<?php
require_once dirname(__FILE__) . "/../IDebug.php";

class LDAP {
	private $page;
	private $ldapconn;
	private $res;
	private $ldapuri;
	private $basedn;
	private $isbound;
	private $mydn;
	private $mypwd;
	private $mycn;

	public function __construct($LdapUri, $BaseDn, IDebug $page) {
		$this->page = $page;
		$this->ldapconn = false;
		$this->res = false;
		$this->ldapuri = false;
		$this->basedn = false;
		$this->isbound = false;
		$this->mydn = false;
		$this->mypwd = false;
		$this->mycn = false;
			
		if( !(strlen($LdapUri)>0) ) { $this->page->debug('LDAP->__construct: Illegal Ldap Uri'); return false; }
		if( !(strlen($BaseDn)>0) ) { $this->page->debug('LDAP->__construct: Illegal Base Dn'); return false; }
			
		$this->Conn($LdapUri);
		$this->basedn=$BaseDn;
	}

	public function __destruct() {
		if($this->res) @ldap_free_result($this->res);
		if($this->ldapconn) @ldap_unbind($this->ldapconn);
		// Make sure you do not use this object after calling this
		// destructor, 'cause then things are gonna get messy
	}

	public function Auth($Uid, $pwd) {
		// Return: true if no error.
		if(!$this->isbound) $this->BindAnon();
		$this->res = @ldap_search($this->ldapconn, $this->basedn, '(uid='.quotemeta($Uid).')', array('dn'));
		if(!$this->res) { $this->page->debug('LDAP->Auth: ldap_search: '.ldap_error($this->ldapconn)); return false; }
		if(!$entr = @ldap_first_entry($this->ldapconn, $this->res)) { $this->page->debug('LDAP->Auth: ldap_first_entry: '.ldap_error($this->ldapconn)); return false; }
		if(!$authdn = @ldap_get_dn($this->ldapconn, $entr)) { $this->page->debug('LDAP->Auth: ldap_get_dn: '.ldap_error($this->ldapconn)); return false; }
		@ldap_free_result($this->res);
		$this->res=false;
		if(!@ldap_unbind($this->ldapconn)) { $this->page->debug('LDAP->Auth: ldap_unbind: '.ldap_error($this->ldapconn)); return false; }
		if(!$this->Conn($this->ldapuri)) return false;
		return $this->Bind($authdn, $pwd);
	}

	public function Bind($BindDn, $pwd) {
		if(!@ldap_bind($this->ldapconn, $BindDn, $pwd)) { $this->page->debug($BindDn . ": " . ldap_error($this->ldapconn)); return false; }
		$this->isbound=true;
		$this->mydn=$BindDn;
		$this->mypwd=$pwd;
		return true;
	}

	public function BindAnon() {
		if(!@ldap_bind($this->ldapconn)) { $this->page->debug('LDAP->BindAnon: '.ldap_error($this->ldapconn)); return false; }
		$this->isbound=true;
		return true;
	}

	public function Conn($LdapUri) {
		if(!($this->ldapconn = @ldap_connect($LdapUri))) { $this->page->debug('LDAP->Conn: Connect to '.$LdapUri.' failed.'); return false; }
		$this->ldapuri=$LdapUri;
		return true;
	}

	public function DelResults() {
		if($this->res) @ldap_free_result($this->res);
		$this->res=false;
	}

	public function GetData($dn) {
		if(!$this->res = @ldap_read($this->ldapconn, $dn, '(objectClass=*)')) {
			$this->page->debug('LDAP->GetData: Couldn\'t get dn: '.ldap_error($this->ldapconn));
			return false;
		}
		if(!$data=@ldap_get_entries($this->ldapconn, $this->res)) {
			$this->page->debug('LDAP->GetData: Couldn\'t get dn: '.ldap_error($this->ldapconn));
			return false;
		}
		return $data[0];
	}

	public function GetMyCn() {
		$this->mycn=false;
		if(!$this->res = ldap_read($this->ldapconn, $this->mydn, '(objectClass=*)', array('cn'))) return;
		if(!$entr = ldap_first_entry($this->ldapconn, $this->res)) return;
		if(!$allcns = ldap_get_values($this->ldapconn, $entr, 'cn')) return;
		$this->mycn=$allcns[0];
		ldap_free_result($this->res);
		$this->res=false;
		return $this->mycn;
	}

