Révision 32700c57
Ajouté par Assos Assos il y a environ 5 ans
| drupal7/sites/all/modules/ldap/ldap_servers/ldap_servers.functions.inc | ||
|---|---|---|
| 2 | 2 |
|
| 3 | 3 |
/** |
| 4 | 4 |
* @file |
| 5 |
* collection of functions that don't belong in server object
|
|
| 5 |
* Collection of functions that don't belong in server object.
|
|
| 6 | 6 |
*/ |
| 7 | 7 |
|
| 8 | 8 |
/** |
| 9 |
* Modify an LDAP Entry |
|
| 10 |
* |
|
| 11 |
* this has been depracated in favor or $ldap_server->modifyLdapEntry($dn, $attributes) |
|
| 12 |
* which handles empty attributes better. |
|
| 13 |
* |
|
| 14 |
*/ |
|
| 9 |
* Modify an LDAP Entry. |
|
| 10 |
* |
|
| 11 |
* This has been depracated in favor or $ldap_server->modifyLdapEntry($dn, $attributes) |
|
| 12 |
* which handles empty attributes better. |
|
| 13 |
*/ |
|
| 15 | 14 |
function ldap_user_modify($dn, $attributes, $ldap_server) {
|
| 16 | 15 |
$result = ldap_modify($ldap_server->connection, $dn, $attributes); |
| 17 | 16 |
if (!$result) {
|
| 18 | 17 |
$error = "LDAP Server ldap_modify(%dn) in ldap_user_modify() Error Server ID = %sid, LDAP Err No: %ldap_errno LDAP Err Message: %ldap_err2str "; |
| 19 |
$tokens = array('%dn' => $dn, '%sid' => $this->sid, '%ldap_errno' => ldap_errno($this->connection), '%ldap_err2str' => ldap_err2str(ldap_errno($this->connection)));
|
|
| 18 |
$tokens = ['%dn' => $dn, '%sid' => $this->sid, '%ldap_errno' => ldap_errno($this->connection), '%ldap_err2str' => ldap_err2str(ldap_errno($this->connection))];
|
|
| 20 | 19 |
watchdog('ldap_servers', $error, $tokens, WATCHDOG_ERROR);
|
| 21 | 20 |
} |
| 22 | 21 |
return $result; |
| 23 | 22 |
} |
| 24 | 23 |
|
| 25 | 24 |
/** |
| 26 |
* Modify a password |
|
| 25 |
* Modify a password.
|
|
| 27 | 26 |
*/ |
| 28 | 27 |
function ldap_password_modify($userdn, $new_password, $ldap_server) {
|
| 29 | 28 |
|
| ... | ... | |
| 34 | 33 |
$new_pass .= "{$new_password{$i}}\000";
|
| 35 | 34 |
} |
| 36 | 35 |
|
| 37 |
$status = ldap_mod_replace($ldap_server->connection, $userdn, array('unicodePwd' => $new_pass));
|
|
| 36 |
$status = ldap_mod_replace($ldap_server->connection, $userdn, ['unicodePwd' => $new_pass]);
|
|
| 38 | 37 |
if (!$status) {
|
| 39 | 38 |
watchdog( |
| 40 | 39 |
'ldap_servers', |
| 41 | 40 |
'Error: password_modify() failed to modify ldap password w/ base DN "!dn"', |
| 42 |
array('!dn' => $userdn),
|
|
| 41 |
['!dn' => $userdn],
|
|
| 43 | 42 |
WATCHDOG_ERROR |
| 44 | 43 |
); |
| 45 | 44 |
} |
| ... | ... | |
| 48 | 47 |
} |
| 49 | 48 |
|
| 50 | 49 |
/** |
| 51 |
* Converts a password to the format that Active Directory supports (for the
|
|
| 50 |
* Converts a password to the format that Active Directory supports (for the |
|
| 52 | 51 |
* purpose of changing or setting). Note that AD needs the field to be called |
| 53 | 52 |
* unicodePwd (as opposed to userPassword) |
| 54 |
*
|
|
| 53 |
* |
|
| 55 | 54 |
* @param string $password |
| 56 |
* The password that is being formatted for Active Directory unicodePwd field |
|
| 55 |
* The password that is being formatted for Active Directory unicodePwd field. |
|
| 56 |
* |
|
| 57 | 57 |
* @return string |
| 58 |
* $password surrounded with quotes and in UTF-16LE encoding
|
|
| 58 |
* $password surrounded with quotes and in UTF-16LE encoding |
|
| 59 | 59 |
*/ |
| 60 | 60 |
function ldap_servers_convert_password_for_active_directory_unicodePwd($password) {
|
| 61 | 61 |
// This function can be called with $attributes['unicodePwd'] as an array. |
