<?php // $Header: /cvsroot/phpldapadmin/phpldapadmin/search.php,v 1.58 2004/12/10 04:43:17 uugdave Exp $ /* * search.php * Perform LDAP searches and draw the advanced/simple search forms * * Variables that come in as GET vars: * - server_id * - search (true if performing a search, empty to just draw form) * For simple searches: * - attribute, criterion, filter * For advanced searches: * - base_dn, scope, filter */ require './common.php'; // try to get an available server_id if one is not provided if( ! isset( $_GET['server_id'] ) ) $server_id = get_avail_server_id(); else { $server_id = $_GET['server_id']; check_server_id( $server_id ) or pla_error( $lang['bad_server_id'] ); } // Output format, table or list? $result_formats = array( 'list', 'table' ); $format = isset( $_GET['format'] ) ? $_GET['format'] : get_default_search_display(); if( ! in_array( $format, $result_formats ) ) $format = 'list'; $js_on_change_string =''; if( isset( $_GET['form'] ) && $_GET['form'] == 'advanced' ) $js_on_change_string = 'onChange="document.forms[0].base_dn.value=servers[document.forms[0].server_id.value].getBaseDn()"'; // build the server drop-down html and JavaScript array (for base_dns) $server_info_list =array(); $server_menu_html = ''; if (count($servers)>1){ $server_menu_html = '<select style="width: 200px" name="server_id" '.$js_on_change_string.'>'; foreach( $servers as $id => $server ) { $base_dn = $server['base'] ? $server['base'] : try_to_get_root_dn( $id ); $server_info_list[$id]['id'] = $id; $server_info_list[$id]['name'] = $server['name']; $server_info_list[$id]['base_dn'] = $base_dn; if( $server['host'] ) { $server_menu_html .= '<option value="'.$id.'"' . ( $id==$server_id? ' selected="true"' : '' ) . '>'; $server_menu_html .= $server['name'] . '</option>'; } } $server_menu_html .= '</select>'; } else { $server = reset($servers); $id = key($servers); $base_dn = $server['base'] ? $server['base'] : try_to_get_root_dn( $id ); $server_info_list[$id]['id'] = $id; $server_info_list[$id]['name'] = $server['name']; $server_info_list[$id]['base_dn'] = $base_dn; if( $server['host'] ) $server_menu_html .= '<input type="hidden" name="server_id" value="'.$id.'" />' . '<b>' . $server['name'] . '</b>'; } $filter = isset( $_GET['filter'] ) ? $_GET['filter'] : null; $attr = isset( $_GET['attribute'] ) ? $_GET['attribute'] : null; // grab the base dn for the search if( isset( $_GET['base_dn'] ) ) { $base_dn = $_GET['base_dn']; $base_dn_is_invalid = false; $base_dn_does_not_exist = false; if( trim( $base_dn ) ) if( ! is_dn_string( $base_dn ) ) $base_dn_is_invalid = true; elseif( ! dn_exists( $server_id, $base_dn ) ) $base_dn_does_not_exist = true; } elseif( '' != $servers[$server_id]['base'] ) $base_dn = $servers[$server_id]['base']; else $base_dn = try_to_get_root_dn( $server_id ); $criterion = isset( $_GET['criterion'] ) ? $_GET['criterion'] : null; $form = isset( $_GET['form'] ) ? $_GET['form'] : null; $scope = isset( $_GET['scope'] ) ? $_GET['scope'] : 'sub'; include './header.php'; ?> <body> <center> <?php if( $form == 'advanced' ) { include 'search_form_advanced.php'; } elseif( $form == 'predefined' ) { include 'search_form_predefined.php'; } else /* Draw simple search form */ { process_config(); if( count( $search_attributes ) != count( $search_attributes_display ) ) pla_error( $lang['mismatched_search_attr_config'] ); include 'search_form_simple.php'; } ?