//purification des variables if ( count($_GET)>0) $uid=$purifier->purify($_GET['cn']); if (count($_POST)>0 ) { $uid=$purifier->purify($_POST['cn']); $action=$purifier->purify($_POST['action']); if ( isset($_POST['delrights']) ) $delrights=$purifier->purifyArray($_POST['delrights']); if ( isset($_POST['newrights']) ) $newrights=$purifier->purifyArray($_POST['newrights']); } } header_html(); $filtre = "8_".$uid; aff_trailer ("3"); if (ldap_get_right("lcs_is_admin",$login)=="Y") { // Ajoute un droit if ($action == "AddRights") { // Inscription des droits dans l'annuaire echo "<h3>".gettext("Inscription des droits pour")." <u>$uid</u></h3>"; echo "<p>".gettext("Vous avez sélectionné ") ."". count($newrights)."".gettext(" droit(s)")."<br />\n"; for ($loop=0; $loop < count($newrights); $loop++) { $right=$newrights[$loop]; echo gettext("Délégation du droit")." <u>$right</u> ".gettext("à l'utilisateur")." $uid<br />"; $cDn = "cn=$uid,$groupsRdn,$ldap_base_dn"; $pDn = "cn=$right,$rightsRdn,$ldap_base_dn"; exec ("$scriptsbinpath/groupAddEntry.pl ". escapeshellarg($cDn) . " ". escapeshellarg($pDn)); echo "<br />";
/* ============================================= Projet LCS-SE3 Consultation/ Gestion de l'annuaire LDAP Equipe Tice academie de Caen Distribue selon les termes de la licence GPL Derniere modification : 04/04/2014 ============================================= */ include "includes/check-token.php"; if (!check_acces()) exit; include "../lcs/includes/headerauth.inc.php"; include "includes/ldap.inc.php"; include "includes/ihm.inc.php"; header_html(); aff_trailer ("2"); ?> <H2>Rechercher un utilisateur</H2> <form action="peoples_list.php" method = post> <table> <tbody> <tr> <td>Nom complet :</td> <td> <select name="priority_surname"> <option value="contient">contient</option> <option value="commence">commence par</option> <option value="finit">finit par</option> </select> </td> <td><input type="text" name="prenom"></td>
$mod_entry=$purifier->purify($_POST['mod_entry']); } $login=$_SESSION['login']; $jeton_mod_user=md5($_SESSION['token'].htmlentities("/Annu/mod_user_entry.php")); // Recuperation des entrees de l'utilisateur a modifier $people_attr=people_get_variables ($login, false); $people_attr[0]["prenom"]=getprenom($people_attr[0]["fullname"],$people_attr[0]["nom"]); if (is_admin("Annu_is_admin",$login)=="Y") { // Redirection vers mod_user_entry.php header("Location:mod_user_entry.php?uid=$login&jeton=$jeton_mod_user");exit; } else { header_html(); aff_trailer ("4"); // Changement uniquement du pseudo pour l'utilisateur de �base� if ( (!$mod_entry) || ( $mod_entry && ( !$pseudo || !verifPseudo($pseudo) ) ) ) { ?> <form action="mod_entry.php" method="post"> <table border="0" width="90%" align="center"> <tbody> <tr> <td width="30%" >Nom :</td> <td width="20%"><strong><?php echo $people_attr[0]["nom"] ?></strong></td> <td></td> </tr> <tr> <td>Prénom :</td> <td><strong><?php echo $people_attr[0]["prenom"] ?></strong></td> <td></td>
