ProHoster > Blog > Ma'muriyat > PHP + LDAP WEB manzillar katalogini yaratish

PHP + LDAP WEB manzillar katalogini yaratish

Shunday bo'ldiki, (nisbatan) katta kampaniyada juda ko'p foydalanuvchilar soni bo'lgan uzoq ofislar mavjud edi. Barcha ofislar umumiy domenga ega bitta tarmoqqa ulangan, har bir ofis Active Directoryda (keyingi o'rinlarda AD deb yuritiladi) Tashkilot birligi (OU) sifatida belgilangan bo'lib, unda foydalanuvchilar allaqachon yaratilgan.

Foydalanuvchilarga ADdan kerakli xodimning aloqa ma'lumotlarini tez va qiyinchiliksiz olish imkoniyatini berish, tizim ma'murlariga esa manzillar kitobi rolini o'ynagan matnli faylni tahrir qilish tartibidan ozod qilish kerak edi.

Muammoni hal qilish uchun tayyor mos variantlar yo'q edi, shuning uchun men o'z qo'llarim va boshim bilan hamma narsani qilishim kerak edi.

Keling, avval nimadan foydalanishni hal qilishingiz kerakligi bilan boshlaylik, bu oddiy - yakuniy katalog domenning barcha foydalanuvchilari uchun brauzer orqali mavjud bo'lishi kerak. Aqlga keladigan birinchi narsa bu LDAP bilan birgalikda PHP va biz ulardan foydalanamiz. Men PHP dan foydalanishning katta afzalligi uning nisbiy soddaligi deb hisoblayman – ozgina tushungan har qanday tizim ma’muri, agar kerak bo‘lsa, hech qanday qiyinchiliksiz kodga kerakli o‘zgartirishlarni kiritishi mumkin.

Shunday ekan, boshlaylik. Birinchidan, domenga ulanish parametrlarini o'rnatamiz:

$srv ="SERVER";
$srv_domain ="DOMAIN.COM";
$srv_login ="USERNAME@".$srv_domain; 
$srv_password ="PASSWORD";

Keyingi nuqta, foydalanuvchilarni qaysi OUda qidirishimizni aniqlashdir. Biz buni $_GET['joy'] dan qiymatlarni ushlab turish orqali qilamiz. Misol uchun, agar foydalanuvchi manzilga kirsa server/index.php?place=birinchi, keyin o'zgaruvchi $joy qiymat beriladi birinchi.

$place = (@$_GET['place']);
$doscript=true;
switch($place){ 
case "first" :
	$dn ="OU=ou1,OU=DOMAIN,dc=DOMAIN,dc=COM";			
	break;
case "second":
	$dn ="OU=ou2,OU=DOMAIN,dc=DOMAIN,dc=COM";			
	break;
	//здесь можно добавить ещё условий.
default:
	$doscript=false; 
	break;
}
if (!$doscript) include "main_table.html";

Argumentlar $doscript qiymatni saqlash uchun kerak - biz foydalanuvchilarni qidiradigan OUni aniqladikmi yoki yo'qmi. Agar “switch-case” roʻyxatida hech qanday moslik boʻlmasa, $doscript=false, skriptning asosiy qismi bajarilmaydi va “main_table.html” boshlangʻich sahifasi koʻrsatiladi (men sizga bu haqda aytib beraman) bu eng oxirida).

Agar biz OU ni aniqlagan bo'lsak, biz keyingi harakatlarga o'tamiz: biz foydalanuvchi uchun katalog sahifasini chizishni boshlaymiz:

else if ($doscript) {
{echo "
<!DOCTYPE html> 
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<link rel='shortcut icon' href='ico.png'>
<meta charset='windows-1251/ '>

Biz yanada yoqimli ko'rinish uchun uslublarni o'z ichiga olamiz (ha, ular CSS fayli sifatida kiritilishi mumkin, lekin IE ning ba'zi versiyalari bu tarzda o'rnatilgan uslublarni qabul qilishni xohlamaydi, shuning uchun ularni to'g'ridan-to'g'ri skriptga yozishingiz kerak):

