2009-06-30 09:22:30 +00:00
< ? php
2009-06-30 10:26:08 +00:00
// $Header: /cvsroot/phpldapadmin/phpldapadmin/htdocs/update.php,v 1.25.2.6 2006/01/14 23:33:39 wurley Exp $
2009-06-30 08:05:37 +00:00
2009-06-30 09:29:51 +00:00
/**
2009-06-30 10:26:08 +00:00
* Updates or deletes a value from a specified attribute for a specified dn .
2009-06-30 09:29:51 +00:00
*
2009-06-30 10:26:08 +00:00
* Variables that come in via common . php
* - server_id
* Variables that come in on the query string :
* - dn ( rawurlencoded )
* - update_array ( an array in the form expected by PHP ' s ldap_modify , except for deletions )
* ( will never be empty : update_confirm . php ensures that )
2009-06-30 08:07:14 +00:00
*
* Attribute deletions :
2009-06-30 09:29:51 +00:00
* To specify that an attribute is to be deleted ( whether multi - or single - valued ),
2009-06-30 10:26:08 +00:00
* enter that attribute in the update array like this : attr => '' . For example , to
* delete the 'sn' attribute from an entry , the update array would look like this :
* Array (
2009-06-30 08:07:14 +00:00
* sn => ''
2009-06-30 09:29:51 +00:00
* )
*
2009-06-30 10:26:08 +00:00
* On success , redirect to template_engine . php . On failure , echo an error .
2009-06-30 08:07:14 +00:00
*
2009-06-30 09:29:51 +00:00
* @ package phpLDAPadmin
*/
/**
2009-06-30 08:05:37 +00:00
*/
2009-06-30 09:29:51 +00:00
require './common.php' ;
2009-06-30 08:07:14 +00:00
2009-06-30 10:26:08 +00:00
$dn = $_POST [ 'dn' ];
$encoded_dn = rawurlencode ( $dn );
# If cancel was submited, got back to the edit display.
if ( isset ( $_REQUEST [ 'cancel' ])) {
header ( sprintf ( 'Location: template_engine.php?server_id=%s&dn=%s' , $ldapserver -> server_id , $encoded_dn ));
die ();
}
2009-06-30 09:29:51 +00:00
if ( $ldapserver -> isReadOnly ())
2009-06-30 10:26:08 +00:00
pla_error ( _ ( 'You cannot perform updates while server is in read-only mode' ));
2009-06-30 09:29:51 +00:00
if ( ! $ldapserver -> haveAuthInfo ())
2009-06-30 10:26:08 +00:00
pla_error ( _ ( 'Not enough information to login to server. Please check your configuration.' ));
2009-06-30 08:05:37 +00:00
2009-06-30 09:29:51 +00:00
$update_array = isset ( $_POST [ 'update_array' ]) ? $_POST [ 'update_array' ] : array ();
2009-06-30 10:26:08 +00:00
$skip_array = isset ( $_POST [ 'skip_array' ]) ? $_POST [ 'skip_array' ] : array ();
2009-06-30 09:29:51 +00:00
$failed_attrs = array ();
2009-06-30 08:09:20 +00:00
2009-06-30 10:26:08 +00:00
if ( ! is_array ( $update_array ))
pla_error ( _ ( 'update_array is malformed. This might be a phpLDAPadmin bug. Please report it.' ));
run_hook ( 'pre_update' , array ( 'server_id' => $ldapserver -> server_id , 'dn' => $dn , 'update_array' => $update_array ));
2009-06-30 09:29:51 +00:00
2009-06-30 10:26:08 +00:00
# Check for delete attributes (indicated by the attribute entry appearing like this: attr => ''
2009-06-30 09:29:51 +00:00
foreach ( $update_array as $attr => $val )
if ( ! is_array ( $val ))
2009-06-30 10:26:08 +00:00
if ( array_key_exists ( $attr , $skip_array ))
unset ( $update_array [ $attr ]);
elseif ( $val == '' )
$update_array [ $attr ] = array ();
# Skip change
2009-06-30 08:07:14 +00:00
else
2009-06-30 10:26:08 +00:00
$update_array [ $attr ] = $val ;
2009-06-30 08:07:14 +00:00
else
2009-06-30 10:26:08 +00:00
if ( array_key_exists ( $attr , $skip_array ))
unset ( $update_array [ $attr ]);
else
foreach ( $val as $i => $v )
$update_array [ $attr ][ $i ] = $v ;
2009-06-30 09:29:51 +00:00
2009-06-30 10:26:08 +00:00
/* Call the custom callback for each attribute modification
and verify that it should be modified .*/
2009-06-30 09:29:51 +00:00
foreach ( $update_array as $attr_name => $val ) {
2009-06-30 10:26:08 +00:00
# Check to see if this is a unique Attribute
if ( $badattr = $ldapserver -> checkUniqueAttr ( $dn , $attr_name , $val )) {
