Caution: The documentation you are viewing is
for an older version of Zend Framework.
You can find the documentation of the current version at:
https://docs.zendframework.com/
API overview - Zend_Ldap
The Zend_Ldap component accepts an array of options either supplied to the constructor or through the setOptions() method. The permitted options are as follows:
| Name | Description |
|---|---|
| host | The default hostname of LDAP server if not supplied to connect() (also may be used when trying to canonicalize usernames in bind()). |
| port | Default port of LDAP server if not supplied to connect(). |
| useStartTls | Whether or not the LDAP client should use TLS (aka SSLv2) encrypted transport. A value of TRUE is strongly favored in production environments to prevent passwords from be transmitted in clear text. The default value is FALSE, as servers frequently require that a certificate be installed separately after installation. The useSsl and useStartTls options are mutually exclusive. The useStartTls option should be favored over useSsl but not all servers support this newer mechanism. |
| useSsl | Whether or not the LDAP client should use SSL encrypted transport. The useSsl and useStartTls options are mutually exclusive. |
| username | The default credentials username. Some servers require that this be in DN form. This must be given in DN form if the LDAP server requires a DN to bind and binding should be possible with simple usernames. |
| password | The default credentials password (used only with username above). |
| bindRequiresDn | If TRUE, this instructs Zend_Ldap to retrieve the DN for the account used to bind if the username is not already in DN form. The default value is FALSE. |
| baseDn | The default base DN used for searching (e.g., for accounts). This option is required for most account related operations and should indicate the DN under which accounts are located. |
| accountCanonicalForm | A small integer indicating the form to which account names should be canonicalized. See the Account Name Canonicalization section below. |
| accountDomainName | The FQDN domain for which the target LDAP server is an authority (e.g., example.com). |
| accountDomainNameShort | The 'short' domain for which the target LDAP server is an authority. This is usually used to specify the NetBIOS domain name for Windows networks but may also be used by non-AD servers. |
| accountFilterFormat | The LDAP search filter used to search for accounts. This string is a » sprintf() style expression that must contain one '%s' to accommodate the username. The default value is '(&(objectClass=user)(sAMAccountName=%s))' unless bindRequiresDn is set to TRUE, in which case the default is '(&(objectClass=posixAccount)(uid=%s))'. Users of custom schemas may need to change this option. |
| allowEmptyPassword | Some LDAP servers can be configured to accept an empty string password as an anonymous bind. This behavior is almost always undesirable. For this reason, empty passwords are explicitly disallowed. Set this value to TRUE to allow an empty string password to be submitted during the bind. |
| optReferrals | If set to TRUE, this option indicates to the LDAP client that referrals should be followed. The default value is FALSE. |
| tryUsernameSplit | If set to FALSE, this option indicates that the given username should not be split at the first @ or \ character to separate the username from the domain during the binding-procedure. This allows the user to use usernames that contain an @ or \ character that do not inherit some domain-information, e.g. using email-addresses for binding. The default value is TRUE. |
Note: Method names in italics are static methods.
Zend_Ldap is the base interface into a LDAP server. It provides connection and binding methods as well as methods to operate on the LDAP tree.
| Method | Description |
|---|---|
string filterEscape(string $str) |
Escapes a value to be used in a LDAP filter according to RFC 2254. This method is deprecated, please use Zend_Ldap_Filter_Abstract::escapeValue() instead. |
boolean explodeDn($dn, array &$keys = null, array &$vals =
null)
|
Checks if a given DN $dn is malformed. If $keys or $keys and $vals are given, these arrays will be filled with the appropriate DN keys and values. This method is deprecated, please use Zend_Ldap_Dn::checkDn() instead. |
| __construct($options) | Constructor. The $options parameter is optional and can be set to an array or a Zend_Config instance. If no options are provided at instantiation, the connection parameters must be passed to the instance using Zend_Ldap::setOptions(). The allowed options are specified in Zend_Ldap Options |
resource getResource() |
Returns the raw LDAP extension (ext/ldap) resource. |
integer getLastErrorCode() |
Returns the LDAP error number of the last LDAP command. |
string getLastError(integer &$errorCode, array
&$errorMessages)
|
Returns the LDAP error message of the last LDAP command. The optional $errorCode parameter is set to the LDAP error number when given. The optional $errorMessages array will be filled with the raw error messages when given. The various LDAP error retrieval functions can return different things, so they are all collected if $errorMessages is given. |
Zend_Ldap setOptions($options) |
Sets the LDAP connection and binding parameters. $options can be an array or an instance of Zend_Config. The allowed options are specified in Zend_Ldap Options |
array getOptions() |
Returns the current connection and binding parameters. |
string getBaseDn() |
Returns the base DN this LDAP connection is bound to. |
string getCanonicalAccountName(string $acctname, integer $form)
|
Returns the canonical account name of the given account name $acctname. $form specifies the format into which the account name is canonicalized. See Account Name Canonicalization for more details. |
Zend_Ldap disconnect() |
Disconnects the Zend_Ldap instance from the LDAP server. |
Zend_Ldap connect(string $host, integer $port, boolean $useSsl,
boolean $useStartTls)
|
Connects the Zend_Ldap instance to the given LDAP server. All parameters are optional and will be taken from the LDAP connection and binding parameters passed to the instance via the constructor or via Zend_Ldap::setOptions() when set to NULL. |
Zend_Ldap bind(string $username, string $password)
|
Authenticates $username with
$password at the LDAP server. If both
parameters are omitted the binding will be carried out with the credentials
given in the connection and binding parameters. If no credentials are
given in the connection and binding parameters an anonymous bind
will be performed. Note that this requires anonymous binds to be allowed
on the LDAP server. An empty string '' can
be passed as $password together with a username if, and
only if, allowEmptyPassword is set to
TRUE in the connection and binding parameters.
|
Zend_Ldap_Collection search(string|Zend_Ldap_Filter_Abstract $filter,
string|Zend_Ldap_Dn $basedn, integer $scope, array $attributes, string
$sort, string $collectionClass)
|
Searches the LDAP tree with the given
$filter and the given search parameters.
