deon/phpldapadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

RELEASE 0.9.8.3

Browse Source
This commit is contained in:
Deon George
2009-06-30 20:27:56 +10:00
parent 7741110caf
commit a01f7c8289
15 changed files with 284 additions and 239 deletions
Download Patch File Download Diff File Expand all files Collapse all files

105
htdocs/compare_form.php
View File

@@ -1,5 +1,5 @@
<?php
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/compare_form.php,v 1.2.4.2 2005/12/09 14:29:15 wurley Exp $
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/compare_form.php,v 1.2.4.3 2006/04/29 03:15:34 wurley Exp $
/**
* Compares to DN entries side by side.
@@ -14,66 +14,65 @@
require './common.php';
if( ! $ldapserver->haveAuthInfo())
pla_error( _('Not enough information to login to server. Please check your configuration.') );
if (! $ldapserver->haveAuthInfo())
pla_error(_('Not enough information to login to server. Please check your configuration.'));
$dn = (isset($_GET['dn']) ? $_GET['dn'] : '');
$encoded_dn = rawurlencode( $dn );
$rdn = get_rdn( $dn );
$container = get_container( $dn );
$attrs = $ldapserver->getDNAttrs($dn);
$rdn = get_rdn($dn);
$select_server_html = server_select_list($ldapserver->server_id,true,'server_id_dst');
include './header.php'; ?>
include './header.php';
<body>
echo '<body>';
<h3 class="title"><?php echo _('Compare another DN with'). '&nbsp;' . $rdn; ?></h3>
<h3 class="subtitle"><?php echo _('Server'); ?>: <b><?php echo $ldapserver->name; ?></b>
<?php if ($dn) { ?>
&nbsp;&nbsp;&nbsp; <?php echo _('Distinguished Name')?>: <b><?php echo $dn; ?></b>
<?php } ?>
</h3>
printf('<h3 class="title">%s %s</h3>',_('Compare another DN with'),htmlspecialchars($rdn));
printf('<h3 class="subtitle">%s: <b>%s</b>',_('Server'),$ldapserver->name);
if ($dn)
printf('&nbsp;&nbsp;&nbsp;%s: <b>%s</b>',_('Distinguished Name'),htmlspecialchars($dn));
echo '</h3>';
echo "\n";
<center>
<?php echo _('Compare'); ?> <b><?php echo htmlspecialchars( $rdn ); ?></b> <?php echo _('with '); ?>:<br />
<br />
echo '<center>';
printf('%s <b>%s</b> %s<br />',_('Compare'),htmlspecialchars($rdn),_('with '));
<form action="compare.php" method="post" name="compare_form">
<input type="hidden" name="server_id_src" value="<?php echo $ldapserver->server_id; ?>" />
echo '<form action="compare.php" method="post" name="compare_form">';
printf('<input type="hidden" name="server_id_src" value="%s" />',$ldapserver->server_id);
echo "\n";
<table style="border-spacing: 10px">
<tr>
<?php if (! $dn) { ?>
<td><acronym title="<?php echo _('Compare this DN with another'); ?>"><?php echo _('Source DN'); ?></acronym>:</td>
<td>
<input type="text" name="dn_src" size="45" value="<?php echo htmlspecialchars( $dn ); ?>" />
<?php draw_chooser_link( 'compare_form.dn_src', 'true', $rdn ); ?></td>
</td>
<?php } else { ?>
<input type="hidden" name="dn_src" value="<?php echo htmlspecialchars( $dn ); ?>" />
<?php } ?>
</tr>
<tr>
<td><acronym title="<?php echo _('Compare this DN with another'); ?>"><?php echo _('Destination DN'); ?></acronym>:</td>
<td>
<input type="text" name="dn_dst" size="45" value="" />
<?php draw_chooser_link( 'compare_form.dn_dst', 'true', '' ); ?></td>
</td>
</tr>
echo '<table style="border-spacing: 10px">';
echo "\n";
echo '<tr><td>';
<tr>
<td><?php echo _('Destination Server')?>:</td>
<td><?php echo $select_server_html; ?></td>
</tr>
if (! $dn) {
printf('<acronym title="%s">%s</acronym>:',_('Compare this DN with another'),_('Source DN'));
echo '</td><td>';
printf('<input type="text" name="dn_src" size="45" value="%s" />',htmlspecialchars($dn));
draw_chooser_link('compare_form.dn_src','true',$rdn);
<tr>
<td colspan="2" align="right"><input type="submit" value="<?php echo _('Compare'); ?>" /></td>
</tr>
</table>
</form>
</center>
</body>
</html>
} else
printf('<input type="hidden" name="dn_src" value="%s" />',htmlspecialchars($dn));
echo '</td></tr>';
echo "\n";
echo '<tr>';
printf('<td><acronym title="%s">%s</acronym>:</td>',_('Compare this DN with another'),_('Destination DN'));
echo '<td>';
echo '<input type="text" name="dn_dst" size="45" value="" />';
draw_chooser_link('compare_form.dn_dst','true','');
echo '</td>';
echo '</tr>';
echo "\n";
printf('<tr><td>%s:</td><td>%s</td></tr>',_('Destination Server'),$select_server_html);
echo "\n";
printf('<tr><td colspan="2" align="right"><input type="submit" value="%s" /></td></tr>',_('Compare'));
echo "\n";
echo '</table>';
echo '</form>';
echo '</center>';
echo '</body>';
echo '</html>';
?>

