printf(”
%s %s %s %s %s %s [Modify] [Delete]

n”, $resultEntries[$i][”cn”][0], $resultEntries[$i][”sn”][0], $resultEntries[$i][”mail”][0], $resultEntries[$i][”employeenumber”][0], $resultEntries[$i][”ou”][0], $resultEntries[$i][”telephonenumber”][0], $mailString, $ouString, $mailString, $ouString); } printf(”

n”); } This function is used by the script that creates a new entry and the script that modifies an existing entry. The function prints out a set of text fields that the user can fill or modify. In the modification case, preexisting values are provided as default values: function generateHTMLForm($formValues, $actionScript, $submitLabel) { printf(”

n", $actionScript);  printf("First Name:  
n”,  ($formValues) ? $formValues[0][”cn”][0] : “”);    printf(”Last Name:   
n”,    ($formValues) ? $formValues[0][”sn”][0] : “”);   printf(”E-mail:      
n”, ($formValues) ?  $formValues[0][”mail”][0] : “”);    printf(”Employee no.:
n”,   Page 516    
Hint: If you are looking for high quality webhost to host and run your jsp application check Vision web hosting jsp services

				

if ($noOfFieldsSet >= 2) { $searchFilter = “(&” .$searchFilter. “)”; } return $searchFilter; } This function; given a link identifier obtained from the connectBindServer()function and the search filter created by createSearchFilter(), performs a search on the directory: function searchDirectory($linkIdentifier, $searchFilter) { global $baseDN; $searchResult = ldap_search($linkIdentifier, $baseDN, $searchFilter); We count the search results to see if we got any entries at all: if (ldap_count_entries($linkIdentifier, $searchResult) <= 0) { displayErrMsg("No entries returned from the directory"); return 0; } else { $resultEntries = ldap_get_entries($linkIdentifier, $searchResult); return $resultEntries; } } This function prints the result of a search as an HTML table: function printResults($resultEntries) { printf("

n”); $noOfEntries = $resultEntries[”count”]; for ($i = 0; $i < $noOfEntries; $i++) { if (!$resultEntries[$i]["cn"] && !$resultEntries[$i]["sn"]) continue; $mailString = urlencode($resultEntries[$i]["mail"][0]); $ouString = urlencode($resultEntries[$i]["ou"][0]); Page 515
Note: If you are looking for cheapest and affordable webspace to host and run your servlet application check Astra j2ee hosting services

Posted in php4 | No Comments »

“, $message); printf(”

“); printf(”

“); printf(”
“); printf(”
“); } This function generates the first page seen in the earlier screenshot. It outputs an HTML form which allows the user to choose between searching for entries or adding a new entry: function generateFrontPage() { printf(”

suit our environment: As mentioned earlier, empdir_functions.php has a common set of functions used by other scripts. The functions are of two types display related functions that print the HTML and utility functions such as those that encapsulate the logic of connecting and binding to the directory: “); printf(”

Hint: If you are looking for very good and affordable webspace to host and run your tomcat hosting application check Sandzak.com tomcat web hosting provider

A Sample LDAP Application in PHP So we finally get down to putting to some practical purpose what we have gleaned through the course of this chapter. We will develop an application that will export the directory information for the employees of our favorite company Foo Widgets Inc. Let us look at what could be the possible requirements and design considerations for such an application: . There are two categories of users regular employees and the directory administrator. . The application should allow a regular employee to search entries corresponding to all other employees and to modify the entry corresponding to them. . The administrator should have exclusive priveleges unavailable to regular employees to create new entries and delete existing entries. . The application should use an LDAP directory as the back-end. . It should have a simple front-end, with all complexity moved to the back-end. It should ideally be browser-independent. . A set of common utility functions first, upon which to build the application itself. The script below is the first that gets invoked as part of launching the application: This is how the initial screen would look to the user: The script empdir_common.php contains some site-specific information that we need to customize to Page 510

Hint: If you are looking for very good and affordable webspace to host and run your java hosting application check Sandzak.com java web hosting provider

Error Functions These functions are useful in identifying error conditions within our scripts. They are designed to allow us to write scripts that are independent of the locale or specifically the local language in which the error messages are represented. ldap_errno() int ldap_errno(int link_identifier) Often we need to check the error value of the last executed function. This value is available to us by calling the ldap_errno() function. The return value of this function can be passed to the ldap_ err2str()function to obtain a string describing the error. ldap_error() string ldap_error(int link_identifier) This function merely combines the functionality of the ldap_errno() and the ldap_err2str() functions, that is it returns a string describing the error if any occurred while executing the last function. The link_identifier argument is available because it is possible that since the application might open connections to more than one LDAP server, we need a mechanism to examine error conditions associated with each of the connections. ldap_err2str() string ldap_err2str(int errno) ldap_err2str() returns a descriptive error string when supplied with an argument that is an error number. This is especially useful when running localized applications where the error messages may be in a local language. Programs can therefore check for error numbers rather than error strings. Page 509
Note: If you are looking for good and quality webspace to host and run your java application check professional java hosting services

