2009-06-30 19:22:30 +10:00
< ? php
2009-06-30 20:27:56 +10:00
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/search.php,v 1.72.2.12 2006/04/29 05:45:34 wurley Exp $
2009-06-30 18:05:37 +10:00
2009-06-30 19:29:51 +10:00
/**
2009-06-30 18:05:37 +10:00
* Perform LDAP searches and draw the advanced / simple search forms
*
* Variables that come in as GET vars :
2009-06-30 19:29:51 +10:00
* - server_id ( handled in common . php )
2009-06-30 18:05:37 +10:00
* - search ( true if performing a search , empty to just draw form )
* For simple searches :
* - attribute , criterion , filter
* For advanced searches :
* - base_dn , scope , filter
2009-06-30 19:29:51 +10:00
*
* @ package phpLDAPadmin
* @ todo Search is probably broken , since base_dn is now an array
*/
/**
2009-06-30 18:05:37 +10:00
*/
2009-06-30 20:26:08 +10:00
define ( 'SIZE_LIMIT_EXCEEDED' , 4 );
2009-06-30 19:22:30 +10:00
require './common.php' ;
2009-06-30 20:26:08 +10:00
if ( isset ( $ldapserver ) && ! $ldapserver -> haveAuthInfo ())
pla_error ( _ ( 'Not enough information to login to server. Please check your configuration.' ));
2009-06-30 18:09:20 +10:00
2009-06-30 20:26:08 +10:00
# Output format, table or list?
$result_formats = array ( 'list' , 'table' );
$format = isset ( $_GET [ 'format' ]) ? $_GET [ 'format' ] : $config -> GetValue ( 'search' , 'display' );
2009-06-30 19:22:30 +10:00
2009-06-30 20:26:08 +10:00
if ( ! in_array ( $format , $result_formats ))
2009-06-30 19:29:51 +10:00
$format = 'list' ;
2009-06-30 18:05:37 +10:00
2009-06-30 20:26:08 +10:00
# build the server drop-down html and JavaScript array (for base_dns)
2009-06-30 19:29:51 +10:00
$js_on_change_string = '' ;
2009-06-30 20:26:08 +10:00
if ( isset ( $_GET [ 'form' ]) && $_GET [ 'form' ] == 'advanced' )
2009-06-30 19:29:51 +10:00
$js_on_change_string =
'onChange="document.forms[0].base_dn.value=servers[document.forms[0].server_id.value].base_dn"' ;
if ( isset ( $ldapserver )) {
2009-06-30 20:26:08 +10:00
$server_menu_html = server_select_list ( $ldapserver -> server_id , true , 'server_id' , $js_on_change_string );
$server_info_list = server_info_list ();
2009-06-30 18:05:37 +10:00
}
2009-06-30 18:07:14 +10:00
2009-06-30 20:26:08 +10:00
$filter = isset ( $_GET [ 'filter' ]) ? clean_search_vals ( $_GET [ 'filter' ]) : null ;
$attr = isset ( $_GET [ 'attribute' ]) ? $_GET [ 'attribute' ] : null ;
2009-06-30 18:05:37 +10:00
2009-06-30 20:26:08 +10:00
# grab the base dn for the search
if ( isset ( $_GET [ 'base_dn' ]) && $_GET [ 'base_dn' ]) {
2009-06-30 18:05:37 +10:00
$base_dn = $_GET [ 'base_dn' ];
2009-06-30 19:29:51 +10:00
$base_dn_is_invalid = false ;
$base_dn_does_not_exist = false ;
2009-06-30 20:26:08 +10:00
if ( trim ( $base_dn ))
if ( ! is_dn_string ( $base_dn ))
2009-06-30 19:29:51 +10:00
$base_dn_is_invalid = true ;
2009-06-30 20:26:08 +10:00
elseif ( ! $ldapserver -> dnExists ( $base_dn ))
