RELEASE 1.1.0.5

RELEASE 1.1.0.4
RELEASE 1.1.0.3
2009-06-30 21:51:50 +10:00 · 2009-06-30 21:50:46 +10:00 · 2009-06-30 21:48:22 +10:00 · 2009-06-30 21:46:44 +10:00 · 2009-06-30 20:46:41 +10:00 · 2009-06-30 20:46:00 +10:00
217 changed files with 29550 additions and 11297 deletions
--- a/6
+++ b/6
@@ -1,11 +1,11 @@
 For install instructions in non-English languages, see the wiki:
-    http://wiki.pldapadmin.com
+    http://phpldapadmin.wiki.sourceforge.net

 * Requirements

  phpLDAPadmin requires the following:
      a. A web server (Apache, IIS, etc).
-      b. PHP 4.1.0 or newer (with LDAP support)
+      b. PHP 5.0.0 or newer (with LDAP support)

 * To install

@@ -17,7 +17,7 @@ For install instructions in non-English languages, see the wiki:
 * For additional help

  See the wiki:
-    http://wiki.pldapadmin.com
+    http://phpldapadmin.wiki.sourceforge.net

  Join our mailing list: 
    https://lists.sourceforge.net/lists/listinfo/phpldapadmin-devel
--- a/2
+++ b/2
@@ -1 +1 @@
-$Name: RELEASE-0_9_8 $
+$Name: RELEASE-1_1_0_5 $
--- a/config/config.php.example
+++ b/config/config.php.example
@@ -1,4 +1,9 @@
 <?php
+/** NOTE **
+ ** Make sure that <?php is the FIRST line of this file!
+ ** IE: There should NOT be any blank lines or spaces BEFORE <?php
+ **/
+
 /**
 * The phpLDAPadmin config file
 *
@@ -9,8 +14,8 @@
 * For example, the default for defining the language in config_default.php
 *
 * $this->default->appearance['lang'] = array(
- *	'desc'=>'Language',
- *	'default'=>'auto');
+ *  'desc'=>'Language',
+ *  'default'=>'auto');
 *
 * to override this, use $config->custom->appearance['lang'] = 'en';
 *
@@ -41,7 +46,7 @@

 /* phpLDAPadmin can encrypt the content of sensitive cookies if you set this
   to a big random string. */
-$config->custom->session['blowfish'] = '';
+// $config->custom->session['blowfish'] = null;

 /* The language setting. If you set this to 'auto', phpLDAPadmin will attempt
   to determine your language automatically. Otherwise, available lanaguages
@@ -55,6 +60,90 @@ $config->custom->session['blowfish'] = '';
 // $config->custom->jpeg['tmpdir'] = "/tmp";     // Example for Unix systems
 #  $config->custom->jpeg['tmpdir'] = "c:\\temp"; // Example for Windows systems

+/* Set this to (bool)true if you do NOT want a random salt used when
+   calling crypt().  Instead, use the first two letters of the user's
+   password.  This is insecure but unfortunately needed for some older
+   environments. */
+#  $config->custom->password['no_random_crypt_salt'] = true;
+
+/* PHP script timeout control. If php runs longer than this many seconds then
+   PHP will stop with an Maximum Execution time error. Increase this value from
+   the default if queries to your LDAP server are slow. The default is either
+   30 seconds or the setting of max_exection_time if this is null. */
+// $config->custom->session['timelimit'] = 30;
+
+/*********************************************/
+/* Commands                                  */
+/*********************************************/
+
+/* Command availability ; if you don't authorize a command the command
+   links will not be shown and the command action will not be permitted.
+   For better security, set also ACL in your ldap directory. */
+
+/*
+$config->custom->commands['all'] = array(
+ 'home'    => true,
+ 'external_links' => array('feature'  => true,
+                           'bug'      => true,
+                           'donation' => true,
+                           'help'     => true,
+                           'credits'  => true),
+ 'purge'   => true,
+ 'schema'  => true,
+ 'import'  => true,
+ 'export'  => true,
+ 'logout'  => true,
+ 'search'  => array('simple_search'     => true,
+                    'predefined_search' => true,
+                    'advanced_search'   => true),
+ 'server_refresh' => true,
+ 'server_info'    => true,
+ 'entry_refresh'  => true,
+ 'entry_move'     => true,
+ 'entry_internal_attributes_show' => true,
+ 'entry_delete'  => array('simple_delete' => true,
+                          'mass_delete'   => false),
+ 'entry_rename'  => true,
+ 'entry_compare' => true,
+ 'entry_create'  => true,
+ 'attribute_add'          => true,
+ 'attribute_add_value'    => true,
+ 'attribute_delete'       => true,
+ 'attribute_delete_value' => true);
+*/
+
+/*********************************************/
+/* Appearance                                */
+/*********************************************/
+
+/* If you want to choose the appearance of the tree, specify a class name which
+   inherits from the Tree class. */
+// $config->custom->appearance['tree'] = "AJAXTree";
+#  $config->custom->appearance['tree'] = "HTMLTree";
+
+/* If you want to customise the entry view/edition, specify your factory name which
+   inherits from the EntryFactory class.
+   The 'DefaultEntryFactory' draws all the attributes of an entry according this
+   config file and the ldap schema definition ; the 'TemplateEntryFactory' draws
+   an entry according to the template whose regexp matches with the dn. */
+#  $config->custom->appearance['entry_factory'] = "DefaultEntryFactory";
+// $config->custom->appearance['entry_factory'] = "TemplateEntryFactory";
+
+/* If you want to customise an attribute view/edition, specify your factory name which
+   inherits from the AttributeFactory class.
+   An AttributeFactory defines which class to use to represent a given attribute */
+// $config->custom->appearance['attribute_factory'] = "AttributeFactory";
+
+/* Configure what objects are shown in left hand tree */
+// $config->custom->appearance['tree_filter'] = '(objectclass=*)';
+
+/* The height and width of the tree. If these values are not set, then
+   no tree scroll bars are provided.
+// $config->custom->appearance['tree_height'] = null;
+#  $config->custom->appearance['tree_height'] = 600;
+// $config->custom->appearance['tree_width'] = null;
+#  $config->custom->appearance['tree_width'] = 250;
+
 /*********************************************/
 /* Define your LDAP servers in this section  */
 /*********************************************/
@@ -80,12 +169,14 @@ $ldapservers->SetValue($i,'server','name','My LDAP Server');
   auto-detect it for you. */
 // $ldapservers->SetValue($i,'server','base',array(''));

-/* Three options for auth_type:
+/* Four options for auth_type:
   1. 'cookie': you will login via a web form, and a client-side cookie will
      store your login dn and password.
   2. 'session': same as cookie but your login dn and password are stored on the
      web server in a persistent session variable.
-   3. 'config': specify your login dn and password here in this config file. No
+   3. 'http': same as session but your login dn and password are retrieved via
+      HTTP authentication.
+   4. 'config': specify your login dn and password here in this config file. No
      login will be required to use phpLDAPadmin for this server.

   Choose wisely to protect your authentication information appropriately for
@@ -110,6 +201,50 @@ $ldapservers->SetValue($i,'server','name','My LDAP Server');
 /* Use TLS (Transport Layer Security) to connect to the LDAP server. */
 // $ldapservers->SetValue($i,'server','tls',false);

+/************************************
+ *      SASL Authentication         *
+ ************************************/
+
+/* Enable SASL authentication LDAP SASL authentication requires PHP 5.x
+   configured with --with-ldap-sasl=DIR. If this option is disabled (ie, set to
+   false), then all other sasl options are ignored. */
+// $ldapservers->SetValue($i,'server','sasl_auth',false);
+
+/* SASL auth mechanism */
+// $ldapservers->SetValue($i,'server','sasl_mech','PLAIN');
+
+/* SASL authentication realm name */
+// $ldapservers->SetValue($i,'server','sasl_realm','');
+#  $ldapservers->SetValue($i,'server','sasl_realm',"example.com");
+
+/* SASL authorization ID name
+   If this option is undefined, authorization id will be computed from bind DN,
+   using sasl_authz_id_regex and sasl_authz_id_replacement. */
+// $ldapservers->SetValue($i,'server','sasl_authz_id', null);
+
+/* SASL authorization id regex and replacement
+   When sasl_authz_id property is not set (default), phpLDAPAdmin will try to
+   figure out authorization id by itself from bind distinguished name (DN).
+
+   This procedure is done by calling preg_replace() php function in the
+   following way:
+
+   $authz_id = preg_replace($sasl_authz_id_regex,$sasl_authz_id_replacement,
+    $bind_dn);
+
+   For info about pcre regexes, see:
+   - pcre(3), perlre(3)
+   - http://www.php.net/preg_replace */
+// $ldapservers->SetValue($i,'server','sasl_authz_id_regex',null);
+// $ldapservers->SetValue($i,'server','sasl_authz_id_replacement',null);
+#  $ldapservers->SetValue($i,'server','sasl_authz_id_regex','/^uid=([^,]+)(.+)/i');
+#  $ldapservers->SetValue($i,'server','sasl_authz_id_replacement','$1');
+
+/* SASL auth security props.
+   See http://beepcore-tcl.sourceforge.net/tclsasl.html#anchor5 for explanation.
+*/
+// $ldapservers->SetValue($i,'server','sasl_props',null);
+
 /* If the link between your web server and this LDAP server is slow, it is
   recommended that you set 'low_bandwidth' to true. This will enable
   phpLDAPadmin to forego some "fancy" features to conserve bandwidth. */
@@ -130,6 +265,14 @@ $ldapservers->SetValue($i,'server','name','My LDAP Server');
   users in. See 'login_string' directly below. */
 // $ldapservers->SetValue($i,'login','attr','dn');

+/* If you specified something different from 'dn', for example 'uid', as the
+   login_attr above, you can optionally specify here to fall back to
+   authentication with dn.
+   This is useful, when users should be able to log in with their uid, but
+   the ldap administrator wants to log in with his root-dn, that does not
+   necessarily have the uid attribute. */
+// $ldapservers->SetValue($i,'login','fallback_dn',false);
+
 /* If you specified 'cookie' or 'session' as the auth_type above, and you
   specified 'string' for 'login_attr' above, you must provide a string here for
   logging users in. If, for example, I have a lot of user entries with DNs like
@@ -141,7 +284,7 @@ $ldapservers->SetValue($i,'server','name','My LDAP Server');
 /* If 'login_attr' is used above such that phpLDAPadmin will search for your DN
   at login, you may restrict the search to a specific objectClass. EG, set this
   to 'posixAccount' or 'inetOrgPerson', depending upon your setup. */
-// $ldapservers->SetValue($i,'login','class','');
+// $ldapservers->SetValue($i,'login','class',null);

 /* Specify true If you want phpLDAPadmin to not display or permit any
   modification to the LDAP server. */
@@ -164,50 +307,50 @@ $ldapservers->SetValue($i,'server','name','My LDAP Server');
 // $ldapservers->SetValue($i,'auto_number','mechanism','search');

 /* The DN of the search base when the 'search' mechanism is used above. */
-// $ldapservers->SetValue($i,'auto_number','search_base','ou=People,dc=example,dc=com');
+#  $ldapservers->SetValue($i,'auto_number','search_base','ou=People,dc=example,dc=com');

 /* The minimum number to use when searching for the next available UID number
   (only when 'search' is used for auto_uid_number_mechanism' */
 // $ldapservers->SetValue($i,'auto_number','min','1000');

 /* The DN of the uidPool entry when 'uidpool' mechanism is used above. */
-// $servers[$i]['auto_uid_number_uid_pool_dn'] = 'cn=uidPool,dc=example,dc=com';
+#  $servers[$i]['auto_uid_number_uid_pool_dn'] = 'cn=uidPool,dc=example,dc=com';

 /* If you set this, then phpldapadmin will bind to LDAP with this user ID when
   searching for the uidnumber. The idea is, this user id would have full
   (readonly) access to uidnumber in your ldap directory (the logged in user
   may not), so that you can be guaranteed to get a unique uidnumber for your
   directory. */
-// $ldapservers->SetValue($i,'auto_number','dn','');
+// $ldapservers->SetValue($i,'auto_number','dn',null);

 /* The password for the dn above. */
-// $ldapservers->SetValue($i,'auto_number','pass','');
+// $ldapservers->SetValue($i,'auto_number','pass',null);

 /* Enable anonymous bind login. */
 // $ldapservers->SetValue($i,'login','anon_bind',true);

 /* Use customized page with prefix when available. */
-// $ldapservers->SetValue($i,'custom','pages_prefix','custom_');
+#  $ldapservers->SetValue($i,'custom','pages_prefix','custom_');

 /* If you set this, then phpldapadmin will bind to LDAP with this user when
   testing for unique attributes (as set in unique_attrs array). If you want to
   enforce unique attributes, than this id should have full (readonly) access
   to the attributes in question (the logged in user may not have enough access)
 */
-// $ldapservers->SetValue($i,'unique_attrs','dn','');
+// $ldapservers->SetValue($i,'unique_attrs','dn',null);

 /* The password for the dn above */
-// $ldapservers->SetValue($i,'unique_attrs','pass','');
+// $ldapservers->SetValue($i,'unique_attrs','pass',null);

 /* If you set this, then only these DNs are allowed to log in. This array can
   contain individual users, groups or ldap search filter(s). Keep in mind that
   the user has not authenticated yet, so this will be an anonymous search to
   the LDAP server, so make your ACLs allow these searches to return results! */
-# $ldapservers->SetValue($i,'login','allowed_dns',array(
-#	'uid=stran,ou=People,dc=example,dc=com',
-# 	'(&(gidNumber=811)(objectClass=groupOfNames))',
-# 	'(|(uidNumber=200)(uidNumber=201))',
-# 	'cn=callcenter,ou=Group,dc=example,dc=com'));
+#  $ldapservers->SetValue($i,'login','allowed_dns',array(
+#   'uid=stran,ou=People,dc=example,dc=com',
+#   '(&(gidNumber=811)(objectClass=groupOfNames))',
+#   '(|(uidNumber=200)(uidNumber=201))',
+#   'cn=callcenter,ou=Group,dc=example,dc=com'));

 /* Set this if you dont want this LDAP server to show in the tree */
 // $ldapservers->SetValue($i,'appearance','visible',true);
@@ -240,20 +383,29 @@ $ldapservers->SetValue($i,'server','tls',false);
 $ldapservers->SetValue($i,'server','low_bandwidth',false);
 $ldapservers->SetValue($i,'appearance','password_hash','md5');
 $ldapservers->SetValue($i,'login','attr','dn');
-$ldapservers->SetValue($i,'login','string','');
-$ldapservers->SetValue($i,'login','class','');
+$ldapservers->SetValue($i,'login','string',null);
+$ldapservers->SetValue($i,'login','class',null);
 $ldapservers->SetValue($i,'server','read_only',false);
 $ldapservers->SetValue($i,'appearance','show_create',true);
 $ldapservers->SetValue($i,'auto_number','enable',true);
 $ldapservers->SetValue($i,'auto_number','mechanism','search');
-$ldapservers->SetValue($i,'auto_number','search_base','');
+$ldapservers->SetValue($i,'auto_number','search_base',null);
 $ldapservers->SetValue($i,'auto_number','min','1000');
-$ldapservers->SetValue($i,'auto_number','dn','');
-$ldapservers->SetValue($i,'auto_number','pass','');
+$ldapservers->SetValue($i,'auto_number','dn',null);
+$ldapservers->SetValue($i,'auto_number','pass',null);
 $ldapservers->SetValue($i,'login','anon_bind',true);
 $ldapservers->SetValue($i,'custom','pages_prefix','custom_');
-$ldapservers->SetValue($i,'unique_attrs','dn','');
-$ldapservers->SetValue($i,'unique_attrs','pass','');
+$ldapservers->SetValue($i,'unique_attrs','dn',null);
+$ldapservers->SetValue($i,'unique_attrs','pass',null);
+
+# SASL auth
+$ldapservers->SetValue($i,'server','sasl_auth',true);
+$ldapservers->SetValue($i,'server','sasl_mech','PLAIN');
+$ldapservers->SetValue($i,'server','sasl_realm','EXAMPLE.COM');
+$ldapservers->SetValue($i,'server','sasl_authz_id',null);
+$ldapservers->SetValue($i,'server','sasl_authz_id_regex','/^uid=([^,]+)(.+)/i');
+$ldapservers->SetValue($i,'server','sasl_authz_id_replacement','$1');
+$ldapservers->SetValue($i,'server','sasl_props',null);
 */

 /*********************************************/
@@ -265,7 +417,8 @@ $ldapservers->SetValue($i,'unique_attrs','pass','');
 $friendly_attrs = array();

 $friendly_attrs['facsimileTelephoneNumber'] = 'Fax';
-$friendly_attrs['telephoneNumber']			= 'Phone';
+$friendly_attrs['telephoneNumber']          = 'Phone';
+$friendly_attrs['uid']                      = 'User Name';

 /*********************************************/
 /* Support for attrs display order           */
@@ -277,16 +430,16 @@ $friendly_attrs['telephoneNumber']			= 'Phone';
   attributes that are not specified in this array will be displayed after in
   alphabetical order. */
 #  $attrs_display_order = array(
-#	'givenName',
-# 	'sn',
-# 	'cn',
-# 	'displayName',
-# 	'uid',
-# 	'uidNumber',
-# 	'gidNumber',
-# 	'homeDirectory',
-# 	'mail',
-# 	'userPassword'
+#   'givenName',
+#   'sn',
+#   'cn',
+#   'displayName',
+#   'uid',
+#   'uidNumber',
+#   'gidNumber',
+#   'homeDirectory',
+#   'mail',
+#   'userPassword'
 #  );

 /*********************************************/
@@ -305,8 +458,8 @@ $friendly_attrs['telephoneNumber']			= 'Phone';
 /* Hidden attributes in read-only mode. If undefined, it will be equal to
   $hidden_attrs. */
 #  $hidden_attrs_ro = array(
-#	'objectClass','shadowWarning', 'shadowLastChange', 'shadowMax',
-#	'shadowFlag', 'shadowInactive', 'shadowMin', 'shadowExpire');
+#   'objectClass','shadowWarning', 'shadowLastChange', 'shadowMax',
+#   'shadowFlag', 'shadowInactive', 'shadowMin', 'shadowExpire');

 /**                                         **/
 /** Read-only attributes                    **/
@@ -336,6 +489,19 @@ $friendly_attrs['telephoneNumber']			= 'Phone';
   present a user with the option of changing the unique attributes. */
 #  $unique_attrs = array('uid','uidNumber','mail');

+/*********************************************/
+/* Group attributes                          */
+/*********************************************/
+
+/* Add "modify group members" link to the attribute. */
+// $config->custom->modify_member['groupattr'] = array('member','uniqueMember','memberUid')
+
+/* Configure filter for member search. This only applies to "modify group members" feature */
+// $config->custom->modify_member['filter'] = '(objectclass=Person)';
+
+/* Attribute that is added to the group member attribute. */
+// $config->custom->modify_member['attr'] = 'dn';
+
 /*********************************************/
 /* Predefined Queries (canned views)         */
 /*********************************************/
@@ -357,7 +523,7 @@ $queries[$q]['scope'] = 'sub';
 $queries[$q]['filter'] = '(&(objectClass=posixAccount)(uid=*))';

 /* The attributes to return */
-$queries[$q]['attributes'] = 'cn, uid, homeDirectory';
+$queries[$q]['attributes'] = 'cn, uid, homeDirectory, telephonenumber, jpegphoto';