schema. Objectclass attributes define what attributes are required and which ones are simply allowed (such as, optional). The link_identifieris the connection identifier that is returned by the ldap_connect()function. The new entry to be added needs a DN that is specified as the second argument. The third argument passed is an array consisting of attributes and values of the new entry. If we take the example of the LDIF for FooWid, the entry array would be: entry[”cn”] = “Don Joe III”; entry[”mail”] = “djoe@exist.com”; entry[”description”] = “Professional bungee-jumper”; … ldap_mod_add() int ldap_mod_add(int link_identifier, string dn, array entry) This function adds attribute values to the existing attributes of the specified DN. It performs the modification at the attribute level as opposed to the object level. Object level additions are done by the ldap_add() function, that is, if we needed to add a telephone number to an entry, we would use this function, whereas to add a completely new entry we would rely on ldap_add(). It returns trueon success and falseon error. ldap_mod_del() int ldap_mod_del(int link_identifier, string dn, array entry) This function removes attribute values from the specified DN. It performs the modification at the attribute level as opposed to the object level. Object level deletions are done by the ldap_del() function, that is if we needed to delete the room number of an entry corresponding to an employee, we would use this function, whereas to completely delete an employee entry, we would rely on ldap_del(). It returns true on success and falseon error. ldap_delete() boolean ldap_delete(int link_identifier, string dn) ldap_delete() deletes a particular entry in the LDAP directory specified by the DN. It returns true on success and false on error. Usually LDAP servers are configured such that this is only allowed for as few users as is specified in the LDAP server’s ACL. ldap_modify() boolean ldap_modify(int link_identifier, string dn, array entry); ldap_modify() is used to modify the existing entries in the LDAP directory. The structure of the entry is same as in ldap_add(). It returns true on success and falseon error. Modifications are only allowed for authenticated users. The server’s ACL usually allows different users to modify different attributes. For example, all users might only be allowed to change their password, while a user’s manager might be able to change a user’s office number and job title, and only a select group (for example the directory administrators) can edit any attribute. All modifications must follow the server’s schema. A modification can take the form of an add, replace, or delete action. Special care must be taken with replacing multi-valued attributes because if we replace an attribute with multi-values with a single value, we will be in effect replacing all of its values. Page 508
Note: If you are looking for cheap and inexpensive provider to host and run your tomcat application check professional tomcat hosting services

[, array attributes [, int attrsonly [, int sizelimit [, int timelimit [, int deref]]]]]) When we perform a search, we need to specify the base of the tree where the search should begin and also the scope of the search. The scope indicates what part of the tree is to be covered while searching. ldap_list() performs the search for a specified filter on the directory with the scope, LDAP_SCOPE_ ONELEVEL. This means that the search should only return information that is at the level immediately below the base DN given in the call (equivalent to typing ls on a UNIX shell and getting a list of files and folders in the current working directory). This call takes an optional fourth parameter that is an array of just the required attributes. The newly introduced parameters attrsonly, sizelimit, timelimitand deref have exactly the same functionality as they have in the ldap_search()and ldap_read()functions. This function returns a search result identifier or false on error. ldap_count_entries() int ldap_count_entries(int link_identifier, int result_identifier) ldap_count_entries() returns the number of entries stored as a result of previous search operations (as a result of a search call). result_identifieridentifies the internal LDAP result. It returns falseon error. ldap_next_attribute() string ldap_next_attribute(int link_identifier, int result_entry_identifier, int &ber_identifier) ldap_next_attribute() is called to retrieve the attributes in an entry. The internal state of the pointer is maintained by the ber_identifier. It is passed by reference to the function. The first call to ldap_next_attribute() is made with the result_entry_identifierreturned from ldap_ first_attribute(). It returns the next attribute in an entry on success, and falseon error. ldap_next_entry() int ldap_next_entry(int link_identifier, int result_entry_identifier) This function returns the entry identifier for the next entry in the result whose entries are being read starting with ldap_first_entry(). Successive calls to ldap_next_entry() return entries one by one till there are no more entries. The first call to ldap_next_entry() is made after the call to ldap_ first_entry with the result_identifier as returned from the ldap_first_entry(). If there are no more entries in the result then it returns false. Modification Functions It must be remembered that modification of directory entries should not be as frequent as search operations or the performance of the server would degrade significantly. However, modification is necessary and the functions under this category even allow us to add and delete entries and attributes. ldap_add() int ldap_add(int link_identifier, string dn, array entry) The ldap_add()function adds new entries in to the directory. When adding or modifying an entry, the entry must have all of the required attributes and only allows attributes as specified by the LDAP server’s Page 507
Hint: If you are looking for good and high quality web space to host and run your java application check Vision java web hosting services