2009-06-30 09:22:30 +00:00
< ? php
2009-06-30 11:46:44 +00:00
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/update.php,v 1.29.2.1 2007/12/26 09:26:32 wurley Exp $
2009-06-30 08:05:37 +00:00
2009-06-30 09:29:51 +00:00
/**
2009-06-30 10:26:08 +00:00
* Updates or deletes a value from a specified attribute for a specified dn .
2009-06-30 09:29:51 +00:00
*
2009-06-30 10:26:08 +00:00
* Variables that come in on the query string :
* - dn ( rawurlencoded )
* - update_array ( an array in the form expected by PHP ' s ldap_modify , except for deletions )
* ( will never be empty : update_confirm . php ensures that )
2009-06-30 08:07:14 +00:00
*
* Attribute deletions :
2009-06-30 09:29:51 +00:00
* To specify that an attribute is to be deleted ( whether multi - or single - valued ),
2009-06-30 10:26:08 +00:00
* enter that attribute in the update array like this : attr => '' . For example , to
* delete the 'sn' attribute from an entry , the update array would look like this :
* Array (
2009-06-30 08:07:14 +00:00
* sn => ''
2009-06-30 09:29:51 +00:00
* )
*
2009-06-30 10:26:08 +00:00
* On success , redirect to template_engine . php . On failure , echo an error .
2009-06-30 08:07:14 +00:00
*
2009-06-30 09:29:51 +00:00
* @ package phpLDAPadmin
*/
/**
2009-06-30 08:05:37 +00:00
*/
2009-06-30 09:29:51 +00:00
require './common.php' ;
2009-06-30 08:07:14 +00:00
2009-06-30 10:46:00 +00:00
$entry [ 'dn' ][ 'string' ] = get_request ( 'dn' );
$entry [ 'dn' ][ 'encode' ] = rawurlencode ( $entry [ 'dn' ][ 'string' ]);
2009-06-30 10:26:08 +00:00
# If cancel was submited, got back to the edit display.
if ( isset ( $_REQUEST [ 'cancel' ])) {
2009-06-30 10:46:00 +00:00
header ( sprintf ( 'Location: cmd.php?cmd=template_engine&server_id=%s&dn=%s' , $ldapserver -> server_id , $entry [ 'dn' ][ 'encode' ]));
2009-06-30 10:26:08 +00:00
die ();
}
2009-06-30 09:29:51 +00:00
if ( $ldapserver -> isReadOnly ())
2009-06-30 10:26:08 +00:00
pla_error ( _ ( 'You cannot perform updates while server is in read-only mode' ));
2009-06-30 08:05:37 +00:00
2009-06-30 10:46:00 +00:00
$entry [ 'update' ] = get_request ( 'update_array' , 'POST' , false , array ());
$entry [ 'skip' ] = get_request ( 'skip_array' , 'POST' , false , array ());
2009-06-30 09:29:51 +00:00
$failed_attrs = array ();
2009-06-30 08:09:20 +00:00
2009-06-30 10:46:00 +00:00
if ( ! is_array ( $entry [ 'update' ]))
2009-06-30 10:26:08 +00:00
pla_error ( _ ( 'update_array is malformed. This might be a phpLDAPadmin bug. Please report it.' ));
2009-06-30 10:46:00 +00:00
run_hook ( 'pre_update' ,
array ( 'server_id' => $ldapserver -> server_id , 'dn' => $entry [ 'dn' ][ 'string' ], 'update_array' => $entry [ 'update' ]));
2009-06-30 09:29:51 +00:00
2009-06-30 10:26:08 +00:00
# Check for delete attributes (indicated by the attribute entry appearing like this: attr => ''
2009-06-30 10:46:00 +00:00
foreach ( $entry [ 'update' ] as $attr => $val ) {
if ( ! is_array ( $val )) {
if ( array_key_exists ( $attr , $entry [ 'skip' ])) {
unset ( $entry [ 'update' ][ $attr ]);
2009-06-30 10:40:03 +00:00
2009-06-30 10:46:00 +00:00
} elseif ( $val == '' ) {
$entry [ 'update' ][ $attr ] = array ();
2009-06-30 10:26:08 +00:00
2009-06-30 11:46:44 +00:00
if ( ! $_SESSION [ APPCONFIG ] -> isCommandAvailable ( 'attribute_delete' ))
2009-06-30 10:46:00 +00:00
pla_error ( sprintf ( '%s%s %s' , _ ( 'This operation is not permitted by the configuration' ), _ ( ':' ), _ ( 'delete attribute' )));
