class ldap_server in Lightweight Directory Access Protocol (LDAP) 6

class ldap_server {

  // LDAP Settings
  public $sid;
  public $name;
  public $address;
  public $port = 389;
  public $tls = FALSE;
  public $basedn;
  private $binddn = FALSE;

  // Default to an anonymous bind.
  private $bindpw = FALSE;

  // Default to an anonymous bind.
  private $properties = array(
    'sid',
    'name',
    'address',
    'port',
    'tls',
    'basedn',
    'binddn',
    'bindpw',
  );
  protected $connection;

  /**
   * Constructor Method
   */
  function __construct($sid = 1) {
    if (is_null($sid)) {
      return;
    }
    $record = db_fetch_object(db_query("SELECT * FROM {ldap_servers} WHERE sid = %d", $sid));
    foreach ($this->properties as $property) {
      if (isset($record->{$property})) {
        $this->{$property} = $record->{$property};
      }
    }
  }

  /**
   * Destructor Method
   */
  function __destruct() {

    // Close the server connection to be sure.
    $this
      ->disconnect();
  }

  /**
   * Invoke Method
   */
  function __invoke() {
    $this
      ->connect();
    $this
      ->bind();
  }

  /**
   * Get Method
   *
   * @param string property
   *   The requested property name.
   *
   * @return
   *   The value of the requested variable.
   */
  function __get($property) {
    return $this->{$property};
  }

  /**
   * Set Method
   */
  function __set($property, $value) {
    $this->{$property} = $value;
  }

  /**
   * Error Handling Method
   *
   * @param int errno
   *   The level of the error raised.
   *
   * @param string errstr
   *   The error message.
   *
   * @param string errfile
   *   The filename that the error was raised in.
   *
   * @param int errline
   *   The line number the error was raised at.
   *
   * @param array errcontext
   *   An array of every variable that existed in the scope the error was
   *   triggered in.
   *
   * @return bool
   *   Always return TRUE to avoid PHP's builtin handler.
   */
  function error_handler($errno, $errstr, $errfile, $errline, $errcontext) {
    return TRUE;
  }

  /**
   * Connect Method
   */
  function connect() {
    if (!($con = ldap_connect($this->server_addr, $this->port))) {
      watchdog('user', 'LDAP Connect failure to ' . $this->server_addr . ':' . $this->port);
      return FALSE;
    }
    ldap_set_option($con, LDAP_OPT_PROTOCOL_VERSION, 3);
    ldap_set_option($con, LDAP_OPT_REFERRALS, 0);

    // Use TLS if we are configured and able to.
    if ($this->tls) {
      ldap_get_option($con, LDAP_OPT_PROTOCOL_VERSION, $vers);
      if ($vers == -1) {
        watchdog('user', 'Could not get LDAP protocol version.');
        return FALSE;
      }
      if ($vers != 3) {
        watchdog('user', 'Could not start TLS, only supported by LDAP v3.');
        return FALSE;
      }
      elseif (!function_exists('ldap_start_tls')) {
        watchdog('user', 'Could not start TLS. It does not seem to be supported by this PHP setup.');
        return FALSE;
      }
      elseif (!ldap_start_tls($con)) {
        watchdog('user', t("Could not start TLS. (Error %errno: %error).", array(
          '%errno' => ldap_errno($con),
          '%error' => ldap_error($con),
        )));
        return FALSE;
      }
    }

    // Store the resulting resource
    $this->connection = $con;
    return TRUE;
  }

  /**
   * Bind (authenticate) against an active LDAP database.
   *
   * @param $userdn
   *   The DN to bind against. If NULL, we use $this->binddn
   * @param $pass
   *   The password search base. If NULL, we use $this->bindpw
   *
   * @return
   *   Result of bind; TRUE if successful, FALSE otherwise.
   */
  function bind($userdn = NULL, $pass = NULL) {
    $userdn = $userdn != NULL ? $userdn : $this->binddn;
    $pass = $pass != NULL ? $pass : $this->bindpw;

    // Ensure that we have an active server connection.
    if (!$this->connection) {
      watchdog('ldap', "LDAP bind failure for user %user. Not connected to LDAP server.", array(
        '%user' => $dn,
      ));
      return FALSE;
    }
    if (!ldap_bind($this->connection, $userdn, $pass)) {
      watchdog('ldap', "LDAP bind failure for user %user. Error %errno: %error", array(
        '%user' => $user,
        '$errno' => ldap_errno($this->connection),
        '%error' => ldap_error($this->connection),
      ));
      return FALSE;
    }
    return TRUE;
  }

  /**
   * Disconnect (unbind) from an active LDAP server.
   */
  function disconnect() {
    if (!$this->connection) {
      watchdog('ldap', 'LDAP disconnect failure from ' . $this->server_addr . ':' . $this->port);
      return FALSE;
    }
    ldap_unbind($this->connection);
    $this->connection = NULL;
    return TRUE;
  }

  /**
   * Saves the current server config to the database.
   *
   * @return
   *   True if the operation is sucessful.
   */
  function save() {
  }

  /**
   * (Re)loads the current server config from the database.
   */
  function load() {
  }

  /**
   * Preform an LDAP search.
   *
   * @peram string $filter
   *   The search filter.
   * @peram strign $basedn
   *   The search base. If NULL, we use $this->basedn
   * @peram array $attributes
   *   List of desired attributes. If omitted, we only return "dn".
   *
   * @return
   *   An array of matching entries->attributes, or FALSE if the search is
   *   empty.
   */
  function search($filter, $basedn = NULL, $attributes = array()) {
    $basedn = $basedn != NULL ? $basedn : $this->basedn;
    $attributes = attributes != NULL ? $attributes : 'dn';

    // Change the error handler, ldap_search throws exceptions when results
    // are NULL
    set_error_handler(array(
      'ldap_server',
      'error_handler',
    ));
    $result = @ldap_search($this->connection, $basedn, $filter, $attributes);
    restore_error_handler();
    if ($result && ldap_count_entries($this->connection, $result)) {
      return ldap_get_entries($this->connection, $result);
    }
    return FALSE;
  }

}