phpldapadmin/htdocs/update.php

<?php
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/update.php,v 1.29.2.1 2007/12/26 09:26:32 wurley Exp $

/**
 * Updates or deletes a value from a specified attribute for a specified dn.
 *
 * Variables that come in on the query string:
 * - dn (rawurlencoded)
 * - update_array (an array in the form expected by PHP's ldap_modify, except for deletions)
 *   (will never be empty: update_confirm.php ensures that)
 *
 * Attribute deletions:
 * To specify that an attribute is to be deleted (whether multi- or single-valued),
 * enter that attribute in the update array like this: attr => ''. For example, to
 * delete the 'sn' attribute from an entry, the update array would look like this:
 * Array (
 *     sn => ''
 * )
 *
 * On success, redirect to template_engine.php. On failure, echo an error.
 *
 * @package phpLDAPadmin
 */
/**
 */

require './common.php';

$entry['dn']['string'] = get_request('dn');
$entry['dn']['encode'] = rawurlencode($entry['dn']['string']);

# If cancel was submited, got back to the edit display.
if (isset($_REQUEST['cancel'])) {
	header(sprintf('Location: cmd.php?cmd=template_engine&server_id=%s&dn=%s',$ldapserver->server_id,$entry['dn']['encode']));
	die();
}

if ($ldapserver->isReadOnly())
	pla_error(_('You cannot perform updates while server is in read-only mode'));

$entry['update'] = get_request('update_array','POST',false,array());
$entry['skip'] = get_request('skip_array','POST',false,array());
$failed_attrs = array();

if (! is_array($entry['update']))
	pla_error(_('update_array is malformed. This might be a phpLDAPadmin bug. Please report it.'));

run_hook ('pre_update',
	array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn']['string'],'update_array'=>$entry['update']));

# Check for delete attributes (indicated by the attribute entry appearing like this: attr => ''
foreach ($entry['update'] as $attr => $val) {
	if (! is_array($val)) {
		if (array_key_exists($attr,$entry['skip'])) {
			unset($entry['update'][$attr]);

		} elseif ($val == '') {
			$entry['update'][$attr] = array();

			if (! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_delete'))
				pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('delete attribute')));
		} else { # Skip change
			$entry['update'][$attr] = $val;

			if (! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_add_value')
			    && ! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_delete_value'))
				pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('modify attribute values')));
		}

	} else {
		if (array_key_exists($attr,$entry['skip'])) {
			unset($entry['update'][$attr]);

		} else {
			foreach ($val as $i => $v)
				$entry['update'][$attr][$i] = $v;

			if (! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_add_value')
			    && ! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_delete_value'))
				pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('modify attribute values')));
		}
	}
}

# Call the custom callback for each attribute modification and verify that it should be modified.
foreach ($entry['update'] as $attr_name => $val) {
	# Check to see if this is a unique Attribute
	if ($badattr = $ldapserver->checkUniqueAttr($entry['dn']['string'],$attr_name,$val)) {
		$href['search'] = sprintf('cmd.php?cmd=search&search=true&form=advanced&server_id=%s&filter=%s=%s',
			$ldapserver->server_id,$attr_name,$badattr);

		pla_error(sprintf(_('Your attempt to add <b>%s</b> (<i>%s</i>) to <br><b>%s</b><br> is NOT allowed. That attribute/value belongs to another entry.<p>You might like to <a href="%s">search</a> for that entry.'),
			$attr_name,$badattr,$entry['dn']['string'],$href['search']));
	}

	if (run_hook('pre_attr_modify',
		array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn']['string'],'attr_name'=>$attr_name,'new_value'=>$val)) !== true) {

		unset($entry['update'][$attr_name]);
		$failed_attrs[$attr_name] = $val;

	} elseif ($ldapserver->isAttrReadOnly($attr)) {
		pla_error(sprintf(_('The attribute "%s" is flagged as read-only in the phpLDAPadmin configuration.'),
			htmlspecialchars($attr_name)));
	} else {
		// binary values
		if (isset($_SESSION['submitform'][$attr_name])) {
			foreach ($val as $i => $v) {
				if (isset($_SESSION['submitform'][$attr_name][$v])) {
					foreach ($_SESSION['submitform'][$attr_name][$v] as $file) {
						foreach ($file as $data) {
							$entry['update'][$attr_name][$i] = $data;
						}
					}
				}
			}
		}
	}
}