 /* If you want to configure more pre-defined queries, copy and paste the above (including the "$q++;") */
 $q++;
--- a/doc/README-translation.txt
+++ b/doc/README-translation.txt
@@ -1,2 +1,2 @@
-Please see http://wiki.pldapadmin.com/Translating now for information on
+Please see http://wiki.phpldapadmin.info/Translating now for information on
 translating PLA.
--- a/doc/certs/ca-bundle.crt
+++ b/doc/certs/ca-bundle.crt
--- a/doc/certs/slapd.crt
+++ b/doc/certs/slapd.crt
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICtTCCAh6gAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjES
+MBAGA1UECBMJQmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcwFQYDVQQKEw5N
+eSBDb21wYW55IEx0ZDAeFw0wNTA5MTUwMjAyMTNaFw0yMTA3MjYxNjM2NTNaMEwx
+CzAJBgNVBAYTAkdCMRIwEAYDVQQIEwlCZXJrc2hpcmUxEDAOBgNVBAcTB05ld2J1
+cnkxFzAVBgNVBAoTDk15IENvbXBhbnkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQCr6PfdngYTUobwJDwIqY7ywDCWd/IJ+SL2hbe46558oVI7Vw2GbqWn
+VZ1fJa0wV2pcy/e10HzZX+RpIwKOZUQvbH1jHJyZ/0bt7on8jmI5o+p+rLVspci5
+yVNcgu1tQttpyKnTrDSDkLVbQ6VX8FKLnKnZ7+dk8SNibt0KbzKnOQIDAQABo4Gm
+MIGjMB0GA1UdDgQWBBQ4xLvszjgfXgWht8V6s1eRAZS/OjB0BgNVHSMEbTBrgBQ4
+xLvszjgfXgWht8V6s1eRAZS/OqFQpE4wTDELMAkGA1UEBhMCR0IxEjAQBgNVBAgT
+CUJlcmtzaGlyZTEQMA4GA1UEBxMHTmV3YnVyeTEXMBUGA1UEChMOTXkgQ29tcGFu
+eSBMdGSCAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQAgzaIKI03l
+lZmX7IpLN3vqC/PL6QQTUQkdDRXJYGH+DdURx7v0nE/kkb3R3X92BpNxe5jywhHg
+A5NaUhjAR76+F3Guk/4XFaWPctJ2PvfJWolS/VrY+KGc3N4zz9A2i8B6SHBzE6V8
+EHkcGJtGXkFvCVp1ZbCyejJhw4PUEYawsQ==
+-----END CERTIFICATE-----
--- a/doc/certs/slapd.key
+++ b/doc/certs/slapd.key
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQCr6PfdngYTUobwJDwIqY7ywDCWd/IJ+SL2hbe46558oVI7Vw2G
+bqWnVZ1fJa0wV2pcy/e10HzZX+RpIwKOZUQvbH1jHJyZ/0bt7on8jmI5o+p+rLVs
+pci5yVNcgu1tQttpyKnTrDSDkLVbQ6VX8FKLnKnZ7+dk8SNibt0KbzKnOQIDAQAB
+AoGAdfKYpag3WOiFhpwFyJe1aV5tt79CBI+36lZicHDQw4fXqLkYoYSnCYFXQSHT
+ithfNJ4JLeiG0InXaD9KELLwLU2C7rr7mgOBczzmVBGCYUDNuV3bMcNDOQk/drum
+GLGqHhxU6W0dlCUnoBZoEHK6dvtDZnxCa+cUBozvFbuLOTUCQQDZJf+Mz7vc78nn
+Cc7nnHFfO+79NQi9h0ydW6kb2LLSGB/f3oqwary8eqCs7RVinG21PMWbjrh0lGOJ
+DjYP6dLDAkEAyqrs8pgxcxSTcJiaU4/sxGCeaS4fvoeCbYvKLlS5k5Km6DmA3nY+
+KwxQyLHg64g1ImDSuLy3P/E2lZGCPhZGUwJAMVUxpqL3Mi2D+CpBSFtBYnpyRDJN
+Rwm6/TD6zWnAznxOmYSsi4HkWQmfAUpnhly1i+w/lKSrAUlJB7Uj0R+1EwJAOADv
+pUIFOCXRcGXbD4hQBxwj6jDCuOW9VwQwBImJFoyJ7tYlFFRcbYzjrfHpk2x6MlvL
+Hx2XDeZcDQy+juWc3QJAHOpmlHuWqS07i5UIXVl5ohhoWkFd9Qs7/TowyFQF3zpO
+BqnwfHZRpySjSUlNE0QpoJRJQPq7p3BWtS3PWMj0/A==
+-----END RSA PRIVATE KEY-----
--- a/doc/demo-reset.sh
+++ b/doc/demo-reset.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+for i in $(grep directory phpldapadmin-demo.conf|awk '{print $2}'); do
+	rm -f $i/*dbb $i/alock $i/log.*
+done
+
+slapadd -b "dc=example.com" -l ldif-example.com
+slapadd -b "dc=example,dc=com" -l ldif-example-com
+slapadd -b "o=Simpsons" -l ldif-Simpsons
+
+for i in $(grep directory phpldapadmin-demo.conf|awk '{print $2}'); do
+	chown -R ldap:ldap $i
+done
--- a/doc/ldif-Simpsons
+++ b/doc/ldif-Simpsons
@@ -0,0 +1,461 @@
+# extended LDIF
+#
+# LDAPv3
+# base <o=Simpsons> with scope subtree
+# filter: (objectclass=*)
+# requesting: ALL
+#
+
+# Simpsons
+dn: o=Simpsons
+o: Simpsons
+objectClass: organization
+objectClass: top
+
+# People, Simpsons
+dn: ou=People,o=Simpsons
+ou: People
+objectClass: organizationalUnit
+objectClass: top
+
+# Pets, Simpsons
+dn: ou=Pets,o=Simpsons
+ou: Pets
+objectClass: organizationalUnit
+objectClass: top
+
+# Santas Little Helper, Pets, Simpsons
+dn: cn=Santas Little Helper,ou=Pets,o=Simpsons
+givenName: Santas Little Helper
+sn: Simpson
+objectClass: inetOrgPerson
+objectClass: top
+jpegPhoto:: /9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAoHBwgHBgoICAgLCgoLDhgQDg0NDh0VFh
+ EYIx8lJCIfIiEmKzcvJik0KSEiMEExNDk7Pj4+JS5ESUM8SDc9Pjv/2wBDAQoLCw4NDhwQEBw7KCI
+ oOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozv/wAARCABn
+ AEsDASIAAhEBAxEB/8QAGwABAAIDAQEAAAAAAAAAAAAAAAQGAgUHAwH/xAA8EAACAQMCAwYDAwkJA
+ AAAAAABAgMABBEFIQYSMRMiQVFhcTKBkRRCogcVI5KhsbLB0TM0U2JygoPw8f/EABoBAAIDAQEAAA
+ AAAAAAAAAAAAAEAwUGAgH/xAArEQACAgECAwcEAwAAAAAAAAABAgADEQQxEhMhBXGBkbHR8BQyQWF
+ R4fH/2gAMAwEAAhEDEQA/AOwXNzDZ273FxIsUSDLOxwBXPdS46vYb+WeC4SOJMGK0lQASKTygsSOY
+ EnyPd8tjm+6lp8Op2MlpcKGjfHUZwQcg+4IqkrwRpdlqsrzS3sskcSFRAOaR+duUkbE4XAzjpk52p
+ bUV2uBy2xj55Rih6kJ5i5+es834l1uWTtRfiLO4ijhQoP1gWP1+le4451N4RIlnbARFhIDzEzcpwe
+ XfuZx481e+ncP6d2WpT3ctxfrZzSRrHCzBsKoOCExzOc/uwBVbu9CWfigWFleXFurElO0O4Zo1bDA
+ /eAYg59M771WrVrk3sGSfn4j5s0T7Iek6nY3cV9ZxXUBzHKgZfY171A0TT20vSLeyZ+YxKFzU+ruV
+ EUpSiEUpSiE1Or8U6HoEscWq6nBaySjKI5JJHngdB6naqVrOpR67qf21Bm3ROS2yMEqdy3pzbfID1
+ racafk6t+KdRTUFfspwgRjk4YDOMj5mtPJwfxTbgQQy2roMBX7PGB7Db9lV+vqvtQJUcfzHtFZRU/
+ Hb4SOsn2NS8NzJZrjDNDMYgR4ZwRWKTrZTWuoIcrbSiViDzcynIY58diTn0r5ecMTaRe2sl7em5u3
+ V2dG3CL0GB0G/l5GvUgEYIBB6g1nrjZpLVUtnhwf1L6rl6qpmC44un7nUopFliWRTlWGQRWdVXgnV
+ O0s20mZ8zWgHZEnd4vun5fCfYedWqtdXYtiB12My1iNWxRtxFKUrucRSlKIRSlKITnnEsjScT3nMf
+ 7NYo19By8372Na2p3F7i04tkLryxTwREv4B8soz7gAe4x4itdHKJJZExjs2Cn6A/wA6xnaKn6lz8/
+ E1ugYfToJ6RTT2l1FeWrBZ4DlcnAYeKn0I/kfCuj6VqkGrWCXcBIDbMjfEjDqp9RXMbR2ltInY5LK
+ DmpGkaxfaffNd2PZGBu5JHITibG2Rj4cHIB3z5YxTXZ2t5BNdn2+n+xftDR84Cyv7vWdTpWp0XiC2
+ 1lWRVMNzGMvA5yQPMH7w9frittWnVldQynImcZSp4WGDFKUrqcxSlKISh8cRBtYUOoZJbPBBGQcM2
+ f4qquiwNbWrK8rSk8jFmOTvGm30q3cfDlvbaTw+yzZ+RQ1VYTyWUzdMRKfpEtZzXr1t719Jf6FulX
+ c3rPDTb9fsMEcsUsLiNVDOvdY48D/XFS9OAGmWuP8ABT+EVtLrTDHw3pl6Yw0RgEU4I2x90n03I+Y
+ rVaevZW32bfNuxi38h8P4StJa/TiixlA6dD88Y5obzcisT12kpZJreaO5tnCXEJ5o2PTPkfQ9D6V0
+ fR9Tj1fTIbyMcvaDvITujDYqfY5Fc2LqJAme8wJA9sf1FWLge8Md9e6eT3WCzoPfIb9q5+dOdj3kO
+ ajseoiva1AKi0bjoZdaV8r7WkmeilKjahdiw0+e7MTyiFC5SMd5sDwohKd+URwssGQe7Z3BP4KrF6
+ Oxsb1QPhiUAf8AClSOKOIU16ZFjWMSSRdhHHHL2hPM3eJwBgYFY8RwCM3lqw+IwxkH/MkY/nVFqBz
+ eJl2LKJc6c8vCtuFYy32Wu6MNDi0+6ExXsuRw1uxHT2qm3Sw2Ooube4NxbYwZCjDC+GcjqucH0OfA
+ 1lr2haZoZt1Mk6vJEJDI8rIoz4DA3O2/ltWlF06L+g1KRgeoaJ3H4lJ/bUmrWy4ctsE9zevWcaVkq
+ PGuQO9f6m4vG7ExXJ2WJsP6K2xPyOD7A1jBq35p4miuI5lSVIMcjnCSAse6x8Omx8PqDAtb63gtxF
+ PcTTDBBQWpCY8gCCcfOrRwFoenahb3r3FpK6u2ENwMtyYH/nsBSWh0dnNycrjY4945rNXXy8DDZ3G
+ faXnStVttXsxcW5II7skbfFG3kf8Au/UVOrnM9tdcD62kluzyWUgPIueqjdoz7DLL5YI6V0G3uI7m
+ 3jnicNHIoZSPEGtBVYWyrbj5mUViBcMux+YnrWLorqVYZB6isqVNIpp7fhXR7W9+2RWaCXOc+tVPj
+ jTp4dVa9NvPPbS8j/oPiR1GN+mRsD710SvjIrjDKCPUVFbUtq8LSSqxq24llU4azxHpA/PNmZGhci
+ NpkAYr4Zxtmt7HommRLypYwgf6RU5VVBhQAPICvtSAYGJwTk5kMaTp4P8Ac4f1RUmOKOJeWNFQeQG
+ KzpXs8lc45WMaAJXKgxXEbKT5c3e/DzVr+F5p14asFy20WBt4Z2qJxleNrOswaHbEssbfpMdOY9fo
+ Dj/c3lVzsbGKzsobdVGI1A6VCgzYz+Hln3xJXOEC+Pnj2kulKVNIopSlEIpSlEIpSlEJVOFtCktb2
+ 6vb0rJcGRsMDnOT1q10pXgAAwJ6SScmf//Z
+o: The Simpsons
+cn: Santas Little Helper
+
+# Bart Simpson, People, Simpsons
+dn: cn=Bart Simpson,ou=People,o=Simpsons
+cn: Bart Simpson
+gidNumber: 1000
+givenName: Bart
+homeDirectory: /home/users/simpsons/bart
+jpegPhoto:: /9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw
+ 8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRw
+ hMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAB1
+ AEEDASIAAhEBAxEB/8QAHAAAAgIDAQEAAAAAAAAAAAAAAAcFBgIDBAEI/8QARxAAAgEDAwIEAgQIC
+ A8AAAAAAQIDAAQRBRIhBjETQVFxImEUgYKRBxUzQlOhscIWUnKSk8HS4RcjJTI2Q1RVYnSistHw8f
+ /EABsBAAEFAQEAAAAAAAAAAAAAAAUAAgMEBgEH/8QAMBEAAQMCAwUHAwUAAAAAAAAAAQACAwQRBSE
+ xBhJBUXETYaGxwdHwFCKBMkJSkeH/2gAMAwEAAhEDEQA/AH/RRRSSRUFrWs3FnJPaW9rIZDbho51I
+ O12LAfCe4BUE+44qdqv9QIV1HT5/zSssPuTtYfqRqoYnNJBSPli1aL+/gpImhzwCow3GtM/iC+USQ
+ gJCTyko5JMijAycgcdtuRjJFcx06UxmI3szRA+JGHO5lm/SZz34yB6knz4kKK83fjFc/WQ/Le3nzK
+ JCCMcFG/iuVZTLHeOkpxLuC8fSP0xGeT5EeY47V36Ml3b63bwfTppLY+I4iY9vhGcn84ljn5ZrOtm
+ m/wCkNt/y8v7UohguIVUldHG+QkE5+foo542CMkBWiiiivR0NRRRRSSRUL1IMWtpMe0V0uftBk/aw
+ qaqI6mH+QpW8o5YpD7LIpP6hVWuZ2lNIzm0+Scw2cCoqtaSvMC1vbXE6Du8cZ2/UTwfqzWNyFaJVd
+ tsTSIshzj4CwDc+XGeasNrFqkesXXiyWf4p8KNbWKNCJUYZ3bj2x2xisJgWCxV7HSSuIANrBEJ5zG
+ QAq8LqJuBv3htpj2Nvz6bMbs457dqytbpItcsWw6vuaJo3RkfDDg7SASMgc+/pUvcNDD1daMCivJZ
+ TCU8AkK8ezP8AOfHua5r5NQZzPerZgxajD+Lmt9xfw2ZVffnzIMgOOMe1H6TZqKmmbMyQ3ab6DTl/
+ vgq76ovbukKxUUUVplVRRRRSSRUJ1VMy6M1sqFjdkwcYyAUZjjJAzhcDJxkipuozqKOOXpvUxIiso
+ tpGGRnBCkg+4IBqKdrnxOa02JBz5LrTY3KrljM97p0Us9vJEZUy0UyjcAfIgEjt/wCjtXXDc39tH4
+ cF4TGOAsqByo9AeD9+a0tugtwIotxGAEBx54/vrFryCP8AKv4XzkG0feeK8np6uop3F1O4tvy9kXc
+ xrhZyxlt0eQzTxG7nbhpJApbHpzgAfIcV5pkBh1jTi+5EN05ig35WIeC/YdgTgnj1rxdU098bL62f
+ PbbKpz9xrrtbe4vr21eGCZEhmWQzSIUAA7gA4LZBI44570Twl1a+ta+zjcjeOel+PBRTBgYQrZRRR
+ XpSGLm1C8FhZSXBXeVwFXONzEgKM+XJFVqWS8uhm6vpyTztgcwqvyG0g49yasmpWS6jYSWxcxlsFX
+ AztZSGU488EA4qoXOoLptwbXVMW86pvLjJjK8jdu/NHB/zsHg+9ZbaR9exrXU5IZxtrfvtnZWqbs8
+ 9/VR+vWi3mi3UX0+/WSKNpUQ3bk7lUkZDE5GfqqjDqbXbbTZrSLVJ2tpEKyRy4kypGCAWBI49DTPH
+ 0e/tEcqk0EqhhuAYEEUrupbBdL1uWzgRhFIN8ZOcKvGRnzwT29qDYTiE73Oje9xPeb9VpMLZTvLoZ
+ Wg30y4q3WXXVjLGPpcMsD45KDep9sc/qrHUus9NMCrBHPcIXXxVXMZMefiAPfOP/oqhgAAAdhXtSR
+ 4bTslEgGhvbgizsEp3HU9L/CnZpvXXTN9cQ2dpe7XchIla3eNTngAEqB8hVnr5ptFZkjjQkMG2KQc
+ HIOB9dOyG9vrEAwzPcRr3hnbcSPk55B9yR7dxoTjkMLwyoyvx4flZfE8JFKW9kbgjirVRVZ/h/wBO
+ /wC2N/RN/wCKKNdozmEEsV3ah1ToulySJd3yq0f5TZG0mz+VtB2/XVG1K7TXby6uYnDwXNyIELcZi
+ j4ZcH1Kycf8RqJ8O4SG2ytyskQUSyCdUWKQNmbxgeWzz288+uR7o2wWFiI1Kx/jG52KfJd02B8uMc
+ eVBsbkd9OAOfoT6LjxYKU0W91CadIILCZ7aKF2YoN3iSu+U/kggMeeBkZxxms9VXEsustBOgWa2yj
+ kMDyVXI44425482I8qYf4PWY2tyHYs5it3JPc5Qj900prqZ7m9uJ5PyksryNn1LEn9tD2UEEEQnYP
+ ufr5laXZxpmqN537B4nLyWqiiimrbrZaNHBfwTvnYjhmwxGD5Nx/FOGx54x503JpvAtd65mfAWMcZ
+ kY8KOOOTik/TS6GnXwtPN+rBjb7LUupwCGYcHsCU24J7jt3NVKiibWTRRvdYXPv6WWY2gjEYE410+
+ eq0f4Mrn/eMf8AR0UyKK2P0sH8QsZvu5qOvdB0fUpvGvtLsrmXj45oFc8duSKX19DHbas0ESLHHFq
+ LhVUYCgoxwB9qmlSv1klNd1TP+r1OL/qji/t0OxwXph19CmO0Ux0E2Lq/i/iW8Kj7LzKf2CqV1/08
+ NG6mM1rKEt78GZYcZEbDAcY8gSQRz5txxVv6KfZrkyfpYpyfsT8f99ZdddI6vruoxX2nvbyJHAIzB
+ K5RshmJKnBBzkDBx271dwdsMtOwTC7c/MqOWeqgiL6RxD+Fj3/0ehSlK3APAib55K/1GvNtyT2iUe
+ u4t/UKmYuntbmjWRdLk2sPOaL+3Wy36K1S+mneVo4PD2xiGSZhzjJPwZBBDAefY1NM/Z6H7nSN6Bx
+ PgCSo48d2okG5vHrut9QAoXT9PXWdcs9Iadne6lEblB8MSnkkj1wDgHPtin1pvT0dleNczSidwFEY
+ ClVUjPxbckbjnvjypadM6JaaLrcGo6prOkWMFhcMqx+MP8Y3h84ztxjxPn2pv211b3sCz2s8c8Ldp
+ I2DKfrFSSxUcpjlgaN0C7Tbn8GqdTS1jw51Y4l5OdzfLyHHILdRRRTlOln1BrN/eX1ztu0treOeSF
+ FkvWtY1EeQSzrzuYqcZ4xjjuartjKxXUVeeaY/SrW5DTuXkCsI8BiSSSAh+6mRrPRtvqd1JcwzJDJ
+ KQzrLAJULYxuAJBDYA88fLNVTW+mG0OXYl1LcvqNs8bzSgDMyZZAABxwzn2X0FC8VjLqZx5EHx9kn
+ Wsu3ptzB1ZGD2czQr9pEk/cNMSlrY3am/wBHvowSpnDAeZDRsv736qYcN3FMm7cF5xgsKZgj96lse
+ BIXG6KtahbHRp5nk4sJJGkWbyiLHJV/QZJIPbnHHGdEkEF3HuI3K643oxBKn5jnFdHX2rrY9LvAk0
+ Ub6hKtiJXPwxCTO5j7KGNL606zZIAL7p3Rr+Qj4pjEImb5sNrZP3ewqnVbJfWSunp3bpOZFuPdmE5
+ +KxUwDJiuzrC1tBY2F06HdHqBtS8QXxJLfYGYZPDFWBUZ7Zx61ZPwbX802nRwznMjQ/F83jbYT/MM
+ Q+zSt1HUZp7xJpvgtgBFDCJHZLcei7ieCQM9ucfU0/wd2MkEBeRSDDFtbIxiSRt5X3CeFn5kjyrVi
+ mdTUkcUjt5w9tfyhNNVCorHvjH2W15n5dXuiiiq6Korj1PTbfVbJra43AZDI6HDIw7MD6j+48Giiu
+ EAixSUFpPRkWn363Vxevc7HZ44hGERWYEFsZJzgnzAyScZqyLbQoMLEgHtRRTIomRN3WCwSXHqujw
+ aparE2I2Rt6MEVhnBXBVgQwIYgg+vkcGlPrP4lsNdk0u40UNOnJns7l4EPtGd4H30UVM17m/pNkx8
+ bJBZ4B6rXpFjonUGsro8OmTW0uVk+lS3bSlQrBuEwq547nOPQ05bKyt9PtEtrWPZEuSBkkkk5JJPJ
+ JJJJPJJoopOc5xu43SZGyMWYLDuXRRRRTU9f//Z
+mail: bart.simpson@example.com
+o: The Simpsons
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: top
+objectClass: shadowAccount
+roomNumber: 45
+sn: Simpson
+telephoneNumber: +15551234567
+uid: bart
+uidNumber: 1000
+userPassword:: ZWF0bXlzaG9ydHM=
+
+# Homer Simpson, People, Simpsons
+dn: cn=Homer Simpson,ou=People,o=Simpsons
+cn: Homer Simpson
+gidNumber: 1000
+givenName: Homer
+homeDirectory: /home/users/simpsons/homer
+jpegPhoto:: /9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAoHBwgHBgoICAgLCgoLDhgQDg0NDh0VFh
+ EYIx8lJCIfIiEmKzcvJik0KSEiMEExNDk7Pj4+JS5ESUM8SDc9Pjv/2wBDAQoLCw4NDhwQEBw7KCI
+ oOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozv/wAARCABP
+ AHIDASIAAhEBAxEB/8QAGwAAAgIDAQAAAAAAAAAAAAAABAUDBgACBwH/xABHEAACAQIEBAEHBgoIB
+ wAAAAABAgMEEQAFEiEGEzFBIhQyNVFhcYEHFlWRk6EVI0JSU2JzdJKyJFSCosHR0uEXJTSkscLT/8
+ QAGgEAAwEBAQEAAAAAAAAAAAAAAgMEBQYBAP/EAC4RAAEEAQMCAwYHAAAAAAAAAAEAAgMRBBIhMQV
+ BE1FhInGhsdHwFBUygZHB4f/aAAwDAQACEQMRAD8AFyDIMnn4foJpsspZJHp0ZmaIEsSOpOGHzbyP
+ 6Io/sVwLw/RyPw7lzCvqkvTIdKlLDbtdMMHo2jRnfM6tVUEsS0dgB1PmYQTvyqQNuEBX5RkNDBzDk
+ 9EzNcKDEoGwJJJtsAASevsBJAwD+CqaNVkk4fotDMFGqlVASTYC+tmW52uV6kXtiw0fC8mZaKnMay
+ sEFrxU5ZVaxsbsQoIJsNhYjueoDZ+GcskjKMlSQbX/AKbNv/fxkS9axon6Nz7k0QOcLpVyDIcgqII
+ 5o8ppCkihlvAt7EXxv828j+iKP7FcE1mRTZWyGLMqw0TMEAuhaFj0udO6k7XO4Nut9vBQyAg/hGsP
+ sJj/ANGNCDIZkM1xmwhLNJohQDhvI7j/AJRR2v8AoRgTK+H8mlyynkkyqkZmS5JhFzgx8vmmzVpml
+ ZY2A0sjAMlrWAFvWCd7jfp3xDlNFI2VUxGYVa3ToDHYf3MPv1QVvwpPm3kf0RR/YriGpyXIKQJrya
+ ncuSAsdOGOwJO3sAP++NswpJeR5PHU1lXPL5lNdPxoBBYGyiy22Jv39oBa0XCsU1NE9XW1EniEscS
+ MY44lP5AGzEWJXxHoeg6Yjyc6HGA8Q/sjbGXcBLU4eyF1DLlVEysAQRCtiD0OPfm3kf0RR/Yrh3Uc
+ L0opzHl1RUZcwWycpy6D+w9xb3W9+E0VJU8ySnqK6rjqISBIqtGVN+jKdG6nt7iOoOAxOoQ5Vhh3H
+ Yr10ZbyFr828j+iKP7FcZ828jv6Io/sVxP5BJ9JVn1x/wCjGeQSX9JVn1x/6MXX6oKHkuL5siRZxW
+ xxqERKiRVUbAAMbDGY9zcac5rlJLWqJBdup8R64zFClXYOG7HhrLbdqaO/8IwbUosghibdZKiFGHr
+ BkW4+I2xXuG2gWDLSdKyrRxKbQg31DbxXuD4T2tYYf1EsUdZQGokEUAqVZ3PYqCyD4sFH3d8RZFiN
+ 1eRVbN6VrG++MwPF5fmUbLldOy7G1TVxtHEp9gNmf4C3txC1TUtTPT6OXmIk8mEexHNtcEG26keO9
+ vNvtcWxwv5fkhrXFlWaVvjMsi+Ftm8fNyatQC5NPJb36Tb77YSxSCaJJR0dQw+Ivh/JT5zBEy1eU8
+ 9dPiainVwR3sraW+AuffisZWwfLICurRpIj1+doBITV7dNr+2+Oj6RjT44eyVtcKeR7XkFpRi+cPf
+ gHKPQ9N+z/wA8HL5w9+Acn9EUv7P/ADxtpXdOMhgU+U1pF5JJWiB/NRCVsPewY/EeoYcYTZDJolra
+ QnzZBMg/VcWP95W+sYc44LqWr8W/V5/Dt8FdFWgUswoz2ARrHmAB/E+CW36Mnr/ZNj7Bqw3wNUGoq
+ JI6Ghfl1VRe0mnVyUFtUhHsuAPWxUdL4HAMoyWeELNr6StBtJFYMoZSCCLgg3Bx73xolHJlk0uWzl
+ TLTPuUFlZWuysB2Fja3axG9r43747/AN6hBsWuG516cr/3mT+Y4zGZ16cr/wB5k/mOMxSpF0XJ4My
+ 8jyU0xhjWSFTJN5KCdAj2DMGueoAvb7sPWq6rKK6gzCpljqIqapEjxxU7Byulg2nxNchSxtbt1HXA
+ HDdbN+Cctp1pyV8nQE9LLpXxX6Wuw29h9VsN6yKpdEko5hFUxEmNje1ypX/2v7wMTvLhZaN1SACFd
+ F4iySWsFWmfxuDFy/IlkUkte9+Xbma+1vuxXxUyM44ourLzRWcm1tMPJMZW/dgpLerVt03wHTV0nE
+ dKlS7OlC6ACJGK85reIkjfSDdQO9iTcWGNxkmWBOWKNOV+hueV/BfT92MuWaeZrSfYIINc/RG2Nov
+ urJNxTlKSmrgr6mqdISvkEMRuxve5UqCrbWuxAF98ULLlr5KTUtXDH421RvRsGRiblTdx0J9Q2thp
+ VytkFDNUUrSrSrGwaBTqEZsdLoD5tmsCBtY3ttvFSQPBEwlbVK7l3Nydz7TubAAXO5tfFkc0sjyHA
+ Bo4KERhvfdRrDmWof06n6/1Q/8A0wHlMOYHKqYrWQKNGwNMT9/Mw4Xzh78A5P6Ipf2f+JxQve68iq
+ ZcqzSlq6ytpyjkwMoj5ZZWtuLub2IU+7VhnPn00jmjiiakqZKw09PLKutJAsml2FrbgK3hNj0Iv1w
+ DWUENcUWoUNGoZWUqDcMLfAjrhhlcco4WYUrO9XolIaR9Tc+7Am5/XuRf145/q8MbXNmIsnb6f76J
+ 0RP6QtoqvM3qp6hkASnKxPRoyuW2u0ikb3udgbXCkWBw0oK9cmrauSooqioWpZWWogTmMqgW5ZXqA
+ DqIsCPEb2N7pchWGKsljRw4VbRL5KEaJLLcO1rhtV7hiSxGod8F1VZNVzSUtHKYY4m0zVCgFtXdUv
+ tcd2N7dAL305+M+WHKHgtHHrx8/ut0bmh7PaKglyc5jmtbnCtLliVZUtEiJrIUW1uW1AMbnYdAB3v
+ hPT+XTcww5jBJCsrJFKabVzFB2a4cA+8AA222wzmySgqY2SqjkqdYIJnneQ/DUTY+7pgakaTS8Mra
+ padzE7Wtqtax+KlT8cdFi+MXudI+77VQCSWgAALieb3GdVwc6mFRJcgWBOo9sZj3OvTlf+8yfzHGY
+ 1lCul8PwxyRZWS6EiihOjWoIIBN7dey9ug62FsWKpaRKWV4VLSLGxQDqWtt9+Kzw/ST+Q0TxzIGlp
+ oGB5SmwCkX3PUDYWG99z6nkkOYKFWOtaWWRxHFGtOl3cmwH+/YXPbCSN1S07IzLq2ngyymjgp6l6e
+ KJUEqQllNhYnbc79duuCRmtAQCtSjk9EQFn/hAv8AdgDJqHMqZKwsyvWrUk1NJJ+LHmrYrtseovbS
+ 9r7dcMvKa1jpGU1ur9Zogv168ZD54Q9zS7ceZr5pzQSAUPX1lO+U1bTJLHGYmS0kRUuWBAAB3JJNr
+ e3EcWsRJzPP0jV77b40zegq5441VklzbmI9JSQ+LljUAzbjfwkguQABsOpuNFDXyJ464xuCVeNqdL
+ owNmU+4gj4YqxHtkYXM4v7pC4kGkwXzh78A5P6Ipf2f+ONZKerkzFSksqRlFGsEaQQb3tq3JNrgjp
+ ffA+U09YcqpiuYaRo2HIU2xXWyHum+DOHzZK6PslVcf2kRj95P14RzQZpZI6atEtTM6xQo0CgM5Nh
+ c9gNyT6gcN8oirMjpZ0zyKaKaSdnafkfiitgq+JCyrso6kYyurxPfikNFmxwjicA/dPB1W+4BxXMv
+ nhosmhernSKzOsjyMFBk1tq69y18PKaspa1NVLUw1C+uGQP/wCMJMyVsqqy70j1UFRUcyAIVBimKn
+ UDqIsDZmB3sS3svhdJcGSujdsT/Xb4qiXiwtZM8hWdYYqWsmdlLjTDoBW9r3kK33I6YhiEktdPVND
+ yFlVByy4Yki41G2wNtIsL+bgZKKtM0lS9aqzzG72hDBR2UE76R2+J6nEnk1df0j/26461kYbv3UpJ
+ XGc69OV/7zJ/McZjzNwRnNcGOphUSXa1rnUcZi1RrpvD80S5dlsrSEaaeGHVp6EgeHzu5tvp29Y3x
+ bMjqYYs7pcyqUYZaqvGlWwAiE7WVfETuLa1uLgE2J3xTeEeJODIKSlbPqvQ0ECRGnFM7c2wG7kCxW
+ 42Xobb32At1R8qnBdTm9M0mYP5HSxOyg0sljI3hG2nsmserx+zAhu9phftQVr4hoKfM6qioQvLqZC
+ XNTH4ZYYksW0t1F2KLbp4j6sJXq6mOkngcKMxhcU+m2zSsQEYD81tSt7AT6jgDL/lG+TnLKmSelzG
+ oUuoQK0MzLGoJOlARZBc9BYdPVjaf5S/k7qM0gzKTMJTUQKVUimlAPWxItYkamtfpqPrxDm4EeVpL
+ uQR/HcL2OUx3SsuQUUGQVs2UBQ3NTyiGoYfjJwCA4durMpI3P5LqOxxWc2qKWXPKmqojrpKhlXnrv
+ G9QAQ6q3S9gnvN7X3tJX/Kd8nOZrEtbV89Ym1IHo5CAbW/N3Fj0OxwJ/xM4FavrYpazmZfWQprjNJ
+ Jp5i3U+HT3UR/wYu0iqQB1G1uvnD34Byf0RS/s/8AE4VScccMU1bJFT5nLUUos0MjwPrAPVWuLki3
+ XuCL7gki5dxvw/T5fBDLWOHRbMOS5t92FaSnhwKt+XGp+cNC9JSGsenDyvEHCaVKlQ2o7X3IAPUk+
+ okXNeIsvjISuMuXSdNNYnLF/UH8xvgxxQuHvlM4MybKXkmrpZK6e8s6JTPctbwxgkW8IsvW17nucb
+ H5VsmqVMsnE8dIzdKePLJJUX2MzAFveNPuw1ooJDjZtX+pybJc2tPUZfR1RYXErRKx94br9Rwi4h4
+ SyemyOsrIRVwSUsLzRFKyXSrqp0nQWK/C3fFYo/lD4AZ5PK2WknU/9Tl0M0AmB7+CzA+sG/axPbeu
+ 484FzClaiqOKc0ejcjmQNASHAN7FjHrtcD8rHxaDuQvASFML9+vfHvfFYp+PMiECLUVzNKoszCF7M
+ Rtq6d+vxxJ8/eHP66/2D/5YVpKp1N81zDOvTlf+8yfzHGYjzOZKnNKueI3jlnd1NrXBYkYzD1Kv/9
+ k=
+mail: homer.simpson@example.com
+o: The Simpsons
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: top
+objectClass: shadowAccount
+roomNumber: 45
+sn: Simpson
+telephoneNumber: +15551234567
+uid: homer
+uidNumber: 1001
+userPassword:: ZWF0bXlzaG9ydHM=
+
+# Lisa Simpson, People, Simpsons
+dn: cn=Lisa Simpson,ou=People,o=Simpsons
+cn: Lisa Simpson
+gidNumber: 1000
+givenName: Lisa
+homeDirectory: /home/users/simpsons/lisa
+jpegPhoto:: /9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAoHBwgHBgoICAgLCgoLDhgQDg0NDh0VFh
+ EYIx8lJCIfIiEmKzcvJik0KSEiMEExNDk7Pj4+JS5ESUM8SDc9Pjv/2wBDAQoLCw4NDhwQEBw7KCI
+ oOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozv/wAARCACA
+ AEwDASIAAhEBAxEB/8QAHAAAAQUBAQEAAAAAAAAAAAAABgEDBAUHAAII/8QAORAAAgECBAQEAwYGA
+ QUAAAAAAQIDBBEABRIhBjFBURMUImEycYEHFTNCYqEjUnKCkbEkU4OSsvD/xAAaAQACAwEBAAAAAA
+ AAAAAAAAAEBQADBgIB/8QAMREAAQMCBAMFCAMBAAAAAAAAAQACAwQRBRIhMUFRYROB0eHwBhQicZG
+ hwfEVQrFS/9oADAMBAAIRAxEAPwDZcR66siy+gnrJgxjgjaRgouSAL2Hvh/FNxY1sheO/400MfzBk
+ W/7XxxI/Iwu5C69aLkBe4eKMokYJLVeUc7aapTFv2BawP0JwmdZ4tFGlPRlJayddUY5rGv8A1G9uw
+ /MduVyB07gg8jzHfDUNNT02rwIIodZu3hoF1HubYyp9oJDGRks7nw+iY+5jNvorPJ86ly+daXMKiS
+ amma0dRK12jcn4WP8AKxOx6E25FQCmSWOFC8rqijmzGwH1wDOiSxtHIodHBVlYXBB5gjDPkaTUGNN
+ E7DkzoGb/ACd8eUuOujiyytzEcfFSSkDnXabI8pa2lrY2kpKmKoRWKlopA4B7XHXcYewO8IWCZoB0
+ rBt/2IsEWNRBL20TZLWuAfql725XFvJdhMLhMXLlDvFL1sE1HJFWTRUkpaKRYm0nWd0OoC9jZhz5l
+ cUXlIDMs7oZZV5STO0jD5MxJGCDi+rpxlL5du9ZVL/x41O6spBEh7KrBTfvYC5IBpfna/tjI485zZ
+ QGvNiNRf8AHVMqMAtNx3rsNzCYxEQNGknQyKWA+gI/3hzEWkhrM/qfKZeTSy0soapllUlYxcgKVBG
+ vULkAEACzEg2BR01PJPIGRi5Rb3tYLuXlJK+GVFqIYp43NvFpwVKf1ISdvcE27W3xMxMk4OroZGqq
+ fNhUTmMIY6iEKjAEmwK7r8R3Ibptimp6xoqNGzAiGfxWhlUiwjkufQTy2A58iAD1wXWYfPTgOeBY8
+ lXFMx+gU+jq6zK55ZqNkdZmDSwS7KxAC3DDdTYAciNuXXBPk+cwZvFKY4pIpYHCTRuPhYgG2oXB2I
+ Ox6i9sZ/R5w+aZsmWZe0Ez1DOsU6MGWHSSCZBc9FYrY+q1rDnjR8ty+nyuhjo6cHQlyWY3Z2JuWY9
+ SSSSffGhwb3rIRKfgGg5/r5oKq7O/w7qVhMLhMPkGgrOaCfKMxqcwnZp6WqfU1Ufig7I/ZBc2YbC5
+ 1b3Zm8X3FtWYco8nGxWbMH8sluYUgl2HuEDEe9sDk4kio5RSxr4iRN4SdNQHpHyvYYxeNwRMqAWnV
+ 2pTSke4ssdgnbG17G2JfDs8o++svpZY4swkPmKczLdSDEiBrdQHQggcrjuMCOS00H3h5kVlNOSoK6
+ 9PmD6RqLEHVcMWBVhYbWta2JpzXK6yqjjMskTp64Kk6oQSdv4cmxN/07EdximhlNFUZwC4W102v+l
+ 3K3tWW2WlUgqFo4Vq3jeoEaiVo1IVntuQDyF74AJaikqeIKnM0yw1cRrg6zrDBL40awrGQviONHrU
+ kMvMAdDh+ZKqqh8KszKtqYCLGKSQKrDsdCqWHsSQeuG54JpAiwVRpkUWISNSfa2oED/GGdTjrTYQD
+ vd5IdlGf7/ZTsrqJ+I+MYqp8tSggyiNyofSZZGkBVfUu2nSH2BIuBvfZTTGd01O+Vu1bRVkkVTa8s
+ 87l1kA6SDYaRvytpubWubnOVVpzLKqWuaIwmohWQxk303F7Ya4fXNq4z/0N/L1dDzxGM9FLwmFwmG
+ SoTFZQ0eYQ+DW0sNTHe+iVAwv33wIZ9RUPD9bSGKY09LOkgZZqglAwKFbazttq2Bt7YNsV+d5jT5Z
+ QePKA0pOmnjChmeSxsFG3uTuAACSQATgWrp454nNfp15dVZG8scCEC5fJDV5nX1UBWRLRRa13DWUs
+ d+v4gxYOquhR1DK3NWFwfpiqSmmkmrJ6zLpqmapp0VHmrgxiqAtnlFgLA2S2ncaNlF7Y6OEo2W+LR
+ ZiqxIVzN4qsFqprbMlmvbULm2g2NgDyGSkoIHOuydvDc93r0UybM8DVhT0uWZfCAYaR0kkYKkdI7R
+ NIx5ABSov89huSQATggyjg1EpWfNJ6t55G1COOvm0xLYWW+oFuVye522AxUcLlmz2jMk00tSr1K+V
+ nhs0EH5JTINmawjUkE/iEcwTjQMPcOw9sbM8pzk94t0Qc8xJs3RVMHC2SwyCTyImdTdTUyPPpPcay
+ bYtsLjsOGtDRZoshiSd12EwuEx0vFHzCugyyhlrKkkRxC50i5Y3sAB1JJAA6kjAW8tTXVZr66wnca
+ UjButOnPQvc7DU35iOwUCfxJVGszqOiBvDQqJXHQytcL/4rc/3qemKPPM0GUZY9SAGlJCQoeTOeV/
+ YWJPsDjK4zVvklFLH39Ty+XrgmVHBezranZN5nxDQZVVRU08h8RxqYKpbw17mwJ36Dr8hiG3GmVg+
+ iOrkHdYgP/YjAWzPJI8srtJLI2p3bmx7nCYGbh0IAzXJWyiwRuUGVxv0t5o/ybjHKhxFQSl5YA+un
+ kM0ZAVXAIOoXA9SIOfXGn4+cHDFCEbS1tj2OPoPKMxizfKKXMIraaiJXt/KSNx8wbj6Y0OHNbHF2b
+ dh+Vmscw8UkjXNJIdz6KbjsdjsMkgXYTC4TEUQFnOWZ2KrMarLpaWrRp2lm8u+qoUBVAQIVK6gqgb
+ 3vbYb4Es6ozmBk8HOHrBBTGrgU+GwsLBwQoG5BGk7b3BxpmZQU09U7VnDL1Ok2Wpjjic27j1Bx9Bi
+ izDJ+F6kDxarMMsNyS0zSwhr7MCZlIIPUXscKp8Oa6TtYzZ3HS9/BFw1T4yCOGyzjNMtlyqrWB5Vm
+ SSMSRyKunUp23FzY/XqMQ8aRJwvlUVBPVtVZXmdHHH+JOzIaeMXOlJI2YIBc8l7DoAMy8FJVUypqt
+ ewbe4vsSLDe3tih0DomjOblbnB8UfVsMZHxN4nY/bf/V6FRCzaRKhbsGF8H32ccWUuVibKMzqoqan
+ cmWnlmkCKrH4kudhf4h76vbAEY0K6Sile1tseUh0MVvePmqnfSfb2/wBYkUnZuzBG4hRGsh7J/cRw
+ Py+y+j4KiCqhWanljmiYel42DKfkRhzHz7lOcZhkdT5jLKloGvdk5xyf1LyP++xGNq4Y4gg4lyWOv
+ iXw5ATHNFe/hyDmL9RuCD2Iw0hnbLtusJiWFTUBBcbtOx8VcYTC4TBCUrsdjsLiKKlz/hbLM+y6og
+ kpadKiVP4dT4S643G6tfnsQNr78sYXUK9HVtSVSeFUJI0boejLzH7fXH0dgE404Pp6/MGrYljjnzB
+ EpxNJfTFKHUqxsNtaqYyf6B1OBp4BKOoTrCcUNC4g6tdbu13+l/ssxp6Kesiq5oTZKKAzSbX1fp+o
+ DH+33x4WhnrKWrqYmCxUMfjSMb2O/wAOx7am+gB540GHh+PhuSpyWabx0ngFQZyujWGGhx7BSBbsH
+ HM3Jz6rzMSUrUFJS+HREkQo7amkBAu7X/MerG+kWC2O5RB0omdFa2Uj6evWiefyM9XnEINnEW6AeO
+ n+BRWqacQyyFZmlDIINOysLnXe532tawO4xpX2XVVBk/DuZ11ZmKQ05lR38ayCNivqHv6tSjuFHPG
+ cRwhGMjnXIRuxH7DsMNR1VUsUkKOpWclFBG6qGfVbsDq3PM8rgHc6GTI64VmK0E8zRZ2pN7cth4aa
+ 961rMftdyell8Okoqur32awjDfIH1f5AwR8McUUvE+WNWwwyUxjlMUkUxW4YANzBIIswxhEcSx3O7
+ M3xOeZxsv2cZSaDhOOWZPXXSGpseikAL/lVU/XBkE7pXEHZKMWwqGhga5pOYnbpx/HmizC47HYMWc
+ XYYraSKvopaScHw5VKkqbEdiD0IO4PQgYfx2Ios541q5RkS1VUwFZSrUZdUFRa7yRgowHQMUjI7a7
+ cwcZhAA7vL7lF9gDb/d/2xtnGuSHMaCVotvMIsE2xNrNqicgb2STn+l3PQYySm4dzxak5d9z1nm0d
+ lMYiJA3Njr+G36r298LaqE5s7RutV7PVMMWYSuA469P2VBlkVFF3RCxChnNgCep9uv0wzSKLuRq0p
+ 6E121aee/vvv8sa/wAM/ZzTUeWVP3zpnq62FoWCHaBGG4U9W/V7C3UkeoPskzdaloqvMaRKYSMfGi
+ DNI4Jv8JACm3ube+OfdXhmm5R4x2mfVF7yQ1o0035+XyVRwfw2/E2crFIh8jTkPVN0I6R/Nv2Fz2v
+ t6gKoVQAALADpiHk+TUWRZbHQUEWiJNyTuzt1Zj1J/wDtsTcHQxCJtll8Rr3105kOg4DkF//Z
+mail: lisa.simpson@example.com
+o: The Simpsons
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: top
+objectClass: shadowAccount
+roomNumber: 45
+sn: Simpson
+telephoneNumber: +15551234567
+uid: lisa
+uidNumber: 1002
+userPassword:: YnJhaW5z
+
+# Maggie Simpson, People, Simpsons
+dn: cn=Maggie Simpson,ou=People,o=Simpsons
+cn: Maggie Simpson
+gidNumber: 1000
+givenName: Maggie
+homeDirectory: /home/users/simpsons/maggie
+jpegPhoto:: /9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAoHBwgHBgoICAgLCgoLDhgQDg0NDh0VFh
+ EYIx8lJCIfIiEmKzcvJik0KSEiMEExNDk7Pj4+JS5ESUM8SDc9Pjv/2wBDAQoLCw4NDhwQEBw7KCI
+ oOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozv/wAARCABm
+ AE0DASIAAhEBAxEB/8QAGwAAAgIDAQAAAAAAAAAAAAAAAAUEBgIDBwH/xAA8EAACAQMDAgUCBAIGC
+ wAAAAABAgMABBEFEiExQQYTUWFxIoEUMpGhQoIHFRYkkqIjM0NEUlVicpSx0//EABoBAAIDAQEAAA
+ AAAAAAAAAAAAUGAgMEAAH/xAAwEQACAgIABAMGBQUAAAAAAAABAgADBBEFEiExE1GBIjJBcbHBFBV
+ SYfAjkaHR8f/aAAwDAQACEQMRAD8A7LRRRXToUV4x2qWwTgZwOpqtx+Jb+4iSaGwthHIoZd9y27BG
+ ecIRWbIyqccA2trcmlbP7ojHXNRlsooYbZlFxcPhWYZ2KBlmx37D5YfBh2mvzwsE1JIzGf8AeYgVC
+ /8Acpzge4J9wBUCaa5vb03d0kUZEYjSONywAySTkgdfp7fw+9FK+XxyxcrdB2g/z95vrxQa/b7zPU
+ btdZuN3W0hYiEA/nYEgyZHx9JHTk9xhppGrB4GgvplWeDYDI5C+aGOFb0yTkY9fYiqjePcJqzLHO8
+ QSGNo1z9B5cNlehHC+/oRSm71FtTjnaXylKWrmONDkxucqVY92BwO2M9O9GOHUZ9ty5TEeFYD8fd1
+ vQ+fy9YKys7GqDUgHnUj4d9zrlFUya61O2gZodTumlOFRX8tgzk4Ucr3JA7detXJc7RuxnHOK2Yeb
+ VmKWr3oec0WVNWdNPaKKK2yqFUuNEgnurSMhktp2RCvTacMAPgNt/lpjrt1cy3psJQ0NswBXbn+8c
+ cjd0AHOV6nGenWEiJGgSNFRFGAqjAH2pR4/mVtrHCnYO9/zvCOJWR7e+k9rF3SNNzsFXIGScDk4FZ
+ UQ24vtQt7F/8AVSB3mGcbo1ABH3LKPjNLmNQ2RctS9zNruEUsYuv3sZ72G2kuxBchXZGWRQwXIDDn
+ 147fw+1ZrLpsNvbBljihA3wmVdoXaAM5bocH5xn3q2WL6NdJd6fYi0kW1k8q4giVdqPgHBUcZxj9P
+ aoCQabod/ezzQosNvbfiVkKljAgzuVRyQOMgD1x2FNbcCsKLX4x5Rvp5b8huDRkIGLhBsxNHci4e1
+ vbOaF1jlbasgysrDcvBB7YJHXoD2q26VfnUrFbkw+USWXAbcDgkZBwMjjg4FKNQs9N1Iadq9ugMd0
+ 6b2RdjXEUi8A5GepUnodoYeoqxIqogVVCqowABgAUR4fg2YfMhfa/Aa+squtFmjrrPaKKKKyiQ9W/
+ BjTJ3v4hJAi7mXGTkdMf9WemOc4qsQCRYEExzJj6uc49s9/njPXA6VZtV0/+srLyBN5TB1kVtu4ZU
+ gjI4yMgdxVdu7a9065giuTbyJMWCvGWU5Az+U5x/iNLXH8e61VZF9ldknpubsR1UkE9TItzqMFtOk
+ LBmdiBhSvGenUjJ9hk+3SpOZIporiAgTQtuXPQ5GCp9iP3we1Lbq3Ftei6UW5aVxtM03lkNgKQDg7
+ gQoyvt+jGNXWJVkcO4H1MFxk/FKisaStlZ0R9Zv1zbVoyj8RpGGJ0i4WVzl/LMZVmwBnduBPAHJGc
+ DpSW7vwb+S5uLuWC6kUKUtWdtiDkKdozjLE5IGSeMdKX+LNSm03RS1u5jlnlESuvVcgkn9FIz71zS
+ 3vHs9Tingl8uSJwyFcYz3B7nPQ/PzTFXlZmdVsty68uhPrL8XhIsQ2Kf2G/P+fGd50L8RqUEV/fTC
+ XymdYBt2kYJXc4/wCPGRjAxzwMmndJfCM0Vz4btbqLd/eN0rhh0csdw+AcgfFOqaqubw15u+hF1xp
+ iIUUUVZIwqFqemRanFEkkkkRik3o8ZAIOCp6gjoxqbRUWUMCrDYM9B11EqHibT7bTrG3gtkI/GSmK
+ 4kZy0kibGbaXJztJA4Bx26E0lFxqCDC3quPWaAMf1Ur+9N/Fk5l1uGD+G3t9/XqXYj9hH/mpFcyOP
+ KiiOJJXwDjOFHLH9OPkiiFXDsS+gC6sEDt07fKLmdn5FWURS5HQb+v3kfVoZrqwuFurkPG+HkzHjy
+ wvO5ADwQM8HOelTrb+iCNJm8/W3aHdlVjtwrAZOeSTz9vtWFxH51tLFjO9GXHrkYroWl3P4zS7W53
+ hzLCrFh3JHP71nyuHY2OR4SAA/aFuC8XzSjr4h/7MrCxt9NsYbK1j8uCBAiL14Hqe59+9SKKKpmwn
+ fUwooorp0Kj397Fp1jNdzZ2RLuIHVvQD1JOAPc1Iqs+OJpVsbSCIZMk5bBPDbUZgD/NtP2qaLzMFl
+ V1nh1s/kJWpLy41DVr65uAoZmQBU/KgC/lz3xnr79hgDRF/pb+eQ/7HbEo9MgOT99yj+Wi1bRliL3
+ 1sHnk82R3mhVmwmQT9OdvCEAAknaepr2yj8lHjAkKq3EkoIeTjq2STngDP7DoNPDuJrlWtQtbKF7E
+ joepHp6mLnEMFqUF7uGLd9en9/QSTT3wfcsl5d2JYbGVZ0BPckq+P0U/Le9IqbeEkR9cnkZ9rxW+1
+ FPBbcwLEeoG1Bx0J56iiOaAaTuUcKJGUAP3lyooooFG+FFa5p4baJpp5UijXq7sFUfc0qbxZoqkgX
+ TyY6GOCRw3wQuD9q9Ck9hIs6r7x1HDMFBLEAepNc/1G+k1LUp55GJSOV4oV7IqttOPclck/A7Csta
+ vl1u+MjIWtIwFhjmTGT/ExU9DzjnsvvUUKqqFUBVAwAOABRbExiv8AUaLfEs8WA019t9/OaXsrdwQ
+ YwNxJbBIznIIOOxycjpyfWt9FFEAiqdgQMXZhomRpGaK/hO47JlaMjPG4DcD+gf8Ab2rc1w1kUvUO
+ GtWE2R6Lyw+65H3rXNG8lzbsB9EbM5Oe+0qB/mJ+1biMgg96iV5gVPxklcoyuO4/3OkA5AINe1UtF
+ 8SfgoYLK/jVYI1EaXKHAUAYG8Hp0/MDjuQoq2jnkGl2ytqzphHem+u5eas7ErfiDw/falfpdW0kEw
+ VAqxXDlBEeclSFbrnnjPHXtSLU9M1LSbdbi9itdjPsHlXDOc4J6FB6HvRRWmi6xQFB6TBl4lLsXYd
+ fmZX38UWEbsjx3G5Tg4RSM/4q3W2uW94GMEUmF67wF/8ARNFFEDa4HeA66ay+iJjceIbS0k8uaObd
+ jP0KCP3IqZot5/aG7NrpyYkAyTcHYAPtuz+1FFRe5whIMsqx62vCEdNyzJ4OuTGWk1VVk9Et/oHzl
+ sn7EfasP7H3v/Nbf/wm/wDrRRQ38Td+qMH5fi/oE2w+DBJlb7UWljPDRwwiMMO4JJY889CPtVoUBV
+ CgYAGAKKKqexnO2O5oqorpGqxqf//Z
+mail: maggie.simpson@example.com
+o: The Simpsons
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: top
+objectClass: shadowAccount
+roomNumber: 45
+sn: Simpson
+telephoneNumber: +15551234567
+uid: maggie
+uidNumber: 1003
+userPassword:: ZHVtbXk=
+
+# Marge Simpson, People, Simpsons
+dn: cn=Marge Simpson,ou=People,o=Simpsons
+gidNumber: 1000
+givenName: Marg
+homeDirectory: /home/users/simpsons/marg
+mail: marg.simpson@example.com
+o: The Simpsons
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: top
+objectClass: shadowAccount
+roomNumber: 45
+sn: Simpson
+telephoneNumber: +15551234567
+uid: marg
+uidNumber: 1004
+userPassword:: Ymx1ZWhhaXI=
+cn: Marge Simpson
+jpegPhoto:: R0lGODlhhABwAIcAAAAAAAICBQIEAgUFAQUFBAICCwYICw4EBAsJAgkJCAgJDQ4NCA
+ 0NDQECEgEDGwsMEA4QDhMEAhILAhANARANBBYODhwCARoJARMQAhIQBBURARQRBBcVAhIQCBEQDRQ
+ SDhgSABkUARwTARwVAB0YARISERsbGwIEIgIEKgEENAAEPAQINAQIOiMBASwCAiIbATUDAz0CAicg
+ AiogASsjBCskAS0jAS0kAS4oBTEnATQqAjkuATswAz0xATwxBj80BCIiIikpKS8vLzQ0NDk5OT09P
+ QIFQwEGTAQJRAMITQEFUQEGWwMIUwMIWgIIYwIIbAAGcQAGfwEIdAEIfEICAksBAVIBAV8AAEAzAU
+ E1AUU2AUU3BEU4AUw8AVA+AWEBAWsCAnIBAXwBAU5ABFRDAlhGAVxHAltJAWFNAWBNBGJQBGVRAmp
+ UAW1YAW1YBHFZAHFaBHFcAnRaAnVdAXVeBHleAHdgAntiAURERElJSU1NTVJSUllZWV1dXWFhYWVl
+ ZWxsbHJycnV1dXt7ewAIg4QBAYwBAZIAAJsCAqICAqsCArQDA7sCAoFlAYRpAohqAIptAIxuAo1wA
+ pN0AZZ5Bph3AJp7AaB/AYF/f8ECAssBAdMEBNwBAeICAuwBAfIBAf4AAJ6AAqGAAaODBKaCAKSCBK
+ aEAKqGAayHAK2JAbKMAraRAruTAcKZAcOaBMadAMidAMqgAsugBM2hAc6iBM6kAtGlAdOoAdqsAdy
+ uAd6wAOCuAOCxAOK0AOS1AOi3AOm5AO27AO+9AIKCgoWFhYuLi42NjZKSkpycnIyapI6cpZCdp5Gf
+ qJajrJyosKOjo6qqqqWwt6WwuK23vrS0tLm5ub6+vrnCyLzEysPDw8DHzcjIyM3NzcTL0MXM0cjO0
+ 8nQ1NPT09DW2tfb39fc39jY2N3d3dzg497i5d/k5uHh4eDj5uDk5uXl5eHl6OTn6eXo6ufq7Onp6e
+ rs7uzs7Ovt8O3u8O3w8fHx8fHz9PP19vX19ff4+Pn5+f39/QAAACH5BAAAAP8ALAAAAACEAHAAAAj
+ /AAEIHEiwoMGDCBMqXMiwocOHDf1JnEixosWL/p41mEKoo8ePIEOKHEmyZEgUgzCqXIlRIMuXF/2g
+ MEmzpk2TUhjQg8nzosuePPGVcHKzqNGaKI4BXervJ9OV+BJwPEq1qkcmeJ72dKr1IjUHVsNSlVKiX
+ 9eXXM9SDKRCrNuiAdqpXZl2rr8hTqK83WsygDm7LQEAnhh1Kt/DIQuoG2yxrlp1CRBL/igFwj7GFR
+ 2fpUdA72TJTYZgziwYM5AnnyWnSDl6ouazgNqmPtwAU2vXpRlzK2B4ttsnBrLdbpqbsR7Zvt8eEX3
+ 79Vl1D1Anf9vAWvPijJE1kDLdrZE/14cD/zrRu/tRJ8xHO1fbb08K81ahmDCrHjvmPUbgV5VPH/P6
+ s/IYwJ1+56Xnn32DPXMCgVSpAEh4t/mRH4NFRdGAcK391xURS1BY1BQFWJchgoCd5mFRShDRH2Maa
+ gUEFASWZ1MD1KwIWItPEUHUYZ6NJMUJDTRx1BFFjDicH0ccxkIDKjjR2xRNpIDAHars0IARO340xY
+ AgRVFAOfUN9wxYb0WRAg6rtEEDAgU00EAAGGTxSC7C1NlKGzMQcAIKKqSAQgAThpTCMGHeJo8CXFr
+ 1Ixe81CnML7rwImkwjlZaJy6rWFJJJS+gIGNHSxBRaITIVdVEA3MAY+mqrK7aSxsJpP9whBNQ9DgF
+ AZexSCJg5iBKVRROOHADK5be4kiryFaaCyRk7DDBEj0W8Jeuw0k0yEw2PcGEESgUkIMlqlrKSwisU
+ Josq77QEO4dbU2BWgPcHFitP/sAoYRNSbwghyW1OErLqpPoYO65q4ZgS52pLNgECl7KRW215ghokx
+ M5WArMC6lY/C3BrNqwSp3AhOCEESo8AQQ/8lZLzAo3UbzqKS/0UikvdIRwxx2SpEInxy/EEu4lDTj
+ AxAnGjHobHkJO3AOrZmwBDDCWYJGAEHsEEggfQyywwyThWqpLJFyMEAABE+jgxiyhDFDAHjbahaNW
+ JiRqUhJlsAqMFlu8MAQyO1X/hA80RJAgSqW/1LFAHsiYs08/7VADSAlaJGAMffs47PaugJUgd0kpQ
+ MLqL2iYAM1L1Jhwxi/B2GIDHuFgRI8gDIwu0TB5DPb2Uyba5ACxFo9BhOUs0ZPHD7SMMEjbFVVTwj
+ P+ZFNCvDdibhceTNgkhQaqRiKJuW0QgQ9Q/RSBAGsvZcPAMyUg8/BwxLxX0xFn1AmLDjukokoJwPN
+ EjwnM80QMAEpZ323CUYAelaQB5apTMCZxgwGo7ynQOBlP9mECaqSsWkW4l0mcQIKB1YkVJsjVU4JQ
+ I54Mow8TkUcAz3K7p1SjAQYUCYhUIYyu1eFBXRkECnmSjRBa4w8M2IMI/7XSwqfgIVAkaYIOgIEDO
+ TRKC/3TSjWC0BN5CIABQABE6+ZSRKaUIzo0KcAtZlEGDLAhBBiqCD2mxZJylOAi0DhG3wgDAOhFb1
+ 4TKYYDYniSwQkjFnJAQBonUg0GAACHK3GjRYwhECFUxBwMQF5XusgUamzEJCpwxMCwIDuK8EEgAvj
+ eSqxBxYrsAZSilAg0DHQ5PEpED0mgiQrqUCk4BMIixxCIqFgyDD5YxHkCEERF+GAbAQ4HHwzYnKCO
+ 5ShWAKFt1UBGKlUihChSBB/5gyQb74jHbJDJJCjwowJn0MmlVAMAxNhGO+iBj8VdpB94QKTtpAeYZ
+ 2DLJAWIhaVOAf+E/MEEH0FwgxdkgAEMaCABWNwDNPoDCCFMk5vzOob7SvIEDnRNgWXIgyQx0h4vuC
+ oXrHiEDPDATj4EYTFGGw4y7kmSI6DBgyDzgR7myJJ98GEHvkjWL8hQBBPUEULz2kYDaOIAGrKqF2Q
+ AwiAxsg0haCGn57rFAFBBhmKm9Db7KAGMRCIFJahgAKmAKqsmsYE8lLAi/bDGHjYAiYsmCwC9aAX+
+ jOTKP7BAJCyYgBkewQYddAGmM3NEDUoQz2EMIxB5KIEM7oALjtUpFwhQlRryMESIzqtXckvBD3amQ
+ I7VghJ3iIMc7mAJWQQDsMlqBBlApgMhXhCPw/gmIZ4wgkb/Ofa2jk1FCPpVJ190YQjb5CI9BwPPia
+ agEZTKhStUwVvcOlcYwWDFGULwsUoFgw4mWCoLhzsYegCheoTYnTDsgAAE6AANzyUYMObwhjeQQQc
+ aeAEddNEqSnxAu0Tk7mD4oMEG6PMXqRBYejlmiUlMohKqONi5KGEClKqFklrZgwbFK4xcbKAWqB2w
+ huvUhj200pUT4W9HUnAHR5niFhne8IB1kYHgPgXCT2FLR55Agl6kWMUqzkI58wviiazUIyvYgswUm
+ Ipf4PjIObDgg/ULGHXwBsgaQMMb0kACHcziyCqeBBAe+mImAyYPSIRCEpBghIphWcO5OIMJ7LjdHk
+ +E/xsKyJJHpBCCM6f3F42ggB/kYdkeP8MASuhNEzTAsV5gwchnxsUdQoCHbRizx9kgQgFO4KcGAAE
+ AvrixMB4xBizzIhReWMAeHP1aN0vEHHFExjb2IYAhI2sXEyDAC7rQBkkk2K3ICkYsRPEGHSSgCMfw
+ Z59NXZF9wPVca0jDL14RijuUQQckmAAGasCDLpChDe1tLxm60IMXLMAERRgENfhcLRgzhtWu/hwPO
+ FspX+CCFawghYENnAUiHOMZ1QgHTfFo7u4iQKxYPgUr3dxvXoHAznVaxcB7XHC7bOMFmn5uI3ZIbO
+ JUHCPU6EHEcQsLDlTj4hYHuUT6YY52IGO1WP/2xRw6sMKKN1wrEbTAAUywho0TjBc50AOYRP5yplQ
+ jAowAxSdgEAksl8GXIpdIz5eSh0SA4ukxyBiObeEBcid96UAJgiaeDooI/AvHkPBw0pXu5fsUYhEx
+ OAAAtFDdDZOh5TwvO2O2QYAWKOITnkBECyxxWg33AA+CwK+psd6TarTAE1wHBScugGLo2rxSLxBDG
+ Czwh426kvA8+UMhEv/0L0iCFDxAAAWyIHXHgoAToPCEC+A+eLkPRg9O57wYOGB3T3QiERbwnKN64V
+ ZdpIIUtjj90xVRJJBjHiaDAAPnQUGFwye+ExZ4BTAa8YIETKALr6CUIxAQgypEAACoB0X/Jkp58eO
+ /RB0MWETiEQEARCy/EGjwAhW27glDSIAVjXBB+D/xhSo8XQwU53KuBxjWgAEhYAWIcAgxIAMIsAnL
+ lwkCQAWctwgvQAHhx3UuoAiHUAFbVH4DOBf7Iwq8MAlrwAaW8As4kAnLpwgAoIKc5wISyHmFQACNd
+ nUfqBZ9ED+rQgfKx3lWAH7LZwUxmHiH4AdjF3LERg0hYFuWkgsi4H5cVwgv8AOxl3gWEAGIl3hVwA
+ CkFncVtz+ogCywIAMwIHkukAO2oAoWcIGgEAZccAZX8AlchwgjIAlBUFnEZn4Y4QcohyzAcAqN4Ah
+ GJQyQEAFiwAiJEAM4kAu/0AUu/yAGhlAFJKABvsAF5OOBxJYNGMBuuOUKbGBtlWAuwbAKdfAGJ0gD
+ q2ALFMBmeXiDTNEPQjAJj5dec+AGwuAIKmJ8rrgUx2BmCGcprCADwcBErMdwu9gT9FACvPOLlvICH
+ 9MKH+BgredmgWAGzMgqcNAGlMIGYteKPWYOC6Bg11gpsQACquILIaBk0whifsAGs6hiPWAJdXIJQI
+ CH/HaML1EOFNBY47gqo5AD5tIDxOCNrtQHb9CPrVIDplAnr+ABwlZu+LgS5kABnIiQdVIKMoBoa2C
+ EBBeRKhEI6GWRqxIMclInurABrDgveohM+iSSq/IKGIALlNIIGmWMeGQMWizwjnbWBnUjDL7AASJy
+ eR55EUEQhi6JLiMACf0SCbsklBDxlFAZlVI5lVIZEAA7
+
+# search result
+search: 2
+result: 0 Success
+
+# numResponses: 10
+# numEntries: 9
--- a/doc/ldif-example-com
+++ b/doc/ldif-example-com
@@ -0,0 +1,588 @@
+# extended LDIF
+#
+# LDAPv3
+# base <dc=example,dc=com> with scope subtree
+# filter: (objectclass=*)
+# requesting: ALL
+#
+
+# example.com
+dn: dc=example,dc=com
+dc: example
+objectClass: dNSDomain
+
+# AU, example.com
+dn: c=AU,dc=example,dc=com
+c: AU
+objectClass: country
+objectClass: top
+description: Australia
+
+# DE, example.com
+dn: c=DE,dc=example,dc=com
+c: DE
+objectClass: country
+objectClass: top
+description: Germany
+
+# GB, example.com
+dn: c=GB,dc=example,dc=com
+c: GB
+objectClass: country
+objectClass: top
+description: Great Britain
+
+# FR, example.com
+dn: c=FR,dc=example,dc=com
+c: FR
+objectClass: country
+objectClass: top
+description: France
+
+# NO, example.com
+dn: c=NO,dc=example,dc=com
+c: NO
+description: Norway
+objectClass: country
+objectClass: top
+
+# SE, example.com
+dn: c=SE,dc=example,dc=com
+c: SE
+objectClass: country
+objectClass: top
+
+# US, example.com
+dn: c=US,dc=example,dc=com
+c: US
+description: United States of America
+objectClass: country
+objectClass: top
+
+# RU, example.com
+dn: c=RU,dc=example,dc=com
+c: RU
+objectClass: country
+objectClass: top
+
+# \D0\A7\D0\B5\D0\BB\D0\BE\D0\B2\D0\B5\D0\BA\D0\B8, RU, example.com
+dn:: Y2490KfQtdC70L7QstC10LrQuCxjPVJVLGRjPWV4YW1wbGUsZGM9Y29t
+cn:: 0KfQtdC70L7QstC10LrQuA==
+objectClass: inetOrgPerson
+objectClass: top
+sn:: 0KfQtdC70L7QstC10LrQuA==
+
+# \D0\94\D0\B5\D0\B4 \D0\9B\D0\BE\D0\B3\D0\BE\D0\BF\D0\B5\D0\B4, \D0\A7\D0\B5
+ \D0\BB\D0\BE\D0\B2\D0\B5\D0\BA\D0\B8, RU, example.com
+dn:: Y2490JTQtdC0INCb0L7Qs9C+0L/QtdC0LGNuPdCn0LXQu9C+0LLQtdC60LgsYz1SVSxkYz1le
+ GFtcGxlLGRjPWNvbQ==
+cn:: 0JTQtdC0INCb0L7Qs9C+0L/QtdC0
+givenName:: 0JTQtdC0
+jpegPhoto:: /9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAMCAgMCAgMDAwMEAwMEBQgFBQQEBQoHBw
+ YIDAoMDAsKCwsNDhIQDQ4RDgsLEBYQERMUFRUVDA8XGBYUGBIUFRT/2wBDAQMEBAUEBQkFBQkUDQs
+ NFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBT/wAARCAAw
+ AEADASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEA
+ wUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKS
+ o0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqK
+ jpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QA
+ HwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEB
+ SExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSE
+ lKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba
+ 3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD9A/gj
+ 8Nx8IvhN4V8KPKsr6PpkNnJIv3WZV+Y/QnNc/wCINDutR1Q/Mux2yxHTFeTaP+17d+IfDN94w02OD
+ W/ANsF+0apZKZHtHOMxyKPmDDK8Ed69G8IfEHR/ij4aTxD4cv4760VMkxEjacdGBAKn2IoA5Txn4K
+ uIzO0v+rToyDjmvlL486HBb2jhdzEdNvrzXtvxB+NsNjeXdpFM7JFlQpbv6GvlD4qfE6/1Ca4nktW
+ kgI24Tkd+goA+b/ESSRXkoJIwejCuWuZFfOQAfUV1HiC9vNVuGmj064RJOjvC4HHpxXGXwntZT50T
+ p6FlIoAy9UQLE5A7VzDJ5h/Guj1aUi1ZvXisTyTGuDwR1oA/cX/gnT8CPFfwl/Z21nR/Gugpo9/rO
+ pSXS6df7XdrdoUQCZATtJKt8p5xjPWvefh98HdE8D3d3qcNnb2lzPGYXisVaO2EI6IIySOPWvRulY
+ XjjWYvD/hLVdQmfy4oLd3ZvQAUAfjx+0H42kHxR8TLajybdb2VY4lPAAY4FefeGbx9Q1yzlu7f+0r
+ bdmSEt8x9QAeK1PiQi614n1LUlbi4neXn3Ymud0m9l0G6jlVC6E5OOoPqKAIPFPhq88O+Mr7V9J1i
+ /trC4kMyWaiRHyf4Sn3BjpnJGKpT6yNe0lk1W0jN2DgTBAN49T716NqOrXXiC1807dm3rIcV5j4mb
+ 7KrZYbsHkUAeW+JIEt7hIYwCqtvwPb/ACKwXBySec1v39nPc3DTshCNwmR1HrVGfT2jIJHFAH9Gkf
+ xQspdds7KKOWaGZtr3CITHEMcMzdAM4/OuR/aP1qLXPhtqOiaVdQzXV4hQ/PhQMcknFeXeAdRnSzR
+ xG88UxGx9mVJPTnHGcGuk1+4h1LSnijRHkYlVjk4kVvQHHrQB+f8A4m/Zy8Y380kOnapokEZGS91c
+ vk+wAQ1zq/svfEC5/cp4i0O2KHaR5UzsT/3yM19ea9aW8R3y3ElndKSWhdBtkB6HBxj6g1w+tarcx
+ RRXLxS3mmxuE3ohCA9SNwwwP1oA8Ksv2WvHGAl143s40xjba6cznn/eYVFrX7LRuYUjbxa817nkTW
+ B2MPqrEj9a9jXxZqt4DEkqoVb93DKN3b+8MEHjjI9Kq6j421mwSNL64ESSqytuYOj+gYdvqKAPAvF
+ /wOv9EtR5z2tyEG3fDuX9GUYryPXfB15axs62ryxhtu+Ebxn6rmvpXW9cilF00+piYDO17cOVK9Mc
+ 9vqO1eQ+LNVSOd3g3NAvJMmUJ+vP9aAP/9k=
+objectClass: inetOrgPerson
+objectClass: top
+sn:: 0JvQvtCz0L7Qv9C10LQ=
+
+# IT, example.com
+dn: c=IT,dc=example,dc=com
+c: IT
+objectClass: country
+objectClass: top
+
+# ES, example.com
+dn: c=ES,dc=example,dc=com
+c: ES
+objectClass: country
+objectClass: top
+
+# Simpsons, US, example.com
+dn: o=Simpsons,c=US,dc=example,dc=com
+o: Simpsons
+objectClass: organization
+objectClass: top
+
+# People, Simpsons, US, example.com
+dn: ou=People,o=Simpsons,c=US,dc=example,dc=com
+objectClass: organizationalUnit
+objectClass: top
+ou: People
+
+# Bart Simpson, People, Simpsons, US, example.com
+dn: cn=Bart Simpson,ou=People,o=Simpsons,c=US,dc=example,dc=com
+cn: Bart Simpson
+gidNumber: 1000
+givenName: Bart
+homeDirectory: /home/users/simpsons/bart
+jpegPhoto:: /9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw
+ 8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRw
+ hMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAB1
+ AEEDASIAAhEBAxEB/8QAHAAAAgIDAQEAAAAAAAAAAAAAAAcFBgIDBAEI/8QARxAAAgEDAwIEAgQIC
+ A8AAAAAAQIDAAQRBRIhBjETQVFxImEUgYKRBxUzQlOhscIWUnKSk8HS4RcjJTI2Q1RVYnSistHw8f
+ /EABsBAAEFAQEAAAAAAAAAAAAAAAUAAgMEBgEH/8QAMBEAAQMCAwUHAwUAAAAAAAAAAQACAwQRBSE
+ xBhJBUXETYaGxwdHwFCKBMkJSkeH/2gAMAwEAAhEDEQA/AH/RRRSSRUFrWs3FnJPaW9rIZDbho51I
+ O12LAfCe4BUE+44qdqv9QIV1HT5/zSssPuTtYfqRqoYnNJBSPli1aL+/gpImhzwCow3GtM/iC+USQ
+ gJCTyko5JMijAycgcdtuRjJFcx06UxmI3szRA+JGHO5lm/SZz34yB6knz4kKK83fjFc/WQ/Le3nzK
+ JCCMcFG/iuVZTLHeOkpxLuC8fSP0xGeT5EeY47V36Ml3b63bwfTppLY+I4iY9vhGcn84ljn5ZrOtm
+ m/wCkNt/y8v7UohguIVUldHG+QkE5+foo542CMkBWiiiivR0NRRRRSSRUL1IMWtpMe0V0uftBk/aw
+ qaqI6mH+QpW8o5YpD7LIpP6hVWuZ2lNIzm0+Scw2cCoqtaSvMC1vbXE6Du8cZ2/UTwfqzWNyFaJVd
+ tsTSIshzj4CwDc+XGeasNrFqkesXXiyWf4p8KNbWKNCJUYZ3bj2x2xisJgWCxV7HSSuIANrBEJ5zG
+ QAq8LqJuBv3htpj2Nvz6bMbs457dqytbpItcsWw6vuaJo3RkfDDg7SASMgc+/pUvcNDD1daMCivJZ
+ TCU8AkK8ezP8AOfHua5r5NQZzPerZgxajD+Lmt9xfw2ZVffnzIMgOOMe1H6TZqKmmbMyQ3ab6DTl/
+ vgq76ovbukKxUUUVplVRRRRSSRUJ1VMy6M1sqFjdkwcYyAUZjjJAzhcDJxkipuozqKOOXpvUxIiso
+ tpGGRnBCkg+4IBqKdrnxOa02JBz5LrTY3KrljM97p0Us9vJEZUy0UyjcAfIgEjt/wCjtXXDc39tH4
+ cF4TGOAsqByo9AeD9+a0tugtwIotxGAEBx54/vrFryCP8AKv4XzkG0feeK8np6uop3F1O4tvy9kXc
+ xrhZyxlt0eQzTxG7nbhpJApbHpzgAfIcV5pkBh1jTi+5EN05ig35WIeC/YdgTgnj1rxdU098bL62f
+ PbbKpz9xrrtbe4vr21eGCZEhmWQzSIUAA7gA4LZBI44570Twl1a+ta+zjcjeOel+PBRTBgYQrZRRR
+ XpSGLm1C8FhZSXBXeVwFXONzEgKM+XJFVqWS8uhm6vpyTztgcwqvyG0g49yasmpWS6jYSWxcxlsFX
+ AztZSGU488EA4qoXOoLptwbXVMW86pvLjJjK8jdu/NHB/zsHg+9ZbaR9exrXU5IZxtrfvtnZWqbs8
+ 9/VR+vWi3mi3UX0+/WSKNpUQ3bk7lUkZDE5GfqqjDqbXbbTZrSLVJ2tpEKyRy4kypGCAWBI49DTPH
+ 0e/tEcqk0EqhhuAYEEUrupbBdL1uWzgRhFIN8ZOcKvGRnzwT29qDYTiE73Oje9xPeb9VpMLZTvLoZ
+ Wg30y4q3WXXVjLGPpcMsD45KDep9sc/qrHUus9NMCrBHPcIXXxVXMZMefiAPfOP/oqhgAAAdhXtSR
+ 4bTslEgGhvbgizsEp3HU9L/CnZpvXXTN9cQ2dpe7XchIla3eNTngAEqB8hVnr5ptFZkjjQkMG2KQc
+ HIOB9dOyG9vrEAwzPcRr3hnbcSPk55B9yR7dxoTjkMLwyoyvx4flZfE8JFKW9kbgjirVRVZ/h/wBO
+ /wC2N/RN/wCKKNdozmEEsV3ah1ToulySJd3yq0f5TZG0mz+VtB2/XVG1K7TXby6uYnDwXNyIELcZi
+ j4ZcH1Kycf8RqJ8O4SG2ytyskQUSyCdUWKQNmbxgeWzz288+uR7o2wWFiI1Kx/jG52KfJd02B8uMc
+ eVBsbkd9OAOfoT6LjxYKU0W91CadIILCZ7aKF2YoN3iSu+U/kggMeeBkZxxms9VXEsustBOgWa2yj
+ kMDyVXI44425482I8qYf4PWY2tyHYs5it3JPc5Qj900prqZ7m9uJ5PyksryNn1LEn9tD2UEEEQnYP
+ ufr5laXZxpmqN537B4nLyWqiiimrbrZaNHBfwTvnYjhmwxGD5Nx/FOGx54x503JpvAtd65mfAWMcZ
+ kY8KOOOTik/TS6GnXwtPN+rBjb7LUupwCGYcHsCU24J7jt3NVKiibWTRRvdYXPv6WWY2gjEYE410+
+ eq0f4Mrn/eMf8AR0UyKK2P0sH8QsZvu5qOvdB0fUpvGvtLsrmXj45oFc8duSKX19DHbas0ESLHHFq
+ LhVUYCgoxwB9qmlSv1klNd1TP+r1OL/qji/t0OxwXph19CmO0Ux0E2Lq/i/iW8Kj7LzKf2CqV1/08
+ NG6mM1rKEt78GZYcZEbDAcY8gSQRz5txxVv6KfZrkyfpYpyfsT8f99ZdddI6vruoxX2nvbyJHAIzB
+ K5RshmJKnBBzkDBx271dwdsMtOwTC7c/MqOWeqgiL6RxD+Fj3/0ehSlK3APAib55K/1GvNtyT2iUe
+ u4t/UKmYuntbmjWRdLk2sPOaL+3Wy36K1S+mneVo4PD2xiGSZhzjJPwZBBDAefY1NM/Z6H7nSN6Bx
+ PgCSo48d2okG5vHrut9QAoXT9PXWdcs9Iadne6lEblB8MSnkkj1wDgHPtin1pvT0dleNczSidwFEY
+ ClVUjPxbckbjnvjypadM6JaaLrcGo6prOkWMFhcMqx+MP8Y3h84ztxjxPn2pv211b3sCz2s8c8Ldp
+ I2DKfrFSSxUcpjlgaN0C7Tbn8GqdTS1jw51Y4l5OdzfLyHHILdRRRTlOln1BrN/eX1ztu0treOeSF
+ FkvWtY1EeQSzrzuYqcZ4xjjuartjKxXUVeeaY/SrW5DTuXkCsI8BiSSSAh+6mRrPRtvqd1JcwzJDJ
+ KQzrLAJULYxuAJBDYA88fLNVTW+mG0OXYl1LcvqNs8bzSgDMyZZAABxwzn2X0FC8VjLqZx5EHx9kn
+ Wsu3ptzB1ZGD2czQr9pEk/cNMSlrY3am/wBHvowSpnDAeZDRsv736qYcN3FMm7cF5xgsKZgj96lse
+ BIXG6KtahbHRp5nk4sJJGkWbyiLHJV/QZJIPbnHHGdEkEF3HuI3K643oxBKn5jnFdHX2rrY9LvAk0
+ Ub6hKtiJXPwxCTO5j7KGNL606zZIAL7p3Rr+Qj4pjEImb5sNrZP3ewqnVbJfWSunp3bpOZFuPdmE5
+ +KxUwDJiuzrC1tBY2F06HdHqBtS8QXxJLfYGYZPDFWBUZ7Zx61ZPwbX802nRwznMjQ/F83jbYT/MM
+ Q+zSt1HUZp7xJpvgtgBFDCJHZLcei7ieCQM9ucfU0/wd2MkEBeRSDDFtbIxiSRt5X3CeFn5kjyrVi
+ mdTUkcUjt5w9tfyhNNVCorHvjH2W15n5dXuiiiq6Korj1PTbfVbJra43AZDI6HDIw7MD6j+48Giiu
+ EAixSUFpPRkWn363Vxevc7HZ44hGERWYEFsZJzgnzAyScZqyLbQoMLEgHtRRTIomRN3WCwSXHqujw
+ aparE2I2Rt6MEVhnBXBVgQwIYgg+vkcGlPrP4lsNdk0u40UNOnJns7l4EPtGd4H30UVM17m/pNkx8
+ bJBZ4B6rXpFjonUGsro8OmTW0uVk+lS3bSlQrBuEwq547nOPQ05bKyt9PtEtrWPZEuSBkkkk5JJPJ
+ JJJJPJJoopOc5xu43SZGyMWYLDuXRRRRTU9f//Z
+mail: bart.simpson@example.com
+o: The Simpsons
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: top
+objectClass: shadowAccount
+roomNumber: 45
+sn: Simpson
+telephoneNumber: +15551234567
+uid: bart
+uidNumber: 1000
+userPassword:: ZWF0bXlzaG9ydHM=
+
+# Homer Simpson, People, Simpsons, US, example.com
+dn: cn=Homer Simpson,ou=People,o=Simpsons,c=US,dc=example,dc=com
+cn: Homer Simpson
+gidNumber: 1000
+givenName: Homer
+homeDirectory: /home/users/simpsons/homer
+jpegPhoto:: /9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAoHBwgHBgoICAgLCgoLDhgQDg0NDh0VFh
+ EYIx8lJCIfIiEmKzcvJik0KSEiMEExNDk7Pj4+JS5ESUM8SDc9Pjv/2wBDAQoLCw4NDhwQEBw7KCI
+ oOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozv/wAARCABP
+ AHIDASIAAhEBAxEB/8QAGwAAAgIDAQAAAAAAAAAAAAAABAUDBgACBwH/xABHEAACAQIEBAEHBgoIB
+ wAAAAABAgMEEQAFEiEGEzFBIhQyNVFhcYEHFlWRk6EVI0JSU2JzdJKyJFSCosHR0uEXJTSkscLT/8
+ QAGgEAAwEBAQEAAAAAAAAAAAAAAgMEBQYBAP/EAC4RAAEEAQMCAwYHAAAAAAAAAAEAAgMRBBIhMQV
+ BE1FhInGhsdHwFBUygZHB4f/aAAwDAQACEQMRAD8AFyDIMnn4foJpsspZJHp0ZmaIEsSOpOGHzbyP
+ 6Io/sVwLw/RyPw7lzCvqkvTIdKlLDbtdMMHo2jRnfM6tVUEsS0dgB1PmYQTvyqQNuEBX5RkNDBzDk
+ 9EzNcKDEoGwJJJtsAASevsBJAwD+CqaNVkk4fotDMFGqlVASTYC+tmW52uV6kXtiw0fC8mZaKnMay
+ sEFrxU5ZVaxsbsQoIJsNhYjueoDZ+GcskjKMlSQbX/AKbNv/fxkS9axon6Nz7k0QOcLpVyDIcgqII
+ 5o8ppCkihlvAt7EXxv828j+iKP7FcE1mRTZWyGLMqw0TMEAuhaFj0udO6k7XO4Nut9vBQyAg/hGsP
+ sJj/ANGNCDIZkM1xmwhLNJohQDhvI7j/AJRR2v8AoRgTK+H8mlyynkkyqkZmS5JhFzgx8vmmzVpml
+ ZY2A0sjAMlrWAFvWCd7jfp3xDlNFI2VUxGYVa3ToDHYf3MPv1QVvwpPm3kf0RR/YriGpyXIKQJrya
+ ncuSAsdOGOwJO3sAP++NswpJeR5PHU1lXPL5lNdPxoBBYGyiy22Jv39oBa0XCsU1NE9XW1EniEscS
+ MY44lP5AGzEWJXxHoeg6Yjyc6HGA8Q/sjbGXcBLU4eyF1DLlVEysAQRCtiD0OPfm3kf0RR/Yrh3Uc
+ L0opzHl1RUZcwWycpy6D+w9xb3W9+E0VJU8ySnqK6rjqISBIqtGVN+jKdG6nt7iOoOAxOoQ5Vhh3H
+ Yr10ZbyFr828j+iKP7FcZ828jv6Io/sVxP5BJ9JVn1x/wCjGeQSX9JVn1x/6MXX6oKHkuL5siRZxW
+ xxqERKiRVUbAAMbDGY9zcac5rlJLWqJBdup8R64zFClXYOG7HhrLbdqaO/8IwbUosghibdZKiFGHr
+ BkW4+I2xXuG2gWDLSdKyrRxKbQg31DbxXuD4T2tYYf1EsUdZQGokEUAqVZ3PYqCyD4sFH3d8RZFiN
+ 1eRVbN6VrG++MwPF5fmUbLldOy7G1TVxtHEp9gNmf4C3txC1TUtTPT6OXmIk8mEexHNtcEG26keO9
+ vNvtcWxwv5fkhrXFlWaVvjMsi+Ftm8fNyatQC5NPJb36Tb77YSxSCaJJR0dQw+Ivh/JT5zBEy1eU8
+ 9dPiainVwR3sraW+AuffisZWwfLICurRpIj1+doBITV7dNr+2+Oj6RjT44eyVtcKeR7XkFpRi+cPf
+ gHKPQ9N+z/wA8HL5w9+Acn9EUv7P/ADxtpXdOMhgU+U1pF5JJWiB/NRCVsPewY/EeoYcYTZDJolra
+ QnzZBMg/VcWP95W+sYc44LqWr8W/V5/Dt8FdFWgUswoz2ARrHmAB/E+CW36Mnr/ZNj7Bqw3wNUGoq
+ JI6Ghfl1VRe0mnVyUFtUhHsuAPWxUdL4HAMoyWeELNr6StBtJFYMoZSCCLgg3Bx73xolHJlk0uWzl
+ TLTPuUFlZWuysB2Fja3axG9r43747/AN6hBsWuG516cr/3mT+Y4zGZ16cr/wB5k/mOMxSpF0XJ4My
+ 8jyU0xhjWSFTJN5KCdAj2DMGueoAvb7sPWq6rKK6gzCpljqIqapEjxxU7Byulg2nxNchSxtbt1HXA
+ HDdbN+Cctp1pyV8nQE9LLpXxX6Wuw29h9VsN6yKpdEko5hFUxEmNje1ypX/2v7wMTvLhZaN1SACFd
+ F4iySWsFWmfxuDFy/IlkUkte9+Xbma+1vuxXxUyM44ourLzRWcm1tMPJMZW/dgpLerVt03wHTV0nE
+ dKlS7OlC6ACJGK85reIkjfSDdQO9iTcWGNxkmWBOWKNOV+hueV/BfT92MuWaeZrSfYIINc/RG2Nov
+ urJNxTlKSmrgr6mqdISvkEMRuxve5UqCrbWuxAF98ULLlr5KTUtXDH421RvRsGRiblTdx0J9Q2thp
+ VytkFDNUUrSrSrGwaBTqEZsdLoD5tmsCBtY3ttvFSQPBEwlbVK7l3Nydz7TubAAXO5tfFkc0sjyHA
+ Bo4KERhvfdRrDmWof06n6/1Q/8A0wHlMOYHKqYrWQKNGwNMT9/Mw4Xzh78A5P6Ipf2f+JxQve68iq
+ ZcqzSlq6ytpyjkwMoj5ZZWtuLub2IU+7VhnPn00jmjiiakqZKw09PLKutJAsml2FrbgK3hNj0Iv1w
+ DWUENcUWoUNGoZWUqDcMLfAjrhhlcco4WYUrO9XolIaR9Tc+7Am5/XuRf145/q8MbXNmIsnb6f76J
+ 0RP6QtoqvM3qp6hkASnKxPRoyuW2u0ikb3udgbXCkWBw0oK9cmrauSooqioWpZWWogTmMqgW5ZXqA
+ DqIsCPEb2N7pchWGKsljRw4VbRL5KEaJLLcO1rhtV7hiSxGod8F1VZNVzSUtHKYY4m0zVCgFtXdUv
+ tcd2N7dAL305+M+WHKHgtHHrx8/ut0bmh7PaKglyc5jmtbnCtLliVZUtEiJrIUW1uW1AMbnYdAB3v
+ hPT+XTcww5jBJCsrJFKabVzFB2a4cA+8AA222wzmySgqY2SqjkqdYIJnneQ/DUTY+7pgakaTS8Mra
+ padzE7Wtqtax+KlT8cdFi+MXudI+77VQCSWgAALieb3GdVwc6mFRJcgWBOo9sZj3OvTlf+8yfzHGY
+ 1lCul8PwxyRZWS6EiihOjWoIIBN7dey9ug62FsWKpaRKWV4VLSLGxQDqWtt9+Kzw/ST+Q0TxzIGlp
+ oGB5SmwCkX3PUDYWG99z6nkkOYKFWOtaWWRxHFGtOl3cmwH+/YXPbCSN1S07IzLq2ngyymjgp6l6e
+ KJUEqQllNhYnbc79duuCRmtAQCtSjk9EQFn/hAv8AdgDJqHMqZKwsyvWrUk1NJJ+LHmrYrtseovbS
+ 9r7dcMvKa1jpGU1ur9Zogv168ZD54Q9zS7ceZr5pzQSAUPX1lO+U1bTJLHGYmS0kRUuWBAAB3JJNr
+ e3EcWsRJzPP0jV77b40zegq5441VklzbmI9JSQ+LljUAzbjfwkguQABsOpuNFDXyJ464xuCVeNqdL
+ owNmU+4gj4YqxHtkYXM4v7pC4kGkwXzh78A5P6Ipf2f+ONZKerkzFSksqRlFGsEaQQb3tq3JNrgjp
+ ffA+U09YcqpiuYaRo2HIU2xXWyHum+DOHzZK6PslVcf2kRj95P14RzQZpZI6atEtTM6xQo0CgM5Nh
+ c9gNyT6gcN8oirMjpZ0zyKaKaSdnafkfiitgq+JCyrso6kYyurxPfikNFmxwjicA/dPB1W+4BxXMv
+ nhosmhernSKzOsjyMFBk1tq69y18PKaspa1NVLUw1C+uGQP/wCMJMyVsqqy70j1UFRUcyAIVBimKn
+ UDqIsDZmB3sS3svhdJcGSujdsT/Xb4qiXiwtZM8hWdYYqWsmdlLjTDoBW9r3kK33I6YhiEktdPVND
+ yFlVByy4Yki41G2wNtIsL+bgZKKtM0lS9aqzzG72hDBR2UE76R2+J6nEnk1df0j/26461kYbv3UpJ
+ XGc69OV/7zJ/McZjzNwRnNcGOphUSXa1rnUcZi1RrpvD80S5dlsrSEaaeGHVp6EgeHzu5tvp29Y3x
+ bMjqYYs7pcyqUYZaqvGlWwAiE7WVfETuLa1uLgE2J3xTeEeJODIKSlbPqvQ0ECRGnFM7c2wG7kCxW
+ 42Xobb32At1R8qnBdTm9M0mYP5HSxOyg0sljI3hG2nsmserx+zAhu9phftQVr4hoKfM6qioQvLqZC
+ XNTH4ZYYksW0t1F2KLbp4j6sJXq6mOkngcKMxhcU+m2zSsQEYD81tSt7AT6jgDL/lG+TnLKmSelzG
+ oUuoQK0MzLGoJOlARZBc9BYdPVjaf5S/k7qM0gzKTMJTUQKVUimlAPWxItYkamtfpqPrxDm4EeVpL
+ uQR/HcL2OUx3SsuQUUGQVs2UBQ3NTyiGoYfjJwCA4durMpI3P5LqOxxWc2qKWXPKmqojrpKhlXnrv
+ G9QAQ6q3S9gnvN7X3tJX/Kd8nOZrEtbV89Ym1IHo5CAbW/N3Fj0OxwJ/xM4FavrYpazmZfWQprjNJ
+ Jp5i3U+HT3UR/wYu0iqQB1G1uvnD34Byf0RS/s/8AE4VScccMU1bJFT5nLUUos0MjwPrAPVWuLki3
+ XuCL7gki5dxvw/T5fBDLWOHRbMOS5t92FaSnhwKt+XGp+cNC9JSGsenDyvEHCaVKlQ2o7X3IAPUk+
+ okXNeIsvjISuMuXSdNNYnLF/UH8xvgxxQuHvlM4MybKXkmrpZK6e8s6JTPctbwxgkW8IsvW17nucb
+ H5VsmqVMsnE8dIzdKePLJJUX2MzAFveNPuw1ooJDjZtX+pybJc2tPUZfR1RYXErRKx94br9Rwi4h4
+ SyemyOsrIRVwSUsLzRFKyXSrqp0nQWK/C3fFYo/lD4AZ5PK2WknU/9Tl0M0AmB7+CzA+sG/axPbeu
+ 484FzClaiqOKc0ejcjmQNASHAN7FjHrtcD8rHxaDuQvASFML9+vfHvfFYp+PMiECLUVzNKoszCF7M
+ Rtq6d+vxxJ8/eHP66/2D/5YVpKp1N81zDOvTlf+8yfzHGYjzOZKnNKueI3jlnd1NrXBYkYzD1Kv/9
+ k=
+mail: homer.simpson@example.com
+o: The Simpsons
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: top
+objectClass: shadowAccount
+roomNumber: 45
+sn: Simpson
+telephoneNumber: +15551234567
+uid: homer
+uidNumber: 1001
+userPassword:: ZWF0bXlzaG9ydHM=
+
+# Lisa Simpson, People, Simpsons, US, example.com
+dn: cn=Lisa Simpson,ou=People,o=Simpsons,c=US,dc=example,dc=com
+cn: Lisa Simpson
+gidNumber: 1000
+givenName: Lisa
+homeDirectory: /home/users/simpsons/lisa
+jpegPhoto:: /9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAoHBwgHBgoICAgLCgoLDhgQDg0NDh0VFh
+ EYIx8lJCIfIiEmKzcvJik0KSEiMEExNDk7Pj4+JS5ESUM8SDc9Pjv/2wBDAQoLCw4NDhwQEBw7KCI
+ oOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozv/wAARCACA
+ AEwDASIAAhEBAxEB/8QAHAAAAQUBAQEAAAAAAAAAAAAABgEDBAUHAAII/8QAORAAAgECBAQEAwYGA
+ QUAAAAAAQIDBBEABRIhBjFBURMUImEycYEHFTNCYqEjUnKCkbEkU4OSsvD/xAAaAQACAwEBAAAAAA
+ AAAAAAAAAEBQADBgIB/8QAMREAAQMCBAMFCAMBAAAAAAAAAQACAwQRBRIhMUFRYROB0eHwBhQicZG
+ hwfEVQrFS/9oADAMBAAIRAxEAPwDZcR66siy+gnrJgxjgjaRgouSAL2Hvh/FNxY1sheO/400MfzBk
+ W/7XxxI/Iwu5C69aLkBe4eKMokYJLVeUc7aapTFv2BawP0JwmdZ4tFGlPRlJayddUY5rGv8A1G9uw
+ /MduVyB07gg8jzHfDUNNT02rwIIodZu3hoF1HubYyp9oJDGRks7nw+iY+5jNvorPJ86ly+daXMKiS
+ amma0dRK12jcn4WP8AKxOx6E25FQCmSWOFC8rqijmzGwH1wDOiSxtHIodHBVlYXBB5gjDPkaTUGNN
+ E7DkzoGb/ACd8eUuOujiyytzEcfFSSkDnXabI8pa2lrY2kpKmKoRWKlopA4B7XHXcYewO8IWCZoB0
+ rBt/2IsEWNRBL20TZLWuAfql725XFvJdhMLhMXLlDvFL1sE1HJFWTRUkpaKRYm0nWd0OoC9jZhz5l
+ cUXlIDMs7oZZV5STO0jD5MxJGCDi+rpxlL5du9ZVL/x41O6spBEh7KrBTfvYC5IBpfna/tjI485zZ
+ QGvNiNRf8AHVMqMAtNx3rsNzCYxEQNGknQyKWA+gI/3hzEWkhrM/qfKZeTSy0soapllUlYxcgKVBG
+ vULkAEACzEg2BR01PJPIGRi5Rb3tYLuXlJK+GVFqIYp43NvFpwVKf1ISdvcE27W3xMxMk4OroZGqq
+ fNhUTmMIY6iEKjAEmwK7r8R3Ibptimp6xoqNGzAiGfxWhlUiwjkufQTy2A58iAD1wXWYfPTgOeBY8
+ lXFMx+gU+jq6zK55ZqNkdZmDSwS7KxAC3DDdTYAciNuXXBPk+cwZvFKY4pIpYHCTRuPhYgG2oXB2I
+ Ox6i9sZ/R5w+aZsmWZe0Ez1DOsU6MGWHSSCZBc9FYrY+q1rDnjR8ty+nyuhjo6cHQlyWY3Z2JuWY9
+ SSSSffGhwb3rIRKfgGg5/r5oKq7O/w7qVhMLhMPkGgrOaCfKMxqcwnZp6WqfU1Ufig7I/ZBc2YbC5
+ 1b3Zm8X3FtWYco8nGxWbMH8sluYUgl2HuEDEe9sDk4kio5RSxr4iRN4SdNQHpHyvYYxeNwRMqAWnV
+ 2pTSke4ssdgnbG17G2JfDs8o++svpZY4swkPmKczLdSDEiBrdQHQggcrjuMCOS00H3h5kVlNOSoK6
+ 9PmD6RqLEHVcMWBVhYbWta2JpzXK6yqjjMskTp64Kk6oQSdv4cmxN/07EdximhlNFUZwC4W102v+l
+ 3K3tWW2WlUgqFo4Vq3jeoEaiVo1IVntuQDyF74AJaikqeIKnM0yw1cRrg6zrDBL40awrGQviONHrU
+ kMvMAdDh+ZKqqh8KszKtqYCLGKSQKrDsdCqWHsSQeuG54JpAiwVRpkUWISNSfa2oED/GGdTjrTYQD
+ vd5IdlGf7/ZTsrqJ+I+MYqp8tSggyiNyofSZZGkBVfUu2nSH2BIuBvfZTTGd01O+Vu1bRVkkVTa8s
+ 87l1kA6SDYaRvytpubWubnOVVpzLKqWuaIwmohWQxk303F7Ya4fXNq4z/0N/L1dDzxGM9FLwmFwmG
+ SoTFZQ0eYQ+DW0sNTHe+iVAwv33wIZ9RUPD9bSGKY09LOkgZZqglAwKFbazttq2Bt7YNsV+d5jT5Z
+ QePKA0pOmnjChmeSxsFG3uTuAACSQATgWrp454nNfp15dVZG8scCEC5fJDV5nX1UBWRLRRa13DWUs
+ d+v4gxYOquhR1DK3NWFwfpiqSmmkmrJ6zLpqmapp0VHmrgxiqAtnlFgLA2S2ncaNlF7Y6OEo2W+LR
+ ZiqxIVzN4qsFqprbMlmvbULm2g2NgDyGSkoIHOuydvDc93r0UybM8DVhT0uWZfCAYaR0kkYKkdI7R
+ NIx5ABSov89huSQATggyjg1EpWfNJ6t55G1COOvm0xLYWW+oFuVye522AxUcLlmz2jMk00tSr1K+V
+ nhs0EH5JTINmawjUkE/iEcwTjQMPcOw9sbM8pzk94t0Qc8xJs3RVMHC2SwyCTyImdTdTUyPPpPcay
+ bYtsLjsOGtDRZoshiSd12EwuEx0vFHzCugyyhlrKkkRxC50i5Y3sAB1JJAA6kjAW8tTXVZr66wnca
+ UjButOnPQvc7DU35iOwUCfxJVGszqOiBvDQqJXHQytcL/4rc/3qemKPPM0GUZY9SAGlJCQoeTOeV/
+ YWJPsDjK4zVvklFLH39Ty+XrgmVHBezranZN5nxDQZVVRU08h8RxqYKpbw17mwJ36Dr8hiG3GmVg+
+ iOrkHdYgP/YjAWzPJI8srtJLI2p3bmx7nCYGbh0IAzXJWyiwRuUGVxv0t5o/ybjHKhxFQSl5YA+un
+ kM0ZAVXAIOoXA9SIOfXGn4+cHDFCEbS1tj2OPoPKMxizfKKXMIraaiJXt/KSNx8wbj6Y0OHNbHF2b
+ dh+Vmscw8UkjXNJIdz6KbjsdjsMkgXYTC4TEUQFnOWZ2KrMarLpaWrRp2lm8u+qoUBVAQIVK6gqgb
+ 3vbYb4Es6ozmBk8HOHrBBTGrgU+GwsLBwQoG5BGk7b3BxpmZQU09U7VnDL1Ok2Wpjjic27j1Bx9Bi
+ izDJ+F6kDxarMMsNyS0zSwhr7MCZlIIPUXscKp8Oa6TtYzZ3HS9/BFw1T4yCOGyzjNMtlyqrWB5Vm
+ SSMSRyKunUp23FzY/XqMQ8aRJwvlUVBPVtVZXmdHHH+JOzIaeMXOlJI2YIBc8l7DoAMy8FJVUypqt
+ ewbe4vsSLDe3tih0DomjOblbnB8UfVsMZHxN4nY/bf/V6FRCzaRKhbsGF8H32ccWUuVibKMzqoqan
+ cmWnlmkCKrH4kudhf4h76vbAEY0K6Sile1tseUh0MVvePmqnfSfb2/wBYkUnZuzBG4hRGsh7J/cRw
+ Py+y+j4KiCqhWanljmiYel42DKfkRhzHz7lOcZhkdT5jLKloGvdk5xyf1LyP++xGNq4Y4gg4lyWOv
+ iXw5ATHNFe/hyDmL9RuCD2Iw0hnbLtusJiWFTUBBcbtOx8VcYTC4TBCUrsdjsLiKKlz/hbLM+y6og
+ kpadKiVP4dT4S643G6tfnsQNr78sYXUK9HVtSVSeFUJI0boejLzH7fXH0dgE404Pp6/MGrYljjnzB
+ EpxNJfTFKHUqxsNtaqYyf6B1OBp4BKOoTrCcUNC4g6tdbu13+l/ssxp6Kesiq5oTZKKAzSbX1fp+o
+ DH+33x4WhnrKWrqYmCxUMfjSMb2O/wAOx7am+gB540GHh+PhuSpyWabx0ngFQZyujWGGhx7BSBbsH
+ HM3Jz6rzMSUrUFJS+HREkQo7amkBAu7X/MerG+kWC2O5RB0omdFa2Uj6evWiefyM9XnEINnEW6AeO
+ n+BRWqacQyyFZmlDIINOysLnXe532tawO4xpX2XVVBk/DuZ11ZmKQ05lR38ayCNivqHv6tSjuFHPG
+ cRwhGMjnXIRuxH7DsMNR1VUsUkKOpWclFBG6qGfVbsDq3PM8rgHc6GTI64VmK0E8zRZ2pN7cth4aa
+ 961rMftdyell8Okoqur32awjDfIH1f5AwR8McUUvE+WNWwwyUxjlMUkUxW4YANzBIIswxhEcSx3O7
+ M3xOeZxsv2cZSaDhOOWZPXXSGpseikAL/lVU/XBkE7pXEHZKMWwqGhga5pOYnbpx/HmizC47HYMWc
+ XYYraSKvopaScHw5VKkqbEdiD0IO4PQgYfx2Ios541q5RkS1VUwFZSrUZdUFRa7yRgowHQMUjI7a7
+ cwcZhAA7vL7lF9gDb/d/2xtnGuSHMaCVotvMIsE2xNrNqicgb2STn+l3PQYySm4dzxak5d9z1nm0d
+ lMYiJA3Njr+G36r298LaqE5s7RutV7PVMMWYSuA469P2VBlkVFF3RCxChnNgCep9uv0wzSKLuRq0p
+ 6E121aee/vvv8sa/wAM/ZzTUeWVP3zpnq62FoWCHaBGG4U9W/V7C3UkeoPskzdaloqvMaRKYSMfGi
+ DNI4Jv8JACm3ube+OfdXhmm5R4x2mfVF7yQ1o0035+XyVRwfw2/E2crFIh8jTkPVN0I6R/Nv2Fz2v
+ t6gKoVQAALADpiHk+TUWRZbHQUEWiJNyTuzt1Zj1J/wDtsTcHQxCJtll8Rr3105kOg4DkF//Z
+mail: lisa.simpson@example.com
+o: The Simpsons
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: top
+objectClass: shadowAccount
+roomNumber: 45
+sn: Simpson
+telephoneNumber: +15551234567
+uid: lisa
+uidNumber: 1002
+userPassword:: YnJhaW5z
+
+# Maggie Simpson, People, Simpsons, US, example.com
+dn: cn=Maggie Simpson,ou=People,o=Simpsons,c=US,dc=example,dc=com
+cn: Maggie Simpson
+gidNumber: 1000
+givenName: Maggie
+homeDirectory: /home/users/simpsons/maggie
+jpegPhoto:: /9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAoHBwgHBgoICAgLCgoLDhgQDg0NDh0VFh
+ EYIx8lJCIfIiEmKzcvJik0KSEiMEExNDk7Pj4+JS5ESUM8SDc9Pjv/2wBDAQoLCw4NDhwQEBw7KCI
+ oOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozv/wAARCABm
+ AE0DASIAAhEBAxEB/8QAGwAAAgIDAQAAAAAAAAAAAAAAAAUEBgIDBwH/xAA8EAACAQMDAgUCBAIGC
+ wAAAAABAgMABBEFEiExQQYTUWFxIoEUMpGhQoIHFRYkkqIjM0NEUlVicpSx0//EABoBAAIDAQEAAA
+ AAAAAAAAAAAAUGAgMEAAH/xAAwEQACAgIABAMGBQUAAAAAAAABAgADBBEFEiExE1GBIjJBcbHBFBV
+ SYfAjkaHR8f/aAAwDAQACEQMRAD8A7LRRRXToUV4x2qWwTgZwOpqtx+Jb+4iSaGwthHIoZd9y27BG
+ ecIRWbIyqccA2trcmlbP7ojHXNRlsooYbZlFxcPhWYZ2KBlmx37D5YfBh2mvzwsE1JIzGf8AeYgVC
+ /8Acpzge4J9wBUCaa5vb03d0kUZEYjSONywAySTkgdfp7fw+9FK+XxyxcrdB2g/z95vrxQa/b7zPU
+ btdZuN3W0hYiEA/nYEgyZHx9JHTk9xhppGrB4GgvplWeDYDI5C+aGOFb0yTkY9fYiqjePcJqzLHO8
+ QSGNo1z9B5cNlehHC+/oRSm71FtTjnaXylKWrmONDkxucqVY92BwO2M9O9GOHUZ9ty5TEeFYD8fd1
+ vQ+fy9YKys7GqDUgHnUj4d9zrlFUya61O2gZodTumlOFRX8tgzk4Ucr3JA7detXJc7RuxnHOK2Yeb
+ VmKWr3oec0WVNWdNPaKKK2yqFUuNEgnurSMhktp2RCvTacMAPgNt/lpjrt1cy3psJQ0NswBXbn+8c
+ cjd0AHOV6nGenWEiJGgSNFRFGAqjAH2pR4/mVtrHCnYO9/zvCOJWR7e+k9rF3SNNzsFXIGScDk4FZ
+ UQ24vtQt7F/8AVSB3mGcbo1ABH3LKPjNLmNQ2RctS9zNruEUsYuv3sZ72G2kuxBchXZGWRQwXIDDn
+ 147fw+1ZrLpsNvbBljihA3wmVdoXaAM5bocH5xn3q2WL6NdJd6fYi0kW1k8q4giVdqPgHBUcZxj9P
+ aoCQabod/ezzQosNvbfiVkKljAgzuVRyQOMgD1x2FNbcCsKLX4x5Rvp5b8huDRkIGLhBsxNHci4e1
+ vbOaF1jlbasgysrDcvBB7YJHXoD2q26VfnUrFbkw+USWXAbcDgkZBwMjjg4FKNQs9N1Iadq9ugMd0
+ 6b2RdjXEUi8A5GepUnodoYeoqxIqogVVCqowABgAUR4fg2YfMhfa/Aa+squtFmjrrPaKKKKyiQ9W/
+ BjTJ3v4hJAi7mXGTkdMf9WemOc4qsQCRYEExzJj6uc49s9/njPXA6VZtV0/+srLyBN5TB1kVtu4ZU
+ gjI4yMgdxVdu7a9065giuTbyJMWCvGWU5Az+U5x/iNLXH8e61VZF9ldknpubsR1UkE9TItzqMFtOk
+ LBmdiBhSvGenUjJ9hk+3SpOZIporiAgTQtuXPQ5GCp9iP3we1Lbq3Ftei6UW5aVxtM03lkNgKQDg7
+ gQoyvt+jGNXWJVkcO4H1MFxk/FKisaStlZ0R9Zv1zbVoyj8RpGGJ0i4WVzl/LMZVmwBnduBPAHJGc
+ DpSW7vwb+S5uLuWC6kUKUtWdtiDkKdozjLE5IGSeMdKX+LNSm03RS1u5jlnlESuvVcgkn9FIz71zS
+ 3vHs9Tingl8uSJwyFcYz3B7nPQ/PzTFXlZmdVsty68uhPrL8XhIsQ2Kf2G/P+fGd50L8RqUEV/fTC
+ XymdYBt2kYJXc4/wCPGRjAxzwMmndJfCM0Vz4btbqLd/eN0rhh0csdw+AcgfFOqaqubw15u+hF1xp
+ iIUUUVZIwqFqemRanFEkkkkRik3o8ZAIOCp6gjoxqbRUWUMCrDYM9B11EqHibT7bTrG3gtkI/GSmK
+ 4kZy0kibGbaXJztJA4Bx26E0lFxqCDC3quPWaAMf1Ur+9N/Fk5l1uGD+G3t9/XqXYj9hH/mpFcyOP
+ KiiOJJXwDjOFHLH9OPkiiFXDsS+gC6sEDt07fKLmdn5FWURS5HQb+v3kfVoZrqwuFurkPG+HkzHjy
+ wvO5ADwQM8HOelTrb+iCNJm8/W3aHdlVjtwrAZOeSTz9vtWFxH51tLFjO9GXHrkYroWl3P4zS7W53
+ hzLCrFh3JHP71nyuHY2OR4SAA/aFuC8XzSjr4h/7MrCxt9NsYbK1j8uCBAiL14Hqe59+9SKKKpmwn
+ fUwooorp0Kj397Fp1jNdzZ2RLuIHVvQD1JOAPc1Iqs+OJpVsbSCIZMk5bBPDbUZgD/NtP2qaLzMFl
+ V1nh1s/kJWpLy41DVr65uAoZmQBU/KgC/lz3xnr79hgDRF/pb+eQ/7HbEo9MgOT99yj+Wi1bRliL3
+ 1sHnk82R3mhVmwmQT9OdvCEAAknaepr2yj8lHjAkKq3EkoIeTjq2STngDP7DoNPDuJrlWtQtbKF7E
+ joepHp6mLnEMFqUF7uGLd9en9/QSTT3wfcsl5d2JYbGVZ0BPckq+P0U/Le9IqbeEkR9cnkZ9rxW+1
+ FPBbcwLEeoG1Bx0J56iiOaAaTuUcKJGUAP3lyooooFG+FFa5p4baJpp5UijXq7sFUfc0qbxZoqkgX
+ TyY6GOCRw3wQuD9q9Ck9hIs6r7x1HDMFBLEAepNc/1G+k1LUp55GJSOV4oV7IqttOPclck/A7Csta
+ vl1u+MjIWtIwFhjmTGT/ExU9DzjnsvvUUKqqFUBVAwAOABRbExiv8AUaLfEs8WA019t9/OaXsrdwQ
+ YwNxJbBIznIIOOxycjpyfWt9FFEAiqdgQMXZhomRpGaK/hO47JlaMjPG4DcD+gf8Ab2rc1w1kUvUO
+ GtWE2R6Lyw+65H3rXNG8lzbsB9EbM5Oe+0qB/mJ+1biMgg96iV5gVPxklcoyuO4/3OkA5AINe1UtF
+ 8SfgoYLK/jVYI1EaXKHAUAYG8Hp0/MDjuQoq2jnkGl2ytqzphHem+u5eas7ErfiDw/falfpdW0kEw
+ VAqxXDlBEeclSFbrnnjPHXtSLU9M1LSbdbi9itdjPsHlXDOc4J6FB6HvRRWmi6xQFB6TBl4lLsXYd
+ fmZX38UWEbsjx3G5Tg4RSM/4q3W2uW94GMEUmF67wF/8ARNFFEDa4HeA66ay+iJjceIbS0k8uaObd
+ jP0KCP3IqZot5/aG7NrpyYkAyTcHYAPtuz+1FFRe5whIMsqx62vCEdNyzJ4OuTGWk1VVk9Et/oHzl
+ sn7EfasP7H3v/Nbf/wm/wDrRRQ38Td+qMH5fi/oE2w+DBJlb7UWljPDRwwiMMO4JJY889CPtVoUBV
+ CgYAGAKKKqexnO2O5oqorpGqxqf//Z
+mail: maggie.simpson@example.com
+o: The Simpsons
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: top
+objectClass: shadowAccount
+roomNumber: 45
+sn: Simpson
+telephoneNumber: +15551234567
+uid: maggie
+uidNumber: 1003
+userPassword:: ZHVtbXk=
+
+# Marge Simpson, People, Simpsons, US, example.com
+dn: cn=Marge Simpson,ou=People,o=Simpsons,c=US,dc=example,dc=com
+cn: Marge Simpson
+gidNumber: 1000
+givenName: Marg
+homeDirectory: /home/users/simpsons/marg
+jpegPhoto:: R0lGODlhhABwAIcAAAAAAAICBQIEAgUFAQUFBAICCwYICw4EBAsJAgkJCAgJDQ4NCA
+ 0NDQECEgEDGwsMEA4QDhMEAhILAhANARANBBYODhwCARoJARMQAhIQBBURARQRBBcVAhIQCBEQDRQ
+ SDhgSABkUARwTARwVAB0YARISERsbGwIEIgIEKgEENAAEPAQINAQIOiMBASwCAiIbATUDAz0CAicg
+ AiogASsjBCskAS0jAS0kAS4oBTEnATQqAjkuATswAz0xATwxBj80BCIiIikpKS8vLzQ0NDk5OT09P
+ QIFQwEGTAQJRAMITQEFUQEGWwMIUwMIWgIIYwIIbAAGcQAGfwEIdAEIfEICAksBAVIBAV8AAEAzAU
+ E1AUU2AUU3BEU4AUw8AVA+AWEBAWsCAnIBAXwBAU5ABFRDAlhGAVxHAltJAWFNAWBNBGJQBGVRAmp
+ UAW1YAW1YBHFZAHFaBHFcAnRaAnVdAXVeBHleAHdgAntiAURERElJSU1NTVJSUllZWV1dXWFhYWVl
+ ZWxsbHJycnV1dXt7ewAIg4QBAYwBAZIAAJsCAqICAqsCArQDA7sCAoFlAYRpAohqAIptAIxuAo1wA
+ pN0AZZ5Bph3AJp7AaB/AYF/f8ECAssBAdMEBNwBAeICAuwBAfIBAf4AAJ6AAqGAAaODBKaCAKSCBK
+ aEAKqGAayHAK2JAbKMAraRAruTAcKZAcOaBMadAMidAMqgAsugBM2hAc6iBM6kAtGlAdOoAdqsAdy
+ uAd6wAOCuAOCxAOK0AOS1AOi3AOm5AO27AO+9AIKCgoWFhYuLi42NjZKSkpycnIyapI6cpZCdp5Gf
+ qJajrJyosKOjo6qqqqWwt6WwuK23vrS0tLm5ub6+vrnCyLzEysPDw8DHzcjIyM3NzcTL0MXM0cjO0
+ 8nQ1NPT09DW2tfb39fc39jY2N3d3dzg497i5d/k5uHh4eDj5uDk5uXl5eHl6OTn6eXo6ufq7Onp6e
+ rs7uzs7Ovt8O3u8O3w8fHx8fHz9PP19vX19ff4+Pn5+f39/QAAACH5BAAAAP8ALAAAAACEAHAAAAj
+ /AAEIHEiwoMGDCBMqXMiwocOHDf1JnEixosWL/p41mEKoo8ePIEOKHEmyZEgUgzCqXIlRIMuXF/2g
+ MEmzpk2TUhjQg8nzosuePPGVcHKzqNGaKI4BXervJ9OV+BJwPEq1qkcmeJ72dKr1IjUHVsNSlVKiX
+ 9eXXM9SDKRCrNuiAdqpXZl2rr8hTqK83WsygDm7LQEAnhh1Kt/DIQuoG2yxrlp1CRBL/igFwj7GFR
+ 2fpUdA72TJTYZgziwYM5AnnyWnSDl6ouazgNqmPtwAU2vXpRlzK2B4ttsnBrLdbpqbsR7Zvt8eEX3
+ 79Vl1D1Anf9vAWvPijJE1kDLdrZE/14cD/zrRu/tRJ8xHO1fbb08K81ahmDCrHjvmPUbgV5VPH/P6
+ s/IYwJ1+56Xnn32DPXMCgVSpAEh4t/mRH4NFRdGAcK391xURS1BY1BQFWJchgoCd5mFRShDRH2Maa
+ gUEFASWZ1MD1KwIWItPEUHUYZ6NJMUJDTRx1BFFjDicH0ccxkIDKjjR2xRNpIDAHars0IARO340xY
+ AgRVFAOfUN9wxYb0WRAg6rtEEDAgU00EAAGGTxSC7C1NlKGzMQcAIKKqSAQgAThpTCMGHeJo8CXFr
+ 1Ixe81CnML7rwImkwjlZaJy6rWFJJJS+gIGNHSxBRaITIVdVEA3MAY+mqrK7aSxsJpP9whBNQ9DgF
+ AZexSCJg5iBKVRROOHADK5be4kiryFaaCyRk7DDBEj0W8Jeuw0k0yEw2PcGEESgUkIMlqlrKSwisU
+ Josq77QEO4dbU2BWgPcHFitP/sAoYRNSbwghyW1OErLqpPoYO65q4ZgS52pLNgECl7KRW215ghokx
+ M5WArMC6lY/C3BrNqwSp3AhOCEESo8AQQ/8lZLzAo3UbzqKS/0UikvdIRwxx2SpEInxy/EEu4lDTj
+ AxAnGjHobHkJO3AOrZmwBDDCWYJGAEHsEEggfQyywwyThWqpLJFyMEAABE+jgxiyhDFDAHjbahaNW
+ JiRqUhJlsAqMFlu8MAQyO1X/hA80RJAgSqW/1LFAHsiYs08/7VADSAlaJGAMffs47PaugJUgd0kpQ
+ MLqL2iYAM1L1Jhwxi/B2GIDHuFgRI8gDIwu0TB5DPb2Uyba5ACxFo9BhOUs0ZPHD7SMMEjbFVVTwj
+ P+ZFNCvDdibhceTNgkhQaqRiKJuW0QgQ9Q/RSBAGsvZcPAMyUg8/BwxLxX0xFn1AmLDjukokoJwPN
+ EjwnM80QMAEpZ323CUYAelaQB5apTMCZxgwGo7ynQOBlP9mECaqSsWkW4l0mcQIKB1YkVJsjVU4JQ
+ I54Mow8TkUcAz3K7p1SjAQYUCYhUIYyu1eFBXRkECnmSjRBa4w8M2IMI/7XSwqfgIVAkaYIOgIEDO
+ TRKC/3TSjWC0BN5CIABQABE6+ZSRKaUIzo0KcAtZlEGDLAhBBiqCD2mxZJylOAi0DhG3wgDAOhFb1
+ 4TKYYDYniSwQkjFnJAQBonUg0GAACHK3GjRYwhECFUxBwMQF5XusgUamzEJCpwxMCwIDuK8EEgAvj
+ eSqxBxYrsAZSilAg0DHQ5PEpED0mgiQrqUCk4BMIixxCIqFgyDD5YxHkCEERF+GAbAQ4HHwzYnKCO
+ 5ShWAKFt1UBGKlUihChSBB/5gyQb74jHbJDJJCjwowJn0MmlVAMAxNhGO+iBj8VdpB94QKTtpAeYZ
+ 2DLJAWIhaVOAf+E/MEEH0FwgxdkgAEMaCABWNwDNPoDCCFMk5vzOob7SvIEDnRNgWXIgyQx0h4vuC
+ oXrHiEDPDATj4EYTFGGw4y7kmSI6DBgyDzgR7myJJ98GEHvkjWL8hQBBPUEULz2kYDaOIAGrKqF2Q
+ AwiAxsg0haCGn57rFAFBBhmKm9Db7KAGMRCIFJahgAKmAKqsmsYE8lLAi/bDGHjYAiYsmCwC9aAX+
+ jOTKP7BAJCyYgBkewQYddAGmM3NEDUoQz2EMIxB5KIEM7oALjtUpFwhQlRryMESIzqtXckvBD3amQ
+ I7VghJ3iIMc7mAJWQQDsMlqBBlApgMhXhCPw/gmIZ4wgkb/Ofa2jk1FCPpVJ190YQjb5CI9BwPPia
+ agEZTKhStUwVvcOlcYwWDFGULwsUoFgw4mWCoLhzsYegCheoTYnTDsgAAE6AANzyUYMObwhjeQQQc
+ aeAEddNEqSnxAu0Tk7mD4oMEG6PMXqRBYejlmiUlMohKqONi5KGEClKqFklrZgwbFK4xcbKAWqB2w
+ huvUhj200pUT4W9HUnAHR5niFhne8IB1kYHgPgXCT2FLR55Agl6kWMUqzkI58wviiazUIyvYgswUm
+ Ipf4PjIObDgg/ULGHXwBsgaQMMb0kACHcziyCqeBBAe+mImAyYPSIRCEpBghIphWcO5OIMJ7LjdHk
+ +E/xsKyJJHpBCCM6f3F42ggB/kYdkeP8MASuhNEzTAsV5gwchnxsUdQoCHbRizx9kgQgFO4KcGAAE
+ AvrixMB4xBizzIhReWMAeHP1aN0vEHHFExjb2IYAhI2sXEyDAC7rQBkkk2K3ICkYsRPEGHSSgCMfw
+ Z59NXZF9wPVca0jDL14RijuUQQckmAAGasCDLpChDe1tLxm60IMXLMAERRgENfhcLRgzhtWu/hwPO
+ FspX+CCFawghYENnAUiHOMZ1QgHTfFo7u4iQKxYPgUr3dxvXoHAznVaxcB7XHC7bOMFmn5uI3ZIbO
+ JUHCPU6EHEcQsLDlTj4hYHuUT6YY52IGO1WP/2xRw6sMKKN1wrEbTAAUywho0TjBc50AOYRP5yplQ
+ jAowAxSdgEAksl8GXIpdIz5eSh0SA4ukxyBiObeEBcid96UAJgiaeDooI/AvHkPBw0pXu5fsUYhEx
+ OAAAtFDdDZOh5TwvO2O2QYAWKOITnkBECyxxWg33AA+CwK+psd6TarTAE1wHBScugGLo2rxSLxBDG
+ Czwh426kvA8+UMhEv/0L0iCFDxAAAWyIHXHgoAToPCEC+A+eLkPRg9O57wYOGB3T3QiERbwnKN64V
+ ZdpIIUtjj90xVRJJBjHiaDAAPnQUGFwye+ExZ4BTAa8YIETKALr6CUIxAQgypEAACoB0X/Jkp58eO
+ /RB0MWETiEQEARCy/EGjwAhW27glDSIAVjXBB+D/xhSo8XQwU53KuBxjWgAEhYAWIcAgxIAMIsAnL
+ lwkCQAWctwgvQAHhx3UuoAiHUAFbVH4DOBf7Iwq8MAlrwAaW8As4kAnLpwgAoIKc5wISyHmFQACNd
+ nUfqBZ9ED+rQgfKx3lWAH7LZwUxmHiH4AdjF3LERg0hYFuWkgsi4H5cVwgv8AOxl3gWEAGIl3hVwA
+ CkFncVtz+ogCywIAMwIHkukAO2oAoWcIGgEAZccAZX8AlchwgjIAlBUFnEZn4Y4QcohyzAcAqN4Ah
+ GJQyQEAFiwAiJEAM4kAu/0AUu/yAGhlAFJKABvsAF5OOBxJYNGMBuuOUKbGBtlWAuwbAKdfAGJ0gD
+ q2ALFMBmeXiDTNEPQjAJj5dec+AGwuAIKmJ8rrgUx2BmCGcprCADwcBErMdwu9gT9FACvPOLlvICH
+ 9MKH+BgredmgWAGzMgqcNAGlMIGYteKPWYOC6Bg11gpsQACquILIaBk0whifsAGs6hiPWAJdXIJQI
+ CH/HaML1EOFNBY47gqo5AD5tIDxOCNrtQHb9CPrVIDplAnr+ABwlZu+LgS5kABnIiQdVIKMoBoa2C
+ EBBeRKhEI6GWRqxIMclInurABrDgveohM+iSSq/IKGIALlNIIGmWMeGQMWizwjnbWBnUjDL7AASJy
+ eR55EUEQhi6JLiMACf0SCbsklBDxlFAZlVI5lVIZEAA7
+mail: marg.simpson@example.com
+o: The Simpsons
+objectClass: inetOrgPerson
+objectClass: posixAccount
+objectClass: top
+objectClass: shadowAccount
+roomNumber: 45
+sn: Simpson
+telephoneNumber: +15551234567
+uid: marg
+uidNumber: 1004
+userPassword:: Ymx1ZWhhaXI=
+
+# Pets, Simpsons, US, example.com
+dn: ou=Pets,o=Simpsons,c=US,dc=example,dc=com
+objectClass: organizationalUnit
+objectClass: top
+ou: Pets
+
+# Santas Little Helper, Pets, Simpsons, US, example.com
+dn: cn=Santas Little Helper,ou=Pets,o=Simpsons,c=US,dc=example,dc=com
+cn: Santas Little Helper
+givenName: Santas Little Helper
+jpegPhoto:: /9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAoHBwgHBgoICAgLCgoLDhgQDg0NDh0VFh
+ EYIx8lJCIfIiEmKzcvJik0KSEiMEExNDk7Pj4+JS5ESUM8SDc9Pjv/2wBDAQoLCw4NDhwQEBw7KCI
+ oOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozv/wAARCABn
+ AEsDASIAAhEBAxEB/8QAGwABAAIDAQEAAAAAAAAAAAAAAAQGAgUHAwH/xAA8EAACAQMCAwYDAwkJA
+ AAAAAABAgMABBEFIQYSMRMiQVFhcTKBkRRCogcVI5KhsbLB0TM0U2JygoPw8f/EABoBAAIDAQEAAA
+ AAAAAAAAAAAAAEAwUGAgH/xAArEQACAgECAwcEAwAAAAAAAAABAgADEQQxEhMhBXGBkbHR8BQyQWF
+ R4fH/2gAMAwEAAhEDEQA/AOwXNzDZ273FxIsUSDLOxwBXPdS46vYb+WeC4SOJMGK0lQASKTygsSOY
+ EnyPd8tjm+6lp8Op2MlpcKGjfHUZwQcg+4IqkrwRpdlqsrzS3sskcSFRAOaR+duUkbE4XAzjpk52p
+ bUV2uBy2xj55Rih6kJ5i5+es834l1uWTtRfiLO4ijhQoP1gWP1+le4451N4RIlnbARFhIDzEzcpwe
+ XfuZx481e+ncP6d2WpT3ctxfrZzSRrHCzBsKoOCExzOc/uwBVbu9CWfigWFleXFurElO0O4Zo1bDA
+ /eAYg59M771WrVrk3sGSfn4j5s0T7Iek6nY3cV9ZxXUBzHKgZfY171A0TT20vSLeyZ+YxKFzU+ruV
+ EUpSiEUpSiE1Or8U6HoEscWq6nBaySjKI5JJHngdB6naqVrOpR67qf21Bm3ROS2yMEqdy3pzbfID1
+ racafk6t+KdRTUFfspwgRjk4YDOMj5mtPJwfxTbgQQy2roMBX7PGB7Db9lV+vqvtQJUcfzHtFZRU/
+ Hb4SOsn2NS8NzJZrjDNDMYgR4ZwRWKTrZTWuoIcrbSiViDzcynIY58diTn0r5ecMTaRe2sl7em5u3
+ V2dG3CL0GB0G/l5GvUgEYIBB6g1nrjZpLVUtnhwf1L6rl6qpmC44un7nUopFliWRTlWGQRWdVXgnV
+ O0s20mZ8zWgHZEnd4vun5fCfYedWqtdXYtiB12My1iNWxRtxFKUrucRSlKIRSlKITnnEsjScT3nMf
+ 7NYo19By8372Na2p3F7i04tkLryxTwREv4B8soz7gAe4x4itdHKJJZExjs2Cn6A/wA6xnaKn6lz8/
+ E1ugYfToJ6RTT2l1FeWrBZ4DlcnAYeKn0I/kfCuj6VqkGrWCXcBIDbMjfEjDqp9RXMbR2ltInY5LK
+ DmpGkaxfaffNd2PZGBu5JHITibG2Rj4cHIB3z5YxTXZ2t5BNdn2+n+xftDR84Cyv7vWdTpWp0XiC2
+ 1lWRVMNzGMvA5yQPMH7w9frittWnVldQynImcZSp4WGDFKUrqcxSlKISh8cRBtYUOoZJbPBBGQcM2
+ f4qquiwNbWrK8rSk8jFmOTvGm30q3cfDlvbaTw+yzZ+RQ1VYTyWUzdMRKfpEtZzXr1t719Jf6FulX
+ c3rPDTb9fsMEcsUsLiNVDOvdY48D/XFS9OAGmWuP8ABT+EVtLrTDHw3pl6Yw0RgEU4I2x90n03I+Y
+ rVaevZW32bfNuxi38h8P4StJa/TiixlA6dD88Y5obzcisT12kpZJreaO5tnCXEJ5o2PTPkfQ9D6V0
+ fR9Tj1fTIbyMcvaDvITujDYqfY5Fc2LqJAme8wJA9sf1FWLge8Md9e6eT3WCzoPfIb9q5+dOdj3kO
+ ajseoiva1AKi0bjoZdaV8r7WkmeilKjahdiw0+e7MTyiFC5SMd5sDwohKd+URwssGQe7Z3BP4KrF6
+ Oxsb1QPhiUAf8AClSOKOIU16ZFjWMSSRdhHHHL2hPM3eJwBgYFY8RwCM3lqw+IwxkH/MkY/nVFqBz
+ eJl2LKJc6c8vCtuFYy32Wu6MNDi0+6ExXsuRw1uxHT2qm3Sw2Ooube4NxbYwZCjDC+GcjqucH0OfA
+ 1lr2haZoZt1Mk6vJEJDI8rIoz4DA3O2/ltWlF06L+g1KRgeoaJ3H4lJ/bUmrWy4ctsE9zevWcaVkq
+ PGuQO9f6m4vG7ExXJ2WJsP6K2xPyOD7A1jBq35p4miuI5lSVIMcjnCSAse6x8Omx8PqDAtb63gtxF
+ PcTTDBBQWpCY8gCCcfOrRwFoenahb3r3FpK6u2ENwMtyYH/nsBSWh0dnNycrjY4945rNXXy8DDZ3G
+ faXnStVttXsxcW5II7skbfFG3kf8Au/UVOrnM9tdcD62kluzyWUgPIueqjdoz7DLL5YI6V0G3uI7m
+ 3jnicNHIoZSPEGtBVYWyrbj5mUViBcMux+YnrWLorqVYZB6isqVNIpp7fhXR7W9+2RWaCXOc+tVPj
+ jTp4dVa9NvPPbS8j/oPiR1GN+mRsD710SvjIrjDKCPUVFbUtq8LSSqxq24llU4azxHpA/PNmZGhci
+ NpkAYr4Zxtmt7HommRLypYwgf6RU5VVBhQAPICvtSAYGJwTk5kMaTp4P8Ac4f1RUmOKOJeWNFQeQG
+ KzpXs8lc45WMaAJXKgxXEbKT5c3e/DzVr+F5p14asFy20WBt4Z2qJxleNrOswaHbEssbfpMdOY9fo
+ Dj/c3lVzsbGKzsobdVGI1A6VCgzYz+Hln3xJXOEC+Pnj2kulKVNIopSlEIpSlEIpSlEJVOFtCktb2
+ 6vb0rJcGRsMDnOT1q10pXgAAwJ6SScmf//Z
+o: The Simpsons
+objectClass: inetOrgPerson
+objectClass: top
+sn: Simpson
+
+# simpsons, Simpsons, US, example.com
+dn: cn=simpsons,o=Simpsons,c=US,dc=example,dc=com
+cn: simpsons
+objectClass: groupOfUniqueNames
+objectClass: top
+uniqueMember: cn=Bart Simpson,ou=People,o=Simpsons
+uniqueMember: cn=Homer Simpson,ou=People,o=Simpsons
+uniqueMember: cn=Lisa Simpson,ou=People,o=Simpsons
+uniqueMember: cn=Maggie Simpson,ou=People,o=Simpsons
+uniqueMember: cn=Marge Simpson,ou=People,o=Simpsons
+
+# search result
+search: 2
+result: 0 Success
+
+# numResponses: 24
+# numEntries: 23
--- a/doc/ldif-example.com
+++ b/doc/ldif-example.com
@@ -0,0 +1,215 @@
+# extended LDIF
+#
+# LDAPv3
+# base <dc=example.com> with scope subtree
+# filter: (objectclass=*)
+# requesting: ALL
+#
+
+# example.com
+dn: dc=example.com
+dc: example.com
+objectClass: dNSDomain
+
+# Bad DNs, example.com
+dn: ou=Bad DNs,dc=example.com
+ou: Bad DNs
+objectClass: organizationalUnit
+
+# double plus \2B\2B, Bad DNs, example.com
+dn: c=double plus \2B\2B,ou=Bad DNs,dc=example.com
+c: double plus ++
+objectClass: country
+
+# end dollar$, Bad DNs, example.com
+dn: c=end dollar$,ou=Bad DNs,dc=example.com
+c: end dollar$
+objectClass: country
+
+# multi + value, Bad DNs, example.com
+dn: uid=multi+uid=value,ou=Bad DNs,dc=example.com
+cn: Test
+sn: Test
+uid: multi
+uid: value
+objectClass: inetOrgPerson
+
+# quote\22double, Bad DNs, example.com
+dn: uid=quote\22double,ou=Bad DNs,dc=example.com
+cn: Test
+sn: Test
+uid: quote"double
+objectClass: inetOrgPerson
+
+# quote'single, Bad DNs, example.com
+dn: uid=quote'single,ou=Bad DNs,dc=example.com
+cn: Test
+sn: Test
+uid: quote'single
+objectClass: inetOrgPerson
+
+# angle\3Cleft, Bad DNs, example.com
+dn: uid=angle\3Cleft,ou=Bad DNs,dc=example.com
+cn: Test
+sn: Test
+uid: angle<left
+objectClass: inetOrgPerson
+
+# angle\3Eright, Bad DNs, example.com
+dn: uid=angle\3Eright,ou=Bad DNs,dc=example.com
+cn: Test
+sn: Test
+uid: angle>right
+objectClass: inetOrgPerson
+
+# sign@at, Bad DNs, example.com
+dn: uid=sign@at,ou=Bad DNs,dc=example.com
+cn: Test
+sn: Test
+uid: sign@at
+objectClass: inetOrgPerson
+
+# sign\3Bsemicolon@at, Bad DNs, example.com
+dn: uid=sign\3Bsemicolon@at,ou=Bad DNs,dc=example.com
+cn: Test
+sn: Test
+uid: sign;semicolon@at
+objectClass: inetOrgPerson
+
+# sign?question, Bad DNs, example.com
+dn: uid=sign?question,ou=Bad DNs,dc=example.com
+cn: Test
+sn: Test
+uid: sign?question
+objectClass: inetOrgPerson
+
+# sign\2Ccomma, Bad DNs, example.com
+dn: uid=sign\2Ccomma,ou=Bad DNs,dc=example.com
+cn: Test
+sn: Test
+uid: sign,comma
+objectClass: inetOrgPerson
+
+# brace(left, Bad DNs, example.com
+dn: uid=brace(left,ou=Bad DNs,dc=example.com
+cn: Test
+sn: Test
+uid: brace(left
+objectClass: inetOrgPerson
+
+# brace)right, Bad DNs, example.com
+dn: uid=brace)right,ou=Bad DNs,dc=example.com
+cn: Test
+sn: Test
+uid: brace)right
+objectClass: inetOrgPerson
+
+# sign%percent, Bad DNs, example.com
+dn: uid=sign%percent,ou=Bad DNs,dc=example.com
+cn: Test
+sn: Test
+uid: sign%percent
+objectClass: inetOrgPerson
+
+# sign\3Dequal, Bad DNs, example.com
+dn: uid=sign\3Dequal,ou=Bad DNs,dc=example.com
+uid: sign=equal
+cn: Test
+sn: Test
+objectClass: inetOrgPerson
+
+# sign\2Bplus, Bad DNs, example.com
+dn: uid=sign\2Bplus,ou=Bad DNs,dc=example.com
+cn: Test
+sn: Test
+uid: sign+plus
+objectClass: inetOrgPerson
+
+# colon\3Bsemi, Bad DNs, example.com
+dn: uid=colon\3Bsemi,ou=Bad DNs,dc=example.com
+cn: Test
+sn: Test
+uid: colon;semi
+objectClass: inetOrgPerson
+
+# colon:full, Bad DNs, example.com
+dn: uid=colon:full,ou=Bad DNs,dc=example.com
+cn: Test
+sn: Test
+uid: colon:full
+objectClass: inetOrgPerson
+
+# multi + sign@at, Bad DNs, example.com
+dn: uid=multi+uid=sign@at,ou=Bad DNs,dc=example.com
+cn: Test
+sn: Test
+uid: multi
+uid: sign@at
+objectClass: inetOrgPerson
+
+# sign@at + multi-mixed, Bad DNs, example.com
+dn: sn=sign@at+uid=multi-mixed,ou=Bad DNs,dc=example.com
+cn: Test
+uid: multi-mixed
+sn: sign@at
+objectClass: inetOrgPerson
+
+# Non English Chars, example.com
+dn: ou=Non English Chars,dc=example.com
+ou: Non English Chars
+objectClass: organizationalUnit
+objectClass: top
+
+# \D0\A7\D0\B5\D0\BB\D0\BE\D0\B2\D0\B5\D0\BA\D0\B8, Non English Chars, exampl
+ e.com
+dn:: Y2490KfQtdC70L7QstC10LrQuCxvdT1Ob24gRW5nbGlzaCBDaGFycyxkYz1leGFtcGxlLmNvb
+ Q==
+cn:: 0KfQtdC70L7QstC10LrQuA==
+objectClass: inetOrgPerson
+objectClass: top
+sn:: 0KfQtdC70L7QstC10LrQuA==
+
+# \D0\94\D0\B5\D0\B4 \D0\9B\D0\BE\D0\B3\D0\BE\D0\BF\D0\B5\D0\B4, \D0\A7\D0\B5
+ \D0\BB\D0\BE\D0\B2\D0\B5\D0\BA\D0\B8, Non English Chars, example.com
+dn:: Y2490JTQtdC0INCb0L7Qs9C+0L/QtdC0LGNuPdCn0LXQu9C+0LLQtdC60Lgsb3U9Tm9uIEVuZ
+ 2xpc2ggQ2hhcnMsZGM9ZXhhbXBsZS5jb20=
+cn:: 0JTQtdC0INCb0L7Qs9C+0L/QtdC0
+givenName:: 0JTQtdC0
+jpegPhoto:: /9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAMCAgMCAgMDAwMEAwMEBQgFBQQEBQoHBw
+ YIDAoMDAsKCwsNDhIQDQ4RDgsLEBYQERMUFRUVDA8XGBYUGBIUFRT/2wBDAQMEBAUEBQkFBQkUDQs
+ NFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBT/wAARCAAw
+ AEADASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEA
+ wUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKS
+ o0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqK
+ jpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QA
+ HwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEB
+ SExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSE
+ lKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba
+ 3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD9A/gj
+ 8Nx8IvhN4V8KPKsr6PpkNnJIv3WZV+Y/QnNc/wCINDutR1Q/Mux2yxHTFeTaP+17d+IfDN94w02OD
+ W/ANsF+0apZKZHtHOMxyKPmDDK8Ed69G8IfEHR/ij4aTxD4cv4760VMkxEjacdGBAKn2IoA5Txn4K
+ uIzO0v+rToyDjmvlL486HBb2jhdzEdNvrzXtvxB+NsNjeXdpFM7JFlQpbv6GvlD4qfE6/1Ca4nktW
+ kgI24Tkd+goA+b/ESSRXkoJIwejCuWuZFfOQAfUV1HiC9vNVuGmj064RJOjvC4HHpxXGXwntZT50T
+ p6FlIoAy9UQLE5A7VzDJ5h/Guj1aUi1ZvXisTyTGuDwR1oA/cX/gnT8CPFfwl/Z21nR/Gugpo9/rO
+ pSXS6df7XdrdoUQCZATtJKt8p5xjPWvefh98HdE8D3d3qcNnb2lzPGYXisVaO2EI6IIySOPWvRulY
+ XjjWYvD/hLVdQmfy4oLd3ZvQAUAfjx+0H42kHxR8TLajybdb2VY4lPAAY4FefeGbx9Q1yzlu7f+0r
+ bdmSEt8x9QAeK1PiQi614n1LUlbi4neXn3Ymud0m9l0G6jlVC6E5OOoPqKAIPFPhq88O+Mr7V9J1i
+ /trC4kMyWaiRHyf4Sn3BjpnJGKpT6yNe0lk1W0jN2DgTBAN49T716NqOrXXiC1807dm3rIcV5j4mb
+ 7KrZYbsHkUAeW+JIEt7hIYwCqtvwPb/ACKwXBySec1v39nPc3DTshCNwmR1HrVGfT2jIJHFAH9Gkf
+ xQspdds7KKOWaGZtr3CITHEMcMzdAM4/OuR/aP1qLXPhtqOiaVdQzXV4hQ/PhQMcknFeXeAdRnSzR
+ xG88UxGx9mVJPTnHGcGuk1+4h1LSnijRHkYlVjk4kVvQHHrQB+f8A4m/Zy8Y380kOnapokEZGS91c
+ vk+wAQ1zq/svfEC5/cp4i0O2KHaR5UzsT/3yM19ea9aW8R3y3ElndKSWhdBtkB6HBxj6g1w+tarcx
+ RRXLxS3mmxuE3ohCA9SNwwwP1oA8Ksv2WvHGAl143s40xjba6cznn/eYVFrX7LRuYUjbxa817nkTW
+ B2MPqrEj9a9jXxZqt4DEkqoVb93DKN3b+8MEHjjI9Kq6j421mwSNL64ESSqytuYOj+gYdvqKAPAvF
+ /wOv9EtR5z2tyEG3fDuX9GUYryPXfB15axs62ryxhtu+Ebxn6rmvpXW9cilF00+piYDO17cOVK9Mc
+ 9vqO1eQ+LNVSOd3g3NAvJMmUJ+vP9aAP/9k=
+objectClass: inetOrgPerson
+objectClass: top
+sn:: 0JvQvtCz0L7Qv9C10LQ=
+
+# search result
+search: 2
+result: 0 Success
+
+# numResponses: 26
+# numEntries: 25
--- a/doc/phpldapadmin-demo.conf
+++ b/doc/phpldapadmin-demo.conf
@@ -0,0 +1,59 @@
+TLSCACertificateFile	/etc/openldap/pla/ca-bundle.crt
+TLSCertificateFile	/etc/openldap/pla/slapd.crt
+TLSCertificateKeyFile	/etc/openldap/pla/slapd.key
+
+access to dn.regex="dc=example.com$"
+	by * write
+access to dn.regex="dc=example,dc=com$"
+	by * write
+access to dn.regex="o=Simpsons$"
+	by self write
+	by dn.regex="cn=.*,ou=People,o=Simpsons" write
+	by * read
+access to *
+	by * read
+
+database	ldbm
+suffix		"dc=example.com"
+rootdn		"cn=Manager,dc=example.com"
+rootpw		NotAllowed
+directory	/var/lib/ldap/pla-1
+dirtyread
+cachesize	2000
+checkpoint	32 1
+# Indices to maintain for this database
+index objectClass			eq,pres
+index ou,cn,mail,surname,givenname	eq,pres,sub
+index uidNumber,gidNumber,loginShell	eq,pres
+index uid,memberUid			eq,pres,sub
+index nisMapName,nisMapEntry		eq,pres,sub
+
+database	ldbm
+suffix		"dc=example,dc=com"
+rootdn		"cn=Manager,dc=example,dc=com"
+rootpw		NotAllowed
+directory	/var/lib/ldap/pla-2
+dirtyread
+cachesize	2000
+checkpoint	32 1
+# Indices to maintain for this database
+index objectClass			eq,pres
+index ou,cn,mail,surname,givenname	eq,pres,sub
+index uidNumber,gidNumber,loginShell	eq,pres
+index uid,memberUid			eq,pres,sub
+index nisMapName,nisMapEntry		eq,pres,sub
+
+database	ldbm
+suffix		"o=Simpsons"
+rootdn		"cn=Manager,o=Simpsons"
+rootpw		NotAllowed
+directory	/var/lib/ldap/pla-3
+dirtyread
+cachesize	2000
+checkpoint	32 1
+# Indices to maintain for this database
+index objectClass			eq,pres
+index ou,cn,mail,surname,givenname	eq,pres,sub
+index uidNumber,gidNumber,loginShell	eq,pres
+index uid,memberUid			eq,pres,sub
+index nisMapName,nisMapEntry		eq,pres,sub
--- a/hooks/classes/README
+++ b/hooks/classes/README
@@ -0,0 +1,3 @@
+Put your hook class files here.
+
+A file wich contains "class MyClass" definition must be called "MyClass.php".
--- a/hooks/functions/README
+++ b/hooks/functions/README
@@ -0,0 +1 @@
+Put your hook function files here.
--- a/htdocs/add_attr.php
+++ b/htdocs/add_attr.php
@@ -1,11 +1,9 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/add_attr.php,v 1.18.2.7 2005/12/09 23:32:37 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/add_attr.php,v 1.20.2.1 2007/12/26 09:26:32 wurley Exp $

