本文整理汇总了PHP中ldap_err2str函数的典型用法代码示例。如果您正苦于以下问题:PHP ldap_err2str函数的具体用法?PHP ldap_err2str怎么用?PHP ldap_err2str使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了ldap_err2str函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: __construct
public function __construct($message, $handler, $extra_error = null)
{
$this->handler = $handler;
$err_no = ldap_errno($handler);
$message = sprintf("ERROR %s. LDAP ERROR (%s) -- %s --. %s", $message, $err_no, ldap_err2str($err_no), ldap_error($handler), is_null($extra_error) ? '' : $extra_error);
parent::__construct($message, $err_no);
}示例2: __construct
function __construct($arg, $code = 0)
{
if (is_resource($arg)) {
$errno = ldap_errno($arg);
$msg = ldap_err2str($errno);
} else {
$errno = $code;
$msg = $arg;
}
error_log("LDAP Error {$errno}: {$msg}");
parent::__construct($msg, $errno);
}示例3: authenticate
function authenticate($params)
{
assert('isset($params["user"]) && isset($params["password"])');
$con = false;
if (($domain = getConfiguration('auth.ldap.domain')) !== false) {
$port = (int) getConfiguration('auth.ldap.port', self::LDAP_DEFAULT_PORT);
$con = ldap_connect($domain, $port);
}
if ($con === false) {
throw new Exception(__METHOD__ . ": Failed to connect to {$domain} in port {$port}");
}
$authUser = $user = $this->ldap_escape($params['user']);
$pass = $this->ldap_escape($params['password']);
$ldapDomainName = getConfiguration('auth.ldap.domain.name');
if ($ldapDomainName) {
$authUser = $ldapDomainName . '\\' . $authUser;
}
debug(__METHOD__ . ": Trying to authenticate {$authUser} against {$domain}");
if (ldap_bind($con, $authUser, $pass)) {
// We're assuming that the email used is as the user name
$email = $email = Utils::buildEmail($user);
// Close the connection - we don't need it any more
ldap_unbind($con);
// Fetch contact
$contact = DatabaseHelper::getInstance()->getContactByEmail($email);
if ($contact !== false) {
return array('Id' => $contact['Id'], 'Role' => $contact['Role']);
} else {
// Contact is not in the database - we better create it
// TODO: Put the option to read data
return array('Id' => DatabaseHelper::getInstance()->addContact('', '', $email, ROLE_IDENTIFIED), 'Role' => ROLE_IDENTIFIED);
}
} else {
$errCode = ldap_errno($con);
if ($errCode == self::LDAP_INAPPROPRIATE_AUTH || $errCode == self::LDAP_INVALID_CREDENTIALS) {
// Invalid credentials - simply fail
return false;
}
// Internal error
throw new Exception(__METHOD__ . " : LDAP error: " . ldap_err2str($errCode));
}
}示例4: authenticate
/**
* Authenticate user again LDAP directory (Bind)
* 2 options :
* Authenticate directly with uname in the DN
* Authenticate with manager, search the dn
*
* @param string $uname Username
* @param string $pwd Password
*
* @return bool
*/
public function authenticate($uname, $pwd = null)
{
$authenticated = false;
if (!extension_loaded('ldap')) {
$this->setErrors(0, _AUTH_LDAP_EXTENSION_NOT_LOAD);
return $authenticated;
}
$this->_ds = ldap_connect($this->ldap_server, $this->ldap_port);
if ($this->_ds) {
ldap_set_option($this->_ds, LDAP_OPT_PROTOCOL_VERSION, $this->ldap_version);
ldap_set_option($this->_ds, LDAP_OPT_REFERRALS, 0);
if ($this->ldap_use_TLS) {
// We use TLS secure connection
if (!ldap_start_tls($this->_ds)) {
