summaryrefslogtreecommitdiff
path: root/extlib/Net/LDAP2/LDIF.php
diff options
context:
space:
mode:
authorCraig Andrews <candrews@integralblue.com>2009-11-04 13:39:56 -0500
committerCraig Andrews <candrews@integralblue.com>2009-11-04 13:39:56 -0500
commitc403f7fa442d7f8eacb4e2288429c271450d57d2 (patch)
tree750fc924305db82ff73f202f20b256c989918a19 /extlib/Net/LDAP2/LDIF.php
parenta82df5fae8b5d71d4545f27e7aa6cc561160922a (diff)
Added Net_LDAP2 to extlib, and add a skeleton LDAP plugin
Diffstat (limited to 'extlib/Net/LDAP2/LDIF.php')
-rw-r--r--extlib/Net/LDAP2/LDIF.php922
1 files changed, 922 insertions, 0 deletions
diff --git a/extlib/Net/LDAP2/LDIF.php b/extlib/Net/LDAP2/LDIF.php
new file mode 100644
index 000000000..34f3e75dd
--- /dev/null
+++ b/extlib/Net/LDAP2/LDIF.php
@@ -0,0 +1,922 @@
+<?php
+/* vim: set expandtab tabstop=4 shiftwidth=4: */
+/**
+* File containing the Net_LDAP2_LDIF interface class.
+*
+* PHP version 5
+*
+* @category Net
+* @package Net_LDAP2
+* @author Benedikt Hallinger <beni@php.net>
+* @copyright 2009 Benedikt Hallinger
+* @license http://www.gnu.org/licenses/lgpl-3.0.txt LGPLv3
+* @version SVN: $Id: LDIF.php 286718 2009-08-03 07:30:49Z beni $
+* @link http://pear.php.net/package/Net_LDAP2/
+*/
+
+/**
+* Includes
+*/
+require_once 'PEAR.php';
+require_once 'Net/LDAP2.php';
+require_once 'Net/LDAP2/Entry.php';
+require_once 'Net/LDAP2/Util.php';
+
+/**
+* LDIF capabilitys for Net_LDAP2, closely taken from PERLs Net::LDAP
+*
+* It provides a means to convert between Net_LDAP2_Entry objects and LDAP entries
+* represented in LDIF format files. Reading and writing are supported and may
+* manipulate single entries or lists of entries.
+*
+* Usage example:
+* <code>
+* // Read and parse an ldif-file into Net_LDAP2_Entry objects
+* // and print out the DNs. Store the entries for later use.
+* require 'Net/LDAP2/LDIF.php';
+* $options = array(
+* 'onerror' => 'die'
+* );
+* $entries = array();
+* $ldif = new Net_LDAP2_LDIF('test.ldif', 'r', $options);
+* do {
+* $entry = $ldif->read_entry();
+* $dn = $entry->dn();
+* echo " done building entry: $dn\n";
+* array_push($entries, $entry);
+* } while (!$ldif->eof());
+* $ldif->done();
+*
+*
+* // write those entries to another file
+* $ldif = new Net_LDAP2_LDIF('test.out.ldif', 'w', $options);
+* $ldif->write_entry($entries);
+* $ldif->done();
+* </code>
+*
+* @category Net
+* @package Net_LDAP2
+* @author Benedikt Hallinger <beni@php.net>
+* @license http://www.gnu.org/copyleft/lesser.html LGPL
+* @link http://pear.php.net/package/Net_LDAP22/
+* @see http://www.ietf.org/rfc/rfc2849.txt
+* @todo Error handling should be PEARified
+* @todo LDAPv3 controls are not implemented yet
+*/
+class Net_LDAP2_LDIF extends PEAR
+{
+ /**
+ * Options
+ *
+ * @access protected
+ * @var array
+ */
+ protected $_options = array('encode' => 'base64',
+ 'onerror' => null,
+ 'change' => 0,
+ 'lowercase' => 0,
+ 'sort' => 0,
+ 'version' => null,
+ 'wrap' => 78,
+ 'raw' => ''
+ );
+
+ /**
+ * Errorcache
+ *
+ * @access protected
+ * @var array
+ */
+ protected $_error = array('error' => null,
+ 'line' => 0
+ );
+
+ /**
+ * Filehandle for read/write
+ *
+ * @access protected
+ * @var array
+ */
+ protected $_FH = null;
+
+ /**