//configuration objet include ("../lcs/includes/htmlpurifier/library/HTMLPurifier.auto.php"); $config = HTMLPurifier_Config::createDefault(); $purifier = new HTMLPurifier($config); //purification des variables if ( isset($_POST['cn'])) $cn=$purifier->purify($_POST['cn']); if ( isset($_POST['description'])) $description=$purifier->purify($_POST['description']); if ( isset($_POST['intitule'])) $intitule=$purifier->purify($_POST['intitule']); if ( isset($_POST['action'])) $action=$purifier->purify($_POST['action']); if ( isset($_POST['classe_gr'])) $classe_gr=$purifier->purifyArray($_POST['classe_gr']); if ( isset($_POST['equipe_gr'])) $equipe_gr=$purifier->purifyArray($_POST['equipe_gr']); if ( isset($_POST['autres_gr'])) $autres_gr=$purifier->purifyArray($_POST['autres_gr']); } header_html(); aff_trailer ("8"); if (is_admin("Annu_is_admin",$login)=="Y") { if (isset($classe_gr)) for ($loop=0; $loop < count ($classe_gr) ; $loop++) { $filter[$loop]=$classe_gr[$loop]; } $index=$loop; if (isset($equipe_gr))for ($loop=0; $loop < count ($equipe_gr) ; $loop++) { $filter[$index+$loop]=$equipe_gr[$loop]; } $index=$index+$loop; if (isset($autres_gr))for ($loop=0; $loop < count ($autres_gr) ; $loop++) { $filter[$index+$loop]=$autres_gr[$loop]; }
$html = "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\n"; $html .= "<html>\n"; $html .= " <head>\n"; $html .= " <title>...::: Interface d'administration Serveur LCS :::...</title>\n"; $html .= " <meta HTTP-EQUIV=\"Content-Type\" CONTENT=\"tetx/html; charset=utf-8\">\n"; echo $html; // Redirection vers phase suivante, gestion du «sablier» if( $phase == 1 ) echo "<meta HTTP-EQUIV=\"Refresh\" CONTENT=\"1;url='".$_SERVER['PHP_SELF']."?phase=2&shell_orig=$shell_orig&shell_mod=$shell_mod&jeton=".md5($_SESSION['token'].htmlentities($_SERVER['PHP_SELF']))."'\">\n"; $html = " <link href='style.css' rel='StyleSheet' type='text/css'>\n"; $html .= " </head>\n"; $html .= " <body>\n"; $html .= "<div>\n"; echo $html; aff_trailer ("1"); if (is_admin("Annu_is_admin",$login)=="Y") { if ( $phase !=1 ) { $html = "<h3>Modification du shell des utilisateurs :</h3>\n"; // Affichage du formulaire de selection du shell $html .= "<div style=\"margin-left: 50px;\">\n"; $html .= "<form name = \"shellmod\" action=\"mod_shell.php\" method=\"post\">\n"; $html .= "de \n"; $html .= "<select name=\"shell_orig\">\n"; $html .= " <option>/bin/bash</option>\n"; $html .= " <option selected>/bin/true</option>\n"; //$html .= " <option>/usr/lib/sftp-server</option>\n"; $html .= "</select> \n"; $html .= "en \n"; $html .= "<select name=\"shell_mod\">\n"; $html .= " <option>/bin/bash</option>\n";
{ echo "<div class='error_msg'> L\'opération a échoué</div>"; } else { $redirect=fgetcsv($fp,128); $adresse=$redirect[0]; $ligne=fgetcsv($fp,128); $copie=$ligne[0]; } } } //affichage du formulaire header_crypto_html("Redirection des mails"); aff_trailer ("5"); if (! preg_match("#^[A-Za-z0-9._-]{3,19}$#", $log2)) { echo '<div class="error_msg">Le login n\'est pas conforme</div>'; exit; } ?> <script type="text/javascript"> function writediv(texte) { document.getElementById('bouton').innerHTML = texte; } function test_emb_send_mail (my_email) { var new_string = new String(my_email); if ((!new_string.match('^[-_\.0-9a-zA-Z]{1,}@[-_\.0-9a-zA-Z]{1,}[\.][0-9a-zA-Z]{2,}$')) && (my_email!="")) { return writediv(' <div class="error_msg"> Entrez une adresse valide</div>');
