Search
A short note on DNs
It may be possible that restricted characters (",", "+", """, "\", "<", ">", ";", "#", "=", space or a hexpair) are used in attributes or values inside the DN. You should have a look to the APIdoc of Net_LDAP2_Util::escape_dn_value(), Net_LDAP2_Util::unescape_dn_value(), Net_LDAP2_Util::ldap_explode_dn() and Net_LDAP2_Util::canonical_dn(). These functions can be used to safely handle DNs.
Searching some entries
After connecting to the server, you can use Net_LDAP2's search() method to search the directory. The method takes three parameters:
-
$base
is the base search DN. If keptnull
, the default base DN configured when connecting is used. -
$filter
is the query filter that determines which results are returned. It is either a string (experts use only) or better a Net_LDAP2_Filter-object. Net_LDAP2_Filter automatically deals with LDAP-Filter escaping issues. LDAP filters are extensively explained at the chapter LDAP filters. -
$params
is an array of configuration options for the current query.Possible configuration parameters Name Description Default scope
The scope used for searching: -
base
- Just one entry -
sub
- The whole tree -
one
- Immediately below$base
sub
sizelimit
Number of entries returned at maximum 0
(no limit)timelimit
Seconds to spent for searching 0
(no limit)attrsonly
If true
, only attribute names are returnedfalse
attributes
Array of attribute names, which the entry should contain. It is good practice to limit this to just the ones you need. array()
(all attributes) -
The search() method will return either a Net_LDAP2_Search object or a Net_LDAP2_Error. You can use the Net_LDAP2_Search-object to trigger further actions like counting how many entries where found or to retrieve the found entries.
Making a search query
<?php
// Building a very basic filter
// we want to find all Entries whose surnames start with "Joe":
$filter = Net_LDAP2_Filter::create('sn', 'begins', 'Joe');
// We define a custom searchbase here. If you pass NULL, the basedn provided
// in the Net_LDAP2 configuration will be used. This is often not what you want.
$searchbase = 'ou=addressbook,dc=example,dc=org';
// Some options:
// We search all subtrees beneath 'ou=addressbook,dc=example,dc=org'
// and we select the attribute 'sn'. It is a good practice to limit the
// requested attributes to only those you actually want to use later.
// However, note that it is faster to select unneeded attributes than
// refetching an entry later to just get those attributes.
$options = array(
'scope' => 'sub',
'attributes' => array('sn')
);
// Perform the search!
$search = $ldap->search($searchbase, $filter, $options);
// Test for search errors:
if (PEAR::isError($search)) {
die($search->getMessage() . "\n");
}
// Say how many entries we have found:
echo "Found " . $search->count() . " entries!";
?>