+ * Says, if we opened the filehandle ourselves
+ *
+ * @access protected
+ * @var array
+ */
+ protected $_FH_opened = false;
+
+ /**
+ * Linecounter for input file handle
+ *
+ * @access protected
+ * @var array
+ */
+ protected $_input_line = 0;
+
+ /**
+ * counter for processed entries
+ *
+ * @access protected
+ * @var int
+ */
+ protected $_entrynum = 0;
+
+ /**
+ * Mode we are working in
+ *
+ * Either 'r', 'a' or 'w'
+ *
+ * @access protected
+ * @var string
+ */
+ protected $_mode = false;
+
+ /**
+ * Tells, if the LDIF version string was already written
+ *
+ * @access protected
+ * @var boolean
+ */
+ protected $_version_written = false;
+
+ /**
+ * Cache for lines that have build the current entry
+ *
+ * @access protected
+ * @var boolean
+ */
+ protected $_lines_cur = array();
+
+ /**
+ * Cache for lines that will build the next entry
+ *
+ * @access protected
+ * @var boolean
+ */
+ protected $_lines_next = array();
+
+ /**
+ * Open LDIF file for reading or for writing
+ *
+ * new (FILE):
+ * Open the file read-only. FILE may be the name of a file
+ * or an already open filehandle.
+ * If the file doesn't exist, it will be created if in write mode.
+ *
+ * new (FILE, MODE, OPTIONS):
+ * Open the file with the given MODE (see PHPs fopen()), eg "w" or "a".
+ * FILE may be the name of a file or an already open filehandle.
+ * PERLs Net_LDAP2 "FILE|" mode does not work curently.
+ *
+ * OPTIONS is an associative array and may contain:
+ * encode => 'none' | 'canonical' | 'base64'
+ * Some DN values in LDIF cannot be written verbatim and have to be encoded in some way:
+ * 'none' No encoding.
+ * 'canonical' See "canonical_dn()" in Net::LDAP::Util.
+ * 'base64' Use base64. (default, this differs from the Perl interface.
+ * The perl default is "none"!)
+ *
+ * onerror => 'die' | 'warn' | NULL
+ * Specify what happens when an error is detected.
+ * 'die' Net_LDAP2_LDIF will croak with an appropriate message.
+ * 'warn' Net_LDAP2_LDIF will warn (echo) with an appropriate message.
+ * NULL Net_LDAP2_LDIF will not warn (default), use error().
+ *
+ * change => 1
+ * Write entry changes to the LDIF file instead of the entries itself. I.e. write LDAP
+ * operations acting on the entries to the file instead of the entries contents.
+ * This writes the changes usually carried out by an update() to the LDIF file.
+ *
+ * lowercase => 1
+ * Convert attribute names to lowercase when writing.
+ *
+ * sort => 1
+ * Sort attribute names when writing entries according to the rule:
+ * objectclass first then all other attributes alphabetically sorted by attribute name
+ *
+ * version => '1'
+ * Set the LDIF version to write to the resulting LDIF file.
+ * According to RFC 2849 currently the only legal value for this option is 1.
+ * When this option is set Net_LDAP2_LDIF tries to adhere more strictly to
+ * the LDIF specification in RFC2489 in a few places.
+ * The default is NULL meaning no version information is written to the LDIF file.
+ *
+ * wrap => 78
+ * Number of columns where output line wrapping shall occur.
+ * Default is 78. Setting it to 40 or lower inhibits wrapping.
+ *
+ * raw => REGEX
+ * Use REGEX to denote the names of attributes that are to be
+ * considered binary in search results if writing entries.