} else { # Skip change
$entry [ 'update' ][ $attr ] = $val ;
2009-06-30 10:40:03 +00:00
2009-06-30 11:46:44 +00:00
if ( ! $_SESSION [ APPCONFIG ] -> isCommandAvailable ( 'attribute_add_value' )
&& ! $_SESSION [ APPCONFIG ] -> isCommandAvailable ( 'attribute_delete_value' ))
2009-06-30 10:46:00 +00:00
pla_error ( sprintf ( '%s%s %s' , _ ( 'This operation is not permitted by the configuration' ), _ ( ':' ), _ ( 'modify attribute values' )));
}
2009-06-30 10:26:08 +00:00
2009-06-30 10:46:00 +00:00
} else {
if ( array_key_exists ( $attr , $entry [ 'skip' ])) {
unset ( $entry [ 'update' ][ $attr ]);
} else {
2009-06-30 10:40:03 +00:00
foreach ( $val as $i => $v )
2009-06-30 10:46:00 +00:00
$entry [ 'update' ][ $attr ][ $i ] = $v ;
2009-06-30 11:46:44 +00:00
if ( ! $_SESSION [ APPCONFIG ] -> isCommandAvailable ( 'attribute_add_value' )
&& ! $_SESSION [ APPCONFIG ] -> isCommandAvailable ( 'attribute_delete_value' ))
2009-06-30 10:46:00 +00:00
pla_error ( sprintf ( '%s%s %s' , _ ( 'This operation is not permitted by the configuration' ), _ ( ':' ), _ ( 'modify attribute values' )));
}
}
}
2009-06-30 09:29:51 +00:00
2009-06-30 10:46:00 +00:00
# Call the custom callback for each attribute modification and verify that it should be modified.
foreach ( $entry [ 'update' ] as $attr_name => $val ) {
2009-06-30 10:26:08 +00:00
# Check to see if this is a unique Attribute
2009-06-30 10:46:00 +00:00
if ( $badattr = $ldapserver -> checkUniqueAttr ( $entry [ 'dn' ][ 'string' ], $attr_name , $val )) {
$href [ 'search' ] = sprintf ( 'cmd.php?cmd=search&search=true&form=advanced&server_id=%s&filter=%s=%s' ,
2009-06-30 10:26:08 +00:00
$ldapserver -> server_id , $attr_name , $badattr );
2009-06-30 09:22:30 +00:00
2009-06-30 10:26:08 +00:00
pla_error ( sprintf ( _ ( 'Your attempt to add <b>%s</b> (<i>%s</i>) to <br><b>%s</b><br> is NOT allowed. That attribute/value belongs to another entry.<p>You might like to <a href="%s">search</a> for that entry.' ),
2009-06-30 10:46:00 +00:00
$attr_name , $badattr , $entry [ 'dn' ][ 'string' ], $href [ 'search' ]));
2009-06-30 09:29:51 +00:00
}
2009-06-30 10:26:08 +00:00
if ( run_hook ( 'pre_attr_modify' ,
2009-06-30 10:46:00 +00:00
array ( 'server_id' => $ldapserver -> server_id , 'dn' => $entry [ 'dn' ][ 'string' ], 'attr_name' => $attr_name , 'new_value' => $val )) !== true ) {
2009-06-30 09:29:51 +00:00
2009-06-30 10:46:00 +00:00
unset ( $entry [ 'update' ][ $attr_name ]);
2009-06-30 09:29:51 +00:00
$failed_attrs [ $attr_name ] = $val ;
2009-06-30 09:22:30 +00:00
2009-06-30 10:46:00 +00:00
} elseif ( $ldapserver -> isAttrReadOnly ( $attr )) {
2009-06-30 10:26:08 +00:00
pla_error ( sprintf ( _ ( 'The attribute "%s" is flagged as read-only in the phpLDAPadmin configuration.' ),
htmlspecialchars ( $attr_name )));
2009-06-30 10:46:00 +00:00
} else {
// binary values
if ( isset ( $_SESSION [ 'submitform' ][ $attr_name ])) {
foreach ( $val as $i => $v ) {
if ( isset ( $_SESSION [ 'submitform' ][ $attr_name ][ $v ])) {
foreach ( $_SESSION [ 'submitform' ][ $attr_name ][ $v ] as $file ) {
foreach ( $file as $data ) {
$entry [ 'update' ][ $attr_name ][ $i ] = $data ;
}
}
}
}
}
}
2009-06-30 09:22:30 +00:00
}
2009-06-30 08:05:37 +00:00
2009-06-30 10:26:08 +00:00
# Perform the modification
2009-06-30 10:46:00 +00:00
$result = $ldapserver -> modify ( $entry [ 'dn' ][ 'string' ], $entry [ 'update' ]);