$search_href = sprintf ( 'search.php?search=true&form=advanced&server_id=%s&filter=%s=%s' ,
$ldapserver -> server_id , $attr_name , $badattr );
2009-06-30 09:22:30 +00:00
2009-06-30 10:26:08 +00:00
pla_error ( sprintf ( _ ( 'Your attempt to add <b>%s</b> (<i>%s</i>) to <br><b>%s</b><br> is NOT allowed. That attribute/value belongs to another entry.<p>You might like to <a href="%s">search</a> for that entry.' ),
$attr_name , $badattr , $dn , $search_href ));
2009-06-30 09:29:51 +00:00
}
2009-06-30 10:26:08 +00:00
if ( run_hook ( 'pre_attr_modify' ,
array ( 'server_id' => $ldapserver -> server_id , 'dn' => $dn , 'attr_name' => $attr_name , 'new_value' => $val )) !== true ) {
2009-06-30 09:29:51 +00:00
2009-06-30 10:26:08 +00:00
unset ( $update_array [ $attr_name ]);
2009-06-30 09:29:51 +00:00
$failed_attrs [ $attr_name ] = $val ;
2009-06-30 09:22:30 +00:00
2009-06-30 10:26:08 +00:00
} elseif ( $ldapserver -> isAttrReadOnly ( $attr ))
pla_error ( sprintf ( _ ( 'The attribute "%s" is flagged as read-only in the phpLDAPadmin configuration.' ),
htmlspecialchars ( $attr_name )));
2009-06-30 09:22:30 +00:00
}
2009-06-30 08:05:37 +00:00
2009-06-30 10:26:08 +00:00
# Perform the modification
2009-06-30 09:40:37 +00:00
$res = $ldapserver -> modify ( $dn , $update_array );
2009-06-30 09:29:51 +00:00
if ( $res ) {
2009-06-30 10:26:08 +00:00
# Fire the post modification event to the user's custom callback function.
$mustRelogin = false ;
2009-06-30 09:29:51 +00:00
foreach ( $update_array as $attr_name => $val ) {
2009-06-30 10:26:08 +00:00
run_hook ( 'post_attr_modify' ,
array ( 'server_id' => $ldapserver -> server_id , 'dn' => $dn , 'attr_name' => $attr_name , 'new_value' => $val ));
2009-06-30 08:09:20 +00:00
2009-06-30 10:26:08 +00:00
/* Was this a user ' s password modification who is currently
logged in ? If so , they need to logout and log back in
with the new password . */
2009-06-30 09:29:51 +00:00
if ( 0 === strcasecmp ( $attr_name , 'userPassword' ) &&
in_array ( $ldapserver -> auth_type , array ( 'cookie' , 'session' )) &&
2009-06-30 10:26:08 +00:00
pla_compare_dns ( $ldapserver -> getLoggedInDN (), $dn ) === 0 )
$mustRelogin = true ;
}
2009-06-30 08:09:20 +00:00
2009-06-30 10:26:08 +00:00
run_hook ( 'post_update' , array ( 'server_id' => $ldapserver -> server_id , 'dn' => $dn , 'update_array' => $update_array ));
# If the user password was changed, not tell the to relogin.
if ( $mustRelogin ) {
$ldapserver -> unsetLoginDN ();
2009-06-30 09:29:51 +00:00
unset_lastactivity ( $ldapserver );
include './header.php' ;
2009-06-30 10:26:08 +00:00
echo '<body>' ;
echo '<script type="text/javascript" language="javascript">' ;
echo 'parent.left_frame.location.reload();' ;
echo '</script>' . " \n \n " ;
echo '<br />' ;
echo '<center>' ;
printf ( '<b>%s</b>' , _ ( 'Modification successful!' ));
echo '<br /><br />' ;
echo _ ( 'Since you changed your password, you must now login again with your new password.' );
echo '<br />' ;
printf ( '<a href="login_form.php?server_id=%s">%s...</a>' , $ldapserver -> server_id , _ ( 'Login' ));
echo '</center>' ;
echo '</body>' ;
echo '</html>' ;
2009-06-30 08:09:20 +00:00
exit ;
}
2009-06-30 10:26:08 +00:00
$redirect_url = sprintf ( 'template_engine.php?server_id=%s&dn=%s' , $ldapserver -> server_id , $encoded_dn );
2009-06-30 09:29:51 +00:00
foreach ( $update_array as $attr => $junk )
2009-06-30 08:05:37 +00:00
$redirect_url .= " &modified_attrs[]= $attr " ;
2009-06-30 09:29:51 +00:00
foreach ( $failed_attrs as $attr => $junk )
$redirect_url .= " &failed_attrs[]= $attr " ;
header ( " Location: $redirect_url " );
} else {
2009-06-30 10:26:08 +00:00
pla_error ( _ ( 'Could not perform ldap_modify operation.' ), $ldapserver -> error (), $ldapserver -> errno ());
2009-06-30 09:29:51 +00:00
}
2009-06-30 08:05:37 +00:00
?>