PageRenderTime 23ms CodeModel.GetById 25ms RepoModel.GetById 0ms app.codeStats 0ms

/lib/ldap_services.php

https://github.com/dmolsen/MIT-Mobile-Web
PHP | 358 lines | 262 code | 60 blank | 36 comment | 37 complexity | 0345b02cbeae4ec7592473e0aecb7365 MD5 | raw file
    

  1. <?
    2. 

  2. /**
    3. 

  3.  * Copyright (c) 2008 Massachusetts Institute of Technology
    4. 

  4.  * 
    5. 

  5.  * Licensed under the MIT License
    6. 

  6.  * Redistributions of files must retain the above copyright notice.
    7. 

  7.  * 
    8. 

  8.  */
    9. 

  9. 

  10. ## CONFIGURE BASIC LDAP CONNECTION INFO ##
    11. 

  11. define("SERVER", "ldap.wvu.edu");
    12. 

  12. define("DN","ou=people,dc=wvu,dc=edu");
    13. 

  13. 

  14. ## USING LDAP BIND FOR PASSWORD PROTECTED LDAP IS NOT TESTED ##
    15. 

  15. define("AUTH",false); # use authentication?
    16. 

  16. define("USER","cn=webservices,ou=people,dc=heu,dc=edu");
    17. 

  17. define("PASS","password");
    18. 

  18. 

  19. ## look at line 205 to edit how your LDAP fields match display keys
    20. 

  20. 

  21. function mit_search($search) {
    22. 

  22.   $results = do_query(standard_query($search));
    23. 

  23.   if($email_query = email_query($search)) {
    24. 

  24.     $results = do_query($email_query, $results);
    25. 

  25.   }
    26. 

  26.   return order_results($results, $search);
    27. 

  27. }
    28. 

  28. 

  29. function order_results($results, $search) {
    30. 

  30.     $low_priority = array();
    31. 

  31.     $high_priority = array();
    32. 

  32.     foreach($results as $result) {
    33. 

  33.         $item = make_person($result);
    34. 

  34.         if(has_priority($item, $search)) {
    35. 

  35.           $high_priority[] = $item;
    36. 

  36.         } else {
    37. 

  37.           $low_priority[] = $item;
    38. 

  38.         }  
    39. 

  39.     }
    40. 

  40. 

  41.     usort($low_priority, "compare_people");
    42. 

  42.     return array_merge($high_priority, $low_priority);
    43. 

  43. }
    44. 

  44. 

  45. function has_priority($item, $search) {
    46. 

  46.   $words = explode(' ', trim($search));
    47. 

  47.   if(count($words) == 1) {
    48. 

  48.     $word = strtolower($words[0]);
    49. 

  49.     $emails = $item['email'];
    50. 

  50.     foreach($emails as $email) {
    51. 

  51.       $email = strtolower($email);
    52. 

  52.       if( ($email == $word) || 
    53. 

  53.           (substr($email, 0, strlen($word)+1) == "$word@") ) {
    54. 

  54.             return True;
    55. 

  55.       }
    56. 

  56.     } 
    57. 

  57.   }
    58. 

  58.   return False;
    59. 

  59. }
    60. 

  60. 

  61. function email_query($search) {
    62. 

  62.   $words = explode(' ', trim($search));
    63. 

  63.   if(count($words) == 1) {
    64. 

  64.     $word = $words[0];
    65. 

  65.     if(strpos($words, '@') === False) {
    66. 

  66.       //turns blpatt into blpatt@*
    67. 

  67.       $word .= '@*';
    68. 

  68.     }
    69. 

  69.     return new QueryElement('mail', $word);
    70. 

  70.   }
    71. 

  71. }
    72. 

  72.     
    73. 

  73. function standard_query($search) {
    74. 

  74.   
    75. 

  75.   //remove commas and periods
    76. 

  76.   $search = str_replace(',', ' ', $search);
    77. 

  77.   $search = str_replace('.', '*', $search);
    78. 

  78. 

  79.   $query = new JoinAndQuery();
    80. 

  80.   foreach(split(" ", $search) as $word) {
    81. 

  81.     if($word != "") {
    82. 

  82.       $token_query = new LdapOrFilter();
    83. 

  83.       if(strlen($word) == 1) {
    84. 

  84.         //handle the special case of first initials
    85. 

  85.         $query_word = "$word*";
    86. 

  86. 

  87.         //check for first or middle initial
    88. 

  88. 	$token_query->_OR("cn", "$word*");
    89. 

  89. 

  90.         /*****************************************************
    91. 

  91.          * an ugly hack which forces ldap not to ignore spaces
    92. 

  92.          *****************************************************/         
    93. 

  93.         for($cnt = 0; $cnt < 26; $cnt++) {
    94. 

  94.           $chr = chr(ord('a') + $cnt);
    95. 

  95.           $token_query->_OR("cn", "*$chr $word*");
    96. 

  96.         } 
    97. 

  97.         $token_query->_OR("cn", "*-$word*");
    98. 

  98. 

  99.       } else {
    100. 

  100.         $query_word = "*$word*";
    101. 

  101.       }
    102. 

  102.       $token_query
    103. 

  103.         ->_OR('cn', $query_word)
    104. 

  104.         ->_OR('mail', $query_word);
    105. 

  105. 

  106.       //remove all non-digits from phone number before 
    107. 

  107.       //attempting phone number searches
    108. 

  108.       $phone_word = '*' . preg_replace('/\D/', '', $word) . '*';
    109. 

  109.       if(strlen($phone_word) >= 5) {
    110. 

  110.         $token_query
    111. 

  111.           ->_OR('homePhone', $phone_word)
    112. 

  112.           ->_OR('telephoneNumber', $phone_word)
    113. 

  113.           ->_OR('facsimileTelePhonenumber', $phone_word);
    114. 

  114.       } 
    115. 

  115.       $query->_AND($token_query);
    116. 

  116.     }
    117. 

  117.   }
    118. 

  118.   return $query;
    119. 

  119. }
    120. 

  120. 

  121. function do_query($query, $search_results=array()) {
    122. 

  122. 

  123.     $ds = ldap_connect(SERVER) or ldap_die("cannot connect");
    124. 

  124.     if (AUTH == true) {
    125. 

  125. 	$ldapbind = ldap_bind($ds, USER, PASS);
    126. 

  126.     }
    127. 

  127.     //turn off php Warnings, during ldap search
    128. 

  128.     //since it complains about search that go over the limit of 100
    129. 

  129.     $error_reporting = ini_get('error_reporting');
    130. 

  130.     error_reporting($error_reporting & ~E_WARNING);
    131. 

  131.     $sr = ldap_search($ds, DN, $query->out())
    132. 

  132.          or ldap_die("could not search");
    133. 

  133.     error_reporting($error_reporting);
    134. 

  134. 

  135.     $entries = ldap_get_entries($ds, $sr)
    136. 

  136.          or ldap_die("could not get entries");
    137. 

  137. 

  138.     for ($i = 0; $i < $entries["count"]; $i++) {
    139. 

  139.          $entry = $entries[$i];
    140. 

  140. 

  141.          //some ldap entries have no usefull information
    142. 

  142.          //we dont want to return those
    143. 

  143.          if(lkey($entry, "sn", True)) { 
    144. 

  144.            //if one person has multiple ldap records
    145. 

  145.            //this code attempts to combine the data in the records
    146. 

  146.            if($old = $search_results[id_key($entry)]) {
    147. 

  147.            } else {
    148. 

  148.              $old = array();
    149. 

  149.            }
    150. 

  150.            $search_results[id_key($entry)] = array_merge($old, $entry);
    151. 

  151.          }
    152. 

  152.     }
    153. 

  153. 

  154.     return $search_results;
    155. 

  155. }
    156. 

  156. 

  157. 

  158. /*********************************************
    159. 

  159.  *
    160. 

  160.  *  this function compares people by firstname then lastname
    161. 

  161.  *
    162. 

  162.  *********************************************/
    163. 

  163. function compare_people($person1, $person2) {
    164. 

  164.   if($person1['surname'] != $person2['surname']) {
    165. 

  165.     return ($person1['surname'] < $person2['surname']) ? -1 : 1;
    166. 

  166.   } elseif($person1['givenname'] == $person2['givenname']) {
    167. 

  167.     return 0;
    168. 

  168.   } else {
    169. 

  169.     return ($person1['givenname'] < $person2['givenname']) ? -1 : 1;
    170. 

  170.   }
    171. 

  171. }
    172. 

  172. 

  173.     
    174. 

  174. function lookup_username($id) {
    175. 

  175.   if(strstr($id, '=')) {
    176. 

  176.  
    177. 

  177.     //look up person by "dn" (distinct ldap name)
    178. 

  178.     $ds = ldap_connect(SERVER);
    179. 

  179.     $sr = ldap_read($ds, $id, "(objectclass=*)");
    180. 

  180.     $entries = ldap_get_entries($ds, $sr);
    181. 

  181.     return make_person($entries[0]);
    182. 

  182.   } else {
    183. 

  183.     $tmp = do_query(new QueryElement("uid", $id));
    184. 

  184.     foreach($tmp as $key => $first) {
    185. 

  185.       return make_person($first);
    186. 

  186.     }
    187. 

  187.   }
    188. 

  188. }
    189. 

  189. 

  190. function lkey($array, $key, $single=False) {
    191. 

  191.   if($single) {
    192. 

  192.     return $array[$key][0];
    193. 

  193.   } else {
    194. 

  194.     $result = $array[$key];
    195. 

  195.     if($result === NULL) {
    196. 

  196.       return array();
    197. 

  197.     }
    198. 

  198.     unset($result["count"]);
    199. 

  199.     return $result;
    200. 

  200.   }
    201. 

  201. }
    202. 

  202. 

  203. function id_key($info) {
    204. 

  204.   if($username = lkey($info, "uid", True)) {
    205. 

  205.     return $username;
    206. 

  206.   } else {
    207. 

  207.     return $info["dn"];
    208. 

  208.   }
    209. 

  209. }
    210. 

  210. 

  211. function make_person($info) {
    212. 

  212. 

  213.   $person = array(
    214. 

  214.      "surname"     => lkey($info, "sn"),
    215. 

  215.      "givenname"   => lkey($info, "givenname"),
    216. 

  216.      "fullname"    => lkey($info, "cn"),
    217. 

  217.      "title"       => lkey($info, "title"),
    218. 

  218.      "dept"        => lkey($info, "department"),
    219. 

  219.      "affiliation" => lkey($info, "wvuptype"),
    220. 

  220.      "address"     => lkey($info, "postaladdress"),
    221. 

  221.      "homephone"   => lkey($info, "homephone"),
    222. 

  222.      "email"       => lkey($info, "mail"),
    223. 

  223.      "room"        => lkey($info, "roomnumber"),
    224. 

  224.      "id"          => id_key($info),
    225. 

  225.      "telephone"   => lkey($info, "telephonenumber"),
    226. 

  226.      "fax"         => lkey($info, "facsimiletelephonenumber"),
    227. 

  227.      "office"      => lkey($info, "physicaldeliveryofficename")
    228. 

  228.   );
    229. 

  229. 

  230.   foreach($person["office"] as $office) {
    231. 

  231.     if(!in_array($office, $person["room"])) {
    232. 

  232.       $person["room"][] = $office;
    233. 

  233.     }
    234. 

  234.   }
    235. 

  235. 

  236.   return $person;
    237. 

  237. }  
    238. 

  238. 

  239. 

  240. /**                                                  *
    241. 

  241.  *  a series of classes alowing for the construction *
    242. 

  242.  *  of ldap queries                                  *
    243. 

  243.  *                                                   */
    244. 

  244. abstract class LdapQuery {
    245. 

  245.     abstract public function out();
    246. 

  246. 

  247.     public static function escape($str) {
    248. 

  248.         $specials = array("*", "+", "=" , ",");
    249. 

  249.         foreach($specials as $special) {
    250. 

  250.             $str = str_replace($special, "\\" . $special, $str);
    251. 