+ * Example: raw => "/(?i:^jpegPhoto|;binary)/i"
+ *
+ * @param string|ressource $file Filename or filehandle
+ * @param string $mode Mode to open filename
+ * @param array $options Options like described above
+ */
+ public function __construct($file, $mode = 'r', $options = array())
+ {
+ $this->PEAR('Net_LDAP2_Error'); // default error class
+
+ // First, parse options
+ // todo: maybe implement further checks on possible values
+ foreach ($options as $option => $value) {
+ if (!array_key_exists($option, $this->_options)) {
+ $this->dropError('Net_LDAP2_LDIF error: option '.$option.' not known!');
+ return;
+ } else {
+ $this->_options[$option] = strtolower($value);
+ }
+ }
+
+ // setup LDIF class
+ $this->version($this->_options['version']);
+
+ // setup file mode
+ if (!preg_match('/^[rwa]\+?$/', $mode)) {
+ $this->dropError('Net_LDAP2_LDIF error: file mode '.$mode.' not supported!');
+ } else {
+ $this->_mode = $mode;
+
+ // setup filehandle
+ if (is_resource($file)) {
+ // TODO: checks on mode possible?
+ $this->_FH =& $file;
+ } else {
+ $imode = substr($this->_mode, 0, 1);
+ if ($imode == 'r') {
+ if (!file_exists($file)) {
+ $this->dropError('Unable to open '.$file.' for read: file not found');
+ $this->_mode = false;
+ }
+ if (!is_readable($file)) {
+ $this->dropError('Unable to open '.$file.' for read: permission denied');
+ $this->_mode = false;
+ }
+ }
+
+ if (($imode == 'w' || $imode == 'a')) {
+ if (file_exists($file)) {
+ if (!is_writable($file)) {
+ $this->dropError('Unable to open '.$file.' for write: permission denied');
+ $this->_mode = false;
+ }
+ } else {
+ if (!@touch($file)) {
+ $this->dropError('Unable to create '.$file.' for write: permission denied');
+ $this->_mode = false;
+ }
+ }
+ }
+
+ if ($this->_mode) {
+ $this->_FH = @fopen($file, $this->_mode);
+ if (false === $this->_FH) {
+ // Fallback; should never be reached if tests above are good enough!
+ $this->dropError('Net_LDAP2_LDIF error: Could not open file '.$file);
+ } else {
+ $this->_FH_opened = true;
+ }
+ }
+ }
+ }
+ }
+
+ /**
+ * Read one entry from the file and return it as a Net::LDAP::Entry object.
+ *
+ * @return Net_LDAP2_Entry
+ */
+ public function read_entry()
+ {
+ // read fresh lines, set them as current lines and create the entry
+ $attrs = $this->next_lines(true);
+ if (count($attrs) > 0) {
+ $this->_lines_cur = $attrs;
+ }
+ return $this->current_entry();
+ }
+
+ /**
+ * Returns true when the end of the file is reached.
+ *
+ * @return boolean
+ */
+ public function eof()
+ {
+ return feof($this->_FH);
+ }
+
+ /**
+ * Write the entry or entries to the LDIF file.
+ *
+ * If you want to build an LDIF file containing several entries AND
+ * you want to call write_entry() several times, you must open the filehandle
+ * in append mode ("a"), otherwise you will always get the last entry only.
+ *
+ * @param Net_LDAP2_Entry|array $entries Entry or array of entries
+ *
+ * @return void
+ * @todo implement operations on whole entries (adding a whole entry)
+ */
+ public function write_entry($entries)
+ {
+ if (!is_array($entries)) {
+ $entries = array($entries);
+ }
+
+ foreach ($entries as $entry) {
+ $this->_entrynum++;
+ if (!$entry instanceof Net_LDAP2_Entry) {
+ $this->dropError('Net_LDAP2_LDIF error: entry '.$this->_entrynum.' is not an Net_LDAP2_Entry object');
+ } else {
+ if ($this->_options['change']) {
+ // LDIF change mode
+ // fetch change information from entry
+ $entry_attrs_changes = $entry->getChanges();
+ $num_of_changes = count($entry_attrs_changes['add'])
+ + count($entry_attrs_changes['replace'])
+ + count($entry_attrs_changes['delete']);
+
+ $is_changed = ($num_of_changes > 0 || $entry->willBeDeleted() || $entry->willBeMoved());
+
+ // write version if not done yet
+ // also write DN of entry
+ if ($is_changed) {
+ if (!$this->_version_written) {
+ $this->write_version();
+ }
+ $this->writeDN($entry->currentDN());
+ }
+
+ // process changes
+ // TODO: consider DN add!