> </center> <?php flush(); if( isset( $_GET['search'] ) ) { if( $form == 'advanced' ) { $search_result_attributes = isset( $_GET['display_attrs'] ) ? rawurldecode( $_GET['display_attrs'] ) : ( isset( $search_result_attributes ) ? $search_result_attributes : "dn, cn" ); process_config(); } // do we have enough authentication information for the specified server_id if( ! have_auth_info( $server_id ) ) { $login_url = "login_form.php?server_id=$server_id&redirect=" . rawurlencode( $_SERVER['REQUEST_URI'] ); ?> <center> <br /> <?php echo $lang['you_have_not_logged_into_server']; ?><br /> <a href="<?php echo $login_url; ?>"><?php echo $lang['click_to_go_to_login_form']; ?></a>. </center> <?php exit; } //making $predefined safe for "register_globals off" if( isset( $_GET['predefined'] ) ) { $predefined = $_GET['predefined']; if( is_numeric( $predefined ) ) { $query = get_cleaned_up_predefined_search( $predefined ); $search_result_attributes = $query['attributes']; $search_attributes_display = $search_result_attributes; $search_attributes = $search_result_attributes; process_config(); $filter = $query['filter']; $scope = $query['scope']; $base_dn = $query['base']; $server_id = $query['server']; } } else { $predefined = ''; } $ds = pla_ldap_connect( $server_id ); pla_ldap_connection_is_error( $ds ); if( $filter ) { // if they are using the simple search form, build an LDAP search filter from their input if( $form == 'simple' & ! is_numeric( $predefined ) ) { switch( $criterion ) { case 'starts with': // to fix bug 789113 if( $filter == "*" ) $filter = ""; $filter = "($attr=$filter*)"; break; case 'contains': // to fix bug 789113 if( $filter == "*" ) $filter = "($attr=*)"; else $filter = "($attr=*$filter*)"; break; case 'ends with': // to fix bug 789113 if( $filter == "*" ) $filter = ""; $filter = "($attr=*$filter)"; break; case 'equals': $filter = "($attr=$filter)"; break; case 'sounds like': $filter = "($attr~=$filter)"; break; default: pla_error( $lang['unrecognized_criteria_option'] . htmlspecialchars( $criterion ) . $lang['if_you_want_to_add_criteria'] ); } } echo "<center>" . $lang['searching'] . "</center>\n"; flush(); // prevent script from bailing early on a long delete @set_time_limit( 0 ); // grab the size limit set in config.php $size_limit = isset ( $search_result_size_limit ) && is_numeric( $search_result_size_limit ) ? $search_result_size_limit : 50; // Sanity check if( $size_limit < 1 ) $size_limit = 1; $page = isset( $_GET['page'] ) ? $_GET['page'] : 0; $time_start = utime(); if( $scope == 'base' ) $results = @ldap_read( $ds, $base_dn, $filter, $search_result_attributes, 0, 0, 0, get_search_deref_setting() ); elseif( $scope == 'one' ) $results = @ldap_list( $ds, $base_dn, $filter, $search_result_attributes, 0, 0, 0, get_search_deref_setting() ); else // scope == 'sub' $results = @ldap_search( $ds, $base_dn, $filter, $search_result_attributes, 0, 0, 0, get_search_deref_setting() ); $errno = @ldap_errno( $ds ); if( ! $results ) { pla_error( $lang['error_performing_search'], ldap_error( $ds ), ldap_errno( $ds ) ); } $time_end = utime(); $time_elapsed = round( $time_end - $time_start, 2 ); $count = @ldap_count_entries( $ds, $results ); $start_entry = $page * $size_limit; $end_entry = min( $start_entry + $size_limit + 1, $count+1 ); ?> <table class="search_header"> <tr> <td style="vertical-align: top"> <nobr><?php echo $lang['entries_found'] . ' <b>' . number_format( $count ) ?></b> </nobr> <small><nobr>(<?php echo $time_elapsed; ?> <?php echo $lang['seconds']; ?