diff --git a/docs/20_Usage.md b/docs/20_Usage.md
index 5bd693279360ec6fb9664dc81fc6358a20a0e85d..0bd76bef6f5f96be476487e616bc496663317ba1 100644
--- a/docs/20_Usage.md
+++ b/docs/20_Usage.md
@@ -10,24 +10,18 @@ require_once '[APPROOT]/classes/ldap.class.php';
As an example I create a hash named $aConfig and save it as "inc_config.php".
+
```php
return [
- ...
-
- 'ldap-master' => [
- 'server' => 'ldaps://ldap.example.com',
- 'DnLdapUser' => 'cn=Lookup,ou=Service,dc=some,dc=example.com',
- 'PwLdapUser' => 'PasswordOfLookupUser',
-
- // node where to find users that are allowed to login
- 'DnUserNode' => 'ou=People,dc=some,dc=example.com',
-
- // node where to find my app
- 'DnAppNode' => 'cn=MyApp,dc=some,dc=example.com',
- 'debugLevel' => 0,
- ],
- ...
-
+ ...
+ 'ldap-master' => [
+ 'server' => 'ldaps://ldap.example.com',
+ 'DnLdapUser' => 'cn=Lookup,ou=Service,dc=some,dc=example.com',
+ 'PwLdapUser' => 'PasswordOfLookupUser',
+
+ // See Configuration page for all values.
+ ],
+ ...
];
```
diff --git a/docs/30_Methods.md b/docs/30_Methods.md
index 86962bdc4e3e9a69283624b89a521e901e85bea3..a4cdcd0e1fe3e3c6527e9d8dd9d4240a1c4962f7 100644
--- a/docs/30_Methods.md
+++ b/docs/30_Methods.md
@@ -83,7 +83,7 @@ set a ldap config
'server' => 'ldaps://ldap.example.com',
'port' => 636,
'DnLdapUser' => 'cn=Lookup,ou=ServiceAccounts,dc=org,dc=example.com', // ldap rdn oder dn
- 'PwLdapUser' => 'IkHEFFzlZ...99j0h8WdI0LrLhxU', // password
+ 'PwLdapUser' => 'PasswordOfLookupUser', // password
'DnUserNode' => 'ou=People,ou=ORG,dc=org,dc=example.com',
'DnAppNode' => '' optional dn ... if a user must be member of a given group
'protoVersion' => 3
diff --git a/docs/40_Configuration.md b/docs/40_Configuration.md
index 170c2b67e7f66abf1149b0e627a3611e50c59aaa..7964db10f91694df77a9deb9b0b239625abe7924 100644
--- a/docs/40_Configuration.md
+++ b/docs/40_Configuration.md
@@ -2,11 +2,43 @@
When initializing a new imlldap object or use setConfig then you can apply these values:
-Var | Type | Desciption | Example
--- |-- |-- |--
-'server' | string | Server connection with "ldap(s)://host[:port]" | 'ldaps://ldap.example.com'
-'DnLdapUser' | string | Bind user as ldap rdn or dn | 'cn=Lookup,ou=ServiceAccounts,dc=org,dc=example.com'
-'PwLdapUser' | string | password for bind user |
-'DnUserNode' | string | for user metods: set a DN where users are | 'ou=People,ou=ORG,dc=org,dc=example.com'
-'protoVersion' | integer | ldap protocol version | 3
-'debugLevel' | integer | Value for LDAP_OPT_DEBUG_LEVEL | 7
+Var | Type | Desciption | Example
+-- |-- |-- |--
+`server` | string | Server connection with "ldap(s)://host[:port]" | 'ldaps://ldap.example.com'
+`DnLdapUser` | string | Bind user as ldap rdn or dn | 'cn=Lookup,ou=ServiceAccounts,dc=org,dc=example.com'
+`PwLdapUser` | string | password for bind user | 'PasswordOfLookupUser'
+`DnUserNode` | string | for user metods: set a DN where users are | 'ou=People,ou=ORG,dc=org,dc=example.com'
+`protoVersion` | integer | ldap protocol version | 3
+`debugLevel` | integer | Value for LDAP_OPT_DEBUG_LEVEL when using debugOn() | 7
+
+### Example:
+
+As an example I create a hash named $aConfig and save it as "inc_config.php".
+
+```php
+return [
+ ...
+ 'ldap-master' => [
+ 'server' => 'ldaps://ldap.example.com',
+ 'DnLdapUser' => 'cn=Lookup,ou=Service,dc=some,dc=example.com',
+ 'PwLdapUser' => 'PasswordOfLookupUser',
+ 'DnUserNode' => 'ou=People,dc=some,dc=example.com',
+ 'debugLevel' => 0,
+ ],
+ ...
+];
+```
+
+```php
+$aConfig = require_once('inc_config.php');
+require_once '[APPROOT]/classes/ldap.class.php';
+
+$oLdap=new imlldap($aConfig['ldap-maser']);
+
+// ...