| ... | ... | |
| 65 | 65 |
else {
|
| 66 | 66 |
// Presumably there is no use case for there being more than one password in |
| 67 | 67 |
// the $attributes array, hence it will be at index 0 and we return in kind. |
| 68 |
return array(mb_convert_encoding("\"{$password[0]}\"", "UTF-16LE"));
|
|
| 68 |
return [mb_convert_encoding("\"{$password[0]}\"", "UTF-16LE")];
|
|
| 69 | 69 |
} |
| 70 | 70 |
} |
| 71 | 71 |
|
| 72 | 72 |
/** |
| 73 |
* |
|
| 74 |
* this attempts to find bad dns, but should only be used as warnings |
|
| 73 |
* This attempts to find bad dns, but should only be used as warnings |
|
| 75 | 74 |
* as the ldap spec allows for any old character to be escaped and ldap |
| 76 | 75 |
* implementations may not follow the spec. |
| 77 | 76 |
* |
| 78 |
* http://www.ietf.org/rfc/rfc2253.txt |
|
| 79 |
* |
|
| 77 |
* Http://www.ietf.org/rfc/rfc2253.txt. |
|
| 80 | 78 |
*/ |
| 81 | 79 |
function ldap_baddn($dn, $dn_name) {
|
| 82 |
$result = array();
|
|
| 80 |
$result = [];
|
|
| 83 | 81 |
$valid_attr_name = '[_a-zA-Z\d\s]'; |
| 84 | 82 |
$valid_attr_values = '[_\-a-zA-Z\d\s]'; |
| 85 | 83 |
$regex = '/^(' . $valid_attr_name . '*\=' . $valid_attr_values . '*[,]{1})*(' . $valid_attr_name . '*\=' . $valid_attr_values . '*){1}$/';
|
| 86 | 84 |
$match = (preg_match($regex, $dn)) ? TRUE : FALSE; |
| 87 | 85 |
$result['boolean'] = $match; |
| 88 | 86 |
if (!$match) {
|
| 89 |
$tokens = array('%dn' => htmlspecialchars($dn), '%dn_name' => $dn_name);
|
|
| 87 |
$tokens = ['%dn' => htmlspecialchars($dn), '%dn_name' => $dn_name];
|
|
| 90 | 88 |
$result['text'] = t('Possible invalid format for:', $tokens)
|
| 91 | 89 |
. '<em>' . $tokens['%dn'] . '</em>.<br/> ' . |
| 92 | 90 |
t('The format may be correct for your ldap, but please double check.', $tokens);
|
| ... | ... | |
| 95 | 93 |
} |
| 96 | 94 |
|
| 97 | 95 |
/** |
| 98 |
* |
|
| 99 |
* this attempts to find bad dns, but should only be used as warningswe |
|
| 96 |
* This attempts to find bad dns, but should only be used as warningswe |
|
| 100 | 97 |
* as the ldap spec allows for any old character to be escaped and ldap |
| 101 | 98 |
* implementations may not follow the spec. |
| 102 | 99 |
* |
| 103 |
* http://www.ietf.org/rfc/rfc2253.txt |
|
| 104 |
* |
|
| 100 |
* Http://www.ietf.org/rfc/rfc2253.txt. |
|
| 105 | 101 |
*/ |
| 106 |
|
|
| 107 | 102 |
function ldap_badattr($attr, $attr_name) {
|
| 108 |
$result = array();
|
|
| 103 |
$result = [];
|
|
| 109 | 104 |
$valid_attr_name = '[_a-zA-Z\d\s]'; |
| 110 | 105 |
$regex = '/^(' . $valid_attr_name . '){1,}$/';
|
| 111 | 106 |
$match = (preg_match($regex, $attr)) ? TRUE : FALSE; |
| 112 | 107 |
$result['boolean'] = $match; |
| 113 | 108 |
if (!$match) {
|
| 114 |
$tokens = array('%attr' => htmlspecialchars($attr), '%attr_name' => $attr_name);
|
|
| 109 |
$tokens = ['%attr' => htmlspecialchars($attr), '%attr_name' => $attr_name];
|
|
| 115 | 110 |
$result['text'] = t('Possible invalid format for %attr_name:', $tokens) . ' <code><em>' . $tokens['%attr']
|
| 116 | 111 |
. '</em></code><br/>' . t('The format may be correct for your ldap, but please double check.', $tokens);
|
| 117 | 112 |
} |
| ... | ... | |
| 119 | 114 |
} |
| 120 | 115 |
|
| 121 | 116 |
/** |
| 122 |
* get array of required attributes for an ldap query |
|
| 123 |
|
|
| 124 |
* @param string $sid server id or ldap server object being used |
|
| 125 |
* @param string $direction LDAP_USER_PROV_DIRECTION_* constant |
|
| 126 |
* @param string $ldap_context |
|
| 127 |
* @param boolean $reset cache |
|
| 117 |
* Get array of required attributes for an ldap query. |
|
| 128 | 118 |
* |
| 119 |
* @param string $sid |
|
| 120 |
* server id or ldap server object being used. |
|
| 121 |
* @param string $direction |
|
| 122 |
* LDAP_USER_PROV_DIRECTION_* constant. |
|
| 123 |
* @param string $ldap_context |
|
| 124 |
* @param bool $reset |
|
| 125 |
* cache. |
|
| 129 | 126 |
*/ |
| 130 | 127 |
function ldap_servers_attributes_needed($sid, $ldap_context = 'all', $reset = TRUE) {
|
| 131 | 128 |
|
| ... | ... | |
| 133 | 130 |
$sid = is_object($sid) ? $sid->sid : $sid; |
| 134 | 131 |
$static_cache_id = ($sid) ? $ldap_context . '__' . $sid : $ldap_context; |
| 135 | 132 |
if (!is_array($attributes)) {
|
| 136 |
$attributes = array();
|
|
| 133 |
$attributes = [];
|
|
| 137 | 134 |
} |
| 138 | 135 |
if (!isset($attributes[$static_cache_id]) || $reset) {
|
| 139 |
$params = array(
|
|
| 136 |
$params = [
|
|
| 140 | 137 |
'sid' => $sid, |
| 141 | 138 |
'ldap_context' => $ldap_context, |
| 142 |
);
|
|
| 139 |
];
|
|
| 143 | 140 |
drupal_alter('ldap_attributes_needed', $attributes[$static_cache_id], $params);
|
| 144 | 141 |
} |
| 145 | 142 |
$return = $attributes[$static_cache_id]; |
| ... | ... | |
| 147 | 144 |
return $return; |
| 148 | 145 |
} |
| 149 | 146 |
|
| 150 |
|
|
| 151 | 147 |
/** |
| 152 |
* function to massage (change case, escape, unescape) ldap attribute names |
|
| 153 |
* and values. The primary purpose of this is to articulate and ensure consistency |
|
| 154 |
* across ldap modules. |
|
| 148 |
* Function to massage (change case, escape, unescape) ldap attribute names |
|
| 149 |
* and values. The primary purpose of this is to articulate and ensure |
|
| 150 |
* consistency across ldap modules. |
|
| 151 |
* |
|
| 152 |
* @param mixed $value |
|
| 153 |
* to be massaged. |
|
| 154 |
* @param string $value_type |
|
| 155 |
* = 'attr_name' or 'attr_value;. |
|
| 156 |
* @param enum $context |
|
| 157 |
* ...see LDAP_SERVER_MASSAGE_* constants |
|
| 155 | 158 |
* |
| 156 |
* @param mixed $value to be massaged |
|
| 157 |
* @param enum $value_type = 'attr_name' or 'attr_value; |
|
| 158 |
* @param enum $context...see LDAP_SERVER_MASSAGE_* constants |
|
| 159 |
* .e.g. ldap_server_massage_text($value, 'attr_value', |
|
| 160 |
* LDAP_SERVER_MASSAGE_QUERY_LDAP) |
|
| 159 | 161 |
* |
| 160 |
* .e.g. ldap_server_massage_text($value, 'attr_value', LDAP_SERVER_MASSAGE_QUERY_LDAP)
|
|
| 162 |
* @return array|mixed|string
|
|
| 161 | 163 |
*/ |
| 162 | 164 |
function ldap_server_massage_text($value, $value_type, $context) {
|
| 163 | 165 |
|
| ... | ... | |
| 187 | 189 |
case LDAP_SERVER_MASSAGE_STORE_ARRAY: |
| 188 | 190 |
case LDAP_SERVER_MASSAGE_STORE_PROPERTY: |
| 189 | 191 |
|
| 190 |
break; |
|
| 192 |
break;
|
|
| 191 | 193 |
|
| 192 | 194 |
} |
| 193 | 195 |
} |
| 194 |
elseif ($value_type == 'attr_name') { // attr_name
|
|
| 196 |
// attr_name. |
|
| 197 |
elseif ($value_type == 'attr_name') {
|
|
| 195 | 198 |
switch ($context) {
|
| 196 | 199 |
|
| 197 | 200 |
case LDAP_SERVER_MASSAGE_DISPLAY: |
| 198 |
break; |
|
| 201 |
break;
|
|
| 199 | 202 |
|
| 200 | 203 |
case LDAP_SERVER_MASSAGE_TOKEN_REPLACE: |
| 201 | 204 |
|
| ... | ... | |
| 217 | 220 |
} |
| 218 | 221 |
} |
| 219 | 222 |
else {
|
| 220 |
// neither scalar nor array $value
|
|
| 223 |
// Neither scalar nor array $value.
