summaryrefslogtreecommitdiff
path: root/extlib
diff options
context:
space:
mode:
authorBrion Vibber <brion@status.net>2010-08-10 15:01:29 -0700
committerBrion Vibber <brion@status.net>2010-08-10 15:01:29 -0700
commit819d33210d298de74b64dc7ead79e9d9b223b12e (patch)
tree902d42087e633b96e12bef699f6c80e7342c9312 /extlib
parent8f071b2818e8321ea910df612016175f65093402 (diff)
parent08fc6053ec55e911b842fd05dafc5e0c99c4e992 (diff)
Merge branch '0.9.x' into tinymce
Diffstat (limited to 'extlib')
-rw-r--r--extlib/Auth/OpenID.php63
-rw-r--r--extlib/Auth/OpenID/AX.php23
-rw-r--r--extlib/Auth/OpenID/Association.php60
-rw-r--r--extlib/Auth/OpenID/BigMath.php31
-rw-r--r--extlib/Auth/OpenID/Consumer.php66
-rw-r--r--extlib/Auth/OpenID/CryptUtil.php5
-rw-r--r--extlib/Auth/OpenID/DatabaseConnection.php1
-rw-r--r--extlib/Auth/OpenID/DiffieHellman.php6
-rw-r--r--extlib/Auth/OpenID/Discover.php94
-rw-r--r--extlib/Auth/OpenID/DumbStore.php1
-rw-r--r--extlib/Auth/OpenID/Extension.php3
-rw-r--r--extlib/Auth/OpenID/FileStore.php6
-rw-r--r--extlib/Auth/OpenID/HMAC.php1
-rw-r--r--extlib/Auth/OpenID/Interface.php1
-rw-r--r--extlib/Auth/OpenID/KVForm.php5
-rw-r--r--extlib/Auth/OpenID/MemcachedStore.php1
-rw-r--r--extlib/Auth/OpenID/Message.php10
-rw-r--r--extlib/Auth/OpenID/MySQLStore.php1
-rw-r--r--extlib/Auth/OpenID/Nonce.php1
-rw-r--r--extlib/Auth/OpenID/PAPE.php11
-rw-r--r--extlib/Auth/OpenID/Parse.php37
-rw-r--r--extlib/Auth/OpenID/PostgreSQLStore.php1
-rw-r--r--extlib/Auth/OpenID/SQLStore.php18
-rw-r--r--extlib/Auth/OpenID/SQLiteStore.php1
-rw-r--r--extlib/Auth/OpenID/SReg.php14
-rw-r--r--extlib/Auth/OpenID/Server.php95
-rw-r--r--extlib/Auth/OpenID/ServerRequest.php1
-rw-r--r--extlib/Auth/OpenID/TrustRoot.php21
-rw-r--r--extlib/Auth/OpenID/URINorm.php2
-rw-r--r--extlib/Auth/Yadis/HTTPFetcher.php33
-rw-r--r--extlib/Auth/Yadis/Manager.php20
-rw-r--r--extlib/Auth/Yadis/Misc.php1
-rw-r--r--extlib/Auth/Yadis/ParanoidHTTPFetcher.php29
-rw-r--r--extlib/Auth/Yadis/ParseHTML.php1
-rw-r--r--extlib/Auth/Yadis/PlainHTTPFetcher.php3
-rw-r--r--extlib/Auth/Yadis/XML.php56
-rw-r--r--extlib/Auth/Yadis/XRDS.php16
-rw-r--r--extlib/Auth/Yadis/XRI.php4
-rw-r--r--extlib/Auth/Yadis/XRIRes.php6
-rw-r--r--extlib/Auth/Yadis/Yadis.php20
-rw-r--r--extlib/Net/IDNA.php100
-rw-r--r--extlib/Net/IDNA/php5.php3269
-rw-r--r--extlib/Net/LDAP2.php1791
-rw-r--r--extlib/Net/LDAP2/Entry.php1055
-rw-r--r--extlib/Net/LDAP2/Filter.php514
-rw-r--r--extlib/Net/LDAP2/LDIF.php922
-rw-r--r--extlib/Net/LDAP2/RootDSE.php240
-rw-r--r--extlib/Net/LDAP2/Schema.php516
-rw-r--r--extlib/Net/LDAP2/SchemaCache.interface.php59
-rw-r--r--extlib/Net/LDAP2/Search.php614
-rw-r--r--extlib/Net/LDAP2/SimpleFileSchemaCache.php97
-rw-r--r--extlib/Net/LDAP2/Util.php572
-rw-r--r--extlib/OAuth.php18
-rw-r--r--extlib/XMPPHP/XMPP.php4
-rwxr-xr-xextlib/libomb/base_url_xrds_mapper.php75
-rw-r--r--extlib/libomb/constants.php15
-rwxr-xr-xextlib/libomb/datastore.php330
-rw-r--r--extlib/libomb/helper.php145
-rwxr-xr-xextlib/libomb/invalidparameterexception.php44
-rwxr-xr-xextlib/libomb/invalidyadisexception.php26
-rwxr-xr-xextlib/libomb/notice.php472
-rwxr-xr-xextlib/libomb/omb_yadis_xrds.php349
-rwxr-xr-xextlib/libomb/plain_xrds_writer.php128
-rwxr-xr-xextlib/libomb/profile.php546
-rwxr-xr-xextlib/libomb/remoteserviceexception.php71
-rwxr-xr-xextlib/libomb/service_consumer.php815
-rwxr-xr-xextlib/libomb/service_provider.php798
-rwxr-xr-xextlib/libomb/unsupportedserviceexception.php25
-rwxr-xr-xextlib/libomb/xrds_mapper.php38
-rwxr-xr-xextlib/libomb/xrds_writer.php37
70 files changed, 5919 insertions, 8535 deletions
diff --git a/extlib/Auth/OpenID.php b/extlib/Auth/OpenID.php
index db6164256..c9d977962 100644
--- a/extlib/Auth/OpenID.php
+++ b/extlib/Auth/OpenID.php
@@ -20,7 +20,7 @@
/**
* The library version string
*/
-define('Auth_OpenID_VERSION', '2.1.3');
+define('Auth_OpenID_VERSION', '2.2.2');
/**
* Require the fetcher code.
@@ -102,9 +102,7 @@ define('Auth_OpenID_digits',
define('Auth_OpenID_punct',
"!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~");
-if (Auth_OpenID_getMathLib() === null) {
- Auth_OpenID_setNoMathSupport();
-}
+Auth_OpenID_include_init();
/**
* The OpenID utility function class.
@@ -120,7 +118,7 @@ class Auth_OpenID {
*
* @access private
*/
- function isFailure($thing)
+ static function isFailure($thing)
{
return is_a($thing, 'Auth_OpenID_FailureResponse');
}
@@ -139,9 +137,12 @@ class Auth_OpenID {
* Returns an empty array if neither GET nor POST was used, or if
* POST was used but php://input cannot be opened.
*
+ * See background:
+ * http://lists.openidenabled.com/pipermail/dev/2007-March/000395.html
+ *
* @access private
*/
- function getQuery($query_str=null)
+ static function getQuery($query_str=null)
{
$data = array();
@@ -177,7 +178,7 @@ class Auth_OpenID {
return $data;
}
- function params_from_string($str)
+ static function params_from_string($str)
{
$chunks = explode("&", $str);
@@ -190,7 +191,7 @@ class Auth_OpenID {
}
list($k, $v) = $parts;
- $data[$k] = urldecode($v);
+ $data[urldecode($k)] = urldecode($v);
}
return $data;
@@ -203,7 +204,7 @@ class Auth_OpenID {
*
* @access private
*/
- function ensureDir($dir_name)
+ static function ensureDir($dir_name)
{
if (is_dir($dir_name) || @mkdir($dir_name)) {
return true;
@@ -225,7 +226,7 @@ class Auth_OpenID {
*
* @access private
*/
- function addPrefix($values, $prefix)
+ static function addPrefix($values, $prefix)
{
$new_values = array();
foreach ($values as $s) {
@@ -241,7 +242,7 @@ class Auth_OpenID {
*
* @access private
*/
- function arrayGet($arr, $key, $fallback = null)
+ static function arrayGet($arr, $key, $fallback = null)
{
if (is_array($arr)) {
if (array_key_exists($key, $arr)) {
@@ -261,7 +262,7 @@ class Auth_OpenID {
/**
* Replacement for PHP's broken parse_str.
*/
- function parse_str($query)
+ static function parse_str($query)
{
if ($query === null) {
return null;
@@ -278,7 +279,7 @@ class Auth_OpenID {
}
list($key, $value) = $pair;
- $new_parts[$key] = urldecode($value);
+ $new_parts[urldecode($key)] = urldecode($value);
}
return $new_parts;
@@ -295,7 +296,7 @@ class Auth_OpenID {
* pairs from $data into a URL query string
* (e.g. "username=bob&id=56").
*/
- function httpBuildQuery($data)
+ static function httpBuildQuery($data)
{
$pairs = array();
foreach ($data as $key => $value) {
@@ -323,7 +324,7 @@ class Auth_OpenID {
* @return string $url The original URL with the new parameters added.
*
*/
- function appendArgs($url, $args)
+ static function appendArgs($url, $args)
{
if (count($args) == 0) {
return $url;
@@ -367,7 +368,7 @@ class Auth_OpenID {
* @return string $url The URL resulting from assembling the
* specified components.
*/
- function urlunparse($scheme, $host, $port = null, $path = '/',
+ static function urlunparse($scheme, $host, $port = null, $path = '/',
$query = '', $fragment = '')
{
@@ -412,7 +413,7 @@ class Auth_OpenID {
* @return mixed $new_url The URL after normalization, or null if
* $url was malformed.
*/
- function normalizeUrl($url)
+ static function normalizeUrl($url)
{
@$parsed = parse_url($url);
@@ -443,7 +444,7 @@ class Auth_OpenID {
*
* @access private
*/
- function intval($value)
+ static function intval($value)
{
$re = "/^\\d+$/";
@@ -461,7 +462,7 @@ class Auth_OpenID {
* @param string $str The string of bytes to count.
* @return int The number of bytes in $str.
*/
- function bytes($str)
+ static function bytes($str)
{
return strlen(bin2hex($str)) / 2;
}
@@ -470,7 +471,7 @@ class Auth_OpenID {
* Get the bytes in a string independently of multibyte support
* conditions.
*/
- function toBytes($str)
+ static function toBytes($str)
{
$hex = bin2hex($str);
@@ -486,7 +487,7 @@ class Auth_OpenID {
return $b;
}
- function urldefrag($url)
+ static function urldefrag($url)
{
$parts = explode("#", $url, 2);
@@ -497,7 +498,7 @@ class Auth_OpenID {
}
}
- function filter($callback, &$sequence)
+ static function filter($callback, &$sequence)
{
$result = array();
@@ -510,7 +511,7 @@ class Auth_OpenID {
return $result;
}
- function update(&$dest, &$src)
+ static function update(&$dest, &$src)
{
foreach ($src as $k => $v) {
$dest[$k] = $v;
@@ -524,14 +525,14 @@ class Auth_OpenID {
*
* @param string $format_string The sprintf format for the message
*/
- function log($format_string)
+ static function log($format_string)
{
$args = func_get_args();
$message = call_user_func_array('sprintf', $args);
error_log($message);
}
- function autoSubmitHTML($form, $title="OpenId transaction in progress")
+ static function autoSubmitHTML($form, $title="OpenId transaction in progress")
{
return("<html>".
"<head><title>".
@@ -549,4 +550,14 @@ class Auth_OpenID {
"</html>");
}
}
-?>
+
+/*
+ * Function to run when this file is included.
+ * Abstracted to a function to make life easier
+ * for some PHP optimizers.
+ */
+function Auth_OpenID_include_init() {
+ if (Auth_OpenID_getMathLib() === null) {
+ Auth_OpenID_setNoMathSupport();
+ }
+}
diff --git a/extlib/Auth/OpenID/AX.php b/extlib/Auth/OpenID/AX.php
index 4a617ae30..7370715e3 100644
--- a/extlib/Auth/OpenID/AX.php
+++ b/extlib/Auth/OpenID/AX.php
@@ -38,7 +38,7 @@ class Auth_OpenID_AX {
* @return bool true if $thing is an Auth_OpenID_AX_Error; false
* if not.
*/
- function isError($thing)
+ static function isError($thing)
{
return is_a($thing, 'Auth_OpenID_AX_Error');
}
@@ -191,7 +191,7 @@ class Auth_OpenID_AX_AttrInfo {
* Construct an attribute information object. For parameter
* details, see the constructor.
*/
- function make($type_uri, $count=1, $required=false,
+ static function make($type_uri, $count=1, $required=false,
$alias=null)
{
if ($alias !== null) {
@@ -235,7 +235,7 @@ class Auth_OpenID_AX_AttrInfo {
* return null If an alias is present in the list of aliases but
* is not present in the namespace map.
*/
-function Auth_OpenID_AX_toTypeURIs(&$namespace_map, $alias_list_s)
+function Auth_OpenID_AX_toTypeURIs($namespace_map, $alias_list_s)
{
$uris = array();
@@ -386,7 +386,7 @@ class Auth_OpenID_AX_FetchRequest extends Auth_OpenID_AX_Message {
* Auth_OpenID_AX_FetchRequest extracted from the request message if
* successful
*/
- function &fromOpenIDRequest($request)
+ static function fromOpenIDRequest($request)
{
$m = $request->message;
$obj = new Auth_OpenID_AX_FetchRequest();
@@ -484,7 +484,7 @@ class Auth_OpenID_AX_FetchRequest extends Auth_OpenID_AX_Message {
Auth_OpenID::arrayGet($ax_args, 'required'));
foreach ($required as $type_uri) {
- $attrib =& $this->requested_attributes[$type_uri];
+ $attrib = $this->requested_attributes[$type_uri];
$attrib->required = true;
}
@@ -587,7 +587,7 @@ class Auth_OpenID_AX_KeyValueMessage extends Auth_OpenID_AX_Message {
*
* @access private
*/
- function _getExtensionKVArgs(&$aliases)
+ function _getExtensionKVArgs($aliases)
{
if ($aliases === null) {
$aliases = new Auth_OpenID_NamespaceMap();
@@ -652,7 +652,7 @@ class Auth_OpenID_AX_KeyValueMessage extends Auth_OpenID_AX_Message {
foreach ($aliases->iteritems() as $pair) {
list($type_uri, $alias) = $pair;
- if (array_key_exists('count.' . $alias, $ax_args)) {
+ if (array_key_exists('count.' . $alias, $ax_args) && ($ax_args['count.' . $alias] !== Auth_OpenID_AX_UNLIMITED_VALUES)) {
$count_key = 'count.' . $alias;
$count_s = $ax_args[$count_key];
@@ -888,7 +888,7 @@ class Auth_OpenID_AX_FetchResponse extends Auth_OpenID_AX_KeyValueMessage {
$ax_args['update_url'] = $update_url;
}
- Auth_OpenID::update(&$ax_args, $kv_args);
+ Auth_OpenID::update($ax_args, $kv_args);
return $ax_args;
}
@@ -922,7 +922,7 @@ class Auth_OpenID_AX_FetchResponse extends Auth_OpenID_AX_KeyValueMessage {
* @return $response A FetchResponse containing the data from the
* OpenID message
*/
- function fromSuccessResponse($success_response, $signed=true)
+ static function fromSuccessResponse($success_response, $signed=true)
{
$obj = new Auth_OpenID_AX_FetchResponse();
if ($signed) {
@@ -960,7 +960,7 @@ class Auth_OpenID_AX_StoreRequest extends Auth_OpenID_AX_KeyValueMessage {
{
$ax_args = $this->_newArgs();
$kv_args = $this->_getExtensionKVArgs($aliases);
- Auth_OpenID::update(&$ax_args, $kv_args);
+ Auth_OpenID::update($ax_args, $kv_args);
return $ax_args;
}
}
@@ -980,7 +980,7 @@ class Auth_OpenID_AX_StoreResponse extends Auth_OpenID_AX_Message {
* Returns Auth_OpenID_AX_Error on error or an
* Auth_OpenID_AX_StoreResponse object on success.
*/
- function &make($succeeded=true, $error_message=null)
+ function make($succeeded=true, $error_message=null)
{
if (($succeeded) && ($error_message !== null)) {
return new Auth_OpenID_AX_Error('An error message may only be '.
@@ -1020,4 +1020,3 @@ class Auth_OpenID_AX_StoreResponse extends Auth_OpenID_AX_Message {
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/OpenID/Association.php b/extlib/Auth/OpenID/Association.php
index 37ce0cbf4..7fdf399a3 100644
--- a/extlib/Auth/OpenID/Association.php
+++ b/extlib/Auth/OpenID/Association.php
@@ -94,7 +94,7 @@ class Auth_OpenID_Association {
* @return association An {@link Auth_OpenID_Association}
* instance.
*/
- function fromExpiresIn($expires_in, $handle, $secret, $assoc_type)
+ static function fromExpiresIn($expires_in, $handle, $secret, $assoc_type)
{
$issued = time();
$lifetime = $expires_in;
@@ -132,7 +132,7 @@ class Auth_OpenID_Association {
$handle, $secret, $issued, $lifetime, $assoc_type)
{
if (!in_array($assoc_type,
- Auth_OpenID_getSupportedAssociationTypes())) {
+ Auth_OpenID_getSupportedAssociationTypes(), true)) {
$fmt = 'Unsupported association type (%s)';
trigger_error(sprintf($fmt, $assoc_type), E_USER_ERROR);
}
@@ -206,7 +206,7 @@ class Auth_OpenID_Association {
* @param string $assoc_s Association as serialized by serialize()
* @return Auth_OpenID_Association $result instance of this class
*/
- function deserialize($class_name, $assoc_s)
+ static function deserialize($class_name, $assoc_s)
{
$pairs = Auth_OpenID_KVForm::toArray($assoc_s, $strict = true);
$keys = array();
@@ -327,7 +327,7 @@ class Auth_OpenID_Association {
*
* @access private
*/
- function _makePairs(&$message)
+ function _makePairs($message)
{
$signed = $message->getArg(Auth_OpenID_OPENID_NS, 'signed');
if (!$signed || Auth_OpenID::isFailure($signed)) {
@@ -352,7 +352,7 @@ class Auth_OpenID_Association {
*
* @access private
*/
- function getMessageSignature(&$message)
+ function getMessageSignature($message)
{
$pairs = $this->_makePairs($message);
return base64_encode($this->sign($pairs));
@@ -364,7 +364,7 @@ class Auth_OpenID_Association {
*
* @access private
*/
- function checkMessageSignature(&$message)
+ function checkMessageSignature($message)
{
$sig = $message->getArg(Auth_OpenID_OPENID_NS,
'sig');
@@ -374,7 +374,42 @@ class Auth_OpenID_Association {
}
$calculated_sig = $this->getMessageSignature($message);
- return $calculated_sig == $sig;
+
+ return $this->constantTimeCompare($calculated_sig, $sig);
+ }
+
+ /**
+ * String comparison function which will complete in a constant time
+ * for strings of any given matching length, to help prevent an attacker
+ * from distinguishing how much of a signature token they have guessed
+ * correctly.
+ *
+ * For this usage, it's assumed that the length of the string is known,
+ * so we may safely short-circuit on mismatched lengths which will be known
+ * to be invalid by the attacker.
+ *
+ * http://lists.openid.net/pipermail/openid-security/2010-July/001156.html
+ * http://rdist.root.org/2010/01/07/timing-independent-array-comparison/
+ */
+ private function constantTimeCompare($a, $b)
+ {
+ $len = strlen($a);
+ if (strlen($b) !== $len) {
+ // Short-circuit on length mismatch; attackers will already know
+ // the correct target length so this is safe.
+ return false;
+ }
+ if ($len == 0) {
+ // 0-length valid input shouldn't really happen. :)
+ return true;
+ }
+ $result = 0;
+ for ($i = 0; $i < strlen($a); $i++) {
+ // We use scary bitwise operations to avoid logical short-circuits
+ // in lower-level code.
+ $result |= ord($a{$i}) ^ ord($b{$i});
+ }
+ return ($result == 0);
}
}
@@ -469,18 +504,16 @@ function Auth_OpenID_getOnlyEncryptedOrder()
return $result;
}
-function &Auth_OpenID_getDefaultNegotiator()
+function Auth_OpenID_getDefaultNegotiator()
{
- $x = new Auth_OpenID_SessionNegotiator(
+ return new Auth_OpenID_SessionNegotiator(
Auth_OpenID_getDefaultAssociationOrder());
- return $x;
}
-function &Auth_OpenID_getEncryptedNegotiator()
+function Auth_OpenID_getEncryptedNegotiator()
{
- $x = new Auth_OpenID_SessionNegotiator(
+ return new Auth_OpenID_SessionNegotiator(
Auth_OpenID_getOnlyEncryptedOrder());
- return $x;
}
/**
@@ -610,4 +643,3 @@ class Auth_OpenID_SessionNegotiator {
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/OpenID/BigMath.php b/extlib/Auth/OpenID/BigMath.php
index 45104947d..7fca2dc43 100644
--- a/extlib/Auth/OpenID/BigMath.php
+++ b/extlib/Auth/OpenID/BigMath.php
@@ -351,8 +351,7 @@ function Auth_OpenID_math_extensions()
'class' => 'Auth_OpenID_GmpMathWrapper');
}
- $result[] = array(
- 'modules' => array('bcmath', 'php_bcmath'),
+ $result[] = array('modules' => array('bcmath', 'php_bcmath'),
'extension' => 'bcmath',
'class' => 'Auth_OpenID_BcMathWrapper');
@@ -366,27 +365,9 @@ function Auth_OpenID_detectMathLibrary($exts)
{
$loaded = false;
+ $hasDl = function_exists('dl');
foreach ($exts as $extension) {
- // See if the extension specified is already loaded.
- if ($extension['extension'] &&
- extension_loaded($extension['extension'])) {
- $loaded = true;
- }
-
- // Try to load dynamic modules.
- if (!$loaded) {
- foreach ($extension['modules'] as $module) {
- if (@dl($module . "." . PHP_SHLIB_SUFFIX)) {
- $loaded = true;
- break;
- }
- }
- }
-
- // If the load succeeded, supply an instance of
- // Auth_OpenID_MathWrapper which wraps the specified
- // module's functionality.
- if ($loaded) {
+ if (extension_loaded($extension['extension'])) {
return $extension;
}
}
@@ -405,7 +386,7 @@ function Auth_OpenID_detectMathLibrary($exts)
* instance of a wrapper for that extension module. If no extension
* module is found, an instance of {@link Auth_OpenID_MathWrapper} is
* returned, which wraps the native PHP integer implementation. The
- * proper calling convention for this method is $lib =&
+ * proper calling convention for this method is $lib =
* Auth_OpenID_getMathLib().
*
* This function checks for the existence of specific long number
@@ -416,7 +397,7 @@ function Auth_OpenID_detectMathLibrary($exts)
*
* @package OpenID
*/
-function &Auth_OpenID_getMathLib()
+function Auth_OpenID_getMathLib()
{
// The instance of Auth_OpenID_MathWrapper that we choose to
// supply will be stored here, so that subseqent calls to this
@@ -468,4 +449,4 @@ function Auth_OpenID_noMathSupport()
return defined('Auth_OpenID_NO_MATH_SUPPORT');
}
-?>
+
diff --git a/extlib/Auth/OpenID/Consumer.php b/extlib/Auth/OpenID/Consumer.php
index 500890b65..021c03898 100644
--- a/extlib/Auth/OpenID/Consumer.php
+++ b/extlib/Auth/OpenID/Consumer.php
@@ -258,19 +258,19 @@ class Auth_OpenID_Consumer {
* when creating the internal consumer object. This is used for
* testing.
*/
- function Auth_OpenID_Consumer(&$store, $session = null,
+ function Auth_OpenID_Consumer($store, $session = null,
$consumer_cls = null)
{
if ($session === null) {
$session = new Auth_Yadis_PHPSession();
}
- $this->session =& $session;
+ $this->session = $session;
if ($consumer_cls !== null) {
- $this->consumer =& new $consumer_cls($store);
+ $this->consumer = new $consumer_cls($store);
} else {
- $this->consumer =& new Auth_OpenID_GenericConsumer($store);
+ $this->consumer = new Auth_OpenID_GenericConsumer($store);
}
$this->_token_key = $this->session_key_prefix . $this->_token_suffix;
@@ -281,7 +281,7 @@ class Auth_OpenID_Consumer {
*
* @access private
*/
- function getDiscoveryObject(&$session, $openid_url,
+ function getDiscoveryObject($session, $openid_url,
$session_key_prefix)
{
return new Auth_Yadis_Discovery($session, $openid_url,
@@ -339,7 +339,7 @@ class Auth_OpenID_Consumer {
$this->consumer->fetcher);
// Reset the 'stale' attribute of the manager.
- $m =& $disco->getManager();
+ $m = $disco->getManager();
if ($m) {
$m->stale = false;
$disco->session->set($disco->session_key,
@@ -370,7 +370,7 @@ class Auth_OpenID_Consumer {
* @return Auth_OpenID_AuthRequest $auth_request An OpenID
* authentication request object.
*/
- function &beginWithoutDiscovery($endpoint, $anonymous=false)
+ function beginWithoutDiscovery($endpoint, $anonymous=false)
{
$loader = new Auth_OpenID_ServiceEndpointLoader();
$auth_req = $this->consumer->begin($endpoint);
@@ -467,7 +467,7 @@ class Auth_OpenID_DiffieHellmanSHA1ConsumerSession {
function getRequest()
{
- $math =& Auth_OpenID_getMathLib();
+ $math = Auth_OpenID_getMathLib();
$cpub = $math->longToBase64($this->dh->public);
@@ -496,7 +496,7 @@ class Auth_OpenID_DiffieHellmanSHA1ConsumerSession {
return null;
}
- $math =& Auth_OpenID_getMathLib();
+ $math = Auth_OpenID_getMathLib();
$spub = $math->base64ToLong($response->getArg(Auth_OpenID_OPENID_NS,
'dh_server_public'));
@@ -611,11 +611,11 @@ class Auth_OpenID_GenericConsumer {
* in the module description. The default value is False, which
* disables immediate mode.
*/
- function Auth_OpenID_GenericConsumer(&$store)
+ function Auth_OpenID_GenericConsumer($store)
{
- $this->store =& $store;
- $this->negotiator =& Auth_OpenID_getDefaultNegotiator();
- $this->_use_assocs = ($this->store ? true : false);
+ $this->store = $store;
+ $this->negotiator = Auth_OpenID_getDefaultNegotiator();
+ $this->_use_assocs = (is_null($this->store) ? false : true);
$this->fetcher = Auth_Yadis_Yadis::getHTTPFetcher();
@@ -665,14 +665,14 @@ class Auth_OpenID_GenericConsumer {
$method = Auth_OpenID::arrayGet($mode_methods, $mode,
'_completeInvalid');
- return call_user_func_array(array(&$this, $method),
- array($message, $endpoint, $return_to));
+ return call_user_func_array(array($this, $method),
+ array($message, &$endpoint, $return_to));
}
/**
* @access private
*/
- function _completeInvalid($message, &$endpoint, $unused)
+ function _completeInvalid($message, $endpoint, $unused)
{
$mode = $message->getArg(Auth_OpenID_OPENID_NS, 'mode',
'<No mode set>');
@@ -684,7 +684,7 @@ class Auth_OpenID_GenericConsumer {
/**
* @access private
*/
- function _complete_cancel($message, &$endpoint, $unused)
+ function _complete_cancel($message, $endpoint, $unused)
{
return new Auth_OpenID_CancelResponse($endpoint);
}
@@ -692,7 +692,7 @@ class Auth_OpenID_GenericConsumer {
/**
* @access private
*/
- function _complete_error($message, &$endpoint, $unused)
+ function _complete_error($message, $endpoint, $unused)
{
$error = $message->getArg(Auth_OpenID_OPENID_NS, 'error');
$contact = $message->getArg(Auth_OpenID_OPENID_NS, 'contact');
@@ -705,7 +705,7 @@ class Auth_OpenID_GenericConsumer {
/**
* @access private
*/
- function _complete_setup_needed($message, &$endpoint, $unused)
+ function _complete_setup_needed($message, $endpoint, $unused)
{
if (!$message->isOpenID2()) {
return $this->_completeInvalid($message, $endpoint);
@@ -719,7 +719,7 @@ class Auth_OpenID_GenericConsumer {
/**
* @access private
*/
- function _complete_id_res($message, &$endpoint, $return_to)
+ function _complete_id_res($message, $endpoint, $return_to)
{
$user_setup_url = $message->getArg(Auth_OpenID_OPENID1_NS,
'user_setup_url');
@@ -1181,7 +1181,7 @@ class Auth_OpenID_GenericConsumer {
// oidutil.log('Performing discovery on %s' % (claimed_id,))
list($unused, $services) = call_user_func($this->discoverMethod,
$claimed_id,
- $this->fetcher);
+ &$this->fetcher);
if (!$services) {
return new Auth_OpenID_FailureResponse(null,
@@ -1197,7 +1197,7 @@ class Auth_OpenID_GenericConsumer {
* @access private
*/
function _verifyDiscoveryServices($claimed_id,
- &$services, &$to_match_endpoints)
+ $services, $to_match_endpoints)
{
// Search the services resulting from discovery to find one
// that matches the information from the assertion
@@ -1216,8 +1216,8 @@ class Auth_OpenID_GenericConsumer {
}
return new Auth_OpenID_FailureResponse(null,
- sprintf('No matching endpoint found after discovering %s',
- $claimed_id));
+ sprintf('No matching endpoint found after discovering %s: %s',
+ $claimed_id, $result->message));
}
/**
@@ -1397,7 +1397,7 @@ class Auth_OpenID_GenericConsumer {
*
* @access private
*/
- function _httpResponseToMessage($response, $server_url)
+ static function _httpResponseToMessage($response, $server_url)
{
// Should this function be named Message.fromHTTPResponse instead?
$response_message = Auth_OpenID_Message::fromKVForm($response->body);
@@ -1461,7 +1461,7 @@ class Auth_OpenID_GenericConsumer {
*
* @access private
*/
- function _extractSupportedAssociationType(&$server_error, &$endpoint,
+ function _extractSupportedAssociationType($server_error, $endpoint,
$assoc_type)
{
// Any error message whose code is not 'unsupported-type'
@@ -1566,7 +1566,7 @@ class Auth_OpenID_GenericConsumer {
/**
* @access private
*/
- function _extractAssociation(&$assoc_response, &$assoc_session)
+ function _extractAssociation($assoc_response, $assoc_session)
{
// Extract the common fields from the response, raising an
// exception if they are not found
@@ -1748,10 +1748,10 @@ class Auth_OpenID_AuthRequest {
* class. Instances of this class are created by the library when
* needed.
*/
- function Auth_OpenID_AuthRequest(&$endpoint, $assoc)
+ function Auth_OpenID_AuthRequest($endpoint, $assoc)
{
$this->assoc = $assoc;
- $this->endpoint =& $endpoint;
+ $this->endpoint = $endpoint;
$this->return_to_args = array();
$this->message = new Auth_OpenID_Message(
$endpoint->preferredNamespace());
@@ -1764,7 +1764,7 @@ class Auth_OpenID_AuthRequest {
* $extension_request: An object that implements the extension
* request interface for adding arguments to an OpenID message.
*/
- function addExtension(&$extension_request)
+ function addExtension($extension_request)
{
$extension_request->toMessage($this->message);
}
@@ -2089,7 +2089,7 @@ class Auth_OpenID_SuccessResponse extends Auth_OpenID_ConsumerResponse {
foreach ($msg_args as $key => $value) {
if (!$this->isSigned($ns_uri, $key)) {
- return null;
+ unset($msg_args[$key]);
}
}
@@ -2167,7 +2167,7 @@ class Auth_OpenID_ServerErrorContainer {
/**
* @access private
*/
- function fromMessage($message)
+ static function fromMessage($message)
{
$error_text = $message->getArg(
Auth_OpenID_OPENID_NS, 'error', '<no error message supplied>');
@@ -2227,4 +2227,4 @@ class Auth_OpenID_SetupNeededResponse extends Auth_OpenID_ConsumerResponse {
}
}
-?>
+
diff --git a/extlib/Auth/OpenID/CryptUtil.php b/extlib/Auth/OpenID/CryptUtil.php
index aacc3cd39..a92626777 100644
--- a/extlib/Auth/OpenID/CryptUtil.php
+++ b/extlib/Auth/OpenID/CryptUtil.php
@@ -37,7 +37,7 @@ class Auth_OpenID_CryptUtil {
* @param int $num_bytes The length of the return value
* @return string $bytes random bytes
*/
- function getBytes($num_bytes)
+ static function getBytes($num_bytes)
{
static $f = null;
$bytes = '';
@@ -77,7 +77,7 @@ class Auth_OpenID_CryptUtil {
* @return string $result A string of randomly-chosen characters
* from $chrs
*/
- function randomString($length, $population = null)
+ static function randomString($length, $population = null)
{
if ($population === null) {
return Auth_OpenID_CryptUtil::getBytes($length);
@@ -106,4 +106,3 @@ class Auth_OpenID_CryptUtil {
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/OpenID/DatabaseConnection.php b/extlib/Auth/OpenID/DatabaseConnection.php
index 9db6e0eb3..0c7d08f91 100644
--- a/extlib/Auth/OpenID/DatabaseConnection.php
+++ b/extlib/Auth/OpenID/DatabaseConnection.php
@@ -128,4 +128,3 @@ class Auth_OpenID_DatabaseConnection {
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/OpenID/DiffieHellman.php b/extlib/Auth/OpenID/DiffieHellman.php
index f4ded7eba..3e25b7dbb 100644
--- a/extlib/Auth/OpenID/DiffieHellman.php
+++ b/extlib/Auth/OpenID/DiffieHellman.php
@@ -51,9 +51,9 @@ class Auth_OpenID_DiffieHellman {
$private = null, $lib = null)
{
if ($lib === null) {
- $this->lib =& Auth_OpenID_getMathLib();
+ $this->lib = Auth_OpenID_getMathLib();
} else {
- $this->lib =& $lib;
+ $this->lib = $lib;
}
if ($mod === null) {
@@ -110,4 +110,4 @@ class Auth_OpenID_DiffieHellman {
}
}
-?>
+
diff --git a/extlib/Auth/OpenID/Discover.php b/extlib/Auth/OpenID/Discover.php
index 62aeb1d2b..7b0c640c5 100644
--- a/extlib/Auth/OpenID/Discover.php
+++ b/extlib/Auth/OpenID/Discover.php
@@ -28,8 +28,34 @@ function Auth_OpenID_getOpenIDTypeURIs()
Auth_OpenID_TYPE_2_0,
Auth_OpenID_TYPE_1_2,
Auth_OpenID_TYPE_1_1,
- Auth_OpenID_TYPE_1_0,
- Auth_OpenID_RP_RETURN_TO_URL_TYPE);
+ Auth_OpenID_TYPE_1_0);
+}
+
+function Auth_OpenID_getOpenIDConsumerTypeURIs()
+{
+ return array(Auth_OpenID_RP_RETURN_TO_URL_TYPE);
+}
+
+
+/*
+ * Provides a user-readable interpretation of a type uri.
+ * Useful for error messages.
+ */
+function Auth_OpenID_getOpenIDTypeName($type_uri) {
+ switch ($type_uri) {
+ case Auth_OpenID_TYPE_2_0_IDP:
+ return 'OpenID 2.0 IDP';
+ case Auth_OpenID_TYPE_2_0:
+ return 'OpenID 2.0';
+ case Auth_OpenID_TYPE_1_2:
+ return 'OpenID 1.2';
+ case Auth_OpenID_TYPE_1_1:
+ return 'OpenID 1.1';
+ case Auth_OpenID_TYPE_1_0:
+ return 'OpenID 1.0';
+ case Auth_OpenID_RP_RETURN_TO_URL_TYPE:
+ return 'OpenID relying party';
+ }
}
/**
@@ -124,7 +150,7 @@ class Auth_OpenID_ServiceEndpoint {
return in_array(Auth_OpenID_TYPE_2_0_IDP, $this->type_uris);
}
- function fromOPEndpointURL($op_endpoint_url)
+ static function fromOPEndpointURL($op_endpoint_url)
{
// Construct an OP-Identifier OpenIDServiceEndpoint object for
// a given OP Endpoint URL
@@ -172,17 +198,36 @@ class Auth_OpenID_ServiceEndpoint {
}
/*
- * Parse the given document as XRDS looking for OpenID services.
+ * Parse the given document as XRDS looking for OpenID consumer services.
*
* @return array of Auth_OpenID_ServiceEndpoint or null if the
* document cannot be parsed.
*/
- function fromXRDS($uri, $xrds_text)
+ function consumerFromXRDS($uri, $xrds_text)
{
$xrds =& Auth_Yadis_XRDS::parseXRDS($xrds_text);
if ($xrds) {
$yadis_services =
+ $xrds->services(array('filter_MatchesAnyOpenIDConsumerType'));
+ return Auth_OpenID_makeOpenIDEndpoints($uri, $yadis_services);
+ }
+
+ return null;
+ }
+
+ /*
+ * Parse the given document as XRDS looking for OpenID services.
+ *
+ * @return array of Auth_OpenID_ServiceEndpoint or null if the
+ * document cannot be parsed.
+ */
+ static function fromXRDS($uri, $xrds_text)
+ {
+ $xrds = Auth_Yadis_XRDS::parseXRDS($xrds_text);
+
+ if ($xrds) {
+ $yadis_services =
$xrds->services(array('filter_MatchesAnyOpenIDType'));
return Auth_OpenID_makeOpenIDEndpoints($uri, $yadis_services);
}
@@ -197,7 +242,7 @@ class Auth_OpenID_ServiceEndpoint {
* @return array of Auth_OpenID_ServiceEndpoint or null if
* endpoints cannot be created.
*/
- function fromDiscoveryResult($discoveryResult)
+ static function fromDiscoveryResult($discoveryResult)
{
if ($discoveryResult->isXRDS()) {
return Auth_OpenID_ServiceEndpoint::fromXRDS(
@@ -210,7 +255,7 @@ class Auth_OpenID_ServiceEndpoint {
}
}
- function fromHTML($uri, $html)
+ static function fromHTML($uri, $html)
{
$discovery_types = array(
array(Auth_OpenID_TYPE_2_0,
@@ -273,7 +318,7 @@ function Auth_OpenID_findOPLocalIdentifier($service, $type_uris)
$service->parser->registerNamespace('xrd',
Auth_Yadis_XMLNS_XRD_2_0);
- $parser =& $service->parser;
+ $parser = $service->parser;
$permitted_tags = array();
@@ -305,7 +350,7 @@ function Auth_OpenID_findOPLocalIdentifier($service, $type_uris)
return $local_id;
}
-function filter_MatchesAnyOpenIDType(&$service)
+function filter_MatchesAnyOpenIDType($service)
{
$uris = $service->getTypes();
@@ -318,6 +363,19 @@ function filter_MatchesAnyOpenIDType(&$service)
return false;
}
+function filter_MatchesAnyOpenIDConsumerType(&$service)
+{
+ $uris = $service->getTypes();
+
+ foreach ($uris as $uri) {
+ if (in_array($uri, Auth_OpenID_getOpenIDConsumerTypeURIs())) {
+ return true;
+ }
+ }
+
+ return false;
+}
+
function Auth_OpenID_bestMatchingService($service, $preferred_types)
{
// Return the index of the first matching type, or something
@@ -415,7 +473,7 @@ function Auth_OpenID_makeOpenIDEndpoints($uri, $yadis_services)
return $s;
}
-function Auth_OpenID_discoverWithYadis($uri, &$fetcher,
+function Auth_OpenID_discoverWithYadis($uri, $fetcher,
$endpoint_filter='Auth_OpenID_getOPOrUserServices',
$discover_function=null)
{
@@ -433,12 +491,12 @@ function Auth_OpenID_discoverWithYadis($uri, &$fetcher,
$openid_services = array();
$response = call_user_func_array($discover_function,
- array($uri, &$fetcher));
+ array($uri, $fetcher));
$yadis_url = $response->normalized_uri;
$yadis_services = array();
- if ($response->isFailure()) {
+ if ($response->isFailure() && !$response->isXRDS()) {
return array($uri, array());
}
@@ -460,18 +518,18 @@ function Auth_OpenID_discoverWithYadis($uri, &$fetcher,
}
$openid_services = call_user_func_array($endpoint_filter,
- array(&$openid_services));
+ array($openid_services));
return array($yadis_url, $openid_services);
}
-function Auth_OpenID_discoverURI($uri, &$fetcher)
+function Auth_OpenID_discoverURI($uri, $fetcher)
{
$uri = Auth_OpenID::normalizeUrl($uri);
return Auth_OpenID_discoverWithYadis($uri, $fetcher);
}
-function Auth_OpenID_discoverWithoutYadis($uri, &$fetcher)
+function Auth_OpenID_discoverWithoutYadis($uri, $fetcher)
{
$http_resp = @$fetcher->get($uri);
@@ -490,7 +548,7 @@ function Auth_OpenID_discoverWithoutYadis($uri, &$fetcher)
return array($identity_url, $openid_services);
}
-function Auth_OpenID_discoverXRI($iname, &$fetcher)
+function Auth_OpenID_discoverXRI($iname, $fetcher)
{
$resolver = new Auth_Yadis_ProxyResolver($fetcher);
list($canonicalID, $yadis_services) =
@@ -513,7 +571,7 @@ function Auth_OpenID_discoverXRI($iname, &$fetcher)
return array($iname, $openid_services);
}
-function Auth_OpenID_discover($uri, &$fetcher)
+function Auth_OpenID_discover($uri, $fetcher)
{
// If the fetcher (i.e., PHP) doesn't support SSL, we can't do
// discovery on an HTTPS URL.
@@ -545,4 +603,4 @@ function Auth_OpenID_discover($uri, &$fetcher)
return $result;
}
-?>
+
diff --git a/extlib/Auth/OpenID/DumbStore.php b/extlib/Auth/OpenID/DumbStore.php
index 22fd2d366..e8f29ace5 100644
--- a/extlib/Auth/OpenID/DumbStore.php
+++ b/extlib/Auth/OpenID/DumbStore.php
@@ -97,4 +97,3 @@ class Auth_OpenID_DumbStore extends Auth_OpenID_OpenIDStore {
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/OpenID/Extension.php b/extlib/Auth/OpenID/Extension.php
index f362a4b38..c4e38c038 100644
--- a/extlib/Auth/OpenID/Extension.php
+++ b/extlib/Auth/OpenID/Extension.php
@@ -39,7 +39,7 @@ class Auth_OpenID_Extension {
*
* Returns the message with the extension arguments added.
*/
- function toMessage(&$message)
+ function toMessage($message)
{
$implicit = $message->isOpenID1();
$added = $message->namespaces->addAlias($this->ns_uri,
@@ -59,4 +59,3 @@ class Auth_OpenID_Extension {
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/OpenID/FileStore.php b/extlib/Auth/OpenID/FileStore.php
index 29d8d20e7..074421a0b 100644
--- a/extlib/Auth/OpenID/FileStore.php
+++ b/extlib/Auth/OpenID/FileStore.php
@@ -367,7 +367,7 @@ class Auth_OpenID_FileStore extends Auth_OpenID_OpenIDStore {
}
if ( abs($timestamp - time()) > $Auth_OpenID_SKEW ) {
- return False;
+ return false;
}
if ($server_url) {
@@ -519,7 +519,7 @@ class Auth_OpenID_FileStore extends Auth_OpenID_OpenIDStore {
/**
* @access private
*/
- function _mkdtemp($dir)
+ static function _mkdtemp($dir)
{
foreach (range(0, 4) as $i) {
$name = $dir . strval(DIRECTORY_SEPARATOR) . strval(getmypid()) .
@@ -615,4 +615,4 @@ class Auth_OpenID_FileStore extends Auth_OpenID_OpenIDStore {
}
}
-?>
+
diff --git a/extlib/Auth/OpenID/HMAC.php b/extlib/Auth/OpenID/HMAC.php
index ec42db8df..e9779bd4e 100644
--- a/extlib/Auth/OpenID/HMAC.php
+++ b/extlib/Auth/OpenID/HMAC.php
@@ -96,4 +96,3 @@ if (function_exists('hash_hmac') &&
define('Auth_OpenID_HMACSHA256_SUPPORTED', false);
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/OpenID/Interface.php b/extlib/Auth/OpenID/Interface.php
index f4c6062f8..eca6b9c50 100644
--- a/extlib/Auth/OpenID/Interface.php
+++ b/extlib/Auth/OpenID/Interface.php
@@ -194,4 +194,3 @@ class Auth_OpenID_OpenIDStore {
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/OpenID/KVForm.php b/extlib/Auth/OpenID/KVForm.php
index fb342a001..dd02661d8 100644
--- a/extlib/Auth/OpenID/KVForm.php
+++ b/extlib/Auth/OpenID/KVForm.php
@@ -26,7 +26,7 @@ class Auth_OpenID_KVForm {
* @static
* @access private
*/
- function toArray($kvs, $strict=false)
+ static function toArray($kvs, $strict=false)
{
$lines = explode("\n", $kvs);
@@ -78,7 +78,7 @@ class Auth_OpenID_KVForm {
* @static
* @access private
*/
- function fromArray($values)
+ static function fromArray($values)
{
if ($values === null) {
return null;
@@ -109,4 +109,3 @@ class Auth_OpenID_KVForm {
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/OpenID/MemcachedStore.php b/extlib/Auth/OpenID/MemcachedStore.php
index d357c6b11..fc10800b1 100644
--- a/extlib/Auth/OpenID/MemcachedStore.php
+++ b/extlib/Auth/OpenID/MemcachedStore.php
@@ -205,4 +205,3 @@ class Auth_OpenID_MemcachedStore extends Auth_OpenID_OpenIDStore {
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/OpenID/Message.php b/extlib/Auth/OpenID/Message.php
index 5ab115a86..9aa1fa468 100644
--- a/extlib/Auth/OpenID/Message.php
+++ b/extlib/Auth/OpenID/Message.php
@@ -143,7 +143,7 @@ class Auth_OpenID_Mapping {
* Returns true if $thing is an Auth_OpenID_Mapping object; false
* if not.
*/
- function isA($thing)
+ static function isA($thing)
{
return (is_object($thing) &&
strtolower(get_class($thing)) == 'auth_openid_mapping');
@@ -442,7 +442,7 @@ class Auth_OpenID_Message {
return $this->getOpenIDNamespace() == Auth_OpenID_OPENID2_NS;
}
- function fromPostArgs($args)
+ static function fromPostArgs($args)
{
// Construct a Message containing a set of POST arguments
$obj = new Auth_OpenID_Message();
@@ -477,7 +477,7 @@ class Auth_OpenID_Message {
}
}
- function fromOpenIDArgs($openid_args)
+ static function fromOpenIDArgs($openid_args)
{
// Takes an array.
@@ -594,7 +594,7 @@ class Auth_OpenID_Message {
return $this->_openid_ns_uri;
}
- function fromKVForm($kvform_string)
+ static function fromKVForm($kvform_string)
{
// Create a Message from a KVForm string
return Auth_OpenID_Message::fromOpenIDArgs(
@@ -917,4 +917,4 @@ class Auth_OpenID_Message {
}
}
-?>
+
diff --git a/extlib/Auth/OpenID/MySQLStore.php b/extlib/Auth/OpenID/MySQLStore.php
index eb08af016..810f059f1 100644
--- a/extlib/Auth/OpenID/MySQLStore.php
+++ b/extlib/Auth/OpenID/MySQLStore.php
@@ -75,4 +75,3 @@ class Auth_OpenID_MySQLStore extends Auth_OpenID_SQLStore {
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/OpenID/Nonce.php b/extlib/Auth/OpenID/Nonce.php
index effecac38..b83c5911f 100644
--- a/extlib/Auth/OpenID/Nonce.php
+++ b/extlib/Auth/OpenID/Nonce.php
@@ -106,4 +106,3 @@ function Auth_OpenID_mkNonce($when = null)
return $time_str . $salt;
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/OpenID/PAPE.php b/extlib/Auth/OpenID/PAPE.php
index 62cba8a91..f08ca8bd0 100644
--- a/extlib/Auth/OpenID/PAPE.php
+++ b/extlib/Auth/OpenID/PAPE.php
@@ -21,7 +21,7 @@ define('PAPE_AUTH_PHISHING_RESISTANT',
'http://schemas.openid.net/pape/policies/2007/06/phishing-resistant');
define('PAPE_TIME_VALIDATOR',
- '^[0-9]{4,4}-[0-9][0-9]-[0-9][0-9]T[0-9][0-9]:[0-9][0-9]:[0-9][0-9]Z$');
+ '/^[0-9]{4,4}-[0-9][0-9]-[0-9][0-9]T[0-9][0-9]:[0-9][0-9]:[0-9][0-9]Z$/');
/**
* A Provider Authentication Policy request, sent from a relying party
* to a provider
@@ -82,7 +82,7 @@ class Auth_OpenID_PAPE_Request extends Auth_OpenID_Extension {
* Instantiate a Request object from the arguments in a checkid_*
* OpenID message
*/
- function fromOpenIDRequest($request)
+ static function fromOpenIDRequest($request)
{
$obj = new Auth_OpenID_PAPE_Request();
$args = $request->message->getArgs(Auth_OpenID_PAPE_NS_URI);
@@ -201,7 +201,7 @@ class Auth_OpenID_PAPE_Response extends Auth_OpenID_Extension {
* @returns: A provider authentication policy response from the
* data that was supplied with the id_res response.
*/
- function fromSuccessResponse($success_response)
+ static function fromSuccessResponse($success_response)
{
$obj = new Auth_OpenID_PAPE_Response();
@@ -262,7 +262,7 @@ class Auth_OpenID_PAPE_Response extends Auth_OpenID_Extension {
$auth_time = Auth_OpenID::arrayGet($args, 'auth_time');
if ($auth_time !== null) {
- if (ereg(PAPE_TIME_VALIDATOR, $auth_time)) {
+ if (preg_match(PAPE_TIME_VALIDATOR, $auth_time)) {
$this->auth_time = $auth_time;
} else if ($strict) {
return false;
@@ -287,7 +287,7 @@ class Auth_OpenID_PAPE_Response extends Auth_OpenID_Extension {
}
if ($this->auth_time !== null) {
- if (!ereg(PAPE_TIME_VALIDATOR, $this->auth_time)) {
+ if (!preg_match(PAPE_TIME_VALIDATOR, $this->auth_time)) {
return false;
}
@@ -298,4 +298,3 @@ class Auth_OpenID_PAPE_Response extends Auth_OpenID_Extension {
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/OpenID/Parse.php b/extlib/Auth/OpenID/Parse.php
index 546f34f6b..6c2e72169 100644
--- a/extlib/Auth/OpenID/Parse.php
+++ b/extlib/Auth/OpenID/Parse.php
@@ -101,7 +101,7 @@ class Auth_OpenID_Parse {
* Starts with the tag name at a word boundary, where the tag name
* is not a namespace
*/
- var $_tag_expr = "<%s\b(?!:)([^>]*?)(?:\/>|>(.*?)(?:<\/?%s\s*>|\Z))";
+ var $_tag_expr = "<%s\b(?!:)([^>]*?)(?:\/>|>(.*)(?:<\/?%s\s*>|\Z))";
var $_attr_find = '\b(\w+)=("[^"]*"|\'[^\']*\'|[^\'"\s\/<>]+)';
@@ -215,11 +215,31 @@ class Auth_OpenID_Parse {
return $str;
}
}
+
+ function match($regexp, $text, &$match)
+ {
+ if (!is_callable('mb_ereg_search_init')) {
+ return preg_match($regexp, $text, $match);
+ }
+
+ $regexp = substr($regexp, 1, strlen($regexp) - 2 - strlen($this->_re_flags));
+ mb_ereg_search_init($text);
+ if (!mb_ereg_search($regexp)) {
+ return false;
+ }
+ list($match) = mb_ereg_search_getregs();
+ return true;
+ }
/**
* Find all link tags in a string representing a HTML document and
* return a list of their attributes.
*
+ * @todo This is quite ineffective and may fail with the default
+ * pcre.backtrack_limit of 100000 in PHP 5.2, if $html is big.
+ * It should rather use stripos (in PHP5) or strpos()+strtoupper()
+ * in PHP4 to manage this.
+ *
* @param string $html The text to parse
* @return array $list An array of arrays of attributes, one for each
* link tag
@@ -244,18 +264,23 @@ class Auth_OpenID_Parse {
$stripped = substr($stripped, $html_begin,
$html_end - $html_begin);
+ // Workaround to prevent PREG_BACKTRACK_LIMIT_ERROR:
+ $old_btlimit = ini_set( 'pcre.backtrack_limit', -1 );
+
// Try to find the <HEAD> tag.
$head_re = $this->headFind();
- $head_matches = array();
- if (!preg_match($head_re, $stripped, $head_matches)) {
- return array();
+ $head_match = '';
+ if (!$this->match($head_re, $stripped, $head_match)) {
+ ini_set( 'pcre.backtrack_limit', $old_btlimit );
+ return array();
}
$link_data = array();
$link_matches = array();
- if (!preg_match_all($this->_link_find, $head_matches[0],
+ if (!preg_match_all($this->_link_find, $head_match,
$link_matches)) {
+ ini_set( 'pcre.backtrack_limit', $old_btlimit );
return array();
}
@@ -273,6 +298,7 @@ class Auth_OpenID_Parse {
$link_data[] = $link_attrs;
}
+ ini_set( 'pcre.backtrack_limit', $old_btlimit );
return $link_data;
}
@@ -349,4 +375,3 @@ function Auth_OpenID_legacy_discover($html_text, $server_rel,
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/OpenID/PostgreSQLStore.php b/extlib/Auth/OpenID/PostgreSQLStore.php
index 69d95e7b8..d90e43e00 100644
--- a/extlib/Auth/OpenID/PostgreSQLStore.php
+++ b/extlib/Auth/OpenID/PostgreSQLStore.php
@@ -110,4 +110,3 @@ class Auth_OpenID_PostgreSQLStore extends Auth_OpenID_SQLStore {
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/OpenID/SQLStore.php b/extlib/Auth/OpenID/SQLStore.php
index da93c6aa2..c04059732 100644
--- a/extlib/Auth/OpenID/SQLStore.php
+++ b/extlib/Auth/OpenID/SQLStore.php
@@ -14,16 +14,6 @@
*/
/**
- * Require the PEAR DB module because we'll need it for the SQL-based
- * stores implemented here. We silence any errors from the inclusion
- * because it might not be present, and a user of the SQL stores may
- * supply an Auth_OpenID_DatabaseConnection instance that implements
- * its own storage.
- */
-global $__Auth_OpenID_PEAR_AVAILABLE;
-$__Auth_OpenID_PEAR_AVAILABLE = @include_once 'DB.php';
-
-/**
* @access private
*/
require_once 'Auth/OpenID/Interface.php';
@@ -89,8 +79,6 @@ class Auth_OpenID_SQLStore extends Auth_OpenID_OpenIDStore {
$associations_table = null,
$nonces_table = null)
{
- global $__Auth_OpenID_PEAR_AVAILABLE;
-
$this->associations_table_name = "oid_associations";
$this->nonces_table_name = "oid_nonces";
@@ -113,7 +101,7 @@ class Auth_OpenID_SQLStore extends Auth_OpenID_OpenIDStore {
// constant, so only try to use it if PEAR is present. Note
// that Auth_Openid_Databaseconnection instances need not
// implement ::setFetchMode for this reason.
- if ($__Auth_OpenID_PEAR_AVAILABLE) {
+ if (is_subclass_of($this->connection, 'db_common')) {
$this->connection->setFetchMode(DB_FETCHMODE_ASSOC);
}
@@ -482,7 +470,7 @@ class Auth_OpenID_SQLStore extends Auth_OpenID_OpenIDStore {
global $Auth_OpenID_SKEW;
if ( abs($timestamp - time()) > $Auth_OpenID_SKEW ) {
- return False;
+ return false;
}
return $this->_add_nonce($server_url, $timestamp, $salt);
@@ -566,4 +554,4 @@ class Auth_OpenID_SQLStore extends Auth_OpenID_OpenIDStore {
}
}
-?>
+
diff --git a/extlib/Auth/OpenID/SQLiteStore.php b/extlib/Auth/OpenID/SQLiteStore.php
index ec2bf58e4..4558fa1c3 100644
--- a/extlib/Auth/OpenID/SQLiteStore.php
+++ b/extlib/Auth/OpenID/SQLiteStore.php
@@ -68,4 +68,3 @@ class Auth_OpenID_SQLiteStore extends Auth_OpenID_SQLStore {
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/OpenID/SReg.php b/extlib/Auth/OpenID/SReg.php
index 63280769f..5ece70724 100644
--- a/extlib/Auth/OpenID/SReg.php
+++ b/extlib/Auth/OpenID/SReg.php
@@ -94,7 +94,7 @@ Auth_OpenID_registerNamespaceAlias(Auth_OpenID_SREG_NS_URI_1_1, 'sreg');
* $endpoint: The endpoint object as returned by OpenID discovery.
* returns whether an sreg type was advertised by the endpoint
*/
-function Auth_OpenID_supportsSReg(&$endpoint)
+function Auth_OpenID_supportsSReg($endpoint)
{
return ($endpoint->usesExtension(Auth_OpenID_SREG_NS_URI_1_1) ||
$endpoint->usesExtension(Auth_OpenID_SREG_NS_URI_1_0));
@@ -122,7 +122,7 @@ class Auth_OpenID_SRegBase extends Auth_OpenID_Extension {
*
* @access private
*/
- function _getSRegNS(&$message)
+ static function _getSRegNS($message)
{
$alias = null;
$found_ns_uri = null;
@@ -173,7 +173,7 @@ class Auth_OpenID_SRegRequest extends Auth_OpenID_SRegBase {
/**
* Initialize an empty simple registration request.
*/
- function build($required=null, $optional=null,
+ static function build($required=null, $optional=null,
$policy_url=null,
$sreg_ns_uri=Auth_OpenID_SREG_NS_URI,
$cls='Auth_OpenID_SRegRequest')
@@ -213,7 +213,7 @@ class Auth_OpenID_SRegRequest extends Auth_OpenID_SRegBase {
*
* Returns the newly created simple registration request
*/
- function fromOpenIDRequest($request, $cls='Auth_OpenID_SRegRequest')
+ static function fromOpenIDRequest($request, $cls='Auth_OpenID_SRegRequest')
{
$obj = call_user_func_array(array($cls, 'build'),
@@ -442,7 +442,7 @@ class Auth_OpenID_SRegResponse extends Auth_OpenID_SRegBase {
* string (unicode) value. For instance, the nickname should be
* stored under the key 'nickname'.
*/
- function extractResponse($request, $data)
+ static function extractResponse($request, $data)
{
$obj = new Auth_OpenID_SRegResponse();
$obj->ns_uri = $request->ns_uri;
@@ -471,7 +471,7 @@ class Auth_OpenID_SRegResponse extends Auth_OpenID_SRegBase {
* Returns a simple registration response containing the data that
* was supplied with the C{id_res} response.
*/
- function fromSuccessResponse(&$success_response, $signed_only=true)
+ static function fromSuccessResponse($success_response, $signed_only=true)
{
global $Auth_OpenID_sreg_data_fields;
@@ -518,4 +518,4 @@ class Auth_OpenID_SRegResponse extends Auth_OpenID_SRegBase {
}
}
-?>
+
diff --git a/extlib/Auth/OpenID/Server.php b/extlib/Auth/OpenID/Server.php
index f1db4d872..cc8ba961c 100644
--- a/extlib/Auth/OpenID/Server.php
+++ b/extlib/Auth/OpenID/Server.php
@@ -43,7 +43,7 @@
* consumers to add extensions to their requests. For example, with
* sites using the Simple Registration
* Extension
- * (http://www.openidenabled.com/openid/simple-registration-extension/),
+ * (http://openid.net/specs/openid-simple-registration-extension-1_0.html),
* a user can agree to have their nickname and e-mail address sent to
* a site when they sign up.
*
@@ -365,7 +365,7 @@ class Auth_OpenID_CheckAuthRequest extends Auth_OpenID_Request {
$this->message = null;
}
- function fromMessage($message, $server=null)
+ static function fromMessage($message, $server=null)
{
$required_keys = array('assoc_handle', 'sig', 'signed');
@@ -396,7 +396,7 @@ class Auth_OpenID_CheckAuthRequest extends Auth_OpenID_Request {
return $result;
}
- function answer(&$signatory)
+ function answer($signatory)
{
$is_valid = $signatory->verify($this->assoc_handle, $this->signed);
@@ -436,7 +436,7 @@ class Auth_OpenID_PlainTextServerSession {
var $needs_math = false;
var $allowed_assoc_types = array('HMAC-SHA1', 'HMAC-SHA256');
- function fromMessage($unused_request)
+ static function fromMessage($unused_request)
{
return new Auth_OpenID_PlainTextServerSession();
}
@@ -469,7 +469,7 @@ class Auth_OpenID_DiffieHellmanSHA1ServerSession {
$this->consumer_pubkey = $consumer_pubkey;
}
- function getDH($message)
+ static function getDH($message)
{
$dh_modulus = $message->getArg(Auth_OpenID_OPENID_NS, 'dh_modulus');
$dh_gen = $message->getArg(Auth_OpenID_OPENID_NS, 'dh_gen');
@@ -489,7 +489,7 @@ class Auth_OpenID_DiffieHellmanSHA1ServerSession {
$missing);
}
- $lib =& Auth_OpenID_getMathLib();
+ $lib = Auth_OpenID_getMathLib();
if ($dh_modulus || $dh_gen) {
$dh_modulus = $lib->base64ToLong($dh_modulus);
@@ -523,7 +523,7 @@ class Auth_OpenID_DiffieHellmanSHA1ServerSession {
return array($dh, $consumer_pubkey);
}
- function fromMessage($message)
+ static function fromMessage($message)
{
$result = Auth_OpenID_DiffieHellmanSHA1ServerSession::getDH($message);
@@ -538,7 +538,7 @@ class Auth_OpenID_DiffieHellmanSHA1ServerSession {
function answer($secret)
{
- $lib =& Auth_OpenID_getMathLib();
+ $lib = Auth_OpenID_getMathLib();
$mac_key = $this->dh->xorSecret($this->consumer_pubkey, $secret,
$this->hash_func);
return array(
@@ -560,7 +560,7 @@ class Auth_OpenID_DiffieHellmanSHA256ServerSession
var $hash_func = 'Auth_OpenID_SHA256';
var $allowed_assoc_types = array('HMAC-SHA256');
- function fromMessage($message)
+ static function fromMessage($message)
{
$result = Auth_OpenID_DiffieHellmanSHA1ServerSession::getDH($message);
@@ -582,7 +582,7 @@ class Auth_OpenID_DiffieHellmanSHA256ServerSession
class Auth_OpenID_AssociateRequest extends Auth_OpenID_Request {
var $mode = "associate";
- function getSessionClasses()
+ static function getSessionClasses()
{
return array(
'no-encryption' => 'Auth_OpenID_PlainTextServerSession',
@@ -590,14 +590,14 @@ class Auth_OpenID_AssociateRequest extends Auth_OpenID_Request {
'DH-SHA256' => 'Auth_OpenID_DiffieHellmanSHA256ServerSession');
}
- function Auth_OpenID_AssociateRequest(&$session, $assoc_type)
+ function Auth_OpenID_AssociateRequest($session, $assoc_type)
{
- $this->session =& $session;
+ $this->session = $session;
$this->namespace = Auth_OpenID_OPENID2_NS;
$this->assoc_type = $assoc_type;
}
- function fromMessage($message, $server=null)
+ static function fromMessage($message, $server=null)
{
if ($message->isOpenID1()) {
$session_type = $message->getArg(Auth_OpenID_OPENID_NS,
@@ -696,7 +696,7 @@ class Auth_OpenID_AssociateRequest extends Auth_OpenID_Request {
'session_type',
$preferred_session_type);
}
-
+ $response->code = AUTH_OPENID_HTTP_ERROR;
return $response;
}
}
@@ -734,7 +734,7 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request {
*/
var $namespace;
- function make(&$message, $identity, $return_to, $trust_root = null,
+ static function make($message, $identity, $return_to, $trust_root = null,
$immediate = false, $assoc_handle = null, $server = null)
{
if ($server === null) {
@@ -752,7 +752,7 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request {
$assoc_handle, $server);
$r->namespace = $message->getOpenIDNamespace();
- $r->message =& $message;
+ $r->message = $message;
if (!$r->trustRootValid()) {
return new Auth_OpenID_UntrustedReturnURL($message,
@@ -778,7 +778,7 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request {
}
$this->return_to = $return_to;
$this->trust_root = $trust_root;
- $this->server =& $server;
+ $this->server = $server;
if ($immediate) {
$this->immediate = true;
@@ -817,11 +817,12 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request {
*/
function returnToVerified()
{
+ $fetcher = Auth_Yadis_Yadis::getHTTPFetcher();
return call_user_func_array($this->verifyReturnTo,
- array($this->trust_root, $this->return_to));
+ array($this->trust_root, $this->return_to, $fetcher));
}
-
- function fromMessage(&$message, $server)
+
+ static function fromMessage($message, $server)
{
$mode = $message->getArg(Auth_OpenID_OPENID_NS, 'mode');
$immediate = null;
@@ -1097,7 +1098,7 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request {
in OpenID 1.x immediate mode.');
}
- $setup_request =& new Auth_OpenID_CheckIDRequest(
+ $setup_request = new Auth_OpenID_CheckIDRequest(
$this->identity,
$this->return_to,
$this->trust_root,
@@ -1183,9 +1184,9 @@ class Auth_OpenID_CheckIDRequest extends Auth_OpenID_Request {
*/
class Auth_OpenID_ServerResponse {
- function Auth_OpenID_ServerResponse(&$request)
+ function Auth_OpenID_ServerResponse($request)
{
- $this->request =& $request;
+ $this->request = $request;
$this->fields = new Auth_OpenID_Message($this->request->namespace);
}
@@ -1310,10 +1311,10 @@ class Auth_OpenID_Signatory {
/**
* Create a new signatory using a given store.
*/
- function Auth_OpenID_Signatory(&$store)
+ function Auth_OpenID_Signatory($store)
{
// assert store is not None
- $this->store =& $store;
+ $this->store = $store;
}
/**
@@ -1447,7 +1448,7 @@ class Auth_OpenID_Encoder {
* Encode an {@link Auth_OpenID_ServerResponse} and return an
* {@link Auth_OpenID_WebResponse}.
*/
- function encode(&$response)
+ function encode($response)
{
$cls = $this->responseFactory;
@@ -1463,10 +1464,14 @@ class Auth_OpenID_Encoder {
array('location' => $location));
} else if ($encode_as == Auth_OpenID_ENCODE_HTML_FORM) {
$wr = new $cls(AUTH_OPENID_HTTP_OK, array(),
- $response->toFormMarkup());
+ $response->toHTML());
} else {
return new Auth_OpenID_EncodingError($response);
}
+ /* Allow the response to carry a custom error code (ex: for Association errors) */
+ if(isset($response->code)) {
+ $wr->code = $response->code;
+ }
return $wr;
}
}
@@ -1478,16 +1483,16 @@ class Auth_OpenID_Encoder {
*/
class Auth_OpenID_SigningEncoder extends Auth_OpenID_Encoder {
- function Auth_OpenID_SigningEncoder(&$signatory)
+ function Auth_OpenID_SigningEncoder($signatory)
{
- $this->signatory =& $signatory;
+ $this->signatory = $signatory;
}
/**
* Sign an {@link Auth_OpenID_ServerResponse} and return an
* {@link Auth_OpenID_WebResponse}.
*/
- function encode(&$response)
+ function encode($response)
{
// the isinstance is a bit of a kludge... it means there isn't
// really an adapter to make the interfaces quite match.
