diff --git a/htdocs/login_form.php b/htdocs/login_form.php index 779ac97..4af7546 100644 --- a/htdocs/login_form.php +++ b/htdocs/login_form.php @@ -53,6 +53,7 @@ if ($app['server']->getAuthType() == 'http') { header('Status: 401 Unauthorized'); // http 1.1 method return; + # HTML Login Form } else { echo '
'; diff --git a/lib/AJAXTree.php b/lib/AJAXTree.php index 5d72897..1bc9f14 100644 --- a/lib/AJAXTree.php +++ b/lib/AJAXTree.php @@ -24,9 +24,9 @@ class AJAXTree extends HTMLTree { * @param boolean $first_child is the first child entry, which is normally the "Create New Entry" option * @param boolean $last_child is the last child entry, which is normally the "Create New Entry" option */ - protected function draw_dn($dn,$level,$first_child=true,$last_child=true) { + protected function draw_item($item,$level,$first_child=true,$last_child=true) { if (DEBUG_ENABLED) - debug_log('Entered with (%s,%s,%s,%s)',33,__FILE__,__LINE__,__METHOD__,$dn,$level,$first_child,$last_child); + debug_log('Entered with (%s,%s,%s,%s)',33,__FILE__,__LINE__,__METHOD__,$item,$level,$first_child,$last_child); $server = $this->getServer(); @@ -46,12 +46,12 @@ class AJAXTree extends HTMLTree { $level = strlen($code); # Get entry to display as node - $entry = $this->getEntry($dn); + $entry = $this->getEntry($item); # If the entry doesnt exist, we'll add it. if (! $entry) { - $this->addEntry($dn); - $entry = $this->getEntry($dn); + $this->addEntry($item); + $entry = $this->getEntry($item); } # If the entry doesnt exist in the server, then return here with an empty string. @@ -59,7 +59,7 @@ class AJAXTree extends HTMLTree { return ''; # Get our children. - $child_count = $this->readChildrenNumber($dn); + $child_count = $this->readChildrenNumber($item); $nb = 0; if ($first_child) @@ -90,12 +90,12 @@ class AJAXTree extends HTMLTree { $new_code = array('1','1','0','0'); # Links - $parms['openclose'] = htmlspecialchars(sprintf('server_id=%s&dn=%s&code=%s%s',$this->getServerID(),rawurlencode($dn),$code,$new_code[$nb])); - $parms['edit'] = htmlspecialchars(sprintf('cmd=template_engine&server_id=%s&dn=%s',$this->getServerID(),rawurlencode($dn))); + $parms['openclose'] = htmlspecialchars(sprintf('server_id=%s&dn=%s&code=%s%s',$this->getServerID(),rawurlencode($item),$code,$new_code[$nb])); + $parms['edit'] = htmlspecialchars(sprintf('cmd=template_engine&server_id=%s&dn=%s',$this->getServerID(),rawurlencode($item))); $href = sprintf('cmd.php?%s',$parms['edit']); # Each node has a unique id based on dn - $node_id = sprintf('node%s',base64_encode(sprintf('%s-%s',$server->getIndex(),$dn))); + $node_id = sprintf('node%s',base64_encode(sprintf('%s-%s',$server->getIndex(),$item))); $node_id = str_replace('=','_',$node_id); if ($level == 0) @@ -119,12 +119,12 @@ class AJAXTree extends HTMLTree { echo ''; } - printf('',$href,$parms['edit'],_('Retrieving DN'),htmlspecialchars($dn)); + printf('',$href,$parms['edit'],_('Retrieving DN'),htmlspecialchars($item)); printf('->',$node_id,IMGDIR,$entry->getIcon($server)); echo ''; echo ' '; - printf('',$href,$parms['edit'],_('Retrieving DN'),htmlspecialchars($dn)); + printf('',$href,$parms['edit'],_('Retrieving DN'),htmlspecialchars($item)); echo $this->get_formatted_dn($entry,$level-1); echo ($child_count ? (sprintf(' (%s%s)',$child_count,($entry->isSizeLimited() ? '+' : ''))) : ''); echo ''; @@ -170,7 +170,7 @@ class AJAXTree extends HTMLTree { $last = ($i == (count($children)-1)) && (! $last_child); if (is_object($children[$i])) - $this->draw_dn($children[$i]->getDN(),$code,$first,$last); + $this->draw_item($children[$i]->getDN(),$code,$first,$last); else echo '