|
|
| 221 | 224 |
} |
| 222 |
break; |
|
| 225 |
break;
|
|
| 223 | 226 |
|
| 224 | 227 |
} |
| 225 | 228 |
} |
| ... | ... | |
| 228 | 231 |
|
| 229 | 232 |
} |
| 230 | 233 |
|
| 231 |
/** |
|
| 232 |
* from pear net_ldap2-2.0.11 |
|
| 233 |
* |
|
| 234 |
* Escapes the given VALUES according to RFC 2254 so that they can be safely used in LDAP filters. |
|
| 235 |
* |
|
| 236 |
* Any control characters with an ACII code < 32 as well as the characters with special meaning in |
|
| 237 |
* LDAP filters "*", "(", ")", and "\" (the backslash) are converted into the representation of a
|
|
| 238 |
* backslash followed by two hex digits representing the hexadecimal value of the character. |
|
| 239 |
* |
|
| 240 |
* @param array $values Array of values to escape |
|
| 241 |
* |
|
| 242 |
* @static |
|
| 243 |
* @return array Array $values, but escaped |
|
| 244 |
*/ |
|
| 245 |
function ldap_pear_escape_filter_value($values = array()) {
|
|
| 246 |
// Parameter validation |
|
| 247 |
$is_scalar = is_scalar($values); |
|
| 248 |
if ($is_scalar) {
|
|
| 249 |
$values = array($values); |
|
| 250 |
} |
|
| 251 |
if ($values === NULL) {
|
|
| 252 |
return NULL; |
|
| 253 |
} |
|
| 254 |
|
|
| 255 |
foreach ($values as $key => $val) {
|
|
| 256 |
// Escaping of filter meta characters |
|
| 257 |
$val = str_replace('\\', '\5c', $val);
|
|
| 258 |
$val = str_replace('*', '\2a', $val);
|
|
| 259 |
$val = str_replace('(', '\28', $val);
|
|
| 260 |
$val = str_replace(')', '\29', $val);
|
|
| 234 |
/** |
|
| 235 |
* From pear net_ldap2-2.0.11. |
|
| 236 |
* |
|
| 237 |
* Escapes the given VALUES according to RFC 2254 so that they can be safely used in LDAP filters. |
|
| 238 |
* |
|
| 239 |
* Any control characters with an ACII code < 32 as well as the characters with special meaning in |
|
| 240 |
* LDAP filters "*", "(", ")", and "\" (the backslash) are converted into the representation of a
|
|
| 241 |
* backslash followed by two hex digits representing the hexadecimal value of the character. |
|
| 242 |
* |
|
| 243 |
* @param array $values |
|
| 244 |
* Array of values to escape. |
|
| 245 |
* |
|
| 246 |
* @static |
|
| 247 |
* |
|
| 248 |
* @return array Array $values, but escaped |
|
| 249 |
*/ |
|
| 250 |
function ldap_pear_escape_filter_value($values = []) {
|
|
| 251 |
// Parameter validation. |
|
| 252 |
$is_scalar = is_scalar($values); |
|
| 253 |
if ($is_scalar) {
|
|
| 254 |
$values = [$values]; |
|
| 255 |
} |
|
| 256 |
if ($values === NULL) {
|
|
| 257 |
return NULL; |
|
| 258 |
} |
|
| 261 | 259 |
|
| 262 |
// ASCII < 32 escaping |
|
| 263 |
$val = ldap_pear_asc2hex32($val); |
|
| 260 |
foreach ($values as $key => $val) {
|
|
| 261 |
// Escaping of filter meta characters. |
|
| 262 |
$val = str_replace('\\', '\5c', $val);
|
|
| 263 |
$val = str_replace('*', '\2a', $val);
|
|
| 264 |
$val = str_replace('(', '\28', $val);
|
|
| 265 |
$val = str_replace(')', '\29', $val);
|
|
| 264 | 266 |
|
| 265 |
if (null === $val) {
|
|
| 266 |
$val = '\0'; |
|
| 267 |
} // apply escaped "null" if string is empty |
|
| 267 |
// ASCII < 32 escaping. |
|
| 268 |
$val = ldap_pear_asc2hex32($val); |
|
| 268 | 269 |
|
| 269 |
$values[$key] = $val; |
|
| 270 |
} |
|
| 270 |
if (NULL === $val) {
|
|
| 271 |
$val = '\0'; |
|
| 272 |
} // apply escaped "null" if string is empty |
|
| 271 | 273 |
|
| 272 |
return ($is_scalar) ? $values[0] : $values;
|
|
| 273 |
}
|
|
| 274 |
$values[$key] = $val;
|
|
| 275 |
} |
|
| 274 | 276 |
|
| 275 |
/** |
|
| 276 |
* Undoes the conversion done by {@link escape_filter_value()}.
|
|
| 277 |
* |
|
| 278 |
* Converts any sequences of a backslash followed by two hex digits into the corresponding character. |
|
| 279 |
* |
|
| 280 |
* @param array $values Array of values to escape |
|
| 281 |
* |
|
| 282 |
* @static |
|
| 283 |
* @return array Array $values, but unescaped |
|
| 284 |
*/ |
|
| 285 |
function ldap_pear_unescape_filter_value($values = array()) {
|
|
| 286 |
// Parameter validation |
|
| 287 |
$is_scalar = is_scalar($values); |
|
| 288 |
if (!is_array($values)) {
|
|
| 289 |
$values = array($values); |
|
| 290 |
} |
|
| 277 |
return ($is_scalar) ? $values[0] : $values; |
|
| 278 |
} |
|
| 291 | 279 |
|
| 292 |
foreach ($values as $key => $value) {
|
|
| 293 |
// Translate hex code into ascii |
|
| 294 |
$values[$key] = ldap_pear_hex2asc($value); |
|
| 295 |
} |
|
| 280 |
/** |
|
| 281 |
* Undoes the conversion done by {@link escape_filter_value()}.
|
|
| 282 |
* |
|
| 283 |
* Converts any sequences of a backslash followed by two hex digits into the corresponding character. |
|
| 284 |
* |
|
| 285 |
* @param array $values |
|
| 286 |
* Array of values to escape. |
|
| 287 |
* |
|
| 288 |
* @static |
|
| 289 |
* |
|
| 290 |
* @return array Array $values, but unescaped |
|
| 291 |
*/ |
|
| 292 |
function ldap_pear_unescape_filter_value($values = []) {
|
|
| 293 |
// Parameter validation. |
|
| 294 |
$is_scalar = is_scalar($values); |
|
| 295 |
if (!is_array($values)) {
|
|
| 296 |
$values = [$values]; |
|
| 297 |
} |
|
| 296 | 298 |
|
| 297 |
return ($is_scalar) ? $values[0] : $values; |
|
| 298 |
} |
|
| 299 |
foreach ($values as $key => $value) {
|
|
| 300 |
// Translate hex code into ascii. |
|
| 301 |
$values[$key] = ldap_pear_hex2asc($value); |
|
| 302 |
} |
|
| 299 | 303 |
|
| 304 |
return ($is_scalar) ? $values[0] : $values; |
|
| 305 |
} |
|
| 300 | 306 |
|
| 301 |
/** |
|
| 302 |
* Escapes a DN value according to RFC 2253 |
|
| 303 |
* |
|
| 304 |
* Escapes the given VALUES according to RFC 2253 so that they can be safely used in LDAP DNs. |
|
| 305 |
* The characters ",", "+", """, "\", "<", ">", ";", "#", "=" with a special meaning in RFC 2252 |
|
| 306 |
* are preceeded by ba backslash. Control characters with an ASCII code < 32 are represented as \hexpair. |
|
| 307 |
* Finally all leading and trailing spaces are converted to sequences of \20. |
|
| 308 |
* |
|
| 309 |
* @param array $values An array containing the DN values that should be escaped |
|
| 310 |
* |
|
| 311 |
* @static |
|
| 312 |
* @return array The array $values, but escaped |
|
| 313 |
*/ |
|
| 314 |
function ldap_pear_escape_dn_value($values = array()) {
|
|
| 315 |
// Parameter validation |
|
| 316 |
$is_scalar = is_scalar($values); |
|
| 317 |
|
|
| 318 |
if (!is_array($values)) {
|
|
| 319 |
$values = array($values); |
|
| 320 |
} |
|
| 307 |
/** |
|
| 308 |
* Escapes a DN value according to RFC 2253. |
|
| 309 |
* |
|
| 310 |
* Escapes the given VALUES according to RFC 2253 so that they can be safely used in LDAP DNs. |
|
| 311 |
* The characters ",", "+", """, "\", "<", ">", ";", "#", "=" with a special meaning in RFC 2252 |
|
| 312 |
* are preceeded by ba backslash. Control characters with an ASCII code < 32 are represented as \hexpair. |
|
| 313 |
* Finally all leading and trailing spaces are converted to sequences of \20. |
|
| 314 |
* |
|
| 315 |
* @param array $values |
|
| 316 |
* An array containing the DN values that should be escaped. |