# Perform the modification
$result = $ldapserver->modify($entry['dn']['string'],$entry['update']);
if ($result) {
	# Fire the post modification event to the user's custom callback function.
	$mustRelogin = false;
	foreach ($entry['update'] as $attr_name => $val) {
		run_hook('post_attr_modify',
			array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn']['string'],'attr_name'=>$attr_name,'new_value'=>$val));

		/* Was this a user's password modification who is currently
		 * logged in? If so, they need to logout and log back in
		 * with the new password.
		 */
		if (0 === strcasecmp($attr_name,'userPassword') &&
			in_array($ldapserver->auth_type,array('cookie','session')) &&
			pla_compare_dns($ldapserver->getLoggedInDN(),$entry['dn']['string']) === 0)

			$mustRelogin = true;
	}

	run_hook('post_update',
		array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn']['string'],'update_array'=>$entry['update']));

	# If the user password was changed, not tell the to relogin.
	if ($mustRelogin) {
			$ldapserver->unsetLoginDN();
			unset_lastactivity($ldapserver);
			include './header.php';

			echo '<body>';

			echo '<br />';
			echo '<center>';
			printf('<b>%s</b>',_('Modification successful!'));
			echo '<br /><br />';
			echo _('Since you changed your password, you must now login again with your new password.');
			echo '<br />';
			printf('<a href="cmd.php?cmd=login_form&server_id=%s">%s...</a>',$ldapserver->server_id, _('Login'));
			echo '</center>';
			echo '</body>';
			echo '</html>';

			exit;
	}

	$redirect_url = sprintf('cmd.php?cmd=template_engine&server_id=%s&dn=%s',$ldapserver->server_id,$entry['dn']['encode']);

	foreach ($entry['update'] as $attr => $junk)
		$redirect_url .= "&modified_attrs[]=$attr";

	foreach ($failed_attrs as $attr => $junk)
		$redirect_url .= "&failed_attrs[]=$attr";

	header("Location: $redirect_url");
	die();

} else {
	pla_error(_('Could not perform ldap_modify operation.'),$ldapserver->error(),$ldapserver->errno());
}
?>
RELEASE 0.9.5 2009-06-30 09:22:30 +00:00			`<?php`
RELEASE 1.1.0.2 2009-06-30 11:46:44 +00:00			`// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/update.php,v 1.29.2.1 2007/12/26 09:26:32 wurley Exp $`
RELEASE 0.9.0 2009-06-30 08:05:37 +00:00
RELEASE 0.9.7 2009-06-30 09:29:51 +00:00			`/**`
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00			`* Updates or deletes a value from a specified attribute for a specified dn.`
RELEASE 0.9.7 2009-06-30 09:29:51 +00:00			`*`
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00			`* Variables that come in on the query string:`
			`* - dn (rawurlencoded)`
			`* - update_array (an array in the form expected by PHP's ldap_modify, except for deletions)`
			`* (will never be empty: update_confirm.php ensures that)`
RELEASE 0.9.1 2009-06-30 08:07:14 +00:00			`*`
			`* Attribute deletions:`
RELEASE 0.9.7 2009-06-30 09:29:51 +00:00			`* To specify that an attribute is to be deleted (whether multi- or single-valued),`
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00			`* enter that attribute in the update array like this: attr => ''. For example, to`
			`* delete the 'sn' attribute from an entry, the update array would look like this:`
			`* Array (`
RELEASE 0.9.1 2009-06-30 08:07:14 +00:00			`* sn => ''`
RELEASE 0.9.7 2009-06-30 09:29:51 +00:00			`* )`
			`*`
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00			`* On success, redirect to template_engine.php. On failure, echo an error.`
RELEASE 0.9.1 2009-06-30 08:07:14 +00:00			`*`
RELEASE 0.9.7 2009-06-30 09:29:51 +00:00			`* @package phpLDAPadmin`
			`*/`
			`/**`
RELEASE 0.9.0 2009-06-30 08:05:37 +00:00			`*/`