problem getting DN entry from ldap'; diff --git a/lib/HTMLTree.php b/lib/HTMLTree.php index 69a9d83..c2d394a 100644 --- a/lib/HTMLTree.php +++ b/lib/HTMLTree.php @@ -16,13 +16,13 @@ * @see AJAXTree Tree */ class HTMLTree extends Tree { - protected $javascript = ''; + /** * Required ABSTRACT methods */ /** - * Displays the tree in HTML + * Displays the tree in HTML * * @param boolean Only display the tree, or include the server name and menu items */ @@ -47,7 +47,7 @@ class HTMLTree extends Tree { $this->draw_menu(); if ($server->getAuthType() != 'config') - $this->draw_logged_in_dn(); + $this->draw_logged_in_user(); else printf(' ',$this->getDepth()+3); @@ -110,7 +110,7 @@ class HTMLTree extends Tree { return; } else { - $this->draw_dn($base->getDN(),-1); + $this->draw_item($base->getDN(),-1); } } @@ -122,7 +122,6 @@ class HTMLTree extends Tree { # We are not logged in, draw a login... link. } else { switch ($server->getAuthType()) { - case 'http': case 'session': $this->draw_login_link(); @@ -173,13 +172,15 @@ class HTMLTree extends Tree { */ protected function draw_menu() { $links = ''; - $i = 0; - foreach (array('schema','search','refresh','server_info','monitor','import','export','logout') as $menu) { - $link = $this->get_menu_item($menu); - if ($link) - $links .= sprintf('%s',$this->get_menu_item($menu)); - } + if (is_array($_SESSION[APPCONFIG]->getValue('menu','session'))) + foreach ($_SESSION[APPCONFIG]->getValue('menu','session') as $link => $title) { + if ($this->get_menu_item($link)) + $links .= sprintf('%s',$this->get_menu_item($link)); + } + + # Finally add our logout link. + $links .= sprintf('%s',$this->get_logout_menu_item()); # Draw the quick-links below the server name: if ($links) { @@ -192,11 +193,11 @@ class HTMLTree extends Tree { /** * Get the HTML for each tree menu option */ - protected function get_menu_item($i) { + protected function get_menu_item($item) { $server = $this->getServer(); $menu = array(); - switch($i) { + switch($item) { case 'schema': if (! $_SESSION[APPCONFIG]->isCommandAvailable('script','schema')) return ''; @@ -293,15 +294,6 @@ class HTMLTree extends Tree { break; - case 'logout': - if (! $_SESSION[APPCONFIG]->isCommandAvailable('script','logout') || in_array($server->getAuthType(),array('config','http','proxy'))) - return ''; - - $href = sprintf('cmd.php?cmd=logout&server_id=%s',$server->getIndex()); - - return sprintf('%s
%s', - htmlspecialchars($href),_('Logout of this server'),IMGDIR,'logout-big.png',_('logout'),_('logout')); - default: return false; } @@ -316,10 +308,21 @@ class HTMLTree extends Tree { $href_parms,$menu['title'],$server->getName(),IMGDIR,$menu['img'],$menu['name'],$menu['name']); } + protected function get_logout_menu_item() { + $server = $this->getServer(); + $href = sprintf('cmd.php?cmd=logout&server_id=%s',$server->getIndex()); + + if (! $_SESSION[APPCONFIG]->isCommandAvailable('script','logout') || in_array($server->getAuthType(),array('config','http','proxy'))) + return ''; + else + return sprintf('%s
%s', + htmlspecialchars($href),_('Logout of this server'),IMGDIR,'logout-big.png',_('logout'),_('logout')); + } + /** - * Draw the Logged in User DN + * Draw the Logged in User */ - protected function draw_logged_in_dn() { + protected function draw_logged_in_user() { $server = $this->getServer(); $logged_in_dn = $server->getLogin(null); @@ -374,21 +377,20 @@ class HTMLTree extends Tree { * * @param dn $dn Current dn. * @param int $level Level to start drawing (start to -1) - * @todo This function hasnt been tested with the new rewrite of PLA */ - protected function draw_dn($dn,$level) { + protected function draw_item($item,$level) { if (DEBUG_ENABLED) - debug_log('Entered with (%s,%s)',33,__FILE__,__LINE__,__METHOD__,$dn,$level); + debug_log('Entered with (%s,%s)',33,__FILE__,__LINE__,__METHOD__,$item,$level); $server = $this->getServer(); # Get entry to display as node - $entry = $this->getEntry($dn); + $entry = $this->getEntry($item); # If the entry doesnt exist, we'll add it. if (! $entry) { - $this->addEntry($dn); - $entry = $this->getEntry($dn); + $this->addEntry($item); + $entry = $this->getEntry($item); } # If the entry doesnt exist in the server, then return here with an empty string. @@ -396,10 +398,10 @@ class HTMLTree extends Tree { return; # Get our children. - $child_count = $this->readChildrenNumber($dn); + $child_count = $this->readChildrenNumber($item); - $rdn = get_rdn($dn); - $dnENCODE = rawurlencode($dn); + $rdn = get_rdn($item); + $dnENCODE = rawurlencode($item); $href['expand'] = htmlspecialchars(sprintf('cmd.php?cmd=expand&server_id=%s&dn=%s',$server->getIndex(),$dnENCODE)); $href['collapse'] = htmlspecialchars(sprintf('cmd.php?cmd=collapse&server_id=%s&dn=%s',$server->getIndex(),$dnENCODE)); $href['edit'] = htmlspecialchars(sprintf('cmd.php?cmd=template_engine&server_id=%s&dn=%s',$server->getIndex(),$dnENCODE)); @@ -420,7 +422,7 @@ class HTMLTree extends Tree { printf('+',$href['expand'],IMGDIR); printf('img', - $href['edit'],$server->getIndex(),preg_replace('/=/','_',base64_encode($dn)),IMGDIR,$entry->getIcon()); + $href['edit'],$server->getIndex(),preg_replace('/=/','_',base64_encode($item)),IMGDIR,$entry->getIcon()); printf('',$this->getDepth()+3-$level); printf('%s',$href['edit'],$this->get_formatted_dn($entry,$level)); @@ -441,7 +443,7 @@ class HTMLTree extends Tree { } foreach ($entry->getChildren() as $dnChildEntry) - $this->draw_dn($dnChildEntry,$level+1); + $this->draw_item($dnChildEntry,$level+1); # Always draw the "create new" link at the bottom of the listing if (! $server->isReadOnly() && ! $entry->isLeaf() && $this->getServer()->isShowCreateEnabled()) { @@ -450,7 +452,7 @@ class HTMLTree extends Tree { } if (DEBUG_ENABLED) - debug_log('Leaving (%s,%s)',33,__FILE__,__LINE__,__METHOD__,$dn,$level); + debug_log('Leaving (%s,%s)',33,__FILE__,__LINE__,__METHOD__,$item,$level); } protected function get_formatted_dn($entry,$level) { @@ -481,13 +483,9 @@ class HTMLTree extends Tree { /** * Draw login link - * @todo change the determination of $recently_timed_out_servers */ protected function draw_login_link() { - global $recently_timed_out_servers; - $server = $this->getServer(); - $href_parm = htmlspecialchars(sprintf('cmd=%s&server_id=%s',get_custom_file($server->getIndex(),'login_form',''),$server->getIndex())); echo ''; @@ -507,11 +505,6 @@ class HTMLTree extends Tree { printf(' ',$this->getDepth()+3); printf(' ',$this->getDepth()+3); - - # If the server recently timed out display the message - if (is_array($recently_timed_out_servers) && in_array($server->getIndex(),$recently_timed_out_servers)) - printf('%s', - $this->getDepth()+3-1,_('(Session timed out. Automatically logged out.)')); } /** @@ -525,7 +518,7 @@ class HTMLTree extends Tree { } } - /* + /** * Work out how deep the "opened" tree is. */ public function getDepth() { diff --git a/lib/common.php b/lib/common.php index 23e19de..6c22d00 100644 --- a/lib/common.php +++ b/lib/common.php @@ -163,16 +163,17 @@ app_session_start(); # See if we have a session, we can then get our theme out $app['theme'] = 'default'; if (isset($_SESSION[APPCONFIG])) - if (is_dir(realpath(sprintf('images/%s',$_SESSION[APPCONFIG]->getValue('appearance','theme')))) + if (is_dir(realpath(sprintf('images/%s',$_SESSION[APPCONFIG]->getValue('appearance','theme')))) && is_file(realpath(sprintf('css/%s/%s',$_SESSION[APPCONFIG]->getValue('appearance','theme'),$_SESSION[APPCONFIG]->getValue('appearance','stylesheet'))))) - $app['theme'] = $_SESSION[APPCONFIG]->getValue('appearance','theme'); + $app['theme'] = $_SESSION[APPCONFIG]->getValue('appearance','theme'); define('CSSDIR',sprintf('css/%s',$app['theme'])); define('IMGDIR',sprintf('images/%s',$app['theme'])); # Initialise the hooks -require_once LIBDIR.'hooks.php'; +if (file_exists(LIBDIR.'hooks.php')) + require_once LIBDIR.'hooks.php'; # If we get here, and $_SESSION[APPCONFIG] is not set, then redirect the user to the index. if (isset($_SERVER['SERVER_SOFTWARE']) && ! isset($_SESSION[APPCONFIG])) { diff --git a/lib/config_default.php b/lib/config_default.php index 6dfa3b1..c9f518b 100644 --- a/lib/config_default.php +++ b/lib/config_default.php @@ -32,6 +32,16 @@ class Config { $this->custom = new stdClass; $this->default = new stdClass; + /* + * What to do after entry creation : + * 2 : display the creation form again + * 1 : display the new created entry + * 0 : display the choice between 1 and 2 + */ + $this->default->appearance['action_after_creation'] = array( + 'desc'=>'Display the new created entry', + 'default'=>1); + ## Appearance Attributes /** Anonymous implies read only * Set to true if you want LDAP data to be displayed read-only (without input fields) @@ -59,14 +69,14 @@ class Config { 'desc'=>'Show the control as icons or text', 'default'=>false); - $this->default->appearance['date'] = array( - 'desc'=>'Date format whenever dates are shown', - 'default'=>'%A %e %B %Y'); - $this->default->appearance['custom_templates_only'] = array( 'desc'=>'Only display the custom templates.', 'default'=>false); + $this->default->appearance['date'] = array( + 'desc'=>'Date format whenever dates are shown', + 'default'=>'%A %e %B %Y'); + $this->default->appearance['date_attrs'] = array( 'desc'=>'Array of attributes that should show a jscalendar', 'default'=>array('shadowExpire'=>'%es','shadowLastChange'=>'%es')); @@ -95,26 +105,6 @@ class Config { 'desc'=>'Hide the features that may provide sensitive debugging information to the browser', 'default'=>true); - $this->default->appearance['rdn_all_attrs'] = array( - 'desc'=>'Whether to show all attributes in the RDN chooser, or just the required ones', - 'default'=>true); - - $this->default->appearance['readonly_attrs'] = array( - 'desc'=>'Mark these attributes as readonly', - 'default'=>array()); - - $this->default->appearance['readonly_attrs_exempt'] = array( - 'desc'=>'Group DN, where membership will exempt the users from readonly attrs', - 'default'=>null); - - $this->default->appearance['remoteurls'] = array( - 'desc'=>'Whether to include renders for remote URLs', - 'default'=>true); - - $this->default->appearance['timezone'] = array( - 'desc'=>'Define our timezone, if not defined in php.ini', - 'default'=>null); - /** Language * The language setting. If you set this to 'auto', phpLDAPadmin will * attempt to determine your language automatically. Otherwise, set @@ -157,14 +147,30 @@ class Config { 'desc'=>'Obfuscate the display of passwords', 'default'=>true); - $this->default->appearance['show_clear_password'] = array( - 'desc'=>'Whether to show clear passwords if we dont obfuscate them', - 'default'=>false); - $this->default->appearance['page_title'] = array( 'desc'=>'Change the page title to this text', 'default'=>''); + $this->default->appearance['rdn_all_attrs'] = array( + 'desc'=>'Whether to show all attributes in the RDN chooser, or just the required ones', + 'default'=>true); + + $this->default->appearance['readonly_attrs'] = array( + 