$dn = rawurldecode($_POST['dn']); $server_id = $_POST['server_id']; $attr = $_POST['attr']; $val = $_POST['val']; $val = utf8_encode($val); $encoded_dn = rawurlencode($dn); $encoded_attr = rawurlencode($attr); $is_binary_val = isset($_POST['binary']) ? true : false; if (!$is_binary_val && $val == "") { pla_error("You left the attribute value blank. Please go back and try again."); } if (is_server_read_only($server_id)) { pla_error("You cannot perform updates while server is in read-only mode"); } check_server_id($server_id) or pla_error("Bad server_id: " . htmlspecialchars($server_id)); have_auth_info($server_id) or pla_error("Not enough information to login to server. Please check your configuration."); // special case for binary attributes (like jpegPhoto and userCertificate): // we must go read the data from the file and override $val with the binary data if ($is_binary_val) { $file = $_FILES['val']['tmp_name']; $f = fopen($file, 'r'); $binary_data = fread($f, filesize($file)); fclose($f); $val = $binary_data; } // Automagically hash new userPassword attributes according to the // chosen in config.php. if (0 == strcasecmp($attr, 'userpassword')) { if ($servers[$server_id]['default_hash'] != '') { $enc_type = $servers[$server_id]['default_hash']; $new_val = password_hash($new_val, $enc_type);
$up_href = "entry_chooser.php?form_element={$return_form_element}&server_id={$server_id}&container=" . rawurlencode($parent_container); } echo " <a href=\"{$up_href}\" style=\"text-decoration:none\">" . "<img src=\"images/up.png\"> Back Up...</a><br />\n"; if (count($dn_list) == 0) { echo " (no entries)<br />\n"; } else { foreach ($dn_list as $dn) { $href = "javascript:returnDN( '{$dn}' )"; echo " <a href=\"entry_chooser.php?form_element={$return_form_element}" . "&server_id={$server_id}&container=" . rawurlencode($dn) . "\"><img src=\"images/plus.png\" /></a> " . "<a href=\"{$href}\">" . htmlspecialchars($dn) . "</a><br />\n"; } } } else { foreach ($servers as $id => $server) { if ($server['host']) { echo "<b>" . htmlspecialchars($server['name']) . "</b><br />\n"; if (!have_auth_info($id)) { echo "<small> (Not logged in)</small><br />"; } else { $dn = $server['base'] ? $server['base'] : try_to_get_root_dn($id); if (!$dn) { echo "<small> (Could not determine base DN)</small><br />"; } else { $href = "javascript:returnDN( '{$dn}' )"; echo " <a href=\"entry_chooser.php?form_element=" . "{$return_form_element}&server_id={$id}&container=" . rawurlencode($dn) . "\"><img src=\"images/plus.png\" /></a> " . "<a href=\"{$href}\">" . htmlspecialchars($dn) . "</a><br />\n"; } } } } } // added by PD. 14082003, // adding the element access allows it to work with javascript arrays
?> </center> <?php flush(); ?> <?php if ($_GET['search']) { if ($form == 'advanced') { $search_result_attributes = isset($_GET['display_attrs']) ? $_GET['display_attrs'] : $search_result_attributes; process_config(); } // do we have enough authentication information for the specified server_id if (!have_auth_info($server_id)) { $login_url = "login_form.php?server_id={$server_id}&redirect=" . rawurlencode($_SERVER['REQUEST_URI']); ?> <center> <br /> You haven't logged into server <b><?php echo htmlspecialchars($servers[$server_id]['name']); ?> </b> yet. Go to the <a href="<?php echo $login_url; ?> ">login form</a> to do so. </center> <?php exit;
* - dn (rawurlencoded) * - server_id * - new_oclass * - new_attrs (array, if any) */ require 'common.php'; $dn = rawurldecode($_POST['dn']); $encoded_dn = rawurlencode($dn); $new_oclass = $_POST['new_oclass']; $server_id = $_POST['server_id']; $new_attrs = $_POST['new_attrs']; if (is_server_read_only($server_id)) { pla_error($lang['no_updates_in_read_only_mode']); } check_server_id($server_id) or pla_error($lang['bad_server_id']); have_auth_info($server_id) or pla_error($lang['not_enough_login_info']); $new_entry = array(); $new_entry['objectClass'] = $new_oclass; $new_attrs_entry = array(); $new_oclass_entry = array('objectClass' => $new_oclass); if (is_array($new_attrs) && count($new_attrs) > 0) { foreach ($new_attrs as $attr => $val) { $new_entry[$attr] = $val; } } //echo "<pre>"; //print_r( $new_entry ); //exit; $ds = pla_ldap_connect($server_id) or pla_error($lang['could_not_connect']); $add_res = @ldap_mod_add($ds, $dn, $new_entry); if (!$add_res) {