35
htdocs/copy_form.php
View File

@@ -1,5 +1,5 @@
<?php
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/copy_form.php,v 1.24.4.4 2005/12/11 08:21:03 wurley Exp $
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/copy_form.php,v 1.24.4.5 2006/04/29 03:27:41 wurley Exp $
/**
* Copies a given object to create a new one.
@@ -53,34 +53,46 @@ if (is_array($children) && count($children) > 0) { ?>
echo '<body>';
printf('<h3 class="title">%s %s</h3>',_('Copy '),$rdn);
printf('<h3 class="subtitle">%s: <b>%s</b> &nbsp;&nbsp;&nbsp; %s: <b>%s</b></h3>',_('Server'),$ldapserver->name,_('Distinguished Name'),$dn);
printf('<h3 class="title">%s %s</h3>',_('Copy'),htmlspecialchars($rdn));
printf('<h3 class="subtitle">%s: <b>%s</b> &nbsp;&nbsp;&nbsp; %s: <b>%s</b></h3>',_('Server'),$ldapserver->name,
_('Distinguished Name'),htmlspecialchars($dn));
echo "\n";
echo '<center>';
printf('%s <b>%s</b> %s:<br /><br />',_('Copy '),htmlspecialchars($rdn),_('to a new object'));
printf('%s <b>%s</b> %s:<br /><br />',_('Copy'),htmlspecialchars($rdn),_('to a new object'));
echo '<form action="copy.php" method="post" name="copy_form">';
printf('<input type="hidden" name="old_dn" value="%s" />',$dn);
printf('<input type="hidden" name="old_dn" value="%s" />',htmlspecialchars($dn));
printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
echo "\n";
echo '<table style="border-spacing: 10px">';
echo "\n";
echo '<tr>';
printf('<td><acronym title="%s">%s</acronym>:</td>',_('The full DN of the new entry to be created when copying the source entry'),_('Destination DN'));
printf('<td><acronym title="%s">%s</acronym>:</td>',
_('The full DN of the new entry to be created when copying the source entry'),_('Destination DN'));
printf('<td><input type="text" name="new_dn" size="45" value="%s" />',htmlspecialchars($dn));
draw_chooser_link('copy_form.new_dn','true',$rdn);
draw_chooser_link('copy_form.new_dn','true',htmlspecialchars($rdn));
echo '</td></tr>';
echo "\n";
printf('<tr><td>%s</td><td>%s</td></tr>',_('Destination Server'),$select_server_html);
echo "\n";
if (is_array($children) && count($children) > 0) {
echo '<tr>';
printf('<td><label for="recursive">%s</label>:</td>',_('Recursive copy'));
echo '<td><input type="checkbox" id="recursive" name="recursive" onClick="toggle_disable_filter_field(this)" />';
printf('<small>(%s)</small></td>',_('Recursively copy all children of this object as well.'));
echo '</tr><tr>';
echo '</tr>'."\n";
echo '<tr>';
printf('<td><acronym title="%s">%s</acronym>:</td>',_('When performing a recursive copy, only copy those entries which match this filter'),_('Filter'));
echo '<td><input type="text" name="filter" value="(objectClass=*)" size="45" disabled />';
echo '</tr><tr>';
echo '</tr>'."\n";
echo '<tr>';
printf('<td>%s</td>',_('Delete after copy (move):'));
echo '<td><input type="checkbox" name="remove" value="yes"/ disabled>';
printf('<small>(%s)</small)</td>',_('Make sure your filter (above) will select all child records.'));
@@ -89,9 +101,12 @@ if (is_array($children) && count($children) > 0) {
} else {
printf('<tr><td>%s</td><td><input type="checkbox" name="remove" value="yes"/></td></tr>',_('Delete after copy (move):'));
}
echo "\n";
printf('<tr><td colspan="2" align="right"><input type="submit" value="%s" /></td></tr>',_('Copy '));
echo "\n";
echo '</table></form>';
echo "\n";
echo '<script type="text/javascript" language="javascript">';
echo '<!--';
@@ -101,7 +116,7 @@ echo '//-->';
echo '</script>';
if ($config->GetValue('appearance','show_hints'))
printf('<small><img src="images/light.png" /><span class="hint">%s</span></small>',_('Hint: Copying between different servers only works if there are no schema violations'));
printf('<small><img src="images/light.png" alt="Light" /><span class="hint">%s</span></small>',_('Hint: Copying between different servers only works if there are no schema violations'));
echo '</center></body></html>';
?>