$this->setErrors(0, _AUTH_LDAP_START_TLS_FAILED);
}
}
// If the uid is not in the DN we proceed to a search
// The uid is not always in the dn
$userUPN = $this->getUPN($uname);
if (!$userUPN) {
return false;
}
// We bind as user to test the credentials
$authenticated = ldap_bind($this->_ds, $userUPN, $this->cp1252_to_utf8(stripslashes($pwd)));
if ($authenticated) {
// We load the User database
$dn = $this->getUserDN($uname);
if ($dn) {
return $this->loadicms_member_user_Object($dn, $uname, $pwd);
} else {
return false;
}
} else {
$this->setErrors(ldap_errno($this->_ds), ldap_err2str(ldap_errno($this->_ds)) . '(' . $userUPN . ')');
}
} else {
$this->setErrors(0, _AUTH_LDAP_SERVER_NOT_FOUND);
}
@ldap_close($this->_ds);
return $authenticated;
}示例5: moveuser
function moveuser()
{
$u = new user($_POST["userid"]);
$dn = $u->dn;
$gplist = $u->Groups_list();
if (preg_match("#^(.+?),#", $dn, $re)) {
$newRdn = $re[1];
} else {
$newRdn = "cn={$_POST["userid"]}";
}
$ldap = new clladp();
$newParent = "ou=users,ou={$_POST["nextou"]},dc=organizations,{$ldap->suffix}";
if (!ldap_rename($ldap->ldap_connection, $dn, $newRdn, $newParent, true)) {
echo 'Error number ' . ldap_errno($ldap->ldap_connection) . "\nAction:LDAP Ldap_rename\ndn:{$dn} -> {$newRdn},{$newParent}\n" . ldap_err2str(ldap_errno($ldap->ldap_connection));
return;
}
while (list($gid, $name) = each($gplist)) {
$gp = new groups($gid);
$gp->DeleteUserFromThisGroup($_POST["userid"]);
}
}示例6: delete_ldap
function delete_ldap($dn, $connect, $recursive = false)
{
if ($recursive == false) {
if (!@ldap_delete($connect, $dn)) {
echo "Deleting {$dn}...\n";
echo "ERROR: ldap_delete \"{$dn}\"" . ldap_err2str(ldap_errno($connect)) . "\n";
return false;
}
}
$sr = @ldap_list($connect, $dn, "ObjectClass=*");
if ($sr) {
$info = @ldap_get_entries($connect, $sr);
for ($i = 0; $i < $info['count']; $i++) {
$result = delete_ldap($info[$i]['dn'], $connect, $recursive);
if (!$result) {
return $result;
}
}
return delete_ldap($dn, $connect, false);
}
}示例7: __construct
public function __construct(Ldap $link, $result = null)
{
$this->result = $result;
if (is_resource($result)) {
// Get the status code, matched DN and referrals from the response
ldap_parse_result($link->resource(), $result, $this->code, $this->matchedDN, $this->message, $this->referrals);
// Get the string representation of the status code
$this->message = ldap_err2str($this->code);
// Extract the data from the resource
$this->data = ldap_get_entries($link->resource(), $result);
$this->data = $this->cleanup_result($this->data);
// Remove the referrals array if there's nothing inside
count($this->referrals) == 0 && ($this->referrals = null);
// Try to extract pagination cookie and estimated number of objects to be returned
// Since there's no way to tell if pagination has been enabled or not, I am suppressing php errors
@ldap_control_paged_result_response($link->resource(), $result, $this->cookie, $this->estimated);
} else {
$this->code = ldap_errno($link->resource());
$this->message = ldap_error($link->resource());
}
// Active Directory conceals some additional error codes in the ErrorMessage of the response
// that we cannot get to with ldap_errno() in authentication failures - let's try to
// extract them!
