2009-06-30 09:22:30 +00:00
|
|
|
<?php
|
2009-06-30 09:24:29 +00:00
|
|
|
// $Header: /cvsroot/phpldapadmin/phpldapadmin/update.php,v 1.21 2005/03/16 11:20:25 wurley Exp $
|
2009-06-30 08:05:37 +00:00
|
|
|
|
2009-06-30 09:24:29 +00:00
|
|
|
/**
|
|
|
|
* Updates or deletes a value from a specified attribute for a specified dn.
|
|
|
|
*
|
2009-06-30 08:05:37 +00:00
|
|
|
* Variables that come in on the query string:
|
|
|
|
* - dn (rawurlencoded)
|
|
|
|
* - server_id
|
2009-06-30 08:07:14 +00:00
|
|
|
* - update_array (an array in the form expected by PHP's ldap_modify, except for deletions)
|
2009-06-30 08:05:37 +00:00
|
|
|
* (will never be empty: update_confirm.php ensures that)
|
2009-06-30 08:07:14 +00:00
|
|
|
*
|
|
|
|
* Attribute deletions:
|
2009-06-30 09:24:29 +00:00
|
|
|
* To specify that an attribute is to be deleted (whether multi- or single-valued),
|
2009-06-30 08:07:14 +00:00
|
|
|
* enter that attribute in the update array like this: attr => ''. For example, to
|
|
|
|
* delete the 'sn' attribute from an entry, the update array would look like this:
|
|
|
|
* Array (
|
|
|
|
* sn => ''
|
|
|
|
* )
|
|
|
|
*
|
2009-06-30 09:24:29 +00:00
|
|
|
* On success, redirect to edit.php. On failure, echo an error.
|
|
|
|
*
|
|
|
|
* @package phpLDAPadmin
|
|
|
|
*/
|
|
|
|
/**
|
2009-06-30 08:05:37 +00:00
|
|
|
*/
|
|
|
|
|
2009-06-30 08:09:20 +00:00
|
|
|
require realpath( 'common.php' );
|
2009-06-30 08:07:14 +00:00
|
|
|
|
2009-06-30 09:24:29 +00:00
|
|
|
$server_id = (isset($_POST['server_id']) ? $_POST['server_id'] : '');
|
|
|
|
$ldapserver = new LDAPServer($server_id);
|
2009-06-30 08:05:37 +00:00
|
|
|
|
2009-06-30 09:24:29 +00:00
|
|
|
if( $ldapserver->isReadOnly() )
|
2009-06-30 08:09:20 +00:00
|
|
|
pla_error( $lang['no_updates_in_read_only_mode'] );
|
2009-06-30 09:24:29 +00:00
|
|
|
if( ! $ldapserver->haveAuthInfo())
|
|
|
|
pla_error( $lang['not_enough_login_info'] );
|
2009-06-30 08:09:20 +00:00
|
|
|
|
|
|
|
$dn = $_POST['dn'];
|
2009-06-30 08:05:37 +00:00
|
|
|
$encoded_dn = rawurlencode( $dn );
|
2009-06-30 09:24:29 +00:00
|
|
|
$update_array = isset( $_POST['update_array'] ) ? $_POST['update_array'] : array();
|
2009-06-30 08:09:20 +00:00
|
|
|
is_array( $update_array ) or pla_error( $lang['update_array_malformed'] );
|
2009-06-30 08:05:37 +00:00
|
|
|
|
2009-06-30 09:24:29 +00:00
|
|
|
$failed_attrs = array();
|
|
|
|
|
|
|
|
run_hook ( 'pre_update', array ( 'server_id' => $server_id,
|
|
|
|
'dn' => $dn, 'update_array' => &$update_array) );
|
|
|
|
|
|
|
|
// check for delete attributes (indicated by the attribute entry appearing like this: attr => ''
|
2009-06-30 08:05:37 +00:00
|
|
|
foreach( $update_array as $attr => $val )
|
|
|
|
if( ! is_array( $val ) )
|
|
|
|
if( $val == '' )
|
|
|
|
$update_array[ $attr ] = array();
|
2009-06-30 08:07:14 +00:00
|
|
|
else
|
|
|
|
$update_array[ $attr ] = $val;
|
|
|
|
else
|
|
|
|
foreach( $val as $i => $v )
|
|
|
|
$update_array[ $attr ][ $i ] = $v;
|
2009-06-30 09:24:29 +00:00
|
|
|
|
|
|
|
// Call the custom callback for each attribute modification
|
2009-06-30 08:09:20 +00:00
|
|
|
// and verify that it should be modified.