191
htdocs/delete_form.php
View File

@@ -1,5 +1,5 @@
<?php
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/delete_form.php,v 1.20.4.5 2005/12/11 08:21:03 wurley Exp $
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/delete_form.php,v 1.20.4.6 2006/04/29 04:05:14 wurley Exp $
/**
* delete_form.php
@@ -31,118 +31,123 @@ include './header.php';
echo '<body>';
printf('<h3 class="title">'._('Delete %s').'</h3>',htmlspecialchars(get_rdn($dn)));
printf('<h3 class="subtitle">%s: <b>%s</b> &nbsp;&nbsp;&nbsp; %s: <b>%s</b></h3>',
_('Server'),$ldapserver->name,_('Distinguished Name'),htmlspecialchars(($dn)));
_('Server'),$ldapserver->name,_('Distinguished Name'),htmlspecialchars($dn));
echo "\n";
echo '<center>';
if ($has_children) {
echo '<center>';
printf('<b>%s</b><br /><br />',_('Permanently delete all children also?'));
flush();
# get the total number of child objects (whole sub-tree)
$s = $ldapserver->search(null,dn_escape($dn),'objectClass=*',array('dn'));
$sub_tree_count = count($s);
?>
<table class="delete_confirm">
<tr>
<td>
<p>
<?php printf(_('This entry is the root of a sub-tree containing %s entries.'),$sub_tree_count); ?>
<small>(<a href="search.php?search=true&amp;server_id=<?php echo $ldapserver->server_id; ?>&amp;filter=<?php echo rawurlencode('objectClass=*'); ?>&amp;base_dn=<?php echo rawurlencode($dn); ?>&amp;form=advanced&amp;scope=sub"><?php echo _('view entries'); ?></a>)</small>
<br />
<br />
echo '<table class="delete_confirm">';
echo '<tr>';
echo '<td><p>';
printf(_('This entry is the root of a sub-tree containing %s entries.'),$sub_tree_count);
printf('<small>(<a href="search.php?search=true&amp;server_id=%s&amp;filter=%s&amp;base_dn=%s&amp;form=advanced&amp;scope=sub">%s</a>)</small>',
$ldapserver->server_id,rawurlencode('objectClass=*'),rawurlencode($dn),_('view entries'));
echo '<br /><br />';
<?php printf(_('phpLDAPadmin can recursively delete this entry and all %s of its children. See below for a list of all the entries that this action will delete. Do you want to do this?'),($sub_tree_count-1)); ?><br />
<br />
<small><?php echo _('Note: this is potentially very dangerous and you do this at your own risk. This operation cannot be undone. Take into consideration aliases, referrals, and other things that may cause problems.'); ?></small>
printf(_('phpLDAPadmin can recursively delete this entry and all %s of its children. See below for a list of all the entries that this action will delete. Do you want to do this?'),($sub_tree_count-1));
echo '<br /><br />';
<br />
<br />
<table width="100%">
<tr>
<td>
<center>
<form action="rdelete.php" method="post">
<input type="hidden" name="dn" value="<?php echo $dn; ?>" />
<input type="hidden" name="server_id" value="<?php echo $ldapserver->server_id; ?>" />
<input type="submit" class="scary" value="<?php printf(_('Delete all %s objects'),$sub_tree_count); ?>" />
</form>
</center>
</td>
printf('<small>%s</small>',
_('Note: this is potentially very dangerous and you do this at your own risk. This operation cannot be undone. Take into consideration aliases, referrals, and other things that may cause problems.'));
echo '<br /><br />';
echo "\n";
<td>
<center>
<form action="template_engine.php" method="get">
<input type="hidden" name="dn" value="<?php echo htmlspecialchars($dn); ?>" />
<input type="hidden" name="server_id" value="<?php echo $ldapserver->server_id; ?>" />
<input type="submit" name="submit" value="<?php echo _('Cancel'); ?>" class="cancel" />
</form>
</center>
</td>
</tr>
</table>
</td>
</tr>
</table>
echo '<table width="100%">';
echo '<tr>';
echo '<td><center>';
echo '<form action="rdelete.php" method="post">';
printf('<input type="hidden" name="dn" value="%s" />',htmlspecialchars($dn));
printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