+ if ($entry->willBeDeleted()) {
+ $this->writeLine("changetype: delete".PHP_EOL);
+ } elseif ($entry->willBeMoved()) {
+ $this->writeLine("changetype: modrdn".PHP_EOL);
+ $olddn = Net_LDAP2_Util::ldap_explode_dn($entry->currentDN(), array('casefold' => 'none')); // maybe gives a bug if using multivalued RDNs
+ $oldrdn = array_shift($olddn);
+ $oldparent = implode(',', $olddn);
+ $newdn = Net_LDAP2_Util::ldap_explode_dn($entry->dn(), array('casefold' => 'none')); // maybe gives a bug if using multivalued RDNs
+ $rdn = array_shift($newdn);
+ $parent = implode(',', $newdn);
+ $this->writeLine("newrdn: ".$rdn.PHP_EOL);
+ $this->writeLine("deleteoldrdn: 1".PHP_EOL);
+ if ($parent !== $oldparent) {
+ $this->writeLine("newsuperior: ".$parent.PHP_EOL);
+ }
+ // TODO: What if the entry has attribute changes as well?
+ // I think we should check for that and make a dummy
+ // entry with the changes that is written to the LDIF file
+ } elseif ($num_of_changes > 0) {
+ // write attribute change data
+ $this->writeLine("changetype: modify".PHP_EOL);
+ foreach ($entry_attrs_changes as $changetype => $entry_attrs) {
+ foreach ($entry_attrs as $attr_name => $attr_values) {
+ $this->writeLine("$changetype: $attr_name".PHP_EOL);
+ if ($attr_values !== null) $this->writeAttribute($attr_name, $attr_values, $changetype);
+ $this->writeLine("-".PHP_EOL);
+ }
+ }
+ }
+
+ // finish this entrys data if we had changes
+ if ($is_changed) {
+ $this->finishEntry();
+ }
+ } else {
+ // LDIF-content mode
+ // fetch attributes for further processing
+ $entry_attrs = $entry->getValues();
+
+ // sort and put objectclass-attrs to first position
+ if ($this->_options['sort']) {
+ ksort($entry_attrs);
+ if (array_key_exists('objectclass', $entry_attrs)) {
+ $oc = $entry_attrs['objectclass'];
+ unset($entry_attrs['objectclass']);
+ $entry_attrs = array_merge(array('objectclass' => $oc), $entry_attrs);
+ }
+ }
+
+ // write data
+ if (!$this->_version_written) {
+ $this->write_version();
+ }
+ $this->writeDN($entry->dn());
+ foreach ($entry_attrs as $attr_name => $attr_values) {
+ $this->writeAttribute($attr_name, $attr_values);
+ }
+ $this->finishEntry();
+ }
+ }
+ }
+ }
+
+ /**
+ * Write version to LDIF
+ *
+ * If the object's version is defined, this method allows to explicitely write the version before an entry is written.
+ * If not called explicitely, it gets called automatically when writing the first entry.
+ *
+ * @return void
+ */
+ public function write_version()
+ {
+ $this->_version_written = true;
+ if (!is_null($this->version())) {
+ return $this->writeLine('version: '.$this->version().PHP_EOL, 'Net_LDAP2_LDIF error: unable to write version');
+ }
+ }
+
+ /**
+ * Get or set LDIF version
+ *
+ * If called without arguments it returns the version of the LDIF file or NULL if no version has been set.
+ * If called with an argument it sets the LDIF version to VERSION.
