1<?php 2/** 3 * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY 4 * Version 4.0.4 5 * 6 * PHP Version 5 with SSL and LDAP support 7 * 8 * Written by Scott Barnett, Richard Hyland 9 * email: scott@wiggumworld.com, adldap@richardhyland.com 10 * http://adldap.sourceforge.net/ 11 * 12 * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland 13 * 14 * We'd appreciate any improvements or additions to be submitted back 15 * to benefit the entire community :) 16 * 17 * This library is free software; you can redistribute it and/or 18 * modify it under the terms of the GNU Lesser General Public 19 * License as published by the Free Software Foundation; either 20 * version 2.1 of the License. 21 * 22 * This library is distributed in the hope that it will be useful, 23 * but WITHOUT ANY WARRANTY; without even the implied warranty of 24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 25 * Lesser General Public License for more details. 26 * 27 * @category ToolsAndUtilities 28 * @package adLDAP 29 * @subpackage Utils 30 * @author Scott Barnett, Richard Hyland 31 * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland 32 * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1 33 * @revision $Revision: 97 $ 34 * @version 4.0.4 35 * @link http://adldap.sourceforge.net/ 36 */ 37require_once(dirname(__FILE__) . '/../adLDAP.php'); 38 39/** 40* UTILITY FUNCTIONS 41*/ 42class adLDAPUtils { 43 const ADLDAP_VERSION = '4.0.4'; 44 45 /** 46 * The current adLDAP connection via dependency injection 47 * 48 * @var adLDAP 49 */ 50 protected $adldap; 51 52 public function __construct(adLDAP $adldap) { 53 $this->adldap = $adldap; 54 } 55 56 57 /** 58 * Take an LDAP query and return the nice names, without all the LDAP prefixes (eg. CN, DN) 59 * 60 * @param array $groups 61 * @return array 62 */ 63 public function niceNames($groups) 64 { 65 66 $groupArray = array(); 67 for ($i=0; $i<$groups["count"]; $i++){ // For each group 68 $line = $groups[$i]; 69 70 if (strlen($line)>0) { 71 // More presumptions, they're all prefixed with CN= 72 // so we ditch the first three characters and the group 73 // name goes up to the first comma 74 $bits=explode(",", $line); 75 $groupArray[] = substr($bits[0], 3, (strlen($bits[0])-3)); 76 } 77 } 78 return $groupArray; 79 } 80 81 /** 82 * Escape characters for use in an ldap_create function 83 * 84 * @param string $str 85 * @return string 86 */ 87 public function escapeCharacters($str) { 88 $str = str_replace(",", "\,", $str); 89 return $str; 90 } 91 92 /** 93 * Escape strings for the use in LDAP filters 94 * 95 * DEVELOPERS SHOULD BE DOING PROPER FILTERING IF THEY'RE ACCEPTING USER INPUT 96 * Ported from Perl's Net::LDAP::Util escape_filter_value 97 * 98 * @param string $str The string the parse 99 * @author Port by Andreas Gohr <andi@splitbrain.org> 100 * @return string 101 */ 102 public function ldapSlashes($str){ 103 return preg_replace('/([\x00-\x1F\*\(\)\\\\])/e', 104 '"\\\\\".join("",unpack("H2","$1"))', 105 $str); 106 } 107 108 /** 109 * Converts a string GUID to a hexdecimal value so it can be queried 110 * 111 * @param string $strGUID A string representation of a GUID 112 * @return string 113 */ 114 public function strGuidToHex($strGUID) 115 { 116 $strGUID = str_replace('-', '', $strGUID); 117 118 $octet_str = '\\' . substr($strGUID, 6, 2); 119 $octet_str .= '\\' . substr($strGUID, 4, 2); 120 $octet_str .= '\\' . substr($strGUID, 2, 2); 121 $octet_str .= '\\' . substr($strGUID, 0, 2); 122 $octet_str .= '\\' . substr($strGUID, 10, 2); 123 $octet_str .= '\\' . substr($strGUID, 8, 2); 124 $octet_str .