<style>
	*{text-align: center; font-family:tahoma; font-size:14px;}
	a{text-decoration: none; color: #000;}
	a:hover{text-decoration: underline; color: #0059FF;}
	#bold{text-decoration: none; font-weight: 600;font-size:20px;}
	#table,tr,td{border-style:solid;border-width:1px;	border-collapse:collapse;padding:5px; height:22px;border-color:#7d7d7d;}
	/* Нечетные строки */#table tbody tr:nth-child(odd){background: #fff;}
	/* Четные строки */   #table tbody tr:nth-child(even){background: #F7F7F7;}	
	#noborder{border-width: 0 px; border-style: none;}	
	#sp30px{text-indent: 30px;text-align: justify;}
	#smallsize{font-family:tahoma; text-indent: 5px; text-align:left; font-size:12px;}
	#top {background: #ffffff;
		text-align: center;
		left:0;
		top:0px;
		table-layout: fixed;
		border-style:solid;
		border-width:0px;
		border-collapse:collapse;
		padding:0px;
		height:22px;
		border: 0px;
		z-index: 99999;
		display:block;
		width:80px;
		opacity: 0.6;
		filter: alpha(Opacity=60);
		height:100%;
		position:fixed;}
	#top:hover{background: #afafaf;opacity: 100;filter: alpha(Opacity=100);text-decoration: none;color: #000000;}
	.smalltext{padding-top: 1px;
		padding-bottom: 1px;
		text-align: bottom;
		font-family:tahoma;
		color: #a0a0a0;
		line-height: 7px;
		font-size: 10px;}
	.smalltext:hover{color: #0000ff;}		
	.transition-rotate {position: relative;
		z-index: 2;
		margin: 0 auto;
		padding: 5px;
		text-align: center;
		max-width: 500px;
		cursor: pointer;
		transition: 0.1s linear;}
	.transition-rotate:hover {-webkit-transform: rotate(-2deg);	transform: rotate(-2deg);}
	#lineheight{
		text-align: left;
		line-height: 1px;
		text-decoration: none;
		font-weight: 600;
		font-size:20px;}
</style>

Biz uslublar bilan tugatdik, endi biz yorliqning sarlavhasini yozamiz va asosiy sahifaga qaytish uchun qulay havolani chizamiz:

<title>Adressbook of «YourMegaCompanyName»</title>	
</head>
<body style='background-color:#ffffff;'>";
}
echo "
<table id='top'><tr><td id='top'>
<a href='index.php?place=main' id='top' >
<br><br><br>
<img src='back_to_main.png' alt='' border='0' width='75' height='60'/>
<p>На главную</p></a>
</td></tr></table>
";

Biz qidiruv filtrlarini AD bo'yicha aniqlaymiz va OU haqida ma'lumot olamiz:

$filter ="(&(objectcategory=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))"; //все пользователи, кроме отключенных.
$filter2 ="(objectCategory=OrganizationalUnit)"; // для получения информации о OU
$ds=ldap_connect($srv);   
if ($ds) { 
    $r=ldap_bind($ds,$srv_login,$srv_password);;     
	ldap_set_option($ds,LDAP_OPT_REFERRALS, 0);
	ldap_set_option($ds,LDAP_OPT_PROTOCOL_VERSION,3);
	$sr=ldap_search($ds,$dn ,$filter );   
    ldap_sort($ds,$sr, "givenname");
    $info = ldap_get_entries($ds, $sr); 
    $sr2=ldap_search($ds,$dn ,$filter2 );   
    $placeinfo = ldap_get_entries($ds, $sr2); 
$PlaceName = $placeinfo[0]["l"][0];  			// name of place
$PlaceAddres = $placeinfo[0]["street"][0];		// address of place
$PlaceMail = $placeinfo[0]["description"][0]; 	// mail of place
$PlacePhone = $placeinfo[0]["st"][0]; 		// phone of plase

Keyin sahifaning yuqori qismini loyihalashtiramiz:

echo"<table align='center' height = '80'>
	<td id='noborder' ><div id='lineheight'>". $PlaceName ."</div></td></tr>
	<tr><td id='noborder' >". $PlaceAddres ."</td></tr>
    </table>
<table align='center' id='table'>
	<tr><td width='35' bgcolor = #f0f0e4>  № </td>
	<td width='300' bgcolor = #f0f0e4> Name </td>
	<td width='250' bgcolor = #f0f0e4> E-mail </td>
	<td width='60' bgcolor = #f0f0e4> Phone </td>
	<td width='150' bgcolor = #f0f0e4> Mobile </td></tr>
	<tr><td></td><td> Данные OU </td><td>";
echo "<div class='transition-rotate'><a href=mailto:" . $PlaceMail .">" . $PlaceMail ." </a></div>";
echo "</td><td width='150'> " . $PlacePhone ." </td><td> - </td></tr>";