+ * According to RFC 2849 currently the only legal value for VERSION is 1.
+ *
+ * @param int $version (optional) LDIF version to set
+ *
+ * @return int
+ */
+ public function version($version = null)
+ {
+ if ($version !== null) {
+ if ($version != 1) {
+ $this->dropError('Net_LDAP2_LDIF error: illegal LDIF version set');
+ } else {
+ $this->_options['version'] = $version;
+ }
+ }
+ return $this->_options['version'];
+ }
+
+ /**
+ * Returns the file handle the Net_LDAP2_LDIF object reads from or writes to.
+ *
+ * You can, for example, use this to fetch the content of the LDIF file yourself
+ *
+ * @return null|resource
+ */
+ public function &handle()
+ {
+ if (!is_resource($this->_FH)) {
+ $this->dropError('Net_LDAP2_LDIF error: invalid file resource');
+ $null = null;
+ return $null;
+ } else {
+ return $this->_FH;
+ }
+ }
+
+ /**
+ * Clean up
+ *
+ * This method signals that the LDIF object is no longer needed.
+ * You can use this to free up some memory and close the file handle.
+ * The file handle is only closed, if it was opened from Net_LDAP2_LDIF.
+ *
+ * @return void
+ */
+ public function done()
+ {
+ // close FH if we opened it
+ if ($this->_FH_opened) {
+ fclose($this->handle());
+ }
+
+ // free variables
+ foreach (get_object_vars($this) as $name => $value) {
+ unset($this->$name);
+ }
+ }
+
+ /**
+ * Returns last error message if error was found.
+ *
+ * Example:
+ * <code>
+ * $ldif->someAction();
+ * if ($ldif->error()) {
+ * echo "Error: ".$ldif->error()." at input line: ".$ldif->error_lines();
+ * }
+ * </code>
+ *
+ * @param boolean $as_string If set to true, only the message is returned
+ *
+ * @return false|Net_LDAP2_Error
+ */
+ public function error($as_string = false)
+ {
+ if (Net_LDAP2::isError($this->_error['error'])) {
+ return ($as_string)? $this->_error['error']->getMessage() : $this->_error['error'];
+ } else {
+ return false;
+ }
+ }
+
+ /**
+ * Returns lines that resulted in error.
+ *
+ * Perl returns an array of faulty lines in list context,
+ * but we always just return an int because of PHPs language.
+ *
+ * @return int
+ */
+ public function error_lines()
+ {
+ return $this->_error['line'];
+ }
+
+ /**
+ * Returns the current Net::LDAP::Entry object.
+ *
+ * @return Net_LDAP2_Entry|false
+ */
+ public function current_entry()
+ {
+ return $this->parseLines($this->current_lines());
+ }
+
+ /**
+ * Parse LDIF lines of one entry into an Net_LDAP2_Entry object
+ *
+ * @param array $lines LDIF lines for one entry
+ *
+ * @return Net_LDAP2_Entry|false Net_LDAP2_Entry object for those lines
+ * @todo what about file inclusions and urls? "jpegphoto:< file:///usr/local/directory/photos/fiona.jpg"
+ */
+ public function parseLines($lines)
+ {
+ // parse lines into an array of attributes and build the entry
+ $attributes = array();
+ $dn = false;
+ foreach ($lines as $line) {
+ if (preg_match('/^(\w+)(:|::|:<)\s(.+)$/', $line, $matches)) {
+ $attr =& $matches[1];
+ $delim =& $matches[2];
+ $data =& $matches[3];
+
+ if ($delim == ':') {
+ // normal data
+ $attributes[$attr][] = $data;
+ } elseif ($delim == '::') {
+ // base64 data
+ $attributes[$attr][] = base64_decode($data);
+ } elseif ($delim == ':<') {
+ // file inclusion
+ // TODO: Is this the job of the LDAP-client or the server?
+ $this->dropError('File inclusions are currently not supported');
+ //$attributes[$attr][] = ...;
+ } else {
+ // since the pattern above, the delimeter cannot be something else.
