Connect to the LDAP server using PHP

Introduction: This is a detailed page for connecting to the LDAP server using PHP. It introduces the related knowledge, skills, experience, and some PHP source code.

Class = 'pingjiaf' frameborder = '0' src = 'HTTP: // biancheng.dnbc?info/pingjia.php? Id = 324406 'rolling = 'no'>

This article demonstrates how to use PHP to connect to an LDAP server. The specific example is to connect to a public LDAP server and perform a search. In this example, Netscape Communicator 4. * is used to connect to LDAP resources through its own address book.
LDAP Introduction

Many people may have heard about LDAP, but do not know what it is and how it works. Here I will not describe LDAP in detail, but just give an introduction to this Protocol.

LDAP is a protocol used to publish directory information to many different resources. It is usually used as a centralized address book, but it can be more powerful according to the organizer's needs.

The most basic form of LDAP is a standard method for connecting to the database. The database is optimized for read queries. Therefore, it can quickly obtain the query results, but it is much slower in other aspects, such as updates. Note that LDAP is usually used as a hierarchal database instead of a relational database. Therefore, its structure is better to represent in a tree than in a table. Because of this, you cannot use SQL statements.

In short, LDAP is a quick way to obtain centralized and static data about people or resources.

Requirements

Phpv.4 (the previous version is acceptable, but it has not been tested). The compilation supports ladp, that is, the LDAP directory with the -- with-LDAP public during compilation. Two parameters are provided in the example.

Example Overview

1. Set information about the public LDAP Server
2. Create an LDAP Query
3. Connect to the LDAP server
4. If the connection is successful, process the query
5. format the output
6. Close the connection
7. design the HTML table on the search interface
8. Display Results

Set public LDAP Server Information

The first thing we need to do is to define all the information of the LDAP server to be searched.

"Ldap_name" = Name of the new LDAP Project
"Ldap_server" = IP address or host name of the new LDAP Project
"Ldap_root_dn" = root Identification name of the new LDAP Project

<? PHP

$ Ldap_name [0] = "Netscape Net Center ";
$ Ldap_server [0] = "memberdir.netscape.com ";
$ Ldap_root_dn [0] = "ou = member_directory, O = netcenter.com ";

$ Ldap_name [1] = "Bigfoot ";
$ Ldap_server [1] = "ldap.bigfoot.com ";
$ Ldap_root_dn [1] = "";

// Set it to 0 if no server is selected
If (! $ Server_id)
$ Server_id = 0;

?>

Create an LDAP Query

As mentioned above, LDAP queries are different from SQL queries. Therefore, the statement must be limited. The following is a basic example.

// Create query $ ldap_query = "cn = $ common ";

In our example, "cn" is the attribute to be searched, and $ common is the string variable obtained from the form to be searched. You can use the wildcard '*' to query LDAP statements '*'. For example, '$ Stanley' can find 'Dan Stanley '.

Connect to the LDAP server

The following functions connect to an LDAP resource and assign the connection identification number to a variable, just like connecting to a common database, such as MySQL.

<? PHP

// Connect to LDAP
$ Connect_id = ldap_connect ($ ldap_server [$ server_id]);

?>

In our example, "$ connect_id" is the identification number of the connection, $ ldap_server is the possible LDAP server array, and $ server_id is the LDAP server variable obtained from the search table.

If the connection is successful, process the query

If the connection is successful, we will get a valid LDAP connection identification number, so that we can process the query.

<? PHP

If ($ connect_id)
{
// Authentication
$ Bind_id = ldap_bind ($ connect_id );

// Execute the search
$ Search_id = ldap_search ($ connect_id, $ ldap_root_dn [$ server_id], $ ldap_query );

// Assign the result set to an array
$ Result_array = ldap_get_entries ($ connect_id, $ search_id );
}
Else
{
// Display connection Error
Echo "cocould not connect to LDAP server: $ ldap_server [$ server_id]";
}

?>

Once we establish a connection with the LDAP server, we must perform authentication. When connecting to most databases, PHP sends the user name and password. However, in LDAP, authentication is unknown until a bind operation is performed. In our example, "$ bind_id" is the identifier of the bound connection. We are anonymously bound to a public LDAP server. Therefore, when ldap_bind () is executed, only the connection identification number is used, and no other parameters are required.

After Authentication (anonymous here), we can use the ldap_search () function to execute the query. The $ search_id generated is the connection identifier of our search.