|
integer count(string|Zend_Ldap_Filter_Abstract
$filter, string|Zend_Ldap_Dn $basedn, integer
$scope)
|
Counts the elements returned by the given search parameters. See Zend_Ldap::search() for a detailed description of the method parameters. |
integer countChildren(string|Zend_Ldap_Dn $dn) |
Counts the direct descendants (children) of the entry identified by the given $dn. |
boolean exists(string|Zend_Ldap_Dn $dn) |
Checks whether the entry identified by the given $dn exists. |
array searchEntries(string|Zend_Ldap_Filter_Abstract
$filter, string|Zend_Ldap_Dn $basedn, integer $scope, array
$attributes, string $sort)
|
Performs a search operation and returns the result as an PHP array. This is essentially the same method as Zend_Ldap::search() except for the return type. See Zend_Ldap::search() for a detailed description of the method parameters. |
array getEntry(string|Zend_Ldap_Dn $dn, array
$attributes, boolean $throwOnNotFound)
|
Retrieves the LDAP entry identified by $dn with the attributes specified in $attributes. if $attributes is ommitted, all attributes ( array()) are included in the result. $throwOnNotFound is FALSE by default, so the method will return NULL if the specified entry cannot be found. If set to TRUE, a Zend_Ldap_Exception will be thrown instead. |
void prepareLdapEntryArray(array
&$entry)
|
Prepare an array for the use in LDAP modification operations. This method does not need to be called by the end-user as it's implicitly called on every data modification method. |
Zend_Ldap add(string|Zend_Ldap_Dn $dn, array
$entry)
|
Adds the entry identified by $dn with its attributes $entry to the LDAP tree. Throws a Zend_Ldap_Exception if the entry could not be added. |
Zend_Ldap update(string|Zend_Ldap_Dn $dn, array $entry)
|
Updates the entry identified by $dn with its attributes $entry to the LDAP tree. Throws a Zend_Ldap_Exception if the entry could not be modified. |
Zend_Ldap save(string|Zend_Ldap_Dn $dn, array $entry)
|
Saves the entry identified by $dn with its attributes $entry to the LDAP tree. Throws a Zend_Ldap_Exception if the entry could not be saved. This method decides by querying the LDAP tree if the entry will be added or updated. |
Zend_Ldap delete(string|Zend_Ldap_Dn $dn, boolean $recursively)
|
Deletes the entry identified by $dn from the LDAP tree. Throws a Zend_Ldap_Exception if the entry could not be deleted. $recursively is FALSE by default. If set to TRUE the deletion will be carried out recursively and will effectively delete a complete subtree. Deletion will fail if $recursively is FALSE and the entry $dn is not a leaf entry. |
Zend_Ldap moveToSubtree(string|Zend_Ldap_Dn $from,
string|Zend_Ldap_Dn $to, boolean $recursively, boolean
$alwaysEmulate)
|
Moves the entry identified by $from to a location below
$to keeping its RDN unchanged.
$recursively specifies if the operation will be
carried out recursively (FALSE by default) so that the
entry $from and all its descendants will be moved.
Moving will fail if $recursively is
FALSE and the entry $from is not a
leaf entry. $alwaysEmulate controls whether the ext/ldap
function ldap_rename() should be used if available.
This can only work for leaf entries and for servers and for ext/ldap
supporting this function. Set to TRUE to always use an
emulated rename operation.
|
Zend_Ldap move(string|Zend_Ldap_Dn $from,
string|Zend_Ldap_Dn $to, boolean $recursively, boolean
$alwaysEmulate)
|
This is an alias for Zend_Ldap::rename(). |
Zend_Ldap rename(string|Zend_Ldap_Dn $from,
string|Zend_Ldap_Dn $to, boolean $recursively, boolean
$alwaysEmulate)
|
Renames the entry identified by $from to $to. $recursively specifies if the operation will be carried out recursively (FALSE by default) so that the entry $from and all its descendants will be moved. Moving will fail if $recursively is FALSE and the entry $from is not a leaf entry. $alwaysEmulate controls whether the ext/ldap function ldap_rename() should be used if available. This can only work for leaf entries and for servers and for ext/ldap supporting this function. Set to TRUE to always use an emulated rename operation. |
Zend_Ldap copyToSubtree(string|Zend_Ldap_Dn $from,
string|Zend_Ldap_Dn $to, boolean $recursively)
|
Copies the entry identified by $from to a location below $to keeping its RDN unchanged. $recursively specifies if the operation will be carried out recursively (FALSE by default) so that the entry $from and all its descendants will be copied. Copying will fail if $recursively is FALSE and the entry $from is not a leaf entry. |
Zend_Ldap copy(string|Zend_Ldap_Dn $from,
string|Zend_Ldap_Dn $to, boolean $recursively)
|
Copies the entry identified by $from to $to. $recursively specifies if the operation will be carried out recursively (FALSE by default) so that the entry $from and all its descendants will be copied. Copying will fail if $recursively is FALSE and the entry $from is not a leaf entry. |
Zend_Ldap_Node getNode(string|Zend_Ldap_Dn $dn) |
Returns the entry $dn wrapped in a Zend_Ldap_Node. |
Zend_Ldap_Node getBaseNode() |
Returns the entry for the base DN $baseDn wrapped in a Zend_Ldap_Node. |
Zend_Ldap_Node_RootDse getRootDse() |
Returns the RootDSE for the current server. |
Zend_Ldap_Node_Schema getSchema() |
Returns the LDAP schema for the current server. |
Zend_Ldap_Collection implements Iterator to
allow for item traversal using foreach() and
Countable to be able to respond to count(). With
its protected _createEntry() method it provides a simple
extension point for developers needing custom result objects.
| Method | Description |
|---|---|
__construct(Zend_Ldap_Collection_Iterator_Interface
$iterator)
|
Constructor. The constrcutor must be provided by a Zend_Ldap_Collection_Iterator_Interface which does the real result iteration. Zend_Ldap_Collection_Iterator_Default is the default implementation for iterating ext/ldap results. |
boolean close() |
Closes the internal iterator. This is also called in the destructor. |
array toArray() |
Returns all entries as an array. |
array getFirst() |
Returns the first entry in the collection or NULL if the collection is empty. |
Zend_Ldap_Attribute is a helper class providing only static methods to manipulate arrays suitable to the structure used in Zend_Ldap data modification methods and to the data format required by the LDAP server. PHP data types are converted the following way:
stringNo conversion will be done.
integer and floatThe value will be converted to a string.
booleanTRUE will be converted to 'TRUE' and FALSE to 'FALSE'
object and arrayThe value will be converted to a string by using serialize().
resourceIf a stream resource is given, the data will be
fetched by calling stream_get_contents().