  251.         }
    252. 

  252.         return $str;
    253. 

  253.     }
    254. 

  254. }
    255. 

  255. 

  256. class LdapQueryList extends LdapQuery {
    257. 

  257. 

  258.     protected $symbol;
    259. 

  259.     protected $queries=array();
    260. 

  260. 

  261.     public function out() {
    262. 

  262.         $out = '(' . $this->symbol;
    263. 

  263.         foreach($this->queries as $query) {
    264. 

  264. 	    $out .= $query->out();
    265. 

  265.         }
    266. 

  266.         $out .= ')';
    267. 

  267.         return $out;
    268. 

  268.     }
    269. 

  269. }   
    270. 

  270.     
    271. 

  271. class QueryElementList extends LdapQueryList {
    272. 

  272.     public function __construct($cond_arr=array()) {
    273. 

  273.         foreach($cond_arr as $field => $value) {
    274. 

  274. 	    $this->add($field, $value);
    275. 

  275.         }
    276. 

  276.     }
    277. 

  277. 

  278.     public function add($field, $value) {
    279. 

  279.          $this->queries[] = new QueryElement($field, $value);
    280. 

  280.          return $this;
    281. 

  281.     }
    282. 

  282. }
    283. 

  283. 

  284. class LdapAndFilter extends QueryElementList {
    285. 

  285.     protected $symbol = '&'; 
    286. 

  286. 

  287.     public function _AND($field, $value) {
    288. 

  288.         return $this->add($field, $value);
    289. 

  289.     }
    290. 

  290. }
    291. 

  291. 

  292. class LdapOrFilter extends QueryElementList {
    293. 

  293.     protected $symbol = '|'; 
    294. 

  294. 

  295.     public function _OR($field, $value) {
    296. 

  296.         return $this->add($field, $value);
    297. 

  297.     }
    298. 

  298. }
    299. 

  299. 

  300. class JoinQuery extends LdapQueryList {
    301. 

  301. 

  302.   public function __construct() {
    303. 

  303.      $this->queries = func_get_args();
    304. 

  304.   }
    305. 

  305. }
    306. 

  306. 

  307. class JoinAndQuery extends JoinQuery {
    308. 

  308.   protected $symbol = '&';
    309. 

  309. 

  310.   public function _AND(LdapQuery $query) {
    311. 

  311.         $this->queries[] = $query;
    312. 

  312.         return $this;
    313. 

  313.   }
    314. 

  314. }
    315. 

  315. 

  316. class JoinOrQuery extends JoinQuery {
    317. 

  317.   protected $symbol = '|';
    318. 

  318. 

  319.   public function _OR(LdapQuery $query) {
    320. 

  320.         $this->queries[] = $query;
    321. 

  321.         return $this;
    322. 

  322.   }
    323. 

  323. }
    324. 

  324. 

  325. 

  326. class QueryElement extends LdapQuery {
    327. 

  327.   protected $field;
    328. 

  328.   protected $value;
    329. 

  329.     
    330. 

  330.   public function __construct($field, $value) {
    331. 

  331.     $this->field = $field;
    332. 

  332.    
    333. 

  333.     //convert all multiple wildcards to a single wildcard
    334. 

  334.     $this->value = preg_replace('/\*+/', '*', $value);
    335. 

  335.   }
    336. 

  336.   
    337. 

  337.   public function out() {
    338. 

  338.     return '(' . $this->field . '=' . $this->value . ')';
    339. 

  339.   }
    340. 

  340. }
    341. 

  341. 

  342. class RawQuery extends LdapQuery {
    343. 

  343.   protected $raw_query;
    344. 

  344.   
    345. 

  345.   public function __construct($raw_query) {
    346. 

  346.     $this->raw_query = $raw_query;
    347. 

  347.   }
    348. 

  348. 

  349.   public function out() {
    350. 

  350.     return $this->raw_query;
    351. 

  351.   }
    352. 

  352. }  
    353. 

  353. 

  354. function ldap_die($message) {
    355. 

  355.   return $message;
    356. 

  356. }
    357. 

  357. 

  358. ?>
    359. 

  359.