if ($this->code == 49) {
$message = null;
ldap_get_option($link->resource(), Option::ErrorString, $message);
if (stripos($message, 'AcceptSecurityContext') !== false) {
$message = explode(', ', $message);
end($message);
$message = prev($message);
$this->code = explode(' ', $message)[1];
// For compatibility reasons with standard ldap, if the error code
// is 52e let's replace it with 49 ( their meanings are equal, it's just
// Microsoft doing it its own way again )
if ($this->code == '52e') {
$this->code = ResponseCode::InvalidCredentials;
}
}
}
}示例8: bindCheck
function bindCheck($username, $password)
{
if (!function_exists("ldap_connect")) {
$this->errorString = "This PHP doesn't support LDAP, check the result of infophp() function.";
return false;
}
$this->errorString = "";
if (!$this->isActive) {
$this->errorString = "LDAP Setting isn't supplied.";
return false;
}
if (!$username || !$password) {
$this->errorString = "Account Info isn't supplied.";
return false;
}
$ds = ldap_connect($this->server, $this->port);
if (!$ds) {
$this->errorString = ldap_err2str(ldap_errno($ds));
return false;
}
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
$rdn = "{$this->accountKey}={$username},{$this->container},{$this->base}";
try {
$currentErrorReporting = error_reporting();
error_reporting(0);
$r = ldap_bind($ds, $rdn, $password);
error_reporting($currentErrorReporting);
} catch (Exception $e) {
$this->errorString = ldap_err2str(ldap_errno($ds)) . " by {$rdn}";
$r = false;
}
ldap_close($ds);
if (strlen($this->errorString)) {
$this->logger->setErrorMessage($this->errorString);
}
return $r;
}示例9: connect
/**
* Connects to a Ldap directory without binding
*
* @param string $hostname Hostname to connect to
* @param int $port Port to connect to (Default: 389)
* @param boolean $withSSL Whether to connect with SSL support (Default: false)
* @param boolean $withTLS Whether to connect with TLS support (Default: false)
*
* @return ConnectionInterface connection instance
*
* @throws ConnectionException if connection fails
*/
public function connect($hostname, $port = 389, $withSSL = false, $withTLS = false)
{
if ($withSSL && $withTLS) {
throw new ConnectionException('Cannot support both TLS & SSL for a given Ldap Connection');
}
if (!extension_loaded('ldap') && !@dl('ldap.' . PHP_SHLIB_SUFFIX)) {
throw new ConnectionException('You do not have the required ldap-extension installed');
}
if ($withSSL) {
$hostname = 'ldaps://' . $hostname;
}
$connection = @ldap_connect($hostname, $port);
if (false === $connection) {
throw new ConnectionException('Could not successfully connect to the LDAP server');
}
if ($withTLS) {
if (!@ldap_start_tls($connection)) {
$code = @ldap_errno($connection);
throw new ConnectionException(sprintf('Could not start TLS: Ldap Error Code=%s - %s', $code, ldap_err2str($code)));
}
}
return new Connection($connection);
}示例10: ldapLoginBindFailure
function ldapLoginBindFailure($ldapc)
{
global $Conf, $email_class, $password_class;
// connection failed, report error
$lerrno = ldap_errno($ldapc);
$suffix = "";
if ($lerrno != 49) {
$suffix = "<br /><span class='hint'>(LDAP error {$lerrno}: " . htmlspecialchars(ldap_err2str($lerrno)) . ")</span>";
}
if ($lerrno < 5) {
return Conf::msg_error("LDAP protocol error. Logins will fail until this error is fixed.{$suffix}");
} else {
if (req_s("password") == "") {
$password_class = " error";
if ($lerrno == 53) {
$suffix = "";
}
return Conf::msg_error("Enter your LDAP password.{$suffix}");
} else {
$email_class = $password_class = " error";
return Conf::msg_error("Those credentials are invalid. Please use your LDAP username and password.{$suffix}");
}
}
}示例11: bind
function bind($userdn = NULL, $pass = NULL, $anon_bind = FALSE)
{
$userdn = $userdn != NULL ? $userdn : $this->binddn;
$pass = $pass != NULL ? $pass : $this->bindpw;
if (!isset($this->testUsers[$userdn])) {
$ldap_errno = LDAP_NO_SUCH_OBJECT;
if (function_exists('ldap_err2str')) {
$ldap_error = ldap_err2str($ldap_errno);
} else {
$ldap_error = "Failed to find {$userdn} in LdapServerTest.class.php";
}
} elseif (isset($this->testUsers[$userdn]['attr']['password'][0]) && $this->testUsers[$userdn]['attr']['password'][0] != $pass) {
$ldap_errno = LDAP_INVALID_CREDENTIALS;
if (function_exists('ldap_err2str')) {
$ldap_error = ldap_err2str($ldap_errno);
} else {
$ldap_error = "Credentials for {$userdn} failed in LdapServerTest.class.php";
}
} else {
return LDAP_SUCCESS;
}
debug(t("LDAP bind failure for user %user. Error %errno: %error", array('%user' => $userdn, '%errno' => $ldap_errno, '%error' => $ldap_error)));
return $ldap_errno;
}示例12: auth
public function auth($username, PhutilOpaqueEnvelope $password)
{
if (strlen(trim($username)) == 0) {
throw new Exception('Username can not be empty');
}
if (PhabricatorEnv::getEnvConfig('ldap.search-first')) {
// To protect against people phishing for accounts we catch the
// exception and present the default exception that would be presented
// in the case of a failed bind.