@@ -1516,9 +1521,9 @@ class Auth_OpenID_SigningEncoder extends Auth_OpenID_Encoder {
*/
class Auth_OpenID_Decoder {
- function Auth_OpenID_Decoder(&$server)
+ function Auth_OpenID_Decoder($server)
{
- $this->server =& $server;
+ $this->server = $server;
$this->handlers = array(
'checkid_setup' => 'Auth_OpenID_CheckIDRequest',
@@ -1599,9 +1604,9 @@ class Auth_OpenID_Decoder {
* @package OpenID
*/
class Auth_OpenID_EncodingError {
- function Auth_OpenID_EncodingError(&$response)
+ function Auth_OpenID_EncodingError($response)
{
- $this->response =& $response;
+ $this->response = $response;
}
}
@@ -1674,14 +1679,14 @@ class Auth_OpenID_UntrustedReturnURL extends Auth_OpenID_ServerError {
* @package OpenID
*/
class Auth_OpenID_Server {
- function Auth_OpenID_Server(&$store, $op_endpoint=null)
+ function Auth_OpenID_Server($store, $op_endpoint=null)
{
- $this->store =& $store;
- $this->signatory =& new Auth_OpenID_Signatory($this->store);
- $this->encoder =& new Auth_OpenID_SigningEncoder($this->signatory);
- $this->decoder =& new Auth_OpenID_Decoder($this);
+ $this->store = $store;
+ $this->signatory = new Auth_OpenID_Signatory($this->store);
+ $this->encoder = new Auth_OpenID_SigningEncoder($this->signatory);
+ $this->decoder = new Auth_OpenID_Decoder($this);
$this->op_endpoint = $op_endpoint;
- $this->negotiator =& Auth_OpenID_getDefaultNegotiator();
+ $this->negotiator = Auth_OpenID_getDefaultNegotiator();
}
/**
@@ -1699,7 +1704,7 @@ class Auth_OpenID_Server {
{
if (method_exists($this, "openid_" . $request->mode)) {
$handler = array($this, "openid_" . $request->mode);
- return call_user_func($handler, $request);
+ return call_user_func($handler, &$request);
}
return null;
}
@@ -1707,7 +1712,7 @@ class Auth_OpenID_Server {
/**
* The callback for 'check_authentication' messages.
*/
- function openid_check_authentication(&$request)
+ function openid_check_authentication($request)
{
return $request->answer($this->signatory);
}
@@ -1715,7 +1720,7 @@ class Auth_OpenID_Server {
/**
* The callback for 'associate' messages.
*/
- function openid_associate(&$request)
+ function openid_associate($request)
{
$assoc_type = $request->assoc_type;
$session_type = $request->session->session_type;
@@ -1738,7 +1743,7 @@ class Auth_OpenID_Server {
* Encodes as response in the appropriate format suitable for
* sending to the user agent.
*/
- function encodeResponse(&$response)
+ function encodeResponse($response)
{
return $this->encoder->encode($response);
}
@@ -1757,4 +1762,4 @@ class Auth_OpenID_Server {
}
}
-?>
+
diff --git a/extlib/Auth/OpenID/ServerRequest.php b/extlib/Auth/OpenID/ServerRequest.php
index 33a8556ce..69222a5e0 100644
--- a/extlib/Auth/OpenID/ServerRequest.php
+++ b/extlib/Auth/OpenID/ServerRequest.php
@@ -34,4 +34,3 @@ class Auth_OpenID_ServerRequest {
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/OpenID/TrustRoot.php b/extlib/Auth/OpenID/TrustRoot.php
index 4919a6065..000440b58 100644
--- a/extlib/Auth/OpenID/TrustRoot.php
+++ b/extlib/Auth/OpenID/TrustRoot.php
@@ -58,7 +58,7 @@ class Auth_OpenID_TrustRoot {
* @return The URL upon which relying party discovery should be
* run in order to verify the return_to URL
*/
- function buildDiscoveryURL($realm)
+ static function buildDiscoveryURL($realm)
{
$parsed = Auth_OpenID_TrustRoot::_parse($realm);
@@ -93,7 +93,7 @@ class Auth_OpenID_TrustRoot {
* @return mixed $parsed Either an associative array of trust root
* parts or false if parsing failed.
*/
- function _parse($trust_root)
+ static function _parse($trust_root)
{
$trust_root = Auth_OpenID_urinorm($trust_root);
if ($trust_root === null) {
@@ -199,7 +199,7 @@ class Auth_OpenID_TrustRoot {
* @param string $trust_root The trust root to check
* @return bool $sanity Whether the trust root looks OK
*/
- function isSane($trust_root)
+ static function isSane($trust_root)
{
$parts = Auth_OpenID_TrustRoot::_parse($trust_root);
if ($parts === false) {
@@ -269,7 +269,7 @@ class Auth_OpenID_TrustRoot {
* @return bool $matches Whether the URL matches against the
* trust root
*/
- function match($trust_root, $url)
+ static function match($trust_root, $url)
{
$trust_root_parsed = Auth_OpenID_TrustRoot::_parse($trust_root);
$url_parsed = Auth_OpenID_TrustRoot::_parse($url);
@@ -341,7 +341,7 @@ class Auth_OpenID_TrustRoot {
* @returns: The endpoint URL or None if the endpoint is not a
* relying party endpoint.
*/
-function filter_extractReturnURL(&$endpoint)
+function filter_extractReturnURL($endpoint)
{
if ($endpoint->matchTypes(array(Auth_OpenID_RP_RETURN_TO_URL_TYPE))) {
return $endpoint;
@@ -394,14 +394,14 @@ function Auth_OpenID_returnToMatches($allowed_return_to_urls, $return_to)
* Given a relying party discovery URL return a list of return_to
* URLs.
*/
-function Auth_OpenID_getAllowedReturnURLs($relying_party_url, &$fetcher,
+function Auth_OpenID_getAllowedReturnURLs($relying_party_url, $fetcher,
$discover_function=null)
{
if ($discover_function === null) {
$discover_function = array('Auth_Yadis_Yadis', 'discover');
}
- $xrds_parse_cb = array('Auth_OpenID_ServiceEndpoint', 'fromXRDS');
+ $xrds_parse_cb = array('Auth_OpenID_ServiceEndpoint', 'consumerFromXRDS');
list($rp_url_after_redirects, $endpoints) =
Auth_Yadis_getServiceEndpoints($relying_party_url, $xrds_parse_cb,
@@ -413,7 +413,7 @@ function Auth_OpenID_getAllowedReturnURLs($relying_party_url, &$fetcher,
}
call_user_func_array($discover_function,
- array($relying_party_url, $fetcher));
+ array($relying_party_url, &$fetcher));
$return_to_urls = array();
$matching_endpoints = Auth_OpenID_extractReturnURL($endpoints);
@@ -435,7 +435,7 @@ function Auth_OpenID_getAllowedReturnURLs($relying_party_url, &$fetcher,
*
* @return true if the return_to URL is valid for the realm
*/
-function Auth_OpenID_verifyReturnTo($realm_str, $return_to, &$fetcher,
+function Auth_OpenID_verifyReturnTo($realm_str, $return_to, $fetcher,
$_vrfy='Auth_OpenID_getAllowedReturnURLs')
{
$disco_url = Auth_OpenID_TrustRoot::buildDiscoveryURL($realm_str);
@@ -445,7 +445,7 @@ function Auth_OpenID_verifyReturnTo($realm_str, $return_to, &$fetcher,
}
$allowable_urls = call_user_func_array($_vrfy,
- array($disco_url, &$fetcher));
+ array($disco_url, $fetcher));
// The realm_str could not be parsed.
if ($allowable_urls === false) {
@@ -459,4 +459,3 @@ function Auth_OpenID_verifyReturnTo($realm_str, $return_to, &$fetcher,
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/OpenID/URINorm.php b/extlib/Auth/OpenID/URINorm.php
index f821d836a..c051b550a 100644
--- a/extlib/Auth/OpenID/URINorm.php
+++ b/extlib/Auth/OpenID/URINorm.php
@@ -246,4 +246,4 @@ function Auth_OpenID_urinorm($uri)
return $scheme . '://' . $authority . $path . $query . $fragment;
}
-?>
+
diff --git a/extlib/Auth/Yadis/HTTPFetcher.php b/extlib/Auth/Yadis/HTTPFetcher.php
index 963b9a49a..148cde1b2 100644
--- a/extlib/Auth/Yadis/HTTPFetcher.php
+++ b/extlib/Auth/Yadis/HTTPFetcher.php
@@ -115,12 +115,40 @@ class Auth_Yadis_HTTPFetcher {
/**
* @access private
*/
- function _findRedirect($headers)
+ function _findRedirect($headers, $url)
{
foreach ($headers as $line) {
if (strpos(strtolower($line), "location: ") === 0) {
$parts = explode(" ", $line, 2);
- return $parts[1];
+ $loc = $parts[1];
+ $ppos = strpos($loc, "://");
+ if ($ppos === false || $ppos > strpos($loc, "/")) {
+ /* no host; add it */
+ $hpos = strpos($url, "://");
+ $prt = substr($url, 0, $hpos+3);
+ $url = substr($url, $hpos+3);
+ if (substr($loc, 0, 1) == "/") {
+ /* absolute path */
+ $fspos = strpos($url, "/");
+ if ($fspos) $loc = $prt.substr($url, 0, $fspos).$loc;
+ else $loc = $prt.$url.$loc;
+ } else {
+ /* relative path */
+ $pp = $prt;
+ while (1) {
+ $xpos = strpos($url, "/");
+ if ($xpos === false) break;
+ $apos = strpos($url, "?");
+ if ($apos !== false && $apos < $xpos) break;
+ $apos = strpos($url, "&");
+ if ($apos !== false && $apos < $xpos) break;
+ $pp .= substr($url, 0, $xpos+1);
+ $url = substr($url, $xpos+1);
+ }
+ $loc = $pp.$loc;
+ }
+ }
+ return $loc;
}
}
return null;
@@ -144,4 +172,3 @@ class Auth_Yadis_HTTPFetcher {
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/Yadis/Manager.php b/extlib/Auth/Yadis/Manager.php
index d50cf7ad6..ee6f68bcb 100644
--- a/extlib/Auth/Yadis/Manager.php
+++ b/extlib/Auth/Yadis/Manager.php
@@ -387,11 +387,11 @@ class Auth_Yadis_Discovery {
* @param string $session_key_suffix The optional session key
* suffix override.
*/
- function Auth_Yadis_Discovery(&$session, $url,
+ function Auth_Yadis_Discovery($session, $url,
$session_key_suffix = null)
{
/// Initialize a discovery object
- $this->session =& $session;
+ $this->session = $session;
$this->url = $url;
if ($session_key_suffix === null) {
$session_key_suffix = $this->DEFAULT_SUFFIX;
@@ -405,7 +405,7 @@ class Auth_Yadis_Discovery {
* Return the next authentication service for the pair of
* user_input and session. This function handles fallback.
*/
- function getNextService($discover_cb, &$fetcher)
+ function getNextService($discover_cb, $fetcher)
{
$manager = $this->getManager();
if (!$manager || (!$manager->services)) {
@@ -413,7 +413,7 @@ class Auth_Yadis_Discovery {
list($yadis_url, $services) = call_user_func($discover_cb,
$this->url,
- $fetcher);
+ &$fetcher);
$manager = $this->createManager($services, $yadis_url);
}
@@ -466,7 +466,7 @@ class Auth_Yadis_Discovery {
* @param $force True if the manager should be returned regardless
* of whether it's a manager for $this->url.
*/
- function &getManager($force=false)
+ function getManager($force=false)
{
// Extract the YadisServiceManager for this object's URL and
// suffix from the session.
@@ -481,16 +481,13 @@ class Auth_Yadis_Discovery {
if ($manager && ($manager->forURL($this->url) || $force)) {
return $manager;
- } else {
- $unused = null;
- return $unused;
}
}
/**
* @access private
*/
- function &createManager($services, $yadis_url = null)
+ function createManager($services, $yadis_url = null)
{
$key = $this->getSessionKey();
if ($this->getManager()) {
@@ -504,10 +501,6 @@ class Auth_Yadis_Discovery {
$this->session->set($this->session_key,
serialize($loader->toSession($manager)));
return $manager;
- } else {
- // Oh, PHP.
- $unused = null;
- return $unused;
}
}
@@ -526,4 +519,3 @@ class Auth_Yadis_Discovery {
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/Yadis/Misc.php b/extlib/Auth/Yadis/Misc.php
index 1134a4ff4..a5afa8e9a 100644
--- a/extlib/Auth/Yadis/Misc.php
+++ b/extlib/Auth/Yadis/Misc.php
@@ -56,4 +56,3 @@ function Auth_Yadis_startswith($s, $stuff)
return strpos($s, $stuff) === 0;
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/Yadis/ParanoidHTTPFetcher.php b/extlib/Auth/Yadis/ParanoidHTTPFetcher.php
index 6a418260e..4da7c94c0 100644
--- a/extlib/Auth/Yadis/ParanoidHTTPFetcher.php
+++ b/extlib/Auth/Yadis/ParanoidHTTPFetcher.php
@@ -109,9 +109,9 @@ class Auth_Yadis_ParanoidHTTPFetcher extends Auth_Yadis_HTTPFetcher {
}
curl_setopt($c, CURLOPT_WRITEFUNCTION,
- array(&$this, "_writeData"));
+ array($this, "_writeData"));
curl_setopt($c, CURLOPT_HEADERFUNCTION,
- array(&$this, "_writeHeader"));
+ array($this, "_writeHeader"));
if ($extra_headers) {
curl_setopt($c, CURLOPT_HTTPHEADER, $extra_headers);
@@ -128,6 +128,10 @@ class Auth_Yadis_ParanoidHTTPFetcher extends Auth_Yadis_HTTPFetcher {
curl_setopt($c, CURLOPT_TIMEOUT, $off);
curl_setopt($c, CURLOPT_URL, $url);
+ if (defined('Auth_OpenID_VERIFY_HOST')) {
+ curl_setopt($c, CURLOPT_SSL_VERIFYPEER, true);
+ curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 2);
+ }
curl_exec($c);
$code = curl_getinfo($c, CURLINFO_HTTP_CODE);
@@ -142,12 +146,17 @@ class Auth_Yadis_ParanoidHTTPFetcher extends Auth_Yadis_HTTPFetcher {
}
if (in_array($code, array(301, 302, 303, 307))) {
- $url = $this->_findRedirect($headers);
+ $url = $this->_findRedirect($headers, $url);
$redir = true;
} else {
$redir = false;
curl_close($c);
+ if (defined('Auth_OpenID_VERIFY_HOST') &&
+ $this->isHTTPS($url)) {
+ Auth_OpenID::log('OpenID: Verified SSL host %s using '.
+ 'curl/get', $url);
+ }
$new_headers = array();
foreach ($headers as $header) {
@@ -190,7 +199,12 @@ class Auth_Yadis_ParanoidHTTPFetcher extends Auth_Yadis_HTTPFetcher {
curl_setopt($c, CURLOPT_TIMEOUT, $this->timeout);
curl_setopt($c, CURLOPT_URL, $url);
curl_setopt($c, CURLOPT_WRITEFUNCTION,
- array(&$this, "_writeData"));
+ array($this, "_writeData"));
+
+ if (defined('Auth_OpenID_VERIFY_HOST')) {
+ curl_setopt($c, CURLOPT_SSL_VERIFYPEER, true);
+ curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 2);
+ }
curl_exec($c);
@@ -198,9 +212,15 @@ class Auth_Yadis_ParanoidHTTPFetcher extends Auth_Yadis_HTTPFetcher {
if (!$code) {
Auth_OpenID::log("Got no response code when fetching %s", $url);
+ Auth_OpenID::log("CURL error (%s): %s",
+ curl_errno($c), curl_error($c));
return null;
}
+ if (defined('Auth_OpenID_VERIFY_HOST') && $this->isHTTPS($url)) {
+ Auth_OpenID::log('OpenID: Verified SSL host %s using '.
+ 'curl/post', $url);
+ }
$body = $this->data;
curl_close($c);
@@ -223,4 +243,3 @@ class Auth_Yadis_ParanoidHTTPFetcher extends Auth_Yadis_HTTPFetcher {
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/Yadis/ParseHTML.php b/extlib/Auth/Yadis/ParseHTML.php
index 297ccbd2c..6f0f8b7e2 100644
--- a/extlib/Auth/Yadis/ParseHTML.php
+++ b/extlib/Auth/Yadis/ParseHTML.php
@@ -256,4 +256,3 @@ class Auth_Yadis_ParseHTML {
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/Yadis/PlainHTTPFetcher.php b/extlib/Auth/Yadis/PlainHTTPFetcher.php
index 3e0ca2bb0..26890539a 100644
--- a/extlib/Auth/Yadis/PlainHTTPFetcher.php
+++ b/extlib/Auth/Yadis/PlainHTTPFetcher.php
@@ -122,7 +122,7 @@ class Auth_Yadis_PlainHTTPFetcher extends Auth_Yadis_HTTPFetcher {
$code = $http_code[1];
if (in_array($code, array('301', '302'))) {
- $url = $this->_findRedirect($headers);
+ $url = $this->_findRedirect($headers, $url);
$redir = true;
} else {
$redir = false;
@@ -246,4 +246,3 @@ class Auth_Yadis_PlainHTTPFetcher extends Auth_Yadis_HTTPFetcher {
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/Yadis/XML.php b/extlib/Auth/Yadis/XML.php
index 81b2ce221..cf1f5c41b 100644
--- a/extlib/Auth/Yadis/XML.php
+++ b/extlib/Auth/Yadis/XML.php
@@ -310,20 +310,16 @@ $__Auth_Yadis_defaultParser = null;
* @param Auth_Yadis_XMLParser $parser An instance of a
* Auth_Yadis_XMLParser subclass.
*/
-function Auth_Yadis_setDefaultParser(&$parser)
+function Auth_Yadis_setDefaultParser($parser)
{
global $__Auth_Yadis_defaultParser;
- $__Auth_Yadis_defaultParser =& $parser;
+ $__Auth_Yadis_defaultParser = $parser;
}
function Auth_Yadis_getSupportedExtensions()
{
- return array(
- 'dom' => array('classname' => 'Auth_Yadis_dom',
- 'libname' => array('dom.so', 'dom.dll')),
- 'domxml' => array('classname' => 'Auth_Yadis_domxml',
- 'libname' => array('domxml.so', 'php_domxml.dll')),
- );
+ return array('dom' => 'Auth_Yadis_dom',
+ 'domxml' => 'Auth_Yadis_domxml');
}
/**
@@ -332,43 +328,25 @@ function Auth_Yadis_getSupportedExtensions()
* Auth_Yadis_setDefaultParser has been called, the parser used in
* that call will be returned instead.
*/
-function &Auth_Yadis_getXMLParser()
+function Auth_Yadis_getXMLParser()
{
global $__Auth_Yadis_defaultParser;
-
+
if (isset($__Auth_Yadis_defaultParser)) {
return $__Auth_Yadis_defaultParser;
}
-
- $p = null;
- $classname = null;
-
- $extensions = Auth_Yadis_getSupportedExtensions();
-
- // Return a wrapper for the resident implementation, if any.
- foreach ($extensions as $name => $params) {
- if (!extension_loaded($name)) {
- foreach ($params['libname'] as $libname) {
- if (@dl($libname)) {
- $classname = $params['classname'];
- }
- }
- } else {
- $classname = $params['classname'];
- }
- if (isset($classname)) {
- $p = new $classname();
- return $p;
- }
- }
-
- if (!isset($p)) {
- trigger_error('No XML parser was found', E_USER_ERROR);
- } else {
+
+ foreach(Auth_Yadis_getSupportedExtensions() as $extension => $classname)
+ {
+ if (extension_loaded($extension))
+ {
+ $p = new $classname();
Auth_Yadis_setDefaultParser($p);
+ return $p;
+ }
}
-
- return $p;
+
+ return false;
}
-?>
+
diff --git a/extlib/Auth/Yadis/XRDS.php b/extlib/Auth/Yadis/XRDS.php
index f14a7948e..1f5af96fb 100644
--- a/extlib/Auth/Yadis/XRDS.php
+++ b/extlib/Auth/Yadis/XRDS.php
@@ -255,11 +255,11 @@ class Auth_Yadis_XRDS {
* Instantiate a Auth_Yadis_XRDS object. Requires an XPath
* instance which has been used to parse a valid XRDS document.
*/
- function Auth_Yadis_XRDS(&$xmlParser, &$xrdNodes)
+ function Auth_Yadis_XRDS($xmlParser, $xrdNodes)
{
- $this->parser =& $xmlParser;
+ $this->parser = $xmlParser;
$this->xrdNode = $xrdNodes[count($xrdNodes) - 1];
- $this->allXrdNodes =& $xrdNodes;
+ $this->allXrdNodes = $xrdNodes;
$this->serviceList = array();
$this->_parse();
}
@@ -273,7 +273,7 @@ class Auth_Yadis_XRDS {
* @return mixed $xrds An instance of Auth_Yadis_XRDS or null,
* depending on the validity of $xml_string
*/
- function &parseXRDS($xml_string, $extra_ns_map = null)
+ static function parseXRDS($xml_string, $extra_ns_map = null)
{
$_null = null;
@@ -352,9 +352,9 @@ class Auth_Yadis_XRDS {
$services = $this->parser->evalXPath('xrd:Service', $this->xrdNode);
foreach ($services as $node) {
- $s =& new Auth_Yadis_Service();
+ $s = new Auth_Yadis_Service();
$s->element = $node;
- $s->parser =& $this->parser;
+ $s->parser = $this->parser;
$priority = $s->getPriority();
@@ -428,7 +428,8 @@ class Auth_Yadis_XRDS {
$matches = 0;
foreach ($filters as $filter) {
- if (call_user_func_array($filter, array($service))) {
+
+ if (call_user_func_array($filter, array(&$service))) {
$matches++;
if ($filter_mode == SERVICES_YADIS_MATCH_ANY) {
@@ -475,4 +476,3 @@ class Auth_Yadis_XRDS {
}
}
-?> \ No newline at end of file
diff --git a/extlib/Auth/Yadis/XRI.php b/extlib/Auth/Yadis/XRI.php
index 4e3462317..0143a692e 100644
--- a/extlib/Auth/Yadis/XRI.php
+++ b/extlib/Auth/Yadis/XRI.php
@@ -190,7 +190,7 @@ function Auth_Yadis_getCanonicalID($iname, $xrds)
// Now nodes are in reverse order.
$xrd_list = array_reverse($xrds->allXrdNodes);
- $parser =& $xrds->parser;
+ $parser = $xrds->parser;
$node = $xrd_list[0];
$canonicalID_nodes = $parser->evalXPath('xrd:CanonicalID', $node);
@@ -231,4 +231,4 @@ function Auth_Yadis_getCanonicalID($iname, $xrds)
return $canonicalID;
}
-?>
+
diff --git a/extlib/Auth/Yadis/XRIRes.php b/extlib/Auth/Yadis/XRIRes.php
index 4e8e8d037..5e1158735 100644
--- a/extlib/Auth/Yadis/XRIRes.php
+++ b/extlib/Auth/Yadis/XRIRes.php
@@ -8,9 +8,9 @@ require_once 'Auth/Yadis/XRDS.php';
require_once 'Auth/Yadis/XRI.php';
class Auth_Yadis_ProxyResolver {
- function Auth_Yadis_ProxyResolver(&$fetcher, $proxy_url = null)
+ function Auth_Yadis_ProxyResolver($fetcher, $proxy_url = null)
{
- $this->fetcher =& $fetcher;
+ $this->fetcher = $fetcher;
$this->proxy_url = $proxy_url;
if (!$this->proxy_url) {
$this->proxy_url = Auth_Yadis_getDefaultProxy();
@@ -69,4 +69,4 @@ class Auth_Yadis_ProxyResolver {
}
}
-?>
+
diff --git a/extlib/Auth/Yadis/Yadis.php b/extlib/Auth/Yadis/Yadis.php
index d89f77c6d..9ea2db7f9 100644
--- a/extlib/Auth/Yadis/Yadis.php
+++ b/extlib/Auth/Yadis/Yadis.php
@@ -105,7 +105,7 @@ class Auth_Yadis_DiscoveryResult {
function usedYadisLocation()
{
// Was the Yadis protocol's indirection used?
- return $this->normalized_uri != $this->xrds_uri;
+ return ($this->xrds_uri && $this->normalized_uri != $this->xrds_uri);
}
function isXRDS()
@@ -141,7 +141,7 @@ function Auth_Yadis_getServiceEndpoints($input_url, $xrds_parse_func,
}
$yadis_result = call_user_func_array($discover_func,
- array($input_url, $fetcher));
+ array($input_url, &$fetcher));
if ($yadis_result === null) {
return array($input_url, array());
@@ -196,7 +196,7 @@ function Auth_Yadis_getServiceEndpoints($input_url, $xrds_parse_func,
* The filter functions (whose names appear in the array passed to
* services()) take the following form:
*
- * <pre> function myFilter(&$service) {
+ * <pre> function myFilter($service) {
* // Query $service object here. Return true if the service
* // matches your query; false if not.
* }</pre>
@@ -207,7 +207,7 @@ function Auth_Yadis_getServiceEndpoints($input_url, $xrds_parse_func,
* this contrived example):
*
* <pre>
- * function URIMatcher(&$service) {
+ * function URIMatcher($service) {
* foreach ($service->getElements('xrd:URI') as $uri) {
* if (preg_match("/some_pattern/",
* $service->parser->content($uri))) {
@@ -250,7 +250,7 @@ class Auth_Yadis_Yadis {
* If Auth_Yadis_CURL_OVERRIDE is defined, this method will always
* return a {@link Auth_Yadis_PlainHTTPFetcher}.
*/
- function getHTTPFetcher($timeout = 20)
+ static function getHTTPFetcher($timeout = 20)
{
if (Auth_Yadis_Yadis::curlPresent() &&
(!defined('Auth_Yadis_CURL_OVERRIDE'))) {
@@ -261,7 +261,7 @@ class Auth_Yadis_Yadis {
return $fetcher;
}
- function curlPresent()
+ static function curlPresent()
{
return function_exists('curl_init');
}
@@ -269,7 +269,7 @@ class Auth_Yadis_Yadis {
/**
* @access private
*/
- function _getHeader($header_list, $names)
+ static function _getHeader($header_list, $names)
{
foreach ($header_list as $name => $value) {
foreach ($names as $n) {
@@ -285,7 +285,7 @@ class Auth_Yadis_Yadis {
/**
* @access private
*/
- function _getContentType($content_type_header)
+ static function _getContentType($content_type_header)
{
if ($content_type_header) {
$parts = explode(";", $content_type_header);
@@ -317,7 +317,7 @@ class Auth_Yadis_Yadis {
* Auth_Yadis_Yadis, depending on whether the discovery
* succeeded.
*/
- function discover($uri, &$fetcher,
+ static function discover($uri, $fetcher,
$extra_ns_map = null, $timeout = 20)
{
$result = new Auth_Yadis_DiscoveryResult($uri);
@@ -379,4 +379,4 @@ class Auth_Yadis_Yadis {
}
}
-?>
+
diff --git a/extlib/Net/IDNA.php b/extlib/Net/IDNA.php
new file mode 100644
index 000000000..987a37ef1
--- /dev/null
+++ b/extlib/Net/IDNA.php
@@ -0,0 +1,100 @@
+<?php
+
+// {{{ license
+
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */
+//
+// +----------------------------------------------------------------------+
+// | This library is free software; you can redistribute it and/or modify |
+// | it under the terms of the GNU Lesser General Public License as |
+// | published by the Free Software Foundation; either version 2.1 of the |
+// | License, or (at your option) any later version. |
+// | |
+// | This library is distributed in the hope that it will be useful, but |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
+// | Lesser General Public License for more details. |
+// | |
+// | You should have received a copy of the GNU Lesser General Public |
+// | License along with this library; if not, write to the Free Software |
+// | Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 |
+// | USA. |
+// +----------------------------------------------------------------------+
+//
+
+// }}}
+
+
+/**
+ * Encode/decode Internationalized Domain Names.
+ * Factory class to get correct implementation either for php4 or php5.
+ *
+ * @author Markus Nix <mnix@docuverse.de>
+ * @author Matthias Sommerfeld <mso@phlylabs.de>
+ * @package Net
+ * @version $Id: IDNA.php 284681 2009-07-24 04:24:27Z clockwerx $
+ */
+
+class Net_IDNA
+{
+ // {{{ factory
+ /**
+ * Attempts to return a concrete IDNA instance for either php4 or php5.
+ *
+ * @param array $params Set of paramaters
+ * @return object IDNA The newly created concrete Log instance, or an
+ * false on an error.
+ * @access public
+ */
+ function getInstance($params = array())
+ {
+ $version = explode( '.', phpversion() );
+ $handler = ((int)$version[0] > 4) ? 'php5' : 'php4';
+ $class = 'Net_IDNA_' . $handler;
+ $classfile = 'Net/IDNA/' . $handler . '.php';
+
+ /*
+ * Attempt to include our version of the named class, but don't treat
+ * a failure as fatal. The caller may have already included their own
+ * version of the named class.
+ */
+ @include_once $classfile;
+
+ /* If the class exists, return a new instance of it. */
+ if (class_exists($class)) {
+ return new $class($params);
+ }
+
+ return false;
+ }
+ // }}}
+
+ // {{{ singleton
+ /**
+ * Attempts to return a concrete IDNA instance for either php4 or php5,
+ * only creating a new instance if no IDNA instance with the same
+ * parameters currently exists.
+ *
+ * @param array $params Set of paramaters
+ * @return object IDNA The newly created concrete Log instance, or an
+ * false on an error.
+ * @access public
+ */
+ function singleton($params = array())
+ {
+ static $instances;
+ if (!isset($instances)) {
+ $instances = array();
+ }
+
+ $signature = serialize($params);
+ if (!isset($instances[$signature])) {
+ $instances[$signature] = Net_IDNA::getInstance($params);
+ }
+
+ return $instances[$signature];
+ }
+ // }}}
+}
+
+?>
diff --git a/extlib/Net/IDNA/php5.php b/extlib/Net/IDNA/php5.php
new file mode 100644
index 000000000..d61772170
--- /dev/null
+++ b/extlib/Net/IDNA/php5.php
@@ -0,0 +1,3269 @@
+<?php
+
+// {{{ license
+
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */
+//
+// +----------------------------------------------------------------------+
+// | This library is free software; you can redistribute it and/or modify |
+// | it under the terms of the GNU Lesser General Public License as |
+// | published by the Free Software Foundation; either version 2.1 of the |
+// | License, or (at your option) any later version. |
+// | |
+// | This library is distributed in the hope that it will be useful, but |
+// | WITHOUT ANY WARRANTY; without even the implied warranty of |
+// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
+// | Lesser General Public License for more details. |
+// | |
+// | You should have received a copy of the GNU Lesser General Public |
+// | License along with this library; if not, write to the Free Software |
+// | Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 |
+// | USA. |
+// +----------------------------------------------------------------------+
+//
+
+// }}}
+
+
+/**
+ * Encode/decode Internationalized Domain Names.
+ *
+ * The class allows to convert internationalized domain names
+ * (see RFC 3490 for details) as they can be used with various registries worldwide
+ * to be translated between their original (localized) form and their encoded form
+ * as it will be used in the DNS (Domain Name System).
+ *
+ * The class provides two public methods, encode() and decode(), which do exactly
+ * what you would expect them to do. You are allowed to use complete domain names,
+ * simple strings and complete email addresses as well. That means, that you might
+ * use any of the following notations:
+ *
+ * - www.n�rgler.com
+ * - xn--nrgler-wxa
+ * - xn--brse-5qa.xn--knrz-1ra.info
+ *
+ * Unicode input might be given as either UTF-8 string, UCS-4 string or UCS-4
+ * array. Unicode output is available in the same formats.
+ * You can select your preferred format via {@link set_paramter()}.
+ *
+ * ACE input and output is always expected to be ASCII.
+ *
+ * @author Markus Nix <mnix@docuverse.de>
+ * @author Matthias Sommerfeld <mso@phlylabs.de>
+ * @author Stefan Neufeind <pear.neufeind@speedpartner.de>
+ * @package Net
+ * @version $Id: php5.php 284682 2009-07-24 04:27:35Z clockwerx $
+ */
+
+class Net_IDNA_php5
+{
+ // {{{ npdata
+ /**
+ * These Unicode codepoints are
+ * mapped to nothing, See RFC3454 for details
+ *
+ * @static
+ * @var array
+ * @access private
+ */
+ private static $_np_map_nothing = array(
+ 0xAD,
+ 0x34F,
+ 0x1806,
+ 0x180B,
+ 0x180C,
+ 0x180D,
+ 0x200B,
+ 0x200C,
+ 0x200D,
+ 0x2060,
+ 0xFE00,
+ 0xFE01,
+ 0xFE02,
+ 0xFE03,
+ 0xFE04,
+ 0xFE05,
+ 0xFE06,
+ 0xFE07,
+ 0xFE08,
+ 0xFE09,
+ 0xFE0A,
+ 0xFE0B,
+ 0xFE0C,
+ 0xFE0D,
+ 0xFE0E,
+ 0xFE0F,
+ 0xFEFF
+ );
+
+ /**
+ * Prohibited codepints
+ *
+ * @static
+ * @var array
+ * @access private
+ */
+ private static $_general_prohibited = array(
+ 0,
+ 1,
+ 2,
+ 3,
+ 4,
+ 5,
+ 6,
+ 7,
+ 8,
+ 9,
+ 0xA,
+ 0xB,
+ 0xC,
+ 0xD,
+ 0xE,
+ 0xF,
+ 0x10,
+ 0x11,
+ 0x12,
+ 0x13,
+ 0x14,
+ 0x15,
+ 0x16,
+ 0x17,
+ 0x18,
+ 0x19,
+ 0x1A,
+ 0x1B,
+ 0x1C,
+ 0x1D,
+ 0x1E,
+ 0x1F,
+ 0x20,
+ 0x21,
+ 0x22,
+ 0x23,
+ 0x24,
+ 0x25,
+ 0x26,
+ 0x27,
+ 0x28,
+ 0x29,
+ 0x2A,
+ 0x2B,
+ 0x2C,
+ 0x2F,
+ 0x3B,
+ 0x3C,
+ 0x3D,
+ 0x3E,
+ 0x3F,
+ 0x40,
+ 0x5B,
+ 0x5C,
+ 0x5D,
+ 0x5E,
+ 0x5F,
+ 0x60,
+ 0x7B,
+ 0x7C,
+ 0x7D,
+ 0x7E,
+ 0x7F,
+ 0x3002
+ );
+
+ /**
+ * Codepints prohibited by Nameprep
+ * @static
+ * @var array
+ * @access private
+ */
+ private static $_np_prohibit = array(
+ 0xA0,
+ 0x1680,
+ 0x2000,
+ 0x2001,
+ 0x2002,
+ 0x2003,
+ 0x2004,
+ 0x2005,
+ 0x2006,
+ 0x2007,
+ 0x2008,
+ 0x2009,
+ 0x200A,
+ 0x200B,
+ 0x202F,
+ 0x205F,
+ 0x3000,
+ 0x6DD,
+ 0x70F,
+ 0x180E,
+ 0x200C,
+ 0x200D,
+ 0x2028,
+ 0x2029,
+ 0xFEFF,
+ 0xFFF9,
+ 0xFFFA,
+ 0xFFFB,
+ 0xFFFC,
+ 0xFFFE,
+ 0xFFFF,
+ 0x1FFFE,
+ 0x1FFFF,
+ 0x2FFFE,
+ 0x2FFFF,
+ 0x3FFFE,
+ 0x3FFFF,
+ 0x4FFFE,
+ 0x4FFFF,
+ 0x5FFFE,
+ 0x5FFFF,
+ 0x6FFFE,
+ 0x6FFFF,
+ 0x7FFFE,
+ 0x7FFFF,
+ 0x8FFFE,
+ 0x8FFFF,
+ 0x9FFFE,
+ 0x9FFFF,
+ 0xAFFFE,
+ 0xAFFFF,
+ 0xBFFFE,
+ 0xBFFFF,
+ 0xCFFFE,
+ 0xCFFFF,
+ 0xDFFFE,
+ 0xDFFFF,
+ 0xEFFFE,
+ 0xEFFFF,
+ 0xFFFFE,
+ 0xFFFFF,
+ 0x10FFFE,
+ 0x10FFFF,
+ 0xFFF9,
+ 0xFFFA,
+ 0xFFFB,
+ 0xFFFC,
+ 0xFFFD,
+ 0x340,
+ 0x341,
+ 0x200E,
+ 0x200F,
+ 0x202A,
+ 0x202B,
+ 0x202C,
+ 0x202D,
+ 0x202E,
+ 0x206A,
+ 0x206B,
+ 0x206C,
+ 0x206D,
+ 0x206E,
+ 0x206F,
+ 0xE0001
+ );
+
+ /**
+ * Codepoint ranges prohibited by nameprep
+ *
+ * @static
+ * @var array
+ * @access private
+ */
+ private static $_np_prohibit_ranges = array(
+ array(0x80, 0x9F ),
+ array(0x2060, 0x206F ),
+ array(0x1D173, 0x1D17A ),
+ array(0xE000, 0xF8FF ),
+ array(0xF0000, 0xFFFFD ),
+ array(0x100000, 0x10FFFD),
+ array(0xFDD0, 0xFDEF ),
+ array(0xD800, 0xDFFF ),
+ array(0x2FF0, 0x2FFB ),
+ array(0xE0020, 0xE007F )
+ );
+
+ /**
+ * Replacement mappings (casemapping, replacement sequences, ...)
+ *
+ * @static
+ * @var array
+ * @access private
+ */
+ private static $_np_replacemaps = array(
+ 0x41 => array(0x61),
+ 0x42 => array(0x62),
+ 0x43 => array(0x63),
+ 0x44 => array(0x64),
+ 0x45 => array(0x65),
+ 0x46 => array(0x66),
+ 0x47 => array(0x67),
+ 0x48 => array(0x68),
+ 0x49 => array(0x69),
+ 0x4A => array(0x6A),
+ 0x4B => array(0x6B),
+ 0x4C => array(0x6C),
+ 0x4D => array(0x6D),
+ 0x4E => array(0x6E),
+ 0x4F => array(0x6F),
+ 0x50 => array(0x70),
+ 0x51 => array(0x71),
+ 0x52 => array(0x72),
+ 0x53 => array(0x73),
+ 0x54 => array(0x74),
+ 0x55 => array(0x75),
+ 0x56 => array(0x76),
+ 0x57 => array(0x77),
+ 0x58 => array(0x78),
+ 0x59 => array(0x79),
+ 0x5A => array(0x7A),
+ 0xB5 => array(0x3BC),
+ 0xC0 => array(0xE0),
+ 0xC1 => array(0xE1),
+ 0xC2 => array(0xE2),
+ 0xC3 => array(0xE3),
+ 0xC4 => array(0xE4),
+ 0xC5 => array(0xE5),
+ 0xC6 => array(0xE6),
+ 0xC7 => array(0xE7),
+ 0xC8 => array(0xE8),
+ 0xC9 => array(0xE9),
+ 0xCA => array(0xEA),
+ 0xCB => array(0xEB),
+ 0xCC => array(0xEC),
+ 0xCD => array(0xED),
+ 0xCE => array(0xEE),
+ 0xCF => array(0xEF),
+ 0xD0 => array(0xF0),
+ 0xD1 => array(0xF1),
+ 0xD2 => array(0xF2),
+ 0xD3 => array(0xF3),
+ 0xD4 => array(0xF4),
+ 0xD5 => array(0xF5),
+ 0xD6 => array(0xF6),
+ 0xD8 => array(0xF8),
+ 0xD9 => array(0xF9),
+ 0xDA => array(0xFA),
+ 0xDB => array(0xFB),
+ 0xDC => array(0xFC),
+ 0xDD => array(0xFD),
+ 0xDE => array(0xFE),
+ 0xDF => array(0x73, 0x73),
+ 0x100 => array(0x101),
+ 0x102 => array(0x103),
+ 0x104 => array(0x105),
+ 0x106 => array(0x107),
+ 0x108 => array(0x109),
+ 0x10A => array(0x10B),
+ 0x10C => array(0x10D),
+ 0x10E => array(0x10F),
+ 0x110 => array(0x111),
+ 0x112 => array(0x113),
+ 0x114 => array(0x115),
+ 0x116 => array(0x117),
+ 0x118 => array(0x119),
+ 0x11A => array(0x11B),
+ 0x11C => array(0x11D),
+ 0x11E => array(0x11F),
+ 0x120 => array(0x121),
+ 0x122 => array(0x123),
+ 0x124 => array(0x125),
+ 0x126 => array(0x127),
+ 0x128 => array(0x129),
+ 0x12A => array(0x12B),
+ 0x12C => array(0x12D),
+ 0x12E => array(0x12F),
+ 0x130 => array(0x69, 0x307),
+ 0x132 => array(0x133),
+ 0x134 => array(0x135),
+ 0x136 => array(0x137),
+ 0x139 => array(0x13A),
+ 0x13B => array(0x13C),
+ 0x13D => array(0x13E),
+ 0x13F => array(0x140),
+ 0x141 => array(0x142),
+ 0x143 => array(0x144),
+ 0x145 => array(0x146),
+ 0x147 => array(0x148),
+ 0x149 => array(0x2BC, 0x6E),
+ 0x14A => array(0x14B),
+ 0x14C => array(0x14D),
+ 0x14E => array(0x14F),
+ 0x150 => array(0x151),
+ 0x152 => array(0x153),
+ 0x154 => array(0x155),
+ 0x156 => array(0x157),
+ 0x158 => array(0x159),
+ 0x15A => array(0x15B),
+ 0x15C => array(0x15D),
+ 0x15E => array(0x15F),
+ 0x160 => array(0x161),
+ 0x162 => array(0x163),
+ 0x164 => array(0x165),
+ 0x166 => array(0x167),
+ 0x168 => array(0x169),
+ 0x16A => array(0x16B),
+ 0x16C => array(0x16D),
+ 0x16E => array(0x16F),
+ 0x170 => array(0x171),
+ 0x172 => array(0x173),
+ 0x174 => array(0x175),
+ 0x176 => array(0x177),
+ 0x178 => array(0xFF),
+ 0x179 => array(0x17A),
+ 0x17B => array(0x17C),
+ 0x17D => array(0x17E),
+ 0x17F => array(0x73),
+ 0x181 => array(0x253),
+ 0x182 => array(0x183),
+ 0x184 => array(0x185),
+ 0x186 => array(0x254),
+ 0x187 => array(0x188),
+ 0x189 => array(0x256),
+ 0x18A => array(0x257),
+ 0x18B => array(0x18C),
+ 0x18E => array(0x1DD),
+ 0x18F => array(0x259),
+ 0x190 => array(0x25B),
+ 0x191 => array(0x192),
+ 0x193 => array(0x260),
+ 0x194 => array(0x263),
+ 0x196 => array(0x269),
+ 0x197 => array(0x268),
+ 0x198 => array(0x199),
+ 0x19C => array(0x26F),
+ 0x19D => array(0x272),
+ 0x19F => array(0x275),
+ 0x1A0 => array(0x1A1),
+ 0x1A2 => array(0x1A3),
+ 0x1A4 => array(0x1A5),
+ 0x1A6 => array(0x280),
+ 0x1A7 => array(0x1A8),
+ 0x1A9 => array(0x283),
+ 0x1AC => array(0x1AD),
+ 0x1AE => array(0x288),
+ 0x1AF => array(0x1B0),
+ 0x1B1 => array(0x28A),
+ 0x1B2 => array(0x28B),
+ 0x1B3 => array(0x1B4),
+ 0x1B5 => array(0x1B6),
+ 0x1B7 => array(0x292),
+ 0x1B8 => array(0x1B9),
+ 0x1BC => array(0x1BD),
+ 0x1C4 => array(0x1C6),
+ 0x1C5 => array(0x1C6),
+ 0x1C7 => array(0x1C9),
+ 0x1C8 => array(0x1C9),
+ 0x1CA => array(0x1CC),
+ 0x1CB => array(0x1CC),
+ 0x1CD => array(0x1CE),
+ 0x1CF => array(0x1D0),
+ 0x1D1 => array(0x1D2),
+ 0x1D3 => array(0x1D4),
+ 0x1D5 => array(0x1D6),
+ 0x1D7 => array(0x1D8),
+ 0x1D9 => array(0x1DA),
+ 0x1DB => array(0x1DC),
+ 0x1DE => array(0x1DF),
+ 0x1E0 => array(0x1E1),
+ 0x1E2 => array(0x1E3),
+ 0x1E4 => array(0x1E5),
+ 0x1E6 => array(0x1E7),
+ 0x1E8 => array(0x1E9),
+ 0x1EA => array(0x1EB),
+ 0x1EC => array(0x1ED),
+ 0x1EE => array(0x1EF),
+ 0x1F0 => array(0x6A, 0x30C),
+ 0x1F1 => array(0x1F3),
+ 0x1F2 => array(0x1F3),
+ 0x1F4 => array(0x1F5),
+ 0x1F6 => array(0x195),
+ 0x1F7 => array(0x1BF),
+ 0x1F8 => array(0x1F9),
+ 0x1FA => array(0x1FB),
+ 0x1FC => array(0x1FD),
+ 0x1FE => array(0x1FF),
+ 0x200 => array(0x201),
+ 0x202 => array(0x203),
+ 0x204 => array(0x205),
+ 0x206 => array(0x207),
+ 0x208 => array(0x209),
+ 0x20A => array(0x20B),
+ 0x20C => array(0x20D),
+ 0x20E => array(0x20F),
+ 0x210 => array(0x211),
+ 0x212 => array(0x213),
+ 0x214 => array(0x215),
+ 0x216 => array(0x217),
+ 0x218 => array(0x219),
+ 0x21A => array(0x21B),
+ 0x21C => array(0x21D),
+ 0x21E => array(0x21F),
+ 0x220 => array(0x19E),
+ 0x222 => array(0x223),
+ 0x224 => array(0x225),
+ 0x226 => array(0x227),
+ 0x228 => array(0x229),
+ 0x22A => array(0x22B),
+ 0x22C => array(0x22D),
+ 0x22E => array(0x22F),
+ 0x230 => array(0x231),
+ 0x232 => array(0x233),
+ 0x345 => array(0x3B9),
+ 0x37A => array(0x20, 0x3B9),
+ 0x386 => array(0x3AC),
+ 0x388 => array(0x3AD),
+ 0x389 => array(0x3AE),
+ 0x38A => array(0x3AF),
+ 0x38C => array(0x3CC),
+ 0x38E => array(0x3CD),
+ 0x38F => array(0x3CE),
+ 0x390 => array(0x3B9, 0x308, 0x301),
+ 0x391 => array(0x3B1),
+ 0x392 => array(0x3B2),
+ 0x393 => array(0x3B3),
+ 0x394 => array(0x3B4),
+ 0x395 => array(0x3B5),
+ 0x396 => array(0x3B6),
+ 0x397 => array(0x3B7),
+ 0x398 => array(0x3B8),
+ 0x399 => array(0x3B9),
+ 0x39A => array(0x3BA),
+ 0x39B => array(0x3BB),
+ 0x39C => array(0x3BC),
+ 0x39D => array(0x3BD),
+ 0x39E => array(0x3BE),
+ 0x39F => array(0x3BF),
+ 0x3A0 => array(0x3C0),
+ 0x3A1 => array(0x3C1),
+ 0x3A3 => array(0x3C3),
+ 0x3A4 => array(0x3C4),
+ 0x3A5 => array(0x3C5),
+ 0x3A6 => array(0x3C6),
+ 0x3A7 => array(0x3C7),
+ 0x3A8 => array(0x3C8),
+ 0x3A9 => array(0x3C9),
+ 0x3AA => array(0x3CA),
+ 0x3AB => array(0x3CB),
+ 0x3B0 => array(0x3C5, 0x308, 0x301),
+ 0x3C2 => array(0x3C3),
+ 0x3D0 => array(0x3B2),
+ 0x3D1 => array(0x3B8),
+ 0x3D2 => array(0x3C5),
+ 0x3D3 => array(0x3CD),
+ 0x3D4 => array(0x3CB),
+ 0x3D5 => array(0x3C6),
+ 0x3D6 => array(0x3C0),
+ 0x3D8 => array(0x3D9),
+ 0x3DA => array(0x3DB),
+ 0x3DC => array(0x3DD),
+ 0x3DE => array(0x3DF),
+ 0x3E0 => array(0x3E1),
+ 0x3E2 => array(0x3E3),
+ 0x3E4 => array(0x3E5),
+ 0x3E6 => array(0x3E7),
+ 0x3E8 => array(0x3E9),
+ 0x3EA => array(0x3EB),
+ 0x3EC => array(0x3ED),
+ 0x3EE => array(0x3EF),
+ 0x3F0 => array(0x3BA),
+ 0x3F1 => array(0x3C1),
+ 0x3F2 => array(0x3C3),
+ 0x3F4 => array(0x3B8),
+ 0x3F5 => array(0x3B5),
+ 0x400 => array(0x450),
+ 0x401 => array(0x451),
+ 0x402 => array(0x452),
+ 0x403 => array(0x453),
+ 0x404 => array(0x454),
+ 0x405 => array(0x455),
+ 0x406 => array(0x456),
+ 0x407 => array(0x457),
+ 0x408 => array(0x458),
+ 0x409 => array(0x459),
+ 0x40A => array(0x45A),
+ 0x40B => array(0x45B),
+ 0x40C => array(0x45C),
+ 0x40D => array(0x45D),
+ 0x40E => array(0x45E),
+ 0x40F => array(0x45F),
+ 0x410 => array(0x430),
+ 0x411 => array(0x431),
+ 0x412 => array(0x432),
+ 0x413 => array(0x433),
+ 0x414 => array(0x434),
+ 0x415 => array(0x435),
+ 0x416 => array(0x436),
+ 0x417 => array(0x437),
+ 0x418 => array(0x438),
+ 0x419 => array(0x439),
+ 0x41A => array(0x43A),
+ 0x41B => array(0x43B),
+ 0x41C => array(0x43C),
+ 0x41D => array(0x43D),
+ 0x41E => array(0x43E),
+ 0x41F => array(0x43F),
+ 0x420 => array(0x440),
+ 0x421 => array(0x441),
+ 0x422 => array(0x442),
+ 0x423 => array(0x443),
+ 0x424 => array(0x444),
+ 0x425 => array(0x445),
+ 0x426 => array(0x446),
+ 0x427 => array(0x447),
+ 0x428 => array(0x448),
+ 0x429 => array(0x449),
+ 0x42A => array(0x44A),
+ 0x42B => array(0x44B),
+ 0x42C => array(0x44C),
+ 0x42D => array(0x44D),
+ 0x42E => array(0x44E),
+ 0x42F => array(0x44F),
+ 0x460 => array(0x461),
+ 0x462 => array(0x463),
+ 0x464 => array(0x465),
+ 0x466 => array(0x467),
+ 0x468 => array(0x469),
+ 0x46A => array(0x46B),
+ 0x46C => array(0x46D),
+ 0x46E => array(0x46F),
+ 0x470 => array(0x471),
+ 0x472 => array(0x473),
+ 0x474 => array(0x475),
+ 0x476 => array(0x477),
+ 0x478 => array(0x479),
+ 0x47A => array(0x47B),
+ 0x47C => array(0x47D),
+ 0x47E => array(0x47F),
+ 0x480 => array(0x481),
+ 0x48A => array(0x48B),
+ 0x48C => array(0x48D),
+ 0x48E => array(0x48F),
+ 0x490 => array(0x491),
+ 0x492 => array(0x493),
+ 0x494 => array(0x495),
+ 0x496 => array(0x497),
+ 0x498 => array(0x499),
+ 0x49A => array(0x49B),
+ 0x49C => array(0x49D),
+ 0x49E => array(0x49F),
+ 0x4A0 => array(0x4A1),
+ 0x4A2 => array(0x4A3),
+ 0x4A4 => array(0x4A5),
+ 0x4A6 => array(0x4A7),
+ 0x4A8 => array(0x4A9),
+ 0x4AA => array(0x4AB),
+ 0x4AC => array(0x4AD),
+ 0x4AE => array(0x4AF),
+ 0x4B0 => array(0x4B1),
+ 0x4B2 => array(0x4B3),
+ 0x4B4 => array(0x4B5),
+ 0x4B6 => array(0x4B7),
+ 0x4B8 => array(0x4B9),
+ 0x4BA => array(0x4BB),
+ 0x4BC => array(0x4BD),
+ 0x4BE => array(0x4BF),
+ 0x4C1 => array(0x4C2),
+ 0x4C3 => array(0x4C4),
+ 0x4C5 => array(0x4C6),
+ 0x4C7 => array(0x4C8),
+ 0x4C9 => array(0x4CA),
+ 0x4CB => array(0x4CC),
+ 0x4CD => array(0x4CE),
+ 0x4D0 => array(0x4D1),
+ 0x4D2 => array(0x4D3),
+ 0x4D4 => array(0x4D5),
+ 0x4D6 => array(0x4D7),
+ 0x4D8 => array(0x4D9),
+ 0x4DA => array(0x4DB),
+ 0x4DC => array(0x4DD),
+ 0x4DE => array(0x4DF),
+ 0x4E0 => array(0x4E1),
+ 0x4E2 => array(0x4E3),
+ 0x4E4 => array(0x4E5),
+ 0x4E6 => array(0x4E7),
+ 0x4E8 => array(0x4E9),
+ 0x4EA => array(0x4EB),
+ 0x4EC => array(0x4ED),
+ 0x4EE => array(0x4EF),
+ 0x4F0 => array(0x4F1),
+ 0x4F2 => array(0x4F3),
+ 0x4F4 => array(0x4F5),
+ 0x4F8 => array(0x4F9),
+ 0x500 => array(0x501),
+ 0x502 => array(0x503),
+ 0x504 => array(0x505),
+ 0x506 => array(0x507),
+ 0x508 => array(0x509),
+ 0x50A => array(0x50B),
+ 0x50C => array(0x50D),
+ 0x50E => array(0x50F),
+ 0x531 => array(0x561),
+ 0x532 => array(0x562),
+ 0x533 => array(0x563),
+ 0x534 => array(0x564),
+ 0x535 => array(0x565),
+ 0x536 => array(0x566),
+ 0x537 => array(0x567),
+ 0x538 => array(0x568),
+ 0x539 => array(0x569),
+ 0x53A => array(0x56A),
+ 0x53B => array(0x56B),
+ 0x53C => array(0x56C),
+ 0x53D => array(0x56D),
+ 0x53E => array(0x56E),
+ 0x53F => array(0x56F),
+ 0x540 => array(0x570),
+ 0x541 => array(0x571),
+ 0x542 => array(0x572),
+ 0x543 => array(0x573),
+ 0x544 => array(0x574),
+ 0x545 => array(0x575),
+ 0x546 => array(0x576),
+ 0x547 => array(0x577),
+ 0x548 => array(0x578),
+ 0x549 => array(0x579),
+ 0x54A => array(0x57A),
+ 0x54B => array(0x57B),
+ 0x54C => array(0x57C),
+ 0x54D => array(0x57D),
+ 0x54E => array(0x57E),
+ 0x54F => array(0x57F),
+ 0x550 => array(0x580),
+ 0x551 => array(0x581),
+ 0x552 => array(0x582),
+ 0x553 => array(0x583),
+ 0x554 => array(0x584),
+ 0x555 => array(0x585),
+ 0x556 => array(0x586),
+ 0x587 => array(0x565, 0x582),
+ 0x1E00 => array(0x1E01),
+ 0x1E02 => array(0x1E03),
+ 0x1E04 => array(0x1E05),
+ 0x1E06 => array(0x1E07),
+ 0x1E08 => array(0x1E09),
+ 0x1E0A => array(0x1E0B),
+ 0x1E0C => array(0x1E0D),
+ 0x1E0E => array(0x1E0F),
+ 0x1E10 => array(0x1E11),
+ 0x1E12 => array(0x1E13),
+ 0x1E14 => array(0x1E15),
+ 0x1E16 => array(0x1E17),
+ 0x1E18 => array(0x1E19),
+ 0x1E1A => array(0x1E1B),
+ 0x1E1C => array(0x1E1D),
+ 0x1E1E => array(0x1E1F),
+ 0x1E20 => array(0x1E21),
+ 0x1E22 => array(0x1E23),
+ 0x1E24 => array(0x1E25),
+ 0x1E26 => array(0x1E27),
+ 0x1E28 => array(0x1E29),
+ 0x1E2A => array(0x1E2B),
+ 0x1E2C => array(0x1E2D),
+ 0x1E2E => array(0x1E2F),
+ 0x1E30 => array(0x1E31),
+ 0x1E32 => array(0x1E33),
+ 0x1E34 => array(0x1E35),
+ 0x1E36 => array(0x1E37),
+ 0x1E38 => array(0x1E39),
+ 0x1E3A => array(0x1E3B),
+ 0x1E3C => array(0x1E3D),
+ 0x1E3E => array(0x1E3F),
+ 0x1E40 => array(0x1E41),
+ 0x1E42 => array(0x1E43),
+ 0x1E44 => array(0x1E45),
+ 0x1E46 => array(0x1E47),
+ 0x1E48 => array(0x1E49),
+ 0x1E4A => array(0x1E4B),
+ 0x1E4C => array(0x1E4D),
+ 0x1E4E => array(0x1E4F),
+ 0x1E50 => array(0x1E51),
+ 0x1E52 => array(0x1E53),
+ 0x1E54 => array(0x1E55),
+ 0x1E56 => array(0x1E57),
+ 0x1E58 => array(0x1E59),
+ 0x1E5A => array(0x1E5B),
+ 0x1E5C => array(0x1E5D),
+ 0x1E5E => array(0x1E5F),
+ 0x1E60 => array(0x1E61),
+ 0x1E62 => array(0x1E63),
+ 0x1E64 => array(0x1E65),
+ 0x1E66 => array(0x1E67),
+ 0x1E68 => array(0x1E69),
+ 0x1E6A => array(0x1E6B),
+ 0x1E6C => array(0x1E6D),
+ 0x1E6E => array(0x1E6F),
+ 0x1E70 => array(0x1E71),
+ 0x1E72 => array(0x1E73),
+ 0x1E74 => array(0x1E75),
+ 0x1E76 => array(0x1E77),
+ 0x1E78 => array(0x1E79),
+ 0x1E7A => array(0x1E7B),
+ 0x1E7C => array(0x1E7D),
+ 0x1E7E => array(0x1E7F),
+ 0x1E80 => array(0x1E81),
+ 0x1E82 => array(0x1E83),
+ 0x1E84 => array(0x1E85),
+ 0x1E86 => array(0x1E87),
+ 0x1E88 => array(0x1E89),
+ 0x1E8A => array(0x1E8B),
+ 0x1E8C => array(0x1E8D),
+ 0x1E8E => array(0x1E8F),
+ 0x1E90 => array(0x1E91),
+ 0x1E92 => array(0x1E93),
+ 0x1E94 => array(0x1E95),
+ 0x1E96 => array(0x68, 0x331),
+ 0x1E97 => array(0x74, 0x308),
+ 0x1E98 => array(0x77, 0x30A),
+ 0x1E99 => array(0x79, 0x30A),
+ 0x1E9A => array(0x61, 0x2BE),
+ 0x1E9B => array(0x1E61),
+ 0x1EA0 => array(0x1EA1),
+ 0x1EA2 => array(0x1EA3),
+ 0x1EA4 => array(0x1EA5),
+ 0x1EA6 => array(0x1EA7),
+ 0x1EA8 => array(0x1EA9),
+ 0x1EAA => array(0x1EAB),
+ 0x1EAC => array(0x1EAD),
+ 0x1EAE => array(0x1EAF),
+ 0x1EB0 => array(0x1EB1),
+ 0x1EB2 => array(0x1EB3),
+ 0x1EB4 => array(0x1EB5),
+ 0x1EB6 => array(0x1EB7),
+ 0x1EB8 => array(0x1EB9),
+ 0x1EBA => array(0x1EBB),
+ 0x1EBC => array(0x1EBD),
+ 0x1EBE => array(0x1EBF),
+ 0x1EC0 => array(0x1EC1),
+ 0x1EC2 => array(0x1EC3),
+ 0x1EC4 => array(0x1EC5),
+ 0x1EC6 => array(0x1EC7),
+ 0x1EC8 => array(0x1EC9),
+ 0x1ECA => array(0x1ECB),
+ 0x1ECC => array(0x1ECD),
+ 0x1ECE => array(0x1ECF),
+ 0x1ED0 => array(0x1ED1),
+ 0x1ED2 => array(0x1ED3),
+ 0x1ED4 => array(0x1ED5),
+ 0x1ED6 => array(0x1ED7),
+ 0x1ED8 => array(0x1ED9),
+ 0x1EDA => array(0x1EDB),
+ 0x1EDC => array(0x1EDD),
+ 0x1EDE => array(0x1EDF),
+ 0x1EE0 => array(0x1EE1),
+ 0x1EE2 => array(0x1EE3),
+ 0x1EE4 => array(0x1EE5),
+ 0x1EE6 => array(0x1EE7),
+ 0x1EE8 => array(0x1EE9),
+ 0x1EEA => array(0x1EEB),
+ 0x1EEC => array(0x1EED),
+ 0x1EEE => array(0x1EEF),
+ 0x1EF0 => array(0x1EF1),
+ 0x1EF2 => array(0x1EF3),
+ 0x1EF4 => array(0x1EF5),
+ 0x1EF6 => array(0x1EF7),
+ 0x1EF8 => array(0x1EF9),
+ 0x1F08 => array(0x1F00),
+ 0x1F09 => array(0x1F01),
+ 0x1F0A => array(0x1F02),
+ 0x1F0B => array(0x1F03),
+ 0x1F0C => array(0x1F04),
+ 0x1F0D => array(0x1F05),
+ 0x1F0E => array(0x1F06),
+ 0x1F0F => array(0x1F07),
+ 0x1F18 => array(0x1F10),
+ 0x1F19 => array(0x1F11),
+ 0x1F1A => array(0x1F12),
+ 0x1F1B => array(0x1F13),
+ 0x1F1C => array(0x1F14),
+ 0x1F1D => array(0x1F15),
+ 0x1F28 => array(0x1F20),
+ 0x1F29 => array(0x1F21),
+ 0x1F2A => array(0x1F22),
+ 0x1F2B => array(0x1F23),
+ 0x1F2C => array(0x1F24),
+ 0x1F2D => array(0x1F25),
+ 0x1F2E => array(0x1F26),
+ 0x1F2F => array(0x1F27),
+ 0x1F38 => array(0x1F30),
+ 0x1F39 => array(0x1F31),
+ 0x1F3A => array(0x1F32),
+ 0x1F3B => array(0x1F33),
+ 0x1F3C => array(0x1F34),
+ 0x1F3D => array(0x1F35),
+ 0x1F3E => array(0x1F36),
+ 0x1F3F => array(0x1F37),
+ 0x1F48 => array(0x1F40),
+ 0x1F49 => array(0x1F41),
+ 0x1F4A => array(0x1F42),
+ 0x1F4B => array(0x1F43),
+ 0x1F4C => array(0x1F44),
+ 0x1F4D => array(0x1F45),
+ 0x1F50 => array(0x3C5, 0x313),
+ 0x1F52 => array(0x3C5, 0x313, 0x300),
+ 0x1F54 => array(0x3C5, 0x313, 0x301),
+ 0x1F56 => array(0x3C5, 0x313, 0x342),
+ 0x1F59 => array(0x1F51),
+ 0x1F5B => array(0x1F53),
+ 0x1F5D => array(0x1F55),
+ 0x1F5F => array(0x1F57),
+ 0x1F68 => array(0x1F60),
+ 0x1F69 => array(0x1F61),
+ 0x1F6A => array(0x1F62),
+ 0x1F6B => array(0x1F63),
+ 0x1F6C => array(0x1F64),
+ 0x1F6D => array(0x1F65),
+ 0x1F6E => array(0x1F66),
+ 0x1F6F => array(0x1F67),
+ 0x1F80 => array(0x1F00, 0x3B9),
+ 0x1F81 => array(0x1F01, 0x3B9),
+ 0x1F82 => array(0x1F02, 0x3B9),
+ 0x1F83 => array(0x1F03, 0x3B9),
+ 0x1F84 => array(0x1F04, 0x3B9),
+ 0x1F85 => array(0x1F05, 0x3B9),
+ 0x1F86 => array(0x1F06, 0x3B9),
+ 0x1F87 => array(0x1F07, 0x3B9),
+ 0x1F88 => array(0x1F00, 0x3B9),
+ 0x1F89 => array(0x1F01, 0x3B9),
+ 0x1F8A => array(0x1F02, 0x3B9),
+ 0x1F8B => array(0x1F03, 0x3B9),
+ 0x1F8C => array(0x1F04, 0x3B9),
+ 0x1F8D => array(0x1F05, 0x3B9),
+ 0x1F8E => array(0x1F06, 0x3B9),
+ 0x1F8F => array(0x1F07, 0x3B9),
+ 0x1F90 => array(0x1F20, 0x3B9),
+ 0x1F91 => array(0x1F21, 0x3B9),
+ 0x1F92 => array(0x1F22, 0x3B9),
+ 0x1F93 => array(0x1F23, 0x3B9),
+ 0x1F94 => array(0x1F24, 0x3B9),
+ 0x1F95 => array(0x1F25, 0x3B9),
+ 0x1F96 => array(0x1F26, 0x3B9),
+ 0x1F97 => array(0x1F27, 0x3B9),
+ 0x1F98 => array(0x1F20, 0x3B9),
+ 0x1F99 => array(0x1F21, 0x3B9),
+ 0x1F9A => array(0x1F22, 0x3B9),
+ 0x1F9B => array(0x1F23, 0x3B9),
+ 0x1F9C => array(0x1F24, 0x3B9),
+ 0x1F9D => array(0x1F25, 0x3B9),
+ 0x1F9E => array(0x1F26, 0x3B9),
+ 0x1F9F => array(0x1F27, 0x3B9),
+ 0x1FA0 => array(0x1F60, 0x3B9),
+ 0x1FA1 => array(0x1F61, 0x3B9),
+ 0x1FA2 => array(0x1F62, 0x3B9),
+ 0x1FA3 => array(0x1F63, 0x3B9),
+ 0x1FA4 => array(0x1F64, 0x3B9),
+ 0x1FA5 => array(0x1F65, 0x3B9),
+ 0x1FA6 => array(0x1F66, 0x3B9),
+ 0x1FA7 => array(0x1F67, 0x3B9),
+ 0x1FA8 => array(0x1F60, 0x3B9),
+ 0x1FA9 => array(0x1F61, 0x3B9),
+ 0x1FAA => array(0x1F62, 0x3B9),
+ 0x1FAB => array(0x1F63, 0x3B9),
+ 0x1FAC => array(0x1F64, 0x3B9),
+ 0x1FAD => array(0x1F65, 0x3B9),
+ 0x1FAE => array(0x1F66, 0x3B9),
+ 0x1FAF => array(0x1F67, 0x3B9),
+ 0x1FB2 => array(0x1F70, 0x3B9),