'desc'=>'Mark these attributes as readonly', + 'default'=>array()); + + $this->default->appearance['readonly_attrs_exempt'] = array( + 'desc'=>'Group DN, where membership will exempt the users from readonly attrs', + 'default'=>null); + + $this->default->appearance['remoteurls'] = array( + 'desc'=>'Whether to include renders for remote URLs', + 'default'=>true); + + $this->default->appearance['show_clear_password'] = array( + 'desc'=>'Whether to show clear passwords if we dont obfuscate them', + 'default'=>false); + $this->default->appearance['show_hints'] = array( 'desc'=>'Show helpful hints', 'default'=>true); @@ -173,16 +179,6 @@ class Config { 'desc'=>'Show a additional create link on the top of the list if there are more than 10 entries', 'default'=>true); - /* - * What to do after entry creation : - * 2 : display the creation form again - * 1 : display the new created entry - * 0 : display the choice between 1 and 2 - */ - $this->default->appearance['action_after_creation'] = array( - 'desc'=>'Display the new created entry', - 'default'=>1); - $this->default->appearance['show_schema_link'] = array( 'desc'=>'Show the schema link for each attribute', 'default'=>true); @@ -199,6 +195,14 @@ class Config { 'desc'=>'Which theme to use', 'default'=>'default'); + $this->default->appearance['timezone'] = array( + 'desc'=>'Define our timezone, if not defined in php.ini', + 'default'=>null); + + $this->default->appearance['tree'] = array( + 'desc'=>'Class name which inherits from Tree class and implements the draw() method', + 'default'=>'AJAXTree'); + /** Tree display * An array of format strings used to display enties in the * tree viewer (left-hand side). The first format string that @@ -247,10 +251,6 @@ class Config { 'desc'=>'LDAP search filter for the tree entries', 'default'=>'(objectClass=*)'); - $this->default->appearance['tree'] = array( - 'desc'=>'Class name which inherits from Tree class and implements the draw() method', - 'default'=>'AJAXTree'); - ## Caching $this->default->cache['schema'] = array( 'desc'=>'Cache Schema Activity', @@ -483,6 +483,21 @@ class Config { 'desc'=>'Time in seconds for the life of cookies', 'default'=>0); + /** + * Session Menu + */ + $this->default->menu['session'] = array( + 'desc'=>'Menu items when logged in.', + 'default'=>array( + 'schema'=>true, + 'search'=>true, + 'refresh'=>true, + 'server_info'=>true, + 'monitor'=>true, + 'import'=>true, + 'export'=>true + )); + ## Password Generation $this->default->password['length'] = array( 'desc'=>'Length of autogenerated password', diff --git a/lib/page.php b/lib/page.php index bc62cf8..343f165 100644 --- a/lib/page.php +++ b/lib/page.php @@ -185,7 +185,7 @@ class page { foreach (cmd_control_pane('main') as $cmddetails) if ((isset($cmddetails['enable']) && trim($cmddetails['enable'])) || ! isset($cmddetails['enable'])) { if (! $empty) - echo ' | '; + echo ' | '; printf('%s',$cmddetails['link'], $_SESSION[APPCONFIG]->getValue('appearance','control_icons') ? $cmddetails['image'] : $cmddetails['title']); diff --git a/lib/session_functions.php b/lib/session_functions.php index 39555e5..a02d964 100644 --- a/lib/session_functions.php +++ b/lib/session_functions.php @@ -10,7 +10,7 @@ */ /** The session ID that this application will use for all sessions */ -define('APP_SESSION_ID','APPSESSID'); +define('APP_SESSION_ID',md5(app_name())); /** Enables session paranoia, which causes SIDs to change each page load (EXPERIMENTAL!) */ define('app_session_id_paranoid', false); /** Flag to indicate whether the session has already been initialized (this constant gets stored in $_SESSION) */