|
2009-06-30 09:22:30 +00:00
|
|
|
foreach( $update_array as $attr_name => $val ) {
|
|
|
|
|
|
|
|
// Check to see if this is a unique Attribute
|
2009-06-30 09:24:29 +00:00
|
|
|
if( $badattr = checkUniqueAttr( $ldapserver, $dn, $attr_name, $val ) ) {
|
|
|
|
$search_href = sprintf('search.php?search=true&form=advanced&server_id=%s&filter=%s=%s',$server_id,$attr_name,$badattr);
|
2009-06-30 09:22:30 +00:00
|
|
|
pla_error(sprintf( $lang['unique_attr_failed'] , $attr_name,$badattr,$dn,$search_href ) );
|
|
|
|
}
|
|
|
|
|
2009-06-30 09:24:29 +00:00
|
|
|
if ( true !== run_hook ( 'pre_attr_modify', array ( 'server_id' => $server_id,
|
|
|
|
'dn' => $dn, 'attr_name' => $attr_name, 'new_value' => $val ) ) ) {
|
|
|
|
|
|
|
|
unset( $update_array[ $attr_name ] );
|
|
|
|
$failed_attrs[$attr_name] = $val;
|
|
|
|
}
|
|
|
|
|
|
|
|
elseif( is_attr_read_only( $ldapserver, $attr ) )
|
|
|
|
pla_error( sprintf( $lang['attr_is_read_only'], htmlspecialchars( $attr_name ) ) );
|
2009-06-30 09:22:30 +00:00
|
|
|
}
|
2009-06-30 08:05:37 +00:00
|
|
|
|
2009-06-30 09:24:29 +00:00
|
|
|
$res = @ldap_modify( $ldapserver->connect(), $dn, $update_array );
|
|
|
|
if( $res ) {
|
2009-06-30 08:09:20 +00:00
|
|
|
// Fire the post modification event to the user's custom
|
|
|
|
// callback function.
|
|
|
|
foreach( $update_array as $attr_name => $val ) {
|
2009-06-30 09:24:29 +00:00
|
|
|
run_hook ( 'post_attr_modify', array('server_id' => $server_id,
|
|
|
|
'dn' => $dn, 'attr_name' => $attr_name, 'new_value' => $val ) );
|
2009-06-30 08:09:20 +00:00
|
|
|
|
|
|
|
// Was this a user's password modification who is currently
|
|
|
|
// logged in? If so, they need to logout and log back in
|
|
|
|
// with the new password.
|
|
|
|
if( 0 === strcasecmp( $attr_name, 'userPassword' ) &&
|
2009-06-30 09:24:29 +00:00
|
|
|
in_array($ldapserver->auth_type,array( 'cookie','session' )) &&
|
|
|
|
0 === pla_compare_dns( get_logged_in_dn( $ldapserver ), $dn ) ) {
|
2009-06-30 08:09:20 +00:00
|
|
|
|
2009-06-30 09:24:29 +00:00
|
|
|
unset_login_dn( $ldapserver );
|
|
|
|
unset_lastactivity( $ldapserver );
|
|
|
|
include realpath( 'header.php' );
|
2009-06-30 08:09:20 +00:00
|
|
|
?>
|
|
|
|
|
|
|
|
<script language="javascript">
|
|
|
|
parent.left_frame.location.reload();
|
|
|
|
</script>
|
|
|
|
<br />
|
|
|
|
<center>
|
2009-06-30 09:22:30 +00:00
|
|
|
<b><?php echo $lang['modification_successful']; ?></b><br />
|
2009-06-30 08:09:20 +00:00
|
|
|
<br />
|
2009-06-30 09:22:30 +00:00
|
|
|
<?php echo $lang['change_password_new_login']; ?>
|
|
|
|
<a href="login_form.php?server_id=<?php echo $server_id; ?>"><?php echo $lang['login_link']; ?></a>
|
2009-06-30 08:09:20 +00:00
|
|
|
</center>
|
|
|
|
</body>
|
|
|
|
</html>
|
|
|
|
|
|
|
|
<?php
|
|
|
|
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2009-06-30 09:24:29 +00:00
|
|
|
run_hook ( 'post_update', array ( 'server_id' => $server_id, 'dn' => $dn, 'update_array' => &$update_array) );
|
|
|
|
|
|
|
|
$redirect_url = sprintf("edit.php?server_id=%s&dn=%s",$server_id,$encoded_dn);
|
|
|
|
|
2009-06-30 08:05:37 +00:00
|
|
|
foreach( $update_array as $attr => $junk )
|
|
|
|
$redirect_url .= "&modified_attrs[]=$attr";
|
2009-06-30 09:24:29 +00:00
|
|
|
|
|
|
|
foreach( $failed_attrs as $attr => $junk )
|
|
|
|
$redirect_url .= "&failed_attrs[]=$attr";
|
|
|
|
|
2009-06-30 08:05:37 +00:00
|
|
|
header( "Location: $redirect_url" );
|
|
|
|
|
2009-06-30 09:24:29 +00:00
|
|
|
} else {
|
|
|
|
pla_error( $lang['could_not_perform_ldap_modify'], ldap_error( $ldapserver->connect() ), ldap_errno( $ldapserver->connect() ) );
|
|
|
|
}
|
2009-06-30 08:05:37 +00:00
|
|
|
?>
|