//purification des variables
if ( count($_GET)>0) $uid=$purifier->purify($_GET['cn']);
if (count($_POST)>0 ) {
$uid=$purifier->purify($_POST['cn']);
$action=$purifier->purify($_POST['action']);
if ( isset($_POST['delrights']) )
$delrights=$purifier->purifyArray($_POST['delrights']);
if ( isset($_POST['newrights']) )
$newrights=$purifier->purifyArray($_POST['newrights']);
}
}
header_html();
$filtre = "8_".$uid;
aff_trailer ("3");
if (ldap_get_right("lcs_is_admin",$login)=="Y") {
// Ajoute un droit
if ($action == "AddRights") {
// Inscription des droits dans l'annuaire
echo "<h3>".gettext("Inscription des droits pour")." <u>$uid</u></h3>";
echo "<p>".gettext("Vous avez sélectionné ") ."". count($newrights)."".gettext(" droit(s)")."<br />\n";
for ($loop=0; $loop < count($newrights); $loop++) {
$right=$newrights[$loop];
echo gettext("Délégation du droit")." <u>$right</u> ".gettext("à l'utilisateur")." $uid<br />";
$cDn = "cn=$uid,$groupsRdn,$ldap_base_dn";
$pDn = "cn=$right,$rightsRdn,$ldap_base_dn";
exec ("$scriptsbinpath/groupAddEntry.pl ". escapeshellarg($cDn) . " ". escapeshellarg($pDn));
echo "<br />";
/* =============================================
Projet LCS-SE3
Consultation/ Gestion de l'annuaire LDAP
Equipe Tice academie de Caen
Distribue selon les termes de la licence GPL
Derniere modification : 04/04/2014
============================================= */
include "includes/check-token.php";
if (!check_acces()) exit;
include "../lcs/includes/headerauth.inc.php";
include "includes/ldap.inc.php";
include "includes/ihm.inc.php";
header_html();
aff_trailer ("2");
?>
<H2>Rechercher un utilisateur</H2>
<form action="peoples_list.php" method = post>
<table>
<tbody>
<tr>
<td>Nom complet :</td>
<td>
<select name="priority_surname">
<option value="contient">contient</option>
<option value="commence">commence par</option>
<option value="finit">finit par</option>
</select>
</td>
<td><input type="text" name="prenom"></td>
$mod_entry=$purifier->purify($_POST['mod_entry']);
}
$login=$_SESSION['login'];
$jeton_mod_user=md5($_SESSION['token'].htmlentities("/Annu/mod_user_entry.php"));
// Recuperation des entrees de l'utilisateur a modifier
$people_attr=people_get_variables ($login, false);
$people_attr[0]["prenom"]=getprenom($people_attr[0]["fullname"],$people_attr[0]["nom"]);
if (is_admin("Annu_is_admin",$login)=="Y") {
// Redirection vers mod_user_entry.php
header("Location:mod_user_entry.php?uid=$login&jeton=$jeton_mod_user");exit;
} else {
header_html();
aff_trailer ("4");
// Changement uniquement du pseudo pour l'utilisateur de �base�
if ( (!$mod_entry) || ( $mod_entry && ( !$pseudo || !verifPseudo($pseudo) ) ) ) {
?>
<form action="mod_entry.php" method="post">
<table border="0" width="90%" align="center">
<tbody>
<tr>
<td width="30%" >Nom :</td>
<td width="20%"><strong><?php echo $people_attr[0]["nom"] ?></strong></td>
<td></td>
</tr>
<tr>
<td>Prénom :</td>
<td><strong><?php echo $people_attr[0]["prenom"] ?></strong></td>
<td></td>
//configuration objet
include ("../lcs/includes/htmlpurifier/library/HTMLPurifier.auto.php");
$config = HTMLPurifier_Config::createDefault();
$purifier = new HTMLPurifier($config);
//purification des variables
if ( isset($_POST['cn'])) $cn=$purifier->purify($_POST['cn']);
if ( isset($_POST['description'])) $description=$purifier->purify($_POST['description']);