+ $this->dropError('Net_LDAP2_LDIF parsing error: invalid syntax at parsing entry line: '.$line);
+ continue;
+ }
+
+ if (strtolower($attr) == 'dn') {
+ // DN line detected
+ $dn = $attributes[$attr][0]; // save possibly decoded DN
+ unset($attributes[$attr]); // remove wrongly added "dn: " attribute
+ }
+ } else {
+ // line not in "attr: value" format -> ignore
+ // maybe we should rise an error here, but this should be covered by
+ // next_lines() already. A problem arises, if users try to feed data of
+ // several entries to this method - the resulting entry will
+ // get wrong attributes. However, this is already mentioned in the
+ // methods documentation above.
+ }
+ }
+
+ if (false === $dn) {
+ $this->dropError('Net_LDAP2_LDIF parsing error: unable to detect DN for entry');
+ return false;
+ } else {
+ $newentry = Net_LDAP2_Entry::createFresh($dn, $attributes);
+ return $newentry;
+ }
+ }
+
+ /**
+ * Returns the lines that generated the current Net::LDAP::Entry object.
+ *
+ * Note that this returns an empty array if no lines have been read so far.
+ *
+ * @return array Array of lines
+ */
+ public function current_lines()
+ {
+ return $this->_lines_cur;
+ }
+
+ /**
+ * Returns the lines that will generate the next Net::LDAP::Entry object.
+ *
+ * If you set $force to TRUE then you can iterate over the lines that build
+ * up entries manually. Otherwise, iterating is done using {@link read_entry()}.
+ * Force will move the file pointer forward, thus returning the next entries lines.
+ *
+ * Wrapped lines will be unwrapped. Comments are stripped.
+ *
+ * @param boolean $force Set this to true if you want to iterate over the lines manually
+ *
+ * @return array
+ */
+ public function next_lines($force = false)
+ {
+ // if we already have those lines, just return them, otherwise read
+ if (count($this->_lines_next) == 0 || $force) {
+ $this->_lines_next = array(); // empty in case something was left (if used $force)
+ $entry_done = false;
+ $fh = &$this->handle();
+ $commentmode = false; // if we are in an comment, for wrapping purposes
+ $datalines_read = 0; // how many lines with data we have read
+
+ while (!$entry_done && !$this->eof()) {
+ $this->_input_line++;
+ // Read line. Remove line endings, we want only data;
+ // this is okay since ending spaces should be encoded
+ $data = rtrim(fgets($fh));
+ if ($data === false) {
+ // error only, if EOF not reached after fgets() call
+ if (!$this->eof()) {
+ $this->dropError('Net_LDAP2_LDIF error: error reading from file at input line '.$this->_input_line, $this->_input_line);
+ }
+ break;
+ } else {
+ if (count($this->_lines_next) > 0 && preg_match('/^$/', $data)) {
+ // Entry is finished if we have an empty line after we had data
+ $entry_done = true;
+
+ // Look ahead if the next EOF is nearby. Comments and empty
+ // lines at the file end may cause problems otherwise
+ $current_pos = ftell($fh);
+ $data = fgets($fh);
+ while (!feof($fh)) {
+ if (preg_match('/^\s*$/', $data) || preg_match('/^#/', $data)) {
+ // only empty lines or comments, continue to seek
+ // TODO: Known bug: Wrappings for comments are okay but are treaten as
+ // error, since we do not honor comment mode here.
+ // This should be a very theoretically case, however
+ // i am willing to fix this if really necessary.
+ $this->_input_line++;
+ $current_pos = ftell($fh);
+ $data = fgets($fh);
+ } else {
+ // Data found if non emtpy line and not a comment!!
