2009-06-30 19:22:30 +10:00
< ? php
2009-06-30 20:40:03 +10:00
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/add_attr.php,v 1.19 2005/12/10 10:34:54 wurley Exp $
2009-06-30 19:22:30 +10:00
2009-06-30 19:29:51 +10:00
/**
2009-06-30 19:22:30 +10:00
* Adds an attribute / value pair to an object
*
2009-06-30 19:29:51 +10:00
* Variables that come in via common . php
* - server_id
2009-06-30 19:22:30 +10:00
* Variables that come in as POST vars :
* - dn
* - attr
* - val
* - binary
2009-06-30 19:29:51 +10:00
*
* @ package phpLDAPadmin
2009-06-30 19:40:37 +10:00
* @ todo : For boolean attributes , convert the response to TRUE / FALSE .
2009-06-30 19:29:51 +10:00
*/
/**
2009-06-30 19:22:30 +10:00
*/
require './common.php' ;
2009-06-30 19:29:51 +10:00
if ( $ldapserver -> isReadOnly () )
2009-06-30 20:26:08 +10:00
pla_error ( _ ( 'You cannot perform updates while server is in read-only mode' ) );
2009-06-30 19:29:51 +10:00
if ( ! $ldapserver -> haveAuthInfo ())
2009-06-30 20:26:08 +10:00
pla_error ( _ ( 'Not enough information to login to server. Please check your configuration.' ) );
2009-06-30 19:22:30 +10:00
$attr = $_POST [ 'attr' ];
$val = isset ( $_POST [ 'val' ] ) ? $_POST [ 'val' ] : false ;;
$dn = $_POST [ 'dn' ] ;
2009-06-30 19:29:51 +10:00
$is_binary_val = isset ( $_POST [ 'binary' ] ) ? true : false ;
2009-06-30 19:22:30 +10:00
$encoded_dn = rawurlencode ( $dn );
$encoded_attr = rawurlencode ( $attr );
if ( ! $is_binary_val && $val == " " ) {
2009-06-30 20:26:08 +10:00
pla_error ( _ ( 'You left the attribute value blank. Please go back and try again.' ) );
2009-06-30 19:22:30 +10:00
}
2009-06-30 19:29:51 +10:00
// special case for binary attributes (like jpegPhoto and userCertificate):
2009-06-30 19:22:30 +10:00
// we must go read the data from the file and override $val with the binary data
// Secondly, we must check if the ";binary" option has to be appended to the name
// of the attribute.
// Check to see if this is a unique Attribute
2009-06-30 20:26:08 +10:00
if ( $badattr = $ldapserver -> checkUniqueAttr ( $dn , $attr , array ( $val ))) {
2009-06-30 19:29:51 +10:00
$search_href = sprintf ( 'search.php?search=true&form=advanced&server_id=%s&filter=%s=%s' , $ldapserver -> server_id , $attr , $badattr );
2009-06-30 20:26:08 +10:00
pla_error ( sprintf ( _ ( 'Your attempt to add <b>%s</b> (<i>%s</i>) to <br><b>%s</b><br> is NOT allowed. That attribute/value belongs to another entry.<p>You might like to <a href=\'%s\'>search</a> for that entry.' ), $attr , $badattr , $dn , $search_href ) );
2009-06-30 19:22:30 +10:00
}
if ( $is_binary_val ) {
2009-06-30 19:29:51 +10:00
if ( 0 == $_FILES [ 'val' ][ 'size' ] )
2009-06-30 20:26:08 +10:00
pla_error ( _ ( 'The file you chose is either empty or does not exist. Please go back and try again.' ) );
2009-06-30 19:29:51 +10:00
if ( ! is_uploaded_file ( $_FILES [ 'val' ][ 'tmp_name' ] ) ) {
if ( isset ( $_FILES [ 'val' ][ 'error' ] ) )
switch ( $_FILES [ 'val' ][ 'error' ]) {
case 0 : //no error; possible file attack!