2009-06-30 19:29:51 +10:00
$base_dn_does_not_exist = true ;
$base_dns = array ( $base_dn );
2009-06-30 20:26:08 +10:00
2009-06-30 19:29:51 +10:00
} else
if ( isset ( $ldapserver ))
$base_dns = $ldapserver -> getBaseDN ();
2009-06-30 20:26:08 +10:00
$criterion = isset ( $_GET [ 'criterion' ]) ? $_GET [ 'criterion' ] : null ;
2009-06-30 19:29:51 +10:00
if ( isset ( $_GET [ 'form' ]))
$_SESSION [ 'form' ] = $_GET [ 'form' ];
2009-06-30 20:26:08 +10:00
$form = isset ( $_SESSION [ 'form' ]) ? $_SESSION [ 'form' ] : null ;
$scope = isset ( $_GET [ 'scope' ]) ? $_GET [ 'scope' ] : 'sub' ;
2009-06-30 18:09:20 +10:00
2009-06-30 19:29:51 +10:00
include './header.php' ;
2009-06-30 18:05:37 +10:00
2009-06-30 20:26:08 +10:00
echo '<body><center>' ;
2009-06-30 18:05:37 +10:00
2009-06-30 20:26:08 +10:00
if ( $form == 'advanced' )
2009-06-30 19:29:51 +10:00
require LIBDIR . 'search_form_advanced.php' ;
2009-06-30 18:05:37 +10:00
2009-06-30 20:26:08 +10:00
elseif ( $form == 'predefined' )
2009-06-30 19:29:51 +10:00
require LIBDIR . 'search_form_predefined.php' ;
2009-06-30 19:22:30 +10:00
2009-06-30 20:26:08 +10:00
# Draw simple search form
else
2009-06-30 19:29:51 +10:00
require LIBDIR . 'search_form_simple.php' ;
2009-06-30 18:05:37 +10:00
2009-06-30 20:26:08 +10:00
echo '</center>' ;
2009-06-30 18:05:37 +10:00
2009-06-30 19:22:30 +10:00
flush ();
2009-06-30 20:26:08 +10:00
if ( isset ( $_GET [ 'search' ])) {
if ( $form == 'advanced' ) {
if ( isset ( $_GET [ 'display_attrs' ]))
2009-06-30 19:41:11 +10:00
$search_result_attributes = explode ( ',' , rawurldecode ( preg_replace ( '/\s+/' , '' , rawurldecode ( $_GET [ 'display_attrs' ]))));
2009-06-30 20:26:08 +10:00
else
2009-06-30 19:29:51 +10:00
$search_result_attributes = $config -> GetValue ( 'search' , 'result_attributes' );
} else {
$search_result_attributes = $config -> GetValue ( 'search' , 'result_attributes' );
}
2009-06-30 18:05:37 +10:00
2009-06-30 20:26:08 +10:00
# do we have enough authentication information for the specified server_id
if ( ! $ldapserver -> haveAuthInfo ()) {
2009-06-30 19:29:51 +10:00
$login_url = sprintf ( 'login_form.php?server_id=%s&redirect=%s' ,
2009-06-30 20:26:08 +10:00
$ldapserver -> server_id , rawurlencode ( $_SERVER [ 'REQUEST_URI' ]));
printf ( '<center><br />%s <br /><a href="%s">%s</a>.</center>' ,
_ ( 'You have not logged into the selected server yet, so you cannot perform searches on it.' ), $login_url , _ ( 'Click here to go to the login form' ));
2009-06-30 18:05:37 +10:00
exit ;
}
2009-06-30 20:26:08 +10:00
if ( isset ( $_GET [ 'predefined' ])) {
2009-06-30 19:22:30 +10:00
$predefined = $_GET [ 'predefined' ];
2009-06-30 19:29:51 +10:00
2009-06-30 20:26:08 +10:00
if ( is_numeric ( $predefined )) {
$query = get_cleaned_up_predefined_search ( $predefined );
2009-06-30 19:22:30 +10:00
2009-06-30 19:29:51 +10:00
$search_result_attributes = explode ( ', ' , $query [ 'attributes' ]);