try {
$user = $this->getUser($this->getUsernameAttribute(), $username);
$username = $user[$this->getSearchAttribute()][0];
} catch (PhabricatorLDAPUnknownUserException $e) {
throw new Exception($this->invalidLDAPUserErrorMessage(self::LDAP_INVALID_CREDENTIALS, ldap_err2str(self::LDAP_INVALID_CREDENTIALS)));
}
}
$conn = $this->getConnection();
$activeDirectoryDomain = PhabricatorEnv::getEnvConfig('ldap.activedirectory_domain');
if ($activeDirectoryDomain) {
$dn = $username . '@' . $activeDirectoryDomain;
} else {
$dn = ldap_sprintf('%Q=%s,%Q', $this->getSearchAttribute(), $username, $this->getBaseDN());
}
// NOTE: It is very important we suppress any messages that occur here,
// because it logs passwords if it reaches an error log of any sort.
DarkConsoleErrorLogPluginAPI::enableDiscardMode();
$result = @ldap_bind($conn, $dn, $password->openEnvelope());
DarkConsoleErrorLogPluginAPI::disableDiscardMode();
if (!$result) {
throw new Exception($this->invalidLDAPUserErrorMessage(ldap_errno($conn), ldap_error($conn)));
}
$this->userData = $this->getUser($this->getSearchAttribute(), $username);
return $this->userData;
}示例13: getHtmlErrors
/**
* return the errors for this object as html
*
* @return string html listing the errors
* @access public
*/
function getHtmlErrors()
{
/*
if ( file_exists(XOOPS_ROOT_PATH."/language/".$GLOBALS['xoopsConfig']['language']."/error.php") ) {
include_once XOOPS_ROOT_PATH."/language/".$GLOBALS['xoopsConfig']['language']."/error.php";
} else {
include_once XOOPS_ROOT_PATH."/language/english/error.php";
}
*/
//$ret = '<h4>'._ERRORS.'</h4>';
$ret = '<br>';
if (!empty($this->_errors)) {
foreach ($this->_errors as $errno => $errstr) {
$msg = function_exists("ldap_err2str") ? ldap_err2str($errno) : '';
$ret .= $msg . ' <br> ' . $errstr . '<br />';
}
} else {
$ret .= _NONE . '<br />';
}
return $ret;
}示例14: err2Str
/**
* Convert LDAP error number into string error message.