 /**
 * Adds an attribute/value pair to an object
 *
- * Variables that come in via common.php
- *  - server_id
 * Variables that come in as POST vars:
 *  - dn
 *  - attr
@@ -20,111 +18,115 @@

 require './common.php';

-if( $ldapserver->isReadOnly() )
-	pla_error( _('You cannot perform updates while server is in read-only mode') );
-if( ! $ldapserver->haveAuthInfo())
-	pla_error( _('Not enough information to login to server. Please check your configuration.') );
+if ($ldapserver->isReadOnly())
+	pla_error(_('You cannot perform updates while server is in read-only mode'));

-$attr = $_POST['attr'];
-$val  = isset( $_POST['val'] ) ? $_POST['val'] : false;;
-$dn = $_POST['dn'] ;
-$is_binary_val = isset( $_POST['binary'] ) ? true : false;
+if (! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_add'))
+	pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('add attribute')));

-$encoded_dn = rawurlencode( $dn );
-$encoded_attr = rawurlencode( $attr );
+$entry['val'] = get_request('val','POST');
+$entry['binary'] = get_request('binary','POST');

-if( ! $is_binary_val && $val == "" ) {
-	pla_error( _('You left the attribute value blank. Please go back and try again.') );
+$entry['dn']['string'] = get_request('dn','POST');
+$entry['dn']['encode'] = rawurlencode($entry['dn']['string']);
+
+$entry['attr']['string'] = get_request('attr','POST');
+$entry['attr']['encode'] = rawurlencode($entry['attr']['string']);
+
+if ((strlen($entry['binary']) <= 0) && (strlen($entry['val']) <= 0))
+	pla_error(_('You left the attribute value blank. Please go back and try again.'));
+
+/*
+ * Special case for binary attributes (like jpegPhoto and userCertificate):
+ * we must go read the data from the file and override $val with the binary data
+ * Secondly, we must check if the ";binary" option has to be appended to the name
+ * of the attribute.
+ */
+
+# Check to see if this is a unique Attribute
+if ($badattr = $ldapserver->checkUniqueAttr($entry['dn']['string'],$entry['attr']['string'],array($entry['val']))) {
+	$href = htmlspecialchars(sprintf('cmd.php?cmd=search&search=true&form=advanced&server_id=%s&filter=%s=%s',
+		$ldapserver->server_id,$entry['attr']['string'],$badattr));
+
+	pla_error(sprintf(_('Your attempt to add <b>%s</b> (<i>%s</i>) to <br><b>%s</b><br> is NOT allowed. That attribute/value belongs to another entry.<p>You might like to <a href=\'%s\'>search</a> for that entry.'),$entry['attr']['string'],$badattr,$entry['dn']['string'],$href));
 }

-// special case for binary attributes (like jpegPhoto and userCertificate):
-// we must go read the data from the file and override $val with the binary data
-// Secondly, we must check if the ";binary" option has to be appended to the name
-// of the attribute.
+if (strlen($entry['binary']) > 0) {
+	if ($_FILES['val']['size'] == 0)
+		pla_error(_('The file you chose is either empty or does not exist. Please go back and try again.'));

-// Check to see if this is a unique Attribute
-if ($badattr = $ldapserver->checkUniqueAttr($dn,$attr,array($val))) {
-	$search_href = sprintf('search.php?search=true&form=advanced&server_id=%s&filter=%s=%s',$ldapserver->server_id,$attr,$badattr);
-	pla_error(sprintf( _('Your attempt to add <b>%s</b> (<i>%s</i>) to <br><b>%s</b><br> is NOT allowed. That attribute/value belongs to another entry.<p>You might like to <a href=\'%s\'>search</a> for that entry.'),$attr,$badattr,$dn,$search_href ) );
-}
-
-if( $is_binary_val ) {
-	if( 0 == $_FILES['val']['size'] )
-		pla_error( _('The file you chose is either empty or does not exist. Please go back and try again.') );
-
-	if( ! is_uploaded_file( $_FILES['val']['tmp_name'] ) ) {
-
-		if( isset( $_FILES['val']['error'] ) )
+	if (! is_uploaded_file($_FILES['val']['tmp_name'])) {
+		if (isset($_FILES['val']['error']))

 			switch($_FILES['val']['error']) {
-				case 0: //no error; possible file attack!
-					pla_error( _('Security error: The file being uploaded may be malicious.') );
+				case 0: # No error; possible file attack!
+					pla_error(_('Security error: The file being uploaded may be malicious.'));
 					break;

-				case 1: //uploaded file exceeds the upload_max_filesize directive in php.ini
-					pla_error( _('The file you uploaded is too large. Please check php.ini, upload_max_size setting') );
+				case 1: # Uploaded file exceeds the upload_max_filesize directive in php.ini
+					pla_error(_('The file you uploaded is too large. Please check php.ini, upload_max_size setting'));
 					break;

-				case 2: //uploaded file exceeds the MAX_FILE_SIZE directive specified in the html form
-					pla_error( _('The file you uploaded is too large. Please check php.ini, upload_max_size setting') );
+				case 2: # Uploaded file exceeds the MAX_FILE_SIZE directive specified in the html form
+					pla_error(_('The file you uploaded is too large. Please check php.ini, upload_max_size setting'));
 					break;

-				case 3: //uploaded file was only partially uploaded
-					pla_error( _('The file you selected was only partially uploaded, likley due to a network error.') );
+				case 3: # Uploaded file was only partially uploaded
+					pla_error(_('The file you selected was only partially uploaded, likley due to a network error.'));
 					break;

-				case 4: //no file was uploaded
-					pla_error( _('You left the attribute value blank. Please go back and try again.') );
+				case 4: # No file was uploaded
+					pla_error(_('You left the attribute value blank. Please go back and try again.'));
 					break;

-				default: //a default error, just in case!  :)
-					pla_error( _('Security error: The file being uploaded may be malicious.') );
+				default: # A default error, just in case!  :)
+					pla_error(_('Security error: The file being uploaded may be malicious.'));
 					break;
 			}

 		else
-			pla_error( _('Security error: The file being uploaded may be malicious.') );
+			pla_error(_('Security error: The file being uploaded may be malicious.'));
 	}

-	$file = $_FILES['val']['tmp_name'];
-	$f = fopen( $file, 'r' );
-	$binary_data = fread( $f, filesize( $file ) );
-	fclose( $f );
+	$binaryfile['name'] = $_FILES['val']['tmp_name'];
+	$binaryfile['handle'] = fopen($binaryfile['name'],'r');
+	$binaryfile['data'] = fread($binaryfile['handle'],filesize($binaryfile['name']));
+	fclose($binaryfile['handle']);

-	$val = $binary_data;
+	$entry['val'] = $binaryfile['data'];

-	if( is_binary_option_required( $ldapserver, $attr ) )
-		$attr .= ";binary";
+	if (is_binary_option_required($ldapserver,$entry['attr']['string']))
+		$entry['attr']['string'] .= ';binary';
 }

 /* Automagically hash new userPassword attributes according to the
   chosen in config.php. */
-if( 0 == strcasecmp( $attr, 'userpassword' ) ) {
+if (strcasecmp($entry['attr']['string'],'userpassword') == 0) {
 	if (trim($ldapserver->default_hash) != '' ) {
 		$enc_type = $ldapserver->default_hash;
-		$val = password_hash( $val, $enc_type );
+		$entry['val'] = password_hash($entry['val'],$enc_type);
 	}
-}

-elseif (strcasecmp($attr,'sambaNTPassword') == 0) {
+} elseif (strcasecmp($entry['attr']['string'],'sambaNTPassword') == 0) {
 	$sambapassword = new smbHash;
-	$val = $sambapassword->nthash($val);
-}
+	$entry['val'] = $sambapassword->nthash($entry['val']);

-elseif (strcasecmp($attr,'sambaLMPassword') == 0) {
+} elseif (strcasecmp($entry['attr']['string'],'sambaLMPassword') == 0) {
 	$sambapassword = new smbHash;
-	$val = $sambapassword->lmhash($val);
+	$entry['val'] = $sambapassword->lmhash($entry['val']);
 }

-$new_entry = array( $attr => $val );
-$result = $ldapserver->attrModify($dn,$new_entry);
+$new_entry = array($entry['attr']['string'] => $entry['val']);
+$result = $ldapserver->attrModify($entry['dn']['string'],$new_entry);

-if ($result)
-	header(sprintf('Location: template_engine.php?server_id=%s&dn=%s&modified_attrs[]=%s',
-		$ldapserver->server_id,$encoded_dn,$encoded_attr));
+if ($result) {
+	header(sprintf('Location: cmd.php?cmd=template_engine&server_id=%s&dn=%s&modified_attrs[]=%s',
+		$ldapserver->server_id,$entry['dn']['encode'],$entry['attr']['encode']));
+	die();

-else
-	pla_error( _('Failed to add the attribute.'),$ldapserver->error(),$ldapserver->errno() );
+} else {
+	pla_error(_('Failed to add the attribute.'),$ldapserver->error(),$ldapserver->errno());
+}

 /**
 * Check if we need to append the ;binary option to the name
@@ -135,31 +137,25 @@ else
 * @return bool
 */

-function is_binary_option_required( $ldapserver, $attr ) {
-
-	// list of the binary attributes which need the ";binary" option
+function is_binary_option_required($ldapserver,$attr) {
+	# List of the binary attributes which need the ";binary" option
 	$binary_attributes_with_options = array(
-		// Superior: Ldapv3 Syntaxes (1.3.6.1.4.1.1466.115.121.1)
-		'1.3.6.1.4.1.1466.115.121.1.8' => "userCertificate",
-		'1.3.6.1.4.1.1466.115.121.1.8' => "caCertificate",
-		'1.3.6.1.4.1.1466.115.121.1.10' => "crossCertificatePair",
-		'1.3.6.1.4.1.1466.115.121.1.9' => "certificateRevocationList",
-		'1.3.6.1.4.1.1466.115.121.1.9' => "authorityRevocationList",
-		// Superior: Netscape Ldap attributes types (2.16.840.1.113730.3.1)
-		'2.16.840.1.113730.3.1.40'      =>  "userSMIMECertificate"
+		# Superior: Ldapv3 Syntaxes (1.3.6.1.4.1.1466.115.121.1)
+		'1.3.6.1.4.1.1466.115.121.1.8' => 'userCertificate',
+		'1.3.6.1.4.1.1466.115.121.1.8' => 'caCertificate',
+		'1.3.6.1.4.1.1466.115.121.1.10' => 'crossCertificatePair',
+		'1.3.6.1.4.1.1466.115.121.1.9' => 'certificateRevocationList',
+		'1.3.6.1.4.1.1466.115.121.1.9' => 'authorityRevocationList',
+		# Superior: Netscape Ldap attributes types (2.16.840.1.113730.3.1)
+		'2.16.840.1.113730.3.1.40' => 'userSMIMECertificate'
 	);

-	// quick check by attr name (short circuits the schema check if possible)
-	//foreach( $binary_attributes_with_options as $oid => $name )
-	//if( 0 == strcasecmp( $attr, $name ) )
-        //return true;
-
 	$schema_attr = $ldapserver->getSchemaAttribute($attr);
-	if( ! $schema_attr )
+	if (! $schema_attr)
 		return false;

 	$syntax = $schema_attr->getSyntaxOID();
-	if( isset( $binary_attributes_with_options[ $syntax ] ) )
+	if (isset($binary_attributes_with_options[$syntax]))
 		return true;

 	return false;
--- a/htdocs/add_attr_form.php
+++ b/htdocs/add_attr_form.php
@@ -1,11 +1,9 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/add_attr_form.php,v 1.13.2.2 2005/12/09 14:27:32 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/add_attr_form.php,v 1.16.2.2 2007/12/26 09:26:32 wurley Exp $

 /**
 * Displays a form for adding an attribute/value to an LDAP entry.
 *
- * Variables that come in via common.php
- *  - server_id
 * Variables that come in as GET vars:
 *  - dn (rawurlencoded)
 *
@@ -16,166 +14,153 @@

 require './common.php';

-if( $ldapserver->isReadOnly() )
-	pla_error( _('You cannot perform updates while server is in read-only mode') );
-if( ! $ldapserver->haveAuthInfo())
-	pla_error( _('Not enough information to login to server. Please check your configuration.') );
+if ($ldapserver->isReadOnly())
+	pla_error(_('You cannot perform updates while server is in read-only mode'));

-$dn = $_GET['dn'];
-$encoded_dn = rawurlencode( $dn );
-$rdn = get_rdn( $dn );
+$entry['dn']['string'] = get_request('dn','GET');
+$entry['rdn'] = get_rdn($entry['dn']['string']);

-$friendly_attrs = process_friendly_attr_table();
+printf('<h3 class="title">%s <b>%s</b></h3>',_('Add new attribute'),htmlspecialchars($entry['rdn']));
+printf('<h3 class="subtitle">%s: <b>%s</b> &nbsp;&nbsp;&nbsp; %s: <b>%s</b></h3>',
+	_('Server'),$ldapserver->name,_('Distinguished Name'),htmlspecialchars($entry['dn']['string']));

-include './header.php'; ?>
+$dn['attrs'] = $ldapserver->getDNAttrs($entry['dn']['string']);
+$dn['oclasses'] = $ldapserver->getDNAttr($entry['dn']['string'],'objectClass');

-<body>
+if (! is_array($dn['oclasses']))
+	$dn['oclasses'] = array($dn['oclasses']);

-<h3 class="title"><?php echo sprintf( _('Add new attribute'), htmlspecialchars( $rdn ) ); ?></b></h3>
-<h3 class="subtitle"><?php echo _('Server'); ?>: <b><?php echo $ldapserver->name; ?></b> &nbsp;&nbsp;&nbsp; <?php echo _('Distinguished Name'); ?>: <b><?php echo htmlspecialchars( ( $dn ) ); ?></b></h3>
+$ldap['attrs']['avail'] = array();

-<?php $attrs = $ldapserver->getDNAttrs($dn);
+if (array_search('extensibleObject',$dn['oclasses']) !== false) {
+	$ldap['attrs']['ldap'] = $ldapserver->SchemaAttributes();

-$oclasses = $ldapserver->getDNAttr($dn,'objectClass');
-if( ! is_array( $oclasses ) )
-	$oclasses = array( $oclasses );
+	foreach ($ldap['attrs']['ldap'] as $attr)
+		$ldap['attrs']['avail'][] = $attr->getName();

-$avail_attrs = array();
+} else {
+	$ldap['oclasses'] = $ldapserver->SchemaObjectClasses($entry['dn']['string']);

-$schema_oclasses = $ldapserver->SchemaObjectClasses($dn);
-foreach( $oclasses as $oclass ) {
-	$schema_oclass = $ldapserver->getSchemaObjectClass($oclass,$dn);
+	foreach ($dn['oclasses'] as $oclass) {
+		$ldap['oclass'] = $ldapserver->getSchemaObjectClass($oclass,$entry['dn']['string']);

-	if( $schema_oclass && 0 == strcasecmp( 'objectclass', get_class( $schema_oclass ) ) )
-		$avail_attrs = array_merge( $schema_oclass->getMustAttrNames( $schema_oclasses ),
-			$schema_oclass->getMayAttrNames( $schema_oclasses ),
-			$avail_attrs );
-}
-
-$avail_attrs = array_unique( $avail_attrs );
-$avail_attrs = array_filter( $avail_attrs, "not_an_attr" );
-sort( $avail_attrs );
-
-$avail_binary_attrs = array();
-foreach( $avail_attrs as $i => $attr ) {
-
-	if ($ldapserver->isAttrBinary($attr)) {
-		$avail_binary_attrs[] = $attr;
-		unset( $avail_attrs[ $i ] );
+		if ($ldap['oclass'] && strcasecmp('objectclass',get_class($ldap['oclass'])) == 0)
+			$ldap['attrs']['avail'] = array_merge($ldap['oclass']->getMustAttrNames($ldap['oclasses']),
+				$ldap['oclass']->getMayAttrNames($ldap['oclasses']),
+				$ldap['attrs']['avail']);
 	}
 }
-?>

-<br />
+$ldap['attrs']['avail'] = array_unique($ldap['attrs']['avail']);
+$ldap['attrs']['avail'] = array_filter($ldap['attrs']['avail'],'not_an_attr');
+sort($ldap['attrs']['avail']);

-<center>
+$ldap['binattrs']['avail'] = array();

-<?php echo _('Add new attribute');
+foreach ($ldap['attrs']['avail'] as $i => $attr) {
+	if ($ldapserver->isAttrBinary($attr)) {
+		$ldap['binattrs']['avail'][] = $attr;
+		unset($ldap['attrs']['avail'][$i]);
+	}
+}

-if( is_array( $avail_attrs ) && count( $avail_attrs ) > 0 ) { ?>
+echo '<center>';

-	<br />
-	<br />
+if (is_array($ldap['attrs']['avail']) && count($ldap['attrs']['avail']) > 0) {
+	echo '<br />';
+	echo _('Add new attribute');
+	echo '<br />';
+	echo '<br />';

-	<form action="add_attr.php" method="post">
-	<input type="hidden" name="server_id" value="<?php echo $ldapserver->server_id; ?>" />
-	<input type="hidden" name="dn" value="<?php echo htmlspecialchars($dn); ?>" />
+	echo '<form action="cmd.php" method="post">';
+	echo '<input type="hidden" name="cmd" value="add_attr" />';
+	printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
+	printf('<input type="hidden" name="dn" value="%s" />',htmlspecialchars($entry['dn']['string']));

-	<select name="attr">
+	echo '<select name="attr">';

-	<?php $attr_select_html = '';
-	usort($avail_attrs,"sortAttrs");
-	foreach( $avail_attrs as $a ) {
+	$attr_select_html = '';
+	usort($ldap['attrs']['avail'],'sortAttrs');

-		// is there a user-friendly translation available for this attribute?
-		if( isset( $friendly_attrs[ strtolower( $a ) ] ) ) {
-			$attr_display = htmlspecialchars( $friendly_attrs[ strtolower( $a ) ] ) . " (" .
-				htmlspecialchars($a) . ")";
+	foreach ($ldap['attrs']['avail'] as $a) {
+
+		# is there a user-friendly translation available for this attribute?
+		if ($_SESSION[APPCONFIG]->haveFriendlyName($a)) {
+			$attr_display = sprintf('%s (%s)',
+				htmlspecialchars($_SESSION[APPCONFIG]->getFriendlyName($a)),
+				htmlspecialchars($a));

 		} else {
-			$attr_display = htmlspecialchars( $a );
+			$attr_display = htmlspecialchars($a);
 		}

-		echo $attr_display;
-		$attr_select_html .= "<option>$attr_display</option>\n";
-		echo "<option value=\"" . htmlspecialchars($a) . "\">$attr_display</option>";
-	} ?>
+		printf('<option value="%s">%s</option>',htmlspecialchars($a),$attr_display);
+	}

-	</select>
+	echo '</select>';

-	<input type="text" name="val" size="20" />
-	<input type="submit" name="submit" value="<?php echo _('Add'); ?>" class="update_dn" />
-	</form>
+	echo '<input type="text" name="val" size="20" />';
+	printf('<input type="submit" name="submit" value="%s" class="update_dn" />',_('Add'));
+	echo '</form>';

-<?php } else { ?>
+} else {
+	echo '<br />';
+	printf('<small>(%s)</small>',_('no new attributes available for this entry'));
+}

-	<br />
-	<br />
-	<small>(<?php echo _('no new attributes available for this entry'); ?>)</small>
-	<br />
-	<br />
+if (count($ldap['binattrs']['avail']) > 0) {
+	echo '<br />';
+	echo _('Add new binary attribute');
+	echo '<br />';
+	echo '<br />';

-<?php } ?>
+	echo '<!-- Form to add a new BINARY attribute to this entry -->';
+	echo '<form action="cmd.php" method="post" enctype="multipart/form-data">';
+	echo '<input type="hidden" name="cmd" value="add_attr" />';
+	printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
+	printf('<input type="hidden" name="dn" value="%s" />',$entry['dn']['string']);
+	echo '<input type="hidden" name="binary" value="true" />';

-<?php echo _('Add new binary attribute');
-if( count( $avail_binary_attrs ) > 0 ) { ?>
+	echo '<select name="attr">';

-	<!-- Form to add a new BINARY attribute to this entry -->
-	<form action="add_attr.php" method="post" enctype="multipart/form-data">
-	<input type="hidden" name="server_id" value="<?php echo $ldapserver->server_id; ?>" />
-	<input type="hidden" name="dn" value="<?php echo $dn; ?>" />
-	<input type="hidden" name="binary" value="true" />
-	<br />
+	$attr_select_html = '';
+	usort($ldap['binattrs']['avail'],'sortAttrs');

-	<select name="attr">
+	foreach ($ldap['binattrs']['avail'] as $a) {

-	<?php $attr_select_html = '';
-
-	usort($avail_binary_attrs,"sortAttrs");
-
-	foreach( $avail_binary_attrs as $a ) {
-
-		// is there a user-friendly translation available for this attribute?
-		if( isset( $friendly_attrs[ strtolower( $a ) ] ) ) {
-			$attr_display = htmlspecialchars( $friendly_attrs[ strtolower( $a ) ] ) . " (" .
-				htmlspecialchars($a) . ")";
+		# is there a user-friendly translation available for this attribute?
+		if ($_SESSION[APPCONFIG]->haveFriendlyName($a)) {
+			$attr_display = sprintf('%s (%s)',
+				htmlspecialchars($_SESSION[APPCONFIG]->getFriendlyName($a)),
+				htmlspecialchars($a));

 		} else {
-			$attr_display = htmlspecialchars( $a );
+			$attr_display = htmlspecialchars($a);
 		}

-		echo $attr_display;
-		$attr_select_html .= "<option>$attr_display</option>\n";
-		echo "<option value=\"" . htmlspecialchars($a) . "\">$attr_display</option>";
-	} ?>
+		printf('<option value="%s">%s</option>',htmlspecialchars($a),$attr_display);
+	}

-	</select>
+	echo '</select>';

-	<input type="file" name="val" size="20" />
-	<input type="submit" name="submit" value="<?php echo _('Add'); ?>" class="update_dn" />
+	echo '<input type="file" name="val" size="20" />';
+	printf('<input type="submit" name="submit" value="%s" class="update_dn" />',_('Add'));

-	<?php if( ! ini_get( 'file_uploads' ) )
-		echo "<br><small><b>" . _('Your PHP configuration has disabled file uploads. Please check php.ini before proceeding.') . "</b></small><br>";
+	if (! ini_get('file_uploads'))
+		printf('<br /><small><b>%s</b></small><br />',
+			_('Your PHP configuration has disabled file uploads. Please check php.ini before proceeding.'));

 	else
-		echo "<br><small><b>" . sprintf( _('Maximum file size: %s'), ini_get( 'upload_max_filesize' ) ) . "</b></small><br>";
-	?>
+		printf('<br /><small><b>%s: %s</b></small><br />',_('Maximum file size'),ini_get('upload_max_filesize'));

-	</form>
+	echo '</form>';

-<?php } else { ?>
+} else {
+	echo '<br />';
+	printf('<small>(%s)</small>',_('no new binary attributes available for this entry'));
+}

-	<br />
-	<br />
-	<small>(<?php echo _('no new binary attributes available for this entry'); ?>)</small>
-
-<?php } ?>
-
-</center>
-</body>
-</html>
-
-<?php
+echo '</center>';

 /**
 * Given an attribute $x, this returns true if it is NOT already specified
@@ -185,13 +170,13 @@ if( count( $avail_binary_attrs ) > 0 ) { ?>
 * @return bool
 * @ignore
 */
-function not_an_attr( $x ) {
-	global $attrs;
+function not_an_attr($x) {
+	global $dn;

-	//return ! isset( $attrs[ strtolower( $x ) ] );
-	foreach( $attrs as $attr => $values )
-		if( 0 == strcasecmp( $attr, $x ) )
+	foreach ($dn['attrs'] as $attr => $values)
+		if (strcasecmp($attr,$x) == 0)
 			return false;
+
 	return true;
 }
 ?>
--- a/htdocs/add_oclass.php
+++ b/htdocs/add_oclass.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/add_oclass.php,v 1.17.2.5 2005/12/09 23:32:37 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/add_oclass.php,v 1.19 2007/12/15 07:50:30 wurley Exp $

 /**
 * Adds an objectClass to the specified dn.
@@ -7,8 +7,6 @@
 * Note, this does not do any schema violation checking. That is
 * performed in add_oclass_form.php.
 *
- * Variables that come in via common.php
- *  - server_id
 * Variables that come in as POST vars:
 *  - dn (rawurlencoded)
 *  - new_oclass
@@ -21,44 +19,48 @@

 require './common.php';

-if( $ldapserver->isReadOnly() )
-	pla_error( _('You cannot perform updates while server is in read-only mode') );
-if( ! $ldapserver->haveAuthInfo())
-	pla_error( _('Not enough information to login to server. Please check your configuration.') );
-
-$dn = rawurldecode( $_POST['dn'] );
-$new_oclass = unserialize( rawurldecode( $_POST['new_oclass'] ) );
-$new_attrs = $_POST['new_attrs'];
-
-$encoded_dn = rawurlencode( $dn );
+if ($ldapserver->isReadOnly())
+	pla_error(_('You cannot perform updates while server is in read-only mode'));

 if ($ldapserver->isAttrReadOnly('objectClass'))
-	pla_error( "ObjectClasses are flagged as read only in the phpLDAPadmin configuration." );
+	pla_error(_('ObjectClasses are flagged as read only in the phpLDAPadmin configuration.'));
+
+$entry['dn']['encode'] = get_request('dn');
+$entry['dn']['string'] = urldecode($entry['dn']['encode']);
+
+$entry['new']['oclass'] = unserialize(rawurldecode(get_request('new_oclass')));
+$entry['new']['attrs'] = get_request('new_attrs');

 $new_entry = array();
-$new_entry['objectClass'] = $new_oclass;
+$new_entry['objectClass'] = $entry['new']['oclass'];

-$new_attrs_entry = array();
-$new_oclass_entry = array( 'objectClass' => $new_oclass );
+if (is_array($entry['new']['attrs']) && count($entry['new']['attrs']) > 0)
+	foreach ($entry['new']['attrs'] as $attr => $val) {

-if( is_array( $new_attrs ) && count( $new_attrs ) > 0 )
-	foreach( $new_attrs as $attr => $val ) {
+		# Check to see if this is a unique Attribute
+		if ($badattr = $ldapserver->checkUniqueAttr($entry['dn']['string'],$attr,array($val))) {
+			$href['search'] = htmlspecialchars(sprintf('cmd.php?cmd=search&search=true&form=advanced&server_id=%s&filter=%s=%s',
+				$ldapserver->server_id,$attr,$badattr));

-		// Check to see if this is a unique Attribute
-		if ($badattr = $ldapserver->checkUniqueAttr($dn,$attr,array($val))) {
-			$search_href = sprintf('search.php?search=true&form=advanced&server_id=%s&filter=%s=%s',
-				$ldapserver->server_id,$attr,$badattr);
-			pla_error(sprintf( _('Your attempt to add <b>%s</b> (<i>%s</i>) to <br><b>%s</b><br> is NOT allowed. That attribute/value belongs to another entry.<p>You might like to <a href=\'%s\'>search</a> for that entry.'),$attr,$badattr,$dn,$search_href ) );
+			pla_error(sprintf(_('Your attempt to add <b>%s</b> (<i>%s</i>) to <br><b>%s</b><br> is NOT allowed. That attribute/value belongs to another entry.<p>You might like to <a href=\'%s\'>search</a> for that entry.'),$attr,$badattr,$entry['dn']['string'],$href['search']));
 		}

-		$new_entry[ $attr ] = $val;
+		$new_entry[$attr] = $val;
 	}

-$add_res = $ldapserver->attrModify($dn,$new_entry);
+$result = $ldapserver->attrModify($entry['dn']['string'],$new_entry);

-if (! $add_res)
+if (! $result)
 	pla_error(_('Could not perform ldap_mod_add operation.'),$ldapserver->error(),$ldapserver->errno());

-else
-	header(sprintf('Location: template_engine.php?server_id=%s&dn=%s&modified_attrs[]=objectclass',$ldapserver->server_id,$encoded_dn));
+else {
+	$modified_attrs = array_keys($entry['new']['attrs']);
+	$modified_attrs[] = 'objectclass';
+
+	$href['complete'] = sprintf('cmd.php?cmd=template_engine&server_id=%s&dn=%s&modified_attrs=%s',
+		$ldapserver->server_id,$entry['dn']['encode'],serialize($modified_attrs));
+
+	header(sprintf('Location: %s',$href['complete']));
+	die();
+}
 ?>
--- a/htdocs/add_oclass_form.php
+++ b/htdocs/add_oclass_form.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/add_oclass_form.php,v 1.23.2.6 2005/12/09 23:32:37 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/add_oclass_form.php,v 1.25.2.1 2008/01/13 05:37:00 wurley Exp $

 /**
 * This page may simply add the objectClass and take you back to the edit page,
@@ -9,8 +9,6 @@
 *    attributes with 1 or more not defined by the object. In that case, we will
 *    present a form for the user to add those attributes to the object.
 *
- * Variables that come in via common.php
- *  - server_id
 * Variables that come in as REQUEST vars:
 *  - dn (rawurlencoded)
 *  - new_oclass
@@ -22,116 +20,102 @@
 */
 require './common.php';

-if( $ldapserver->isReadOnly() )
-	pla_error( _('You cannot perform updates while server is in read-only mode') );
-if( ! $ldapserver->haveAuthInfo())
-	pla_error( _('Not enough information to login to server. Please check your configuration.') );
+$entry['oclass']['new'] = get_request('new_oclass','REQUEST');
+$entry['dn']['string'] = get_request('dn','REQUEST');

-if (! isset($_REQUEST['new_oclass']))
-        pla_error( _('You did not select any ObjectClasses for this object. Please go back and do so.'));
+if ($ldapserver->isReadOnly())
+	pla_error(_('You cannot perform updates while server is in read-only mode'));

-$new_oclass = $_REQUEST['new_oclass'];
-$dn = rawurldecode( $_REQUEST['dn'] );
-$encoded_dn = rawurlencode( $dn );
+if (! $entry['oclass']['new'])
+	pla_error(_('You did not select any ObjectClasses for this object. Please go back and do so.'));

 /* Ensure that the object has defined all MUST attrs for this objectClass.
 * If it hasn't, present a form to have the user enter values for all the
- * newly required attrs. */
+ * newly required attrs.
+ */

-$entry = $ldapserver->getDNAttrs($dn,true);
+$entry['dn']['attrs'] = $ldapserver->getDNAttrs($entry['dn']['string'],true);

-$current_attrs = array();
-foreach( $entry as $attr => $junk )
-	$current_attrs[] = strtolower($attr);
+$entry['attrs']['current'] = array();
+foreach ($entry['dn']['attrs'] as $attr => $junk)
+	$entry['attrs']['current'][] = strtolower($attr);

-// grab the required attributes for the new objectClass
-$schema_oclasses = $ldapserver->SchemaObjectClasses();
-$must_attrs = array();
-foreach( $new_oclass as $oclass_name ) {
-	$oclass = $ldapserver->getSchemaObjectClass($oclass_name);
-	if( $oclass )
-		$must_attrs = array_merge( $must_attrs, $oclass->getMustAttrNames( $schema_oclasses ) );
+# Grab the required attributes for the new objectClass
+$ldap['oclasses'] = $ldapserver->SchemaObjectClasses();
+$ldap['attrs']['must'] = array();
+foreach ($entry['oclass']['new'] as $oclass_name) {
+	$ldap['oclass'] = $ldapserver->getSchemaObjectClass($oclass_name);
+
+	if ($ldap['oclass'])
+		$ldap['attrs']['must'] = array_merge($ldap['attrs']['must'],$ldap['oclass']->getMustAttrNames($ldap['oclasses']));
 }
-$must_attrs = array_unique( $must_attrs );
+$ldap['attrs']['must'] = array_unique($ldap['attrs']['must']);

-// We don't want any of the attr meta-data, just the string
-//foreach( $must_attrs as $i => $attr )
-	//$must_attrs[$i] = $attr->getName();
-
-// build a list of the attributes that this new objectClass requires,
-// but that the object does not currently contain
-$needed_attrs = array();
-foreach( $must_attrs as $attr ) {
+/* Build a list of the attributes that this new objectClass requires,
+ * but that the object does not currently contain
+ */
+$ldap['attrs']['need'] = array();
+foreach ($ldap['attrs']['must'] as $attr) {
 	$attr = $ldapserver->getSchemaAttribute($attr);

-	//echo "<pre>"; var_dump( $attr ); echo "</pre>";
-
-	// First, check if one of this attr's aliases is already an attribute of this entry
-	foreach( $attr->getAliases() as $alias_attr_name )
-		if( in_array( strtolower( $alias_attr_name ), $current_attrs ) )
-
-		// Skip this attribute since it's already in the entry
+	# First, check if one of this attr's aliases is already an attribute of this entry
+	foreach ($attr->getAliases() as $alias_attr_name)
+		if (in_array(strtolower($alias_attr_name),$entry['attrs']['current']))
 			continue;

-	if( in_array( strtolower($attr->getName()), $current_attrs ) )
+	if (in_array(strtolower($attr->getName()),$entry['attrs']['current']))
 		continue;

-	// We made it this far, so the attribute needs to be added to this entry in order
-	// to add this objectClass
-	$needed_attrs[] = $attr;
+	/* We made it this far, so the attribute needs to be added to this entry in order
+	 * to add this objectClass */
+	$ldap['attrs']['need'][] = $attr;
 }

-if( count( $needed_attrs ) > 0 ) {
-	include './header.php'; ?>
-	<body>
+if (count($ldap['attrs']['need']) > 0) {
+	printf('<h3 class="title">%s</h3>',_('New Required Attributes'));
+	printf('<h3 class="subtitle">%s %s %s</h3>',_('This action requires you to add'),count($ldap['attrs']['need']),_('new attributes'));

-	<h3 class="title"><?php echo _('New Required Attributes'); ?></h3>
-	<h3 class="subtitle"><?php echo _('This action requires you to add') . ' ' . count($needed_attrs) .
-		' ' . _('new attributes'); ?></h3>
+	printf('<small><b>%s: </b>%s <b>%s</b> %s %s</small>',
+		_('Instructions'),
+		_('In order to add these objectClass(es) to this entry, you must specify'),
+		count($ldap['attrs']['need']),_('new attributes'),
+		_('that this objectClass requires.'));

-	<small>
+	echo '<br /><br />';

-	<?php echo _('Instructions: In order to add these objectClass(es) to this entry, you must specify');
-	echo ' ' . count( $needed_attrs ) . ' ' . _('new attributes') . ' ';
-	echo _('that this objectClass requires. You can do so in this form.'); ?>
+	echo '<form action="cmd.php" method="post">';
+	echo '<input type="hidden" name="cmd" value="add_oclass" />';
+	printf('<input type="hidden" name="new_oclass" value="%s" />',rawurlencode(serialize($entry['oclass']['new'])));
+	printf('<input type="hidden" name="dn" value="%s" />',rawurlencode($entry['dn']['string']));
+	printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);

-	</small>
+	echo '<table class="entry" cellspacing="0">';
+	printf('<tr><th colspan="2">%s</th></tr>',_('New Required Attributes'));

-	<br />
-	<br />
+	foreach ($ldap['attrs']['need'] as $count => $attr) {
+		printf('<tr><td class="title">%s</td></tr>',htmlspecialchars($attr->getName()));
+		printf('<tr><td class="value"><input type="text" name="new_attrs[%s]" value="" size="40" /></td></tr>',htmlspecialchars($attr->getName()));
+	}

-	<form action="add_oclass.php" method="post">
-	<input type="hidden" name="new_oclass" value="<?php echo rawurlencode( serialize( $new_oclass ) ); ?>" />
-	<input type="hidden" name="dn" value="<?php echo $encoded_dn; ?>" />
-	<input type="hidden" name="server_id" value="<?php echo $ldapserver->server_id; ?>" />
+	echo '</table>';

-	<table class="edit_dn" cellspacing="0">
-	<tr><th colspan="2"><?php echo _('New Required Attributes'); ?></th></tr>
+	echo '<br /><br />';

-	<?php foreach( $needed_attrs as $count => $attr ) { ?>
+	printf('<center><input type="submit" value="%s" /></center>',_('Add ObjectClass and Attributes'));
+	echo '</form>';

-        <tr><td class="attr"><b><?php echo htmlspecialchars($attr->getName()); ?></b></td></tr>
-	<tr><td class="val"><input type="text" name="new_attrs[<?php echo htmlspecialchars($attr->getName()); ?>]" value="" size="40" /></tr>
-	<?php } ?>
+} else {
+	$result = $ldapserver->attrModify($entry['dn']['string'],array('objectClass'=>$entry['oclass']['new']));

-	</table>
-	<br />
-	<br />
-	<center><input type="submit" value="<?php echo _('Add ObjectClass and Attributes'); ?>" /></center>
-	</form>
+	if (! $result)
+		pla_error('Could not perform ldap_mod_add operation.',$ldapserver->error(),$ldapserver->errno());

-	</body>
-	</html>
-
-<?php } else {
-
-	$add_res = $ldapserver->attrModify($dn,array('objectClass'=>$new_oclass));
-	if (! $add_res)
-		pla_error("Could not perform ldap_mod_add operation.",
-			  $ldapserver->error(),$ldapserver->errno());
-	else
-		header(sprintf('Location: template_engine.php?server_id=%s&dn=%s&modified_attrs[]=objectClass',
-			$ldapserver->server_id,$encoded_dn));
+	else {
+		$href = sprintf('cmd.php?cmd=template_engine&server_id=%s&dn=%s&modified_attrs[]=objectClass',
+			$ldapserver->server_id,rawurlencode($entry['dn']['string']));

+		header(sprintf('Location: %s',$href));
+		die();
+	}
 }
 ?>
--- a/htdocs/add_value.php
+++ b/htdocs/add_value.php
@@ -1,11 +1,9 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/add_value.php,v 1.19.2.5 2005/12/09 23:32:37 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/add_value.php,v 1.21.2.1 2007/12/26 09:26:32 wurley Exp $

 /**
 * Adds a value to an attribute for a given dn.
 *
- * Variables that come in via common.php
- *  - server_id
 * Variables that come in as POST vars:
 *  - dn (rawurlencoded)
 *  - attr (rawurlencoded) the attribute to which we are adding a value
@@ -19,56 +17,68 @@
 /**
 */

-require './common.php';
+if ($ldapserver->isReadOnly())
+	pla_error(_('You cannot perform updates while server is in read-only mode'));

-if( $ldapserver->isReadOnly() )
-	pla_error( _('You cannot perform updates while server is in read-only mode') );
-if( ! $ldapserver->haveAuthInfo())
-	pla_error( _('Not enough information to login to server. Please check your configuration.') );
+if (! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_add_value'))
+	pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('add attribute value')));

-$attr = $_POST['attr'];
-$new_value = $_POST['new_value'];
-$dn = rawurldecode( $_POST['dn'] );
-$is_binary_val = isset( $_POST['binary'] ) ? true : false;
+# The DN and ATTR we are working with.
+$entry['dn']['encode'] = get_request('dn','POST',true);
+$entry['dn']['string'] = rawurldecode($entry['dn']['encode']);
+$entry['attr']['encode'] = get_request('attr','POST',true);
+$entry['attr']['string'] = rawurldecode($entry['attr']['encode']);
+$entry['attr']['html'] = htmlspecialchars($entry['attr']['string']);

-$encoded_dn = rawurlencode( $dn );
-$encoded_attr = rawurlencode( $attr );
+$entry['value']['string'] = get_request('new_value','POST',true);
+$entry['value']['bin'] = get_request('binary','POST') ? true : false;

-if ($ldapserver->isAttrReadOnly($attr))
-	pla_error(sprintf(_('The attribute "%s" is flagged as read-only in the phpLDAPadmin configuration.'),htmlspecialchars( $attr )));
+if ($ldapserver->isAttrReadOnly($entry['attr']['string']))
+	pla_error(sprintf(_('The attribute "%s" is flagged as read-only in the phpLDAPadmin configuration.'),$entry['attr']['html']));

-// special case for binary attributes:
-// we must go read the data from the file.
-if( $is_binary_val ) {
-	$file = $_FILES['new_value']['tmp_name'];
+/*
+ * Special case for binary attributes:
+ * we must go read the data from the file.
+ */
+if ($entry['value']['bin']) {
+	$binaryfile['name'] = $_FILES['new_value']['tmp_name'];
+	$binaryfile['handle'] = fopen($binaryfile['name'],'r');
+	$binaryfile['data'] = fread($binaryfile['handle'],filesize($binaryfile['name']));
+	fclose($binaryfile['handle']);

-	$f = fopen( $file, 'r' );
-	$binary_value = fread( $f, filesize( $file ) );
-	fclose( $f );
-
-	$new_value = $binary_value;
+	$entry['value']['string'] = $binaryfile['data'];
 }

-$new_entry = array( $attr => $new_value );
+$new_entry = array($entry['attr']['string']=>$entry['value']['string']);

-// Check to see if this is a unique Attribute
-if ($badattr = $ldapserver->checkUniqueAttr($dn,$attr,$new_entry)) {
-	$search_href = sprintf('search.php?search=true&form=advanced&server_id=%s&filter=%s=%s',$ldapserver->server_id,$attr,$badattr);
-	pla_error(sprintf( _('Your attempt to add <b>%s</b> (<i>%s</i>) to <br><b>%s</b><br> is NOT allowed. That attribute/value belongs to another entry.<p>You might like to <a href=\'%s\'>search</a> for that entry.'),$attr,$badattr,$dn,$search_href ) );
+# Check to see if this is a unique Attribute
+if ($badattr = $ldapserver->checkUniqueAttr($entry['dn']['string'],$entry['attr']['string'],$new_entry)) {
+	$href = htmlspecialchars(sprintf('cmd.php?cmd=search&search=true&form=advanced&server_id=%s&filter=%s=%s',
+		$ldapserver->server_id,$entry['attr']['string'],$badattr));
+
+	pla_error(sprintf(_('Your attempt to add <b>%s</b> (<i>%s</i>) to <br><b>%s</b><br> is NOT allowed. That attribute/value belongs to another entry.<p>You might like to <a href=\'%s\'>search</a> for that entry.'),$entry['attr']['string'],$badattr,$entry['dn']['string'],$href));
 }

-// Call the custom callback for each attribute modification
-// and verify that it should be modified.
-if( run_hook ( 'pre_attr_add', array ( 'server_id' => $ldapserver->server_id, 'dn' => $dn, 'attr_name' => $attr,
-	'new_value' => $new_entry ) ) ) {
+# Call the custom callback for each attribute modification and verify that it should be modified.
+if (run_hook('pre_attr_add',
+	array('server_id'=>$ldapserver->server_id,'dn'=> $entry['dn']['string'],'attr_name'=>$entry['attr']['string'],'new_value'=>$new_entry))) {

-	$add_result = $ldapserver->attrModify($dn,$new_entry);
+	if (run_hook('pre_attr_modify',
+		array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn']['string'],'attr_name'=>$entry['attr']['string'],'new_value'=>$new_entry))) {

-	if (! $add_result)
-		pla_error(_('Could not perform ldap_mod_add operation.'),
-			  $ldapserver->error(),$ldapserver->errno());
+		$add_result = $ldapserver->attrModify($entry['dn']['string'],$new_entry);
+
+		if (! $add_result) {
+			pla_error(_('Could not perform ldap_mod_add operation.'),
+				  $ldapserver->error(),$ldapserver->errno());
+		} else {
+			run_hook('post_attr_modify',
+				array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn']['string'],'attr_name'=>$entry['attr']['string'],'new_value'=>$new_entry));
+		}
+	}
 }

-header(sprintf('Location: template_engine.php?server_id=%s&dn=%s&modified_attrs[]=%s',
-	$ldapserver->server_id,$encoded_dn,$encoded_attr));
+header(sprintf('Location: cmd.php?cmd=template_engine&server_id=%s&dn=%s&modified_attrs[]=%s',
+	$ldapserver->server_id,$entry['dn']['encode'],$entry['attr']['encode']));
+die();
 ?>
--- a/htdocs/add_value_form.php
+++ b/htdocs/add_value_form.php
@@ -1,16 +1,10 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/add_value_form.php,v 1.34.2.4 2005/12/11 08:59:08 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/add_value_form.php,v 1.39.2.3 2008/01/13 05:43:13 wurley Exp $

 /**
 * Displays a form to allow the user to enter a new value to add
 * to the existing list of values for a multi-valued attribute.
 *
- * Variables that come in via common.php
- *  - server_id
- * Variables that come in as GET vars:
- *  - dn (rawurlencoded)
- *  - attr (rawurlencoded) the attribute to which we are adding a value
- *
 * @package phpLDAPadmin
 */
 /**
@@ -20,123 +14,132 @@ require './common.php';

 if ($ldapserver->isReadOnly())
 	pla_error(_('You cannot perform updates while server is in read-only mode'));
-if (! $ldapserver->haveAuthInfo())
-	pla_error(_('Not enough information to login to server. Please check your configuration.'));

-$attr = $_GET['attr'];
-$dn = isset($_GET['dn']) ? $_GET['dn'] : null;
-$encoded_dn = rawurlencode($dn);
-$encoded_attr = rawurlencode($attr);
+# The DN and ATTR we are working with.
+$entry['dn']['encode'] = get_request('dn','GET',true);
+$entry['dn']['string'] = urldecode($entry['dn']['encode']);
+$entry['dn']['html'] = htmlspecialchars($entry['dn']['string']);
+$entry['attr']['string'] = get_request('attr','GET',true);
+$entry['attr']['encode'] = rawurlencode($entry['attr']['string']);
+$entry['attr']['html'] = htmlspecialchars($entry['attr']['string']);

-if (! is_null($dn))
-	$rdn = get_rdn($dn);
+if (! is_null($entry['dn']['string']))
+	$entry['rdn']['string'] = get_rdn($entry['dn']['string']);
 else
-	$rdn = null;
+	$entry['rdn']['string'] = null;
+$entry['rdn']['html'] = htmlspecialchars($entry['rdn']['string']);

-$current_values = $ldapserver->getDNAttr($dn,$attr);
-if ($current_values)
-	$num_current_values = (is_array($current_values) ? count($current_values) : 1);
-else
-	$num_current_values = 0;
+/***************/
+/* get entry   */ 
+/***************/
+	
+if (! $entry['dn']['string'] || ! $ldapserver->dnExists($entry['dn']['string']))
+	pla_error(sprintf(_('The entry (%s) does not exist.'),$entry['dn']['html']),null,-1,true);

-$is_object_class = (strcasecmp($attr, 'objectClass') == 0) ? true : false;
+$tree = get_cached_item($ldapserver->server_id,'tree');
+$entry['ldap'] = null;
+if ($tree) {
+	$entry['ldap'] = $tree->getEntry($entry['dn']['string']);

-if ($is_object_class) {
-	# fetch all available objectClasses and remove those from the list that are already defined in the entry
-	$schema_oclasses = $ldapserver->SchemaObjectClasses();
+	if (! $entry['ldap'])
+		$tree->addEntry($entry['dn']['string']);

-	foreach($current_values as $oclass)
-		unset($schema_oclasses[strtolower($oclass)]);
-
-} else {
-	$schema_attr = $ldapserver->getSchemaAttribute($attr);
+	$entry['ldap'] = $tree->getEntry($entry['dn']['string']);
 }

-include './header.php';
+# Define the template of the entry if possible
+eval('$reader = new '.$_SESSION[APPCONFIG]->GetValue('appearance','entry_reader').'($ldapserver);');
+$reader->visit('Start', $entry['ldap']);
+
+if (! $entry['ldap'] || $entry['ldap']->isReadOnly())
+	pla_error(sprintf(_('The entry (%s) is in readonly mode.'),$entry['dn']['html']),null,-1,true);
+
+/*********************/
+/* attribute values  */ 
+/*********************/
+
+eval('$writer = new '.$_SESSION[APPCONFIG]->GetValue('appearance','entry_writer').'($ldapserver);');
+
+$ldap['attr'] = $entry['ldap']->getAttribute($entry['attr']['string']);
+if (!$ldap['attr']) {
+	# Define a new attribute for the entry
+	$attributefactoryclass = $_SESSION[APPCONFIG]->GetValue('appearance','attribute_factory');
+	eval('$attribute_factory = new '.$attributefactoryclass.'();');
+	$ldap['attr'] = $attribute_factory->newAttribute($entry['attr']['string'], array());
+	$ldap['attr']->setEntry($entry['ldap']);
+}
+$ldap['count'] = $ldap['attr']->getValueCount();
+
+if ($ldap['attr']->isReadOnly())
+	pla_error(sprintf(_('The attribute (%s) is in readonly mode.'),$entry['attr']['html']),null,-1,true);
+if (! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_add_value'))
+	pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('add attribute value')));
+if (($ldap['attr']->getValueCount() == 0) && ! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_add'))
+	pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('add attribute')));
+
+$entry['attr']['oclass'] = (strcasecmp($entry['attr']['string'],'objectClass') == 0) ? true : false;
+
+if ($entry['attr']['oclass']) {
+	# Fetch all available objectClasses and remove those from the list that are already defined in the entry
+	$ldap['oclasses'] = $ldapserver->SchemaObjectClasses();
+
+	foreach($ldap['attr']->getValues() as $oclass)
+		unset($ldap['oclasses'][strtolower($oclass)]);
+} else {
+	$ldap['schema'] = $ldapserver->getSchemaAttribute($entry['attr']['string']);
+}

-echo '<body>';
 printf('<h3 class="title">%s <b>%s</b> %s <b>%s</b></h3>',
-	_('Add new'),htmlspecialchars($attr),_('value to'),htmlspecialchars($rdn));
+	_('Add new'),$entry['attr']['html'],_('value to'),$entry['rdn']['html']);
 printf('<h3 class="subtitle">%s <b>%s</b> &nbsp;&nbsp;&nbsp; %s: <b>%s</b></h3>',
-	_('Server'),$ldapserver->name,_('Distinguished Name'),htmlspecialchars($dn));
+	_('Server'),$ldapserver->name,_('Distinguished Name'),$entry['dn']['html']);

-printf('%s <b>%s</b> %s <b>%s</b>:',
-	_('Current list of'),$num_current_values,_('values for attribute'),htmlspecialchars($attr));
+if ($entry['attr']['oclass']) {
+	echo '<form action="cmd.php" method="post" class="new_value" name="entry_form">';
+	echo '<input type="hidden" name="cmd" value="add_oclass_form" />';
+} else {
+	echo '<form action="cmd.php" method="post" class="new_value" name="entry_form" enctype="multipart/form-data" onSubmit="return submitForm(this)">';
+	echo '<input type="hidden" name="cmd" value="update_confirm" />';
+}
+printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
+printf('<input type="hidden" name="dn" value="%s" />',$entry['dn']['encode']);

-if ($num_current_values) {
-	if ($ldapserver->isJpegPhoto($attr)) {
+echo '<center>';
+echo '<table class="forminput" border=0>';
+echo '<tr>';
+if ($ldap['count']) {
+	printf('<td class="top">%s <b>%s</b> %s <b>%s</b>%s</td>',
+		_('Current list of'),$ldap['count'],_('values for attribute'),$ldap['attr']->getFriendlyName(),_(':'));
+} else {
+	printf('<td>%s <b>%s</b>.</td>',
+		_('No current value for attribute'),$ldap['attr']->getFriendlyName());
+}

-	echo '<table><tr><td>';
-	draw_jpeg_photos($ldapserver, $dn, $attr, false);
+echo '<td>';
+if ($ldap['count']) {
+	# Display current attribute values
+	echo '<table border=0><tr><td>';
+	for ($i = 0; $i < $ldap['count']; $i++) {
+		$writer->draw('OldValue', $ldap['attr'], $i);
+		$writer->draw('ReadOnlyValue', $ldap['attr'], $i);
+	}
 	echo '</td></tr></table>';

-	# <!-- Temporary warning until we find a way to add jpegPhoto values without an INAPROPRIATE_MATCHING error -->
-	printf('<p><small>%s</small></p>',
-		_('Note: You will get an "inappropriate matching" error if you have not setup an EQUALITY rule on your LDAP server for this attribute.'));
-	# <!-- End of temporary warning -->
-
-	} elseif ($ldapserver->isAttrBinary($attr)) {
-		echo '<ul>';
-
-		if (is_array($vals)) {
-			for ($i=1; $i<=count($vals); $i++) {
-				$href = sprintf('download_binary_attr.php?server_id=%s&amp;dn=%s&amp;attr=%s&amp;value_num=%s',
-					$ldapserver->server_id,$encoded_dn,$attr,$i-1);
-
-				printf('<li><a href="%s"><img src="images/save.png" />%s (%s)</a></li>',
-					$href,_('download value'),$i);
-			}
-
-		} else {
-			$href = sprintf('download_binary_attr.php?server_id=%s&amp;dn=%s&amp;attr=%s',
-				$ldapserver->server_id,$encoded_dn,$attr);
-			printf('<li><a href="%s"><img src="images/save.png" />%s</a></li>',
-				$href,_('download value'));
-		}
-
-		echo '</ul>';
-		# <!-- Temporary warning until we find a way to add jpegPhoto values without an INAPROPRIATE_MATCHING error -->
-		printf('<p><small>%s</small></p>',
-			_('Note: You will get an "inappropriate matching" error if you have not setup an EQUALITY rule on your LDAP server for this attribute.'));
-		# <!-- End of temporary warning -->
-
-	} else {
-		echo '<ul class="current_values">';
-
-		if (is_array($current_values)) {
-			if (strcasecmp($attr,'userPassword') == 0) {
-				foreach ($current_values as $key => $value) {
-					if (obfuscate_password_display(get_enc_type($value)))
-						echo '<li><nobr>'.preg_replace('/./','*',$value).'<br /></li>';
-					else
-						echo '<li><nobr>'.htmlspecialchars($value).'<br /></li>';
-				}
-
-			} else {
-				foreach ($current_values as $val)
-					printf('<li><nobr>%s</nobr></li>',htmlspecialchars($val));
-			}
-
-		} else {
-			printf('<li><nobr>%s</nobr></li>',htmlspecialchars($current_values));
-		}
-
-		echo '</ul>';
-	}
 } else {
 	echo '<br /><br />';
 }
+echo '</td>';
+echo '</tr>';

-echo _('Enter the value you would like to add:');
-echo '<br /><br />';
-
-if ($is_object_class) {
-	echo '<form action="add_oclass_form.php" method="post" class="new_value">';
-	printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
-	printf('<input type="hidden" name="dn" value="%s" />',$encoded_dn);
+echo '<tr>';
+printf('<td class="top">%s</td>',_('Enter the value you would like to add:'));
+echo '<td>';

+if ($entry['attr']['oclass']) {
+	# Draw objectClass selection
+	echo '<table border=0><tr><td>';
 	echo '<select name="new_oclass[]" multiple="true" size="15">';
-	foreach ($schema_oclasses as $name => $oclass) {
+	foreach ($ldap['oclasses'] as $name => $oclass) {
 		# exclude any structural ones, as they'll only generate an LDAP_OBJECT_CLASS_VIOLATION
 		if ($oclass->getType() == 'structural')
 			continue; 
@@ -144,56 +147,178 @@ if ($is_object_class) {
 		printf('<option value="%s">%s</option>',$oclass->getName(),$oclass->getName());
 	}
 	echo '</select>';
+	echo '</td></tr><tr><td>';

 	echo '<br />';
-	printf('<input type="submit" value="%s" />',_('Add new ObjectClass'));
-	echo '<br />';
+	printf('<input id="save_button" type="submit" value="%s" />',_('Add new ObjectClass'));
+	echo '</td></tr></table>';
+	echo '</td>';
+	echo '</tr>';

-	if ($config->GetValue('appearance','show_hints'))
-		printf('<small><br /><img src="images/light.png" /><span class="hint">%s</span></small>',
+	if ($_SESSION[APPCONFIG]->GetValue('appearance','show_hints'))
+		printf('<tr><td colspan=2><small><br /><img src="images/light.png" alt="Hint" /><span class="hint">%s</span></small></td></tr>',
 			_('Note: You may be required to enter new attributes that these objectClass(es) require'));
+	echo '</table>';
+	echo '</center>';
+	echo '</form>';

 } else {
-	echo '<form action="add_value.php" method="post" class="new_value" name="new_value_form">';
+	# Draw a blank field
+	echo '<table border=0><tr><td>';
+	$writer->draw('BlankValue', $ldap['attr'], $ldap['count']);
+	echo '</td></tr><tr><td>';

-	if ($ldapserver->isAttrBinary($attr))
-		echo 'enctype="multipart/form-data"';
+	if ($ldap['schema']->getDescription())
+		printf('<small><b>%s:</b> %s</small><br />',_('Description'),$ldap['schema']->getDescription());

-	printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
-	printf('<input type="hidden" name="dn" value="%s" />',$encoded_dn);
-	printf('<input type="hidden" name="attr" value="%s" />',$encoded_attr);
+	if ($ldap['schema']->getType())
+		printf('<small><b>%s:</b> %s</small><br />',_('Syntax'),$ldap['schema']->getType());

-	if ($ldapserver->isAttrBinary($attr)) {
-		echo '<input type="file" name="new_value" />';
-		echo '<input type="hidden" name="binary" value="true" />';
-
-	} else {
-		if ($ldapserver->isMultiLineAttr($attr)) {
-			echo '<textarea name="new_value" rows="3" cols="30"></textarea>';
-		} else {
-			printf('<input type="text"%s name="new_value" size="40" value="" />',
-				($schema_attr->getMaxLength() ? sprintf(' maxlength="%s"',$schema_attr->getMaxLength()) : ''));
-
-			# draw the "browse" button next to this input box if this attr houses DNs:
-			if ($ldapserver->isDNAttr($attr))
-				draw_chooser_link("new_value_form.new_value", false);
-		}
-	}
-
-	printf('<input type="submit" name="submit" value="%s" />',_('Add New Value'));
-	echo '<br />';
-
-	if ($schema_attr->getDescription())
-		printf('<small><b>%s:</b> %s</small><br />',_('Description'),$schema_attr->getDescription());
-
-	if ($schema_attr->getType())
-		printf('<small><b>%s:</b> %s</small><br />',_('Syntax'),$schema_attr->getType());
-
-	if ($schema_attr->getMaxLength())
+	if ($ldap['schema']->getMaxLength())
 		printf('<small><b>%s:</b> %s %s</small><br />',
-			_('Maximum Length'),number_format($schema_attr->getMaxLength()),_('characters'));
+			_('Maximum Length'),number_format($ldap['schema']->getMaxLength()),_('characters'));

+	echo '<br />';
+	printf('<input type="submit" id="save_button" name="submit" value="%s" />',_('Add New Value'));
+	echo '</td></tr></table>';
+
+	echo '</td></tr>';
+	echo '</table>';
+	echo '</center>';
 	echo '</form>';
+
+	# Javascript
+	echo '<script type="text/javascript" language="javascript">
+	      function pla_getComponentById(id) {
+		  return document.getElementById(id);
+	      }
+
+	      function pla_getComponentsByName(name) {
+		 return document.getElementsByName(name);
+	      }
+
+	      function pla_getComponentValue(component) {
+		  if (component.type == "checkbox") {
+		      if (component.checked) return component.value;
+		  } else if (component.type == "select-one") {
+		      if (component.selectedIndex >= 0) return component.options[component.selectedIndex].value;
+		  } else if (component.type == "select-multiple") {
+		      if (component.selectedIndex >= 0) return component.options[component.selectedIndex].value;
+		  } else if (component.type == undefined) { // option
+		      if (component.selected) return component.value;
+		  } else {
+		      return component.value;
+		  }
+		  return "";
+	      }
+
+	      function pla_setComponentValue(component, value) {
+		  if (component.type == "checkbox") {
+		      if (component.value == value) component.checked = true;
+		      else component.checked = false;
+		  } else if (component.type == "select-one") {
+		      for (var i = 0; i < component.options.length; i++) {
+			  if (component.options[i].value == value) component.options[i].selected = true;
+		      }
+		  } else if (component.type == "select-multiple") {
+		      for (var i = 0; i < component.options.length; i++) {
+			  if (component.options[i].value == value) component.options[i].selected = true;
+		      }
+		  } else if (component.type == undefined) { // option
+		      if (component.value == value) component.selected = true;
+		      else component.selected = false;
+		  } else { // text, textarea
+		      component.value = value;
+		  }
+	      }</script>';
+
+	echo '<script type="text/javascript" language="javascript">
+	      function getAttributeComponents(prefix, name) {
+	          var components = new Array();
+		  var i = 0;
+	          var j = 0;
+	          var c = pla_getComponentsByName(prefix + "_values[" + name + "][" + j + "]");
+	          while (c && (c.length > 0)) {
+	              for (var k = 0; k < c.length; k++) {
+			  components[i++] = c[k];
+	              }
+	              ++j;
+	              c = pla_getComponentsByName(prefix + "_values[" + name + "][" + j + "]");
+	          }
+		  c = pla_getComponentsByName(prefix + "_values[" + name + "][]");
+	          if (c && (c.length > 0)) {
+	              for (var k = 0; k < c.length; k++) {
+			  components[i++] = c[k];
+	              }
+	          }
+		  return components;
+              }
+	      function getAttributeValues(prefix, name) {
+		  var components = getAttributeComponents(prefix, name);
+	          var values = new Array();
+	          for (var k = 0; k < components.length; k++) {
+	              var val = pla_getComponentValue(components[k]);
+	              if (val) values[values.length] = val;
+	          }
+		  return values;
+              }</script>';
+
+	echo '<script type="text/javascript" language="javascript">
+	      function validateForm(silence) {
+		  var i = 0;
+		  var valid = true;
+		  var components = null;
+	          components = getAttributeComponents("new", "'.$ldap['attr']->getName().'");
+	          for (i = 0; i < components.length; i++) {
+	              if (window.validate_'.$ldap['attr']->getName().') {
+	                  valid = (!validate_'.$ldap['attr']->getName().'(components[i], silence) || !valid) ? false : true;
+	              }
+	          }
+	          return valid;
+	      }
+	      </script>';
+
+	echo '<script type="text/javascript" language="javascript">
+	      function submitForm(form) {
+	          for (var i = 0; i < form.elements.length; i++) {
+	              form.elements[i].blur();
+	          }
+		  return validateForm(true);
+	      }
+	      function alertError(err, silence) {
+	          if (!silence) alert(err);
+	      }
+	      </script>';
+
+	echo '<script type="text/javascript" language="javascript">
+		var attrTrace;
+		function fill(id, value) {
+			attrTrace = new Array();
+			fillRec(id, value);
+		}
+		function fillRec(id, value) {
+			if (attrTrace[id] == 1) {
+				return;
+			} else {
+				var pre = "";
+				var suf = "";
+				var i;
+				attrTrace[id] = 1;
+				pla_setComponentValue(pla_getComponentById(id), value);
+				// here comes template-specific implementation, generated by php
+				if (false) {}';
+	$attr = $ldap['attr']->getName();
+	echo "\t\t\telse if ((i = id.indexOf('_".$attr."_')) >= 0) {\n";
+	echo "\t\t\t\tpre = id.substring(0, i+1);\n";
+	echo "\t\t\t\tsuf = id.substring(i + 1 + '$attr'.length, id.length);\n";
+	$writer->draw('FillJavascript', $ldap['attr'], 'id', 'value');
+	echo "\t\t\t}\n";
+	echo '}}</script>';
+
+	$writer->draw('Javascript', $ldap['attr']);
+
+	echo '<script type="text/javascript" language="javascript">
+	      validateForm(true);
+	      </script>';
 }
-echo '</body></html>';
 ?>
--- a/htdocs/cmd.php
+++ b/htdocs/cmd.php
@@ -0,0 +1,51 @@
+<?php
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/cmd.php,v 1.3.2.3 2008/01/10 12:28:34 wurley Exp $
+
+/**
+ * @package phpLDAPadmin
+ */
+
+require_once './common.php';
+
+$www['cmd'] = get_request('cmd','REQUEST');
+$www['meth'] = get_request('meth','REQUEST');
+
+ob_start();
+$file = '';
+
+switch ($www['cmd']) {
+	case '_debug' :
+		debug_dump($_REQUEST,1);
+		break;
+
+	default :
+		if (defined('HOOKSDIR') && file_exists(HOOKSDIR.$www['cmd'].'.php'))
+			$file = HOOKSDIR.$www['cmd'].'.php';
+
+		elseif (defined('HTDOCDIR') && file_exists(HTDOCDIR.$www['cmd'].'.php'))
+			$file = HTDOCDIR.$www['cmd'].'.php';
+
+		elseif (file_exists('welcome.php'))
+			$file = 'welcome.php';
+}
+
+if (DEBUG_ENABLED)
+   debug_log('Ready to render page for command [%s,%s].',128,__FILE__,__LINE__,__METHOD__,$www['cmd'],$file);
+
+# Create page.
+$www['page'] = new page($ldapserver->server_id);
+
+if ($file)
+	include $file;
+
+# Capture the output and put into the body of the page.
+$www['body'] = new block();
+$www['body']->SetBody(ob_get_contents());
+$www['page']->block_add('body',$www['body']);
+ob_end_clean();
+
+if ($www['meth'] == 'get_body')
+	$www['page']->body(true);
+else
+	$www['page']->display();
+?>
--- a/htdocs/collapse.php
+++ b/htdocs/collapse.php
@@ -1,39 +1,26 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/collapse.php,v 1.13.4.1 2005/11/26 05:17:06 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/collapse.php,v 1.16 2007/12/15 07:50:30 wurley Exp $

 /**
 * This script alters the session variable 'tree', collapsing it
 * at the dn specified in the query string.
 *
- * Variables that come in via common.php
- *  - server_id
- * Variables that come in as GET vars:
- *  - dn (rawurlencoded)
- *
 * Note: this script is equal and opposite to expand.php
 * @package phpLDAPadmin
+ * @see expand.php
 */
 /**
 */

 require './common.php';

-$dn = $_GET['dn'];
+$dn = get_request('dn','GET',true);
 $tree = get_cached_item($ldapserver->server_id,'tree');
-$tree['browser'][$dn]['open'] = false;
+$entry = $tree->getEntry($dn);
+$entry->close();
 set_cached_item($ldapserver->server_id,'tree','null',$tree);

-/* This is for Opera. By putting "random junk" in the query string, it thinks
-   that it does not have a cached version of the page, and will thus
-   fetch the page rather than display the cached version */
-$time = gettimeofday();
-$random_junk = md5(strtotime('now').$time['usec']);
-
-/* If cookies were disabled, build the url parameter for the session id.
-   It will be append to the url to be redirect */
-$id_session_param = '';
-if (SID != '')
-	$id_session_param = sprintf('&%s=%s',session_name(),session_id());
-
-header(sprintf('Location:tree.php?foo=%s#%s_%s%s',$random_junk,$ldapserver->server_id,rawurlencode($dn),$id_session_param));
+header(sprintf('Location:index.php?server_id=%s&junk=%s#%s%s',
+	$ldapserver->server_id,random_junk(),htmlid($ldapserver->server_id,$dn),pla_session_param()));
+die();
 ?>
--- a/htdocs/common.php
+++ b/htdocs/common.php
@@ -1,5 +1,12 @@
 <?php
-# This is a temporary file
-@define('LIBDIR',sprintf('%s/',realpath('../lib/')));
-require LIBDIR.'common.php';
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/common.php,v 1.3.2.3 2007/12/26 08:21:10 wurley Exp $
+
+/**
+ * @package phpLDAPadmin
+ */
+
+# This is just here to provide a convenient link back to the proper common.php
+if (! defined('LIBDIR'))
+	define('LIBDIR',sprintf('%s/',realpath('../lib/')));
+require_once LIBDIR.'common.php';
 ?>
--- a/htdocs/compare.php
+++ b/htdocs/compare.php
@@ -1,15 +1,12 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/compare.php,v 1.12.2.5 2005/12/17 01:28:33 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/compare.php,v 1.16.2.3 2008/01/13 06:33:50 wurley Exp $

 /**
 * Compare two DNs - the destination DN is editable.
 * @package phpLDAPadmin
 */
-/**
- * @todo: Must fix dc/domainComponent evaluation.
- */

-require './common.php';
+require_once './common.php';

 $dn_src = isset($_POST['dn_src']) ? $_POST['dn_src'] : null;
 $dn_dst = isset($_POST['dn_dst']) ? $_POST['dn_dst'] : null;
@@ -20,11 +17,11 @@ $encoded_dn_dst = rawurlencode($dn_dst);
 $server_id_src = (isset($_POST['server_id_src']) ? $_POST['server_id_src'] : '');
 $server_id_dst = (isset($_POST['server_id_dst']) ? $_POST['server_id_dst'] : '');

-$ldapserver_src = $ldapservers->Instance($server_id_src);
+$ldapserver_src = $_SESSION[APPCONFIG]->ldapservers->Instance($server_id_src);
 if (! $ldapserver_src->haveAuthInfo())
 	pla_error(_('Not enough information to login to server. Please check your configuration.'));

-$ldapserver_dst = $ldapservers->Instance($server_id_dst);
+$ldapserver_dst = $_SESSION[APPCONFIG]->ldapservers->Instance($server_id_dst);
 if (! $ldapserver_src->haveAuthInfo())
 	pla_error(_('Not enough information to login to server. Please check your configuration.'));

@@ -33,10 +30,8 @@ if (! $ldapserver_src->dnExists($dn_src))
 if (! $ldapserver_dst->dnExists($dn_dst))
 	pla_error(sprintf(_('No such entry: %s'),pretty_print_dn($dn_dst)));

-$friendly_attrs = process_friendly_attr_table();
-
-$attrs_src = $ldapserver_src->getDNAttrs($dn_src,false,$config->GetValue('deref','view'));
-$attrs_dst = $ldapserver_dst->getDNAttrs($dn_dst,false,$config->GetValue('deref','view'));
+$attrs_src = $ldapserver_src->getDNAttrs($dn_src,false,$_SESSION[APPCONFIG]->GetValue('deref','view'));
+$attrs_dst = $ldapserver_dst->getDNAttrs($dn_dst,false,$_SESSION[APPCONFIG]->GetValue('deref','view'));

 # Get a list of all attributes.
 $attrs_all = array_keys($attrs_src);
@@ -44,53 +39,44 @@ foreach ($attrs_dst as $key => $val)
 	if (! in_array($key,$attrs_all))
 		$attrs_all[] = $key;

-include './header.php';
-?>
+	printf('<h3 class="title">%s</h3>',_('Comparing the following DNs'));

-<body>
+	echo '<table class="entry" width=100% border=0>';
+	echo '<tr>';
+	printf('<td colspan=2 width=20%%><h3 class="subtitle">%s<br />&nbsp;</h3></td>',_('Attribute'));

-<table class="comp_dn" border=0>
-	<tr><td colspan=6>
-		<h3 class="title"><?php echo _('Comparing the following DNs'); ?></h3>
-	</td></tr>
+	printf('<td colspan=2 width=40%%><h3 class="subtitle">%s: <b>%s</b><br />%s: <b>%s</b></h3></td>',
+		_('Server'),$ldapserver_src->name,_('Distinguished Name'),htmlspecialchars($dn_src));

-	<tr>
-		<td colspan=2 width=20%>
-			<h3 class="subtitle"><?php echo _('Attribute'); ?><br />&nbsp;</h3>
-		</td>
-		<td colspan=2 width=40%>
-			<h3 class="subtitle"><?php echo _('Server'); ?>: <b><?php echo $ldapserver_src->name; ?></b><br /><?php echo _('Distinguished Name');?>: <b><?php echo htmlspecialchars(($dn_src)); ?></b></h3>
-		</td>
-		<td colspan=2 width=40%>
-			<h3 class="subtitle"><?php echo _('Server'); ?>: <b><?php echo $ldapserver_dst->name; ?></b><br /><?php echo _('Distinguished Name');?>: <b><?php echo htmlspecialchars(($dn_dst)); ?></b></h3>
-		</td>
-	</tr>
-	<tr>
-		<td colspan=6 align=right>
-			<form action="compare.php" method="post" name="compare_form">
-			<input type="hidden" name="server_id_src" value="<?php echo $ldapserver_dst->server_id; ?>" />
-			<input type="hidden" name="server_id_dst" value="<?php echo $ldapserver_src->server_id; ?>" />
-			<input type="hidden" name="dn_src" value="<?php echo htmlspecialchars($dn_dst); ?>" />
-			<input type="hidden" name="dn_dst" value="<?php echo htmlspecialchars($dn_src); ?>" />
-			<input type="submit" value="<?php echo _('Switch Entry'); ?>" />
-			</form>
-		</td>
-	</tr>
+	printf('<td colspan=2 width=40%%><h3 class="subtitle">%s: <b>%s</b><br />%s: <b>%s</b></h3></td>',
+		_('Server'),$ldapserver_dst->name,_('Distinguished Name'),htmlspecialchars($dn_dst));
+
+	echo '</tr>';
+
+	echo '<tr>';
+	echo '<td colspan=6 align=right>';
+	echo '<form action="cmd.php?cmd=compare" method="post" name="compare_form">';
+	printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
+	printf('<input type="hidden" name="server_id_src" value="%s" />',$ldapserver_dst->server_id);
+	printf('<input type="hidden" name="server_id_dst" value="%s" />',$ldapserver_src->server_id);
+	printf('<input type="hidden" name="dn_src" value="%s" />',htmlspecialchars($dn_dst));
+	printf('<input type="hidden" name="dn_dst" value="%s" />',htmlspecialchars($dn_src));
+	printf('<input type="submit" value="%s" />',_('Switch Entry'));
+	echo '</form>';
+	echo '</td>';
+	echo '</tr>';

-<?php
 if (! $attrs_all || ! is_array($attrs_all)) {
 	printf('<tr><td colspan="2">(%s)</td></tr>',_('This entry has no attributes'));
 	print '</table>';
-	print '</html>';
-	die();
+	return;
 }

 sort($attrs_all);
+$formdisplayed = false;

 # Work through each of the attributes.
 foreach ($attrs_all as $attr) {
-	flush();
-
 	# If this is the DN, get the next attribute.
 	if (! strcasecmp($attr,'dn'))
 		continue;
@@ -98,37 +84,29 @@ foreach ($attrs_all as $attr) {
 	# Has the config.php specified that this attribute is to be hidden or shown?
 	if ($ldapserver_src->isAttrHidden($attr) || $ldapserver_dst->isAttrHidden($attr))
 		continue;
-?>

-	<!-- Begin Attribute -->
-	<tr>
+	$schema_attr_src = $ldapserver_src->getSchemaAttribute($attr,$dn_src);
+	$schema_attr_dst = $ldapserver_dst->getSchemaAttribute($attr,$dn_dst);

-	<?php foreach (array('src','dst') as $side) { ?>
+	# Get the values and see if they are the same.
+	if (isset($attrs_src[$attr]) && isset($attrs_dst[$attr]) && $attrs_src[$attr] === $attrs_dst[$attr])
+		echo '<tr>';
+	else
+		echo '<tr class="updated">';

-		<?php
-		if ($side == 'dst' && ! $ldapserver_dst->isReadOnly()) { ?>
-
-	<form action="update_confirm.php" method="post" name="edit_form">
-	<input type="hidden" name="server_id" value="<?php echo $ldapserver_dst->server_id; ?>" />
-	<input type="hidden" name="dn" value="<?php echo $dn_dst; ?>" />
-
-		<?php }
-
-		$schema_attr_src = $ldapserver_src->getSchemaAttribute($attr,$dn_src);
-		$schema_attr_dst = $ldapserver_dst->getSchemaAttribute($attr,$dn_dst);
+	foreach (array('src','dst') as $side) {

 		# Setup the $attr_note, which will be displayed to the right of the attr name (if any)
-		$attr_note = '';
-		$required_note = '';
+		$attr_note = '&nbsp;';

 		# is there a user-friendly translation available for this attribute?
-		if (isset($friendly_attrs[strtolower($attr)])) {
-			$attr_display = $friendly_attrs[strtolower($attr)];
-			$attr_note = sprintf('<acronym title="%s">alias</acronym>',sprintf(_('Note: \'%s\' is an alias for \'%s\''),$attr_display,$attr));
+		if ($_SESSION[APPCONFIG]->haveFriendlyName($attr)) {
+			$attr_display = $_SESSION[APPCONFIG]->getFriendlyName($attr);
+			$attr_note = sprintf('<acronym title="%s: \'%s\' %s \'%s\'">%s</acronym>',_('Note'),$attr_display,_('is an alias for'),$attr,_('alias'));

 		} else {
-			$attr_note = '';
 			$attr_display = $attr;
+			$attr_note = '&nbsp;';
 		}

 		# is this attribute required by an objectClass?
@@ -160,51 +138,49 @@ foreach ($attrs_all as $attr) {
 				break;
 		}

-		if ($side == 'src') { ?>
-			<td class="attr">
-				<?php $schema_href="schema.php?server_id=$server_id_src&amp;view=attributes&amp;viewvalue=".real_attr_name($attr); ?>
-				<b><a title="<?php echo sprintf(_('Click to view the schema defintion for attribute type \'%s\''),$attr) ?>" href="<?php echo $schema_href; ?>"><?php echo $attr_display; ?></a></b>
-			</td>
+		# If we are on the source side, show the attr
+		if ($side == 'src') {
+			echo '<td class="title">';
+			$schema_href = sprintf('cmd.php?cmd=schema&amp;server_id=%s&amp;view=attributes&amp;viewvalue=%s',$server_id_src,real_attr_name($attr));
+			printf('<a title="%s" href="%s">%s</a>',sprintf(_('Click to view the schema definition for attribute type \'%s\''),$attr),$schema_href,$attr_display);
+			echo '</td>';

-			<td class="attr_note">
-				<sup><small><?php echo $attr_note; ?></small></sup>
-			</td>
-		<?php }
+			printf('<td class="note"><sup><small>%s</small></sup></td>',$attr_note);
+		}

-		if ($required_by) {
-			$required_note .= sprintf('<acronym title="%s">%s</acronym>',sprintf(_('Required attribute for objectClass(es) %s'),$required_by),_('required'));
-		?>
-			<td colspan=2 class="attr_note">
-				<sup><small><?php echo $required_note; ?></small></sup>
-			</td>
-		<?php } else { ?>
-			<td colspan=2 class="attr_note">&nbsp;</td>
-		<?php } ?>
+		echo '<td colspan=2 class="note">';

-		<?php if ($ldapserver->isAttrReadOnly($attr)) { ?>
-				<small>(<acronym title="<?php echo _('This attribute has been flagged as read only by the phpLDAPadmin administrator'); ?>"><?php echo _('read only'); ?></acronym>)</small>
-		<?php } ?>
-			</td>
+		# Create our form if the dst is editable.
+		if ($side == 'dst' && ! $ldapserver_dst->isReadOnly() && ! $formdisplayed) {
+			$formdisplayed = true;
+			echo '<form action="cmd.php?cmd=update_confirm" method="post" name="edit_form">';
+			printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver_dst->server_id);
+			printf('<input type="hidden" name="dn" value="%s" />',$dn_dst);
+		}

-	<?php } ?>
+		if ($required_by)
+			printf('<sup><small><acronym title="%s">%s</acronym></small></sup>',sprintf(_('Required attribute for objectClass(es) %s'),$required_by),_('required'));
+		echo '</td>';

-	</tr>
-	<!-- End of Attribute -->
+		if ($ldapserver->isAttrReadOnly($attr))
+			printf('<small>(<acronym title="%s">%s</acronym>)</small>',_('This attribute has been flagged as read only by the phpLDAPadmin administrator'),_('read only'));
+	}

-	<!-- Begin Values -->
-	<tr>
+	echo '</tr>';
+
+	if (isset($attrs_src[$attr]) && isset($attrs_dst[$attr]) && $attrs_src[$attr] === $attrs_dst[$attr])
+		echo '<tr>';
+	else
+		echo '<tr class="updated">';

-	<?php
 	foreach (array('src','dst') as $side) {
-		$vals = null; ?>
+		$vals = null;

-
-		<?php
 		# If this attribute isnt set, then show a blank.
 		$toJump = 0;
 		switch ($side) {
 			case 'src':
-				print '<td colspan=2>&nbsp</td><td class="attr">';
+				print '<td colspan=2>&nbsp;</td><td class="value">';

 				if (! isset($attrs_src[$attr])) {
 					echo "<small>&lt;". _('No Value')."&gt;</small></td>";
@@ -217,7 +193,7 @@ foreach ($attrs_all as $attr) {
 				break;

 			case 'dst':
-				print '<td colspan=2>&nbsp</td><td class="val">';
+				print '<td colspan=2>&nbsp;</td><td class="value">';

 				if (! isset($attrs_dst[$attr])) {
 					echo "<small>&lt;". _('No Value')."&gt;</small></td>";
@@ -230,19 +206,18 @@ foreach ($attrs_all as $attr) {
 				break;
 		}

-		if ($toJump) continue;
+		if ($toJump)
+			continue;
+
 		if (! is_array($vals))
 			$vals = array($vals);

-		/*
-		 * Is this attribute a jpegPhoto?
-		 */
+		# Is this attribute a jpegPhoto?
 		if ($ldapserver->isJpegPhoto($attr)) {

 			switch ($side) {
 				case 'src':
-					// Don't draw the delete buttons if there is more than one jpegPhoto
-					// 	(phpLDAPadmin can't handle this case yet)
+					# Don't draw the delete buttons if there is more than one jpegPhoto (phpLDAPadmin can't handle this case yet)
 					draw_jpeg_photos($ldapserver,$dn_src,$attr,false);
 					break;

@@ -255,14 +230,12 @@ foreach ($attrs_all as $attr) {
 					break;
 			}

-			// proceed to the next attribute
-			echo "</td>\n";
+			# proceed to the next attribute
+			echo '</td>'."\n";
 			continue;
 		}

-		/*
-		 * Is this attribute binary?
-		 */
+		# Is this attribute binary?
 		if ($ldapserver->isAttrBinary($attr)) {
 			switch ($side) {
 				case 'src':
@@ -273,36 +246,27 @@ foreach ($attrs_all as $attr) {
 					$href = sprintf("download_binary_attr.php?server_id=%s&dn=%s&attr=%s",$ldapserver->server_id,$encoded_dn_dst,$attr);
 					break;
 			}
-			?>

-			<small>
+			echo '<small>';
+			echo _('Binary value');
+			echo '<br />';

-			<?php echo _('Binary value'); ?><br />
+			if (count($vals) > 1)
+				for ($i=1; $i<=count($vals); $i++)
+					printf('<a href="%s&amp;value_num=%s"><img src="images/save.png" /> %s(%s)</a><br />',$href,$i,_('download value'),$i);
+			else
+				printf('<a href="%s"><img src="images/save.png" /> %s</a><br />',$href,_('download value'));

-			<?php if (count($vals) > 1) { for($i=1; $i<=count($vals); $i++) { ?>
-				<a href="<?php echo $href . "&amp;value_num=$i"; ?>"><img
-					src="images/save.png" /> <?php echo _('download value'); ?>(<?php echo $i; ?>)</a><br />
+			if ($side == 'dst' && ! $ldapserver_dst->isReadOnly() && ! $ldapserver->isAttrReadOnly($attr))
+				printf('<a href="javascript:deleteAttribute(\'%s\');" style="color:red;"><img src="images/trash.png" /> %s</a>',$attr,_('delete attribute'));

-			<?php } } else { ?>
-				<a href="<?php echo $href; ?>"><img src="images/save.png" /> <?php echo _('download value'); ?></a><br />
+			echo '</small>';
+			echo '</td>';

-			<?php }
-
-			if ($side == 'dst' && ! $ldapserver_dst->isReadOnly() && ! $ldapserver->isAttrReadOnly($attr)) { ?>
-
-				<a href="javascript:deleteAttribute('<?php echo $attr; ?>');" style="color:red;"><img src="images/trash.png" /> <?php echo _('delete attribute'); ?></a>
-
-			<?php } ?>
-
-			</small>
-		</td>
-
-			<?php continue;
+			continue;
 		}

-		/*
-		 * Note: at this point, the attribute must be text-based (not binary or jpeg)
-		 */
+		# Note: at this point, the attribute must be text-based (not binary or jpeg)

 		/*
 		 * If this server is in read-only mode or this attribute is configured as read_only,
@@ -312,67 +276,59 @@ foreach ($attrs_all as $attr) {
 		if ($side == 'dst' && ($ldapserver->isReadOnly() || $ldapserver->isAttrReadOnly($attr))) {
 			if (is_array($vals)) {
 				foreach ($vals as $i => $val) {
-					if (trim($val) == "")
-						echo "<span style=\"color:red\">[" . _('empty') . "]</span><br />\n";
+					if (trim($val) == '')
+						printf('<span style="color:red">[%s]</span><br />',_('empty'));

-					elseif (0 == strcasecmp($attr,'userPassword') && $config->GetValue('appearance','obfuscate_password_display'))
-						echo preg_replace('/./','*',$val) . "<br />";
+					elseif (strcasecmp($attr,'userPassword') == 0 && $_SESSION[APPCONFIG]->GetValue('appearance','obfuscate_password_display'))
+						echo preg_replace('/./','*',$val).'<br />';

 					else
-						echo htmlspecialchars($val) . "<br />";
+						echo htmlspecialchars($val).'<br />';
 				}

-			// @todo: redundant - $vals is always an array.
+			# @todo: redundant - $vals is always an array.
 			} else {
-				if (0 == strcasecmp($attr,'userPassword') && $config->GetValue('appearance','obfuscate_password_display'))
-					echo preg_replace('/./','*',$vals) . "<br />";
+				if (strcasecmp($attr,'userPassword') == 0 && $_SESSION[APPCONFIG]->GetValue('appearance','obfuscate_password_display'))
+					echo preg_replace('/./','*',$vals).'<br />';
 				else
-					echo $vals . "<br />";
+					echo $vals.'<br />';
 			}
-			echo "</td>";
+			echo '</td>';
 			continue;
 		}

-		/*
-		 * Is this a userPassword attribute?
-		 */
+		# Is this a userPassword attribute?
 		if (! strcasecmp($attr,'userpassword')) {
 			$user_password = $vals[0];
 			$enc_type = get_enc_type($user_password);

-			// Set the default hashing type if the password is blank (must be newly created)
+			# Set the default hashing type if the password is blank (must be newly created)
 			if ($user_password == '') {
 				$enc_type = get_default_hash($server_id);
 			}

-			if ($side == 'dst') { ?>
+			if ($side == 'dst') {
+				printf('<input type="hidden" name="old_values[userpassword]" value="%s" />',htmlspecialchars($user_password));
+				echo '<!-- Special case of enc_type to detect changes when user changes enc_type but not the password value -->';
+				printf('<input size="38" type="hidden" name="old_enc_type" value="%s" />',$enc_type == '' ? 'clear' : $enc_type);
+			}

-				<input type="hidden" name="old_values[userpassword]" value="<?php echo htmlspecialchars($user_password); ?>" />
-
-				<!-- Special case of enc_type to detect changes when user changes enc_type but not the password value -->
-				<input size="38" type="hidden" name="old_enc_type" value="<?php echo ($enc_type==''?'clear':$enc_type); ?>" />
-
-			<?php }
-
-			if (obfuscate_password_display($enc_type))  {
+			if (obfuscate_password_display($enc_type))
 				echo htmlspecialchars(preg_replace('/./','*',$user_password));
-			} else {
+			else
 				echo htmlspecialchars($user_password);
-			} ?>

-			<br />
+			echo '<br />';

-			<?php if ($side == 'dst') { ?>
+			if ($side == 'dst') {
+				printf('<input style="width: 260px" type="password" name="new_values[userpassword]" value="%s" />',htmlspecialchars($user_password));
+				echo enc_type_select_list($enc_type);

-				<input style="width: 260px" type="password" name="new_values[userpassword]" value="<?php echo htmlspecialchars($user_password); ?>" />
+			}

-				<?php echo enc_type_select_list($enc_type);
-
-			} ?>
-
-				<br />
-
-				<script language="javascript">
+			echo '<br />';
+			?>
+				<script type="text/javascript" language="javascript">
 				<!--
 				function passwordComparePopup()
 				{
@@ -383,189 +339,168 @@ foreach ($attrs_all as $attr) {
 				}
 				-->
 				</script>
+			<?php

-				<small><a href="javascript:passwordComparePopup()"><?php echo _('Check password'); ?></a></small>
+			printf('<small><a href="javascript:passwordComparePopup()">%s</a></small>',_('Check password'));

-			</td>
-
-			<?php continue;
+			echo '</td>';
+			continue;
 		}

-		/*
-		 * Is this a boolean attribute?
-		 */
+		# Is this a boolean attribute?
 		if ($ldapserver->isAttrBoolean($attr)) {
 			$val = $vals[0];

-			if ($side = 'dst') {?>
+			if ($side = 'dst') {
+				printf('<input type="hidden" name="old_values[%s]" value="%s" />',htmlspecialchars($attr),htmlspecialchars($val));

-				<input type="hidden" name="old_values[<?php echo htmlspecialchars($attr); ?>]" value="<?php echo htmlspecialchars($val); ?>" />
+				printf('<select name="new_values[%s]">',htmlspecialchars($attr));
+				printf('<option value="TRUE"%s>%s</option>',$val == 'TRUE' ? ' selected' : '',_('true'));
+				printf('<option value="FALSE"%s>%s</option>',$val == 'FALSE' ? ' selected' : '',_('false'));
+				printf('<option value="">(%s)</option>',_('none, remove value'));
+				echo '</select>';
+			}

-				<select name="new_values[<?php echo htmlspecialchars($attr); ?>]">
-					<option value="TRUE"<?php echo ($val=='TRUE' ? ' selected' : ''); ?>><?php echo _('true'); ?></option>
-					<option value="FALSE"<?php echo ($val=='FALSE' ? ' selected' : ''); ?>><?php echo _('false'); ?></option>
-					<option value="">(<?php echo _('none, remove value'); ?>)</option>
-				</select>
-
-			<?php } ?>
-
-			</td>
-
-			<?php continue;
+			echo '</td>';
+			continue;
 		}

-		/*
-		 * End of special case attributes (non plain text).
-		 */
-
+		# End of special case attributes (non plain text).
 		foreach ($vals as $i => $val) {

 			if ($side == 'dst') {
-				$input_name = "new_values[" . htmlspecialchars($attr) . "][$i]";
-				// We smack an id="..." tag in here that doesn't have [][] in it to allow the
-				// draw_chooser_link() to identify it after the user clicks.
-				$input_id = "new_values_" . htmlspecialchars($attr) . "_" . $i; ?>
+				$input_name = sprintf('new_values[%s][%s]',htmlspecialchars($attr),$i);

-				<!-- The old_values array will let update.php know if the entry contents changed
-				     between the time the user loaded this page and saved their changes. -->
-				<input type="hidden" name="old_values[<?php echo htmlspecialchars($attr); ?>][<?php echo $i; ?>]" value="<?php echo htmlspecialchars($val); ?>" />
-			<?php }
+				/* We smack an id="..." tag in here that doesn't have [][] in it to allow the
+				* draw_chooser_link() to identify it after the user clicks.*/
+				$input_id = sprintf('"new_values_%s_%s',htmlspecialchars($attr),$i);

-			// Is this value is a structural objectClass, make it read-only
-			if (0 == strcasecmp($attr,'objectClass')) { ?>
+				echo '<!-- The old_values array will let update.php know if the entry contents changed
+				     between the time the user loaded this page and saved their changes. -->';
+				printf('<input type="hidden" name="old_values[%s][%s]" value="%s" />',htmlspecialchars($attr),$i,htmlspecialchars($val));
+			}

-				<a title="<?php echo _('View the schema description for this objectClass'); ?>" href="schema.php?server_id=<?php echo $ldapserver->server_id; ?>&amp;view=objectClasses&amp;viewvalue=<?php echo htmlspecialchars($val); ?>"><img src="images/info.png" /></a>
+			# Is this value is a structural objectClass, make it read-only
+			if (0 == strcasecmp($attr,'objectClass')) {

-				<?php $schema_object = $ldapserver->getSchemaObjectClass($val);
+				printf('<a title="%s" href="cmd.php?cmd=schema&amp;server_id=%s&amp;view=objectClasses&amp;viewvalue=%s"><img src="images/info.png" /></a>',
+					_('View the schema description for this objectClass'),$ldapserver->server_id,htmlspecialchars($val));

-			        if ($schema_object->getType() == 'structural') {
-					echo "$val <small>(<acronym title=\"" . sprintf(_('This is a structural ObjectClass and cannot be removed.')) . "\">" . _('structural') . "</acronym>)</small><br />";
+				$schema_object = $ldapserver->getSchemaObjectClass($val);

-					if ($side == 'dst') {?>
+				if ($schema_object->getType() == 'structural') {
+					printf('%s <small>(<acronym title="%s">%s</acronym>)</small><br />',
+						$val,_('This is a structural ObjectClass and cannot be removed.'),_('structural'));

-				<input type="hidden" name="<?php echo $input_name; ?>" id="<?php echo $input_id; ?>" value="<?php echo htmlspecialchars($val); ?>" />
+					if ($side == 'dst')
+						printf('<input type="hidden" name="%s" id="%s" value="%s" />',$input_name,$input_id,htmlspecialchars($val));

-					<?php }
-				continue;
+					continue;
 				}
 			}

-			if (is_dn_string($val) || $ldapserver->isDNAttr($attr)) { ?>
+			if (is_dn_string($val) || $ldapserver->isDNAttr($attr))
+				printf('<a title="%s" href="cmd.php?cmd=template_engine&amp;server_id=%s&amp;dn=%s"><img style="vertical-align: top" src="images/go.png" /></a>',
+					sprintf(_('Go to %s'),htmlspecialchars($val)),$ldapserver->server_id,rawurlencode($val));

-				<a title="<?php echo sprintf(_('Go to %s'),htmlspecialchars($val)); ?>" href="template_engine.php?server_id=<?php echo $ldapserver->server_id; ?>&amp;dn=<?php echo rawurlencode($val); ?>"><img style="vertical-align: top" src="images/go.png" /></a>
+			elseif (is_mail_string($val))
+				printf('<a href="mailto:%s><img style="vertical-align: center" src="images/mail.png" /></a>',htmlspecialchars($val));

-			<?php } elseif (is_mail_string($val)) { ?>
-
-				<a href="mailto:<?php echo htmlspecialchars($val); ?>"><img style="vertical-align: center" src="images/mail.png" /></a>
-
-			<?php } elseif (is_url_string($val)) { ?>
-
-				<a href="<?php echo htmlspecialchars($val); ?>" target="new"><img style="vertical-align: center" src="images/dc.png" /></a>
-
-			<?php }
+			elseif (is_url_string($val))
+				printf('<a href="%s" target="new"><img style="vertical-align: center" src="images/dc.png" /></a>',htmlspecialchars($val));

 			if ($ldapserver->isMultiLineAttr($attr,$val)) {
-
-				if ($side == 'dst') {?>
-				<textarea class="val" rows="3" cols="30" name="<?php echo $input_name; ?>" id="<?php echo $input_id; ?>"><?php echo htmlspecialchars($val); ?></textarea>
-
-				<?php } else {
-					echo htmlspecialchars($val);
-				}
-
-			} else {
-
-				if ($side == 'dst') {?>
-
-				<input type="text" class="val" name="<?php echo $input_name; ?>" id="<?php echo $input_id; ?>" value="<?php echo htmlspecialchars($val); ?>" />
-
-				<?php } else {
-					echo htmlspecialchars($val);
-				}
-			}
-
-			// draw a link for popping up the entry browser if this is the type of attribute
-			// that houses DNs.
-			if ($ldapserver->isDNAttr($attr))
-				draw_chooser_link("edit_form.$input_id",false); ?>
-
-			<br />
-		<?php } ?>
-
-		</td>
-
-	<?php } /* end foreach value */ ?>
-
-	</tr>
-
-		<?php
-		/* Draw the "add value" link under the list of values for this attributes */
-
-		if (! $ldapserver_dst->isReadOnly()) {
-
-			// First check if the required objectClass is in this DN
-			$isOK = 0;
-			$src_oclass = array();
-			$attr_object = $ldapserver_dst->getSchemaAttribute($attr,$dn_dst);
-			foreach ($attr_object->used_in_object_classes as $oclass) {
-				if (in_array(strtolower($oclass),arrayLower($attrs_dst['objectClass']))) {
-					$isOK = 1;
-					break;
-				} else {
-					// Find oclass that the source has that provides this attribute.
-					if (in_array($oclass,$attrs_src['objectClass']))
-						$src_oclass[] = $oclass;
-				}
-			}
-
-			print "<tr><td colspan=2></td><td colspan=2>&nbsp</td><td>&nbsp;</td><td>";
-			if (! $isOK) {
-
-				if (count($src_oclass) == 1) {
-					$add_href = sprintf('add_oclass_form.php?server_id=%s&dn=%s&new_oclass=%s',
-						$ldapserver_dst->server_id,$encoded_dn_dst,$src_oclass[0]);
-				} else {
-					$add_href = sprintf('add_value_form.php?server_id=%s&dn=%s&attr=objectClass',
-						$ldapserver_dst->server_id,$encoded_dn_dst);
-				}
-
-				if ($attr == 'objectClass')
-					printf('<div class="add_oclass">(<a href="%s" title="%s">%s</a>)</div>',$add_href,_('Add ObjectClass and Attributes'),_('add value'));
+				if ($side == 'dst')
+					printf('<textarea class="value" rows="3" cols="30" name="%s" id="%s">%s</textarea>',$input_name,$input_id,htmlspecialchars($val));
 				else
-					printf('<div class="add_oclass">(<a href="%s" title="%s">%s</a>)</div>',$add_href,sprintf(_('You need one of the following ObjectClass(es) to add this attribute %s.'),implode(" ",$src_oclass)),_('Add new ObjectClass'));
+					echo htmlspecialchars($val);

 			} else {
-				if (! $schema_attr_dst->getIsSingleValue() || (! isset($vals))) {
+				if ($side == 'dst')
+					printf('<input type="text" class="value" name="%s" id="%s" value="%s" />',$input_name,$input_id,htmlspecialchars($val));
+				else
+					echo htmlspecialchars($val);
+			}

-					$add_href = sprintf('add_value_form.php?server_id=%s&dn=%s&attr=%s',
-						$ldapserver_dst->server_id,$encoded_dn_dst,rawurlencode($attr));
+			# draw a link for popping up the entry browser if this is the type of attribute that houses DNs.
+			if ($ldapserver->isDNAttr($attr))
+				draw_chooser_link("edit_form.$input_id",false);

-					printf('<div class="add_value">(<a href="%s" title="%s">%s</a>)</div>',
-						$add_href,sprintf(_('Add an additional value to attribute \'%s\''),$attr),_('add value'));
-				}
+			echo '<br />';
+		}
+
+		echo '</td>';
+	} /* end foreach value */
+
+	echo '</tr>';
+
+	# Draw the "add value" link under the list of values for this attributes
+	if (! $ldapserver_dst->isReadOnly()) {
+
+		# First check if the required objectClass is in this DN
+		$isOK = 0;
+		$src_oclass = array();
+		$attr_object = $ldapserver_dst->getSchemaAttribute($attr,$dn_dst);
+		foreach ($attr_object->used_in_object_classes as $oclass) {
+			if (in_array(strtolower($oclass),arrayLower($attrs_dst['objectClass']))) {
+				$isOK = 1;
+				break;
+
+			} else {
+				# Find oclass that the source has that provides this attribute.
+				if (in_array($oclass,$attrs_src['objectClass']))
+					$src_oclass[] = $oclass;
 			}
 		}

-		print "</td></tr>"; ?>
+		echo '<tr><td colspan=2></td><td colspan=2>&nbsp;</td><td>&nbsp;</td><td>';
+		if (! $isOK) {

-		</td>
+			if (count($src_oclass) == 1)
+				$add_href = sprintf('cmd.php?cmd=add_oclass_form&amp;server_id=%s&amp;dn=%s&amp;new_oclass=%s',
+					$ldapserver_dst->server_id,$encoded_dn_dst,$src_oclass[0]);
+			else
+				$add_href = sprintf('cmd.php?cmd=add_value_form&amp;server_id=%s&amp;dn=%s&amp;attr=objectClass',
+					$ldapserver_dst->server_id,$encoded_dn_dst);

-	<?php flush(); ?>
+			if ($attr == 'objectClass')
+				printf('<div class="add_value">(<a href="%s" title="%s">%s</a>)</div>',$add_href,_('Add ObjectClass and Attributes'),_('add value'));
+			else
+				printf('<div class="add_value">(<a href="%s" title="%s">%s</a>)</div>',
+					$add_href,sprintf(_('You need one of the following ObjectClass(es) to add this attribute %s.'),implode(" ",$src_oclass)),
+					_('Add new ObjectClass'));

-	</tr>
+		} else {
+			if (! $schema_attr_dst->getIsSingleValue() || (! isset($vals))) {

-<?php } /* End foreach ($attrs as $attr => $vals) */
+				$add_href = sprintf('cmd.php?cmd=add_value_form&amp;erver_id=%s&amp;dn=%s&amp;attr=%s',
+					$ldapserver_dst->server_id,$encoded_dn_dst,rawurlencode($attr));

-if (! $ldapserver_dst->isReadOnly()) { ?>
+			printf('<div class="add_value">(<a href="%s" title="%s">%s</a>)</div>',
+					$add_href,sprintf(_('Add an additional value to attribute \'%s\''),$attr),_('add value'));
+			}
+		}
+	}

-	<td colspan="2">&nbsp</td><td colspan=2><center><input type="submit" value="<?php echo _('Save Changes'); ?>" /></center></td></tr></form>
+	echo '</td></tr>';

-<?php } ?>
+	# Get the values and see if they are the same.
+	if (isset($attrs_src[$attr]) && isset($attrs_dst[$attr]) && $attrs_src[$attr] === $attrs_dst[$attr])
+		echo '<tr>';
+	else
+		echo '<tr class="updated"><td class="bottom" colspan="0">&nbsp;</td></tr>';

-</table>
+} /* End foreach ($attrs as $attr => $vals) */

-<?php /* If this entry has a binary attribute,we need to provide a form for it to submit when deleting it. */ ?>
-<script language="javascript">
+if (! $ldapserver_dst->isReadOnly())
+	printf('<tr><td colspan=3>&nbsp;</td><td colspan=3><center><input type="submit" value="%s" /></center></form></td></tr>',_('Save Changes'));
+
+echo '</table>';
+
+# If this entry has a binary attribute,we need to provide a form for it to submit when deleting it. */
+?>
+
+<script type="text/javascript" language="javascript">
 //<!--
 function deleteAttribute(attrName)
 {
@@ -578,11 +513,8 @@ function deleteAttribute(attrName)
 </script>

 <!-- This form is submitted by JavaScript when the user clicks "Delete attribute" on a binary attribute -->
-<form name="delete_attribute_form" action="delete_attr.php" method="post">
+<form name="delete_attribute_form" action="cmd.php?cmd=delete_attr" method="post">
 	<input type="hidden" name="server_id" value="<?php echo $ldapserver_dst->server_id; ?>" />
 	<input type="hidden" name="dn" value="<?php echo $dn_dst; ?>" />
 	<input type="hidden" name="attr" value="FILLED IN BY JAVASCRIPT" />
 </form>
-
-</body>
-</html>
--- a/htdocs/compare_form.php
+++ b/htdocs/compare_form.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/compare_form.php,v 1.2.4.2 2005/12/09 14:29:15 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/compare_form.php,v 1.5 2007/12/15 07:50:30 wurley Exp $

 /**
 * Compares to DN entries side by side.
@@ -12,68 +12,59 @@
 /**
 */

-require './common.php';
-
-if( ! $ldapserver->haveAuthInfo())
-	pla_error( _('Not enough information to login to server. Please check your configuration.') );
+require_once './common.php';

 $dn = (isset($_GET['dn']) ? $_GET['dn'] : '');
-
-$encoded_dn = rawurlencode( $dn );
-$rdn = get_rdn( $dn );
-$container = get_container( $dn );
-
-$attrs = $ldapserver->getDNAttrs($dn);
+$rdn = get_rdn($dn);
 $select_server_html = server_select_list($ldapserver->server_id,true,'server_id_dst');

-include './header.php'; ?>
+printf('<h3 class="title">%s %s</h3>',_('Compare another DN with'),htmlspecialchars($rdn));
+printf('<h3 class="subtitle">%s: <b>%s</b>',_('Server'),$ldapserver->name);
+if ($dn)
+	printf('&nbsp;&nbsp;&nbsp;%s: <b>%s</b>',_('Distinguished Name'),htmlspecialchars($dn));
+echo '</h3>';
+echo "\n";

-<body>
+echo '<center>';
+printf('%s <b>%s</b> %s<br />',_('Compare'),htmlspecialchars($rdn),_('with '));

-<h3 class="title"><?php echo _('Compare another DN with'). '&nbsp;' . $rdn; ?></h3>
-<h3 class="subtitle"><?php echo _('Server'); ?>: <b><?php echo $ldapserver->name; ?></b>
-<?php if ($dn) { ?>
-	 &nbsp;&nbsp;&nbsp; <?php echo _('Distinguished Name')?>: <b><?php echo $dn; ?></b>
-<?php } ?>
-</h3>
+echo '<form action="cmd.php?cmd=compare" method="post" name="compare_form">';
+printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
+printf('<input type="hidden" name="server_id_src" value="%s" />',$ldapserver->server_id);
+echo "\n";

-<center>
-<?php echo _('Compare'); ?> <b><?php echo htmlspecialchars( $rdn ); ?></b> <?php echo _('with '); ?>:<br />
-<br />
+echo '<table style="border-spacing: 10px">';
+echo "\n";
+echo '<tr><td>';

-<form action="compare.php" method="post" name="compare_form">
-<input type="hidden" name="server_id_src" value="<?php echo $ldapserver->server_id; ?>" />
+if (! $dn) {
+	printf('<acronym title="%s">%s</acronym>:',_('Compare this DN with another'),_('Source DN'));
+	echo '</td><td>';
+	printf('<input type="text" name="dn_src" size="45" value="%s" />',htmlspecialchars($dn));
+	draw_chooser_link('compare_form.dn_src','true',$rdn);

-<table style="border-spacing: 10px">
-<tr>
-	<?php if (! $dn) { ?>
-	<td><acronym title="<?php echo _('Compare this DN with another'); ?>"><?php echo _('Source DN'); ?></acronym>:</td>
-	<td>
-	<input type="text" name="dn_src" size="45" value="<?php echo htmlspecialchars( $dn ); ?>" />
-		<?php draw_chooser_link( 'compare_form.dn_src', 'true', $rdn ); ?></td>
-	</td>
-	<?php } else { ?>
-	<input type="hidden" name="dn_src" value="<?php echo htmlspecialchars( $dn ); ?>" />
-	<?php } ?>
-</tr>
-<tr>
-	<td><acronym title="<?php echo _('Compare this DN with another'); ?>"><?php echo _('Destination DN'); ?></acronym>:</td>
-	<td>
-		<input type="text" name="dn_dst" size="45" value="" />
-		<?php draw_chooser_link( 'compare_form.dn_dst', 'true', '' ); ?></td>
-	</td>
-</tr>
+} else
+	printf('<input type="hidden" name="dn_src" value="%s" />',htmlspecialchars($dn));

-<tr>
-	<td><?php echo _('Destination Server')?>:</td>
-	<td><?php echo $select_server_html; ?></td>
-</tr>
+echo '</td></tr>';
+echo "\n";

-<tr>
-	<td colspan="2" align="right"><input type="submit" value="<?php echo _('Compare'); ?>" /></td>
-</tr>
-</table>
-</form>
-</center>
-</body>
-</html>
+echo '<tr>';
+printf('<td><acronym title="%s">%s</acronym>:</td>',_('Compare this DN with another'),_('Destination DN'));
+echo '<td>';
+echo '<input type="text" name="dn_dst" size="45" value="" />';
+draw_chooser_link('compare_form.dn_dst','true','');
+echo '</td>';
+echo '</tr>';
+echo "\n";
+
+printf('<tr><td>%s:</td><td>%s</td></tr>',_('Destination Server'),$select_server_html);
+echo "\n";
+
+printf('<tr><td colspan="2" align="right"><input type="submit" value="%s" /></td></tr>',_('Compare'));
+echo "\n";
+
+echo '</table>';
+echo '</form>';
+echo '</center>';
+?>
--- a/htdocs/copy.php
+++ b/htdocs/copy.php
@@ -1,13 +1,13 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/copy.php,v 1.36.2.10 2005/12/31 03:13:47 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/copy.php,v 1.44.2.1 2007/12/26 09:26:32 wurley Exp $

 /**
 * Copies a given object to create a new one.
 *
 * Vars that come in as POST vars
- *  - source_dn (rawurlencoded)
- *  - new_dn (form element)
- *  - server_id
+ * - source_dn (rawurlencoded)
+ * - new_dn (form element)
+ * - server_id
 *
 * @package phpLDAPadmin
 */
@@ -16,118 +16,111 @@

 require './common.php';

-$server_id_src = (isset($_POST['server_id']) ? $_POST['server_id'] : '');
-$server_id_dst = (isset($_POST['dest_server_id']) ? $_POST['dest_server_id'] : '');
+if (! $_SESSION[APPCONFIG]->isCommandAvailable('entry_move'))
+	pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('copy entry')));

-$ldapserver_src = $ldapservers->Instance($server_id_src);
-$ldapserver_dst = $ldapservers->Instance($server_id_dst);
+$entry['src']['id'] = get_request('server_id');
+$entry['dst']['id'] = get_request('dest_server_id');

-if ($ldapserver_dst->isReadOnly())
+$entry['src']['ldapserver'] = $_SESSION[APPCONFIG]->ldapservers->Instance($entry['src']['id']);
+$entry['dst']['ldapserver'] = $_SESSION[APPCONFIG]->ldapservers->Instance($entry['dst']['id']);
+
+if ($entry['dst']['ldapserver']->isReadOnly())
 	pla_error(_('Destination server is currently READ-ONLY.'));

-if (! $ldapserver_src->haveAuthInfo() || ! $ldapserver_dst->haveAuthInfo())
+if (! $entry['src']['ldapserver']->haveAuthInfo() || ! $entry['dst']['ldapserver']->haveAuthInfo())
 	pla_error(_('Not enough information to login to server. Please check your configuration.'));

-$dn_src = $_POST['old_dn'];
-$dn_dst = $_POST['new_dn'];
-$do_recursive = (isset($_POST['recursive']) && $_POST['recursive'] == 'on') ? true : false;
-$do_remove = (isset($_POST['remove']) && $_POST['remove'] == 'yes') ? true : false;
-
-include './header.php';
+$entry['src']['dn'] = get_request('old_dn');
+$entry['dst']['dn'] = get_request('new_dn');
+$entry['src']['recursive'] = (get_request('recursive') == 'on') ? true : false;
+$entry['src']['remove'] = (get_request('remove') == 'yes') ? true : false;

 # Error checking
-if (0 == strlen(trim($dn_dst)))
+if (strlen(trim($entry['dst']['dn'])) == 0)
 	pla_error(_('You left the destination DN blank.'));

-if (pla_compare_dns($dn_src,$dn_dst) == 0 && $server_id_src == $server_id_dst)
+if (pla_compare_dns($entry['src']['dn'],$entry['dst']['dn']) == 0 && $entry['src']['id'] == $entry['dst']['id'])
 	pla_error(_('The source and destination DN are the same.'));

-if ($ldapserver_dst->dnExists($dn_dst))
-	pla_error(sprintf(_('The destination entry (%s) already exists.'),pretty_print_dn($dn_dst)));
+if ($entry['dst']['ldapserver']->dnExists($entry['dst']['dn']))
+	pla_error(sprintf(_('The destination entry (%s) already exists.'),pretty_print_dn($entry['dst']['dn'])));

-if (! $ldapserver_dst->dnExists(get_container($dn_dst)))
-	pla_error(sprintf(_('The destination container (%s) does not exist.'),pretty_print_dn(get_container($dn_dst))));
+if (! $entry['dst']['ldapserver']->dnExists(get_container($entry['dst']['dn'])))
+	pla_error(sprintf(_('The destination container (%s) does not exist.'),pretty_print_dn(get_container($entry['dst']['dn']))));

-if ($do_recursive) {
+if ($entry['src']['recursive']) {
 	$filter = isset($_POST['filter']) ? $_POST['filter'] : '(objectClass=*)';

 	# Build a tree similar to that of the tree browser to give to r_copy_dn
 	$snapshot_tree = array();
-	print '<body>';
-	printf('<h3 class="title">%s%s</h3>',_('Copying '),htmlspecialchars($dn_src));
+	printf('<h3 class="title">%s%s</h3>',_('Copying '),htmlspecialchars($entry['src']['dn']));
 	printf('<h3 class="subtitle">%s</h3>',_('Recursive copy progress'));
 	print '<br /><br />';
 	print '<small>';
 	print _('Building snapshot of tree to copy... ');

-	flush();
-
-	$snapshot_tree = build_tree($ldapserver_src,$dn_src,array(),$filter);
+	$snapshot_tree = build_tree($entry['src']['ldapserver'],$entry['src']['dn'],array(),$filter);
 	printf('<span style="color:green">%s</span><br />',_('Success'));
-	flush();

 	# Prevent script from bailing early on a long delete
 	@set_time_limit(0);

-	$copy_result = r_copy_dn($ldapserver_src,$ldapserver_dst,$snapshot_tree,$dn_src,$dn_dst);
+	$copy_result = r_copy_dn($entry['src']['ldapserver'],$entry['dst']['ldapserver'],$snapshot_tree,$entry['src']['dn'],$entry['dst']['dn']);
+	# @todo: This is not showing the complete results - only the children of the dst - need to look at.
+	$copy_message = $copy_result;
 	print '</small>';

 } else {
-	$copy_result = copy_dn($ldapserver_src,$ldapserver_dst,$dn_src,$dn_dst);
+	$copy_result = copy_dn($entry['src']['ldapserver'],$entry['dst']['ldapserver'],$entry['src']['dn'],$entry['dst']['dn']);
+	$copy_message = sprintf('%s DN%s <b>%s</b> %s',_('Copy successful!'),_(':'),htmlspecialchars($entry['dst']['dn']),_('has been created.'));
 }

 if ($copy_result) {
-	$edit_url = sprintf('template_engine.php?server_id=%s&amp;dn=%s',$server_id_dst,rawurlencode($dn_dst));
-	$new_rdn = get_rdn($dn_dst);
-	$container = get_container($dn_dst);
+	$redirect_url = sprintf('cmd.php?cmd=template_engine&server_id=%s&dn=%s',$entry['dst']['id'],rawurlencode($entry['dst']['dn']));
+	$new_rdn = get_rdn($entry['dst']['dn']);
+	$container = get_container($entry['dst']['dn']);

-	printf('<center>%s<a href="%s">%s</a></center>',_('Copy successful! Would you like to '),$edit_url,_('view the new entry'));
-	echo '<!-- refresh the tree view (with the new DN renamed) and redirect to the edit_dn page -->';
-	echo '<script type="text/javascript" language="javascript">parent.left_frame.location.reload();</script>';
-	echo '</body></html>';
+	if ($entry['src']['remove'])
+		$redirect_url = sprintf('cmd.php?cmd=delete_form&server_id=%s&dn=%s',$entry['src']['id'],rawurlencode($entry['src']['dn']));

-	if ($do_remove) {
-		sleep(2);
-		$delete_url = sprintf('delete_form.php?server_id=%s&dn=%s',$server_id_dst,rawurlencode($dn_src));
-		echo '<!-- redirect to the delete form -->';
-		printf('<script type="text/javascript" language="javascript">parent.right_frame.location="%s" </script>',$delete_url);
-	}
+	system_message(array(
+		'title'=>_('Copy Entry'),
+		'body'=>$copy_message,
+		'type'=>'info'),
+		$redirect_url);
 }

 function r_copy_dn($ldapserver_src,$ldapserver_dst,$snapshottree,$root_dn,$dn_dst) {
-        if (DEBUG_ENABLED)
-		debug_log('r_copy_dn: Entered with (%s,%s,%s,%s,%s)',1,
+	if (DEBUG_ENABLED)
+		debug_log('Entered with (%s,%s,%s,%s,%s)',1,__FILE__,__LINE__,__METHOD__,
 			$ldapserver_src->server_id,$ldapserver_dst->server_id,$snapshottree,$root_dn,$dn_dst);

-	printf('<nobr>%s %s...',_('Copying '),htmlspecialchars($root_dn));
-	flush();
+	$copy_message = array();

 	$copy_result = copy_dn($ldapserver_src,$ldapserver_dst,$root_dn,$dn_dst);

 	if (! $copy_result)
 		return false;

-	printf('<span style="color:green">%s</span></nobr><br />',_('Success'));
-	flush();
+	$copy_message[] = sprintf('%s DN: <b>%s</b> %s',_('Copy successful!'),htmlspecialchars($dn_dst),_('has been created.'));

 	$children = isset($snapshottree[$root_dn]) ? $snapshottree[$root_dn] : null;
 	if (is_array($children) && count($children) > 0) {
 		foreach($children as $child_dn) {
 			$child_rdn = get_rdn($child_dn);
 			$new_dest_dn = sprintf('%s,%s',$child_rdn,$dn_dst);
-			r_copy_dn($ldapserver_src,$ldapserver_dst,$snapshottree,$child_dn,$new_dest_dn);
+			$copy_result = r_copy_dn($ldapserver_src,$ldapserver_dst,$snapshottree,$child_dn,$new_dest_dn);
+			$copy_message[] = array_shift($copy_result);
 		}
-
-	} else {
-		return true;
 	}

-	return true;
+	return $copy_message;
 }

 function copy_dn($ldapserver_src,$ldapserver_dst,$dn_src,$dn_dst) {
-        if (DEBUG_ENABLED)
-	        debug_log('copy_dn: Entered with (%s,%s,%s,%s)',17,
+	if (DEBUG_ENABLED)
+		debug_log('Entered with (%s,%s,%s,%s)',17,__FILE__,__LINE__,__METHOD__,
 			$ldapserver_src->server_id,$ldapserver_dst->server_id,$dn_src,$dn_dst);

 	$new_entry = $ldapserver_src->getDNAttrs($dn_src);
@@ -147,11 +140,11 @@ function copy_dn($ldapserver_src,$ldapserver_dst,$dn_src,$dn_dst) {

 		$add_result = $ldapserver_dst->add($dn_dst,$new_entry);
 		if (! $add_result) {
-			run_hook('post_entry_create',
-				array('server_id'=>$ldapserver_dst->server_id,'dn'=>$dn_dst,'attrs'=>$new_entry));
-
 			echo '</small><br /><br />';
 			pla_error(_('Failed to copy DN: ').$dn_dst,$ldapserver_dst->error(),$ldapserver_dst->errno());
+		} else {
+			run_hook('post_entry_create',
+				array('server_id'=>$ldapserver_dst->server_id,'dn'=>$dn_dst,'attrs'=>$new_entry));
 		}

 		return $add_result;
@@ -169,9 +162,10 @@ function copy_dn($ldapserver_src,$ldapserver_dst,$dn_src,$dn_dst) {
 */
 function build_tree($ldapserver,$dn,$buildtree) {
 	if (DEBUG_ENABLED)
-		debug_log('build_tree: Entered with (%s,%s,%s)',1,
+		debug_log('Entered with (%s,%s,%s)',1,__FILE__,__LINE__,__METHOD__,
 			$ldapserver->server_id,$dn,$buildtree);

+	# we search all children, not only the visible children in the tree
 	$children = $ldapserver->getContainerContents($dn,0);

 	if (is_array($children) && count($children) > 0) {
@@ -181,7 +175,7 @@ function build_tree($ldapserver,$dn,$buildtree) {
 	}

 	if (DEBUG_ENABLED)
-		debug_log('build_tree: Returning (%s)',1,$buildtree);
+		debug_log('Returning (%s)',1,__FILE__,__LINE__,__METHOD__,$buildtree);

 	return $buildtree;
 }
--- a/htdocs/copy_form.php
+++ b/htdocs/copy_form.php
@@ -1,11 +1,9 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/copy_form.php,v 1.24.4.4 2005/12/11 08:21:03 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/copy_form.php,v 1.30.2.1 2007/12/26 09:26:32 wurley Exp $

 /**
 * Copies a given object to create a new one.
 *
- * Variables that come in via common.php
- *  - server_id
 * Variables that come in via GET variables
 *  - dn (rawurlencoded)
 *
@@ -18,22 +16,17 @@ require './common.php';

 if ($ldapserver->isReadOnly())
 	pla_error(_('You cannot perform updates while server is in read-only mode'));
-if (! $ldapserver->haveAuthInfo())
-	pla_error(_('Not enough information to login to server. Please check your configuration.'));

-$dn = $_GET['dn'] ;
-$rdn = get_rdn($dn);
-$attrs = $ldapserver->getDNAttrs($dn);
-$select_server_html = server_select_list($ldapserver->server_id,true,'dest_server_id');
-$children = $ldapserver->getContainerContents($dn);
+$entry['dn'] = get_request('dn','GET');
+$entry['rdn'] = get_rdn($entry['dn']);

-include './header.php';
+# We search all children, not only the visible children in the tree
+$entry['children'] = $ldapserver->getContainerContents($entry['dn']);

 # Draw some javaScrpt to enable/disable the filter field if this may be a recursive copy
-if (is_array($children) && count($children) > 0) { ?>
+if (is_array($entry['children']) && count($entry['children']) > 0) { ?>

 	<script type="text/javascript" language="javascript">
-	//<!--
 	function toggle_disable_filter_field(recursive_checkbox)
 	{
 		if (recursive_checkbox.checked) {
@@ -45,63 +38,68 @@ if (is_array($children) && count($children) > 0) { ?>
 			recursive_checkbox.form.filter.disabled = true;
 		}
 	}
-	//-->
 	</script>

-<?php
-}
+<?php }

-echo '<body>';
-
-printf('<h3 class="title">%s %s</h3>',_('Copy '),$rdn);
-printf('<h3 class="subtitle">%s: <b>%s</b> &nbsp;&nbsp;&nbsp; %s: <b>%s</b></h3>',_('Server'),$ldapserver->name,_('Distinguished Name'),$dn);
+printf('<h3 class="title">%s %s</h3>',_('Copy'),htmlspecialchars($entry['rdn']));
+printf('<h3 class="subtitle">%s: <b>%s</b> &nbsp;&nbsp;&nbsp; %s: <b>%s</b></h3>',_('Server'),$ldapserver->name,
+	_('Distinguished Name'),htmlspecialchars($entry['dn']));
+echo "\n";

 echo '<center>';
-printf('%s <b>%s</b> %s:<br /><br />',_('Copy '),htmlspecialchars($rdn),_('to a new object'));
+printf('%s <b>%s</b> %s:<br /><br />',_('Copy'),htmlspecialchars($entry['rdn']),_('to a new object'));

-echo '<form action="copy.php" method="post" name="copy_form">';
-printf('<input type="hidden" name="old_dn" value="%s" />',$dn);
+echo '<form action="cmd.php" method="post" name="copy_form">';
+echo '<input type="hidden" name="cmd" value="copy" />';
+printf('<input type="hidden" name="old_dn" value="%s" />',htmlspecialchars($entry['dn']));
 printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
+echo "\n";

 echo '<table style="border-spacing: 10px">';
+echo "\n";
+
 echo '<tr>';
-printf('<td><acronym title="%s">%s</acronym>:</td>',_('The full DN of the new entry to be created when copying the source entry'),_('Destination DN'));
-printf('<td><input type="text" name="new_dn" size="45" value="%s" />',htmlspecialchars($dn));
-draw_chooser_link('copy_form.new_dn','true',$rdn);
+printf('<td><acronym title="%s">%s</acronym>:</td>',
+	_('The full DN of the new entry to be created when copying the source entry'),_('Destination DN'));
+printf('<td><input type="text" name="new_dn" size="45" value="%s" />',htmlspecialchars($entry['dn']));
+draw_chooser_link('copy_form.new_dn','true',htmlspecialchars($entry['rdn']));
 echo '</td></tr>';
+echo "\n";