+ 0x1FB3 => array(0x3B1, 0x3B9),
+ 0x1FB4 => array(0x3AC, 0x3B9),
+ 0x1FB6 => array(0x3B1, 0x342),
+ 0x1FB7 => array(0x3B1, 0x342, 0x3B9),
+ 0x1FB8 => array(0x1FB0),
+ 0x1FB9 => array(0x1FB1),
+ 0x1FBA => array(0x1F70),
+ 0x1FBB => array(0x1F71),
+ 0x1FBC => array(0x3B1, 0x3B9),
+ 0x1FBE => array(0x3B9),
+ 0x1FC2 => array(0x1F74, 0x3B9),
+ 0x1FC3 => array(0x3B7, 0x3B9),
+ 0x1FC4 => array(0x3AE, 0x3B9),
+ 0x1FC6 => array(0x3B7, 0x342),
+ 0x1FC7 => array(0x3B7, 0x342, 0x3B9),
+ 0x1FC8 => array(0x1F72),
+ 0x1FC9 => array(0x1F73),
+ 0x1FCA => array(0x1F74),
+ 0x1FCB => array(0x1F75),
+ 0x1FCC => array(0x3B7, 0x3B9),
+ 0x1FD2 => array(0x3B9, 0x308, 0x300),
+ 0x1FD3 => array(0x3B9, 0x308, 0x301),
+ 0x1FD6 => array(0x3B9, 0x342),
+ 0x1FD7 => array(0x3B9, 0x308, 0x342),
+ 0x1FD8 => array(0x1FD0),
+ 0x1FD9 => array(0x1FD1),
+ 0x1FDA => array(0x1F76),
+ 0x1FDB => array(0x1F77),
+ 0x1FE2 => array(0x3C5, 0x308, 0x300),
+ 0x1FE3 => array(0x3C5, 0x308, 0x301),
+ 0x1FE4 => array(0x3C1, 0x313),
+ 0x1FE6 => array(0x3C5, 0x342),
+ 0x1FE7 => array(0x3C5, 0x308, 0x342),
+ 0x1FE8 => array(0x1FE0),
+ 0x1FE9 => array(0x1FE1),
+ 0x1FEA => array(0x1F7A),
+ 0x1FEB => array(0x1F7B),
+ 0x1FEC => array(0x1FE5),
+ 0x1FF2 => array(0x1F7C, 0x3B9),
+ 0x1FF3 => array(0x3C9, 0x3B9),
+ 0x1FF4 => array(0x3CE, 0x3B9),
+ 0x1FF6 => array(0x3C9, 0x342),
+ 0x1FF7 => array(0x3C9, 0x342, 0x3B9),
+ 0x1FF8 => array(0x1F78),
+ 0x1FF9 => array(0x1F79),
+ 0x1FFA => array(0x1F7C),
+ 0x1FFB => array(0x1F7D),
+ 0x1FFC => array(0x3C9, 0x3B9),
+ 0x20A8 => array(0x72, 0x73),
+ 0x2102 => array(0x63),
+ 0x2103 => array(0xB0, 0x63),
+ 0x2107 => array(0x25B),
+ 0x2109 => array(0xB0, 0x66),
+ 0x210B => array(0x68),
+ 0x210C => array(0x68),
+ 0x210D => array(0x68),
+ 0x2110 => array(0x69),
+ 0x2111 => array(0x69),
+ 0x2112 => array(0x6C),
+ 0x2115 => array(0x6E),
+ 0x2116 => array(0x6E, 0x6F),
+ 0x2119 => array(0x70),
+ 0x211A => array(0x71),
+ 0x211B => array(0x72),
+ 0x211C => array(0x72),
+ 0x211D => array(0x72),
+ 0x2120 => array(0x73, 0x6D),
+ 0x2121 => array(0x74, 0x65, 0x6C),
+ 0x2122 => array(0x74, 0x6D),
+ 0x2124 => array(0x7A),
+ 0x2126 => array(0x3C9),
+ 0x2128 => array(0x7A),
+ 0x212A => array(0x6B),
+ 0x212B => array(0xE5),
+ 0x212C => array(0x62),
+ 0x212D => array(0x63),
+ 0x2130 => array(0x65),
+ 0x2131 => array(0x66),
+ 0x2133 => array(0x6D),
+ 0x213E => array(0x3B3),
+ 0x213F => array(0x3C0),
+ 0x2145 => array(0x64),
+ 0x2160 => array(0x2170),
+ 0x2161 => array(0x2171),
+ 0x2162 => array(0x2172),
+ 0x2163 => array(0x2173),
+ 0x2164 => array(0x2174),
+ 0x2165 => array(0x2175),
+ 0x2166 => array(0x2176),
+ 0x2167 => array(0x2177),
+ 0x2168 => array(0x2178),
+ 0x2169 => array(0x2179),
+ 0x216A => array(0x217A),
+ 0x216B => array(0x217B),
+ 0x216C => array(0x217C),
+ 0x216D => array(0x217D),
+ 0x216E => array(0x217E),
+ 0x216F => array(0x217F),
+ 0x24B6 => array(0x24D0),
+ 0x24B7 => array(0x24D1),
+ 0x24B8 => array(0x24D2),
+ 0x24B9 => array(0x24D3),
+ 0x24BA => array(0x24D4),
+ 0x24BB => array(0x24D5),
+ 0x24BC => array(0x24D6),
+ 0x24BD => array(0x24D7),
+ 0x24BE => array(0x24D8),
+ 0x24BF => array(0x24D9),
+ 0x24C0 => array(0x24DA),
+ 0x24C1 => array(0x24DB),
+ 0x24C2 => array(0x24DC),
+ 0x24C3 => array(0x24DD),
+ 0x24C4 => array(0x24DE),
+ 0x24C5 => array(0x24DF),
+ 0x24C6 => array(0x24E0),
+ 0x24C7 => array(0x24E1),
+ 0x24C8 => array(0x24E2),
+ 0x24C9 => array(0x24E3),
+ 0x24CA => array(0x24E4),
+ 0x24CB => array(0x24E5),
+ 0x24CC => array(0x24E6),
+ 0x24CD => array(0x24E7),
+ 0x24CE => array(0x24E8),
+ 0x24CF => array(0x24E9),
+ 0x3371 => array(0x68, 0x70, 0x61),
+ 0x3373 => array(0x61, 0x75),
+ 0x3375 => array(0x6F, 0x76),
+ 0x3380 => array(0x70, 0x61),
+ 0x3381 => array(0x6E, 0x61),
+ 0x3382 => array(0x3BC, 0x61),
+ 0x3383 => array(0x6D, 0x61),
+ 0x3384 => array(0x6B, 0x61),
+ 0x3385 => array(0x6B, 0x62),
+ 0x3386 => array(0x6D, 0x62),
+ 0x3387 => array(0x67, 0x62),
+ 0x338A => array(0x70, 0x66),
+ 0x338B => array(0x6E, 0x66),
+ 0x338C => array(0x3BC, 0x66),
+ 0x3390 => array(0x68, 0x7A),
+ 0x3391 => array(0x6B, 0x68, 0x7A),
+ 0x3392 => array(0x6D, 0x68, 0x7A),
+ 0x3393 => array(0x67, 0x68, 0x7A),
+ 0x3394 => array(0x74, 0x68, 0x7A),
+ 0x33A9 => array(0x70, 0x61),
+ 0x33AA => array(0x6B, 0x70, 0x61),
+ 0x33AB => array(0x6D, 0x70, 0x61),
+ 0x33AC => array(0x67, 0x70, 0x61),
+ 0x33B4 => array(0x70, 0x76),
+ 0x33B5 => array(0x6E, 0x76),
+ 0x33B6 => array(0x3BC, 0x76),
+ 0x33B7 => array(0x6D, 0x76),
+ 0x33B8 => array(0x6B, 0x76),
+ 0x33B9 => array(0x6D, 0x76),
+ 0x33BA => array(0x70, 0x77),
+ 0x33BB => array(0x6E, 0x77),
+ 0x33BC => array(0x3BC, 0x77),
+ 0x33BD => array(0x6D, 0x77),
+ 0x33BE => array(0x6B, 0x77),
+ 0x33BF => array(0x6D, 0x77),
+ 0x33C0 => array(0x6B, 0x3C9),
+ 0x33C1 => array(0x6D, 0x3C9), /*
+ 0x33C2 => array(0x61, 0x2E, 0x6D, 0x2E), */
+ 0x33C3 => array(0x62, 0x71),
+ 0x33C6 => array(0x63, 0x2215, 0x6B, 0x67),
+ 0x33C7 => array(0x63, 0x6F, 0x2E),
+ 0x33C8 => array(0x64, 0x62),
+ 0x33C9 => array(0x67, 0x79),
+ 0x33CB => array(0x68, 0x70),
+ 0x33CD => array(0x6B, 0x6B),
+ 0x33CE => array(0x6B, 0x6D),
+ 0x33D7 => array(0x70, 0x68),
+ 0x33D9 => array(0x70, 0x70, 0x6D),
+ 0x33DA => array(0x70, 0x72),
+ 0x33DC => array(0x73, 0x76),
+ 0x33DD => array(0x77, 0x62),
+ 0xFB00 => array(0x66, 0x66),
+ 0xFB01 => array(0x66, 0x69),
+ 0xFB02 => array(0x66, 0x6C),
+ 0xFB03 => array(0x66, 0x66, 0x69),
+ 0xFB04 => array(0x66, 0x66, 0x6C),
+ 0xFB05 => array(0x73, 0x74),
+ 0xFB06 => array(0x73, 0x74),
+ 0xFB13 => array(0x574, 0x576),
+ 0xFB14 => array(0x574, 0x565),
+ 0xFB15 => array(0x574, 0x56B),
+ 0xFB16 => array(0x57E, 0x576),
+ 0xFB17 => array(0x574, 0x56D),
+ 0xFF21 => array(0xFF41),
+ 0xFF22 => array(0xFF42),
+ 0xFF23 => array(0xFF43),
+ 0xFF24 => array(0xFF44),
+ 0xFF25 => array(0xFF45),
+ 0xFF26 => array(0xFF46),
+ 0xFF27 => array(0xFF47),
+ 0xFF28 => array(0xFF48),
+ 0xFF29 => array(0xFF49),
+ 0xFF2A => array(0xFF4A),
+ 0xFF2B => array(0xFF4B),
+ 0xFF2C => array(0xFF4C),
+ 0xFF2D => array(0xFF4D),
+ 0xFF2E => array(0xFF4E),
+ 0xFF2F => array(0xFF4F),
+ 0xFF30 => array(0xFF50),
+ 0xFF31 => array(0xFF51),
+ 0xFF32 => array(0xFF52),
+ 0xFF33 => array(0xFF53),
+ 0xFF34 => array(0xFF54),
+ 0xFF35 => array(0xFF55),
+ 0xFF36 => array(0xFF56),
+ 0xFF37 => array(0xFF57),
+ 0xFF38 => array(0xFF58),
+ 0xFF39 => array(0xFF59),
+ 0xFF3A => array(0xFF5A),
+ 0x10400 => array(0x10428),
+ 0x10401 => array(0x10429),
+ 0x10402 => array(0x1042A),
+ 0x10403 => array(0x1042B),
+ 0x10404 => array(0x1042C),
+ 0x10405 => array(0x1042D),
+ 0x10406 => array(0x1042E),
+ 0x10407 => array(0x1042F),
+ 0x10408 => array(0x10430),
+ 0x10409 => array(0x10431),
+ 0x1040A => array(0x10432),
+ 0x1040B => array(0x10433),
+ 0x1040C => array(0x10434),
+ 0x1040D => array(0x10435),
+ 0x1040E => array(0x10436),
+ 0x1040F => array(0x10437),
+ 0x10410 => array(0x10438),
+ 0x10411 => array(0x10439),
+ 0x10412 => array(0x1043A),
+ 0x10413 => array(0x1043B),
+ 0x10414 => array(0x1043C),
+ 0x10415 => array(0x1043D),
+ 0x10416 => array(0x1043E),
+ 0x10417 => array(0x1043F),
+ 0x10418 => array(0x10440),
+ 0x10419 => array(0x10441),
+ 0x1041A => array(0x10442),
+ 0x1041B => array(0x10443),
+ 0x1041C => array(0x10444),
+ 0x1041D => array(0x10445),
+ 0x1041E => array(0x10446),
+ 0x1041F => array(0x10447),
+ 0x10420 => array(0x10448),
+ 0x10421 => array(0x10449),
+ 0x10422 => array(0x1044A),
+ 0x10423 => array(0x1044B),
+ 0x10424 => array(0x1044C),
+ 0x10425 => array(0x1044D),
+ 0x1D400 => array(0x61),
+ 0x1D401 => array(0x62),
+ 0x1D402 => array(0x63),
+ 0x1D403 => array(0x64),
+ 0x1D404 => array(0x65),
+ 0x1D405 => array(0x66),
+ 0x1D406 => array(0x67),
+ 0x1D407 => array(0x68),
+ 0x1D408 => array(0x69),
+ 0x1D409 => array(0x6A),
+ 0x1D40A => array(0x6B),
+ 0x1D40B => array(0x6C),
+ 0x1D40C => array(0x6D),
+ 0x1D40D => array(0x6E),
+ 0x1D40E => array(0x6F),
+ 0x1D40F => array(0x70),
+ 0x1D410 => array(0x71),
+ 0x1D411 => array(0x72),
+ 0x1D412 => array(0x73),
+ 0x1D413 => array(0x74),
+ 0x1D414 => array(0x75),
+ 0x1D415 => array(0x76),
+ 0x1D416 => array(0x77),
+ 0x1D417 => array(0x78),
+ 0x1D418 => array(0x79),
+ 0x1D419 => array(0x7A),
+ 0x1D434 => array(0x61),
+ 0x1D435 => array(0x62),
+ 0x1D436 => array(0x63),
+ 0x1D437 => array(0x64),
+ 0x1D438 => array(0x65),
+ 0x1D439 => array(0x66),
+ 0x1D43A => array(0x67),
+ 0x1D43B => array(0x68),
+ 0x1D43C => array(0x69),
+ 0x1D43D => array(0x6A),
+ 0x1D43E => array(0x6B),
+ 0x1D43F => array(0x6C),
+ 0x1D440 => array(0x6D),
+ 0x1D441 => array(0x6E),
+ 0x1D442 => array(0x6F),
+ 0x1D443 => array(0x70),
+ 0x1D444 => array(0x71),
+ 0x1D445 => array(0x72),
+ 0x1D446 => array(0x73),
+ 0x1D447 => array(0x74),
+ 0x1D448 => array(0x75),
+ 0x1D449 => array(0x76),
+ 0x1D44A => array(0x77),
+ 0x1D44B => array(0x78),
+ 0x1D44C => array(0x79),
+ 0x1D44D => array(0x7A),
+ 0x1D468 => array(0x61),
+ 0x1D469 => array(0x62),
+ 0x1D46A => array(0x63),
+ 0x1D46B => array(0x64),
+ 0x1D46C => array(0x65),
+ 0x1D46D => array(0x66),
+ 0x1D46E => array(0x67),
+ 0x1D46F => array(0x68),
+ 0x1D470 => array(0x69),
+ 0x1D471 => array(0x6A),
+ 0x1D472 => array(0x6B),
+ 0x1D473 => array(0x6C),
+ 0x1D474 => array(0x6D),
+ 0x1D475 => array(0x6E),
+ 0x1D476 => array(0x6F),
+ 0x1D477 => array(0x70),
+ 0x1D478 => array(0x71),
+ 0x1D479 => array(0x72),
+ 0x1D47A => array(0x73),
+ 0x1D47B => array(0x74),
+ 0x1D47C => array(0x75),
+ 0x1D47D => array(0x76),
+ 0x1D47E => array(0x77),
+ 0x1D47F => array(0x78),
+ 0x1D480 => array(0x79),
+ 0x1D481 => array(0x7A),
+ 0x1D49C => array(0x61),
+ 0x1D49E => array(0x63),
+ 0x1D49F => array(0x64),
+ 0x1D4A2 => array(0x67),
+ 0x1D4A5 => array(0x6A),
+ 0x1D4A6 => array(0x6B),
+ 0x1D4A9 => array(0x6E),
+ 0x1D4AA => array(0x6F),
+ 0x1D4AB => array(0x70),
+ 0x1D4AC => array(0x71),
+ 0x1D4AE => array(0x73),
+ 0x1D4AF => array(0x74),
+ 0x1D4B0 => array(0x75),
+ 0x1D4B1 => array(0x76),
+ 0x1D4B2 => array(0x77),
+ 0x1D4B3 => array(0x78),
+ 0x1D4B4 => array(0x79),
+ 0x1D4B5 => array(0x7A),
+ 0x1D4D0 => array(0x61),
+ 0x1D4D1 => array(0x62),
+ 0x1D4D2 => array(0x63),
+ 0x1D4D3 => array(0x64),
+ 0x1D4D4 => array(0x65),
+ 0x1D4D5 => array(0x66),
+ 0x1D4D6 => array(0x67),
+ 0x1D4D7 => array(0x68),
+ 0x1D4D8 => array(0x69),
+ 0x1D4D9 => array(0x6A),
+ 0x1D4DA => array(0x6B),
+ 0x1D4DB => array(0x6C),
+ 0x1D4DC => array(0x6D),
+ 0x1D4DD => array(0x6E),
+ 0x1D4DE => array(0x6F),
+ 0x1D4DF => array(0x70),
+ 0x1D4E0 => array(0x71),
+ 0x1D4E1 => array(0x72),
+ 0x1D4E2 => array(0x73),
+ 0x1D4E3 => array(0x74),
+ 0x1D4E4 => array(0x75),
+ 0x1D4E5 => array(0x76),
+ 0x1D4E6 => array(0x77),
+ 0x1D4E7 => array(0x78),
+ 0x1D4E8 => array(0x79),
+ 0x1D4E9 => array(0x7A),
+ 0x1D504 => array(0x61),
+ 0x1D505 => array(0x62),
+ 0x1D507 => array(0x64),
+ 0x1D508 => array(0x65),
+ 0x1D509 => array(0x66),
+ 0x1D50A => array(0x67),
+ 0x1D50D => array(0x6A),
+ 0x1D50E => array(0x6B),
+ 0x1D50F => array(0x6C),
+ 0x1D510 => array(0x6D),
+ 0x1D511 => array(0x6E),
+ 0x1D512 => array(0x6F),
+ 0x1D513 => array(0x70),
+ 0x1D514 => array(0x71),
+ 0x1D516 => array(0x73),
+ 0x1D517 => array(0x74),
+ 0x1D518 => array(0x75),
+ 0x1D519 => array(0x76),
+ 0x1D51A => array(0x77),
+ 0x1D51B => array(0x78),
+ 0x1D51C => array(0x79),
+ 0x1D538 => array(0x61),
+ 0x1D539 => array(0x62),
+ 0x1D53B => array(0x64),
+ 0x1D53C => array(0x65),
+ 0x1D53D => array(0x66),
+ 0x1D53E => array(0x67),
+ 0x1D540 => array(0x69),
+ 0x1D541 => array(0x6A),
+ 0x1D542 => array(0x6B),
+ 0x1D543 => array(0x6C),
+ 0x1D544 => array(0x6D),
+ 0x1D546 => array(0x6F),
+ 0x1D54A => array(0x73),
+ 0x1D54B => array(0x74),
+ 0x1D54C => array(0x75),
+ 0x1D54D => array(0x76),
+ 0x1D54E => array(0x77),
+ 0x1D54F => array(0x78),
+ 0x1D550 => array(0x79),
+ 0x1D56C => array(0x61),
+ 0x1D56D => array(0x62),
+ 0x1D56E => array(0x63),
+ 0x1D56F => array(0x64),
+ 0x1D570 => array(0x65),
+ 0x1D571 => array(0x66),
+ 0x1D572 => array(0x67),
+ 0x1D573 => array(0x68),
+ 0x1D574 => array(0x69),
+ 0x1D575 => array(0x6A),
+ 0x1D576 => array(0x6B),
+ 0x1D577 => array(0x6C),
+ 0x1D578 => array(0x6D),
+ 0x1D579 => array(0x6E),
+ 0x1D57A => array(0x6F),
+ 0x1D57B => array(0x70),
+ 0x1D57C => array(0x71),
+ 0x1D57D => array(0x72),
+ 0x1D57E => array(0x73),
+ 0x1D57F => array(0x74),
+ 0x1D580 => array(0x75),
+ 0x1D581 => array(0x76),
+ 0x1D582 => array(0x77),
+ 0x1D583 => array(0x78),
+ 0x1D584 => array(0x79),
+ 0x1D585 => array(0x7A),
+ 0x1D5A0 => array(0x61),
+ 0x1D5A1 => array(0x62),
+ 0x1D5A2 => array(0x63),
+ 0x1D5A3 => array(0x64),
+ 0x1D5A4 => array(0x65),
+ 0x1D5A5 => array(0x66),
+ 0x1D5A6 => array(0x67),
+ 0x1D5A7 => array(0x68),
+ 0x1D5A8 => array(0x69),
+ 0x1D5A9 => array(0x6A),
+ 0x1D5AA => array(0x6B),
+ 0x1D5AB => array(0x6C),
+ 0x1D5AC => array(0x6D),
+ 0x1D5AD => array(0x6E),
+ 0x1D5AE => array(0x6F),
+ 0x1D5AF => array(0x70),
+ 0x1D5B0 => array(0x71),
+ 0x1D5B1 => array(0x72),
+ 0x1D5B2 => array(0x73),
+ 0x1D5B3 => array(0x74),
+ 0x1D5B4 => array(0x75),
+ 0x1D5B5 => array(0x76),
+ 0x1D5B6 => array(0x77),
+ 0x1D5B7 => array(0x78),
+ 0x1D5B8 => array(0x79),
+ 0x1D5B9 => array(0x7A),
+ 0x1D5D4 => array(0x61),
+ 0x1D5D5 => array(0x62),
+ 0x1D5D6 => array(0x63),
+ 0x1D5D7 => array(0x64),
+ 0x1D5D8 => array(0x65),
+ 0x1D5D9 => array(0x66),
+ 0x1D5DA => array(0x67),
+ 0x1D5DB => array(0x68),
+ 0x1D5DC => array(0x69),
+ 0x1D5DD => array(0x6A),
+ 0x1D5DE => array(0x6B),
+ 0x1D5DF => array(0x6C),
+ 0x1D5E0 => array(0x6D),
+ 0x1D5E1 => array(0x6E),
+ 0x1D5E2 => array(0x6F),
+ 0x1D5E3 => array(0x70),
+ 0x1D5E4 => array(0x71),
+ 0x1D5E5 => array(0x72),
+ 0x1D5E6 => array(0x73),
+ 0x1D5E7 => array(0x74),
+ 0x1D5E8 => array(0x75),
+ 0x1D5E9 => array(0x76),
+ 0x1D5EA => array(0x77),
+ 0x1D5EB => array(0x78),
+ 0x1D5EC => array(0x79),
+ 0x1D5ED => array(0x7A),
+ 0x1D608 => array(0x61),
+ 0x1D609 => array(0x62),
+ 0x1D60A => array(0x63),
+ 0x1D60B => array(0x64),
+ 0x1D60C => array(0x65),
+ 0x1D60D => array(0x66),
+ 0x1D60E => array(0x67),
+ 0x1D60F => array(0x68),
+ 0x1D610 => array(0x69),
+ 0x1D611 => array(0x6A),
+ 0x1D612 => array(0x6B),
+ 0x1D613 => array(0x6C),
+ 0x1D614 => array(0x6D),
+ 0x1D615 => array(0x6E),
+ 0x1D616 => array(0x6F),
+ 0x1D617 => array(0x70),
+ 0x1D618 => array(0x71),
+ 0x1D619 => array(0x72),
+ 0x1D61A => array(0x73),
+ 0x1D61B => array(0x74),
+ 0x1D61C => array(0x75),
+ 0x1D61D => array(0x76),
+ 0x1D61E => array(0x77),
+ 0x1D61F => array(0x78),
+ 0x1D620 => array(0x79),
+ 0x1D621 => array(0x7A),
+ 0x1D63C => array(0x61),
+ 0x1D63D => array(0x62),
+ 0x1D63E => array(0x63),
+ 0x1D63F => array(0x64),
+ 0x1D640 => array(0x65),
+ 0x1D641 => array(0x66),
+ 0x1D642 => array(0x67),
+ 0x1D643 => array(0x68),
+ 0x1D644 => array(0x69),
+ 0x1D645 => array(0x6A),
+ 0x1D646 => array(0x6B),
+ 0x1D647 => array(0x6C),
+ 0x1D648 => array(0x6D),
+ 0x1D649 => array(0x6E),
+ 0x1D64A => array(0x6F),
+ 0x1D64B => array(0x70),
+ 0x1D64C => array(0x71),
+ 0x1D64D => array(0x72),
+ 0x1D64E => array(0x73),
+ 0x1D64F => array(0x74),
+ 0x1D650 => array(0x75),
+ 0x1D651 => array(0x76),
+ 0x1D652 => array(0x77),
+ 0x1D653 => array(0x78),
+ 0x1D654 => array(0x79),
+ 0x1D655 => array(0x7A),
+ 0x1D670 => array(0x61),
+ 0x1D671 => array(0x62),
+ 0x1D672 => array(0x63),
+ 0x1D673 => array(0x64),
+ 0x1D674 => array(0x65),
+ 0x1D675 => array(0x66),
+ 0x1D676 => array(0x67),
+ 0x1D677 => array(0x68),
+ 0x1D678 => array(0x69),
+ 0x1D679 => array(0x6A),
+ 0x1D67A => array(0x6B),
+ 0x1D67B => array(0x6C),
+ 0x1D67C => array(0x6D),
+ 0x1D67D => array(0x6E),
+ 0x1D67E => array(0x6F),
+ 0x1D67F => array(0x70),
+ 0x1D680 => array(0x71),
+ 0x1D681 => array(0x72),
+ 0x1D682 => array(0x73),
+ 0x1D683 => array(0x74),
+ 0x1D684 => array(0x75),
+ 0x1D685 => array(0x76),
+ 0x1D686 => array(0x77),
+ 0x1D687 => array(0x78),
+ 0x1D688 => array(0x79),
+ 0x1D689 => array(0x7A),
+ 0x1D6A8 => array(0x3B1),
+ 0x1D6A9 => array(0x3B2),
+ 0x1D6AA => array(0x3B3),
+ 0x1D6AB => array(0x3B4),
+ 0x1D6AC => array(0x3B5),
+ 0x1D6AD => array(0x3B6),
+ 0x1D6AE => array(0x3B7),
+ 0x1D6AF => array(0x3B8),
+ 0x1D6B0 => array(0x3B9),
+ 0x1D6B1 => array(0x3BA),
+ 0x1D6B2 => array(0x3BB),
+ 0x1D6B3 => array(0x3BC),
+ 0x1D6B4 => array(0x3BD),
+ 0x1D6B5 => array(0x3BE),
+ 0x1D6B6 => array(0x3BF),
+ 0x1D6B7 => array(0x3C0),
+ 0x1D6B8 => array(0x3C1),
+ 0x1D6B9 => array(0x3B8),
+ 0x1D6BA => array(0x3C3),
+ 0x1D6BB => array(0x3C4),
+ 0x1D6BC => array(0x3C5),
+ 0x1D6BD => array(0x3C6),
+ 0x1D6BE => array(0x3C7),
+ 0x1D6BF => array(0x3C8),
+ 0x1D6C0 => array(0x3C9),
+ 0x1D6D3 => array(0x3C3),
+ 0x1D6E2 => array(0x3B1),
+ 0x1D6E3 => array(0x3B2),
+ 0x1D6E4 => array(0x3B3),
+ 0x1D6E5 => array(0x3B4),
+ 0x1D6E6 => array(0x3B5),
+ 0x1D6E7 => array(0x3B6),
+ 0x1D6E8 => array(0x3B7),
+ 0x1D6E9 => array(0x3B8),
+ 0x1D6EA => array(0x3B9),
+ 0x1D6EB => array(0x3BA),
+ 0x1D6EC => array(0x3BB),
+ 0x1D6ED => array(0x3BC),
+ 0x1D6EE => array(0x3BD),
+ 0x1D6EF => array(0x3BE),
+ 0x1D6F0 => array(0x3BF),
+ 0x1D6F1 => array(0x3C0),
+ 0x1D6F2 => array(0x3C1),
+ 0x1D6F3 => array(0x3B8),
+ 0x1D6F4 => array(0x3C3),
+ 0x1D6F5 => array(0x3C4),
+ 0x1D6F6 => array(0x3C5),
+ 0x1D6F7 => array(0x3C6),
+ 0x1D6F8 => array(0x3C7),
+ 0x1D6F9 => array(0x3C8),
+ 0x1D6FA => array(0x3C9),
+ 0x1D70D => array(0x3C3),
+ 0x1D71C => array(0x3B1),
+ 0x1D71D => array(0x3B2),
+ 0x1D71E => array(0x3B3),
+ 0x1D71F => array(0x3B4),
+ 0x1D720 => array(0x3B5),
+ 0x1D721 => array(0x3B6),
+ 0x1D722 => array(0x3B7),
+ 0x1D723 => array(0x3B8),
+ 0x1D724 => array(0x3B9),
+ 0x1D725 => array(0x3BA),
+ 0x1D726 => array(0x3BB),
+ 0x1D727 => array(0x3BC),
+ 0x1D728 => array(0x3BD),
+ 0x1D729 => array(0x3BE),
+ 0x1D72A => array(0x3BF),
+ 0x1D72B => array(0x3C0),
+ 0x1D72C => array(0x3C1),
+ 0x1D72D => array(0x3B8),
+ 0x1D72E => array(0x3C3),
+ 0x1D72F => array(0x3C4),
+ 0x1D730 => array(0x3C5),
+ 0x1D731 => array(0x3C6),
+ 0x1D732 => array(0x3C7),
+ 0x1D733 => array(0x3C8),
+ 0x1D734 => array(0x3C9),
+ 0x1D747 => array(0x3C3),
+ 0x1D756 => array(0x3B1),
+ 0x1D757 => array(0x3B2),
+ 0x1D758 => array(0x3B3),
+ 0x1D759 => array(0x3B4),
+ 0x1D75A => array(0x3B5),
+ 0x1D75B => array(0x3B6),
+ 0x1D75C => array(0x3B7),
+ 0x1D75D => array(0x3B8),
+ 0x1D75E => array(0x3B9),
+ 0x1D75F => array(0x3BA),
+ 0x1D760 => array(0x3BB),
+ 0x1D761 => array(0x3BC),
+ 0x1D762 => array(0x3BD),
+ 0x1D763 => array(0x3BE),
+ 0x1D764 => array(0x3BF),
+ 0x1D765 => array(0x3C0),
+ 0x1D766 => array(0x3C1),
+ 0x1D767 => array(0x3B8),
+ 0x1D768 => array(0x3C3),
+ 0x1D769 => array(0x3C4),
+ 0x1D76A => array(0x3C5),
+ 0x1D76B => array(0x3C6),
+ 0x1D76C => array(0x3C7),
+ 0x1D76D => array(0x3C8),
+ 0x1D76E => array(0x3C9),
+ 0x1D781 => array(0x3C3),
+ 0x1D790 => array(0x3B1),
+ 0x1D791 => array(0x3B2),
+ 0x1D792 => array(0x3B3),
+ 0x1D793 => array(0x3B4),
+ 0x1D794 => array(0x3B5),
+ 0x1D795 => array(0x3B6),
+ 0x1D796 => array(0x3B7),
+ 0x1D797 => array(0x3B8),
+ 0x1D798 => array(0x3B9),
+ 0x1D799 => array(0x3BA),
+ 0x1D79A => array(0x3BB),
+ 0x1D79B => array(0x3BC),
+ 0x1D79C => array(0x3BD),
+ 0x1D79D => array(0x3BE),
+ 0x1D79E => array(0x3BF),
+ 0x1D79F => array(0x3C0),
+ 0x1D7A0 => array(0x3C1),
+ 0x1D7A1 => array(0x3B8),
+ 0x1D7A2 => array(0x3C3),
+ 0x1D7A3 => array(0x3C4),
+ 0x1D7A4 => array(0x3C5),
+ 0x1D7A5 => array(0x3C6),
+ 0x1D7A6 => array(0x3C7),
+ 0x1D7A7 => array(0x3C8),
+ 0x1D7A8 => array(0x3C9),
+ 0x1D7BB => array(0x3C3),
+ 0x3F9 => array(0x3C3),
+ 0x1D2C => array(0x61),
+ 0x1D2D => array(0xE6),
+ 0x1D2E => array(0x62),
+ 0x1D30 => array(0x64),
+ 0x1D31 => array(0x65),
+ 0x1D32 => array(0x1DD),
+ 0x1D33 => array(0x67),
+ 0x1D34 => array(0x68),
+ 0x1D35 => array(0x69),
+ 0x1D36 => array(0x6A),
+ 0x1D37 => array(0x6B),
+ 0x1D38 => array(0x6C),
+ 0x1D39 => array(0x6D),
+ 0x1D3A => array(0x6E),
+ 0x1D3C => array(0x6F),
+ 0x1D3D => array(0x223),
+ 0x1D3E => array(0x70),
+ 0x1D3F => array(0x72),
+ 0x1D40 => array(0x74),
+ 0x1D41 => array(0x75),
+ 0x1D42 => array(0x77),
+ 0x213B => array(0x66, 0x61, 0x78),
+ 0x3250 => array(0x70, 0x74, 0x65),
+ 0x32CC => array(0x68, 0x67),
+ 0x32CE => array(0x65, 0x76),
+ 0x32CF => array(0x6C, 0x74, 0x64),
+ 0x337A => array(0x69, 0x75),
+ 0x33DE => array(0x76, 0x2215, 0x6D),
+ 0x33DF => array(0x61, 0x2215, 0x6D)
+ );
+
+ /**
+ * Normalization Combining Classes; Code Points not listed
+ * got Combining Class 0.
+ *
+ * @static
+ * @var array
+ * @access private
+ */
+ private static $_np_norm_combcls = array(
+ 0x334 => 1,
+ 0x335 => 1,
+ 0x336 => 1,
+ 0x337 => 1,
+ 0x338 => 1,
+ 0x93C => 7,
+ 0x9BC => 7,
+ 0xA3C => 7,
+ 0xABC => 7,
+ 0xB3C => 7,
+ 0xCBC => 7,
+ 0x1037 => 7,
+ 0x3099 => 8,
+ 0x309A => 8,
+ 0x94D => 9,
+ 0x9CD => 9,
+ 0xA4D => 9,
+ 0xACD => 9,
+ 0xB4D => 9,
+ 0xBCD => 9,
+ 0xC4D => 9,
+ 0xCCD => 9,
+ 0xD4D => 9,
+ 0xDCA => 9,
+ 0xE3A => 9,
+ 0xF84 => 9,
+ 0x1039 => 9,
+ 0x1714 => 9,
+ 0x1734 => 9,
+ 0x17D2 => 9,
+ 0x5B0 => 10,
+ 0x5B1 => 11,
+ 0x5B2 => 12,
+ 0x5B3 => 13,
+ 0x5B4 => 14,
+ 0x5B5 => 15,
+ 0x5B6 => 16,
+ 0x5B7 => 17,
+ 0x5B8 => 18,
+ 0x5B9 => 19,
+ 0x5BB => 20,
+ 0x5Bc => 21,
+ 0x5BD => 22,
+ 0x5BF => 23,
+ 0x5C1 => 24,
+ 0x5C2 => 25,
+ 0xFB1E => 26,
+ 0x64B => 27,
+ 0x64C => 28,
+ 0x64D => 29,
+ 0x64E => 30,
+ 0x64F => 31,
+ 0x650 => 32,
+ 0x651 => 33,
+ 0x652 => 34,
+ 0x670 => 35,
+ 0x711 => 36,
+ 0xC55 => 84,
+ 0xC56 => 91,
+ 0xE38 => 103,
+ 0xE39 => 103,
+ 0xE48 => 107,
+ 0xE49 => 107,
+ 0xE4A => 107,
+ 0xE4B => 107,
+ 0xEB8 => 118,
+ 0xEB9 => 118,
+ 0xEC8 => 122,
+ 0xEC9 => 122,
+ 0xECA => 122,
+ 0xECB => 122,
+ 0xF71 => 129,
+ 0xF72 => 130,
+ 0xF7A => 130,
+ 0xF7B => 130,
+ 0xF7C => 130,
+ 0xF7D => 130,
+ 0xF80 => 130,
+ 0xF74 => 132,
+ 0x321 => 202,
+ 0x322 => 202,
+ 0x327 => 202,
+ 0x328 => 202,
+ 0x31B => 216,
+ 0xF39 => 216,
+ 0x1D165 => 216,
+ 0x1D166 => 216,
+ 0x1D16E => 216,
+ 0x1D16F => 216,
+ 0x1D170 => 216,
+ 0x1D171 => 216,
+ 0x1D172 => 216,
+ 0x302A => 218,
+ 0x316 => 220,
+ 0x317 => 220,
+ 0x318 => 220,
+ 0x319 => 220,
+ 0x31C => 220,
+ 0x31D => 220,
+ 0x31E => 220,
+ 0x31F => 220,
+ 0x320 => 220,
+ 0x323 => 220,
+ 0x324 => 220,
+ 0x325 => 220,
+ 0x326 => 220,
+ 0x329 => 220,
+ 0x32A => 220,
+ 0x32B => 220,
+ 0x32C => 220,
+ 0x32D => 220,
+ 0x32E => 220,
+ 0x32F => 220,
+ 0x330 => 220,
+ 0x331 => 220,
+ 0x332 => 220,
+ 0x333 => 220,
+ 0x339 => 220,
+ 0x33A => 220,
+ 0x33B => 220,
+ 0x33C => 220,
+ 0x347 => 220,
+ 0x348 => 220,
+ 0x349 => 220,
+ 0x34D => 220,
+ 0x34E => 220,
+ 0x353 => 220,
+ 0x354 => 220,
+ 0x355 => 220,
+ 0x356 => 220,
+ 0x591 => 220,
+ 0x596 => 220,
+ 0x59B => 220,
+ 0x5A3 => 220,
+ 0x5A4 => 220,
+ 0x5A5 => 220,
+ 0x5A6 => 220,
+ 0x5A7 => 220,
+ 0x5AA => 220,
+ 0x655 => 220,
+ 0x656 => 220,
+ 0x6E3 => 220,
+ 0x6EA => 220,
+ 0x6ED => 220,
+ 0x731 => 220,
+ 0x734 => 220,
+ 0x737 => 220,
+ 0x738 => 220,
+ 0x739 => 220,
+ 0x73B => 220,
+ 0x73C => 220,
+ 0x73E => 220,
+ 0x742 => 220,
+ 0x744 => 220,
+ 0x746 => 220,
+ 0x748 => 220,
+ 0x952 => 220,
+ 0xF18 => 220,
+ 0xF19 => 220,
+ 0xF35 => 220,
+ 0xF37 => 220,
+ 0xFC6 => 220,
+ 0x193B => 220,
+ 0x20E8 => 220,
+ 0x1D17B => 220,
+ 0x1D17C => 220,
+ 0x1D17D => 220,
+ 0x1D17E => 220,
+ 0x1D17F => 220,
+ 0x1D180 => 220,
+ 0x1D181 => 220,
+ 0x1D182 => 220,
+ 0x1D18A => 220,
+ 0x1D18B => 220,
+ 0x59A => 222,
+ 0x5AD => 222,
+ 0x1929 => 222,
+ 0x302D => 222,
+ 0x302E => 224,
+ 0x302F => 224,
+ 0x1D16D => 226,
+ 0x5AE => 228,
+ 0x18A9 => 228,
+ 0x302B => 228,
+ 0x300 => 230,
+ 0x301 => 230,
+ 0x302 => 230,
+ 0x303 => 230,
+ 0x304 => 230,
+ 0x305 => 230,
+ 0x306 => 230,
+ 0x307 => 230,
+ 0x308 => 230,
+ 0x309 => 230,
+ 0x30A => 230,
+ 0x30B => 230,
+ 0x30C => 230,
+ 0x30D => 230,
+ 0x30E => 230,
+ 0x30F => 230,
+ 0x310 => 230,
+ 0x311 => 230,
+ 0x312 => 230,
+ 0x313 => 230,
+ 0x314 => 230,
+ 0x33D => 230,
+ 0x33E => 230,
+ 0x33F => 230,
+ 0x340 => 230,
+ 0x341 => 230,
+ 0x342 => 230,
+ 0x343 => 230,
+ 0x344 => 230,
+ 0x346 => 230,
+ 0x34A => 230,
+ 0x34B => 230,
+ 0x34C => 230,
+ 0x350 => 230,
+ 0x351 => 230,
+ 0x352 => 230,
+ 0x357 => 230,
+ 0x363 => 230,
+ 0x364 => 230,
+ 0x365 => 230,
+ 0x366 => 230,
+ 0x367 => 230,
+ 0x368 => 230,
+ 0x369 => 230,
+ 0x36A => 230,
+ 0x36B => 230,
+ 0x36C => 230,
+ 0x36D => 230,
+ 0x36E => 230,
+ 0x36F => 230,
+ 0x483 => 230,
+ 0x484 => 230,
+ 0x485 => 230,
+ 0x486 => 230,
+ 0x592 => 230,
+ 0x593 => 230,
+ 0x594 => 230,
+ 0x595 => 230,
+ 0x597 => 230,
+ 0x598 => 230,
+ 0x599 => 230,
+ 0x59C => 230,
+ 0x59D => 230,
+ 0x59E => 230,
+ 0x59F => 230,
+ 0x5A0 => 230,
+ 0x5A1 => 230,
+ 0x5A8 => 230,
+ 0x5A9 => 230,
+ 0x5AB => 230,
+ 0x5AC => 230,
+ 0x5AF => 230,
+ 0x5C4 => 230,
+ 0x610 => 230,
+ 0x611 => 230,
+ 0x612 => 230,
+ 0x613 => 230,
+ 0x614 => 230,
+ 0x615 => 230,
+ 0x653 => 230,
+ 0x654 => 230,
+ 0x657 => 230,
+ 0x658 => 230,
+ 0x6D6 => 230,
+ 0x6D7 => 230,
+ 0x6D8 => 230,
+ 0x6D9 => 230,
+ 0x6DA => 230,
+ 0x6DB => 230,
+ 0x6DC => 230,
+ 0x6DF => 230,
+ 0x6E0 => 230,
+ 0x6E1 => 230,
+ 0x6E2 => 230,
+ 0x6E4 => 230,
+ 0x6E7 => 230,
+ 0x6E8 => 230,
+ 0x6EB => 230,
+ 0x6EC => 230,
+ 0x730 => 230,
+ 0x732 => 230,
+ 0x733 => 230,
+ 0x735 => 230,
+ 0x736 => 230,
+ 0x73A => 230,
+ 0x73D => 230,
+ 0x73F => 230,
+ 0x740 => 230,
+ 0x741 => 230,
+ 0x743 => 230,
+ 0x745 => 230,
+ 0x747 => 230,
+ 0x749 => 230,
+ 0x74A => 230,
+ 0x951 => 230,
+ 0x953 => 230,
+ 0x954 => 230,
+ 0xF82 => 230,
+ 0xF83 => 230,
+ 0xF86 => 230,
+ 0xF87 => 230,
+ 0x170D => 230,
+ 0x193A => 230,
+ 0x20D0 => 230,
+ 0x20D1 => 230,
+ 0x20D4 => 230,
+ 0x20D5 => 230,
+ 0x20D6 => 230,
+ 0x20D7 => 230,
+ 0x20DB => 230,
+ 0x20DC => 230,
+ 0x20E1 => 230,
+ 0x20E7 => 230,
+ 0x20E9 => 230,
+ 0xFE20 => 230,
+ 0xFE21 => 230,
+ 0xFE22 => 230,
+ 0xFE23 => 230,
+ 0x1D185 => 230,
+ 0x1D186 => 230,
+ 0x1D187 => 230,
+ 0x1D189 => 230,
+ 0x1D188 => 230,
+ 0x1D1AA => 230,
+ 0x1D1AB => 230,
+ 0x1D1AC => 230,
+ 0x1D1AD => 230,
+ 0x315 => 232,
+ 0x31A => 232,
+ 0x302C => 232,
+ 0x35F => 233,
+ 0x362 => 233,
+ 0x35D => 234,
+ 0x35E => 234,
+ 0x360 => 234,
+ 0x361 => 234,
+ 0x345 => 240
+ );
+ // }}}
+
+ // {{{ properties
+ /**
+ * @var string
+ * @access private
+ */
+ private $_punycode_prefix = 'xn--';
+
+ /**
+ * @access private
+ */
+ private $_invalid_ucs = 0x80000000;
+
+ /**
+ * @access private
+ */
+ private $_max_ucs = 0x10FFFF;
+
+ /**
+ * @var int
+ * @access private
+ */
+ private $_base = 36;
+
+ /**
+ * @var int
+ * @access private
+ */
+ private $_tmin = 1;
+
+ /**
+ * @var int
+ * @access private
+ */
+ private $_tmax = 26;
+
+ /**
+ * @var int
+ * @access private
+ */
+ private $_skew = 38;
+
+ /**
+ * @var int
+ * @access private
+ */
+ private $_damp = 700;
+
+ /**
+ * @var int
+ * @access private
+ */
+ private $_initial_bias = 72;
+
+ /**
+ * @var int
+ * @access private
+ */
+ private $_initial_n = 0x80;
+
+ /**
+ * @var int
+ * @access private
+ */
+ private $_slast;
+
+ /**
+ * @access private
+ */
+ private $_sbase = 0xAC00;
+
+ /**
+ * @access private
+ */
+ private $_lbase = 0x1100;
+
+ /**
+ * @access private
+ */
+ private $_vbase = 0x1161;
+
+ /**
+ * @access private
+ */
+ private $_tbase = 0x11a7;
+
+ /**
+ * @var int
+ * @access private
+ */
+ private $_lcount = 19;
+
+ /**
+ * @var int
+ * @access private
+ */
+ private $_vcount = 21;
+
+ /**
+ * @var int
+ * @access private
+ */
+ private $_tcount = 28;
+
+ /**
+ * vcount * tcount
+ *
+ * @var int
+ * @access private
+ */
+ private $_ncount = 588;
+
+ /**
+ * lcount * tcount * vcount
+ *
+ * @var int
+ * @access private
+ */
+ private $_scount = 11172;
+
+ /**
+ * Default encoding for encode()'s input and decode()'s output is UTF-8;
+ * Other possible encodings are ucs4_string and ucs4_array
+ * See {@link setParams()} for how to select these
+ *
+ * @var bool
+ * @access private
+ */
+ private $_api_encoding = 'utf8';
+
+ /**
+ * Overlong UTF-8 encodings are forbidden
+ *
+ * @var bool
+ * @access private
+ */
+ private $_allow_overlong = false;
+
+ /**
+ * Behave strict or not
+ *
+ * @var bool
+ * @access private
+ */
+ private $_strict_mode = false;
+
+ /**
+ * Cached value indicating whether or not mbstring function overloading is
+ * on for strlen
+ *
+ * This is cached for optimal performance.
+ *
+ * @var boolean
+ * @see Net_IDNA_php5::_byteLength()
+ */
+ private static $_mb_string_overload = null;
+ // }}}
+
+
+ // {{{ constructor
+ /**
+ * Constructor
+ *
+ * @param array $options
+ * @access public
+ * @see setParams()
+ */
+ public function __construct($options = null)
+ {
+ $this->_slast = $this->_sbase + $this->_lcount * $this->_vcount * $this->_tcount;
+
+ if (is_array($options)) {
+ $this->setParams($options);
+ }
+
+ // populate mbstring overloading cache if not set
+ if (self::$_mb_string_overload === null) {
+ self::$_mb_string_overload = (extension_loaded('mbstring')
+ && (ini_get('mbstring.func_overload') & 0x02) === 0x02);
+ }
+ }
+ // }}}
+
+
+ /**
+ * Sets a new option value. Available options and values:
+ *
+ * [utf8 - Use either UTF-8 or ISO-8859-1 as input (true for UTF-8, false
+ * otherwise); The output is always UTF-8]
+ * [overlong - Unicode does not allow unnecessarily long encodings of chars,
+ * to allow this, set this parameter to true, else to false;
+ * default is false.]
+ * [strict - true: strict mode, good for registration purposes - Causes errors
+ * on failures; false: loose mode, ideal for "wildlife" applications
+ * by silently ignoring errors and returning the original input instead]
+ *
+ * @param mixed $option Parameter to set (string: single parameter; array of Parameter => Value pairs)
+ * @param string $value Value to use (if parameter 1 is a string)
+ * @return boolean true on success, false otherwise
+ * @access public
+ */
+ public function setParams($option, $value = false)
+ {
+ if (!is_array($option)) {
+ $option = array($option => $value);
+ }
+
+ foreach ($option as $k => $v) {
+ switch ($k) {
+ case 'encoding':
+ switch ($v) {
+ case 'utf8':
+ case 'ucs4_string':
+ case 'ucs4_array':
+ $this->_api_encoding = $v;
+ break;
+
+ default:
+ throw new Exception('Set Parameter: Unknown parameter '.$v.' for option '.$k);
+ }
+
+ break;
+
+ case 'overlong':
+ $this->_allow_overlong = ($v) ? true : false;
+ break;
+
+ case 'strict':
+ $this->_strict_mode = ($v) ? true : false;
+ break;
+
+ default:
+ return false;
+ }
+ }
+
+ return true;
+ }
+
+ /**
+ * Encode a given UTF-8 domain name.
+ *
+ * @param string $decoded Domain name (UTF-8 or UCS-4)
+ * [@param string $encoding Desired input encoding, see {@link set_parameter}]
+ * @return string Encoded Domain name (ACE string)
+ * @return mixed processed string
+ * @throws Exception
+ * @access public
+ */
+ public function encode($decoded, $one_time_encoding = false)
+ {
+ // Forcing conversion of input to UCS4 array
+ // If one time encoding is given, use this, else the objects property
+ switch (($one_time_encoding) ? $one_time_encoding : $this->_api_encoding) {
+ case 'utf8':
+ $decoded = $this->_utf8_to_ucs4($decoded);
+ break;
+ case 'ucs4_string':
+ $decoded = $this->_ucs4_string_to_ucs4($decoded);
+ case 'ucs4_array': // No break; before this line. Catch case, but do nothing
+ break;
+ default:
+ throw new Exception('Unsupported input format');
+ }
+
+ // No input, no output, what else did you expect?
+ if (empty($decoded)) return '';
+
+ // Anchors for iteration
+ $last_begin = 0;
+ // Output string
+ $output = '';
+
+ foreach ($decoded as $k => $v) {
+ // Make sure to use just the plain dot
+ switch($v) {
+ case 0x3002:
+ case 0xFF0E:
+ case 0xFF61:
+ $decoded[$k] = 0x2E;
+ // It's right, no break here
+ // The codepoints above have to be converted to dots anyway
+
+ // Stumbling across an anchoring character
+ case 0x2E:
+ case 0x2F:
+ case 0x3A:
+ case 0x3F:
+ case 0x40:
+ // Neither email addresses nor URLs allowed in strict mode
+ if ($this->_strict_mode) {
+ throw new Exception('Neither email addresses nor URLs are allowed in strict mode.');
+ } else {
+ // Skip first char
+ if ($k) {
+ $encoded = '';
+ $encoded = $this->_encode(array_slice($decoded, $last_begin, (($k)-$last_begin)));
+ if ($encoded) {
+ $output .= $encoded;
+ } else {
+ $output .= $this->_ucs4_to_utf8(array_slice($decoded, $last_begin, (($k)-$last_begin)));
+ }
+ $output .= chr($decoded[$k]);
+ }
+ $last_begin = $k + 1;
+ }
+ }
+ }
+ // Catch the rest of the string
+ if ($last_begin) {
+ $inp_len = sizeof($decoded);
+ $encoded = '';
+ $encoded = $this->_encode(array_slice($decoded, $last_begin, (($inp_len)-$last_begin)));
+ if ($encoded) {
+ $output .= $encoded;
+ } else {
+ $output .= $this->_ucs4_to_utf8(array_slice($decoded, $last_begin, (($inp_len)-$last_begin)));
+ }
+ return $output;
+ } else {
+ if ($output = $this->_encode($decoded)) {
+ return $output;
+ } else {
+ return $this->_ucs4_to_utf8($decoded);
+ }
+ }
+ }
+
+ /**
+ * Decode a given ACE domain name.
+ *
+ * @param string $encoded Domain name (ACE string)
+ * @param string $encoding Desired output encoding, see {@link set_parameter}
+ * @return string Decoded Domain name (UTF-8 or UCS-4)
+ * @throws Exception
+ * @access public
+ */
+ public function decode($input, $one_time_encoding = false)
+ {
+ // Optionally set
+ if ($one_time_encoding) {
+ switch ($one_time_encoding) {
+ case 'utf8':
+ case 'ucs4_string':
+ case 'ucs4_array':
+ break;
+ default:
+ throw new Exception('Unknown encoding '.$one_time_encoding);
+ return false;
+ }
+ }
+ // Make sure to drop any newline characters around
+ $input = trim($input);
+
+ // Negotiate input and try to determine, wether it is a plain string,
+ // an email address or something like a complete URL
+ if (strpos($input, '@')) { // Maybe it is an email address
+ // No no in strict mode
+ if ($this->_strict_mode) {
+ throw new Exception('Only simple domain name parts can be handled in strict mode');
+ }
+ list($email_pref, $input) = explode('@', $input, 2);
+ $arr = explode('.', $input);
+ foreach ($arr as $k => $v) {
+ $conv = $this->_decode($v);
+ if ($conv) $arr[$k] = $conv;
+ }
+ $return = $email_pref . '@' . join('.', $arr);
+ } elseif (preg_match('![:\./]!', $input)) { // Or a complete domain name (with or without paths / parameters)
+ // No no in strict mode
+ if ($this->_strict_mode) {
+ throw new Exception('Only simple domain name parts can be handled in strict mode');
+ }
+ $parsed = parse_url($input);
+ if (isset($parsed['host'])) {
+ $arr = explode('.', $parsed['host']);
+ foreach ($arr as $k => $v) {
+ $conv = $this->_decode($v);
+ if ($conv) $arr[$k] = $conv;
+ }
+ $parsed['host'] = join('.', $arr);
+ if (isset($parsed['scheme'])) {
+ $parsed['scheme'] .= (strtolower($parsed['scheme']) == 'mailto') ? ':' : '://';
+ }
+ $return = join('', $parsed);
+ } else { // parse_url seems to have failed, try without it
+ $arr = explode('.', $input);
+ foreach ($arr as $k => $v) {
+ $conv = $this->_decode($v);
+ if ($conv) $arr[$k] = $conv;
+ }
+ $return = join('.', $arr);
+ }
+ } else { // Otherwise we consider it being a pure domain name string
+ $return = $this->_decode($input);
+ }
+ // The output is UTF-8 by default, other output formats need conversion here
+ // If one time encoding is given, use this, else the objects property
+ switch (($one_time_encoding) ? $one_time_encoding : $this->_api_encoding) {
+ case 'utf8':
+ return $return;
+ break;
+ case 'ucs4_string':
+ return $this->_ucs4_to_ucs4_string($this->_utf8_to_ucs4($return));
+ break;
+ case 'ucs4_array':
+ return $this->_utf8_to_ucs4($return);
+ break;
+ default:
+ throw new Exception('Unsupported output format');
+ }
+ }
+
+
+ // {{{ private
+ /**
+ * The actual encoding algorithm.
+ *
+ * @return string
+ * @throws Exception
+ * @access private
+ */
+ private function _encode($decoded)
+ {
+ // We cannot encode a domain name containing the Punycode prefix
+ $extract = self::_byteLength($this->_punycode_prefix);
+ $check_pref = $this->_utf8_to_ucs4($this->_punycode_prefix);
+ $check_deco = array_slice($decoded, 0, $extract);
+
+ if ($check_pref == $check_deco) {
+ throw new Exception('This is already a punycode string');
+ }
+ // We will not try to encode strings consisting of basic code points only
+ $encodable = false;
+ foreach ($decoded as $k => $v) {
+ if ($v > 0x7a) {
+ $encodable = true;
+ break;
+ }
+ }
+ if (!$encodable) {
+ if ($this->_strict_mode) {
+ throw new Exception('The given string does not contain encodable chars');
+ } else {
+ return false;
+ }
+ }
+
+ // Do NAMEPREP
+ try {
+ $decoded = $this->_nameprep($decoded);
+ } catch (Exception $e) {
+ // hmm, serious - rethrow
+ throw $e;
+ }
+
+ $deco_len = count($decoded);
+
+ // Empty array
+ if (!$deco_len) {
+ return false;
+ }
+
+ // How many chars have been consumed
+ $codecount = 0;
+
+ // Start with the prefix; copy it to output
+ $encoded = $this->_punycode_prefix;
+
+ $encoded = '';
+ // Copy all basic code points to output
+ for ($i = 0; $i < $deco_len; ++$i) {
+ $test = $decoded[$i];
+ // Will match [0-9a-zA-Z-]
+ if ((0x2F < $test && $test < 0x40)
+ || (0x40 < $test && $test < 0x5B)
+ || (0x60 < $test && $test <= 0x7B)
+ || (0x2D == $test)) {
+ $encoded .= chr($decoded[$i]);
+ $codecount++;
+ }
+ }
+
+ // All codepoints were basic ones
+ if ($codecount == $deco_len) {
+ return $encoded;
+ }
+
+ // Start with the prefix; copy it to output
+ $encoded = $this->_punycode_prefix . $encoded;
+
+ // If we have basic code points in output, add an hyphen to the end
+ if ($codecount) {
+ $encoded .= '-';
+ }
+
+ // Now find and encode all non-basic code points
+ $is_first = true;
+ $cur_code = $this->_initial_n;
+ $bias = $this->_initial_bias;
+ $delta = 0;
+
+ while ($codecount < $deco_len) {
+ // Find the smallest code point >= the current code point and
+ // remember the last ouccrence of it in the input
+ for ($i = 0, $next_code = $this->_max_ucs; $i < $deco_len; $i++) {
+ if ($decoded[$i] >= $cur_code && $decoded[$i] <= $next_code) {
+ $next_code = $decoded[$i];
+ }
+ }
+
+ $delta += ($next_code - $cur_code) * ($codecount + 1);
+ $cur_code = $next_code;
+
+ // Scan input again and encode all characters whose code point is $cur_code
+ for ($i = 0; $i < $deco_len; $i++) {
+ if ($decoded[$i] < $cur_code) {
+ $delta++;
+ } else if ($decoded[$i] == $cur_code) {
+ for ($q = $delta, $k = $this->_base; 1; $k += $this->_base) {
+ $t = ($k <= $bias)?
+ $this->_tmin :
+ (($k >= $bias + $this->_tmax)? $this->_tmax : $k - $bias);
+
+ if ($q < $t) {
+ break;
+ }
+
+ $encoded .= $this->_encodeDigit(ceil($t + (($q - $t) % ($this->_base - $t))));
+ $q = ($q - $t) / ($this->_base - $t);
+ }
+
+ $encoded .= $this->_encodeDigit($q);
+ $bias = $this->_adapt($delta, $codecount + 1, $is_first);
+ $codecount++;
+ $delta = 0;
+ $is_first = false;
+ }
+ }
+
+ $delta++;
+ $cur_code++;
+ }
+
+ return $encoded;
+ }
+
+ /**
+ * The actual decoding algorithm.
+ *
+ * @return string
+ * @throws Exception
+ * @access private
+ */
+ private function _decode($encoded)
+ {
+ // We do need to find the Punycode prefix
+ if (!preg_match('!^' . preg_quote($this->_punycode_prefix, '!') . '!', $encoded)) {
+ return false;
+ }
+
+ $encode_test = preg_replace('!^' . preg_quote($this->_punycode_prefix, '!') . '!', '', $encoded);
+
+ // If nothing left after removing the prefix, it is hopeless
+ if (!$encode_test) {
+ return false;
+ }
+
+ // Find last occurence of the delimiter
+ $delim_pos = strrpos($encoded, '-');
+
+ if ($delim_pos > self::_byteLength($this->_punycode_prefix)) {
+ for ($k = self::_byteLength($this->_punycode_prefix); $k < $delim_pos; ++$k) {
+ $decoded[] = ord($encoded{$k});
+ }
+ } else {
+ $decoded = array();
+ }
+
+ $deco_len = count($decoded);
+ $enco_len = self::_byteLength($encoded);
+
+ // Wandering through the strings; init
+ $is_first = true;
+ $bias = $this->_initial_bias;
+ $idx = 0;
+ $char = $this->_initial_n;
+
+ for ($enco_idx = ($delim_pos)? ($delim_pos + 1) : 0; $enco_idx < $enco_len; ++$deco_len) {
+ for ($old_idx = $idx, $w = 1, $k = $this->_base; 1 ; $k += $this->_base) {
+ $digit = $this->_decodeDigit($encoded{$enco_idx++});
+ $idx += $digit * $w;
+
+ $t = ($k <= $bias) ?
+ $this->_tmin :
+ (($k >= $bias + $this->_tmax)? $this->_tmax : ($k - $bias));
+
+ if ($digit < $t) {
+ break;
+ }
+
+ $w = (int)($w * ($this->_base - $t));
+ }
+
+ $bias = $this->_adapt($idx - $old_idx, $deco_len + 1, $is_first);
+ $is_first = false;
+ $char += (int) ($idx / ($deco_len + 1));
+ $idx %= ($deco_len + 1);
+
+ if ($deco_len > 0) {
+ // Make room for the decoded char
+ for ($i = $deco_len; $i > $idx; $i--) {
+ $decoded[$i] = $decoded[($i - 1)];
+ }
+ }
+
+ $decoded[$idx++] = $char;
+ }
+
+ try {
+ return $this->_ucs4_to_utf8($decoded);
+ } catch (Exception $e) {
+ // rethrow
+ throw $e;
+ }
+ }
+
+ /**
+ * Adapt the bias according to the current code point and position.
+ *
+ * @access private
+ */
+ private function _adapt($delta, $npoints, $is_first)
+ {
+ $delta = (int) ($is_first ? ($delta / $this->_damp) : ($delta / 2));
+ $delta += (int) ($delta / $npoints);
+
+ for ($k = 0; $delta > (($this->_base - $this->_tmin) * $this->_tmax) / 2; $k += $this->_base) {
+ $delta = (int) ($delta / ($this->_base - $this->_tmin));
+ }
+
+ return (int) ($k + ($this->_base - $this->_tmin + 1) * $delta / ($delta + $this->_skew));
+ }
+
+ /**
+ * Encoding a certain digit.
+ *
+ * @access private
+ */
+ private function _encodeDigit($d)
+ {
+ return chr($d + 22 + 75 * ($d < 26));
+ }
+
+ /**
+ * Decode a certain digit.
+ *
+ * @access private
+ */
+ private function _decodeDigit($cp)
+ {
+ $cp = ord($cp);
+ return ($cp - 48 < 10)? $cp - 22 : (($cp - 65 < 26)? $cp - 65 : (($cp - 97 < 26)? $cp - 97 : $this->_base));
+ }
+
+ /**
+ * Do Nameprep according to RFC3491 and RFC3454.
+ *
+ * @param array $input Unicode Characters
+ * @return string Unicode Characters, Nameprep'd
+ * @throws Exception
+ * @access private
+ */
+ private function _nameprep($input)
+ {
+ $output = array();
+
+ // Walking through the input array, performing the required steps on each of
+ // the input chars and putting the result into the output array
+ // While mapping required chars we apply the cannonical ordering
+
+ foreach ($input as $v) {
+ // Map to nothing == skip that code point
+ if (in_array($v, self::$_np_map_nothing)) {
+ continue;
+ }
+
+ // Try to find prohibited input
+ if (in_array($v, self::$_np_prohibit) || in_array($v, self::$_general_prohibited)) {
+ throw new Exception('NAMEPREP: Prohibited input U+' . sprintf('%08X', $v));
+ }
+
+ foreach (self::$_np_prohibit_ranges as $range) {
+ if ($range[0] <= $v && $v <= $range[1]) {
+ throw new Exception('NAMEPREP: Prohibited input U+' . sprintf('%08X', $v));
+ }
+ }
+
+ // Hangul syllable decomposition
+ if (0xAC00 <= $v && $v <= 0xD7AF) {
+ foreach ($this->_hangulDecompose($v) as $out) {
+ $output[] = $out;
+ }
+ } else if (isset(self::$_np_replacemaps[$v])) { // There's a decomposition mapping for that code point
+ foreach ($this->_applyCannonicalOrdering(self::$_np_replacemaps[$v]) as $out) {
+ $output[] = $out;
+ }
+ } else {
+ $output[] = $v;
+ }
+ }
+
+ // Combine code points
+
+ $last_class = 0;
+ $last_starter = 0;
+ $out_len = count($output);
+
+ for ($i = 0; $i < $out_len; ++$i) {
+ $class = $this->_getCombiningClass($output[$i]);
+
+ if ((!$last_class || $last_class != $class) && $class) {
+ // Try to match
+ $seq_len = $i - $last_starter;
+ $out = $this->_combine(array_slice($output, $last_starter, $seq_len));
+
+ // On match: Replace the last starter with the composed character and remove
+ // the now redundant non-starter(s)
+ if ($out) {
+ $output[$last_starter] = $out;
+
+ if (count($out) != $seq_len) {
+ for ($j = $i + 1; $j < $out_len; ++$j) {
+ $output[$j - 1] = $output[$j];
+ }
+
+ unset($output[$out_len]);
+ }
+
+ // Rewind the for loop by one, since there can be more possible compositions
+ $i--;
+ $out_len--;
+ $last_class = ($i == $last_starter)? 0 : $this->_getCombiningClass($output[$i - 1]);
+
+ continue;
+ }
+ }
+
+ // The current class is 0
+ if (!$class) {
+ $last_starter = $i;
+ }
+
+ $last_class = $class;
+ }
+
+ return $output;
+ }
+
+ /**
+ * Decomposes a Hangul syllable
+ * (see http://www.unicode.org/unicode/reports/tr15/#Hangul).
+ *
+ * @param integer $char 32bit UCS4 code point
+ * @return array Either Hangul Syllable decomposed or original 32bit
+ * value as one value array
+ * @access private
+ */
+ private function _hangulDecompose($char)
+ {
+ $sindex = $char - $this->_sbase;
+
+ if ($sindex < 0 || $sindex >= $this->_scount) {
+ return array($char);
+ }
+
+ $result = array();
+ $T = $this->_tbase + $sindex % $this->_tcount;
+ $result[] = (int)($this->_lbase + $sindex / $this->_ncount);
+ $result[] = (int)($this->_vbase + ($sindex % $this->_ncount) / $this->_tcount);
+
+ if ($T != $this->_tbase) {
+ $result[] = $T;
+ }
+
+ return $result;
+ }
+
+ /**
+ * Ccomposes a Hangul syllable
+ * (see http://www.unicode.org/unicode/reports/tr15/#Hangul).
+ *
+ * @param array $input Decomposed UCS4 sequence
+ * @return array UCS4 sequence with syllables composed
+ * @access private
+ */
+ private function _hangulCompose($input)
+ {
+ $inp_len = count($input);
+
+ if (!$inp_len) {
+ return array();
+ }
+
+ $result = array();
+ $last = $input[0];
+ $result[] = $last; // copy first char from input to output
+
+ for ($i = 1; $i < $inp_len; ++$i) {
+ $char = $input[$i];
+
+ // Find out, wether two current characters from L and V
+ $lindex = $last - $this->_lbase;
+
+ if (0 <= $lindex && $lindex < $this->_lcount) {
+ $vindex = $char - $this->_vbase;
+
+ if (0 <= $vindex && $vindex < $this->_vcount) {
+ // create syllable of form LV
+ $last = ($this->_sbase + ($lindex * $this->_vcount + $vindex) * $this->_tcount);
+ $out_off = count($result) - 1;
+ $result[$out_off] = $last; // reset last
+
+ // discard char
+ continue;
+ }
+ }
+
+ // Find out, wether two current characters are LV and T
+ $sindex = $last - $this->_sbase;
+
+ if (0 <= $sindex && $sindex < $this->_scount && ($sindex % $this->_tcount) == 0) {
+ $tindex = $char - $this->_tbase;
+
+ if (0 <= $tindex && $tindex <= $this->_tcount) {
+ // create syllable of form LVT
+ $last += $tindex;
+ $out_off = count($result) - 1;
+ $result[$out_off] = $last; // reset last
+
+ // discard char
+ continue;
+ }
+ }
+
+ // if neither case was true, just add the character
+ $last = $char;
+ $result[] = $char;
+ }
+
+ return $result;
+ }
+
+ /**
+ * Returns the combining class of a certain wide char.
+ *
+ * @param integer $char Wide char to check (32bit integer)
+ * @return integer Combining class if found, else 0
+ * @access private
+ */
+ private function _getCombiningClass($char)
+ {
+ return isset(self::$_np_norm_combcls[$char])? self::$_np_norm_combcls[$char] : 0;
+ }
+
+ /**
+ * Apllies the cannonical ordering of a decomposed UCS4 sequence.
+ *
+ * @param array $input Decomposed UCS4 sequence
+ * @return array Ordered USC4 sequence
+ * @access private
+ */
+ private function _applyCannonicalOrdering($input)
+ {
+ $swap = true;
+ $size = count($input);
+
+ while ($swap) {
+ $swap = false;
+ $last = $this->_getCombiningClass($input[0]);
+
+ for ($i = 0; $i < $size - 1; ++$i) {
+ $next = $this->_getCombiningClass($input[$i + 1]);
+
+ if ($next != 0 && $last > $next) {
+ // Move item leftward until it fits
+ for ($j = $i + 1; $j > 0; --$j) {
+ if ($this->_getCombiningClass($input[$j - 1]) <= $next) {
+ break;
+ }
+
+ $t = $input[$j];
+ $input[$j] = $input[$j - 1];
+ $input[$j - 1] = $t;
+ $swap = 1;
+ }
+
+ // Reentering the loop looking at the old character again
+ $next = $last;
+ }
+
+ $last = $next;
+ }
+ }
+
+ return $input;
+ }
+
+ /**
+ * Do composition of a sequence of starter and non-starter.
+ *
+ * @param array $input UCS4 Decomposed sequence
+ * @return array Ordered USC4 sequence
+ * @access private
+ */
+ private function _combine($input)
+ {
+ $inp_len = count($input);
+
+ // Is it a Hangul syllable?