if ( isset($_POST['intitule'])) $intitule=$purifier->purify($_POST['intitule']);
if ( isset($_POST['action'])) $action=$purifier->purify($_POST['action']);
if ( isset($_POST['classe_gr'])) $classe_gr=$purifier->purifyArray($_POST['classe_gr']);
if ( isset($_POST['equipe_gr'])) $equipe_gr=$purifier->purifyArray($_POST['equipe_gr']);
if ( isset($_POST['autres_gr'])) $autres_gr=$purifier->purifyArray($_POST['autres_gr']);
}
header_html();
aff_trailer ("8");
if (is_admin("Annu_is_admin",$login)=="Y") {
if (isset($classe_gr)) for ($loop=0; $loop < count ($classe_gr) ; $loop++) {
$filter[$loop]=$classe_gr[$loop];
}
$index=$loop;
if (isset($equipe_gr))for ($loop=0; $loop < count ($equipe_gr) ; $loop++) {
$filter[$index+$loop]=$equipe_gr[$loop];
}
$index=$index+$loop;
if (isset($autres_gr))for ($loop=0; $loop < count ($autres_gr) ; $loop++) {
$filter[$index+$loop]=$autres_gr[$loop];
}
$html = "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\n";
$html .= "<html>\n";
$html .= " <head>\n";
$html .= " <title>...::: Interface d'administration Serveur LCS :::...</title>\n";
$html .= " <meta HTTP-EQUIV=\"Content-Type\" CONTENT=\"tetx/html; charset=utf-8\">\n";
echo $html;
// Redirection vers phase suivante, gestion du «sablier»
if( $phase == 1 )
echo "<meta HTTP-EQUIV=\"Refresh\" CONTENT=\"1;url='".$_SERVER['PHP_SELF']."?phase=2&shell_orig=$shell_orig&shell_mod=$shell_mod&jeton=".md5($_SESSION['token'].htmlentities($_SERVER['PHP_SELF']))."'\">\n";
$html = " <link href='style.css' rel='StyleSheet' type='text/css'>\n";
$html .= " </head>\n";
$html .= " <body>\n";
$html .= "<div>\n";
echo $html;
aff_trailer ("1");
if (is_admin("Annu_is_admin",$login)=="Y") {
if ( $phase !=1 ) {
$html = "<h3>Modification du shell des utilisateurs :</h3>\n";
// Affichage du formulaire de selection du shell
$html .= "<div style=\"margin-left: 50px;\">\n";
$html .= "<form name = \"shellmod\" action=\"mod_shell.php\" method=\"post\">\n";
$html .= "de \n";
$html .= "<select name=\"shell_orig\">\n";
$html .= " <option>/bin/bash</option>\n";
$html .= " <option selected>/bin/true</option>\n";
//$html .= " <option>/usr/lib/sftp-server</option>\n";
$html .= "</select> \n";
$html .= "en \n";
$html .= "<select name=\"shell_mod\">\n";
$html .= " <option>/bin/bash</option>\n";
{
echo "<div class='error_msg'> L\'opération a échoué</div>";
}
else
{
$redirect=fgetcsv($fp,128);
$adresse=$redirect[0];
$ligne=fgetcsv($fp,128);
$copie=$ligne[0];
}
}
}
//affichage du formulaire
header_crypto_html("Redirection des mails");
aff_trailer ("5");
if (! preg_match("#^[A-Za-z0-9._-]{3,19}$#", $log2)) {
echo '<div class="error_msg">Le login n\'est pas conforme</div>';
exit;
}
?>
<script type="text/javascript">
function writediv(texte)
{
document.getElementById('bouton').innerHTML = texte;
}
function test_emb_send_mail (my_email) {
var new_string = new String(my_email);
if ((!new_string.match('^[-_\.0-9a-zA-Z]{1,}@[-_\.0-9a-zA-Z]{1,}[\.][0-9a-zA-Z]{2,}$')) && (my_email!="")) {
return writediv(' <div class="error_msg"> Entrez une adresse valide</div>');
if (count($_POST)>0) {
//configuration objet
include ("../lcs/includes/htmlpurifier/library/HTMLPurifier.auto.php");
$config = HTMLPurifier_Config::createDefault();
$purifier = new HTMLPurifier($config);
//purification des variables
$prefix=$purifier->purify($_POST['prefix']);
$categorie=$purifier->purify($_POST['categorie']);
