Commit 3cca88c7 authored by Carsten  Rose's avatar Carsten Rose
Browse files

Ldap.php: Added checks for missing LDAP..._SEARCH. Do not throw an error if...

Ldap.php: Added checks for missing LDAP..._SEARCH. Do not throw an error if there is an empty result. HTML Entitites for typeahead will be escaped on client side.
parent 1d943848
......@@ -201,6 +201,7 @@ const ERROR_UNKNOWN_ACTION = 1502;
const ERROR_NO_TARGET_PATH_FILE_NAME = 1503;
const ERROR_LDAP_CONNECT = 1600;
const ERROR_MISSING_TYPE_AHEAD_LDAP_SEARCH = 1601;
// KeyValueParser
const ERROR_KVP_VALUE_HAS_NO_KEY = 1900;
......
......@@ -21,6 +21,7 @@ class Ldap {
* @throws UserFormException
*/
private function ldapConnect($ldapServer) {
$ds = ldap_connect($ldapServer); // must be a valid LDAP server!
if (!$ds) {
throw new UserFormException("Unable to connect to LDAP server: $ldapServer", ERROR_LDAP_CONNECT);
......@@ -85,6 +86,7 @@ class Ldap {
}
/**
*
* @param array $config [FE_LDAP_SERVER , FE_LDAP_BASE_DN, FE_LDAP_SEARCH, FE_TYPEAHEAD_LIMIT, FE_TYPEAHEAD_LDAP_KEY_PRINTF, FE_TYPEAHEAD_LDAP_VALUE_PRINTF]
* @param string $searchValue value to search via $config[FE_LDAP_SEARCH]
* @param string $mode MODE_LDAP_SINGLE | MODE_LDAP_MULTI
......@@ -95,8 +97,15 @@ class Ldap {
$arr = array();
// For TypeAhead, use an optional given F_TYPEAHEAD_LDAP_SEARCH
if ($mode == MODE_LDAP_MULTI && $config[F_TYPEAHEAD_LDAP_SEARCH] != '') {
if ($mode == MODE_LDAP_MULTI) {
if (!isset($config[F_TYPEAHEAD_LDAP_SEARCH]) || $config[F_TYPEAHEAD_LDAP_SEARCH] == '') {
throw new UserFormException("Missing definition for `" . F_TYPEAHEAD_LDAP_SEARCH . "`", ERROR_MISSING_TYPE_AHEAD_LDAP_SEARCH);
}
$config[F_LDAP_SEARCH] = $config[F_TYPEAHEAD_LDAP_SEARCH];
} else {
if (!isset($config[F_LDAP_SEARCH]) || $config[F_LDAP_SEARCH] == '') {
throw new UserFormException("Missing definition for `" . F_LDAP_SEARCH . "`", ERROR_MISSING_TYPE_AHEAD_LDAP_SEARCH);
}
}
$searchValue = Support::ldap_escape($searchValue, null, LDAP_ESCAPE_FILTER);
......@@ -115,30 +124,33 @@ class Ldap {
array_merge($keyArr, $valueArr, $specificArr))));
$sr = $this->ldapSearch($ds, $config, $attr);
$info = ldap_get_entries($ds, $sr);
if ($sr !== false) {
$info = ldap_get_entries($ds, $sr);
if ($mode == MODE_LDAP_MULTI) {
if ($mode == MODE_LDAP_MULTI) {
// Iterate over all Elements, per element collect all needed attributes
for ($i = 0; $i < $info["count"]; $i++) {
// Iterate over all Elements, per element collect all needed attributes
for ($i = 0; $i < $info["count"]; $i++) {
$key = $this->printfResult($keyFormat, $keyArr, $info[$i]);
$value = $this->printfResult($valueFormat, $valueArr, $info[$i]);
// HTML Entities will be escaped on Client side.
$key = $this->printfResult($keyFormat, $keyArr, $info[$i], false);
$value = $this->printfResult($valueFormat, $valueArr, $info[$i], false);
if ($key == '' || $value == '') {
continue; // if $key or $value is empty: skip
}
if ($key == '' || $value == '') {
continue; // if $key or $value is empty: skip
}
$arr[] = [API_TYPEAHEAD_KEY => $key, API_TYPEAHEAD_VALUE => $value];
}
} else {
// Collect all attributes
foreach ($attr as $key) {
$value = isset($info[0][$key][0]) ? $info[0][$key][0] : '';
$arr[$key] = htmlentities($value);
$arr[] = [API_TYPEAHEAD_KEY => $key, API_TYPEAHEAD_VALUE => $value];
}
} else {
// Collect all attributes
foreach ($attr as $key) {
$value = isset($info[0][$key][0]) ? $info[0][$key][0] : '';
$arr[$key] = $value;
}
}
ldap_close($ds);
}
ldap_close($ds);
return $arr;
}
......@@ -188,12 +200,20 @@ class Ldap {
* @throws CodeException
* @throws UserFormException
*/
private function printfResult($format, array $keyArr, $infoElement) {
private function printfResult($format, array $keyArr, $infoElement, $doHtmlEntity = true) {
$args = array($format);
foreach ($keyArr as $key) {
$args[] = (isset($infoElement[$key][0])) ? htmlentities($infoElement[$key][0]) : '';
$val = '';
if (isset($infoElement[$key][0])) {
$val = $infoElement[$key][0];
if ($doHtmlEntity === true) {
$val = htmlentities($val);
}
}
$args[] = $val;
}
return call_user_func_array('sprintf', $args);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment