php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #64317 [PATCH] add ldap_modify_batch function
Submitted: 2013-02-27 23:35 UTC Modified: 2015-06-10 11:51 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: ondra dot hosek at gmail dot com Assigned:
Status: Closed Package: LDAP related
PHP Version: Irrelevant OS:
Private report: No CVE-ID: None
 [2013-02-27 23:35 UTC] ondra dot hosek at gmail dot com
Description:
------------
Hi,

motivated by the impossibility of performing an Active Directory password change (not reset), which requires a simultaneous REMOVE and ADD operation on the unicodePwd attribute of a user, I have set out to write a function named ldap_modify_batch that would allow this.

The test script demonstrates the API of this function. I'll admit that this API (especially the array-of-arrays-of-arrays part) is a bit weird and I'll gladly accept tips on how to streamline it. There is also a (more complete but also more contrived) example in the function body itself.

Test script:
---------------
<?php

function adifyPw($pw)
{
	$quoted = '"' . $pw . '"';
	$utf16d = iconv("UTF-8", "UTF-16LE", $quoted);
	return $utf16d;
}

$curPwd = adifyPw("Tr0ub4dor&3");
$newPwd = adifyPw("correct horse battery staple");

$conn = ldap_connect("ldaps://dc.ad.example.com/");
ldap_bind($conn, "john@ad.example.com", "Tr0ub4dor&3");
$mods = array(
	array(
		"attrib" => "unicodePwd",
		"modtype" => LDAP_MODIFY_BATCH_REMOVE,
		"values" => array($curPwd)
	),
	array(
		"attrib" => "unicodePwd",
		"modtype" => LDAP_MODIFY_BATCH_ADD,
		"values" => array($newPwd)
	)
);
ldap_modify_batch($conn, "cn=John Smith,ou=Accounting,dc=ad,dc=example,dc=com", $mods);
ldap_close($conn);

?>


Patches

ldap_modify_batch.patch (last revision 2013-02-27 23:35 UTC by ondra dot hosek at gmail dot com)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-06-10 11:05 UTC] martin dot keckeis1 at gmail dot com
This was already added in PHP 5.4: http://php.net/manual/en/function.ldap-modify-batch.php
 [2015-06-10 11:51 UTC] ondra dot hosek at gmail dot com
-Status: Open +Status: Closed
 [2015-06-10 11:51 UTC] ondra dot hosek at gmail dot com
Good point. I discussed this on the mailing list and forgot all about this bug. Closing.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Dec 12 03:01:28 2024 UTC