[ciapug] RE: PHP / LDAP / Active Directory

Wyatt, Rich RWyatt at BSBDesign.com
Tue Aug 16 12:45:14 CDT 2005 

Jerry - this is what I'm looking for!  Thanks so much!

Rich S. Wyatt
Webmaster
Bloodgood Sharp Buster Architects and Planners, Inc.
Corporate-Des Moines
Office:  515.273.3020  Fax: 515.221.3272
www.bsbdesign.com 
National Experience, Regional Sensitivity
 
-----Original Message-----
From: ciapug-bounces at cialug.org [mailto:ciapug-bounces at cialug.org] On
Behalf Of ciapug-request at cialug.org
Sent: Tuesday, August 16, 2005 12:00 PM
To: ciapug at cialug.org
Subject: ciapug Digest, Vol 4, Issue 12

Send ciapug mailing list submissions to
	ciapug at cialug.org

To subscribe or unsubscribe via the World Wide Web, visit
	http://cialug.org/mailman/listinfo/ciapug
or, via email, send a message with subject or body 'help' to
	ciapug-request at cialug.org

You can reach the person managing the list at
	ciapug-owner at cialug.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of ciapug digest..."


Today's Topics:

   1. PHP / LDAP / Active Directory (Wyatt, Rich)
   2. Re: PHP / LDAP / Active Directory (Jerry Weida)
   3. RE: On or Off ... (Carl Olsen)


----------------------------------------------------------------------

Message: 1
Date: Mon, 15 Aug 2005 15:12:28 -0500
From: "Wyatt, Rich" <RWyatt at BSBDesign.com>
Subject: [ciapug] PHP / LDAP / Active Directory
To: <ciapug at cialug.org>
Message-ID:
	<5D85EA79B7461A4CBF03E03CA709D70B2110D4 at dsmmail2.BSBDesign.int>
Content-Type: text/plain; charset="us-ascii"

Hello gents/ladies... 
 
I'm not new to PHP but am new to this group.  My question deals with
using PHP and ldap_search to query the Active Directory.  I want to
check AD to see if a user is a member of a specific group or if the user
is a member of a group that is part of a group (this is what I really
want)... 
 
I can already return group membership - but I guess what I'm looking for
is a way to do the following:
 
Joe wants access to a page... 
 
Joe is part of "Super Admins" which is a member of "Another Admin"
group.  
 
Joe doesn't have "member of" listing for "Another Admin" group.  How can
I check the AD with PHP/LDAP to tell me that Joe is OK for this page b/c
he is part of a group that has membership to the required group?
 
Does this make sense?  If so - anybody have any thoughts?
 
Thanks in advance.
 
Rich S. Wyatt
Webmaster
Bloodgood Sharp Buster Architects and Planners, Inc.
Corporate-Des Moines
Office:  515.273.3020            Fax: 515.221.3272
www.bsbdesign.com <http://www.bsbdesign.com>  
National Experience, Regional Sensitivity
 


NOTICE: This email (including attachments) is covered by the Electronic
Communications Privacy Act, 18 U.S.C. 2510-2521, is confidential and may
be legally privileged.  If you are not the intended recipient, you are
hereby notified that any retention, dissemination, distribution, or
copying of this communication is strictly prohibited.  Please reply to
the sender that you have received the message in error then delete it.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://cialug.org/pipermail/ciapug/attachments/20050815/3443f898/attachm
ent-0001.html

------------------------------

Message: 2
Date: Mon, 15 Aug 2005 15:20:18 -0500
From: Jerry Weida <jweida at gmail.com>
Subject: Re: [ciapug] PHP / LDAP / Active Directory
To: ciapug at cialug.org
Message-ID: <40e57b5f050815132039e1f4d at mail.gmail.com>
Content-Type: text/plain; charset="windows-1252"

Check out http://adldap.sourceforge.net/. It's a PHP Library to access 
Active Directory using the ldap features of PHP. It provides a usable
object 
and has many useful methods for getting group membership information.

I had to hack it up a little bit to get it to accept parameters via the 
contructor rather than hard code them into the class, but it was easy
enough 
to accomplish.

On 8/15/05, Wyatt, Rich <RWyatt at bsbdesign.com> wrote:
> 
>  Hello gents/ladies... 
> 
>  I'm not new to PHP but am new to this group. My question deals with
using 
> PHP and ldap_search to query the Active Directory. I want to check AD
to 
> see if a user is a member of a specific group or if the user is a
member of 
> a group that is part of a group (this is what I really want)... 
> 
>  I can already return group membership - but I guess what I'm looking
for 
> is a way to do the following:
> 
>  Joe wants access to a page... 
> 
>  Joe is part of "Super Admins" which is a member of "Another Admin"
group. 
> 
>  Joe doesn't have "member of" listing for "Another Admin" group. How
can I 
> check the AD with PHP/LDAP to tell me that Joe is OK for this page b/c
he is 
> part of a group that has membership to the required group?
> 
>  Does this make sense? If so - anybody have any thoughts?
> 
>  Thanks in advance.
> 
>  *Rich S. Wyatt*
> 
> Webmaster
> 
> *Bloodgood Sharp Buster Architects and Planners, Inc.*
> 
> Corporate-Des Moines
> 
> Office: 515.273.3020 Fax: 515.221.3272
> 
> *www.bsbdesign.com <http://www.bsbdesign.com>** *
> 
> *National Experience, Regional Sensitivity*
> 
>  ------------------------------
> NOTICE: This email (including attachments) is covered by the
Electronic 
> Communications Privacy Act, 18 U.S.C. 2510-2521, is confidential and
may 
> be legally privileged. If you are not the intended recipient, you are
hereby 
> notified that any retention, dissemination, distribution, or copying
of this 
> communication is strictly prohibited. Please reply to the sender that
you 
> have received the message in error then delete it. 
> 
> 
> _______________________________________________
> ciapug mailing list
> ciapug at cialug.org
> http://cialug.org/mailman/listinfo/ciapug
> 
> 
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://cialug.org/pipermail/ciapug/attachments/20050815/12c66fe2/attachm
ent-0001.htm