$intitule=$purifier->purify($_POST['intitule']);
$description=$purifier->purify($_POST['description']);
$add_group=$purifier->purify($_POST['add_group']);
}
header_html();
aff_trailer ("6");
if (is_admin("Annu_is_admin",$login)=="Y") {
// Ajout d'un groupe d'utilisateurs
if ( (!$add_group) ||( ($add_group) && ( (!$description || !verifDescription($description) ) ||(!$intitule || !verifIntituleGrp ($intitule)) ) ) ) {
?>
<form action="add_group.php" method="post">
<table border="0">
<tbody>
<tr>
<td>Préfix:</td>
<td valign="top"><input type="text" name="prefix" size="2"> <font color="orange"><u>Exemple</u> : <b>LP, LT</b></font></td>
</tr>
<tr>
<td>Catégorie:</td>
<td valign="top">
<select name="categorie">
Consultation/ Gestion de l'annuaire LDAP
Equipe Tice academie de Caen
Distribue selon les termes de la licence GPL
Derniere modification : 23/05/2014
============================================= */
include "includes/check-token.php";
if (!check_acces()) exit;
$login=$_SESSION['login'];
include "../lcs/includes/headerauth.inc.php";
include "includes/ldap.inc.php";
include "includes/ihm.inc.php";
include "../lcs/includes/jlcipher.inc.php";
header_crypto_html("Creation utilisateur");
aff_trailer ("7");
$userpwd=$naissance=$nom=$prenom=false;
if ( count($_POST)>0 ) {
//configuration objet
include ("../lcs/includes/htmlpurifier/library/HTMLPurifier.auto.php");
$config = HTMLPurifier_Config::createDefault();
$purifier = new HTMLPurifier($config);
//purification des variables
if ( isset($_POST['nom'])) $nom=$purifier->purify($_POST['nom']);
if ( isset($_POST['prenom'])) $prenom=$purifier->purify($_POST['prenom']);
if ( isset($_POST['naissance'])) $naissance=$purifier->purify($_POST['naissance']);
if ( isset($_POST['sexe'])) $sexe=$purifier->purify($_POST['sexe']);
if ( isset($_POST['categorie'])) $categorie=$purifier->purify($_POST['categorie']);
if ( isset($_POST['add_user'])) $add_user=$purifier->purify($_POST['add_user']);
$string_auth=( isset($_POST['string_auth'])) ? $purifier->purify($_POST['string_auth']) :"";
$string_auth1=( isset($_POST['string_auth1'])) ? $purifier->purify($_POST['string_auth1']) :"";
if ( count($_GET)>0 || count($_POST)>0 ) {
//configuration objet
include ("../lcs/includes/htmlpurifier/library/HTMLPurifier.auto.php");
$config = HTMLPurifier_Config::createDefault();
$purifier = new HTMLPurifier($config);
//purification des variables
if ( count($_POST['new_uids'])>0 ) $new_uids=$purifier->purifyArray($_POST['new_uids']);
if ( isset($_POST['cn'])) $cn = $purifier->purify($_POST['cn']);
elseif ( isset($_GET['cn'])) $cn = $purifier->purify($_GET['cn']);
if ( isset($_POST['add_list_users_group'])) $add_list_users_group=$purifier->purify($_POST['add_list_users_group']);
}
header_html();
aff_trailer ("31");
if (is_admin("Annu_is_admin",$login)=="Y") {
if ( !$add_list_users_group ) {
echo "<H4>Ajouter des membres au groupe : $cn</H4>\n";
// cas d'un groupe de type Equipe
if ( mb_ereg ("Equipe_", $cn) ) {
// Recherche de la liste des uid des membres de ce groupe
$uids_act = search_uids ("(cn=$cn)","half");
// Reherche de la liste des professeurs
$uids_profs = search_uids ("(cn=Profs)","half");
// Constitution d'un tableau excluant les membres actuels
$k=0;
for ($i=0; $i < count($uids_profs); $i++ ) {
for ($j=0; $j < count($uids_act); $j++ ) {
if ( $uids_profs[$i]["uid"] == $uids_act[$j]["uid"] ) {
