phpldapadmin/htdocs/update.php

181 lines
6.4 KiB
PHP
Raw Normal View History

2009-06-30 09:22:30 +00:00
<?php
2009-06-30 10:46:00 +00:00
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/update.php,v 1.29 2007/12/15 07:50:30 wurley Exp $
2009-06-30 08:05:37 +00:00
2009-06-30 09:29:51 +00:00
/**
2009-06-30 10:26:08 +00:00
* Updates or deletes a value from a specified attribute for a specified dn.
2009-06-30 09:29:51 +00:00
*
2009-06-30 10:26:08 +00:00
* Variables that come in on the query string:
* - dn (rawurlencoded)
* - update_array (an array in the form expected by PHP's ldap_modify, except for deletions)
* (will never be empty: update_confirm.php ensures that)
2009-06-30 08:07:14 +00:00
*
* Attribute deletions:
2009-06-30 09:29:51 +00:00
* To specify that an attribute is to be deleted (whether multi- or single-valued),
2009-06-30 10:26:08 +00:00
* enter that attribute in the update array like this: attr => ''. For example, to
* delete the 'sn' attribute from an entry, the update array would look like this:
* Array (
2009-06-30 08:07:14 +00:00
* sn => ''
2009-06-30 09:29:51 +00:00
* )
*
2009-06-30 10:26:08 +00:00
* On success, redirect to template_engine.php. On failure, echo an error.
2009-06-30 08:07:14 +00:00
*
2009-06-30 09:29:51 +00:00
* @package phpLDAPadmin
*/
/**
2009-06-30 08:05:37 +00:00
*/
2009-06-30 09:29:51 +00:00
require './common.php';
2009-06-30 08:07:14 +00:00
2009-06-30 10:46:00 +00:00
$entry['dn']['string'] = get_request('dn');
$entry['dn']['encode'] = rawurlencode($entry['dn']['string']);
2009-06-30 10:26:08 +00:00
# If cancel was submited, got back to the edit display.
if (isset($_REQUEST['cancel'])) {
2009-06-30 10:46:00 +00:00
header(sprintf('Location: cmd.php?cmd=template_engine&server_id=%s&dn=%s',$ldapserver->server_id,$entry['dn']['encode']));
2009-06-30 10:26:08 +00:00
die();
}
2009-06-30 09:29:51 +00:00
if ($ldapserver->isReadOnly())
2009-06-30 10:26:08 +00:00
pla_error(_('You cannot perform updates while server is in read-only mode'));
2009-06-30 08:05:37 +00:00
2009-06-30 10:46:00 +00:00
$entry['update'] = get_request('update_array','POST',false,array());
$entry['skip'] = get_request('skip_array','POST',false,array());
2009-06-30 09:29:51 +00:00
$failed_attrs = array();
2009-06-30 08:09:20 +00:00
2009-06-30 10:46:00 +00:00
if (! is_array($entry['update']))
2009-06-30 10:26:08 +00:00
pla_error(_('update_array is malformed. This might be a phpLDAPadmin bug. Please report it.'));
2009-06-30 10:46:00 +00:00
run_hook ('pre_update',
array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn']['string'],'update_array'=>$entry['update']));
2009-06-30 09:29:51 +00:00
2009-06-30 10:26:08 +00:00
# Check for delete attributes (indicated by the attribute entry appearing like this: attr => ''
2009-06-30 10:46:00 +00:00
foreach ($entry['update'] as $attr => $val) {
if (! is_array($val)) {
if (array_key_exists($attr,$entry['skip'])) {
unset($entry['update'][$attr]);
2009-06-30 10:40:03 +00:00
2009-06-30 10:46:00 +00:00
} elseif ($val == '') {
$entry['update'][$attr] = array();
2009-06-30 10:26:08 +00:00
2009-06-30 10:46:00 +00:00
if (! $_SESSION['plaConfig']->isCommandAvailable('attribute_delete'))
pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('delete attribute')));
} else { # Skip change
$entry['update'][$attr] = $val;
2009-06-30 10:40:03 +00:00
2009-06-30 10:46:00 +00:00
if (! $_SESSION['plaConfig']->isCommandAvailable('attribute_add_value')
&& ! $_SESSION['plaConfig']->isCommandAvailable('attribute_delete_value'))
pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('modify attribute values')));
}
2009-06-30 10:26:08 +00:00
2009-06-30 10:46:00 +00:00
} else {
if (array_key_exists($attr,$entry['skip'])) {
unset($entry['update'][$attr]);
} else {
2009-06-30 10:40:03 +00:00
foreach ($val as $i => $v)
2009-06-30 10:46:00 +00:00
$entry['update'][$attr][$i] = $v;
if (! $_SESSION['plaConfig']->isCommandAvailable('attribute_add_value')
&& ! $_SESSION['plaConfig']->isCommandAvailable('attribute_delete_value'))
pla_error(sprintf('%s%s %s',_('This operation is not permitted by the configuration'),_(':'),_('modify attribute values')));
