[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How to modify my database using ldap_modfiy



> Thanks for your quick reply.
> Unfortunately as I have limited programming abilities, at this 
> moment I don't understand all the code, but you have given me 
> something to work with.
> I have just 1 question, will this work with multiple attribute changes
> eg.    department, location, telephonenumber?

It will work (the code below) with multiple changes, deletes, adds, but I don't
think it will work for multi-valued attributes, like say an object that contains
seven "location" attributes.  The real key to understanding the PHP LDAP
functions is to understand PHP arrays, which are quite diffrent then is "base"
languages such as C.  Arrays are "keyed", and each key value can contain one or
more values.  
  So $people["location"] = "Brighton";
     $people["department"] = "IT\CIS";
  would create a two VALUE, two KEY array that can be passed to   
  ldap_mod_whatever and will add/replace the location and department 
  attributes of the specified DN.  Just setting the key like:   
     $people["location"] = "";
  you can pass the array to ldap_mod_replace will remove the attributes
  from the object.
  You can multi-value with something like:
     $people["location"][0] = "Brighton";
     $people["location"][1] = "Detroit";
     $people["location"][2] = "Saginaw";
   is a three VALUE, one KEY array.

>>>I have created web pages using PHP to search my ldap database.
>>>I now want the facility to be able to amend entries within this
>>>database using these web pages. I have used PHP to create a file
>>>that holds the amended record.
>> 
>>You don't pass ldap_modify a filename, you have to pass it an array. 
>>For example (this forms takes the values from a form a modifies a
>>given object to match):
>> 
>>#ldap_person_attributes is just a local function that
>>#returns an array containing the values found in a
>>#person's LDAP object as key values
>>$person_attributes = ldap_person_attributes();
>>#ldap_get_uid is just a local function that returns the
>>#DN found when looking up "uid=$PHP_AUTH_USER and
>>#objectclass=posixaccount)
>> $user_dn = ldap_get_uid_dn($PHP_AUTH_USER);
>> $ds=ldap_connect("littleboy");
>> $r=ldap_bind($ds, $user_dn, $PHP_AUTH_PW);
>> printf("Binding to LDAP server as $user_dn<BR>");
>> if ($r) {
>>   printf("&nbsp;&nbsp;&nbsp;&nbsp;Bind successful.<BR>");
>>   $dn = urldecode($dn);
>>   printf("Operating on object %s<BR>", $dn);
>>   if ($action == "update") {
>>      $sr=ldap_search($ds,
>>            "$dn",
>>            "(objectclass=*)");
>>      $info = ldap_get_entries($ds, $sr);
>>      $person_uid = $info[0]["uid"][0];
>>      reset($person_attributes);
>>      for ($i=0; $i<count($person_attributes); $i++) {
>>        $key   = key($person_attributes);
>>        next($person_attributes);
>>        printf("<U>Checking attribute pair %s:%s to %s.</U><BR>",
>>          $key, $$key, $info[0]["$key"][0]);
>>        printf("&nbsp;&nbsp;");
>>        if ($info[0]["$key"][0] == $$key) {
>>          printf("<FONT COLOR=BLUE>");
>>         printf("Attribute pair %s:%s is unchanged.<BR>", $key, $$key);
>>         printf("</FONT>");
>>        } else
>>           {
>>            printf("<FONT COLOR=RED>");
>>            printf("Attribute pair %s:%s has changed.<BR>", $key,
>>            $$key); printf("</FONT>");
>>            printf("&nbsp;&nbsp;&nbsp;&nbsp;"); if
>>            ((strlen($info[0]["$key"][0]) == 0)
>>                  and (strlen($$key) > 0)) {
>>               printf("This attribute is an <BLINK>ADD</BLINK>.<BR>");
>>               $add_entries["$key"] = $$key;
>>              } else if ((strlen($info[0]["$key"][0]) > 0)
>>                           and (strlen($$key) == 0)) {
>>                    printf("This attribute is a
>>                    <BLINK>DELETE</BLINK>.<BR>");
>>                    $delete_entries["$key"] = "";
>>                   } else {
>>                       printf("This attribute is a
>>                       <BLINK>CHANGE</BLINK>.<BR>");
>>                        $change_entries["$key"] = $$key;
>>                      }
>>            }
>>        }
>>      printf("<HR><CENTER><U>Operations:</U></CENTER>");
>>      if (count($add_entries) > 0) {
>>        printf("Found %d entries to add to object<BR>",
>>        count($add_entries)); if (ldap_mod_add($ds, $dn, $add_entries))
>>        {
>>          printf("&nbsp;&nbsp;Add successful.<BR>");
>>         } else {
>>             printf("&nbsp;&nbsp;Add failed.<BR>");
>>            }
>>       } else {
>>           printf("Found no entries to add to object<BR>");
>>          }
>>      if (count($delete_entries) > 0) {
>>        printf("Found %d entries to remove from object<BR>",
>>        count($delete_entries));
>>        if (ldap_mod_replace($ds, $dn, $delete_entries)) {
>>          printf("&nbsp;&nbsp;Remove successful.<BR>");
>>         } else {
>>             printf("&nbsp;&nbsp;Remove failed.<BR>");
>>            }
>>       } else {
>>           printf("Found no entries to remove from object<BR>");
>>          }
>>      if (count($change_entries) > 0) {
>>        printf("Found %d entries to change in object<BR>",
>>        count($change_entries));
>>        if (ldap_mod_replace($ds, $dn, $change_entries)) {
>>          printf("&nbsp;&nbsp;Change successful.<BR>");
>>         } else {
>>             printf("&nbsp;&nbsp;Change failed.<BR>");
>>            }
>>       } else {
>>           printf("Found no entries to change in object<BR>");
>>          }
>>     ldap_close($ds);

Systems and Network Administrator
Morrison Industries
1825 Monroe Ave NW.
Grand Rapids, MI. 49505