+ // Rewind to position prior last read and stop lookahead
+ fseek($fh, $current_pos);
+ break;
+ }
+ }
+ // now we have either the file pointer at the beginning of
+ // a new data position or at the end of file causing feof() to return true
+
+ } else {
+ // build lines
+ if (preg_match('/^version:\s(.+)$/', $data, $match)) {
+ // version statement, set version
+ $this->version($match[1]);
+ } elseif (preg_match('/^\w+::?\s.+$/', $data)) {
+ // normal attribute: add line
+ $commentmode = false;
+ $this->_lines_next[] = trim($data);
+ $datalines_read++;
+ } elseif (preg_match('/^\s(.+)$/', $data, $matches)) {
+ // wrapped data: unwrap if not in comment mode
+ if (!$commentmode) {
+ if ($datalines_read == 0) {
+ // first line of entry: wrapped data is illegal
+ $this->dropError('Net_LDAP2_LDIF error: illegal wrapping at input line '.$this->_input_line, $this->_input_line);
+ } else {
+ $last = array_pop($this->_lines_next);
+ $last = $last.trim($matches[1]);
+ $this->_lines_next[] = $last;
+ $datalines_read++;
+ }
+ }
+ } elseif (preg_match('/^#/', $data)) {
+ // LDIF comments
+ $commentmode = true;
+ } elseif (preg_match('/^\s*$/', $data)) {
+ // empty line but we had no data for this
+ // entry, so just ignore this line
+ $commentmode = false;
+ } else {
+ $this->dropError('Net_LDAP2_LDIF error: invalid syntax at input line '.$this->_input_line, $this->_input_line);
+ continue;
+ }
+
+ }
+ }
+ }
+ }
+ return $this->_lines_next;
+ }
+
+ /**
+ * Convert an attribute and value to LDIF string representation
+ *
+ * It honors correct encoding of values according to RFC 2849.
+ * Line wrapping will occur at the configured maximum but only if
+ * the value is greater than 40 chars.
+ *
+ * @param string $attr_name Name of the attribute
+ * @param string $attr_value Value of the attribute
+ *
+ * @access protected
+ * @return string LDIF string for that attribute and value
+ */
+ protected function convertAttribute($attr_name, $attr_value)
+ {
+ // Handle empty attribute or process
+ if (strlen($attr_value) == 0) {
+ $attr_value = " ";
+ } else {
+ $base64 = false;
+ // ASCII-chars that are NOT safe for the
+ // start and for being inside the value.
+ // These are the int values of those chars.
+ $unsafe_init = array(0, 10, 13, 32, 58, 60);
+ $unsafe = array(0, 10, 13);
+
+ // Test for illegal init char
+ $init_ord = ord(substr($attr_value, 0, 1));
+ if ($init_ord > 127 || in_array($init_ord, $unsafe_init)) {
+ $base64 = true;
+ }
+
+ // Test for illegal content char
+ for ($i = 0; $i < strlen($attr_value); $i++) {
+ $char_ord = ord(substr($attr_value, $i, 1));
+ if ($char_ord > 127 || in_array($char_ord, $unsafe)) {
+ $base64 = true;
+ }
+ }
+
+ // Test for ending space
+ if (substr($attr_value, -1) == ' ') {
+ $base64 = true;
+ }
+
+ // If converting is needed, do it
+ // Either we have some special chars or a matching "raw" regex
+ if ($base64 || ($this->_options['raw'] && preg_match($this->_options['raw'], $attr_name))) {
+ $attr_name .= ':';
+ $attr_value = base64_encode($attr_value);
+ }
+
+ // Lowercase attr names if requested
+ if ($this->_options['lowercase']) $attr_name = strtolower($attr_name);
+
+ // Handle line wrapping
+ if ($this->_options['wrap'] > 40 && strlen($attr_value) > $this->_options['wrap']) {
+ $attr_value = wordwrap($attr_value, $this->_options['wrap'], PHP_EOL." ", true);
+ }
+ }
+
+ return $attr_name.': '.$attr_value;
+ }
+
+ /**
+ * Convert an entries DN to LDIF string representation
+ *
+ * It honors correct encoding of values according to RFC 2849.
+ *
+ * @param string $dn UTF8-Encoded DN
+ *
+ * @access protected
+ * @return string LDIF string for that DN
+ * @todo I am not sure, if the UTF8 stuff is correctly handled right now
+ */
+ protected function convertDN($dn)
+ {
+ $base64 = false;
+ // ASCII-chars that are NOT safe for the
+ // start and for being inside the dn.
