diff --git a/htdocs/create_confirm.php b/htdocs/create_confirm.php
index a3fea40..6727fb1 100644
--- a/htdocs/create_confirm.php
+++ b/htdocs/create_confirm.php
@@ -82,7 +82,7 @@ if (count($request['template']->getLDAPadd(true))) {
echo "\n\n";
$counter = 0;
- printf('
%s |
',$counter%2 ? 'even' : 'odd',$request['template']->getDN());
+ printf('%s |
',$counter%2 ? 'even' : 'odd',htmlspecialchars($request['template']->getDN()));
foreach ($request['template']->getLDAPadd(true) as $attribute) {
$counter++;
diff --git a/htdocs/delete.php b/htdocs/delete.php
index ce102b7..137055c 100644
--- a/htdocs/delete.php
+++ b/htdocs/delete.php
@@ -21,13 +21,18 @@ if (! $app['server']->dnExists($request['dn']))
# Delete the entry.
$result = $app['server']->delete($request['dn']);
-if ($result)
+if ($result) {
+ $redirect_url = '';
+
+ if (isAjaxEnabled())
+ $redirect_url .= sprintf('&refresh=SID_%s_nodes&noheader=1',$app['server']->getIndex());
+
system_message(array(
'title'=>_('Delete DN'),
'body'=>_('Successfully deleted DN ').sprintf('%s',$request['dn']),
'type'=>'info'),
- sprintf('index.php?server_id=%s',$app['server']->getIndex()));
-else
+ sprintf('index.php?server_id=%s%s',$app['server']->getIndex(),$redirect_url));
+} else
system_message(array(
'title'=>_('Could not delete the entry.').sprintf(' (%s)',pretty_print_dn($request['dn'])),
'body'=>ldap_error_msg($app['server']->getErrorMessage(null),$app['server']->getErrorNum(null)),
diff --git a/htdocs/delete_form.php b/htdocs/delete_form.php
index 5056d88..3f0d44c 100644
--- a/htdocs/delete_form.php
+++ b/htdocs/delete_form.php
@@ -15,6 +15,11 @@ require './common.php';
$request = array();
$request['dn'] = get_request('dn','GET');
+$request['page'] = new PageRender($app['server']->getIndex(),get_request('template','REQUEST',false,'none'));
+$request['page']->setDN($request['dn']);
+$request['page']->accept();
+$request['template'] = $request['page']->getTemplate();
+
# Check if the entry exists.
if (! $request['dn'] || ! $app['server']->dnExists($request['dn']))
system_message(array(
@@ -25,7 +30,7 @@ if (! $request['dn'] || ! $app['server']->dnExists($request['dn']))
# We search all children, not only the visible children in the tree
$request['children'] = $app['server']->getContainerContents($request['dn'],null,0,'(objectClass=*)',LDAP_DEREF_NEVER);
-printf('%s %s
',_('Delete'),get_rdn($request['dn']));
+printf('%s %s
',_('Delete'),htmlspecialchars(get_rdn($request['dn'])));
printf('%s: %s %s: %s
',
_('Server'),$app['server']->getName(),_('Distinguished Name'),$request['dn']);
echo "\n";
@@ -70,7 +75,7 @@ if (count($request['children'])) {
echo '';
echo '';
echo '';
@@ -122,7 +127,7 @@ if (count($request['children'])) {
echo '';
echo '';