rfc:ldap_exop
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
rfc:ldap_exop [2017/06/29 14:24] – mcmic | rfc:ldap_exop [2017/06/29 14:33] – mcmic | ||
---|---|---|---|
Line 19: | Line 19: | ||
In all these functions $link should be a valid LDAP connection object with a user bound to it already. | In all these functions $link should be a valid LDAP connection object with a user bound to it already. | ||
<code php> | <code php> | ||
- | mixed ldap_exop(resource $link, string $reqoid [, string $reqdata [, string &$retoid | + | mixed ldap_exop(resource $link, string $reqoid [, string $reqdata [, string &$retdata |
</ | </ | ||
- | Returns FALSE upon failure, TRUE upon success if $retoid | + | Returns FALSE upon failure, TRUE upon success if $retdata |
<code php> | <code php> | ||
- | bool ldap_parse_exop(resource $link, resource $result [, string &$retoid | + | bool ldap_parse_exop(resource $link, resource $result [, string &$retdata |
</ | </ | ||
Returns TRUE upon success and FALSE upon failure. Fills $retoid and $retdata with the data from $result object. | Returns TRUE upon success and FALSE upon failure. Fills $retoid and $retdata with the data from $result object. | ||
+ | |||
+ | Note that $retoid is useless in most cases, EXOPs usually leave it empty or fill it with $reqoid. This is why it’s in last position. | ||
This RFC also wish to introduce helper functions for common EXOP usage: | This RFC also wish to introduce helper functions for common EXOP usage: | ||
Line 32: | Line 34: | ||
bool ldap_exop_passwd(resource $link, string $user, string $oldpw, string $newpw [, string & | bool ldap_exop_passwd(resource $link, string $user, string $oldpw, string $newpw [, string & | ||
</ | </ | ||
- | The first one would call whoami EXOP and return either | + | The first one would call whoami EXOP and fill $result with the result. Return TRUE or FALSE upon failure. |
The second one would call passwd EXOP and return TRUE or FALSE upon failure. If $newpw is empty, $genpw will be filled with the generated password for the user. If $user is empty, it affects the bound user. | The second one would call passwd EXOP and return TRUE or FALSE upon failure. If $newpw is empty, $genpw will be filled with the generated password for the user. If $user is empty, it affects the bound user. | ||
Line 38: | Line 40: | ||
The original patch (and current code) provided a possibility to get a result object from helpers as well, and provided ldap_parse_exop_* helpers to parse the result objects from these operations. We feel this is too complex and does not add anything to the RFC so we intend to leave them out. | The original patch (and current code) provided a possibility to get a result object from helpers as well, and provided ldap_parse_exop_* helpers to parse the result objects from these operations. We feel this is too complex and does not add anything to the RFC so we intend to leave them out. | ||
+ | |||
+ | For consistency with existing ldap functions, theses function may produce E_WARNING in case of error or failure. | ||
+ | The safe way to use them is to use @ when calling them. ldap_error() can be used to get the last LDAP error in cases where it makes sense. | ||
===== Examples ===== | ===== Examples ===== | ||
<code php> | <code php> | ||
// Call EXOP whoami and store the result in $identity | // Call EXOP whoami and store the result in $identity | ||
- | if (ldap_exop($link, | + | if (ldap_exop($link, |
echo " | echo " | ||
} else { | } else { | ||
Line 49: | Line 54: | ||
// Same thing using a result object | // Same thing using a result object | ||
$r = ldap_exop($link, | $r = ldap_exop($link, | ||
- | if (($r !== FALSE) && ldap_parse_exop($link, | + | if (($r !== FALSE) && ldap_parse_exop($link, |
echo " | echo " | ||
} else { | } else { | ||
Line 55: | Line 60: | ||
} | } | ||
// Same thing with the helper | // Same thing with the helper | ||
- | $identity = ldap_exop_whoami($link); | + | if (ldap_exop_whoami($link, $identity)) { |
- | if ($identity | + | |
echo " | echo " | ||
} else { | } else { | ||
Line 93: | Line 97: | ||
- Should the function names contain the word " | - Should the function names contain the word " | ||
- Should we include a constant for LDAP_EXOP_CANCEL, | - Should we include a constant for LDAP_EXOP_CANCEL, | ||
- | - Should helper functions return a mixed, or a boolean and have an out parameter? (" | ||
- | - How would someone go about generating the needed ber-encoded data to pass ldap_exop in PHP? Should this RFC also define functions to handle ber-encoded data? | ||
- | - The $retoid field seems useless for all EXOPs listed in the constant section, they either leave it empty or fill it with the same value as $reqoid. So maybe this field should be moved to the last position to be easily omitted. But this may result in a less natural order: //reqoid, reqdata, retdata, retoid// (though most of the time it will be //reqoid, reqdata, retdata//). | ||
- | - How should error handling works? Original patch throws E_WARNING for all errors and failures, which seems a bad idea. Maybe filling the error so that error_get_last() gives the right information when a function of this RFC returns FALSE would be enough? Or should be uses exceptions? | ||
===== Unaffected PHP Functionality ===== | ===== Unaffected PHP Functionality ===== |
rfc/ldap_exop.txt · Last modified: 2017/09/22 13:28 by 127.0.0.1