1<?php 2/** 3 * PHP LDAP CLASS FOR MANIPULATING ACTIVE DIRECTORY 4 * Version 4.0.4 5 * 6 * PHP Version 5 with SSL and LDAP support 7 * 8 * Written by Scott Barnett, Richard Hyland 9 * email: scott@wiggumworld.com, adldap@richardhyland.com 10 * http://adldap.sourceforge.net/ 11 * 12 * Copyright (c) 2006-2012 Scott Barnett, Richard Hyland 13 * 14 * We'd appreciate any improvements or additions to be submitted back 15 * to benefit the entire community :) 16 * 17 * This library is free software; you can redistribute it and/or 18 * modify it under the terms of the GNU Lesser General Public 19 * License as published by the Free Software Foundation; either 20 * version 2.1 of the License. 21 * 22 * This library is distributed in the hope that it will be useful, 23 * but WITHOUT ANY WARRANTY; without even the implied warranty of 24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 25 * Lesser General Public License for more details. 26 * 27 * @category ToolsAndUtilities 28 * @package adLDAP 29 * @subpackage Utils 30 * @author Scott Barnett, Richard Hyland 31 * @copyright (c) 2006-2012 Scott Barnett, Richard Hyland 32 * @license http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html LGPLv2.1 33 * @revision $Revision: 97 $ 34 * @version 4.0.4 35 * @link http://adldap.sourceforge.net/ 36 */ 37require_once(dirname(__FILE__) . '/../adLDAP.php'); 38 39/** 40* UTILITY FUNCTIONS 41*/ 42class adLDAPUtils { 43 const ADLDAP_VERSION = '4.0.4'; 44 45 /** 46 * The current adLDAP connection via dependency injection 47 * 48 * @var adLDAP 49 */ 50 protected $adldap; 51 52 public function __construct(adLDAP $adldap) { 53 $this->adldap = $adldap; 54 } 55 56 57 /** 58 * Take an LDAP query and return the nice names, without all the LDAP prefixes (eg. CN, DN) 59 * 60 * @param array $groups 61 * @return array 62 */ 63 public function niceNames($groups) 64 { 65 66 $groupArray = array(); 67 for ($i=0; $i<$groups["count"]; $i++){ // For each group 68 $line = $groups[$i]; 69 70 if (strlen($line)>0) { 71 // More presumptions, they're all prefixed with CN= 72 // so we ditch the first three characters and the group 73 // name goes up to the first comma 74 $bits=explode(",", $line); 75 $groupArray[] = substr($bits[0], 3, (strlen($bits[0])-3)); 76 } 77 } 78 return $groupArray; 79 } 80 81 /** 82 * Escape characters for use in an ldap_create function 83 * 84 * @param string $str 85 * @return string 86 */ 87 public function escapeCharacters($str) { 88 $str = str_replace(",", "\,", $str); 89 return $str; 90 } 91 92 /** 93 * Escape strings for the use in LDAP filters 94 * 95 * DEVELOPERS SHOULD BE DOING PROPER FILTERING IF THEY'RE ACCEPTING USER INPUT 96 * Ported from Perl's Net::LDAP::Util escape_filter_value 97 * 98 * @param string $str The string the parse 99 * @author Port by Andreas Gohr <andi@splitbrain.org> 100 * @return string 101 */ 102 public function ldapSlashes($str){ 103 return preg_replace_callback('/([\x00-\x1F\*\(\)\\\\])/', 104 function ($matches) { 105 return "\\\\".join("", unpack("H2", $matches[0])); 106 }, 107 $str); 108 } 109 110 111 /** 112 * Converts a string GUID to a hexdecimal value so it can be queried 113 * 114 * @param string $strGUID A string representation of a GUID 115 * @return string 116 */ 117 public function strGuidToHex($strGUID) 118 { 119 $strGUID = str_replace('-', '', $strGUID); 120 121 $octet_str = '\\' . substr($strGUID, 6, 2); 122 $octet_str .= '\\' . substr($strGUID, 4, 2); 123 $octet_str .= '\\' . substr($strGUID, 2, 2); 124 $octet_str .= '\\' . substr($strGUID, 0, 2); 125 $octet_str .= '\\' . substr($strGUID, 10, 2); 126 $octet_str .= '\\' . substr($strGUID, 8, 2); 127 $octet_str .= '\\' . substr($strGUID, 14, 2); 128 $octet_str .= '\\' . substr($strGUID, 12, 2); 129 //$octet_str .= '\\' . substr($strGUID, 16, strlen($strGUID)); 130 for ($i=16; $i<=(strlen($strGUID)-2); $i++) { 131 if (($i % 2) == 0) { 132 $octet_str .= '\\' . substr($strGUID, $i, 2); 133 } 134 } 135 136 return $octet_str; 137 } 138 139 /** 140 * Convert a binary SID to a text SID 141 * 142 * @param string $binsid A Binary SID 143 * @return string 144 */ 145 public function getTextSID($binsid) { 146 $hex_sid = bin2hex($binsid); 147 $rev = hexdec(substr($hex_sid, 0, 2)); 148 $subcount = hexdec(substr($hex_sid, 2, 2)); 149 $auth = hexdec(substr($hex_sid, 4, 12)); 150 $result = "$rev-$auth"; 151 152 for ($x=0;$x < $subcount; $x++) { 153 $subauth[$x] = 154 hexdec($this->littleEndian(substr($hex_sid, 16 + ($x * 8), 8))); 155 $result .= "-" . $subauth[$x]; 156 } 157 158 // Cheat by tacking on the S- 159 return 'S-' . $result; 160 } 161 162 /** 163 * Converts a little-endian hex number to one that hexdec() can convert 164 * 165 * @param string $hex A hex code 166 * @return string 167 */ 168 public function littleEndian($hex) 169 { 170 $result = ''; 171 for ($x = strlen($hex) - 2; $x >= 0; $x = $x - 2) { 172 $result .= substr($hex, $x, 2); 173 } 174 return $result; 175 } 176 177 /** 178 * Converts a binary attribute to a string 179 * 180 * @param string $bin A binary LDAP attribute 181 * @return string 182 */ 183 public function binaryToText($bin) 184 { 185 $hex_guid = bin2hex($bin); 186 $hex_guid_to_guid_str = ''; 187 for($k = 1; $k <= 4; ++$k) { 188 $hex_guid_to_guid_str .= substr($hex_guid, 8 - 2 * $k, 2); 189 } 190 $hex_guid_to_guid_str .= '-'; 191 for($k = 1; $k <= 2; ++$k) { 192 $hex_guid_to_guid_str .= substr($hex_guid, 12 - 2 * $k, 2); 193 } 194 $hex_guid_to_guid_str .= '-'; 195 for($k = 1; $k <= 2; ++$k) { 196 $hex_guid_to_guid_str .= substr($hex_guid, 16 - 2 * $k, 2); 197 } 198 $hex_guid_to_guid_str .= '-' . substr($hex_guid, 16, 4); 199 $hex_guid_to_guid_str .= '-' . substr($hex_guid, 20); 200 return strtoupper($hex_guid_to_guid_str); 201 } 202 203 /** 204 * Converts a binary GUID to a string GUID 205 * 206 * @param string $binaryGuid The binary GUID attribute to convert 207 * @return string 208 */ 209 public function decodeGuid($binaryGuid) 210 { 211 if ($binaryGuid === null){ return "Missing compulsory field [binaryGuid]"; } 212 213 $strGUID = $this->binaryToText($binaryGuid); 214 return $strGUID; 215 } 216 217 /** 218 * Convert a boolean value to a string 219 * You should never need to call this yourself 220 * 221 * @param bool $bool Boolean value 222 * @return string 223 */ 224 public function boolToStr($bool) 225 { 226 return ($bool) ? 'TRUE' : 'FALSE'; 227 } 228 229 /** 230 * Convert 8bit characters e.g. accented characters to UTF8 encoded characters 231 */ 232 public function encode8Bit(&$item, $key) { 233 $encode = false; 234 if (is_string($item)) { 235 for ($i=0; $i<strlen($item); $i++) { 236 if (ord($item[$i]) >> 7) { 237 $encode = true; 238 } 239 } 240 } 241 if ($encode === true && $key != 'password') { 242 $item = utf8_encode($item); 243 } 244 } 245 246 /** 247 * Get the current class version number 248 * 249 * @return string 250 */ 251 public function getVersion() { 252 return self::ADLDAP_VERSION; 253 } 254 255 /** 256 * Round a Windows timestamp down to seconds and remove the seconds between 1601-01-01 and 1970-01-01 257 * 258 * @param long $windowsTime 259 * @return long $unixTime 260 */ 261 public static function convertWindowsTimeToUnixTime($windowsTime) { 262 $unixTime = round($windowsTime / 10000000) - 11644477200; 263 return $unixTime; 264 } 265} 266 267?> 268