is optional.
boolean
if set to true this function will return the generated HTML code instead of printing it directly (default: false)
String
HTML code if $returnOutput is set to true, otherwise null_get_raw_schema(\$schema_to_fetch $schema_to_fetch, \$dn $dn) : \an
Note, this function has grown many hairs to accomodate more LDAP servers. It is needfully complicated as it now supports many popular LDAP servers that don't necessarily expose their schema "the right way".
\$schema_to_fetch
\$dn
(optional) This paremeter is the DN of the entry whose schema you would like to fetch. Entries have the option of specifying their own subschemaSubentry that points to the DN of the system schema entry which applies to this attribute. If unspecified, this will try to retrieve the schema from the RootDSE subschemaSubentry. Failing that, we use some commonly known schema DNs. Default value is the Root DSE DN (zero-length string)
\an
array of strings of this form: Array ( [0] => "( 1.3.6.1.4.1.7165.1.2.2.4 NAME 'gidPool' DESC 'Pool ... [1] => "( 1.3.6.1.4.1.7165.2.2.3 NAME 'sambaAccount' DESC 'Sa ... etc._get_schema_dn(string $dn, bool $debug) : string
Entries should set the subSchemaSubEntry attribute pointing to the DN of the server schema. You can specify the DN whose subSchemaSubEntry you wish to retrieve of specify an empty string to fetch the subScehamSubEntry from the Root DSE.
string
The DN (may be null) which houses the subschemaSubEntry attribute which this function can use to determine the schema entry's DN.
bool
Switch to true to see some nice and copious output. :)
string
The DN of the entry which houses this LDAP server's schema.add_aliases_to_attrs($attrs)
Ie, attributeType has name 'gn' and 'givenName'. This function will create a unique entry for 'gn' and 'givenName'.
add_sup_to_attrs($attrs, $attrs_oid)
Supports infinite levels of inheritance. Bug 856832: require a second paramter that has all attributes indexed by OID
array_delete(array $values, array $array) : array
array
list of values which should be removed
array
list of original values
array
list of remaining valuesboldText(string $text) : string
access | private |
---|
string
The text that is used to search for {bold} and {endbold} tags.
string
The submitted text with {bold} and {endbold} replaced with the appropriate HTML tages and cached_schema_available($schema_type)
$schema_type may be one of (lowercase) the following: objectclasses attributetypes ldapsyntaxes matchingrules matchingruleuse Note that _get_raw_schema() takes a similar parameter.
checkClientIP()
The script is stopped if the host is not valid.
checkIfDeleteEntriesIsAllowed(String $scope) : boolean
String
account type (e.g. 'user')
boolean
true, if entries may be deletedcheckIfNewEntriesAreAllowed(String $scope) : boolean
This also checks if general write access is enabled.
String
account type (e.g. 'user')
boolean
true, if new entries are allowedcheckIfPasswordChangeIsAllowed() : boolean
boolean
true, if allowedcheckIfToolIsActive(String $tool)
Otherwise, an error message is logged and the execution is stopped (die()).
String
tool class name (e.g. toolFileUpload)
checkIfWriteAccessIsAllowed() : boolean
boolean
true, if allowedcheckPasswordStrength(string $password) : mixed
string
password
mixed
true if ok, string with error message if not validcleanLDAPResult(array $entries)
This will remove all 'count' entries and also all numeric array keys.
array
LDAP entries in format $entries[entry number][attribute name][attribute values]
colorText(string $text) : string
access | private |
---|
string
The text that is used to search for {color} and {endcolor} tags.
string
Input string with HTML-formatted color tagscompareDN(string $a, string $b) : integer
string
first argument to compare
string
second argument to compare
integer
0 if equal, 1 if $a is greater, -1 if $b is greaterdeobfuscateText(String $text)
String
text to deobfuscate
escapeDN(String $dn) : String
String
DN
String
escaped DNextractDNSuffix(String $dn) : String
E.g. ou=people,dc=test,dc=com will result in dc=test,dc=com.
String
DN
String
DN suffixextractRDNAttribute(String $dn) : String
String
DN
String
RDN attribute nameextractRDNValue(String $dn) : String
String
DN
String
RDN attribute valueformatLDAPTimestamp(String $time) : String
from createTimestamp).
String
LDAP time value
String
formated timegenerateRandomPassword() : String
String
passwordgenerateSalt(int $len) : String
int
salt length
String
the salt stringgetAbstractDN(String $dn) : String
E.g. "dc=company,dc=de" is transformed to "company > de".
String
DN
String
transformed DNgetLastLDAPError() : array
array
parameters for StatusMessage or null if all was okgetSupportedHashTypes() : array
SSHA).
array
hash typesget_cached_schema($schema_type)
For list of valid $schema_type values, see above schema_cache_available(). Note that internally, this function utilizes a two-layer cache, one in memory using a static variable for multiple calls within the same page load, and one in a session for multiple calls within the same user session (spanning multiple page loads).