+ // These are the int values of those chars.
+ $unsafe_init = array(0, 10, 13, 32, 58, 60);
+ $unsafe = array(0, 10, 13);
+
+ // Test for illegal init char
+ $init_ord = ord(substr($dn, 0, 1));
+ if ($init_ord >= 127 || in_array($init_ord, $unsafe_init)) {
+ $base64 = true;
+ }
+
+ // Test for illegal content char
+ for ($i = 0; $i < strlen($dn); $i++) {
+ $char = substr($dn, $i, 1);
+ if (ord($char) >= 127 || in_array($init_ord, $unsafe)) {
+ $base64 = true;
+ }
+ }
+
+ // Test for ending space
+ if (substr($dn, -1) == ' ') {
+ $base64 = true;
+ }
+
+ // if converting is needed, do it
+ return ($base64)? 'dn:: '.base64_encode($dn) : 'dn: '.$dn;
+ }
+
+ /**
+ * Writes an attribute to the filehandle
+ *
+ * @param string $attr_name Name of the attribute
+ * @param string|array $attr_values Single attribute value or array with attribute values
+ *
+ * @access protected
+ * @return void
+ */
+ protected function writeAttribute($attr_name, $attr_values)
+ {
+ // write out attribute content
+ if (!is_array($attr_values)) {
+ $attr_values = array($attr_values);
+ }
+ foreach ($attr_values as $attr_val) {
+ $line = $this->convertAttribute($attr_name, $attr_val).PHP_EOL;
+ $this->writeLine($line, 'Net_LDAP2_LDIF error: unable to write attribute '.$attr_name.' of entry '.$this->_entrynum);
+ }
+ }
+
+ /**
+ * Writes a DN to the filehandle
+ *
+ * @param string $dn DN to write
+ *
+ * @access protected
+ * @return void
+ */
+ protected function writeDN($dn)
+ {
+ // prepare DN
+ if ($this->_options['encode'] == 'base64') {
+ $dn = $this->convertDN($dn).PHP_EOL;
+ } elseif ($this->_options['encode'] == 'canonical') {
+ $dn = Net_LDAP2_Util::canonical_dn($dn, array('casefold' => 'none')).PHP_EOL;
+ } else {
+ $dn = $dn.PHP_EOL;
+ }
+ $this->writeLine($dn, 'Net_LDAP2_LDIF error: unable to write DN of entry '.$this->_entrynum);
+ }
+
+ /**
+ * Finishes an LDIF entry
+ *
+ * @access protected
+ * @return void
+ */
+ protected function finishEntry()
+ {
+ $this->writeLine(PHP_EOL, 'Net_LDAP2_LDIF error: unable to close entry '.$this->_entrynum);
+ }
+
+ /**
+ * Just write an arbitary line to the filehandle
+ *
+ * @param string $line Content to write
+ * @param string $error If error occurs, drop this message
+ *
+ * @access protected
+ * @return true|false
+ */
+ protected function writeLine($line, $error = 'Net_LDAP2_LDIF error: unable to write to filehandle')
+ {
+ if (is_resource($this->handle()) && fwrite($this->handle(), $line, strlen($line)) === false) {
+ $this->dropError($error);
+ return false;
+ } else {
+ return true;
+ }
+ }
+
+ /**
+ * Optionally raises an error and pushes the error on the error cache
+ *
+ * @param string $msg Errortext
+ * @param int $line Line in the LDIF that caused the error
+ *
+ * @access protected
+ * @return void
+ */
+ protected function dropError($msg, $line = null)
+ {
+ $this->_error['error'] = new Net_LDAP2_Error($msg);
+ if ($line !== null) $this->_error['line'] = $line;
+
+ if ($this->_options['onerror'] == 'die') {
+ die($msg.PHP_EOL);
+ } elseif ($this->_options['onerror'] == 'warn') {
+ echo $msg.PHP_EOL;
+ }
+ }
+}
+?>