// Draw the quick-links below the server name: // ( schema | search | refresh | create ) echo '<tr><td colspan="100" class="links">'; echo '<nobr>'; echo '( '; echo '<a title="' . $lang['view_schema_for'] . ' ' . $server_name . '"' . ' href="' . $schema_href . '">' . $lang['schema'] . '</a> | '; echo '<a title="' . $lang['search'] . ' ' . $server_name . '"' . ' href="' . $search_href . '">' . $lang['search'] . '</a> | '; echo '<a title="' . $lang['refresh_expanded_containers'] . ' ' . $server_name . '"' . ' href="' . $refresh_href . '">' . $lang['refresh'] . '</a> | '; echo '<a title="' . $lang['create_new_entry_on'] . ' ' . $server_name . '"' . ' href="' . $create_href . '" target="right_frame">create</a> | '; echo '<a title="' . $lang['view_server_info'] . '" target="right_frame"' . 'href="' . $info_href . '">' . $lang['info'] . '</a> | '; echo '<a title="' . $lang['import_from_ldif'] . '" target="right_frame"' . 'href="' . $import_href . '">' . $lang['import'] . '</a>'; if ($servers[$server_id]['auth_type'] == 'form') { echo ' | <a title="' . $lang['logout_of_this_server'] . '" href="' . $logout_href . '" target="right_frame">' . $lang['logout'] . '</a>'; } echo ' )</nobr></td></tr>'; if ($servers[$server_id]['auth_type'] == 'form' && have_auth_info($server_id)) { echo "<tr><td class=\"links\" colspan=\"100\"><nobr>" . $lang['logged_in_as'] . htmlspecialchars(get_logged_in_dn($server_id)) . "</nobr></td></tr>"; } if (is_server_read_only($server_id)) { echo "<tr><td class=\"links\" colspan=\"100\"><nobr>" . "(" . $lang['read_only'] . ")</nobr></td></tr>"; } // Fetch and display the base DN for this server //$rdn = utf8_decode( $dn ); if (null == $servers[$server_id]['base']) { $base_dn = try_to_get_root_dn($server_id); } else { $base_dn = $servers[$server_id]['base']; } // Did we get a base_dn for this server somehow? if ($base_dn) { // is the root of the tree expanded already?
<?php /* * refresh.php * This script alters the session variable 'tree', by re-querying * the LDAP server to grab the contents of every expanded container. * * Variables that come in as GET vars: * - server_id */ require 'common.php'; $server_id = $_GET['server_id']; if (!check_server_id($server_id) || !have_auth_info($server_id)) { header("Location: tree.php"); } session_start(); if (!session_is_registered('tree')) { header("Location: tree.php"); } $tree = $_SESSION['tree']; $tree_icons = $_SESSION['tree_icons']; // Get the icon for the base object for this server $base_dn = $servers[$server_id]['base']; $tree_icons[$server_id][$base_dn] = get_icon($server_id, $base_dn); // get all the icons and container contents for all expanded entries if ($tree[$server_id] && is_array($tree[$server_id])) { foreach ($tree[$server_id] as $dn => $children) { $tree[$server_id][$dn] = get_container_contents($server_id, $dn); foreach ($tree[$server_id][$dn] as $child_dn) { $tree_icons[$server_id][$child_dn] = get_icon($server_id, $child_dn); }
<?php /* * logout.php * For servers whose auth_type is set to 'form'. Pass me * the server_id and I will log out the user (delete the cookie) * * Variables that come in as GET vars: * - server_id */ require 'common.php'; $server_id = $_GET['server_id']; check_server_id($server_id) or pla_error("Bad server_id: " . htmlspecialchars($server_id)); have_auth_info($server_id) or pla_error("No one is logged in to that server."); $logged_in_dn = get_logged_in_dn($server_id); $logged_in_pass = get_logged_in_pass($server_id); $anon_bind = $logged_in_dn == 'Anonymous' ? true : false; $expire = time() - 3600; if ($anon_bind) { $res1 = setcookie("pla_login_dn_{$server_id}", '0', $expire, dirname($_SERVER['PHP_SELF'])); $res2 = setcookie("pla_pass_{$server_id}", '0', $expire, dirname($_SERVER['PHP_SELF'])); } else { $res1 = setcookie("pla_login_dn_{$server_id}", $logged_in_dn, $expire, dirname($_SERVER['PHP_SELF'])); $res2 = setcookie("pla_pass_{$server_id}", $logged_in_pass, $expire, dirname($_SERVER['PHP_SELF'])); } if (!$res1 || !$res2) { pla_error("Could not delete cookie!"); } ?> <html>
function try_to_get_root_dn($server_id) { if (!have_auth_info($server_id)) { return false; } $ds = pla_ldap_connect($server_id); if (!$ds) { return false; } $r = @ldap_read($ds, '', 'objectClass=*', array('namingContexts')); if (!$r) { return false; } $r = @ldap_get_entries($ds, $r); if (isset($r[0]['namingcontexts'][0])) { $root_dn = $r[0]['namingcontexts'][0]; return $root_dn; } else { return false; } }