Returns a search result identifier or FALSE on error.
ldap_search() performs the search
for a specified filter on the directory with the scope of
LDAP_SCOPE_SUBTREE. This is equivalent to searching the
entire directory. base_dn
specifies the base DN for the directory.
There is a optional fourth parameter, that can be added
to restrict the attributes and values returned by the server
to just those required. This is much more efficient than the
default action (which is to return all attributes and their
associated values). The use of the fourth parameter should
therefore be considered good practice.
The fourth parameter is a standard PHP string array of
the required attributes, eg array("mail","sn","cn") Note that
the "dn" is always returned irrespective of which attributes
types are requested.
Note too that some directory server hosts will be
configured to return no more than a preset number of entries.
If this occurs, the server will indicate that it has only
returned a partial results set. This occurs also if the sixth
parameter sizelimit has
been used to limit the count of fetched entries.
The fifth parameter
attrsonly should be set to 1 if only attribute types
are wanted. If set to 0 both attributes types and attribute
values are fetched which is the default behaviour.
With the sixth parameter
sizelimit it is possible to limit the count of
entries fetched. Setting this to 0 means no limit. NOTE: This
parameter can NOT override server-side preset sizelimit. You
can set it lower though.
The seventh parameter
timelimit sets the number of seconds how long is
spend on the search. Setting this to 0 means no limit. NOTE:
This parameter can NOT override server-side preset timelimit.
You can set it lower though.
The eigth parameter
deref specifies how aliases should be handled during
the search. It can be one of the following:
LDAP_DEREF_NEVER - (default) aliases are never
dereferenced.
LDAP_DEREF_SEARCHING - aliases should be
dereferenced during the search but not when locating the
base object of the search.
LDAP_DEREF_FINDING - aliases should be dereferenced
when locating the base object but not during the
search.
LDAP_DEREF_ALWAYS - aliases should be dereferenced
always.
注: These optional parameters were added in 4.0.2: attrsonly, sizelimit, timelimit, deref.
The search filter can be simple or advanced, using
boolean operators in the format described in the LDAP
doumentation (see the Netscape Directory SDK for full information
on filters).
The example below retrieves the organizational unit,
surname, given name and email address for all people in "My
Company" where the surname or given name contains the
substring $person. This example uses a boolean filter to tell
the server to look for information in more than one
attribute.
From 4.0.5 on it's also possible to do parallel
searches. To do this you use an array of link identifiers,
rather than a single identifier, as the first argument. If
you don't want the same base DN and the same filter for all
the searches, you can also use an array of base DNs and/or an
array of filters. Those arrays must be of the same size as
the link identifier array since the first entries of the
arrays are used for one search, the second entries are used
for another, and so on. When doing parallel searches an array
of search result identifiers is returned, except in case of
error, then the entry corresponding to the search will be FALSE. This is very much like
the value normally returned, except that a result identifier
is always returned when a search was made. There are some
rare cases where the normal search returns FALSE while the parallel search
returns an identifier.