-printf('<tr><td>%s</td><td>%s</td></tr>',_('Destination Server'),$select_server_html);
+printf('<tr><td>%s</td><td>%s</td></tr>',_('Destination Server'),server_select_list($ldapserver->server_id,true,'dest_server_id'));
+echo "\n";

-if (is_array($children) && count($children) > 0) {
+if (is_array($entry['children']) && count($entry['children']) > 0) {
 	echo '<tr>';
 	printf('<td><label for="recursive">%s</label>:</td>',_('Recursive copy'));
 	echo '<td><input type="checkbox" id="recursive" name="recursive" onClick="toggle_disable_filter_field(this)" />';
 	printf('<small>(%s)</small></td>',_('Recursively copy all children of this object as well.'));
-	echo '</tr><tr>';
+	echo '</tr>'."\n";
+
+	echo '<tr>';
 	printf('<td><acronym title="%s">%s</acronym>:</td>',_('When performing a recursive copy, only copy those entries which match this filter'),_('Filter'));
 	echo '<td><input type="text" name="filter" value="(objectClass=*)" size="45" disabled />';
-	echo '</tr><tr>';
+	echo '</tr>'."\n";
+
+	echo '<tr>';
 	printf('<td>%s</td>',_('Delete after copy (move):'));
-	echo '<td><input type="checkbox" name="remove" value="yes"/ disabled>';
+	echo '<td><input type="checkbox" name="remove" value="yes" disabled />';
 	printf('<small>(%s)</small)</td>',_('Make sure your filter (above) will select all child records.'));
 	echo '</tr>';

 } else {
 	printf('<tr><td>%s</td><td><input type="checkbox" name="remove" value="yes"/></td></tr>',_('Delete after copy (move):'));
 }
+echo "\n";

 printf('<tr><td colspan="2" align="right"><input type="submit" value="%s" /></td></tr>',_('Copy '));
+echo "\n";
 echo '</table></form>';
+echo "\n";

-echo '<script type="text/javascript" language="javascript">';
-echo '<!--';
-echo '/* If the user uses the back button, this way we draw the filter field properly. */';
-echo 'toggle_disable_filter_field(document.copy_form.recursive);';
-echo '//-->';
-echo '</script>';
+if ($_SESSION[APPCONFIG]->GetValue('appearance','show_hints'))
+	printf('<small><img src="images/light.png" alt="Light" /><span class="hint">%s</span></small>',_('Hint: Copying between different servers only works if there are no schema violations'));

-if ($config->GetValue('appearance','show_hints'))
-	printf('<small><img src="images/light.png" /><span class="hint">%s</span></small>',_('Hint: Copying between different servers only works if there are no schema violations'));
-
-echo '</center></body></html>';
+echo '</center>';
 ?>
--- a/htdocs/create.php
+++ b/htdocs/create.php
@@ -1,15 +1,11 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/create.php,v 1.44.2.5 2005/12/09 14:29:15 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/create.php,v 1.48.2.1 2007/12/26 09:26:32 wurley Exp $

 /**
 * Creates a new object.
 *
- * Variables that come in via common.php
- *  - server_id
 * Variables that come in as POST vars:
 *  - new_dn
- *  - attrs (an array of attributes)
- *  - vals (an array of values for the above attrs)
 *  - required_attrs (an array with indices being the attributes,
 *		      and the values being their respective values)
 *  - object_classes (rawurlencoded, and serialized array of objectClasses)
@@ -23,103 +19,72 @@
 require './common.php';

 if ($ldapserver->isReadOnly())
-	pla_error(_('You cannot perform updates while server is in read-only mode'));
-if (! $ldapserver->haveAuthInfo())
-	pla_error(_('Not enough information to login to server. Please check your configuration.'));
+	pla_error(_('You cannot perform updates while server is in read-only mode'), null, -1, true);
+
+if (! $_SESSION[APPCONFIG]->isCommandAvailable('entry_create'))
+	pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('create entry')));
+
+$rdn_attr = isset($_POST['rdn_attribute']) ? $_POST['rdn_attribute'] : null;
+
+$entryfactoryclass = $_SESSION[APPCONFIG]->GetValue('appearance','entry_factory');
+eval('$entry_factory = new '.$entryfactoryclass.'();');
+$entry = $entry_factory->newCreatingEntry('');
+
+eval('$reader = new '.$_SESSION[APPCONFIG]->GetValue('appearance', 'entry_reader').'($ldapserver);');
+$entry->accept($reader);
+
+$container = $entry->getContainer();
+
+if (!$container || !$ldapserver->dnExists($container))
+	pla_error(sprintf(_('The container you specified (%s) does not exist. Please try again.'),htmlspecialchars($container)),null,-1,true);
+
+$tree = get_cached_item($ldapserver->server_id,'tree');
+if ($tree) {
+	$container_entry = $tree->getEntry($container);
+	if (!$container_entry)
+		$tree->addEntry($container);
+
+	$container_entry = $tree->getEntry($container);
+	if ($container_entry->isLeaf())
+		pla_error(sprintf(_('The container (%s) is a leaf.'), htmlspecialchars($container)), null, -1, true);
+}
+
+$entry->setRdnAttributeName($rdn_attr);
+if (!$entry->getRdnAttribute())
+	pla_error(sprintf(_('The Rdn attribute (%s) does not exist.'), htmlspecialchars($rdn_attr)), null, -1, true);
+
+$new_dn = $entry->getDn();
+if (! $new_dn)
+	pla_error(_('You left the RDN field blank.'));

-$new_dn = isset($_POST['new_dn']) ? $_POST['new_dn'] : null;
-$required_attrs = isset($_POST['required_attrs']) ? $_POST['required_attrs'] : false;
-$object_classes = unserialize(rawurldecode($_POST['object_classes']));
 $redirect = isset($_POST['redirect']) ? $_POST['redirect'] : false;

-# See if there are any presubmit values to work out.
-if (isset($_POST['presubmit']) && count($_POST['presubmit']) && isset($_POST['template'])) {
-	$templates = new Templates($ldapserver->server_id);
-	$template = $templates->GetTemplate($_POST['template']);
-
-	foreach ($_POST['presubmit'] as $attr) {
-		$_POST['attrs'][] = $attr;
-		$_POST['form'][$attr] = $templates->EvaluateDefault($ldapserver,$template['attribute'][$attr]['presubmit'],$_POST['container']);
-		$_POST['vals'][] = $_POST['form'][$attr];
-	}
-
-	# @todo: This section needs to be cleaned up, and will be when the old templates are removed. In the mean time...
-	# Rebuild the $_POST['attrs'] & $_POST['vals'], as they can be inconsistent.
-	unset($_POST['attrs']);
-	unset($_POST['vals']);
-	foreach ($_POST['form'] as $attr => $val) {
-		$_POST['attrs'][] = $attr;
-		$_POST['vals'][] = $val;
-	}
-}
-
-$vals = isset($_POST['vals']) ? $_POST['vals'] : array();
-$attrs = isset($_POST['attrs']) ? $_POST['attrs'] : array();
-
-# build the new entry
 $new_entry = array();
-if (isset($required_attrs) && is_array($required_attrs)) {
-	foreach ($required_attrs as $attr => $val) {
-		if ($val == '')
-			pla_error(sprintf(_('You left the value blank for required attribute (%s).'),htmlspecialchars($attr)));
-
-		$new_entry[$attr][] = $val;
+$attrs = $entry->getAttributes();
+foreach ($attrs as $attr) {
+	$vals = $attr->getValues();
+	$new_vals = array();
+	foreach ($vals as $val) {
+		if (strlen($val) > 0)
+			$new_vals[] = $val;
 	}
+
+	if ($attr->isRequired() && !$new_vals)
+		pla_error(sprintf(_('You left the value blank for required attribute (%s).'), htmlspecialchars($attr->getName())));
+
+	if ($new_vals)
+		$new_entry[$attr->getName()] = $new_vals;
 }

-if (isset($attrs) && is_array($attrs)) {
-	foreach ($attrs as $i => $attr) {
-
-		if ($ldapserver->isAttrBinary($attr)) {
-			if (isset($_FILES['vals']['name'][$i]) && $_FILES['vals']['name'][$i] != '' ) {
-
-				# read in the data from the file
-				$file = $_FILES['vals']['tmp_name'][$i];
-				$f = fopen($file,'r');
-				$binary_data = fread($f,filesize($file));
-				fclose($f);
-
-				$val = $binary_data;
-				$new_entry[$attr][] = $val;
-			}
-
-		} else {
-			if (is_array($vals[$i])) {
-
-				# If the array has blank entries, then ignore them.
-				foreach ($vals[$i] as $value) {
-					if (trim($value))
-						$new_entry[$attr][] = $value;
-				}
-
-			} else {
-				$val = isset($vals[$i]) ? $vals[$i] : '';
-
-				if ('' !== trim($val))
-					$new_entry[$attr][] = $val;
-			}
-		}
-	}
-}
-
-$new_entry['objectClass'] = $object_classes;
-if (! in_array('top',$new_entry['objectClass']))
+if (! in_array('top', $new_entry['objectClass']))
 	$new_entry['objectClass'][] = 'top';

 foreach ($new_entry as $attr => $vals) {
 	# Check to see if this is a unique Attribute
 	if ($badattr = $ldapserver->checkUniqueAttr($new_dn,$attr,$vals)) {
-		$search_href = sprintf('search.php?search=true&amp;form=advanced&amp;server_id=%s&amp;filter=%s=%s',
-			$ldapserver->server_id,$attr,$badattr);
+		$search_href = sprintf('?cmd=search&amp;search=true&amp;form=advanced&amp;server_id=%s&amp;filter=%s=%s', $ldapserver->server_id,$attr,$badattr);
 		pla_error(sprintf(_('Your attempt to add <b>%s</b> (<i>%s</i>) to <br><b>%s</b><br> is NOT allowed. That attribute/value belongs to another entry.<p>You might like to <a href=\'%s\'>search</a> for that entry.'),$attr,$badattr,$new_dn,$search_href));
 	}
-
-	if (! $ldapserver->isAttrBinary($attr))
-		if (is_array($vals))
-			foreach ($vals as $i => $v)
-				$new_entry[$attr][$i] = $v;
-		else
-			$new_entry[$attr] = $vals;
 }

 # Check the user-defined custom call back first
@@ -129,26 +94,39 @@ if (run_hook('pre_entry_create',array('server_id'=>$ldapserver->server_id,'dn'=>
 if ($add_result) {
 	run_hook('post_entry_create',array('server_id'=>$ldapserver->server_id,'dn'=>$new_dn,'attrs'=>$new_entry));

-	if ($redirect)
+	$action_number = $_SESSION[APPCONFIG]->GetValue('appearance', 'action_after_creation');
+
+	$container = get_container($new_dn,false);
+	//$container_container = get_container($container);
+
+	if ($redirect) {
 		$redirect_url = $redirect;
-	else
-		$redirect_url = sprintf('template_engine.php?server_id=%s&dn=%s',$ldapserver->server_id,rawurlencode($new_dn));
-
-	echo '<html><head>';
-	$tree = get_cached_item($ldapserver->server_id,'tree');
-	$container = get_container($new_dn);
-
-	if ((isset($tree['browser'][$container]['open']) && $tree['browser'][$container]['open']) || 
-		in_array($new_dn,$ldapserver->getBaseDN())) {
-
-		echo '<!-- refresh the tree view (with the new DN renamed) and redirect to the edit_dn page -->';
-		printf('<script language="javascript">parent.left_frame.location.reload();location.href="%s"</script>',$redirect_url);
+	} else if ($action_number == 2) {
+		$redirect_url = sprintf('cmd.php?cmd=template_engine&server_id=%s&container=%s', $ldapserver->server_id, rawurlencode($container));
+	} else {
+		$redirect_url = sprintf('cmd.php?cmd=template_engine&server_id=%s&dn=%s', $ldapserver->server_id, rawurlencode($new_dn));
 	}

-	printf('<meta http-equiv="refresh" content="0; url=%s" />',$redirect_url);
-	echo '</head><body>';
-	printf('%s <a href="%s">%s</a>.',_('Redirecting...'),$redirect_url,_('here'));
-	echo '</body></html>';
+	if ($action_number == 1 || $action_number == 2)
+		printf('<meta http-equiv="refresh" content="0; url=%s" />',$redirect_url);
+
+	if ($action_number == 1 || $action_number == 2) {
+		$create_message = sprintf('%s DN%s <b>%s</b> %s',_('Creation successful!'),_(':'),htmlspecialchars($new_dn),_('has been created.'));
+
+		system_message(array(
+			'title'=>_('Create Entry'),
+			'body'=>$create_message,
+			'type'=>'info'),
+			$redirect_url);
+	} else {
+		printf('<h3 class="title">%s</h3>',_('Entry created'));
+		echo '<br />';
+		echo '<center>';
+		printf('<a href="cmd.php?cmd=template_engine&server_id=%s&dn=%s">%s</a>.',$ldapserver->server_id,rawurlencode($new_dn),_('Display the new created entry'));
+		echo '<br />';
+		printf('<a href="cmd.php?cmd=template_engine&server_id=%s&container=%s">%s</a>.',$ldapserver->server_id,rawurlencode($container),_('Create another entry'));
+		echo '</center>';
+	}

 } else {
 	pla_error(_('Could not add the object to the LDAP server.'),$ldapserver->error(),$ldapserver->errno());
--- a/htdocs/create_form.php
+++ b/htdocs/create_form.php
@@ -1,134 +0,0 @@
-<?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/create_form.php,v 1.31.2.5 2005/12/31 04:21:37 wurley Exp $
-
-/**
- * The menu where the user chooses an RDN, Container, and Template for creating a new entry.
- * After submitting this form, the user is taken to their chosen Template handler.
- *
- * Variables that come in via common.php
- *  - server_id
- * Variables that come in as GET vars
- *  - container (rawurlencoded) (optional)
- *
- * @package phpLDAPadmin
- */
-/**
- */
-
-require './common.php';
-
-if ($ldapserver->isReadOnly())
-	pla_error(_('You cannot perform updates while server is in read-only mode'));
-if (! $ldapserver->haveAuthInfo())
-	pla_error(_('Not enough information to login to server. Please check your configuration.'));
-
-$container = $_REQUEST['container'];
-$server_menu_html = server_select_list($ldapserver->server_id,true);
-
-include './header.php';
-
-echo '<body>';
-
-printf('<h3 class="title">%s</h3>',_('Create Object'));
-printf('<h3 class="subtitle">%s</h3>',_('Choose a template'));
-printf('<center><h3>%s</h3></center>',_('Select a template for the creation process'));
-
-echo '<form action="template_engine.php" method="post">';
-printf('<input type="hidden" name="container" value="%s" />',htmlspecialchars($container));
-
-echo '<table class="create">';
-printf('<tr><td class="heading">%s:</td><td>%s</td></tr>',_('Server'),$server_menu_html);
-
-echo '<tr>';
-printf('<td class="heading">%s:</td>',_('Template'));
-echo '<td>';
-
-echo '<table class="template_display">';
-echo '<tr><td>';
-
-echo '<table class="templates">';
-
-$i = -1;
-
-$template_xml = new Templates($ldapserver->server_id);
-$templates = $template_xml->_template;
-
-# Remove non-visable templates.
-foreach ($templates as $index => $template)
-	if (isset($template['visible']) && (! $template['visible']))
-		unset ($templates[$index]);
-
-$templates['custom']['title'] = 'Custom';
-$templates['custom']['icon'] = 'images/object.png';
-
-$count = count($templates);
-foreach ($templates as $name => $template) {
-	$i++;
-
-	# If the template doesnt have a title, we'll use the desc field.
-	$template['desc'] = isset($template['title']) ? $template['title'] : $template['desc'];
-
-	# Balance the columns properly
-	if ((count($templates) % 2 == 0 && $i == intval($count / 2)) ||
-		(count($templates) % 2 == 1 && $i == intval($count / 2) + 1))
-
-		echo '</table></td><td><table class="templates">';
-
-	# Check and see if this template should be shown in the list
-	$isValid = false;
-
-	if (isset($template['regexp'])) {
-		if (@preg_match('/'.$template['regexp'].'/i',$container))
-			$isValid = true;
-	} else
-		$isValid = true;
-
-	if (isset($template['invalid']) && $template['invalid'])
-		$isValid = false;
-
-	echo '<tr>';
-	if (! $isValid || (isset($template['handler']) && ! file_exists(TMPLDIR.'creation/'.$template['handler'])))
-		echo '<td class="icon"><img src="images/error.png" /></td>';
-	else
-		printf('<td><input type="radio" name="template" value="%s" id="%s" %s /></td>',
-			htmlspecialchars($name),htmlspecialchars($name),
-			! $isValid ? 'disabled' : (strcasecmp('Custom',$name) ? '' : 'checked'));
-
-	printf('<td class="icon"><label for="%s"><img src="%s" /></label></td>',
-		htmlspecialchars($name),$template['icon']);
-
-	printf('<td class="name"><label for="%s">',
-		htmlspecialchars($name));
-
-	if (strcasecmp('Custom', $template['desc']) == 0)
-		 echo '<b>';
-
-	if (! $isValid)
-		if (isset($template['invalid']) && $template['invalid'])
-			printf('<span style="color: gray"><acronym title="%s">',
-				isset($template['invalid_reason']) ? $template['invalid_reason'] :
-					_('This template has been disabled in the XML file.'));
-		else
-			printf('<span style="color: gray"><acronym title="%s">',
-				_('This template is not allowed in this container.'));
-
-	echo htmlspecialchars($template['desc']);
-
-	if (! $isValid) echo '</acronym></span>';
-	if (strcasecmp('Custom', $template['desc']) == 0)
-		echo '</b>';
-
-	echo '</label></td></tr>';
-
-}
-
-echo '</table>';
-echo '</td></tr></table>';
-echo '</td></tr>';
-
-printf('<tr><td colspan="2"><center><input type="submit" name="submit" value="%s" /></center></td></tr>',
-	htmlspecialchars(_('Proceed >>')));
-
-echo '</table>';
-echo '</form></body></html>';
-?>
--- a/htdocs/css/style.css
+++ b/htdocs/css/style.css
--- a/htdocs/delete.php
+++ b/htdocs/delete.php
@@ -1,11 +1,9 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/delete.php,v 1.24.2.3 2005/12/11 08:21:03 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/delete.php,v 1.27.2.2 2007/12/26 09:26:32 wurley Exp $

 /**
 * Deletes a DN and presents a "job's done" message.
 *
- * Variables that come in via common.php
- *  - server_id
 * Variables that come in as POST vars:
 *  - dn (rawurlencoded)
 *
@@ -18,38 +16,37 @@ require './common.php';

 if ($ldapserver->isReadOnly())
 	pla_error(_('You cannot perform updates while server is in read-only mode'));
-if (! $ldapserver->haveAuthInfo())
-	pla_error(_('Not enough information to login to server. Please check your configuration.'));

-$dn = $_POST['dn'];
+if (! $_SESSION[APPCONFIG]->isCommandAvailable('entry_delete', 'simple_delete'))
+	pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('delete entry')));

-if (is_null($dn))
+$entry['dn'] = get_request('dn');
+
+if (! $entry['dn'])
 	pla_error(_('You must specify a DN'));

-if (! $ldapserver->dnExists($dn))
-	pla_error(sprintf(_('No such entry: %s'),'<b>'.pretty_print_dn($dn).'</b>'));
+if (! $ldapserver->dnExists($entry['dn']))
+	pla_error(sprintf(_('No such entry: %s'),'<b>'.pretty_print_dn($entry['dn']).'</b>'));

 # Check the user-defined custom callback first.
-if (run_hook('pre_entry_delete',array('server_id'=>$ldapserver->server_id,'dn'=>$dn)))
-	$del_result = $ldapserver->delete($dn);
+if (run_hook('pre_entry_delete',array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn'])))
+	$result = $ldapserver->delete($entry['dn']);
 else
-	pla_error(sprintf(_('Could not delete the entry: %s'),'<b>'.pretty_print_dn($dn).'</b>'));
+	pla_error(sprintf(_('Could not delete the entry: %s'),'<b>'.pretty_print_dn($entry['dn']).'</b>'));

-if ($del_result) {
+if ($result) {
 	# Custom callback
-	run_hook('post_entry_delete',array('server_id'=>$ldapserver->server_id,'dn'=>$dn));
+	run_hook('post_entry_delete',
+		array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn']));

-	include './header.php';
-	echo '<body>';
-
-	echo '<script type="text/javascript" language="javascript">parent.left_frame.location.reload();</script>';
-	echo '<br /><br />';
-	printf('<center>'._('Entry %s deleted successfully.').'</center>','<b>'.pretty_print_dn($dn).'</b>');
-	echo '</body>';
+	system_message(array(
+		'title'=>_('Delete DN'),
+		'body'=>_('Successfully deleted DN ').sprintf('<b>%s</b>',$entry['dn']),
+		'type'=>'info'),
+		sprintf('index.php?server_id=%s',$ldapserver->server_id));

 } else {
-	pla_error(sprintf(_('Could not delete the entry: %s'),'<b>'.pretty_print_dn($dn).'</b>'),
-		  $ldapserver->error(),$ldapserver->errno());
+	pla_error(sprintf(_('Could not delete the entry: %s'),'<b>'.pretty_print_dn($entry['dn']).'</b>'),
+	  $ldapserver->error(),$ldapserver->errno());
 }
-echo '</html>';
 ?>
--- a/htdocs/delete_attr.php
+++ b/htdocs/delete_attr.php
@@ -1,12 +1,9 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/delete_attr.php,v 1.14.2.5 2005/12/09 14:29:37 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/delete_attr.php,v 1.16.2.1 2007/12/26 09:26:32 wurley Exp $

 /**
 *  Deletes an attribute from an entry with NO confirmation.
 *
- * Variables that come in via common.php
- * - server_id
- *
 *  On success, redirect to template_engine.php
 *  On failure, echo an error.
 *
@@ -19,34 +16,35 @@ require './common.php';

 if ($ldapserver->isReadOnly())
 	pla_error(_('You cannot perform updates while server is in read-only mode'));
-if (! $ldapserver->haveAuthInfo())
-	pla_error(_('Not enough information to login to server. Please check your configuration.'));

-$dn = isset($_POST['dn']) ? $_POST['dn'] : null;
-$attr = isset($_POST['attr']) ? $_POST['attr'] : null;
+if (! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_delete'))
+	pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('delete attribute')));

-if (! $dn)
+$entry['dn']['string'] = get_request('dn');
+$entry['dn']['encode'] = rawurlencode($entry['dn']['string']);
+$entry['attr'] = get_request('attr');
+
+if (! $entry['dn']['string'])
 	pla_error(_('No DN specified'));

-if (! $attr)
+if (! $entry['attr'])
 	pla_error(_('No attribute name specified.'));

-$encoded_dn = rawurlencode($dn);
-
-if ($ldapserver->isAttrReadOnly($attr))
-	pla_error(sprintf(_('The attribute "%s" is flagged as read-only in the phpLDAPadmin configuration.'),htmlspecialchars($attr)));
+if ($ldapserver->isAttrReadOnly($entry['attr']))
+	pla_error(sprintf(_('The attribute "%s" is flagged as read-only in the phpLDAPadmin configuration.'),htmlspecialchars($entry['attr'])));

 $update_array = array();
-$update_array[$attr] = array();
+$update_array[$entry['attr']] = array();

-$res = $ldapserver->modify($dn,$update_array);
-if ($res) {
-	$redirect_url = sprintf('template_engine.php?server_id=%s&dn=%s',$ldapserver->server_id,$encoded_dn);
+$result = $ldapserver->modify($entry['dn']['string'],$update_array);
+if ($result) {
+	$redirect_url = sprintf('cmd.php?cmd=template_engine&server_id=%s&dn=%s',$ldapserver->server_id,$entry['dn']['encode']);

-	foreach($update_array as $attr => $junk)
+	foreach ($update_array as $attr => $junk)
 		$redirect_url .= "&modified_attrs[]=$attr";

 	header("Location: $redirect_url");
+	die();

 } else {
 	pla_error(_('Could not perform ldap_modify operation.'),$ldapserver->error(),$ldapserver->errno());
--- a/htdocs/delete_form.php
+++ b/htdocs/delete_form.php
@@ -1,12 +1,10 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/delete_form.php,v 1.20.4.5 2005/12/11 08:21:03 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/delete_form.php,v 1.26.2.1 2008/01/13 05:37:00 wurley Exp $

 /**
 * delete_form.php
 * Displays a last chance confirmation form to delete a dn.
 *
- * Variables that come in via common.php
- *  - server_id
 * Variables that come in as GET vars:
 *  - dn (rawurlencoded)
 *
@@ -19,130 +17,122 @@ require './common.php';

 if ($ldapserver->isReadOnly())
 	pla_error(_('You cannot perform updates while server is in read-only mode'));
-if (! $ldapserver->haveAuthInfo())
-	pla_error(_('Not enough information to login to server. Please check your configuration.'));

-$dn = $_GET['dn'];
-$children = $ldapserver->getContainerContents($dn,0,'(objectClass=*)',LDAP_DEREF_NEVER);
-$has_children = count($children) > 0 ? true : false;
+$entry['dn']['string'] = get_request('dn','GET');
+$entry['dn']['html'] = htmlspecialchars($entry['dn']['string']);

-include './header.php';
+# We search all children, not only the visible children in the tree
+$entry['children'] = $ldapserver->getContainerContents($entry['dn']['string'],0,'(objectClass=*)',LDAP_DEREF_NEVER);

-echo '<body>';
-printf('<h3 class="title">'._('Delete %s').'</h3>',htmlspecialchars(get_rdn($dn)));
+printf('<h3 class="title">'._('Delete %s').'</h3>',htmlspecialchars(get_rdn($entry['dn']['string'])));
 printf('<h3 class="subtitle">%s: <b>%s</b> &nbsp;&nbsp;&nbsp; %s: <b>%s</b></h3>',
-	_('Server'),$ldapserver->name,_('Distinguished Name'),htmlspecialchars(($dn)));
+	_('Server'),$ldapserver->name,_('Distinguished Name'),$entry['dn']['html']);
+echo "\n";

-if ($has_children) {
-	echo '<center>';
+echo '<center>';
+
+if (count($entry['children'])) {
 	printf('<b>%s</b><br /><br />',_('Permanently delete all children also?'));
-	flush();

-	# get the total number of child objects (whole sub-tree)
-	$s = $ldapserver->search(null,dn_escape($dn),'objectClass=*',array('dn'));
-	$sub_tree_count = count($s);
+	# Get the total number of child objects (whole sub-tree)
+	$search['entries'] = $ldapserver->search(null,dn_escape($entry['dn']['string']),'objectClass=*',array('dn'));
+	$search['count'] = count($search['entries']);
+	$search['href'] = htmlspecialchars(sprintf('cmd.php?cmd=search&search=true&;server_id=%s&filter=%s&base_dn=%s&form=advanced&scope=sub',
+		$ldapserver->server_id,rawurlencode('objectClass=*'),rawurlencode($entry['dn']['string'])));
+
+	echo '<table class="forminput" border=0>';
+	echo '<tr>';
+	echo '<td colspan=2>';
+	printf(_('This entry is the root of a sub-tree containing %s entries.'),$search['count']);
+	printf(' <small>(<a href="%s">%s</a>)</small>',
+		$search['href'],_('view entries'));
+	echo '</td></tr>';
+
+	echo '<tr><td colspan=2>&nbsp;</td></tr>';
+
+	printf('<tr><td colspan=2>%s</td></tr>',
+		sprintf(_('phpLDAPadmin can recursively delete this entry and all %s of its children. See below for a list of all the entries that this action will delete. Do you want to do this?'),$search['count']-1));
+
+	echo '<tr><td colspan=2>&nbsp;</td></tr>';
+
+	printf('<tr><td colspan=2><small>%s</small></td></tr>',
+		_('Note: this is potentially very dangerous and you do this at your own risk. This operation cannot be undone. Take into consideration aliases, referrals, and other things that may cause problems.'));
+	echo "\n";
+
+	echo '<tr>';
+	echo '<td width=50%><center>';
+	echo '<form action="cmd.php" method="post">';
+	echo '<input type="hidden" name="cmd" value="rdelete" />';
+	printf('<input type="hidden" name="dn" value="%s" />',htmlspecialchars($entry['dn']['string']));
+	printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
+	printf('<input type="submit" value="%s" />',sprintf(_('Delete all %s objects'),$search['count']));
+	echo '</form>';
+	echo '</center></td>';
+
+	echo '<td width=50%><center>';
+	echo '<form action="cmd.php" method="get">';
+	echo '<input type="hidden" name="cmd" value="template_engine" />';
+	printf('<input type="hidden" name="dn" value="%s" />',htmlspecialchars($entry['dn']['string']));
+	printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
+	printf('<input type="submit" name="submit" value="%s" />',_('Cancel'));
+	echo '</form>';
+	echo '</center></td>';
+	echo '</tr>';
+	echo "\n";
+
+	echo '</table>';
+	echo "\n";
+
+	echo '<br /><br />';
+	echo _('List of entries to be deleted:');
+	echo '<br />';
+
+	printf('<select size="%s" multiple disabled style="background:white; color:black;width:500px" >',min(10,$search['count']));
+	$i = 0;
+	foreach ($search['entries'] as $dn => $junk) {
+		$i++;
+		printf('<option>%s. %s</option>',$i,htmlspecialchars(dn_unescape($dn)));
+	}
+	echo '</select>';
+	echo "\n";
+
+} else {
+	echo '<table class="forminput" border=0>';
+
+	printf('<tr><td colspan=4>%s</td></tr>',_('Are you sure you want to permanently delete this object?'));
+	echo '<tr><td colspan=4>&nbsp;</td></tr>';
+
+	printf('<tr><td width=10%%>%s:</td><td colspan=3 width=75%%><b>%s</b></td></tr>',_('Server'),htmlspecialchars($ldapserver->name));
+	printf('<tr><td width=10%%><acronym title="%s">%s</acronym></td><td colspan=3 width=75%%><b>%s</b></td></tr>',
+		_('Distinguished Name'),_('DN'),$entry['dn']['string']);
+	echo '<tr><td colspan=4>&nbsp;</td></tr>';
+	echo "\n";
+
+	echo '<tr>';
+	echo '<td colspan=2 width=50%><center>';
+	echo '<form action="cmd.php" method="post">';
+	echo '<input type="hidden" name="cmd" value="delete" />';
+	printf('<input type="hidden" name="dn" value="%s" />',htmlspecialchars($entry['dn']['string']));
+	printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
+	printf('<input type="submit" name="submit" value="%s" />',_('Delete'));
+	echo '</form>';
+
+	echo '</center></td>';
+	echo '<td colspan=2 width=50%><center>';
+
+	echo '<form action="cmd.php" method="get">';
+	echo '<input type="hidden" name="cmd" value="template_engine" />';
+	printf('<input type="hidden" name="dn" value="%s" />',htmlspecialchars($entry['dn']['string']));
+	printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
+	printf('<input type="submit" name="submit" value="%s" />',_('Cancel'));
+	echo '</form>';
+
+	echo '</center></td>';
+	echo '</tr>';
+	echo '</table>';
+	echo "\n";
+}
+
+echo '</center>';
+echo '<br />';
 ?>
-
-<table class="delete_confirm">
-<tr>
-	<td>
-	<p>
-	<?php printf(_('This entry is the root of a sub-tree containing %s entries.'),$sub_tree_count); ?>
-	<small>(<a href="search.php?search=true&amp;server_id=<?php echo $ldapserver->server_id; ?>&amp;filter=<?php echo rawurlencode('objectClass=*'); ?>&amp;base_dn=<?php echo rawurlencode($dn); ?>&amp;form=advanced&amp;scope=sub"><?php echo _('view entries'); ?></a>)</small>
-	<br />
-	<br />
-
-	<?php printf(_('phpLDAPadmin can recursively delete this entry and all %s of its children. See below for a list of all the entries that this action will delete. Do you want to do this?'),($sub_tree_count-1)); ?><br />
-	<br />
-	<small><?php echo _('Note: this is potentially very dangerous and you do this at your own risk. This operation cannot be undone. Take into consideration aliases, referrals, and other things that may cause problems.'); ?></small>
-
-	<br />
-	<br />
-	<table width="100%">
-	<tr>
-		<td>
-		<center>
-			<form action="rdelete.php" method="post">
-			<input type="hidden" name="dn" value="<?php echo $dn; ?>" />
-			<input type="hidden" name="server_id" value="<?php echo $ldapserver->server_id; ?>" />
-			<input type="submit" class="scary" value="<?php printf(_('Delete all %s objects'),$sub_tree_count); ?>" />
-			</form>
-		</center>
-		</td>
-
-		<td>
-		<center>
-			<form action="template_engine.php" method="get">
-			<input type="hidden" name="dn" value="<?php echo htmlspecialchars($dn); ?>" />
-			<input type="hidden" name="server_id" value="<?php echo $ldapserver->server_id; ?>" />
-			<input type="submit" name="submit" value="<?php echo _('Cancel'); ?>" class="cancel" />
-			</form>
-		</center>
-		</td>
-	</tr>
-	</table>
-	</td>
-</tr>
-</table>
-
-<?php flush(); ?>
-<br />
-<br />
-<?php echo _('List of entries to be deleted:'); ?><br />
-
-<select size="<?php echo min(10,$sub_tree_count);?>" multiple disabled style="background:white; color:black;width:500px" >
-	<?php $i=0;
-	foreach ($s as $dn => $junk) {
-		$i++; ?>
-
-	<option><?php echo $i; ?>. <?php echo htmlspecialchars((dn_unescape($dn))); ?></option>
-	<?php } ?>
-</select>
-</center>
-
-<br />
-
-<?php } else { ?>
-
-<center>
-<table class="delete_confirm">
-<tr>
-	<td>
-	<?php echo _('Are you sure you want to permanently delete this object?'); ?><br />
-	<br />
-	<nobr><acronym title="<?php echo _('Distinguished Name'); ?>"><?php echo _('DN'); ?></acronym>:  <b><?php echo pretty_print_dn($dn); ?></b></nobr><br />
-	<nobr><?php echo _('Server'); ?>: <b><?php echo htmlspecialchars($ldapserver->name); ?></b></nobr><br />
-	<br />
-
-	<table width="100%">
-	<tr>
-		<td>
-			<center>
-			<form action="delete.php" method="post">
-			<input type="hidden" name="dn" value="<?php echo htmlspecialchars($dn); ?>" />
-			<input type="hidden" name="server_id" value="<?php echo $ldapserver->server_id; ?>" />
-			<input type="submit" name="submit" value="<?php echo _('Delete'); ?>" class="scary" />
-			</form>
-			</center>
-		</td>
-
-		<td>
-			<center>
-			<form action="template_engine.php" method="get">
-			<input type="hidden" name="dn" value="<?php echo $dn; ?>" />
-			<input type="hidden" name="server_id" value="<?php echo $ldapserver->server_id; ?>" />
-			<input type="submit" name="submit" value="<?php echo _('Cancel'); ?>" class="cancel" />
-			</form>
-			</center>
-		</td>
-	</tr>
-	</table>
-	</td>
-</tr>
-</table>
-</center>
-
-<?php } ?>
-
-</body>
-</html>
--- a/htdocs/download_binary_attr.php
+++ b/htdocs/download_binary_attr.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/download_binary_attr.php,v 1.13.2.3 2005/12/08 11:49:28 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/download_binary_attr.php,v 1.15.2.1 2007/12/26 09:26:32 wurley Exp $

 /**
 * @package phpLDAPadmin
@@ -25,9 +25,10 @@ $value_num = isset($_GET['value_num']) ? $_GET['value_num'] : null;
 if (! $ldapserver->dnExists($dn))
 	pla_error(sprintf(_('No such entry: %s'),pretty_print_dn($dn)));

-$search = $ldapserver->search(null,$dn,'(objectClass=*)',array($attr),'base',false,$config->GetValue('deref','view'));
+$search = $ldapserver->search(null,$dn,'(objectClass=*)',array($attr),'base',false,$_SESSION[APPCONFIG]->GetValue('deref','view'));

 # Dump the binary data to the browser
+if (ob_get_level()) ob_end_clean();
 header('Content-type: octet-stream');
 header("Content-disposition: attachment; filename=$attr");
 header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
--- a/htdocs/draw_tree_node.php
+++ b/htdocs/draw_tree_node.php
@@ -0,0 +1,41 @@
+<?php
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/draw_tree_node.php,v 1.2.2.1 2007/12/21 12:11:55 wurley Exp $
+
+/**
+ * @package phpLDAPadmin
+ */
+
+	$entry['dn'] = get_request('dn','REQUEST');
+	$entry['server_id'] = get_request('server_id','REQUEST');
+	$entry['code'] = get_request('code','REQUEST');
+	$entry['action'] = get_request('action','REQUEST');
+
+	$tree = Tree::getInstance($entry['server_id']);
+	if (! $tree)
+		die();
+
+	$dnentry = $tree->getEntry($entry['dn']);
+	if (! $dnentry) {
+		$tree->addEntry($entry['dn']);
+		$dnentry = $this->getEntry($entry['dn']);
+	}
+
+	if (! $dnentry)
+		die();
+
+	if ($entry['action'] == 0) {
+		$dnentry->close();
+
+	} elseif ($entry['action'] == 2) {
+		$dnentry->open();
+
+	} else {
+		$dnentry->open();
+		if ($entry['dn']) {
+			echo $tree->draw_children($dnentry,$entry['code']);
+		} else {
+			$tree->draw(true);
+		}
+	}
+	die();
+?>
--- a/htdocs/entry_chooser.php
+++ b/htdocs/entry_chooser.php
@@ -1,89 +1,93 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/entry_chooser.php,v 1.27.2.4 2005/12/31 03:13:48 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/entry_chooser.php,v 1.31.2.3 2008/01/13 05:37:00 wurley Exp $

 /**
 * Display a selection (popup window) to pick a DN.
 *
 * @package phpLDAPadmin
 */
-/**
- */

-require './common.php';
+include './common.php';
+include HTDOCDIR.'header.php';

-$container = isset($_GET['container']) ? rawurldecode($_GET['container']) : false;
-$return_form_element = isset($_GET['form_element']) ? htmlspecialchars($_GET['form_element']) : null;
-$rdn = isset($_GET['rdn']) ? htmlspecialchars($_GET['rdn']) : null;
-
-include "./header.php";
+$entry['container'] = get_request('container','GET');
+$entry['element'] = get_request('form_element','GET');
+$entry['rdn'] = get_request('rdn','GET');

+echo '<body>';
+echo '<div class="popup">';
 printf('<h3 class="subtitle">%s</h3>',_('Entry Chooser'));
-flush();
 ?>

 <script type="text/javascript" language="javascript">
 	function returnDN(dn) {
-		opener.document.<?php echo $return_form_element; ?>.value = dn;
+		opener.document.<?php echo $entry['element']; ?>.value = dn;
 		close();
 	}
 </script>

 <?php
-if ($container) {
-	printf('%s<b>%s</b>',_('Server: '),htmlspecialchars($ldapserver->name));
-	echo '<br />';
-	printf('%s<b>%s</b>',_('Looking in: '),htmlspecialchars($container));
-	echo '<br />';
+echo '<table class="forminput" width=100% border=0>';
+if ($entry['container']) {
+	printf('<tr><td class="heading" colspan=3>%s:</td><td>%s</td></tr>',_('Server'),htmlspecialchars($ldapserver->name));
+	printf('<tr><td class="heading" colspan=3>%s:</td><td>%s</td></tr>',_('Looking in'),htmlspecialchars($entry['container']));
+	echo '<tr><td class="blank" colspan=4>&nbsp;</td></tr>';
 }

 /* Has the use already begun to descend into a specific server tree? */
-if (isset($ldapserver) && $container !== false) {
+if (isset($ldapserver) && ! is_null($entry['container'])) {

 	if (! $ldapserver->haveAuthInfo())
 		pla_error(_('Not enough information to login to server. Please check your configuration.'));

-	$dn_list = $ldapserver->getContainerContents($container,0,'(objectClass=*)',$config->GetValue('deref','tree'));
-	sort($dn_list);
+	$entry['children'] = $ldapserver->getContainerContents($entry['container'],0,'(objectClass=*)',$_SESSION[APPCONFIG]->GetValue('deref','tree'));
+	sort($entry['children']);

 	foreach ($ldapserver->getBaseDN() as $base_dn) {
-	        if (DEBUG_ENABLED)
-			debug_log('entry_chooser.php: Comparing BaseDN [%s] with container [%s]',64,$base_dn,$container);
+		if (DEBUG_ENABLED)
+			debug_log('Comparing BaseDN [%s] with container [%s]',64,__FILE__,__LINE__,__METHOD__,$base_dn,$entry['container']);

-		if (! pla_compare_dns($container,$base_dn)) {
+		if (! pla_compare_dns($entry['container'],$base_dn)) {
 			$parent_container = false;
-			$up_href = sprintf('entry_chooser.php?form_element=%s&amp;rdn=%s',$return_form_element,$rdn);
+			$href['up'] = htmlspecialchars(sprintf('entry_chooser.php?form_element=%s&rdn=%s',$entry['element'],$entry['rdn']));
 			break;

 		} else {
-			$parent_container = get_container($container);
-			$up_href = sprintf('entry_chooser.php?form_element=%s&amp;rdn=%s&amp;server_id=%s&amp;container=%s',
-				$return_form_element,$rdn,$ldapserver->server_id,rawurlencode($parent_container));
+			$parent_container = get_container($entry['container']);
+			$href['up'] = htmlspecialchars(sprintf('entry_chooser.php?form_element=%s&rdn=%s&server_id=%s&container=%s',
+				$entry['element'],$entry['rdn'],$ldapserver->server_id,rawurlencode($parent_container)));
 		}
 	}

-	echo '&nbsp;';
-	printf('<a href="%s" style="text-decoration:none"><img src="images/up.png" /> %s</a>',$up_href,_('Back Up...'));
-	echo '<br />';
+	echo '<tr>';
+	echo '<td class="blank">&nbsp;</td>';
+	printf('<td class="icon"><a href="%s"><img src="images/up.png" alt="Up" /></a></td>',$href['up']);
+	printf('<td colspan=2><a href="%s">%s</a></td>',$href['up'],_('Back Up...'));
+	echo '</tr>';

-	if (! count($dn_list))
-		printf('&nbsp;&nbsp;&nbsp;(%s)<br />',_('no entries'));
+	if (! count($entry['children']))
+		printf('<td class="blank" colspan=2>&nbsp;</td><td colspan=2">(%s)</td>',_('no entries'));

 	else
-		foreach ($dn_list as $dn) {
-			$href = sprintf("javascript:returnDN('%s%s')",($rdn ? "$rdn," : ''),$dn);
-			echo '&nbsp;&nbsp;&nbsp;';
-			printf('<a href="entry_chooser.php?server_id=%s&amp;form_element=%s&amp;rdn=%s&amp;container=%s"><img src="images/plus.png" /></a>',
-				$ldapserver->server_id,$return_form_element,$rdn,rawurlencode($dn));
+		foreach ($entry['children'] as $dn) {
+			$href['return'] = sprintf("javascript:returnDN('%s%s')",($entry['rdn'] ? sprintf('%s,',$entry['rdn']) : ''),rawurlencode($dn));
+			$href['expand'] = htmlspecialchars(sprintf('entry_chooser.php?server_id=%s&form_element=%s&rdn=%s&container=%s',
+				$ldapserver->server_id,$entry['element'],$entry['rdn'],rawurlencode($dn)));

-			printf('<a href="%s">%s</a>',$href,htmlspecialchars($dn));
-			echo '<br />';
+			echo '<tr>';
+			echo '<td class="blank">&nbsp;</td>';
+			printf('<td class="icon"><a href="%s"><img src="images/plus.png" alt="Plus" /></a></td>',$href['expand']);
+
+			printf('<td colspan=2><a href="%s">%s</a></td>',$href['return'],htmlspecialchars($dn));
+			echo '</tr>';
+			echo "\n\n";
 		}

 /* draw the root of the selection tree (ie, list all the servers) */
 } else {
-	foreach ($ldapservers->GetServerList() as $id) {
+	foreach ($_SESSION[APPCONFIG]->ldapservers->GetServerList() as $id) {

-		$ldapserver = $ldapservers->Instance($id);
+		$ldapserver = $_SESSION[APPCONFIG]->ldapservers->Instance($id);

 		if ($ldapserver->isVisible()) {

@@ -91,25 +95,30 @@ if (isset($ldapserver) && $container !== false) {
 				continue;

 			else {
-				printf('<b>%s</b>',htmlspecialchars($ldapserver->name));
-				echo '<br />';
+				printf('<tr><td class="heading" colspan=3>%s:</td><td class="heading">%s</td></tr>',_('Server'),htmlspecialchars($ldapserver->name));
 				foreach ($ldapserver->getBaseDN() as $dn) {
 					if (! $dn) {
-						printf('<small>&nbsp;&nbsp;&nbsp;(%s)</small><br />',_('Could not determine base DN'));
+						printf('<tr><td class="blank">&nbsp;</td><td colspan=3>(%s)</td></tr>',_('Could not determine base DN'));

 					} else {
-						$href = sprintf("javascript:returnDN('%s%s')",($rdn ? "$rdn," : ''),$dn);
+						$href['return'] = sprintf("javascript:returnDN('%s%s')",($entry['rdn'] ? sprintf('%s,',$entry['rdn']) : ''),rawurlencode($dn));
+						$href['expand'] = htmlspecialchars(sprintf('entry_chooser.php?server_id=%s&form_element=%s&rdn=%s&container=%s',
+							$ldapserver->server_id,$entry['element'],$entry['rdn'],rawurlencode($dn)));

-						echo '&nbsp;&nbsp;&nbsp;';
-						printf('<a href="entry_chooser.php?server_id=%s&amp;form_element=%s&amp;rdn=%s&amp;container=%s"><img src="images/plus.png" /></a> ',
-							$ldapserver->server_id,$return_form_element,$rdn,rawurlencode($dn));
-
-						printf('<a href="%s">%s</a>',$href,htmlspecialchars($dn));
-						echo '<br />';
+						echo '<tr>';
+						echo '<td class="blank">&nbsp;</td>';
+						printf('<td colspan=2 class="icon"><a href="%s"><img src="images/plus.png" alt="Plus" /></a></td>',$href['expand']);
+						printf('<td colspan=2><a href="%s">%s</a></td>',$href['return'],htmlspecialchars($dn));
 					}
 				}
+
+				echo '<tr><td class="blank" colspan=4>&nbsp;</td></tr>';
 			}
 		}
 	}
 }
+
+echo '</table>';
+echo '</div>';
+echo '</body>';
 ?>
--- a/htdocs/expand.php
+++ b/htdocs/expand.php
@@ -1,15 +1,10 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/expand.php,v 1.22.4.2 2005/12/08 11:50:06 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/expand.php,v 1.26 2007/12/15 07:50:30 wurley Exp $

 /**
 * This script alters the session variable 'tree', expanding it
 * at the dn specified in the query string.
 *
- * Variables that come in via common.php
- *  - server_id
- * Variables that come in as GET vars:
- *  - dn (rawurlencoded)
- *
 * Note: this script is equal and opposite to collapse.php
 * @package phpLDAPadmin
 * @see collapse.php
@@ -18,34 +13,14 @@
 */

 require './common.php';
-no_expire_header();
-
-if (! $ldapserver->haveAuthInfo())
-	pla_error(_('Not enough information to login to server. Please check your configuration.'));
-
-# This allows us to display large sub-trees without running out of time.
-@set_time_limit(0);
-
-$dn = $_GET['dn'];
-
-# We dont need this result, as we'll use the SESSION value when we call tree.php
-$ldapserver->getContainerContents($dn,0,'(objectClass=*)',$config->GetValue('deref','tree'));

+$dn = get_request('dn','GET',true);
 $tree = get_cached_item($ldapserver->server_id,'tree');
-$tree['browser'][$dn]['open'] = true;
+$entry = $tree->getEntry($dn);
+$entry->open();
 set_cached_item($ldapserver->server_id,'tree','null',$tree);

-/* This is for Opera. By putting "random junk" in the query string, it thinks
-   that it does not have a cached version of the page, and will thus
-   fetch the page rather than display the cached version */
-$time = gettimeofday();
-$random_junk = md5(strtotime('now').$time['usec']);
-
-/* If cookies were disabled, build the url parameter for the session id.
-   It will be append to the url to be redirect */
-$id_session_param = '';
-if (SID != '')
-	$id_session_param = sprintf('&%s=%s',session_name(),session_id());
-
-header(sprintf('Location:tree.php?foo=%s#%s_%s%s',$random_junk,$ldapserver->server_id,rawurlencode($dn),$id_session_param));
+header(sprintf('Location:index.php?server_id=%s&junk=%s#%s%s',
+	$ldapserver->server_id,random_junk(),htmlid($ldapserver->server_id,$dn),pla_session_param()));
+die();
 ?>
--- a/htdocs/export.php
+++ b/htdocs/export.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/export.php,v 1.15.4.6 2005/12/10 12:03:44 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/export.php,v 1.18.2.1 2007/12/26 09:26:32 wurley Exp $

 /**
 * @package phpLDAPadmin
@@ -7,46 +7,48 @@
 /**
 */

+require './common.php';
+
 # Fix a bug with IE:
 ini_set('session.cache_limiter','');

-require './common.php';
 require LIBDIR.'export_functions.php';

-if (! $ldapserver->haveAuthInfo())
-	pla_error(_('Not enough information to login to server. Please check your configuration.'));
+if (! $_SESSION[APPCONFIG]->isCommandAvailable('export'))
+	pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('export')));

-$base_dn = isset($_POST['dn']) ? $_POST['dn']:NULL;
-$format = isset($_POST['format']) ? $_POST['format'] : 'unix';
-$scope = isset($_POST['scope']) ? $_POST['scope'] : 'base';
-$filter = isset($_POST['filter']) ? $_POST['filter'] : 'objectclass=*';
-$target = isset($_POST['target']) ? $_POST['target'] : 'display';
-$save_as_file = isset($_POST['save_as_file']) && $_POST['save_as_file'] == 'on';
+$entry['base_dn'] = get_request('dn');
+$entry['format'] = get_request('format','POST',false,'unix');
+$entry['scope'] = get_request('scope','POST',false,'base');
+$entry['filter'] = get_request('filter','POST',false,'objectclass=*');
+$entry['attr'] = get_request('attributes');
+$entry['sys_attr'] = get_request('sys_attr');
+$entry['file'] = get_request('save_as_file') ? true : false;
+$entry['exporter_id'] = get_request('exporter_id');

-if (isset($_POST['filter'])) {
-	preg_replace('/\s+/','',$_POST['filter']);
-	$attributes = split(',',preg_replace('/\s+/','',$_POST['attributes']));
+if ($entry['filter']) {
+	$entry['filter'] = preg_replace('/\s+/','',$entry['filter']);
+	$attributes = split(',',preg_replace('/\s+/','',$entry['attr']));

 } else {
 	$attributes = array();
 }

-# add system attributes if needed
-if (isset($_POST['sys_attr'])) {
+# Add system attributes if needed
+if ($entry['sys_attr']) {
 	array_push($attributes,'*');
 	array_push($attributes,'+');
 }

-isset($_POST['exporter_id']) or pla_error(_('You must choose an export format.'));
-$exporter_id = $_POST['exporter_id'];
-isset($exporters[$exporter_id]) or pla_error(_('Invalid export format'));
+(! is_null($entry['exporter_id'])) or pla_error(_('You must choose an export format.'));
+isset($exporters[$entry['exporter_id']]) or pla_error(_('Invalid export format'));

 # Initialisation of other variables
-$friendly_rdn = get_rdn($base_dn,1);
-$extension = $exporters[$exporter_id]['extension'];
+$friendly_rdn = get_rdn($entry['base_dn'],1);
+$extension = $exporters[$entry['exporter_id']]['extension'];

 # default case not really needed
-switch ($format) {
+switch ($entry['format']) {
 	case 'win':
 		$br = "\r\n";
 		break;
@@ -59,12 +61,12 @@ switch ($format) {
 }

 # get the decoree,ie the source
-$plaLdapExporter = new PlaLdapExporter($ldapserver->server_id,$filter,$base_dn,$scope,$attributes);
+$plaLdapExporter = new PlaLdapExporter($ldapserver->server_id,$entry['filter'],$entry['base_dn'],$entry['scope'],$attributes);

 # the decorator do it that way for the moment
 $exporter = null;

-switch ($exporter_id) {
+switch ($entry['exporter_id']) {
 	case 0:
 		$exporter = new PlaLdifExporter($plaLdapExporter);
 		break;
@@ -96,16 +98,16 @@ if (isset($_REQUEST['compress']) && $_REQUEST['compress'] = 'on')
@set_time_limit(0);

 # send the header
-if ($save_as_file)
+if ($entry['file']) {
+	if (ob_get_level()) ob_end_clean();
 	header('Content-type: application/download');
-else
-	header('Content-type: text/plain');
+	header(sprintf('Content-Disposition: filename="%s.%s"',$friendly_rdn,$exporters[$entry['exporter_id']]['extension'].($exporter->isCompressed()?'.gz':'')));
+	$exporter->export();
+	die();

-header(sprintf('Content-Disposition: filename="%s.%s"',$friendly_rdn,$exporters[$exporter_id]['extension'].($exporter->isCompressed()?'.gz':'')));
-header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
-header('Last-Modified: '.gmdate('D, d M Y H:i:s').' GMT');
-header('Cache-Control: post-check=0, pre-check=0', false);
-
-# and export
-$exporter->export();
+} else {
+	print '<span style="font-size: 14px; font-family: courier;"><pre>';
+	$exporter->export();
+	print '</pre></span>';
+}
 ?>
--- a/htdocs/export_form.php
+++ b/htdocs/export_form.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/export_form.php,v 1.22.4.6 2005/12/11 07:41:04 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/export_form.php,v 1.26.2.1 2008/01/13 05:37:01 wurley Exp $

 /**
 * export_form.php
@@ -10,15 +10,16 @@
 */

 require './common.php';
+
 require LIBDIR.'export_functions.php';

-$format = isset($_GET['format']) ? $_GET['format'] : get_line_end_format();
-$scope = isset($_GET['scope']) ? $_GET['scope'] : 'base' ;
-$exporter_id = isset($_GET['exporter_id']) ? $_GET['exporter_id'] : 0 ;
-$dn = isset($_GET['dn']) ? $_GET['dn'] : null;
-$filter = isset($_GET['filter']) ? $_GET['filter'] : '(objectClass=*)';
-$attributes = isset($_GET['attributes']) ? $_GET['attributes'] : '*';
-$sys_attr = isset($_GET['sys_attr']) && $_GET['sys_attr'] == 'true' ? true : false;
+$entry['format'] = get_request('format','GET',false,get_line_end_format());
+$entry['scope'] = get_request('scope','GET',false,'base');
+$entry['id'] = get_request('exporter_id','GET',false,0);
+$entry['dn'] = get_request('dn','GET');
+$entry['filter'] = get_request('filter','GET',false,'(objectClass=*)');
+$entry['attr'] = get_request('attributes','GET',false,'*');
+$entry['sys_attr'] = get_request('sys_attr','GET') ? true: false;

 $available_formats = array (
 	'unix' => 'UNIX (Linux, BSD)',
@@ -32,15 +33,12 @@ $available_scopes = array (
 	'sub' => _('Sub (entire subtree)')
 );

-
-include './header.php';
-
-echo '<body>';
 printf('<h3 class="title">%s</h3>',_('Export'));
 echo '<br />';
 echo '<center>';
-echo '<form name="export_form" action="export.php" method="post">';
-echo '<table class="export_form">';
+echo '<form name="export_form" action="cmd.php" method="post">';
+echo '<input type="hidden" name="cmd" value="export" />';
+echo '<table class="forminput">';
 echo '<tr>';
 echo '<td>';

@@ -48,13 +46,13 @@ echo '<fieldset>';
 printf('<legend>%s</legend>',_('Export'));

 echo '<table>';
-printf('<tr><td>%s</td><td>%s</td></tr>',_('Server'),server_select_list());
+printf('<tr><td>%s</td><td>%s</td></tr>',_('Server'),server_select_list($ldapserver->server_id));

 echo '<tr>';
 printf('<td style="white-space:nowrap">%s</td>',_('Base DN'));
-printf('<td><nobr><input type="text" name="dn" id="dn" style="width:230px" value="%s" />&nbsp;',htmlspecialchars($dn));
+printf('<td><span style="white-space: nowrap;"><input type="text" name="dn" id="dn" style="width:230px" value="%s" />&nbsp;',htmlspecialchars($entry['dn']));
 draw_chooser_link('export_form.dn');
-echo '</nobr></td>';
+echo '</span></td>';
 echo '</tr>';

 echo '<tr>';
@@ -64,20 +62,20 @@ echo '<td>';

 foreach ($available_scopes as $id => $desc)
 	printf('<input type="radio" name="scope" value="%s" id="%s"%s /><label for="%s">%s</label><br />',
-		htmlspecialchars($id),htmlspecialchars($id),($id == $scope) ? 'checked="true"' : '',
+		htmlspecialchars($id),htmlspecialchars($id),($id == $entry['scope']) ? 'checked="true"' : '',
 		htmlspecialchars($id),htmlspecialchars($desc));

 echo '</td>';
 echo '</tr>';

 printf('<tr><td>%s</td><td><input type="text" name="filter" style="width:300px" value="%s" /></td></tr>',
-	_('Search Filter'),htmlspecialchars($filter));
+	_('Search Filter'),htmlspecialchars($entry['filter']));

 printf('<tr><td>%s</td><td><input type="text" name="attributes" style="width:300px" value="%s" /></td></tr>',
-	_('Show Attributtes'),htmlspecialchars($attributes));
+	_('Show Attributtes'),htmlspecialchars($entry['attr']));

 printf('<tr><td>&nbsp;</td><td><input type="checkbox" name="sys_attr" id="sys_attr" %s/> <label for="sys_attr">%s</label></td></tr>',
-	$sys_attr ? 'checked="true" ' : '',_('Include system attributes'));
+	$entry['sys_attr'] ? 'checked="true" ' : '',_('Include system attributes'));

 printf('<tr><td>&nbsp;</td><td><input type="checkbox" id="save_as_file" name="save_as_file" onclick="toggle_disable_field_saveas(this)" /> <label for="save_as_file">%s</label></td></tr>',
 	_('Save as file'));
@@ -100,7 +98,7 @@ printf('<legend>%s</legend>',_('Export format'));

 foreach ($exporters as $index => $exporter) {
 	printf('<input type="radio" name="exporter_id" id="exporter_id_%s" value="%s"%s />',
-		htmlspecialchars($index),htmlspecialchars($index),($index==$exporter_id) ? ' checked="true"' : '');
+		htmlspecialchars($index),htmlspecialchars($index),($index==$entry['id']) ? ' checked="true"' : '');
 	printf('<label for="%s">%s</label><br />',
 		htmlspecialchars($index),htmlspecialchars($exporter['desc']));
 }
@@ -113,7 +111,7 @@ echo '<fieldset style="height: 100px">';
 printf('<legend>%s</legend>',_('Line ends'));
 foreach ($available_formats as $id => $desc)
 	printf('<input type="radio" name="format" value="%s" id="%s"%s /><label for="%s">%s</label><br />',
-		htmlspecialchars($id),htmlspecialchars($id),($format==$id) ? ' checked="true"' : '',
+		htmlspecialchars($id),htmlspecialchars($id),($entry['format']==$id) ? ' checked="true"' : '',
 		htmlspecialchars($id),htmlspecialchars($desc));

 echo '</fieldset>';
@@ -161,5 +159,3 @@ function get_line_end_format() {
        }
 -->
 </script>
-</body>
-</html>
--- a/htdocs/header.php
+++ b/htdocs/header.php
@@ -1,14 +1,15 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/header.php,v 1.21.2.3 2005/12/11 04:00:23 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/header.php,v 1.27.2.2 2008/01/27 11:57:38 wurley Exp $

 /**
 * @package phpLDAPadmin
 */

+require_once LIBDIR.'./common.php';
+
 /* We want to get $language into scope in case we were included
   from within a function */
-global $config;
-$language = isset($config) ? $language = $config->GetValue('appearance','language') : 'auto';
+$language = isset($_SESSION[APPCONFIG]) ? $language = $_SESSION[APPCONFIG]->GetValue('appearance','language') : 'auto';

 # text/xml won't work with MSIE, but is very useful for debugging xhtml code.
 # header('Content-type: text/xml; charset="UTF-8"');
@@ -17,20 +18,24 @@ $language = isset($config) ? $language = $config->GetValue('appearance','languag
 # XML version and encoding for well-behaved browsers
 echo '<?xml version="1.0" encoding="utf-8"?>'."\n";

-echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"';
-echo '  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">'."\n";
+echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"'."\n";
+echo '"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">'."\n";

 printf('<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="%s" lang="%s" dir="ltr">',$language,$language);
 echo "\n\n";

 echo '<head>';

-if (isset($config) && $pagetitle = $config->GetValue('appearance','page_title'))
+if (isset($_SESSION[APPCONFIG]) && $pagetitle = $_SESSION[APPCONFIG]->GetValue('appearance','page_title'))
 	printf('<title>phpLDAPadmin - %s</title>',$pagetitle);
 else
 	echo '<title>phpLDAPadmin</title>';

-printf('<link type="text/css" rel="stylesheet" href="%sstyle.css" media="screen" />',CSSDIR);
+if (isset($_SESSION[APPCONFIG]))
+	$css = $_SESSION[APPCONFIG]->GetValue('appearance','stylesheet');
+else
+	$css = 'style.css';
+printf('<link type="text/css" rel="stylesheet" href="%s%s" media="screen" />',CSSDIR,$css);

 if (isset($server_id)) {
 	$custom_file = get_custom_file($server_id,'style.css',CSSDIR);
@@ -41,13 +46,18 @@ if (isset($server_id)) {

 printf('<script type="text/javascript" src="%sentry_chooser.js"></script>',JSDIR);
 printf('<script type="text/javascript" src="%sie_png_work_around.js"></script>',JSDIR);
-printf('<script type="text/javascript" src="%ssearch_util.js"></script>',JSDIR);
 printf('<script type="text/javascript" src="%sgeneric_utils.js"></script>',JSDIR);
+printf('<script type="text/javascript" src="%sto_ascii.js"></script>',JSDIR);
+printf('<script type="text/javascript" src="%smodify_member.js"></script>',JSDIR);
 printf('<link type="text/css" rel="stylesheet" media="all" href="%s/jscalendar/calendar-blue.css" title="blue" />',JSDIR);
+
+echo "\n<!--\n";
 printf('<script type="text/javascript" src="%sjscalendar/calendar.js"></script>',JSDIR);
 printf('<script type="text/javascript" src="%sjscalendar/lang/calendar-en.js"></script>',JSDIR);
 printf('<script type="text/javascript" src="%sjscalendar/calendar-setup.js"></script>',JSDIR);
 printf('<script type="text/javascript" src="%sdate_selector.js"></script>',JSDIR);
+echo "\n-->\n";
+
 printf('<link type="text/css" rel="stylesheet" href="%s/phplayersmenu/layerstreemenu.css"></link>',JSDIR);

 if (isset($meta_refresh_variable))
--- a/htdocs/help.php
+++ b/htdocs/help.php
@@ -1,28 +0,0 @@
-<?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/help.php,v 1.5 2005/02/26 12:35:05 wurley Exp $
-
-/**
- * @package phpLDAPadmin
- */
-/**
- */
-
-include './common.php';
-include './header.php';
-
-$forum_href = get_href( 'forum' );
-?>
-
-<body>
-
-<h3 class="title">Help</h3>
-<br />
-<center>
-<p>Do you have a problem or question?</p>
-<p>Perhaps you are new to LDAP and need a little guidance?</p>
-<p>Help is only one click away. Visit the online <a href="<?php echo $forum_href; ?>">phpLDAPadmin support forum</a>.</p>
-<br />
-</center>
-
-</body>
-</html>
--- a/htdocs/images/ajax-progress.gif
+++ b/htdocs/images/ajax-progress.gif
--- a/htdocs/images/ajax-spinner.gif
+++ b/htdocs/images/ajax-spinner.gif
--- a/htdocs/images/bug-big.png
+++ b/htdocs/images/bug-big.png
--- a/htdocs/images/debug-cache.png
+++ b/htdocs/images/debug-cache.png
--- a/htdocs/images/export.png
+++ b/htdocs/images/export.png
--- a/htdocs/images/favicon.ico
+++ b/htdocs/images/favicon.ico
--- a/htdocs/images/help-big.png
+++ b/htdocs/images/help-big.png
--- a/htdocs/images/home-big.png
+++ b/htdocs/images/home-big.png
--- a/htdocs/images/import.png
+++ b/htdocs/images/import.png
--- a/htdocs/images/info-big.png
+++ b/htdocs/images/info-big.png
--- a/htdocs/images/key.png
+++ b/htdocs/images/key.png
--- a/htdocs/images/light-big.png
+++ b/htdocs/images/light-big.png
--- a/htdocs/images/logout.png
+++ b/htdocs/images/logout.png
--- a/htdocs/images/notice.png
+++ b/htdocs/images/notice.png
--- a/htdocs/images/refresh-big.png
+++ b/htdocs/images/refresh-big.png
--- a/htdocs/images/request-feature.png
+++ b/htdocs/images/request-feature.png
--- a/htdocs/images/schema.png
+++ b/htdocs/images/schema.png
--- a/htdocs/images/search.png
+++ b/htdocs/images/search.png
--- a/htdocs/images/smile-big.png
+++ b/htdocs/images/smile-big.png
--- a/htdocs/images/trash-big.png
+++ b/htdocs/images/trash-big.png
--- a/htdocs/index.php
+++ b/htdocs/index.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/index.php,v 1.42.2.8 2006/01/01 11:54:09 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/index.php,v 1.49.2.5 2008/01/12 10:01:28 wurley Exp $

 /**
 * @package phpLDAPadmin
@@ -16,196 +16,76 @@ PHP is not installed on your web server!!!

