Skip to content
Snippets Groups Projects
Commit b86636d7 authored by Hahn Axel (hahn)'s avatar Hahn Axel (hahn)
Browse files

php8 only: use variable types; update phpdocs

parent c569c153
No related branches found
No related tags found
1 merge request!2php8 only: use variable types; update phpdocs
Hide whitespace changes
Inline Side-by-side
Showing
with 173 additions and 130 deletions
src/ldap.class.php
+ 173
130
View file @ b86636d7
......@@ -3,24 +3,26 @@
/**
*
* IML LDAP CONNECTOR
*<pre>
* 2022-02-22 ah added objGet(), sanitizeFilter() <br>
* 2022-08-18 ah mask password (showing 4 chars only) <br>
* 2022-08-22 ah mhash is deprecated <br>
* 2022-08-26 ah fix verifyPassword <br>
* </pre>
* @author axel.hahn@iml.unibe.ch
*
* 2022-02-22 ah added objGet(), sanitizeFilter()
* 2022-08-18 ah mask password (showing 4 chars only)
* 2022-08-22 ah mhash is deprecated
* 2022-08-26 ah fix verifyPassword
* 2024-07-11 ah php8 only: use variable types; update phpdocs
*
* @author axel.hahn@unibe.ch
*/
class imlldap {
class imlldap
{
// ----------------------------------------------------------------------
// vars
// ----------------------------------------------------------------------
/**
* @var array options array for an ldap connection including some base settings and DNs
*/
private $_aLdap = array(
private array $_aLdap = [
'server' => false,
'port' => false,
'DnLdapUser' => false, // ldap rdn oder dn
......@@ -29,27 +31,34 @@ class imlldap {
'DnAppNode' => false, // cn=AppGroup...
'protoVersion' => 3,
'debugLevel' => 0,
);
];
/**
* @var object current ldap connection
*/
private $_ldapConn = false;
private object|bool $_ldapConn = false;
/**
* ldap bind object - bind was done?
* @var object|bool
*/
private object|bool $_ldapBind = false;
/**
* @var bool bind was done?
* Flag if debug mode is on
* @var bool
*/
private $_ldapBind = false;
var $bDebug = false;
var bool $bDebug = false;
// ----------------------------------------------------------------------
// functions
// ----------------------------------------------------------------------
/**
* constructor
* @param array $aConfig optional set ldap connection
*/
public function __construct($aConfig = array()) {
public function __construct(array $aConfig = [])
{
if (!function_exists("ldap_connect")) {
die(__CLASS__ . " ERROR: php-ldap module is not installed on this server.");
}
......@@ -58,7 +67,8 @@ class imlldap {
}
}
public function __destruct() {
public function __destruct()
{
$this->close();
}
......@@ -72,7 +82,8 @@ class imlldap {
* ldap config array
* @see setConfig()
*/
public function debugOn() {
public function debugOn(): void
{
$this->bDebug = true;
if ($this->_aLdap['debugLevel']) {
$this->_w(__FUNCTION__ . ' setting debug level ' . $this->_aLdap['debugLevel']);
......@@ -83,7 +94,8 @@ class imlldap {
/**
* turn debug messages off
*/
public function debugOff() {
public function debugOff(): void
{
$this->bDebug = false;
ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 0);
}
......@@ -94,7 +106,8 @@ class imlldap {
* @param string $sText message text
* @return boolean
*/
private function _w($sText) {
private function _w(string $sText): bool
{
if (!$this->bDebug) {
return false;
}
......@@ -108,8 +121,9 @@ class imlldap {
* @param string $sText message text
* @return boolean
*/
private function _wLdaperror($sText = '') {
$this->_w(($sText ? $sText . ' - ' : '' ) . 'last LDAP-ERROR: ' . ldap_error($this->_ldapConn));
private function _wLdaperror(string $sText = ''): bool
{
$this->_w(($sText ? $sText . ' - ' : '') . 'last LDAP-ERROR: ' . ldap_error($this->_ldapConn));
return true;
}
......@@ -130,7 +144,8 @@ class imlldap {
* 'protoVersion' => 3
* 'debugLevel' => 0 // for debugging set higher 0 AND call debugOn()
*/
public function setConfig($aConfig = array()) {