printf('<input type="submit" class="scary" value="%s" />',sprintf(_('Delete all %s objects'),$sub_tree_count));
echo '</form>';
echo '</center></td>';
<?php flush(); ?>
<br />
<br />
<?php echo _('List of entries to be deleted:'); ?><br />
echo '<td><center>';
echo '<form action="template_engine.php" method="get">';
printf('<input type="hidden" name="dn" value="%s" />',htmlspecialchars($dn));
printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
printf('<input type="submit" name="submit" value="%s" class="cancel" />',_('Cancel'));
echo '</form>';
echo '</center></td>';
echo '</tr>';
echo '</table>';
echo "\n";
<select size="<?php echo min(10,$sub_tree_count);?>" multiple disabled style="background:white; color:black;width:500px" >
<?php $i=0;
echo '</td>';
echo '</tr>';
echo '</table>';
echo "\n";
flush();
echo '<br /><br />';
echo _('List of entries to be deleted:');
echo '<br />';
printf('<select size="%s" multiple disabled style="background:white; color:black;width:500px" >',min(10,$sub_tree_count));
$i=0;
foreach ($s as $dn => $junk) {
$i++; ?>
$i++;
printf('<option>%s. %s</option>',$i,htmlspecialchars(dn_unescape($dn)));
}
echo '</select>';
echo "\n";
<option><?php echo $i; ?>. <?php echo htmlspecialchars((dn_unescape($dn))); ?></option>
<?php } ?>
</select>
</center>
} else {
echo '<table class="delete_confirm">';
echo '<tr>';
<br />
echo '<td nowrap>';
echo _('Are you sure you want to permanently delete this object?');
echo '<br /><br />';
<?php } else { ?>
printf('<acronym title="%s">%s</acronym>: <b>%s</b>',_('Distinguished Name'),_('DN'),pretty_print_dn($dn));
echo '<br />';
printf('%s: <b>%s</b>',_('Server'),htmlspecialchars($ldapserver->name));
echo '<br /><br />';
echo "\n";
<center>
<table class="delete_confirm">
<tr>
<td>
<?php echo _('Are you sure you want to permanently delete this object?'); ?><br />
<br />
<nobr><acronym title="<?php echo _('Distinguished Name'); ?>"><?php echo _('DN'); ?></acronym>: <b><?php echo pretty_print_dn($dn); ?></b></nobr><br />
<nobr><?php echo _('Server'); ?>: <b><?php echo htmlspecialchars($ldapserver->name); ?></b></nobr><br />
<br />
echo '<table width="100%">';
echo '<tr>';
<table width="100%">
<tr>
<td>
<center>
<form action="delete.php" method="post">
<input type="hidden" name="dn" value="<?php echo htmlspecialchars($dn); ?>" />
<input type="hidden" name="server_id" value="<?php echo $ldapserver->server_id; ?>" />
<input type="submit" name="submit" value="<?php echo _('Delete'); ?>" class="scary" />
</form>
</center>
</td>
echo '<td><center>';
echo '<form action="delete.php" method="post">';
printf('<input type="hidden" name="dn" value="%s" />',htmlspecialchars($dn));
printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
printf('<input type="submit" name="submit" value="%s" class="scary" />',_('Delete'));
echo '</form>';
<td>
<center>
<form action="template_engine.php" method="get">
<input type="hidden" name="dn" value="<?php echo $dn; ?>" />
<input type="hidden" name="server_id" value="<?php echo $ldapserver->server_id; ?>" />
<input type="submit" name="submit" value="<?php echo _('Cancel'); ?>" class="cancel" />
</form>
</center>
</td>
</tr>
</table>
</td>
</tr>
</table>
</center>
echo '</center></td>';
<?php } ?>
echo '<td><center>';
echo '<form action="template_engine.php" method="get">';
printf('<input type="hidden" name="dn" value="%s" />',htmlspecialchars($dn));
printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
printf('<input type="submit" name="submit" value="%s" class="cancel" />',_('Cancel'));
echo '</form>';
</body>
</html>
echo '</center></td>';
echo '</tr>';
echo '</table>';
echo "\n";
echo '</td>';
echo '</tr>';
echo '</table>';
echo "\n";
}
echo '</center>';
echo '<br />';
echo '</body>';
echo '</html>';
?>