Keyinchalik, biz foydalanuvchi ma'lumotlarini tsiklda qabul qilamiz va qayta ishlaymiz, ba'zi (masalan, xizmat) hisoblarini yashirish uchun biz AD-dagi foydalanuvchi ma'lumotlaridagi "xona" maydoniga shunchaki "yashirish" ni kiritamiz, bunday foydalanuvchilar bo'lmaydi. katalogda ko'rsatiladi:

for ($i=0; $i<$info["count"];$i++) { 
$UserHide = $info[$i]["physicaldeliveryofficename"][0];
if ($UserHide != 'hide') {
$UserName = $info[$i]["cn"][0];                //Имя пользователя
$UserPosition = $info[$i]["title"][0]; 		// Должность
$UserMail = $info[$i]["mail"][0];			//mail
if (!$UserMail)) $UserMail = "-";                  //если нет данных о ящике в AD, то отображаем прочерк
$UserIpPhone = $info[$i]["ipphone"][0];		//ip phone
	if (!$UserIpPhone) $UserIpPhone = "-";    //если нет данных о ящике в AD, то отображаем прочерк
$UserMobile = $info[$i]["mobile"][0];		//mobile
	if (!$UserMobile) $UserMobile = "-";     //если нет данных о ящике в AD, то отображаем прочерк

Aytgancha, agar siz boshqa atributning qiymatini olishingiz kerak bo'lsa, esda tuting (bu muhim):
so'rovda biz atribut nomini o'tkazamiz kichik harf harflar, aks holda u ishlamaydi.

Va olingan ma'lumotlarni jadvalga kiriting:

    echo "<tr>
	<td>". $n+=1 ."</td>
	<td> ". $UserName ."<br> <div class='smalltext'>". $UserPosition ."</div></td><td>"; //	Имя пользователя и должность 
	if ($UserMail !='-') echo "<div class='transition-rotate'><a href=mailto:'$UserMail'>$UserMail  </a></div>";    // если у пользователя есть e-mail создаём ссылку на отправку письма
	else echo "-"; //если нет e-mail - ставим прочерк.
 	echo "<td> ". $UserIpPhone ." </td>
 	<td> ". $UserMobile ." </td></tr>";
	}
}
echo "</table>";

Keyinchalik, biz ldap ulanishini yopamiz yoki serverga ulanishning mumkin emasligi haqida xabarni ko'rsatamiz:

ldap_close($ds); 
} 
else echo "<h4>Unable to connect to LDAP server</h4>"; 
echo '<br><br><br></body></html>';}

Ichkaridan "main_table.html" fayli havolalari bo'lgan oddiy html-sahifa bo'lib, shunday ko'rinadi:

<head>
<link rel="shortcut icon" href="ico.png"/>
<meta charset="windows-1251"/>
<title>Adressbook of «YourMegaCompanyName»</title>
</head>
<body style='background-color:#ffffff;'>
<center><a href=index.php><IMG border="none" src="logo.png"/></a></center>
<center><b>Places and offices</b></center>
<br>
<table border="0" width="450" bgcolor="#dddddd" align="center" valign="middle" CELLSPACING="0">

<tr id="space"><td></td></tr>
<tr><td align="left" id="abz"><a href="index.php?place=ou1">OU1</a></td></tr>
<tr id="space"><td></td></tr>
<tr><td align="left" id="abz"><a href="index.php?place=ou2">OU2</a></td></tr>

</table></body></html>

Agar mening kodim kimgadir yordam bersa, men xursand bo'laman, undan foydalaning!

Bundan tashqari, siz uni xohlaganingizcha erkin tahrirlashingiz (yaxshilash/yomonlashtirish) va har qanday vosita bilan tarqatishingiz mumkin.

E'tiboringiz uchun tashakkur!

Manba: www.habr.com

a Izoh qo'shish