2009-06-30 19:22:30 +10:00
$search_attributes_display = $search_result_attributes ;
$search_attributes = $search_result_attributes ;
$filter = $query [ 'filter' ];
$scope = $query [ 'scope' ];
2009-06-30 20:26:08 +10:00
if ( ! trim ( $query [ 'base' ]))
$query [ 'base' ] = $ldapserver -> getBaseDN ();
elseif ( is_array ( $query [ 'base' ]))
2009-06-30 19:29:51 +10:00
$base_dns = $query [ 'base' ];
2009-06-30 20:26:08 +10:00
2009-06-30 19:29:51 +10:00
else
$base_dns = array ( $query [ 'base' ]);
}
} else {
$predefined = '' ;
2009-06-30 19:22:30 +10:00
}
2009-06-30 19:29:51 +10:00
2009-06-30 20:26:08 +10:00
if ( $filter ) {
# if they are using the simple search form, build an LDAP search filter from their input
if ( $form == 'simple' & ! is_numeric ( $predefined )) {
2009-06-30 19:29:51 +10:00
2009-06-30 20:26:08 +10:00
switch ( $criterion ) {
2009-06-30 18:05:37 +10:00
case 'starts with' :
2009-06-30 20:26:08 +10:00
if ( $filter == '*' )
$filter = '' ;
2009-06-30 19:29:51 +10:00
2009-06-30 18:05:37 +10:00
$filter = " ( $attr = $filter *) " ;
break ;
2009-06-30 19:29:51 +10:00
2009-06-30 18:05:37 +10:00
case 'contains' :
2009-06-30 20:26:08 +10:00
if ( $filter == '*' )
2009-06-30 18:07:14 +10:00
$filter = " ( $attr =*) " ;
else
$filter = " ( $attr =* $filter *) " ;
2009-06-30 19:29:51 +10:00
2009-06-30 18:05:37 +10:00
break ;
2009-06-30 19:29:51 +10:00
2009-06-30 18:05:37 +10:00
case 'ends with' :
2009-06-30 20:26:08 +10:00
if ( $filter == '*' )
$filter = '' ;
2009-06-30 19:29:51 +10:00
2009-06-30 18:05:37 +10:00
$filter = " ( $attr =* $filter ) " ;
break ;
2009-06-30 19:29:51 +10:00
2009-06-30 18:05:37 +10:00
case 'equals' :
$filter = " ( $attr = $filter ) " ;
break ;
2009-06-30 19:29:51 +10:00
2009-06-30 18:05:37 +10:00
case 'sounds like' :
$filter = " ( $attr ~= $filter ) " ;
break ;
2009-06-30 19:29:51 +10:00
2009-06-30 18:05:37 +10:00
default :
2009-06-30 20:26:08 +10:00
pla_error ( _ ( 'Unrecognized criteria option: ' ) . htmlspecialchars ( $criterion ) . _ ( 'If you want to add your own criteria to the list. Be sure to edit search.php to handle them. Quitting.' ));
2009-06-30 18:05:37 +10:00
}
}
2009-06-30 19:29:51 +10:00
2009-06-30 20:26:08 +10:00
printf ( '<center>%s</center>' , _ ( 'Searching...' ));
2009-06-30 18:09:20 +10:00
flush ();
2009-06-30 20:26:08 +10:00
# prevent script from bailing early on a long delete
@ set_time_limit ( 0 );
2009-06-30 18:09:20 +10:00
2009-06-30 19:29:51 +10:00
$size_limit = $config -> GetValue ( 'search' , 'size_limit' );
2009-06-30 20:26:08 +10:00
# Sanity check
if ( $size_limit < 1 )
2009-06-30 19:29:51 +10:00
$size_limit = 1 ;
2009-06-30 19:22:30 +10:00
2009-06-30 20:26:08 +10:00
$page = isset ( $_GET [ 'page' ]) ? $_GET [ 'page' ] : 0 ;
2009-06-30 18:09:20 +10:00
2009-06-30 18:05:37 +10:00
$time_start = utime ();
2009-06-30 19:29:51 +10:00
$time_elapsed = 0 ;