Returns an array of SchemaItem objects on success or false on failure.
get_preg(string $argument, string $regexp) : boolean
string
value to check
string
pattern name
boolean
true if matches, otherwise falseget_schema_attribute($attr_name, string $dn, $use_cache) : \AttributeType
see | \global\AttributeType |
---|---|
see | \global\get_schema_attributes |
string
(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).
\AttributeType
The specified AttributeType object or false on error.get_schema_attributes(string $dn, $use_cache) : array
Each array entry's key is the name of the attributeType in lower-case and the value is an AttributeType object.
string
(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).
array
An array of AttributeType objects.get_schema_matching_rules($dn, $use_cache)
The key of each entry is the OID of the matching rule.
get_schema_objectclass(string $oclass_name, string $dn, $use_cache) : \ObjectClass
see | \global\ObjectClass |
---|---|
see | \global\get_schema_objectclasses |
string
The name of the objectClass to fetch.
string
(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).
\ObjectClass
The specified ObjectClass object or false on error.get_schema_objectclasses(string $dn, $use_cache) : array
Each array entry's key is the name of the objectClass in lower-case and the value is an ObjectClass object.
see | \global\ObjectClass |
---|---|
see | \global\get_schema_objectclass |
string
(optional) It is easier to fetch schema if a DN is provided which defines the subschemaSubEntry attribute (all entries should).
array
An array of ObjectClass objects.get_schema_syntaxes($dn, $use_cache)
The key of each entry is the OID of the Syntax.
getdays() : \number
\number
of daysin_array_ignore_case(String $needle, array $haystack)
String
search string
array
array
isObfuscatedText(String $text) : boolean
String
text to check
boolean
obfuscated or notldapGetDN(String $dn, array $attributes, \handle $handle) : array
String
DN
array
list of attributes to fetch
\handle
LDAP handle (optional for admin interface pages)
array
attributes or null if not foundlinkText(string $text) : string
access | private |
---|
string
The text that is used to search for {link} and {endlink} tags.
string
Input string with HTML-formatted link tagslmPassword(string $password) : string
string
password original password
string
password hashlogNewMessage(string $level, string $message)
string
log level (LOG_DEBUG, LOG_NOTICE, LOG_WARNING, LOG_ERR)
string
log message
logoffAndBackToLoginPage()
ntPassword(string $password) : string
string
password original password
string
password hashobfuscateText(String $text)
String
text to obfuscate
parseMessageString(string $MessageString) : string
access | private |
---|
string
The text that is used to search for replaceable strings.
string
The processed text.pwd_disable(string $hash) : string
string
hash value to disable
string
disabled hash valuepwd_enable(string $hash) : string
string
hash value to enable
string
enabled password hashpwd_hash(string $password, boolean $enabled, string $hashType) : string
see | \global\getSupportedHashTypes() |
---|
string
the password string
boolean
marks the hash as enabled/disabled (e.g. by prefixing "!")
string
password hash type (CRYPT, CRYPT-SHA512, SHA, SSHA, MD5, SMD5, PLAIN)
string
the password hashpwd_is_enabled(string $hash) : boolean
string
password hash to check
boolean
true if the password is marked as enabledpwd_is_lockable(String $password) : boolean
This checks if the password is not plain text but e.g. contains {SSHA}.
String
password value
boolean
can be lockedsearchLDAP(String $suffix, String $filter, array $attributes) : array
String
LDAP suffix
String
filter
array
list of attributes to return
array
list of found entriessearchLDAPByAttribute(String $name, String $value, String $objectClass, array $attributes, array $scopes) : array
String
attribute name (may be null)
String
attribute value
String
object class (may be null)
array
list of attributes to return
array
account types
array
list of found entriessearchLDAPByFilter(String $filter, array $attributes, array $scopes, boolean $attrsOnly) : array
String
array
list of attributes to return
array
account types
boolean
get only attributes but no values (default: false)
array
list of found entriessearch_domains(\handle $server, String $suffix) : array
\handle
LDAP handle (if null then $_SESSION['ldap']->server() is used)
String
LDAP suffix to search (if null then $_SESSION['config']->get_Suffix('smbDomain') is used)
array
list of samba3domain objectssendPasswordMail(String $pwd, array $user, String $recipient) : array
String
new password
array
LDAP attributes of user
String
recipient address (optional, $user['mail'][0] used by default)
array
list of arrays that can be used to create status messagesset_cached_schema($schema_type, $schema_items)
$schema_items should be an array of SchemaItem instances (ie, an array of ObjectClass, AttributeType, LDAPSyntax, MatchingRuleUse, or MatchingRule objects.
Returns true on success of false on failure.
set_schema_cache_unavailable()
smbflag(array $input) : string
array
is an array of Samba flags (e.g. X or D)
string
Samba flag stringstartSecureSession(boolean $redirectToLogin) : boolean
The script is stopped if one of the checks fail (timeout redirection may be overriden).
boolean
redirect user to login page
boolean
true if all ok, false if session expiredA simple class for representing AttributeTypes used only by the ObjectClass class.
« More »SCHEMA_SESSION_CACHE_ENABLED