*
* @param int $number
*
* @return string
*/
public function err2Str($number)
{
return ldap_err2str($number);
}示例15: user_update_password
/**
* Changes userpassword in LDAP
*
* Called when the user password is updated. It assumes it is
* called by an admin or that you've otherwise checked the user's
* credentials
*
* @param object $user User table object
* @param string $newpassword Plaintext password (not crypted/md5'ed)
* @return boolean result
*
*/
function user_update_password($user, $newpassword)
{
global $USER;
$result = false;
$username = $user->username;
$extusername = core_text::convert($username, 'utf-8', $this->config->ldapencoding);
$extpassword = core_text::convert($newpassword, 'utf-8', $this->config->ldapencoding);
switch ($this->config->passtype) {
case 'md5':
$extpassword = '{MD5}' . base64_encode(pack('H*', md5($extpassword)));
break;
case 'sha1':
$extpassword = '{SHA}' . base64_encode(pack('H*', sha1($extpassword)));
break;
case 'plaintext':
default:
break;
// plaintext
}
$ldapconnection = $this->ldap_connect();
$user_dn = $this->ldap_find_userdn($ldapconnection, $extusername);
if (!$user_dn) {
error_log($this->errorlogtag . get_string('nodnforusername', 'auth_ldap', $user->username));
return false;
}
switch ($this->config->user_type) {
case 'edir':
// Change password
$result = ldap_modify($ldapconnection, $user_dn, array('userPassword' => $extpassword));
if (!$result) {
error_log($this->errorlogtag . get_string('updatepasserror', 'auth_ldap', array('errno' => ldap_errno($ldapconnection), 'errstring' => ldap_err2str(ldap_errno($ldapconnection)))));
}
// Update password expiration time, grace logins count
$search_attribs = array($this->config->expireattr, 'passwordExpirationInterval', 'loginGraceLimit');
$sr = ldap_read($ldapconnection, $user_dn, '(objectClass=*)', $search_attribs);
if ($sr) {
$entry = ldap_get_entries_moodle($ldapconnection, $sr);
$info = array_change_key_case($entry[0], CASE_LOWER);
$newattrs = array();
if (!empty($info[$this->config->expireattr][0])) {
// Set expiration time only if passwordExpirationInterval is defined
if (!empty($info['passwordexpirationinterval'][0])) {
$expirationtime = time() + $info['passwordexpirationinterval'][0];
$ldapexpirationtime = $this->ldap_unix2expirationtime($expirationtime);
$newattrs['passwordExpirationTime'] = $ldapexpirationtime;
}
// Set gracelogin count
if (!empty($info['logingracelimit'][0])) {
$newattrs['loginGraceRemaining'] = $info['logingracelimit'][0];
}
// Store attribute changes in LDAP
$result = ldap_modify($ldapconnection, $user_dn, $newattrs);
if (!$result) {
error_log($this->errorlogtag . get_string('updatepasserrorexpiregrace', 'auth_ldap', array('errno' => ldap_errno($ldapconnection), 'errstring' => ldap_err2str(ldap_errno($ldapconnection)))));
}
}
} else {
error_log($this->errorlogtag . get_string('updatepasserrorexpire', 'auth_ldap', array('errno' => ldap_errno($ldapconnection), 'errstring' => ldap_err2str(ldap_errno($ldapconnection)))));
}
break;
case 'ad':
// Passwords in Active Directory must be encoded as Unicode
// strings (UCS-2 Little Endian format) and surrounded with
// double quotes. See http://support.microsoft.com/?kbid=269190
if (!function_exists('mb_convert_encoding')) {
error_log($this->errorlogtag . get_string('needmbstring', 'auth_ldap'));
return false;
}
$extpassword = mb_convert_encoding('"' . $extpassword . '"', "UCS-2LE", $this->config->ldapencoding);
$result = ldap_modify($ldapconnection, $user_dn, array('unicodePwd' => $extpassword));
if (!$result) {
error_log($this->errorlogtag . get_string('updatepasserror', 'auth_ldap', array('errno' => ldap_errno($ldapconnection), 'errstring' => ldap_err2str(ldap_errno($ldapconnection)))));
}
break;
default:
// Send LDAP the password in cleartext, it will md5 it itself
$result = ldap_modify($ldapconnection, $user_dn, array('userPassword' => $extpassword));
if (!$result) {
error_log($this->errorlogtag . get_string('updatepasserror', 'auth_ldap', array('errno' => ldap_errno($ldapconnection), 'errstring' => ldap_err2str(ldap_errno($ldapconnection)))));
}
}
$this->ldap_close();
return $result;
}