= '\\' . substr($strGUID, 14, 2); 125 $octet_str .= '\\' . substr($strGUID, 12, 2); 126 //$octet_str .= '\\' . substr($strGUID, 16, strlen($strGUID)); 127 for ($i=16; $i<=(strlen($strGUID)-2); $i++) { 128 if (($i % 2) == 0) { 129 $octet_str .= '\\' . substr($strGUID, $i, 2); 130 } 131 } 132 133 return $octet_str; 134 } 135 136 /** 137 * Convert a binary SID to a text SID 138 * 139 * @param string $binsid A Binary SID 140 * @return string 141 */ 142 public function getTextSID($binsid) { 143 $hex_sid = bin2hex($binsid); 144 $rev = hexdec(substr($hex_sid, 0, 2)); 145 $subcount = hexdec(substr($hex_sid, 2, 2)); 146 $auth = hexdec(substr($hex_sid, 4, 12)); 147 $result = "$rev-$auth"; 148 149 for ($x=0;$x < $subcount; $x++) { 150 $subauth[$x] = 151 hexdec($this->littleEndian(substr($hex_sid, 16 + ($x * 8), 8))); 152 $result .= "-" . $subauth[$x]; 153 } 154 155 // Cheat by tacking on the S- 156 return 'S-' . $result; 157 } 158 159 /** 160 * Converts a little-endian hex number to one that hexdec() can convert 161 * 162 * @param string $hex A hex code 163 * @return string 164 */ 165 public function littleEndian($hex) 166 { 167 $result = ''; 168 for ($x = strlen($hex) - 2; $x >= 0; $x = $x - 2) { 169 $result .= substr($hex, $x, 2); 170 } 171 return $result; 172 } 173 174 /** 175 * Converts a binary attribute to a string 176 * 177 * @param string $bin A binary LDAP attribute 178 * @return string 179 */ 180 public function binaryToText($bin) 181 { 182 $hex_guid = bin2hex($bin); 183 $hex_guid_to_guid_str = ''; 184 for($k = 1; $k <= 4; ++$k) { 185 $hex_guid_to_guid_str .= substr($hex_guid, 8 - 2 * $k, 2); 186 } 187 $hex_guid_to_guid_str .= '-'; 188 for($k = 1; $k <= 2; ++$k) { 189 $hex_guid_to_guid_str .= substr($hex_guid, 12 - 2 * $k, 2); 190 } 191 $hex_guid_to_guid_str .= '-'; 192 for($k = 1; $k <= 2; ++$k) { 193 $hex_guid_to_guid_str .= substr($hex_guid, 16 - 2 * $k, 2); 194 } 195 $hex_guid_to_guid_str .= '-' . substr($hex_guid, 16, 4); 196 $hex_guid_to_guid_str .= '-' . substr($hex_guid, 20); 197 return strtoupper($hex_guid_to_guid_str); 198 } 199 200 /** 201 * Converts a binary GUID to a string GUID 202 * 203 * @param string $binaryGuid The binary GUID attribute to convert 204 * @return string 205 */ 206 public function decodeGuid($binaryGuid) 207 { 208 if ($binaryGuid === null){ return "Missing compulsory field [binaryGuid]"; } 209 210 $strGUID = $this->binaryToText($binaryGuid); 211 return $strGUID; 212 } 213 214 /** 215 * Convert a boolean value to a string 216 * You should never need to call this yourself 217 * 218 * @param bool $bool Boolean value 219 * @return string 220 */ 221 public function boolToStr($bool) 222 { 223 return ($bool) ? 'TRUE' : 'FALSE'; 224 } 225 226 /** 227 * Convert 8bit characters e.g. accented characters to UTF8 encoded characters 228 */ 229 public function encode8Bit(&$item, $key) { 230 $encode = false; 231 if (is_string($item)) { 232 for ($i=0; $i<strlen($item); $i++) { 233 if (ord($item[$i]) >> 7) { 234 $encode = true; 235 } 236 } 237 } 238 if ($encode === true && $key != 'password') { 239 $item = utf8_encode($item); 240 } 241 } 242 243 /** 244 * Get the current class version number 245 * 246 * @return string 247 */ 248 public function getVersion() { 249 return self::ADLDAP_VERSION; 250 } 251 252 /** 253 * Round a Windows timestamp down to seconds and remove the seconds between 1601-01-01 and 1970-01-01 254 * 255 * @param long $windowsTime 256 * @return long $unixTime 257 */ 258 public static function convertWindowsTimeToUnixTime($windowsTime) { 259 $unixTime = round($windowsTime / 10000000) - 11644477200; 260 return $unixTime; 261 } 262} 263 264?>