2009-06-30 20:26:08 +10:00
pla_error ( _ ( 'Security error: The file being uploaded may be malicious.' ) );
2009-06-30 19:29:51 +10:00
break ;
case 1 : //uploaded file exceeds the upload_max_filesize directive in php.ini
2009-06-30 20:26:08 +10:00
pla_error ( _ ( 'The file you uploaded is too large. Please check php.ini, upload_max_size setting' ) );
2009-06-30 19:29:51 +10:00
break ;
case 2 : //uploaded file exceeds the MAX_FILE_SIZE directive specified in the html form
2009-06-30 20:26:08 +10:00
pla_error ( _ ( 'The file you uploaded is too large. Please check php.ini, upload_max_size setting' ) );
2009-06-30 19:29:51 +10:00
break ;
case 3 : //uploaded file was only partially uploaded
2009-06-30 20:26:08 +10:00
pla_error ( _ ( 'The file you selected was only partially uploaded, likley due to a network error.' ) );
2009-06-30 19:29:51 +10:00
break ;
case 4 : //no file was uploaded
2009-06-30 20:26:08 +10:00
pla_error ( _ ( 'You left the attribute value blank. Please go back and try again.' ) );
2009-06-30 19:29:51 +10:00
break ;
default : //a default error, just in case! :)
2009-06-30 20:26:08 +10:00
pla_error ( _ ( 'Security error: The file being uploaded may be malicious.' ) );
2009-06-30 19:29:51 +10:00
break ;
}
else
2009-06-30 20:26:08 +10:00
pla_error ( _ ( 'Security error: The file being uploaded may be malicious.' ) );
2009-06-30 19:29:51 +10:00
}
2009-06-30 19:22:30 +10:00
$file = $_FILES [ 'val' ][ 'tmp_name' ];
2009-06-30 19:29:51 +10:00
$f = fopen ( $file , 'r' );
$binary_data = fread ( $f , filesize ( $file ) );
fclose ( $f );
$val = $binary_data ;
2009-06-30 19:22:30 +10:00
2009-06-30 19:29:51 +10:00
if ( is_binary_option_required ( $ldapserver , $attr ) )
$attr .= " ;binary " ;
2009-06-30 19:22:30 +10:00
}
2009-06-30 19:29:51 +10:00
/* Automagically hash new userPassword attributes according to the
chosen in config . php . */
if ( 0 == strcasecmp ( $attr , 'userpassword' ) ) {
if ( trim ( $ldapserver -> default_hash ) != '' ) {
$enc_type = $ldapserver -> default_hash ;
2009-06-30 19:22:30 +10:00
$val = password_hash ( $val , $enc_type );
}
}
2009-06-30 19:29:51 +10:00
2009-06-30 19:40:37 +10:00
elseif ( strcasecmp ( $attr , 'sambaNTPassword' ) == 0 ) {
$sambapassword = new smbHash ;
$val = $sambapassword -> nthash ( $val );
}
elseif ( strcasecmp ( $attr , 'sambaLMPassword' ) == 0 ) {
$sambapassword = new smbHash ;
$val = $sambapassword -> lmhash ( $val );
2009-06-30 19:22:30 +10:00
}
$new_entry = array ( $attr => $val );
2009-06-30 20:26:08 +10:00
$result = $ldapserver -> attrModify ( $dn , $new_entry );
2009-06-30 19:29:51 +10:00
if ( $result )
2009-06-30 20:26:08 +10:00
header ( sprintf ( 'Location: template_engine.php?server_id=%s&dn=%s&modified_attrs[]=%s' ,
2009-06-30 19:29:51 +10:00
$ldapserver -> server_id , $encoded_dn , $encoded_attr ));
2009-06-30 19:22:30 +10:00
else
2009-06-30 20:26:08 +10:00
pla_error ( _ ( 'Failed to add the attribute.' ), $ldapserver -> error (), $ldapserver -> errno () );
2009-06-30 19:29:51 +10:00
/**
* Check if we need to append the ; binary option to the name
* of some binary attribute
*
* @ param object $ldapserver Server Object that the attribute is in .
* @ param attr $attr Attribute to test to see if it requires ; binary added to it .
* @ return bool
*/
function is_binary_option_required ( $ldapserver , $attr ) {
// list of the binary attributes which need the ";binary" option
$binary_attributes_with_options = array (
// Superior: Ldapv3 Syntaxes (1.3.6.1.4.1.1466.115.121.1)
'1.3.6.1.4.1.1466.115.121.1.8' => " userCertificate " ,
'1.3.6.1.4.1.1466.115.121.1.8' => " caCertificate " ,
'1.3.6.1.4.1.1466.115.121.1.10' => " crossCertificatePair " ,
'1.3.6.1.4.1.1466.115.121.1.9' => " certificateRevocationList " ,
'1.3.6.1.4.1.1466.115.121.1.9' => " authorityRevocationList " ,
// Superior: Netscape Ldap attributes types (2.16.840.1.113730.3.1)
'2.16.840.1.113730.3.1.40' => " userSMIMECertificate "
);
// quick check by attr name (short circuits the schema check if possible)
//foreach( $binary_attributes_with_options as $oid => $name )
//if( 0 == strcasecmp( $attr, $name ) )
2009-06-30 19:22:30 +10:00
//return true;
2009-06-30 19:40:37 +10:00
$schema_attr = $ldapserver -> getSchemaAttribute ( $attr );
2009-06-30 19:29:51 +10:00
if ( ! $schema_attr )
return false ;
2009-06-30 19:22:30 +10:00
2009-06-30 19:29:51 +10:00
$syntax = $schema_attr -> getSyntaxOID ();
if ( isset ( $binary_attributes_with_options [ $syntax ] ) )
return true ;
2009-06-30 19:22:30 +10:00
2009-06-30 19:29:51 +10:00
return false ;
2009-06-30 19:22:30 +10:00
}
?>