public function setConfig(array $aConfig = []): void
{
if (is_array($aConfig)) {
foreach (array_keys($this->_aLdap) as $sKey) {
if (array_key_exists($sKey, $aConfig)) {
......@@ -148,7 +163,8 @@ class imlldap {
/**
* close an existing ldap connection
*/
public function close() {
public function close(): void
{
if ($this->_ldapConn) {
$this->_w(__FUNCTION__ . ' closing connection.');
ldap_close($this->_ldapConn);
......@@ -162,7 +178,8 @@ class imlldap {
/**
* connect to ldap
*/
public function connect() {
public function connect(): void
{
if (!array_key_exists('server', $this->_aLdap) || !$this->_aLdap['server']) {
die(__CLASS__ . " ERROR: no ldap server was setup set. Use setConfig() first.");
......@@ -173,7 +190,7 @@ class imlldap {
}
$this->_w(__FUNCTION__ . ' connect to ' . $this->_aLdap['server'] . ':' . $this->_aLdap['port']);
$this->_ldapConn = ldap_connect($this->_aLdap['server'], $this->_aLdap['port']);
$this->_ldapConn = ldap_connect($this->_aLdap['server']);
if (!$this->_ldapConn) {
$this->_wLdaperror(__FUNCTION__);
die(__CLASS__ . " ERROR: ldap connect failed.");
......@@ -201,10 +218,11 @@ class imlldap {
* @param string $sUser optional: username (overrides _aLdap['DnLdapUser'])
* @param string $sPw optional: password (overrides _aLdap['PwLdapUser'])
*/
public function bind($sUser = '', $sPw = '') {
if(!$sUser){
public function bind(string $sUser = '', string $sPw = ''): bool
{
if (!$sUser) {
$sUser = $this->_aLdap['DnLdapUser'];
$sPw = $this->_aLdap['PwLdapUser'];
$sPw = $this->_aLdap['PwLdapUser'];
}
if (!$this->_ldapConn) {
......@@ -218,7 +236,7 @@ class imlldap {
$this->_w(__FUNCTION__ . ' ERROR: no user was set as first param.');
die("ERROR: no user was given to connect to ldap.");
}
$this->_w(__FUNCTION__ . ' with user ' . $sUser . ' PW ' . substr($sPw,0,4).'**********');
$this->_w(__FUNCTION__ . ' with user ' . $sUser . ' PW ' . substr($sPw, 0, 4) . '**********');
$this->_ldapBind = @ldap_bind($this->_ldapConn, $sUser, $sPw);
if (!$this->_ldapBind) {
......@@ -232,7 +250,8 @@ class imlldap {
/**
* ldap unbind ... if a bind exists
*/
public function unbind() {
public function unbind(): void
{
if ($this->_ldapBind && !is_bool($this->_ldapBind)) {
$this->_w(__FUNCTION__ . ' ...');
ldap_unbind($this->_ldapBind);
......@@ -251,30 +270,33 @@ class imlldap {
* @param string $sDn DN to check
* @return boolean
*/
public function DnExists($sDn) {
$aData = $this->searchDn($sDn, '(&(objectclass=top))', array("*"));
public function DnExists(string $sDn): bool
{
$aData = $this->searchDn($sDn, '(&(objectclass=top))', ["*"]);
return is_array($aData);
}
/**
* get simpler array from ldap_get_entries after ldap_search
* If the given array doesn't contain the key "dn" it returns "false"
*
* @param array $aRecord singel result item
* @param array $aRecord single result item
* @return array
*/
public function normalizeSearchentry($aRecord) {
if (!is_array($aRecord) || !isset($aRecord['dn'])){
public function normalizeSearchentry(array $aRecord): bool|array
{
if (!is_array($aRecord) || !isset($aRecord['dn'])) {
return false;
}
$aItem = array();
$aItem = [];
unset($aRecord['count']);
foreach ($aRecord as $sAttr => $aData) {
if (!is_integer($sAttr)) {
$value = $aData;
if (is_array($aData)) {
unset($aData['count']);
$bUseArray=count($aData)>1 || array_search($sAttr, array('hieradata', 'member', 'memberof', 'objectclass'))!==false;
if($bUseArray){
$bUseArray = count($aData) > 1 || array_search($sAttr, ['hieradata', 'member', 'memberof', 'objectclass']) !== false;
if ($bUseArray) {
sort($aData);
}
$value = $bUseArray ? $aData : $aData[0];
......@@ -284,23 +306,6 @@ class imlldap {
}
return $aItem;
}
/**
* get simpler array from ldap_get_entries after ldap_search
*
* @param array $aRecord singel result item
* @return array
*/
public function normalizeSearchresult($aLdapSearchresult) {
if (!is_array($aLdapSearchresult)){
return false;
}
$aReturn = array();
unset($aRecord['count']);
foreach ($aLdapSearchresult as $aRecord) {
$aReturn[]=$this->normalizeSearchentry($aRecord);
}
return $aReturn;
}
/**
* sanitize value to put into a search filter
......@@ -315,51 +320,56 @@ class imlldap {
* @param string $s value to sanitize
* @return string
*/
static public function sanitizeFilter($s){
static public function sanitizeFilter(string $s): string
{
// helper array to replace special chars
$aReplace=array();
for($i=0; $i<65; $i++){
$val=dechex($i);
if ($val<10){
$val="0$val";
$aReplace = [];
for ($i = 0; $i < 65; $i++) {
$val = dechex($i);
if ($val < 10) {
$val = "0$val";
}
$aReplace[chr($i)]='\\'.$val;
$aReplace[chr($i)] = '\\' . $val;
}
$sReturn=$s;
$sReturn=str_replace(array_keys($aReplace), array_values($aReplace), $sReturn);
$sReturn = $s;
$sReturn = str_replace(array_keys($aReplace), array_values($aReplace), $sReturn);
return $sReturn;
}
/**
* search in ldap directory and get result as array
* search in ldap directory and get result as array.
* It returns "false" on error:
* - no ldap connection
* - search failed
*
* @param string $sDn DN to search for
* @param string $sSearchFilter filter in ldap filter syntax
* @param array $aAttributesToGet flat array of attributes to fetch
* @param boolean $bRecursive recusrive (uses ldap_search) or not (ldap_list)
* @return array
* @return boolean|array
*/
public function searchDn($sDn, $sSearchFilter='(objectclass=*)', $aAttributesToGet = array("*"), $bRecursive=true) {
public function searchDn(string $sDn, string $sSearchFilter = '(objectclass=*)', array $aAttributesToGet = ["*"], bool $bRecursive = true): bool|array
{
if (!$this->_ldapBind) {
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])){
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])) {
return false;
}
}
$this->_w(__FUNCTION__ . ' DN = ' . $sDn . ' filter = ' . $sSearchFilter . ' attributes = ' . print_r($aAttributesToGet, 1).' recursive = '.($bRecursive ? 'yes' : 'no' ));
$this->_w(__FUNCTION__ . ' DN = ' . $sDn . ' filter = ' . $sSearchFilter . ' attributes = ' . print_r($aAttributesToGet, 1) . ' recursive = ' . ($bRecursive ? 'yes' : 'no'));
$oLdapSearch = $bRecursive
? ldap_search($this->_ldapConn, $sDn, $sSearchFilter, $aAttributesToGet)
: ldap_list ($this->_ldapConn, $sDn, $sSearchFilter, $aAttributesToGet)
;
? ldap_search($this->_ldapConn, $sDn, $sSearchFilter, $aAttributesToGet)
: ldap_list($this->_ldapConn, $sDn, $sSearchFilter, $aAttributesToGet)
;
if (!$oLdapSearch) {
$this->_w(__FUNCTION__ . " !!!ERROR!!! filter $sSearchFilter failed ");
return false;
}
$aItems = ldap_get_entries($this->_ldapConn, $oLdapSearch);
$this->_w(__FUNCTION__ . " count of returned items: ".count($aItems));
$this->_w(__FUNCTION__ . " count of returned items: " . count($aItems));
// $this->_w(__FUNCTION__ . " <pre>".print_r($aItems,1).'</pre>');
return $aItems;
}
......@@ -371,9 +381,10 @@ class imlldap {
* @param array $aAttributesToGet flat array of attributes to fetch
* @param bool $bRecursive flag: recursive search? default: true (=yes, recursive)
*
* @return array
* @return boolean|array
*/
public function searchUser($sSearchFilter='', $aAttributesToGet = array("*"), $bRecursive=true) {
public function searchUser(string $sSearchFilter = '', array $aAttributesToGet = ["*"], bool $bRecursive = true): bool|array
{
return $this->searchDn($this->_aLdap['DnUserNode'], $sSearchFilter, $aAttributesToGet, $bRecursive);
/*
if (!$this->_ldapBind) {
......@@ -396,13 +407,14 @@ class imlldap {
* It returns false if the user does not exist or is
* not member of the group 'DnAppNode' (if it was set).