------------------------------

Message: 3
Date: Mon, 15 Aug 2005 21:11:05 -0500
From: "Carl Olsen" <carl-olsen at mchsi.com>
Subject: RE: [ciapug] On or Off ...
To: <ciapug at cialug.org>, "'Tony Bibbs'" <tony at tonybibbs.com>
Message-ID: <20050816021111.A3C15524F at www.cialug.org>
Content-Type: text/plain;	charset="us-ascii"

Here's a new version of my file with the prepared statements and all of
the
function calls to mysqli written in OOP:

<?php

class faqs
{
	private $id;
	private $question;
	private $answer;
	private $order;
	private $conn;
	private $needsupdating = false;
	
	public function __construct($faqid)
	{
		$this->conn =  new mysqli("host", "user", "pswd", "db");
		if(mysqli_connect_errno())
		{
			throw new Exception("Unable to connect to the
server: " . mysqli_connect_error());
		}
		if($stmt = $this->conn->prepare("SELECT faq_question,
faq_answer, faq_order FROM faq_faq WHERE faq_id = ?"))
		{
			$stmt->bind_param("i", $faqid);
			$stmt->execute();
			$stmt->bind_result($faq_question, $faq_answer,
$faq_order);
			$stmt->fetch();
			$this->id = $faqid;
			$this->question = $faq_question;
			$this->answer = $faq_answer;
			$this->order = $faq_order;
			$stmt->close();
		}
	}
	
	public function getquestion()
	{
		return $this->question;
	}
	public function getanswer()
	{
		return $this->answer;
	}
	public function getorder()
	{
		return $this->order;
	}
	public function setquestion($question)
	{
		if(!is_string($question) || strlen($question) == 0)
		{
			throw new Exception("Invalid question value");
		}
		$this->question = $question;
		$this->needsupdating = true;
	}
	public function setanswer($answer)
	{
		if(!is_string($answer) || strlen($answer) == 0)
		{
			throw new Exception("Invalid answer value");
		}
		$this->answer = $answer;
		$this->needsupdating = true;
	}
	public function setorder($order)
	{
		if(!is_integer($order) || strlen($order) == 0)
		{
			throw new Exception("Invalid order value");
		}
		$this->order = $order;
		$this->needsupdating = true;
	}
	
	public function __destruct()
	{
		if(!$this->needsupdating)
		{
			return;
		}
		if ($stmt = $this->conn->prepare("UPDATE faq_faq SET
faq_question = ?, faq_answer = ?, faq_order = ? WHERE faq_id = ?"));
		{
			$stmt->bind_param("ssii", $faq_question,
$faq_answer, $faq_order, $faq_id);
			$faq_question = $this->question;
			$faq_answer = $this->answer;
			$faq_order = $this->order;
			$faq_id = $this->id;
			$stmt->execute();
			$stmt->close();
		}
		$this->conn->close();
	}
}

?>

-----Original Message-----
From: ciapug-bounces at cialug.org [mailto:ciapug-bounces at cialug.org] On
Behalf
Of Carl Olsen
Sent: Friday, August 12, 2005 6:24 PM
To: 'Tony Bibbs'; ciapug at cialug.org
Subject: RE: [ciapug] On or Off ...

As you can see from the example I just sent, I'm using mysqli without
the
prepared statements and I'm using the database abstraction layer to
escape
the arguments.  What am I going to gain by switching to prepared
statements?

I can see the code might be fewer lines, but I'm also wondering about
performance.  Am I going to realize an improvement in performance?

Thank for your help!

Carl
http://www.carl-olsen.com/




------------------------------

_______________________________________________
ciapug mailing list
ciapug at cialug.org
http://cialug.org/mailman/listinfo/ciapug


End of ciapug Digest, Vol 4, Issue 12
*************************************



NOTICE: This email (including attachments) is covered by the Electronic Communications Privacy Act, 18 U.S.C. 2510-2521, is confidential and may be legally privileged.  If you are not the intended recipient, you are hereby notified that any retention, dissemination, distribution, or copying of this communication is strictly prohibited.  Please reply to the sender that you have received the message in error then delete it.

More information about the ciapug mailing list