+ if (1 != $inp_len) {
+ $hangul = $this->_hangulCompose($input);
+
+ // This place is probably wrong
+ if (count($hangul) != $inp_len) {
+ return $hangul;
+ }
+ }
+
+ foreach (self::$_np_replacemaps as $np_src => $np_target) {
+ if ($np_target[0] != $input[0]) {
+ continue;
+ }
+
+ if (count($np_target) != $inp_len) {
+ continue;
+ }
+
+ $hit = false;
+
+ foreach ($input as $k2 => $v2) {
+ if ($v2 == $np_target[$k2]) {
+ $hit = true;
+ } else {
+ $hit = false;
+ break;
+ }
+ }
+
+ if ($hit) {
+ return $np_src;
+ }
+ }
+
+ return false;
+ }
+
+ /**
+ * This converts an UTF-8 encoded string to its UCS-4 (array) representation
+ * By talking about UCS-4 we mean arrays of 32bit integers representing
+ * each of the "chars". This is due to PHP not being able to handle strings with
+ * bit depth different from 8. This applies to the reverse method _ucs4_to_utf8(), too.
+ * The following UTF-8 encodings are supported:
+ *
+ * bytes bits representation
+ * 1 7 0xxxxxxx
+ * 2 11 110xxxxx 10xxxxxx
+ * 3 16 1110xxxx 10xxxxxx 10xxxxxx
+ * 4 21 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
+ * 5 26 111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
+ * 6 31 1111110x 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
+ *
+ * Each x represents a bit that can be used to store character data.
+ *
+ * @access private
+ */
+ private function _utf8_to_ucs4($input)
+ {
+ $output = array();
+ $out_len = 0;
+ $inp_len = self::_byteLength($input, '8bit');
+ $mode = 'next';
+ $test = 'none';
+ for ($k = 0; $k < $inp_len; ++$k) {
+ $v = ord($input{$k}); // Extract byte from input string
+
+ if ($v < 128) { // We found an ASCII char - put into stirng as is
+ $output[$out_len] = $v;
+ ++$out_len;
+ if ('add' == $mode) {
+ throw new Exception('Conversion from UTF-8 to UCS-4 failed: malformed input at byte '.$k);
+ return false;
+ }
+ continue;
+ }
+ if ('next' == $mode) { // Try to find the next start byte; determine the width of the Unicode char
+ $start_byte = $v;
+ $mode = 'add';
+ $test = 'range';
+ if ($v >> 5 == 6) { // &110xxxxx 10xxxxx
+ $next_byte = 0; // Tells, how many times subsequent bitmasks must rotate 6bits to the left
+ $v = ($v - 192) << 6;
+ } elseif ($v >> 4 == 14) { // &1110xxxx 10xxxxxx 10xxxxxx
+ $next_byte = 1;
+ $v = ($v - 224) << 12;
+ } elseif ($v >> 3 == 30) { // &11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
+ $next_byte = 2;
+ $v = ($v - 240) << 18;
+ } elseif ($v >> 2 == 62) { // &111110xx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
+ $next_byte = 3;
+ $v = ($v - 248) << 24;
+ } elseif ($v >> 1 == 126) { // &1111110x 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx 10xxxxxx
+ $next_byte = 4;
+ $v = ($v - 252) << 30;
+ } else {
+ throw new Exception('This might be UTF-8, but I don\'t understand it at byte '.$k);
+ return false;
+ }
+ if ('add' == $mode) {
+ $output[$out_len] = (int) $v;
+ ++$out_len;
+ continue;
+ }
+ }
+ if ('add' == $mode) {
+ if (!$this->_allow_overlong && $test == 'range') {
+ $test = 'none';
+ if (($v < 0xA0 && $start_byte == 0xE0) || ($v < 0x90 && $start_byte == 0xF0) || ($v > 0x8F && $start_byte == 0xF4)) {
+ throw new Exception('Bogus UTF-8 character detected (out of legal range) at byte '.$k);
+ return false;
+ }
+ }
+ if ($v >> 6 == 2) { // Bit mask must be 10xxxxxx
+ $v = ($v - 128) << ($next_byte * 6);
+ $output[($out_len - 1)] += $v;
+ --$next_byte;
+ } else {
+ throw new Exception('Conversion from UTF-8 to UCS-4 failed: malformed input at byte '.$k);
+ return false;
+ }
+ if ($next_byte < 0) {
+ $mode = 'next';
+ }
+ }
+ } // for
+ return $output;
+ }
+
+ /**
+ * Convert UCS-4 array into UTF-8 string.
+ *
+ * @throws Exception
+ * @access private
+ */
+ private function _ucs4_to_utf8($input)
+ {
+ $output = '';
+
+ foreach ($input as $v) {
+ // $v = ord($v);
+
+ if ($v < 128) {
+ // 7bit are transferred literally
+ $output .= chr($v);
+ } else if ($v < 1 << 11) {
+ // 2 bytes
+ $output .= chr(192 + ($v >> 6))
+ . chr(128 + ($v & 63));
+ } else if ($v < 1 << 16) {
+ // 3 bytes
+ $output .= chr(224 + ($v >> 12))
+ . chr(128 + (($v >> 6) & 63))
+ . chr(128 + ($v & 63));
+ } else if ($v < 1 << 21) {
+ // 4 bytes
+ $output .= chr(240 + ($v >> 18))
+ . chr(128 + (($v >> 12) & 63))
+ . chr(128 + (($v >> 6) & 63))
+ . chr(128 + ($v & 63));
+ } else if ($v < 1 << 26) {
+ // 5 bytes
+ $output .= chr(248 + ($v >> 24))
+ . chr(128 + (($v >> 18) & 63))
+ . chr(128 + (($v >> 12) & 63))
+ . chr(128 + (($v >> 6) & 63))
+ . chr(128 + ($v & 63));
+ } else if ($v < 1 << 31) {
+ // 6 bytes
+ $output .= chr(252 + ($v >> 30))
+ . chr(128 + (($v >> 24) & 63))
+ . chr(128 + (($v >> 18) & 63))
+ . chr(128 + (($v >> 12) & 63))
+ . chr(128 + (($v >> 6) & 63))
+ . chr(128 + ($v & 63));
+ } else {
+ throw new Exception('Conversion from UCS-4 to UTF-8 failed: malformed input at byte ' . $k);
+ }
+ }
+
+ return $output;
+ }
+
+ /**
+ * Convert UCS-4 array into UCS-4 string
+ *
+ * @throws Exception
+ * @access private
+ */
+ private function _ucs4_to_ucs4_string($input)
+ {
+ $output = '';
+ // Take array values and split output to 4 bytes per value
+ // The bit mask is 255, which reads &11111111
+ foreach ($input as $v) {
+ $output .= ($v & (255 << 24) >> 24) . ($v & (255 << 16) >> 16) . ($v & (255 << 8) >> 8) . ($v & 255);
+ }
+ return $output;
+ }
+
+ /**
+ * Convert UCS-4 strin into UCS-4 garray
+ *
+ * @throws Exception
+ * @access private
+ */
+ private function _ucs4_string_to_ucs4($input)
+ {
+ $output = array();
+
+ $inp_len = self::_byteLength($input);
+ // Input length must be dividable by 4
+ if ($inp_len % 4) {
+ throw new Exception('Input UCS4 string is broken');
+ return false;
+ }
+
+ // Empty input - return empty output
+ if (!$inp_len) return $output;
+
+ for ($i = 0, $out_len = -1; $i < $inp_len; ++$i) {
+ // Increment output position every 4 input bytes
+ if (!$i % 4) {
+ $out_len++;
+ $output[$out_len] = 0;
+ }
+ $output[$out_len] += ord($input{$i}) << (8 * (3 - ($i % 4) ) );
+ }
+ return $output;
+ }
+
+ /**
+ * Echo hex representation of UCS4 sequence.
+ *
+ * @param array $input UCS4 sequence
+ * @param boolean $include_bit Include bitmask in output
+ * @return void
+ * @static
+ * @access private
+ */
+ private static function _showHex($input, $include_bit = false)
+ {
+ foreach ($input as $k => $v) {
+ echo '[', $k, '] => ', sprintf('%X', $v);
+
+ if ($include_bit) {
+ echo ' (', Net_IDNA::_showBitmask($v), ')';
+ }
+
+ echo "\n";
+ }
+ }
+
+ /**
+ * Gives you a bit representation of given Byte (8 bits), Word (16 bits) or DWord (32 bits)
+ * Output width is automagically determined
+ *
+ * @static
+ * @access private
+ */
+ private static function _showBitmask($octet)
+ {
+ if ($octet >= (1 << 16)) {
+ $w = 31;
+ } else if ($octet >= (1 << 8)) {
+ $w = 15;
+ } else {
+ $w = 7;
+ }
+
+ $return = '';
+
+ for ($i = $w; $i > -1; $i--) {
+ $return .= ($octet & (1 << $i))? 1 : '0';
+ }
+
+ return $return;
+ }
+
+ /**
+ * Gets the length of a string in bytes even if mbstring function
+ * overloading is turned on
+ *
+ * @param string $string the string for which to get the length.
+ *
+ * @return integer the length of the string in bytes.
+ *
+ * @see Net_IDNA_php5::$_mb_string_overload
+ */
+ private static function _byteLength($string)
+ {
+ if (self::$_mb_string_overload) {
+ return mb_strlen($string, '8bit');
+ }
+ return strlen((binary)$string);
+ }
+
+ // }}}}
+}
+
+?>
diff --git a/extlib/Net/LDAP2.php b/extlib/Net/LDAP2.php
deleted file mode 100644
index 26f5e7560..000000000
--- a/extlib/Net/LDAP2.php
+++ /dev/null
@@ -1,1791 +0,0 @@
-<?php
-/* vim: set expandtab tabstop=4 shiftwidth=4: */
-/**
-* File containing the Net_LDAP2 interface class.
-*
-* PHP version 5
-*
-* @category Net
-* @package Net_LDAP2
-* @author Tarjej Huse <tarjei@bergfald.no>
-* @author Jan Wagner <wagner@netsols.de>
-* @author Del <del@babel.com.au>
-* @author Benedikt Hallinger <beni@php.net>
-* @copyright 2003-2007 Tarjej Huse, Jan Wagner, Del Elson, Benedikt Hallinger
-* @license http://www.gnu.org/licenses/lgpl-3.0.txt LGPLv3
-* @version SVN: $Id: LDAP2.php 286788 2009-08-04 06:05:49Z beni $
-* @link http://pear.php.net/package/Net_LDAP2/
-*/
-
-/**
-* Package includes.
-*/
-require_once 'PEAR.php';
-require_once 'Net/LDAP2/RootDSE.php';
-require_once 'Net/LDAP2/Schema.php';
-require_once 'Net/LDAP2/Entry.php';
-require_once 'Net/LDAP2/Search.php';
-require_once 'Net/LDAP2/Util.php';
-require_once 'Net/LDAP2/Filter.php';
-require_once 'Net/LDAP2/LDIF.php';
-require_once 'Net/LDAP2/SchemaCache.interface.php';
-require_once 'Net/LDAP2/SimpleFileSchemaCache.php';
-
-/**
-* Error constants for errors that are not LDAP errors.
-*/
-define('NET_LDAP2_ERROR', 1000);
-
-/**
-* Net_LDAP2 Version
-*/
-define('NET_LDAP2_VERSION', '2.0.7');
-
-/**
-* Net_LDAP2 - manipulate LDAP servers the right way!
-*
-* @category Net
-* @package Net_LDAP2
-* @author Tarjej Huse <tarjei@bergfald.no>
-* @author Jan Wagner <wagner@netsols.de>
-* @author Del <del@babel.com.au>
-* @author Benedikt Hallinger <beni@php.net>
-* @copyright 2003-2007 Tarjej Huse, Jan Wagner, Del Elson, Benedikt Hallinger
-* @license http://www.gnu.org/copyleft/lesser.html LGPL
-* @link http://pear.php.net/package/Net_LDAP2/
-*/
-class Net_LDAP2 extends PEAR
-{
- /**
- * Class configuration array
- *
- * host = the ldap host to connect to
- * (may be an array of several hosts to try)
- * port = the server port
- * version = ldap version (defaults to v 3)
- * starttls = when set, ldap_start_tls() is run after connecting.
- * bindpw = no explanation needed
- * binddn = the DN to bind as.
- * basedn = ldap base
- * options = hash of ldap options to set (opt => val)
- * filter = default search filter
- * scope = default search scope
- *
- * Newly added in 2.0.0RC4, for auto-reconnect:
- * auto_reconnect = if set to true then the class will automatically
- * attempt to reconnect to the LDAP server in certain
- * failure conditionswhen attempting a search, or other
- * LDAP operation. Defaults to false. Note that if you
- * set this to true, calls to search() may block
- * indefinitely if there is a catastrophic server failure.
- * min_backoff = minimum reconnection delay period (in seconds).
- * current_backoff = initial reconnection delay period (in seconds).
- * max_backoff = maximum reconnection delay period (in seconds).
- *
- * @access protected
- * @var array
- */
- protected $_config = array('host' => 'localhost',
- 'port' => 389,
- 'version' => 3,
- 'starttls' => false,
- 'binddn' => '',
- 'bindpw' => '',
- 'basedn' => '',
- 'options' => array(),
- 'filter' => '(objectClass=*)',
- 'scope' => 'sub',
- 'auto_reconnect' => false,
- 'min_backoff' => 1,
- 'current_backoff' => 1,
- 'max_backoff' => 32);
-
- /**
- * List of hosts we try to establish a connection to
- *
- * @access protected
- * @var array
- */
- protected $_host_list = array();
-
- /**
- * List of hosts that are known to be down.
- *
- * @access protected
- * @var array
- */
- protected $_down_host_list = array();
-
- /**
- * LDAP resource link.
- *
- * @access protected
- * @var resource
- */
- protected $_link = false;
-
- /**
- * Net_LDAP2_Schema object
- *
- * This gets set and returned by {@link schema()}
- *
- * @access protected
- * @var object Net_LDAP2_Schema
- */
- protected $_schema = null;
-
- /**
- * Schema cacher function callback
- *
- * @see registerSchemaCache()
- * @var string
- */
- protected $_schema_cache = null;
-
- /**
- * Cache for attribute encoding checks
- *
- * @access protected
- * @var array Hash with attribute names as key and boolean value
- * to determine whether they should be utf8 encoded or not.
- */
- protected $_schemaAttrs = array();
-
- /**
- * Cache for rootDSE objects
- *
- * Hash with requested rootDSE attr names as key and rootDSE object as value
- *
- * Since the RootDSE object itself may request a rootDSE object,
- * {@link rootDse()} caches successful requests.
- * Internally, Net_LDAP2 needs several lookups to this object, so
- * caching increases performance significally.
- *
- * @access protected
- * @var array
- */
- protected $_rootDSE_cache = array();
-
- /**
- * Returns the Net_LDAP2 Release version, may be called statically
- *
- * @static
- * @return string Net_LDAP2 version
- */
- public static function getVersion()
- {
- return NET_LDAP2_VERSION;
- }
-
- /**
- * Configure Net_LDAP2, connect and bind
- *
- * Use this method as starting point of using Net_LDAP2
- * to establish a connection to your LDAP server.
- *
- * Static function that returns either an error object or the new Net_LDAP2
- * object. Something like a factory. Takes a config array with the needed
- * parameters.
- *
- * @param array $config Configuration array
- *
- * @access public
- * @return Net_LDAP2_Error|Net_LDAP2 Net_LDAP2_Error or Net_LDAP2 object
- */
- public static function &connect($config = array())
- {
- $ldap_check = self::checkLDAPExtension();
- if (self::iserror($ldap_check)) {
- return $ldap_check;
- }
-
- @$obj = new Net_LDAP2($config);
-
- // todo? better errorhandling for setConfig()?
-
- // connect and bind with credentials in config
- $err = $obj->bind();
- if (self::isError($err)) {
- return $err;
- }
-
- return $obj;
- }
-
- /**
- * Net_LDAP2 constructor
- *
- * Sets the config array
- *
- * Please note that the usual way of getting Net_LDAP2 to work is
- * to call something like:
- * <code>$ldap = Net_LDAP2::connect($ldap_config);</code>
- *
- * @param array $config Configuration array
- *
- * @access protected
- * @return void
- * @see $_config
- */
- public function __construct($config = array())
- {
- $this->PEAR('Net_LDAP2_Error');
- $this->setConfig($config);
- }
-
- /**
- * Sets the internal configuration array
- *
- * @param array $config Configuration array
- *
- * @access protected
- * @return void
- */
- protected function setConfig($config)
- {
- //
- // Parameter check -- probably should raise an error here if config
- // is not an array.
- //
- if (! is_array($config)) {
- return;
- }
-
- foreach ($config as $k => $v) {
- if (isset($this->_config[$k])) {
- $this->_config[$k] = $v;
- } else {
- // map old (Net_LDAP2) parms to new ones
- switch($k) {
- case "dn":
- $this->_config["binddn"] = $v;
- break;
- case "password":
- $this->_config["bindpw"] = $v;
- break;
- case "tls":
- $this->_config["starttls"] = $v;
- break;
- case "base":
- $this->_config["basedn"] = $v;
- break;
- }
- }
- }
-
- //
- // Ensure the host list is an array.
- //
- if (is_array($this->_config['host'])) {
- $this->_host_list = $this->_config['host'];
- } else {
- if (strlen($this->_config['host']) > 0) {
- $this->_host_list = array($this->_config['host']);
- } else {
- $this->_host_list = array();
- // ^ this will cause an error in performConnect(),
- // so the user is notified about the failure
- }
- }
-
- //
- // Reset the down host list, which seems like a sensible thing to do
- // if the config is being reset for some reason.
- //
- $this->_down_host_list = array();
- }
-
- /**
- * Bind or rebind to the ldap-server
- *
- * This function binds with the given dn and password to the server. In case
- * no connection has been made yet, it will be started and startTLS issued
- * if appropiate.
- *
- * The internal bind configuration is not being updated, so if you call
- * bind() without parameters, you can rebind with the credentials
- * provided at first connecting to the server.
- *
- * @param string $dn Distinguished name for binding
- * @param string $password Password for binding
- *
- * @access public
- * @return Net_LDAP2_Error|true Net_LDAP2_Error object or true
- */
- public function bind($dn = null, $password = null)
- {
- // fetch current bind credentials
- if (is_null($dn)) {
- $dn = $this->_config["binddn"];
- }
- if (is_null($password)) {
- $password = $this->_config["bindpw"];
- }
-
- // Connect first, if we haven't so far.
- // This will also bind us to the server.
- if ($this->_link === false) {
- // store old credentials so we can revert them later
- // then overwrite config with new bind credentials
- $olddn = $this->_config["binddn"];
- $oldpw = $this->_config["bindpw"];
-
- // overwrite bind credentials in config
- // so performConnect() knows about them
- $this->_config["binddn"] = $dn;
- $this->_config["bindpw"] = $password;
-
- // try to connect with provided credentials
- $msg = $this->performConnect();
-
- // reset to previous config
- $this->_config["binddn"] = $olddn;
- $this->_config["bindpw"] = $oldpw;
-
- // see if bind worked
- if (self::isError($msg)) {
- return $msg;
- }
- } else {
- // do the requested bind as we are
- // asked to bind manually
- if (is_null($dn)) {
- // anonymous bind
- $msg = @ldap_bind($this->_link);
- } else {
- // privileged bind
- $msg = @ldap_bind($this->_link, $dn, $password);
- }
- if (false === $msg) {
- return PEAR::raiseError("Bind failed: " .
- @ldap_error($this->_link),
- @ldap_errno($this->_link));
- }
- }
- return true;
- }
-
- /**
- * Connect to the ldap-server
- *
- * This function connects to the LDAP server specified in
- * the configuration, binds and set up the LDAP protocol as needed.
- *
- * @access protected
- * @return Net_LDAP2_Error|true Net_LDAP2_Error object or true
- */
- protected function performConnect()
- {
- // Note: Connecting is briefly described in RFC1777.
- // Basicly it works like this:
- // 1. set up TCP connection
- // 2. secure that connection if neccessary
- // 3a. setLDAPVersion to tell server which version we want to speak
- // 3b. perform bind
- // 3c. setLDAPVersion to tell server which version we want to speak
- // together with a test for supported versions
- // 4. set additional protocol options
-
- // Return true if we are already connected.
- if ($this->_link !== false) {
- return true;
- }
-
- // Connnect to the LDAP server if we are not connected. Note that
- // with some LDAP clients, ldapperformConnect returns a link value even
- // if no connection is made. We need to do at least one anonymous
- // bind to ensure that a connection is actually valid.
- //
- // Ref: http://www.php.net/manual/en/function.ldap-connect.php
-
- // Default error message in case all connection attempts
- // fail but no message is set
- $current_error = new PEAR_Error('Unknown connection error');
-
- // Catch empty $_host_list arrays.
- if (!is_array($this->_host_list) || count($this->_host_list) == 0) {
- $current_error = PEAR::raiseError('No Servers configured! Please '.
- 'pass in an array of servers to Net_LDAP2');
- return $current_error;
- }
-
- // Cycle through the host list.
- foreach ($this->_host_list as $host) {
-
- // Ensure we have a valid string for host name
- if (is_array($host)) {
- $current_error = PEAR::raiseError('No Servers configured! '.
- 'Please pass in an one dimensional array of servers to '.
- 'Net_LDAP2! (multidimensional array detected!)');
- continue;
- }
-
- // Skip this host if it is known to be down.
- if (in_array($host, $this->_down_host_list)) {
- continue;
- }
-
- // Record the host that we are actually connecting to in case
- // we need it later.
- $this->_config['host'] = $host;
-
- // Attempt a connection.
- $this->_link = @ldap_connect($host, $this->_config['port']);
- if (false === $this->_link) {
- $current_error = PEAR::raiseError('Could not connect to ' .
- $host . ':' . $this->_config['port']);
- $this->_down_host_list[] = $host;
- continue;
- }
-
- // If we're supposed to use TLS, do so before we try to bind,
- // as some strict servers only allow binding via secure connections
- if ($this->_config["starttls"] === true) {
- if (self::isError($msg = $this->startTLS())) {
- $current_error = $msg;
- $this->_link = false;
- $this->_down_host_list[] = $host;
- continue;
- }
- }
-
- // Try to set the configured LDAP version on the connection if LDAP
- // server needs that before binding (eg OpenLDAP).
- // This could be necessary since rfc-1777 states that the protocol version
- // has to be set at the bind request.
- // We use force here which means that the test in the rootDSE is skipped;
- // this is neccessary, because some strict LDAP servers only allow to
- // read the LDAP rootDSE (which tells us the supported protocol versions)
- // with authenticated clients.
- // This may fail in which case we try again after binding.
- // In this case, most probably the bind() or setLDAPVersion()-call
- // below will also fail, providing error messages.
- $version_set = false;
- $ignored_err = $this->setLDAPVersion(0, true);
- if (!self::isError($ignored_err)) {
- $version_set = true;
- }
-
- // Attempt to bind to the server. If we have credentials configured,
- // we try to use them, otherwise its an anonymous bind.
- // As stated by RFC-1777, the bind request should be the first
- // operation to be performed after the connection is established.
- // This may give an protocol error if the server does not support
- // V2 binds and the above call to setLDAPVersion() failed.
- // In case the above call failed, we try an V2 bind here and set the
- // version afterwards (with checking to the rootDSE).
- $msg = $this->bind();
- if (self::isError($msg)) {
- // The bind failed, discard link and save error msg.
- // Then record the host as down and try next one
- if ($msg->getCode() == 0x02 && !$version_set) {
- // provide a finer grained error message
- // if protocol error arieses because of invalid version
- $msg = new Net_LDAP2_Error($msg->getMessage().
- " (could not set LDAP protocol version to ".
- $this->_config['version'].")",
- $msg->getCode());
- }
- $this->_link = false;
- $current_error = $msg;
- $this->_down_host_list[] = $host;
- continue;
- }
-
- // Set desired LDAP version if not successfully set before.
- // Here, a check against the rootDSE is performed, so we get a
- // error message if the server does not support the version.
- // The rootDSE entry should tell us which LDAP versions are
- // supported. However, some strict LDAP servers only allow
- // bound suers to read the rootDSE.
- if (!$version_set) {
- if (self::isError($msg = $this->setLDAPVersion())) {
- $current_error = $msg;
- $this->_link = false;
- $this->_down_host_list[] = $host;
- continue;
- }
- }
-
- // Set LDAP parameters, now we know we have a valid connection.
- if (isset($this->_config['options']) &&
- is_array($this->_config['options']) &&
- count($this->_config['options'])) {
- foreach ($this->_config['options'] as $opt => $val) {
- $err = $this->setOption($opt, $val);
- if (self::isError($err)) {
- $current_error = $err;
- $this->_link = false;
- $this->_down_host_list[] = $host;
- continue 2;
- }
- }
- }
-
- // At this stage we have connected, bound, and set up options,
- // so we have a known good LDAP server. Time to go home.
- return true;
- }
-
-
- // All connection attempts have failed, return the last error.
- return $current_error;
- }
-
- /**
- * Reconnect to the ldap-server.
- *
- * In case the connection to the LDAP
- * service has dropped out for some reason, this function will reconnect,
- * and re-bind if a bind has been attempted in the past. It is probably
- * most useful when the server list provided to the new() or connect()
- * function is an array rather than a single host name, because in that
- * case it will be able to connect to a failover or secondary server in
- * case the primary server goes down.
- *
- * This doesn't return anything, it just tries to re-establish
- * the current connection. It will sleep for the current backoff
- * period (seconds) before attempting the connect, and if the
- * connection fails it will double the backoff period, but not
- * try again. If you want to ensure a reconnection during a
- * transient period of server downtime then you need to call this
- * function in a loop.
- *
- * @access protected
- * @return Net_LDAP2_Error|true Net_LDAP2_Error object or true
- */
- protected function performReconnect()
- {
-
- // Return true if we are already connected.
- if ($this->_link !== false) {
- return true;
- }
-
- // Default error message in case all connection attempts
- // fail but no message is set
- $current_error = new PEAR_Error('Unknown connection error');
-
- // Sleep for a backoff period in seconds.
- sleep($this->_config['current_backoff']);
-
- // Retry all available connections.
- $this->_down_host_list = array();
- $msg = $this->performConnect();
-
- // Bail out if that fails.
- if (self::isError($msg)) {
- $this->_config['current_backoff'] =
- $this->_config['current_backoff'] * 2;
- if ($this->_config['current_backoff'] > $this->_config['max_backoff']) {
- $this->_config['current_backoff'] = $this->_config['max_backoff'];
- }
- return $msg;
- }
-
- // Now we should be able to safely (re-)bind.
- $msg = $this->bind();
- if (self::isError($msg)) {
- $this->_config['current_backoff'] = $this->_config['current_backoff'] * 2;
- if ($this->_config['current_backoff'] > $this->_config['max_backoff']) {
- $this->_config['current_backoff'] = $this->_config['max_backoff'];
- }
-
- // _config['host'] should have had the last connected host stored in it
- // by performConnect(). Since we are unable to bind to that host we can safely
- // assume that it is down or has some other problem.
- $this->_down_host_list[] = $this->_config['host'];
- return $msg;
- }
-
- // At this stage we have connected, bound, and set up options,
- // so we have a known good LDAP server. Time to go home.
- $this->_config['current_backoff'] = $this->_config['min_backoff'];
- return true;
- }
-
- /**
- * Starts an encrypted session
- *
- * @access public
- * @return Net_LDAP2_Error|true Net_LDAP2_Error object or true
- */
- public function startTLS()
- {
- // Test to see if the server supports TLS first.
- // This is done via testing the extensions offered by the server.
- // The OID 1.3.6.1.4.1.1466.20037 tells us, if TLS is supported.
- $rootDSE = $this->rootDse();
- if (self::isError($rootDSE)) {
- return $this->raiseError("Unable to fetch rootDSE entry ".
- "to see if TLS is supoported: ".$rootDSE->getMessage(), $rootDSE->getCode());
- }
-
- $supported_extensions = $rootDSE->getValue('supportedExtension');
- if (self::isError($supported_extensions)) {
- return $this->raiseError("Unable to fetch rootDSE attribute 'supportedExtension' ".
- "to see if TLS is supoported: ".$supported_extensions->getMessage(), $supported_extensions->getCode());
- }
-
- if (in_array('1.3.6.1.4.1.1466.20037', $supported_extensions)) {
- if (false === @ldap_start_tls($this->_link)) {
- return $this->raiseError("TLS not started: " .
- @ldap_error($this->_link),
- @ldap_errno($this->_link));
- }
- return true;
- } else {
- return $this->raiseError("Server reports that it does not support TLS");
- }
- }
-
- /**
- * alias function of startTLS() for perl-ldap interface
- *
- * @return void
- * @see startTLS()
- */
- public function start_tls()
- {
- $args = func_get_args();
- return call_user_func_array(array( &$this, 'startTLS' ), $args);
- }
-
- /**
- * Close LDAP connection.
- *
- * Closes the connection. Use this when the session is over.
- *
- * @return void
- */
- public function done()
- {
- $this->_Net_LDAP2();
- }
-
- /**
- * Alias for {@link done()}
- *
- * @return void
- * @see done()
- */
- public function disconnect()
- {
- $this->done();
- }
-
- /**
- * Destructor
- *
- * @access protected
- */
- public function _Net_LDAP2()
- {
- @ldap_close($this->_link);
- }
-
- /**
- * Add a new entryobject to a directory.
- *
- * Use add to add a new Net_LDAP2_Entry object to the directory.
- * This also links the entry to the connection used for the add,
- * if it was a fresh entry ({@link Net_LDAP2_Entry::createFresh()})
- *
- * @param Net_LDAP2_Entry &$entry Net_LDAP2_Entry
- *
- * @return Net_LDAP2_Error|true Net_LDAP2_Error object or true
- */
- public function add(&$entry)
- {
- if (!$entry instanceof Net_LDAP2_Entry) {
- return PEAR::raiseError('Parameter to Net_LDAP2::add() must be a Net_LDAP2_Entry object.');
- }
-
- // Continue attempting the add operation in a loop until we
- // get a success, a definitive failure, or the world ends.
- $foo = 0;
- while (true) {
- $link = $this->getLink();
-
- if ($link === false) {
- // We do not have a successful connection yet. The call to
- // getLink() would have kept trying if we wanted one. Go
- // home now.
- return PEAR::raiseError("Could not add entry " . $entry->dn() .
- " no valid LDAP connection could be found.");
- }
-
- if (@ldap_add($link, $entry->dn(), $entry->getValues())) {
- // entry successfully added, we should update its $ldap reference
- // in case it is not set so far (fresh entry)
- if (!$entry->getLDAP() instanceof Net_LDAP2) {
- $entry->setLDAP($this);
- }
- // store, that the entry is present inside the directory
- $entry->markAsNew(false);
- return true;
- } else {
- // We have a failure. What type? We may be able to reconnect
- // and try again.
- $error_code = @ldap_errno($link);
- $error_name = $this->errorMessage($error_code);
-
- if (($error_name === 'LDAP_OPERATIONS_ERROR') &&
- ($this->_config['auto_reconnect'])) {
-
- // The server has become disconnected before trying the
- // operation. We should try again, possibly with a different
- // server.
- $this->_link = false;
- $this->performReconnect();
- } else {
- // Errors other than the above catched are just passed
- // back to the user so he may react upon them.
- return PEAR::raiseError("Could not add entry " . $entry->dn() . " " .
- $error_name,
- $error_code);
- }
- }
- }
- }
-
- /**
- * Delete an entry from the directory
- *
- * The object may either be a string representing the dn or a Net_LDAP2_Entry
- * object. When the boolean paramter recursive is set, all subentries of the
- * entry will be deleted as well.
- *
- * @param string|Net_LDAP2_Entry $dn DN-string or Net_LDAP2_Entry
- * @param boolean $recursive Should we delete all children recursive as well?
- *
- * @access public
- * @return Net_LDAP2_Error|true Net_LDAP2_Error object or true
- */
- public function delete($dn, $recursive = false)
- {
- if ($dn instanceof Net_LDAP2_Entry) {
- $dn = $dn->dn();
- }
- if (false === is_string($dn)) {
- return PEAR::raiseError("Parameter is not a string nor an entry object!");
- }
- // Recursive delete searches for children and calls delete for them
- if ($recursive) {
- $result = @ldap_list($this->_link, $dn, '(objectClass=*)', array(null), 0, 0);
- if (@ldap_count_entries($this->_link, $result)) {
- $subentry = @ldap_first_entry($this->_link, $result);
- $this->delete(@ldap_get_dn($this->_link, $subentry), true);
- while ($subentry = @ldap_next_entry($this->_link, $subentry)) {
- $this->delete(@ldap_get_dn($this->_link, $subentry), true);
- }
- }
- }
-
- // Continue attempting the delete operation in a loop until we
- // get a success, a definitive failure, or the world ends.
- while (true) {
- $link = $this->getLink();
-
- if ($link === false) {
- // We do not have a successful connection yet. The call to
- // getLink() would have kept trying if we wanted one. Go
- // home now.
- return PEAR::raiseError("Could not add entry " . $dn .
- " no valid LDAP connection could be found.");
- }
-
- if (@ldap_delete($link, $dn)) {
- // entry successfully deleted.
- return true;
- } else {
- // We have a failure. What type?
- // We may be able to reconnect and try again.
- $error_code = @ldap_errno($link);
- $error_name = $this->errorMessage($error_code);
-
- if (($this->errorMessage($error_code) === 'LDAP_OPERATIONS_ERROR') &&
- ($this->_config['auto_reconnect'])) {
- // The server has become disconnected before trying the
- // operation. We should try again, possibly with a
- // different server.
- $this->_link = false;
- $this->performReconnect();
-
- } elseif ($error_code == 66) {
- // Subentries present, server refused to delete.
- // Deleting subentries is the clients responsibility, but
- // since the user may not know of the subentries, we do not
- // force that here but instead notify the developer so he
- // may take actions himself.
- return PEAR::raiseError("Could not delete entry $dn because of subentries. Use the recursive parameter to delete them.");
-
- } else {
- // Errors other than the above catched are just passed
- // back to the user so he may react upon them.
- return PEAR::raiseError("Could not delete entry " . $dn . " " .
- $error_name,
- $error_code);
- }
- }
- }
- }
-
- /**
- * Modify an ldapentry directly on the server
- *
- * This one takes the DN or a Net_LDAP2_Entry object and an array of actions.
- * This array should be something like this:
- *
- * array('add' => array('attribute1' => array('val1', 'val2'),
- * 'attribute2' => array('val1')),
- * 'delete' => array('attribute1'),
- * 'replace' => array('attribute1' => array('val1')),
- * 'changes' => array('add' => ...,
- * 'replace' => ...,
- * 'delete' => array('attribute1', 'attribute2' => array('val1')))
- *
- * The changes array is there so the order of operations can be influenced
- * (the operations are done in order of appearance).
- * The order of execution is as following:
- * 1. adds from 'add' array
- * 2. deletes from 'delete' array
- * 3. replaces from 'replace' array
- * 4. changes (add, replace, delete) in order of appearance
- * All subarrays (add, replace, delete, changes) may be given at the same time.
- *
- * The function calls the corresponding functions of an Net_LDAP2_Entry
- * object. A detailed description of array structures can be found there.
- *
- * Unlike the modification methods provided by the Net_LDAP2_Entry object,
- * this method will instantly carry out an update() after each operation,
- * thus modifying "directly" on the server.
- *
- * @param string|Net_LDAP2_Entry $entry DN-string or Net_LDAP2_Entry
- * @param array $parms Array of changes
- *
- * @access public
- * @return Net_LDAP2_Error|true Net_LDAP2_Error object or true
- */
- public function modify($entry, $parms = array())
- {
- if (is_string($entry)) {
- $entry = $this->getEntry($entry);
- if (self::isError($entry)) {
- return $entry;
- }
- }
- if (!$entry instanceof Net_LDAP2_Entry) {
- return PEAR::raiseError("Parameter is not a string nor an entry object!");
- }
-
- // Perform changes mentioned separately
- foreach (array('add', 'delete', 'replace') as $action) {
- if (isset($parms[$action])) {
- $msg = $entry->$action($parms[$action]);
- if (self::isError($msg)) {
- return $msg;
- }
- $entry->setLDAP($this);
-
- // Because the @ldap functions are called inside Net_LDAP2_Entry::update(),
- // we have to trap the error codes issued from that if we want to support
- // reconnection.
- while (true) {
- $msg = $entry->update();
-
- if (self::isError($msg)) {
- // We have a failure. What type? We may be able to reconnect
- // and try again.
- $error_code = $msg->getCode();
- $error_name = $this->errorMessage($error_code);
-
- if (($this->errorMessage($error_code) === 'LDAP_OPERATIONS_ERROR') &&
- ($this->_config['auto_reconnect'])) {
-
- // The server has become disconnected before trying the
- // operation. We should try again, possibly with a different
- // server.
- $this->_link = false;
- $this->performReconnect();
-
- } else {
-
- // Errors other than the above catched are just passed
- // back to the user so he may react upon them.
- return PEAR::raiseError("Could not modify entry: ".$msg->getMessage());
- }
- } else {
- // modification succeedet, evaluate next change
- break;
- }
- }
- }
- }
-
- // perform combined changes in 'changes' array
- if (isset($parms['changes']) && is_array($parms['changes'])) {
- foreach ($parms['changes'] as $action => $value) {
-
- // Because the @ldap functions are called inside Net_LDAP2_Entry::update,
- // we have to trap the error codes issued from that if we want to support
- // reconnection.
- while (true) {
- $msg = $this->modify($entry, array($action => $value));
-
- if (self::isError($msg)) {
- // We have a failure. What type? We may be able to reconnect
- // and try again.
- $error_code = $msg->getCode();
- $error_name = $this->errorMessage($error_code);
-
- if (($this->errorMessage($error_code) === 'LDAP_OPERATIONS_ERROR') &&
- ($this->_config['auto_reconnect'])) {
-
- // The server has become disconnected before trying the
- // operation. We should try again, possibly with a different
- // server.
- $this->_link = false;
- $this->performReconnect();
-
- } else {
- // Errors other than the above catched are just passed
- // back to the user so he may react upon them.
- return $msg;
- }
- } else {
- // modification succeedet, evaluate next change
- break;
- }
- }
- }
- }
-
- return true;
- }
-
- /**
- * Run a ldap search query
- *
- * Search is used to query the ldap-database.
- * $base and $filter may be ommitted. The one from config will
- * then be used. $base is either a DN-string or an Net_LDAP2_Entry
- * object in which case its DN willb e used.
- *
- * Params may contain:
- *
- * scope: The scope which will be used for searching
- * base - Just one entry
- * sub - The whole tree
- * one - Immediately below $base
- * sizelimit: Limit the number of entries returned (default: 0 = unlimited),
- * timelimit: Limit the time spent for searching (default: 0 = unlimited),
- * attrsonly: If true, the search will only return the attribute names,
- * attributes: Array of attribute names, which the entry should contain.
- * It is good practice to limit this to just the ones you need.
- * [NOT IMPLEMENTED]
- * deref: By default aliases are dereferenced to locate the base object for the search, but not when
- * searching subordinates of the base object. This may be changed by specifying one of the
- * following values:
- *
- * never - Do not dereference aliases in searching or in locating the base object of the search.
- * search - Dereference aliases in subordinates of the base object in searching, but not in
- * locating the base object of the search.
- * find
- * always
- *
- * Please note, that you cannot override server side limitations to sizelimit
- * and timelimit: You can always only lower a given limit.
- *
- * @param string|Net_LDAP2_Entry $base LDAP searchbase
- * @param string|Net_LDAP2_Filter $filter LDAP search filter or a Net_LDAP2_Filter object
- * @param array $params Array of options
- *
- * @access public
- * @return Net_LDAP2_Search|Net_LDAP2_Error Net_LDAP2_Search object or Net_LDAP2_Error object
- * @todo implement search controls (sorting etc)
- */
- public function search($base = null, $filter = null, $params = array())
- {
- if (is_null($base)) {
- $base = $this->_config['basedn'];
- }
- if ($base instanceof Net_LDAP2_Entry) {
- $base = $base->dn(); // fetch DN of entry, making searchbase relative to the entry
- }
- if (is_null($filter)) {
- $filter = $this->_config['filter'];
- }
- if ($filter instanceof Net_LDAP2_Filter) {
- $filter = $filter->asString(); // convert Net_LDAP2_Filter to string representation
- }
- if (PEAR::isError($filter)) {
- return $filter;
- }
- if (PEAR::isError($base)) {
- return $base;
- }
-
- /* setting searchparameters */
- (isset($params['sizelimit'])) ? $sizelimit = $params['sizelimit'] : $sizelimit = 0;
- (isset($params['timelimit'])) ? $timelimit = $params['timelimit'] : $timelimit = 0;
- (isset($params['attrsonly'])) ? $attrsonly = $params['attrsonly'] : $attrsonly = 0;
- (isset($params['attributes'])) ? $attributes = $params['attributes'] : $attributes = array();
-
- // Ensure $attributes to be an array in case only one
- // attribute name was given as string
- if (!is_array($attributes)) {
- $attributes = array($attributes);
- }
-
- // reorganize the $attributes array index keys
- // sometimes there are problems with not consecutive indexes
- $attributes = array_values($attributes);
-
- // scoping makes searches faster!
- $scope = (isset($params['scope']) ? $params['scope'] : $this->_config['scope']);
-
- switch ($scope) {
- case 'one':
- $search_function = 'ldap_list';
- break;
- case 'base':
- $search_function = 'ldap_read';
- break;
- default:
- $search_function = 'ldap_search';
- }
-
- // Continue attempting the search operation until we get a success
- // or a definitive failure.
- while (true) {
- $link = $this->getLink();
- $search = @call_user_func($search_function,
- $link,
- $base,
- $filter,
- $attributes,
- $attrsonly,
- $sizelimit,
- $timelimit);
-
- if ($err = @ldap_errno($link)) {
- if ($err == 32) {
- // Errorcode 32 = no such object, i.e. a nullresult.
- return $obj = new Net_LDAP2_Search ($search, $this, $attributes);
- } elseif ($err == 4) {
- // Errorcode 4 = sizelimit exeeded.
- return $obj = new Net_LDAP2_Search ($search, $this, $attributes);
- } elseif ($err == 87) {
- // bad search filter
- return $this->raiseError($this->errorMessage($err) . "($filter)", $err);
- } elseif (($err == 1) && ($this->_config['auto_reconnect'])) {
- // Errorcode 1 = LDAP_OPERATIONS_ERROR but we can try a reconnect.
- $this->_link = false;
- $this->performReconnect();
- } else {
- $msg = "\nParameters:\nBase: $base\nFilter: $filter\nScope: $scope";
- return $this->raiseError($this->errorMessage($err) . $msg, $err);
- }
- } else {
- return $obj = new Net_LDAP2_Search($search, $this, $attributes);
- }
- }
- }
-
- /**
- * Set an LDAP option
- *
- * @param string $option Option to set
- * @param mixed $value Value to set Option to
- *
- * @access public
- * @return Net_LDAP2_Error|true Net_LDAP2_Error object or true
- */
- public function setOption($option, $value)
- {
- if ($this->_link) {
- if (defined($option)) {
- if (@ldap_set_option($this->_link, constant($option), $value)) {
- return true;
- } else {
- $err = @ldap_errno($this->_link);
- if ($err) {
- $msg = @ldap_err2str($err);
- } else {
- $err = NET_LDAP2_ERROR;
- $msg = $this->errorMessage($err);
- }
- return $this->raiseError($msg, $err);
- }
- } else {
- return $this->raiseError("Unkown Option requested");
- }
- } else {
- return $this->raiseError("Could not set LDAP option: No LDAP connection");
- }
- }
-
- /**
- * Get an LDAP option value
- *
- * @param string $option Option to get
- *
- * @access public
- * @return Net_LDAP2_Error|string Net_LDAP2_Error or option value
- */
- public function getOption($option)
- {
- if ($this->_link) {
- if (defined($option)) {
- if (@ldap_get_option($this->_link, constant($option), $value)) {
- return $value;
- } else {
- $err = @ldap_errno($this->_link);
- if ($err) {
- $msg = @ldap_err2str($err);
- } else {
- $err = NET_LDAP2_ERROR;
- $msg = $this->errorMessage($err);
- }
- return $this->raiseError($msg, $err);
- }
- } else {
- $this->raiseError("Unkown Option requested");
- }
- } else {
- $this->raiseError("No LDAP connection");
- }
- }
-
- /**
- * Get the LDAP_PROTOCOL_VERSION that is used on the connection.
- *
- * A lot of ldap functionality is defined by what protocol version the ldap server speaks.
- * This might be 2 or 3.
- *
- * @return int
- */
- public function getLDAPVersion()
- {
- if ($this->_link) {
- $version = $this->getOption("LDAP_OPT_PROTOCOL_VERSION");
- } else {
- $version = $this->_config['version'];
- }
- return $version;
- }
-
- /**
- * Set the LDAP_PROTOCOL_VERSION that is used on the connection.
- *
- * @param int $version LDAP-version that should be used
- * @param boolean $force If set to true, the check against the rootDSE will be skipped
- *
- * @return Net_LDAP2_Error|true Net_LDAP2_Error object or true
- * @todo Checking via the rootDSE takes much time - why? fetching and instanciation is quick!
- */
- public function setLDAPVersion($version = 0, $force = false)
- {
- if (!$version) {
- $version = $this->_config['version'];
- }
-
- //
- // Check to see if the server supports this version first.
- //
- // Todo: Why is this so horribly slow?
- // $this->rootDse() is very fast, as well as Net_LDAP2_RootDSE::fetch()
- // seems like a problem at copiyng the object inside PHP??
- // Additionally, this is not always reproducable...
- //
- if (!$force) {
- $rootDSE = $this->rootDse();
- if ($rootDSE instanceof Net_LDAP2_Error) {
- return $rootDSE;
- } else {
- $supported_versions = $rootDSE->getValue('supportedLDAPVersion');
- if (is_string($supported_versions)) {
- $supported_versions = array($supported_versions);
- }
- $check_ok = in_array($version, $supported_versions);
- }
- }
-
- if ($force || $check_ok) {
- return $this->setOption("LDAP_OPT_PROTOCOL_VERSION", $version);
- } else {
- return $this->raiseError("LDAP Server does not support protocol version " . $version);
- }
- }
-
-
- /**
- * Tells if a DN does exist in the directory
- *
- * @param string|Net_LDAP2_Entry $dn The DN of the object to test
- *
- * @return boolean|Net_LDAP2_Error
- */
- public function dnExists($dn)
- {
- if (PEAR::isError($dn)) {
- return $dn;
- }
- if ($dn instanceof Net_LDAP2_Entry) {
- $dn = $dn->dn();
- }
- if (false === is_string($dn)) {
- return PEAR::raiseError('Parameter $dn is not a string nor an entry object!');
- }
-
- // make dn relative to parent
- $base = Net_LDAP2_Util::ldap_explode_dn($dn, array('casefold' => 'none', 'reverse' => false, 'onlyvalues' => false));
- if (self::isError($base)) {
- return $base;
- }
- $entry_rdn = array_shift($base);
- if (is_array($entry_rdn)) {
- // maybe the dn consist of a multivalued RDN, we must build the dn in this case
- // because the $entry_rdn is an array!
- $filter_dn = Net_LDAP2_Util::canonical_dn($entry_rdn);
- }
- $base = Net_LDAP2_Util::canonical_dn($base);
-
- $result = @ldap_list($this->_link, $base, $entry_rdn, array(), 1, 1);
- if (@ldap_count_entries($this->_link, $result)) {
- return true;
- }
- if (ldap_errno($this->_link) == 32) {
- return false;
- }
- if (ldap_errno($this->_link) != 0) {
- return PEAR::raiseError(ldap_error($this->_link), ldap_errno($this->_link));
- }
- return false;
- }
-
-
- /**
- * Get a specific entry based on the DN
- *
- * @param string $dn DN of the entry that should be fetched
- * @param array $attr Array of Attributes to select. If ommitted, all attributes are fetched.
- *
- * @return Net_LDAP2_Entry|Net_LDAP2_Error Reference to a Net_LDAP2_Entry object or Net_LDAP2_Error object
- * @todo Maybe check against the shema should be done to be sure the attribute type exists
- */
- public function &getEntry($dn, $attr = array())
- {
- if (!is_array($attr)) {
- $attr = array($attr);
- }
- $result = $this->search($dn, '(objectClass=*)',
- array('scope' => 'base', 'attributes' => $attr));
- if (self::isError($result)) {
- return $result;
- } elseif ($result->count() == 0) {
- return PEAR::raiseError('Could not fetch entry '.$dn.': no entry found');
- }
- $entry = $result->shiftEntry();
- if (false == $entry) {
- return PEAR::raiseError('Could not fetch entry (error retrieving entry from search result)');
- }
- return $entry;
- }
-
- /**
- * Rename or move an entry
- *
- * This method will instantly carry out an update() after the move,
- * so the entry is moved instantly.
- * You can pass an optional Net_LDAP2 object. In this case, a cross directory
- * move will be performed which deletes the entry in the source (THIS) directory
- * and adds it in the directory $target_ldap.
- * A cross directory move will switch the Entrys internal LDAP reference so
- * updates to the entry will go to the new directory.
- *
- * Note that if you want to do a cross directory move, you need to
- * pass an Net_LDAP2_Entry object, otherwise the attributes will be empty.
- *
- * @param string|Net_LDAP2_Entry $entry Entry DN or Entry object
- * @param string $newdn New location
- * @param Net_LDAP2 $target_ldap (optional) Target directory for cross server move; should be passed via reference
- *
- * @return Net_LDAP2_Error|true
- */
- public function move($entry, $newdn, $target_ldap = null)
- {
- if (is_string($entry)) {
- $entry_o = $this->getEntry($entry);
- } else {
- $entry_o =& $entry;
- }
- if (!$entry_o instanceof Net_LDAP2_Entry) {
- return PEAR::raiseError('Parameter $entry is expected to be a Net_LDAP2_Entry object! (If DN was passed, conversion failed)');
- }
- if (null !== $target_ldap && !$target_ldap instanceof Net_LDAP2) {
- return PEAR::raiseError('Parameter $target_ldap is expected to be a Net_LDAP2 object!');
- }
-
- if ($target_ldap && $target_ldap !== $this) {
- // cross directory move
- if (is_string($entry)) {
- return PEAR::raiseError('Unable to perform cross directory move: operation requires a Net_LDAP2_Entry object');
- }
- if ($target_ldap->dnExists($newdn)) {
- return PEAR::raiseError('Unable to perform cross directory move: entry does exist in target directory');
- }
- $entry_o->dn($newdn);
- $res = $target_ldap->add($entry_o);
- if (self::isError($res)) {
- return PEAR::raiseError('Unable to perform cross directory move: '.$res->getMessage().' in target directory');
- }
- $res = $this->delete($entry_o->currentDN());
- if (self::isError($res)) {
- $res2 = $target_ldap->delete($entry_o); // undo add
- if (self::isError($res2)) {
- $add_error_string = 'Additionally, the deletion (undo add) of $entry in target directory failed.';
- }
- return PEAR::raiseError('Unable to perform cross directory move: '.$res->getMessage().' in source directory. '.$add_error_string);
- }
- $entry_o->setLDAP($target_ldap);
- return true;
- } else {
- // local move
- $entry_o->dn($newdn);
- $entry_o->setLDAP($this);
- return $entry_o->update();
- }
- }
-
- /**
- * Copy an entry to a new location
- *
- * The entry will be immediately copied.
- * Please note that only attributes you have
- * selected will be copied.
- *
- * @param Net_LDAP2_Entry &$entry Entry object
- * @param string $newdn New FQF-DN of the entry
- *
- * @return Net_LDAP2_Error|Net_LDAP2_Entry Error Message or reference to the copied entry
- */
- public function &copy(&$entry, $newdn)
- {
- if (!$entry instanceof Net_LDAP2_Entry) {
- return PEAR::raiseError('Parameter $entry is expected to be a Net_LDAP2_Entry object!');
- }
-
- $newentry = Net_LDAP2_Entry::createFresh($newdn, $entry->getValues());
- $result = $this->add($newentry);
-
- if ($result instanceof Net_LDAP2_Error) {
- return $result;
- } else {
- return $newentry;
- }
- }
-
-
- /**
- * Returns the string for an ldap errorcode.
- *
- * Made to be able to make better errorhandling
- * Function based on DB::errorMessage()
- * Tip: The best description of the errorcodes is found here:
- * http://www.directory-info.com/LDAP2/LDAPErrorCodes.html
- *
- * @param int $errorcode Error code
- *
- * @return string The errorstring for the error.
- */
- public function errorMessage($errorcode)
- {
- $errorMessages = array(
- 0x00 => "LDAP_SUCCESS",
- 0x01 => "LDAP_OPERATIONS_ERROR",
- 0x02 => "LDAP_PROTOCOL_ERROR",
- 0x03 => "LDAP_TIMELIMIT_EXCEEDED",
- 0x04 => "LDAP_SIZELIMIT_EXCEEDED",
- 0x05 => "LDAP_COMPARE_FALSE",
- 0x06 => "LDAP_COMPARE_TRUE",
- 0x07 => "LDAP_AUTH_METHOD_NOT_SUPPORTED",
- 0x08 => "LDAP_STRONG_AUTH_REQUIRED",
- 0x09 => "LDAP_PARTIAL_RESULTS",
- 0x0a => "LDAP_REFERRAL",
- 0x0b => "LDAP_ADMINLIMIT_EXCEEDED",
- 0x0c => "LDAP_UNAVAILABLE_CRITICAL_EXTENSION",
- 0x0d => "LDAP_CONFIDENTIALITY_REQUIRED",
- 0x0e => "LDAP_SASL_BIND_INPROGRESS",
- 0x10 => "LDAP_NO_SUCH_ATTRIBUTE",
- 0x11 => "LDAP_UNDEFINED_TYPE",
- 0x12 => "LDAP_INAPPROPRIATE_MATCHING",
- 0x13 => "LDAP_CONSTRAINT_VIOLATION",
- 0x14 => "LDAP_TYPE_OR_VALUE_EXISTS",
- 0x15 => "LDAP_INVALID_SYNTAX",
- 0x20 => "LDAP_NO_SUCH_OBJECT",
- 0x21 => "LDAP_ALIAS_PROBLEM",
- 0x22 => "LDAP_INVALID_DN_SYNTAX",
- 0x23 => "LDAP_IS_LEAF",
- 0x24 => "LDAP_ALIAS_DEREF_PROBLEM",
- 0x30 => "LDAP_INAPPROPRIATE_AUTH",
- 0x31 => "LDAP_INVALID_CREDENTIALS",
- 0x32 => "LDAP_INSUFFICIENT_ACCESS",
- 0x33 => "LDAP_BUSY",
- 0x34 => "LDAP_UNAVAILABLE",
- 0x35 => "LDAP_UNWILLING_TO_PERFORM",
- 0x36 => "LDAP_LOOP_DETECT",
- 0x3C => "LDAP_SORT_CONTROL_MISSING",
- 0x3D => "LDAP_INDEX_RANGE_ERROR",
- 0x40 => "LDAP_NAMING_VIOLATION",
- 0x41 => "LDAP_OBJECT_CLASS_VIOLATION",
- 0x42 => "LDAP_NOT_ALLOWED_ON_NONLEAF",
- 0x43 => "LDAP_NOT_ALLOWED_ON_RDN",
- 0x44 => "LDAP_ALREADY_EXISTS",
- 0x45 => "LDAP_NO_OBJECT_CLASS_MODS",
- 0x46 => "LDAP_RESULTS_TOO_LARGE",
- 0x47 => "LDAP_AFFECTS_MULTIPLE_DSAS",
- 0x50 => "LDAP_OTHER",
- 0x51 => "LDAP_SERVER_DOWN",
- 0x52 => "LDAP_LOCAL_ERROR",
- 0x53 => "LDAP_ENCODING_ERROR",
- 0x54 => "LDAP_DECODING_ERROR",
- 0x55 => "LDAP_TIMEOUT",
- 0x56 => "LDAP_AUTH_UNKNOWN",
- 0x57 => "LDAP_FILTER_ERROR",
- 0x58 => "LDAP_USER_CANCELLED",
- 0x59 => "LDAP_PARAM_ERROR",
- 0x5a => "LDAP_NO_MEMORY",
- 0x5b => "LDAP_CONNECT_ERROR",
- 0x5c => "LDAP_NOT_SUPPORTED",
- 0x5d => "LDAP_CONTROL_NOT_FOUND",
- 0x5e => "LDAP_NO_RESULTS_RETURNED",
- 0x5f => "LDAP_MORE_RESULTS_TO_RETURN",
- 0x60 => "LDAP_CLIENT_LOOP",
- 0x61 => "LDAP_REFERRAL_LIMIT_EXCEEDED",
- 1000 => "Unknown Net_LDAP2 Error"
- );
-
- return isset($errorMessages[$errorcode]) ?
- $errorMessages[$errorcode] :
- $errorMessages[NET_LDAP2_ERROR] . ' (' . $errorcode . ')';
- }
-
- /**
- * Gets a rootDSE object
- *
- * This either fetches a fresh rootDSE object or returns it from
- * the internal cache for performance reasons, if possible.
- *
- * @param array $attrs Array of attributes to search for
- *
- * @access public
- * @return Net_LDAP2_Error|Net_LDAP2_RootDSE Net_LDAP2_Error or Net_LDAP2_RootDSE object
- */
- public function &rootDse($attrs = null)
- {
- if ($attrs !== null && !is_array($attrs)) {
- return PEAR::raiseError('Parameter $attr is expected to be an array!');
- }
-
- $attrs_signature = serialize($attrs);
-
- // see if we need to fetch a fresh object, or if we already
- // requested this object with the same attributes
- if (true || !array_key_exists($attrs_signature, $this->_rootDSE_cache)) {
- $rootdse =& Net_LDAP2_RootDSE::fetch($this, $attrs);
- if ($rootdse instanceof Net_LDAP2_Error) {
- return $rootdse;
- }
-
- // search was ok, store rootDSE in cache
- $this->_rootDSE_cache[$attrs_signature] = $rootdse;
- }
- return $this->_rootDSE_cache[$attrs_signature];
- }
-
- /**
- * Alias function of rootDse() for perl-ldap interface
- *
- * @access public
- * @see rootDse()
- * @return Net_LDAP2_Error|Net_LDAP2_RootDSE
- */
- public function &root_dse()
- {
- $args = func_get_args();
- return call_user_func_array(array(&$this, 'rootDse'), $args);
- }
-
- /**
- * Get a schema object
- *
- * @param string $dn (optional) Subschema entry dn
- *
- * @access public
- * @return Net_LDAP2_Schema|Net_LDAP2_Error Net_LDAP2_Schema or Net_LDAP2_Error object
- */
- public function &schema($dn = null)
- {
- // Schema caching by Knut-Olav Hoven
- // If a schema caching object is registered, we use that to fetch
- // a schema object.
- // See registerSchemaCache() for more info on this.
- if ($this->_schema === null) {
- if ($this->_schema_cache) {
- $cached_schema = $this->_schema_cache->loadSchema();
- if ($cached_schema instanceof Net_LDAP2_Error) {
- return $cached_schema; // route error to client
- } else {
- if ($cached_schema instanceof Net_LDAP2_Schema) {
- $this->_schema = $cached_schema;
- }
- }
- }
- }
-
- // Fetch schema, if not tried before and no cached version available.
- // If we are already fetching the schema, we will skip fetching.
- if ($this->_schema === null) {
- // store a temporary error message so subsequent calls to schema() can
- // detect, that we are fetching the schema already.
- // Otherwise we will get an infinite loop at Net_LDAP2_Schema::fetch()
- $this->_schema = new Net_LDAP2_Error('Schema not initialized');
- $this->_schema = Net_LDAP2_Schema::fetch($this, $dn);
-
- // If schema caching is active, advise the cache to store the schema
- if ($this->_schema_cache) {
- $caching_result = $this->_schema_cache->storeSchema($this->_schema);
- if ($caching_result instanceof Net_LDAP2_Error) {
- return $caching_result; // route error to client
- }
- }
- }
- return $this->_schema;
- }
-
- /**
- * Enable/disable persistent schema caching
- *
- * Sometimes it might be useful to allow your scripts to cache
- * the schema information on disk, so the schema is not fetched
- * every time the script runs which could make your scripts run
- * faster.
- *
- * This method allows you to register a custom object that
- * implements your schema cache. Please see the SchemaCache interface
- * (SchemaCache.interface.php) for informations on how to implement this.
- * To unregister the cache, pass null as $cache parameter.
- *
- * For ease of use, Net_LDAP2 provides a simple file based cache
- * which is used in the example below. You may use this, for example,
- * to store the schema in a linux tmpfs which results in the schema
- * beeing cached inside the RAM which allows nearly instant access.
- * <code>
- * // Create the simple file cache object that comes along with Net_LDAP2
- * $mySchemaCache_cfg = array(
- * 'path' => '/tmp/Net_LDAP2_Schema.cache',
- * 'max_age' => 86400 // max age is 24 hours (in seconds)
- * );
- * $mySchemaCache = new Net_LDAP2_SimpleFileSchemaCache($mySchemaCache_cfg);
- * $ldap = new Net_LDAP2::connect(...);
- * $ldap->registerSchemaCache($mySchemaCache); // enable caching
- * // now each call to $ldap->schema() will get the schema from disk!
- * </code>
- *
- * @param Net_LDAP2_SchemaCache|null $cache Object implementing the Net_LDAP2_SchemaCache interface
- *
- * @return true|Net_LDAP2_Error
- */
- public function registerSchemaCache($cache) {
- if (is_null($cache)
- || (is_object($cache) && in_array('Net_LDAP2_SchemaCache', class_implements($cache))) ) {
- $this->_schema_cache = $cache;
- return true;
- } else {
- return new Net_LDAP2_Error('Custom schema caching object is either no '.
- 'valid object or does not implement the Net_LDAP2_SchemaCache interface!');
- }
- }
-
-
- /**
- * Checks if phps ldap-extension is loaded
- *
- * If it is not loaded, it tries to load it manually using PHPs dl().
- * It knows both windows-dll and *nix-so.
- *
- * @static
- * @return Net_LDAP2_Error|true
- */
- public static function checkLDAPExtension()
- {
- if (!extension_loaded('ldap') && !@dl('ldap.' . PHP_SHLIB_SUFFIX)) {
- return new Net_LDAP2_Error("It seems that you do not have the ldap-extension installed. Please install it before using the Net_LDAP2 package.");
- } else {
- return true;
- }
- }
-
- /**
- * Encodes given attributes to UTF8 if needed by schema
- *
- * This function takes attributes in an array and then checks against the schema if they need
- * UTF8 encoding. If that is so, they will be encoded. An encoded array will be returned and
- * can be used for adding or modifying.
- *
- * $attributes is expected to be an array with keys describing
- * the attribute names and the values as the value of this attribute:
- * <code>$attributes = array('cn' => 'foo', 'attr2' => array('mv1', 'mv2'));</code>
- *
- * @param array $attributes Array of attributes
- *
- * @access public
- * @return array|Net_LDAP2_Error Array of UTF8 encoded attributes or Error
- */
- public function utf8Encode($attributes)
- {
- return $this->utf8($attributes, 'utf8_encode');
- }
-
- /**
- * Decodes the given attribute values if needed by schema
- *
- * $attributes is expected to be an array with keys describing
- * the attribute names and the values as the value of this attribute:
- * <code>$attributes = array('cn' => 'foo', 'attr2' => array('mv1', 'mv2'));</code>
- *
- * @param array $attributes Array of attributes
- *
- * @access public
- * @see utf8Encode()
- * @return array|Net_LDAP2_Error Array with decoded attribute values or Error
- */
- public function utf8Decode($attributes)
- {
- return $this->utf8($attributes, 'utf8_decode');
- }
-
- /**
- * Encodes or decodes attribute values if needed
- *
- * @param array $attributes Array of attributes
- * @param array $function Function to apply to attribute values
- *
- * @access protected
- * @return array|Net_LDAP2_Error Array of attributes with function applied to values or Error
- */
- protected function utf8($attributes, $function)
- {
- if (!is_array($attributes) || array_key_exists(0, $attributes)) {
- return PEAR::raiseError('Parameter $attributes is expected to be an associative array');
- }
-
- if (!$this->_schema) {
- $this->_schema = $this->schema();
- }
-
- if (!$this->_link || self::isError($this->_schema) || !function_exists($function)) {
- return $attributes;
- }
-
- if (is_array($attributes) && count($attributes) > 0) {
-
- foreach ($attributes as $k => $v) {
-
- if (!isset($this->_schemaAttrs[$k])) {
-
- $attr = $this->_schema->get('attribute', $k);
- if (self::isError($attr)) {
- continue;
- }
-
- if (false !== strpos($attr['syntax'], '1.3.6.1.4.1.1466.115.121.1.15')) {
- $encode = true;
- } else {
- $encode = false;
- }
- $this->_schemaAttrs[$k] = $encode;
-
- } else {
- $encode = $this->_schemaAttrs[$k];
- }
-
- if ($encode) {
- if (is_array($v)) {
- foreach ($v as $ak => $av) {
- $v[$ak] = call_user_func($function, $av);
- }
- } else {
- $v = call_user_func($function, $v);
- }
- }
- $attributes[$k] = $v;
- }
- }
- return $attributes;
- }
-
- /**
- * Get the LDAP link resource. It will loop attempting to
- * re-establish the connection if the connection attempt fails and
- * auto_reconnect has been turned on (see the _config array documentation).
- *
- * @access public
- * @return resource LDAP link
- */
- public function &getLink()
- {
- if ($this->_config['auto_reconnect']) {
- while (true) {
- //
- // Return the link handle if we are already connected. Otherwise
- // try to reconnect.
- //
- if ($this->_link !== false) {
- return $this->_link;
- } else {
- $this->performReconnect();
- }
- }
- }
- return $this->_link;
- }
-}
-
-/**
-* Net_LDAP2_Error implements a class for reporting portable LDAP error messages.
-*
-* @category Net
-* @package Net_LDAP2
-* @author Tarjej Huse <tarjei@bergfald.no>
-* @license http://www.gnu.org/copyleft/lesser.html LGPL
-* @link http://pear.php.net/package/Net_LDAP22/
-*/
-class Net_LDAP2_Error extends PEAR_Error
-{
- /**
- * Net_LDAP2_Error constructor.
- *
- * @param string $message String with error message.
- * @param integer $code Net_LDAP2 error code
- * @param integer $mode what "error mode" to operate in
- * @param mixed $level what error level to use for $mode & PEAR_ERROR_TRIGGER
- * @param mixed $debuginfo additional debug info, such as the last query
- *
- * @access public
- * @see PEAR_Error
- */
- public function __construct($message = 'Net_LDAP2_Error', $code = NET_LDAP2_ERROR, $mode = PEAR_ERROR_RETURN,
- $level = E_USER_NOTICE, $debuginfo = null)
- {
- if (is_int($code)) {
- $this->PEAR_Error($message . ': ' . Net_LDAP2::errorMessage($code), $code, $mode, $level, $debuginfo);
- } else {
- $this->PEAR_Error("$message: $code", NET_LDAP2_ERROR, $mode, $level, $debuginfo);
- }
- }
-}
-
-?>
diff --git a/extlib/Net/LDAP2/Entry.php b/extlib/Net/LDAP2/Entry.php
deleted file mode 100644
index 66de96678..000000000
--- a/extlib/Net/LDAP2/Entry.php
+++ /dev/null
@@ -1,1055 +0,0 @@
-<?php
-/* vim: set expandtab tabstop=4 shiftwidth=4: */
-/**
-* File containing the Net_LDAP2_Entry interface class.
-*
-* PHP version 5
-*
-* @category Net
-* @package Net_LDAP2
-* @author Jan Wagner <wagner@netsols.de>
-* @author Tarjej Huse <tarjei@bergfald.no>
-* @author Benedikt Hallinger <beni@php.net>
-* @copyright 2009 Tarjej Huse, Jan Wagner, Benedikt Hallinger
-* @license http://www.gnu.org/licenses/lgpl-3.0.txt LGPLv3
-* @version SVN: $Id: Entry.php 286787 2009-08-04 06:03:12Z beni $
-* @link http://pear.php.net/package/Net_LDAP2/
-*/
-
-/**
-* Includes
-*/
-require_once 'PEAR.php';
-require_once 'Util.php';
-
-/**
-* Object representation of a directory entry
-*
-* This class represents a directory entry. You can add, delete, replace
-* attributes and their values, rename the entry, delete the entry.