 /**
 * We will perform some sanity checking here, since this file is normally loaded first when users
- * first setup PLA.
+ * first access the application.
 */
-define('LIBDIR','../lib/');
+# The index we will store our config in $_SESSION
+define('APPCONFIG','plaConfig');
+
+define('LIBDIR',sprintf('%s/',realpath('../lib/')));
 ini_set('display_errors',1);
 error_reporting(E_ALL);

 # General functions needed to proceed.
 ob_start();
 if (! file_exists(LIBDIR.'functions.php')) {
-	ob_end_clean();
-	die("Fatal error: Required file 'functions.php' does not exist.");
+	if (ob_get_level()) ob_end_clean();
+	die(sprintf("Fatal error: Required file '<b>%sfunctions.php</b>' does not exist.",LIBDIR));
 }

 if (! is_readable(LIBDIR.'functions.php')) {
-	ob_end_clean();
-	die("Cannot read the file 'functions.php' its permissions are too strict.");
+	if (ob_get_level()) ob_end_clean();
+	die(sprintf("Cannot read the file '<b>%sfunctions.php</b>' its permissions may be too strict.",LIBDIR));
 }
-require LIBDIR.'functions.php';
-$config_file = CONFDIR.'config.php';
-ob_end_clean();

-/* Helper functions.
+if (ob_get_level())
+	ob_end_clean();
+
+require LIBDIR.'functions.php';
+
+# Define the path to our configuration file.
+if (defined('CONFDIR'))
+	$app['config_file'] = CONFDIR.'config.php';
+else
+	$app['config_file'] = 'config.php';
+
+# Make sure this PHP install has gettext, we use it for language translation
+if (! extension_loaded('gettext'))
+	error('<p>Your install of PHP appears to be missing GETTEXT support.</p><p>GETTEXT is used for language translation.</p><p>Please install GETTEXT support before using phpLDAPadmin.<br /><small>(Dont forget to restart your web server afterwards)</small></p>','error',true);
+
+/**
+ * Helper functions.
 * Our required helper functions are defined in functions.php
 */
-foreach ($pla_function_files as $file_name ) {
-	if (! file_exists($file_name))
-		pla_error(sprintf('Fatal error: Required file "%s" does not exist.',$file_name));
+if (isset($app['function_files']) && is_array($app['function_files']))
+	foreach ($app['function_files'] as $file_name ) {
+		if (! file_exists($file_name))
+			error(sprintf('Fatal error: Required file "%s" does not exist.',$file_name),'error',true);

-	if (! is_readable($file_name))
-		pla_error(sprintf('Fatal error: Cannot read the file "%s", its permissions are too strict.',$file_name));
+		if (! is_readable($file_name))
+			error(sprintf('Fatal error: Cannot read the file "%s", its permissions may be too strict.',$file_name),'error',true);

-	ob_start();
-	require $file_name;
-	ob_end_clean();
-}
+		ob_start();
+		require $file_name;
+		if (ob_get_level()) ob_end_clean();
+	}

 # Configuration File check
-if (! file_exists($config_file)) {
-	echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML Basic 1.0//EN"';
-	echo '"http://www.w3.org/TR/xhtml-basic/xhtml-basic10.dtd">';
+if (! file_exists($app['config_file'])) {
+	error(sprintf(_('You need to configure %s. Edit the file "%s" to do so. An example config file is provided in "%s.example".'),'phpLDAPadmin',$app['config_file'],$app['config_file']),'error',true);

-	echo '<html>';
-	echo '<head>';
-	printf('<title>phpLDAPadmin - %s</title>',pla_version());
-	echo '<link type="text/css" rel="stylesheet" href="css/style.css" />';
-	echo '</head>';
-
-	echo '<body>';
-	echo '<h3 class="title">Configure phpLDAPadmin</h3>';
-	echo '<br /><br />';
-
-	echo '<center>';
-	printf(_('You need to configure phpLDAPadmin. Edit the file "%s" to do so. An example config file is provided in "%s.example".'),$config_file,$config_file);
-	echo '</center>';
-
-	echo '</body>';
-	echo '</html>';
-	die();
-
-} elseif (! is_readable($config_file)) {
-	pla_error(sprintf('Fatal error: Cannot read your configuration file "%s", its permissions are too strict.',$config_file));
+} elseif (! is_readable($app['config_file'])) {
+	error(sprintf('Fatal error: Cannot read your configuration file "%s", its permissions may be too strict.',$app['config_file']),'error',true);
 }

-if (! check_config()) {
+# If our config file fails the sanity check, then stop now.
+if (! check_config($app['config_file'])) {
+	$www['page'] = new page();
+	$www['body'] = new block();
+	$www['page']->block_add('body',$www['body']);
+	$www['page']->display();
+
 	exit;
 }

-echo '<?xml version="1.0" encoding="utf-8"?>'."\n";
-echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML Basic 1.0//EN"'."\n";
-echo '  "http://www.w3.org/TR/xhtml-basic/xhtml-basic10.dtd">'."\n";
-echo "\n";
-
-echo '<html xmlns="http://www.w3.org/1999/xhtml" lang="no-NO">';
-
-if ($pagetitle = $config->GetValue('appearance','page_title'))
-	printf('<head><title>phpLDAPadmin (%s) - %s</title></head>',pla_version(),$pagetitle);
-else
-	printf('<head><title>phpLDAPadmin - %s</title></head>',pla_version());
-
-printf('<frameset cols="%s,*">',$config->GetValue('appearance','tree_width'));
-echo '<frame src="tree.php" name="left_frame" id="left_frame" />';
-echo '<frame src="welcome.php" name="right_frame" id="right_frame" />';
-echo '</frameset>';
-
-echo '</html>';
-
-/*
- * Makes sure that the config file is properly setup and
- * that your install of PHP can handle LDAP stuff.
- */
-function check_config() {
-	global $config_file,$config;
-
-	/* Check for syntax errors in config.php
-	   As of php 4.3.5, this NO longer catches fatal errors :( */
-	ob_start();
-	include $config_file;
-	$str = ob_get_contents();
-	ob_end_clean();
-
-	if ($str) {
-		$str = strip_tags($str);
-		$matches = array();
-		preg_match('/(.*):\s+(.*):.*\s+on line (\d+)/',$str,$matches);
-		$error_type = $matches[1];
-		$error = $matches[2];
-		$line_num = $matches[3];
-
-		$file = file($config_file);
-
-		echo '<?xml version="1.0" encoding="utf-8"?>'."\n";
-		echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML Basic 1.0//EN"'."\n";
-		echo '  "http://www.w3.org/TR/xhtml-basic/xhtml-basic10.dtd">'."\n";
-		echo "\n";
-
-		echo '<html>';
-		echo '<head>';
-		echo '<title>phpLDAPadmin Config File Error</title>';
-		echo '<link type="text/css" rel="stylesheet" href="css/style.css" />';
-		echo '</head>';
-
-		echo '<body>';
-		echo '<h3 class="title">Config File ERROR</h3>';
-		printf('<h3 class="subtitle">%s (%s) on line %s</h3>',$error_type,$error,$line_num);
-
-		echo '<center>';
-		printf('Looks like your config file has an ERROR on line %s.<br />',$line_num);
-		echo 'Here is a snippet around that line <br />';
-		echo '<br />'."\n";
-
-		echo '<div style="text-align: left; font-family: monospace; margin-left: 80px; margin-right: 80px; border: 1px solid black; padding: 10px;">';
-
-		for ($i = $line_num-9; $i<$line_num+5; $i++) {
-			if ($i+1 == $line_num)
-				echo '<div style="color:red;background:#fdd">';
-
-			if ($i < 0)
-				continue;
-
-			printf('<b>%s</b>: %s<br />',$i+1,htmlspecialchars($file[$i]));
-
-			if ($i+1 == $line_num)
-				echo '</div>';
-		}
-
-		echo '</div>';
-		echo '<br />';
-		echo 'Hint: Sometimes these errors are caused by lines <b>preceding</b> the line reported.';
-		echo '</center>';
-		echo '</body>';
-		echo '</html>';
-
-		return false;
-	}
-
-	# Now read in config_default.php, which also reads in config.php
-	require LIBDIR.'config_default.php';
-
-	# Make sure their PHP version is current enough
-	if (strcmp(phpversion(),REQUIRED_PHP_VERSION) < 0) {
-		pla_error(sprintf('phpLDAPadmin requires PHP version %s or greater. You are using %s',
-			REQUIRED_PHP_VERSION,phpversion()));
-	}
-
-	# Make sure this PHP install has all our required extensions
-	if (! extension_loaded('ldap')) {
-		pla_error('Your install of PHP appears to be missing LDAP support. Please install LDAP support before using phpLDAPadmin. (Dont forget to restart your web server afterwards)');
-		return false;
-	}
-
-	# Make sure that we have php-xml loaded.
-	if (! function_exists('xml_parser_create')) {
-		pla_error('Your install of PHP appears to be missing XML support. Please install XML support before using phpLDAPadmin. (Dont forget to restart your web server afterwards)');
-		return false;
-	}
-
-	# Make sure their session save path is writable, if they are using a file system session module, that is.
-	if ( ! strcasecmp('Files',session_module_name() && ! is_writable(realpath(session_save_path())))) {
-		pla_error('Your PHP session configuration is incorrect. Please check the value of session.save_path
-			in your php.ini to ensure that the directory specified there exists and is writable.
-			The current setting of "'.session_save_path().'" is un-writable by the web server.');
-		return false;
-	}
-
-	if (! isset($ldapservers) || count($ldapservers->GetServerList()) == 0) {
-		pla_error('Your config.php is missing Server Definitions.
-			Please see the sample file config/config.php.example.',false);
-		return false;
-	}
-
-	return true;
-}
+include './cmd.php';
 ?>
--- a/htdocs/js/date_selector.js
+++ b/htdocs/js/date_selector.js
@@ -1,11 +1,17 @@
 function dateSelector(id) {
-  	var el = document.getElementById('f_date_'+id);
+	var el = document.getElementById('f_date_'+id);
 	var format = gettype(el.id);
 	var epoch;
 	var parse = false;

-    	var cal = new Calendar(0, null, onSelect, onClose);
-	cal.showsTime = false;
+	var cal = new Calendar(0, null, onSelect, onClose);
+
+	if (defaults['f_time_'+id]) {
+		cal.showsTime = true;
+	} else {
+		cal.showsTime = false;
+	}
+
 	cal.weekNumbers = true;
 	cal.showsOtherMonths = true;
 	cal.create();
--- a/htdocs/js/modify_member.js
+++ b/htdocs/js/modify_member.js
@@ -0,0 +1,98 @@
+/* This function submits the form
+ * when Save Changes button is pressed.
+ * see modify_member_form.php
+ */
+function submitForm(formId) {
+	var formObj = document.getElementById(formId);
+	formObj.submit();
+}
+
+/* This function generates hidden input array from new group members
+ * when submit button is pressed.
+ * see modify_member_form.php
+*/
+function update_new_values(memberattr,formId) {
+	el = document.getElementById("dnu");
+
+	for (i=0;i<m2.length;i++) {
+		el.innerHTML =
+			el.innerHTML +
+			"<input type='hidden' name='new_values[" + memberattr + "][" +
+			i + "]' value='" + m2.options[i].text + "' />";
+	}
+
+	submitForm(formId);
+}
+
+
+/* This function moves members from left select box to right one
+ * see modify_member_form.php
+ */
+function one2two() {
+
+	m1len = m1.length ;
+	for (i=0;i<m1len;i++) {
+		if (m1.options[i].selected == true) {
+			m2len = m2.length;
+			m2.options[m2len]= new Option(m1.options[i].text);
+		}
+	}
+
+	for (i=(m1len-1);i>=0;i--){
+		if (m1.options[i].selected == true) {
+			m1.options[i] = null;
+		}
+	}
+}
+
+/* This function moves members from right select box to left one
+ * see modify_member_form.php
+ */
+function two2one() {
+
+	m2len = m2.length ;
+	for (i=0;i<m2len;i++){
+		if (m2.options[i].selected == true) {
+			m1len = m1.length;
+			m1.options[m1len]= new Option(m2.options[i].text);
+		}
+	}
+
+	for (i=(m2len-1);i>=0;i--) {
+		if (m2.options[i].selected == true) {
+			m2.options[i] = null;
+		}
+	}
+}
+
+/* This function moves all members from left select box to right one
+ * see modify_member_form.php
+ */
+function all2two() {
+
+	m1len = m1.length ;
+	for (i=0;i<m1len;i++) {
+		m2len = m2.length;
+		m2.options[m2len]= new Option(m1.options[i].text);
+	}
+
+	for (i=(m1len-1);i>=0;i--) {
+		m1.options[i] = null;
+	}
+}
+
+/* This function moves all members from right select box to left one
+ * see modify_member_form.php
+ */
+function all2one() {
+
+	m2len = m2.length ;
+	for (i=0;i<m2len;i++) {
+		m1len = m1.length;
+		m1.options[m1len]= new Option(m2.options[i].text);
+	}
+
+	for (i=(m2len-1);i>=0;i--) {
+		m2.options[i] = null;
+	}
+}
--- a/htdocs/js/phplayersmenu/layerstreemenu.css
+++ b/htdocs/js/phplayersmenu/layerstreemenu.css
@@ -1,18 +1,18 @@
-.treemenudiv	{
+table.tree .treemenudiv	{
 	display: block;
 	white-space: nowrap;
 	padding-top: 1px;
 	padding-bottom: 1px;
 }

-.phplmnormal	{
+table.tree .phplmnormal	{
 	font-family: bitstream vera sans, luxi sans, verdana, geneva, arial, helvetica, sans-serif;
 	font-size: 13px;
 	color: #000000;
 	text-decoration: none;
 }

-a.phplmnormal:hover	{
+table.tree a.phplmnormal:hover	{
 	font-family: bitstream vera sans, luxi sans, verdana, geneva, arial, helvetica, sans-serif;
 	font-size: 13px;
 	color: #000000;
@@ -20,21 +20,21 @@ a.phplmnormal:hover	{
 	text-decoration: none;
 }

-a.phplm:link	{
+table.tree a.phplm:link	{
 	font-family: bitstream vera sans, luxi sans, verdana, geneva, arial, helvetica, sans-serif;
 	font-size: 13px;
 	color: #000000;
 	text-decoration: none;
 }

-a.phplm:visited	{
+table.tree a.phplm:visited	{
 	font-family: bitstream vera sans, luxi sans, verdana, geneva, arial, helvetica, sans-serif;
 	font-size: 13px;
 	color: #000000;
 	text-decoration: none;
 }

-a.phplm:hover	{
+table.tree a.phplm:hover	{
 	font-family: bitstream vera sans, luxi sans, verdana, geneva, arial, helvetica, sans-serif;
 	font-size: 13px;
 	color: #841212;
@@ -42,14 +42,14 @@ a.phplm:hover	{
 	text-decoration: none;
 }

-a.phplm:active	{
+table.tree a.phplm:active	{
 	font-family: bitstream vera sans, luxi sans, verdana, geneva, arial, helvetica, sans-serif;
 	font-size: 13px;
 	color: #ff0000;
 	text-decoration: none;
 }

-a.phplmselected:link	{
+table.tree a.phplmselected:link	{
 	font-family: bitstream vera sans, luxi sans, verdana, geneva, arial, helvetica, sans-serif;
 	font-size: 13px;
 	color: #dd0000;
@@ -57,7 +57,7 @@ a.phplmselected:link	{
 	text-decoration: none;
 }

-a.phplmselected:visited	{
+table.tree a.phplmselected:visited	{
 	font-family: bitstream vera sans, luxi sans, verdana, geneva, arial, helvetica, sans-serif;
 	font-size: 13px;
 	color: #dd0000;
@@ -65,7 +65,7 @@ a.phplmselected:visited	{
 	text-decoration: none;
 }

-a.phplmselected:hover	{
+table.tree a.phplmselected:hover	{
 	font-family: bitstream vera sans, luxi sans, verdana, geneva, arial, helvetica, sans-serif;
 	font-size: 13px;
 	color: #841212;
@@ -73,7 +73,7 @@ a.phplmselected:hover	{
 	text-decoration: none;
 }

-a.phplmselected:active	{
+table.tree a.phplmselected:active	{
 	font-family: bitstream vera sans, luxi sans, verdana, geneva, arial, helvetica, sans-serif;
 	font-size: 13px;
 	color: #ff0000;
--- a/htdocs/js/phplayersmenu/lib/PHPLIB.php
+++ b/htdocs/js/phplayersmenu/lib/PHPLIB.php
@@ -8,7 +8,7 @@
 //          Bjoern Schotte <bjoern@rent-a-phpwizard.de> (PEARification)                
 //          Martin Jansen <mj@php.net> (PEAR conformance)            
 //
-// $Id: PHPLIB.php,v 1.1.2.1 2005/11/27 03:55:50 wurley Exp $
+// $Id: PHPLIB.php,v 1.3 2006/09/17 06:22:04 wurley Exp $
 //

 //require_once "PEAR.php";
@@ -31,37 +31,37 @@ class Template_PHPLIB
     * If set, echo assignments
     * @var bool
     */
-    var $debug     = false;
+    public $debug     = false;

    /**
     * $file[handle] = "filename";
     * @var array
     */
-    var $file  = array();
+    public $file  = array();

    /**
     * fallback paths that should be defined in a child class
     * @var array
     */
-    var $file_fallbacks = array();
+    public $file_fallbacks = array();

    /**
     * Relative filenames are relative to this pathname
     * @var string
     */
-    var $root   = "";
+    public $root   = "";

    /*
     * $_varKeys[key] = "key"
     * @var array
     */
-    var $_varKeys = array();
+    public $_varKeys = array();
    
    /**
     * $_varVals[key] = "value";
     * @var array
     */
-    var $_varVals = array();
+    public $_varVals = array();

    /**
     * "remove"  => remove undefined variables
@@ -69,20 +69,20 @@ class Template_PHPLIB
     * "keep"    => keep undefined variables
     * @var string
     */
-    var $unknowns = "remove";
+    public $unknowns = "remove";
  
    /**
     * "yes" => halt, "report" => report error, continue, "no" => ignore error quietly
     * @var string
     */
-    var $haltOnError  = "report";
+    public $haltOnError  = "report";
  
    /**
     * The last error message is retained here
     * @var string
     * @see halt
     */
-    var $_lastError     = "";
+    public $_lastError     = "";


    /**
--- a/htdocs/js/phplayersmenu/lib/layersmenu-common.inc.php
+++ b/htdocs/js/phplayersmenu/lib/layersmenu-common.inc.php
@@ -22,112 +22,112 @@ class LayersMenuCommon
 * @access private
 * @var string
 */
-var $_packageName;
+public $_packageName;
 /**
 * The version of the package
 * @access private
 * @var string
 */
-var $version;
+public $version;
 /**
 * The copyright of the package
 * @access private
 * @var string
 */
-var $copyright;
+public $copyright;
 /**
 * The author of the package
 * @access private
 * @var string
 */
-var $author;
+public $author;

 /**
 * URL to be prepended to the menu hrefs
 * @access private
 * @var string
 */
-var $prependedUrl = '';
+public $prependedUrl = '';
 /**
 * Do you want that code execution halts on error?
 * @access private
 * @var string
 */
-var $haltOnError = 'yes';
+public $haltOnError = 'yes';

 /**
 * The base directory where the package is installed
 * @access private
 * @var string
 */
-var $dirroot;
+public $dirroot;
 /**
 * The "libjs" directory of the package
 * @access private
 * @var string
 */
-var $libjsdir;
+public $libjsdir;
 /**
 * The directory where images related to the menu can be found
 * @access private
 * @var string
 */
-var $imgdir;
+public $imgdir;
 /**
 * The http path corresponding to imgdir
 * @access private
 * @var string
 */
-var $imgwww;
+public $imgwww;
 /**
 * The directory where icons of menu items can be found
 * @access private
 * @var string
 */
-var $icondir;
+public $icondir;
 /**
 * The http path corresponding to icondir
 * @access private
 * @var string
 */
-var $iconwww;
+public $iconwww;
 /**
 * This array may contain width and height of all icons
 * @access private
 * @var integer
 */
-var $iconsize = array();
+public $iconsize = array();
 /**
 * If this var is false, width and height of icons have to be detected; if this var is true, width and height of icons are not detected and are retrieved from the iconsize array
 * @access private
 * @var boolean
 */
-var $issetIconsize = false;
+public $issetIconsize = false;
 /**
 * The directory where templates can be found
 * @access private
 * @var string
 */
-var $tpldir;
+public $tpldir;
 /**
 * The string containing the menu structure
 * @access private
 * @var string
 */
-var $menuStructure;
+public $menuStructure;

 /**
 * It counts nodes for all menus
 * @access private
 * @var integer
 */
-var $_nodesCount;
+public $_nodesCount;
 /**
 * A multi-dimensional array to store informations for each menu entry
 * @access private
 * @var array
 */
-var $tree;
+public $tree;
 /**
 * A multi-dimensional array used only with the DB support; for each $menu_name, it stores the $cnt associated to each item id
 *
@@ -138,56 +138,56 @@ var $tree;
 * @access private
 * @var array
 */
-var $treecnt;
+public $treecnt;
 /**
 * The maximum hierarchical level of menu items
 * @access private
 * @var integer
 */
-var $_maxLevel;
+public $_maxLevel;
 /**
 * An array that counts the number of first level items for each menu
 * @access private
 * @var array
 */
-var $_firstLevelCnt;
+public $_firstLevelCnt;
 /**
 * An array containing the number identifying the first item of each menu
 * @access private
 * @var array
 */
-var $_firstItem;
+public $_firstItem;
 /**
 * An array containing the number identifying the last item of each menu
 * @access private
 * @var array
 */
-var $_lastItem;
+public $_lastItem;

 /**
 * Data Source Name: the connection string for PEAR DB
 * @access private
 * @var string
 */
-var $dsn = 'pgsql://dbuser:dbpass@dbhost/dbname';
+public $dsn = 'pgsql://dbuser:dbpass@dbhost/dbname';
 /**
 * DB connections are either persistent or not persistent
 * @access private
 * @var boolean
 */
-var $persistent = false;
+public $persistent = false;
 /**
 * Name of the table storing data describing the menu
 * @access private
 * @var string
 */
-var $tableName = 'phplayersmenu';
+public $tableName = 'phplayersmenu';
 /**
 * Name of the i18n table corresponding to $tableName
 * @access private
 * @var string
 */
-var $tableName_i18n = 'phplayersmenu_i18n';
+public $tableName_i18n = 'phplayersmenu_i18n';
 /**
 * Names of fields of the table storing data describing the menu
 *
@@ -197,7 +197,7 @@ var $tableName_i18n = 'phplayersmenu_i18n';
 * @access private
 * @var array
 */
-var $tableFields = array(
+public $tableFields = array(
 	'id'		=> 'id',
 	'parent_id'	=> 'parent_id',
 	'text'		=> 'text',
@@ -213,7 +213,7 @@ var $tableFields = array(
 * @access private
 * @var array
 */
-var $tableFields_i18n = array(
+public $tableFields_i18n = array(
 	'language'	=> 'language',
 	'id'		=> 'id',
 	'text'		=> 'text',
@@ -224,7 +224,7 @@ var $tableFields_i18n = array(
 * @access private
 * @var array
 */
-var $_tmpArray = array();
+public $_tmpArray = array();

 /**
 * The constructor method; it initializates the menu system
@@ -315,7 +315,9 @@ function setLibjsdir($libjsdir)
 	if ($libjsdir != '' && substr($libjsdir, -1) != '/') {
 		$libjsdir .= '/';
 	}
-	if ($libjsdir == '' || substr($libjsdir, 0, 1) != '/') {
+	if ($libjsdir == '' || (substr($libjsdir, 0, 1) != '/' && substr($libjsdir, 1, 1) != ':')) {
+		// libjsdir != /.../...
+		// and libjsdir != C:\...\...
 		$foobar = strpos($libjsdir, $this->dirroot);
 		if ($foobar === false || $foobar != 0) {
 			$libjsdir = $this->dirroot . $libjsdir;
@@ -339,7 +341,7 @@ function setImgdir($imgdir)
 	if ($imgdir != '' && substr($imgdir, -1) != '/') {
 		$imgdir .= '/';
 	}
-	if ($imgdir == '' || substr($imgdir, 0, 1) != '/') {
+	if ($imgdir == '' || (substr($imgdir, 0, 1) != '/' && substr($imgdir, 1, 1) != ':')) {
 		$foobar = strpos($imgdir, $this->dirroot);
 		if ($foobar === false || $foobar != 0) {
 			$imgdir = $this->dirroot . $imgdir;
@@ -376,7 +378,7 @@ function setIcondir($icondir)
 	if ($icondir != '' && substr($icondir, -1) != '/') {
 		$icondir .= '/';
 	}
-	if ($icondir == '' || substr($icondir, 0, 1) != '/') {
+	if ($icondir == '' || (substr($icondir, 0, 1) != '/' && substr($icondir, 1, 1) != ':')) {
 		$foobar = strpos($icondir, $this->dirroot);
 		if ($foobar === false || $foobar != 0) {
 			$icondir = $this->dirroot . $icondir;
@@ -437,7 +439,7 @@ function setTpldirCommon($tpldir)
 	if ($tpldir != '' && substr($tpldir, -1) != '/') {
 		$tpldir .= '/';
 	}
-	if ($tpldir == '' || substr($tpldir, 0, 1) != '/') {
+	if ($tpldir == '' || (substr($tpldir, 0, 1) != '/' && substr($tpldir, 1, 1) != ':')) {
 		$foobar = strpos($tpldir, $this->dirroot);
 		if ($foobar === false || $foobar != 0) {
 			$tpldir = $this->dirroot . $tpldir;
--- a/htdocs/js/phplayersmenu/lib/treemenu.inc.php
+++ b/htdocs/js/phplayersmenu/lib/treemenu.inc.php
@@ -22,19 +22,19 @@ class TreeMenu extends LayersMenuCommon
 * @access private
 * @var string
 */
-var $treeMenuImagesType;
+public $treeMenuImagesType;
 /**
 * Prefix for filenames of images of a theme
 * @access private
 * @var string
 */
-var $treeMenuTheme;
+public $treeMenuTheme;
 /**
 * An array where we store the Tree Menu code for each menu
 * @access private
 * @var array
 */
-var $_treeMenu;
+public $_treeMenu;

 /**
 * The constructor method; it initializates the menu system
@@ -203,15 +203,25 @@ function newTreeMenu(
 		// corner at end of subtree or t-split
 			if ($not_a_leaf) {
 				if ($cnt == $this->_firstItem[$menu_name]) {
-					$img = $img_collapse_corner_first;
-					$alt = $alt_collapse_corner_first;
-					$this->_treeMenu[$menu_name] .= '<a onmousedown="' . $toggle_function_name . "('" . $cnt . "')" . '"><img align="top" border="0" class="imgs" id="jt' . $cnt . 'node" src="' . $img . '" alt="' . $alt . '" /></a>';
+					if ($this->tree[$cnt]['last_item'] && $this->tree[$cnt]['children']) {
+						// Xavier Bruyet : 2006.09.28
+						// Display for the first time the tree without the root node expanded
+						$img = $img_expand_corner_first;
+						$alt = $alt_expand_corner_first;
+						// @todo: nasty hack, should really do this better.
+						$parsed_href = preg_replace('/template_engine/','expand',$this->tree[$cnt]['parsed_href']);
+						$this->_treeMenu[$menu_name] .= '<a href="' . $parsed_href . '"><img align="top" border="0" class="imgs" id="jt' . $cnt . 'node" src="' . $img . '" alt="' . $alt . '" /></a>';
+					} else {
+						$img = $img_collapse_corner_first;
+						$alt = $alt_collapse_corner_first;
+						$this->_treeMenu[$menu_name] .= '<a onmousedown="' . $toggle_function_name . "('" . $cnt . "')" . '"><img align="top" border="0" class="imgs" id="jt' . $cnt . 'node" src="' . $img . '" alt="' . $alt . '" /></a>';
+					}
 				} else {
 					if ($this->tree[$cnt]['last_item'] && $this->tree[$cnt]['children']) {
 						$img = $img_expand_corner;
 						$alt = $alt_expand_corner;
 						// @todo: nasty hack, should really do this better.
-						$parsed_href = preg_replace('/template_engine.php/','expand.php',$this->tree[$cnt]['parsed_href']);
+						$parsed_href = preg_replace('/template_engine/','expand',$this->tree[$cnt]['parsed_href']);
 						$this->_treeMenu[$menu_name] .= '<a href="' . $parsed_href . '"><img align="top" border="0" class="imgs" id="jt' . $cnt . 'node" src="' . $img . '" alt="' . $alt . '" /></a>';
 					} else {
 						$img = $img_collapse_corner;
@@ -235,7 +245,7 @@ function newTreeMenu(
 						$img = $img_expand;
 						$alt = $alt_expand;
 						// @todo: nasty hack, should really do this better.
-						$parsed_href = preg_replace('/template_engine.php/','expand.php',$this->tree[$cnt]['parsed_href']);
+						$parsed_href = preg_replace('/template_engine/','expand',$this->tree[$cnt]['parsed_href']);

 						$this->_treeMenu[$menu_name] .= '<a href="' . $parsed_href . '"><img align="top" border="0" class="imgs" id="jt' . $cnt . 'node" src="' . $img . '" alt="' . $alt . '" /></a>';
 					} else {
@@ -331,6 +341,11 @@ function newTreeMenu(
 		'img_folder_closed'		=> $img_folder_closed,
 		'img_folder_open'		=> $img_folder_open
 	));
+
+	$inc = '<!-- # PHP layers menu. -->
+	        <script type="text/javascript" language="javascript" src="js/phplayersmenu/libjs/layersmenu-browser_detection.js"></script>
+	        <script type="text/javascript" language="javascript" src="js/phplayersmenu/libjs/layerstreemenu-cookies.js"></script>';
+
 	$toggle_function = $t->parse('out', 'tplfile');
 	$toggle_function =
 	'<script language="JavaScript" type="text/javascript">' . "\n" .
@@ -349,7 +364,7 @@ function newTreeMenu(
 	'// -->' . "\n" .
 	'</script>' . "\n";

-	$this->_treeMenu[$menu_name] = $toggle_function . "\n" . $this->_treeMenu[$menu_name] . "\n" . $toggle;
+	$this->_treeMenu[$menu_name] = $inc . "\n" . $toggle_function . "\n" . $this->_treeMenu[$menu_name] . "\n" . $toggle;

 	return $this->_treeMenu[$menu_name];
 }
--- a/htdocs/js/pla_ajax.js
+++ b/htdocs/js/pla_ajax.js
@@ -0,0 +1,113 @@
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/js/pla_ajax.js,v 1.2 2007/12/15 07:50:31 wurley Exp $
+
+/**
+ * @package phpLDAPadmin
+ * @author The phpLDAPadmin development team
+ * @author Xavier Bruyet
+ */
+
+// current request
+var http_request = null;
+var http_request_success_callback = '';
+var http_request_error_callback = '';
+
+// include html into a component
+function includeHTML(component, html) {
+	if (typeof(component) != 'object' || typeof(html) != 'string') return;
+	component.innerHTML = html;
+
+	var scripts = component.getElementsByTagName('script');
+	if (!scripts) return;
+
+	// load scripts
+	for (var i = 0; i < scripts.length; i++) {
+		var scriptclone = document.createElement('script');
+		if (scripts[i].attributes.length > 0) {
+			for (var j in scripts[i].attributes) {
+				if (typeof(scripts[i].attributes[j]) != 'undefined'
+				    && typeof(scripts[i].attributes[j].nodeName) != 'undefined'
+				    && scripts[i].attributes[j].nodeValue != null
+				    && scripts[i].attributes[j].nodeValue != '') {
+					    scriptclone.setAttribute(scripts[i].attributes[j].nodeName, scripts[i].attributes[j].nodeValue);
+				}
+			}
+		}
+		scriptclone.text = scripts[i].text;
+		scripts[i].parentNode.replaceChild(scriptclone, scripts[i]);
+		eval(scripts[i].innerHTML);
+	}
+}
+
+// callback function
+function alertHttpRequest() {
+	if (http_request && (http_request.readyState == 4)) {
+		if (http_request.status == 200) {
+			response = http_request.responseText;
+			http_request = null;
+			//alert(response);
+			if (http_request_success_callback) {
+				eval(http_request_success_callback + '(response)');
+			}
+		} else {
+			alert('There was a problem with the request.');
+			cancelHttpRequest();
+		}
+	}
+}
+
+function cancelHttpRequest() {
+	if (http_request) {
+		http_request = null;
+		if (http_request_error_callback) {
+			eval(http_request_error_callback + '()');
+		}
+	}
+}
+
+// resquest
+function makeGETRequest(url, parameters, successCallbackFunctionName, errorCallbackFunctionName) {
+	makeHttpRequest(url, parameters, 'GET', successCallbackFunctionName, errorCallbackFunctionName);
+}
+
+function makePOSTRequest(url, parameters, successCallbackFunctionName, errorCallbackFunctionName) {
+	makeHttpRequest(url, parameters, 'POST', successCallbackFunctionName, errorCallbackFunctionName);
+}
+
+function makeHttpRequest(url, parameters, meth, successCallbackFunctionName, errorCallbackFunctionName) {
+	cancelHttpRequest();
+
+	http_request_success_callback = successCallbackFunctionName;
+	http_request_error_callback = errorCallbackFunctionName;
+
+	if (window.XMLHttpRequest) { // Mozilla, Safari,...
+		http_request = new XMLHttpRequest();
+		if (http_request.overrideMimeType) {
+			http_request.overrideMimeType('text/html');
+		}
+	} else if (window.ActiveXObject) { // IE
+		try {
+			http_request = new ActiveXObject("Msxml2.XMLHTTP");
+		} catch (e) {
+			try {
+				http_request = new ActiveXObject("Microsoft.XMLHTTP");
+			} catch (e) {}
+		}
+	}
+
+	if (!http_request) {
+		alert('Cannot create XMLHTTP instance.');
+		return false;
+	}
+
+	http_request.onreadystatechange = window['alertHttpRequest'];
+	if (meth == 'GET') url = url + '?' + parameters;
+	http_request.open(meth, url, true);
+
+	http_request.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
+	http_request.setRequestHeader("Content-length", parameters.length);
+	http_request.setRequestHeader("Connection", "close");
+
+	if (meth == 'GET') parameters = null;
+	http_request.send(parameters);
+}
+
--- a/htdocs/js/to_ascii.js
+++ b/htdocs/js/to_ascii.js
@@ -0,0 +1,80 @@
+//
+// Purpose of this file is to remap characters as ASCII characters
+//
+// 
+
+var to_ascii_array = new Array();
+to_ascii_array['Ã '] = 'a';
+to_ascii_array['Ã¡'] = 'a';
+to_ascii_array['Ã¢'] = 'a';
+to_ascii_array['Ã€'] = 'a';
+to_ascii_array['Ã£'] = 'a';
+to_ascii_array['Ã¥'] = 'a';
+to_ascii_array['Ã'] = 'A';
+to_ascii_array['Ã'] = 'A';
+to_ascii_array['Ã'] = 'A';
+to_ascii_array['Ã'] = 'A';
+to_ascii_array['Ã'] = 'A';
+to_ascii_array['Ã'] = 'A';
+to_ascii_array['Ã©'] = 'e';
+to_ascii_array['Ãš'] = 'e';
+to_ascii_array['Ã«'] = 'e';
+to_ascii_array['Ãª'] = 'e';
+to_ascii_array['â¬'] = 'E';
+to_ascii_array['Ã¯'] = 'i';
+to_ascii_array['Ã®'] = 'i';
+to_ascii_array['Ã¬'] = 'i';
+to_ascii_array['Ã'] = 'i';
+to_ascii_array['Ã'] = 'I';
+to_ascii_array['Ã'] = 'I';
+to_ascii_array['Ã'] = 'I';
+to_ascii_array['Ã'] = 'I';
+to_ascii_array['Ã²'] = 'o';
+to_ascii_array['Ã³'] = 'o';
+to_ascii_array['ÃŽ'] = 'o';
+to_ascii_array['Ãµ'] = 'o';
+to_ascii_array['Ã¶'] = 'o';
+to_ascii_array['Ãž'] = 'o';
+to_ascii_array['Ã'] = 'O';
+to_ascii_array['Ã'] = 'O';
+to_ascii_array['Ã'] = 'O';
+to_ascii_array['Ã'] = 'O';
+to_ascii_array['Ã'] = 'O';
+to_ascii_array['Ã'] = 'O';
+to_ascii_array['Ã¹'] = 'u';
+to_ascii_array['Ãº'] = 'u';
+to_ascii_array['ÃŒ'] = 'u';
+to_ascii_array['Ã»'] = 'u';
+to_ascii_array['Ã'] = 'U';
+to_ascii_array['Ã'] = 'U';
+to_ascii_array['Ã'] = 'U';
+to_ascii_array['Ã'] = 'U';
+to_ascii_array['ÃŠ'] = 'ae';
+to_ascii_array['Ã'] = 'AE';
+to_ascii_array['Ãœ'] = 'y';
+to_ascii_array['Ã¿'] = 'y';
+to_ascii_array['Ã'] = 'SS';
+to_ascii_array['Ã'] = 'C';
+to_ascii_array['Ã§'] = 'c';
+to_ascii_array['Ã'] = 'N';
+to_ascii_array['Ã±'] = 'n';
+to_ascii_array['Â¢'] = 'c';
+to_ascii_array['Â©'] = '(C)';
+to_ascii_array['Â®'] = '(R)';
+to_ascii_array['Â«'] = '<<';
+to_ascii_array['Â»'] = '>>';
+
+function toAscii(text) {
+    //var text = field.value;
+    var position = 0;
+    var output = "";
+    for (position = 0 ; position < text.length ; position++) {
+        var tmp = text.substring(position,position+1);
+        if (to_ascii_array[tmp] != undefined) {
+            tmp = to_ascii_array[tmp];
+        }
+        output = output + tmp;
+    }
+    return output;
+}
+
--- a/htdocs/js/tree_hide.js
+++ b/htdocs/js/tree_hide.js
@@ -0,0 +1,27 @@
+var current;
+
+function tree_unhide(whichLayer,old) {
+	if (current == null) current = old;
+	var oldtree = document.getElementById('SID_'+current).style;
+	oldtree.display = 'none';
+
+	if (document.getElementById) {
+		// this is the way the standards work
+		var newtree = document.getElementById(whichLayer).value;
+		var newtree_div = document.getElementById('SID_'+newtree).style;
+		newtree_div.display = 'block';
+
+/*
+	} else if (document.all) {
+		// this is the way old msie versions work
+		var style2 = document.all[whichLayer].style;
+		style2.display = style2.display ? '':'block';
+
+	} else if (document.layers) {
+		// this is the way nn4 works
+		var style2 = document.layers[whichLayer].style;
+		style2.display = style2.display ? '':'block';
+*/
+	}
+	current = newtree;
+}
--- a/htdocs/ldif_import.php
+++ b/htdocs/ldif_import.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/ldif_import.php,v 1.33.2.3 2005/12/10 06:55:52 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/ldif_import.php,v 1.35.2.2 2008/01/28 12:58:43 wurley Exp $
 
 /**
 * Imports an LDIF file to the specified server_id.
@@ -15,36 +15,43 @@

 require './common.php';

-if (! $ldapserver->haveAuthInfo())
-	pla_error(_('Not enough information to login to server. Please check your configuration.'));
+if (! $_SESSION[APPCONFIG]->isCommandAvailable('import'))
+	pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('import')));

-$continuous_mode = isset($_POST['continuous_mode']) ? 1 : 0;
+$entry['continuous_mode'] = get_request('continuous_mode') ? true : false;
+$entry['ldif'] = get_request('ldif');

-if (isset($_REQUEST['ldif']) && trim($_REQUEST['ldif'])) {
-	$textarealdif = $_REQUEST['ldif'];
-	$remote_file = 'STDIN';
-	$file_len = strlen($textarealdif);
+if ($entry['ldif']) {
+	$entry['remote_file'] = 'STDIN';
+	$entry['size'] = strlen($entry['ldif']);

 } elseif (isset($_FILES['ldif_file'])) {
 	$file = $_FILES['ldif_file']['tmp_name'];
-	$remote_file = $_FILES['ldif_file']['name'];
-	$file_len = $_FILES['ldif_file']['size'];
+	$entry['remote_file'] = $_FILES['ldif_file']['name'];
+	$entry['size'] = $_FILES['ldif_file']['size'];

-	is_array($_FILES['ldif_file']) or pla_error(_('Missing uploaded file.'));
-	file_exists($file) or pla_error(_('No LDIF file specified. Please try again.'));
-	$file_len > 0 or pla_error(_('Uploaded LDIF file is empty.'));
+	if (! is_array($_FILES['ldif_file'])) {
+		pla_error(_('Missing uploaded file.'),null,-1,false);
+		return;
+	}
+	if (! file_exists($file)) {
+		pla_error(_('No LDIF file specified. Please try again.'),null,-1,false);
+		return;
+	}
+	if ($entry['size'] <= 0) {
+		pla_error(_('Uploaded LDIF file is empty.'),null,-1,false);
+		return;
+	}

 } else {
-	pla_error(_('You must either upload a file or provide an LDIF in the text box.'));
+	pla_error(_('You must either upload a file or provide an LDIF in the text box.'),null,-1,false);
+	return;
 }

-include './header.php';
-
-echo '<body>';
 printf('<h3 class="title">%s</h3>',_('Import LDIF File'));
 printf('<h3 class="subtitle">%s: <b>%s</b> %s: <b>%s (%s %s)</b></h3>',
 	_('Server'),htmlspecialchars($ldapserver->name),
-	_('File'),htmlspecialchars($remote_file),number_format($file_len),_('bytes'));
+	_('File'),htmlspecialchars($entry['remote_file']),number_format($entry['size']),_('bytes'));
 echo '<br /><br />';

 require LIBDIR.'ldif_functions.php';
@@ -67,10 +74,10 @@ $actionErrorMsg['moddn']= _('Could not rename object:');
 $actionErrorMsg['modify']= _('Could not modify object:');

 # instantiate the reader
-if (isset($textarealdif))
-	$ldifReader = new LdifReaderStdIn($textarealdif,$continuous_mode);
+if (isset($entry['ldif']))
+	$ldifReader = new LdifReaderStdIn($entry['ldif'],$entry['continuous_mode']);
 else
-	$ldifReader = new LdifReader($file,$continuous_mode);
+	$ldifReader = new LdifReader($file,$entry['continuous_mode']);

 # instantiate the writer
 $ldapWriter = new LdapWriter($ldapserver);
@@ -81,16 +88,16 @@ if (!$ldifReader->hasVersionNumber())

 $i=0;
 # if .. else not mandatory but should be easier to maintain
-if ($continuous_mode) {
+if ($entry['continuous_mode']) {
 	while ($ldifReader->readEntry()) {
 		$i++;

 		# get the entry. 
 		$currentEntry = $ldifReader->fetchEntryObject();
-		$edit_href = sprintf('template_engine.php?server_id=%s&amp;dn=%s',$ldapserver->server_id,
+		$edit_href = sprintf('cmd.php?cmd=template_engine&amp;server_id=%s&amp;dn=%s',$ldapserver->server_id,
 			rawurlencode($currentEntry->dn));
 		$changeType = $currentEntry->getChangeType();
-		printf('<small>%s <a href="%s">%s</a>',$actionString[$changeType],$edit_href,$entry->dn);
+		printf('<small>%s <a href="%s">%s</a>',$actionString[$changeType],$edit_href,$currentEntry->dn);

 		if ($ldifReader->hasRaisedException()) {
 			printf(' <span style="color:red;">%s</span></small><br />',_('Failed'));
@@ -106,16 +113,13 @@ if ($continuous_mode) {
 			if ($ldapWriter->ldapModify($currentEntry))
 				printf(' <span style="color:green;">%s</span></small><br />',_('Success'));
 			else {
-				printf('<span style="color:red;">%s</span></small><br />',_('Failed'));
-				printf('<small><span style="color:red;">%s: %s</span></small><br />',
+				printf(' <span style="color:red;">%s</span></small><br />',_('Failed'));
+				printf(' <small><span style="color:red;">%s: %s</span></small><br />',
 					_('Error code'),$ldapserver->errno());
-				printf('<small><span style="color:red;">%s: %s</span></small><br />',
+				printf(' <small><span style="color:red;">%s: %s</span></small><br />',
 					_('Description'),$ldapserver->error());
 			}
 		}
-
-		if ($i % 5 == 0)
-			flush();
 	} # end while

 } else {
@@ -123,7 +127,7 @@ if ($continuous_mode) {
 	while ($entry = $ldifReader->readEntry()) {
 		$i++;

-		$edit_href = sprintf('template_engine.php?server_id=%s&amp;dn=%s',$ldapserver->server_id,
+		$edit_href = sprintf('cmd.php?cmd=template_engine&amp;server_id=%s&amp;dn=%s',$ldapserver->server_id,
 			rawurlencode($entry->dn));
 		$changeType = $entry->getChangeType();
 		printf('<small>%s <a href="%s">%s</a>',$actionString[$changeType],$edit_href,$entry->dn);
@@ -131,14 +135,20 @@ if ($continuous_mode) {
 		if ($ldapWriter->ldapModify($entry)) {
 			printf(' <span style="color:green;">%s</span></small><br />',_('Success'));

-			if ($i % 5 == 0)
-				flush();
-
 		} else {
 			printf(' <span style="color:red;">%s</span></small><br /><br />',_('Failed'));
-			reload_left_frame();
-			pla_error($actionErrorMsg[$changeType].' '.htmlspecialchars($entry->dn),
-				$ldapserver->error(),$ldapserver->errno());
+			$ldap_err_no = ('0x'.str_pad(dechex($ldapserver->errno()),2,0,STR_PAD_LEFT));
+			$verbose_error = pla_verbose_error($ldap_err_no);
+
+			$errormsg = sprintf('%s <b>%s</b>',$actionErrorMsg[$changeType],htmlspecialchars($entry->dn));
+			$errormsg .= sprintf('<br />%s: <b>%s</b>',_('LDAP said'),$verbose_error['title']);
+			$errormsg .= sprintf('<br />%s',$verbose_error['desc']);
+			system_message(array(
+				'title'=>_('LDIF text import'),
+				'body'=>$errormsg,
+				'type'=>'warn'));
+
+			break;
 		}
 	}

@@ -161,21 +171,12 @@ if ($continuous_mode) {

 # close the file
 $ldifReader->done();
-reload_left_frame();
-
-function reload_left_frame(){
-	echo '<script type="text/javascript" language="javascript">parent.left_frame.location.reload();</script>';
-}
-
-function display_error_message($error_message){
-	printf('<div style="color:red;"><small>%s</small></div>',$error_message);
-}

 function display_warning($warning){
 	printf('<div style="color:orange"><small>%s</small></div>',$warning);
 }

-function display_pla_parse_error($exception,$faultyEntry){
+function display_pla_parse_error($exception,$faultyEntry) {
 	global $actionErrorMsg;

 	$errorMessage = $actionErrorMsg[$faultyEntry->getChangeType()];
@@ -197,6 +198,4 @@ function display_pla_parse_error($exception,$faultyEntry){
 	echo '</tr>';
 	echo '<center>';
 }
-
-echo '</body></html>';
 ?>
--- a/htdocs/ldif_import_form.php
+++ b/htdocs/ldif_import_form.php
@@ -1,13 +1,10 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/ldif_import_form.php,v 1.20.2.3 2005/12/10 06:55:52 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/ldif_import_form.php,v 1.22.2.1 2008/01/13 05:43:13 wurley Exp $
 
 /**
 * Displays a form to allow the user to upload and import
 * an LDIF file.
 *
- * Variables expected as GET vars:
- *  - server_id
- *
 * @package phpLDAPadmin
 */
 /**
@@ -20,35 +17,33 @@ if (! ini_get('file_uploads'))

 if ($ldapserver->isReadOnly())
 	pla_error(_('You cannot perform updates while server is in read-only mode'));
-if (! $ldapserver->haveAuthInfo())
-	pla_error(_('Not enough information to login to server. Please check your configuration.'));

-include './header.php';
-
-echo '<body>';
-
-printf('<h3 class="title">%s</h3>',_('Import LDIF File'));
-printf('<h3 class="subtitle">%s: <b>%s</b></h3>',_('Server'),htmlspecialchars($ldapserver->name));
-
-echo '<br /><br />';
-echo _('Select an LDIF file');
-echo '<br /><br />';
-
-echo '<form action="ldif_import.php" method="post" class="new_value" enctype="multipart/form-data">';
+printf('<h3 class="title" colspan=0>%s</h3>',_('Import LDIF File'));
+printf('<h3 class="subtitle" colspan=0>%s: <b>%s</b></h3>',_('Server'),htmlspecialchars($ldapserver->name));
+echo '<center>';
+echo '<form action="cmd.php" method="post" class="new_value" enctype="multipart/form-data">';
 printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
-echo '<input type="file" name="ldif_file" /> <br />';
-printf('<div style="margin-top: 5px;"><input type="checkbox" name="continuous_mode" value="1" /><span style="font-size: 90%%;">%s</span></div>',_("Don't stop on errors"));
-printf('<div style="margin-top:10px;"><input type="submit" value="%s" /></div>',_('Proceed >>'));
-printf('<br /><small><b>%s %s</b></small><br />',_('Maximum file size'),ini_get('upload_max_filesize'));
-echo '</form>';
+echo '<input type="hidden" name="cmd" value="ldif_import" />';

-echo '<br /><br />';
-echo _('Paste your LDIF here');
-echo '<form action="ldif_import.php" method="post" class="new_value" enctype="multipart/form-data">';
-echo '<textarea name="ldif" rows="10" cols="60"></textarea>';
-printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
-printf('<div style="margin-top: 5px;"><input type="checkbox" name="continuous_mode" value="1" /><span style="font-size: 90%%;">%s</span></div>',_("Don't stop on errors"));
-printf('<div style="margin-top:10px;"><input type="submit" value="%s" /></div>',_('Proceed >>'));
+echo '<table class="forminput" border=0>';
+
+echo '<tr><td colspan=2>&nbsp;</td></tr>';
+echo '<tr>';
+printf('<td>%s</td>',_('Select an LDIF file'));
+echo '<td>';
+echo '<input type="file" name="ldif_file" />';
+echo '</td></tr>';
+
+printf('<tr><td>&nbsp;</td><td class="small"><b>%s %s</b></td></tr>',_('Maximum file size'),ini_get('upload_max_filesize'));
+
+echo '<tr><td colspan=2>&nbsp;</td></tr>';
+printf('<tr><td>%s</td></tr>',_('Or paste your LDIF here'));
+echo '<tr><td colspan=2><textarea name="ldif" rows="20" cols="60"></textarea></td></tr>';
+echo '<tr><td colspan=2>&nbsp;</td></tr>';
+printf('<tr><td>&nbsp;</td><td class="small"><input type="checkbox" name="continuous_mode" value="1" />%s</td></tr>',
+	_("Don't stop on errors"));
+printf('<tr><td>&nbsp;</td><td><input type="submit" value="%s" /></td></tr>',_('Proceed >>'));
+echo '</table>';
 echo '</form>';
-echo '</body></html>';
+echo '</center>';
 ?>
--- a/htdocs/login.php
+++ b/htdocs/login.php
@@ -1,17 +1,11 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/login.php,v 1.51.2.9 2005/12/31 03:13:48 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/login.php,v 1.56.2.4 2008/01/04 12:29:15 wurley Exp $

 /**
 * For servers whose auth_type is set to 'cookie' or 'session'. Pass me the
 * login info and I'll write two cookies, pla_login_dn_X and pla_pass_X where X
 * is the server_id. The cookie_time comes from config.php
 *
- * Variables that come in via common.php
- *  - server_id
- * Variables that come in as POST vars:
- *  - login_dn
- *  - login_pass
- *
 * @package phpLDAPadmin
 */
 /**
@@ -19,30 +13,29 @@

 require './common.php';

-# Prevents users from coming here without going through the proper channels
-if (! isset($ldapserver))
-	header('Location: index.php');
-
-$dn = isset($_POST['login_dn']) ? $_POST['login_dn'] : null;
-$pass = isset($_POST['login_pass']) ? $_POST['login_pass'] : null;
-$uid = isset($_POST['uid']) ? $_POST['uid'] : null;
+$login['val'] = get_request($ldapserver->getLoginAttr());
+$login['pass'] = get_request('login_pass');

 if ($ldapserver->isAnonBindAllowed())
-	$anon_bind = isset($_POST['anonymous_bind']) && $_POST['anonymous_bind'] == 'on' ? true : false;
+	$anon_bind = get_request('anonymous_bind') == 'on' ? true : false;
 else
 	$anon_bind = false;

-if (! $anon_bind)
-	strlen($pass) or pla_error(_('You left the password blank.'));
+if (! $anon_bind && ! strlen($login['pass']))
+	system_message(array(
+		'title'=>_('Authenticate to server'),
+		'body'=>_('You left the password blank.'),
+		'type'=>'warn'),
+		sprintf('cmd.php?cmd=login_form&server_id=%s',$ldapserver->server_id));

 $save_auth_type = $ldapserver->auth_type;

 if ($anon_bind) {
-        if (DEBUG_ENABLED)
-		debug_log('Anonymous Login was posted [%s].',64,$anon_bind);
+	if (DEBUG_ENABLED)
+		debug_log('Anonymous Login was posted [%s].',64,__FILE__,__LINE__,__METHOD__,$anon_bind);

-	$dn = null;
-	$pass = null;
+	$login['dn'] = null;
+	$login['pass'] = null;

 /* Checks if the login_attr option is enabled for this host,
   which allows users to login with a simple username like 'jdoe' rather
@@ -51,10 +44,10 @@ if ($anon_bind) {

 	# Is this a login string (printf-style)
 	if ($ldapserver->isLoginStringEnabled()) {
-		$dn = str_replace('<username>',$uid,$ldapserver->getLoginString());
+		$login['dn'] = str_replace('<username>',$login['val'],$ldapserver->getLoginString());

 		if (DEBUG_ENABLED)
-			debug_log('LoginStringDN: [%s]',64,$dn);
+			debug_log('LoginStringDN: [%s]',64,__FILE__,__LINE__,__METHOD__,$login['dn']);

 	} else {
 		# This is a standard login_attr
@@ -63,114 +56,112 @@ if ($anon_bind) {
 		   the DN to use when searching for the login_attr user. */
 		$ldapserver->auth_type = 'config';

-		set_error_handler('temp_login_error_handler');
 		if ($ldapserver->login_dn)
-			$ldapserver->connect(true,'user');
+			$ldapserver->connect();
 		else
 			$ldapserver->connect(true,'anonymous');

-		restore_error_handler();
-
 		if (! empty($ldapserver->login_class))
-			$filter = sprintf('(&(objectClass=%s)(%s=%s))',$ldapserver->login_class,$ldapserver->login_attr,$uid);
+			$filter = sprintf('(&(objectClass=%s)(%s=%s))',$ldapserver->login_class,$ldapserver->getLoginAttr(),$login['val']);
 		else
-			$filter = sprintf('%s=%s',$ldapserver->login_attr,$uid);
+			$filter = sprintf('%s=%s',$ldapserver->getLoginAttr(),$login['val']);

 		# Got through each of the BASE DNs and test the login.
 		foreach ($ldapserver->getBaseDN() as $base_dn) {
-		        if (DEBUG_ENABLED)
-				debug_log('Searching LDAP with base [%s]',64,$base_dn);
+			if (DEBUG_ENABLED)
+				debug_log('Searching LDAP with base [%s]',64,__FILE__,__LINE__,__METHOD__,$base_dn);

-			$result = array_pop($ldapserver->search(null,$base_dn,$filter,array('dn')));
-			$dn = $result['dn'];
+			$result = $ldapserver->search(null,$base_dn,$filter,array('dn'));
+			$result = array_pop($result);
+			$login['dn'] = $result['dn'];

-			if ($dn) {
-			        if (DEBUG_ENABLED)
-					debug_log('Got DN [%s] for user ID [%s]',64,$dn,$uid);
+			if ($login['dn']) {
+				if (DEBUG_ENABLED)
+					debug_log('Got DN [%s] for user ID [%s]',64,__FILE__,__LINE__,__METHOD__,$login['dn'],$login['val']);
 				break;
 			}
 		}

-
 		# If we got here then we werent able to find a DN for the login filter.
-		if (! $dn)
-			pla_error(_('Bad username or password. Please try again.'));
+		if (! $login['dn'])
+			if ($ldapserver->login_fallback_dn)
+				$login['dn'] = $login['val'];
+			else
+				system_message(array(
+					'title'=>_('Authenticate to server'),
+					'body'=>_('Bad username or password. Please try again.'),
+					'type'=>'error'),
+					sprintf('cmd.php?cmd=login_form&server_id=%s',$ldapserver->server_id));

-		# restore the original auth_type
+		# Restore the original auth_type
 		$ldapserver->auth_type = $save_auth_type;
 	}
+
+} else {
+	$login['dn'] = $login['val'];
 }

 # We fake a 'config' server auth_type to omit duplicated code
 if (DEBUG_ENABLED)
-	debug_log('Setting login type to CONFIG with DN [%s]',64,$dn);
+	debug_log('Setting login type to CONFIG with DN [%s]',64,__FILE__,__LINE__,__METHOD__,$login['dn']);

 $save_auth_type = $ldapserver->auth_type;
 $ldapserver->auth_type = 'config';
-$ldapserver->login_dn = $dn;
-$ldapserver->login_pass = $pass;
+$ldapserver->login_dn = $login['dn'];
+$ldapserver->login_pass = $login['pass'];

 # Verify that dn is allowed to login
-if (! $ldapserver->userIsAllowedLogin($dn))
-	pla_error(_('Sorry, you are not allowed to use phpLDAPadmin with this LDAP server.'));
+if (! $ldapserver->userIsAllowedLogin($login['dn']))
+	system_message(array(
+		'title'=>_('Authenticate to server'),
+		'body'=>_('Sorry, you are not allowed to use phpLDAPadmin with this LDAP server.'),
+		'type'=>'error'),
+		sprintf('cmd.php?cmd=login_form&server_id=%s',$ldapserver->server_id));

 if (DEBUG_ENABLED)
-	debug_log('User is not prohibited from logging in - now bind with DN [%s]',64,$dn);
+	debug_log('User is not prohibited from logging in - now bind with DN [%s]',64,__FILE__,__LINE__,__METHOD__,$login['dn']);

-# verify that the login is good
-if (is_null($dn) && is_null($pass))
-	$ds = $ldapserver->connect(true,'anonymous',true);
+# Verify that the login is good
+if (is_null($login['dn']) && is_null($login['pass']))
+	$ds = $ldapserver->connect(false,'anonymous',true);
 else
-	$ds = $ldapserver->connect(true,'user',true);
+	$ds = $ldapserver->connect(false,'user',true);

 if (DEBUG_ENABLED)
-	debug_log('Connection returned [%s]',64,$ds);
+	debug_log('Connection returned [%s]',64,__FILE__,__LINE__,__METHOD__,$ds);

 if (! is_resource($ds)) {
 	if ($anon_bind)
-		pla_error(_('Could not bind anonymously to server.'),null,null,true);
-	else
-		pla_error(_('Bad username or password. Please try again.'),null,null,true);
+		system_message(array(
+			'title'=>_('Authenticate to server'),
+			'body'=>_('Could not bind anonymously to server.'),
+			'type'=>'error'),
+			sprintf('cmd.php?cmd=login_form&server_id=%s',$ldapserver->server_id));

-	syslog_notice("Authentification FAILED for $dn");
+	else
+		system_message(array(
+			'title'=>_('Authenticate to server'),
+			'body'=>_('Bad username or password. Please try again.'),
+			'type'=>'error'),
+			sprintf('cmd.php?cmd=login_form&server_id=%s',$ldapserver->server_id));
+
+	syslog_notice(sprintf('Authentification FAILED for %s',$login['dn']));
 }

 $ldapserver->auth_type = $save_auth_type;
-$ldapserver->setLoginDN($dn,$pass,$anon_bind) or pla_error(_('Could not set cookie.'));
+$ldapserver->setLoginDN($login['dn'],$login['pass'],$anon_bind) or pla_error(_('Could not set cookie.'));
 set_lastactivity($ldapserver);

 if (! $anon_bind) {
-	syslog_notice("Authentification successful for $dn");
+	syslog_notice(sprintf('Authentification successful for %s',$login['dn']));
 }

-pla_session_close();
+# Since we were successful, clear the cache so that it will be refreshed with the new creditentials.
+del_cached_item($ldapserver->server_id,'tree','null');

-include './header.php';
-echo '<body>';
-
-echo '<script type="text/javascript" language="javascript">';
-if ($anon_bind && $config->GetValue('appearance','anonymous_bind_redirect_no_tree'))
-	printf("parent.location.href='search.php?server_id=%s'",$ldapserver->server_id);
-else
-	echo 'parent.left_frame.location.reload();';
-echo '</script>';
-
-echo '<center><br /><br /><br />';
-printf(_('Successfully logged into server <b>%s</b>').'<br />',htmlspecialchars($ldapserver->name));
-
-if ($anon_bind)
-	printf('(%s)',_('Anonymous Bind'));
-
-echo '<br /></center>';
-echo '</body></html>';
-
-/**
- * Only gets called when we fail to login.
- */
-function temp_login_error_handler($errno,$errstr,$file,$lineno) {
-	if (ini_get('error_reporting') == 0 || error_reporting() == 0)
-		return;
-
-	pla_error(_('Could not connect to LDAP server.').'<br /><br />'.htmlspecialchars($errstr));
-}
+system_message(array(
+	'title'=>_('Authenticate to server'),
+	'body'=>_('Successfully logged into server.').($anon_bind ? sprintf(' (%s)',_('Anonymous Bind')) : ''),
+	'type'=>'info'),
+	sprintf('index.php?server_id=%s',$ldapserver->server_id));
 ?>
--- a/htdocs/login_form.php
+++ b/htdocs/login_form.php
@@ -1,12 +1,9 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/login_form.php,v 1.25.4.2 2005/12/11 09:03:07 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/login_form.php,v 1.29.2.4 2008/01/13 05:37:01 wurley Exp $

 /**
 * Displays the login form for a server for users who specify 'cookie' or 'session' for their auth_type.
 *
- * Variables that come in via common.php
- * - server_id
- *
 * @package phpLDAPadmin
 * @author The phpLDAPadmin development team
 * @see login.php
@@ -16,88 +13,74 @@

 require './common.php';

-if (! $ldapserver->auth_type)
-	pla_error(_('Error: You have an error in your config file. The only three allowed values
-                                    for auth_type in the $servers section are \'session\', \'cookie\', and \'config\'. You entered \'%s\',
-                                    which is not allowed. '));
 if (! in_array($ldapserver->auth_type, array('cookie','session')))
 	pla_error(sprintf(_('Unknown auth_type: %s'),htmlspecialchars($ldapserver->auth_type)));

-include './header.php'; ?>
+printf('<h3 class="title">%s %s</h3>',_('Authenticate to server'),$ldapserver->name);

-<body>
-<?php if( $ldapserver->isAnonBindAllowed() ) { ?>
+# Check for a secure connection
+if (! isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on') {
+	echo '<br />';
+	echo '<center>';
+	echo '<span style="color:red">';
+	printf('<acronym title="%s"><b>%s: %s.</b></acronym>',
+		_('You are not using \'https\'. Web browser will transmit login information in clear text.'),
+		_('Warning'),_('This web connection is unencrypted'));
+	echo '</span>';
+	echo '</center>';
+	echo '<br />';
+}
+
+# Login form.
+echo '<form action="cmd.php" method="post" name="login_form">';
+echo '<input type="hidden" name="cmd" value="login" />';
+printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
+
+if (isset($_GET['redirect']))
+	printf('<input type="hidden" name="redirect" value="%s" />',rawurlencode($_GET['redirect']));
+
+echo '<center>';
+echo '<table class="forminput">';
+
+printf('<tr><td><b>%s:</b></td></tr>',
+	$ldapserver->login_attr == 'dn' ? _('Login DN') : $_SESSION[APPCONFIG]->getFriendlyName($ldapserver->login_attr));
+
+printf('<tr><td><input type="text" id="login" name="%s" size="40" value="%s" /></td></tr>',
+	$ldapserver->login_attr,
+	$ldapserver->login_attr == 'dn' ? $ldapserver->login_dn : '');
+
+echo '<tr><td colspan=2>&nbsp;</td></tr>';
+printf('<tr><td><b>%s:</b></td></tr>',_('Password'));
+echo '<tr><td><input type="password" id="password" size="40" value="" name="login_pass" /></td></tr>';
+echo '<tr><td colspan=2>&nbsp;</td></tr>';
+
+# If Anon bind allowed, then disable the form if the user choose to bind anonymously.
+if ($ldapserver->isAnonBindAllowed())
+	printf('<tr><td colspan="2"><small><b>%s</b></small> <input type="checkbox" name="anonymous_bind" onclick="toggle_disable_login_fields(this)" id="anonymous_bind_checkbox" /></td></tr>',
+		_('Anonymous'));
+
+printf('<tr><td colspan="2"><center><input type="submit" name="submit" value="%s" /></center></td></tr>',
+	_('Authenticate'));
+
+echo '</table>';
+echo '</center>';
+echo '</form>';
+
+echo '<script type="text/javascript" language="javascript">document.getElementById(\'login\').focus()</script>';
+
+if( $ldapserver->isAnonBindAllowed() ) { ?>
 <script type="text/javascript" language="javascript">
 <!--
-	function toggle_disable_login_fields( anon_checkbox )
-	{
-		if( anon_checkbox.checked ) {
-			anon_checkbox.form.<?php echo $ldapserver->isLoginAttrEnabled() ? 'uid' : 'login_dn'; ?>.disabled = true;
+	function toggle_disable_login_fields(anon_checkbox) {
+		if (anon_checkbox.checked) {
+			anon_checkbox.form.<?php echo $ldapserver->login_attr; ?>.disabled = true;
 			anon_checkbox.form.login_pass.disabled = true;
 		} else {
-			anon_checkbox.form.<?php echo $ldapserver->isLoginAttrEnabled() ? 'uid' : 'login_dn'; ?>.disabled = false;
+			anon_checkbox.form.<?php echo $ldapserver->login_attr; ?>.disabled = false;
+			anon_checkbox.form.<?php echo $ldapserver->login_attr; ?>.focus();
 			anon_checkbox.form.login_pass.disabled = false;
 		}
 	}
 -->
 </script>
-<?php } ?>
-
-<h3 class="title"><?php printf(_('Authenticate to server %s'),$ldapserver->name); ?></h3>
-<br />
-
-<?php if (! isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != 'on') { ?>
-<center>
-<span style="color:red">
-	<acronym title="<?php echo _('You are not using \'https\'. Web browser will transmit login information in clear text.'); ?>">
-		<?php echo _('Warning: This web connection is unencrypted.'); ?>
-	</acronym>
-</span>
-<br />
-</center>
-<?php } ?>
-
-<br />
-
-<form action="login.php" method="post" name="login_form">
-<input type="hidden" name="server_id" value="<?php echo $ldapserver->server_id; ?>" />
-
-<?php if( isset( $_GET['redirect'] ) ) { ?>
-<input type="hidden" name="redirect" value="<?php echo rawurlencode( $_GET['redirect'] ) ?>" />
-<?php } ?>
-
-<center>
-<table class="login">
-
-<?php if( $ldapserver->isAnonBindAllowed() ) { ?>
-<tr>
-	<td colspan="2"><small><label for="anonymous_bind_checkbox"><?php echo _('Anonymous Bind'); ?></label></small> <input type="checkbox" name="anonymous_bind" onclick="toggle_disable_login_fields(this)" id="anonymous_bind_checkbox"/></td>
-</tr>
-<?php } ?>
-
-<tr>
-<td><small>
-<?php
-if ($ldapserver->isLoginAttrEnabled())
-	echo _('User name');
-else
-	echo _('Login DN');
-?>
-</small></td>
-
-<td><input type="text" name="<?php echo $ldapserver->isLoginAttrEnabled() ? 'uid' : 'login_dn'; ?>" size="40" value="<?php echo $ldapserver->isLoginAttrEnabled() ? '' : $ldapserver->login_dn; ?>" /></td>
-</tr>
-
-<tr>
-	<td><small><?php echo _('Password'); ?></small></td>
-	<td><input type="password" size="40" value="" name="login_pass" /></td>
-</tr>
-
-<tr>
-	<td colspan="2"><center><input type="submit" name="submit" value="<?php echo _('Authenticate'); ?>" /></center></td>
-</tr>
-</table>
-</center>
-</form>
-</body>
-</html>
+<?php }
--- a/htdocs/logout.php
+++ b/htdocs/logout.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/logout.php,v 1.17.4.4 2005/12/16 11:33:07 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/logout.php,v 1.20.2.1 2007/12/26 03:25:38 wurley Exp $

 /**
 * For servers whose auth_type is set to 'cookie' or 'session'. Pass me
@@ -18,32 +18,20 @@ require './common.php';
 if (! $ldapserver->haveAuthInfo())
 	pla_error(_('No one is logged in to that server.'));

-if (in_array($ldapserver->auth_type, array('cookie','session'))) {
+if (in_array($ldapserver->auth_type, array('cookie','session','http'))) {
 	syslog_notice (sprintf('Logout for %s',$ldapserver->getLoggedInDN()));
-	$ldapserver->unsetLoginDN() or pla_error(_('Could not logout.'));
+	if($ldapserver->auth_type!='http')
+		$ldapserver->unsetLoginDN() or pla_error(_('Could not logout.'));
 	unset_lastactivity($ldapserver);

-	if (isset($_SESSION['cache'][$ldapserver->server_id]['tree'])) {
-		unset($_SESSION['cache'][$ldapserver->server_id]['tree']);
-	}
-	pla_session_close();
+	@session_destroy();

 } else
 	pla_error(sprintf(_('Unknown auth_type: %s'), htmlspecialchars($ldapserver->auth_type)));

-include './header.php';
+system_message(array(
+	'title'=>_('Logout'),
+	'body'=>('Logged out successfully from server.'),
+	'type'=>'info'),
+	sprintf('index.php?server_id=%s',$ldapserver->server_id));
 ?>
-
-<body>
-<script type="text/javascript" language="javascript">
-	parent.left_frame.location.reload();
-</script>
-
-	<center>
-	<br />
-	<br />
-	<?php echo sprintf(_('Logged out successfully from server <b>%s</b>'),htmlspecialchars($ldapserver->name)); ?><br />
-	</center>
-
-</body>
-</html>
--- a/htdocs/mass_delete.php
+++ b/htdocs/mass_delete.php
@@ -1,17 +1,16 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/mass_delete.php,v 1.14.2.3 2005/12/16 10:21:12 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/mass_delete.php,v 1.17.2.2 2008/01/13 05:37:01 wurley Exp $

 /**
 * Enables user to mass delete multiple entries using checkboxes.
 *
- * Variables that come in via common.php
- *  - server_id
 * Variables that come in as GET vars:
- *  - mass_delete - an array of DNs to delete in this form:
- *      Array (
- *          [o=myorg,dc=example,dc=com] => on
- *          [cn=bob,dc=example,dc=com] => on
- *          etc.
+ *	- mass_delete - an array of DNs to delete in this form:
+ *		Array (
+ *			[o=myorg,dc=example,dc=com] => on
+ *			[cn=bob,dc=example,dc=com] => on
+ *		)
+ *		etc.
 *
 * @package phpLDAPadmin
 */
@@ -22,8 +21,9 @@ require './common.php';

 if( $ldapserver->isReadOnly() )
 	pla_error(_('Unable to delete, server is in READY-ONLY mode.'));
-if( ! $ldapserver->haveAuthInfo())
-	pla_error(_('Not enough information to login to server. Please check your configuration.'));
+
+if (! $_SESSION[APPCONFIG]->isCommandAvailable('entry_delete', 'mass_delete'))
+	pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('delete mass entries')));

 $confirmed = isset($_POST['confirmed']) ? true : false;
 isset($_POST['mass_delete']) or
@@ -37,9 +37,6 @@ is_array($mass_delete) or
 $ldapserver->isMassDeleteEnabled() or
 	pla_error(_('Mass deletion is not enabled. Please enable it in config.php before proceeding.'));

-require './header.php';
-
-echo '<body>';
 printf('<h3 class="title">%s</h3>',_('Mass Deleting'));

 if ($confirmed == true) {
@@ -56,19 +53,18 @@ if ($confirmed == true) {
 	if (count($mass_delete) == 0) {
 		echo '<br />';
 		printf('<center>%s</center>',_('You did not select any entries to delete.'));
-		die();
+		return;
 	}

 	// @todo: Should sort these entries, so that they are deleted in order, if a user selects children.
 	foreach ($mass_delete as $dn => $junk) {
 		printf(_('Deleting %s'),htmlspecialchars($dn));
-		flush();

 		if(run_hook('pre_entry_delete',array('server_id'=>$ldapserver->server_id,'dn'=>$dn))) {
 			$success = $ldapserver->delete($dn);

 			if ($success) {
-		                run_hook('post_entry_delete',array('server_id'=>$ldapserver->server_id,'dn'=>$dn));
+				run_hook('post_entry_delete',array('server_id'=>$ldapserver->server_id,'dn'=>$dn));

 				printf(' <span style="color:green">%s</span>.<br />',_('Success'));
 				$successfully_delete_dns[] = $dn;
@@ -78,8 +74,6 @@ if ($confirmed == true) {
 				$failed_dns[] = $dn;
 			}
 		}
-
-		flush();
 	}

 	echo '<blockquote>';
@@ -93,8 +87,6 @@ if ($confirmed == true) {
 	else
 		printf('<span style="color: green; font-weight: bold;">%s</span>',_('All entries deleted successfully.'));

-	echo '<script language="javascript">parent.left_frame.location.reload();</script>';
-
 } else {
 	$n = count($mass_delete);
 	printf('<h3 class="subtitle">'._('Confirm mass delete of %s entries on server %s').'</h3>',$n,$ldapserver->name);
@@ -103,7 +95,7 @@ if ($confirmed == true) {
 	printf(_('Do you really want to delete %s %s %s'),
 		($n == 1? _('this') : _('these')),$n,($n == 1 ? _('entry') : _('entries')));

-	echo '<form action="mass_delete.php" method="post">';
+	echo '<form action="cmd.php?cmd=mass_delete" method="post">';
 	echo '<input type="hidden" name="confirmed" value="true" />';
 	printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);

@@ -112,7 +104,7 @@ if ($confirmed == true) {
 		printf('<input type="hidden" name="mass_delete[%s]" value="on" /><li>%s</li>',htmlspecialchars($dn),htmlspecialchars($dn));
 	echo '</ol></td></tr></table>';

-	printf('<input class="scary" type="submit" value="%s" /></center>',_('Yes, delete!'));
+	printf('<input type="submit" value="%s" /></center>',_('Yes, delete!'));
 	echo '</form>';
 }
 ?>
--- a/htdocs/modify_member_form.php
+++ b/htdocs/modify_member_form.php
@@ -0,0 +1,189 @@
+<?php
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/modify_member_form.php,v 1.5.2.1 2007/12/26 09:26:32 wurley Exp $
+
+/**
+ * Displays a form to allow the user to modify group members.
+ *
+ * Variables that come in via common.php
+ *  - server_id
+ * Variables that come in as GET vars:
+ *  - dn (rawurlencoded)
+ *  - attr (rawurlencoded) the attribute to which we are adding a value
+ *
+ * @package phpLDAPadmin
+ */
+/**
+ */
+
+require './common.php';
+
+if ($ldapserver->isReadOnly())
+	pla_error(_('You cannot perform updates while server is in read-only mode'));
+if (! $ldapserver->haveAuthInfo())
+	pla_error(_('Not enough information to login to server. Please check your configuration.'));
+
+$attr = $_GET['attr'];
+$dn = isset($_GET['dn']) ? $_GET['dn'] : null;
+$encoded_dn = rawurlencode($dn);
+$encoded_attr = rawurlencode($attr);
+
+if (! is_null($dn))
+	$rdn = get_rdn($dn);
+else
+	$rdn = null;
+
+# Get all current group members
+$current_members = $ldapserver->getDNAttr($dn,$attr);
+if ($current_members)
+	$num_current_members = (is_array($current_members) ? count($current_members) : 1);
+else
+	$num_current_members = 0;
+
+sort($current_members);
+
+# Loop through all base dn's and search possible member entries
+foreach ($ldapserver->getBaseDN() as $base_dn) {
+
+	# Get all entries that can be added to the group
+
+	if (preg_match("/^$attr$/i",$_SESSION[APPCONFIG]->GetValue('modify_member','posixgroupattr')))
+		$possible_values = array_merge($ldapserver->search(null,$base_dn,
+			$_SESSION[APPCONFIG]->GetValue('modify_member','posixfilter'),
+			array($_SESSION[APPCONFIG]->GetValue('modify_member','posixattr'))));
+	else
+		$possible_values = array_merge($ldapserver->search(null,$base_dn,
+			$_SESSION[APPCONFIG]->GetValue('modify_member','filter'),
+			array($_SESSION[APPCONFIG]->GetValue('modify_member','attr'))));
+}
+
+if ($possible_values)
+	$num_possible_values = (is_array($possible_values) ? count($possible_values) : 1);
+else
+	$num_possible_values = 0;
+
+sort($possible_values);
+
+include './header.php';
+
+echo '<body>';
+printf('<h3 class="title">%s <b>%s</b></h3>',_('Modify group'),htmlspecialchars($rdn));
+
+printf('<h3 class="subtitle">%s <b>%s</b> &nbsp;&nbsp;&nbsp; %s: <b>%s</b></h3>',
+	_('Server'),$ldapserver->name,_('Distinguished Name'),htmlspecialchars($dn));
+
+printf('%s <b>%s</b> %s <b>%s</b>:',
+	_('There are'),$num_current_members,_('members in group'),htmlspecialchars($rdn));
+
+for ($i=0; $i<count($possible_values); $i++) {
+	if (preg_match("/^$attr$/i",$_SESSION[APPCONFIG]->GetValue('modify_member','posixgroupattr')))
+		$possible_members[$i] = $possible_values[$i][$_SESSION[APPCONFIG]->GetValue('modify_member','posixattr')];
+	else
+		$possible_members[$i] = $possible_values[$i][$_SESSION[APPCONFIG]->GetValue('modify_member','attr')];
+}
+
+sort($possible_members);
+
+/*
+ * Show only user that are not already in group.
+ * This loop removes existing users from possible members
+ */
+foreach ($possible_members as $pkey => $possible) {
+	foreach ($current_members as $current) {
+		if (preg_match("/^$current$/i","$possible_members[$pkey]")) {
+			unset($possible_members[$pkey]);
+			break;
+		}
+	}
+}
+
+/*
+ * Draw form with select boxes, left for all possible members and
+ * right one for those that belong to group
+ */
+
+# Modifications will be sent to update_confirm which takes care of rest of the processing
+echo '<br />';
+echo '<br />';
+echo '<form action="cmd.php" method="post" class="add_value" name="member">';
+echo '<input type="hidden" name="cmd" value="update_confirm" />';
+
+echo '<table class="modify_members">';
+
+echo '<tr>';
+printf('<td><img src="images/user.png" alt="Users" /> %s</td>',_('Available members'));
+printf('<td><img src="images/uniquegroup.png" alt="Members" /> %s</td>',_('Group members'));
+echo '</tr>';
+
+# Generate select box from all possible members
+echo '<tr>';
+echo '<td>';
+echo '<select name="notmembers" size="10" multiple>';
+
+foreach ($possible_members as $possible)
+	printf('<option>%s</option>',$possible);
+
+echo '</select>';
+echo '</td>';
+
+# Generate select box from all current members
+echo '<td>';
+echo '<select name="members" size="10" multiple>';
+
+foreach ($current_members as $current)
+	printf('<option>%s</option>',$current);
+
+echo '</select>';
+echo '</td>';
+
+echo '</tr>';
+
+# Show buttons which move users from left to right and vice versa
+echo '<tr>';
+echo '<td>';
+printf('<input type="button" onClick="one2two()" value="%s >>" />&nbsp;<input type="button" onClick="all2two()" value="%s >>" />',
+	_('Add selected'),_('Add all'));
+echo '</td>';
+echo '<td>';
+printf('<input type="button" onClick="two2one()" value="<< %s" />&nbsp;<input type="button" onClick="all2one()" value="<< %s" />',
+	_('Remove selected'),('Remove all'));
+echo '</td>';
+echo '</tr>';
+
+echo '<tr><td colspan="2">';
+
+# Hidden attributes for update_confirm.php
+printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
+printf('<input type="hidden" name="dn" value="%s" />',$dn);
+printf('<input type="hidden" name="attr" value="%s" />',$encoded_attr);
+
+/*
+ * Generate array of input text boxes from current members.
+ * update_confirm.php will see this as old_values[member-attribute][item]
+ */
+for ($i=0; $i<$num_current_members; $i++)
+	printf('<input type="hidden" name="old_values[%s][%s]" value="%s" />',
+		htmlspecialchars($attr),$i,htmlspecialchars($current_members[$i]));
+/*
+ * Javascript generates array of input text boxes from new members.
+ * update_confirm.php will see this as new_values[member-attribute][item]
+ * Input text boxes will be generated to div=dnu
+ */
+echo '<div id="dnu">';
+printf('<input type="hidden" name="new_values[%s][]" value="" />',htmlspecialchars($attr));
+echo '</div>';
+
+# Submit values to update_confirm.php and when clicked, run addSelected
+printf('<input type="submit" name="save" value="%s" onClick="update_new_values(\'%s\',\'modifymember\')" />',_('Save changes'),$attr);
+echo '</td></tr>';
+
+echo '</table>';
+echo '</form>';
+
+# Variables for Javascript function that moves members from left to right
+echo '<script type="text/javascript" language="javascript">';
+echo 'var m1 = document.member.notmembers;';
+echo 'var m2 = document.member.members;';
+echo '</script>';
+
+echo '</body></html>';
+?>
--- a/htdocs/password_checker.php
+++ b/htdocs/password_checker.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/password_checker.php,v 1.8.4.1 2005/12/08 11:54:00 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/password_checker.php,v 1.10.2.1 2008/01/13 05:37:01 wurley Exp $