Then, we use the ldap_get_entries () function to assign the result set to the $ result_array variable. In this way, we can arrange information logically for display.

Format output

After performing an LDAP search, the returned data is sorted in the order of search. However, there is no SQL statement in sorting. You can use the order by statement. Most common LDAP directories do not have standard size specifications. Sorting is based on the ASCII values of characters. We must format all characters in lower case for output in alphabetical order.

Note that the returned LDAP result set is a multi-dimensional array. Therefore, the structure of $ result_array in our script is as follows:

$ Result_array [0] ["cn"] [0] = "Dannie Stanley"
["DN"] [0] = "uid = Dannie, Dc = spinweb.net"
["Givenname"] [0] = "Dannie"
["Sn"] [0] = "Stanley"
["Mail"] [0] = "danSPAM@spinweb.net"
$ Result_array [1] ["cn"] [0] = "Michael Renault"
["DN"] [0] = "uid = Michael, Dc = spinweb.net"
["Givenname"] [0] = "Michael"
["Sn"] [0] = "Renault"
["Mail"] [0] = "michaelSPAM@spinweb.net"

The reason why data is stored in this format is that each attribute may have more than one value (like the tree structure ). For example, if my name is 'danni', I can add some attributes in LDAP, for example:

$ Result_array [0] ["cn"] [0] = "Dannie Stanley"
["DN"] [0] = "uid = Dannie, Dc = spinweb.net"
["Givenname"] [0] = "Dannie"
["Givenname"] [0] = "Dan"
["Sn"] [0] = "Stanley"
["Mail"] [0] = "danSPAM@spinweb.net"

In our search, we only care about the first value of each attribute. Therefore, except for the DN, we only use the value 0 in each attribute. The following is a simple list of attributes and their meanings:

"Cn" = Common name
"DN" = Distinguished Name
"Givenname" = first name
"Sn" = last name
"Mail" = Email Address

<? PHP

// If the search is successful, sort the results
If ($ result_array)
{
For ($ I = 0; $ I {
$ Format_array [$ I] [0] = strtolower ($ result_array [$ I] ["cn"] [0]);
$ Format_array [$ I] [1] = $ result_array [$ I] ["DN"];
$ Format_array [$ I] [2] = strtolower ($ result_array [$ I] ["givenname"] [0]);
$ Format_array [$ I] [3] = strtolower ($ result_array [$ I] ["Sn"] [0]);
$ Format_array [$ I] [4] = strtolower ($ result_array [$ I] ["mail"] [0]);
}

// Sort the Array
Sort ($ format_array, "sort_string ");

For ($ I = 0; $ I {
$ Cn = $ format_array [$ I] [0];
$ DN = $ format_array [$ I] [1];
$ Fname = ucwords ($ format_array [$ I] [2]);
$ Lname = ucwords ($ format_array [$ I] [3]);
$ Email = $ format_array [$ I] [4];

If ($ DN & $ fname & $ lname & $ email)
{
$ Result_list. = "$ fname $ lname ";
$ Result_list. = "<$ email>
N ";
}
Elseif ($ DN & $ CN & $ email)
{
$ Result_list. = "<a href = '/" LDAP: // $ ldap_server [$ server_id]/$ DN/"'> $ CN </a> ";
$ Result_list. = "<a href = '/" mailto: $ email/"'> $ email </a>
N ";
}
}
}
Else
{
Echo "result set empty for query: $ ldap_query ";
}

?>

In our example, $ format_array is our new array, which contains the query results and is formatted for output. First, cycle every element in $ result_array and assign it to a two-dimensional array for sorting. At the same time, we use the strtolower () function to convert all values to lowercase letters.

Next, we use a function called sort () that comes with PHP to sort data. The first parameter is the array to be sorted, and the other is the sort type to be executed, which is defined by the PHP document. Because we sort strings, we use "sort_string ".

Third, we loop through the formatted array and allocate it to an output character named $ result_list, which contains the HTML description. Note that the URL format of LDAP is used in the hyperlink. The format example is similar to: href = "LDAP: // ldap.domain.net/uid?dannie,dc=domain.net ".

Close connection

Now all our data is included in $ result_list. We can safely close the LDAP connection.

<? PHP

// Close the connection
Ldap_close ($ connect_id );

From: NeteaseCommunity
Sender: link_wb (Fireworks heaven)

More articles on "connecting to LDAP server using PHP"

Love J2EE follow Java Michael Jackson video station JSON online tools

Http://biancheng.dnbcw.info/php/324406.html pageno: 15.