Example #1
0
$dn = rawurldecode($_POST['dn']);
$server_id = $_POST['server_id'];
$attr = $_POST['attr'];
$val = $_POST['val'];
$val = utf8_encode($val);
$encoded_dn = rawurlencode($dn);
$encoded_attr = rawurlencode($attr);
$is_binary_val = isset($_POST['binary']) ? true : false;
if (!$is_binary_val && $val == "") {
    pla_error("You left the attribute value blank. Please go back and try again.");
}
if (is_server_read_only($server_id)) {
    pla_error("You cannot perform updates while server is in read-only mode");
}
check_server_id($server_id) or pla_error("Bad server_id: " . htmlspecialchars($server_id));
have_auth_info($server_id) or pla_error("Not enough information to login to server. Please check your configuration.");
// special case for binary attributes (like jpegPhoto and userCertificate):
// we must go read the data from the file and override $val with the binary data
if ($is_binary_val) {
    $file = $_FILES['val']['tmp_name'];
    $f = fopen($file, 'r');
    $binary_data = fread($f, filesize($file));
    fclose($f);
    $val = $binary_data;
}
// Automagically hash new userPassword attributes according to the
// chosen in config.php.
if (0 == strcasecmp($attr, 'userpassword')) {
    if ($servers[$server_id]['default_hash'] != '') {
        $enc_type = $servers[$server_id]['default_hash'];
        $new_val = password_hash($new_val, $enc_type);
Example #2
0
        $up_href = "entry_chooser.php?form_element={$return_form_element}&server_id={$server_id}&container=" . rawurlencode($parent_container);
    }
    echo "&nbsp;<a href=\"{$up_href}\" style=\"text-decoration:none\">" . "<img src=\"images/up.png\"> Back Up...</a><br />\n";
    if (count($dn_list) == 0) {
        echo "&nbsp;&nbsp;&nbsp;(no entries)<br />\n";
    } else {
        foreach ($dn_list as $dn) {
            $href = "javascript:returnDN( '{$dn}' )";
            echo "&nbsp;&nbsp;&nbsp;<a href=\"entry_chooser.php?form_element={$return_form_element}" . "&amp;server_id={$server_id}&amp;container=" . rawurlencode($dn) . "\"><img src=\"images/plus.png\" /></a> " . "<a href=\"{$href}\">" . htmlspecialchars($dn) . "</a><br />\n";
        }
    }
} else {
    foreach ($servers as $id => $server) {
        if ($server['host']) {
            echo "<b>" . htmlspecialchars($server['name']) . "</b><br />\n";
            if (!have_auth_info($id)) {
                echo "<small>&nbsp;&nbsp;&nbsp;(Not logged in)</small><br />";
            } else {
                $dn = $server['base'] ? $server['base'] : try_to_get_root_dn($id);
                if (!$dn) {
                    echo "<small>&nbsp;&nbsp;&nbsp;(Could not determine base DN)</small><br />";
                } else {
                    $href = "javascript:returnDN( '{$dn}' )";
                    echo "&nbsp;&nbsp;&nbsp;<a href=\"entry_chooser.php?form_element=" . "{$return_form_element}&amp;server_id={$id}&amp;container=" . rawurlencode($dn) . "\"><img src=\"images/plus.png\" /></a> " . "<a href=\"{$href}\">" . htmlspecialchars($dn) . "</a><br />\n";
                }
            }
        }
    }
}
// added by PD. 14082003,
// adding the element access allows it to work with javascript arrays
Example #3
0
?>