All other data types (namely non-stream resources) will be ommitted.
On reading attribute values the following conversion will take place:
Converted to TRUE.
Converted to FALSE.
All other strings won't be automatically converted and are passed as they are.
| Method | Description |
|---|---|
void setAttribute(array &$data, string
$attribName, mixed $value, boolean $append)
|
Sets the attribute $attribName in $data to the value $value. If $append is TRUE (FALSE by default) $value will be appended to the attribute. $value can be a scalar value or an array of scalar values. Conversion will take place. |
array|mixed getAttribute(array $data,
string $attribName, integer|null $index)
|
Returns the attribute $attribName from $data. If $index is NULL (default) an array will be returned containing all the values for the given attribute. An empty array will be returned if the attribute does not exist in the given array. If an integer index is specified the corresponding value at the given index will be returned. If the index is out of bounds, NULL will be returned. Conversion will take place. |
boolean attributeHasValue(array &$data,
string $attribName, mixed|array $value)
|
Checks if the attribute $attribName in $data has the value(s) given in $value. The method returns TRUE only if all values in $value are present in the attribute. Comparison is done strictly (respecting the data type). |
void removeDuplicatesFromAttribute(array
&$data, string $attribName)
|
Removes all duplicates from the attribute $attribName in $data. |
void removeFromAttribute(array &$data,
string $attribName, mixed|array $value)
|
Removes the value(s) given in $value from the attribute $attribName in $data. |
string|null convertToLdapValue(mixed
$value)
|
Converts a PHP data type into its LDAP representation. See introduction for details. |
mixed convertFromLdapValue(string
$value)
|
Converts an LDAP value into its PHP data type. See introduction for details. |
string|null
convertToLdapDateTimeValue(integer $value, boolean $utc)
|
Converts a timestamp into its LDAP date/time representation. If $utc is TRUE (FALSE by default) the resulting LDAP date/time string will be in UTC, otherwise a local date/time string will be returned. |
integer|null
convertFromLdapDateTimeValue(string $value)
|
Converts LDAP date/time representation into a timestamp. The method returns NULL if $value can not be converted back into a PHP timestamp. |
void setPassword(array &$data, string
$password, string $hashType, string $attribName)
|
Sets a LDAP password for the attribute
$attribName in $data.
$attribName defaults to 'userPassword'
which is the standard password attribute. The password hash can be
specified with $hashType. The default value here is
Zend_Ldap_Attribute::PASSWORD_HASH_MD5 with
Zend_Ldap_Attribute::PASSWORD_HASH_SHA as the other
possibilty.
|
string createPassword(string $password,
string $hashType)
|
Creates a LDAP password. The password hash can be specified with $hashType. The default value here is Zend_Ldap_Attribute::PASSWORD_HASH_MD5 with Zend_Ldap_Attribute::PASSWORD_HASH_SHA as the other possibilty. |
void setDateTimeAttribute(array &$data,
string $attribName, integer|array $value, boolean $utc, boolean
$append)
|
Sets the attribute $attribName in $data to the date/time value $value. if $append is TRUE (FALSE by default) $value will be appended to the attribute. $value can be an integer value or an array of integers. Date-time-conversion according to Zend_Ldap_Attribute::convertToLdapDateTimeValue() will take place. |
array|integer getDateTimeAttribute(array
$data, string $attribName, integer|null $index)
|
Returns the date/time attribute $attribName from $data. If $index is NULL (default) an array will be returned containing all the date/time values for the given attribute. An empty array will be returned if the attribute does not exist in the given array. If an integer index is specified the corresponding date/time value at the given index will be returned. If the index is out of bounds, NULL will be returned. Date-time-conversion according to Zend_Ldap_Attribute::convertFromLdapDateTimeValue() will take place. |
Zend_Ldap_Dn provides an object-oriented interface to manipulating LDAP distinguished names (DN). The parameter $caseFold that is used in several methods determines the way DN attributes are handled regarding their case. Allowed values for this paraneter are:
No case-folding will be done.
All attributes will be converted to upper-case.
All attributes will be converted to lower-case.
The default case-folding is Zend_Ldap_Dn::ATTR_CASEFOLD_NONE and can be set with Zend_Ldap_Dn::setDefaultCaseFold(). Each instance of Zend_Ldap_Dn can have its own case-folding-setting. If the $caseFold parameter is ommitted in method-calls it defaults to the instance's case-folding setting.
The class implements ArrayAccess to allow indexer-access to the
different parts of the DN. The ArrayAccess-methods proxy to
Zend_Ldap_Dn::get($offset, 1, null) for offsetGet(integer
$offset), to Zend_Ldap_Dn::set($offset, $value) for
offsetSet() and to
Zend_Ldap_Dn::remove($offset, 1) for
offsetUnset(). offsetExists() simply
checks if the index is within the bounds.
| Method | Description |
|---|---|
Zend_Ldap_Dn factory(string|array $dn,
string|null $caseFold)
|
Creates a Zend_Ldap_Dn instance from an array or a string. The array must conform to the array structure detailed under Zend_Ldap_Dn::implodeDn(). |
Zend_Ldap_Dn fromString(string $dn,
string|null $caseFold)
|
Creates a Zend_Ldap_Dn instance from a string. |
Zend_Ldap_Dn fromArray(array $dn,
string|null $caseFold)
|
Creates a Zend_Ldap_Dn instance from an array. The array must conform to the array structure detailed under Zend_Ldap_Dn::implodeDn(). |
array getRdn(string|null $caseFold) |
Gets the RDN of the current DN. The return value is an array with the RDN attribute names its keys and the RDN attribute values. |
string getRdnString(string|null $caseFold) |
Gets the RDN of the current DN. The return value is a string. |
Zend_Ldap_Dn getParentDn(integer $levelUp) |
Gets the DN of the current DN's ancestor
$levelUp levels up the tree. $levelUp
defaults to 1.
|
array get(integer $index, integer $length, string|null
$caseFold)
|
Returns a slice of the current DN determined by
$index and $length.