-*
-* @category Net
-* @package Net_LDAP2
-* @author Jan Wagner <wagner@netsols.de>
-* @author Tarjej Huse <tarjei@bergfald.no>
-* @author Benedikt Hallinger <beni@php.net>
-* @license http://www.gnu.org/copyleft/lesser.html LGPL
-* @link http://pear.php.net/package/Net_LDAP2/
-*/
-class Net_LDAP2_Entry extends PEAR
-{
- /**
- * Entry ressource identifier
- *
- * @access protected
- * @var ressource
- */
- protected $_entry = null;
-
- /**
- * LDAP ressource identifier
- *
- * @access protected
- * @var ressource
- */
- protected $_link = null;
-
- /**
- * Net_LDAP2 object
- *
- * This object will be used for updating and schema checking
- *
- * @access protected
- * @var object Net_LDAP2
- */
- protected $_ldap = null;
-
- /**
- * Distinguished name of the entry
- *
- * @access protected
- * @var string
- */
- protected $_dn = null;
-
- /**
- * Attributes
- *
- * @access protected
- * @var array
- */
- protected $_attributes = array();
-
- /**
- * Original attributes before any modification
- *
- * @access protected
- * @var array
- */
- protected $_original = array();
-
-
- /**
- * Map of attribute names
- *
- * @access protected
- * @var array
- */
- protected $_map = array();
-
-
- /**
- * Is this a new entry?
- *
- * @access protected
- * @var boolean
- */
- protected $_new = true;
-
- /**
- * New distinguished name
- *
- * @access protected
- * @var string
- */
- protected $_newdn = null;
-
- /**
- * Shall the entry be deleted?
- *
- * @access protected
- * @var boolean
- */
- protected $_delete = false;
-
- /**
- * Map with changes to the entry
- *
- * @access protected
- * @var array
- */
- protected $_changes = array("add" => array(),
- "delete" => array(),
- "replace" => array()
- );
- /**
- * Internal Constructor
- *
- * Constructor of the entry. Sets up the distinguished name and the entries
- * attributes.
- * You should not call this method manually! Use {@link Net_LDAP2_Entry::createFresh()}
- * or {@link Net_LDAP2_Entry::createConnected()} instead!
- *
- * @param Net_LDAP2|ressource|array &$ldap Net_LDAP2 object, ldap-link ressource or array of attributes
- * @param string|ressource $entry Either a DN or a LDAP-Entry ressource
- *
- * @access protected
- * @return none
- */
- protected function __construct(&$ldap, $entry = null)
- {
- $this->PEAR('Net_LDAP2_Error');
-
- // set up entry resource or DN
- if (is_resource($entry)) {
- $this->_entry = &$entry;
- } else {
- $this->_dn = $entry;
- }
-
- // set up LDAP link
- if ($ldap instanceof Net_LDAP2) {
- $this->_ldap = &$ldap;
- $this->_link = $ldap->getLink();
- } elseif (is_resource($ldap)) {
- $this->_link = $ldap;
- } elseif (is_array($ldap)) {
- // Special case: here $ldap is an array of attributes,
- // this means, we have no link. This is a "virtual" entry.
- // We just set up the attributes so one can work with the object
- // as expected, but an update() fails unless setLDAP() is called.
- $this->setAttributes($ldap);
- }
-
- // if this is an entry existing in the directory,
- // then set up as old and fetch attrs
- if (is_resource($this->_entry) && is_resource($this->_link)) {
- $this->_new = false;
- $this->_dn = @ldap_get_dn($this->_link, $this->_entry);
- $this->setAttributes(); // fetch attributes from server
- }
- }
-
- /**
- * Creates a fresh entry that may be added to the directory later on
- *
- * Use this method, if you want to initialize a fresh entry.
- *
- * The method should be called statically: $entry = Net_LDAP2_Entry::createFresh();
- * You should put a 'objectClass' attribute into the $attrs so the directory server
- * knows which object you want to create. However, you may omit this in case you
- * don't want to add this entry to a directory server.
- *
- * The attributes parameter is as following:
- * <code>
- * $attrs = array( 'attribute1' => array('value1', 'value2'),
- * 'attribute2' => 'single value'
- * );
- * </code>
- *
- * @param string $dn DN of the Entry
- * @param array $attrs Attributes of the entry
- *
- * @static
- * @return Net_LDAP2_Entry|Net_LDAP2_Error
- */
- public static function createFresh($dn, $attrs = array())
- {
- if (!is_array($attrs)) {
- return PEAR::raiseError("Unable to create fresh entry: Parameter \$attrs needs to be an array!");
- }
-
- $entry = new Net_LDAP2_Entry($attrs, $dn);
- return $entry;
- }
-
- /**
- * Creates a Net_LDAP2_Entry object out of an ldap entry resource
- *
- * Use this method, if you want to initialize an entry object that is
- * already present in some directory and that you have read manually.
- *
- * Please note, that if you want to create an entry object that represents
- * some already existing entry, you should use {@link createExisting()}.
- *
- * The method should be called statically: $entry = Net_LDAP2_Entry::createConnected();
- *
- * @param Net_LDAP2 $ldap Net_LDA2 object
- * @param resource $entry PHP LDAP entry resource
- *
- * @static
- * @return Net_LDAP2_Entry|Net_LDAP2_Error
- */
- public static function createConnected($ldap, $entry)
- {
- if (!$ldap instanceof Net_LDAP2) {
- return PEAR::raiseError("Unable to create connected entry: Parameter \$ldap needs to be a Net_LDAP2 object!");
- }
- if (!is_resource($entry)) {
- return PEAR::raiseError("Unable to create connected entry: Parameter \$entry needs to be a ldap entry resource!");
- }
-
- $entry = new Net_LDAP2_Entry($ldap, $entry);
- return $entry;
- }
-
- /**
- * Creates an Net_LDAP2_Entry object that is considered already existing
- *
- * Use this method, if you want to modify an already existing entry
- * without fetching it first.
- * In most cases however, it is better to fetch the entry via Net_LDAP2->getEntry()!
- *
- * Please note that you should take care if you construct entries manually with this
- * because you may get weird synchronisation problems.
- * The attributes and values as well as the entry itself are considered existent
- * which may produce errors if you try to modify an entry which doesn't really exist
- * or if you try to overwrite some attribute with an value already present.
- *
- * This method is equal to calling createFresh() and after that markAsNew(FALSE).
- *
- * The method should be called statically: $entry = Net_LDAP2_Entry::createExisting();
- *
- * The attributes parameter is as following:
- * <code>
- * $attrs = array( 'attribute1' => array('value1', 'value2'),
- * 'attribute2' => 'single value'
- * );
- * </code>
- *
- * @param string $dn DN of the Entry
- * @param array $attrs Attributes of the entry
- *
- * @static
- * @return Net_LDAP2_Entry|Net_LDAP2_Error
- */
- public static function createExisting($dn, $attrs = array())
- {
- if (!is_array($attrs)) {
- return PEAR::raiseError("Unable to create entry object: Parameter \$attrs needs to be an array!");
- }
-
- $entry = Net_LDAP2_Entry::createFresh($dn, $attrs);
- if ($entry instanceof Net_LDAP2_Error) {
- return $entry;
- } else {
- $entry->markAsNew(false);
- return $entry;
- }
- }
-
- /**
- * Get or set the distinguished name of the entry
- *
- * If called without an argument the current (or the new DN if set) DN gets returned.
- * If you provide an DN, this entry is moved to the new location specified if a DN existed.
- * If the DN was not set, the DN gets initialized. Call {@link update()} to actually create
- * the new Entry in the directory.
- * To fetch the current active DN after setting a new DN but before an update(), you can use
- * {@link currentDN()} to retrieve the DN that is currently active.
- *
- * Please note that special characters (eg german umlauts) should be encoded using utf8_encode().
- * You may use {@link Net_LDAP2_Util::canonical_dn()} for properly encoding of the DN.
- *
- * @param string $dn New distinguished name
- *
- * @access public
- * @return string|true Distinguished name (or true if a new DN was provided)
- */
- public function dn($dn = null)
- {
- if (false == is_null($dn)) {
- if (is_null($this->_dn)) {
- $this->_dn = $dn;
- } else {
- $this->_newdn = $dn;
- }
- return true;
- }
- return (isset($this->_newdn) ? $this->_newdn : $this->currentDN());
- }
-
- /**
- * Renames or moves the entry
- *
- * This is just a convinience alias to {@link dn()}
- * to make your code more meaningful.
- *
- * @param string $newdn The new DN
- *
- * @return true
- */
- public function move($newdn)
- {
- return $this->dn($newdn);
- }
-
- /**
- * Sets the internal attributes array
- *
- * This fetches the values for the attributes from the server.
- * The attribute Syntax will be checked so binary attributes will be returned
- * as binary values.
- *
- * Attributes may be passed directly via the $attributes parameter to setup this
- * entry manually. This overrides attribute fetching from the server.
- *
- * @param array $attributes Attributes to set for this entry
- *
- * @access protected
- * @return void
- */
- protected function setAttributes($attributes = null)
- {
- /*
- * fetch attributes from the server
- */
- if (is_null($attributes) && is_resource($this->_entry) && is_resource($this->_link)) {
- // fetch schema
- if ($this->_ldap instanceof Net_LDAP2) {
- $schema =& $this->_ldap->schema();
- }
- // fetch attributes
- $attributes = array();
- do {
- if (empty($attr)) {
- $ber = null;
- $attr = @ldap_first_attribute($this->_link, $this->_entry, $ber);
- } else {
- $attr = @ldap_next_attribute($this->_link, $this->_entry, $ber);
- }
- if ($attr) {
- $func = 'ldap_get_values'; // standard function to fetch value
-
- // Try to get binary values as binary data
- if ($schema instanceof Net_LDAP2_Schema) {
- if ($schema->isBinary($attr)) {
- $func = 'ldap_get_values_len';
- }
- }
- // fetch attribute value (needs error checking?)
- $attributes[$attr] = $func($this->_link, $this->_entry, $attr);
- }
- } while ($attr);
- }
-
- /*
- * set attribute data directly, if passed
- */
- if (is_array($attributes) && count($attributes) > 0) {
- if (isset($attributes["count"]) && is_numeric($attributes["count"])) {
- unset($attributes["count"]);
- }
- foreach ($attributes as $k => $v) {
- // attribute names should not be numeric
- if (is_numeric($k)) {
- continue;
- }
- // map generic attribute name to real one
- $this->_map[strtolower($k)] = $k;
- // attribute values should be in an array
- if (false == is_array($v)) {
- $v = array($v);
- }
- // remove the value count (comes from ldap server)
- if (isset($v["count"])) {
- unset($v["count"]);
- }
- $this->_attributes[$k] = $v;
- }
- }
-
- // save a copy for later use
- $this->_original = $this->_attributes;
- }
-
- /**
- * Get the values of all attributes in a hash
- *
- * The returned hash has the form
- * <code>array('attributename' => 'single value',
- * 'attributename' => array('value1', value2', value3'))</code>
- *
- * @access public
- * @return array Hash of all attributes with their values
- */
- public function getValues()
- {
- $attrs = array();
- foreach ($this->_attributes as $attr => $value) {
- $attrs[$attr] = $this->getValue($attr);
- }
- return $attrs;
- }
-
- /**
- * Get the value of a specific attribute
- *
- * The first parameter is the name of the attribute
- * The second parameter influences the way the value is returned:
- * 'single': only the first value is returned as string
- * 'all': all values including the value count are returned in an
- * array
- * 'default': in all other cases an attribute value with a single value is
- * returned as string, if it has multiple values it is returned
- * as an array (without value count)
- *
- * @param string $attr Attribute name
- * @param string $option Option
- *
- * @access public
- * @return string|array|PEAR_Error string, array or PEAR_Error
- */
- public function getValue($attr, $option = null)
- {
- $attr = $this->getAttrName($attr);
-
- if (false == array_key_exists($attr, $this->_attributes)) {
- return PEAR::raiseError("Unknown attribute ($attr) requested");
- }
-
- $value = $this->_attributes[$attr];
-
- if ($option == "single" || (count($value) == 1 && $option != 'all')) {
- $value = array_shift($value);
- }
-
- return $value;
- }
-
- /**
- * Alias function of getValue for perl-ldap interface
- *
- * @see getValue()
- * @return string|array|PEAR_Error
- */
- public function get_value()
- {
- $args = func_get_args();
- return call_user_func_array(array( &$this, 'getValue' ), $args);
- }
-
- /**
- * Returns an array of attributes names
- *
- * @access public
- * @return array Array of attribute names
- */
- public function attributes()
- {
- return array_keys($this->_attributes);
- }
-
- /**
- * Returns whether an attribute exists or not
- *
- * @param string $attr Attribute name
- *
- * @access public
- * @return boolean
- */
- public function exists($attr)
- {
- $attr = $this->getAttrName($attr);
- return array_key_exists($attr, $this->_attributes);
- }
-
- /**
- * Adds a new attribute or a new value to an existing attribute
- *
- * The paramter has to be an array of the form:
- * array('attributename' => 'single value',
- * 'attributename' => array('value1', 'value2))
- * When the attribute already exists the values will be added, else the
- * attribute will be created. These changes are local to the entry and do
- * not affect the entry on the server until update() is called.
- *
- * Note, that you can add values of attributes that you haven't selected, but if
- * you do so, {@link getValue()} and {@link getValues()} will only return the
- * values you added, _NOT_ all values present on the server. To avoid this, just refetch
- * the entry after calling {@link update()} or select the attribute.
- *
- * @param array $attr Attributes to add
- *
- * @access public
- * @return true|Net_LDAP2_Error
- */
- public function add($attr = array())
- {
- if (false == is_array($attr)) {
- return PEAR::raiseError("Parameter must be an array");
- }
- foreach ($attr as $k => $v) {
- $k = $this->getAttrName($k);
- if (false == is_array($v)) {
- // Do not add empty values
- if ($v == null) {
- continue;
- } else {
- $v = array($v);
- }
- }
- // add new values to existing attribute or add new attribute
- if ($this->exists($k)) {
- $this->_attributes[$k] = array_unique(array_merge($this->_attributes[$k], $v));
- } else {
- $this->_map[strtolower($k)] = $k;
- $this->_attributes[$k] = $v;
- }
- // save changes for update()
- if (empty($this->_changes["add"][$k])) {
- $this->_changes["add"][$k] = array();
- }
- $this->_changes["add"][$k] = array_unique(array_merge($this->_changes["add"][$k], $v));
- }
- $return = true;
- return $return;
- }
-
- /**
- * Deletes an whole attribute or a value or the whole entry
- *
- * The parameter can be one of the following:
- *
- * "attributename" - The attribute as a whole will be deleted
- * array("attributename1", "attributename2) - All given attributes will be
- * deleted
- * array("attributename" => "value") - The value will be deleted
- * array("attributename" => array("value1", "value2") - The given values
- * will be deleted
- * If $attr is null or omitted , then the whole Entry will be deleted!
- *
- * These changes are local to the entry and do
- * not affect the entry on the server until {@link update()} is called.
- *
- * Please note that you must select the attribute (at $ldap->search() for example)
- * to be able to delete values of it, Otherwise {@link update()} will silently fail
- * and remove nothing.
- *
- * @param string|array $attr Attributes to delete (NULL or missing to delete whole entry)
- *
- * @access public
- * @return true
- */
- public function delete($attr = null)
- {
- if (is_null($attr)) {
- $this->_delete = true;
- return true;
- }
- if (is_string($attr)) {
- $attr = array($attr);
- }
- // Make the assumption that attribute names cannot be numeric,
- // therefore this has to be a simple list of attribute names to delete
- if (is_numeric(key($attr))) {
- foreach ($attr as $name) {
- if (is_array($name)) {
- // someone mixed modes (list mode but specific values given!)
- $del_attr_name = array_search($name, $attr);
- $this->delete(array($del_attr_name => $name));
- } else {
- // mark for update() if this attr was not marked before
- $name = $this->getAttrName($name);
- if ($this->exists($name)) {
- $this->_changes["delete"][$name] = null;
- unset($this->_attributes[$name]);
- }
- }
- }
- } else {
- // Here we have a hash with "attributename" => "value to delete"
- foreach ($attr as $name => $values) {
- if (is_int($name)) {
- // someone mixed modes and gave us just an attribute name
- $this->delete($values);
- } else {
- // mark for update() if this attr was not marked before;
- // this time it must consider the selected values also
- $name = $this->getAttrName($name);
- if ($this->exists($name)) {
- if (false == is_array($values)) {
- $values = array($values);
- }
- // save values to be deleted
- if (empty($this->_changes["delete"][$name])) {
- $this->_changes["delete"][$name] = array();
- }
- $this->_changes["delete"][$name] =
- array_unique(array_merge($this->_changes["delete"][$name], $values));
- foreach ($values as $value) {
- // find the key for the value that should be deleted
- $key = array_search($value, $this->_attributes[$name]);
- if (false !== $key) {
- // delete the value
- unset($this->_attributes[$name][$key]);
- }
- }
- }
- }
- }
- }
- $return = true;
- return $return;
- }
-
- /**
- * Replaces attributes or its values
- *
- * The parameter has to an array of the following form:
- * array("attributename" => "single value",
- * "attribute2name" => array("value1", "value2"),
- * "deleteme1" => null,
- * "deleteme2" => "")
- * If the attribute does not yet exist it will be added instead (see also $force).
- * If the attribue value is null, the attribute will de deleted.
- *
- * These changes are local to the entry and do
- * not affect the entry on the server until {@link update()} is called.
- *
- * In some cases you are not allowed to read the attributes value (for
- * example the ActiveDirectory attribute unicodePwd) but are allowed to
- * replace the value. In this case replace() would assume that the attribute
- * is not in the directory yet and tries to add it which will result in an
- * LDAP_TYPE_OR_VALUE_EXISTS error.
- * To force replace mode instead of add, you can set $force to true.
- *
- * @param array $attr Attributes to replace
- * @param bool $force Force replacing mode in case we can't read the attr value but are allowed to replace it
- *
- * @access public
- * @return true|Net_LDAP2_Error
- */
- public function replace($attr = array(), $force = false)
- {
- if (false == is_array($attr)) {
- return PEAR::raiseError("Parameter must be an array");
- }
- foreach ($attr as $k => $v) {
- $k = $this->getAttrName($k);
- if (false == is_array($v)) {
- // delete attributes with empty values; treat ints as string
- if (is_int($v)) {
- $v = "$v";
- }
- if ($v == null) {
- $this->delete($k);
- continue;
- } else {
- $v = array($v);
- }
- }
- // existing attributes will get replaced
- if ($this->exists($k) || $force) {
- $this->_changes["replace"][$k] = $v;
- $this->_attributes[$k] = $v;
- } else {
- // new ones just get added
- $this->add(array($k => $v));
- }
- }
- $return = true;
- return $return;
- }
-
- /**
- * Update the entry on the directory server
- *
- * This will evaluate all changes made so far and send them
- * to the directory server.
- * Please note, that if you make changes to objectclasses wich
- * have mandatory attributes set, update() will currently fail.
- * Remove the entry from the server and readd it as new in such cases.
- * This also will deal with problems with setting structural object classes.
- *
- * @param Net_LDAP2 $ldap If passed, a call to setLDAP() is issued prior update, thus switching the LDAP-server. This is for perl-ldap interface compliance
- *
- * @access public
- * @return true|Net_LDAP2_Error
- * @todo Entry rename with a DN containing special characters needs testing!
- */
- public function update($ldap = null)
- {
- if ($ldap) {
- $msg = $this->setLDAP($ldap);
- if (Net_LDAP2::isError($msg)) {
- return PEAR::raiseError('You passed an invalid $ldap variable to update()');
- }
- }
-
- // ensure we have a valid LDAP object
- $ldap =& $this->getLDAP();
- if (!$ldap instanceof Net_LDAP2) {
- return PEAR::raiseError("The entries LDAP object is not valid");
- }
-
- // Get and check link
- $link = $ldap->getLink();
- if (!is_resource($link)) {
- return PEAR::raiseError("Could not update entry: internal LDAP link is invalid");
- }
-
- /*
- * Delete the entry
- */
- if (true === $this->_delete) {
- return $ldap->delete($this);
- }
-
- /*
- * New entry
- */
- if (true === $this->_new) {
- $msg = $ldap->add($this);
- if (Net_LDAP2::isError($msg)) {
- return $msg;
- }
- $this->_new = false;
- $this->_changes['add'] = array();
- $this->_changes['delete'] = array();
- $this->_changes['replace'] = array();
- $this->_original = $this->_attributes;
-
- $return = true;
- return $return;
- }
-
- /*
- * Rename/move entry
- */
- if (false == is_null($this->_newdn)) {
- if ($ldap->getLDAPVersion() !== 3) {
- return PEAR::raiseError("Renaming/Moving an entry is only supported in LDAPv3");
- }
- // make dn relative to parent (needed for ldap rename)
- $parent = Net_LDAP2_Util::ldap_explode_dn($this->_newdn, array('casefolding' => 'none', 'reverse' => false, 'onlyvalues' => false));
- if (Net_LDAP2::isError($parent)) {
- return $parent;
- }
- $child = array_shift($parent);
- // maybe the dn consist of a multivalued RDN, we must build the dn in this case
- // because the $child-RDN is an array!
- if (is_array($child)) {
- $child = Net_LDAP2_Util::canonical_dn($child);
- }
- $parent = Net_LDAP2_Util::canonical_dn($parent);
-
- // rename/move
- if (false == @ldap_rename($link, $this->_dn, $child, $parent, true)) {
- return PEAR::raiseError("Entry not renamed: " .
- @ldap_error($link), @ldap_errno($link));
- }
- // reflect changes to local copy
- $this->_dn = $this->_newdn;
- $this->_newdn = null;
- }
-
- /*
- * Carry out modifications to the entry
- */
- // ADD
- foreach ($this->_changes["add"] as $attr => $value) {
- // if attribute exists, add new values
- if ($this->exists($attr)) {
- if (false === @ldap_mod_add($link, $this->dn(), array($attr => $value))) {
- return PEAR::raiseError("Could not add new values to attribute $attr: " .
- @ldap_error($link), @ldap_errno($link));
- }
- } else {
- // new attribute
- if (false === @ldap_modify($link, $this->dn(), array($attr => $value))) {
- return PEAR::raiseError("Could not add new attribute $attr: " .
- @ldap_error($link), @ldap_errno($link));
- }
- }
- // all went well here, I guess
- unset($this->_changes["add"][$attr]);
- }
-
- // DELETE
- foreach ($this->_changes["delete"] as $attr => $value) {
- // In LDAPv3 you need to specify the old values for deleting
- if (is_null($value) && $ldap->getLDAPVersion() === 3) {
- $value = $this->_original[$attr];
- }
- if (false === @ldap_mod_del($link, $this->dn(), array($attr => $value))) {
- return PEAR::raiseError("Could not delete attribute $attr: " .
- @ldap_error($link), @ldap_errno($link));
- }
- unset($this->_changes["delete"][$attr]);
- }
-
- // REPLACE
- foreach ($this->_changes["replace"] as $attr => $value) {
- if (false === @ldap_modify($link, $this->dn(), array($attr => $value))) {
- return PEAR::raiseError("Could not replace attribute $attr values: " .
- @ldap_error($link), @ldap_errno($link));
- }
- unset($this->_changes["replace"][$attr]);
- }
-
- // all went well, so _original (server) becomes _attributes (local copy)
- $this->_original = $this->_attributes;
-
- $return = true;
- return $return;
- }
-
- /**
- * Returns the right attribute name
- *
- * @param string $attr Name of attribute
- *
- * @access protected
- * @return string The right name of the attribute
- */
- protected function getAttrName($attr)
- {
- $name = strtolower($attr);
- if (array_key_exists($name, $this->_map)) {
- $attr = $this->_map[$name];
- }
- return $attr;
- }
-
- /**
- * Returns a reference to the LDAP-Object of this entry
- *
- * @access public
- * @return Net_LDAP2|Net_LDAP2_Error Reference to the Net_LDAP2 Object (the connection) or Net_LDAP2_Error
- */
- public function &getLDAP()
- {
- if (!$this->_ldap instanceof Net_LDAP2) {
- $err = new PEAR_Error('LDAP is not a valid Net_LDAP2 object');
- return $err;
- } else {
- return $this->_ldap;
- }
- }
-
- /**
- * Sets a reference to the LDAP-Object of this entry
- *
- * After setting a Net_LDAP2 object, calling update() will use that object for
- * updating directory contents. Use this to dynamicly switch directorys.
- *
- * @param Net_LDAP2 &$ldap Net_LDAP2 object that this entry should be connected to
- *
- * @access public
- * @return true|Net_LDAP2_Error
- */
- public function setLDAP(&$ldap)
- {
- if (!$ldap instanceof Net_LDAP2) {
- return PEAR::raiseError("LDAP is not a valid Net_LDAP2 object");
- } else {
- $this->_ldap =& $ldap;
- return true;
- }
- }
-
- /**
- * Marks the entry as new/existing.
- *
- * If an Entry is marked as new, it will be added to the directory
- * when calling {@link update()}.
- * If the entry is marked as old ($mark = false), then the entry is
- * assumed to be present in the directory server wich results in
- * modification when calling {@link update()}.
- *
- * @param boolean $mark Value to set, defaults to "true"
- *
- * @return void
- */
- public function markAsNew($mark = true)
- {
- $this->_new = ($mark)? true : false;
- }
-
- /**
- * Applies a regular expression onto a single- or multivalued attribute (like preg_match())
- *
- * This method behaves like PHPs preg_match() but with some exceptions.
- * If you want to retrieve match information, then you MUST pass the
- * $matches parameter via reference! otherwise you will get no matches.
- * Since it is possible to have multi valued attributes the $matches
- * array will have a additionally numerical dimension (one for each value):
- * <code>
- * $matches = array(
- * 0 => array (usual preg_match() returnarray),
- * 1 => array (usual preg_match() returnarray)
- * )
- * </code>
- * Please note, that $matches will be initialized to an empty array inside.
- *
- * Usage example:
- * <code>
- * $result = $entry->preg_match('/089(\d+)/', 'telephoneNumber', &$matches);
- * if ( $result === true ){
- * echo "First match: ".$matches[0][1]; // Match of value 1, content of first bracket
- * } else {
- * if ( Net_LDAP2::isError($result) ) {
- * echo "Error: ".$result->getMessage();
- * } else {
- * echo "No match found.";
- * }
- * }
- * </code>
- *
- * Please note that it is important to test for an Net_LDAP2_Error, because objects are
- * evaluating to true by default, thus if an error occured, and you only check using "==" then
- * you get misleading results. Use the "identical" (===) operator to test for matches to
- * avoid this as shown above.
- *
- * @param string $regex The regular expression
- * @param string $attr_name The attribute to search in
- * @param array $matches (optional, PASS BY REFERENCE!) Array to store matches in
- *
- * @return boolean|Net_LDAP2_Error TRUE, if we had a match in one of the values, otherwise false. Net_LDAP2_Error in case something went wrong
- */
- public function pregMatch($regex, $attr_name, $matches = array())
- {
- $matches = array();
-
- // fetch attribute values
- $attr = $this->getValue($attr_name, 'all');
- if (Net_LDAP2::isError($attr)) {
- return $attr;
- } else {
- unset($attr['count']);
- }
-
- // perform preg_match() on all values
- $match = false;
- foreach ($attr as $thisvalue) {
- $matches_int = array();
- if (preg_match($regex, $thisvalue, $matches_int)) {
- $match = true;
- array_push($matches, $matches_int); // store matches in reference
- }
- }
- return $match;
- }
-
- /**
- * Alias of {@link pregMatch()} for compatibility to Net_LDAP 1
- *
- * @see pregMatch()
- * @return boolean|Net_LDAP2_Error
- */
- public function preg_match()
- {
- $args = func_get_args();
- return call_user_func_array(array( &$this, 'pregMatch' ), $args);
- }
-
- /**
- * Tells if the entry is consiedered as new (not present in the server)
- *
- * Please note, that this doesn't tell you if the entry is present on the server.
- * Use {@link Net_LDAP2::dnExists()} to see if an entry is already there.
- *
- * @return boolean
- */
- public function isNew()
- {
- return $this->_new;
- }
-
-
- /**
- * Is this entry going to be deleted once update() is called?
- *
- * @return boolean
- */
- public function willBeDeleted()
- {
- return $this->_delete;
- }
-
- /**
- * Is this entry going to be moved once update() is called?
- *
- * @return boolean
- */
- public function willBeMoved()
- {
- return ($this->dn() !== $this->currentDN());
- }
-
- /**
- * Returns always the original DN
- *
- * If an entry will be moved but {@link update()} was not called,
- * {@link dn()} will return the new DN. This method however, returns
- * always the current active DN.
- *
- * @return string
- */
- public function currentDN()
- {
- return $this->_dn;
- }
-
- /**
- * Returns the attribute changes to be carried out once update() is called
- *
- * @return array
- */
- public function getChanges()
- {
- return $this->_changes;
- }
-}
-?>
diff --git a/extlib/Net/LDAP2/Filter.php b/extlib/Net/LDAP2/Filter.php
deleted file mode 100644
index 0723edab2..000000000
--- a/extlib/Net/LDAP2/Filter.php
+++ /dev/null
@@ -1,514 +0,0 @@
-<?php
-/* vim: set expandtab tabstop=4 shiftwidth=4: */
-/**
-* File containing the Net_LDAP2_Filter interface class.
-*
-* PHP version 5
-*
-* @category Net
-* @package Net_LDAP2
-* @author Benedikt Hallinger <beni@php.net>
-* @copyright 2009 Benedikt Hallinger
-* @license http://www.gnu.org/licenses/lgpl-3.0.txt LGPLv3
-* @version SVN: $Id: Filter.php 289978 2009-10-27 09:56:41Z beni $
-* @link http://pear.php.net/package/Net_LDAP2/
-*/
-
-/**
-* Includes
-*/
-require_once 'PEAR.php';
-require_once 'Util.php';
-
-/**
-* Object representation of a part of a LDAP filter.
-*
-* This Class is not completely compatible to the PERL interface!
-*
-* The purpose of this class is, that users can easily build LDAP filters
-* without having to worry about right escaping etc.
-* A Filter is built using several independent filter objects
-* which are combined afterwards. This object works in two
-* modes, depending how the object is created.
-* If the object is created using the {@link create()} method, then this is a leaf-object.
-* If the object is created using the {@link combine()} method, then this is a container object.
-*
-* LDAP filters are defined in RFC-2254 and can be found under
-* {@link http://www.ietf.org/rfc/rfc2254.txt}
-*
-* Here a quick copy&paste example:
-* <code>
-* $filter0 = Net_LDAP2_Filter::create('stars', 'equals', '***');
-* $filter_not0 = Net_LDAP2_Filter::combine('not', $filter0);
-*
-* $filter1 = Net_LDAP2_Filter::create('gn', 'begins', 'bar');
-* $filter2 = Net_LDAP2_Filter::create('gn', 'ends', 'baz');
-* $filter_comp = Net_LDAP2_Filter::combine('or',array($filter_not0, $filter1, $filter2));
-*
-* echo $filter_comp->asString();
-* // This will output: (|(!(stars=\0x5c0x2a\0x5c0x2a\0x5c0x2a))(gn=bar*)(gn=*baz))
-* // The stars in $filter0 are treaten as real stars unless you disable escaping.
-* </code>
-*
-* @category Net
-* @package Net_LDAP2
-* @author Benedikt Hallinger <beni@php.net>
-* @license http://www.gnu.org/copyleft/lesser.html LGPL
-* @link http://pear.php.net/package/Net_LDAP2/
-*/
-class Net_LDAP2_Filter extends PEAR
-{
- /**
- * Storage for combination of filters
- *
- * This variable holds a array of filter objects
- * that should be combined by this filter object.
- *
- * @access protected
- * @var array
- */
- protected $_subfilters = array();
-
- /**
- * Match of this filter
- *
- * If this is a leaf filter, then a matching rule is stored,
- * if it is a container, then it is a logical operator
- *
- * @access protected
- * @var string
- */
- protected $_match;
-
- /**
- * Single filter
- *
- * If we operate in leaf filter mode,
- * then the constructing method stores
- * the filter representation here
- *
- * @acces private
- * @var string
- */
- protected $_filter;
-
- /**
- * Create a new Net_LDAP2_Filter object and parse $filter.
- *
- * This is for PERL Net::LDAP interface.
- * Construction of Net_LDAP2_Filter objects should happen through either
- * {@link create()} or {@link combine()} which give you more control.
- * However, you may use the perl iterface if you already have generated filters.
- *
- * @param string $filter LDAP filter string
- *
- * @see parse()
- */
- public function __construct($filter = false)
- {
- // The optional parameter must remain here, because otherwise create() crashes
- if (false !== $filter) {
- $filter_o = self::parse($filter);
- if (PEAR::isError($filter_o)) {
- $this->_filter = $filter_o; // assign error, so asString() can report it
- } else {
- $this->_filter = $filter_o->asString();
- }
- }
- }
-
- /**
- * Constructor of a new part of a LDAP filter.
- *
- * The following matching rules exists:
- * - equals: One of the attributes values is exactly $value
- * Please note that case sensitiviness is depends on the
- * attributes syntax configured in the server.
- * - begins: One of the attributes values must begin with $value
- * - ends: One of the attributes values must end with $value
- * - contains: One of the attributes values must contain $value
- * - present | any: The attribute can contain any value but must be existent
- * - greater: The attributes value is greater than $value
- * - less: The attributes value is less than $value
- * - greaterOrEqual: The attributes value is greater or equal than $value
- * - lessOrEqual: The attributes value is less or equal than $value
- * - approx: One of the attributes values is similar to $value
- *
- * If $escape is set to true (default) then $value will be escaped
- * properly. If it is set to false then $value will be treaten as raw filter value string.
- * You should escape yourself using {@link Net_LDAP2_Util::escape_filter_value()}!
- *
- * Examples:
- * <code>
- * // This will find entries that contain an attribute "sn" that ends with "foobar":
- * $filter = new Net_LDAP2_Filter('sn', 'ends', 'foobar');
- *
- * // This will find entries that contain an attribute "sn" that has any value set:
- * $filter = new Net_LDAP2_Filter('sn', 'any');
- * </code>
- *
- * @param string $attr_name Name of the attribute the filter should apply to
- * @param string $match Matching rule (equals, begins, ends, contains, greater, less, greaterOrEqual, lessOrEqual, approx, any)
- * @param string $value (optional) if given, then this is used as a filter
- * @param boolean $escape Should $value be escaped? (default: yes, see {@link Net_LDAP2_Util::escape_filter_value()} for detailed information)
- *
- * @return Net_LDAP2_Filter|Net_LDAP2_Error
- */
- public static function &create($attr_name, $match, $value = '', $escape = true)
- {
- $leaf_filter = new Net_LDAP2_Filter();
- if ($escape) {
- $array = Net_LDAP2_Util::escape_filter_value(array($value));
- $value = $array[0];
- }
- switch (strtolower($match)) {
- case 'equals':
- $leaf_filter->_filter = '(' . $attr_name . '=' . $value . ')';
- break;
- case 'begins':
- $leaf_filter->_filter = '(' . $attr_name . '=' . $value . '*)';
- break;
- case 'ends':
- $leaf_filter->_filter = '(' . $attr_name . '=*' . $value . ')';
- break;
- case 'contains':
- $leaf_filter->_filter = '(' . $attr_name . '=*' . $value . '*)';
- break;
- case 'greater':
- $leaf_filter->_filter = '(' . $attr_name . '>' . $value . ')';
- break;
- case 'less':
- $leaf_filter->_filter = '(' . $attr_name . '<' . $value . ')';
- break;
- case 'greaterorequal':
- case '>=':
- $leaf_filter->_filter = '(' . $attr_name . '>=' . $value . ')';
- break;
- case 'lessorequal':
- case '<=':
- $leaf_filter->_filter = '(' . $attr_name . '<=' . $value . ')';
- break;
- case 'approx':
- case '~=':
- $leaf_filter->_filter = '(' . $attr_name . '~=' . $value . ')';
- break;
- case 'any':
- case 'present': // alias that may improve user code readability
- $leaf_filter->_filter = '(' . $attr_name . '=*)';
- break;
- default:
- return PEAR::raiseError('Net_LDAP2_Filter create error: matching rule "' . $match . '" not known!');
- }
- return $leaf_filter;
- }
-
- /**
- * Combine two or more filter objects using a logical operator
- *
- * This static method combines two or more filter objects and returns one single
- * filter object that contains all the others.
- * Call this method statically: $filter = Net_LDAP2_Filter('or', array($filter1, $filter2))
- * If the array contains filter strings instead of filter objects, we will try to parse them.
- *
- * @param string $log_op The locicall operator. May be "and", "or", "not" or the subsequent logical equivalents "&", "|", "!"
- * @param array|Net_LDAP2_Filter $filters array with Net_LDAP2_Filter objects
- *
- * @return Net_LDAP2_Filter|Net_LDAP2_Error
- * @static
- */
- public static function &combine($log_op, $filters)
- {
- if (PEAR::isError($filters)) {
- return $filters;
- }
-
- // substitude named operators to logical operators
- if ($log_op == 'and') $log_op = '&';
- if ($log_op == 'or') $log_op = '|';
- if ($log_op == 'not') $log_op = '!';
-
- // tests for sane operation
- if ($log_op == '!') {
- // Not-combination, here we only accept one filter object or filter string
- if ($filters instanceof Net_LDAP2_Filter) {
- $filters = array($filters); // force array
- } elseif (is_string($filters)) {
- $filter_o = self::parse($filters);
- if (PEAR::isError($filter_o)) {
- $err = PEAR::raiseError('Net_LDAP2_Filter combine error: '.$filter_o->getMessage());
- return $err;
- } else {
- $filters = array($filter_o);
- }
- } elseif (is_array($filters)) {
- $err = PEAR::raiseError('Net_LDAP2_Filter combine error: operator is "not" but $filter is an array!');
- return $err;
- } else {
- $err = PEAR::raiseError('Net_LDAP2_Filter combine error: operator is "not" but $filter is not a valid Net_LDAP2_Filter nor a filter string!');
- return $err;
- }
- } elseif ($log_op == '&' || $log_op == '|') {
- if (!is_array($filters) || count($filters) < 2) {
- $err = PEAR::raiseError('Net_LDAP2_Filter combine error: parameter $filters is not an array or contains less than two Net_LDAP2_Filter objects!');
- return $err;
- }
- } else {
- $err = PEAR::raiseError('Net_LDAP2_Filter combine error: logical operator is not known!');
- return $err;
- }
-
- $combined_filter = new Net_LDAP2_Filter();
- foreach ($filters as $key => $testfilter) { // check for errors
- if (PEAR::isError($testfilter)) {
- return $testfilter;
- } elseif (is_string($testfilter)) {
- // string found, try to parse into an filter object
- $filter_o = self::parse($testfilter);
- if (PEAR::isError($filter_o)) {
- return $filter_o;
- } else {
- $filters[$key] = $filter_o;
- }
- } elseif (!$testfilter instanceof Net_LDAP2_Filter) {
- $err = PEAR::raiseError('Net_LDAP2_Filter combine error: invalid object passed in array $filters!');
- return $err;
- }
- }
-
- $combined_filter->_subfilters = $filters;
- $combined_filter->_match = $log_op;
- return $combined_filter;
- }
-
- /**
- * Parse FILTER into a Net_LDAP2_Filter object
- *
- * This parses an filter string into Net_LDAP2_Filter objects.
- *
- * @param string $FILTER The filter string
- *
- * @access static
- * @return Net_LDAP2_Filter|Net_LDAP2_Error
- * @todo Leaf-mode: Do we need to escape at all? what about *-chars?check for the need of encoding values, tackle problems (see code comments)
- */
- public static function parse($FILTER)
- {
- if (preg_match('/^\((.+?)\)$/', $FILTER, $matches)) {
- if (in_array(substr($matches[1], 0, 1), array('!', '|', '&'))) {
- // Subfilter processing: pass subfilters to parse() and combine
- // the objects using the logical operator detected
- // we have now something like "&(...)(...)(...)" but at least one part ("!(...)").
- // Each subfilter could be an arbitary complex subfilter.
-
- // extract logical operator and filter arguments
- $log_op = substr($matches[1], 0, 1);
- $remaining_component = substr($matches[1], 1);
-
- // split $remaining_component into individual subfilters
- // we cannot use split() for this, because we do not know the
- // complexiness of the subfilter. Thus, we look trough the filter
- // string and just recognize ending filters at the first level.
- // We record the index number of the char and use that information
- // later to split the string.
- $sub_index_pos = array();
- $prev_char = ''; // previous character looked at
- $level = 0; // denotes the current bracket level we are,
- // >1 is too deep, 1 is ok, 0 is outside any
- // subcomponent
- for ($curpos = 0; $curpos < strlen($remaining_component); $curpos++) {
- $cur_char = substr($remaining_component, $curpos, 1);
-
- // rise/lower bracket level
- if ($cur_char == '(' && $prev_char != '\\') {
- $level++;
- } elseif ($cur_char == ')' && $prev_char != '\\') {
- $level--;
- }
-
- if ($cur_char == '(' && $prev_char == ')' && $level == 1) {
- array_push($sub_index_pos, $curpos); // mark the position for splitting
- }
- $prev_char = $cur_char;
- }
-
- // now perform the splits. To get also the last part, we
- // need to add the "END" index to the split array
- array_push($sub_index_pos, strlen($remaining_component));
- $subfilters = array();
- $oldpos = 0;
- foreach ($sub_index_pos as $s_pos) {
- $str_part = substr($remaining_component, $oldpos, $s_pos - $oldpos);
- array_push($subfilters, $str_part);
- $oldpos = $s_pos;
- }
-
- // some error checking...
- if (count($subfilters) == 1) {
- // only one subfilter found
- } elseif (count($subfilters) > 1) {
- // several subfilters found
- if ($log_op == "!") {
- return PEAR::raiseError("Filter parsing error: invalid filter syntax - NOT operator detected but several arguments given!");
- }
- } else {
- // this should not happen unless the user specified a wrong filter
- return PEAR::raiseError("Filter parsing error: invalid filter syntax - got operator '$log_op' but no argument!");
- }
-
- // Now parse the subfilters into objects and combine them using the operator
- $subfilters_o = array();
- foreach ($subfilters as $s_s) {
- $o = self::parse($s_s);
- if (PEAR::isError($o)) {
- return $o;
- } else {
- array_push($subfilters_o, self::parse($s_s));
- }
- }
-
- $filter_o = self::combine($log_op, $subfilters_o);
- return $filter_o;
-
- } else {
- // This is one leaf filter component, do some syntax checks, then escape and build filter_o
- // $matches[1] should be now something like "foo=bar"
-
- // detect multiple leaf components
- // [TODO] Maybe this will make problems with filters containing brackets inside the value
- if (stristr($matches[1], ')(')) {
- return PEAR::raiseError("Filter parsing error: invalid filter syntax - multiple leaf components detected!");
- } else {
- $filter_parts = preg_split('/(?<!\\\\)(=|=~|>|<|>=|<=)/', $matches[1], 2, PREG_SPLIT_DELIM_CAPTURE);
- if (count($filter_parts) != 3) {
- return PEAR::raiseError("Filter parsing error: invalid filter syntax - unknown matching rule used");
- } else {
- $filter_o = new Net_LDAP2_Filter();
- // [TODO]: Do we need to escape at all? what about *-chars user provide and that should remain special?
- // I think, those prevent escaping! We need to check against PERL Net::LDAP!
- // $value_arr = Net_LDAP2_Util::escape_filter_value(array($filter_parts[2]));
- // $value = $value_arr[0];
- $value = $filter_parts[2];
- $filter_o->_filter = '('.$filter_parts[0].$filter_parts[1].$value.')';
- return $filter_o;
- }
- }
- }
- } else {
- // ERROR: Filter components must be enclosed in round brackets
- return PEAR::raiseError("Filter parsing error: invalid filter syntax - filter components must be enclosed in round brackets");
- }
- }
-
- /**
- * Get the string representation of this filter
- *
- * This method runs through all filter objects and creates
- * the string representation of the filter. If this
- * filter object is a leaf filter, then it will return
- * the string representation of this filter.
- *
- * @return string|Net_LDAP2_Error
- */
- public function asString()
- {
- if ($this->isLeaf()) {
- $return = $this->_filter;
- } else {
- $return = '';
- foreach ($this->_subfilters as $filter) {
- $return = $return.$filter->asString();
- }
- $return = '(' . $this->_match . $return . ')';
- }
- return $return;
- }
-
- /**
- * Alias for perl interface as_string()
- *
- * @see asString()
- * @return string|Net_LDAP2_Error
- */
- public function as_string()
- {
- return $this->asString();
- }
-
- /**
- * Print the text representation of the filter to FH, or the currently selected output handle if FH is not given
- *
- * This method is only for compatibility to the perl interface.
- * However, the original method was called "print" but due to PHP language restrictions,
- * we can't have a print() method.
- *
- * @param resource $FH (optional) A filehandle resource
- *
- * @return true|Net_LDAP2_Error
- */
- public function printMe($FH = false)
- {
- if (!is_resource($FH)) {
- if (PEAR::isError($FH)) {
- return $FH;
- }
- $filter_str = $this->asString();
- if (PEAR::isError($filter_str)) {
- return $filter_str;
- } else {
- print($filter_str);
- }
- } else {
- $filter_str = $this->asString();
- if (PEAR::isError($filter_str)) {
- return $filter_str;
- } else {
- $res = @fwrite($FH, $this->asString());
- if ($res == false) {
- return PEAR::raiseError("Unable to write filter string to filehandle \$FH!");
- }
- }
- }
- return true;
- }
-
- /**
- * This can be used to escape a string to provide a valid LDAP-Filter.
- *
- * LDAP will only recognise certain characters as the
- * character istself if they are properly escaped. This is
- * what this method does.
- * The method can be called statically, so you can use it outside
- * for your own purposes (eg for escaping only parts of strings)
- *
- * In fact, this is just a shorthand to {@link Net_LDAP2_Util::escape_filter_value()}.
- * For upward compatibiliy reasons you are strongly encouraged to use the escape
- * methods provided by the Net_LDAP2_Util class.
- *
- * @param string $value Any string who should be escaped
- *
- * @static
- * @return string The string $string, but escaped
- * @deprecated Do not use this method anymore, instead use Net_LDAP2_Util::escape_filter_value() directly
- */
- public static function escape($value)
- {
- $return = Net_LDAP2_Util::escape_filter_value(array($value));
- return $return[0];
- }
-
- /**
- * Is this a container or a leaf filter object?
- *
- * @access protected
- * @return boolean
- */
- protected function isLeaf()
- {
- if (count($this->_subfilters) > 0) {
- return false; // Container!
- } else {
- return true; // Leaf!
- }
- }
-}
-?>
diff --git a/extlib/Net/LDAP2/LDIF.php b/extlib/Net/LDAP2/LDIF.php
deleted file mode 100644
index 34f3e75dd..000000000
--- a/extlib/Net/LDAP2/LDIF.php
+++ /dev/null
@@ -1,922 +0,0 @@
-<?php
-/* vim: set expandtab tabstop=4 shiftwidth=4: */
-/**
-* File containing the Net_LDAP2_LDIF interface class.
-*
-* PHP version 5
-*
-* @category Net
-* @package Net_LDAP2
-* @author Benedikt Hallinger <beni@php.net>
-* @copyright 2009 Benedikt Hallinger
-* @license http://www.gnu.org/licenses/lgpl-3.0.txt LGPLv3
-* @version SVN: $Id: LDIF.php 286718 2009-08-03 07:30:49Z beni $
-* @link http://pear.php.net/package/Net_LDAP2/
-*/
-
-/**
-* Includes
-*/
-require_once 'PEAR.php';
-require_once 'Net/LDAP2.php';
-require_once 'Net/LDAP2/Entry.php';
-require_once 'Net/LDAP2/Util.php';
-
-/**
-* LDIF capabilitys for Net_LDAP2, closely taken from PERLs Net::LDAP
-*
-* It provides a means to convert between Net_LDAP2_Entry objects and LDAP entries
-* represented in LDIF format files. Reading and writing are supported and may
-* manipulate single entries or lists of entries.
-*
-* Usage example:
-* <code>
-* // Read and parse an ldif-file into Net_LDAP2_Entry objects
-* // and print out the DNs. Store the entries for later use.
-* require 'Net/LDAP2/LDIF.php';
-* $options = array(
-* 'onerror' => 'die'
-* );
-* $entries = array();
-* $ldif = new Net_LDAP2_LDIF('test.ldif', 'r', $options);
-* do {
-* $entry = $ldif->read_entry();
-* $dn = $entry->dn();
-* echo " done building entry: $dn\n";
-* array_push($entries, $entry);
-* } while (!$ldif->eof());
-* $ldif->done();
-*
-*
-* // write those entries to another file
-* $ldif = new Net_LDAP2_LDIF('test.out.ldif', 'w', $options);
-* $ldif->write_entry($entries);
-* $ldif->done();
-* </code>
-*
-* @category Net
-* @package Net_LDAP2
-* @author Benedikt Hallinger <beni@php.net>
-* @license http://www.gnu.org/copyleft/lesser.html LGPL
-* @link http://pear.php.net/package/Net_LDAP22/
-* @see http://www.ietf.org/rfc/rfc2849.txt
-* @todo Error handling should be PEARified
-* @todo LDAPv3 controls are not implemented yet
-*/
-class Net_LDAP2_LDIF extends PEAR
-{
- /**
- * Options
- *
- * @access protected
- * @var array
- */
- protected $_options = array('encode' => 'base64',
- 'onerror' => null,
- 'change' => 0,
- 'lowercase' => 0,
- 'sort' => 0,
- 'version' => null,
- 'wrap' => 78,
- 'raw' => ''
- );
-
- /**
- * Errorcache
- *
- * @access protected
- * @var array
- */
- protected $_error = array('error' => null,
- 'line' => 0
- );
-
- /**
- * Filehandle for read/write
- *
- * @access protected
- * @var array
- */
- protected $_FH = null;
-
- /**
- * Says, if we opened the filehandle ourselves
- *
- * @access protected
- * @var array
- */
- protected $_FH_opened = false;
-
- /**
- * Linecounter for input file handle
- *
- * @access protected
- * @var array
- */
- protected $_input_line = 0;
-
- /**
- * counter for processed entries
- *
- * @access protected
- * @var int
- */
- protected $_entrynum = 0;
-
- /**
- * Mode we are working in
- *
- * Either 'r', 'a' or 'w'
- *
- * @access protected
- * @var string
- */
- protected $_mode = false;
-
- /**
- * Tells, if the LDIF version string was already written
- *
- * @access protected
- * @var boolean
- */
- protected $_version_written = false;
-
- /**
- * Cache for lines that have build the current entry
- *
- * @access protected
- * @var boolean
- */
- protected $_lines_cur = array();
-
- /**
- * Cache for lines that will build the next entry
- *
- * @access protected
- * @var boolean
- */
- protected $_lines_next = array();
-
- /**
- * Open LDIF file for reading or for writing
- *
- * new (FILE):
- * Open the file read-only. FILE may be the name of a file
- * or an already open filehandle.
- * If the file doesn't exist, it will be created if in write mode.
- *
- * new (FILE, MODE, OPTIONS):
- * Open the file with the given MODE (see PHPs fopen()), eg "w" or "a".
- * FILE may be the name of a file or an already open filehandle.
- * PERLs Net_LDAP2 "FILE|" mode does not work curently.
- *
- * OPTIONS is an associative array and may contain:
- * encode => 'none' | 'canonical' | 'base64'
- * Some DN values in LDIF cannot be written verbatim and have to be encoded in some way:
- * 'none' No encoding.
- * 'canonical' See "canonical_dn()" in Net::LDAP::Util.
- * 'base64' Use base64. (default, this differs from the Perl interface.
- * The perl default is "none"!)
- *
- * onerror => 'die' | 'warn' | NULL
- * Specify what happens when an error is detected.
- * 'die' Net_LDAP2_LDIF will croak with an appropriate message.
- * 'warn' Net_LDAP2_LDIF will warn (echo) with an appropriate message.
- * NULL Net_LDAP2_LDIF will not warn (default), use error().
- *
- * change => 1
- * Write entry changes to the LDIF file instead of the entries itself. I.e. write LDAP
- * operations acting on the entries to the file instead of the entries contents.
- * This writes the changes usually carried out by an update() to the LDIF file.
- *
- * lowercase => 1
- * Convert attribute names to lowercase when writing.
- *
- * sort => 1
- * Sort attribute names when writing entries according to the rule:
- * objectclass first then all other attributes alphabetically sorted by attribute name
- *
- * version => '1'
- * Set the LDIF version to write to the resulting LDIF file.
- * According to RFC 2849 currently the only legal value for this option is 1.
- * When this option is set Net_LDAP2_LDIF tries to adhere more strictly to
- * the LDIF specification in RFC2489 in a few places.
- * The default is NULL meaning no version information is written to the LDIF file.
- *
- * wrap => 78
- * Number of columns where output line wrapping shall occur.
- * Default is 78. Setting it to 40 or lower inhibits wrapping.
- *
- * raw => REGEX
- * Use REGEX to denote the names of attributes that are to be
- * considered binary in search results if writing entries.
- * Example: raw => "/(?i:^jpegPhoto|;binary)/i"
- *
- * @param string|ressource $file Filename or filehandle
- * @param string $mode Mode to open filename
- * @param array $options Options like described above
- */
- public function __construct($file, $mode = 'r', $options = array())
- {
- $this->PEAR('Net_LDAP2_Error'); // default error class
-
- // First, parse options
- // todo: maybe implement further checks on possible values
- foreach ($options as $option => $value) {
- if (!array_key_exists($option, $this->_options)) {
- $this->dropError('Net_LDAP2_LDIF error: option '.$option.' not known!');
- return;
- } else {
- $this->_options[$option] = strtolower($value);
- }
- }
-
- // setup LDIF class
- $this->version($this->_options['version']);
-
- // setup file mode
- if (!preg_match('/^[rwa]\+?$/', $mode)) {
- $this->dropError('Net_LDAP2_LDIF error: file mode '.$mode.' not supported!');
- } else {
- $this->_mode = $mode;
-
- // setup filehandle
- if (is_resource($file)) {
- // TODO: checks on mode possible?
- $this->_FH =& $file;
- } else {
- $imode = substr($this->_mode, 0, 1);
- if ($imode == 'r') {
- if (!file_exists($file)) {
- $this->dropError('Unable to open '.$file.' for read: file not found');
- $this->_mode = false;
- }
- if (!is_readable($file)) {
- $this->dropError('Unable to open '.$file.' for read: permission denied');
- $this->_mode = false;
- }
- }
-
- if (($imode == 'w' || $imode == 'a')) {
- if (file_exists($file)) {
- if (!is_writable($file)) {
- $this->dropError('Unable to open '.$file.' for write: permission denied');
- $this->_mode = false;
- }
- } else {
- if (!@touch($file)) {
- $this->dropError('Unable to create '.$file.' for write: permission denied');
- $this->_mode = false;
- }
- }
- }
-
- if ($this->_mode) {
- $this->_FH = @fopen($file, $this->_mode);
- if (false === $this->_FH) {
- // Fallback; should never be reached if tests above are good enough!
- $this->dropError('Net_LDAP2_LDIF error: Could not open file '.$file);
- } else {
- $this->_FH_opened = true;
- }
- }
- }
- }
- }
-
- /**
- * Read one entry from the file and return it as a Net::LDAP::Entry object.
- *
- * @return Net_LDAP2_Entry
- */
- public function read_entry()
- {
- // read fresh lines, set them as current lines and create the entry
- $attrs = $this->next_lines(true);
- if (count($attrs) > 0) {
- $this->_lines_cur = $attrs;
- }
- return $this->current_entry();
- }
-
- /**
- * Returns true when the end of the file is reached.
- *
- * @return boolean
- */
- public function eof()
- {
- return feof($this->_FH);
- }
-
- /**
- * Write the entry or entries to the LDIF file.
- *
- * If you want to build an LDIF file containing several entries AND
- * you want to call write_entry() several times, you must open the filehandle
- * in append mode ("a"), otherwise you will always get the last entry only.
- *
- * @param Net_LDAP2_Entry|array $entries Entry or array of entries
- *
- * @return void
- * @todo implement operations on whole entries (adding a whole entry)
- */
- public function write_entry($entries)
- {
- if (!is_array($entries)) {
- $entries = array($entries);
- }
-
- foreach ($entries as $entry) {
- $this->_entrynum++;
- if (!$entry instanceof Net_LDAP2_Entry) {
- $this->dropError('Net_LDAP2_LDIF error: entry '.$this->_entrynum.' is not an Net_LDAP2_Entry object');
- } else {
- if ($this->_options['change']) {
- // LDIF change mode
- // fetch change information from entry
- $entry_attrs_changes = $entry->getChanges();
- $num_of_changes = count($entry_attrs_changes['add'])
- + count($entry_attrs_changes['replace'])
- + count($entry_attrs_changes['delete']);
-
- $is_changed = ($num_of_changes > 0 || $entry->willBeDeleted() || $entry->willBeMoved());
-
- // write version if not done yet
- // also write DN of entry
- if ($is_changed) {
- if (!$this->_version_written) {
- $this->write_version();
- }
- $this->writeDN($entry->currentDN());
- }
-
- // process changes
- // TODO: consider DN add!
- if ($entry->willBeDeleted()) {
- $this->writeLine("changetype: delete".PHP_EOL);
- } elseif ($entry->willBeMoved()) {
- $this->writeLine("changetype: modrdn".PHP_EOL);
- $olddn = Net_LDAP2_Util::ldap_explode_dn($entry->currentDN(), array('casefold' => 'none')); // maybe gives a bug if using multivalued RDNs
- $oldrdn = array_shift($olddn);
- $oldparent = implode(',', $olddn);
- $newdn = Net_LDAP2_Util::ldap_explode_dn($entry->dn(), array('casefold' => 'none')); // maybe gives a bug if using multivalued RDNs
- $rdn = array_shift($newdn);
- $parent = implode(',', $newdn);
- $this->writeLine("newrdn: ".$rdn.PHP_EOL);
- $this->writeLine("deleteoldrdn: 1".PHP_EOL);
- if ($parent !== $oldparent) {
- $this->writeLine("newsuperior: ".$parent.PHP_EOL);
- }
- // TODO: What if the entry has attribute changes as well?
- // I think we should check for that and make a dummy
- // entry with the changes that is written to the LDIF file
- } elseif ($num_of_changes > 0) {
- // write attribute change data
- $this->writeLine("changetype: modify".PHP_EOL);
- foreach ($entry_attrs_changes as $changetype => $entry_attrs) {
- foreach ($entry_attrs as $attr_name => $attr_values) {
- $this->writeLine("$changetype: $attr_name".PHP_EOL);
- if ($attr_values !== null) $this->writeAttribute($attr_name, $attr_values, $changetype);
- $this->writeLine("-".PHP_EOL);
- }
- }
- }
-
- // finish this entrys data if we had changes
- if ($is_changed) {
- $this->finishEntry();
- }
- } else {
- // LDIF-content mode
- // fetch attributes for further processing
- $entry_attrs = $entry->getValues();
-
- // sort and put objectclass-attrs to first position
- if ($this->_options['sort']) {
- ksort($entry_attrs);
- if (array_key_exists('objectclass', $entry_attrs)) {
- $oc = $entry_attrs['objectclass'];
- unset($entry_attrs['objectclass']);
- $entry_attrs = array_merge(array('objectclass' => $oc), $entry_attrs);
- }
- }
-
- // write data
- if (!$this->_version_written) {
- $this->write_version();
- }
- $this->writeDN($entry->dn());
- foreach ($entry_attrs as $attr_name => $attr_values) {
- $this->writeAttribute($attr_name, $attr_values);
- }
- $this->finishEntry();
- }
- }
- }
- }
-
- /**
- * Write version to LDIF
- *
- * If the object's version is defined, this method allows to explicitely write the version before an entry is written.
- * If not called explicitely, it gets called automatically when writing the first entry.
- *
- * @return void
- */
- public function write_version()
- {
- $this->_version_written = true;
- if (!is_null($this->version())) {
- return $this->writeLine('version: '.$this->version().PHP_EOL, 'Net_LDAP2_LDIF error: unable to write version');
- }
- }
-
- /**
- * Get or set LDIF version
- *
- * If called without arguments it returns the version of the LDIF file or NULL if no version has been set.
- * If called with an argument it sets the LDIF version to VERSION.
- * According to RFC 2849 currently the only legal value for VERSION is 1.
- *
- * @param int $version (optional) LDIF version to set
- *
- * @return int
- */
- public function version($version = null)
- {
- if ($version !== null) {
- if ($version != 1) {
- $this->dropError('Net_LDAP2_LDIF error: illegal LDIF version set');
- } else {
- $this->_options['version'] = $version;
- }
- }
- return $this->_options['version'];
- }
-
- /**
- * Returns the file handle the Net_LDAP2_LDIF object reads from or writes to.
- *
- * You can, for example, use this to fetch the content of the LDIF file yourself
- *
- * @return null|resource
- */
- public function &handle()
- {
- if (!is_resource($this->_FH)) {
- $this->dropError('Net_LDAP2_LDIF error: invalid file resource');
- $null = null;
- return $null;
- } else {
- return $this->_FH;
- }
- }
-
- /**
- * Clean up
- *
- * This method signals that the LDIF object is no longer needed.
- * You can use this to free up some memory and close the file handle.
- * The file handle is only closed, if it was opened from Net_LDAP2_LDIF.
- *
- * @return void
- */
- public function done()
- {
- // close FH if we opened it
- if ($this->_FH_opened) {
- fclose($this->handle());
- }
-
- // free variables
- foreach (get_object_vars($this) as $name => $value) {
- unset($this->$name);
- }
- }
-
- /**
- * Returns last error message if error was found.
- *
- * Example:
- * <code>
- * $ldif->someAction();
- * if ($ldif->error()) {
- * echo "Error: ".$ldif->error()." at input line: ".$ldif->error_lines();
- * }
- * </code>
- *
- * @param boolean $as_string If set to true, only the message is returned
- *
- * @return false|Net_LDAP2_Error
- */
- public function error($as_string = false)
- {
- if (Net_LDAP2::isError($this->_error['error'])) {
- return ($as_string)? $this->_error['error']->getMessage() : $this->_error['error'];
- } else {
- return false;
- }
- }
-
- /**
- * Returns lines that resulted in error.
- *
- * Perl returns an array of faulty lines in list context,
- * but we always just return an int because of PHPs language.
- *
- * @return int
- */
- public function error_lines()
- {
- return $this->_error['line'];
- }
-
- /**
- * Returns the current Net::LDAP::Entry object.
- *
- * @return Net_LDAP2_Entry|false
- */
- public function current_entry()
- {
- return $this->parseLines($this->current_lines());
- }
-
- /**
- * Parse LDIF lines of one entry into an Net_LDAP2_Entry object
- *
- * @param array $lines LDIF lines for one entry
- *
- * @return Net_LDAP2_Entry|false Net_LDAP2_Entry object for those lines
- * @todo what about file inclusions and urls? "jpegphoto:< file:///usr/local/directory/photos/fiona.jpg"
- */
- public function parseLines($lines)
- {
- // parse lines into an array of attributes and build the entry
- $attributes = array();
- $dn = false;
- foreach ($lines as $line) {
- if (preg_match('/^(\w+)(:|::|:<)\s(.+)$/', $line, $matches)) {
- $attr =& $matches[1];
- $delim =& $matches[2];
- $data =& $matches[3];
-
- if ($delim == ':') {
- // normal data
- $attributes[$attr][] = $data;
- } elseif ($delim == '::') {
- // base64 data
- $attributes[$attr][] = base64_decode($data);
- } elseif ($delim == ':<') {
- // file inclusion
- // TODO: Is this the job of the LDAP-client or the server?
- $this->dropError('File inclusions are currently not supported');
- //$attributes[$attr][] = ...;
- } else {
- // since the pattern above, the delimeter cannot be something else.
- $this->dropError('Net_LDAP2_LDIF parsing error: invalid syntax at parsing entry line: '.$line);
- continue;
- }
-
- if (strtolower($attr) == 'dn') {
- // DN line detected
- $dn = $attributes[$attr][0]; // save possibly decoded DN
- unset($attributes[$attr]); // remove wrongly added "dn: " attribute
- }
- } else {
- // line not in "attr: value" format -> ignore
- // maybe we should rise an error here, but this should be covered by
- // next_lines() already. A problem arises, if users try to feed data of
- // several entries to this method - the resulting entry will
- // get wrong attributes. However, this is already mentioned in the
- // methods documentation above.
- }
- }
-
- if (false === $dn) {
- $this->dropError('Net_LDAP2_LDIF parsing error: unable to detect DN for entry');
- return false;
- } else {
- $newentry = Net_LDAP2_Entry::createFresh($dn, $attributes);
- return $newentry;
- }
- }
-
- /**
- * Returns the lines that generated the current Net::LDAP::Entry object.
- *
- * Note that this returns an empty array if no lines have been read so far.
- *
- * @return array Array of lines
- */
- public function current_lines()
- {
- return $this->_lines_cur;
- }
-
- /**
- * Returns the lines that will generate the next Net::LDAP::Entry object.
- *
- * If you set $force to TRUE then you can iterate over the lines that build
- * up entries manually. Otherwise, iterating is done using {@link read_entry()}.
- * Force will move the file pointer forward, thus returning the next entries lines.
- *
- * Wrapped lines will be unwrapped. Comments are stripped.
- *
- * @param boolean $force Set this to true if you want to iterate over the lines manually
- *
- * @return array
- */
- public function next_lines($force = false)
- {
- // if we already have those lines, just return them, otherwise read
- if (count($this->_lines_next) == 0 || $force) {
- $this->_lines_next = array(); // empty in case something was left (if used $force)
- $entry_done = false;
- $fh = &$this->handle();
- $commentmode = false; // if we are in an comment, for wrapping purposes
- $datalines_read = 0; // how many lines with data we have read
-
- while (!$entry_done && !$this->eof()) {
- $this->_input_line++;
- // Read line. Remove line endings, we want only data;
- // this is okay since ending spaces should be encoded
- $data = rtrim(fgets($fh));
- if ($data === false) {
- // error only, if EOF not reached after fgets() call
- if (!$this->eof()) {
- $this->dropError('Net_LDAP2_LDIF error: error reading from file at input line '.$this->_input_line, $this->_input_line);
- }
- break;
- } else {
- if (count($this->_lines_next) > 0 && preg_match('/^$/', $data)) {
- // Entry is finished if we have an empty line after we had data
- $entry_done = true;
-
- // Look ahead if the next EOF is nearby. Comments and empty
- // lines at the file end may cause problems otherwise
- $current_pos = ftell($fh);
- $data = fgets($fh);
- while (!feof($fh)) {
- if (preg_match('/^\s*$/', $data) || preg_match('/^#/', $data)) {
- // only empty lines or comments, continue to seek
- // TODO: Known bug: Wrappings for comments are okay but are treaten as
- // error, since we do not honor comment mode here.
- // This should be a very theoretically case, however
- // i am willing to fix this if really necessary.
- $this->_input_line++;
- $current_pos = ftell($fh);
- $data = fgets($fh);
- } else {
- // Data found if non emtpy line and not a comment!!
- // Rewind to position prior last read and stop lookahead
- fseek($fh, $current_pos);
- break;
- }
- }
- // now we have either the file pointer at the beginning of
- // a new data position or at the end of file causing feof() to return true
-
- } else {
- // build lines
- if (preg_match('/^version:\s(.+)$/', $data, $match)) {
- // version statement, set version
- $this->version($match[1]);
- } elseif (preg_match('/^\w+::?\s.+$/', $data)) {
- // normal attribute: add line
- $commentmode = false;
- $this->_lines_next[] = trim($data);
- $datalines_read++;
- } elseif (preg_match('/^\s(.+)$/', $data, $matches)) {
- // wrapped data: unwrap if not in comment mode
- if (!$commentmode) {
- if ($datalines_read == 0) {
- // first line of entry: wrapped data is illegal
- $this->dropError('Net_LDAP2_LDIF error: illegal wrapping at input line '.$this->_input_line, $this->_input_line);
- } else {
- $last = array_pop($this->_lines_next);
- $last = $last.trim($matches[1]);
- $this->_lines_next[] = $last;
- $datalines_read++;
- }
- }
- } elseif (preg_match('/^#/', $data)) {
- // LDIF comments
- $commentmode = true;
- } elseif (preg_match('/^\s*$/', $data)) {
- // empty line but we had no data for this
- // entry, so just ignore this line
- $commentmode = false;
- } else {
- $this->dropError('Net_LDAP2_LDIF error: invalid syntax at input line '.$this->_input_line, $this->_input_line);
- continue;
- }
-
- }
- }
- }
- }
- return $this->_lines_next;
- }
-
- /**
- * Convert an attribute and value to LDIF string representation
- *
- * It honors correct encoding of values according to RFC 2849.
- * Line wrapping will occur at the configured maximum but only if
- * the value is greater than 40 chars.