*
* @param string $sUser user id (uid) or email (mail) to search
* @param array $aAttributesToGet i.e. array("ou", "sn", "vorname", "mail", "uid", "memberOf")
* @param string $sUser user id (uid) or email (mail) to search
* @param array $aAttributesToGet i.e. ["ou", "sn", "vorname", "mail", "uid", "memberOf"]
* @return boolean|array
*/
public function getUserInfo($sUser, $aAttributesToGet = array("*")) {
public function getUserInfo(string $sUser, array $aAttributesToGet = ["*"]): bool|array
{
if (!$this->_ldapBind) {
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])){
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])) {
return false;
}
}
......@@ -430,12 +442,13 @@ class imlldap {
* email address. It returns false if the user does not exist or is
* not member of the group 'DnAppNode' (if it was set).
*
* @param type $sUser
* @param string $sUser
* @return string
*/
public function getUserDn($sUser) {
public function getUserDn(string $sUser): bool|string
{
$this->_w(__FUNCTION__ . '(' . $sUser . ')');
$aItem = $this->getUserInfo($sUser, array("dn"));
$aItem = $this->getUserInfo($sUser, ["dn"]);
if (is_array($aItem) && array_key_exists('dn', $aItem)) {
$this->_w(__FUNCTION__ . ' OK: dn was found ' . $aItem['dn']);
return $aItem['dn'];
......@@ -452,15 +465,16 @@ class imlldap {
* @param string $sPW password
* @return boolean
*/
public function setPassword($sUser, $sPW) {
public function setPassword(string $sUser, string $sPW): bool
{
if (!$this->_ldapBind) {
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])){
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])) {
return false;
}
}
$sDn = $this->getUserDn($sUser);
if ($sDn) {
if (!ldap_mod_replace($this->_ldapConn, $sDn, array('userpassword' => "{MD5}" . base64_encode(pack("H*", md5($sPW)))))) {
if (!ldap_mod_replace($this->_ldapConn, $sDn, ['userpassword' => "{MD5}" . base64_encode(pack("H*", md5($sPW)))])) {
$this->_wLdaperror(__FUNCTION__);
return false;
} else {
......@@ -478,17 +492,18 @@ class imlldap {
* @param string $Input
* @return string
*/
private function _getNTLMHash($Input) {
private function _getNTLMHash(string $Input): string
{
// Convert the password from UTF8 to UTF16 (little endian)
$Input = iconv('UTF-8', 'UTF-16LE', $Input);
// Encrypt it with the MD4 hash
$MD4Hash=hash('md4',$Input);
$MD4Hash = hash('md4', $Input);
// Make it uppercase, not necessary, but it's common to do so with NTLM hashes
$NTLMHash = strtoupper($MD4Hash);
// Return the result
return($NTLMHash);
return ($NTLMHash);
}
/**
......@@ -502,15 +517,19 @@ class imlldap {
* @param string $sPW password
* @return boolean
*/
public function setPasswordSamba($sUser, $sPW) {
public function setPasswordSamba(string $sUser, string $sPW): bool
{
$sDn = $this->getUserDn($sUser);
if ($sDn) {
$sPwField = 'sambaNTPassword';
$sPwValue = $this->_getNTLMHash($sPW);
return $this->objUpdate($sDn, array(
$sPwField => $sPwValue,
'SambaPwdLastSet' => date('U'),
));
return $this->objUpdate(
$sDn,
[
$sPwField => $sPwValue,
'SambaPwdLastSet' => date('U'),
]
);
}
$this->_w(__FUNCTION__ . ' dn not found (user does not exist in ldap) ' . $sUser);
return false;
......@@ -519,15 +538,17 @@ class imlldap {
/**
* update an ldap object
* this requires a ldap bind with master/ admin account
* It returns true if the action was successful
*
* @param string $sDn dn to update
* @param array $aItem array of new ldap properties
* @return boolean
*/
public function objAdd($sDn, $aItem) {
$this->_w(__FUNCTION__ . '("' . $sDn . '", <pre>['.print_r($aItem, 1).']</pre>)');
public function objAdd(string $sDn, array $aItem): bool
{
$this->_w(__FUNCTION__ . '("' . $sDn . '", <pre>[' . print_r($aItem, 1) . ']</pre>)');
if (!$this->_ldapBind) {
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])){
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])) {
return false;
}
}
......@@ -543,13 +564,14 @@ class imlldap {
* this requires a ldap bind with master/ admin account
*