|
| 317 |
* |
|
| 318 |
* @static |
|
| 319 |
* |
|
| 320 |
* @return array The array $values, but escaped |
|
| 321 |
*/ |
|
| 322 |
function ldap_pear_escape_dn_value($values = []) {
|
|
| 323 |
// Parameter validation. |
|
| 324 |
$is_scalar = is_scalar($values); |
|
| 321 | 325 |
|
| 322 |
foreach ($values as $key => $val) {
|
|
| 323 |
// Escaping of filter meta characters |
|
| 324 |
$val = str_replace('\\', '\\\\', $val);
|
|
| 325 |
$val = str_replace(',', '\,', $val);
|
|
| 326 |
$val = str_replace('+', '\+', $val);
|
|
| 327 |
$val = str_replace('"', '\"', $val);
|
|
| 328 |
$val = str_replace('<', '\<', $val);
|
|
| 329 |
$val = str_replace('>', '\>', $val);
|
|
| 330 |
$val = str_replace(';', '\;', $val);
|
|
| 331 |
$val = str_replace('#', '\#', $val);
|
|
| 332 |
$val = str_replace('=', '\=', $val);
|
|
| 333 |
|
|
| 334 |
// ASCII < 32 escaping |
|
| 335 |
$val = ldap_pear_asc2hex32($val); |
|
| 336 |
|
|
| 337 |
// Convert all leading and trailing spaces to sequences of \20. |
|
| 338 |
if (preg_match('/^(\s*)(.+?)(\s*)$/', $val, $matches)) {
|
|
| 339 |
$val = $matches[2]; |
|
| 340 |
for ($i = 0; $i < strlen($matches[1]); $i++) {
|
|
| 341 |
$val = '\20' . $val; |
|
| 342 |
} |
|
| 343 |
for ($i = 0; $i < strlen($matches[3]); $i++) {
|
|
| 344 |
$val = $val . '\20'; |
|
| 345 |
} |
|
| 346 |
} |
|
| 347 |
|
|
| 348 |
if (null === $val) $val = '\0'; // apply escaped "null" if string is empty |
|
| 349 |
|
|
| 350 |
$values[$key] = $val; |
|
| 351 |
} |
|
| 326 |
if (!is_array($values)) {
|
|
| 327 |
$values = [$values]; |
|
| 328 |
} |
|
| 352 | 329 |
|
| 353 |
return ($is_scalar) ? $values[0] : $values; |
|
| 330 |
foreach ($values as $key => $val) {
|
|
| 331 |
// Escaping of filter meta characters. |
|
| 332 |
$val = str_replace('\\', '\\\\', $val);
|
|
| 333 |
$val = str_replace(',', '\,', $val);
|
|
| 334 |
$val = str_replace('+', '\+', $val);
|
|
| 335 |
$val = str_replace('"', '\"', $val);
|
|
| 336 |
$val = str_replace('<', '\<', $val);
|
|
| 337 |
$val = str_replace('>', '\>', $val);
|
|
| 338 |
$val = str_replace(';', '\;', $val);
|
|
| 339 |
$val = str_replace('#', '\#', $val);
|
|
| 340 |
$val = str_replace('=', '\=', $val);
|
|
| 341 |
|
|
| 342 |
// ASCII < 32 escaping. |
|
| 343 |
$val = ldap_pear_asc2hex32($val); |
|
| 344 |
|
|
| 345 |
// Convert all leading and trailing spaces to sequences of \20. |
|
| 346 |
if (preg_match('/^(\s*)(.+?)(\s*)$/', $val, $matches)) {
|
|
| 347 |
$val = $matches[2]; |
|
| 348 |
for ($i = 0; $i < strlen($matches[1]); $i++) {
|
|
| 349 |
$val = '\20' . $val; |
|
| 350 |
} |
|
| 351 |
for ($i = 0; $i < strlen($matches[3]); $i++) {
|
|
| 352 |
$val = $val . '\20'; |
|
| 353 |
} |
|
| 354 | 354 |
} |
| 355 | 355 |
|
| 356 |
/** |
|
| 357 |
* Undoes the conversion done by escape_dn_value(). |
|
| 358 |
* |
|
| 359 |
* Any escape sequence starting with a baskslash - hexpair or special character - |
|
| 360 |
* will be transformed back to the corresponding character. |
|
| 361 |
* |
|
| 362 |
* @param array $values Array of DN Values |
|
| 363 |
* |
|
| 364 |
* @return array Same as $values, but unescaped |
|
| 365 |
* @static |
|
| 366 |
*/ |
|
| 367 |
function ldap_pear_unescape_dn_value($values = array()) {
|
|
| 368 |
$is_scalar = is_scalar($values); |
|
| 369 |
|
|
| 370 |
// Parameter validation |
|
| 371 |
if (!is_array($values)) {
|
|
| 372 |
$values = array($values); |
|