- *
- * @param string $attr_name Name of the attribute
- * @param string $attr_value Value of the attribute
- *
- * @access protected
- * @return string LDIF string for that attribute and value
- */
- protected function convertAttribute($attr_name, $attr_value)
- {
- // Handle empty attribute or process
- if (strlen($attr_value) == 0) {
- $attr_value = " ";
- } else {
- $base64 = false;
- // ASCII-chars that are NOT safe for the
- // start and for being inside the value.
- // These are the int values of those chars.
- $unsafe_init = array(0, 10, 13, 32, 58, 60);
- $unsafe = array(0, 10, 13);
-
- // Test for illegal init char
- $init_ord = ord(substr($attr_value, 0, 1));
- if ($init_ord > 127 || in_array($init_ord, $unsafe_init)) {
- $base64 = true;
- }
-
- // Test for illegal content char
- for ($i = 0; $i < strlen($attr_value); $i++) {
- $char_ord = ord(substr($attr_value, $i, 1));
- if ($char_ord > 127 || in_array($char_ord, $unsafe)) {
- $base64 = true;
- }
- }
-
- // Test for ending space
- if (substr($attr_value, -1) == ' ') {
- $base64 = true;
- }
-
- // If converting is needed, do it
- // Either we have some special chars or a matching "raw" regex
- if ($base64 || ($this->_options['raw'] && preg_match($this->_options['raw'], $attr_name))) {
- $attr_name .= ':';
- $attr_value = base64_encode($attr_value);
- }
-
- // Lowercase attr names if requested
- if ($this->_options['lowercase']) $attr_name = strtolower($attr_name);
-
- // Handle line wrapping
- if ($this->_options['wrap'] > 40 && strlen($attr_value) > $this->_options['wrap']) {
- $attr_value = wordwrap($attr_value, $this->_options['wrap'], PHP_EOL." ", true);
- }
- }
-
- return $attr_name.': '.$attr_value;
- }
-
- /**
- * Convert an entries DN to LDIF string representation
- *
- * It honors correct encoding of values according to RFC 2849.
- *
- * @param string $dn UTF8-Encoded DN
- *
- * @access protected
- * @return string LDIF string for that DN
- * @todo I am not sure, if the UTF8 stuff is correctly handled right now
- */
- protected function convertDN($dn)
- {
- $base64 = false;
- // ASCII-chars that are NOT safe for the
- // start and for being inside the dn.
- // These are the int values of those chars.
- $unsafe_init = array(0, 10, 13, 32, 58, 60);
- $unsafe = array(0, 10, 13);
-
- // Test for illegal init char
- $init_ord = ord(substr($dn, 0, 1));
- if ($init_ord >= 127 || in_array($init_ord, $unsafe_init)) {
- $base64 = true;
- }
-
- // Test for illegal content char
- for ($i = 0; $i < strlen($dn); $i++) {
- $char = substr($dn, $i, 1);
- if (ord($char) >= 127 || in_array($init_ord, $unsafe)) {
- $base64 = true;
- }
- }
-
- // Test for ending space
- if (substr($dn, -1) == ' ') {
- $base64 = true;
- }
-
- // if converting is needed, do it
- return ($base64)? 'dn:: '.base64_encode($dn) : 'dn: '.$dn;
- }
-
- /**
- * Writes an attribute to the filehandle
- *
- * @param string $attr_name Name of the attribute
- * @param string|array $attr_values Single attribute value or array with attribute values
- *
- * @access protected
- * @return void
- */
- protected function writeAttribute($attr_name, $attr_values)
- {
- // write out attribute content
- if (!is_array($attr_values)) {
- $attr_values = array($attr_values);
- }
- foreach ($attr_values as $attr_val) {
- $line = $this->convertAttribute($attr_name, $attr_val).PHP_EOL;
- $this->writeLine($line, 'Net_LDAP2_LDIF error: unable to write attribute '.$attr_name.' of entry '.$this->_entrynum);
- }
- }
-
- /**
- * Writes a DN to the filehandle
- *
- * @param string $dn DN to write
- *
- * @access protected
- * @return void
- */
- protected function writeDN($dn)
- {
- // prepare DN
- if ($this->_options['encode'] == 'base64') {
- $dn = $this->convertDN($dn).PHP_EOL;
- } elseif ($this->_options['encode'] == 'canonical') {
- $dn = Net_LDAP2_Util::canonical_dn($dn, array('casefold' => 'none')).PHP_EOL;
- } else {
- $dn = $dn.PHP_EOL;
- }
- $this->writeLine($dn, 'Net_LDAP2_LDIF error: unable to write DN of entry '.$this->_entrynum);
- }
-
- /**
- * Finishes an LDIF entry
- *
- * @access protected
- * @return void
- */
- protected function finishEntry()
- {
- $this->writeLine(PHP_EOL, 'Net_LDAP2_LDIF error: unable to close entry '.$this->_entrynum);
- }
-
- /**
- * Just write an arbitary line to the filehandle
- *
- * @param string $line Content to write
- * @param string $error If error occurs, drop this message
- *
- * @access protected
- * @return true|false
- */
- protected function writeLine($line, $error = 'Net_LDAP2_LDIF error: unable to write to filehandle')
- {
- if (is_resource($this->handle()) && fwrite($this->handle(), $line, strlen($line)) === false) {
- $this->dropError($error);
- return false;
- } else {
- return true;
- }
- }
-
- /**
- * Optionally raises an error and pushes the error on the error cache
- *
- * @param string $msg Errortext
- * @param int $line Line in the LDIF that caused the error
- *
- * @access protected
- * @return void
- */
- protected function dropError($msg, $line = null)
- {
- $this->_error['error'] = new Net_LDAP2_Error($msg);
- if ($line !== null) $this->_error['line'] = $line;
-
- if ($this->_options['onerror'] == 'die') {
- die($msg.PHP_EOL);
- } elseif ($this->_options['onerror'] == 'warn') {
- echo $msg.PHP_EOL;
- }
- }
-}
-?>
diff --git a/extlib/Net/LDAP2/RootDSE.php b/extlib/Net/LDAP2/RootDSE.php
deleted file mode 100644
index 8dc81fd4f..000000000
--- a/extlib/Net/LDAP2/RootDSE.php
+++ /dev/null
@@ -1,240 +0,0 @@
-<?php
-/* vim: set expandtab tabstop=4 shiftwidth=4: */
-/**
-* File containing the Net_LDAP2_RootDSE interface class.
-*
-* PHP version 5
-*
-* @category Net
-* @package Net_LDAP2
-* @author Jan Wagner <wagner@netsols.de>
-* @copyright 2009 Jan Wagner
-* @license http://www.gnu.org/licenses/lgpl-3.0.txt LGPLv3
-* @version SVN: $Id: RootDSE.php 286718 2009-08-03 07:30:49Z beni $
-* @link http://pear.php.net/package/Net_LDAP2/
-*/
-
-/**
-* Includes
-*/
-require_once 'PEAR.php';
-
-/**
-* Getting the rootDSE entry of a LDAP server
-*
-* @category Net
-* @package Net_LDAP2
-* @author Jan Wagner <wagner@netsols.de>
-* @license http://www.gnu.org/copyleft/lesser.html LGPL
-* @link http://pear.php.net/package/Net_LDAP22/
-*/
-class Net_LDAP2_RootDSE extends PEAR
-{
- /**
- * @access protected
- * @var object Net_LDAP2_Entry
- **/
- protected $_entry;
-
- /**
- * Class constructor
- *
- * @param Net_LDAP2_Entry &$entry Net_LDAP2_Entry object of the RootDSE
- */
- protected function __construct(&$entry)
- {
- $this->_entry = $entry;
- }
-
- /**
- * Fetches a RootDSE object from an LDAP connection
- *
- * @param Net_LDAP2 $ldap Directory from which the RootDSE should be fetched
- * @param array $attrs Array of attributes to search for
- *
- * @access static
- * @return Net_LDAP2_RootDSE|Net_LDAP2_Error
- */
- public static function fetch($ldap, $attrs = null)
- {
- if (!$ldap instanceof Net_LDAP2) {
- return PEAR::raiseError("Unable to fetch Schema: Parameter \$ldap must be a Net_LDAP2 object!");
- }
-
- if (is_array($attrs) && count($attrs) > 0 ) {
- $attributes = $attrs;
- } else {
- $attributes = array('vendorName',
- 'vendorVersion',
- 'namingContexts',
- 'altServer',
- 'supportedExtension',
- 'supportedControl',
- 'supportedSASLMechanisms',
- 'supportedLDAPVersion',
- 'subschemaSubentry' );
- }
- $result = $ldap->search('', '(objectClass=*)', array('attributes' => $attributes, 'scope' => 'base'));
- if (self::isError($result)) {
- return $result;
- }
- $entry = $result->shiftEntry();
- if (false === $entry) {
- return PEAR::raiseError('Could not fetch RootDSE entry');
- }
- $ret = new Net_LDAP2_RootDSE($entry);
- return $ret;
- }
-
- /**
- * Gets the requested attribute value
- *
- * Same usuage as {@link Net_LDAP2_Entry::getValue()}
- *
- * @param string $attr Attribute name
- * @param array $options Array of options
- *
- * @access public
- * @return mixed Net_LDAP2_Error object or attribute values
- * @see Net_LDAP2_Entry::get_value()
- */
- public function getValue($attr = '', $options = '')
- {
- return $this->_entry->get_value($attr, $options);
- }
-
- /**
- * Alias function of getValue() for perl-ldap interface
- *
- * @see getValue()
- * @return mixed
- */
- public function get_value()
- {
- $args = func_get_args();
- return call_user_func_array(array( &$this, 'getValue' ), $args);
- }
-
- /**
- * Determines if the extension is supported
- *
- * @param array $oids Array of oids to check
- *
- * @access public
- * @return boolean
- */
- public function supportedExtension($oids)
- {
- return $this->checkAttr($oids, 'supportedExtension');
- }
-
- /**
- * Alias function of supportedExtension() for perl-ldap interface
- *
- * @see supportedExtension()
- * @return boolean
- */
- public function supported_extension()
- {
- $args = func_get_args();
- return call_user_func_array(array( &$this, 'supportedExtension'), $args);
- }
-
- /**
- * Determines if the version is supported
- *
- * @param array $versions Versions to check
- *
- * @access public
- * @return boolean
- */
- public function supportedVersion($versions)
- {
- return $this->checkAttr($versions, 'supportedLDAPVersion');
- }
-
- /**
- * Alias function of supportedVersion() for perl-ldap interface
- *
- * @see supportedVersion()
- * @return boolean
- */
- public function supported_version()
- {
- $args = func_get_args();
- return call_user_func_array(array(&$this, 'supportedVersion'), $args);
- }
-
- /**
- * Determines if the control is supported
- *
- * @param array $oids Control oids to check
- *
- * @access public
- * @return boolean
- */
- public function supportedControl($oids)
- {
- return $this->checkAttr($oids, 'supportedControl');
- }
-
- /**
- * Alias function of supportedControl() for perl-ldap interface
- *
- * @see supportedControl()
- * @return boolean
- */
- public function supported_control()
- {
- $args = func_get_args();
- return call_user_func_array(array(&$this, 'supportedControl' ), $args);
- }
-
- /**
- * Determines if the sasl mechanism is supported
- *
- * @param array $mechlist SASL mechanisms to check
- *
- * @access public
- * @return boolean
- */
- public function supportedSASLMechanism($mechlist)
- {
- return $this->checkAttr($mechlist, 'supportedSASLMechanisms');
- }
-
- /**
- * Alias function of supportedSASLMechanism() for perl-ldap interface
- *
- * @see supportedSASLMechanism()
- * @return boolean
- */
- public function supported_sasl_mechanism()
- {
- $args = func_get_args();
- return call_user_func_array(array(&$this, 'supportedSASLMechanism'), $args);
- }
-
- /**
- * Checks for existance of value in attribute
- *
- * @param array $values values to check
- * @param string $attr attribute name
- *
- * @access protected
- * @return boolean
- */
- protected function checkAttr($values, $attr)
- {
- if (!is_array($values)) $values = array($values);
-
- foreach ($values as $value) {
- if (!@in_array($value, $this->get_value($attr, 'all'))) {
- return false;
- }
- }
- return true;
- }
-}
-
-?>
diff --git a/extlib/Net/LDAP2/Schema.php b/extlib/Net/LDAP2/Schema.php
deleted file mode 100644
index b590eabc5..000000000
--- a/extlib/Net/LDAP2/Schema.php
+++ /dev/null
@@ -1,516 +0,0 @@
-<?php
-/* vim: set expandtab tabstop=4 shiftwidth=4: */
-/**
-* File containing the Net_LDAP2_Schema interface class.
-*
-* PHP version 5
-*
-* @category Net
-* @package Net_LDAP2
-* @author Jan Wagner <wagner@netsols.de>
-* @author Benedikt Hallinger <beni@php.net>
-* @copyright 2009 Jan Wagner, Benedikt Hallinger
-* @license http://www.gnu.org/licenses/lgpl-3.0.txt LGPLv3
-* @version SVN: $Id: Schema.php 286718 2009-08-03 07:30:49Z beni $
-* @link http://pear.php.net/package/Net_LDAP2/
-* @todo see the comment at the end of the file
-*/
-
-/**
-* Includes
-*/
-require_once 'PEAR.php';
-
-/**
-* Syntax definitions
-*
-* Please don't forget to add binary attributes to isBinary() below
-* to support proper value fetching from Net_LDAP2_Entry
-*/
-define('NET_LDAP2_SYNTAX_BOOLEAN', '1.3.6.1.4.1.1466.115.121.1.7');
-define('NET_LDAP2_SYNTAX_DIRECTORY_STRING', '1.3.6.1.4.1.1466.115.121.1.15');
-define('NET_LDAP2_SYNTAX_DISTINGUISHED_NAME', '1.3.6.1.4.1.1466.115.121.1.12');
-define('NET_LDAP2_SYNTAX_INTEGER', '1.3.6.1.4.1.1466.115.121.1.27');
-define('NET_LDAP2_SYNTAX_JPEG', '1.3.6.1.4.1.1466.115.121.1.28');
-define('NET_LDAP2_SYNTAX_NUMERIC_STRING', '1.3.6.1.4.1.1466.115.121.1.36');
-define('NET_LDAP2_SYNTAX_OID', '1.3.6.1.4.1.1466.115.121.1.38');
-define('NET_LDAP2_SYNTAX_OCTET_STRING', '1.3.6.1.4.1.1466.115.121.1.40');
-
-/**
-* Load an LDAP Schema and provide information
-*
-* This class takes a Subschema entry, parses this information
-* and makes it available in an array. Most of the code has been
-* inspired by perl-ldap( http://perl-ldap.sourceforge.net).
-* You will find portions of their implementation in here.
-*
-* @category Net
-* @package Net_LDAP2
-* @author Jan Wagner <wagner@netsols.de>
-* @author Benedikt Hallinger <beni@php.net>
-* @license http://www.gnu.org/copyleft/lesser.html LGPL
-* @link http://pear.php.net/package/Net_LDAP22/
-*/
-class Net_LDAP2_Schema extends PEAR
-{
- /**
- * Map of entry types to ldap attributes of subschema entry
- *
- * @access public
- * @var array
- */
- public $types = array(
- 'attribute' => 'attributeTypes',
- 'ditcontentrule' => 'dITContentRules',
- 'ditstructurerule' => 'dITStructureRules',
- 'matchingrule' => 'matchingRules',
- 'matchingruleuse' => 'matchingRuleUse',
- 'nameform' => 'nameForms',
- 'objectclass' => 'objectClasses',
- 'syntax' => 'ldapSyntaxes'
- );
-
- /**
- * Array of entries belonging to this type
- *
- * @access protected
- * @var array
- */
- protected $_attributeTypes = array();
- protected $_matchingRules = array();
- protected $_matchingRuleUse = array();
- protected $_ldapSyntaxes = array();
- protected $_objectClasses = array();
- protected $_dITContentRules = array();
- protected $_dITStructureRules = array();
- protected $_nameForms = array();
-
-
- /**
- * hash of all fetched oids
- *
- * @access protected
- * @var array
- */
- protected $_oids = array();
-
- /**
- * Tells if the schema is initialized
- *
- * @access protected
- * @var boolean
- * @see parse(), get()
- */
- protected $_initialized = false;
-
-
- /**
- * Constructor of the class
- *
- * @access protected
- */
- protected function __construct()
- {
- $this->PEAR('Net_LDAP2_Error'); // default error class
- }
-
- /**
- * Fetch the Schema from an LDAP connection
- *
- * @param Net_LDAP2 $ldap LDAP connection
- * @param string $dn (optional) Subschema entry dn
- *
- * @access public
- * @return Net_LDAP2_Schema|NET_LDAP2_Error
- */
- public function fetch($ldap, $dn = null)
- {
- if (!$ldap instanceof Net_LDAP2) {
- return PEAR::raiseError("Unable to fetch Schema: Parameter \$ldap must be a Net_LDAP2 object!");
- }
-
- $schema_o = new Net_LDAP2_Schema();
-
- if (is_null($dn)) {
- // get the subschema entry via root dse
- $dse = $ldap->rootDSE(array('subschemaSubentry'));
- if (false == Net_LDAP2::isError($dse)) {
- $base = $dse->getValue('subschemaSubentry', 'single');
- if (!Net_LDAP2::isError($base)) {
- $dn = $base;
- }
- }
- }
-
- // Support for buggy LDAP servers (e.g. Siemens DirX 6.x) that incorrectly
- // call this entry subSchemaSubentry instead of subschemaSubentry.
- // Note the correct case/spelling as per RFC 2251.
- if (is_null($dn)) {
- // get the subschema entry via root dse
- $dse = $ldap->rootDSE(array('subSchemaSubentry'));
- if (false == Net_LDAP2::isError($dse)) {
- $base = $dse->getValue('subSchemaSubentry', 'single');
- if (!Net_LDAP2::isError($base)) {
- $dn = $base;
- }
- }
- }
-
- // Final fallback case where there is no subschemaSubentry attribute
- // in the root DSE (this is a bug for an LDAP v3 server so report this
- // to your LDAP vendor if you get this far).
- if (is_null($dn)) {
- $dn = 'cn=Subschema';
- }
-
- // fetch the subschema entry
- $result = $ldap->search($dn, '(objectClass=*)',
- array('attributes' => array_values($schema_o->types),
- 'scope' => 'base'));
- if (Net_LDAP2::isError($result)) {
- return $result;
- }
-
- $entry = $result->shiftEntry();
- if (!$entry instanceof Net_LDAP2_Entry) {
- return PEAR::raiseError('Could not fetch Subschema entry');
- }
-
- $schema_o->parse($entry);
- return $schema_o;
- }
-
- /**
- * Return a hash of entries for the given type
- *
- * Returns a hash of entry for th givene type. Types may be:
- * objectclasses, attributes, ditcontentrules, ditstructurerules, matchingrules,
- * matchingruleuses, nameforms, syntaxes
- *
- * @param string $type Type to fetch
- *
- * @access public
- * @return array|Net_LDAP2_Error Array or Net_LDAP2_Error
- */
- public function &getAll($type)
- {
- $map = array('objectclasses' => &$this->_objectClasses,
- 'attributes' => &$this->_attributeTypes,
- 'ditcontentrules' => &$this->_dITContentRules,
- 'ditstructurerules' => &$this->_dITStructureRules,
- 'matchingrules' => &$this->_matchingRules,
- 'matchingruleuses' => &$this->_matchingRuleUse,
- 'nameforms' => &$this->_nameForms,
- 'syntaxes' => &$this->_ldapSyntaxes );
-
- $key = strtolower($type);
- $ret = ((key_exists($key, $map)) ? $map[$key] : PEAR::raiseError("Unknown type $type"));
- return $ret;
- }
-
- /**
- * Return a specific entry
- *
- * @param string $type Type of name
- * @param string $name Name or OID to fetch
- *
- * @access public
- * @return mixed Entry or Net_LDAP2_Error
- */
- public function &get($type, $name)
- {
- if ($this->_initialized) {
- $type = strtolower($type);
- if (false == key_exists($type, $this->types)) {
- return PEAR::raiseError("No such type $type");
- }
-
- $name = strtolower($name);
- $type_var = &$this->{'_' . $this->types[$type]};
-
- if (key_exists($name, $type_var)) {
- return $type_var[$name];
- } elseif (key_exists($name, $this->_oids) && $this->_oids[$name]['type'] == $type) {
- return $this->_oids[$name];
- } else {
- return PEAR::raiseError("Could not find $type $name");
- }
- } else {
- $return = null;
- return $return;
- }
- }
-
-
- /**
- * Fetches attributes that MAY be present in the given objectclass
- *
- * @param string $oc Name or OID of objectclass
- *
- * @access public
- * @return array|Net_LDAP2_Error Array with attributes or Net_LDAP2_Error
- */
- public function may($oc)
- {
- return $this->_getAttr($oc, 'may');
- }
-
- /**
- * Fetches attributes that MUST be present in the given objectclass
- *
- * @param string $oc Name or OID of objectclass
- *
- * @access public
- * @return array|Net_LDAP2_Error Array with attributes or Net_LDAP2_Error
- */
- public function must($oc)
- {
- return $this->_getAttr($oc, 'must');
- }
-
- /**
- * Fetches the given attribute from the given objectclass
- *
- * @param string $oc Name or OID of objectclass
- * @param string $attr Name of attribute to fetch
- *
- * @access protected
- * @return array|Net_LDAP2_Error The attribute or Net_LDAP2_Error
- */
- protected function _getAttr($oc, $attr)
- {
- $oc = strtolower($oc);
- if (key_exists($oc, $this->_objectClasses) && key_exists($attr, $this->_objectClasses[$oc])) {
- return $this->_objectClasses[$oc][$attr];
- } elseif (key_exists($oc, $this->_oids) &&
- $this->_oids[$oc]['type'] == 'objectclass' &&
- key_exists($attr, $this->_oids[$oc])) {
- return $this->_oids[$oc][$attr];
- } else {
- return PEAR::raiseError("Could not find $attr attributes for $oc ");
- }
- }
-
- /**
- * Returns the name(s) of the immediate superclass(es)
- *
- * @param string $oc Name or OID of objectclass
- *
- * @access public
- * @return array|Net_LDAP2_Error Array of names or Net_LDAP2_Error
- */
- public function superclass($oc)
- {
- $o = $this->get('objectclass', $oc);
- if (Net_LDAP2::isError($o)) {
- return $o;
- }
- return (key_exists('sup', $o) ? $o['sup'] : array());
- }
-
- /**
- * Parses the schema of the given Subschema entry
- *
- * @param Net_LDAP2_Entry &$entry Subschema entry
- *
- * @access public
- * @return void
- */
- public function parse(&$entry)
- {
- foreach ($this->types as $type => $attr) {
- // initialize map type to entry
- $type_var = '_' . $attr;
- $this->{$type_var} = array();
-
- // get values for this type
- if ($entry->exists($attr)) {
- $values = $entry->getValue($attr);
- if (is_array($values)) {
- foreach ($values as $value) {
-
- unset($schema_entry); // this was a real mess without it
-
- // get the schema entry
- $schema_entry = $this->_parse_entry($value);
-
- // set the type
- $schema_entry['type'] = $type;
-
- // save a ref in $_oids
- $this->_oids[$schema_entry['oid']] = &$schema_entry;
-
- // save refs for all names in type map
- $names = $schema_entry['aliases'];
- array_push($names, $schema_entry['name']);
- foreach ($names as $name) {
- $this->{$type_var}[strtolower($name)] = &$schema_entry;
- }
- }
- }
- }
- }
- $this->_initialized = true;
- }
-
- /**
- * Parses an attribute value into a schema entry
- *
- * @param string $value Attribute value
- *
- * @access protected
- * @return array|false Schema entry array or false
- */
- protected function &_parse_entry($value)
- {
- // tokens that have no value associated
- $noValue = array('single-value',
- 'obsolete',
- 'collective',
- 'no-user-modification',
- 'abstract',
- 'structural',
- 'auxiliary');
-
- // tokens that can have multiple values
- $multiValue = array('must', 'may', 'sup');
-
- $schema_entry = array('aliases' => array()); // initilization
-
- $tokens = $this->_tokenize($value); // get an array of tokens
-
- // remove surrounding brackets
- if ($tokens[0] == '(') array_shift($tokens);
- if ($tokens[count($tokens) - 1] == ')') array_pop($tokens); // -1 doesnt work on arrays :-(
-
- $schema_entry['oid'] = array_shift($tokens); // first token is the oid
-
- // cycle over the tokens until none are left
- while (count($tokens) > 0) {
- $token = strtolower(array_shift($tokens));
- if (in_array($token, $noValue)) {
- $schema_entry[$token] = 1; // single value token
- } else {
- // this one follows a string or a list if it is multivalued
- if (($schema_entry[$token] = array_shift($tokens)) == '(') {
- // this creates the list of values and cycles through the tokens
- // until the end of the list is reached ')'
- $schema_entry[$token] = array();
- while ($tmp = array_shift($tokens)) {
- if ($tmp == ')') break;
- if ($tmp != '$') array_push($schema_entry[$token], $tmp);
- }
- }
- // create a array if the value should be multivalued but was not
- if (in_array($token, $multiValue) && !is_array($schema_entry[$token])) {
- $schema_entry[$token] = array($schema_entry[$token]);
- }
- }
- }
- // get max length from syntax
- if (key_exists('syntax', $schema_entry)) {
- if (preg_match('/{(\d+)}/', $schema_entry['syntax'], $matches)) {
- $schema_entry['max_length'] = $matches[1];
- }
- }
- // force a name
- if (empty($schema_entry['name'])) {
- $schema_entry['name'] = $schema_entry['oid'];
- }
- // make one name the default and put the other ones into aliases
- if (is_array($schema_entry['name'])) {
- $aliases = $schema_entry['name'];
- $schema_entry['name'] = array_shift($aliases);
- $schema_entry['aliases'] = $aliases;
- }
- return $schema_entry;
- }
-
- /**
- * Tokenizes the given value into an array of tokens
- *
- * @param string $value String to parse
- *
- * @access protected
- * @return array Array of tokens
- */
- protected function _tokenize($value)
- {
- $tokens = array(); // array of tokens
- $matches = array(); // matches[0] full pattern match, [1,2,3] subpatterns
-
- // this one is taken from perl-ldap, modified for php
- $pattern = "/\s* (?:([()]) | ([^'\s()]+) | '((?:[^']+|'[^\s)])*)') \s*/x";
-
- /**
- * This one matches one big pattern wherin only one of the three subpatterns matched
- * We are interested in the subpatterns that matched. If it matched its value will be
- * non-empty and so it is a token. Tokens may be round brackets, a string, or a string
- * enclosed by '
- */
- preg_match_all($pattern, $value, $matches);
-
- for ($i = 0; $i < count($matches[0]); $i++) { // number of tokens (full pattern match)
- for ($j = 1; $j < 4; $j++) { // each subpattern
- if (null != trim($matches[$j][$i])) { // pattern match in this subpattern
- $tokens[$i] = trim($matches[$j][$i]); // this is the token
- }
- }
- }
- return $tokens;
- }
-
- /**
- * Returns wether a attribute syntax is binary or not
- *
- * This method gets used by Net_LDAP2_Entry to decide which
- * PHP function needs to be used to fetch the value in the
- * proper format (e.g. binary or string)
- *
- * @param string $attribute The name of the attribute (eg.: 'sn')
- *
- * @access public
- * @return boolean
- */
- public function isBinary($attribute)
- {
- $return = false; // default to false
-
- // This list contains all syntax that should be treaten as
- // containing binary values
- // The Syntax Definitons go into constants at the top of this page
- $syntax_binary = array(
- NET_LDAP2_SYNTAX_OCTET_STRING,
- NET_LDAP2_SYNTAX_JPEG
- );
-
- // Check Syntax
- $attr_s = $this->get('attribute', $attribute);
- if (Net_LDAP2::isError($attr_s)) {
- // Attribute not found in schema
- $return = false; // consider attr not binary
- } elseif (isset($attr_s['syntax']) && in_array($attr_s['syntax'], $syntax_binary)) {
- // Syntax is defined as binary in schema
- $return = true;
- } else {
- // Syntax not defined as binary, or not found
- // if attribute is a subtype, check superior attribute syntaxes
- if (isset($attr_s['sup'])) {
- foreach ($attr_s['sup'] as $superattr) {
- $return = $this->isBinary($superattr);
- if ($return) {
- break; // stop checking parents since we are binary
- }
- }
- }
- }
-
- return $return;
- }
-
- // [TODO] add method that allows us to see to which objectclasses a certain attribute belongs to
- // it should return the result structured, e.g. sorted in "may" and "must". Optionally it should
- // be able to return it just "flat", e.g. array_merge()d.
- // We could use get_all() to achieve this easily, i think
-}
-?>
diff --git a/extlib/Net/LDAP2/SchemaCache.interface.php b/extlib/Net/LDAP2/SchemaCache.interface.php
deleted file mode 100644
index e0c3094c4..000000000
--- a/extlib/Net/LDAP2/SchemaCache.interface.php
+++ /dev/null
@@ -1,59 +0,0 @@
-<?php
-/* vim: set expandtab tabstop=4 shiftwidth=4: */
-/**
-* File containing the Net_LDAP2_SchemaCache interface class.
-*
-* PHP version 5
-*
-* @category Net
-* @package Net_LDAP2
-* @author Benedikt Hallinger <beni@php.net>
-* @copyright 2009 Benedikt Hallinger
-* @license http://www.gnu.org/licenses/lgpl-3.0.txt LGPLv3
-* @version SVN: $Id: SchemaCache.interface.php 286718 2009-08-03 07:30:49Z beni $
-* @link http://pear.php.net/package/Net_LDAP2/
-*/
-
-/**
-* Interface describing a custom schema cache object
-*
-* To implement a custom schema cache, one must implement this interface and
-* pass the instanciated object to Net_LDAP2s registerSchemaCache() method.
-*/
-interface Net_LDAP2_SchemaCache
-{
- /**
- * Return the schema object from the cache
- *
- * Net_LDAP2 will consider anything returned invalid, except
- * a valid Net_LDAP2_Schema object.
- * In case you return a Net_LDAP2_Error, this error will be routed
- * to the return of the $ldap->schema() call.
- * If you return something else, Net_LDAP2 will
- * fetch a fresh Schema object from the LDAP server.
- *
- * You may want to implement a cache aging mechanism here too.
- *
- * @return Net_LDAP2_Schema|Net_LDAP2_Error|false
- */
- public function loadSchema();
-
- /**
- * Store a schema object in the cache
- *
- * This method will be called, if Net_LDAP2 has fetched a fresh
- * schema object from LDAP and wants to init or refresh the cache.
- *
- * In case of errors you may return a Net_LDAP2_Error which will
- * be routet to the client.
- * Note that doing this prevents, that the schema object fetched from LDAP
- * will be given back to the client, so only return errors if storing
- * of the cache is something crucial (e.g. for doing something else with it).
- * Normaly you dont want to give back errors in which case Net_LDAP2 needs to
- * fetch the schema once per script run and instead use the error
- * returned from loadSchema().
- *
- * @return true|Net_LDAP2_Error
- */
- public function storeSchema($schema);
-}
diff --git a/extlib/Net/LDAP2/Search.php b/extlib/Net/LDAP2/Search.php
deleted file mode 100644
index de4fde122..000000000
--- a/extlib/Net/LDAP2/Search.php
+++ /dev/null
@@ -1,614 +0,0 @@
-<?php
-/* vim: set expandtab tabstop=4 shiftwidth=4: */
-/**
-* File containing the Net_LDAP2_Search interface class.
-*
-* PHP version 5
-*
-* @category Net
-* @package Net_LDAP2
-* @author Tarjej Huse <tarjei@bergfald.no>
-* @author Benedikt Hallinger <beni@php.net>
-* @copyright 2009 Tarjej Huse, Benedikt Hallinger
-* @license http://www.gnu.org/licenses/lgpl-3.0.txt LGPLv3
-* @version SVN: $Id: Search.php 286718 2009-08-03 07:30:49Z beni $
-* @link http://pear.php.net/package/Net_LDAP2/
-*/
-
-/**
-* Includes
-*/
-require_once 'PEAR.php';
-
-/**
-* Result set of an LDAP search
-*
-* @category Net
-* @package Net_LDAP2
-* @author Tarjej Huse <tarjei@bergfald.no>
-* @author Benedikt Hallinger <beni@php.net>
-* @license http://www.gnu.org/copyleft/lesser.html LGPL
-* @link http://pear.php.net/package/Net_LDAP22/
-*/
-class Net_LDAP2_Search extends PEAR implements Iterator
-{
- /**
- * Search result identifier
- *
- * @access protected
- * @var resource
- */
- protected $_search;
-
- /**
- * LDAP resource link
- *
- * @access protected
- * @var resource
- */
- protected $_link;
-
- /**
- * Net_LDAP2 object
- *
- * A reference of the Net_LDAP2 object for passing to Net_LDAP2_Entry
- *
- * @access protected
- * @var object Net_LDAP2
- */
- protected $_ldap;
-
- /**
- * Result entry identifier
- *
- * @access protected
- * @var resource
- */
- protected $_entry = null;
-
- /**
- * The errorcode the search got
- *
- * Some errorcodes might be of interest, but might not be best handled as errors.
- * examples: 4 - LDAP_SIZELIMIT_EXCEEDED - indicates a huge search.
- * Incomplete results are returned. If you just want to check if there's anything in the search.
- * than this is a point to handle.
- * 32 - no such object - search here returns a count of 0.
- *
- * @access protected
- * @var int
- */
- protected $_errorCode = 0; // if not set - sucess!
-
- /**
- * Cache for all entries already fetched from iterator interface
- *
- * @access protected
- * @var array
- */
- protected $_iteratorCache = array();
-
- /**
- * What attributes we searched for
- *
- * The $attributes array contains the names of the searched attributes and gets
- * passed from $Net_LDAP2->search() so the Net_LDAP2_Search object can tell
- * what attributes was searched for ({@link searchedAttrs())
- *
- * This variable gets set from the constructor and returned
- * from {@link searchedAttrs()}
- *
- * @access protected
- * @var array
- */
- protected $_searchedAttrs = array();
-
- /**
- * Cache variable for storing entries fetched internally
- *
- * This currently is only used by {@link pop_entry()}
- *
- * @access protected
- * @var array
- */
- protected $_entry_cache = false;
-
- /**
- * Constructor
- *
- * @param resource &$search Search result identifier
- * @param Net_LDAP2|resource &$ldap Net_LDAP2 object or just a LDAP-Link resource
- * @param array $attributes (optional) Array with searched attribute names. (see {@link $_searchedAttrs})
- *
- * @access public
- */
- public function __construct(&$search, &$ldap, $attributes = array())
- {
- $this->PEAR('Net_LDAP2_Error');
-
- $this->setSearch($search);
-
- if ($ldap instanceof Net_LDAP2) {
- $this->_ldap =& $ldap;
- $this->setLink($this->_ldap->getLink());
- } else {
- $this->setLink($ldap);
- }
-
- $this->_errorCode = @ldap_errno($this->_link);
-
- if (is_array($attributes) && !empty($attributes)) {
- $this->_searchedAttrs = $attributes;
- }
- }
-
- /**
- * Returns an array of entry objects
- *
- * @return array Array of entry objects.
- */
- public function entries()
- {
- $entries = array();
-
- while ($entry = $this->shiftEntry()) {
- $entries[] = $entry;
- }
-
- return $entries;
- }
-
- /**
- * Get the next entry in the searchresult.
- *
- * This will return a valid Net_LDAP2_Entry object or false, so
- * you can use this method to easily iterate over the entries inside
- * a while loop.
- *
- * @return Net_LDAP2_Entry|false Reference to Net_LDAP2_Entry object or false
- */
- public function &shiftEntry()
- {
- if ($this->count() == 0 ) {
- $false = false;
- return $false;
- }
-
- if (is_null($this->_entry)) {
- $this->_entry = @ldap_first_entry($this->_link, $this->_search);
- $entry = Net_LDAP2_Entry::createConnected($this->_ldap, $this->_entry);
- if ($entry instanceof Net_LDAP2_Error) $entry = false;
- } else {
- if (!$this->_entry = @ldap_next_entry($this->_link, $this->_entry)) {
- $false = false;
- return $false;
- }
- $entry = Net_LDAP2_Entry::createConnected($this->_ldap, $this->_entry);
- if ($entry instanceof Net_LDAP2_Error) $entry = false;
- }
- return $entry;
- }
-
- /**
- * Alias function of shiftEntry() for perl-ldap interface
- *
- * @see shiftEntry()
- * @return Net_LDAP2_Entry|false
- */
- public function shift_entry()
- {
- $args = func_get_args();
- return call_user_func_array(array( &$this, 'shiftEntry' ), $args);
- }
-
- /**
- * Retrieve the next entry in the searchresult, but starting from last entry
- *
- * This is the opposite to {@link shiftEntry()} and is also very useful
- * to be used inside a while loop.
- *
- * @return Net_LDAP2_Entry|false
- */
- public function popEntry()
- {
- if (false === $this->_entry_cache) {
- // fetch entries into cache if not done so far
- $this->_entry_cache = $this->entries();
- }
-
- $return = array_pop($this->_entry_cache);
- return (null === $return)? false : $return;
- }
-
- /**
- * Alias function of popEntry() for perl-ldap interface
- *
- * @see popEntry()
- * @return Net_LDAP2_Entry|false
- */
- public function pop_entry()
- {
- $args = func_get_args();
- return call_user_func_array(array( &$this, 'popEntry' ), $args);
- }
-
- /**
- * Return entries sorted as array
- *
- * This returns a array with sorted entries and the values.
- * Sorting is done with PHPs {@link array_multisort()}.
- * This method relies on {@link as_struct()} to fetch the raw data of the entries.
- *
- * Please note that attribute names are case sensitive!
- *
- * Usage example:
- * <code>
- * // to sort entries first by location, then by surename, but descending:
- * $entries = $search->sorted_as_struct(array('locality','sn'), SORT_DESC);
- * </code>
- *
- * @param array $attrs Array of attribute names to sort; order from left to right.
- * @param int $order Ordering direction, either constant SORT_ASC or SORT_DESC
- *
- * @return array|Net_LDAP2_Error Array with sorted entries or error
- * @todo what about server side sorting as specified in http://www.ietf.org/rfc/rfc2891.txt?
- */
- public function sorted_as_struct($attrs = array('cn'), $order = SORT_ASC)
- {
- /*
- * Old Code, suitable and fast for single valued sorting
- * This code should be used if we know that single valued sorting is desired,
- * but we need some method to get that knowledge...
- */
- /*
- $attrs = array_reverse($attrs);
- foreach ($attrs as $attribute) {
- if (!ldap_sort($this->_link, $this->_search, $attribute)){
- $this->raiseError("Sorting failed for Attribute " . $attribute);
- }
- }
-
- $results = ldap_get_entries($this->_link, $this->_search);
-
- unset($results['count']); //for tidier output
- if ($order) {
- return array_reverse($results);
- } else {
- return $results;
- }*/
-
- /*
- * New code: complete "client side" sorting
- */
- // first some parameterchecks
- if (!is_array($attrs)) {
- return PEAR::raiseError("Sorting failed: Parameterlist must be an array!");
- }
- if ($order != SORT_ASC && $order != SORT_DESC) {
- return PEAR::raiseError("Sorting failed: sorting direction not understood! (neither constant SORT_ASC nor SORT_DESC)");
- }
-
- // fetch the entries data
- $entries = $this->as_struct();
-
- // now sort each entries attribute values
- // this is neccessary because later we can only sort by one value,
- // so we need the highest or lowest attribute now, depending on the
- // selected ordering for that specific attribute
- foreach ($entries as $dn => $entry) {
- foreach ($entry as $attr_name => $attr_values) {
- sort($entries[$dn][$attr_name]);
- if ($order == SORT_DESC) {
- array_reverse($entries[$dn][$attr_name]);
- }
- }
- }
-
- // reformat entrys array for later use with array_multisort()
- $to_sort = array(); // <- will be a numeric array similar to ldap_get_entries
- foreach ($entries as $dn => $entry_attr) {
- $row = array();
- $row['dn'] = $dn;
- foreach ($entry_attr as $attr_name => $attr_values) {
- $row[$attr_name] = $attr_values;
- }
- $to_sort[] = $row;
- }
-
- // Build columns for array_multisort()
- // each requested attribute is one row
- $columns = array();
- foreach ($attrs as $attr_name) {
- foreach ($to_sort as $key => $row) {
- $columns[$attr_name][$key] =& $to_sort[$key][$attr_name][0];
- }
- }
-
- // sort the colums with array_multisort, if there is something
- // to sort and if we have requested sort columns
- if (!empty($to_sort) && !empty($columns)) {
- $sort_params = '';
- foreach ($attrs as $attr_name) {
- $sort_params .= '$columns[\''.$attr_name.'\'], '.$order.', ';
- }
- eval("array_multisort($sort_params \$to_sort);"); // perform sorting
- }
-
- return $to_sort;
- }
-
- /**
- * Return entries sorted as objects
- *
- * This returns a array with sorted Net_LDAP2_Entry objects.
- * The sorting is actually done with {@link sorted_as_struct()}.
- *
- * Please note that attribute names are case sensitive!
- * Also note, that it is (depending on server capabilitys) possible to let
- * the server sort your results. This happens through search controls
- * and is described in detail at {@link http://www.ietf.org/rfc/rfc2891.txt}
- *
- * Usage example:
- * <code>
- * // to sort entries first by location, then by surename, but descending:
- * $entries = $search->sorted(array('locality','sn'), SORT_DESC);
- * </code>
- *
- * @param array $attrs Array of sort attributes to sort; order from left to right.
- * @param int $order Ordering direction, either constant SORT_ASC or SORT_DESC
- *
- * @return array|Net_LDAP2_Error Array with sorted Net_LDAP2_Entries or error
- * @todo Entry object construction could be faster. Maybe we could use one of the factorys instead of fetching the entry again
- */
- public function sorted($attrs = array('cn'), $order = SORT_ASC)
- {
- $return = array();
- $sorted = $this->sorted_as_struct($attrs, $order);
- if (PEAR::isError($sorted)) {
- return $sorted;
- }
- foreach ($sorted as $key => $row) {
- $entry = $this->_ldap->getEntry($row['dn'], $this->searchedAttrs());
- if (!PEAR::isError($entry)) {
- array_push($return, $entry);
- } else {
- return $entry;
- }
- }
- return $return;
- }
-
- /**
- * Return entries as array
- *
- * This method returns the entries and the selected attributes values as
- * array.
- * The first array level contains all found entries where the keys are the
- * DNs of the entries. The second level arrays contian the entries attributes
- * such that the keys is the lowercased name of the attribute and the values
- * are stored in another indexed array. Note that the attribute values are stored
- * in an array even if there is no or just one value.
- *
- * The array has the following structure:
- * <code>
- * $return = array(
- * 'cn=foo,dc=example,dc=com' => array(
- * 'sn' => array('foo'),
- * 'multival' => array('val1', 'val2', 'valN')
- * )
- * 'cn=bar,dc=example,dc=com' => array(
- * 'sn' => array('bar'),
- * 'multival' => array('val1', 'valN')
- * )
- * )
- * </code>
- *
- * @return array associative result array as described above
- */
- public function as_struct()
- {
- $return = array();
- $entries = $this->entries();
- foreach ($entries as $entry) {
- $attrs = array();
- $entry_attributes = $entry->attributes();
- foreach ($entry_attributes as $attr_name) {
- $attr_values = $entry->getValue($attr_name, 'all');
- if (!is_array($attr_values)) {
- $attr_values = array($attr_values);
- }
- $attrs[$attr_name] = $attr_values;
- }
- $return[$entry->dn()] = $attrs;
- }
- return $return;
- }
-
- /**
- * Set the search objects resource link
- *
- * @param resource &$search Search result identifier
- *
- * @access public
- * @return void
- */
- public function setSearch(&$search)
- {
- $this->_search = $search;
- }
-
- /**
- * Set the ldap ressource link
- *
- * @param resource &$link Link identifier
- *
- * @access public
- * @return void
- */
- public function setLink(&$link)
- {
- $this->_link = $link;
- }
-
- /**
- * Returns the number of entries in the searchresult
- *
- * @return int Number of entries in search.
- */
- public function count()
- {
- // this catches the situation where OL returned errno 32 = no such object!
- if (!$this->_search) {
- return 0;
- }
- return @ldap_count_entries($this->_link, $this->_search);
- }
-
- /**
- * Get the errorcode the object got in its search.
- *
- * @return int The ldap error number.
- */
- public function getErrorCode()
- {
- return $this->_errorCode;
- }
-
- /**
- * Destructor
- *
- * @access protected
- */
- public function _Net_LDAP2_Search()
- {
- @ldap_free_result($this->_search);
- }
-
- /**
- * Closes search result
- *
- * @return void
- */
- public function done()
- {
- $this->_Net_LDAP2_Search();
- }
-
- /**
- * Return the attribute names this search selected
- *
- * @return array
- * @see $_searchedAttrs
- * @access protected
- */
- protected function searchedAttrs()
- {
- return $this->_searchedAttrs;
- }
-
- /**
- * Tells if this search exceeds a sizelimit
- *
- * @return boolean
- */
- public function sizeLimitExceeded()
- {
- return ($this->getErrorCode() == 4);
- }
-
-
- /*
- * SPL Iterator interface methods.
- * This interface allows to use Net_LDAP2_Search
- * objects directly inside a foreach loop!
- */
- /**
- * SPL Iterator interface: Return the current element.
- *
- * The SPL Iterator interface allows you to fetch entries inside
- * a foreach() loop: <code>foreach ($search as $dn => $entry) { ...</code>
- *
- * Of course, you may call {@link current()}, {@link key()}, {@link next()},
- * {@link rewind()} and {@link valid()} yourself.
- *
- * If the search throwed an error, it returns false.
- * False is also returned, if the end is reached
- * In case no call to next() was made, we will issue one,
- * thus returning the first entry.
- *
- * @return Net_LDAP2_Entry|false
- */
- public function current()
- {
- if (count($this->_iteratorCache) == 0) {
- $this->next();
- reset($this->_iteratorCache);
- }
- $entry = current($this->_iteratorCache);
- return ($entry instanceof Net_LDAP2_Entry)? $entry : false;
- }
-
- /**
- * SPL Iterator interface: Return the identifying key (DN) of the current entry.
- *
- * @see current()
- * @return string|false DN of the current entry; false in case no entry is returned by current()
- */
- public function key()
- {
- $entry = $this->current();
- return ($entry instanceof Net_LDAP2_Entry)? $entry->dn() :false;
- }
-
- /**
- * SPL Iterator interface: Move forward to next entry.
- *
- * After a call to {@link next()}, {@link current()} will return
- * the next entry in the result set.
- *
- * @see current()
- * @return void
- */
- public function next()
- {
- // fetch next entry.
- // if we have no entrys anymore, we add false (which is
- // returned by shiftEntry()) so current() will complain.
- if (count($this->_iteratorCache) - 1 <= $this->count()) {
- $this->_iteratorCache[] = $this->shiftEntry();
- }
-
- // move on array pointer to current element.
- // even if we have added all entries, this will
- // ensure proper operation in case we rewind()
- next($this->_iteratorCache);
- }
-
- /**
- * SPL Iterator interface: Check if there is a current element after calls to {@link rewind()} or {@link next()}.
- *
- * Used to check if we've iterated to the end of the collection.
- *
- * @see current()
- * @return boolean FALSE if there's nothing more to iterate over
- */
- public function valid()
- {
- return ($this->current() instanceof Net_LDAP2_Entry);
- }
-
- /**
- * SPL Iterator interface: Rewind the Iterator to the first element.
- *
- * After rewinding, {@link current()} will return the first entry in the result set.
- *
- * @see current()
- * @return void
- */
- public function rewind()
- {
- reset($this->_iteratorCache);
- }
-}
-
-?>
diff --git a/extlib/Net/LDAP2/SimpleFileSchemaCache.php b/extlib/Net/LDAP2/SimpleFileSchemaCache.php
deleted file mode 100644
index 8019654ac..000000000
--- a/extlib/Net/LDAP2/SimpleFileSchemaCache.php
+++ /dev/null
@@ -1,97 +0,0 @@
-<?php
-/* vim: set expandtab tabstop=4 shiftwidth=4: */
-/**
-* File containing the example simple file based Schema Caching class.
-*
-* PHP version 5
-*
-* @category Net
-* @package Net_LDAP2
-* @author Benedikt Hallinger <beni@php.net>
-* @copyright 2009 Benedikt Hallinger
-* @license http://www.gnu.org/licenses/lgpl-3.0.txt LGPLv3
-* @version SVN: $Id: SimpleFileSchemaCache.php 286718 2009-08-03 07:30:49Z beni $
-* @link http://pear.php.net/package/Net_LDAP2/
-*/
-
-/**
-* A simple file based schema cacher with cache aging.
-*
-* Once the cache is too old, the loadSchema() method will return false, so
-* Net_LDAP2 will fetch a fresh object from the LDAP server that will
-* overwrite the current (outdated) old cache.
-*/
-class Net_LDAP2_SimpleFileSchemaCache implements Net_LDAP2_SchemaCache
-{
- /**
- * Internal config of this cache
- *
- * @see Net_LDAP2_SimpleFileSchemaCache()
- * @var array
- */
- protected $config = array(
- 'path' => '/tmp/Net_LDAP_Schema.cache',
- 'max_age' => 1200
- );
-
- /**
- * Initialize the simple cache
- *
- * Config is as following:
- * path Complete path to the cache file.
- * max_age Maximum age of cache in seconds, 0 means "endlessly".
- *
- * @param array $cfg Config array
- */
- public function Net_LDAP2_SimpleFileSchemaCache($cfg)
- {
- foreach ($cfg as $key => $value) {
- if (array_key_exists($key, $this->config)) {
- if (gettype($this->config[$key]) != gettype($value)) {
- $this->getCore()->dropFatalError(__CLASS__.": Could not set config! Key $key does not match type ".gettype($this->config[$key])."!");
- }
- $this->config[$key] = $value;
- } else {
- $this->getCore()->dropFatalError(__CLASS__.": Could not set config! Key $key is not defined!");
- }
- }
- }
-
- /**
- * Return the schema object from the cache
- *
- * If file is existent and cache has not expired yet,
- * then the cache is deserialized and returned.
- *
- * @return Net_LDAP2_Schema|Net_LDAP2_Error|false
- */
- public function loadSchema()
- {
- $return = false; // Net_LDAP2 will load schema from LDAP
- if (file_exists($this->config['path'])) {
- $cache_maxage = filemtime($this->config['path']) + $this->config['max_age'];
- if (time() <= $cache_maxage || $this->config['max_age'] == 0) {
- $return = unserialize(file_get_contents($this->config['path']));
- }
- }
- return $return;
- }
-
- /**
- * Store a schema object in the cache
- *
- * This method will be called, if Net_LDAP2 has fetched a fresh
- * schema object from LDAP and wants to init or refresh the cache.
- *
- * To invalidate the cache and cause Net_LDAP2 to refresh the cache,
- * you can call this method with null or false as value.
- * The next call to $ldap->schema() will then refresh the caches object.
- *
- * @param mixed $schema The object that should be cached
- * @return true|Net_LDAP2_Error|false
- */
- public function storeSchema($schema) {
- file_put_contents($this->config['path'], serialize($schema));
- return true;
- }
-}
diff --git a/extlib/Net/LDAP2/Util.php b/extlib/Net/LDAP2/Util.php
deleted file mode 100644
index 48b03f9f9..000000000
--- a/extlib/Net/LDAP2/Util.php
+++ /dev/null
@@ -1,572 +0,0 @@
-<?php
-/* vim: set expandtab tabstop=4 shiftwidth=4: */
-/**
-* File containing the Net_LDAP2_Util interface class.
-*
-* PHP version 5
-*
-* @category Net
-* @package Net_LDAP2
-* @author Benedikt Hallinger <beni@php.net>
-* @copyright 2009 Benedikt Hallinger
-* @license http://www.gnu.org/licenses/lgpl-3.0.txt LGPLv3
-* @version SVN: $Id: Util.php 286718 2009-08-03 07:30:49Z beni $
-* @link http://pear.php.net/package/Net_LDAP2/
-*/
-
-/**
-* Includes
-*/
-require_once 'PEAR.php';
-
-/**
-* Utility Class for Net_LDAP2
-*
-* This class servers some functionality to the other classes of Net_LDAP2 but most of
-* the methods can be used separately as well.
-*
-* @category Net
-* @package Net_LDAP2
-* @author Benedikt Hallinger <beni@php.net>
-* @license http://www.gnu.org/copyleft/lesser.html LGPL
-* @link http://pear.php.net/package/Net_LDAP22/
-*/
-class Net_LDAP2_Util extends PEAR
-{
- /**
- * Constructor
- *
- * @access public
- */
- public function __construct()
- {
- // We do nothing here, since all methods can be called statically.
- // In Net_LDAP <= 0.7, we needed a instance of Util, because
- // it was possible to do utf8 encoding and decoding, but this
- // has been moved to the LDAP class. The constructor remains only
- // here to document the downward compatibility of creating an instance.
- }
-
- /**
- * Explodes the given DN into its elements
- *
- * {@link http://www.ietf.org/rfc/rfc2253.txt RFC 2253} says, a Distinguished Name is a sequence
- * of Relative Distinguished Names (RDNs), which themselves
- * are sets of Attributes. For each RDN a array is constructed where the RDN part is stored.
- *
- * For example, the DN 'OU=Sales+CN=J. Smith,DC=example,DC=net' is exploded to:
- * <kbd>array( [0] => array([0] => 'OU=Sales', [1] => 'CN=J. Smith'), [2] => 'DC=example', [3] => 'DC=net' )</kbd>
- *
- * [NOT IMPLEMENTED] DNs might also contain values, which are the bytes of the BER encoding of
- * the X.500 AttributeValue rather than some LDAP string syntax. These values are hex-encoded
- * and prefixed with a #. To distinguish such BER values, ldap_explode_dn uses references to
- * the actual values, e.g. '1.3.6.1.4.1.1466.0=#04024869,DC=example,DC=com' is exploded to:
- * [ { '1.3.6.1.4.1.1466.0' => "\004\002Hi" }, { 'DC' => 'example' }, { 'DC' => 'com' } ];
- * See {@link http://www.vijaymukhi.com/vmis/berldap.htm} for more information on BER.
- *
- * It also performs the following operations on the given DN:
- * - Unescape "\" followed by ",", "+", """, "\", "<", ">", ";", "#", "=", " ", or a hexpair
- * and strings beginning with "#".
- * - Removes the leading 'OID.' characters if the type is an OID instead of a name.
- * - If an RDN contains multiple parts, the parts are re-ordered so that the attribute type names are in alphabetical order.
- *
- * OPTIONS is a list of name/value pairs, valid options are:
- * casefold Controls case folding of attribute types names.
- * Attribute values are not affected by this option.
- * The default is to uppercase. Valid values are:
- * lower Lowercase attribute types names.
- * upper Uppercase attribute type names. This is the default.
- * none Do not change attribute type names.
- * reverse If TRUE, the RDN sequence is reversed.
- * onlyvalues If TRUE, then only attributes values are returned ('foo' instead of 'cn=foo')
- *
-
- * @param string $dn The DN that should be exploded
- * @param array $options Options to use
- *
- * @static
- * @return array Parts of the exploded DN
- * @todo implement BER
- */
- public static function ldap_explode_dn($dn, $options = array('casefold' => 'upper'))
- {
- if (!isset($options['onlyvalues'])) $options['onlyvalues'] = false;
- if (!isset($options['reverse'])) $options['reverse'] = false;
- if (!isset($options['casefold'])) $options['casefold'] = 'upper';
-
- // Escaping of DN and stripping of "OID."
- $dn = self::canonical_dn($dn, array('casefold' => $options['casefold']));
-
- // splitting the DN
- $dn_array = preg_split('/(?<=[^\\\\]),/', $dn);
-
- // clear wrong splitting (possibly we have split too much)
- // /!\ Not clear, if this is neccessary here
- //$dn_array = self::correct_dn_splitting($dn_array, ',');
-
- // construct subarrays for multivalued RDNs and unescape DN value
- // also convert to output format and apply casefolding
- foreach ($dn_array as $key => $value) {
- $value_u = self::unescape_dn_value($value);
- $rdns = self::split_rdn_multival($value_u[0]);
- if (count($rdns) > 1) {
- // MV RDN!
- foreach ($rdns as $subrdn_k => $subrdn_v) {
- // Casefolding
- if ($options['casefold'] == 'upper') $subrdn_v = preg_replace("/^(\w+=)/e", "''.strtoupper('\\1').''", $subrdn_v);
- if ($options['casefold'] == 'lower') $subrdn_v = preg_replace("/^(\w+=)/e", "''.strtolower('\\1').''", $subrdn_v);
-
- if ($options['onlyvalues']) {
- preg_match('/(.+?)(?<!\\\\)=(.+)/', $subrdn_v, $matches);
- $rdn_ocl = $matches[1];
- $rdn_val = $matches[2];
- $unescaped = self::unescape_dn_value($rdn_val);
- $rdns[$subrdn_k] = $unescaped[0];
- } else {
- $unescaped = self::unescape_dn_value($subrdn_v);
- $rdns[$subrdn_k] = $unescaped[0];
- }
- }
-
- $dn_array[$key] = $rdns;
- } else {
- // normal RDN
-
- // Casefolding
- if ($options['casefold'] == 'upper') $value = preg_replace("/^(\w+=)/e", "''.strtoupper('\\1').''", $value);
- if ($options['casefold'] == 'lower') $value = preg_replace("/^(\w+=)/e", "''.strtolower('\\1').''", $value);
-
- if ($options['onlyvalues']) {
- preg_match('/(.+?)(?<!\\\\)=(.+)/', $value, $matches);
- $dn_ocl = $matches[1];
- $dn_val = $matches[2];
- $unescaped = self::unescape_dn_value($dn_val);
- $dn_array[$key] = $unescaped[0];
- } else {
- $unescaped = self::unescape_dn_value($value);
- $dn_array[$key] = $unescaped[0];
- }
- }
- }
-
- if ($options['reverse']) {
- return array_reverse($dn_array);
- } else {
- return $dn_array;
- }
- }
-
- /**
- * Escapes a DN value according to RFC 2253
- *
- * Escapes the given VALUES according to RFC 2253 so that they can be safely used in LDAP DNs.
- * The characters ",", "+", """, "\", "<", ">", ";", "#", "=" with a special meaning in RFC 2252
- * are preceeded by ba backslash. Control characters with an ASCII code < 32 are represented as \hexpair.
- * Finally all leading and trailing spaces are converted to sequences of \20.
- *
- * @param array $values An array containing the DN values that should be escaped
- *
- * @static
- * @return array The array $values, but escaped
- */
- public static function escape_dn_value($values = array())
- {
- // Parameter validation
- if (!is_array($values)) {
- $values = array($values);
- }
-
- foreach ($values as $key => $val) {
- // Escaping of filter meta characters
- $val = str_replace('\\', '\\\\', $val);
- $val = str_replace(',', '\,', $val);
- $val = str_replace('+', '\+', $val);
- $val = str_replace('"', '\"', $val);
- $val = str_replace('<', '\<', $val);
- $val = str_replace('>', '\>', $val);
- $val = str_replace(';', '\;', $val);
- $val = str_replace('#', '\#', $val);
- $val = str_replace('=', '\=', $val);
-
- // ASCII < 32 escaping
- $val = self::asc2hex32($val);
-
- // Convert all leading and trailing spaces to sequences of \20.
- if (preg_match('/^(\s*)(.+?)(\s*)$/', $val, $matches)) {
- $val = $matches[2];
- for ($i = 0; $i < strlen($matches[1]); $i++) {
- $val = '\20'.$val;
- }
- for ($i = 0; $i < strlen($matches[3]); $i++) {
- $val = $val.'\20';
- }
- }
-
- if (null === $val) $val = '\0'; // apply escaped "null" if string is empty
-
- $values[$key] = $val;
- }
-
- return $values;
- }
-
- /**
- * Undoes the conversion done by escape_dn_value().
- *
- * Any escape sequence starting with a baskslash - hexpair or special character -
- * will be transformed back to the corresponding character.
- *
- * @param array $values Array of DN Values
- *
- * @return array Same as $values, but unescaped
- * @static
- */
- public static function unescape_dn_value($values = array())
- {
- // Parameter validation
- if (!is_array($values)) {
- $values = array($values);
- }
-
- foreach ($values as $key => $val) {
- // strip slashes from special chars
- $val = str_replace('\\\\', '\\', $val);
- $val = str_replace('\,', ',', $val);
- $val = str_replace('\+', '+', $val);
- $val = str_replace('\"', '"', $val);
- $val = str_replace('\<', '<', $val);
- $val = str_replace('\>', '>', $val);
- $val = str_replace('\;', ';', $val);
- $val = str_replace('\#', '#', $val);
- $val = str_replace('\=', '=', $val);
-
- // Translate hex code into ascii
- $values[$key] = self::hex2asc($val);
- }
-
- return $values;
- }
-
- /**
- * Returns the given DN in a canonical form
- *
- * Returns false if DN is not a valid Distinguished Name.
- * DN can either be a string or an array
- * as returned by ldap_explode_dn, which is useful when constructing a DN.
- * The DN array may have be indexed (each array value is a OCL=VALUE pair)
- * or associative (array key is OCL and value is VALUE).
- *
- * It performs the following operations on the given DN:
- * - Removes the leading 'OID.' characters if the type is an OID instead of a name.
- * - Escapes all RFC 2253 special characters (",", "+", """, "\", "<", ">", ";", "#", "="), slashes ("/"), and any other character where the ASCII code is < 32 as \hexpair.
- * - Converts all leading and trailing spaces in values to be \20.
- * - If an RDN contains multiple parts, the parts are re-ordered so that the attribute type names are in alphabetical order.
- *
- * OPTIONS is a list of name/value pairs, valid options are:
- * casefold Controls case folding of attribute type names.
- * Attribute values are not affected by this option. The default is to uppercase.
- * Valid values are:
- * lower Lowercase attribute type names.
- * upper Uppercase attribute type names. This is the default.
- * none Do not change attribute type names.
- * [NOT IMPLEMENTED] mbcescape If TRUE, characters that are encoded as a multi-octet UTF-8 sequence will be escaped as \(hexpair){2,*}.
- * reverse If TRUE, the RDN sequence is reversed.
- * separator Separator to use between RDNs. Defaults to comma (',').
- *
- * Note: The empty string "" is a valid DN, so be sure not to do a "$can_dn == false" test,
- * because an empty string evaluates to false. Use the "===" operator instead.
- *
- * @param array|string $dn The DN
- * @param array $options Options to use
- *
- * @static
- * @return false|string The canonical DN or FALSE
- * @todo implement option mbcescape
- */
- public static function canonical_dn($dn, $options = array('casefold' => 'upper', 'separator' => ','))
- {
- if ($dn === '') return $dn; // empty DN is valid!
-
- // options check
- if (!isset($options['reverse'])) {
- $options['reverse'] = false;
- } else {
- $options['reverse'] = true;
- }
- if (!isset($options['casefold'])) $options['casefold'] = 'upper';
- if (!isset($options['separator'])) $options['separator'] = ',';
-
-
- if (!is_array($dn)) {
- // It is not clear to me if the perl implementation splits by the user defined
- // separator or if it just uses this separator to construct the new DN
- $dn = preg_split('/(?<=[^\\\\])'.$options['separator'].'/', $dn);
-
- // clear wrong splitting (possibly we have split too much)
- $dn = self::correct_dn_splitting($dn, $options['separator']);
- } else {
- // Is array, check, if the array is indexed or associative
- $assoc = false;
- foreach ($dn as $dn_key => $dn_part) {
- if (!is_int($dn_key)) {
- $assoc = true;
- }
- }
- // convert to indexed, if associative array detected
- if ($assoc) {
- $newdn = array();
- foreach ($dn as $dn_key => $dn_part) {
- if (is_array($dn_part)) {
- ksort($dn_part, SORT_STRING); // we assume here, that the rdn parts are also associative
- $newdn[] = $dn_part; // copy array as-is, so we can resolve it later
- } else {
- $newdn[] = $dn_key.'='.$dn_part;
- }
- }
- $dn =& $newdn;
- }
- }
-
- // Escaping and casefolding
- foreach ($dn as $pos => $dnval) {
- if (is_array($dnval)) {
- // subarray detected, this means very surely, that we had
- // a multivalued dn part, which must be resolved
- $dnval_new = '';
- foreach ($dnval as $subkey => $subval) {
- // build RDN part
- if (!is_int($subkey)) {
- $subval = $subkey.'='.$subval;
- }
- $subval_processed = self::canonical_dn($subval);
- if (false === $subval_processed) return false;
- $dnval_new .= $subval_processed.'+';
- }
- $dn[$pos] = substr($dnval_new, 0, -1); // store RDN part, strip last plus
- } else {
- // try to split multivalued RDNS into array
- $rdns = self::split_rdn_multival($dnval);
- if (count($rdns) > 1) {
- // Multivalued RDN was detected!
- // The RDN value is expected to be correctly split by split_rdn_multival().
- // It's time to sort the RDN and build the DN!
- $rdn_string = '';
- sort($rdns, SORT_STRING); // Sort RDN keys alphabetically
- foreach ($rdns as $rdn) {
- $subval_processed = self::canonical_dn($rdn);
- if (false === $subval_processed) return false;
- $rdn_string .= $subval_processed.'+';
- }
-
- $dn[$pos] = substr($rdn_string, 0, -1); // store RDN part, strip last plus
-
- } else {
- // no multivalued RDN!
- // split at first unescaped "="
- $dn_comp = preg_split('/(?<=[^\\\\])=/', $rdns[0], 2);
- $ocl = ltrim($dn_comp[0]); // trim left whitespaces 'cause of "cn=foo, l=bar" syntax (whitespace after comma)
- $val = $dn_comp[1];
-
- // strip 'OID.', otherwise apply casefolding and escaping
- if (substr(strtolower($ocl), 0, 4) == 'oid.') {
- $ocl = substr($ocl, 4);
- } else {
- if ($options['casefold'] == 'upper') $ocl = strtoupper($ocl);
- if ($options['casefold'] == 'lower') $ocl = strtolower($ocl);
- $ocl = self::escape_dn_value(array($ocl));
- $ocl = $ocl[0];
- }
-
- // escaping of dn-value
- $val = self::escape_dn_value(array($val));
- $val = str_replace('/', '\/', $val[0]);
-
- $dn[$pos] = $ocl.'='.$val;
- }
- }
- }
-
- if ($options['reverse']) $dn = array_reverse($dn);
- return implode($options['separator'], $dn);
- }
-
- /**
- * Escapes the given VALUES according to RFC 2254 so that they can be safely used in LDAP filters.
- *
- * Any control characters with an ACII code < 32 as well as the characters with special meaning in
- * LDAP filters "*", "(", ")", and "\" (the backslash) are converted into the representation of a
- * backslash followed by two hex digits representing the hexadecimal value of the character.
- *
- * @param array $values Array of values to escape
- *
- * @static
- * @return array Array $values, but escaped
- */
- public static function escape_filter_value($values = array())
- {
- // Parameter validation
- if (!is_array($values)) {
- $values = array($values);
- }
-
- foreach ($values as $key => $val) {
- // Escaping of filter meta characters
- $val = str_replace('\\', '\5c', $val);
- $val = str_replace('*', '\2a', $val);
- $val = str_replace('(', '\28', $val);
- $val = str_replace(')', '\29', $val);
-
- // ASCII < 32 escaping
- $val = self::asc2hex32($val);
-
- if (null === $val) $val = '\0'; // apply escaped "null" if string is empty
-
- $values[$key] = $val;
- }
-
- return $values;
- }
-
- /**
- * Undoes the conversion done by {@link escape_filter_value()}.
- *
- * Converts any sequences of a backslash followed by two hex digits into the corresponding character.
- *
- * @param array $values Array of values to escape
- *
- * @static
- * @return array Array $values, but unescaped
- */
- public static function unescape_filter_value($values = array())
- {
- // Parameter validation
- if (!is_array($values)) {
- $values = array($values);
- }
-
- foreach ($values as $key => $value) {
- // Translate hex code into ascii
- $values[$key] = self::hex2asc($value);
- }
-
- return $values;
- }
-
- /**
- * Converts all ASCII chars < 32 to "\HEX"
- *
- * @param string $string String to convert
- *
- * @static
- * @return string
- */
- public static function asc2hex32($string)
- {
- for ($i = 0; $i < strlen($string); $i++) {
- $char = substr($string, $i, 1);
- if (ord($char) < 32) {
- $hex = dechex(ord($char));
- if (strlen($hex) == 1) $hex = '0'.$hex;
- $string = str_replace($char, '\\'.$hex, $string);
- }
- }
- return $string;
- }
-
- /**
- * Converts all Hex expressions ("\HEX") to their original ASCII characters
- *
- * @param string $string String to convert
- *
- * @static
- * @author beni@php.net, heavily based on work from DavidSmith@byu.net
- * @return string
- */
- public static function hex2asc($string)
- {
- $string = preg_replace("/\\\([0-9A-Fa-f]{2})/e", "''.chr(hexdec('\\1')).''", $string);
- return $string;
- }
-
- /**
- * Split an multivalued RDN value into an Array
- *
- * A RDN can contain multiple values, spearated by a plus sign.