* @param string $sDn dn to update
* @param string $aItem array of new ldap properties
* @param array $aItem array of new ldap properties
* @return boolean
*/
public function objAddAttr($sDn, $aItem) {
public function objAddAttr(string $sDn, array $aItem): bool
{
$this->_w(__FUNCTION__ . '("' . $sDn . '", [array])');
if (!$this->_ldapBind) {
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])){
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])) {
return false;
}
}
......@@ -567,23 +589,27 @@ class imlldap {
return false;
}
/**
/**
* read attributes from ldap node with given DN (using ldap_read)
* It returns "false" if the action was not successful
* - no ldap connection
* - DN or filter didn't match
*
* @param string $sDn DN to search for
* @param string $sSearchFilter filter in ldap filter syntax
* @param array $aAttributesToGet flat array of attributes to fetch
* @return array
* @return boolean|array
*/
public function objGet($sDn, $sSearchFilter='(objectclass=*)', $aAttributesToGet = array("*")) {
public function objGet(string $sDn, string $sSearchFilter = '(objectclass=*)', array $aAttributesToGet = ["*"]): bool|array
{
$this->_w(__FUNCTION__ . '("' . $sDn . '", filter = '.$sSearchFilter.', atttr= '.print_r($aAttributesToGet, 1).' )');
$this->_w(__FUNCTION__ . '("' . $sDn . '", filter = ' . $sSearchFilter . ', atttr= ' . print_r($aAttributesToGet, 1) . ' )');
if (!$this->_ldapBind) {
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])){
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])) {
return false;
}
}
$oLdapResult = ldap_read($this->_ldapConn, $sDn, $sSearchFilter, $aAttributesToGet);
if (!$oLdapResult) {
......@@ -597,15 +623,17 @@ class imlldap {
* update an ldap object with given key-value array
* if the attribute (key) does not exist it will be created.
* this requires a ldap bind with master/ admin account
* It returns "false" if the action failed
*
* @param string $sDn full DN where to update the item
* @param array $aItem updated entry
* @return boolean
*/
public function objUpdate($sDn, $aItem) {
public function objUpdate(string $sDn, array $aItem): bool
{
$this->_w(__FUNCTION__ . '("' . $sDn . '", ' . print_r($aItem, 1) . ')');
if (!$this->_ldapBind) {
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])){
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])) {
return false;
}
}
......@@ -624,14 +652,16 @@ class imlldap {
/**
* delete an ldap object
* this requires a ldap bind with master/ admin account
* It returns "false" if the action failed
*
* @param string $sDn full DN to remove
* @return boolean
*/
public function objDelete($sDn) {
public function objDelete(string $sDn): bool
{
$this->_w(__FUNCTION__ . '("' . $sDn . '")');
if (!$this->_ldapBind) {
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])){
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])) {
return false;
}
}
......@@ -640,7 +670,8 @@ class imlldap {
if (!ldap_delete($this->_ldapConn, $sDn)) {
$this->_wLdaperror(__FUNCTION__);
return false;
} return true;
}
return true;
}
$this->_w(__FUNCTION__ . ' missing parameter for DN');
return false;
......@@ -649,17 +680,21 @@ class imlldap {
/**
* delete attributes of an ldap object
* this requires a ldap bind with master/ admin account
* It returns "false" if the action failed
*
* TODO: Test me
* @example:
* remove attribute "userPassword" of user $sUserDn:
* <code>$oLdap->objDeleteAttr($sUserDn, ['userPassword'=>[]]</code>
*
* @param string $sDn DN
* @param string $aItem item to remove
* @param array $aItem item to remove
* @return boolean
*/
public function objDeleteAttr($sDn, $aItem) {
public function objDeleteAttr(string $sDn, array $aItem): bool
{
$this->_w(__FUNCTION__ . '("' . $sDn . '", [array])');
if (!$this->_ldapBind) {
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])){
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])) {
return false;
}
}
......@@ -669,7 +704,8 @@ class imlldap {
if (!ldap_mod_del($this->_ldapConn, $sDn, $aItem)) {