7
htdocs/header.php
View File

@@ -1,5 +1,5 @@
<?php
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/header.php,v 1.21.2.3 2005/12/11 04:00:23 wurley Exp $
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/header.php,v 1.21.2.4 2006/04/29 03:14:45 wurley Exp $
/**
* @package phpLDAPadmin
@@ -7,7 +7,6 @@
/* We want to get $language into scope in case we were included
from within a function */
global $config;
$language = isset($config) ? $language = $config->GetValue('appearance','language') : 'auto';
# text/xml won't work with MSIE, but is very useful for debugging xhtml code.
@@ -17,8 +16,8 @@ $language = isset($config) ? $language = $config->GetValue('appearance','languag
# XML version and encoding for well-behaved browsers
echo '<?xml version="1.0" encoding="utf-8"?>'."\n";
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"';
echo ' "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">'."\n";
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"'."\n";
echo '"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">'."\n";
printf('<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="%s" lang="%s" dir="ltr">',$language,$language);
echo "\n\n";

4
htdocs/rename_form.php
View File

@@ -1,5 +1,5 @@
<?php
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/rename_form.php,v 1.8.4.2 2005/12/08 11:55:06 wurley Exp $
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/rename_form.php,v 1.8.4.3 2006/04/29 03:29:19 wurley Exp $
/**
* Displays a form for renaming an LDAP entry.
@@ -33,7 +33,7 @@ printf('<h3 class="subtitle">%s: <b>%s</b> &nbsp;&nbsp;&nbsp; %s: <b>%s</b></h3>
echo '<br /><center><form action="rename.php" method="post" class="edit_dn" />';
printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
printf('<input type="hidden" name="dn" value="%s" />',$dn);
printf('<input type="hidden" name="dn" value="%s" />',htmlspecialchars($dn));
printf('<input type="text" name="new_rdn" size="30" value="%s" />',htmlspecialchars($rdn));
printf('<input class="update_dn" type="submit" value="%s" />',_('Rename'));
echo '</form></center>';

6
htdocs/search.php
View File

@@ -1,5 +1,5 @@
<?php
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/search.php,v 1.72.2.11 2005/12/31 03:13:48 wurley Exp $
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/search.php,v 1.72.2.12 2006/04/29 05:45:34 wurley Exp $
/**
* Perform LDAP searches and draw the advanced/simple search forms
@@ -233,8 +233,8 @@ if (isset($_GET['search'])) {
<nobr>
<small>
<?php
printf('[ <a href="export_form.php?server_id=%s&amp;scope=%s&amp;dn=%s&amp;filter=%s&amp;attributes=%s"><img src="images/save.png" /> %s</a> ]',
$ldapserver->server_id,$scope,urlencode($base_dn),urlencode($filter),
printf('[ <a href="export_form.php?server_id=%s&amp;scope=%s&amp;dn=%s&amp;filter=%s&amp;attributes=%s"><img src="images/save.png" alt="Save" /> %s</a> ]',
$ldapserver->server_id,htmlspecialchars($scope),urlencode($base_dn),urlencode($filter),
urlencode(join(', ',$search_result_attributes)),_('export results'));
printf('[ <img src="images/rename.png" /> %s:',_('Format'));