>)</nobr></small> </td> <td style="text-align: right"> <small> <nobr> <?php echo "[ <a href=\"export_form.php?server_id=$server_id&scope=$scope&dn=" . urlencode($base_dn) . "&filter=" . urlencode($filter) . "&attributes=" . urlencode( join( ', ', $search_result_attributes ) ) . "\"><img src=\"images/save.png\" /> " . $lang['export_results'] . "</a> ]"; ?> <?php echo '[ <img src="images/rename.png" /> ' . $lang['format'] . ':'; foreach( $result_formats as $f ) { echo ' '; if( $format == $f ) { echo '<b>' . $lang[$f] . '</b>'; } else { $php_self = $_SERVER['PHP_SELF']; $query_string = array_to_query_string( $_GET, array( 'format' ) ); $query_string .= "&format=$f"; echo "<a href=\"$php_self?$query_string\">" . $lang[$f] . "</a>"; } } ?> ] </small> </nobr> <?php if( $form == 'simple' || $form == 'predefined' ) { ?> <br /><nobr><small><?php echo $lang['filter_performed']; ?> <?php echo htmlspecialchars( $filter ); ?></small></nobr> <?php } ?> </td> </tr> </table> <?php // The LDAP error code for the size limit exceeded error. define( 'SIZE_LIMIT_EXCEEDED', 4 ); if( $errno && $errno == SIZE_LIMIT_EXCEEDED ) { echo "<br /><center><small>" . $lang['size_limit_exceeded'] . "</small></center><br />\n"; } // Draw the paging links $pager_html = ''; $total_pages = $count / $size_limit; $results_per_page = $size_limit; if( $count > $size_limit ) { echo sprintf( $lang['showing_results_x_through_y'], "<b>" . number_format($start_entry+1) . "</b>", "<b>" . number_format($end_entry-1) . "</b>" ) . "<br />\n"; $php_self = $_SERVER['PHP_SELF']; if( $page != 0 ) { $query_string = array_to_query_string( $_GET, array( 'page' ) ); $query_string .= '&page=' . ($page-1); $pager_html .= "<a title=\"" . sprintf( $lang['page_n'],$page ) . "\" href=\"$php_self?$query_string\">‹‹</a>"; } else { $pager_html .= "‹‹"; } $pager_html .= ' '; // for large search results where we page beyone the first 20 pages, // print elipsis instead of making the pager be super wide. $elipsis_printed = false; for( $i=0; $i<$count; $i+=$size_limit ) { $page_num = $i/$size_limit; if( $count > $size_limit * 20 && abs( $page_num - $page ) > 10 ) { if( ! $elipsis_printed ) { $pager_html .= '... '; $elipsis_printed = true; } } else if( $page == $page_num ) { $pager_html .= '<b>' . ($page_num + 1) . '</b>'; $pager_html .= ' '; $elipsis_printed = false; } else { $query_string = array_to_query_string( $_GET, array( 'page' ) ); $query_string .= '&page=' . $page_num; $pager_html .= "<a href=\"$php_self?$query_string\">" . ($page_num+1) . "</a>"; $pager_html .= ' '; $elipsis_printed = false; } } if( $page+1 < $total_pages ) { $query_string = array_to_query_string( $_GET, array( 'page' ) ); $query_string .= '&page=' . ($page+1); $pager_html .= "<a title=\"" . sprintf( $lang['page_n'],($page+2) ) . "\" href=\"$php_self?$query_string\">››</a>"; } else { $pager_html .= "››"; } } if( 0 == $count ) echo '<center><h2>' . $lang['no_results'] . '</h2></center>'; else { echo '<center>' . $pager_html . '</center><br />'; flush(); if( $format == 'list' ) include realpath( './search_results_list.php' ); elseif( $format == 'table' ) include realpath( './search_results_table.php' ); else pla_error( sprintf( $lang['unrecoginzed_search_result_format'], htmlspecialchars( $format ) ) ); echo '<br /><center>' . $pager_html . '</center>'; } ?> <br /><br /> <div class="search_result"><center><span style="font-weight:normal;font-size:75%;"> <?php echo $lang['search_duration']; ?> <b><?php echo $time_elapsed; ?></b> <?php echo $lang['seconds'];?>.</small></center></div> <?php } } ?> </body> </html>