Monthly Archives: February 2011

SamNews 1.1 Development Update – Bulk Submitter

Posted on by
2

The Bulk Submitter is a new feature included with SamNews 1.1. Admins will have the ability to paste in a bunch of URL’s and have them processed for quick posting. The pages are scraped for title, images, and a description blurb.

The same scraping will occur for individual submissions as well. Because of this, it’s possible a user could flood and/or submit links with huge images on them causing problems for the server. I am trying to figure out the best way to prevent this type of abuse.

Use PHP and LDAP to list members of an Active Directory group

Posted on by
33
An improved/updated version of this function was posted on 10/19/2011, get it here

PHP function that gets the members of an Active Directory group, and returns the data as an array.

Input for the function: group name, user name, password

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48

<?php
// explode DN into array
function explode_dn($dn, $with_attributes=0)
{
    $result = ldap_explode_dn($dn, $with_attributes);
    //translate hex code into ascii again
    foreach($result as $key => $value) $result[$key] = preg_replace("/\\\([0-9A-Fa-f]{2})/e", "''.chr(hexdec('\\1')).''", $value);
    return $result;
}
 
// get members list from AD
function get_members($group,$user,$password) {
 
    // Active Directory server
    $ldap_host = "server.college.school.edu";
 
    // Active Directory DN
    $ldap_dn = "OU=Departments,DC=college,DC=school,DC=edu";
 
    // Domain, for purposes of constructing $user
    $ldap_usr_dom = "@college.school.edu";
 
    // connect and search ldap
    $ldap = ldap_connect($ldap_host) or die("Could not connect to LDAP");
    @ldap_bind($ldap, $user . $ldap_usr_dom, $password) or die("Could not bind to LDAP");
    $results = ldap_search($ldap,$ldap_dn, "cn=" . $group);
    $entries = ldap_get_entries($ldap, $results);
 
    $dirty = 0;
 
    // build array of members for this group, first item is count - skipped using $dirty
    foreach($entries[0]['member'] as $member) {
        if($dirty == 0) {
            $dirty = 1;
        } else {
            $member_dets = explode_dn($member);
            $members[] = str_replace("CN=","",$member_dets[0]);
        }
    }
 
    return $members;
}
?>
 
The Manager Group contains:<br />
<?php foreach(get_members("group name","user name","password") as $e) { // replace with your values
    echo $e . "<br />";
} ?>
<?php
// explode DN into array
function explode_dn($dn, $with_attributes=0)
{
    $result = ldap_explode_dn($dn, $with_attributes);
    //translate hex code into ascii again
    foreach($result as $key => $value) $result[$key] = preg_replace("/\\\([0-9A-Fa-f]{2})/e", "''.chr(hexdec('\\1')).''", $value);
    return $result;
}

// get members list from AD
function get_members($group,$user,$password) {

	// Active Directory server
	$ldap_host = "server.college.school.edu";

	// Active Directory DN
	$ldap_dn = "OU=Departments,DC=college,DC=school,DC=edu";

	// Domain, for purposes of constructing $user
	$ldap_usr_dom = "@college.school.edu";

	// connect and search ldap
	$ldap = ldap_connect($ldap_host) or die("Could not connect to LDAP");
	@ldap_bind($ldap, $user . $ldap_usr_dom, $password) or die("Could not bind to LDAP");
	$results = ldap_search($ldap,$ldap_dn, "cn=" . $group);
	$entries = ldap_get_entries($ldap, $results);

	$dirty = 0;

	// build array of members for this group, first item is count - skipped using $dirty
	foreach($entries[0]['member'] as $member) {
		if($dirty == 0) {
			$dirty = 1;
		} else {
			$member_dets = explode_dn($member);
			$members[] = str_replace("CN=","",$member_dets[0]);
		}
	}

	return $members;
}
?>

The Manager Group contains:<br />
<?php foreach(get_members("group name","user name","password") as $e) { // replace with your values
	echo $e . "<br />";
} ?>

Related Post: PHP login script using LDAP, verify group membership