	public function MyCn() {
		return $this->mycn;
	}

	public function MyDn() {
		return $this->mydn;
	}
	
	public function getMyData(array $attributes) {
		$res = ldap_read($this->ldapconn, $this->mydn, '(objectClass=*)', $attributes);
		if( $res == false ) { $this->page->debug("No data read for dn: " . $this->mydn . ": " . ldap_error($this->ldapconn)); }
		$entry = ldap_first_entry($this->ldapconn, $res);
		return ldap_get_attributes($this->ldapconn, $entry);
// 		$this->page->debug("DN: " . $this->mydn);
// 		return $this->SearchAll("*", $attributes, $this->mydn);
	}

	public function GetBase() {
		return $this->basedn;
	}

	//$auth=>Search('memberUid', $uid, 'posixGroup', array('dn'));
	public function Search($onattr, $searchfor, $oclass, $attrs, $basedn="") {
		#$thefilter='(&(objectClass='.$oclass.')('.$onattr.'=*'.quotemeta($searchfor).'*))';
		$thefilter='(&(objectClass='.$oclass.')('.$onattr.'='.quotemeta($searchfor).'))';
		if( $basedn=="" ) {
			$this->res=@ldap_search($this->ldapconn, $this->basedn, $thefilter, $attrs);
		}else {
			$this->res=@ldap_search($this->ldapconn, $basedn, $thefilter, $attrs);
		}
		if(!$this->res) { $this->page->debug("LDAP->Search: Search failed: ".ldap_error($this->ldapconn)); return false; }
		if( !@ldap_sort($this->ldapconn, $this->res, $attrs[0]) ) { $this->page->debug('LDAP->Search: sort failed: '.ldap_error($this->ldapconn)); return false; }
		$data=@ldap_get_entries($this->ldapconn, $this->res);
		if(!$data) { $this->page->debug("LDAP->Search: Get entries failed: ".ldap_error($this->ldapconn)); return false; }
		#if(!$data['count']) { debug("No entries found"); return false; }
		return $data;
	}

	public function SearchAll($oclass, $attrs, $basedn="") {
		#$thefilter='(&(objectClass='.$oclass.')('.$onattr.'=*'.quotemeta($searchfor).'*))';
		$thefilter='(&(objectClass='.$oclass.'))';
		if( $basedn=="" ) {
			$this->res=@ldap_search($this->ldapconn, $this->basedn, $thefilter, $attrs);
		}else {
			$this->res=@ldap_search($this->ldapconn, $basedn, $thefilter, $attrs);
		}
		if(!$this->res) { $this->page->debug('LDAP->Search: Search failed: '.ldap_error($this->ldapconn)); return false; }
		if( !@ldap_sort($this->ldapconn, $this->res, $attrs[0]) ) { $this->page->debug('LDAP->Search: sort failed: '.ldap_error($this->ldapconn)); return false; }
		$data=@ldap_get_entries($this->ldapconn, $this->res);
		if(!$data) { $this->page->debug('LDAP->Search: Get entries failed: '.ldap_error($this->ldapconn)); return false; }
		if(!$data['count']) { $this->page->debug('No entries found'); return false; }
		return $data;
	}

	public function SearchQuery($filter, $oclass, $attrs, $basedn="") {
		$thefilter='(&(objectClass='.$oclass.')'.$filter.')';
		if( $basedn=="" )
			$this->res=@ldap_search($this->ldapconn, $this->basedn, $thefilter, $attrs);
			else
				$this->res=@ldap_search($this->ldapconn, $basedn, $thefilter, $attrs);
				if(!$this->res) { $this->page->debug('LDAP->Search: Search failed: '.ldap_error($this->ldapconn)); return false; }
				if( !@ldap_sort($this->ldapconn, $this->res, $attrs[0]) ) { $this->page->debug('LDAP->Search: sort failed: '.ldap_error($this->ldapconn)); return false; }
				$data=@ldap_get_entries($this->ldapconn, $this->res);
				if(!$data) { $this->page->debug('LDAP->Search: Get entries failed: '.ldap_error($this->ldapconn)); return false; }
				if(!$data['count']) { $this->page->debug('No entries found'); return false; }
				return $data;
	}

	public function Add($dn, $data) {
		return @ldap_add($this->ldapconn, $dn, $data);
	}

	public function Delete($dn) {
		return @ldap_delete($this->ldapconn, $dn);
	}

	public function ModReplace($dn, $data) {
		return @ldap_mod_replace($this->ldapconn, $dn, $data);
	}

	public function GetError() {
		return @ldap_error($this->ldapconn);
	}
}
?>