$this->_wLdaperror(__FUNCTION__);
return false;
} return true;
}
return true;
}
$this->_w(__FUNCTION__ . ' dn not found (item does not exist in ldap) or item was not an array ' . print_r($aItem, 1));
return false;
......@@ -683,15 +719,16 @@ class imlldap {
* @param string $sAttrValue value to check
* @return boolean
*/
public function objectAttributeExists($sDn, $sAttribute) {
public function objectAttributeExists(string $sDn, string $sAttribute): bool
{
$this->_w(__FUNCTION__ . '("' . $sDn . '", "' . $sAttribute . '")');
if (!$this->_ldapBind) {
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])){
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])) {
return false;
}
}
$aData = $this->searchDn($sDn, '(&(objectclass=top))', array($sAttribute));
$aData = $this->searchDn($sDn, '(&(objectclass=top))', [$sAttribute]);
$return = (is_array($aData) && isset($aData[0][strtolower($sAttribute)]));
$this->_w(__FUNCTION__ . '(...) returns ' . ($return ? 'true' : 'false'));
return $return;
......@@ -705,15 +742,16 @@ class imlldap {
* @param string $sAttrValue value to check
* @return boolean
*/
public function objectAttributeAndValueExist($sDn, $sAttribute, $sAttrValue) {
public function objectAttributeAndValueExist(string $sDn, string $sAttribute, string $sAttrValue): bool
{
$this->_w(__FUNCTION__ . '("' . $sDn . '", "' . $sAttribute . '", "' . $sAttrValue . '")');
if (!$this->_ldapBind) {
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])){
if (!$this->bind($this->_aLdap['DnLdapUser'], $this->_aLdap['PwLdapUser'])) {
return false;
}
}
$aData = $this->searchDn($sDn, '(&(objectclass=top))', array($sAttribute));
$aData = $this->searchDn($sDn, '(&(objectclass=top))', [$sAttribute]);
$return = (is_array($aData) && isset($aData[0][strtolower($sAttribute)]) && array_search($sAttrValue, $aData[0][strtolower($sAttribute)]) !== false);
$this->_w(__FUNCTION__ . '(...) returns ' . ($return ? 'true' : 'false'));
return $return;
......@@ -728,7 +766,8 @@ class imlldap {
* @param string $sAttrValue value to check
* @return boolean
*/
public function objectAttributeAndValueMustExist($sDn, $sAttribute, $sAttrValue) {
public function objectAttributeAndValueMustExist(string $sDn, string $sAttribute, string $sAttrValue): bool
{
$this->_w(__FUNCTION__ . '("' . $sDn . '", "' . $sAttribute . '", "' . $sAttrValue . '")');
// return if it already exists
if ($this->objectAttributeAndValueExist($sDn, $sAttribute, $sAttrValue)) {
......@@ -737,7 +776,7 @@ class imlldap {
// create it
$this->_w(__FUNCTION__ . " create $sAttribute = $sAttrValue");
$return = $this->objAddAttr($sDn, array($sAttribute => $sAttrValue));
$return = $this->objAddAttr($sDn, [$sAttribute => $sAttrValue]);
return $return;
}
......@@ -749,7 +788,8 @@ class imlldap {
* @param string $sDn optional DN where to create the user
* @return boolean
*/
public function userAdd($aItem, $sDn = false) {
public function userAdd(array $aItem, string $sDn = ""): bool
{
if (!$sDn) {
$sDn = 'cn=' . $aItem['cn'] . ',' . $this->_aLdap['DnUserNode'];
}
......@@ -769,7 +809,8 @@ class imlldap {
* @param string $sPW new password to set
* @return boolean
*/
public function userDelete($sUserDn) {
public function userDelete(string $sUserDn): bool
{
$this->_w(__FUNCTION__ . '(' . $sUserDn . ')');
return $this->objDelete($sUserDn);
}
......@@ -781,7 +822,8 @@ class imlldap {
* @param array $aItem new user data to update
* @return boolean
*/
public function userUpdate($aItem) {
public function userUpdate(array $aItem): bool
{
$this->_w(__FUNCTION__ . '([array])');
$sDn = $this->getUserDn($aItem['uid']);
if ($sDn) {
......@@ -801,7 +843,8 @@ class imlldap {
* @param string $sPW password
* @return boolean
*/
public function verifyPassword($sUser, $sPW) {
public function verifyPassword(string $sUser, string $sPW): bool
{
$sDn = $this->getUserDn($sUser);
if ($sDn) {
return $this->bind($sDn, $sPW);
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment