[7589] | 1 | <?php |
---|
| 2 | /*********************************************** |
---|
| 3 | * File : searchLDAP.php |
---|
| 4 | * Project : Z-Push |
---|
| 5 | * Descr : A ISearchProvider implementation to |
---|
| 6 | * query a ldap server for GAL |
---|
| 7 | * information. |
---|
| 8 | * |
---|
| 9 | * Created : 03.08.2010 |
---|
| 10 | * |
---|
| 11 | * Copyright 2007 - 2012 Zarafa Deutschland GmbH |
---|
| 12 | * |
---|
| 13 | * This program is free software: you can redistribute it and/or modify |
---|
| 14 | * it under the terms of the GNU Affero General Public License, version 3, |
---|
| 15 | * as published by the Free Software Foundation with the following additional |
---|
| 16 | * term according to sec. 7: |
---|
| 17 | * |
---|
| 18 | * According to sec. 7 of the GNU Affero General Public License, version 3, |
---|
| 19 | * the terms of the AGPL are supplemented with the following terms: |
---|
| 20 | * |
---|
| 21 | * "Zarafa" is a registered trademark of Zarafa B.V. |
---|
| 22 | * "Z-Push" is a registered trademark of Zarafa Deutschland GmbH |
---|
| 23 | * The licensing of the Program under the AGPL does not imply a trademark license. |
---|
| 24 | * Therefore any rights, title and interest in our trademarks remain entirely with us. |
---|
| 25 | * |
---|
| 26 | * However, if you propagate an unmodified version of the Program you are |
---|
| 27 | * allowed to use the term "Z-Push" to indicate that you distribute the Program. |
---|
| 28 | * Furthermore you may use our trademarks where it is necessary to indicate |
---|
| 29 | * the intended purpose of a product or service provided you use it in accordance |
---|
| 30 | * with honest practices in industrial or commercial matters. |
---|
| 31 | * If you want to propagate modified versions of the Program under the name "Z-Push", |
---|
| 32 | * you may only do so if you have a written permission by Zarafa Deutschland GmbH |
---|
| 33 | * (to acquire a permission please contact Zarafa at trademark@zarafa.com). |
---|
| 34 | * |
---|
| 35 | * This program is distributed in the hope that it will be useful, |
---|
| 36 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
---|
| 37 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
---|
| 38 | * GNU Affero General Public License for more details. |
---|
| 39 | * |
---|
| 40 | * You should have received a copy of the GNU Affero General Public License |
---|
| 41 | * along with this program. If not, see <http://www.gnu.org/licenses/>. |
---|
| 42 | * |
---|
| 43 | * Consult LICENSE file for details |
---|
| 44 | ************************************************/ |
---|
| 45 | |
---|
| 46 | require_once("backend/searchldap/config.php"); |
---|
| 47 | |
---|
| 48 | class BackendSearchLDAP implements ISearchProvider { |
---|
| 49 | private $connection; |
---|
| 50 | |
---|
| 51 | /** |
---|
| 52 | * Initializes the backend to perform the search |
---|
| 53 | * Connects to the LDAP server using the values from the configuration |
---|
| 54 | * |
---|
| 55 | * |
---|
| 56 | * @access public |
---|
| 57 | * @return |
---|
| 58 | * @throws StatusException |
---|
| 59 | */ |
---|
| 60 | public function BackendSearchLDAP() { |
---|
| 61 | if (!function_exists("ldap_connect")) |
---|
| 62 | throw new StatusException("BackendSearchLDAP(): php-ldap is not installed. Search aborted.", SYNC_SEARCHSTATUS_STORE_SERVERERROR, null, LOGLEVEL_FATAL); |
---|
| 63 | |
---|
| 64 | // connect to LDAP |
---|
| 65 | $this->connection = @ldap_connect(LDAP_HOST, LDAP_PORT); |
---|
| 66 | @ldap_set_option($this->connection, LDAP_OPT_PROTOCOL_VERSION, 3); |
---|
| 67 | |
---|
| 68 | // Authenticate |
---|
| 69 | if (constant('ANONYMOUS_BIND') === true) { |
---|
| 70 | if(! @ldap_bind($this->connection)) { |
---|
| 71 | $this->connection = false; |
---|
| 72 | throw new StatusException("BackendSearchLDAP(): Could not bind anonymously to server! Search aborted.", SYNC_SEARCHSTATUS_STORE_CONNECTIONFAILED, null, LOGLEVEL_ERROR); |
---|
| 73 | } |
---|
| 74 | } |
---|
| 75 | else if (constant('LDAP_BIND_USER') != "") { |
---|
| 76 | if(! @ldap_bind($this->connection, LDAP_BIND_USER, LDAP_BIND_PASSWORD)) { |
---|
| 77 | $this->connection = false; |
---|
| 78 | throw new StatusException(sprintf("BackendSearchLDAP(): Could not bind to server with user '%s' and specified password! Search aborted.", LDAP_BIND_USER), SYNC_SEARCHSTATUS_STORE_ACCESSDENIED, null, LOGLEVEL_ERROR); |
---|
| 79 | } |
---|
| 80 | } |
---|
| 81 | else { |
---|
| 82 | // it would be possible to use the users login and password to authenticate on the LDAP server |