$index starts with 0 on the DN part from the
left.
|
Zend_Ldap_Dn set(integer $index, array $value) |
Replaces a DN part in the current DN. This operation manipulates the current instance. |
Zend_Ldap_Dn remove(integer $index, integer $length) |
Removes a DN part from the current DN. This operation
manipulates the current instance. $length defaults to
1
|
Zend_Ldap_Dn append(array $value) |
Appends a DN part to the current DN. This operation manipulates the current instance. |
Zend_Ldap_Dn prepend(array $value) |
Prepends a DN part to the current DN. This operation manipulates the current instance. |
Zend_Ldap_Dn insert(integer $index, array $value) |
Inserts a DN part after the index $index to the current DN. This operation manipulates the current instance. |
void setCaseFold(string|null $caseFold) |
Sets the case-folding option to the current DN instance. If $caseFold is NULL the default case-folding setting (Zend_Ldap_Dn::ATTR_CASEFOLD_NONE by default or set via Zend_Ldap_Dn::setDefaultCaseFold() will be set for the current instance. |
string toString(string|null $caseFold) |
Returns DN as a string. |
array toArray(string|null $caseFold) |
Returns DN as an array. |
string __toString() |
Returns DN as a string - proxies to Zend_Ldap_Dn::toString(null). |
void setDefaultCaseFold(string
$caseFold)
|
Sets the default case-folding option used by all instances on creation by default. Already existing instances are not affected by this setting. |
array escapeValue(string|array
$values)
|
Escapes a DN value according to RFC 2253. |
array unescapeValue(string|array
$values)
|
Undoes the conversion done by Zend_Ldap_Dn::escapeValue(). |
array explodeDn(string $dn, array
&$keys, array &$vals, string|null $caseFold)
|
Explodes the DN $dn into an array containing all parts of the given DN. $keys optinally receive DN keys (e.g. CN, OU, DC, ...). $vals optionally receive DN values. The resulting array will be of type
for a DN of |
boolean checkDn(string $dn, array
&$keys, array &$vals, string|null $caseFold)
|
Checks if a given DN $dn is malformed. If $keys or $keys and $vals are given, these arrays will be filled with the appropriate DN keys and values. |
string implodeRdn(array $part, string|null
$caseFold)
|
Returns a DN part in the form
$attribute=$value
|
string implodeDn(array $dnArray,
string|null $caseFold, string $separator)
|
Implodes an array in the form delivered by
Zend_Ldap_Dn::explodeDn() to a DN string.
$separator defaults to |
boolean isChildOf(string|Zend_Ldap_Dn
$childDn, string|Zend_Ldap_Dn $parentDn)
|
Checks if given $childDn is beneath $parentDn subtree. |
| Method | Description |
|---|---|
Zend_Ldap_Filter equals(string $attr,
string $value)
|
Creates an 'equals' filter:
(attr=value).
|
Zend_Ldap_Filter begins(string $attr,
string $value)
|
Creates an 'begins with' filter:
(attr=value*).
|
Zend_Ldap_Filter ends(string $attr, string
$value)
|
Creates an 'ends with' filter:
(attr=*value).
|
Zend_Ldap_Filter contains(string $attr,
string $value)
|
Creates an 'contains' filter:
(attr=*value*).
|
Zend_Ldap_Filter greater(string $attr,
string $value)
|
Creates an 'greater' filter:
(attr>value).
|
Zend_Ldap_Filter greaterOrEqual(string
$attr, string $value)
|
Creates an 'greater or equal' filter:
(attr>=value).
|
Zend_Ldap_Filter less(string $attr, string
$value)
|
Creates an 'less' filter:
(attr<value).
|
Zend_Ldap_Filter lessOrEqual(string $attr,
string $value)
|
Creates an 'less or equal' filter:
(attr<=value).
|
Zend_Ldap_Filter approx(string $attr,
string $value)
|
Creates an 'approx' filter:
(attr~=value).
|
Zend_Ldap_Filter any(string $attr)
|
Creates an 'any' filter: (attr=*). |
Zend_Ldap_Filter string(string
$filter)
|
Creates a simple custom string filter. The user is responsible for all value-escaping as the filter is used as is. |
Zend_Ldap_Filter mask(string $mask, string
$value,...)
|
Creates a filter from a string mask. All $value parameters will be escaped and substituted into $mask by using » sprintf() |
Zend_Ldap_Filter
andFilter(Zend_Ldap_Filter_Abstract $filter,...)
|
Creates an 'and' filter from all arguments given. |
Zend_Ldap_Filter
orFilter(Zend_Ldap_Filter_Abstract $filter,...)
|
Creates an 'or' filter from all arguments given. |
__construct(string $attr, string $value, string
$filtertype, string|null $prepend, string|null
$append)
|
Constructor. Creates an arbitrary filter according to the
parameters supplied. The resulting filter will be a concatenation
$attr . $filtertype . $prepend . $value . $append.