- * This function returns each separate ocl=value pair of the RDN part.
- *
- * If no multivalued RDN is detected, an array containing only
- * the original rdn part is returned.
- *
- * For example, the multivalued RDN 'OU=Sales+CN=J. Smith' is exploded to:
- * <kbd>array([0] => 'OU=Sales', [1] => 'CN=J. Smith')</kbd>
- *
- * The method trys to be smart if it encounters unescaped "+" characters, but may fail,
- * so ensure escaped "+"es in attr names and attr values.
- *
- * [BUG] If you have a multivalued RDN with unescaped plus characters
- * and there is a unescaped plus sign at the end of an value followed by an
- * attribute name containing an unescaped plus, then you will get wrong splitting:
- * $rdn = 'OU=Sales+C+N=J. Smith';
- * returns:
- * array('OU=Sales+C', 'N=J. Smith');
- * The "C+" is treaten as value of the first pair instead as attr name of the second pair.
- * To prevent this, escape correctly.
- *
- * @param string $rdn Part of an (multivalued) escaped RDN (eg. ou=foo OR ou=foo+cn=bar)
- *
- * @static
- * @return array Array with the components of the multivalued RDN or Error
- */
- public static function split_rdn_multival($rdn)
- {
- $rdns = preg_split('/(?<!\\\\)\+/', $rdn);
- $rdns = self::correct_dn_splitting($rdns, '+');
- return array_values($rdns);
- }
-
- /**
- * Splits a attribute=value syntax into an array
- *
- * The split will occur at the first unescaped '=' character.
- *
- * @param string $attr Attribute and Value Syntax
- *
- * @return array Indexed array: 0=attribute name, 1=attribute value
- */
- public static function split_attribute_string($attr)
- {
- return preg_split('/(?<!\\\\)=/', $attr, 2);
- }
-
- /**
- * Corrects splitting of dn parts
- *
- * @param array $dn Raw DN array
- * @param array $separator Separator that was used when splitting
- *
- * @return array Corrected array
- * @access protected
- */
- protected static function correct_dn_splitting($dn = array(), $separator = ',')
- {
- foreach ($dn as $key => $dn_value) {
- $dn_value = $dn[$key]; // refresh value (foreach caches!)
- // if the dn_value is not in attr=value format, then we had an
- // unescaped separator character inside the attr name or the value.
- // We assume, that it was the attribute value.
- // [TODO] To solve this, we might ask the schema. Keep in mind, that UTIL class
- // must remain independent from the other classes or connections.
- if (!preg_match('/.+(?<!\\\\)=.+/', $dn_value)) {
- unset($dn[$key]);
- if (array_key_exists($key-1, $dn)) {
- $dn[$key-1] = $dn[$key-1].$separator.$dn_value; // append to previous attr value
- } else {
- $dn[$key+1] = $dn_value.$separator.$dn[$key+1]; // first element: prepend to next attr name
- }
- }
- }
- return array_values($dn);
- }
-}
-
-?>
diff --git a/extlib/OAuth.php b/extlib/OAuth.php
index 648627b57..04984d5fa 100644
--- a/extlib/OAuth.php
+++ b/extlib/OAuth.php
@@ -54,6 +54,24 @@ class OAuthSignatureMethod {/*{{{*/
public function check_signature(&$request, $consumer, $token, $signature) {
$built = $this->build_signature($request, $consumer, $token);
return $built == $signature;
+
+ // Check for zero length, although unlikely here
+ if (strlen($built) == 0 || strlen($signature) == 0) {
+ return false;
+ }
+
+ if (strlen($built) != strlen($signature)) {
+ return false;
+ }
+
+ $result = 0;
+
+ // Avoid a timing leak with a (hopefully) time insensitive compare
+ for ($i = 0; $i < strlen($signature); $i++) {
+ $result |= ord($built{$i}) ^ ord($signature{$i});
+ }
+
+ return $result == 0;
}
}/*}}}*/
diff --git a/extlib/XMPPHP/XMPP.php b/extlib/XMPPHP/XMPP.php
index 429f45e56..c0f896339 100644
--- a/extlib/XMPPHP/XMPP.php
+++ b/extlib/XMPPHP/XMPP.php
@@ -171,7 +171,7 @@ class XMPPHP_XMPP extends XMPPHP_XMLStream {
$body = htmlspecialchars($body);
$subject = htmlspecialchars($subject);
- $out = "<message from='{$this->fulljid}' to='$to' type='$type'>";
+ $out = "<message from=\"{$this->fulljid}\" to=\"$to\" type='$type'>";
if($subject) $out .= "<subject>$subject</subject>";
$out .= "<body>$body</body>";
if($payload) $out .= $payload;
@@ -194,7 +194,7 @@ class XMPPHP_XMPP extends XMPPHP_XMLStream {
if($show == 'unavailable') $type = 'unavailable';
$out = "<presence";
- if($to) $out .= " to='$to'";
+ if($to) $out .= " to=\"$to\"";
if($type) $out .= " type='$type'";
if($show == 'available' and !$status) {
$out .= "/>";
diff --git a/extlib/libomb/base_url_xrds_mapper.php b/extlib/libomb/base_url_xrds_mapper.php
index 645459583..d45d6d69f 100755
--- a/extlib/libomb/base_url_xrds_mapper.php
+++ b/extlib/libomb/base_url_xrds_mapper.php
@@ -1,14 +1,6 @@
<?php
-
-require_once 'xrds_mapper.php';
-require_once 'constants.php';
-
/**
- * Map XRDS actions to URLs using base URLs.
- *
- * This interface specifies classes which write the XRDS file announcing
- * the OMB server. An instance of an implementing class should be passed to
- * OMB_Service_Provider->writeXRDS.
+ * This file is part of libomb
*
* PHP version 5
*
@@ -25,27 +17,56 @@ require_once 'constants.php';
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
- * @package OMB
- * @author Adrian Lang <mail@adrianlang.de>
- * @copyright 2009 Adrian Lang
- * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
- **/
+ * @package OMB
+ * @author Adrian Lang <mail@adrianlang.de>
+ * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
+ * @version 0.1a-20090828
+ * @link http://adrianlang.de/libomb
+ */
-class OMB_Base_URL_XRDS_Mapper implements OMB_XRDS_Mapper {
+require_once 'xrds_mapper.php';
+require_once 'constants.php';
- protected $urls;
+/**
+ * Map XRDS actions to URLs using base URLs
+ *
+ * This class realizes a simple mapping of action URIs to handler URLs. The
+ * target URLs are constructed using a base URL.
+ */
+class OMB_Base_URL_XRDS_Mapper implements OMB_XRDS_Mapper
+{
+ protected $urls;
- public function __construct($oauth_base, $omb_base) {
- $this->urls = array(
- OAUTH_ENDPOINT_REQUEST => $oauth_base . 'requesttoken',
- OAUTH_ENDPOINT_AUTHORIZE => $oauth_base . 'userauthorization',
- OAUTH_ENDPOINT_ACCESS => $oauth_base . 'accesstoken',
- OMB_ENDPOINT_POSTNOTICE => $omb_base . 'postnotice',
- OMB_ENDPOINT_UPDATEPROFILE => $omb_base . 'updateprofile');
- }
+ /**
+ * Constructor
+ *
+ * Initialize the XRDS mapper with base URLs for OAuth and OMB endpoints.
+ *
+ * @param string $oauth_base The base URL for OAuth endpoints
+ * @param string $omb_base The base URL for OMB endpoints
+ */
+ public function __construct($oauth_base, $omb_base)
+ {
+ $this->urls = array(
+ OAUTH_ENDPOINT_REQUEST => $oauth_base . 'requesttoken',
+ OAUTH_ENDPOINT_AUTHORIZE => $oauth_base . 'userauthorization',
+ OAUTH_ENDPOINT_ACCESS => $oauth_base . 'accesstoken',
+ OMB_ENDPOINT_POSTNOTICE => $omb_base . 'postnotice',
+ OMB_ENDPOINT_UPDATEPROFILE => $omb_base . 'updateprofile');
+ }
- public function getURL($action) {
- return $this->urls[$action];
- }
+ /**
+ * Fetch an URL for a specified action
+ *
+ * Returns the action URL for an action specified by the endpoint URI.
+ *
+ * @param string $action The endpoint URI
+ *
+ * @return string The action URL
+ */
+ public function getURL($action)
+ {
+ return $this->urls[$action];
+ }
}
?>
diff --git a/extlib/libomb/constants.php b/extlib/libomb/constants.php
index a097443ac..2f8c0e514 100644
--- a/extlib/libomb/constants.php
+++ b/extlib/libomb/constants.php
@@ -20,15 +20,16 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
- * @package OMB
- * @author Adrian Lang <mail@adrianlang.de>
- * @copyright 2009 Adrian Lang
- * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
- **/
+ * @package OMB
+ * @author Adrian Lang <mail@adrianlang.de>
+ * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
+ * @version 0.1a-20090828
+ * @link http://adrianlang.de/libomb
+ */
/**
* The OMB constants.
- **/
+ */
define('OMB_VERSION_01', 'http://openmicroblogging.org/protocol/0.1');
@@ -40,7 +41,7 @@ define('OMB_ENDPOINT_POSTNOTICE', OMB_VERSION . '/postNotice');
/**
* The OAuth constants.
- **/
+ */
define('OAUTH_NAMESPACE', 'http://oauth.net/core/1.0/');
diff --git a/extlib/libomb/datastore.php b/extlib/libomb/datastore.php
index ab52de547..d67aafcc5 100755
--- a/extlib/libomb/datastore.php
+++ b/extlib/libomb/datastore.php
@@ -1,4 +1,28 @@
<?php
+/**
+ * This file is part of libomb
+ *
+ * PHP version 5
+ *
+ * LICENSE: This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @package OMB
+ * @author Adrian Lang <mail@adrianlang.de>
+ * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
+ * @version 0.1a-20090828
+ * @link http://adrianlang.de/libomb
+ */
require_once 'OAuth.php';
@@ -27,174 +51,162 @@ require_once 'OAuth.php';
* Most of the parameters passed to these methods are unescaped and unverified
* user input. Therefore they should be handled with extra care to avoid
* security problems like SQL injections.
- *
- * PHP version 5
- *
- * LICENSE: This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * @package OMB
- * @author Adrian Lang <mail@adrianlang.de>
- * @copyright 2009 Adrian Lang
- * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
- **/
-
-class OMB_Datastore extends OAuthDataStore {
+ */
+class OMB_Datastore extends OAuthDataStore
+{
- /*********
- * OAUTH *
- *********/
+ /*********
+ * OAUTH *
+ *********/
- /**
- * Revoke specified OAuth token
- *
- * Revokes the authorization token specified by $token_key.
- * Throws exceptions in case of error.
- *
- * @param string $token_key The key of the token to be revoked
- *
- * @access public
- **/
- public function revoke_token($token_key) {
- throw new Exception();
- }
+ /**
+ * Revoke specified OAuth token
+ *
+ * Revokes the authorization token specified by $token_key.
+ * Throws exceptions in case of error.
+ *
+ * @param string $token_key The key of the token to be revoked
+ *
+ * @access public
+ */
+ public function revoke_token($token_key)
+ {
+ throw new Exception();
+ }
- /**
- * Authorize specified OAuth token
- *
- * Authorizes the authorization token specified by $token_key.
- * Throws exceptions in case of error.
- *
- * @param string $token_key The key of the token to be authorized
- *
- * @access public
- **/
- public function authorize_token($token_key) {
- throw new Exception();
- }
+ /**
+ * Authorize specified OAuth token
+ *
+ * Authorizes the authorization token specified by $token_key.
+ * Throws exceptions in case of error.
+ *
+ * @param string $token_key The key of the token to be authorized
+ *
+ * @access public
+ */
+ public function authorize_token($token_key)
+ {
+ throw new Exception();
+ }
- /*********
- * OMB *
- *********/
+ /*********
+ * OMB *
+ *********/
- /**
- * Get profile by identifying URI
- *
- * Returns an OMB_Profile object representing the OMB profile identified by
- * $identifier_uri.
- * Returns null if there is no such OMB profile.
- * Throws exceptions in case of other error.
- *
- * @param string $identifier_uri The OMB identifier URI specifying the
- * requested profile
- *
- * @access public
- *
- * @return OMB_Profile The corresponding profile
- **/
- public function getProfile($identifier_uri) {
- throw new Exception();
- }
+ /**
+ * Get profile by identifying URI
+ *
+ * Returns an OMB_Profile object representing the OMB profile identified by
+ * $identifier_uri.
+ * Returns null if there is no such OMB profile.
+ * Throws exceptions in case of other error.
+ *
+ * @param string $identifier_uri The OMB identifier URI specifying the
+ * requested profile
+ *
+ * @access public
+ *
+ * @return OMB_Profile The corresponding profile
+ */
+ public function getProfile($identifier_uri)
+ {
+ throw new Exception();
+ }
- /**
- * Save passed profile
- *
- * Stores the OMB profile $profile. Overwrites an existing entry.
- * Throws exceptions in case of error.
- *
- * @param OMB_Profile $profile The OMB profile which should be saved
- *
- * @access public
- **/
- public function saveProfile($profile) {
- throw new Exception();
- }
+ /**
+ * Save passed profile
+ *
+ * Stores the OMB profile $profile. Overwrites an existing entry.
+ * Throws exceptions in case of error.
+ *
+ * @param OMB_Profile $profile The OMB profile which should be saved
+ *
+ * @access public
+ */
+ public function saveProfile($profile)
+ {
+ throw new Exception();
+ }
- /**
- * Save passed notice
- *
- * Stores the OMB notice $notice. The datastore may change the passed notice.
- * This might by neccessary for URIs depending on a database key. Note that
- * it is the user’s duty to present a mechanism for his OMB_Datastore to
- * appropriately change his OMB_Notice. TODO: Ugly.
- * Throws exceptions in case of error.
- *
- * @param OMB_Notice $notice The OMB notice which should be saved
- *
- * @access public
- **/
- public function saveNotice(&$notice) {
- throw new Exception();
- }
+ /**
+ * Save passed notice
+ *
+ * Stores the OMB notice $notice. The datastore may change the passed
+ * notice. This might by necessary for URIs depending on a database key.
+ * Note that it is the user’s duty to present a mechanism for his
+ * OMB_Datastore to appropriately change his OMB_Notice.
+ * Throws exceptions in case of error.
+ *
+ * @param OMB_Notice &$notice The OMB notice which should be saved
+ *
+ * @access public
+ */
+ public function saveNotice(&$notice)
+ {
+ throw new Exception();
+ }
- /**
- * Get subscriptions of a given profile
- *
- * Returns an array containing subscription informations for the specified
- * profile. Every array entry should in turn be an array with keys
- * 'uri´: The identifier URI of the subscriber
- * 'token´: The subscribe token
- * 'secret´: The secret token
- * Throws exceptions in case of error.
- *
- * @param string $subscribed_user_uri The OMB identifier URI specifying the
- * subscribed profile
- *
- * @access public
- *
- * @return mixed An array containing the subscriptions or 0 if no
- * subscription has been found.
- **/
- public function getSubscriptions($subscribed_user_uri) {
- throw new Exception();
- }
+ /**
+ * Get subscriptions of a given profile
+ *
+ * Returns an array containing subscription informations for the specified
+ * profile. Every array entry should in turn be an array with keys
+ * 'uri´: The identifier URI of the subscriber
+ * 'token´: The subscribe token
+ * 'secret´: The secret token
+ * Throws exceptions in case of error.
+ *
+ * @param string $subscribed_user_uri The OMB identifier URI specifying the
+ * subscribed profile
+ *
+ * @access public
+ *
+ * @return mixed An array containing the subscriptions or 0 if no
+ * subscription has been found.
+ */
+ public function getSubscriptions($subscribed_user_uri)
+ {
+ throw new Exception();
+ }
- /**
- * Delete a subscription
- *
- * Deletes the subscription from $subscriber_uri to $subscribed_user_uri.
- * Throws exceptions in case of error.
- *
- * @param string $subscriber_uri The OMB identifier URI specifying the
- * subscribing profile
- *
- * @param string $subscribed_user_uri The OMB identifier URI specifying the
- * subscribed profile
- *
- * @access public
- **/
- public function deleteSubscription($subscriber_uri, $subscribed_user_uri) {
- throw new Exception();
- }
+ /**
+ * Delete a subscription
+ *
+ * Deletes the subscription from $subscriber_uri to $subscribed_user_uri.
+ * Throws exceptions in case of error.
+ *
+ * @param string $subscriber_uri The OMB identifier URI specifying the
+ * subscribing profile
+ *
+ * @param string $subscribed_user_uri The OMB identifier URI specifying the
+ * subscribed profile
+ *
+ * @access public
+ */
+ public function deleteSubscription($subscriber_uri, $subscribed_user_uri)
+ {
+ throw new Exception();
+ }
- /**
- * Save a subscription
- *
- * Saves the subscription from $subscriber_uri to $subscribed_user_uri.
- * Throws exceptions in case of error.
- *
- * @param string $subscriber_uri The OMB identifier URI specifying
- * the subscribing profile
- *
- * @param string $subscribed_user_uri The OMB identifier URI specifying
- * the subscribed profile
- * @param OAuthToken $token The access token
- *
- * @access public
- **/
- public function saveSubscription($subscriber_uri, $subscribed_user_uri,
- $token) {
- throw new Exception();
- }
+ /**
+ * Save a subscription
+ *
+ * Saves the subscription from $subscriber_uri to $subscribed_user_uri.
+ * Throws exceptions in case of error.
+ *
+ * @param string $subscriber_uri The OMB identifier URI specifying
+ * the subscribing profile
+ *
+ * @param string $subscribed_user_uri The OMB identifier URI specifying
+ * the subscribed profile
+ * @param OAuthToken $token The access token
+ *
+ * @access public
+ */
+ public function saveSubscription($subscriber_uri, $subscribed_user_uri,
+ $token)
+ {
+ throw new Exception();
+ }
}
?>
diff --git a/extlib/libomb/helper.php b/extlib/libomb/helper.php
index a1f21f268..08e6e7ab4 100644
--- a/extlib/libomb/helper.php
+++ b/extlib/libomb/helper.php
@@ -1,11 +1,6 @@
<?php
-
-require_once 'Validate.php';
-
/**
- * Helper functions for libomb
- *
- * This file contains helper functions for libomb.
+ * This file is part of libomb
*
* PHP version 5
*
@@ -22,78 +17,88 @@ require_once 'Validate.php';
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
- * @package OMB
- * @author Adrian Lang <mail@adrianlang.de>
- * @copyright 2009 Adrian Lang
- * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
- **/
+ * @package OMB
+ * @author Adrian Lang <mail@adrianlang.de>
+ * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
+ * @version 0.1a-20090828
+ * @link http://adrianlang.de/libomb
+ */
-class OMB_Helper {
+require_once 'Validate.php';
- /**
- * Non-scalar constants
- *
- * The set of OMB and OAuth Services an OMB Server has to implement.
- */
+/**
+ * Helper functions for libomb
+ *
+ * This class contains helper functions for libomb.
+ */
+class OMB_Helper
+{
- public static $OMB_SERVICES =
- array(OMB_ENDPOINT_UPDATEPROFILE, OMB_ENDPOINT_POSTNOTICE);
- public static $OAUTH_SERVICES =
- array(OAUTH_ENDPOINT_REQUEST, OAUTH_ENDPOINT_AUTHORIZE, OAUTH_ENDPOINT_ACCESS);
+ /**
+ * Non-scalar constants
+ *
+ * The set of OMB and OAuth Services an OMB Server has to implement.
+ */
- /**
- * Validate URL
- *
- * Basic URL validation. Currently http, https, ftp and gopher are supported
- * schemes.
- *
- * @param string $url The URL which is to be validated.
- *
- * @return bool Whether URL is valid.
- *
- * @access public
- */
- public static function validateURL($url) {
- return Validate::uri($url, array('allowed_schemes' => array('http', 'https',
- 'gopher', 'ftp')));
- }
+ public static $OMB_SERVICES = array(OMB_ENDPOINT_UPDATEPROFILE,
+ OMB_ENDPOINT_POSTNOTICE);
+ public static $OAUTH_SERVICES = array(OAUTH_ENDPOINT_REQUEST,
+ OAUTH_ENDPOINT_AUTHORIZE,
+ OAUTH_ENDPOINT_ACCESS);
- /**
- * Validate Media type
- *
- * Basic Media type validation. Checks for valid maintype and correct format.
- *
- * @param string $mediatype The Media type which is to be validated.
- *
- * @return bool Whether media type is valid.
- *
- * @access public
- */
- public static function validateMediaType($mediatype) {
- if (0 === preg_match('/^(\w+)\/([\w\d-+.]+)$/', $mediatype, $subtypes)) {
- return false;
+ /**
+ * Validate URL
+ *
+ * Basic URL validation. Currently http, https, ftp and gopher are supported
+ * schemes.
+ *
+ * @param string $url The URL which is to be validated.
+ *
+ * @return bool Whether URL is valid.
+ *
+ * @access public
+ */
+ public static function validateURL($url)
+ {
+ return Validate::uri($url, array('allowed_schemes' => array('http',
+ 'https', 'gopher', 'ftp')));
}
- if (!in_array(strtolower($subtypes[1]), array('application', 'audio', 'image',
- 'message', 'model', 'multipart', 'text', 'video'))) {
- return false;
+
+ /**
+ * Validate Media type
+ *
+ * Basic Media type validation. Checks for valid maintype and correct
+ * format.
+ *
+ * @param string $mediatype The Media type which is to be validated.
+ *
+ * @return bool Whether media type is valid.
+ *
+ * @access public
+ */
+ public static function validateMediaType($mediatype)
+ {
+ return preg_match('/^(\w+)\/([\w\d-+.]+)$/', $mediatype, $subtypes) > 0
+ &&
+ in_array(strtolower($subtypes[1]), array('application', 'audio',
+ 'image', 'message', 'model', 'multipart', 'text', 'video'));
}
- return true;
- }
- /**
- * Remove escaping from request parameters
- *
- * Neutralise the evil effects of magic_quotes_gpc in the current request.
- * This is used before handing a request off to OAuthRequest::from_request.
- * Many thanks to Ciaran Gultnieks for this fix.
- *
- * @access public
- */
- public static function removeMagicQuotesFromRequest() {
- if(get_magic_quotes_gpc() == 1) {
- $_POST = array_map('stripslashes', $_POST);
- $_GET = array_map('stripslashes', $_GET);
+ /**
+ * Remove escaping from request parameters
+ *
+ * Neutralise the evil effects of magic_quotes_gpc in the current request.
+ * This is used before handing a request off to OAuthRequest::from_request.
+ * Many thanks to Ciaran Gultnieks for this fix.
+ *
+ * @access public
+ */
+ public static function removeMagicQuotesFromRequest()
+ {
+ if (get_magic_quotes_gpc() === 1) {
+ $_POST = array_map('stripslashes', $_POST);
+ $_GET = array_map('stripslashes', $_GET);
+ }
}
- }
}
?>
diff --git a/extlib/libomb/invalidparameterexception.php b/extlib/libomb/invalidparameterexception.php
index 163e1dd4c..d95c7022c 100755
--- a/extlib/libomb/invalidparameterexception.php
+++ b/extlib/libomb/invalidparameterexception.php
@@ -1,8 +1,6 @@
<?php
/**
- * Exception stating that a passed parameter is invalid
- *
- * This exception is raised when a parameter does not obey the OMB standard.
+ * This file is part of libomb
*
* PHP version 5
*
@@ -19,14 +17,36 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
- * @package OMB
- * @author Adrian Lang <mail@adrianlang.de>
- * @copyright 2009 Adrian Lang
- * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
- **/
-class OMB_InvalidParameterException extends Exception {
- public function __construct($value, $type, $parameter) {
- parent::__construct("Invalid value $value for parameter $parameter in $type");
- }
+ * @package OMB
+ * @author Adrian Lang <mail@adrianlang.de>
+ * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
+ * @version 0.1a-20090828
+ * @link http://adrianlang.de/libomb
+ */
+
+/**
+ * Exception stating that a passed parameter is invalid
+ *
+ * This exception is raised when a parameter does not obey the OMB standard.
+ */
+class OMB_InvalidParameterException extends Exception
+{
+ /**
+ * Constructor
+ *
+ * Creates a new exception based on a parameter name, value, and object
+ * type.
+ *
+ * @param string $value The wrong value passed
+ * @param string $type The object type the parameter belongs to;
+ * Currently OMB uses profiles and notices
+ * @param string $parameter The name of the parameter the wrong value has
+ * been passed for
+ */
+ public function __construct($value, $type, $parameter)
+ {
+ parent::__construct("Invalid value ‘${value}’ for parameter " .
+ "‘${parameter}’ in $type");
+ }
}
?>
diff --git a/extlib/libomb/invalidyadisexception.php b/extlib/libomb/invalidyadisexception.php
index 797b7b95b..dc61a13ad 100755
--- a/extlib/libomb/invalidyadisexception.php
+++ b/extlib/libomb/invalidyadisexception.php
@@ -1,9 +1,6 @@
<?php
/**
- * Exception stating that a requested url does not resolve to a valid yadis
- *
- * This exception is raised when OMB_Service is not able to discover a valid
- * yadis location with XRDS.
+ * This file is part of libomb
*
* PHP version 5
*
@@ -20,12 +17,21 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
- * @package OMB
- * @author Adrian Lang <mail@adrianlang.de>
- * @copyright 2009 Adrian Lang
- * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
- **/
-class OMB_InvalidYadisException extends Exception {
+ * @package OMB
+ * @author Adrian Lang <mail@adrianlang.de>
+ * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
+ * @version 0.1a-20090828
+ * @link http://adrianlang.de/libomb
+ */
+
+/**
+ * Exception stating that a requested url does not resolve to a valid yadis
+ *
+ * This exception is raised when OMB_Service is not able to discover a valid
+ * yadis location with XRDS.
+ */
+class OMB_InvalidYadisException extends Exception
+{
}
?>
diff --git a/extlib/libomb/notice.php b/extlib/libomb/notice.php
index 9ac36640a..4963597b2 100755
--- a/extlib/libomb/notice.php
+++ b/extlib/libomb/notice.php
@@ -1,15 +1,6 @@
<?php
-require_once 'invalidparameterexception.php';
-require_once 'Validate.php';
-require_once 'helper.php';
-
/**
- * OMB Notice representation
- *
- * This class represents an OMB notice.
- *
- * Do not call the setters with null values. Instead, if you want to delete a
- * field, pass an empty string. The getters will return null for empty fields.
+ * This file is part of libomb
*
* PHP version 5
*
@@ -26,247 +17,278 @@ require_once 'helper.php';
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
- * @package OMB
- * @author Adrian Lang <mail@adrianlang.de>
- * @copyright 2009 Adrian Lang
- * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
- **/
-
-class OMB_Notice {
- protected $author;
- protected $uri;
- protected $content;
- protected $url;
- protected $license_url; /* url is an own addition for clarification. */
- protected $seealso_url; /* url is an own addition for clarification. */
- protected $seealso_disposition;
- protected $seealso_mediatype;
- protected $seealso_license_url; /* url is an addition for clarification. */
-
- /* The notice as OMB param array. Cached and rebuild on usage.
- false while outdated. */
- protected $param_array;
-
- /**
- * Constructor for OMB_Notice
- *
- * Initializes the OMB_Notice object with author, uri and content.
- * These parameters are mandatory for postNotice.
- *
- * @param object $author An OMB_Profile object representing the author of the
- * notice.
- * @param string $uri The notice URI as defined by the OMB. A unique and
- * unchanging identifier for a notice.
- * @param string $content The content of the notice. 140 chars recommended,
- * but there is no limit.
- *
- * @access public
- */
- public function __construct($author, $uri, $content) {
- $this->content = $content;
- if (is_null($author)) {
- throw new OMB_InvalidParameterException('', 'notice', 'omb_listenee');
- }
- $this->author = $author;
+ * @package OMB
+ * @author Adrian Lang <mail@adrianlang.de>
+ * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
+ * @version 0.1a-20090828
+ * @link http://adrianlang.de/libomb
+ */
- if (!Validate::uri($uri)) {
- throw new OMB_InvalidParameterException($uri, 'notice', 'omb_notice');
- }
- $this->uri = $uri;
-
- $this->param_array = false;
- }
-
- /**
- * Returns the notice as array
- *
- * The method returns an array which contains the whole notice as array. The
- * array is cached and only rebuilt on changes of the notice.
- * Empty optional values are not passed.
- *
- * @access public
- * @returns array The notice as parameter array
- */
- public function asParameters() {
- if ($this->param_array !== false) {
- return $this->param_array;
+require_once 'invalidparameterexception.php';
+require_once 'Validate.php';
+require_once 'helper.php';
+
+/**
+ * OMB Notice representation
+ *
+ * This class represents an OMB notice.
+ *
+ * Do not call the setters with null values. Instead, if you want to delete a
+ * field, pass an empty string. The getters will return null for empty fields.
+ */
+class OMB_Notice
+{
+ protected $author;
+ protected $uri;
+ protected $content;
+ protected $url;
+ protected $license_url; /* url is an own addition for clarification. */
+ protected $seealso_url; /* url is an own addition for clarification. */
+ protected $seealso_disposition;
+ protected $seealso_mediatype;
+ protected $seealso_license_url; /* url is an addition for clarification. */
+
+ /* The notice as OMB param array. Cached and rebuild on usage.
+ false while outdated. */
+ protected $param_array;
+
+ /**
+ * Constructor for OMB_Notice
+ *
+ * Initializes the OMB_Notice object with author, uri and content.
+ * These parameters are mandatory for postNotice.
+ *
+ * @param object $author An OMB_Profile object representing the author of
+ * the notice.
+ * @param string $uri The notice URI as defined by the OMB. A unique and
+ * never changing identifier for a notice.
+ * @param string $content The content of the notice. 140 chars recommended,
+ * but there is no limit.
+ *
+ * @access public
+ */
+ public function __construct($author, $uri, $content)
+ {
+ $this->content = $content;
+ if (is_null($author)) {
+ throw new OMB_InvalidParameterException('', 'notice', 'omb_listenee');
+ }
+ $this->author = $author;
+
+ if (!Validate::uri($uri)) {
+ throw new OMB_InvalidParameterException($uri, 'notice', 'omb_notice');
+ }
+ $this->uri = $uri;
+
+ $this->param_array = false;
}
- $this->param_array = array(
- 'omb_notice' => $this->uri,
- 'omb_notice_content' => $this->content);
+ /**
+ * Return the notice as array
+ *
+ * Returns an array which contains the whole notice as array. The array is
+ * cached and only rebuilt on changes of the notice.
+ * Empty optional values are not passed.
+ *
+ * @access public
+ * @return array The notice as parameter array
+ */
+ public function asParameters()
+ {
+ if ($this->param_array !== false) {
+ return $this->param_array;
+ }
+
+ $this->param_array = array(
+ 'omb_notice' => $this->uri,
+ 'omb_notice_content' => $this->content);
+
+ if (!is_null($this->url))
+ $this->param_array['omb_notice_url'] = $this->url;
+
+ if (!is_null($this->license_url))
+ $this->param_array['omb_notice_license'] = $this->license_url;
+
+ if (!is_null($this->seealso_url)) {
+ $this->param_array['omb_seealso'] = $this->seealso_url;
+
+ /* This is actually a free interpretation of the OMB standard. We
+ assume that additional seealso parameters are not of any use if
+ seealso itself is not set. */
+ if (!is_null($this->seealso_disposition))
+ $this->param_array['omb_seealso_disposition'] =
+ $this->seealso_disposition;
+
+ if (!is_null($this->seealso_mediatype))
+ $this->param_array['omb_seealso_mediatype'] =
+ $this->seealso_mediatype;
- if (!is_null($this->url))
- $this->param_array['omb_notice_url'] = $this->url;
+ if (!is_null($this->seealso_license_url))
+ $this->param_array['omb_seealso_license'] =
+ $this->seealso_license_url;
+ }
+ return $this->param_array;
+ }
- if (!is_null($this->license_url))
- $this->param_array['omb_notice_license'] = $this->license_url;
+ /**
+ * Build an OMB_Notice object from array
+ *
+ * Builds an OMB_Notice object from the passed parameters array. The array
+ * MUST provide a notice URI and content. The array fields HAVE TO be named
+ * according to the OMB standard, i. e. omb_notice_* and omb_seealso_*.
+ * Values are handled as not passed if the corresponding array fields are
+ * not set or the empty string.
+ *
+ * @param object $author An OMB_Profile object representing the author
+ * of the notice.
+ * @param string $parameters An array containing the notice parameters.
+ *
+ * @access public
+ *
+ * @returns OMB_Notice The built OMB_Notice.
+ */
+ public static function fromParameters($author, $parameters)
+ {
+ $notice = new OMB_Notice($author, $parameters['omb_notice'],
+ $parameters['omb_notice_content']);
+
+ if (isset($parameters['omb_notice_url'])) {
+ $notice->setURL($parameters['omb_notice_url']);
+ }
+
+ if (isset($parameters['omb_notice_license'])) {
+ $notice->setLicenseURL($parameters['omb_notice_license']);
+ }
+
+ if (isset($parameters['omb_seealso'])) {
+ $notice->setSeealsoURL($parameters['omb_seealso']);
+ }
+
+ if (isset($parameters['omb_seealso_disposition'])) {
+ $notice->setSeealsoDisposition($parameters['omb_seealso_disposition']);
+ }
+
+ if (isset($parameters['omb_seealso_mediatype'])) {
+ $notice->setSeealsoMediatype($parameters['omb_seealso_mediatype']);
+ }
+
+ if (isset($parameters['omb_seealso_license'])) {
+ $notice->setSeealsoLicenseURL($parameters['omb_seealso_license']);
+ }
+ return $notice;
+ }
- if (!is_null($this->seealso_url)) {
- $this->param_array['omb_seealso'] = $this->seealso_url;
+ public function getAuthor()
+ {
+ return $this->author;
+ }
- /* This is actually a free interpretation of the OMB standard. We assume
- that additional seealso parameters are not of any use if seealso itself
- is not set. */
- if (!is_null($this->seealso_disposition))
- $this->param_array['omb_seealso_disposition'] =
- $this->seealso_disposition;
+ public function getIdentifierURI()
+ {
+ return $this->uri;
+ }
- if (!is_null($this->seealso_mediatype))
- $this->param_array['omb_seealso_mediatype'] = $this->seealso_mediatype;
+ public function getContent()
+ {
+ return $this->content;
+ }
- if (!is_null($this->seealso_license_url))
- $this->param_array['omb_seealso_license'] = $this->seealso_license_url;
+ public function getURL()
+ {
+ return $this->url;
}
- return $this->param_array;
- }
-
- /**
- * Builds an OMB_Notice object from array
- *
- * The method builds an OMB_Notice object from the passed parameters array.
- * The array MUST provide a notice URI and content. The array fields HAVE TO
- * be named according to the OMB standard, i. e. omb_notice_* and
- * omb_seealso_*. Values are handled as not passed if the corresponding array
- * fields are not set or the empty string.
- *
- * @param object $author An OMB_Profile object representing the author of
- * the notice.
- * @param string $parameters An array containing the notice parameters.
- *
- * @access public
- *
- * @returns OMB_Notice The built OMB_Notice.
- */
- public static function fromParameters($author, $parameters) {
- $notice = new OMB_Notice($author, $parameters['omb_notice'],
- $parameters['omb_notice_content']);
-
- if (isset($parameters['omb_notice_url'])) {
- $notice->setURL($parameters['omb_notice_url']);
+
+ public function getLicenseURL()
+ {
+ return $this->license_url;
}
- if (isset($parameters['omb_notice_license'])) {
- $notice->setLicenseURL($parameters['omb_notice_license']);
+ public function getSeealsoURL()
+ {
+ return $this->seealso_url;
}
- if (isset($parameters['omb_seealso'])) {
- $notice->setSeealsoURL($parameters['omb_seealso']);
+ public function getSeealsoDisposition()
+ {
+ return $this->seealso_disposition;
}
- if (isset($parameters['omb_seealso_disposition'])) {
- $notice->setSeealsoDisposition($parameters['omb_seealso_disposition']);
+ public function getSeealsoMediatype()
+ {
+ return $this->seealso_mediatype;
}
- if (isset($parameters['omb_seealso_mediatype'])) {
- $notice->setSeealsoMediatype($parameters['omb_seealso_mediatype']);
+ public function getSeealsoLicenseURL()
+ {
+ return $this->seealso_license_url;
}
- if (isset($parameters['omb_seealso_license'])) {
- $notice->setSeealsoLicenseURL($parameters['omb_seealso_license']);
+ public function setURL($url)
+ {
+ $this->setVal('notice_url', $url, 'OMB_Helper::validateURL', 'url');
}
- return $notice;
- }
-
- public function getAuthor() {
- return $this->author;
- }
-
- public function getIdentifierURI() {
- return $this->uri;
- }
-
- public function getContent() {
- return $this->content;
- }
-
- public function getURL() {
- return $this->url;
- }
-
- public function getLicenseURL() {
- return $this->license_url;
- }
-
- public function getSeealsoURL() {
- return $this->seealso_url;
- }
-
- public function getSeealsoDisposition() {
- return $this->seealso_disposition;
- }
-
- public function getSeealsoMediatype() {
- return $this->seealso_mediatype;
- }
-
- public function getSeealsoLicenseURL() {
- return $this->seealso_license_url;
- }
-
- public function setURL($url) {
- if ($url === '') {
- $url = null;
- } elseif (!OMB_Helper::validateURL($url)) {
- throw new OMB_InvalidParameterException($url, 'notice', 'omb_notice_url');
+
+ public function setLicenseURL($license_url)
+ {
+ $this->setVal('license', $license_url, 'OMB_Helper::validateURL',
+ 'license_url');
+ }
+
+ public function setSeealsoURL($seealso_url)
+ {
+ $this->setVal('seealso', $seealso_url, 'OMB_Helper::validateURL',
+ 'seealso_url');
}
- $this->url = $url;
- $this->param_array = false;
- }
-
- public function setLicenseURL($license_url) {
- if ($license_url === '') {
- $license_url = null;
- } elseif (!OMB_Helper::validateURL($license_url)) {
- throw new OMB_InvalidParameterException($license_url, 'notice',
- 'omb_notice_license');
+
+ public function setSeealsoDisposition($seealso_disposition)
+ {
+ $this->setVal('seealso_disposition', $seealso_disposition,
+ 'OMB_Notice::validateDisposition');
}
- $this->license_url = $license_url;
- $this->param_array = false;
- }
-
- public function setSeealsoURL($seealso_url) {
- if ($seealso_url === '') {
- $seealso_url = null;
- } elseif (!OMB_Helper::validateURL($seealso_url)) {
- throw new OMB_InvalidParameterException($seealso_url, 'notice',
- 'omb_seealso');
+
+ protected static function validateDisposition($str)
+ {
+ return in_array($str, array('link', 'inline'));
}
- $this->seealso_url = $seealso_url;
- $this->param_array = false;
- }
-
- public function setSeealsoDisposition($seealso_disposition) {
- if ($seealso_disposition === '') {
- $seealso_disposition = null;
- } elseif ($seealso_disposition !== 'link' && $seealso_disposition !== 'inline') {
- throw new OMB_InvalidParameterException($seealso_disposition, 'notice',
- 'omb_seealso_disposition');
+
+ public function setSeealsoMediatype($seealso_mediatype)
+ {
+ $this->setVal('seealso_mediatype', $seealso_mediatype,
+ 'OMB_Helper::validateMediaType');
}
- $this->seealso_disposition = $seealso_disposition;
- $this->param_array = false;
- }
-
- public function setSeealsoMediatype($seealso_mediatype) {
- if ($seealso_mediatype === '') {
- $seealso_mediatype = null;
- } elseif (!OMB_Helper::validateMediaType($seealso_mediatype)) {
- throw new OMB_InvalidParameterException($seealso_mediatype, 'notice',
- 'omb_seealso_mediatype');
+
+ public function setSeealsoLicenseURL($seealso_license_url)
+ {
+ $this->setVal('seealso_license', $seealso_license_url,
+ 'OMB_Helper::validateURL', 'seealso_license_url');
}
- $this->seealso_mediatype = $seealso_mediatype;
- $this->param_array = false;
- }
-
- public function setSeealsoLicenseURL($seealso_license_url) {
- if ($seealso_license_url === '') {
- $seealso_license_url = null;
- } elseif (!OMB_Helper::validateURL($seealso_license_url)) {
- throw new OMB_InvalidParameterException($seealso_license_url, 'notice',
- 'omb_seealso_license');
+
+ /**
+ * Set a value
+ *
+ * Updates a value specified by a parameter name and the new value.
+ *
+ * @param string $param The parameter name according to OMB
+ * @param string $value The new value
+ * @param callback $validator A validator function for the parameter
+ * @param string $field The name of the field in OMB_Notice
+ * @param bool $force Whether null values should be checked as well
+ */
+ protected function setVal($param, $value, $validator, $field = null,
+ $force = false)
+ {
+ if (is_null($field)) {
+ $field = $param;
+ }
+ if ($value === '' && !$force) {
+ $value = null;
+ } elseif (!call_user_func($validator, $value)) {
+ throw new OMB_InvalidParameterException($value, 'notice', $param);
+ }
+ if ($this->$field !== $value) {
+ $this->$field = $value;
+ $this->param_array = false;
+ }
}
- $this->seealso_license_url = $seealso_license_url;
- $this->param_array = false;
- }
}
?>
diff --git a/extlib/libomb/omb_yadis_xrds.php b/extlib/libomb/omb_yadis_xrds.php
index 89921203b..a05477c10 100755
--- a/extlib/libomb/omb_yadis_xrds.php
+++ b/extlib/libomb/omb_yadis_xrds.php
@@ -1,14 +1,6 @@
<?php
-
-require_once 'Auth/Yadis/Yadis.php';
-require_once 'unsupportedserviceexception.php';
-require_once 'invalidyadisexception.php';
-
/**
- * OMB XRDS representation
- *
- * This class represents a Yadis XRDS file for OMB. It adds some useful methods to
- * Auth_Yadis_XRDS.
+ * This file is part of libomb
*
* PHP version 5
*
@@ -25,172 +17,193 @@ require_once 'invalidyadisexception.php';
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
- * @package OMB
- * @author Adrian Lang <mail@adrianlang.de>
- * @copyright 2009 Adrian Lang
- * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
- **/
-
-class OMB_Yadis_XRDS extends Auth_Yadis_XRDS {
-
- protected $fetcher;
-
- /**
- * Create an instance from URL
- *
- * Constructs an OMB_Yadis_XRDS object from a given URL. A full Yadis
- * discovery is performed on the URL and the XRDS is parsed.
- * Throws an OMB_InvalidYadisException when no Yadis is discovered or the
- * detected XRDS file is broken.
- *
- * @param string $url The URL on which Yadis discovery
- * should be performed on
- * @param Auth_Yadis_HTTPFetcher $fetcher A fetcher used to get HTTP
- * resources
- *
- * @access public
- *
- * @return OMB_Yadis_XRDS The initialized object representing the given
- * resource
- **/
- public static function fromYadisURL($url, $fetcher) {
- /* Perform a Yadis discovery. */
- $yadis = Auth_Yadis_Yadis::discover($url, $fetcher);
- if ($yadis->failed) {
- throw new OMB_InvalidYadisException($url);
- }
-
- /* Parse the XRDS file. */
- $xrds = OMB_Yadis_XRDS::parseXRDS($yadis->response_text);
- if ($xrds === null) {
- throw new OMB_InvalidYadisException($url);
- }
- $xrds->fetcher = $fetcher;
- return $xrds;
- }
-
- /**
- * Get a specific service
- *
- * Returns the Auth_Yadis_Service object corresponding to the given service
- * URI.
- * Throws an OMB_UnsupportedServiceException if the service is not available.
- *
- * @param string $service URI specifier of the requested service
- *
- * @access public
- *
- * @return Auth_Yadis_Service The object representing the requested service
- **/
- public function getService($service) {
- $match = $this->services(array( create_function('$s',
- "return in_array('$service', \$s->getTypes());")));
- if ($match === array()) {
- throw new OMB_UnsupportedServiceException($service);
- }
- return $match[0];
- }
-
- /**
- * Get a specific XRD
- *
- * Returns the OMB_Yadis_XRDS object corresponding to the given URI.
- * Throws an OMB_UnsupportedServiceException if the XRD is not available.
- * Note that getXRD tries to resolve external XRD parts as well.
- *
- * @param string $uri URI specifier of the requested XRD
- *
- * @access public
- *
- * @return OMB_Yadis_XRDS The object representing the requested XRD
- **/
- public function getXRD($uri) {
- $nexthash = strpos($uri, '#');
- if ($nexthash !== 0) {
- if ($nexthash !== false) {
- $cururi = substr($uri, 0, $nexthash);
- $nexturi = substr($uri, $nexthash);
- }
- return
- OMB_Yadis_XRDS::fromYadisURL($cururi, $this->fetcher)->getXRD($nexturi);
- }
-
- $id = substr($uri, 1);
- foreach ($this->allXrdNodes as $node) {
- $attrs = $this->parser->attributes($node);
- if (array_key_exists('xml:id', $attrs) && $attrs['xml:id'] == $id) {
- /* Trick the constructor into thinking this is the only node. */
- $bogus_nodes = array($node);
- return new OMB_Yadis_XRDS($this->parser, $bogus_nodes);
- }
- }
- throw new OMB_UnsupportedServiceException($uri);
- }
-
- /**
- * Parse an XML string containing a XRDS document
- *
- * Parse an XML string (XRDS document) and return either a
- * Auth_Yadis_XRDS object or null, depending on whether the
- * XRDS XML is valid.
- * Copy and paste from parent to select correct constructor.
- *
- * @param string $xml_string An XRDS XML string.
- *
- * @access public
- *
- * @return mixed An instance of OMB_Yadis_XRDS or null,
- * depending on the validity of $xml_string
- **/
-
- public function &parseXRDS($xml_string, $extra_ns_map = null) {
- $_null = null;
-
- if (!$xml_string) {
- return $_null;
- }
+ * @package OMB
+ * @author Adrian Lang <mail@adrianlang.de>
+ * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
+ * @version 0.1a-20090828
+ * @link http://adrianlang.de/libomb
+ */
- $parser = Auth_Yadis_getXMLParser();
-
- $ns_map = Auth_Yadis_getNSMap();
-
- if ($extra_ns_map && is_array($extra_ns_map)) {
- $ns_map = array_merge($ns_map, $extra_ns_map);
- }
-
- if (!($parser && $parser->init($xml_string, $ns_map))) {
- return $_null;
- }
+require_once 'Auth/Yadis/Yadis.php';
+require_once 'unsupportedserviceexception.php';
+require_once 'invalidyadisexception.php';
- // Try to get root element.
- $root = $parser->evalXPath('/xrds:XRDS[1]');
- if (!$root) {
- return $_null;
+/**
+ * OMB XRDS representation
+ *
+ * This class represents a Yadis XRDS file for OMB. It adds some useful methods to
+ * Auth_Yadis_XRDS.
+ */
+class OMB_Yadis_XRDS extends Auth_Yadis_XRDS
+{
+
+ protected $fetcher;
+
+ /**
+ * Create an instance from URL
+ *
+ * Constructs an OMB_Yadis_XRDS object from a given URL. A full Yadis
+ * discovery is performed on the URL and the XRDS is parsed.
+ * Throws an OMB_InvalidYadisException when no Yadis is discovered or the
+ * detected XRDS file is broken.
+ *
+ * @param string $url The URL on which Yadis discovery
+ * should be performed on
+ * @param Auth_Yadis_HTTPFetcher $fetcher A fetcher used to get HTTP
+ * resources
+ *
+ * @access public
+ *
+ * @return OMB_Yadis_XRDS The initialized object representing the given
+ * resource
+ */
+ public static function fromYadisURL($url, $fetcher)
+ {
+ /* Perform a Yadis discovery. */
+ $yadis = Auth_Yadis_Yadis::discover($url, $fetcher);
+ if ($yadis->failed) {
+ throw new OMB_InvalidYadisException($url);
+ }
+
+ /* Parse the XRDS file. */
+ $xrds = OMB_Yadis_XRDS::parseXRDS($yadis->response_text);
+ if ($xrds === null) {
+ throw new OMB_InvalidYadisException($url);
+ }
+ $xrds->fetcher = $fetcher;
+ return $xrds;
}
- if (is_array($root)) {
- $root = $root[0];
+ /**
+ * Get a specific service
+ *
+ * Returns the Auth_Yadis_Service object corresponding to the given service
+ * URI.
+ * Throws an OMB_UnsupportedServiceException if the service is not
+ * available.
+ *
+ * @param string $service URI specifier of the requested service
+ *
+ * @access public
+ *
+ * @return Auth_Yadis_Service The object representing the requested service
+ */
+ public function getService($service)
+ {
+ $match = $this->services(array(create_function('$s',
+ "return in_array('$service', \$s->getTypes());")));
+ if ($match === array()) {
+ throw new OMB_UnsupportedServiceException($service);
+ }
+ return $match[0];
}
- $attrs = $parser->attributes($root);
-
- if (array_key_exists('xmlns:xrd', $attrs) &&
- $attrs['xmlns:xrd'] != Auth_Yadis_XMLNS_XRDS) {
- return $_null;
- } else if (array_key_exists('xmlns', $attrs) &&
- preg_match('/xri/', $attrs['xmlns']) &&
- $attrs['xmlns'] != Auth_Yadis_XMLNS_XRD_2_0) {
- return $_null;
+ /**
+ * Get a specific XRD
+ *
+ * Returns the OMB_Yadis_XRDS object corresponding to the given URI.
+ * Throws an OMB_UnsupportedServiceException if the XRD is not available.
+ * Note that getXRD tries to resolve external XRD parts as well.
+ *
+ * @param string $uri URI specifier of the requested XRD
+ *
+ * @access public
+ *
+ * @return OMB_Yadis_XRDS The object representing the requested XRD
+ */
+ public function getXRD($uri)
+ {
+ $nexthash = strpos($uri, '#');
+ if ($nexthash === false) {
+ throw new OMB_InvalidYadisException("‘$uri’ does not specify a " .
+ 'valid XML node.');
+ }
+
+ if ($nexthash > 0) {
+ $cururi = substr($uri, 0, $nexthash);
+ $nexturi = substr($uri, $nexthash);
+ return OMB_Yadis_XRDS::fromYadisURL($cururi, $this->fetcher)
+ ->getXRD($nexturi);
+ }
+
+ $id = substr($uri, 1);
+ foreach ($this->allXrdNodes as $node) {
+ $attrs = $this->parser->attributes($node);
+ if (array_key_exists('xml:id', $attrs) && $attrs['xml:id'] == $id) {
+ /* Trick the constructor into thinking this is the only node. */
+ $bogus_nodes = array($node);
+ return new OMB_Yadis_XRDS($this->parser, $bogus_nodes);
+ }
+ }
+ throw new OMB_UnsupportedServiceException($uri);
}
- // Get the last XRD node.
- $xrd_nodes = $parser->evalXPath('/xrds:XRDS[1]/xrd:XRD');
-
- if (!$xrd_nodes) {
- return $_null;
+ /**
+ * Parse an XML string containing a XRDS document
+ *
+ * Parses an XML string (XRDS document) and returns either an
+ * Auth_Yadis_XRDS object or null, depending on whether the XRDS XML is
+ * valid.
+ * This method is just copy and paste from the parent class to select the
+ * correct constructor.
+ *
+ * @param string $xml_string An XRDS XML string
+ * @param array $extra_ns_map Additional namespace declarations
+ *
+ * @access public
+ *
+ * @return mixed An instance of OMB_Yadis_XRDS or null,
+ * depending on the validity of $xml_string
+ */
+ public static function parseXRDS($xml_string, $extra_ns_map = null)
+ {
+ $_null = null;
+
+ if (!$xml_string) {
+ return $_null;
+ }
+
+ $parser = Auth_Yadis_getXMLParser();
+
+ $ns_map = Auth_Yadis_getNSMap();
+
+ if ($extra_ns_map && is_array($extra_ns_map)) {
+ $ns_map = array_merge($ns_map, $extra_ns_map);
+ }
+
+ if (!($parser && $parser->init($xml_string, $ns_map))) {
+ return $_null;
+ }
+
+ // Try to get root element.
+ $root = $parser->evalXPath('/xrds:XRDS[1]');
+ if (!$root) {
+ return $_null;
+ }
+
+ if (is_array($root)) {
+ $root = $root[0];
+ }
+
+ $attrs = $parser->attributes($root);
+
+ if (array_key_exists('xmlns:xrd', $attrs) &&
+ $attrs['xmlns:xrd'] != Auth_Yadis_XMLNS_XRDS) {
+ return $_null;
+ } else if (array_key_exists('xmlns', $attrs) &&
+ preg_match('/xri/', $attrs['xmlns']) &&
+ $attrs['xmlns'] != Auth_Yadis_XMLNS_XRD_2_0) {
+ return $_null;
+ }
+
+ // Get the last XRD node.
+ $xrd_nodes = $parser->evalXPath('/xrds:XRDS[1]/xrd:XRD');
+
+ if (!$xrd_nodes) {
+ return $_null;
+ }
+
+ $xrds = new OMB_Yadis_XRDS($parser, $xrd_nodes);
+ return $xrds;
}
-
- $xrds = new OMB_Yadis_XRDS($parser, $xrd_nodes);
- return $xrds;
- }
}
diff --git a/extlib/libomb/plain_xrds_writer.php b/extlib/libomb/plain_xrds_writer.php
index b4a6e990b..ba1027b61 100755
--- a/extlib/libomb/plain_xrds_writer.php
+++ b/extlib/libomb/plain_xrds_writer.php
@@ -1,13 +1,6 @@
<?php
-
-require_once 'xrds_writer.php';
-
/**
- * Write OMB-specific XRDS using XMLWriter.
- *
- * This class writes the XRDS file announcing the OMB server. It uses
- * OMB_XMLWriter, which is a subclass of XMLWriter. An instance of
- * OMB_Plain_XRDS_Writer should be passed to OMB_Service_Provider->writeXRDS.
+ * This file is part of libomb
*
* PHP version 5
*
@@ -24,25 +17,45 @@ require_once 'xrds_writer.php';
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
- * @package OMB
- * @author Adrian Lang <mail@adrianlang.de>
- * @copyright 2009 Adrian Lang
- * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
- **/
+ * @package OMB
+ * @author Adrian Lang <mail@adrianlang.de>
+ * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
+ * @version 0.1a-20090828
+ * @link http://adrianlang.de/libomb
+ */
+
+require_once 'xrds_writer.php';
-class OMB_Plain_XRDS_Writer implements OMB_XRDS_Writer {
- public function writeXRDS($user, $mapper) {
- header('Content-Type: application/xrds+xml');
- $xw = new XMLWriter();
- $xw->openURI('php://output');
- $xw->setIndent(true);
+/**
+ * Write OMB-specific XRDS using XMLWriter
+ *
+ * This class writes the XRDS file announcing the OMB server. It uses XMLWriter.
+ * An instance of OMB_Plain_XRDS_Writer should be passed to
+ * OMB_Service_Provider->writeXRDS.
+ */
+class OMB_Plain_XRDS_Writer implements OMB_XRDS_Writer
+{
+ /**
+ * Write XRDS using XMLWriter
+ *
+ * Outputs a XRDS document specifying an OMB service.
+ *
+ * @param OMB_profile $user The target user for the OMB service
+ * @param OMB_XRDS_Mapper $mapper An OMB_XRDS_Mapper providing endpoint URLs
+ */
+ public function writeXRDS($user, $mapper)
+ {
+ header('Content-Type: application/xrds+xml');
+ $xw = new XMLWriter();
+ $xw->openURI('php://output');
+ $xw->setIndent(true);
- $xw->startDocument('1.0', 'UTF-8');
- $this->writeFullElement($xw, 'XRDS', array('xmlns' => 'xri://$xrds'), array(
- array('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
- 'xml:id' => 'oauth',
- 'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
- 'version' => '2.0'), array(
+ $xw->startDocument('1.0', 'UTF-8');
+ $this->_writeFullElement($xw, 'XRDS', array('xmlns' => 'xri://$xrds'), array(
+ array('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
+ 'xml:id' => 'oauth',
+ 'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
+ 'version' => '2.0'), array(
array('Type', null, 'xri://$xrds*simple'),
array('Service', null, array(
array('Type', null, OAUTH_ENDPOINT_REQUEST),
@@ -73,10 +86,10 @@ class OMB_Plain_XRDS_Writer implements OMB_XRDS_Writer {
array('Type', null, OAUTH_HMAC_SHA1)
))
)),
- array('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
- 'xml:id' => 'omb',
- 'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
- 'version' => '2.0'), array(
+ array('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
+ 'xml:id' => 'omb',
+ 'xmlns:simple' => 'http://xrds-simple.net/core/1.0',
+ 'version' => '2.0'), array(
array('Type', null, 'xri://$xrds*simple'),
array('Service', null, array(
array('Type', null, OMB_ENDPOINT_POSTNOTICE),
@@ -87,8 +100,8 @@ class OMB_Plain_XRDS_Writer implements OMB_XRDS_Writer {
array('URI', null, $mapper->getURL(OMB_ENDPOINT_UPDATEPROFILE))
))
)),
- array('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
- 'version' => '2.0'), array(
+ array('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)',
+ 'version' => '2.0'), array(
array('Type', null, 'xri://$xrds*simple'),
array('Service', null, array(
array('Type', null, OAUTH_DISCOVERY),
@@ -98,27 +111,40 @@ class OMB_Plain_XRDS_Writer implements OMB_XRDS_Writer {
array('Type', null, OMB_VERSION),
array('URI', null, '#omb')
))
- ))
- ));
- $xw->endDocument();
- $xw->flush();
- }
-
- public static function writeFullElement($xw, $tag, $attributes, $content) {
- $xw->startElement($tag);
- if (!is_null($attributes)) {
- foreach ($attributes as $name => $value) {
- $xw->writeAttribute($name, $value);
- }
+ ))));
+ $xw->endDocument();
+ $xw->flush();
}
- if (is_array($content)) {
- foreach ($content as $values) {
- OMB_Plain_XRDS_Writer::writeFullElement($xw, $values[0], $values[1], $values[2]);
- }
- } else {
- $xw->text($content);
+
+ /**
+ * Write a complex XML element
+ *
+ * Outputs a XML element with attributes and content.
+ *
+ * @param XMLWriter $xw The XMLWriter used to output the element
+ * @param string $tag The tag name
+ * @param array|null $attributes A map of XML attributes
+ * @param array|string $content The content of the element; either an
+ * array of child nodes each specified by a
+ * three entry-array ($tag, $attributes,
+ * $content) or a string
+ */
+ private function _writeFullElement($xw, $tag, $attributes, $content)
+ {
+ $xw->startElement($tag);
+ if (!is_null($attributes)) {
+ foreach ($attributes as $name => $value) {
+ $xw->writeAttribute($name, $value);
+ }
+ }
+ if (is_array($content)) {
+ foreach ($content as $val) {
+ $this->_writeFullElement($xw, $val[0], $val[1], $val[2]);
+ }
+ } else {
+ $xw->text($content);
+ }
+ $xw->fullEndElement();
}
- $xw->fullEndElement();
- }
}
?>
diff --git a/extlib/libomb/profile.php b/extlib/libomb/profile.php
index 13314d3e8..d732e10d7 100755
--- a/extlib/libomb/profile.php
+++ b/extlib/libomb/profile.php
@@ -1,15 +1,6 @@
<?php
-require_once 'invalidparameterexception.php';
-require_once 'Validate.php';
-require_once 'helper.php';
-
/**
- * OMB profile representation
- *
- * This class represents an OMB profile.
- *
- * Do not call the setters with null values. Instead, if you want to delete a
- * field, pass an empty string. The getters will return null for empty fields.
+ * This file is part of libomb
*
* PHP version 5
*
@@ -26,292 +17,329 @@ require_once 'helper.php';
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
- * @package OMB
- * @author Adrian Lang <mail@adrianlang.de>
- * @copyright 2009 Adrian Lang
- * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
- **/
-
-class OMB_Profile {
- protected $identifier_uri;
- protected $profile_url;
- protected $nickname;
- protected $license_url;
- protected $fullname;
- protected $homepage;
- protected $bio;
- protected $location;
- protected $avatar_url;
-
- /* The profile as OMB param array. Cached and rebuild on usage.
- false while outdated. */
- protected $param_array;
-
- /**
- * Constructor for OMB_Profile
- *
- * Initializes the OMB_Profile object with an identifier uri.
- *
- * @param string $identifier_uri The profile URI as defined by the OMB. A unique
- * and unchanging identifier for a profile.
- *
- * @access public
- */
- public function __construct($identifier_uri) {
- if (!Validate::uri($identifier_uri)) {
- throw new OMB_InvalidParameterException($identifier_uri, 'profile',
+ * @package OMB
+ * @author Adrian Lang <mail@adrianlang.de>
+ * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
+ * @version 0.1a-20090828
+ * @link http://adrianlang.de/libomb
+ */
+
+require_once 'invalidparameterexception.php';
+require_once 'Validate.php';
+require_once 'helper.php';
+
+/**
+ * OMB profile representation
+ *
+ * This class represents an OMB profile.
+ *
+ * Do not call the setters with null values. Instead, if you want to delete a
+ * field, pass an empty string. The getters will return null for empty fields.
+ */
+class OMB_Profile
+{
+ protected $identifier_uri;
+ protected $profile_url;
+ protected $nickname;
+ protected $license_url;
+ protected $fullname;
+ protected $homepage;
+ protected $bio;
+ protected $location;
+ protected $avatar_url;
+
+ /* The profile as OMB param array. Cached and rebuild on usage.
+ false while outdated. */
+ protected $param_array;
+
+ /**
+ * Constructor for OMB_Profile
+ *
+ * Initializes the OMB_Profile object with an identifier uri.
+ *
+ * @param string $identifier_uri The profile URI as defined by the OMB;
+ * A unique and never changing identifier for
+ * a profile
+ *
+ * @access public
+ */
+ public function __construct($identifier_uri)
+ {
+ if (!Validate::uri($identifier_uri)) {
+ throw new OMB_InvalidParameterException($identifier_uri, 'profile',
'omb_listenee or omb_listener');
+ }
+ $this->identifier_uri = $identifier_uri;
+ $this->param_array = false;
}
- $this->identifier_uri = $identifier_uri;
- $this->param_array = false;
- }
-
- /**
- * Returns the profile as array
- *
- * The method returns an array which contains the whole profile as array. The
- * array is cached and only rebuilt on changes of the profile.
- *
- * @param bool $force_all Specifies whether empty fields should be added to
- * the array as well. This is neccessary to clear
- * fields via updateProfile.
- *
- * @param string $prefix The common prefix to the key for all parameters.
- *
- * @access public
- *
- * @return array The profile as parameter array
- */
- public function asParameters($prefix, $force_all = false) {
- if ($this->param_array === false) {
- $this->param_array = array('' => $this->identifier_uri);
-
- if ($force_all || !is_null($this->profile_url)) {
- $this->param_array['_profile'] = $this->profile_url;
- }
-
- if ($force_all || !is_null($this->homepage)) {
- $this->param_array['_homepage'] = $this->homepage;
- }
-
- if ($force_all || !is_null($this->nickname)) {
- $this->param_array['_nickname'] = $this->nickname;
- }
-
- if ($force_all || !is_null($this->license_url)) {
- $this->param_array['_license'] = $this->license_url;
- }
-
- if ($force_all || !is_null($this->fullname)) {
- $this->param_array['_fullname'] = $this->fullname;
- }
-
- if ($force_all || !is_null($this->bio)) {
- $this->param_array['_bio'] = $this->bio;
- }
-
- if ($force_all || !is_null($this->location)) {
- $this->param_array['_location'] = $this->location;
- }
-
- if ($force_all || !is_null($this->avatar_url)) {
- $this->param_array['_avatar'] = $this->avatar_url;
- }
- }
- $ret = array();
- foreach ($this->param_array as $k => $v) {
- $ret[$prefix . $k] = $v;
- }
- return $ret;
- }
-
- /**
- * Builds an OMB_Profile object from array
- *
- * The method builds an OMB_Profile object from the passed parameters array. The
- * array MUST provide a profile URI. The array fields HAVE TO be named according
- * to the OMB standard. The prefix (omb_listener or omb_listenee) is passed as a
- * parameter.
- *
- * @param string $parameters An array containing the profile parameters.
- * @param string $prefix The common prefix of the profile parameter keys.
- *
- * @access public
- *
- * @returns OMB_Profile The built OMB_Profile.
- */
- public static function fromParameters($parameters, $prefix) {
- if (!isset($parameters[$prefix])) {
- throw new OMB_InvalidParameterException('', 'profile', $prefix);
+ /**
+ * Return the profile as array
+ *
+ * Returns an array which contains the whole profile as array.
+ * The array is cached and only rebuilt on changes of the profile.
+ *
+ * @param string $prefix The common prefix to the key for all parameters
+ * @param bool $force_all Specifies whether empty fields should be added
+ * to the array as well; This is necessary to
+ * clear fields via updateProfile
+ *
+ * @access public
+ *
+ * @return array The profile as parameter array
+ */
+ public function asParameters($prefix, $force_all = false)
+ {
+ if ($this->param_array === false) {
+ $this->param_array = array('' => $this->identifier_uri);
+
+ if ($force_all || !is_null($this->profile_url)) {
+ $this->param_array['_profile'] = $this->profile_url;
+ }
+
+ if ($force_all || !is_null($this->homepage)) {
+ $this->param_array['_homepage'] = $this->homepage;
+ }
+
+ if ($force_all || !is_null($this->nickname)) {
+ $this->param_array['_nickname'] = $this->nickname;
+ }
+
+ if ($force_all || !is_null($this->license_url)) {
+ $this->param_array['_license'] = $this->license_url;
+ }
+
+ if ($force_all || !is_null($this->fullname)) {
+ $this->param_array['_fullname'] = $this->fullname;
+ }
+
+ if ($force_all || !is_null($this->bio)) {
+ $this->param_array['_bio'] = $this->bio;
+ }
+
+ if ($force_all || !is_null($this->location)) {
+ $this->param_array['_location'] = $this->location;
+ }
+
+ if ($force_all || !is_null($this->avatar_url)) {
+ $this->param_array['_avatar'] = $this->avatar_url;
+ }
+
+ }
+ $ret = array();
+ foreach ($this->param_array as $k => $v) {
+ $ret[$prefix . $k] = $v;
+ }
+ return $ret;
}
- $profile = new OMB_Profile($parameters[$prefix]);
- $profile->updateFromParameters($parameters, $prefix);
- return $profile;
- }
-
- /**
- * Update from array
- *
- * Updates from the passed parameters array. The array does not have to
- * provide a profile URI. The array fields HAVE TO be named according to the
- * OMB standard. The prefix (omb_listener or omb_listenee) is passed as a
- * parameter.
- *
- * @param string $parameters An array containing the profile parameters.
- * @param string $prefix The common prefix of the profile parameter keys.
- *
- * @access public
- */
- public function updateFromParameters($parameters, $prefix) {
- if (isset($parameters[$prefix.'_profile'])) {
- $this->setProfileURL($parameters[$prefix.'_profile']);
+ /**
+ * Build an OMB_Profile object from array
+ *
+ * Builds an OMB_Profile object from the passed parameters array. The
+ * array MUST provide a profile URI. The array fields HAVE TO be named
+ * according to the OMB standard. The prefix (omb_listener or omb_listenee)
+ * is passed as a parameter.
+ *
+ * @param string $parameters An array containing the profile parameters
+ * @param string $prefix The common prefix of the profile parameter keys
+ *
+ * @access public
+ *
+ * @returns OMB_Profile The built OMB_Profile
+ */
+ public static function fromParameters($parameters, $prefix)
+ {
+ if (!isset($parameters[$prefix])) {
+ throw new OMB_InvalidParameterException('', 'profile', $prefix);
+ }
+
+ $profile = new OMB_Profile($parameters[$prefix]);
+ $profile->updateFromParameters($parameters, $prefix);
+ return $profile;
}
- if (isset($parameters[$prefix.'_license'])) {
- $this->setLicenseURL($parameters[$prefix.'_license']);
+ /**
+ * Update from array
+ *
+ * Updates from the passed parameters array. The array does not have to
+ * provide a profile URI. The array fields HAVE TO be named according to the
+ * OMB standard. The prefix (omb_listener or omb_listenee) is passed as a
+ * parameter.