48
htdocs/template_engine.php
View File

@@ -1,5 +1,5 @@
<?php
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/template_engine.php,v 1.26.2.34 2006/03/13 23:13:43 wurley Exp $
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/template_engine.php,v 1.26.2.37 2006/05/05 12:50:34 wurley Exp $
/**
* Template render engine.
@@ -87,7 +87,7 @@ if (isset($template['empty_attrs'])) {
$new_dn = sprintf('%s=%s,%s',$template['rdn'],$_REQUEST['form'][$template['rdn']],$_REQUEST['container']);
echo '<form action="create.php" method="post">';
printf('<input type="hidden" name="new_dn" value="%s" />',$new_dn);
printf('<input type="hidden" name="new_dn" value="%s" />',htmlspecialchars($new_dn));
} else {
echo '<form action="template_engine.php" method="post" id="template_form" name="template_form" enctype="multipart/form-data">';
@@ -188,7 +188,7 @@ if (isset($template['empty_attrs'])) {
}
printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
printf('<input type="hidden" name="template" value="%s" />',$_REQUEST['template']);
printf('<input type="hidden" name="template" value="%s" />',htmlspecialchars($_REQUEST['template']));
printf('<input type="hidden" name="object_classes" value="%s" />',rawurlencode(serialize(array_values($template['objectclass']))));
printf('<input type="hidden" name="page" value="%s" />',$page+1);
@@ -217,12 +217,12 @@ if (isset($template['empty_attrs'])) {
echo '<td class="heading">Container <acronym title="Distinguished Name">DN</acronym>:</td>';
printf('<td><input type="text" name="container" size="40" value="%s" disabled />',
htmlspecialchars($_REQUEST['container']));
printf('<input type="hidden" name="container" value="%s" /></td></tr>',$_REQUEST['container']);
printf('<input type="hidden" name="container" value="%s" /></td></tr>',htmlspecialchars($_REQUEST['container']));
echo '<tr class="spacer"><td colspan="3"></td></tr>';
}
} else {
printf('<td><input type="hidden" name="container" value="%s" /></td></tr>',$_REQUEST['container']);
printf('<td><input type="hidden" name="container" value="%s" /></td></tr>',htmlspecialchars($_REQUEST['container']));
}
$count = 0;
@@ -319,7 +319,7 @@ if (isset($template['empty_attrs'])) {
# Display the icon if one is required.
if (isset($detail['icon']) && trim($detail['icon']))
printf('<td><img src="%s" /></td>',$detail['icon']);
printf('<td><img src="%s" alt="Icon" /></td>',$detail['icon']);
else
printf('<td>&nbsp;</td>');
@@ -489,7 +489,7 @@ if (isset($template['empty_attrs'])) {
# If there is no count, display the summary
if (! $count) {
printf('<tr><td><img src="%s" /></td><td><span class="x-small">%s :</span></td><td><b>%s</b></td></tr>',
printf('<tr><td><img src="%s" alt="Create" /></td><td><span class="x-small">%s :</span></td><td><b>%s</b></td></tr>',
$template['icon'],_('Create Object'),htmlspecialchars($new_dn));
echo '<tr class="spacer"><td colspan="3"></td></tr>';
@@ -800,15 +800,15 @@ foreach ($template['attrs'] as $attr => $vals) {
if (count($vals) > 1) {
for ($i=1; $i<=count($vals); $i++)
printf('<a href="%s&amp;value_num=%s"><img src="images/save.png" /> %s(%s)</a><br />',
printf('<a href="%s&amp;value_num=%s"><img src="images/save.png" alt="Save" /> %s(%s)</a><br />',
$href,$i,_('download value'),$i);
} else {
printf('<a href="%s"><img src="images/save.png" /> %s</a><br />',$href,_('download value'));
printf('<a href="%s"><img src="images/save.png" alt="Save" /> %s</a><br />',$href,_('download value'));
}
if (! $ldapserver->isReadOnly() && ! $ldapserver->isAttrReadOnly($attr))
printf('<a href="javascript:deleteAttribute(\'%s\');" style="color:red;"><img src="images/trash.png" /> %s</a>',
printf('<a href="javascript:deleteAttribute(\'%s\');" style="color:red;"><img src="images/trash.png" alt="Trash" /> %s</a>',