 /**
 * @package phpLDAPadmin
@@ -8,46 +8,69 @@
 */

 require './common.php';
-include './header.php';
+include HTDOCDIR.'header.php';

-$hash = isset( $_REQUEST['hash'] ) ? $_REQUEST['hash'] : null;
-$check_password = isset( $_REQUEST['check_password'] ) ? $_REQUEST['check_password'] : null;
-//print_r( $_REQUEST );
-//var_dump( $check_password );
+echo '<body>';
+$entry['hash'] = get_request('hash','REQUEST');
+$entry['password'] = get_request('check_password','REQUEST');
+$entry['action'] = get_request('action','REQUEST');
+$entry['componentid'] = get_request('componentid','REQUEST');

-if( isset( $_REQUEST['base64'] ) ) {
-    $hash = base64_decode( $hash );
-    $check_password = base64_decode( $check_password );
+if (get_request('base64','REQUEST')) {
+    $entry['hash'] = base64_decode($entry['hash']);
+    $entry['password'] = base64_decode($entry['password']);
 }

-$enc_type = get_enc_type( $hash );
+$entry['enc_type'] = get_enc_type($entry['hash']);
+
+echo '<div class="popup">';
+printf('<h3 class="subtitle">%s</h3>',_('Password Checker Tool'));
+
+echo '<form action="password_checker.php" method="post">';
+echo '<input type="hidden" name="action" value="compare" />';
+
+echo '<table class="forminput" width=100% border=0>';
+
+echo '<tr>';
+printf('<td class="heading">%s</td>',_('Compare'));
+printf('<td><input type="%s" name="hash" id="hash" value="%s" /></td>',
+	$entry['enc_type'] ? 'text' : 'password',htmlspecialchars($entry['hash']));
+echo '</tr>';
+
+echo '<tr>';
+printf('<td class="heading">%s</td>',_('To'));
+printf('<td><input type="password" name="check_password" value="%s" /></td>',
+	htmlspecialchars($entry['password']));
+echo '</tr>';
+
+echo '<tr>';
+echo '<td>&nbsp;</td>';
+
+echo '<td><input type="submit" value="Compare" />';
+
+if ($entry['action'] == 'compare') {
+	echo '&nbsp;&nbsp;&nbsp;&nbsp;<b>';
+
+	if (password_check($entry['hash'],$entry['password']))
+		printf('<span class="good">%s</span>',_('Passwords match!'));
+	else
+		printf('<span class="bad">%s</span>',_('Passwords do not match!'));
+
+	echo '</b>';
+}
+
+echo '</td>';
+echo '</tr>';
+echo '</table>';
+echo '</form>';
+echo '</div>';
+echo '</body>';
+
+if ($entry['componentid']) {
+	echo '<script language="javascript">';
+	printf('var c = window.opener.document.getElementById(\'%s\');',$entry['componentid']);
+	printf('var h = document.getElementById(\'%s\');', 'hash');
+	echo 'if (c && h) { h.value = c.value; }';
+	echo '</script>';
+}
 ?>
-
-<h3 class="subtitle"><?php echo _('Password Checker Tool'); ?></h3>
-
-<form style="margin: 0" action="password_checker.php" method="post">
-    <input type="hidden" name="action" value="compare" />
-    <table style="border-spacing: 10px">
-    <tr>
-        <td><?php echo _('Compare'); ?></td>
-        <td><input type="<?php echo ( $enc_type ? 'text' : 'password' ); ?>" name="hash" style="width: 300px" value="<?php echo htmlspecialchars($hash); ?>" /></td>
-    </tr>
-    <tr>
-        <td><?php echo _('To'); ?></td>
-        <td><input type="password" style="width: 300px" name="check_password" value="<?php echo htmlspecialchars($check_password); ?>" /></td>
-    </tr>
-    <tr>
-        <td></td><td><input type="submit" value="Compare" />
-
-        <?php if( isset( $_REQUEST['action'] ) && $_REQUEST['action'] == 'compare' ) {
-            echo "&nbsp;&nbsp;&nbsp;&nbsp;<b>";
-            if( password_check( $hash, $check_password) )
-                echo "<span style=\"color: green\">" . _('Passwords match!') . "</span>";
-            else
-                echo "<span style=\"color: red\">" . _('Passwords do not match!') . "</span>";
-            echo "</b>";
-        } ?>
-        </td>
-    </tr>
-</table>
-</form>
--- a/htdocs/purge_cache.php
+++ b/htdocs/purge_cache.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/purge_cache.php,v 1.6.4.5 2005/12/16 11:29:35 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/purge_cache.php,v 1.9.2.1 2007/12/26 09:26:32 wurley Exp $

 /**
 * @package phpLDAPadmin
@@ -8,13 +8,12 @@
 */

 require './common.php';
-include './header.php';
+
+if (! $_SESSION[APPCONFIG]->isCommandAvailable('purge'))
+	pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('purge')));

 $purge_session_keys = array('cache');

-echo '<body>';
-echo '<h3 class="title">Purging Caches</h3><br /><br /><br />';
-
 $size = 0;
 foreach ($purge_session_keys as $key) {
 	if (isset($_SESSION[$key])) {
@@ -22,17 +21,15 @@ foreach ($purge_session_keys as $key) {
 		unset($_SESSION[$key]);
 	}
 }
-pla_session_close();

-echo '<center>';
 if (! $size)
-	echo _('No cache to purge.');
+	$body =  _('No cache to purge.');
 else
-	printf(_('Purged %s bytes of cache.'),number_format($size));
+	$body = sprintf(_('Purged %s bytes of cache.'),number_format($size));

-echo '</center>';
-
-echo '<!-- refresh the tree view (with the new DN renamed)and redirect to the edit_dn page -->';
-echo '<script type="text/javascript" language="javascript">parent.left_frame.location.reload();</script>';
-echo '</body></html>';
+system_message(array(
+	'title'=>_('Purge cache'),
+	'body'=>$body,
+	'type'=>'info'),
+	'index.php');
 ?>
--- a/htdocs/rdelete.php
+++ b/htdocs/rdelete.php
@@ -1,11 +1,9 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/rdelete.php,v 1.23.2.2 2005/12/08 11:54:19 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/rdelete.php,v 1.28.2.1 2007/12/26 09:26:32 wurley Exp $

 /**
 * Recursively deletes the specified DN and all of its children
 *
- * Variables that come in via common.php
- *  - server_id
 * Variables that come in as POST vars:
 *  - dn (rawurlencoded)
 *
@@ -18,74 +16,69 @@ require './common.php';

 if ($ldapserver->isReadOnly())
 	pla_error(_('You cannot perform updates while server is in read-only mode'));
-if (! $ldapserver->haveAuthInfo())
-	pla_error(_('Not enough information to login to server. Please check your configuration.'));

-$dn = $_POST['dn'];
-if (! $dn)
+if (! $_SESSION[APPCONFIG]->isCommandAvailable('entry_delete', 'simple_delete'))
+	pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('delete entry')));
+
+$entry['dn'] = $_POST['dn'];
+if (! $entry['dn'])
 	pla_error(_('You must specify a DN'));

-if (! $ldapserver->dnExists($dn))
-	pla_error(sprintf(_('No such entry: %s'),htmlspecialchars($dn)));
+if (! $ldapserver->dnExists($entry['dn']))
+	pla_error(sprintf(_('No such entry: %s'),htmlspecialchars($entry['dn'])));

-include './header.php';
-
-echo '<body>';
-printf('<h3 class="title">'._('Deleting %s').'</h3>',htmlspecialchars(get_rdn($dn)));
+printf('<h3 class="title">'._('Deleting %s').'</h3>',htmlspecialchars(get_rdn($entry['dn'])));
 printf('<h3 class="subtitle">%s</h3>',_('Recursive delete progress'));
 echo '<br /><br />';
 echo '<small>';

-flush();
-
-# prevent script from bailing early on a long delete
+# Prevent script from bailing early on a long delete
@set_time_limit(0);

-$del_result = pla_rdelete($ldapserver,$dn);
+$result = pla_rdelete($ldapserver,$entry['dn']);
 echo '</small><br />';

-if ($del_result) {
-	echo '<script language="javascript">parent.left_frame.location.reload();</script>';
-	printf(_('Entry %s and sub-tree deleted successfully.'),'<b>'.htmlspecialchars($dn).'</b>');
+if ($result) {
+	printf(_('Entry %s and sub-tree deleted successfully.'),'<b>'.htmlspecialchars($entry['dn']).'</b>');

 } else {
-        pla_error(sprintf(_('Could not delete the entry: %s'),htmlspecialchars($dn)),
-		  $ldapserver->error(),$ldapserver->errno());
+	pla_error(sprintf(_('Could not delete the entry: %s'),htmlspecialchars($entry['dn'])),
+		$ldapserver->error(),$ldapserver->errno());
 }

 function pla_rdelete($ldapserver,$dn) {
+	# we delete all children, not only the visible children in the tree
 	$children = $ldapserver->getContainerContents($dn);

 	if (! is_array($children) || count($children) == 0) {
-		printf('<nobr>'._('Deleting %s').'...',htmlspecialchars($dn));
-		flush();
+		printf('<span style="white-space: nowrap;">%s %s...',_('Deleting'),htmlspecialchars($dn));

 		if (run_hook('pre_entry_delete',array('server_id'=>$ldapserver->server_id,'dn'=>$dn)))
 			if ($ldapserver->delete($dn)) {
-		                run_hook('post_entry_delete',array('server_id'=>$ldapserver->server_id,'dn'=>$dn));
-				printf(' <span style="color:green">%s</span></nobr><br />',_('Success'));
+				run_hook('post_entry_delete',array('server_id'=>$ldapserver->server_id,'dn'=>$dn));
+				printf(' <span style="color:green">%s</span></span><br />',_('Success'));
 				return true;

 			} else {
-			        pla_error(sprintf(_('Failed to delete entry %s'),htmlspecialchars($dn)),
-					  $ldapserver->error(),$ldapserver->errno());
+				pla_error(sprintf(_('Failed to delete entry %s'),htmlspecialchars($dn)),
+					$ldapserver->error(),$ldapserver->errno());
 			}
+
 	} else {
 		foreach ($children as $child_dn)
 			pla_rdelete($ldapserver,$child_dn);

-		printf('<nobr>'._('Deleting %s').'...',htmlspecialchars($dn));
-		flush();
+		printf('<span style="white-space: nowrap;">%s %s...',_('Deleting'),htmlspecialchars($dn));

 		if (run_hook('pre_entry_delete',array('server_id'=>$ldapserver->server_id,'dn'=>$dn)))
 			if ($ldapserver->delete($dn)) {
-		                run_hook('post_entry_delete',array('server_id'=>$ldapserver->server_id,'dn'=>$dn));
-				printf(' <span style="color:green">%s</span></nobr><br />',_('Success'));
+				run_hook('post_entry_delete',array('server_id'=>$ldapserver->server_id,'dn'=>$dn));
+				printf(' <span style="color:green">%s</span></span><br />',_('Success'));
 				return true;

 			} else {
-			        pla_error(sprintf(_('Failed to delete entry %s'),htmlspecialchars($dn)),
-					  $ldapserver->error(),$ldapserver->errno());
+				pla_error(sprintf(_('Failed to delete entry %s'),htmlspecialchars($dn)),
+					$ldapserver->error(),$ldapserver->errno());
 			}
 	}
 }
--- a/htdocs/refresh.php
+++ b/htdocs/refresh.php
@@ -1,13 +1,10 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/refresh.php,v 1.15.4.2 2005/12/16 11:29:35 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/refresh.php,v 1.18.2.1 2007/12/26 09:26:32 wurley Exp $

 /**
 * This script alters the session variable 'tree', by re-querying
 * the LDAP server to grab the contents of every expanded container.
 *
- * Variables that come in via common.php
- *  - server_id
- *
 * @package phpLDAPadmin
 */
 /**
@@ -16,11 +13,11 @@

 require './common.php';

-if (! isset($ldapserver))
-	header('Location: tree.php');
+if (! $_SESSION[APPCONFIG]->isCommandAvailable('server_refresh'))
+	pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('refresh server')));

 unset($_SESSION['cache'][$ldapserver->server_id]['tree']);
-pla_session_close();

-header(sprintf('Location: tree.php#%s',$ldapserver->server_id));
+header(sprintf('Location: cmd.php?server_id=%s',$ldapserver->server_id));
+die();
 ?>
--- a/htdocs/rename.php
+++ b/htdocs/rename.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/rename.php,v 1.29.2.3 2005/12/08 11:54:19 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/rename.php,v 1.33.2.1 2007/12/26 09:26:32 wurley Exp $

 /**
 * Renames a DN to a different name.
@@ -19,11 +19,13 @@ require './common.php';

 if ($ldapserver->isReadOnly())
 	pla_error(_('You cannot perform updates while server is in read-only mode'));
-if (! $ldapserver->haveAuthInfo())
-	pla_error(_('Not enough information to login to server. Please check your configuration.'));
+
+if (! $_SESSION[APPCONFIG]->isCommandAvailable('entry_rename'))
+	pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('rename entry')));

 $dn = ($_POST['dn']);
 if (! $ldapserver->isBranchRenameEnabled()) {
+	# we search all children, not only the visible children in the tree
 	$children = $ldapserver->getContainerContents($dn);
 	if (count($children) > 0)
 		pla_error(_('You cannot rename an entry which has children entries (eg, the rename operation is not allowed on non-leaf entries)'));
@@ -62,16 +64,13 @@ if ($success) {
 if ($success) {
 	run_hook('post_rename_entry',array('server_id'=>$ldapserver->server_id,'old_dn'=>$dn,'new_dn'=>$new_dn_value));

-	$edit_url = sprintf('template_engine.php?server_id=%s&dn=%s',$ldapserver->server_id,rawurlencode($new_dn));
+	$rename_message = sprintf('%s',_('Rename successful!'));
+	$redirect_url = sprintf('cmd.php?cmd=template_engine&server_id=%s&dn=%s',$ldapserver->server_id,rawurlencode($new_dn));

-	echo '<html><head>';
-	echo '<!-- refresh the tree view (with the new DN renamed) and redirect to the edit_dn page -->';
-	printf('<script language="javascript">parent.left_frame.location.reload();location.href="%s";</script>',$edit_url);
-	echo "<!-- If the JavaScript didn't work, here's a meta tag to do the job -->";
-	printf('<meta http-equiv="refresh" content="0; url=%s" />',$edit_url);
-	echo '</head><body>';
-
-	printf('%s <a href="%s">%s</a>',_('Redirecting...'),$edit_url,_('here'));
-	echo '</body></html>';
+	system_message(array(
+		'title'=>_('Rename Entry'),
+		'body'=>$rename_message,
+		'type'=>'info'),
+		$redirect_url);
 }
 ?>
--- a/htdocs/rename_form.php
+++ b/htdocs/rename_form.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/rename_form.php,v 1.8.4.2 2005/12/08 11:55:06 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/rename_form.php,v 1.11.2.1 2008/01/13 05:37:01 wurley Exp $

 /**
 * Displays a form for renaming an LDAP entry.
@@ -24,18 +24,14 @@ if (! $ldapserver->haveAuthInfo())
 $dn = $_GET['dn'];
 $rdn = get_rdn($dn);

-include './header.php';
-
-echo '<body>';
 printf('<h3 class="title">%s <b>%s</b></h3>',_('Rename Entry'),htmlspecialchars($rdn));
 printf('<h3 class="subtitle">%s: <b>%s</b> &nbsp;&nbsp;&nbsp; %s: <b>%s</b></h3>',
 	_('Server'),$ldapserver->name,_('Distinguished Name'),htmlspecialchars($dn));

-echo '<br /><center><form action="rename.php" method="post" class="edit_dn" />';
+echo '<br /><center><form action="cmd.php?cmd=rename" method="post" />';
 printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
-printf('<input type="hidden" name="dn" value="%s" />',$dn);
+printf('<input type="hidden" name="dn" value="%s" />',htmlspecialchars($dn));
 printf('<input type="text" name="new_rdn" size="30" value="%s" />',htmlspecialchars($rdn));
-printf('<input class="update_dn" type="submit" value="%s" />',_('Rename'));
+printf('<input type="submit" value="%s" />',_('Rename'));
 echo '</form></center>';
-echo '</body></html>';
 ?>
--- a/htdocs/schema.php
+++ b/htdocs/schema.php
@@ -1,11 +1,9 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/schema.php,v 1.61.2.5 2005/12/30 11:52:54 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/schema.php,v 1.67.2.4 2008/01/28 20:58:08 wurley Exp $

 /**
 * Displays the schema for the specified server_id
 *
- * Variables that come in via common.php
- *  - server_id
 * Variables that come in as GET vars:
 *  - view (optional: can be 'attr' or empty. If 'attr', show that attribute)
 *  - attr (optional)
@@ -18,65 +16,58 @@

 require './common.php';

-if( ! $ldapserver->haveAuthInfo())
-	pla_error( _('Not enough information to login to server. Please check your configuration.') );
+if (! $_SESSION[APPCONFIG]->isCommandAvailable('schema'))
+	pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('view schema')));

-$view = isset($_GET['view']) ? $_GET['view'] : 'objectClasses';
-$viewvalue = isset($_GET['viewvalue']) ? $_GET['viewvalue'] : null;
+$entry['view'] = get_request('view','GET','false','objectClasses');
+$entry['value'] = get_request('viewvalue','GET');

-if (trim($viewvalue) == "")
-	$viewvalue = null;
-if (! is_null($viewvalue))
-	$viewed = false;
-
-include './header.php';
+if (! is_null($entry['value'])) {
+	$entry['viewed'] = false;
+	$entry['value'] = strtolower($entry['value']);
+}

 $schema_error_str = sprintf('%s <b>%s</b>.<br /><br /></center>%s<ul><li>%s</li><li>%s</li><li>%s</li><li>%s</li></ul>',
 	_('Could not retrieve schema from'),htmlspecialchars($ldapserver->name),
 	_('This could happen for several reasons, the most probable of which are:'),_('The server does not fully support the LDAP protocol.'),
 	_('Your version of PHP does not correctly perform the query.'),_('phpLDAPadmin doesn\'t know how to fetch the schema for your server.'),
 	_('Or lastly, your LDAP server doesnt provide this information.'));
-?>

-<body>
+printf('<h3 class="title">%s <b>%s</b></h3>',
+	_('Schema for server'),
+	htmlspecialchars($ldapserver->name));

-<h3 class="title"><?php echo _('Schema for server'); ?>
-	<b><?php echo htmlspecialchars($ldapserver->name); ?></b></h3>
+$entry['schema_types'] = array(
+	'objectClasses'=>_('ObjectClasses'),
+	'attributes'=>_('Attribute Types'),
+	'syntaxes'=>_('Syntaxes'),
+	'matching_rules'=>_('Matching Rules'));

-<br />
+echo '<br />';
+echo '<center>';

-<center>
-	<?php echo ( $view=='objectClasses' ?
-		_('ObjectClasses') :
-		sprintf('<a href="?server_id=%s&amp;view=%s">%s</a>',
-			$ldapserver->server_id,'objectClasses',_('ObjectClasses'))); ?>
-		|
-	<?php echo ( $view=='attributes' ?
-		_('Attribute Types'):
-		sprintf('<a href="?server_id=%s&amp;view=%s">%s</a>',
-			$ldapserver->server_id,'attributes',_('Attribute Types'))); ?>
-		|
-	<?php echo ( $view=='syntaxes' ?
-		_('Syntaxes') :
-		sprintf('<a href="?server_id=%s&amp;view=%s">%s</a>',
-			$ldapserver->server_id,'syntaxes',_('Syntaxes'))); ?>
-		|
-	<?php echo ( $view=='matching_rules' ?
-		_('Matching Rules') :
-		sprintf('<a href="?server_id=%s&amp;view=%s">%s</a>',
-			$ldapserver->server_id,'matching_rules',_('Matching Rules'))); ?>
-</center>
-<br />
+$counter = 0;
+foreach ($entry['schema_types'] as $item => $value) {
+	if ($counter++)
+		echo ' | ';

-<?php flush();
+	$entry['href'][$item] = sprintf('?cmd=schema&server_id=%s&view=%s&viewvalue=%%s',$ldapserver->server_id,$item);

-switch($view) {
+	$href = htmlspecialchars(sprintf($entry['href'][$item],''));
+	echo ($entry['view'] == $item ? _($value) : sprintf('<a href="%s">%s</a>',$href,_($value)));
+}
+
+echo '</center>';
+echo '<br />';
+
+switch($entry['view']) {

 	case 'syntaxes':
 		$highlight_oid = isset($_GET['highlight_oid']) ? $_GET['highlight_oid'] : false;

-		print '<table class="schema_attr" width="100%">';
-		printf('<tr><th>%s</th><th>%s</th></tr>',_('Syntax OID'),_('Description'));
+		echo '<center>';
+		print '<table class="result_table" border=0>';
+		printf('<tr class="heading"><td>%s</td><td>%s</td></tr>',_('Syntax OID'),_('Description'));

 		$counter = 1;

@@ -99,9 +90,27 @@ switch($view) {
 		}

 		print '</table>';
+		echo '</center>';
 		break;

 	case 'attributes':
+		$entry['attr_types'] = array(
+			'desc' => _('Description'),
+			'obsolete' => _('Obsolete'),
+			'inherits' => _('Inherits from'),
+			'equality' => _('Equality'),
+			'ordering' => _('Ordering'),
+			'substring_rule' => _('Substring Rule'),
+			'syntax' => _('Syntax'),
+			'single_valued' => _('Single Valued'),
+			'collective' => _('Collective'),
+			'user_modification' => _('User Modification'),
+			'usage' => _('Usage'),
+			'maximum_length' => _('Maximum Length'),
+			'aliases' => _('Aliases'),
+			'used_by_objectclasses' => _('Used by objectClasses')
+		);
+
 		$schema_attrs = $ldapserver->SchemaAttributes();
 		$schema_object_classes = $ldapserver->SchemaObjectClasses();

@@ -109,135 +118,125 @@ switch($view) {
 			pla_error($schema_error_str);

 		printf('<small>%s:</small>',_('Jump to an attribute type'));
-		echo '<form action="schema.php" method="get">';
-		printf('<input type="hidden" name="view" value="%s" />',$view);
+		echo '<form action="cmd.php" method="get">';
+		echo '<input type="hidden" name="cmd" value="schema" />';
+		printf('<input type="hidden" name="view" value="%s" />',$entry['view']);
 		printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);

 		echo '<select name="viewvalue" onChange="submit()">';
 		echo '<option value=""> - all -</option>';
-
 		foreach ($schema_attrs as $name => $attr)
 			printf('<option value="%s" %s>%s</option>',
-				$name,$name == $viewvalue ? 'selected ': '',$attr->getName());
-
+				$name,$name == $entry['value'] ? 'selected ': '',$attr->getName());
 		echo '</select>';

 		printf('<input type="submit" value="%s" /></form>',_('Go'));

 		echo '<br />';
-		echo '<table class="schema_attr" width="100%">';

 		foreach ($schema_attrs as $attr) {
-			if (is_null($viewvalue) || ! strcasecmp($viewvalue,$attr->getName())) {
-				if (! is_null($viewvalue))
-					$viewed = true;
+			if (is_null($entry['value']) || ! strcasecmp($entry['value'],$attr->getName())) {
+				if (! is_null($entry['value']))
+					$entry['viewed'] = true;

-				printf('<tr><th colspan="2"><a name="%s">%s</a></th></tr>',
+				echo '<table class="result_table" width=100% border=0>';
+				printf('<tr class="heading"><td colspan=2><a name="%s">%s</a></td></tr>',
 					strtolower($attr->getName()),$attr->getName());

 				$counter = 0;

-				foreach (
-					array('desc','obsolete','inherits','equality','ordering','substring_rule','syntax',
-						'single_valued','collective','user_modification','usage','maximum_length',
-						'aliases','used_by_objectclasses'
-					) as $item) {
+				foreach ($entry['attr_types'] as $item => $value) {

 					printf('<tr class="%s">',++$counter%2 ? 'odd' : 'even');
+					printf('<td class="title">%s</td>',$value);

 					switch ($item) {
 						case 'desc':
-							printf('<td>%s</td>',_('Description'));
 							printf('<td>%s</td>',
 								is_null($attr->getDescription()) ?
 									'('._('no description').')' : $attr->getDescription());

 							print '</tr>';
 							printf('<tr class="%s">',++$counter%2 ? 'odd' : 'even');
-							echo '<td><acronym title="Object Identier">OID</acronym></td>';
+							echo '<td class="title"><acronym title="Object Identier">OID</acronym></td>';
 							printf('<td>%s</td>',$attr->getOID());

 							break;

 						case 'obsolete':
-							printf('<td>%s</td>',_('Obsolete'));
 							printf('<td>%s</td>',$attr->getIsObsolete() ? '<b>'._('Yes').'</b>' : _('No'));
 							break;

 						case 'inherits':
-							printf('<td>%s</td>',_('Inherits from'));
 							print '<td>';

 							if (is_null($attr->getSupAttribute()))
 								printf('(%s)',_('none'));

-							else
-								printf('<a href="?server_id=%s&amp;view=%s&amp;viewvalue=%s">%s</a>',
-									$ldapserver->server_id,$view,
-									strtolower($attr->getSupAttribute()),$attr->getSupAttribute());
+							else {
+								$href = htmlspecialchars(sprintf($entry['href']['attributes'],strtolower($attr->getSupAttribute())));
+								printf('<a href="%s">%s</a>',$href,$attr->getSupAttribute());
+							}

 							print '</td>';
 							break;

 						case 'equality':
-							printf('<td>%s</td>',_('Equality'));
-							printf('<td>%s</td>',
-								is_null($attr->getEquality()) ? '('._('not specified').')' :
-									sprintf('<a href="?server_id=%s&amp;view=matching_rules&amp;viewvalue=%s">%s</a>',
-										$ldapserver->server_id,$attr->getEquality(),$attr->getEquality()));
+							print '<td>';
+
+							if (is_null($attr->getEquality()))
+								printf('(%s)',_('not specified'));
+
+							else {
+								$href = htmlspecialchars(sprintf($entry['href']['matching_rules'],$attr->getEquality()));
+								printf('<a href="%s">%s</a>',$href,$attr->getEquality());
+							}
+
+							print '</td>';
 							break;

 						case 'ordering':
-							printf('<td>%s</td>',_('Ordering'));
 							printf('<td>%s</td>',
 								is_null($attr->getOrdering()) ? '('._('not specified').')' : $attr->getOrdering());
 							break;

 						case 'substring_rule':
-							printf('<td>%s</td>',_('Substring Rule'));
 							printf('<td>%s</td>',
 								is_null($attr->getSubstr()) ? '('._('not specified').')' : $attr->getSubstr());
 							break;

 						case 'syntax':
-							printf('<td>%s</td>',_('Syntax'));
 							print '<td>';

 							if (is_null($attr->getType())) {
 								echo $attr->getSyntaxOID();

 							} else {
-								printf('<a href="?server_id=%s&amp;view=syntaxes&amp;highlight_oid=%s#%s">%s (%s)</a>',
-									$ldapserver->server_id,
-									$attr->getSyntaxOID(),$attr->getSyntaxOID(),
-									$attr->getType(),$attr->getSyntaxOID());
+								$href = htmlspecialchars(sprintf($entry['href']['syntaxes'].'&highlight_oid=%s#%s','',
+									$attr->getSyntaxOID(),$attr->getSyntaxOID()));
+								printf('<a href="%s">%s (%s)</a>',$href,$attr->getType(),$attr->getSyntaxOID());
 							}

 							print '</td>';
 							break;

 						case 'single_valued':
-							printf('<td>%s</td>',_('Single Valued'));
 							printf('<td>%s</td>',$attr->getIsSingleValue() ? _('Yes') : _('No'));
 							break;

 						case 'collective':
-							printf('<td>%s</td>',_('Collective'));
 							printf('<td>%s</td>',$attr->getIsCollective() ? _('Yes') : _('No'));
 							break;

 						case 'user_modification':
-							printf('<td>%s</td>',_('User Modification'));
 							printf('<td>%s</td>',$attr->getIsNoUserModification() ? _('No') : _('Yes'));
 							break;

 						case 'usage':
-							printf('<td>%s</td>',_('Usage'));
 							printf('<td>%s</td>',$attr->getUsage() ? $attr->getUsage() : '('._('not specified').')');
 							break;

 						case 'maximum_length':
-							printf('<td>%s</td>',_('Maximum Length'));
 							print '<td>';

 							if ( is_null($attr->getMaxLength()))
@@ -251,31 +250,31 @@ switch($view) {
 							break;

 						case 'aliases':
-							printf('<td>%s</td>',_('Aliases'));
 							print '<td>';

 							if (count($attr->getAliases()) == 0)
-								echo '('._('none').')';
+								printf('(%s)',_('none'));

 							else
-								foreach ($attr->getAliases() as $alias_attr_name)
-									printf('<a href="?server_id=%s&amp;view=attributes&amp;viewvalue=%s">%s</a>',
-										$ldapserver->server_id,strtolower($alias_attr_name),$alias_attr_name);
+								foreach ($attr->getAliases() as $alias_attr_name) {
+									$href = htmlspecialchars(sprintf($entry['href']['attributes'],strtolower($alias_attr_name)));
+									printf('<a href="%s">%s</a>',$href,$alias_attr_name);
+								}

 							print '</td>';
 							break;

 						case 'used_by_objectclasses':
-							printf('<td>%s</td>',_('Used by objectClasses'));
 							print '<td>';

 							if (count($attr->getUsedInObjectClasses()) == 0)
-								echo '('._('none').')';
+								printf('(%s)',_('none'));

 							else
-								foreach ($attr->getUsedInObjectClasses() as $used_in_oclass)
-									printf('<a href="?server_id=%s&amp;view=objectClasses&amp;viewvalue=%s">%s</a> ',
-										$ldapserver->server_id,strtolower($used_in_oclass),$used_in_oclass);
+								foreach ($attr->getUsedInObjectClasses() as $used_in_oclass) {
+									$href = htmlspecialchars(sprintf($entry['href']['objectClasses'],strtolower($used_in_oclass)));
+									printf('<a href="%s">%s</a> ',$href,$used_in_oclass);
+								}

 							print '</td>';
 							break;
@@ -283,12 +282,11 @@ switch($view) {
 					}
 					print '</tr>';
 				}
-
-				flush();
+				print '</table>';
+				echo '<br />';
 			}
 		}

-		print '</table>';
 		break;

 	case 'matching_rules':
@@ -298,26 +296,25 @@ switch($view) {

 		printf('<small>%s</small><br />',_('Jump to a matching rule'));

-		print '<form action="schema.php" method="get">';
+		print '<form action="cmd.php" method="get">';
+		print '<input type="hidden" name="cmd" value="schema" />';
 		printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
 		print '<input type="hidden" name="view" value="matching_rules" />';

 		print '<select name="viewvalue" onChange="submit()">';
 		print '<option value=""> - all -</option>';
-
 		foreach ($schema_matching_rules as $rule)
 			printf('<option value="%s" %s>%s</option>',
 				$rule->getName(),
-				($rule->getName() == $viewvalue ? 'selected': ''),
+				($rule->getName() == $entry['value'] ? 'selected': ''),
 				$rule->getName());
-
 		print '</select>';

 		printf('<input type="submit" value="%s" />',_('Go'));
 		print '</form>';

-		print '<table class="schema_attr" width="100%">';
-		printf('<tr><th>%s</th><th>%s</th><th>%s</th></tr>',
+		print '<table class="result_table" width=100% border=0>';
+		printf('<tr class="heading"><td>%s</td><td>%s</td><td>%s</td></tr>',
 			_('Matching Rule OID'),_('Name'),_('Used by Attributes'));

 		$counter = 1;
@@ -327,10 +324,10 @@ switch($view) {
 			$oid = htmlspecialchars($rule->getOID());
 			$desc = htmlspecialchars($rule->getName());

-			if ( is_null($viewvalue) || $viewvalue == ($rule->getName())) {
+			if ( is_null($entry['value']) || $entry['value'] == strtolower($rule->getName())) {

-				if (! is_null($viewvalue))
-					$viewed = true;
+				if (! is_null($entry['value']))
+					$entry['viewed'] = true;

 				if (null != $rule->getDescription())
 					$desc .= sprintf(' (%s)',$rule->getDescription());
@@ -348,16 +345,17 @@ switch($view) {
 					printf('<center>(%s)</center><br /><br />',_('none'));

 				} else {
-					print '<table><tr><td style="text-align: right">';
-					print '<form action="schema.php" method="get">';
+					print '<table width=100% border=0><tr><td>';
+					print '<form action="cmd.php" method="get">';
+					print '<input type="hidden" name="cmd" value="schema" />';
 					printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
 					print '<input type="hidden" name="view" value="attributes" />';

-					print '<select style="width: 150px; color:black; background-color: #eee" size="4" name="viewvalue">';
+					print '<select size="4" name="viewvalue">';
 					foreach ($rule->getUsedByAttrs() as $attr)
 						printf('<option>%s</option>',$attr);
-
 					print '</select><br />';
+
 					printf('<input type="submit" value="%s" />',_('Go'));
 					print '</form>';
 					print '</td></tr></table>';
@@ -377,17 +375,16 @@ switch($view) {

 		printf('<small>%s:</small>',_('Jump to an objectClass'));

-		echo '<form action="schema.php" method="get">';
-		printf('<input type="hidden" name="view" value="%s" />',$view);
+		echo '<form action="cmd.php" method="get">';
+		echo '<input type="hidden" name="cmd" value="schema" />';
+		printf('<input type="hidden" name="view" value="%s" />',$entry['view']);
 		printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);

 		echo '<select name="viewvalue" onChange="submit()">';
 		echo '<option value=""> - all - </option>';
-
 		foreach ($schema_oclasses as $name => $oclass)
 			printf('<option value="%s" %s>%s</option>',
-				$name,$name == $viewvalue ? 'selected ': '',$oclass->getName());
-
+				$name,$name == $entry['value'] ? 'selected ': '',$oclass->getName());
 		echo '</select>';

 		printf('<input type="submit" value="%s" />',_('Go'));
@@ -395,124 +392,115 @@ switch($view) {

 		echo '<br />';

-		flush();
-
 		foreach ($schema_oclasses as $name => $oclass) {
-			if (is_null($viewvalue) || ($viewvalue == $name)) {
-				if (! is_null($viewvalue))
-					$viewed = true;
+			if (is_null($entry['value']) || ($entry['value'] == $name)) {
+				if (! is_null($entry['value']))
+					$entry['viewed'] = true;

-				printf('<h4 class="oclass"><a name="%s">%s</a></h4>',$name,$oclass->getName());
-				printf('<h4 class="oclass_sub">%s: <b>%s</b></h4>',_('OID'),$oclass->getOID());
+				echo '<table class="result_table" width=100% border=0>';
+				printf('<tr class="heading"><td colspan=4><a name="%s">%s</a></td></tr>',$name,$oclass->getName());
+				printf('<tr class="odd"><td colspan=4>%s: <b>%s</b></td></tr>',_('OID'),$oclass->getOID());

 				if ($oclass->getDescription())
-					printf('<h4 class="oclass_sub">%s: <b>%s</b></h4>',_('Description'),$oclass->getDescription());
+					printf('<tr class="odd"><td colspan=4>%s: <b>%s</b></td></tr>',_('Description'),$oclass->getDescription());

-				printf('<h4 class="oclass_sub">%s: <b>%s</b></h4>',_('Type'),$oclass->getType());
+				printf('<tr class="odd"><td colspan=4>%s: <b>%s</b></td></tr>',_('Type'),$oclass->getType());

 				if ($oclass->getIsObsolete())
-					printf('<h4 class="oclass_sub">%s</h4>',_('This objectClass is obsolete.'));
+					printf('<tr class="odd"><td colspan=4>%s</td></tr>',_('This objectClass is obsolete.'));

-				printf('<h4 class="oclass_sub">%s: <b>',_('Inherits from'));
+				printf('<tr class="odd"><td colspan=4>%s: <b>',_('Inherits from'));
 				if (count($oclass->getSupClasses()) == 0)
 					printf('(%s)',_('none'));

 				else
 					foreach ($oclass->getSupClasses() as $i => $object_class) {
-						printf('<a title="%s" href="?server_id=%s&amp;view=%s&amp;viewvalue=%s">%s</a>',
-							_('Jump to this objectClass definition'),
-							$ldapserver->server_id,$view,strtolower(htmlspecialchars($object_class)),
-							htmlspecialchars($object_class));
+						$href = htmlspecialchars(sprintf($entry['href']['objectClasses'],strtolower($object_class)));
+
+						printf('<a title="%s" href="%s">%s</a>',
+							_('Jump to this objectClass definition'),$href,$object_class);

 						if ($i < count($oclass->getSupClasses()) - 1)
 							echo ', ';
 					}
-				echo '</b></h4>';
+				echo '</b></td></tr>';

-				printf('<h4 class="oclass_sub">%s: <b>',_('Parent to'));
-				if (strcasecmp($oclass->getName(),'top') == 0)
-					printf('(<a href="schema.php?view=objectClasses&amp;server_id=%s">all</a>)',$ldapserver->server_id);
+				printf('<tr class="odd"><td colspan=4>%s: <b>',_('Parent to'));
+				if (strcasecmp($oclass->getName(),'top') == 0) {
+					$href = htmlspecialchars(sprintf($entry['href']['objectClasses'],''));
+					printf('(<a href="%s">all</a>)',$href);

-				elseif (count($oclass->getChildObjectClasses()) == 0)
+				} elseif (count($oclass->getChildObjectClasses()) == 0)
 					printf('(%s)',_('none'));

 				else
 					foreach ($oclass->getChildObjectClasses() as $i => $object_class) {
-						printf('<a title="%s" href="?server_id=%s&amp;view=%s&amp;viewvalue=%s">%s</a>',
-							_('Jump to this objectClass definition'),
-							$ldapserver->server_id,$view,strtolower(htmlspecialchars($object_class)),
-							htmlspecialchars($object_class));
+						$href = htmlspecialchars(sprintf($entry['href']['objectClasses'],strtolower($object_class)));
+						printf('<a title="%s" href="%s">%s</a>',_('Jump to this objectClass definition'),$href,$object_class);

 						if ( $i < count($oclass->getChildObjectClasses()) - 1)
 							echo ', ';
 					}
-				echo '</b></h4>';
+				echo '</b></td></tr>';

-				echo '<table width="100%" class="schema_oclasses">';
-				echo '<tr>';
-				printf('<th width="50%%"><b>%s</b></th>',_('Required Attributes'));
-				printf('<th width="50%%"><b>%s</b></th>',_('Optional Attributes'));
-				echo '</tr>';
+				printf('<tr class="even"><td class="blank" rowspan=2>&nbsp;</td><td><b>%s</b></td><td><b>%s</b></td><td class="blank" rowspan=2>&nbsp;</td></tr>',
+					_('Required Attributes'),_('Optional Attributes'));

-				echo '<tr>';
+				echo '<tr class="odd">';
 				echo '<td>';
-				if (count($oclass->getMustAttrs($schema_oclasses)) > 0) {
-					echo '<ul class="schema">';

+				if (count($oclass->getMustAttrs($schema_oclasses)) > 0) {
+
+					echo '<ul class="list">';
 					foreach ($oclass->getMustAttrs($schema_oclasses) as $attr) {
 						echo '<li>';
-						printf('<a href="?server_id=%s&amp;view=attributes&amp;viewvalue=%s">%s</a>',
-							$ldapserver->server_id,rawurlencode(strtolower($attr->getName())),htmlspecialchars($attr->getName()));
+						$href = htmlspecialchars(sprintf($entry['href']['attributes'],strtolower($attr->getName())));
+						printf('<a href="%s">%s</a>',$href,$attr->getName());

 						if ($attr->getSource() != $oclass->getName()) {
 							echo '<br />';
-							printf('<small>&nbsp;&nbsp;(%s <a href="?server_id=%s&amp;view=objectClasses&amp;viewvalue=%s">%s</a>)</small>',
-								_('Inherited from'),$ldapserver->server_id,strtolower($attr->getSource()),$attr->getSource());
+							$href = htmlspecialchars(sprintf($entry['href']['objectClasses'],strtolower($attr->getSource())));
+							printf('<small>(%s <a href="%s">%s</a>)</small>',_('Inherited from'),$href,$attr->getSource());
 						}
 						echo '</li>';
 					}
-
 					echo '</ul>';

 				} else
-					printf('<center>(%s)</center>',_('none'));
-
+					printf('(%s)',_('none'));

 				echo '</td>';
-
-				echo '<td width="50%">';
+				echo '<td>';

 				if (count($oclass->getMayAttrs($schema_oclasses)) > 0) {
-					echo '<ul class="schema">';

+					echo '<ul class="list">';
 					foreach ($oclass->getMayAttrs($schema_oclasses) as $attr) {
 						echo '<li>';
-						printf('<a href="?server_id=%s&amp;view=attributes&amp;viewvalue=%s">%s</a>',
-							$ldapserver->server_id,rawurlencode(strtolower($attr->getName())),htmlspecialchars($attr->getName()));
+						$href = htmlspecialchars(sprintf($entry['href']['attributes'],strtolower($attr->getName())));
+						printf('<a href="%s">%s</a>',$href,$attr->getName());

 						if ($attr->getSource() != $oclass->getName()) {
 							echo '<br />';
-							printf('<small>&nbsp;&nbsp; (%s <a href="?server_id=%s&amp;view=objectClasses&amp;viewvalue=%s">%s</a>)</small>',
-								_('Inherited from'),$ldapserver->server_id,strtolower($attr->getSource()),$attr->getSource());
+							$href = htmlspecialchars(sprintf($entry['href']['objectClasses'],strtolower($attr->getSource())));
+							printf('<small>(%s <a href="%s">%s</a>)</small>',_('Inherited from'),$href,$attr->getSource());
 						}
 						echo '</li>';
 					}
-
 					echo '</ul>';

 				} else
-					printf('<center>(%s)</center>',_('none'));
+					printf('(%s)',_('none'));

 				echo '</td>';
 				echo '</tr>';
 				echo '</table>';
+				echo '<br />';
 			}
 		} /* End foreach objectClass */
 		break;
 }

-if (! is_null($viewvalue) && ! $viewed)
-	pla_error(sprintf(_('No such schema item: "%s"'),htmlspecialchars($viewvalue)));
-
-echo '</body>';
-echo '</html>';
+if (! is_null($entry['value']) && ! $entry['viewed'])
+	pla_error(sprintf(_('No such schema item: "%s"'),htmlspecialchars($entry['value'])));
+?>
--- a/htdocs/search.php
+++ b/htdocs/search.php
@@ -1,11 +1,10 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/search.php,v 1.72.2.11 2005/12/31 03:13:48 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/search.php,v 1.78.2.6 2008/01/27 11:57:38 wurley Exp $

 /**
 * Perform LDAP searches and draw the advanced/simple search forms
 *
 * Variables that come in as GET vars:
- *  - server_id (handled in common.php)
 *  - search (true if performing a search, empty to just draw form)
 *  For simple searches:
 *  - attribute, criterion, filter
@@ -14,200 +13,238 @@
 *
 * @package phpLDAPadmin
 * @todo Search is probably broken, since base_dn is now an array
+ * @todo Order doesnt Order properly - probably case related.
 */
 /**
 */

 define('SIZE_LIMIT_EXCEEDED',4);
-require './common.php';
-
-if (isset($ldapserver) && ! $ldapserver->haveAuthInfo())
-	pla_error(_('Not enough information to login to server. Please check your configuration.'));

 # Output format, table or list?
 $result_formats = array('list','table');
-$format = isset($_GET['format']) ? $_GET['format'] : $config->GetValue('search','display');

-if (! in_array($format,$result_formats))
-	$format = 'list';
+# Our incoming variables
+$entry['format'] = get_request('format','GET','false',$_SESSION[APPCONFIG]->GetValue('search','display'));
+$entry['form'] = get_request('form','GET',false,get_request('form','SESSION'));
+
+$entry['orderby']['raw'] = get_request('orderby','GET');
+$entry['orderby']['string'] = rawurldecode($entry['orderby']['raw']);
+$entry['orderby']['array'] = $entry['orderby']['raw'] ? explode(',',preg_replace('/\s+/','',$entry['orderby']['string'])) : true;
+
+$entry['display']['raw'] = get_request('display_attrs','GET');
+$entry['display']['string'] = rawurldecode($entry['display']['raw']);
+$entry['display']['array'] = $entry['display']['raw'] ? explode(',',preg_replace('/\s+/','',$entry['display']['string'])) : array();
+
+$entry['filter']['string'] = get_request('filter','GET');
+$entry['filter']['clean'] = $entry['filter']['string'] ? clean_search_vals($entry['filter']['string']) : null;
+
+$entry['attr'] = get_request('attribute','GET');
+$entry['base_dn']['string'] = get_request('base_dn','GET');
+$entry['criterion'] = get_request('criterion','GET');
+$entry['scope'] = get_request('scope','GET','false','sub');
+$entry['search'] = get_request('search','GET');
+$entry['predefined'] = get_request('predefined','GET');
+$entry['page'] = get_request('page','GET',false,0);
+
+if (! in_array($entry['format'],$result_formats))
+	$entry['format'] = 'list';
+
+$_SESSION['form'] = $entry['form'];

 # build the server drop-down html and JavaScript array (for base_dns)
 $js_on_change_string = '';
-if (isset($_GET['form']) && $_GET['form'] == 'advanced')
-	$js_on_change_string =
-		'onChange="document.forms[0].base_dn.value=servers[document.forms[0].server_id.value].base_dn"';
+if ($entry['form'] == 'advanced')
+	$js_on_change_string = 'onChange="document.forms[0].base_dn.value=servers[document.forms[0].server_id.value].base_dn"';

 if (isset($ldapserver)) {
 	$server_menu_html = server_select_list($ldapserver->server_id,true,'server_id',$js_on_change_string);
 	$server_info_list = server_info_list();
 }

-$filter = isset($_GET['filter']) ? clean_search_vals($_GET['filter']) : null;
-$attr = isset($_GET['attribute']) ? $_GET['attribute'] : null;
-
 # grab the base dn for the search
-if (isset($_GET['base_dn']) && $_GET['base_dn']) {
-	$base_dn = $_GET['base_dn'];
-	$base_dn_is_invalid = false;
-	$base_dn_does_not_exist = false;
+if ($entry['base_dn']['string']) {
+	$entry['base_dn']['invalid'] = false;
+	$entry['base_dn']['exist'] = false;

-	if (trim($base_dn))
-		if (! is_dn_string($base_dn))
-			$base_dn_is_invalid = true;
+	if (! is_dn_string($entry['base_dn']['string']))
+		$entry['base_dn']['invalid'] = true;

-	elseif (! $ldapserver->dnExists($base_dn))
-		$base_dn_does_not_exist = true;
+	elseif (! $ldapserver->dnExists($entry['base_dn']['string']))
+		$entry['base_dn']['exist'] = true;

-	$base_dns = array($base_dn);
+	$base_dns = array($entry['base_dn']['string']);

 } else
 	if (isset($ldapserver))
 		$base_dns = $ldapserver->getBaseDN();

-$criterion = isset($_GET['criterion']) ? $_GET['criterion'] : null;
+printf('<script type="text/javascript" src="%ssearch_util.js"></script>',JSDIR);
+echo '<center>';

-if (isset($_GET['form']))
-	$_SESSION['form'] = $_GET['form'];
-$form = isset($_SESSION['form']) ? $_SESSION['form']  : null;
-$scope = isset($_GET['scope']) ? $_GET['scope'] : 'sub';
+$entry['command']['as'] = $_SESSION[APPCONFIG]->isCommandAvailable('search','advanced_search');
+$entry['command']['ps'] = $_SESSION[APPCONFIG]->isCommandAvailable('search','predefined_search');
+$entry['command']['ss'] = $_SESSION[APPCONFIG]->isCommandAvailable('search','simple_search');

-include './header.php';
+if ($entry['form'] == 'advanced') {
+	if ($entry['command']['as'])
+		require LIBDIR.'search_form_advanced.php';

-echo '<body><center>';
+} elseif ($entry['form'] == 'predefined') {
+	if ($entry['command']['ps'])
+		require LIBDIR.'search_form_predefined.php';

-if ($form == 'advanced')
+} elseif ($entry['form'] == 'simple') {
+	# Draw simple search form
+	if ($entry['command']['ss'])
+		require LIBDIR.'search_form_simple.php';
+
+} elseif ($entry['command']['as']) {
 	require LIBDIR.'search_form_advanced.php';

-elseif ($form == 'predefined')
-	require LIBDIR.'search_form_predefined.php';
-
-# Draw simple search form
-else
+} elseif ($entry['command']['ss']) {
 	require LIBDIR.'search_form_simple.php';

+} elseif ($entry['command']['ps']) {
+	require LIBDIR.'search_form_predefined.php';
+
+} else {
+	echo _('Searching is not permitted');
+}
+
 echo '</center>';
+echo '<br />';

-flush();
+if ($entry['search']) {
+	if ($entry['form'] == 'advanced') {
+		if (! $_SESSION[APPCONFIG]->isCommandAvailable('search','advanced_search'))
+			pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('advanced search')));

-if (isset($_GET['search'])) {
-	if ($form == 'advanced') {
-		if (isset($_GET['display_attrs']))
-			$search_result_attributes = explode(',',rawurldecode(preg_replace('/\s+/','',rawurldecode($_GET['display_attrs']))));
+	} elseif ($entry['form'] == 'predefined') {
+		if (! $_SESSION[APPCONFIG]->isCommandAvailable('search','predefined_search'))
+			pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('predefined search')));
+
+	} elseif ($entry['form'] == 'simple') {
+		if (! $_SESSION[APPCONFIG]->isCommandAvailable('search','simple_search'))
+			pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('simple search')));
+	}
+
+	if ($entry['form'] == 'advanced') {
+		if ($entry['display'])
+			$search_result_attributes = $entry['display']['array'];
 		else
-			$search_result_attributes = $config->GetValue('search','result_attributes');
+			$search_result_attributes = $_SESSION[APPCONFIG]->GetValue('search','result_attributes');

 	} else {
-		$search_result_attributes = $config->GetValue('search','result_attributes');
+		$search_result_attributes = $_SESSION[APPCONFIG]->GetValue('search','result_attributes');
 	}

 	# do we have enough authentication information for the specified server_id
+	# @todo: redirect isnt working
 	if (! $ldapserver->haveAuthInfo()) {
-		$login_url = sprintf('login_form.php?server_id=%s&amp;redirect=%s',
+		$login_url = sprintf('cmd.php?cmd=login_form&amp;server_id=%s&amp;redirect=%s',
 			$ldapserver->server_id,rawurlencode($_SERVER['REQUEST_URI']));

-		printf('<center><br />%s <br /><a href="%s">%s</a>.</center>',
-			_('You have not logged into the selected server yet, so you cannot perform searches on it.'),$login_url,_('Click here to go to the login form'));
-		exit;
+		system_message(array(
+			'title'=>_('Search'),
+			'body'=>_('You have not logged into the selected server yet, so you cannot perform searches on it.'),
+			'type'=>'warn'),
+			$login_url);
 	}

-	if (isset($_GET['predefined'])) {
-		$predefined = $_GET['predefined'];
+	if (is_numeric($entry['predefined'])) {
+		$query = get_cleaned_up_predefined_search($entry['predefined']);

-		if (is_numeric($predefined)) {
-			$query = get_cleaned_up_predefined_search($predefined);
+		$search_result_attributes = explode(', ',$query['attributes']);
+		$search_attributes_display = $search_result_attributes;
+		$search_attributes = $search_result_attributes;

-			$search_result_attributes = explode(', ',$query['attributes']);
-			$search_attributes_display = $search_result_attributes;
-			$search_attributes = $search_result_attributes;
+		$entry['filter']['clean'] = $query['filter'];
+		$entry['scope'] = $query['scope'];

-			$filter = $query['filter'];
-			$scope = $query['scope'];
+		if (! trim($query['base']))
+			$query['base'] = $ldapserver->getBaseDN();

-			if (! trim($query['base']))
-				$query['base'] = $ldapserver->getBaseDN();
+		elseif (is_array($query['base']))
+			$base_dns = $query['base'];

-			elseif (is_array($query['base']))
-				$base_dns = $query['base'];
-
-			else
-				$base_dns = array($query['base']);
-		}
+		else
+			$base_dns = array($query['base']);

 	} else {
-		$predefined = '';
+		$entry['predefined'] = '';
 	}

-	if ($filter) {
+	if ($entry['filter']['clean']) {
 		# if they are using the simple search form, build an LDAP search filter from their input
-		if ($form == 'simple' & ! is_numeric($predefined)) {
+		if ($entry['form'] == 'simple' & ! is_numeric($entry['predefined'])) {

-			switch ($criterion) {
+			switch ($entry['criterion']) {
 				case 'starts with':
-					if ($filter == '*')
-						$filter = '';
+					if ($entry['filter']['clean'] == '*')
+						$entry['filter']['clean'] = '';

-					$filter = "($attr=$filter*)";
+					$entry['filter']['clean'] = sprintf('(%s=%s*)',$entry['attr'],$entry['filter']['clean']);
 					break;

 				case 'contains':
-					if ($filter == '*')
-						$filter = "($attr=*)";
+					if ($entry['filter']['clean'] == '*')
+						$entry['filter']['clean'] = sprintf('(%s=*)',$entry['attr']);
 					else
-						$filter = "($attr=*$filter*)";
+						$entry['filter']['clean'] = sprintf('(%s=*%s*)',$entry['attr'],$entry['filter']['clean']);

 					break;

 				case 'ends with':
-					if ($filter == '*')
-						$filter = '';
+					if ($entry['filter']['clean'] == '*')
+						$entry['filter']['clean'] = '';

-					$filter = "($attr=*$filter)";
+					$entry['filter']['clean'] = sprintf('(%s=*%s)',$entry['attr'],$entry['filter']['clean']);
 					break;

 				case 'equals':
-					$filter = "($attr=$filter)";
+					$entry['filter']['clean'] = sprintf('(%s=%s)',$entry['attr'],$entry['filter']['clean']);
 					break;

 				case 'sounds like':
-					$filter = "($attr~=$filter)";
+					$entry['filter']['clean'] = sprintf('(%s~=%s)',$entry['attr'],$entry['filter']['clean']);
 					break;

 				default:
-					pla_error(_('Unrecognized criteria option: ').htmlspecialchars($criterion)._('If you want to add your own criteria to the list. Be sure to edit search.php to handle them. Quitting.'));
+					system_message(array(
+						'title'=>_('Unrecognized criteria option: ').htmlspecialchars($entry['criterion']),
+						'body'=>_('If you want to add your own criteria to the list. Be sure to edit search.php to handle them. Quitting.'),
+						'type'=>'warn'),
+						sprintf('cmd.php?cmd=search&server_id=%s',$ldapserver->server_id));
 			}
 		}

-		printf('<center>%s</center>',_('Searching...'));
-		flush();
-
 		# prevent script from bailing early on a long delete
 		@set_time_limit(0);

-		$size_limit = $config->GetValue('search','size_limit');
+		$size_limit = $_SESSION[APPCONFIG]->GetValue('search','size_limit');

 		# Sanity check
 		if ($size_limit < 1)
 			$size_limit = 1;

-		$page = isset($_GET['page']) ? $_GET['page'] : 0;
-
 		$time_start = utime();
 		$time_elapsed = 0;

 		foreach ($base_dns as $base_dn) {
 			if (! $ldapserver->dnExists($base_dn)) {
 				if (DEBUG_ENABLED)
-					debug_log('BaseDN [%s] skipped as it doesnt exist in [%s].',64,
+					debug_log('BaseDN [%s] skipped as it doesnt exist in [%s].',64,__FILE__,__LINE__,__METHOD__,
 						$base_dn,$ldapserver->server_id);

 				continue;

 			} else {
 				if (DEBUG_ENABLED)
-					debug_log('Search with base DN [%s]',64,$base_dn);
+					debug_log('Search with base DN [%s]',64,__FILE__,__LINE__,__METHOD__,$base_dn);
 			}

-			$results = $ldapserver->search(null,dn_escape($base_dn),$filter,$search_result_attributes,$scope,true,$config->GetValue('deref','search'));
+			$results = $ldapserver->search(null,dn_escape($base_dn),$entry['filter']['clean'],$search_result_attributes,
+				$entry['scope'],$entry['orderby']['array'],$_SESSION[APPCONFIG]->GetValue('deref','search'));

 			if ((! $results) && $ldapserver->errno())
 				pla_error(_('Encountered an error while performing search.'),$ldapserver->error(),$ldapserver->errno());
@@ -218,58 +255,57 @@ if (isset($_GET['search'])) {
 			$time_elapsed += round($time_end-$time_start,2);
 			$count = count($results);

-			$start_entry = $page * $size_limit;
+			$start_entry = $entry['page'] * $size_limit;
 			$end_entry = min($start_entry+$size_limit+1,$count+1);
-?>

-        <table class="search_header">
-        <tr>
-        <td style="vertical-align: top">
-			<nobr><?php echo _('Entries found: ') . ' &nbsp;<b>' . number_format($count) ?></b>&nbsp;</nobr>
-			<nobr><small>(<?php echo $time_elapsed; ?> <?php echo _('seconds'); ?>)</small></nobr>
-        </td>
-        <td style="text-align: right">
+			# Search Results Table
+			echo '<table class="result" border=0>';

-        <nobr>
-        <small>
-        <?php
-			printf('[ <a href="export_form.php?server_id=%s&amp;scope=%s&amp;dn=%s&amp;filter=%s&amp;attributes=%s"><img src="images/save.png" /> %s</a> ]',
-				$ldapserver->server_id,$scope,urlencode($base_dn),urlencode($filter),
-				urlencode(join(', ',$search_result_attributes)),_('export results'));
+			echo '<tr class="heading">';
+			printf('<td>%s%s <b>%s</b><div class="execution_time">(%s %s)</div></td>',_('Entries found'),_(':'),
+				number_format($count),$time_elapsed,_('seconds'));

-			printf('[ <img src="images/rename.png" /> %s:',_('Format'));
+			if ($_SESSION[APPCONFIG]->isCommandAvailable('export')) {
+				$href = htmlspecialchars(sprintf('cmd.php?cmd=export_form&server_id=%s&scope=%s&dn=%s&filter=%s&attributes=%s',
+					$ldapserver->server_id,$entry['scope'],$base_dn,rawurlencode($entry['filter']['clean']),rawurlencode(join(', ',$search_result_attributes))));
+
+				printf('<td style="text-align: right"><small>[ <a href="%s"><img src="images/save.png" alt="Save" /> %s</a> ]',
+					$href,_('export results'));
+			}
+
+			printf('[ <img src="images/rename.png" alt="rename" /> %s%s',_('Format'),_(':'));

 			foreach ($result_formats as $f) {
 				echo '&nbsp;';

-				if ($format == $f) {
+				if ($entry['format'] == $f) {
 					printf('<b>%s</b>',_($f));

 				} else {
-					$query_string = array_to_query_string($_GET,array('format'));
-					$query_string .= "&amp;format=$f";
-					printf('<a href="search.php?%s">%s</a>',$query_string,_($f));
+					$query_string = array_to_query_string($_GET,array('format','cmd'));
+					$query_string .= sprintf('&amp;format=%s',$f);
+					printf('<a href="cmd.php?cmd=search&amp;%s">%s</a>',$query_string,_($f));
 				}
 			}
-?>

-        ]
-        </small>
-        </nobr>
-			<?php if ($form == 'simple' || $form == 'predefined') { ?>
-				<br /><nobr><small><?php echo _('Base DN: '); ?>
-				<b><?php echo htmlspecialchars($base_dn); ?></b></small></nobr>
-				<br /><nobr><small><?php echo _('Filter performed: '); ?>
-				<b><?php echo htmlspecialchars($filter); ?></b></small></nobr>
-			<?php } ?>
+			echo ' ]</small>';

-        </td>
-        </tr>
-        </table>
+			if ($_SESSION[APPCONFIG]->isCommandAvailable('schema')) {
+				echo '<br />';
+				printf('<small>%s%s <b>%s</b></small>',_('Base DN'),_(':'),htmlspecialchars($base_dn));

-        <?php
+				if ($entry['form'] == 'simple' || $entry['form'] == 'predefined') {
+					echo '<br />';
+					printf('<small>%s%s <b>%s</b></small>',_('Filter performed'),_(':'),htmlspecialchars($entry['filter']['clean']));
+				}
+			}
+
+			echo '</td>';
+			echo '</tr>';
+			echo '</table>';

 			# The LDAP error code for the size limit exceeded error.
+			# @todo: test this with system_message
 			if ($errno && $errno == SIZE_LIMIT_EXCEEDED)
 				printf('<br /><center><small style="color:red; white-space: nowrap">%s</small></center><br />',_('Notice, search size limit exceeded.'));

@@ -282,48 +318,48 @@ if (isset($_GET['search'])) {
 				printf(_('Showing results %s through %s.').'<br />',
 					'<b>'.number_format($start_entry+1).'</b>','<b>'.number_format($end_entry-1).'</b>');

-				if ($page != 0) {
-					$query_string = array_to_query_string($_GET,array('page'));
-					$query_string .= '&page=' . ($page-1);
-					$pager_html .= sprintf('<a title="'._('Page %d').'" href="search.php?%s">&lsaquo;&lsaquo;</a>',$page,$query_string);
+				if ($entry['page'] != 0) {
+					$query_string = array_to_query_string($_GET,array('page','cmd'));
+					$query_string .= '&page=' . ($entry['page']-1);
+					$pager_html .= sprintf('<a title="'._('Page %d').'" href="cmd.php?cmd=search&amp;%s">&lsaquo;&lsaquo;</a>',$entry['page'],$query_string);

 				} else {
-					$pager_html .= "&lsaquo;&lsaquo;";
+					$pager_html .= '&lsaquo;&lsaquo;';
 				}

 				$pager_html .= '&nbsp;&nbsp;';

-				// for large search results where we page beyone the first 20 pages,
-				// print elipsis instead of making the pager be super wide.
+				/* For large search results where we page beyond the first 20 pages,
+				 * print elipsis instead of making the pager be super wide. */
 				$elipsis_printed = false;
 				for ($i=0;$i<$count;$i+=$size_limit) {
 					$page_num = $i/$size_limit;

-					if ($count > $size_limit * 20 && abs($page_num-$page) > 10) {
+					if ($count > $size_limit * 20 && abs($page_num-$entry['page']) > 10) {

 						if (! $elipsis_printed) {
 							$pager_html .= '...&nbsp;&nbsp;';
 							$elipsis_printed = true;
 						}

-					} elseif ($page == $page_num) {
+					} elseif ($entry['page'] == $page_num) {
 						$pager_html .= '<b>' . ($page_num + 1) . '</b>';
 						$pager_html .= '&nbsp;&nbsp;';
 						$elipsis_printed = false;

 					} else {
-						$query_string = array_to_query_string($_GET,array('page'));
+						$query_string = array_to_query_string($_GET,array('page','cmd'));
 						$query_string .= '&page=' . $page_num;
-						$pager_html .= "<a href=\"search.php?$query_string\">" . ($page_num+1) . "</a>";
+						$pager_html .= "<a href=\"cmd.php?cmd=search&amp;$query_string\">" . ($page_num+1) . "</a>";
 						$pager_html .= '&nbsp;&nbsp;';
 						$elipsis_printed = false;
 					}
 				}

-				if ($page+1 < $total_pages) {
-					$query_string = array_to_query_string($_GET,array('page'));
-					$query_string .= '&page=' . ($page+1);
-					$pager_html .= "<a title=\"" . sprintf(_('Page %d'),($page+2))."\" href=\"search.php?$query_string\">&rsaquo;&rsaquo;</a>";
+				if ($entry['page']+1 < $total_pages) {
+					$query_string = array_to_query_string($_GET,array('page','cmd'));
+					$query_string .= '&page=' . ($entry['page']+1);
+					$pager_html .= "<a title=\"" . sprintf(_('Page %d'),($entry['page']+2))."\" href=\"cmd.php?cmd=search&amp;$query_string\">&rsaquo;&rsaquo;</a>";

 				} else {
 					$pager_html .= "&rsaquo;&rsaquo;";
@@ -338,25 +374,19 @@ if (isset($_GET['search'])) {
 				if (trim($pager_html))
 					printf('<center>%s</center>',$pager_html);
 				echo '<br />';
-				flush();

-				if ($format == 'list')
+				if ($entry['format'] == 'list')
 					require LIBDIR.'search_results_list.php';
-				elseif ($format == 'table')
+				elseif ($entry['format'] == 'table')
 					require LIBDIR.'search_results_table.php';
 				else
-					pla_error(sprintf(_('Unrecognized search result format: %s'),htmlspecialchars($format)));
+					pla_error(sprintf(_('Unrecognized search result format: %s'),htmlspecialchars($entry['format'])));

 				echo '<br />';
 				if (trim($pager_html))
 					printf('<center>%s</center>',$pager_html);
 			}
 		}
-
-		printf('<br /><br /><div class="search_result"><center><small><span style="font-weight:normal;font-size:75%%;">%s <b>%s</b> %s.</span></small></center></div>',
-			_('Search performed by phpLDAPadmin in'),$time_elapsed,_('seconds'));
-
 	}
 }
-echo '</body></html>';
 ?>
--- a/htdocs/server_info.php
+++ b/htdocs/server_info.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/server_info.php,v 1.22.2.3 2005/12/08 11:55:57 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/server_info.php,v 1.27.2.2 2008/01/13 05:37:01 wurley Exp $

 /**
 * Fetches and displays all information that it can from the specified server
@@ -12,7 +12,8 @@
 /**
 */

-require './common.php';
+if (! $_SESSION[APPCONFIG]->isCommandAvailable('server_info'))
+	pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('view server informations')));

 # The attributes we'll examine when searching the LDAP server's RootDSE
 $root_dse_attributes = array(
@@ -46,48 +47,45 @@ $root_dse_attributes = array(
 	'*'
 	);

-if (! $ldapserver->haveAuthInfo())
-	pla_error( _('Not enough information to login to server. Please check your configuration.') );
-
 # Fetch basic RootDSE attributes using the + and *.
-$attrs = array_pop($ldapserver->search(null,'','objectClass=*',array('+','*'),'base'));
+$attrs = $ldapserver->search(null,'','objectClass=*',array('+','*'),'base');
+$attrs = array_pop($attrs);

 /* After fetching the "basic" attributes from the RootDSE, try fetching the
   more advanced ones (from ths list). Add them to the list of attrs to display
   if they weren't already fetched. (this was added as a work-around for OpenLDAP
   on RHEL 3. */
-$attrs2 = array_pop($ldapserver->search(null,'','objectClass=*',$root_dse_attributes,'base'));
+$attrs2 = $ldapserver->search(null,'','objectClass=*',$root_dse_attributes,'base');
+$attrs2 = array_pop($attrs2);

-foreach ($attrs2 as $attr => $values)
-	if (! isset($attrs[$attr]))
-		$attrs[$attr] = $attrs2[$attr];
+if (is_array($attrs2))
+	foreach ($attrs2 as $attr => $values)
+		if (! isset($attrs[$attr]))
+			$attrs[$attr] = $attrs2[$attr];

-include './header.php';
-
-echo '<body>';
 printf('<h3 class="title">%s%s</h3>',_('Server info for: '),htmlspecialchars($ldapserver->name));
 printf('<h3 class="subtitle">%s</h3>',_('Server reports the following information about itself'));

 if (count($attrs) == 0) {
 	echo '<br /><br />';
 	printf('<center>%s</center>',_('This server has nothing to report.'));
-	exit;
+	return;
 }

-echo '<table class="edit_dn">';
+echo '<table class="result" border=0>';
 foreach ($attrs as $attr => $values) {
 	if ($attr == 'dn')
 		continue;

-	$schema_href = sprintf('schema.php?server_id=%s&amp;view=attributes&amp;viewvalue=%s',$ldapserver->server_id,$attr);
+	$schema_href = sprintf('cmd.php?cmd=schema&amp;server_id=%s&amp;view=attributes&amp;viewvalue=%s',$ldapserver->server_id,$attr);

-	echo '<tr><td class="attr">';
-	printf('<b><a title="'._('Click to view the schema defintion for attribute type \'%s\'').'" href="%s">%s</a></b>',
+	echo '<tr class="list_item"><td class="heading" rowspan=2>';
+	printf('<a title="'._('Click to view the schema definition for attribute type \'%s\'').'" href="%s">%s</a>',
 		$attr,$schema_href,htmlspecialchars($attr));
 	echo '</td></tr>';

-	echo '<tr><td class="val">';
-	echo '<table class="edit_dn">';
+	echo '<tr class="list_item"><td class="blank">&nbsp;</td><td class="value">';
+	echo '<table class="result" border=0>';

 	if (is_array($values))
 		foreach ($values as $value) {
@@ -96,8 +94,8 @@ foreach ($attrs as $attr => $values) {
 		print '<tr>';

 		if (preg_match('/^[0-9]+\.[0-9]+/',$value)) {
-			printf('<td width=5%%><acronym title="%s"><img src="images/rfc.png" /></acronym></td>',
-				htmlspecialchars($value));
+			printf('<td width=5%%><img src="images/rfc.png" title="%s" alt="%s" /></td>',
+			       htmlspecialchars($value), htmlspecialchars($value));

 			if ($oidtext = support_oid_to_text($value))
 				if (isset($oidtext['ref']))
@@ -106,7 +104,7 @@ foreach ($attrs as $attr => $values) {
 					printf('<td>%s</td>',$oidtext['title']);

 			else
-				if ($value)
+			if (strlen($value) > 0)
 					printf('<td><small>%s</small></td>',$value);