foreach ( $base_dns as $base_dn ) {
2009-06-30 20:26:08 +10:00
if ( ! $ldapserver -> dnExists ( $base_dn )) {
if ( DEBUG_ENABLED )
debug_log ( 'BaseDN [%s] skipped as it doesnt exist in [%s].' , 64 ,
2009-06-30 19:40:37 +10:00
$base_dn , $ldapserver -> server_id );
2009-06-30 19:29:51 +10:00
continue ;
2009-06-30 20:26:08 +10:00
2009-06-30 19:29:51 +10:00
} else {
2009-06-30 20:26:08 +10:00
if ( DEBUG_ENABLED )
debug_log ( 'Search with base DN [%s]' , 64 , $base_dn );
2009-06-30 19:29:51 +10:00
}
2009-06-30 20:26:08 +10:00
$results = $ldapserver -> search ( null , dn_escape ( $base_dn ), $filter , $search_result_attributes , $scope , true , $config -> GetValue ( 'deref' , 'search' ));
2009-06-30 19:29:51 +10:00
2009-06-30 20:26:08 +10:00
if (( ! $results ) && $ldapserver -> errno ())
pla_error ( _ ( 'Encountered an error while performing search.' ), $ldapserver -> error (), $ldapserver -> errno ());
2009-06-30 19:29:51 +10:00
2009-06-30 20:26:08 +10:00
$errno = $ldapserver -> errno ();
2009-06-30 19:29:51 +10:00
2009-06-30 20:26:08 +10:00
$time_end = utime ();
$time_elapsed += round ( $time_end - $time_start , 2 );
$count = count ( $results );
2009-06-30 19:29:51 +10:00
2009-06-30 20:26:08 +10:00
$start_entry = $page * $size_limit ;
$end_entry = min ( $start_entry + $size_limit + 1 , $count + 1 );
?>
2009-06-30 18:05:37 +10:00
2009-06-30 19:22:30 +10:00
< table class = " search_header " >
< tr >
< td style = " vertical-align: top " >
2009-06-30 20:26:08 +10:00
< nobr >< ? php echo _ ( 'Entries found: ' ) . ' <b>' . number_format ( $count ) ?> </b> </nobr>
< nobr >< small > ( < ? php echo $time_elapsed ; ?> <?php echo _('seconds'); ?>)</small></nobr>
2009-06-30 19:22:30 +10:00
</ td >
< td style = " text-align: right " >
< nobr >
2009-06-30 20:26:08 +10:00
< small >
2009-06-30 19:29:51 +10:00
< ? php
2009-06-30 20:27:56 +10:00
printf ( '[ <a href="export_form.php?server_id=%s&scope=%s&dn=%s&filter=%s&attributes=%s"><img src="images/save.png" alt="Save" /> %s</a> ]' ,
$ldapserver -> server_id , htmlspecialchars ( $scope ), urlencode ( $base_dn ), urlencode ( $filter ),
2009-06-30 20:26:08 +10:00
urlencode ( join ( ', ' , $search_result_attributes )), _ ( 'export results' ));
2009-06-30 19:29:51 +10:00
2009-06-30 20:26:08 +10:00
printf ( '[ <img src="images/rename.png" /> %s:' , _ ( 'Format' ));
2009-06-30 19:29:51 +10:00
2009-06-30 20:26:08 +10:00
foreach ( $result_formats as $f ) {
echo ' ' ;
2009-06-30 19:29:51 +10:00
2009-06-30 20:26:08 +10:00
if ( $format == $f ) {
printf ( '<b>%s</b>' , _ ( $f ));
2009-06-30 19:29:51 +10:00
2009-06-30 20:26:08 +10:00
} else {
$query_string = array_to_query_string ( $_GET , array ( 'format' ));
$query_string .= " &format= $f " ;
printf ( '<a href="search.php?%s">%s</a>' , $query_string , _ ( $f ));
}
2009-06-30 19:29:51 +10:00
}
2009-06-30 20:26:08 +10:00
?>
2009-06-30 19:29:51 +10:00
2009-06-30 19:22:30 +10:00
]