Normally this constructor is not needed as all filters can be
created by using the appropriate factory methods.
|
string toString() |
Returns a string representation of the filter. |
string __toString() |
Returns a string representation of the filter. Proxies to Zend_Ldap_Filter::toString(). |
Zend_Ldap_Filter_Abstract negate() |
Negates the current filter. |
Zend_Ldap_Filter_Abstract
addAnd(Zend_Ldap_Filter_Abstract $filter,...)
|
Creates an 'and' filter from the current filter and all filters passed in as the arguments. |
Zend_Ldap_Filter_Abstract
addOr(Zend_Ldap_Filter_Abstract $filter,...)
|
Creates an 'or' filter from the current filter and all filters passed in as the arguments. |
string|array escapeValue(string|array
$values)
|
Escapes the given $values according to RFC 2254 so that they can be safely used in LDAP filters. If a single string is given, a string is returned - otherwise an array is returned. Any control characters with an ASCII code < 32 as well as the characters with special meaning in LDAP filters "*", "(", ")", and "\" (the backslash) are converted into the representation of a backslash followed by two hex digits representing the hexadecimal value of the character. |
string|array unescapeValue(string|array
$values)
|
Undoes the conversion done by Zend_Ldap_Filter::escapeValue(). Converts any sequences of a backslash followed by two hex digits into the corresponding character. |
Zend_Ldap_Node includes the magic property accessors
__set(), __get(),
__unset() and __isset() to access the
attributes by their name. They proxy to
Zend_Ldap_Node::setAttribute(),
Zend_Ldap_Node::getAttribute(),
Zend_Ldap_Node::deleteAttribute() and
Zend_Ldap_Node::existsAttribute() respectively. Furthermore the
class implements ArrayAccess for array-style-access to the attributes.
Zend_Ldap_Node also implements Iterator and
RecursiveIterato to allow for recursive tree-traversal.
| Method | Description |
|---|---|
Zend_Ldap getLdap() |
Returns the current LDAP connection. Throws Zend_Ldap_Exception if current node is in detached mode (not connected to a Zend_Ldap instance). |
Zend_Ldap_Node attachLdap(Zend_Ldap $ldap) |
Attach the current node to the $ldap Zend_Ldap instance. Throws Zend_Ldap_Exception if $ldap is not responsible for the current node (node is not a child of the $ldap base DN). |
Zend_Ldap_Node detachLdap() |
Detach node from LDAP connection. |
boolean isAttached() |
Checks if the current node is attached to a LDAP connection. |
Zend_Ldap_Node create(string|array|Zend_Ldap_Dn $dn, array
$objectClass)
|
Factory method to create a new detached Zend_Ldap_Node for a given DN. Creates a new Zend_Ldap_Node with the DN $dn and the object-classes $objectClass. |
Zend_Ldap_Node fromLdap(string|array|Zend_Ldap_Dn $dn,
Zend_Ldap $ldap)
|
Factory method to create an attached Zend_Ldap_Node for a given DN. Loads an existing Zend_Ldap_Node with the DN $dn from the LDAP connection $ldap. |
Zend_Ldap_Node fromArray((array $data,
boolean $fromDataSource)
|
Factory method to create a detached Zend_Ldap_Node from array data $data. if $fromDataSource is TRUE (FALSE by default), the data is treated as beeing present in a LDAP tree. |
boolean isNew() |
Tells if the node is consiedered as new (not present on the server). Please note, that this doesn't tell if the node is really present on the server. Use Zend_Ldap_Node::exists() to see if a node is already there. |
boolean willBeDeleted() |
Tells if this node is going to be deleted once Zend_Ldap_Node::update() is called. |
Zend_Ldap_Node delete() |
Marks this node as to be deleted. Node will be deleted on calling Zend_Ldap_Node::update() if Zend_Ldap_Node::willBeDeleted() is TRUE. |
boolean willBeMoved() |
Tells if this node is going to be moved once Zend_Ldap_Node::update() is called. |
Zend_Ldap_Node update(Zend_Ldap $ldap) |
Sends all pending changes to the LDAP server. If $ldap is omitted the current LDAP connection is used. If the current node is detached from a LDAP connection a Zend_Ldap_Exception will be thrown. If $ldap is provided the current node will be attached to the given LDAP connection. |
Zend_Ldap_Dn getCurrentDn() |
Gets the current DN of the current node as a Zend_Ldap_Dn. This does not reflect possible rename-operations. |
Zend_Ldap_Dn getDn() |
Gets the original DN of the current node as a Zend_Ldap_Dn. This reflects possible rename-operations. |
string getDnString(string $caseFold) |
Gets the original DN of the current node as a string. This reflects possible rename-operations. |
array getDnArray(string $caseFold) |
Gets the original DN of the current node as an array. This reflects possible rename-operations. |
string getRdnString(string $caseFold) |
Gets the RDN of the current node as a string. This reflects possible rename-operations. |
array getRdnArray(string $caseFold) |
Gets the RDN of the current node as an array. This reflects possible rename-operations. |
Zend_Ldap_Node setDn(Zend_Ldap_Dn|string|array $newDn)
|
Sets the new DN for this node effectively moving the node once Zend_Ldap_Node::update() is called. |
Zend_Ldap_Node move(Zend_Ldap_Dn|string|array $newDn)
|
This is an alias for Zend_Ldap_Node::setDn(). |
Zend_Ldap_Node rename(Zend_Ldap_Dn|string|array $newDn)
|
This is an alias for Zend_Ldap_Node::setDn(). |
array getObjectClass() |
Returns the objectClass of the node. |
Zend_Ldap_Node setObjectClass(array|string $value) |
Sets the objectClass attribute. |
Zend_Ldap_Node appendObjectClass(array|string $value)
|
Appends to the objectClass attribute. |
string toLdif(array $options) |
Returns a LDIF representation of the current node. $options will be passed to the Zend_Ldap_Ldif_Encoder. |
array getChangedData() |
Gets changed node data. The array contains all changed attributes. This format can be used in Zend_Ldap::add() and Zend_Ldap::update(). |
array getChanges() |
Returns all changes made. |
string toString() |
Returns the DN of the current node - proxies to Zend_Ldap_Dn::getDnString(). |
string __toString() |
Casts to string representation - proxies to Zend_Ldap_Dn::toString(). |
array toArray(boolean $includeSystemAttributes) |
Returns an array representation of the current node. If
$includeSystemAttributes is FALSE
(defaults to TRUE) the system specific attributes are
stripped from the array. Unlike
Zend_Ldap_Node::getAttributes() the resulting array
contains the DN with key 'dn'.