$attr,_('delete attribute'));
echo '</small>';
@@ -850,10 +850,11 @@ foreach ($template['attrs'] as $attr => $vals) {
if (trim($val) == '')
printf('<span style="color:red">[%s]</span><br />',_('empty'));
elseif (! strcasecmp($attr,'userPassword') && $config->GetValue('appearance','obfuscate_password_display'))
elseif (! strcasecmp($attr,'userPassword') && $config->GetValue('appearance','obfuscate_password_display')) {
$user_password = $val;
echo preg_replace('/./','*',$val).'<br />';
elseif (in_array(strtolower($attr),$shadow_format_attrs)) {
} elseif (in_array(strtolower($attr),$shadow_format_attrs)) {
$shadow_date = shadow_date($attrs,$attr);
echo htmlspecialchars($val).'&nbsp;';
echo '<small>';
@@ -870,18 +871,9 @@ foreach ($template['attrs'] as $attr => $vals) {
} else
echo htmlspecialchars($val).'<br />';
}
//@todo: redundant?
} else {
if (! strcasecmp($attr,'userPassword') && obfuscate_password_display())
echo preg_replace('/./','*',$vals).'<br />';
else
echo $vals.'<br />';
}
if (! strcasecmp($attr,'userPassword'))
if (! strcasecmp($attr,'userPassword') && isset($user_password))
printf('<small><a href="javascript:passwordComparePopup(\'%s\')">%s</a></small>',base64_encode($user_password),_('Check password...'));
if (preg_match("/^${attr}=/",$rdn))
@@ -917,8 +909,8 @@ foreach ($template['attrs'] as $attr => $vals) {
echo htmlspecialchars($user_password);
echo '<br />';
printf('<input style="width: 260px" type="%s" name="new_values[userpassword][]" value="" />',
(obfuscate_password_display($enc_type) ? 'password' : 'text'));
printf('<input style="width: 260px" type="%s" name="new_values[userpassword][]" value="%s" />',
(obfuscate_password_display($enc_type) ? 'password' : 'text'),htmlspecialchars($user_password));
echo enc_type_select_list($enc_type);
@@ -1012,7 +1004,7 @@ foreach ($template['attrs'] as $attr => $vals) {
# Is this value is a structural objectClass, make it read-only
if (! strcasecmp($attr,'objectClass')) {
printf('<a title="%s" href="schema.php?server_id=%s&amp;view=objectClasses&amp;viewvalue=%s"><img src="images/info.png" /></a>&nbsp;',
printf('<a title="%s" href="schema.php?server_id=%s&amp;view=objectClasses&amp;viewvalue=%s"><img src="images/info.png" alt="Info" /></a>&nbsp;',
_('View the schema description for this objectClass'),$ldapserver->server_id,htmlspecialchars($val));
$schema_object = $ldapserver->getSchemaObjectClass($val);
@@ -1038,10 +1030,10 @@ foreach ($template['attrs'] as $attr => $vals) {
}
elseif (is_mail_string($val))
printf('<a href="mailto:%s"><img style="vertical-align: center" src="images/mail.png" /></a>&nbsp;',htmlspecialchars($val));
printf('<a href="mailto:%s"><img style="vertical-align: center" src="images/mail.png" alt="Mail" /></a>&nbsp;',htmlspecialchars($val));
elseif (is_url_string($val))
printf('<a href="%s" target="new"><img style="vertical-align: center" src="images/dc.png" /></a>&nbsp;',htmlspecialchars($val));
printf('<a href="%s" target="new"><img style="vertical-align: center" src="images/dc.png" alt="URL" /></a>&nbsp;',htmlspecialchars($val));
if ($ldapserver->isMultiLineAttr($attr,$val))
printf('<textarea class="val" rows="3" cols="50" name="%s" id="%s">%s</textarea>',$input_name,$input_id,htmlspecialchars($val));
@@ -1135,7 +1127,7 @@ else
<!-- This form is submitted by JavaScript when the user clicks "Delete attribute" on a binary attribute -->
<form name="delete_attribute_form" action="delete_attr.php" method="post">
<input type="hidden" name="server_id" value="<?php echo $ldapserver->server_id; ?>" />
<input type="hidden" name="dn" value="<?php echo $dn; ?>" />
<input type="hidden" name="dn" value="<?php echo htmlspecialchars($dn); ?>" />
<input type="hidden" name="attr" value="FILLED IN BY JAVASCRIPT" />
</form>