</ small >
</ nobr >
2009-06-30 20:26:08 +10:00
< ? php if ( $form == 'simple' || $form == 'predefined' ) { ?>
< br />< nobr >< small >< ? php echo _ ( 'Base DN: ' ); ?>
< b >< ? php echo htmlspecialchars ( $base_dn ); ?> </b></small></nobr>
< br />< nobr >< small >< ? php echo _ ( 'Filter performed: ' ); ?>
< b >< ? php echo htmlspecialchars ( $filter ); ?> </b></small></nobr>
< ? php } ?>
2009-06-30 19:22:30 +10:00
</ td >
</ tr >
</ table >
2009-06-30 19:29:51 +10:00
< ? php
2009-06-30 19:22:30 +10:00
2009-06-30 20:26:08 +10:00
# The LDAP error code for the size limit exceeded error.
if ( $errno && $errno == SIZE_LIMIT_EXCEEDED )
printf ( '<br /><center><small style="color:red; white-space: nowrap">%s</small></center><br />' , _ ( 'Notice, search size limit exceeded.' ));
2009-06-30 19:22:30 +10:00
2009-06-30 20:26:08 +10:00
# Draw the paging links
$pager_html = '' ;
$total_pages = $count / $size_limit ;
$results_per_page = $size_limit ;
2009-06-30 19:29:51 +10:00
2009-06-30 20:26:08 +10:00
if ( $count > $size_limit ) {
printf ( _ ( 'Showing results %s through %s.' ) . '<br />' ,
'<b>' . number_format ( $start_entry + 1 ) . '</b>' , '<b>' . number_format ( $end_entry - 1 ) . '</b>' );
2009-06-30 19:29:51 +10:00
2009-06-30 20:26:08 +10:00
if ( $page != 0 ) {
$query_string = array_to_query_string ( $_GET , array ( 'page' ));
$query_string .= '&page=' . ( $page - 1 );
$pager_html .= sprintf ( '<a title="' . _ ( 'Page %d' ) . '" href="search.php?%s">‹‹</a>' , $page , $query_string );
2009-06-30 19:29:51 +10:00
2009-06-30 20:26:08 +10:00
} else {
$pager_html .= " ‹‹ " ;
}
$pager_html .= ' ' ;
2009-06-30 19:29:51 +10:00
2009-06-30 20:26:08 +10:00
// for large search results where we page beyone the first 20 pages,
// print elipsis instead of making the pager be super wide.
$elipsis_printed = false ;
for ( $i = 0 ; $i < $count ; $i += $size_limit ) {
$page_num = $i / $size_limit ;
2009-06-30 19:22:30 +10:00
2009-06-30 20:26:08 +10:00
if ( $count > $size_limit * 20 && abs ( $page_num - $page ) > 10 ) {
2009-06-30 19:29:51 +10:00
2009-06-30 20:26:08 +10:00
if ( ! $elipsis_printed ) {
$pager_html .= '... ' ;
$elipsis_printed = true ;
}
2009-06-30 19:29:51 +10:00
2009-06-30 20:26:08 +10:00
} elseif ( $page == $page_num ) {
$pager_html .= '<b>' . ( $page_num + 1 ) . '</b>' ;
$pager_html .= ' ' ;
$elipsis_printed = false ;
} else {
$query_string = array_to_query_string ( $_GET , array ( 'page' ));
$query_string .= '&page=' . $page_num ;
$pager_html .= " <a href= \" search.php? $query_string\ " > " . ( $page_num +1) . " </ a > " ;
$pager_html .= ' ' ;
$elipsis_printed = false ;
2009-06-30 19:29:51 +10:00
}
2009-06-30 20:26:08 +10:00
}
2009-06-30 19:29:51 +10:00
2009-06-30 20:26:08 +10:00
if ( $page + 1 < $total_pages ) {
$query_string = array_to_query_string ( $_GET , array ( 'page' ));
$query_string .= '&page=' . ( $page + 1 );
$pager_html .= " <a title= \" " . sprintf ( _ ( 'Page %d' ),( $page + 2 )) . " \" href= \" search.php? $query_string\ " >& rsaquo ; & rsaquo ; </ a > " ;
2009-06-30 19:29:51 +10:00
2009-06-30 19:22:30 +10:00
} else {
2009-06-30 20:26:08 +10:00
$pager_html .= " ›› " ;
2009-06-30 18:09:20 +10:00
}
2009-06-30 19:29:51 +10:00
2009-06-30 19:22:30 +10:00
}
2009-06-30 18:09:20 +10:00
2009-06-30 20:26:08 +10:00
if ( 0 == $count )
printf ( '<center><h2>%s</h2></center>' , _ ( 'The search found no results.' ));
else {
if ( trim ( $pager_html ))
printf ( '<center>%s</center>' , $pager_html );
echo '<br />' ;
flush ();
if ( $format == 'list' )
require LIBDIR . 'search_results_list.php' ;
elseif ( $format == 'table' )
require LIBDIR . 'search_results_table.php' ;
else
pla_error ( sprintf ( _ ( 'Unrecognized search result format: %s' ), htmlspecialchars ( $format )));
echo '<br />' ;
if ( trim ( $pager_html ))
printf ( '<center>%s</center>' , $pager_html );
}
2009-06-30 19:29:51 +10:00
}
2009-06-30 18:09:20 +10:00
2009-06-30 20:26:08 +10:00
printf ( '<br /><br /><div class="search_result"><center><small><span style="font-weight:normal;font-size:75%%;">%s <b>%s</b> %s.</span></small></center></div>' ,
_ ( 'Search performed by phpLDAPadmin in' ), $time_elapsed , _ ( 'seconds' ));
2009-06-30 18:05:37 +10:00
2009-06-30 20:26:08 +10:00
}
}
echo '</body></html>' ;
?>