---|
| 83 | // the main $backend has to keep these values so they could be used here |
---|
| 84 | $this->connection = false; |
---|
| 85 | throw new StatusException("BackendSearchLDAP(): neither anonymous nor default bind enabled. Other options not implemented.", SYNC_SEARCHSTATUS_STORE_CONNECTIONFAILED, null, LOGLEVEL_ERROR); |
---|
| 86 | } |
---|
| 87 | } |
---|
| 88 | |
---|
| 89 | /** |
---|
| 90 | * Indicates if a search type is supported by this SearchProvider |
---|
| 91 | * Currently only the type ISearchProvider::SEARCH_GAL (Global Address List) is implemented |
---|
| 92 | * |
---|
| 93 | * @param string $searchtype |
---|
| 94 | * |
---|
| 95 | * @access public |
---|
| 96 | * @return boolean |
---|
| 97 | */ |
---|
| 98 | public function SupportsType($searchtype) { |
---|
| 99 | return ($searchtype == ISearchProvider::SEARCH_GAL); |
---|
| 100 | } |
---|
| 101 | |
---|
| 102 | |
---|
| 103 | /** |
---|
| 104 | * Queries the LDAP backend |
---|
| 105 | * |
---|
| 106 | * @param string $searchquery string to be searched for |
---|
| 107 | * @param string $searchrange specified searchrange |
---|
| 108 | * |
---|
| 109 | * @access public |
---|
| 110 | * @return array search results |
---|
| 111 | */ |
---|
| 112 | public function GetGALSearchResults($searchquery, $searchrange) { |
---|
| 113 | global $ldap_field_map; |
---|
| 114 | if (isset($this->connection) && $this->connection !== false) { |
---|
| 115 | $searchfilter = str_replace("SEARCHVALUE", $searchquery, LDAP_SEARCH_FILTER); |
---|
| 116 | $result = @ldap_search($this->connection, LDAP_SEARCH_BASE, $searchfilter); |
---|
| 117 | if (!$result) { |
---|
| 118 | ZLog::Write(LOGLEVEL_ERROR, "BackendSearchLDAP: Error in search query. Search aborted"); |
---|
| 119 | return false; |
---|
| 120 | } |
---|
| 121 | |
---|
| 122 | // get entry data as array |
---|
| 123 | $searchresult = ldap_get_entries($this->connection, $result); |
---|
| 124 | |
---|
| 125 | // range for the search results, default symbian range end is 50, wm 99, |
---|
| 126 | // so we'll use that of nokia |
---|
| 127 | $rangestart = 0; |
---|
| 128 | $rangeend = 50; |
---|
| 129 | |
---|
| 130 | if ($searchrange != '0') { |
---|
| 131 | $pos = strpos($searchrange, '-'); |
---|
| 132 | $rangestart = substr($searchrange, 0, $pos); |
---|
| 133 | $rangeend = substr($searchrange, ($pos + 1)); |
---|
| 134 | } |
---|
| 135 | $items = array(); |
---|
| 136 | |
---|
| 137 | // TODO the limiting of the searchresults could be refactored into Utils as it's probably used more than once |
---|
| 138 | $querycnt = $searchresult['count']; |
---|
| 139 | //do not return more results as requested in range |
---|
| 140 | $querylimit = (($rangeend + 1) < $querycnt) ? ($rangeend + 1) : $querycnt; |
---|
| 141 | $items['range'] = $rangestart.'-'.($querycnt-1); |
---|
| 142 | $items['searchtotal'] = $querycnt; |
---|
| 143 | |
---|
| 144 | $rc = 0; |
---|
| 145 | for ($i = $rangestart; $i < $querylimit; $i++) { |
---|
| 146 | foreach ($ldap_field_map as $key=>$value ) { |
---|
| 147 | if (isset($searchresult[$i][$value])) { |
---|
| 148 | if (is_array($searchresult[$i][$value])) |
---|
| 149 | $items[$rc][$key] = $searchresult[$i][$value][0]; |
---|
| 150 | else |
---|
| 151 | $items[$rc][$key] = $searchresult[$i][$value]; |
---|
| 152 | } |
---|
| 153 | } |
---|
| 154 | $rc++; |
---|
| 155 | } |
---|
| 156 | |
---|
| 157 | return $items; |
---|
| 158 | } |
---|
| 159 | else |
---|
| 160 | return false; |
---|
| 161 | } |
---|
| 162 | |
---|
| 163 | /** |
---|
| 164 | * Searches for the emails on the server |
---|
| 165 | * |
---|
| 166 | * @param ContentParameter $cpo |
---|
| 167 | * |
---|
| 168 | * @return array |
---|
| 169 | */ |
---|
| 170 | public function GetMailboxSearchResults($cpo) { |
---|
| 171 | return array(); |
---|
| 172 | } |
---|
| 173 | |
---|
| 174 | /** |
---|
| 175 | * Terminates a search for a given PID |
---|
| 176 | * |
---|
| 177 | * @param int $pid |
---|
| 178 | * |
---|
| 179 | * @return boolean |
---|
| 180 | */ |
---|
| 181 | public function TerminateSearch($pid) { |
---|
| 182 | return true; |
---|
| 183 | } |
---|
| 184 | |
---|
| 185 | /** |
---|
| 186 | * Disconnects from LDAP |
---|
| 187 | * |
---|
| 188 | * @access public |
---|
| 189 | * @return boolean |
---|
| 190 | */ |
---|
| 191 | public function Disconnect() { |
---|
| 192 | if ($this->connection) |
---|
| 193 | @ldap_close($this->connection); |
---|
| 194 | |
---|
| 195 | return true; |
---|
| 196 | } |
---|
| 197 | } |
---|
| 198 | ?> |
---|