}
}
}
2009-06-30 09:29:51 +00:00
2009-06-30 10:46:00 +00:00
# Call the custom callback for each attribute modification and verify that it should be modified.
foreach ($entry['update'] as $attr_name => $val) {
2009-06-30 10:26:08 +00:00
# Check to see if this is a unique Attribute
2009-06-30 10:46:00 +00:00
if ($badattr = $ldapserver->checkUniqueAttr($entry['dn']['string'],$attr_name,$val)) {
$href['search'] = sprintf('cmd.php?cmd=search&search=true&form=advanced&server_id=%s&filter=%s=%s',
2009-06-30 10:26:08 +00:00
$ldapserver->server_id,$attr_name,$badattr);
2009-06-30 09:22:30 +00:00
2009-06-30 10:26:08 +00:00
pla_error(sprintf(_('Your attempt to add <b>%s</b> (<i>%s</i>) to <br><b>%s</b><br> is NOT allowed. That attribute/value belongs to another entry.<p>You might like to <a href="%s">search</a> for that entry.'),
2009-06-30 10:46:00 +00:00
$attr_name,$badattr,$entry['dn']['string'],$href['search']));
2009-06-30 09:29:51 +00:00
}
2009-06-30 10:26:08 +00:00
if (run_hook('pre_attr_modify',
2009-06-30 10:46:00 +00:00
array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn']['string'],'attr_name'=>$attr_name,'new_value'=>$val)) !== true) {
2009-06-30 09:29:51 +00:00
2009-06-30 10:46:00 +00:00
unset($entry['update'][$attr_name]);
2009-06-30 09:29:51 +00:00
$failed_attrs[$attr_name] = $val;
2009-06-30 09:22:30 +00:00
2009-06-30 10:46:00 +00:00
} elseif ($ldapserver->isAttrReadOnly($attr)) {
2009-06-30 10:26:08 +00:00
pla_error(sprintf(_('The attribute "%s" is flagged as read-only in the phpLDAPadmin configuration.'),
htmlspecialchars($attr_name)));
2009-06-30 10:46:00 +00:00
} else {
// binary values
if (isset($_SESSION['submitform'][$attr_name])) {
foreach ($val as $i => $v) {
if (isset($_SESSION['submitform'][$attr_name][$v])) {
foreach ($_SESSION['submitform'][$attr_name][$v] as $file) {
foreach ($file as $data) {
$entry['update'][$attr_name][$i] = $data;
}
}
}
}
}
}
2009-06-30 09:22:30 +00:00
}
2009-06-30 08:05:37 +00:00
2009-06-30 10:26:08 +00:00
# Perform the modification
2009-06-30 10:46:00 +00:00
$result = $ldapserver->modify($entry['dn']['string'],$entry['update']);
if ($result) {
2009-06-30 10:26:08 +00:00
# Fire the post modification event to the user's custom callback function.
$mustRelogin = false;
2009-06-30 10:46:00 +00:00
foreach ($entry['update'] as $attr_name => $val) {
2009-06-30 10:26:08 +00:00
run_hook('post_attr_modify',
2009-06-30 10:46:00 +00:00
array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn']['string'],'attr_name'=>$attr_name,'new_value'=>$val));
2009-06-30 08:09:20 +00:00
2009-06-30 10:26:08 +00:00
/* Was this a user's password modification who is currently
2009-06-30 10:46:00 +00:00
* logged in? If so, they need to logout and log back in
* with the new password.
*/
2009-06-30 09:29:51 +00:00
if (0 === strcasecmp($attr_name,'userPassword') &&
in_array($ldapserver->auth_type,array('cookie','session')) &&
2009-06-30 10:46:00 +00:00
pla_compare_dns($ldapserver->getLoggedInDN(),$entry['dn']['string']) === 0)
2009-06-30 10:26:08 +00:00
$mustRelogin = true;
}
2009-06-30 08:09:20 +00:00
2009-06-30 10:46:00 +00:00
run_hook('post_update',
array('server_id'=>$ldapserver->server_id,'dn'=>$entry['dn']['string'],'update_array'=>$entry['update']));
2009-06-30 10:26:08 +00:00
# If the user password was changed, not tell the to relogin.
if ($mustRelogin) {
$ldapserver->unsetLoginDN();
2009-06-30 09:29:51 +00:00
unset_lastactivity($ldapserver);
include './header.php';
2009-06-30 10:26:08 +00:00
echo '<body>';
echo '<br />';
echo '<center>';
printf('<b>%s</b>',_('Modification successful!'));
echo '<br /><br />';
echo _('Since you changed your password, you must now login again with your new password.');
echo '<br />';
2009-06-30 10:46:00 +00:00
printf('<a href="cmd.php?cmd=login_form&server_id=%s">%s...</a>',$ldapserver->server_id, _('Login'));
2009-06-30 10:26:08 +00:00
echo '</center>';
echo '</body>';
echo '</html>';
2009-06-30 08:09:20 +00:00
exit;
}
2009-06-30 10:46:00 +00:00
$redirect_url = sprintf('cmd.php?cmd=template_engine&server_id=%s&dn=%s',$ldapserver->server_id,$entry['dn']['encode']);
2009-06-30 09:29:51 +00:00
2009-06-30 10:46:00 +00:00
foreach ($entry['update'] as $attr => $junk)
2009-06-30 08:05:37 +00:00
$redirect_url .= "&modified_attrs[]=$attr";
2009-06-30 09:29:51 +00:00
foreach ($failed_attrs as $attr => $junk)
$redirect_url .= "&failed_attrs[]=$attr";
header("Location: $redirect_url");
2009-06-30 10:46:00 +00:00
die();
2009-06-30 09:29:51 +00:00
} else {
2009-06-30 10:26:08 +00:00
pla_error(_('Could not perform ldap_modify operation.'),$ldapserver->error(),$ldapserver->errno());
2009-06-30 09:29:51 +00:00
}
2009-06-30 08:05:37 +00:00
?>