RELEASE 0.9.7 2009-06-30 09:29:51 +00:00			`require './common.php';`
RELEASE 0.9.1 2009-06-30 08:07:14 +00:00
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`$entry['dn']['string'] = get_request('dn');`
			`$entry['dn']['encode'] = rawurlencode($entry['dn']['string']);`
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00
			`# If cancel was submited, got back to the edit display.`
			`if (isset($_REQUEST['cancel'])) {`
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`header(sprintf('Location: cmd.php?cmd=template_engine&server_id=%s&dn=%s',$ldapserver->server_id,$entry['dn']['encode']));`
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00			`die();`
			`}`

RELEASE 0.9.7 2009-06-30 09:29:51 +00:00			`if ($ldapserver->isReadOnly())`
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00			`pla_error(_('You cannot perform updates while server is in read-only mode'));`
RELEASE 0.9.0 2009-06-30 08:05:37 +00:00
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`$entry['update'] = get_request('update_array','POST',false,array());`
			`$entry['skip'] = get_request('skip_array','POST',false,array());`
RELEASE 0.9.7 2009-06-30 09:29:51 +00:00			`$failed_attrs = array();`
RELEASE 0.9.2 2009-06-30 08:09:20 +00:00
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`if (! is_array($entry['update']))`
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00			`pla_error(_('update_array is malformed. This might be a phpLDAPadmin bug. Please report it.'));`

RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`run_hook ('pre_update',`
			`array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn']['string'],'update_array'=>$entry['update']));`
RELEASE 0.9.7 2009-06-30 09:29:51 +00:00
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00			`# Check for delete attributes (indicated by the attribute entry appearing like this: attr => ''`
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`foreach ($entry['update'] as $attr => $val) {`
			`if (! is_array($val)) {`
			`if (array_key_exists($attr,$entry['skip'])) {`
			`unset($entry['update'][$attr]);`
RELEASE 1.0.0 2009-06-30 10:40:03 +00:00
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`} elseif ($val == '') {`
			`$entry['update'][$attr] = array();`
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00
RELEASE 1.1.0.2 2009-06-30 11:46:44 +00:00			`if (! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_delete'))`
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('delete attribute')));`
			`} else { # Skip change`
			`$entry['update'][$attr] = $val;`
RELEASE 1.0.0 2009-06-30 10:40:03 +00:00
RELEASE 1.1.0.2 2009-06-30 11:46:44 +00:00			`if (! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_add_value')`
			`&& ! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_delete_value'))`
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('modify attribute values')));`
			`}`
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`} else {`
			`if (array_key_exists($attr,$entry['skip'])) {`
			`unset($entry['update'][$attr]);`

			`} else {`
RELEASE 1.0.0 2009-06-30 10:40:03 +00:00			`foreach ($val as $i => $v)`
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`$entry['update'][$attr][$i] = $v;`

RELEASE 1.1.0.2 2009-06-30 11:46:44 +00:00			`if (! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_add_value')`
			`&& ! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_delete_value'))`
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('modify attribute values')));`
			`}`
			`}`
			`}`
RELEASE 0.9.7 2009-06-30 09:29:51 +00:00
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`# Call the custom callback for each attribute modification and verify that it should be modified.`
			`foreach ($entry['update'] as $attr_name => $val) {`
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00			`# Check to see if this is a unique Attribute`
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`if ($badattr = $ldapserver->checkUniqueAttr($entry['dn']['string'],$attr_name,$val)) {`
			`$href['search'] = sprintf('cmd.php?cmd=search&search=true&form=advanced&server_id=%s&filter=%s=%s',`
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00			`$ldapserver->server_id,$attr_name,$badattr);`
RELEASE 0.9.5 2009-06-30 09:22:30 +00:00
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00			`pla_error(sprintf(_('Your attempt to add <b>%s</b> (<i>%s</i>) to <br><b>%s</b><br> is NOT allowed. That attribute/value belongs to another entry.<p>You might like to <a href="%s">search</a> for that entry.'),`
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`$attr_name,$badattr,$entry['dn']['string'],$href['search']));`
RELEASE 0.9.7 2009-06-30 09:29:51 +00:00			`}`