| 373 |
} |
|
| 356 |
// Apply escaped "null" if string is empty. |
|
| 357 |
if (NULL === $val) {
|
|
| 358 |
$val = '\0'; |
|
| 359 |
} |
|
| 374 | 360 |
|
| 375 |
foreach ($values as $key => $val) {
|
|
| 376 |
// strip slashes from special chars |
|
| 377 |
$val = str_replace('\\\\', '\\', $val);
|
|
| 378 |
$val = str_replace('\,', ',', $val);
|
|
| 379 |
$val = str_replace('\+', '+', $val);
|
|
| 380 |
$val = str_replace('\"', '"', $val);
|
|
| 381 |
$val = str_replace('\<', '<', $val);
|
|
| 382 |
$val = str_replace('\>', '>', $val);
|
|
| 383 |
$val = str_replace('\;', ';', $val);
|
|
| 384 |
$val = str_replace('\#', '#', $val);
|
|
| 385 |
$val = str_replace('\=', '=', $val);
|
|
| 386 |
|
|
| 387 |
// Translate hex code into ascii |
|
| 388 |
$values[$key] = ldap_pear_hex2asc($val); |
|
| 389 |
} |
|
| 361 |
$values[$key] = $val; |
|
| 362 |
} |
|
| 390 | 363 |
|
| 391 |
return ($is_scalar) ? $values[0] : $values;
|
|
| 392 |
}
|
|
| 364 |
return ($is_scalar) ? $values[0] : $values; |
|
| 365 |
} |
|
| 393 | 366 |
|
| 367 |
/** |
|
| 368 |
* Undoes the conversion done by escape_dn_value(). |
|
| 369 |
* |
|
| 370 |
* Any escape sequence starting with a baskslash - hexpair or special character - |
|
| 371 |
* will be transformed back to the corresponding character. |
|
| 372 |
* |
|
| 373 |
* @param array $values |
|
| 374 |
* Array of DN Values. |
|
| 375 |
* |
|
| 376 |
* @return array Same as $values, but unescaped |
|
| 377 |
* |
|
| 378 |
* @static |
|
| 379 |
*/ |
|
| 380 |
function ldap_pear_unescape_dn_value($values = []) {
|
|
| 381 |
$is_scalar = is_scalar($values); |
|
| 394 | 382 |
|
| 383 |
// Parameter validation. |
|
| 384 |
if (!is_array($values)) {
|
|
| 385 |
$values = [$values]; |
|
| 386 |
} |
|
| 395 | 387 |
|
| 396 |
/** |
|
| 397 |
* Converts all Hex expressions ("\HEX") to their original ASCII characters
|
|
| 398 |
* |
|
| 399 |
* @param string $string String to convert |
|
| 400 |
* |
|
| 401 |
* @static |
|
| 402 |
* @author beni@php.net, heavily based on work from DavidSmith@byu.net |
|
| 403 |
* @return string |
|
| 404 |
*/ |
|
| 388 |
foreach ($values as $key => $val) {
|
|
| 389 |
// Strip slashes from special chars. |
|
| 390 |
$val = str_replace('\\\\', '\\', $val);
|
|
| 391 |
$val = str_replace('\,', ',', $val);
|
|
| 392 |
$val = str_replace('\+', '+', $val);
|
|
| 393 |
$val = str_replace('\"', '"', $val);
|
|
| 394 |
$val = str_replace('\<', '<', $val);
|
|
| 395 |
$val = str_replace('\>', '>', $val);
|
|
| 396 |
$val = str_replace('\;', ';', $val);
|
|
| 397 |
$val = str_replace('\#', '#', $val);
|
|
| 398 |
$val = str_replace('\=', '=', $val);
|
|
| 399 |
|
|
| 400 |
// Translate hex code into ascii. |
|
| 401 |
$values[$key] = ldap_pear_hex2asc($val); |
|
| 402 |
} |
|
| 405 | 403 |
|
| 406 |
function ldap_pear_hex2asc($string) {
|
|
| 404 |
return ($is_scalar) ? $values[0] : $values; |
|
| 405 |
} |
|
| 407 | 406 |
|
| 408 |
if (version_compare(PHP_VERSION, '5.3.0') >= 0) {
|
|
| 409 |
$string = preg_replace_callback( |
|
| 410 |
"/\\\([0-9A-Fa-f]{2})/",
|
|
| 411 |
function ($m){
|
|
| 412 |
return chr(hexdec($m[1])); |
|
| 413 |
}, |
|
| 414 |
$string); |
|
| 415 |
} |
|
| 416 |
else {
|
|
| 417 |
$string = preg_replace("/\\\([0-9A-Fa-f]{2})/e", "''.chr(hexdec('\\1')).''", $string);
|
|
| 418 |
} |
|
| 407 |
/** |
|
| 408 |
* Converts all Hex expressions ("\HEX") to their original ASCII characters.
