Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 4.0.x will end 8 May 2023 (12 months).
  • Bug fixes for security issues in 4.0.x will end 13 November 2023 (18 months).
  • PHP version: minimum PHP 7.3.0 Note: the minimum PHP version has increased since Moodle 3.10. PHP 7.4.x is also supported.
/lib/ -> ldaplib.php (source)

Differences Between: [Versions 400 and 401] [Versions 400 and 402] [Versions 400 and 403]

ldaplib.php - LDAP functions & data library Library file of miscellaneous general-purpose LDAP functions and data structures, useful for both ldap authentication (or ldap based authentication like CAS) and enrolment plugins.

Author: Iñaki Arenaza
Copyright: 1999 onwards Martin Dougiamas http://dougiamas.com
Copyright: 2010 onwards Iñaki Arenaza
License: http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
File Size: 502 lines (19 kb)
Included or required:0 times
Referenced: 0 times
Includes or requires: 0 files

Defines 12 functions


Functions that are not part of a class:

ldap_supported_usertypes()   X-Ref
Returns predefined user types

return: array of predefined user types

ldap_getdefaults()   X-Ref
Initializes needed variables for ldap-module

Uses names defined in ldap_supported_usertypes.
$default is first defined as:
$default['pseudoname'] = array(
'typename1' => 'value',
'typename2' => 'value'
....
);

return: array of default values

ldap_isgroupmember($ldapconnection, $userid, $group_dns, $member_attrib)   X-Ref
Checks if user belongs to specific group(s) or is in a subtree.

Returns true if user belongs to a group in grupdns string OR if the
DN of the user is in a subtree of the DN provided as "group"

return: boolean
param: mixed $ldapconnection A valid LDAP connection.
param: string $userid LDAP user id (dn/cn/uid/...) to test membership for.
param: array $group_dns arrary of group dn
param: string $member_attrib the name of the membership attribute.

ldap_connect_moodle($host_url, $ldap_version, $user_type, $bind_dn, $bind_pw, $opt_deref, &$debuginfo, $start_tls=false)   X-Ref
Tries connect to specified ldap servers. Returns a valid LDAP
connection or false.

return: mixed connection result or false.
param: string $host_url
param: integer $ldap_version either 2 (LDAPv2) or 3 (LDAPv3).
param: string $user_type the configured user type for this connection.
param: string $bind_dn the binding user dn. If an emtpy string, anonymous binding is used.
param: string $bind_pw the password for the binding user. Ignored for anonymous bindings.
param: boolean $opt_deref whether to set LDAP_OPT_DEREF on this connection or not.
param: string &$debuginfo the debugging information in case the connection fails.
param: boolean $start_tls whether to use LDAP with TLS (not to be confused with LDAP+SSL)

ldap_find_userdn($ldapconnection, $username, $contexts, $objectclass, $search_attrib, $search_sub)   X-Ref
Search specified contexts for username and return the user dn like:
cn=username,ou=suborg,o=org

return: mixed the user dn (external LDAP encoding, no db slashes) or false
param: mixed $ldapconnection a valid LDAP connection.
param: mixed $username username (external LDAP encoding, no db slashes).
param: array $contexts contexts to look for the user.
param: string $objectclass objectlass of the user (in LDAP filter syntax).
param: string $search_attrib the attribute use to look for the user.
param: boolean $search_sub whether to search subcontexts or not.

ldap_normalise_objectclass($objectclass, $default = '*')   X-Ref
Normalise the supplied objectclass filter.

This normalisation is a rudimentary attempt to format the objectclass filter correctly.

return: string The normalised objectclass.
param: string $objectclass The objectclass to normalise
param: string $default The default objectclass value to use if no objectclass was supplied

ldap_get_entries_moodle($ldapconnection, $searchresult)   X-Ref
Returns values like ldap_get_entries but is binary compatible and
returns all attributes as array.

return: array ldap-entries with lower-cased attributes as indexes
param: mixed $ldapconnection A valid LDAP connection
param: mixed $searchresult A search result from ldap_search, ldap_list, etc.

ldap_filter_addslashes($text)   X-Ref
Quote control characters in texts used in LDAP filters - see RFC 4515/2254

return: string the filter string quoted
param: string filter string to quote

ldap_get_dn_special_chars()   X-Ref
The order of the special characters in these arrays _IS IMPORTANT_.
Make sure '\\5C' (and '\\') are the first elements of the arrays.
Otherwise we'll double replace '\' with '\5C' which is Bad(tm)


ldap_addslashes($text)   X-Ref
Quote control characters in AttributeValue parts of a RelativeDistinguishedName
used in LDAP distinguished names - See RFC 4514/2253

return: string the AttributeValue quoted
param: string the AttributeValue to quote

ldap_stripslashes($text)   X-Ref
Unquote control characters in AttributeValue parts of a RelativeDistinguishedName
used in LDAP distinguished names - See RFC 4514/2253

return: string the AttributeValue unquoted
param: string the AttributeValue quoted

ldap_paged_results_supported($ldapversion, $ldapconnection = null)   X-Ref
No description