RELEASE 0.9.8 2009-06-30 10:26:08 +00:00			`if (run_hook('pre_attr_modify',`
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn']['string'],'attr_name'=>$attr_name,'new_value'=>$val)) !== true) {`
RELEASE 0.9.7 2009-06-30 09:29:51 +00:00
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`unset($entry['update'][$attr_name]);`
RELEASE 0.9.7 2009-06-30 09:29:51 +00:00			`$failed_attrs[$attr_name] = $val;`
RELEASE 0.9.5 2009-06-30 09:22:30 +00:00
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`} elseif ($ldapserver->isAttrReadOnly($attr)) {`
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00			`pla_error(sprintf(_('The attribute "%s" is flagged as read-only in the phpLDAPadmin configuration.'),`
			`htmlspecialchars($attr_name)));`
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`} else {`
			`// binary values`
			`if (isset($_SESSION['submitform'][$attr_name])) {`
			`foreach ($val as $i => $v) {`
			`if (isset($_SESSION['submitform'][$attr_name][$v])) {`
			`foreach ($_SESSION['submitform'][$attr_name][$v] as $file) {`
			`foreach ($file as $data) {`
			`$entry['update'][$attr_name][$i] = $data;`
			`}`
			`}`
			`}`
			`}`
			`}`
			`}`
RELEASE 0.9.5 2009-06-30 09:22:30 +00:00			`}`
RELEASE 0.9.0 2009-06-30 08:05:37 +00:00
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00			`# Perform the modification`
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`$result = $ldapserver->modify($entry['dn']['string'],$entry['update']);`
			`if ($result) {`
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00			`# Fire the post modification event to the user's custom callback function.`
			`$mustRelogin = false;`
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`foreach ($entry['update'] as $attr_name => $val) {`
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00			`run_hook('post_attr_modify',`
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn']['string'],'attr_name'=>$attr_name,'new_value'=>$val));`
RELEASE 0.9.2 2009-06-30 08:09:20 +00:00
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00			`/* Was this a user's password modification who is currently`
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`* logged in? If so, they need to logout and log back in`
			`* with the new password.`
			`*/`
RELEASE 0.9.7 2009-06-30 09:29:51 +00:00			`if (0 === strcasecmp($attr_name,'userPassword') &&`
			`in_array($ldapserver->auth_type,array('cookie','session')) &&`
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`pla_compare_dns($ldapserver->getLoggedInDN(),$entry['dn']['string']) === 0)`
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00
			`$mustRelogin = true;`
			`}`
RELEASE 0.9.2 2009-06-30 08:09:20 +00:00
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`run_hook('post_update',`
			`array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn']['string'],'update_array'=>$entry['update']));`
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00
			`# If the user password was changed, not tell the to relogin.`
			`if ($mustRelogin) {`
			`$ldapserver->unsetLoginDN();`
RELEASE 0.9.7 2009-06-30 09:29:51 +00:00			`unset_lastactivity($ldapserver);`
			`include './header.php';`
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00
			`echo '<body>';`

			`echo '<br />';`
			`echo '<center>';`
			`printf('<b>%s</b>',_('Modification successful!'));`
			`echo '<br /><br />';`
			`echo _('Since you changed your password, you must now login again with your new password.');`
			`echo '<br />';`
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`printf('<a href="cmd.php?cmd=login_form&server_id=%s">%s...</a>',$ldapserver->server_id, _('Login'));`
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00			`echo '</center>';`
			`echo '</body>';`
			`echo '</html>';`
RELEASE 0.9.2 2009-06-30 08:09:20 +00:00
			`exit;`
			`}`

RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`$redirect_url = sprintf('cmd.php?cmd=template_engine&server_id=%s&dn=%s',$ldapserver->server_id,$entry['dn']['encode']);`
RELEASE 0.9.7 2009-06-30 09:29:51 +00:00
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`foreach ($entry['update'] as $attr => $junk)`
RELEASE 0.9.0 2009-06-30 08:05:37 +00:00			`$redirect_url .= "&modified_attrs[]=$attr";`

RELEASE 0.9.7 2009-06-30 09:29:51 +00:00			`foreach ($failed_attrs as $attr => $junk)`
			`$redirect_url .= "&failed_attrs[]=$attr";`

			`header("Location: $redirect_url");`
RELEASE 1.1.0 2009-06-30 10:46:00 +00:00			`die();`
RELEASE 0.9.7 2009-06-30 09:29:51 +00:00
			`} else {`
RELEASE 0.9.8 2009-06-30 10:26:08 +00:00			`pla_error(_('Could not perform ldap_modify operation.'),$ldapserver->error(),$ldapserver->errno());`
RELEASE 0.9.7 2009-06-30 09:29:51 +00:00			`}`
RELEASE 0.9.0 2009-06-30 08:05:37 +00:00			`?>`