if ( $result ) {
2009-06-30 10:26:08 +00:00
# Fire the post modification event to the user's custom callback function.
$mustRelogin = false ;
2009-06-30 10:46:00 +00:00
foreach ( $entry [ 'update' ] as $attr_name => $val ) {
2009-06-30 10:26:08 +00:00
run_hook ( 'post_attr_modify' ,
2009-06-30 10:46:00 +00:00
array ( 'server_id' => $ldapserver -> server_id , 'dn' => $entry [ 'dn' ][ 'string' ], 'attr_name' => $attr_name , 'new_value' => $val ));
2009-06-30 08:09:20 +00:00
2009-06-30 10:26:08 +00:00
/* Was this a user ' s password modification who is currently
2009-06-30 10:46:00 +00:00
* logged in ? If so , they need to logout and log back in
* with the new password .
*/
2009-06-30 09:29:51 +00:00
if ( 0 === strcasecmp ( $attr_name , 'userPassword' ) &&
in_array ( $ldapserver -> auth_type , array ( 'cookie' , 'session' )) &&
2009-06-30 10:46:00 +00:00
pla_compare_dns ( $ldapserver -> getLoggedInDN (), $entry [ 'dn' ][ 'string' ]) === 0 )
2009-06-30 10:26:08 +00:00
$mustRelogin = true ;
}
2009-06-30 08:09:20 +00:00
2009-06-30 10:46:00 +00:00
run_hook ( 'post_update' ,
array ( 'server_id' => $ldapserver -> server_id , 'dn' => $entry [ 'dn' ][ 'string' ], 'update_array' => $entry [ 'update' ]));
2009-06-30 10:26:08 +00:00
# If the user password was changed, not tell the to relogin.
if ( $mustRelogin ) {
$ldapserver -> unsetLoginDN ();
2009-06-30 09:29:51 +00:00
unset_lastactivity ( $ldapserver );
include './header.php' ;
2009-06-30 10:26:08 +00:00
echo '<body>' ;
echo '<br />' ;
echo '<center>' ;
printf ( '<b>%s</b>' , _ ( 'Modification successful!' ));
echo '<br /><br />' ;
echo _ ( 'Since you changed your password, you must now login again with your new password.' );
echo '<br />' ;
2009-06-30 10:46:00 +00:00
printf ( '<a href="cmd.php?cmd=login_form&server_id=%s">%s...</a>' , $ldapserver -> server_id , _ ( 'Login' ));
2009-06-30 10:26:08 +00:00
echo '</center>' ;
echo '</body>' ;
echo '</html>' ;
2009-06-30 08:09:20 +00:00
exit ;
}
2009-06-30 10:46:00 +00:00
$redirect_url = sprintf ( 'cmd.php?cmd=template_engine&server_id=%s&dn=%s' , $ldapserver -> server_id , $entry [ 'dn' ][ 'encode' ]);
2009-06-30 09:29:51 +00:00
2009-06-30 10:46:00 +00:00
foreach ( $entry [ 'update' ] as $attr => $junk )
2009-06-30 08:05:37 +00:00
$redirect_url .= " &modified_attrs[]= $attr " ;
2009-06-30 09:29:51 +00:00
foreach ( $failed_attrs as $attr => $junk )
$redirect_url .= " &failed_attrs[]= $attr " ;
header ( " Location: $redirect_url " );
2009-06-30 10:46:00 +00:00
die ();
2009-06-30 09:29:51 +00:00
} else {
2009-06-30 10:26:08 +00:00
pla_error ( _ ( 'Could not perform ldap_modify operation.' ), $ldapserver -> error (), $ldapserver -> errno ());
2009-06-30 09:29:51 +00:00
}
2009-06-30 08:05:37 +00:00
?>