+ *
+ * @param string $parameters An array containing the profile parameters
+ * @param string $prefix The common prefix of the profile parameter keys
+ *
+ * @access public
+ */
+ public function updateFromParameters($parameters, $prefix)
+ {
+ if (isset($parameters[$prefix.'_profile'])) {
+ $this->setProfileURL($parameters[$prefix.'_profile']);
+ }
+
+ if (isset($parameters[$prefix.'_license'])) {
+ $this->setLicenseURL($parameters[$prefix.'_license']);
+ }
+
+ if (isset($parameters[$prefix.'_nickname'])) {
+ $this->setNickname($parameters[$prefix.'_nickname']);
+ }
+
+ if (isset($parameters[$prefix.'_fullname'])) {
+ $this->setFullname($parameters[$prefix.'_fullname']);
+ }
+
+ if (isset($parameters[$prefix.'_homepage'])) {
+ $this->setHomepage($parameters[$prefix.'_homepage']);
+ }
+
+ if (isset($parameters[$prefix.'_bio'])) {
+ $this->setBio($parameters[$prefix.'_bio']);
+ }
+
+ if (isset($parameters[$prefix.'_location'])) {
+ $this->setLocation($parameters[$prefix.'_location']);
+ }
+
+ if (isset($parameters[$prefix.'_avatar'])) {
+ $this->setAvatarURL($parameters[$prefix.'_avatar']);
+ }
}
- if (isset($parameters[$prefix.'_nickname'])) {
- $this->setNickname($parameters[$prefix.'_nickname']);
+ public function getIdentifierURI()
+ {
+ return $this->identifier_uri;
}
- if (isset($parameters[$prefix.'_fullname'])) {
- $this->setFullname($parameters[$prefix.'_fullname']);
+ public function getProfileURL()
+ {
+ return $this->profile_url;
}
- if (isset($parameters[$prefix.'_homepage'])) {
- $this->setHomepage($parameters[$prefix.'_homepage']);
+ public function getHomepage()
+ {
+ return $this->homepage;
}
- if (isset($parameters[$prefix.'_bio'])) {
- $this->setBio($parameters[$prefix.'_bio']);
+ public function getNickname()
+ {
+ return $this->nickname;
}
- if (isset($parameters[$prefix.'_location'])) {
- $this->setLocation($parameters[$prefix.'_location']);
+ public function getLicenseURL()
+ {
+ return $this->license_url;
}
- if (isset($parameters[$prefix.'_avatar'])) {
- $this->setAvatarURL($parameters[$prefix.'_avatar']);
+ public function getFullname()
+ {
+ return $this->fullname;
}
- }
-
- public function getIdentifierURI() {
- return $this->identifier_uri;
- }
- public function getProfileURL() {
- return $this->profile_url;
- }
-
- public function getHomepage() {
- return $this->homepage;
- }
-
- public function getNickname() {
- return $this->nickname;
- }
-
- public function getLicenseURL() {
- return $this->license_url;
- }
+ public function getBio()
+ {
+ return $this->bio;
+ }
- public function getFullname() {
- return $this->fullname;
- }
+ public function getLocation()
+ {
+ return $this->location;
+ }
- public function getBio() {
- return $this->bio;
- }
+ public function getAvatarURL()
+ {
+ return $this->avatar_url;
+ }
- public function getLocation() {
- return $this->location;
- }
+ public function setProfileURL($profile_url)
+ {
+ $this->setVal('profile', $profile_url, 'OMB_Helper::validateURL',
+ 'profile_url');
+ }
- public function getAvatarURL() {
- return $this->avatar_url;
- }
+ public function setNickname($nickname)
+ {
+ $this->setVal('nickname', $nickname, 'OMB_Profile::validateNickname',
+ 'nickname', true);
+ }
- public function setProfileURL($profile_url) {
- if (!OMB_Helper::validateURL($profile_url)) {
- throw new OMB_InvalidParameterException($profile_url, 'profile',
- 'omb_listenee_profile or omb_listener_profile');
+ public function setLicenseURL($license_url)
+ {
+ $this->setVal('license', $license_url, 'OMB_Helper::validateURL',
+ 'license_url');
}
- $this->profile_url = $profile_url;
- $this->param_array = false;
- }
-
- public function setNickname($nickname) {
- if (!Validate::string($nickname,
- array('min_length' => 1,
- 'max_length' => 64,
- 'format' => VALIDATE_NUM . VALIDATE_ALPHA))) {
- throw new OMB_InvalidParameterException($nickname, 'profile', 'nickname');
+
+ public function setFullname($fullname)
+ {
+ $this->setVal('fullname', $fullname, 'OMB_Profile::validate255');
}
- $this->nickname = $nickname;
- $this->param_array = false;
- }
+ public function setHomepage($homepage)
+ {
+ $this->setVal('homepage', $homepage, 'OMB_Helper::validateURL');
+ }
- public function setLicenseURL($license_url) {
- if (!OMB_Helper::validateURL($license_url)) {
- throw new OMB_InvalidParameterException($license_url, 'profile',
- 'omb_listenee_license or omb_listener_license');
+ public function setBio($bio)
+ {
+ $this->setVal('bio', $bio, 'OMB_Profile::validate140');
}
- $this->license_url = $license_url;
- $this->param_array = false;
- }
-
- public function setFullname($fullname) {
- if ($fullname === '') {
- $fullname = null;
- } elseif (!Validate::string($fullname, array('max_length' => 255))) {
- throw new OMB_InvalidParameterException($fullname, 'profile', 'fullname');
+
+ public function setLocation($location)
+ {
+ $this->setVal('location', $location, 'OMB_Profile::validate255');
}
- $this->fullname = $fullname;
- $this->param_array = false;
- }
- public function setHomepage($homepage) {
- if ($homepage === '') {
- $homepage = null;
+ public function setAvatarURL($avatar_url)
+ {
+ $this->setVal('avatar', $avatar_url, 'OMB_Helper::validateURL',
+ 'avatar_url');
}
- $this->homepage = $homepage;
- $this->param_array = false;
- }
-
- public function setBio($bio) {
- if ($bio === '') {
- $bio = null;
- } elseif (!Validate::string($bio, array('max_length' => 140))) {
- throw new OMB_InvalidParameterException($bio, 'profile', 'fullname');
+
+ protected static function validate255($str)
+ {
+ return Validate::string($str, array('max_length' => 255));
}
- $this->bio = $bio;
- $this->param_array = false;
- }
-
- public function setLocation($location) {
- if ($location === '') {
- $location = null;
- } elseif (!Validate::string($location, array('max_length' => 255))) {
- throw new OMB_InvalidParameterException($location, 'profile', 'fullname');
+
+ protected static function validate140($str)
+ {
+ return Validate::string($str, array('max_length' => 140));
}
- $this->location = $location;
- $this->param_array = false;
- }
-
- public function setAvatarURL($avatar_url) {
- if ($avatar_url === '') {
- $avatar_url = null;
- } elseif (!OMB_Helper::validateURL($avatar_url)) {
- throw new OMB_InvalidParameterException($avatar_url, 'profile',
- 'omb_listenee_avatar or omb_listener_avatar');
+
+ protected static function validateNickname($str)
+ {
+ return Validate::string($str,
+ array('min_length' => 1,
+ 'max_length' => 64,
+ 'format' => VALIDATE_NUM . VALIDATE_ALPHA));
}
- $this->avatar_url = $avatar_url;
- $this->param_array = false;
- }
+ /**
+ * Set a value
+ *
+ * Updates a value specified by a parameter name and the new value.
+ *
+ * @param string $param The parameter name according to OMB
+ * @param string $value The new value
+ * @param callback $validator A validator function for the parameter
+ * @param string $field The name of the field in OMB_Profile
+ * @param bool $force Whether null values should be checked as well
+ */
+ protected function setVal($param, $value, $validator, $field = null,
+ $force = false)
+ {
+ if (is_null($field)) {
+ $field = $param;
+ }
+ if ($value === '' && !$force) {
+ $value = null;
+ } elseif (!call_user_func($validator, $value)) {
+ throw new OMB_InvalidParameterException($value, 'profile', $param);
+ }
+ if ($this->$field !== $value) {
+ $this->$field = $value;
+ $this->param_array = false;
+ }
+ }
}
?>
diff --git a/extlib/libomb/remoteserviceexception.php b/extlib/libomb/remoteserviceexception.php
index 374d15973..f8341e82b 100755
--- a/extlib/libomb/remoteserviceexception.php
+++ b/extlib/libomb/remoteserviceexception.php
@@ -1,9 +1,6 @@
<?php
/**
- * Exception stating that the remote service had a failure
- *
- * This exception is raised when a remote service failed to return a valid
- * response to a request or send a valid request.
+ * This file is part of libomb
*
* PHP version 5
*
@@ -20,23 +17,57 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
- * @package OMB
- * @author Adrian Lang <mail@adrianlang.de>
- * @copyright 2009 Adrian Lang
- * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
- **/
-class OMB_RemoteServiceException extends Exception {
- public static function fromYadis($request_uri, $result) {
- if ($result->status == 200) {
- $err = 'Got wrong response ' . $result->body;
- } else {
- $err = 'Got error code ' . $result->status . ' with response ' . $result->body;
+ * @package OMB
+ * @author Adrian Lang <mail@adrianlang.de>
+ * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
+ * @version 0.1a-20090828
+ * @link http://adrianlang.de/libomb
+ */
+
+/**
+ * Exception stating that the remote service had a failure
+ *
+ * This exception is raised when a remote service failed to return a valid
+ * response to a request or send a valid request.
+ */
+class OMB_RemoteServiceException extends Exception
+{
+ /**
+ * Create exception from Yadis response
+ *
+ * Creates an exception from a passed yadis result.
+ *
+ * @param string $request_uri The target URI for the failed
+ * request
+ * @param Auth_Yadis_HTTPResponse $result The result of the failed
+ * request
+ *
+ * @return OMB_RemoteServiceException A new exception
+ */
+ public static function fromYadis($request_uri, $result)
+ {
+ if ($result->status == 200) {
+ $err = 'Got wrong response ' . $result->body;
+ } else {
+ $err = 'Got error code ' . $result->status . ' with response ' .
+ $result->body;
+ }
+ return OMB_RemoteServiceException::forRequest($request_uri, $err);
}
- return new OMB_RemoteServiceException($request_uri . ': ' . $err);
- }
- public static function forRequest($action_uri, $failure) {
- return new OMB_RemoteServiceException("Handler for $action_uri: " . $failure);
- }
+ /**
+ * Create exception for a call to a resource
+ *
+ * Creates an exception for a given error message and target URI.
+ *
+ * @param string $action_uri The target URI for the failed request
+ * @param string $failure An error message
+ *
+ * @return OMB_RemoteServiceException A new exception
+ */
+ public static function forRequest($action_uri, $failure)
+ {
+ return new OMB_RemoteServiceException("Handler for $action_uri: $failure");
+ }
}
?>
diff --git a/extlib/libomb/service_consumer.php b/extlib/libomb/service_consumer.php
index 273fd052e..33ebccc65 100755
--- a/extlib/libomb/service_consumer.php
+++ b/extlib/libomb/service_consumer.php
@@ -1,19 +1,6 @@
<?php
-
-require_once 'constants.php';
-require_once 'Validate.php';
-require_once 'Auth/Yadis/Yadis.php';
-require_once 'OAuth.php';
-require_once 'unsupportedserviceexception.php';
-require_once 'remoteserviceexception.php';
-require_once 'omb_yadis_xrds.php';
-require_once 'helper.php';
-
/**
- * OMB service representation
- *
- * This class represents a complete remote OMB service. It provides discovery
- * and execution of the service’s methods.
+ * This file is part of libomb
*
* PHP version 5
*
@@ -30,401 +17,445 @@ require_once 'helper.php';
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
- * @package OMB
- * @author Adrian Lang <mail@adrianlang.de>
- * @copyright 2009 Adrian Lang
- * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
- **/
-
-class OMB_Service_Consumer {
- protected $url; /* The service URL */
- protected $services; /* An array of strings mapping service URI to
- service URL */
-
- protected $token; /* An OAuthToken */
-
- protected $listener_uri; /* The URI identifying the listener, i. e. the
- remote user. */
-
- protected $listenee_uri; /* The URI identifying the listenee, i. e. the
- local user during an auth request. */
-
- /**
- * According to OAuth Core 1.0, an user authorization request is no full-blown
- * OAuth request. nonce, timestamp, consumer_key and signature are not needed
- * in this step. See http://laconi.ca/trac/ticket/827 for more informations.
- *
- * Since Laconica up to version 0.7.2 performs a full OAuth request check, a
- * correct request would fail.
- **/
- public $performLegacyAuthRequest = true;
-
- /* Helper stuff we are going to need. */
- protected $fetcher;
- protected $oauth_consumer;
- protected $datastore;
-
- /**
- * Constructor for OMB_Service_Consumer
- *
- * Initializes an OMB_Service_Consumer object representing the OMB service
- * specified by $service_url. Performs a complete service discovery using
- * Yadis.
- * Throws OMB_UnsupportedServiceException if XRDS file does not specify a
- * complete OMB service.
- *
- * @param string $service_url The URL of the service
- * @param string $consumer_url An URL representing the consumer
- * @param OMB_Datastore $datastore An instance of a class implementing
- * OMB_Datastore
- *
- * @access public
- **/
- public function __construct ($service_url, $consumer_url, $datastore) {
- $this->url = $service_url;
- $this->fetcher = Auth_Yadis_Yadis::getHTTPFetcher();
- $this->datastore = $datastore;
- $this->oauth_consumer = new OAuthConsumer($consumer_url, '');
-
- $xrds = OMB_Yadis_XRDS::fromYadisURL($service_url, $this->fetcher);
-
- /* Detect our services. This performs a validation as well, since
- getService und getXRD throw exceptions on failure. */
- $this->services = array();
-
- foreach (array(OAUTH_DISCOVERY => OMB_Helper::$OAUTH_SERVICES,
- OMB_VERSION => OMB_Helper::$OMB_SERVICES)
- as $service_root => $targetservices) {
- $uris = $xrds->getService($service_root)->getURIs();
- $xrd = $xrds->getXRD($uris[0]);
- foreach ($targetservices as $targetservice) {
- $yadis_service = $xrd->getService($targetservice);
- if ($targetservice == OAUTH_ENDPOINT_REQUEST) {
- $localid = $yadis_service->getElements('xrd:LocalID');
- $this->listener_uri = $yadis_service->parser->content($localid[0]);
+ * @package OMB
+ * @author Adrian Lang <mail@adrianlang.de>
+ * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
+ * @version 0.1a-20090828
+ * @link http://adrianlang.de/libomb
+ */
+
+require_once 'Validate.php';
+require_once 'Auth/Yadis/Yadis.php';
+require_once 'OAuth.php';
+require_once 'constants.php';
+require_once 'helper.php';
+require_once 'omb_yadis_xrds.php';
+require_once 'profile.php';
+require_once 'remoteserviceexception.php';
+require_once 'unsupportedserviceexception.php';
+
+/**
+ * OMB service representation
+ *
+ * This class represents a complete remote OMB service. It provides discovery
+ * and execution of the service’s methods.
+ */
+class OMB_Service_Consumer
+{
+ protected $url; /* The service URL */
+ protected $services; /* An array of strings mapping service URI to
+ service URL */
+
+ protected $token; /* An OAuthToken */
+
+ protected $listener_uri; /* The URI identifying the listener, i. e. the
+ remote user. */
+
+ protected $listenee_uri; /* The URI identifying the listenee, i. e. the
+ local user during an auth request. */
+
+ /**
+ * According to OAuth Core 1.0, an user authorization request is no
+ * full-blown OAuth request. nonce, timestamp, consumer_key and signature
+ * are not needed in this step. See http://laconi.ca/trac/ticket/827 for
+ * more informations.
+ *
+ * Since Laconica up to version 0.7.2 performs a full OAuth request check, a
+ * correct request would fail.
+ */
+ public $performLegacyAuthRequest = true;
+
+ /* Helper stuff we are going to need. */
+ protected $fetcher;
+ protected $oauth_consumer;
+ protected $datastore;
+
+ /**
+ * Constructor for OMB_Service_Consumer
+ *
+ * Initializes an OMB_Service_Consumer object representing the OMB service
+ * specified by $service_url. Performs a complete service discovery using
+ * Yadis.
+ * Throws OMB_UnsupportedServiceException if XRDS file does not specify a
+ * complete OMB service.
+ *
+ * @param string $service_url The URL of the service
+ * @param string $consumer_url An URL representing the consumer
+ * @param OMB_Datastore $datastore An instance of a class implementing
+ * OMB_Datastore
+ *
+ * @access public
+ */
+ public function __construct ($service_url, $consumer_url, $datastore)
+ {
+ $this->url = $service_url;
+ $this->fetcher = Auth_Yadis_Yadis::getHTTPFetcher();
+ $this->datastore = $datastore;
+ $this->oauth_consumer = new OAuthConsumer($consumer_url, '');
+
+ $xrds = OMB_Yadis_XRDS::fromYadisURL($service_url, $this->fetcher);
+
+ /* Detect our services. This performs a validation as well, since
+ getService und getXRD throw exceptions on failure. */
+ $this->services = array();
+
+ foreach (array(OAUTH_DISCOVERY => OMB_Helper::$OAUTH_SERVICES,
+ OMB_VERSION => OMB_Helper::$OMB_SERVICES)
+ as $service_root => $targetservices) {
+ $uris = $xrds->getService($service_root)->getURIs();
+ $xrd = $xrds->getXRD($uris[0]);
+ foreach ($targetservices as $targetservice) {
+ $yadis_service = $xrd->getService($targetservice);
+ if ($targetservice == OAUTH_ENDPOINT_REQUEST) {
+ $localid =
+ $yadis_service->getElements('xrd:LocalID');
+ $this->listener_uri =
+ $yadis_service->parser->content($localid[0]);
+ }
+ $uris = $yadis_service->getURIs();
+ $this->services[$targetservice] = $uris[0];
+ }
}
- $uris = $yadis_service->getURIs();
- $this->services[$targetservice] = $uris[0];
- }
}
- }
-
- /**
- * Get the handler URI for a service
- *
- * Returns the URI the remote web service has specified for the given
- * service.
- *
- * @param string $service The URI identifying the service
- *
- * @access public
- *
- * @return string The service handler URI
- **/
- public function getServiceURI($service) {
- return $this->services[$service];
- }
-
- /**
- * Get the remote user’s URI
- *
- * Returns the URI of the remote user, i. e. the listener.
- *
- * @access public
- *
- * @return string The remote user’s URI
- **/
- public function getRemoteUserURI() {
- return $this->listener_uri;
- }
-
- /**
- * Get the listenee’s URI
- *
- * Returns the URI of the user being subscribed to, i. e. the local user.
- *
- * @access public
- *
- * @return string The local user’s URI
- **/
- public function getListeneeURI() {
- return $this->listenee_uri;
- }
-
- /**
- * Request a request token
- *
- * Performs a token request on the service. Returns an OAuthToken on success.
- * Throws an exception if the request fails.
- *
- * @access public
- *
- * @return OAuthToken An unauthorized request token
- **/
- public function requestToken() {
- /* Set the token to null just in case the user called setToken. */
- $this->token = null;
-
- $result = $this->performAction(OAUTH_ENDPOINT_REQUEST,
- array('omb_listener' => $this->listener_uri));
- if ($result->status != 200) {
- throw OMB_RemoteServiceException::fromYadis(OAUTH_ENDPOINT_REQUEST,
- $result);
+
+ /**
+ * Get the handler URI for a service
+ *
+ * Returns the URI the remote web service has specified for the given
+ * service.
+ *
+ * @param string $service The URI identifying the service
+ *
+ * @access public
+ *
+ * @return string The service handler URI
+ */
+ public function getServiceURI($service)
+ {
+ return $this->services[$service];
}
- parse_str($result->body, $return);
- if (!isset($return['oauth_token']) || !isset($return['oauth_token_secret'])) {
- throw OMB_RemoteServiceException::fromYadis(OAUTH_ENDPOINT_REQUEST,
- $result);
+
+ /**
+ * Get the remote user’s URI
+ *
+ * Returns the URI of the remote user, i. e. the listener.
+ *
+ * @access public
+ *
+ * @return string The remote user’s URI
+ */
+ public function getRemoteUserURI()
+ {
+ return $this->listener_uri;
}
- $this->setToken($return['oauth_token'], $return['oauth_token_secret']);
- return $this->token;
- }
-
- /**
- *
- * Request authorization
- *
- * Returns an URL which equals to an authorization request. The end user
- * should be redirected to this location to perform authorization.
- * The $finish_url should be a local resource which invokes
- * OMB_Consumer::finishAuthorization on request.
- *
- * @param OMB_Profile $profile An OMB_Profile object representing the
- * soon-to-be subscribed (i. e. local) user
- * @param string $finish_url Target location after successful
- * authorization
- *
- * @access public
- *
- * @return string An URL representing an authorization request
- **/
- public function requestAuthorization($profile, $finish_url) {
- if ($this->performLegacyAuthRequest) {
- $params = $profile->asParameters('omb_listenee', false);
- $params['omb_listener'] = $this->listener_uri;
- $params['oauth_callback'] = $finish_url;
-
- $url = $this->prepareAction(OAUTH_ENDPOINT_AUTHORIZE, $params, 'GET')->to_url();
- } else {
-
- $params = array(
- 'oauth_callback' => $finish_url,
- 'oauth_token' => $this->token->key,
- 'omb_version' => OMB_VERSION,
- 'omb_listener' => $this->listener_uri);
-
- $params = array_merge($profile->asParameters('omb_listenee', false). $params);
-
- /* Build result URL. */
- $url = $this->services[OAUTH_ENDPOINT_AUTHORIZE];
- $url .= (strrpos($url, '?') === false ? '?' : '&');
- foreach ($params as $k => $v) {
- $url .= OAuthUtil::urlencode_rfc3986($k) . '=' . OAuthUtil::urlencode_rfc3986($v) . '&';
- }
+
+ /**
+ * Get the listenee’s URI
+ *
+ * Returns the URI of the user being subscribed to, i. e. the local user.
+ *
+ * @access public
+ *
+ * @return string The local user’s URI
+ */
+ public function getListeneeURI()
+ {
+ return $this->listenee_uri;
}
- $this->listenee_uri = $profile->getIdentifierURI();
-
- return $url;
- }
-
- /**
- * Finish authorization
- *
- * Finish the subscription process by converting the received and authorized
- * request token into an access token. After that, the subscriber’s profile
- * and the subscription are stored in the database.
- * Expects an OAuthRequest in query parameters.
- * Throws exceptions on failure.
- *
- * @access public
- **/
- public function finishAuthorization() {
- OMB_Helper::removeMagicQuotesFromRequest();
- $req = OAuthRequest::from_request();
- if ($req->get_parameter('oauth_token') !=
- $this->token->key) {
- /* That’s not the token I wanted to get authorized. */
- throw new OAuthException('The authorized token does not equal the ' .
- 'submitted token.');
+ /**
+ * Request a request token
+ *
+ * Performs a token request on the service. Returns an OAuthToken on success.
+ * Throws an exception if the request fails.
+ *
+ * @access public
+ *
+ * @return OAuthToken An unauthorized request token
+ */
+ public function requestToken()
+ {
+ /* Set the token to null just in case the user called setToken. */
+ $this->token = null;
+
+ $result = $this->performAction(OAUTH_ENDPOINT_REQUEST,
+ array('omb_listener' => $this->listener_uri));
+ if ($result->status != 200) {
+ throw OMB_RemoteServiceException::fromYadis(OAUTH_ENDPOINT_REQUEST,
+ $result);
+ }
+ parse_str($result->body, $return);
+ if (!isset($return['oauth_token']) ||
+ !isset($return['oauth_token_secret'])) {
+ throw OMB_RemoteServiceException::fromYadis(OAUTH_ENDPOINT_REQUEST,
+ $result);
+ }
+ $this->setToken($return['oauth_token'], $return['oauth_token_secret']);
+ return $this->token;
}
- if ($req->get_parameter('omb_version') != OMB_VERSION) {
- throw new OMB_RemoteServiceException('The remote service uses an ' .
- 'unsupported OMB version');
+ /**
+ * Request authorization
+ *
+ * Returns an URL which equals to an authorization request. The end user
+ * should be redirected to this location to perform authorization.
+ * The $finish_url should be a local resource which invokes
+ * OMB_Consumer::finishAuthorization on request.
+ *
+ * @param OMB_Profile $profile An OMB_Profile object representing the
+ * soon-to-be subscribed (i. e. local) user
+ * @param string $finish_url Target location after successful
+ * authorization
+ *
+ * @access public
+ *
+ * @return string An URL representing an authorization request
+ */
+ public function requestAuthorization($profile, $finish_url)
+ {
+ if ($this->performLegacyAuthRequest) {
+ $params = $profile->asParameters('omb_listenee',
+ false);
+ $params['omb_listener'] = $this->listener_uri;
+ $params['oauth_callback'] = $finish_url;
+
+ $url = $this->prepareAction(OAUTH_ENDPOINT_AUTHORIZE, $params,
+ 'GET')->to_url();
+ } else {
+ $params = array('oauth_callback' => $finish_url,
+ 'oauth_token' => $this->token->key,
+ 'omb_version' => OMB_VERSION,
+ 'omb_listener' => $this->listener_uri);
+
+ $params = array_merge($profile->asParameters('omb_listenee', false),
+ $params);
+
+ /* Build result URL. */
+ $url = $this->services[OAUTH_ENDPOINT_AUTHORIZE] .
+ (strrpos($url, '?') === false ? '?' : '&');
+ foreach ($params as $k => $v) {
+ $url .= OAuthUtil::urlencode_rfc3986($k) . '=' .
+ OAuthUtil::urlencode_rfc3986($v) . '&';
+ }
+ }
+
+ $this->listenee_uri = $profile->getIdentifierURI();
+
+ return $url;
}
- /* Construct the profile to validate it. */
+ /**
+ * Finish authorization
+ *
+ * Finish the subscription process by converting the received and authorized
+ * request token into an access token. After that, the subscriber’s profile
+ * and the subscription are stored in the database.
+ * Expects an OAuthRequest in query parameters.
+ * Throws exceptions on failure.
+ *
+ * @access public
+ */
+ public function finishAuthorization()
+ {
+ OMB_Helper::removeMagicQuotesFromRequest();
+ $req = OAuthRequest::from_request();
+ if ($req->get_parameter('oauth_token') != $this->token->key) {
+ /* That’s not the token I wanted to get authorized. */
+ throw new OAuthException('The authorized token does not equal ' .
+ 'the submitted token.');
+ }
+
+ if ($req->get_parameter('omb_version') != OMB_VERSION) {
+ throw new OMB_RemoteServiceException('The remote service uses an ' .
+ 'unsupported OMB version');
+ }
+
+ /* Construct the profile to validate it. */
+
+ /* Fix OMB bug. Listener URI is not passed. */
+ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+ $params = $_POST;
+ } else {
+ $params = $_GET;
+ }
+ $params['omb_listener'] = $this->listener_uri;
+
+ $listener = OMB_Profile::fromParameters($params, 'omb_listener');
- /* Fix OMB bug. Listener URI is not passed. */
- if ($_SERVER['REQUEST_METHOD'] == 'POST') {
- $params = $_POST;
- } else {
- $params = $_GET;
+ /* Ask the remote service to convert the authorized request token into
+ an access token. */
+
+ $result = $this->performAction(OAUTH_ENDPOINT_ACCESS, array());
+ if ($result->status != 200) {
+ throw new OAuthException('Could not get access token');
+ }
+
+ parse_str($result->body, $return);
+ if (!isset($return['oauth_token']) ||
+ !isset($return['oauth_token_secret'])) {
+ throw new OAuthException('Could not get access token');
+ }
+ $this->setToken($return['oauth_token'], $return['oauth_token_secret']);
+
+ /* Subscription is finished and valid. Now store the new subscriber and
+ the subscription in the database. */
+
+ $this->datastore->saveProfile($listener);
+ $this->datastore->saveSubscription($this->listener_uri,
+ $this->listenee_uri,
+ $this->token);
+ }
+
+ /**
+ * Return the URI identifying the listener
+ *
+ * Returns the URI for the OMB user who tries to subscribe or already has
+ * subscribed our user. This method is a workaround for a serious OMB flaw:
+ * The Listener URI is not passed in the finishauthorization call.
+ *
+ * @access public
+ *
+ * @return string the listener’s URI
+ */
+ public function getListenerURI()
+ {
+ return $this->listener_uri;
}
- $params['omb_listener'] = $this->listener_uri;
- require_once 'profile.php';
- $listener = OMB_Profile::fromParameters($params, 'omb_listener');
+ /**
+ * Inform the service about a profile update
+ *
+ * Sends an updated profile to the service.
+ *
+ * @param OMB_Profile $profile The profile that has changed
+ *
+ * @access public
+ */
+ public function updateProfile($profile)
+ {
+ $params = $profile->asParameters('omb_listenee', true);
+ $this->performOMBAction(OMB_ENDPOINT_UPDATEPROFILE, $params,
+ $profile->getIdentifierURI());
+ }
- /* Ask the remote service to convert the authorized request token into an
- access token. */
+ /**
+ * Inform the service about a new notice
+ *
+ * Sends a notice to the service.
+ *
+ * @param OMB_Notice $notice The notice
+ *
+ * @access public
+ */
+ public function postNotice($notice)
+ {
+ $params = $notice->asParameters();
+ $params['omb_listenee'] = $notice->getAuthor()->getIdentifierURI();
+ $this->performOMBAction(OMB_ENDPOINT_POSTNOTICE, $params,
+ $params['omb_listenee']);
+ }
- $result = $this->performAction(OAUTH_ENDPOINT_ACCESS, array());
- if ($result->status != 200) {
- throw new OAuthException('Could not get access token');
+ /**
+ * Set the token member variable
+ *
+ * Initializes the token based on given token and secret token.
+ *
+ * @param string $token The token
+ * @param string $secret The secret token
+ *
+ * @access public
+ */
+ public function setToken($token, $secret)
+ {
+ $this->token = new OAuthToken($token, $secret);
}
- parse_str($result->body, $return);
- if (!isset($return['oauth_token']) || !isset($return['oauth_token_secret'])) {
- throw new OAuthException('Could not get access token');
+ /**
+ * Prepare an OAuthRequest object
+ *
+ * Creates an OAuthRequest object mapping the request specified by the
+ * parameters.
+ *
+ * @param string $action_uri The URI specifying the target service
+ * @param array $params Additional parameters for the service call
+ * @param string $method The HTTP method used to call the service
+ * ('POST' or 'GET', usually)
+ *
+ * @access protected
+ *
+ * @return OAuthRequest the prepared request
+ */
+ protected function prepareAction($action_uri, $params, $method)
+ {
+ $url = $this->services[$action_uri];
+
+ $url_params = array();
+ parse_str(parse_url($url, PHP_URL_QUERY), $url_params);
+
+ /* Add OMB version. */
+ $url_params['omb_version'] = OMB_VERSION;
+
+ /* Add user-defined parameters. */
+ $url_params = array_merge($url_params, $params);
+
+ $req = OAuthRequest::from_consumer_and_token($this->oauth_consumer,
+ $this->token, $method,
+ $url, $url_params);
+
+ /* Sign the request. */
+ $req->sign_request(new OAuthSignatureMethod_HMAC_SHA1(),
+ $this->oauth_consumer, $this->token);
+
+ return $req;
}
- $this->setToken($return['oauth_token'], $return['oauth_token_secret']);
-
- /* Subscription is finished and valid. Now store the new subscriber and the
- subscription in the database. */
-
- $this->datastore->saveProfile($listener);
- $this->datastore->saveSubscription($this->listener_uri,
- $this->listenee_uri,
- $this->token);
- }
-
- /**
- * Return the URI identifying the listener
- *
- * Returns the URI for the OMB user who tries to subscribe or already has
- * subscribed our user. This method is a workaround for a serious OMB flaw:
- * The Listener URI is not passed in the finishauthorization call.
- *
- * @access public
- *
- * @return string the listener’s URI
- **/
- public function getListenerURI() {
- return $this->listener_uri;
- }
-
- /**
- * Inform the service about a profile update
- *
- * Sends an updated profile to the service.
- *
- * @param OMB_Profile $profile The profile that has changed
- *
- * @access public
- **/
- public function updateProfile($profile) {
- $params = $profile->asParameters('omb_listenee', true);
- $this->performOMBAction(OMB_ENDPOINT_UPDATEPROFILE, $params, $profile->getIdentifierURI());
- }
-
- /**
- * Inform the service about a new notice
- *
- * Sends a notice to the service.
- *
- * @param OMB_Notice $notice The notice
- *
- * @access public
- **/
- public function postNotice($notice) {
- $params = $notice->asParameters();
- $params['omb_listenee'] = $notice->getAuthor()->getIdentifierURI();
- $this->performOMBAction(OMB_ENDPOINT_POSTNOTICE, $params, $params['omb_listenee']);
- }
-
- /**
- * Set the token member variable
- *
- * Initializes the token based on given token and secret token.
- *
- * @param string $token The token
- * @param string $secret The secret token
- *
- * @access public
- **/
- public function setToken($token, $secret) {
- $this->token = new OAuthToken($token, $secret);
- }
-
- /**
- * Prepare an OAuthRequest object
- *
- * Creates an OAuthRequest object mapping the request specified by the
- * parameters.
- *
- * @param string $action_uri The URI specifying the target service
- * @param array $params Additional parameters for the service call
- * @param string $method The HTTP method used to call the service
- * ('POST' or 'GET', usually)
- *
- * @access protected
- *
- * @return OAuthRequest the prepared request
- **/
- protected function prepareAction($action_uri, $params, $method) {
- $url = $this->services[$action_uri];
-
- $url_params = array();
- parse_str(parse_url($url, PHP_URL_QUERY), $url_params);
-
- /* Add OMB version. */
- $url_params['omb_version'] = OMB_VERSION;
-
- /* Add user-defined parameters. */
- $url_params = array_merge($url_params, $params);
-
- $req = OAuthRequest::from_consumer_and_token($this->oauth_consumer,
- $this->token, $method, $url, $url_params);
-
- /* Sign the request. */
- $req->sign_request(new OAuthSignatureMethod_HMAC_SHA1(),
- $this->oauth_consumer, $this->token);
-
- return $req;
- }
-
- /**
- * Perform a service call
- *
- * Creates an OAuthRequest object and execute the mapped call as POST request.
- *
- * @param string $action_uri The URI specifying the target service
- * @param array $params Additional parameters for the service call
- *
- * @access protected
- *
- * @return Auth_Yadis_HTTPResponse The POST request response
- **/
- protected function performAction($action_uri, $params) {
- $req = $this->prepareAction($action_uri, $params, 'POST');
-
- /* Return result page. */
- return $this->fetcher->post($req->get_normalized_http_url(), $req->to_postdata(), array());
- }
-
- /**
- * Perform an OMB action
- *
- * Executes an OMB action – to date, it’s one of updateProfile or postNotice.
- *
- * @param string $action_uri The URI specifying the target service
- * @param array $params Additional parameters for the service call
- * @param string $listenee_uri The URI identifying the local user for whom
- * the action is performed
- *
- * @access protected
- **/
- protected function performOMBAction($action_uri, $params, $listenee_uri) {
- $result = $this->performAction($action_uri, $params);
- if ($result->status == 403) {
- /* The remote user unsubscribed us. */
- $this->datastore->deleteSubscription($this->listener_uri, $listenee_uri);
- } else if ($result->status != 200 ||
- strpos($result->body, 'omb_version=' . OMB_VERSION) === false) {
- /* The server signaled an error or sent an incorrect response. */
- throw OMB_RemoteServiceException::fromYadis($action_uri, $result);
+
+ /**
+ * Perform a service call
+ *
+ * Creates an OAuthRequest object and execute the mapped call as POST
+ * request.
+ *
+ * @param string $action_uri The URI specifying the target service
+ * @param array $params Additional parameters for the service call
+ *
+ * @access protected
+ *
+ * @return Auth_Yadis_HTTPResponse The POST request response
+ */
+ protected function performAction($action_uri, $params)
+ {
+ $req = $this->prepareAction($action_uri, $params, 'POST');
+
+ /* Return result page. */
+ return $this->fetcher->post($req->get_normalized_http_url(),
+ $req->to_postdata(), array());
+ }
+
+ /**
+ * Perform an OMB action
+ *
+ * Executes an OMB action – as of OMB 0.1, it’s one of updateProfile and
+ * postNotice.
+ *
+ * @param string $action_uri The URI specifying the target service
+ * @param array $params Additional parameters for the service call
+ * @param string $listenee_uri The URI identifying the local user for whom
+ * the action is performed
+ *
+ * @access protected
+ */
+ protected function performOMBAction($action_uri, $params, $listenee_uri)
+ {
+ $result = $this->performAction($action_uri, $params);
+ if ($result->status == 403) {
+ /* The remote user unsubscribed us. */
+ $this->datastore->deleteSubscription($this->listener_uri,
+ $listenee_uri);
+ } else if ($result->status != 200 ||
+ strpos($result->body, 'omb_version=' . OMB_VERSION) === false) {
+ /* The server signaled an error or sent an incorrect response. */
+ throw OMB_RemoteServiceException::fromYadis($action_uri, $result);
+ }
}
- }
}
+?>
diff --git a/extlib/libomb/service_provider.php b/extlib/libomb/service_provider.php
index a1c69e86f..9a1a488a6 100755
--- a/extlib/libomb/service_provider.php
+++ b/extlib/libomb/service_provider.php
@@ -1,13 +1,6 @@
<?php
-
-require_once 'constants.php';
-require_once 'remoteserviceexception.php';
-require_once 'helper.php';
-
/**
- * OMB service realization
- *
- * This class realizes a complete, simple OMB service.
+ * This file is part of libomb
*
* PHP version 5
*
@@ -24,406 +17,445 @@ require_once 'helper.php';
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
- * @package OMB
- * @author Adrian Lang <mail@adrianlang.de>
- * @copyright 2009 Adrian Lang
- * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
- **/
-
-class OMB_Service_Provider {
- protected $user; /* An OMB_Profile representing the user */
- protected $datastore; /* AN OMB_Datastore */
-
- protected $remote_user; /* An OMB_Profile representing the remote user during
- the authorization process */
-
- protected $oauth_server; /* An OAuthServer; should only be accessed via
- getOAuthServer. */
-
- /**
- * Initialize an OMB_Service_Provider object
- *
- * Constructs an OMB_Service_Provider instance that provides OMB services
- * referring to a particular user.
- *
- * @param OMB_Profile $user An OMB_Profile; mandatory for XRDS
- * output, user auth handling and OMB
- * action performing
- * @param OMB_Datastore $datastore An OMB_Datastore; mandatory for
- * everything but XRDS output
- * @param OAuthServer $oauth_server An OAuthServer; used for token writing
- * and OMB action handling; will use
- * default value if not set
- *
- * @access public
- **/
- public function __construct ($user = null, $datastore = null, $oauth_server = null) {
- $this->user = $user;
- $this->datastore = $datastore;
- $this->oauth_server = $oauth_server;
- }
-
- public function getRemoteUser() {
- return $this->remote_user;
- }
-
- /**
- * Write a XRDS document
- *
- * Writes a XRDS document specifying the OMB service. Optionally uses a
- * given object of a class implementing OMB_XRDS_Writer for output. Else
- * OMB_Plain_XRDS_Writer is used.
- *
- * @param OMB_XRDS_Mapper $xrds_mapper An object mapping actions to URLs
- * @param OMB_XRDS_Writer $xrds_writer Optional; The OMB_XRDS_Writer used to
- * write the XRDS document
- *
- * @access public
- *
- * @return mixed Depends on the used OMB_XRDS_Writer; OMB_Plain_XRDS_Writer
- * returns nothing.
- **/
- public function writeXRDS($xrds_mapper, $xrds_writer = null) {
- if ($xrds_writer == null) {
- require_once 'plain_xrds_writer.php';
- $xrds_writer = new OMB_Plain_XRDS_Writer();
- }
- return $xrds_writer->writeXRDS($this->user, $xrds_mapper);
- }
-
- /**
- * Echo a request token
- *
- * Outputs an unauthorized request token for the query found in $_GET or
- * $_POST.
- *
- * @access public
- **/
- public function writeRequestToken() {
- OMB_Helper::removeMagicQuotesFromRequest();
- echo $this->getOAuthServer()->fetch_request_token(OAuthRequest::from_request());
- }
-
- /**
- * Handle an user authorization request.
- *
- * Parses an authorization request. This includes OAuth and OMB verification.
- * Throws exceptions on failures. Returns an OMB_Profile object representing
- * the remote user.
- *
- * The OMB_Profile passed to the constructor of OMB_Service_Provider should
- * not represent the user specified in the authorization request, but the one
- * currently logged in to the service. This condition being satisfied,
- * handleUserAuth will check whether the listener specified in the request is
- * identical to the logged in user.
- *
- * @access public
- *
- * @return OMB_Profile The profile of the soon-to-be subscribed, i. e. remote
- * user
- **/
- public function handleUserAuth() {
- OMB_Helper::removeMagicQuotesFromRequest();
-
- /* Verify the request token. */
-
- $this->token = $this->datastore->lookup_token(null, "request", $_GET['oauth_token']);
- if (is_null($this->token)) {
- throw new OAuthException('The given request token has not been issued ' .
- 'by this service.');
+ * @package OMB
+ * @author Adrian Lang <mail@adrianlang.de>
+ * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
+ * @version 0.1a-20090828
+ * @link http://adrianlang.de/libomb
+ */
+
+require_once 'constants.php';
+require_once 'helper.php';
+require_once 'notice.php';
+require_once 'remoteserviceexception.php';
+
+/**
+ * OMB service realization
+ *
+ * This class realizes a complete, simple OMB service.
+ */
+class OMB_Service_Provider
+{
+ protected $user; /* An OMB_Profile representing the user */
+ protected $datastore; /* AN OMB_Datastore */
+
+ protected $remote_user; /* An OMB_Profile representing the remote user
+ during the authorization process */
+
+ protected $oauth_server; /* An OAuthServer; should only be accessed via
+ getOAuthServer. */
+
+ /**
+ * Initialize an OMB_Service_Provider object
+ *
+ * Constructs an OMB_Service_Provider instance that provides OMB services
+ * referring to a particular user.
+ *
+ * @param OMB_Profile $user An OMB_Profile; mandatory for XRDS
+ * output, user auth handling and OMB
+ * action performing
+ * @param OMB_Datastore $datastore An OMB_Datastore; mandatory for
+ * everything but XRDS output
+ * @param OAuthServer $oauth_server An OAuthServer; used for token writing
+ * and OMB action handling; will use
+ * default value if not set
+ *
+ * @access public
+ */
+ public function __construct ($user = null, $datastore = null,
+ $oauth_server = null)
+ {
+ $this->user = $user;
+ $this->datastore = $datastore;
+ $this->oauth_server = $oauth_server;
}
- /* Verify the OMB part. */
+ /**
+ * Return the remote user during user authorization
+ *
+ * Returns an OMB_Profile representing the remote user during the user
+ * authorization request.
+ *
+ * @return OMB_Profile The remote user
+ */
+ public function getRemoteUser()
+ {
+ return $this->remote_user;
+ }
- if ($_GET['omb_version'] !== OMB_VERSION) {
- throw OMB_RemoteServiceException::forRequest(OAUTH_ENDPOINT_AUTHORIZE,
- 'Wrong OMB version ' . $_GET['omb_version']);
+ /**
+ * Write a XRDS document
+ *
+ * Writes a XRDS document specifying the OMB service. Optionally uses a
+ * given object of a class implementing OMB_XRDS_Writer for output. Else
+ * OMB_Plain_XRDS_Writer is used.
+ *
+ * @param OMB_XRDS_Mapper $xrds_mapper An object mapping actions to URLs
+ * @param OMB_XRDS_Writer $xrds_writer Optional; The OMB_XRDS_Writer used to
+ * write the XRDS document
+ *
+ * @access public
+ *
+ * @return mixed Depends on the used OMB_XRDS_Writer; OMB_Plain_XRDS_Writer
+ * returns nothing.
+ */
+ public function writeXRDS($xrds_mapper, $xrds_writer = null)
+ {
+ if ($xrds_writer == null) {
+ require_once 'plain_xrds_writer.php';
+ $xrds_writer = new OMB_Plain_XRDS_Writer();
+ }
+ return $xrds_writer->writeXRDS($this->user, $xrds_mapper);
}
- if ($_GET['omb_listener'] !== $this->user->getIdentifierURI()) {
- throw OMB_RemoteServiceException::forRequest(OAUTH_ENDPOINT_AUTHORIZE,
- 'Wrong OMB listener ' . $_GET['omb_listener']);
+ /**
+ * Echo a request token
+ *
+ * Outputs an unauthorized request token for the query found in $_GET or
+ * $_POST.
+ *
+ * @access public
+ */
+ public function writeRequestToken()
+ {
+ OMB_Helper::removeMagicQuotesFromRequest();
+ echo $this->getOAuthServer()->fetch_request_token(
+ OAuthRequest::from_request());
}
- foreach (array('omb_listenee', 'omb_listenee_profile',
- 'omb_listenee_nickname', 'omb_listenee_license') as $param) {
- if (!isset($_GET[$param]) || is_null($_GET[$param])) {
- throw OMB_RemoteServiceException::forRequest(OAUTH_ENDPOINT_AUTHORIZE,
+ /**
+ * Handle an user authorization request.
+ *
+ * Parses an authorization request. This includes OAuth and OMB
+ * verification.
+ * Throws exceptions on failures. Returns an OMB_Profile object representing
+ * the remote user.
+ *
+ * The OMB_Profile passed to the constructor of OMB_Service_Provider should
+ * not represent the user specified in the authorization request, but the
+ * one currently logged in to the service. This condition being satisfied,
+ * handleUserAuth will check whether the listener specified in the request
+ * is identical to the logged in user.
+ *
+ * @access public
+ *
+ * @return OMB_Profile The profile of the soon-to-be subscribed, i. e.
+ * remote user
+ */
+ public function handleUserAuth()
+ {
+ OMB_Helper::removeMagicQuotesFromRequest();
+
+ /* Verify the request token. */
+
+ $this->token = $this->datastore->lookup_token(null, "request",
+ $_GET['oauth_token']);
+ if (is_null($this->token)) {
+ throw new OAuthException('The given request token has not been ' .
+ 'issued by this service.');
+ }
+
+ /* Verify the OMB part. */
+
+ if ($_GET['omb_version'] !== OMB_VERSION) {
+ throw OMB_RemoteServiceException::forRequest(OAUTH_ENDPOINT_AUTHORIZE,
+ 'Wrong OMB version ' .
+ $_GET['omb_version']);
+ }
+
+ if ($_GET['omb_listener'] !== $this->user->getIdentifierURI()) {
+ throw OMB_RemoteServiceException::forRequest(OAUTH_ENDPOINT_AUTHORIZE,
+ 'Wrong OMB listener ' .
+ $_GET['omb_listener']);
+ }
+
+ foreach (array('omb_listenee', 'omb_listenee_profile',
+ 'omb_listenee_nickname', 'omb_listenee_license') as $param) {
+ if (!isset($_GET[$param]) || is_null($_GET[$param])) {
+ throw OMB_RemoteServiceException::forRequest(
+ OAUTH_ENDPOINT_AUTHORIZE,
"Required parameter '$param' not found");
- }
- }
+ }
+ }
- /* Store given callback for later use. */
- if (isset($_GET['oauth_callback']) && $_GET['oauth_callback'] !== '') {
- $this->callback = $_GET['oauth_callback'];
- if (!OMB_Helper::validateURL($this->callback)) {
- throw OMB_RemoteServiceException::forRequest(OAUTH_ENDPOINT_AUTHORIZE,
- 'Invalid callback URL specified');
- }
+ /* Store given callback for later use. */
+ if (isset($_GET['oauth_callback']) && $_GET['oauth_callback'] !== '') {
+ $this->callback = $_GET['oauth_callback'];
+ if (!OMB_Helper::validateURL($this->callback)) {
+ throw OMB_RemoteServiceException::forRequest(
+ OAUTH_ENDPOINT_AUTHORIZE,
+ 'Invalid callback URL specified');
+ }
+ }
+ $this->remote_user = OMB_Profile::fromParameters($_GET, 'omb_listenee');
+
+ return $this->remote_user;
}
- $this->remote_user = OMB_Profile::fromParameters($_GET, 'omb_listenee');
-
- return $this->remote_user;
- }
-
- /**
- * Continue the OAuth dance after user authorization
- *
- * Performs the appropriate actions after user answered the authorization
- * request.
- *
- * @param bool $accepted Whether the user granted authorization
- *
- * @access public
- *
- * @return array A two-component array with the values:
- * - callback The callback URL or null if none given
- * - token The authorized request token or null if not
- * authorized.
- **/
- public function continueUserAuth($accepted) {
- $callback = $this->callback;
- if (!$accepted) {
- $this->datastore->revoke_token($this->token->key);
- $this->token = null;
- /* TODO: The handling is probably wrong in terms of OAuth 1.0 but the way
- laconica works. Moreover I don’t know the right way either. */
-
- } else {
- $this->datastore->authorize_token($this->token->key);
- $this->datastore->saveProfile($this->remote_user);
- $this->datastore->saveSubscription($this->user->getIdentifierURI(),
- $this->remote_user->getIdentifierURI(), $this->token);
-
- if (!is_null($this->callback)) {
- /* Callback wants to get some informations as well. */
- $params = $this->user->asParameters('omb_listener', false);
-
- $params['oauth_token'] = $this->token->key;
- $params['omb_version'] = OMB_VERSION;
-
- $callback .= (parse_url($this->callback, PHP_URL_QUERY) ? '&' : '?');
- foreach ($params as $k => $v) {
- $callback .= OAuthUtil::urlencode_rfc3986($k) . '=' .
- OAuthUtil::urlencode_rfc3986($v) . '&';
+
+ /**
+ * Continue the OAuth dance after user authorization
+ *
+ * Performs the appropriate actions after user answered the authorization
+ * request.
+ *
+ * @param bool $accepted Whether the user granted authorization
+ *
+ * @access public
+ *
+ * @return array A two-component array with the values:
+ * - callback The callback URL or null if none given
+ * - token The authorized request token or null if not
+ * authorized.
+ */
+ public function continueUserAuth($accepted)
+ {
+ $callback = $this->callback;
+ if (!$accepted) {
+ $this->datastore->revoke_token($this->token->key);
+ $this->token = null;
+
+ } else {
+ $this->datastore->authorize_token($this->token->key);
+ $this->datastore->saveProfile($this->remote_user);
+ $this->datastore->saveSubscription($this->user->getIdentifierURI(),
+ $this->remote_user->getIdentifierURI(),
+ $this->token);
+
+ if (!is_null($this->callback)) {
+ /* Callback wants to get some informations as well. */
+ $params = $this->user->asParameters('omb_listener', false);
+
+ $params['oauth_token'] = $this->token->key;
+ $params['omb_version'] = OMB_VERSION;
+
+ $callback .= (parse_url($this->callback, PHP_URL_QUERY) ? '&' : '?');
+ foreach ($params as $k => $v) {
+ $callback .= OAuthUtil::urlencode_rfc3986($k) . '=' .
+ OAuthUtil::urlencode_rfc3986($v) . '&';
+ }
+ }
}
- }
+ return array($callback, $this->token);
}
- return array($callback, $this->token);
- }
-
- /**
- * Echo an access token
- *
- * Outputs an access token for the query found in $_POST. OMB 0.1 specifies
- * that the access token request has to be a POST even if OAuth allows GET as
- * well.
- *
- * @access public
- **/
- public function writeAccessToken() {
- OMB_Helper::removeMagicQuotesFromRequest();
- echo $this->getOAuthServer()->fetch_access_token(
+
+ /**
+ * Echo an access token
+ *
+ * Outputs an access token for the query found in $_POST. OMB 0.1 specifies
+ * that the access token request has to be a POST even if OAuth allows GET
+ * as well.
+ *
+ * @access public
+ */
+ public function writeAccessToken()
+ {
+ OMB_Helper::removeMagicQuotesFromRequest();
+ echo $this->getOAuthServer()->fetch_access_token(
OAuthRequest::from_request('POST'));
- }
-
- /**
- * Handle an updateprofile request
- *
- * Handles an updateprofile request posted to this service. Updates the
- * profile through the OMB_Datastore.
- *
- * @access public
- *
- * @return OMB_Profile The updated profile
- **/
- public function handleUpdateProfile() {
- list($req, $profile) = $this->handleOMBRequest(OMB_ENDPOINT_UPDATEPROFILE);
- $profile->updateFromParameters($req->get_parameters(), 'omb_listenee');
- $this->datastore->saveProfile($profile);
- $this->finishOMBRequest();
- return $profile;
- }
-
- /**
- * Handle a postnotice request
- *
- * Handles a postnotice request posted to this service. Saves the notice
- * through the OMB_Datastore.
- *
- * @access public
- *
- * @return OMB_Notice The received notice
- **/
- public function handlePostNotice() {
- list($req, $profile) = $this->handleOMBRequest(OMB_ENDPOINT_POSTNOTICE);
- require_once 'notice.php';
- $notice = OMB_Notice::fromParameters($profile, $req->get_parameters());
- $this->datastore->saveNotice($notice);
- $this->finishOMBRequest();
- return $notice;
- }
-
- /**
- * Handle an OMB request
- *
- * Performs common OMB request handling.
- *
- * @param string $uri The URI defining the OMB endpoint being served
- *
- * @access protected
- *
- * @return array(OAuthRequest, OMB_Profile)
- **/
- protected function handleOMBRequest($uri) {
-
- OMB_Helper::removeMagicQuotesFromRequest();
- $req = OAuthRequest::from_request('POST');
- $listenee = $req->get_parameter('omb_listenee');
-
- try {
- list($consumer, $token) = $this->getOAuthServer()->verify_request($req);
- } catch (OAuthException $e) {
- header('HTTP/1.1 403 Forbidden');
- // @debug hack
- throw OMB_RemoteServiceException::forRequest($uri,
- 'Revoked accesstoken for ' . $listenee . ': ' . $e->getMessage());
- // @end debug
- throw OMB_RemoteServiceException::forRequest($uri,
- 'Revoked accesstoken for ' . $listenee);
}
- $version = $req->get_parameter('omb_version');
- if ($version !== OMB_VERSION) {
- header('HTTP/1.1 400 Bad Request');
- throw OMB_RemoteServiceException::forRequest($uri,
- 'Wrong OMB version ' . $version);
+ /**
+ * Handle an updateprofile request
+ *
+ * Handles an updateprofile request posted to this service. Updates the
+ * profile through the OMB_Datastore.
+ *
+ * @access public
+ *
+ * @return OMB_Profile The updated profile
+ */
+ public function handleUpdateProfile()
+ {
+ list($req, $profile) = $this->handleOMBRequest(OMB_ENDPOINT_UPDATEPROFILE);
+ $profile->updateFromParameters($req->get_parameters(), 'omb_listenee');
+ $this->datastore->saveProfile($profile);
+ $this->finishOMBRequest();
+ return $profile;
}
- $profile = $this->datastore->getProfile($listenee);
- if (is_null($profile)) {
- header('HTTP/1.1 400 Bad Request');
- throw OMB_RemoteServiceException::forRequest($uri,
- 'Unknown remote profile ' . $listenee);
+ /**
+ * Handle a postnotice request
+ *
+ * Handles a postnotice request posted to this service. Saves the notice
+ * through the OMB_Datastore.
+ *
+ * @access public
+ *
+ * @return OMB_Notice The received notice
+ */
+ public function handlePostNotice()
+ {
+ list($req, $profile) = $this->handleOMBRequest(OMB_ENDPOINT_POSTNOTICE);
+
+ $notice = OMB_Notice::fromParameters($profile, $req->get_parameters());
+ $this->datastore->saveNotice($notice);
+ $this->finishOMBRequest();
+
+ return $notice;
}
- $subscribers = $this->datastore->getSubscriptions($listenee);
- if (count($subscribers) === 0) {
- header('HTTP/1.1 403 Forbidden');
- throw OMB_RemoteServiceException::forRequest($uri,
- 'No subscriber for ' . $listenee);
- }
+ /**
+ * Handle an OMB request
+ *
+ * Performs common OMB request handling.
+ *
+ * @param string $uri The URI defining the OMB endpoint being served
+ *
+ * @access protected
+ *
+ * @return array(OAuthRequest, OMB_Profile)
+ */
+ protected function handleOMBRequest($uri)
+ {
+ OMB_Helper::removeMagicQuotesFromRequest();
+ $req = OAuthRequest::from_request('POST');
+ $listenee = $req->get_parameter('omb_listenee');
+
+ try {
+ list($consumer, $token) = $this->getOAuthServer()->verify_request($req);
+ } catch (OAuthException $e) {
+ header('HTTP/1.1 403 Forbidden');
+ throw OMB_RemoteServiceException::forRequest($uri,
+ 'Revoked accesstoken for ' . $listenee);
+ }
- return array($req, $profile);
- }
-
- /**
- * Finishes an OMB request handling
- *
- * Performs common OMB request handling finishing.
- *
- * @access protected
- **/
- protected function finishOMBRequest() {
- header('HTTP/1.1 200 OK');
- header('Content-type: text/plain');
- /* There should be no clutter but the version. */
- echo "omb_version=" . OMB_VERSION;
- }
-
- /**
- * Return an OAuthServer
- *
- * Checks whether the OAuthServer is null. If so, initializes it with a
- * default value. Returns the OAuth server.
- *
- * @access protected
- **/
- protected function getOAuthServer() {
- if (is_null($this->oauth_server)) {
- $this->oauth_server = new OAuthServer($this->datastore);
- $this->oauth_server->add_signature_method(
- new OAuthSignatureMethod_HMAC_SHA1());
+ $version = $req->get_parameter('omb_version');
+ if ($version !== OMB_VERSION) {
+ header('HTTP/1.1 400 Bad Request');
+ throw OMB_RemoteServiceException::forRequest($uri,
+ 'Wrong OMB version ' . $version);
+ }
+
+ $profile = $this->datastore->getProfile($listenee);
+ if (is_null($profile)) {
+ header('HTTP/1.1 400 Bad Request');
+ throw OMB_RemoteServiceException::forRequest($uri,
+ 'Unknown remote profile ' . $listenee);
+ }
+
+ $subscribers = $this->datastore->getSubscriptions($listenee);
+ if (count($subscribers) === 0) {
+ header('HTTP/1.1 403 Forbidden');
+ throw OMB_RemoteServiceException::forRequest($uri,
+ 'No subscriber for ' . $listenee);
+ }
+
+ return array($req, $profile);
}
- return $this->oauth_server;
- }
-
- /**
- * Publish a notice
- *
- * Posts an OMB notice. This includes storing the notice and posting it to
- * subscribed users.
- *
- * @param OMB_Notice $notice The new notice
- *
- * @access public
- *
- * @return array An array mapping subscriber URIs to the exception posting to
- * them has raised; Empty array if no exception occured
- **/
- public function postNotice($notice) {
- $uri = $this->user->getIdentifierURI();
-
- /* $notice is passed by reference and may change. */
- $this->datastore->saveNotice($notice);
- $subscribers = $this->datastore->getSubscriptions($uri);
-
- /* No one to post to. */
- if (is_null($subscribers)) {
- return array();
+
+ /**
+ * Finishes an OMB request handling
+ *
+ * Performs common OMB request handling finishing.
+ *
+ * @access protected
+ */
+ protected function finishOMBRequest()
+ {
+ header('HTTP/1.1 200 OK');
+ header('Content-type: text/plain');
+ /* There should be no clutter but the version. */
+ echo "omb_version=" . OMB_VERSION;
}
- require_once 'service_consumer.php';
-
- $err = array();
- foreach($subscribers as $subscriber) {
- try {
- $service = new OMB_Service_Consumer($subscriber['uri'], $uri, $this->datastore);
- $service->setToken($subscriber['token'], $subscriber['secret']);
- $service->postNotice($notice);
- } catch (Exception $e) {
- $err[$subscriber['uri']] = $e;
- continue;
- }
+ /**
+ * Return an OAuthServer
+ *
+ * Checks whether the OAuthServer is null. If so, initializes it with a
+ * default value. Returns the OAuth server.
+ *
+ * @access protected
+ */
+ protected function getOAuthServer()
+ {
+ if (is_null($this->oauth_server)) {
+ $this->oauth_server = new OAuthServer($this->datastore);
+ $this->oauth_server->add_signature_method(
+ new OAuthSignatureMethod_HMAC_SHA1());
+ }
+ return $this->oauth_server;
}
- return $err;
- }
-
- /**
- * Publish a profile update
- *
- * Posts the current profile as an OMB profile update. This includes updating
- * the stored profile and posting it to subscribed users.
- *
- * @access public
- *
- * @return array An array mapping subscriber URIs to the exception posting to
- * them has raised; Empty array if no exception occured
- **/
- public function updateProfile() {
- $uri = $this->user->getIdentifierURI();
-
- $this->datastore->saveProfile($this->user);
- $subscribers = $this->datastore->getSubscriptions($uri);
-
- /* No one to post to. */
- if (is_null($subscribers)) {
- return array();
+
+ /**
+ * Publish a notice
+ *
+ * Posts an OMB notice. This includes storing the notice and posting it to
+ * subscribed users.
+ *
+ * @param OMB_Notice $notice The new notice
+ *
+ * @access public
+ *
+ * @return array An array mapping subscriber URIs to the exception posting
+ * to them has raised; Empty array if no exception occured
+ */
+ public function postNotice($notice)
+ {
+ $uri = $this->user->getIdentifierURI();
+
+ /* $notice is passed by reference and may change. */
+ $this->datastore->saveNotice($notice);
+ $subscribers = $this->datastore->getSubscriptions($uri);
+
+ /* No one to post to. */
+ if (is_null($subscribers)) {
+ return array();
+ }
+
+ require_once 'service_consumer.php';
+
+ $err = array();
+ foreach ($subscribers as $subscriber) {
+ try {
+ $service = new OMB_Service_Consumer($subscriber['uri'], $uri,
+ $this->datastore);
+ $service->setToken($subscriber['token'], $subscriber['secret']);
+ $service->postNotice($notice);
+ } catch (Exception $e) {
+ $err[$subscriber['uri']] = $e;
+ continue;
+ }
+ }
+ return $err;
}
- require_once 'service_consumer.php';
-
- $err = array();
- foreach($subscribers as $subscriber) {
- try {
- $service = new OMB_Service_Consumer($subscriber['uri'], $uri, $this->datastore);
- $service->setToken($subscriber['token'], $subscriber['secret']);
- $service->updateProfile($this->user);
- } catch (Exception $e) {
- $err[$subscriber['uri']] = $e;
- continue;
- }
+ /**
+ * Publish a profile update
+ *
+ * Posts the current profile as an OMB profile update. This includes
+ * updating the stored profile and posting it to subscribed users.
+ *
+ * @access public
+ *
+ * @return array An array mapping subscriber URIs to the exception posting
+ * to them has raised; Empty array if no exception occured
+ */
+ public function updateProfile()
+ {
+ $uri = $this->user->getIdentifierURI();
+
+ $this->datastore->saveProfile($this->user);
+ $subscribers = $this->datastore->getSubscriptions($uri);
+
+ /* No one to post to. */
+ if (is_null($subscribers)) {
+ return array();
+ }
+
+ require_once 'service_consumer.php';
+
+ $err = array();
+ foreach ($subscribers as $subscriber) {
+ try {
+ $service = new OMB_Service_Consumer($subscriber['uri'], $uri,
+ $this->datastore);
+ $service->setToken($subscriber['token'], $subscriber['secret']);
+ $service->updateProfile($this->user);
+ } catch (Exception $e) {
+ $err[$subscriber['uri']] = $e;
+ continue;
+ }
+ }
+ return $err;
}
- return $err;
- }
}
diff --git a/extlib/libomb/unsupportedserviceexception.php b/extlib/libomb/unsupportedserviceexception.php
index 4dab63ebe..be30a1f69 100755
--- a/extlib/libomb/unsupportedserviceexception.php
+++ b/extlib/libomb/unsupportedserviceexception.php
@@ -1,9 +1,6 @@
<?php
/**
- * Exception stating that a requested service is not available
- *
- * This exception is raised when OMB_Service is asked to call a service the remote
- * server does not provide.
+ * This file is part of libomb
*
* PHP version 5
*
@@ -20,12 +17,20 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
- * @package OMB
- * @author Adrian Lang <mail@adrianlang.de>
- * @copyright 2009 Adrian Lang
- * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
- **/
-class OMB_UnsupportedServiceException extends Exception {
+ * @package OMB
+ * @author Adrian Lang <mail@adrianlang.de>
+ * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
+ * @version 0.1a-20090828
+ * @link http://adrianlang.de/libomb
+ */
+/**
+ * Exception stating that a requested service is not available
+ *
+ * This exception is raised when OMB_Service is asked to call a service the
+ * remote server does not provide.
+ */
+class OMB_UnsupportedServiceException extends Exception
+{
}
?>
diff --git a/extlib/libomb/xrds_mapper.php b/extlib/libomb/xrds_mapper.php
index 7552154e5..8fbe65249 100755
--- a/extlib/libomb/xrds_mapper.php
+++ b/extlib/libomb/xrds_mapper.php
@@ -1,10 +1,6 @@
<?php
/**
- * Map XRDS actions to URLs
- *
- * This interface specifies classes which write the XRDS file announcing
- * the OMB server. An instance of an implementing class should be passed to
- * OMB_Service_Provider->writeXRDS.
+ * This file is part of libomb
*
* PHP version 5
*
@@ -21,13 +17,31 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
- * @package OMB
- * @author Adrian Lang <mail@adrianlang.de>
- * @copyright 2009 Adrian Lang
- * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
- **/
+ * @package OMB
+ * @author Adrian Lang <mail@adrianlang.de>
+ * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
+ * @version 0.1a-20090828
+ * @link http://adrianlang.de/libomb
+ */
-interface OMB_XRDS_Mapper {
- public function getURL($action);
+/**
+ * Map XRDS actions to URLs
+ *
+ * This interface specifies classes which write the XRDS file announcing
+ * the OMB server. An instance of an implementing class should be passed to
+ * OMB_Service_Provider->writeXRDS.
+ */
+interface OMB_XRDS_Mapper
+{
+ /**
+ * Fetch an URL for a specified action
+ *
+ * Returns the action URL for an action specified by the endpoint URI.
+ *
+ * @param string $action The endpoint URI
+ *
+ * @return string The action URL
+ */
+ public function getURL($action);
}
?>
diff --git a/extlib/libomb/xrds_writer.php b/extlib/libomb/xrds_writer.php
index 31b451b9c..c7939d60a 100755
--- a/extlib/libomb/xrds_writer.php
+++ b/extlib/libomb/xrds_writer.php
@@ -1,10 +1,6 @@
<?php
/**
- * Write OMB-specific XRDS
- *
- * This interface specifies classes which write the XRDS file announcing
- * the OMB server. An instance of an implementing class should be passed to
- * OMB_Service_Provider->writeXRDS.
+ * This file is part of libomb
*
* PHP version 5
*
@@ -21,13 +17,30 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
- * @package OMB
- * @author Adrian Lang <mail@adrianlang.de>
- * @copyright 2009 Adrian Lang
- * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
- **/
+ * @package OMB
+ * @author Adrian Lang <mail@adrianlang.de>
+ * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0
+ * @version 0.1a-20090828
+ * @link http://adrianlang.de/libomb
+ */
-interface OMB_XRDS_Writer {
- public function writeXRDS($user, $mapper);
+/**
+ * Write OMB-specific XRDS
+ *
+ * This interface specifies classes which write the XRDS file announcing
+ * the OMB server. An instance of an implementing class should be passed to
+ * OMB_Service_Provider->writeXRDS.
+ */
+interface OMB_XRDS_Writer
+{
+ /**
+ * Write XRDS
+ *
+ * Outputs a XRDS document specifying an OMB service.
+ *
+ * @param OMB_profile $user The target user for the OMB service
+ * @param OMB_XRDS_Mapper $mapper An OMB_XRDS_Mapper providing endpoint URLs
+ */
+ public function writeXRDS($user, $mapper);
}
?>