|
string toJson(boolean $includeSystemAttributes) |
Returns a JSON representation of the current node using Zend_Ldap_Node::toArray(). |
array getData(boolean $includeSystemAttributes) |
Returns the node's attributes. The array contains all attributes in its internal format (no conversion). |
boolean existsAttribute(string $name, boolean $emptyExists)
|
Checks whether a given attribute exists. If $emptyExists is FALSE empty attributes (containing only array()) are treated as non-existent returning FALSE. If $emptyExists is TRUE empty attributes are treated as existent returning TRUE. In this case the method returns FALSE only if the attribute name is missing in the key-collection. |
boolean attributeHasValue(string $name, mixed|array $value)
|
Checks if the given value(s) exist in the attribute. The method returns TRUE only if all values in $value are present in the attribute. Comparison is done strictly (respecting the data type). |
integer count() |
Returns the number of attributes in the node. Implements Countable. |
mixed getAttribute(string $name, integer|null $index)
|
Gets a LDAP attribute. Data conversion is applied using Zend_Ldap_Attribute::getAttribute(). |
array getAttributes(boolean $includeSystemAttributes)
|
Gets all attributes of node. If $includeSystemAttributes is FALSE (defaults to TRUE) the system specific attributes are stripped from the array. |
Zend_Ldap_Node setAttribute(string $name, mixed $value)
|
Sets a LDAP attribute. Data conversion is applied using Zend_Ldap_Attribute::setAttribute(). |
Zend_Ldap_Node appendToAttribute(string $name, mixed $value)
|
Appends to a LDAP attribute. Data conversion is applied using Zend_Ldap_Attribute::setAttribute(). |
array|integer getDateTimeAttribute(string $name,
integer|null $index)
|
Gets a LDAP date/time attribute. Data conversion is applied using Zend_Ldap_Attribute::getDateTimeAttribute(). |
Zend_Ldap_Node setDateTimeAttribute(string $name,
integer|array $value, boolean $utc)
|
Sets a LDAP date/time attribute. Data conversion is applied using Zend_Ldap_Attribute::setDateTimeAttribute(). |
Zend_Ldap_Node appendToDateTimeAttribute(string $name,
integer|array $value, boolean $utc)
|
Appends to a LDAP date/time attribute. Data conversion is applied using Zend_Ldap_Attribute::setDateTimeAttribute(). |
Zend_Ldap_Node setPasswordAttribute(string $password,
string $hashType, string $attribName)
|
Sets a LDAP password on $attribName
(defaults to 'userPassword') to $password
with the hash type $hashType (defaults to
Zend_Ldap_Attribute::PASSWORD_HASH_MD5).
|
Zend_Ldap_Node deleteAttribute(string $name) |
Deletes a LDAP attribute. |
void removeDuplicatesFromAttribute(string$name) |
Removes duplicate values from a LDAP attribute. |
void removeFromAttribute(string $attribName,
mixed|array $value)
|
Removes the given values from a LDAP attribute. |
boolean exists(Zend_Ldap $ldap) |
Checks if the current node exists on the given LDAP server (current server is used if NULL is passed). |
Zend_Ldap_Node reload(Zend_Ldap $ldap) |
Reloads the current node's attributes from the given LDAP server (current server is used if NULL is passed). |
Zend_Ldap_Node_Collection
searchSubtree(string|Zend_Ldap_Filter_Abstract $filter, integer
$scope, string $sort)
|
Searches the nodes's subtree with the given $filter and the given search parameters. See Zend_Ldap::search() for details on the parameters $scope and $sort. |
integer countSubtree(string|Zend_Ldap_Filter_Abstract
$filter, integer $scope)
|
Count the nodes's subtree items matching the given $filter and the given search scope. See Zend_Ldap::search() for details on the $scope parameter. |
integer countChildren() |
Count the nodes's children. |
Zend_Ldap_Node_Collection
searchChildren(string|Zend_Ldap_Filter_Abstract $filter, string
$sort)
|
Searches the nodes's children matching the given $filter. See Zend_Ldap::search() for details on the $sort parameter. |
boolean hasChildren() |
Returns whether the current node has children. |
Zend_Ldap_Node_ChildrenIterator getChildren() |
Returns all children of the current node. |
Zend_Ldap_Node getParent(Zend_Ldap $ldap) |
Returns the parent of the current node using the LDAP connection $ldap (uses the current LDAP connection if omitted). |
The following methods are available on all vendor-specific subclasses.
Zend_Ldap_Node_RootDse includes the magic property accessors
__get() and __isset() to access the
attributes by their name. They proxy to
Zend_Ldap_Node_RootDse::getAttribute() and
Zend_Ldap_Node_RootDse::existsAttribute() respectively.
__set() and __unset() are also implemented
but they throw a BadMethodCallException as modifications are not allowed on
RootDSE nodes. Furthermore the class implements ArrayAccess for
array-style-access to the attributes. offsetSet() and
offsetUnset() also throw a BadMethodCallException due
ro obvious reasons.
| Method | Description |
|---|---|
Zend_Ldap_Dn getDn() |
Gets the DN of the current node as a Zend_Ldap_Dn. |
string getDnString(string $caseFold) |
Gets the DN of the current node as a string. |
array getDnArray(string $caseFold) |
Gets the DN of the current node as an array. |
string getRdnString(string $caseFold) |
Gets the RDN of the current node as a string. |
array getRdnArray(string $caseFold) |
Gets the RDN of the current node as an array. |
array getObjectClass() |
Returns the objectClass of the node. |
string toString() |
Returns the DN of the current node - proxies to Zend_Ldap_Dn::getDnString(). |
string __toString() |
Casts to string representation - proxies to Zend_Ldap_Dn::toString(). |
array toArray(boolean $includeSystemAttributes) |
Returns an array representation of the current node. If
$includeSystemAttributes is FALSE
(defaults to TRUE) the system specific attributes are
stripped from the array. Unlike
Zend_Ldap_Node_RootDse::getAttributes() the
resulting array contains the DN with key 'dn'.