+
+// update a single config item
+$oLdap->setConfig([
+ 'debugLevel' => 3,
+]);
+```
diff --git a/docs/50_Examples.md b/docs/50_Examples.md
index 8efad5219537a068fef9c903e72a5fa8fd4e5301..c6578098a527ce440a7057e403de9643961f2c11 100644
--- a/docs/50_Examples.md
+++ b/docs/50_Examples.md
@@ -10,7 +10,7 @@ $aUser = $oLdap->getUserInfo("john@example.com", ["memberof", "uid"]);
print_r($oLdap->normalizeSearchentry($aUser));
```
-### Verify user and password for login
+## Verify user and password for login
```php
// set values from $_FORM or $_POST data of your login form here
@@ -32,18 +32,13 @@ $oLdap->close();
## Debugging
If you want to find connection problems then use debugOn().
-This enables the echoing of ldap actions for connect, bind and more.
-
-
+This enables the echoing of ldap actions for connect, bind and class internal debug messages.
```php
-
-// this will set LDAP_OPT_DEBUG_LEVEL
-$aConfig['debugLevel']=7;
-
$oLdap = new imlldap($aConfig);
// enable showing debug output
+// This method sets LDAP_OPT_DEBUG_LEVEL to $aConfig['debugLevel'];
$oLdap->debugOn();
// then do something ... the first action will conect and bind
diff --git a/src/ldap.class.php b/src/ldap.class.php
index 67babe5eb26008d8c3f053d153183a48fcb3ef87..a4d4de90f463c67e2322f375f2d9a3333bf56299 100755
--- a/src/ldap.class.php
+++ b/src/ldap.class.php
@@ -4,13 +4,18 @@
*
* IML LDAP CONNECTOR
*
+ * @author axel.hahn@unibe.ch
+ * @license GNU GPL v3
+ *
+ * SOURCE: <https://git-repo.iml.unibe.ch/iml-open-source/ldap-php-class/>
+ * DOCS: <https://os-docs.iml.unibe.ch/ldap-php-class/index.html>
+ *
* 2022-02-22 ah added objGet(), sanitizeFilter()
* 2022-08-18 ah mask password (showing 4 chars only)
* 2022-08-22 ah mhash is deprecated
* 2022-08-26 ah fix verifyPassword
* 2024-07-11 ah php8 only: use variable types; update phpdocs
- *
- * @author axel.hahn@unibe.ch
+ * 2024-07-12 ah remove connection port (use server value "ldaps://<host>:<port>" if needed)
*/
class imlldap
{
@@ -24,7 +29,6 @@ class imlldap
*/
private array $_aLdap = [
'server' => false,
- 'port' => false,
'DnLdapUser' => false, // ldap rdn oder dn
'PwLdapUser' => false,
'DnUserNode' => false, // ou=People...
@@ -132,17 +136,15 @@ class imlldap
// ----------------------------------------------------------------------
/**
- * set a ldap config
+ * set a ldap config or modify existing value
*
- * @param array $aConfig new config items
- * 'server' => 'ldaps://ldap.example.com',
- * 'port' => 636,
- * 'DnLdapUser' => 'cn=Lookup,ou=ServiceAccounts,dc=org,dc=example.com', // ldap rdn oder dn
- * 'PwLdapUser' => 'IkHEFFzlZ...99j0h8WdI0LrLhxU', // password
- * 'DnUserNode' => 'ou=People,ou=ORG,dc=org,dc=example.com',
- * 'DnAppNode' => '' optional dn ... if a user must be member of a given group
- * 'protoVersion' => 3
- * 'debugLevel' => 0 // for debugging set higher 0 AND call debugOn()
+ * @param array $aConfig new config items with these keys
+ * 'server' => 'ldaps://ldap.example.com',
+ * 'DnLdapUser' => 'cn=Lookup,ou=ServiceAccounts,dc=org,dc=example.com', // ldap rdn oder dn
+ * 'PwLdapUser' => 'PasswordOfLookupUser', // password
+ * 'DnUserNode' => 'ou=People,ou=ORG,dc=org,dc=example.com',
+ * 'protoVersion' => 3
+ * 'debugLevel' => 0 // value for LDAP_OPT_DEBUG_LEVEL in debugOn()
*/
public function setConfig(array $aConfig = []): void
{
@@ -189,7 +191,7 @@ class imlldap
$this->close();
}
- $this->_w(__FUNCTION__ . ' connect to ' . $this->_aLdap['server'] . ':' . $this->_aLdap['port']);
+ $this->_w(__FUNCTION__ . ' connect to ' . $this->_aLdap['server']);
$this->_ldapConn = ldap_connect($this->_aLdap['server']);
if (!$this->_ldapConn) {
$this->_wLdaperror(__FUNCTION__);