 		} else {
@@ -120,10 +118,10 @@ foreach ($attrs as $attr => $values) {
 		}

 	else
-		printf('<tr><td>%s</td></tr>',htmlspecialchars($values));
+		printf('<tr><td>%s&nbsp;</td></tr>',htmlspecialchars($values));

 	echo '</table>';
 	echo '</td></tr>';
 }
-echo '</table></body></html>';
+echo '</table>';
 ?>
--- a/htdocs/show_cache.php
+++ b/htdocs/show_cache.php
@@ -0,0 +1,90 @@
+<?php
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/show_cache.php,v 1.3.2.1 2007/12/26 09:26:32 wurley Exp $
+
+/**
+ * This script shows the contents of the cache for debugging purposes
+ *
+ * @package phpLDAPadmin
+ */
+/**
+ */
+
+require './common.php';
+
+$entry['key'] = get_request('key','REQUEST');
+$entry['index'] = get_request('index','REQUEST');
+
+if (isset($entry['index']) && isset($entry['key'])) {
+	list($entry['server'],$entry['x']) = split(':',$entry['index']);
+	debug_dump($_SESSION[$entry['key']][$entry['server']][$entry['x']],1);
+}
+if ($entry['key'])
+	debug_dump($_SESSION[$entry['key']],1);
+
+if (! $_SESSION[APPCONFIG]->GetValue('appearance','hide_debug_info')) {
+	echo '<div style="font-size: 11px"><ul>';
+	foreach (array_keys($_SESSION) as $key) {
+		if (($key == 'cache') && is_array($_SESSION[$key]))
+			foreach (array_keys($_SESSION['cache']) as $server) {
+				foreach (array_keys($_SESSION['cache'][$server]) as $x) {
+					$index = sprintf('%s:%s',$server,$x);
+
+					printf('<li><span id="%s"><a href="javascript:get(\'%s\',\'%s\');">%s</a></span><div id="%sloading" style="display: none" ></div></li>',
+						$key.$index,$key,$index,$key.'.'.$index,$key.$index,$key.$index);
+				}
+			}
+		else
+			printf('<li><span id="%s"><a href="javascript:get(\'%s\', \'\');">%s</a></span><div id="%sloading" style="display: none" ></div></li>',
+				$key,$key,$key,$key);
+	}
+	echo '</ul></div>';
+}
+?>
+
+<script type="text/javascript" language="javascript">
+	var http_request = false;
+	var newtree_div;
+	var obj_key = '';
+	var obj_ind = '';
+	var obj = null;
+
+	function alertCacheContents(result) {
+		if (obj) {
+			obj.innerHTML = '<a href="javascript:close(\'' + obj_key + '\', \'' + obj_ind + '\')">' + obj_key + '.' + obj_ind + ' [close]<\/a>';
+			obj.innerHTML += result;
+			obj = null;
+			newtree_div.display = 'none';
+		}
+	}
+
+	function cancelCacheContents() {
+		if (obj) {
+			obj.innerHTML = '<a href="javascript:get(\'' + obj_key + '\', \'' + obj_ind + '\');">' + obj_key + '.' + obj_ind + '<\/a>';
+			newtree_div.display = 'none';
+			obj = null;
+		}
+	}
+
+	function get(key,xx) {
+		if (obj) cancelHttpRequest();
+
+		obj_key = key;
+		obj_ind = xx;
+		obj = document.getElementById(key + xx);
+
+		newtree_div = document.getElementById(key + xx + 'loading').style;
+		newtree_div.display = 'block';
+		var poststr = "cmd=show_cache&key=" + encodeURI(key);
+
+		if (xx) {
+			poststr += "&index=" + encodeURI(xx);
+		}
+
+		obj.innerHTML = '<img src="images/ajax-spinner.gif" /> Loading...';
+		makePOSTRequest('cmd.php',poststr,'alertCacheContents','cancelCacheContents');
+	}
+
+	function close(key,xx) {
+		document.getElementById(key + xx).innerHTML = '<a href="javascript:get(\'' + key + '\', \'' + xx + '\');">' + key + '.' + xx + '<\/a>';
+	}
+</script>
--- a/htdocs/template_engine.php
+++ b/htdocs/template_engine.php
--- a/htdocs/timeout.php
+++ b/htdocs/timeout.php
@@ -1,4 +1,6 @@
 <?php
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/timeout.php,v 1.5.2.1 2007/12/21 12:11:55 wurley Exp $
+
 /**
 * Time out page to be displayed on the right frame
 *
@@ -13,8 +15,10 @@

 require './common.php';

-if (! isset($ldapserver))
+if (! isset($ldapserver)) {
 	header("Location: index.php");
+	die();
+}

 include './header.php';

@@ -30,7 +34,7 @@ $session_timeout = $ldapserver->session_timeout ? $ldapserver->session_timeout :
 	<br />
 	<br />
 	<?php echo _('To log back in please click on the following link:'); ?><br />
-	<a href="login_form.php?server_id=<?php echo $ldapserver->server_id; ?>"><?php echo _('Login...'); ?></a>
+	<a href="cmd.php?cmd=login_form&server_id=<?php echo $ldapserver->server_id; ?>"><?php echo _('Login...'); ?></a>
 </center>

 </body>
--- a/htdocs/tree.php
+++ b/htdocs/tree.php
@@ -1,125 +0,0 @@
-<?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/tree.php,v 1.88.4.9 2005/12/21 19:28:31 wurley Exp $
-
-/**
- * This script displays the LDAP tree for all the servers that you have
- * in config.php.
- *
- * We read the session variable 'tree' to know which dns are expanded or collapsed.
- * No query string parameters are expected, however, you can use a '#' offset to
- * scroll to a given dn. The syntax is tree.php#<server_id>_<rawurlencoded dn>, so
- * if I wanted to scroll to dc=example,dc=com for server 3, the URL would be:
- *
- *	tree.php#3_dc%3Dexample%2Cdc%3Dcom
- *
- * @package phpLDAPadmin
- * @author The phpLDAPadmin development team
- */
-/**
- */
-
-require './common.php';
-no_expire_header();
-
-# This allows us to display large sub-trees without running out of time.
-@set_time_limit( 0 );
-
-$recently_timed_out_servers = array();
-if (isset($_SESSION['activity']['rightframe_server_id']))
-	$rightframe_server_id = $_SESSION['activity']['rightframe_server_id'];
-$rightframerefresh = false;
-
-foreach ($ldapservers->GetServerList() as $server_id) {
-	$ldapserver = $ldapservers->Instance($server_id);
-
-	# Test to see if we should log out the user due to the timeout.
-	if ($ldapserver->haveAuthInfo() && $ldapserver->auth_type != 'config') {
-		/* If time out value has been reached:
-		   - log out user
-		   - put $server_id in array of recently timed out servers */
-		if (session_timed_out($ldapserver)) {
-			array_push($recently_timed_out_servers, $server_id);
-
-		        # If $ldapserver->server_id equal $rightframe_server_id load timeout page on right frame
-			if ($ldapserver->server_id == $rightframe_server_id)
-				$rightframerefresh = true;
-
-		/* Otherwise calculate a new refresh value. If the timeout value is less than the previous
-		    $meta_refresh_variable value set $meta_refresh_variable to $ldapserver->session_timeout */
-		} else
-			$meta_refresh_variable = $ldapserver->session_timeout*60;
-	}
-}
-
-include './header.php';
-
-echo '<body>';
-
-if ($rightframerefresh) {
-?>
-		<script type="text/javascript" language="javascript">
-		<!--
-		parent.right_frame.location.href = 'timeout.php?server_id=<?php echo $rightframe_server_id; ?>';
-		//-->
-		</script>
-<?php
-}
-?>
-
-<!-- # PHP layers menu. -->
-<script type="text/javascript" language="javascript" src="js/phplayersmenu/libjs/layersmenu-browser_detection.js"></script>
-<script type="text/javascript" language="javascript" src="js/phplayersmenu/libjs/layerstreemenu-cookies.js"></script>
-
-<?php
-printf('<h3 class="subtitle" style="margin:0px">phpLDAPadmin - %s</h3>',pla_version());
-
-echo "\n\n";
-echo '<!-- Links at the top of the tree viewer -->';
-echo '<table class="edit_dn_menu" width=100%><tr>';
-printf('<td><img src="images/home.png" alt="%s" /></td>',_('Home'));
-printf('<td width=50%%><nobr><a href="welcome.php" target="right_frame">%s</a></nobr></td>',_('Home'));
-printf('<td><img src="images/trash.png" alt="%s" /></td>',_('Purge caches'));
-printf('<td width=50%%><nobr><a href="purge_cache.php" target="right_frame" title="%s">%s</a></nobr></td>',_('Purge all cached data in phpLDAPadmin, including server schemas.'),_('Purge caches'));
-echo '</tr><tr>';
-
-if (! $config->GetValue('appearance','hide_configuration_management')) {
-	printf('<td><img src="images/light.png" alt="%s" /></td>',_('light'));
-	printf('<td width=50%%><nobr><a href="%s" target="new">%s</a></nobr></td>',get_href('add_rfe'),_('Request feature'));
-	printf('<td><img src="images/bug.png" alt="%s" /></td>',_('bug'));
-	printf('<td width=50%%><nobr><a href="%s" target="new">%s</a></nobr></td>',get_href('add_bug'),_('Report a bug'));
-	echo '</tr><tr>';
-
-	printf('<td><img src="images/smile.png" alt="%s" /></td>',_('Donate'));
-	printf('<td width=50%%><nobr><a href="%s" target="right_frame">%s</a></nobr></td>',get_href('donate'),_('Donate'));
-}
-
-printf('<td><img src="images/help.png" alt="%s" /></td>',_('Help'));
-printf('<td><nobr><a href="help.php" target="right_frame">%s</a></nobr></td>',_('Help'));
-echo '</tr></table>';
-
-echo "\n\n";
-
-# We want the std tree function as a fallback
-require LIBDIR.'tree_functions.php';
-
-# Are we going to use the PLM tree?
-if ($config->GetValue('appearance','tree_plm')) {
-	require JSDIR.'phplayersmenu/lib/PHPLIB.php';
-	require JSDIR.'phplayersmenu/lib/layersmenu-common.inc.php';
-	require JSDIR.'phplayersmenu/lib/treemenu.inc.php';
-}
-
-# For each of the configured servers
-foreach( $ldapservers->GetServerList() as $server_id ) {
-	$ldapserver = $ldapservers->Instance($server_id);
-
-	if ($ldapserver->isVisible()) {
-		$filename = get_custom_file($server_id,'tree_functions.php',LIBDIR);
-		require_once($filename);
-
-		call_custom_function($server_id,'draw_server_tree');
-	}
-}
-
-echo '</body></html>';
-?>
--- a/htdocs/update.php
+++ b/htdocs/update.php
@@ -1,11 +1,9 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/update.php,v 1.25.2.6 2006/01/14 23:33:39 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/update.php,v 1.29.2.1 2007/12/26 09:26:32 wurley Exp $

 /**
 * Updates or deletes a value from a specified attribute for a specified dn.
 *
- * Variables that come in via common.php
- * - server_id
 * Variables that come in on the query string:
 * - dn (rawurlencoded)
 * - update_array (an array in the form expected by PHP's ldap_modify, except for deletions)
@@ -28,93 +26,120 @@

 require './common.php';

-$dn = $_POST['dn'];
-$encoded_dn = rawurlencode($dn);
+$entry['dn']['string'] = get_request('dn');
+$entry['dn']['encode'] = rawurlencode($entry['dn']['string']);

 # If cancel was submited, got back to the edit display.
 if (isset($_REQUEST['cancel'])) {
-	header(sprintf('Location: template_engine.php?server_id=%s&dn=%s',$ldapserver->server_id,$encoded_dn));
+	header(sprintf('Location: cmd.php?cmd=template_engine&server_id=%s&dn=%s',$ldapserver->server_id,$entry['dn']['encode']));
 	die();
 }

 if ($ldapserver->isReadOnly())
 	pla_error(_('You cannot perform updates while server is in read-only mode'));
-if (! $ldapserver->haveAuthInfo())
-	pla_error(_('Not enough information to login to server. Please check your configuration.'));

-$update_array = isset($_POST['update_array']) ? $_POST['update_array'] : array();
-$skip_array = isset($_POST['skip_array']) ? $_POST['skip_array'] : array();
+$entry['update'] = get_request('update_array','POST',false,array());
+$entry['skip'] = get_request('skip_array','POST',false,array());
 $failed_attrs = array();

-if (! is_array($update_array))
+if (! is_array($entry['update']))
 	pla_error(_('update_array is malformed. This might be a phpLDAPadmin bug. Please report it.'));

-run_hook ('pre_update',array('server_id'=>$ldapserver->server_id,'dn'=>$dn,'update_array'=>$update_array));
+run_hook ('pre_update',
+	array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn']['string'],'update_array'=>$entry['update']));

 # Check for delete attributes (indicated by the attribute entry appearing like this: attr => ''
-foreach ($update_array as $attr => $val)
-	if (! is_array($val))
-		if (array_key_exists($attr,$skip_array))
-			unset($update_array[$attr]);
+foreach ($entry['update'] as $attr => $val) {
+	if (! is_array($val)) {
+		if (array_key_exists($attr,$entry['skip'])) {
+			unset($entry['update'][$attr]);

-		elseif ($val == '')
-			$update_array[$attr] = array();
+		} elseif ($val == '') {
+			$entry['update'][$attr] = array();

-		# Skip change
-		else
-			$update_array[$attr] = $val;
+			if (! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_delete'))
+				pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('delete attribute')));
+		} else { # Skip change
+			$entry['update'][$attr] = $val;

-	else
-		if (array_key_exists($attr,$skip_array))
-			unset($update_array[$attr]);
+			if (! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_add_value')
+			    && ! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_delete_value'))
+				pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('modify attribute values')));
+		}

-		else
+	} else {
+		if (array_key_exists($attr,$entry['skip'])) {
+			unset($entry['update'][$attr]);
+
+		} else {
 			foreach ($val as $i => $v)
-				$update_array[$attr][$i] = $v;
+				$entry['update'][$attr][$i] = $v;

-/* Call the custom callback for each attribute modification
-   and verify that it should be modified.*/
-foreach ($update_array as $attr_name => $val) {
+			if (! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_add_value')
+			    && ! $_SESSION[APPCONFIG]->isCommandAvailable('attribute_delete_value'))
+				pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('modify attribute values')));
+		}
+	}
+}
+
+# Call the custom callback for each attribute modification and verify that it should be modified.
+foreach ($entry['update'] as $attr_name => $val) {
 	# Check to see if this is a unique Attribute
-	if ($badattr = $ldapserver->checkUniqueAttr($dn,$attr_name,$val)) {
-		$search_href = sprintf('search.php?search=true&form=advanced&server_id=%s&filter=%s=%s',
+	if ($badattr = $ldapserver->checkUniqueAttr($entry['dn']['string'],$attr_name,$val)) {
+		$href['search'] = sprintf('cmd.php?cmd=search&search=true&form=advanced&server_id=%s&filter=%s=%s',
 			$ldapserver->server_id,$attr_name,$badattr);

 		pla_error(sprintf(_('Your attempt to add <b>%s</b> (<i>%s</i>) to <br><b>%s</b><br> is NOT allowed. That attribute/value belongs to another entry.<p>You might like to <a href="%s">search</a> for that entry.'),
-			$attr_name,$badattr,$dn,$search_href));
+			$attr_name,$badattr,$entry['dn']['string'],$href['search']));
 	}

 	if (run_hook('pre_attr_modify',
-		array('server_id'=>$ldapserver->server_id,'dn'=>$dn,'attr_name'=>$attr_name,'new_value'=>$val)) !== true) {
+		array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn']['string'],'attr_name'=>$attr_name,'new_value'=>$val)) !== true) {

-		unset($update_array[$attr_name]);
+		unset($entry['update'][$attr_name]);
 		$failed_attrs[$attr_name] = $val;

-	} elseif ($ldapserver->isAttrReadOnly($attr))
+	} elseif ($ldapserver->isAttrReadOnly($attr)) {
 		pla_error(sprintf(_('The attribute "%s" is flagged as read-only in the phpLDAPadmin configuration.'),
 			htmlspecialchars($attr_name)));
+	} else {
+		// binary values
+		if (isset($_SESSION['submitform'][$attr_name])) {
+			foreach ($val as $i => $v) {
+				if (isset($_SESSION['submitform'][$attr_name][$v])) {
+					foreach ($_SESSION['submitform'][$attr_name][$v] as $file) {
+						foreach ($file as $data) {
+							$entry['update'][$attr_name][$i] = $data;
+						}
+					}
+				}
+			}
+		}
+	}
 }

 # Perform the modification
-$res = $ldapserver->modify($dn,$update_array);
-if ($res) {
+$result = $ldapserver->modify($entry['dn']['string'],$entry['update']);
+if ($result) {
 	# Fire the post modification event to the user's custom callback function.
 	$mustRelogin = false;
-	foreach ($update_array as $attr_name => $val) {
+	foreach ($entry['update'] as $attr_name => $val) {
 		run_hook('post_attr_modify',
-			array('server_id'=>$ldapserver->server_id,'dn'=>$dn,'attr_name'=>$attr_name,'new_value'=>$val));
+			array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn']['string'],'attr_name'=>$attr_name,'new_value'=>$val));

 		/* Was this a user's password modification who is currently
-		   logged in? If so, they need to logout and log back in
-		   with the new password. */
+		 * logged in? If so, they need to logout and log back in
+		 * with the new password.
+		 */
 		if (0 === strcasecmp($attr_name,'userPassword') &&
 			in_array($ldapserver->auth_type,array('cookie','session')) &&
-			pla_compare_dns($ldapserver->getLoggedInDN(),$dn) === 0)
+			pla_compare_dns($ldapserver->getLoggedInDN(),$entry['dn']['string']) === 0)

 			$mustRelogin = true;
 	}

-	run_hook ('post_update',array ('server_id' => $ldapserver->server_id,'dn' => $dn,'update_array' => $update_array));
+	run_hook('post_update',
+		array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn']['string'],'update_array'=>$entry['update']));

 	# If the user password was changed, not tell the to relogin.
 	if ($mustRelogin) {
@@ -123,9 +148,6 @@ if ($res) {
 			include './header.php';

 			echo '<body>';
-			echo '<script type="text/javascript" language="javascript">';
-			echo 'parent.left_frame.location.reload();';
-			echo '</script>'."\n\n";

 			echo '<br />';
 			echo '<center>';
@@ -133,7 +155,7 @@ if ($res) {
 			echo '<br /><br />';
 			echo _('Since you changed your password, you must now login again with your new password.');
 			echo '<br />';
-			printf('<a href="login_form.php?server_id=%s">%s...</a>',$ldapserver->server_id, _('Login'));
+			printf('<a href="cmd.php?cmd=login_form&server_id=%s">%s...</a>',$ldapserver->server_id, _('Login'));
 			echo '</center>';
 			echo '</body>';
 			echo '</html>';
@@ -141,15 +163,16 @@ if ($res) {
 			exit;
 	}

-	$redirect_url = sprintf('template_engine.php?server_id=%s&dn=%s',$ldapserver->server_id,$encoded_dn);
+	$redirect_url = sprintf('cmd.php?cmd=template_engine&server_id=%s&dn=%s',$ldapserver->server_id,$entry['dn']['encode']);

-	foreach ($update_array as $attr => $junk)
+	foreach ($entry['update'] as $attr => $junk)
 		$redirect_url .= "&modified_attrs[]=$attr";

 	foreach ($failed_attrs as $attr => $junk)
 		$redirect_url .= "&failed_attrs[]=$attr";

 	header("Location: $redirect_url");
+	die();

 } else {
 	pla_error(_('Could not perform ldap_modify operation.'),$ldapserver->error(),$ldapserver->errno());
--- a/htdocs/update_confirm.php
+++ b/htdocs/update_confirm.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/update_confirm.php,v 1.43.2.8 2006/01/12 22:04:51 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/update_confirm.php,v 1.49.2.3 2008/01/13 05:37:01 wurley Exp $

 /**
 * Takes the results of clicking "Save" in template_engine.php and determines which
@@ -14,102 +14,177 @@
 */

 require './common.php';
-include './header.php';

 if ($ldapserver->isReadOnly())
 	pla_error(_('You cannot perform updates while server is in read-only mode'));

-$dn = $_POST['dn'];
-$old_values = $_POST['old_values'];
-$new_values = $_POST['new_values'];
-$encoded_dn = rawurlencode($dn);
-$rdn = get_rdn($dn);
+/***************/
+/* get entry   */ 
+/***************/
+	
+$entry['dn']['string'] = get_request('dn');
+$entry['dn']['encode'] = rawurlencode($entry['dn']['string']);

-echo '<body>';
-printf('<h3 class="title">%s</h3>',htmlspecialchars($rdn));
-printf('<h3 class="subtitle">%s: <b>%s</b> &nbsp;&nbsp;&nbsp; %s: <b>%s</b></h3>',
-	_('Server'),$ldapserver->name,_('Distinguished Name'),htmlspecialchars($dn));
-echo "\n\n";
+if (! $entry['dn']['string'] || ! $ldapserver->dnExists($entry['dn']['string']))
+	pla_error(sprintf(_('The entry (%s) does not exist.'),htmlspecialchars($entry['dn']['string'])),null,-1,true);

-run_hook('pre_update_array_processing',array('server_id'=>$ldapserver->server_id,
-	'dn'=>$dn,'old_values'=>$old_values,'new_values'=>$new_values));
+$tree = get_cached_item($ldapserver->server_id,'tree');
+$entry['ldap'] = null;
+if ($tree) {
+	$entry['ldap'] = $tree->getEntry($entry['dn']['string']);

-$update_array = array();
-foreach ($old_values as $attr => $old_val) {
-	# Did the user delete the field?
-	if (! isset($new_values[$attr]))
-		$update_array[$attr] = '';
+	if (! $entry['ldap'])
+		$tree->addEntry($entry['dn']['string']);

-	# Did the user change the field?
-	elseif ($old_val !== $new_values[$attr]) {
-		$new_val = $new_values[$attr];
+	$entry['ldap'] = $tree->getEntry($entry['dn']['string']);
+}

-		# Special case for userPassword attributes
-		if (strcasecmp($attr,'userPassword') == 0) {
-			foreach ($new_val as $key => $userpassword) {
-				if (trim($userpassword))
-					$new_val[$key] = password_hash($userpassword,$_POST['enc_type'][$key]);
-				else
-					unset($new_val[$key]);
+if (! $entry['ldap'] || $entry['ldap']->isReadOnly())
+	pla_error(sprintf(_('The entry (%s) is in readonly mode.'),htmlspecialchars($entry['dn']['string'])),null,-1,true);
+
+/***************/
+/* old values  */ 
+/***************/
+
+$entry['values']['old'] = array();
+foreach ($entry['ldap']->getAttributes() as $old_attr) {
+	$name = $old_attr->getName();
+	$entry['values']['old'][$name] = array();
+
+	foreach ($old_attr->getValues() as $old_val) {
+		if (strlen($old_val) > 0)
+			$entry['values']['old'][$name][] = $old_val;
+	}
+}
+
+/***************/
+/* new values  */ 
+/***************/
+
+eval('$reader = new '.$_SESSION[APPCONFIG]->GetValue('appearance','entry_reader').'($ldapserver);');
+$entry['ldap']->accept($reader);
+
+$entry['values']['new'] = array();
+foreach ($entry['ldap']->getAttributes() as $new_attr) {
+	if ($new_attr->hasBeenModified()) {
+		$name = $new_attr->getName();
+
+		if (!isset($entry['values']['old'][$name]))
+			$entry['values']['old'][$name] = array();
+
+		$entry['values']['new'][$name] = array();
+
+		foreach ($new_attr->getValues() as $i => $new_val) {
+			if ($new_attr instanceof BinaryAttribute) {
+				$n = $new_attr->getFileName($i);
+				$p = $new_attr->getFilePath($i);
+				$new_val = md5("$n|$p");
 			}

-			$password_already_hashed = true;
-
-		# Special case for samba password
-		} elseif (strcasecmp($attr,'sambaNTPassword') == 0 && trim($new_val[0])) {
-			$sambapassword = new smbHash;
-			$new_val[0] = $sambapassword->nthash($new_val[0]);
-
-		# Special case for samba password
-		} elseif (strcasecmp($attr,'sambaLMPassword') == 0 && trim($new_val[0])) {
-			$sambapassword = new smbHash;
-			$new_val[0] = $sambapassword->lmhash($new_val[0]);
+			if (strlen($new_val) > 0)
+				$entry['values']['new'][$name][] = $new_val;
 		}
-
-		# Retest in case our now encoded password is the same.
-		if ($new_val === $old_val)
-			continue;
-
-		if ($new_val)
-			$update_array[$attr] = $new_val;
 	}
 }

-# Check user password with new encoding.
-if (isset($new_values['userpassword']) && is_array($new_values['userpassword']))
-	foreach ($new_values['userpassword'] as $key => $userpassword) {
-		if ($userpassword) {
-			$new_val[$key] = password_hash($userpassword,$_POST['enc_type'][$key]);
+/************************/
+/* objectClass deletion */
+/************************/

-			if ($new_val[$key] != $old_values['userpassword'][$key])
-				$update_array['userpassword'][$key] = $new_val[$key];
+$oc_to_delete = array();
+$attr_to_delete = array();
+
+// if objectClass attribute is modified
+if (isset($entry['values']['new']['objectClass'])) {
+	if (!isset($entry['values']['old']['objectClass'])) {
+		pla_error(_('An entry should have one structural objectClass.'));
+	}
+	// deleted objectClasses
+	foreach ($entry['values']['old']['objectClass'] as $oldOC) {
+		if (!in_array($oldOC, $entry['values']['new']['objectClass'])) {
+			$oc_to_delete[] = $oldOC;
 		}
 	}
-
-# strip empty vals from update_array and ensure consecutive indices for each attribute
-foreach ($update_array as $attr => $val) {
-	if (is_array($val)) {
-		foreach($val as $i => $v)
-			if (null == $v || 0 == strlen($v))
-				unset($update_array[$attr][$i]);
-
-		$update_array[$attr] = array_values($update_array[$attr]);
+	// search the attributes used by each deleted objecClass
+	// we must maybe delete these attributes
+	foreach ($oc_to_delete as $oc) {
+		$soc = $ldapserver->getSchemaObjectClass($oc);
+		if ($soc) {
+			$ocs = $ldapserver->SchemaObjectClasses();
+			$ma = $soc->getMustAttrs($ocs);
+			foreach ($ma as $a) {
+				if (!isset($attr_to_delete[$a->getName()])) {
+					$attr_to_delete[$a->getName()] = $a;
+				}
+			}
+			$ma = $soc->getMayAttrs($ocs);
+			foreach ($ma as $a) {
+				if (!isset($attr_to_delete[$a->getName()])) {
+					$attr_to_delete[$a->getName()] = $a;
+				}
+			}
+		}
+	}
+	// if an attribute is still used by an objectClass we don't delete,
+	// we don't delete this attribute
+	foreach ($attr_to_delete as $name => $ad) {
+		$found = false;
+		$at = $ldapserver->getSchemaAttribute($name);
+		foreach ($at->getUsedInObjectClasses() as $oc) {
+			if (in_array($oc, $entry['values']['new']['objectClass'])) {
+				$found = true;
+				break;
+			}
+		}
+		if (!$found) {
+			foreach ($at->getRequiredByObjectClasses() as $oc) {
+				if (in_array($oc, $entry['values']['new']['objectClass'])) {
+					$found = true;
+					break;
+				}
+			}
+		}
+		if ($found) {
+			unset($attr_to_delete[$name]);
+		} else {
+			if (isset($entry['values']['old'][$name]) && (count($entry['values']['old'][$name]) > 0)) {
+				$found = true;
+			} else {
+				foreach ($entry['values']['new'] as $attr_name => $attr_values) {
+					if ($name == $attr_name) {
+						$found = true;
+						break;
+					}
+				}
+			}
+			if (!$found) {
+				unset($attr_to_delete[$name]);
+			} else {
+				$entry['values']['new'][$name] = array();
+				$attr_to_delete[$name] = $name;
+			}
+		}
 	}
 }

-/* At this point, the update_array should look like this (example):
-  Array(
-	cn => Array(
-		[0] => 'Dave',
-		[1] => 'Bob')
-	sn => 'Smith',
-	telephoneNumber => '555-1234')
-  This array should be ready to be passed to ldap_modify() */
+/****************/
+/* update array */ 
+/****************/

-run_hook('post_update_array_processing',array('server_id'=>$ldapserver->server_id,
-	'dn'=>$dn,'update_array'=>$update_array));
+eval('$writer = new '.$_SESSION[APPCONFIG]->GetValue('appearance','entry_writer').'($ldapserver);');
+$writer->draw('Title',$entry['ldap']);
+$writer->draw('Subtitle',$entry['ldap']);

-if (count($update_array) > 0) {
+echo "\n\n";
+
+run_hook('pre_update_array_processing',
+	array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn']['string'],'old_values'=>$entry['values']['old'],'new_values'=>$entry['values']['new']));
+
+/***************/
+/* confirm     */ 
+/***************/
+	
+if (count($entry['values']['new']) > 0) {
 	echo '<br />';
 	echo '<center>';
 	echo _('Do you want to make these changes?');
@@ -117,52 +192,49 @@ if (count($update_array) > 0) {

 	# <!-- Commit button and acompanying form -->
 	echo "\n\n";
-	echo '<form action="update.php" method="post">';
+	echo '<form action="cmd.php" method="post">';
+	echo '<input type="hidden" name="cmd" value="update" />';
 	echo "\n";
-	echo '<table class="confirm">';
+	echo '<table class="result_table">';
 	echo "\n";

-	printf('<tr><th>%s</th><th>%s</th><th>%s</th><th>%s</th></tr>',
+	printf('<tr class="heading"><td>%s</td><td>%s</td><td>%s</td><td>%s</td></tr>',
 		_('Attribute'),_('Old Value'),_('New Value'),_('Skip'));

 	echo "\n\n";
 	$counter = 0;

-	run_hook('pre_display_update_array',array('server_id'=>$ldapserver->server_id,'dn'=>$dn,
-		'update_array'=>$update_array));
-
-	foreach ($update_array as $attr => $new_val) {
+	foreach ($entry['values']['new'] as $attr => $new_val) {
 		$counter++;

-		if (! array_key_exists($attr,$old_values) or ! array_key_exists($attr,$new_values))
-			continue;
-
 		printf('<tr class="%s">',$counter%2 ? 'even' : 'odd');
-		printf('<td><b>%s</b></td>',htmlspecialchars($attr));
-		echo '<td><nobr>';
+		echo '<td><b>';
+		echo $_SESSION[APPCONFIG]->getFriendlyHTML($attr);
+		echo '</b></td>';
+		echo '<td><span style="white-space: nowrap;">';

 		if (strcasecmp($attr,'userPassword') == 0) {
-			foreach ($old_values[$attr] as $key => $value) {
-				if (obfuscate_password_display(get_enc_type($old_values[$attr][$key])))
-					echo preg_replace('/./','*',$old_values[$attr][$key]).'<br />';
+			foreach ($entry['values']['old'][$attr] as $key => $value) {
+				if (obfuscate_password_display(get_enc_type($entry['values']['old'][$attr][$key])))
+					echo preg_replace('/./','*',$entry['values']['old'][$attr][$key]).'<br />';
 				else
-					echo nl2br(htmlspecialchars($old_values[$attr][$key])).'<br />';
+					echo nl2br(htmlspecialchars($entry['values']['old'][$attr][$key])).'<br />';
 			}

-		} elseif (is_array($old_values[$attr]))
-			foreach ($old_values[$attr] as $v)
+		} elseif (is_array($entry['values']['old'][$attr]))
+			foreach ($entry['values']['old'][$attr] as $v)
 				echo nl2br(htmlspecialchars($v)).'<br />';

 		else
-			echo nl2br(htmlspecialchars($old_values[$attr])).'<br />';
+			echo nl2br(htmlspecialchars($entry['values']['old'][$attr])).'<br />';

-		echo '</nobr></td>';
-		echo '<td><nobr>';
+		echo '</span></td>';
+		echo '<td><span style="white-space: nowrap;">';

 		# Is this a multi-valued attribute?
 		if (is_array($new_val)) {
 			if (strcasecmp($attr,'userPassword') == 0) {
-				foreach ($new_values[$attr] as $key => $value) {
+				foreach ($entry['values']['new'][$attr] as $key => $value) {
 					if (isset($new_val[$key])) {
 						if (obfuscate_password_display(get_enc_type($new_val[$key])))
 							echo preg_replace('/./','*',$new_val[$key]).'<br />';
@@ -174,70 +246,88 @@ if (count($update_array) > 0) {
 			} else {

 				foreach ($new_val as $i => $v) {
-					if ($v == '') {
-						# Remove it from the update array if it's empty
-						unset($update_array[$attr][$i]);
-						$update_array[$attr] = array_values($update_array[$attr]);
-
-					} else {
 						echo nl2br(htmlspecialchars($v)).'<br />';
-					}
 				}
 			}

-			/* was this a multi-valued attribute deletion? If so,
-			   fix the $update_array to reflect that per update_confirm.php's
-			   expectations */
-			if ($update_array[$attr] == array(0=>'') || $update_array[$attr] == array()) {
-				$update_array[$attr] = '';
+			if (! $new_val) {
 				printf('<span style="color: red">%s</span>',_('[attribute deleted]'));
 			}

-		} elseif ($new_val != '')
+		} elseif ($new_val == '')
 				printf('<span style="color: red">%s</span>',_('[attribute deleted]'));

-		echo '</nobr></td>';
+		echo '</span></td>';

- 		printf('<td><input name="skip_array[%s]" type="checkbox" /></td>',htmlspecialchars($attr));
+		$input_disabled = '';
+		if (in_array($attr, $attr_to_delete)) $input_disabled = 'disabled="disabled"';
+		$input_onclick = '';
+		if ($attr == 'objectClass' && (count($attr_to_delete) > 0)) {
+			$input_onclick = 'onclick="if (this.checked) {';
+			foreach ($attr_to_delete as $ad_name) {
+				$input_onclick .= "document.forms[0].elements['skip_array[$ad_name]'].disabled = false;";
+				$input_onclick .= "document.forms[0].elements['skip_array[$ad_name]'].checked = true;";
+			}
+			$input_onclick .= '} else {';
+			foreach ($attr_to_delete as $ad_name) {
+				$input_onclick .= "document.forms[0].elements['skip_array[$ad_name]'].checked = false;";
+				$input_onclick .= "document.forms[0].elements['skip_array[$ad_name]'].disabled = true;";
+			}
+			$input_onclick .= '}"';
+		}
+ 		printf('<td><input name="skip_array[%s]" type="checkbox" %s %s/></td>',htmlspecialchars($attr),$input_disabled,$input_onclick);
 		echo '</tr>'."\n\n";
 	}
+	echo '</table>';

-	run_hook('post_display_update_array',array('server_id'=>$ldapserver->server_id,'dn'=>$dn,
-		'update_array'=>$update_array,'index'=>$counter));
-
-	echo '</table><table class="form">';
-	echo '<tr>';
-	echo '<td>';
 	printf('<input type="hidden" name="server_id" value="%s" />',$ldapserver->server_id);
-	printf('<input type="hidden" name="dn" value="%s" />',$dn);
+	printf('<input type="hidden" name="dn" value="%s" />',$entry['dn']['string']);

-	foreach ($update_array as $attr => $val) {
-		if (is_array($val))
-			foreach($val as $i => $v)
-				printf('<input type="hidden" name="update_array[%s][%s]" value="%s" />',
-					htmlspecialchars($attr),$i,htmlspecialchars($v)); 
-		else
-			printf('<input type="hidden" name="update_array[%s]" value="%s" />',
-				htmlspecialchars($attr),htmlspecialchars($val));
+	foreach ($entry['values']['new'] as $attr => $val) {
+		if (count($val) > 0) {
+			if (is_array($val)) {
+				foreach($val as $i => $v)
+					printf('<input type="hidden" name="update_array[%s][%s]" value="%s" />',
+						htmlspecialchars($attr),$i,htmlspecialchars($v));
+			} else {
+				printf('<input type="hidden" name="update_array[%s]" value="%s" />',
+					htmlspecialchars($attr),htmlspecialchars($val));
+			}
+		} else {
+			printf('<input type="hidden" name="update_array[%s]" value="" />',
+				htmlspecialchars($attr));
+		}
 	}

-	printf('<input type="submit" value="%s" class="happy" />',_('Commit'));
-	echo '</td>';
-	echo '<td>';
-	printf('<input type="submit" name="cancel" value="%s" class="scary" />',_('Cancel'));
-	echo '</td>';
-	echo '</tr>';
-	echo '</table>';
+	echo '<br />';
+	printf('<input type="submit" value="%s" />',_('Commit'));
+	printf('<input type="submit" name="cancel" value="%s" />',_('Cancel'));
 	echo '</form>';
+
+	if (count($attr_to_delete) > 0) {
+		echo '<table class="result_table"><tr>';
+		printf('<td class="heading">%s%s</td>',_('The deletion of objectClass(es)'),_(':'));
+		printf('<td class="value"><b>%s</b></td>',implode('</b>, <b>', $oc_to_delete));
+		echo '</tr><tr>';
+		printf('<td class="heading">%s%s</td>',_('will delete the attribute(s)'),_(':'));
+		echo '<td class="value"><b>';
+		$i = 0;
+		foreach ($attr_to_delete as $attr) {
+			if ($i++ != 0) echo '</b>, <b>';
+			echo $_SESSION[APPCONFIG]->getFriendlyHTML($attr);
+		}
+		echo '</b></td></tr></table>';
+	}
+
 	echo '</center>';

 } else {
 	echo '<center>';
 	echo _('You made no changes');
-	printf(' <a href="template_engine.php?server_id=%s&amp;dn=%s">%s</a>.',
-		$ldapserver->server_id,$encoded_dn,_('Go back'));
+	$href = sprintf('cmd.php?cmd=template_engine&server_id=%s&dn=%s',
+		 $ldapserver->server_id,$entry['dn']['encode']);
+
+	printf(' <a href="%s">%s</a>.',htmlspecialchars($href),_('Go back'));
 	echo '</center>';
 }
-
-echo '</body>';
 ?>
--- a/htdocs/view_jpeg_photo.php
+++ b/htdocs/view_jpeg_photo.php
@@ -1,5 +1,5 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/view_jpeg_photo.php,v 1.9.4.2 2005/12/08 11:58:14 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/view_jpeg_photo.php,v 1.11.2.1 2007/12/26 09:26:32 wurley Exp $

 /**
 * @package phpLDAPadmin
@@ -9,25 +9,29 @@

 require './common.php';

-$file = $_GET['file'];
+$file['name'] = get_request('file','GET');

 /* Security check (we don't want anyone tryting to get at /etc/passwd or something)
-   Slashes and dots are not permitted in these names.*/
-if (! preg_match('/^pla/',$file) || preg_match('/[\.\/\\\\]/',$file))
-	pla_error(sprintf('%s %s',_('Unsafe file name: '),htmlspecialchars($file)));
+ * Slashes and dots are not permitted in these names.
+ */
+if (! preg_match('/^pla/',$file['name']) || preg_match('/[\.\/\\\\]/',$file['name']))
+	pla_error(sprintf('%s: %s',_('Unsafe file name'),htmlspecialchars($file['name'])));

 /* Little security measure here (prevents users from accessing
   files, like /etc/passwd for example).*/
-$file = basename(addcslashes($file,'/\\'));
-$file = sprintf('%s/%s',$config->GetValue('jpeg','tmpdir'),$file);
-if (! file_exists($file))
-	pla_error(sprintf('%s %s',_('No such file: '),htmlspecialchars($_GET['file'])));
+$file['name'] = basename(addcslashes($file['name'],'/\\'));
+$file['name'] = sprintf('%s/%s',$_SESSION[APPCONFIG]->GetValue('jpeg','tmpdir'),$file['name']);
+if (! file_exists($file['name']))
+	pla_error(sprintf('%s%s %s',_('No such file'),_(':'),htmlspecialchars($file['name'])));

-$f = fopen($file,'r');
-$jpeg = fread($f,filesize($file));
-fclose($f);
+$file['handle'] = fopen($file['name'],'r');
+$file['data'] = fread($file['handle'],filesize($file['name']));
+fclose($file['handle']);
+
+if (ob_get_level())
+	ob_clean();

 Header('Content-type: image/jpeg');
 Header('Content-disposition: inline; filename=jpeg_photo.jpg');
-echo $jpeg;
+echo $file['data'];
 ?>
--- a/htdocs/welcome.php
+++ b/htdocs/welcome.php
@@ -1,38 +1,45 @@
 <?php
-// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/welcome.php,v 1.24.4.2 2005/12/08 11:58:14 wurley Exp $
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/welcome.php,v 1.26.2.2 2007/12/26 09:26:32 wurley Exp $

 /**
 * @package phpLDAPadmin
 */
+
 /**
+ * Show a simple welcome page.
 */
+
 require './common.php';
-include './header.php';

-# Close the session for faster page loading
-pla_session_close();
+echo '<center>';
+echo '<br /><br />';
+printf('<img src="images/logo.jpg" title="%s" alt="%s" />',_('phpLDAPadmin logo'),_('phpLDAPadmin logo'));
+echo '<br /><br />';
+echo _('Use the menu to the left to navigate');
+echo '<br /><br />';
+
+$links = '';
+
+if ($_SESSION[APPCONFIG]->isCommandAvailable('external_links')) {
+	if ($_SESSION[APPCONFIG]->isCommandAvailable('external_links', 'credits')) {
+		$links .= sprintf('<a href="%s" target="new">%s</a>',get_href('credits'),_('Credits'));
+	}
+
+	if ($_SESSION[APPCONFIG]->isCommandAvailable('external_links', 'help')) {
+		if ($links) $links .= ' | ';
+		$links .= sprintf('<a href="%s" target="new">%s</a>',get_href('documentation'),_('Documentation'));
+	}
+
+	if ($_SESSION[APPCONFIG]->isCommandAvailable('external_links', 'donation')) {
+		if ($links) $links .= ' | ';
+		$links .= sprintf('<a href="%s" target="new">%s</a>',get_href('donate'),_('Donate'));
+	}
+}
+
+if ($links) {
+	echo $links;
+	echo '<br /><br />';
+}
+
+echo '</center>';
 ?>
-
-<body>
-<center>
-<br />
-<br />
-<br />
-<img src="images/logo.jpg" title="<?php echo _('phpLDAPadmin logo'); ?>" alt="<?php echo _('phpLDAPadmin logo'); ?>" />
-<br />
-<br />
-<?php echo _('Use the menu to the left to navigate'); ?>
-<br />
-<br />
-<br />
-<br />
-
-<?php if (! $config->GetValue('appearance','hide_configuration_management')) { ?>
-<a href="<?php echo get_href('credits'); ?>"><?php echo _('Credits'); ?></a> |
-<a href="<?php echo get_href('documentation'); ?>"><?php echo _('Documentation'); ?></a> |
-<a href="<?php echo get_href('donate'); ?>"><?php echo _('Donate'); ?></a>
-<?php } ?>
-
-</center>
-</body>
-</html>
--- a/index.php
+++ b/index.php
@@ -1,4 +1,11 @@
 <?php
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/index.php,v 1.2.2.1 2007/12/21 12:11:55 wurley Exp $
+
+/**
+ * @package phpLDAPadmin
+ */
+
 # You should secure your PLA by making the htdocs/ your docroot.
 header('Location: htdocs/index.php');
+die();
 ?>
--- a/lib/AJAXTree.php
+++ b/lib/AJAXTree.php
@@ -0,0 +1,375 @@
+<?php
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/lib/AJAXTree.php,v 1.2 2007/12/15 07:50:31 wurley Exp $
+
+/**
+ * @package phpLDAPadmin
+ * @author The phpLDAPadmin development team
+ * @author Xavier Bruyet
+ */
+class AJAXTree extends PLMTree {
+	/**
+	 * draw a node of the tree
+	 * @param $level a string of 0 and 1 ; $level == "000101" will draw "   | |<node>"
+	 * @param $first_child is this the first child ?
+	 * @param $last_child is this the last child ?
+	 */
+	protected function draw_dn($dn,$level=0,$first_child=true,$last_child=true) {
+		if (DEBUG_ENABLED)
+			debug_log('Entered with (%s,%s)',33,__FILE__,__LINE__,__METHOD__,$dn,$level);
+
+		$ldapserver = $this->getLdapServer();
+
+		# level pre-treatment
+		$code = '';
+		if (is_string($level)) {
+			for ($i=0; $i<strlen($level); $i++) {
+				if ($level[$i] == '0') {
+					$code .= '0';
+
+				} elseif ($level[$i] == '1') {
+					$code .= '1';
+				}
+			}
+
+		} elseif ($level > 0) {
+			$code = '0' * $level;
+		}
+		$level = strlen($code);
+
+		# get entry to display as node
+		$entry = $this->getEntry($dn);
+		if (! $entry) {
+			$this->addEntry($dn);
+			$entry = $this->getEntry($dn);
+		}
+
+		if (! $entry)
+			return '';
+
+		# some informations
+		$rdn = $entry->getRdn();
+		$encoded_dn = rawurlencode($dn);
+		$formatted_dn = $this->get_formatted_dn($entry,$level-1);
+		$child_count = $this->get_children_number($entry);
+
+		$nb = 0;
+		if ($first_child) $nb += 1;
+		if ($last_child) $nb += 2;
+
+		# informations array[$nb]
+		# nb == 1 => the node is the first child
+		# nb == 2 => the node is the last child
+		# nb == 3 => the node is the unique child
+		# nb == 0 => the node is a child
+		$expand_imgs = array('js/phplayersmenu/menuimages/tree_expand.png', 'js/phplayersmenu/menuimages/tree_expand.png', 'js/phplayersmenu/menuimages/tree_expand_corner.png', ($level > 0) ? 'js/phplayersmenu/menuimages/tree_expand_corner.png' : 'js/phplayersmenu/menuimages/tree_expand_corner_first.png');
+		$collapse_imgs = array('js/phplayersmenu/menuimages/tree_collapse.png', 'js/phplayersmenu/menuimages/tree_collapse.png', 'js/phplayersmenu/menuimages/tree_collapse_corner.png', ($level > 0) ? 'js/phplayersmenu/menuimages/tree_collapse_corner.png' : 'js/phplayersmenu/menuimages/tree_collapse_corner_first.png');
+		$tree_imgs = array('js/phplayersmenu/menuimages/tree_split.png', 'js/phplayersmenu/menuimages/tree_split.png', 'js/phplayersmenu/menuimages/tree_corner.png', 'js/phplayersmenu/menuimages/tree_corner.png');
+		$new_code = array('1', '1', '0', '0');
+
+		# links
+		$edit_href_params = htmlspecialchars(sprintf('cmd=template_engine&server_id=%s&dn=%s',$this->server_id,$encoded_dn));
+		$edit_href = "cmd.php?$edit_href_params";
+		$openclose_params = htmlspecialchars(sprintf('server_id=%s&dn=%s&code=%s',$this->server_id,$encoded_dn,$code.$new_code[$nb]));
+
+		# each node has a unique id based on dn
+		$node_id = 'node'.base64_encode($ldapserver->server_id.'-'.$dn);
+		$node_id = str_replace('=','_',$node_id);
+
+		if ($level == 0)
+			printf('<tr><td class="spacer"></td><td colspan="%s">',$this->getDepth()+3-1);
+
+		printf('<div id="jt%s" class="treemenudiv">',$node_id);
+		echo $this->get_indentation($code);
+
+		if ($entry->isOpened()) {
+			if (! $child_count) {
+				echo '<img align="top" border="0" class="imgs" id="jt'.$node_id.'node" src="'.$tree_imgs[$nb].'" alt="--" />';
+			} else {
+				echo '<a href="#" onclick="return opencloseTreeNode(\''.$node_id.'\',\''.$openclose_params.'\');">';
+				echo '<img align="top" border="0" class="imgs" id="jt'.$node_id.'node" src="'.$collapse_imgs[$nb].'" alt="+-" />';
+				echo '</a>';
+			}
+
+		} else {
+			if (($child_count !== false) && (!$child_count)/* && (!$ldapserver->isShowCreateEnabled())*/) {
+				echo '<img align="top" border="0" class="imgs" id="jt'.$node_id.'node" src="'.$tree_imgs[$nb].'" alt="--" />';
+			} else {
+				echo '<a href="#" onclick="return opencloseTreeNode(\''.$node_id.'\',\''.$openclose_params.'\');">';
+				echo '<img align="top" border="0" class="imgs" id="jt'.$node_id.'node" src="'.$expand_imgs[$nb].'" alt="+-" />';
+				echo '</a>';
+			}
+		}
+
+		echo '<a href="'.$edit_href.'" onclick="return displayMainPage(\''.$edit_href_params.'\');" title="'.$dn.'" >';
+		echo '<img align="top" border="0" class="imgs" id="jt'.$node_id.'folder" src="images/'.$entry->getIcon($ldapserver).'" alt="->" />';
+		echo '</a>';
+		echo '&nbsp;';
+		echo '<a href="'.$edit_href.'" onclick="return displayMainPage(\''.$edit_href_params.'\');" title="'.$dn.'" class="phplm">';
+		echo $formatted_dn;
+		echo ($child_count ? ' ('.$child_count.')' : '');
+		echo '</a>';
+		echo '</div>';
+		echo '<div id="jt'.$node_id.'son" style="display: '.($entry->isOpened() ? 'block' : 'none').'" class="treemenudiv">';
+		if ($entry->isOpened()) {
+			$this->draw_children($entry,$code.$new_code[$nb]);
+		}
+		echo '</div>';
+
+		if ($level == 0) {
+			echo '</td></tr>';
+		}
+	}
+
+	public function draw_children($parent_entry,$code) {
+		if (DEBUG_ENABLED)
+			debug_log('Entered with (%s,%s)',33,__FILE__,__LINE__,__METHOD__,$parent_entry,$code);
+
+		$children = array();
+		foreach($parent_entry->getChildren() as $childDn)
+			$children[] = $this->getEntry($childDn);
+
+		$first_child = $this->get_plm_before_first_child($parent_entry,$code);
+		$last_child = $this->get_plm_after_last_child($parent_entry,$code);
+
+		echo $first_child;
+
+		for ($i=0; $i<count($children); $i++) {
+			$first = ($i == 0) && (! $first_child);
+			$last = ($i == (count($children)-1)) && (! $last_child);
+
+			$this->draw_dn($children[$i]->getDn(),$code,$first,$last);
+		}
+
+		echo $last_child;
+	}
+
+	/**
+	 * return the indentation bafore a node
+	 * @param $code a string of 0 and 1 ; $code == "000101" will return "   | |"
+	 */
+	protected function get_indentation($code) {
+		$indent = '';
+		for ($i=0; $i<strlen($code); $i++) {
+			if ($code[$i] == '0') {
+				$indent .= '<img align="top" border="0" class="imgs" src="js/phplayersmenu/menuimages/tree_space.png" alt="  " />';
+
+			} elseif ($code[$i] == '1') {
+				$indent .= '<img align="top" border="0" class="imgs" src="js/phplayersmenu/menuimages/tree_vertline.png" alt="| " />';
+			}
+		}
+
+		return $indent;
+	}
+
+	protected function draw_javascript() {
+		echo '
+		<script type="text/javascript" language="javascript" src="js/phplayersmenu/libjs/layersmenu-browser_detection.js"></script>
+		<script type="text/javascript" language="javaScript">
+		<!--
+		var collapsedNodes = new Array();
+		var nodeLayer = null;
+		var sonLayer = null;
+		var oldstyle = \'\';
+		var newstyle = \'\';
+		var oldimg = \'\';
+		var newimg = \'\';
+		function readCollapsedNodes() {
+			collapsedNodes = new Array();
+			cn = document.cookie.split(\'collapsedNodes=\');
+			if (cn.length < 2) return;
+			vl = cn[1];
+			if (vl.indexOf(\';\') != -1) {
+				vl = vl.split(\';\');
+				vl = vl[0];
+			}
+			if (vl) {
+				collapsed = vl.split(\'|\');
+				for (i = 0; i < collapsed.length; i++) {
+					collapsedNodes[i] = collapsed[i];
+				}
+			}
+		}
+		function writeCollapsedNodes() {
+			document.cookie = \'collapsedNodes=\' + collapsedNodes.join(\'|\') + \';path=/\';
+		}
+		function addCollapsedNode(nodeId) {
+			for (i = 0; i < collapsedNodes.length; i++) {
+				if (collapsedNodes[i] == nodeId) return;
+			}
+			collapsedNodes[collapsedNodes.length] = nodeId;
+			writeCollapsedNodes();
+		}
+		function delCollapsedNode(nodeId) {
+			newCollapsedNodes = new Array();
+			j = 0;
+			for (i = 0; i < collapsedNodes.length; i++) {
+				if (collapsedNodes[i] != nodeId) {
+					newCollapsedNodes[j++] = collapsedNodes[i];
+				}
+			}
+			collapsedNodes = newCollapsedNodes;
+			writeCollapsedNodes();
+		}
+		function updateNewStyle() {
+			nodeLayer.src = newimg;
+			sonLayer.style.display = newstyle;
+		}
+		function cancelNewStyle() {
+			nodeLayer.src = oldimg;
+			sonLayer.style.display = oldstyle;
+		}
+		function alertTreeNodeContents(html) {
+			//alert(html);
+			if (html.replace(/(^\s*)|(\s*$)/g, \'\')) {
+				includeHTML(sonLayer, html);
+			}
+			updateNewStyle();
+		}
+		function opencloseTreeNode(nodeid, params) {
+			cancelHttpRequest(); // cancel last request
+
+			// get the node element
+			if ((!DOM || Opera56 || Konqueror22) && !IE4) return;
+			if (!IE4) {
+				sonLayer = document.getElementById(\'jt\' + nodeid + \'son\');
+				nodeLayer = document.getElementById(\'jt\' + nodeid + \'node\');
+				//folderLayer = document.getElementById(\'jt\' + nodeid + \'folder\');
+			} else {
+				sonLayer = document.all(\'jt\' + nodeid + \'son\');
+				nodeLayer = document.all(\'jt\' + nodeid + \'node\');
+				//folderLayer = document.all(\'jt\' + nodeid + \'folder\');
+			}
+			if (!sonLayer || !nodeLayer) return false;
+
+			// update global variables
+			oldstyle = sonLayer.style.display;
+			oldimg = nodeLayer.src;
+			var action = 0; // (action = 1) => expand ; (action = 2) => collapse
+			if (oldimg.indexOf(\'js/phplayersmenu/menuimages/tree_expand.png\') > -1) {
+				newimg = \'js/phplayersmenu/menuimages/tree_collapse.png\';
+				action = 1;
+			} else if (oldimg.indexOf(\'js/phplayersmenu/menuimages/tree_expand_first.png\') > -1) {
+				newimg = \'js/phplayersmenu/menuimages/tree_collapse_first.png\';
+				action = 1;
+			} else if (oldimg.indexOf(\'js/phplayersmenu/menuimages/tree_expand_corner.png\') > -1) {
+				newimg = \'js/phplayersmenu/menuimages/tree_collapse_corner.png\';
+				action = 1;
+			} else if (oldimg.indexOf(\'js/phplayersmenu/menuimages/tree_expand_corner_first.png\') > -1) {
+				newimg = \'js/phplayersmenu/menuimages/tree_collapse_corner_first.png\';
+				action = 1;
+			} else if (oldimg.indexOf(\'js/phplayersmenu/menuimages/tree_collapse.png\') > -1) {
+				newimg = \'js/phplayersmenu/menuimages/tree_expand.png\';
+				action = 2;
+			} else if (oldimg.indexOf(\'js/phplayersmenu/menuimages/tree_collapse_first.png\') > -1) {
+				newimg = \'js/phplayersmenu/menuimages/tree_expand_first.png\';
+				action = 2;
+			} else if (oldimg.indexOf(\'js/phplayersmenu/menuimages/tree_collapse_corner.png\') > -1) {
+				newimg = \'js/phplayersmenu/menuimages/tree_expand_corner.png\';
+				action = 2;
+			} else if (oldimg.indexOf(\'js/phplayersmenu/menuimages/tree_collapse_corner_first.png\') > -1) {
+				newimg = \'js/phplayersmenu/menuimages/tree_expand_corner_first.png\';
+				action = 2;
+			}
+			//folderLayer.src = \'js/phplayersmenu/menuimages/tree_folder_open.png\';
+			//folderLayer.src = \'js/phplayersmenu/menuimages/tree_folder_closed.png\';
+			nodeLayer.src = \'images/ajax-spinner.gif\';
+
+			// perform action
+			if (action == 2) {
+				newstyle = \'none\';
+				//makeGETRequest(\'cmd.php\', params+\'&cmd=draw_tree_node&action=0\', \'alertTreeNodeContents\', \'cancelNewStyle\');
+				updateNewStyle();
+				addCollapsedNode(nodeid);
+			} else if (action == 1) {
+				newstyle = \'block\';
+				if (sonLayer.innerHTML == \'\') {
+					makeGETRequest(\'cmd.php\', params+\'&cmd=draw_tree_node&action=1\', \'alertTreeNodeContents\', \'cancelNewStyle\');
+				} else {
+					//makeGETRequest(\'cmd.php\', params+\'&cmd=draw_tree_node&action=2\', \'alertTreeNodeContents\', \'cancelNewStyle\');
+					updateNewStyle();
+				}
+				delCollapsedNode(nodeid);
+			}
+			return false;
+		}
+		function getMainPageDiv() {
+			if (!IE4) {
+				return document.getElementById(\'main_page\');
+			} else {
+				return document.all(\'main_page\');
+			}
+		}
+		function alertMainPage(html) {
+			//alert(html);
+			var mainPageDiv = getMainPageDiv();
+			if (mainPageDiv) includeHTML(mainPageDiv, html);
+		}
+		function cancelMainPage() {
+			var mainPageDiv = getMainPageDiv();
+			if (mainPageDiv) includeHTML(mainPageDiv, \'\');
+		}
+		function displayMainPage(urlParameters) {
+			var mainPageDiv = getMainPageDiv();
+			if (mainPageDiv) includeHTML(mainPageDiv, \'<img src="images/ajax-progress.gif"><br><small>'._('Retrieving DN').'...<\/small>\');
+			makeGETRequest(\'cmd.php\', urlParameters+\'&meth=get_body\', \'alertMainPage\', \'cancelMainPage\');
+			return false;
+		}
+
+		// close initial collapsed nodes
+		readCollapsedNodes();
+		for (k = 0; k < collapsedNodes.length; k++) {
+			opencloseTreeNode(collapsedNodes[k], \'#\');
+		}
+		// -->
+		</script>';
+	}
+
+	protected function get_plm_before_first_child($entry,$level) {
+		if (strlen($level) == 0) return '';
+
+		$ldapserver = $this->getLdapServer();
+		$output = '';
+
+		if (!$ldapserver->isReadOnly() && ($entry->getChildrenNumber() > 10) && ($ldapserver->isShowCreateEnabled())) {
+			$encoded_dn = rawurlencode($entry->getDn());
+			$href = sprintf('cmd.php?cmd=template_engine&server_id=%s&container=%s',$ldapserver->server_id,$encoded_dn);
+
+			$output .= $this->get_indentation($level);
+			$output .= '<img align="top" border="0" class="imgs" src="js/phplayersmenu/menuimages/tree_split.png" alt="--" />';
+			$output .= '<a href="'.htmlspecialchars($href).'" title="'.$entry->getDn().'">';
+			$output .= '<img align="top" border="0" class="imgs" src="images/star.png" alt="->" />';
+			$output .= '</a>';
+			$output .= '&nbsp;';
+			$output .= '<a href="'.htmlspecialchars($href).'" title="'._('Create new entry here').'" class="phplm">';
+			$output .= _('Create new entry here');
+			$output .= '</a>';
+		}
+
+		return $output;
+	}
+
+	protected function get_plm_after_last_child($entry,$level) {
+		if (strlen($level) == 0) return '';
+
+		$ldapserver = $this->getLdapServer();
+		$output = '';
+
+		if (!$ldapserver->isReadOnly() && !$entry->isLeaf() && $ldapserver->isShowCreateEnabled()) {
+			$encoded_dn = rawurlencode($entry->getDn());
+			$href = sprintf('cmd.php?cmd=template_engine&server_id=%s&container=%s',$ldapserver->server_id,$encoded_dn);
+
+			$output .= $this->get_indentation($level);
+			$output .= '<img align="top" border="0" class="imgs" src="js/phplayersmenu/menuimages/tree_corner.png" alt="--" />';
+			$output .= '<a href="'.htmlspecialchars($href).'" title="'.$entry->getDn().'">';
+			$output .= '<img align="top" border="0" class="imgs" src="images/star.png" alt="->" />';
+			$output .= '</a>';
+			$output .= '&nbsp;';
+			$output .= '<a href="'.htmlspecialchars($href).'" title="'._('Create new entry here').'" class="phplm">';
+			$output .= _('Create new entry here');
+			$output .= '</a>';
+		}
+
+		return $output;
+	}
+}
+?>
--- a/lib/Attribute.php
+++ b/lib/Attribute.php
@@ -0,0 +1,272 @@
+<?php
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/lib/Attribute.php,v 1.2.2.2 2007/12/26 09:26:32 wurley Exp $
+
+/**
+ * @package phpLDAPadmin
+ * @author Xavier Bruyet
+ *
+ * Represents an attribute of a entry
+ */
+class Attribute {
+	private $name;
+	private $values;
+
+	# min/max number of values
+	protected $min_value_count;
+	protected $max_value_count;
+
+	# The entry in which the attribute is
+	protected $entry;
+
+	# Is the attribute internal
+	protected $internal;
+
+	# Has the attribute been modified
+	protected $modified;
+
+	# Is the attribute visible
+	protected $visible;
+
+	# Is the attribute modifiable
+	protected $readonly;
+
+	# Display parameters
+	protected $friendly_name;
+	protected $description;
+	protected $icon;
+	protected $hint;
+
+	protected $size;	# Component size
+	protected $maxlength;	# Value max length
+
+	protected $properties;
+	
+	public function __construct($name, $values) {
+		$this->name = $name;
+
+		if (is_string($values) && (strlen($values) > 0)) $this->values = array($values);
+		elseif (is_array($values)) $this->values = $values;
+		else $this->values = array();
+
+		$this->min_value_count = -1;
+		$this->max_value_count = -1;
+
+		$this->entry = null;
+		$this->internal = false;
+		$this->modified = false;
+		$this->visible = true;
+		$this->readonly = false;
+
+		$this->friendly_name = '';
+		$this->description = '';
+		$this->icon = '';
+		$this->hint = '';
+
+		$this->size = 0;
+		$this->maxlength = 0;
+
+		$this->properties = array();
+	}
+
+	public function getName() {
+		return $this->name;
+	}
+
+	public function getValues() {
+		return $this->values;
+	}
+
+	public function getValueCount() {
+		return count($this->values);
+	}
+
+	public function addValue($new_val, $i = -1) {
+		if ($i < 0) $i = $this->getValueCount();
+		$old_val = $this->getValue($i);
+		if (is_null($old_val) || ($old_val != $new_val)) $this->justModified();
+		$this->values[$i] = $new_val;
+	}
+
+	public function getValue($i) {
+		if (isset($this->values[$i])) return ''.$this->values[$i];
+		else return null;
+	}
+
+	public function getMinValueCount() {
+		return $this->min_value_count;
+	}
+
+	public function setMinValueCount($min) {
+		$this->min_value_count = $min;
+	}
+
+	public function getMaxValueCount() {
+		return $this->max_value_count;
+	}
+
+	public function setMaxValueCount($max) {
+		$this->max_value_count = $max;
+	}
+
+	public function getEntry() {
+		return $this->entry;
+	}
+
+	public function setEntry($entry) {
+		$this->entry = $entry;
+
+		global $ldapserver;
+		$schema_attr = null;
+		if ($entry) {
+			$schema_attr = $ldapserver->getSchemaAttribute($this->getName(), $entry->getDn());
+		}
+		if ($schema_attr && $schema_attr->getIsSingleValue()) {
+			$this->setMaxValueCount(1);
+		}
+	}
+
+	public function justModified() {
+		$this->modified = true;
+	}
+
+	public function hasBeenModified() {
+		return $this->modified;
+	}
+
+	public function isInternal() {
+		return $this->internal;
+	}
+
+	public function setInternal() {
+		$this->internal = true;
+	}
+
+	public function isRequired() {
+		if ($this->getMinValueCount() > 0) {
+			return true;
+		} elseif ($this->isRdn()) {
+			return true;
+		} else {
+			return false;
+		}
+	}
+
+	public function setRequired() {
+		if ($this->getMinValueCount() <= 0) {
+			$this->setMinValueCount(1);
+		}
+	}
+
+	public function setOptional() {
+		$this->setMinValueCount(0);
+	}
+
+	public function isReadOnly() {
+		return $this->readonly;
+	}
+
+	public function setReadOnly() {
+		$this->readonly = true;
+	}
+
+	public function isVisible() {
+		return $this->visible;
+	}
+
+	public function hide() {
+		$this->visible = false;
+	}
+
+	public function show() {
+		$this->visible = true;
+	}
+
+	public function setFriendlyName($name) {
+		if ($name != $this->name) {
+			$this->friendly_name = $name;
+		}
+	}
+
+	public function getFriendlyName() {
+		if ($this->friendly_name)
+			return $this->friendly_name;
+		else
+			return $_SESSION[APPCONFIG]->getFriendlyName(real_attr_name($this->name));
+	}
+
+	public function setDescription($description) {
+		$this->description = $description;
+	}
+
+	public function getDescription() {
+		return $this->description;
+	}
+
+	public function setIcon($icon) {
+		$this->icon = $icon;
+	}
+
+	public function getIcon() {
+		return $this->icon;
+	}
+
+	public function getHint() {
+		return $this->hint;
+	}
+
+	public function setHint($hint) {
+		$this->hint = $hint;
+	}
+
+	public function getMaxLength() {
+		return $this->maxlength;
+	}
+
+	public function setMaxLength($maxlength) {
+		$this->maxlength = $maxlength;
+	}
+
+	public function getSize() {
+		return $this->size;
+	}
+
+	public function setSize($size) {
+		$this->size = $size;
+	}
+
+	public function setProperty($name, $value) {
+		$this->properties[$name] = $value;
+	}
+
+	public function delProperty($name) {
+		if ($this->hasProperty($name)) unset($this->properties[$name]);
+	}
+
+	public function hasProperty($name) {
+		return isset($this->properties[$name]);
+	}
+
+	public function getProperty($name) {
+		if ($this->hasProperty($name)) return $this->properties[$name];
+		else return null;
+	}
+
+	public function isRdn() {
+		if ($this->entry) {
+			//$rdn = get_rdn($this->entry->getDn());
+    			//$attr = $this->name;
+			//return preg_match("/^${attr}=/", $rdn);
+			return ($this->name == $this->entry->getRdnAttributeName());
+		} else {
+			return false;
+		}
+	}
+
+	/**
+	 * Visit the attribute
+	 */
+	public function accept($visitor) {
+		$visitor->visit('', $this);
+	}
+}
+?>
--- a/lib/AttributeFactory.php
+++ b/lib/AttributeFactory.php
@@ -0,0 +1,104 @@
+<?php
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/lib/AttributeFactory.php,v 1.2.2.1 2007/12/26 09:26:33 wurley Exp $
+
+/**
+ * @package phpLDAPadmin
+ * @author Xavier Bruyet
+ *
+ * Allows to create new attributes
+ */
+class AttributeFactory {
+	public function newAttribute($name,$values) {
+		global $ldapserver;
+
+		if (! strcasecmp($name,'objectClass')) {
+			return $this->newObjectClassAttribute($name,$values);
+
+		} elseif ($ldapserver->isJpegPhoto($name)) {
+			return $this->newJpegAttribute($name,$values);
+
+		} else if ($ldapserver->isAttrBinary($name)) {
+			return $this->newBinaryAttribute($name,$values);
+
+		} else if (! strcasecmp($name,'userPassword')) {
+			return $this->newPasswordAttribute($name,$values);
+
+		} else if (! strcasecmp($name,'sambaLMPassword') || ! strcasecmp($name,'sambaNTPassword')) {
+			return $this->newSambaPasswordAttribute($name,$values);
+
+		} elseif (in_array_ignore_case($name,array_keys($_SESSION[APPCONFIG]->GetValue('appearance','date_attrs')))) {
+			return $this->newDateAttribute($name,$values);
+
+		} elseif (in_array(strtolower($name),array('shadowlastchange','shadowmin',
+				'shadowmax','shadowexpire','shadowwarning','shadowinactive'))) {
+			return $this->newShadowAttribute($name,$values);
+
+		} elseif ($ldapserver->isAttrBoolean($name)) {
+			$attribute = $this->newSelectionAttribute($name,$values);
+			$attribute->addOption('TRUE',_('true'));
+			$attribute->addOption('FALSE',_('false'));
+			return $attribute;
+
+		} elseif ($ldapserver->isDNAttr($name)) {
+			return $this->newDnAttribute($name,$values);
+
+		} elseif ($ldapserver->isMultiLineAttr($name)) {
+			return $this->newMultiLineAttribute($name,$values);
+
+		} elseif (! strcasecmp($name,'gidNumber')) {
+			return $this->newGidAttribute($name,$values);
+
+		} else {
+			return new Attribute($name,$values);
+		}
+	}
+
+	public function newJpegAttribute($name,$values) {
+		return new JpegAttribute($name,$values);
+	}
+
+	public function newBinaryAttribute($name,$values) {
+		return new BinaryAttribute($name,$values);
+	}
+
+	public function newPasswordAttribute($name,$values) {
+		return new PasswordAttribute($name,$values);
+	}
+
+	public function newSambaPasswordAttribute($name,$values) {
+		return new SambaPasswordAttribute($name,$values);
+	}
+
+	public function newRandomPasswordAttribute($name,$values) {
+		return new RandomPasswordAttribute($name,$values);
+	}
+
+	public function newShadowAttribute($name,$values) {
+		return new ShadowAttribute($name,$values);
+	}
+
+	public function newSelectionAttribute($name,$values) {
+		return new SelectionAttribute($name,$values);
+	}
+
+	public function newMultiLineAttribute($name,$values) {
+		return new MultiLineAttribute($name,$values);
+	}
+
+	public function newDateAttribute($name,$values) {
+		return new DateAttribute($name,$values);
+	}
+
+	public function newObjectClassAttribute($name,$values) {
+		return new ObjectClassAttribute($name,$values);
+	}
+
+	public function newDnAttribute($name,$values) {
+		return new DnAttribute($name,$values);
+	}
+
+	public function newGidAttribute($name,$values) {
+		return new GidAttribute($name,$values);
+	}
+}
+?>
--- a/lib/BinaryAttribute.php
+++ b/lib/BinaryAttribute.php
@@ -0,0 +1,55 @@
+<?php
+// $Header: /cvsroot/phpldapadmin/phpldapadmin/lib/BinaryAttribute.php,v 1.2 2007/12/15 07:50:32 wurley Exp $
+
+/**
+ * @package phpLDAPadmin
+ * @author Xavier Bruyet
+ *
+ * Represents an attribute whose values are binaries
+ */
+class BinaryAttribute extends Attribute {
+	protected $filepaths;
+	protected $filenames;
+
+	public function __construct($name, $values) {
+		parent::__construct($name, $values);
+
+		$this->filepaths = array();
+		$this->filenames = array();
+	}
+
+	public function getFileNames() {
+		return $this->filenames;
+	}
+
+	public function getFileName($i) {
+		if (isset($this->filenames[$i])) return $this->filenames[$i];
+		else return null;
+	}
+
+	public function addFileName($name, $i = -1) {
+		if ($i < 0) {
+			$this->filenames[] = $name;
+		} else {
+			$this->filenames[$i] = $name;
+		}
+	}
+
+	public function getFilePaths() {
+		return $this->filepaths;
+	}
+
+	public function getFilePath($i) {
+		if (isset($this->filepaths[$i])) return $this->filepaths[$i];
+		else return null;
+	}
+
+	public function addFilePath($path, $i = -1) {
+		if ($i < 0) {
+			$this->filepaths[] = $path;
+		} else {
+			$this->filepaths[$i] = $path;
+		}
+	}
+}
+?>
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Deon George	d5f4f91f1b	RELEASE 1.1.0.5	2009-06-30 21:51:50 +10:00
Deon George	d5b4aa54ea	RELEASE 1.1.0.4	2009-06-30 21:50:46 +10:00
Deon George	23a33eef99	RELEASE 1.1.0.3	2009-06-30 21:48:22 +10:00
Deon George	5c88e0a098	RELEASE 1.1.0.2	2009-06-30 21:46:44 +10:00
Deon George	f990f72eb5	RELEASE 1.1.0.1	2009-06-30 20:46:41 +10:00
Deon George	dd581eb5c8	RELEASE 1.1.0	2009-06-30 20:46:00 +10:00
Deon George	a08bc4e9e1	RELEASE 1.0.2	2009-06-30 20:41:18 +10:00
Deon George	5f261ded38	RELEASE 1.0.1	2009-06-30 20:40:33 +10:00
Deon George	eccabca011	RELEASE 1.0.0	2009-06-30 20:40:03 +10:00
Deon George	c3713350e2	RELEASE 0.9.8.5	2009-06-30 20:28:51 +10:00
Deon George	c131e8b479	RELEASE 0.9.8.4	2009-06-30 20:28:19 +10:00
Deon George	a01f7c8289	RELEASE 0.9.8.3	2009-06-30 20:27:56 +10:00
Deon George	7741110caf	RELEASE 0.9.8.2	2009-06-30 20:27:11 +10:00
Deon George	abc62c7fdc	RELEASE 0.9.8.1	2009-06-30 20:26:45 +10:00