</center>

<?php 
flush();
?>

<?php 
if ($_GET['search']) {
    if ($form == 'advanced') {
        $search_result_attributes = isset($_GET['display_attrs']) ? $_GET['display_attrs'] : $search_result_attributes;
        process_config();
    }
    // do we have enough authentication information for the specified server_id
    if (!have_auth_info($server_id)) {
        $login_url = "login_form.php?server_id={$server_id}&amp;redirect=" . rawurlencode($_SERVER['REQUEST_URI']);
        ?>
		<center>
		<br />
		You haven't logged into server <b><?php 
        echo htmlspecialchars($servers[$server_id]['name']);
        ?>
</b>
		yet. Go to the <a href="<?php 
        echo $login_url;
        ?>
">login form</a> to do so.
		</center>
		<?php 
        exit;
Example #4
0
 *  - dn (rawurlencoded)
 *  - server_id
 *  - new_oclass
 *  - new_attrs (array, if any)
 */
require 'common.php';
$dn = rawurldecode($_POST['dn']);
$encoded_dn = rawurlencode($dn);
$new_oclass = $_POST['new_oclass'];
$server_id = $_POST['server_id'];
$new_attrs = $_POST['new_attrs'];
if (is_server_read_only($server_id)) {
    pla_error($lang['no_updates_in_read_only_mode']);
}
check_server_id($server_id) or pla_error($lang['bad_server_id']);
have_auth_info($server_id) or pla_error($lang['not_enough_login_info']);
$new_entry = array();
$new_entry['objectClass'] = $new_oclass;
$new_attrs_entry = array();
$new_oclass_entry = array('objectClass' => $new_oclass);
if (is_array($new_attrs) && count($new_attrs) > 0) {
    foreach ($new_attrs as $attr => $val) {
        $new_entry[$attr] = $val;
    }
}
//echo "<pre>";
//print_r( $new_entry );
//exit;
$ds = pla_ldap_connect($server_id) or pla_error($lang['could_not_connect']);
$add_res = @ldap_mod_add($ds, $dn, $new_entry);
if (!$add_res) {
Example #5
0
 // Draw the quick-links below the server name:
 // ( schema | search | refresh | create )
 echo '<tr><td colspan="100" class="links">';
 echo '<nobr>';
 echo '( ';
 echo '<a title="' . $lang['view_schema_for'] . ' ' . $server_name . '"' . ' href="' . $schema_href . '">' . $lang['schema'] . '</a> | ';
 echo '<a title="' . $lang['search'] . ' ' . $server_name . '"' . ' href="' . $search_href . '">' . $lang['search'] . '</a> | ';
 echo '<a title="' . $lang['refresh_expanded_containers'] . ' ' . $server_name . '"' . ' href="' . $refresh_href . '">' . $lang['refresh'] . '</a> | ';
 echo '<a title="' . $lang['create_new_entry_on'] . ' ' . $server_name . '"' . ' href="' . $create_href . '" target="right_frame">create</a> | ';
 echo '<a title="' . $lang['view_server_info'] . '" target="right_frame"' . 'href="' . $info_href . '">' . $lang['info'] . '</a> | ';
 echo '<a title="' . $lang['import_from_ldif'] . '" target="right_frame"' . 'href="' . $import_href . '">' . $lang['import'] . '</a>';
 if ($servers[$server_id]['auth_type'] == 'form') {
     echo ' | <a title="' . $lang['logout_of_this_server'] . '" href="' . $logout_href . '" target="right_frame">' . $lang['logout'] . '</a>';
 }
 echo ' )</nobr></td></tr>';
 if ($servers[$server_id]['auth_type'] == 'form' && have_auth_info($server_id)) {
     echo "<tr><td class=\"links\" colspan=\"100\"><nobr>" . $lang['logged_in_as'] . htmlspecialchars(get_logged_in_dn($server_id)) . "</nobr></td></tr>";
 }
 if (is_server_read_only($server_id)) {
     echo "<tr><td class=\"links\" colspan=\"100\"><nobr>" . "(" . $lang['read_only'] . ")</nobr></td></tr>";
 }
 // Fetch and display the base DN for this server
 //$rdn = utf8_decode( $dn );
 if (null == $servers[$server_id]['base']) {
     $base_dn = try_to_get_root_dn($server_id);
 } else {
     $base_dn = $servers[$server_id]['base'];
 }
 // Did we get a base_dn for this server somehow?
 if ($base_dn) {
     // is the root of the tree expanded already?
Example #6
0
<?php

/*
 * refresh.php
 * This script alters the session variable 'tree', by re-querying
 * the LDAP server to grab the contents of every expanded container.
 *
 * Variables that come in as GET vars:
 *  - server_id
 */
require 'common.php';
$server_id = $_GET['server_id'];
if (!check_server_id($server_id) || !have_auth_info($server_id)) {
    header("Location: tree.php");
}
session_start();
if (!session_is_registered('tree')) {
    header("Location: tree.php");
}
$tree = $_SESSION['tree'];
$tree_icons = $_SESSION['tree_icons'];
// Get the icon for the base object for this server
$base_dn = $servers[$server_id]['base'];
$tree_icons[$server_id][$base_dn] = get_icon($server_id, $base_dn);
// get all the icons and container contents for all expanded entries
if ($tree[$server_id] && is_array($tree[$server_id])) {
    foreach ($tree[$server_id] as $dn => $children) {
        $tree[$server_id][$dn] = get_container_contents($server_id, $dn);
        foreach ($tree[$server_id][$dn] as $child_dn) {
            $tree_icons[$server_id][$child_dn] = get_icon($server_id, $child_dn);
        }
Example #7
0
<?php

/*
 * logout.php
 * For servers whose auth_type is set to 'form'. Pass me 
 * the server_id and I will log out the user (delete the cookie)
 *
 * Variables that come in as GET vars:
 *  - server_id
 */
require 'common.php';
$server_id = $_GET['server_id'];
check_server_id($server_id) or pla_error("Bad server_id: " . htmlspecialchars($server_id));
have_auth_info($server_id) or pla_error("No one is logged in to that server.");
$logged_in_dn = get_logged_in_dn($server_id);
$logged_in_pass = get_logged_in_pass($server_id);
$anon_bind = $logged_in_dn == 'Anonymous' ? true : false;
$expire = time() - 3600;
if ($anon_bind) {
    $res1 = setcookie("pla_login_dn_{$server_id}", '0', $expire, dirname($_SERVER['PHP_SELF']));
    $res2 = setcookie("pla_pass_{$server_id}", '0', $expire, dirname($_SERVER['PHP_SELF']));
} else {
    $res1 = setcookie("pla_login_dn_{$server_id}", $logged_in_dn, $expire, dirname($_SERVER['PHP_SELF']));
    $res2 = setcookie("pla_pass_{$server_id}", $logged_in_pass, $expire, dirname($_SERVER['PHP_SELF']));
}
if (!$res1 || !$res2) {
    pla_error("Could not delete cookie!");
}
?>

<html>
Example #8
0
function try_to_get_root_dn($server_id)
{
    if (!have_auth_info($server_id)) {
        return false;
    }
    $ds = pla_ldap_connect($server_id);
    if (!$ds) {
        return false;
    }
    $r = @ldap_read($ds, '', 'objectClass=*', array('namingContexts'));
    if (!$r) {
        return false;
    }
    $r = @ldap_get_entries($ds, $r);
    if (isset($r[0]['namingcontexts'][0])) {
        $root_dn = $r[0]['namingcontexts'][0];
        return $root_dn;
    } else {
        return false;
    }
}