15
htdocs/update_confirm.php
View File

@@ -1,5 +1,5 @@
<?php
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/update_confirm.php,v 1.43.2.8 2006/01/12 22:04:51 wurley Exp $
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/update_confirm.php,v 1.43.2.11 2006/05/13 12:43:47 wurley Exp $
/**
* Takes the results of clicking "Save" in template_engine.php and determines which
@@ -76,16 +76,21 @@ foreach ($old_values as $attr => $old_val) {
}
# Check user password with new encoding.
if (isset($new_values['userpassword']) && is_array($new_values['userpassword']))
if (isset($new_values['userpassword']) && is_array($new_values['userpassword'])) {
foreach ($new_values['userpassword'] as $key => $userpassword) {
if ($userpassword) {
$new_val[$key] = password_hash($userpassword,$_POST['enc_type'][$key]);
if ($old_values['userpassword'][$key] == $new_values['userpassword'][$key] &&
get_enc_type($old_values['userpassword'][$key]) == $_POST['enc_type'][$key])
continue;
if ($new_val[$key] != $old_values['userpassword'][$key])
$update_array['userpassword'][$key] = $new_val[$key];
$new_values['userpassword'][$key] = password_hash($userpassword,$_POST['enc_type'][$key]);
}
}
if ($old_values['userpassword'] != $new_values['userpassword'])
$update_array['userpassword'] = $new_values['userpassword'];
}
# strip empty vals from update_array and ensure consecutive indices for each attribute
foreach ($update_array as $attr => $val) {
if (is_array($val)) {