|
string toJson(boolean $includeSystemAttributes) |
Returns a JSON representation of the current node using Zend_Ldap_Node_RootDse::toArray(). |
array getData(boolean $includeSystemAttributes) |
Returns the node's attributes. The array contains all attributes in its internal format (no conversion). |
boolean existsAttribute(string $name, boolean $emptyExists)
|
Checks whether a given attribute exists. If $emptyExists is FALSE, empty attributes (containing only array()) are treated as non-existent returning FALSE. If $emptyExists is TRUE, empty attributes are treated as existent returning TRUE. In this case the method returns FALSE only if the attribute name is missing in the key-collection. |
boolean attributeHasValue(string $name, mixed|array $value)
|
Checks if the given value(s) exist in the attribute. The method returns TRUE only if all values in $value are present in the attribute. Comparison is done strictly (respecting the data type). |
integer count() |
Returns the number of attributes in the node. Implements Countable. |
mixed getAttribute(string $name, integer|null $index)
|
Gets a LDAP attribute. Data conversion is applied using Zend_Ldap_Attribute::getAttribute(). |
array getAttributes(boolean $includeSystemAttributes)
|
Gets all attributes of node. If $includeSystemAttributes is FALSE (defaults to TRUE) the system specific attributes are stripped from the array. |
array|integer getDateTimeAttribute(string $name,
integer|null $index)
|
Gets a LDAP date/time attribute. Data conversion is applied using Zend_Ldap_Attribute::getDateTimeAttribute(). |
Zend_Ldap_Node_RootDse reload(Zend_Ldap $ldap) |
Reloads the current node's attributes from the given LDAP server. |
Zend_Ldap_Node_RootDse create(Zend_Ldap
$ldap)
|
Factory method to create the RootDSE. |
array getNamingContexts() |
Gets the namingContexts. |
string|null getSubschemaSubentry() |
Gets the subschemaSubentry. |
boolean supportsVersion(string|int|array $versions) |
Determines if the LDAP version is supported. |
boolean supportsSaslMechanism(string|array $mechlist)
|
Determines if the sasl mechanism is supported. |
integer getServerType() |
Gets the server type. Returns
|
Zend_Ldap_Dn getSchemaDn() |
Returns the schema DN. |
Additionally the common methods above apply to instances of Zend_Ldap_Node_RootDse_OpenLdap.
Note: Refer to » LDAP Operational Attributes and Objectsfor information on the attributes of OpenLDAP RootDSE.
| Method | Description |
|---|---|
integer getServerType() |
Gets the server type. Returns Zend_Ldap_Node_RootDse::SERVER_TYPE_OPENLDAP |
string|null getConfigContext() |
Gets the configContext. |
string|null getMonitorContext() |
Gets the monitorContext. |
boolean supportsControl(string|array $oids) |
Determines if the control is supported. |
boolean supportsExtension(string|array $oids) |
Determines if the extension is supported. |
boolean supportsFeature(string|array $oids) |
Determines if the feature is supported. |
Additionally the common methods above apply to instances of Zend_Ldap_Node_RootDse_ActiveDirectory.
Note: Refer to » RootDSEfor information on the attributes of Microsoft ActiveDirectory RootDSE.
| Method | Description |
|---|---|
integer getServerType() |
Gets the server type. Returns Zend_Ldap_Node_RootDse::SERVER_TYPE_ACTIVEDIRECTORY |
string|null getConfigurationNamingContext() |
Gets the configurationNamingContext. |
string|null getCurrentTime() |
Gets the currentTime. |
string|null getDefaultNamingContext() |
Gets the defaultNamingContext. |
string|null getDnsHostName() |
Gets the dnsHostName. |
string|null getDomainControllerFunctionality() |
Gets the domainControllerFunctionality. |
string|null getDomainFunctionality() |
Gets the domainFunctionality. |
string|null getDsServiceName() |
Gets the dsServiceName. |
string|null getForestFunctionality() |
Gets the forestFunctionality. |
string|null getHighestCommittedUSN() |
Gets the highestCommittedUSN. |
string|null getIsGlobalCatalogReady() |
Gets the isGlobalCatalogReady. |
string|null getIsSynchronized() |
Gets the isSynchronized. |
string|null getLdapServiceName() |
Gets the ldapServiceName. |
string|null getRootDomainNamingContext() |
Gets the rootDomainNamingContext. |
string|null getSchemaNamingContext() |
Gets the schemaNamingContext. |
string|null getServerName() |
Gets the serverName. |
boolean supportsCapability(string|array $oids) |
Determines if the capability is supported. |
boolean supportsControl(string|array $oids) |
Determines if the control is supported. |
boolean supportsPolicy(string|array $policies) |
Determines if the version is supported. |
Additionally the common methods above apply to instances of
Zend_Ldap_Node_RootDse_eDirectory.
Note: Refer to » Getting Information about the LDAP Serverfor information on the attributes of Novell eDirectory RootDSE.
| Method | Description |
|---|---|
integer getServerType() |
Gets the server type. Returns Zend_Ldap_Node_RootDse::SERVER_TYPE_EDIRECTORY |
boolean supportsExtension(string|array $oids) |
Determines if the extension is supported. |
string|null getVendorName() |
Gets the vendorName. |
string|null getVendorVersion() |
Gets the vendorVersion. |
string|null getDsaName() |
Gets the dsaName. |
string|null getStatisticsErrors() |
Gets the server statistics "errors". |
string|null getStatisticsSecurityErrors() |
Gets the server statistics "securityErrors". |
string|null getStatisticsChainings() |
Gets the server statistics "chainings". |
string|null getStatisticsReferralsReturned() |
Gets the server statistics "referralsReturned". |
string|null getStatisticsExtendedOps() |
Gets the server statistics "extendedOps". |
string|null getStatisticsAbandonOps() |
Gets the server statistics "abandonOps". |
string|null getStatisticsWholeSubtreeSearchOps() |
Gets the server statistics "wholeSubtreeSearchOps". |
The following methods are available on all vendor-specific subclasses.
Zend_Ldap_Node_Schema includes the magic property accessors
__get() and __isset() to access the attributes by their
name. They proxy to Zend_Ldap_Node_Schema::getAttribute() and
Zend_Ldap_Node_Schema::existsAttribute() respectively.