if (count($_POST)>0) { //configuration objet include ("../lcs/includes/htmlpurifier/library/HTMLPurifier.auto.php"); $config = HTMLPurifier_Config::createDefault(); $purifier = new HTMLPurifier($config); //purification des variables $prefix=$purifier->purify($_POST['prefix']); $categorie=$purifier->purify($_POST['categorie']); $intitule=$purifier->purify($_POST['intitule']); $description=$purifier->purify($_POST['description']); $add_group=$purifier->purify($_POST['add_group']); } header_html(); aff_trailer ("6"); if (is_admin("Annu_is_admin",$login)=="Y") { // Ajout d'un groupe d'utilisateurs if ( (!$add_group) ||( ($add_group) && ( (!$description || !verifDescription($description) ) ||(!$intitule || !verifIntituleGrp ($intitule)) ) ) ) { ?> <form action="add_group.php" method="post"> <table border="0"> <tbody> <tr> <td>Préfix:</td> <td valign="top"><input type="text" name="prefix" size="2"> <font color="orange"><u>Exemple</u> : <b>LP, LT</b></font></td> </tr> <tr> <td>Catégorie:</td> <td valign="top"> <select name="categorie">
Consultation/ Gestion de l'annuaire LDAP Equipe Tice academie de Caen Distribue selon les termes de la licence GPL Derniere modification : 23/05/2014 ============================================= */ include "includes/check-token.php"; if (!check_acces()) exit; $login=$_SESSION['login']; include "../lcs/includes/headerauth.inc.php"; include "includes/ldap.inc.php"; include "includes/ihm.inc.php"; include "../lcs/includes/jlcipher.inc.php"; header_crypto_html("Creation utilisateur"); aff_trailer ("7"); $userpwd=$naissance=$nom=$prenom=false; if ( count($_POST)>0 ) { //configuration objet include ("../lcs/includes/htmlpurifier/library/HTMLPurifier.auto.php"); $config = HTMLPurifier_Config::createDefault(); $purifier = new HTMLPurifier($config); //purification des variables if ( isset($_POST['nom'])) $nom=$purifier->purify($_POST['nom']); if ( isset($_POST['prenom'])) $prenom=$purifier->purify($_POST['prenom']); if ( isset($_POST['naissance'])) $naissance=$purifier->purify($_POST['naissance']); if ( isset($_POST['sexe'])) $sexe=$purifier->purify($_POST['sexe']); if ( isset($_POST['categorie'])) $categorie=$purifier->purify($_POST['categorie']); if ( isset($_POST['add_user'])) $add_user=$purifier->purify($_POST['add_user']); $string_auth=( isset($_POST['string_auth'])) ? $purifier->purify($_POST['string_auth']) :""; $string_auth1=( isset($_POST['string_auth1'])) ? $purifier->purify($_POST['string_auth1']) :"";
if ( count($_GET)>0 || count($_POST)>0 ) { //configuration objet include ("../lcs/includes/htmlpurifier/library/HTMLPurifier.auto.php"); $config = HTMLPurifier_Config::createDefault(); $purifier = new HTMLPurifier($config); //purification des variables if ( count($_POST['new_uids'])>0 ) $new_uids=$purifier->purifyArray($_POST['new_uids']); if ( isset($_POST['cn'])) $cn = $purifier->purify($_POST['cn']); elseif ( isset($_GET['cn'])) $cn = $purifier->purify($_GET['cn']); if ( isset($_POST['add_list_users_group'])) $add_list_users_group=$purifier->purify($_POST['add_list_users_group']); } header_html(); aff_trailer ("31"); if (is_admin("Annu_is_admin",$login)=="Y") { if ( !$add_list_users_group ) { echo "<H4>Ajouter des membres au groupe : $cn</H4>\n"; // cas d'un groupe de type Equipe if ( mb_ereg ("Equipe_", $cn) ) { // Recherche de la liste des uid des membres de ce groupe $uids_act = search_uids ("(cn=$cn)","half"); // Reherche de la liste des professeurs $uids_profs = search_uids ("(cn=Profs)","half"); // Constitution d'un tableau excluant les membres actuels $k=0; for ($i=0; $i < count($uids_profs); $i++ ) { for ($j=0; $j < count($uids_act); $j++ ) { if ( $uids_profs[$i]["uid"] == $uids_act[$j]["uid"] ) {