|
|
| 409 |
* |
|
| 410 |
* @param string $string |
|
| 411 |
* String to convert. |
|
| 412 |
* |
|
| 413 |
* @static |
|
| 414 |
* @author beni@php.net, heavily based on work from DavidSmith@byu.net |
|
| 415 |
* |
|
| 416 |
* @return string |
|
| 417 |
*/ |
|
| 418 |
function ldap_pear_hex2asc($string) {
|
|
| 419 |
|
|
| 420 |
if (version_compare(PHP_VERSION, '5.3.0') >= 0) {
|
|
| 421 |
$string = preg_replace_callback( |
|
| 422 |
"/\\\([0-9A-Fa-f]{2})/",
|
|
| 423 |
function ($m) {
|
|
| 424 |
return chr(hexdec($m[1])); |
|
| 425 |
}, |
|
| 426 |
$string); |
|
| 427 |
} |
|
| 428 |
else {
|
|
| 429 |
$string = preg_replace("/\\\([0-9A-Fa-f]{2})/e", "''.chr(hexdec('\\1')).''", $string);
|
|
| 430 |
} |
|
| 419 | 431 |
|
| 420 |
return $string;
|
|
| 421 |
}
|
|
| 432 |
return $string; |
|
| 433 |
} |
|
| 422 | 434 |
|
| 423 |
/** |
|
| 424 |
* Converts all ASCII chars < 32 to "\HEX" |
|
| 425 |
* |
|
| 426 |
* @param string $string String to convert |
|
| 427 |
* |
|
| 428 |
* @static |
|
| 429 |
* @return string |
|
| 430 |
*/ |
|
| 431 |
function ldap_pear_asc2hex32($string) {
|
|
| 432 |
for ($i = 0; $i < strlen($string); $i++) {
|
|
| 433 |
$char = substr($string, $i, 1); |
|
| 434 |
if (ord($char) < 32) {
|
|
| 435 |
$hex = dechex(ord($char)); |
|
| 436 |
if (strlen($hex) == 1) $hex = '0' . $hex; |
|
| 437 |
$string = str_replace($char, '\\' . $hex, $string); |
|
| 438 |
} |
|
| 439 |
} |
|
| 440 |
return $string; |
|
| 435 |
/** |
|
| 436 |
* Converts all ASCII chars < 32 to "\HEX". |
|
| 437 |
* |
|
| 438 |
* @param string $string |
|
| 439 |
* String to convert. |
|
| 440 |
* |
|
| 441 |
* @static |
|
| 442 |
* |
|
| 443 |
* @return string |
|
| 444 |
*/ |
|
| 445 |
function ldap_pear_asc2hex32($string) {
|
|
| 446 |
for ($i = 0; $i < strlen($string); $i++) {
|
|
| 447 |
$char = substr($string, $i, 1); |
|
| 448 |
if (ord($char) < 32) {
|
|
| 449 |
$hex = dechex(ord($char)); |
|
| 450 |
if (strlen($hex) == 1) {
|
|
| 451 |
$hex = '0' . $hex; |
|
| 452 |
} |
|
| 453 |
$string = str_replace($char, '\\' . $hex, $string); |
|
| 441 | 454 |
} |
| 455 |
} |
|
| 456 |
return $string; |
|
| 457 |
} |
|
Formats disponibles : Unified diff
Weekly update of contrib modules