__set() and __unset() are also implemented, but they throw
a BadMethodCallException as modifications are not allowed on RootDSE
nodes. Furthermore the class implements ArrayAccess for
array-style-access to the attributes. offsetSet() and
offsetUnset() also throw a BadMethodCallException due to
obvious reasons.
| Method | Description |
|---|---|
Zend_Ldap_Dn getDn() |
Gets the DN of the current node as a Zend_Ldap_Dn. |
string getDnString(string $caseFold) |
Gets the DN of the current node as a string. |
array getDnArray(string $caseFold) |
Gets the DN of the current node as an array. |
string getRdnString(string $caseFold) |
Gets the RDN of the current node as a string. |
array getRdnArray(string $caseFold) |
Gets the RDN of the current node as an array. |
array getObjectClass() |
Returns the objectClass of the node. |
string toString() |
Returns the DN of the current node - proxies to
Zend_Ldap_Dn::getDnString().
|
string __toString() |
Casts to string representation - proxies to
Zend_Ldap_Dn::toString().
|
array toArray(boolean $includeSystemAttributes) |
Returns an array representation of the current node. If
$includeSystemAttributes is FALSE
(defaults to TRUE), the system specific attributes are
stripped from the array. Unlike
Zend_Ldap_Node_Schema::getAttributes(), the resulting
array contains the DN with key 'dn'.
|
string toJson(boolean $includeSystemAttributes) |
Returns a JSON representation of the current node using
Zend_Ldap_Node_Schema::toArray().
|
array getData(boolean $includeSystemAttributes) |
Returns the node's attributes. The array contains all attributes in its internal format (no conversion). |
boolean existsAttribute(string $name, boolean $emptyExists)
|
Checks whether a given attribute exists. If
$emptyExists is FALSE, empty attributes
(containing only array()) are treated as non-existent returning
FALSE. If $emptyExists is
TRUE, empty attributes are treated as existent
returning TRUE. In this case the method returns
FALSE only if the attribute name is missing in the
key-collection.
|
boolean attributeHasValue(string $name, mixed|array $value)
|
Checks if the given value(s) exist in the attribute. The
method returns TRUE only if all values in
$value are present in the attribute. Comparison is
done strictly (respecting the data type).
|
integer count() |
Returns the number of attributes in the node. Implements Countable. |
mixed getAttribute(string $name, integer|null $index)
|
Gets a LDAP attribute. Data conversion is applied using
Zend_Ldap_Attribute::getAttribute().
|
array getAttributes(boolean $includeSystemAttributes)
|
Gets all attributes of node. If
$includeSystemAttributes is FALSE
(defaults to TRUE) the system specific attributes are
stripped from the array.
|
array|integer getDateTimeAttribute(string $name,
integer|null $index)
|
Gets a LDAP date/time attribute. Data conversion is
applied using Zend_Ldap_Attribute::getDateTimeAttribute().
|
Zend_Ldap_Node_Schema reload(Zend_Ldap $ldap)
|
Reloads the current node's attributes from the given LDAP server. |
Zend_Ldap_Node_Schema create(Zend_Ldap
$ldap)
|
Factory method to create the Schema node. |
array getAttributeTypes() |
Gets the attribute types as an array of |
array getObjectClasses() |
Gets the object classes as an array of
Zend_Ldap_Node_Schema_ObjectClass_Interface.
|
| Method | Description |
|---|---|
string getName() |
Gets the attribute name. |
string getOid() |
Gets the attribute OID. |
string getSyntax() |
Gets the attribute syntax. |
int|null getMaxLength() |
Gets the attribute maximum length. |
boolean isSingleValued() |
Returns if the attribute is single-valued. |
string getDescription() |
Gets the attribute description |
| Method | Description |
|---|---|
string getName() |
Returns the objectClass name. |
string getOid() |
Returns the objectClass OID. |
array getMustContain() |
Returns the attributes that this objectClass must contain. |
array getMayContain() |
Returns the attributes that this objectClass may contain. |
string getDescription() |
Returns the attribute description |
integer getType() |
Returns the objectClass type. The method returns one of the following
values:
|
array getParentClasses() |
Returns the parent objectClasses of this class. This includes structural, abstract and auxiliary objectClasses. |
Classes representing attribute types and object classes extend
Zend_Ldap_Node_Schema_Item which provides some core methods to access
arbitrary attributes on the underlying LDAP node.
Zend_Ldap_Node_Schema_Item includes the magic property accessors
__get() and __isset() to access the attributes by their
name. Furthermore the class implements ArrayAccess for
array-style-access to the attributes. offsetSet() and
offsetUnset() throw a BadMethodCallException as
modifications are not allowed on schema information nodes.
| Method | Description |
|---|---|
array getData() |
Gets all the underlying data from the schema information node. |
integer count() |
Returns the number of attributes in this schema information node. Implements Countable. |
Additionally the common methods above apply to instances of
Zend_Ldap_Node_Schema_OpenLDAP.
| Method | Description |
|---|---|
array getLdapSyntaxes() |
Gets the LDAP syntaxes. |
array getMatchingRules() |
Gets the matching rules. |
array getMatchingRuleUse() |
Gets the matching rule use. |
| Method | Description |
|---|---|
Zend_Ldap_Node_Schema_AttributeType_OpenLdap|null
getParent()
|
Returns the parent attribute type in the inheritance tree if one exists. |
| Method | Description |
|---|---|
array getParents() |
Returns the parent object classes in the inheritance
tree if one exists. The returned array is an array of
Zend_Ldap_Node_Schema_ObjectClass_OpenLdap.
|
Note: Schema browsing on ActiveDirectory servers
Due to restrictions on Microsoft ActiveDirectory servers regarding the number of entries returned by generic search routines and due to the structure of the ActiveDirectory schema repository, schema browsing is currently not available for Microsoft ActiveDirectory servers.
Zend_Ldap_Node_Schema_ActiveDirectory does not provide any
additional methods.
Zend_Ldap_Node_Schema_AttributeType_ActiveDirectory
does not provide any additional methods.
|
Zend_Ldap_Node_Schema_ObjectClass_ActiveDirectory
does not provide any additional methods.
|
| Method | Description |
|---|---|
array decode(string $string)
|
Decodes the string $string into an array of LDIF items. |
string encode(scalar|array|Zend_Ldap_Node
$value, array $options)
|
Encode $value into a LDIF
representation. $options is an array that may contain the
following keys:
|
