ldap.inc



This library provides the access to the LDAP server and its content.
The $_SESSION['ldap'] object reconnects automatically to the LDAP server on every page load.


1. Server handle

All PHP functions which access LDAP require a server handle as parameter. This is managed by ldap.inc.
You can access it with $_SESSION['ldap']->server.


2. Object classes

Account modules may want to check if the current LDAP server supports all required object classes.
$_SESSION['ldap']->objectClasses contains a list of object classes and their attributes which is read from the LDAP server.


3. En-/Decryption

For security reasons sensitive data like user passwords should be encrypted before storing in session.
$_SESSION['ldap']->encrypt(<string>) encrypts a string and returns a binary object. This can be decrypted with $_SESSION['ldap']->decrypt(<object>)

Ldap.inc will take care for the crypotographic key and if Blowfish or MCrypt/AES is used.


4. Random values

Ldap.inc contains a random integer value which is much more secure than calling mt_rand(). The value changes on every page load and is accessible in $_SESSION['ldap']->rand.
If you need multiple values you can get a new value by calling $_SESSION['ldap']->new_rand().