public function pre_process($person)
{
parent::pre_process($person);
/* IF user is not subscirber- or nren-admin, we stop here */
if (!($this->person->isSubscriberAdmin() || $this->person->isNRENAdmin())) {
return false;
}
if (isset($_POST['setting'])) {
switch ($_POST['setting']) {
case 'nren_contact':
if ($this->person->isNRENAdmin()) {
if (array_key_exists('contact_email', $_POST)) {
$this->form_data['contact_email'] = Input::sanitizeEmail($_POST['contact_email']);
if ($_POST['contact_email'] !== $this->form_data['contact_email']) {
$this->displayInvalidCharError($_POST['contact_email'], $_POST['contact_email'], 'l10n_label_contactemail');
$this->form_data['contact_email'] = "";
$this->validationError = true;
}
}
if (array_key_exists('contact_phone', $_POST)) {
$this->form_data['contact_phone'] = Input::sanitizePhone($_POST['contact_phone']);
if ($_POST['contact_phone'] !== $this->form_data['contact_phone']) {
$this->displayInvalidCharError($_POST['contact_phone'], $this->form_data['contact_phone'], 'l10n_label_contactphone');
$this->form_data['contact_phone'] = "";
$this->validationError = true;
}
}
if (array_key_exists('cert_phone', $_POST)) {
$this->form_data['sanitizedCertPhone'] = Input::sanitizePhone($_POST['cert_phone']);
if ($_POST['cert_phone'] != $this->form_data['sanitizedCertPhone']) {
$this->displayInvalidCharError($_POST['cert_phone'], $this->form_data['sanitizedCertPhone'], 'l10n_label_certphone');
$this->form_data['sanitizedCertPhone'] = "";
$this->validationError = true;
}
}
if (array_key_exists('cert_email', $_POST)) {
$this->form_data['sanitizedCertEmail'] = Input::sanitizeEmail($_POST['cert_email']);
if ($_POST['cert_email'] != $this->form_data['sanitizedCertEmail']) {
$this->displayInvalidCharError($_POST['cert_email'], $this->form_data['sanitizedCertEmail'], 'l10n_label_certmail');
$this->form_data['sanitizedCertEmail'] = "";
$this->validationError = true;
}
}
if (array_key_exists('url', $_POST)) {
$this->form_data['sanitizedURL'] = Input::sanitizeURL($_POST['url']);
if ($_POST['url'] != $this->form_data['sanitizedURL']) {
$this->displayInvalidCharError($_POST['url'], $this->form_data['sanitizedURL'], 'l10n_label_nrenurl');
$this->form_data['sanitizedURL'] = "";
$this->validationError = true;
}
}
if (array_key_exists('wayf_url', $_POST)) {
$this->form_data['sanitizedWAYF'] = Input::sanitizeURL($_POST['wayf_url']);
if ($_POST['wayf_url'] != $this->form_data['sanitizedWAYF']) {
$this->displayInvalidCharError($_POST['wayf_url'], $this->form_data['sanitizedWAYF'], 'l10n_label_wayfurl');
$this->form_data['sanitizedWAYF'] = "";
$this->validationError = true;
}
}
if (array_key_exists('enable_email', $_POST) && isset($_POST['enable_email'])) {
if (Config::get_config('cert_product') == PRD_PERSONAL) {
if (array_key_exists($_POST['enable_email'], $this->PERSONAL_MAILOPTIONS)) {
$this->form_data['enable_email'] = $_POST['enable_email'];
}
} else {
if (array_key_exists($_POST['enable_email'], $this->ESCIENCE_MAILOPTIONS)) {
$this->form_data['enable_email'] = $_POST['enable_email'];
}
}
}
if (array_key_exists('reauth_timeout', $_POST) && isset($_POST['reauth_timeout'])) {
$this->form_data['reauth_timeout'] = Input::sanitizeNumeric($_POST['reauth_timeout']);
}
if (isset($_POST['cert_validity']) && array_search($_POST['cert_validity'], ConfusaConstants::$CAPI_VALID_PERSONAL) !== FALSE) {
$this->form_data['cert_validity'] = $_POST['cert_validity'];
}
if (isset($_POST['language'])) {
$this->form_data['language'] = Input::sanitizeLangCode($_POST['language']);
}
/* don't continue if information has been stripped */
if ($this->validation_error) {
return;
}
if ($this->updateNRENContact()) {
Framework::success_output($this->translateTag('l10n_suc_updatenren', 'contactinfo') . " " . $this->person->getNREN()->getName());
}
}
break;
case 'subscriber_contact':
if ($this->person->isSubscriberAdmin()) {
$sanitizedMail = Input::sanitizeEmail($_POST['contact_email']);
$sanitizedPhone = Input::sanitizePhone($_POST['contact_phone']);
$sanitizedRespName = Input::sanitizePersonName($_POST['resp_name']);
$sanitizedRespMail = Input::sanitizeEmail($_POST['resp_email']);
$sanitizedHelpdeskURL = Input::sanitizeURL($_POST['helpdesk_url']);
$sanitizedHelpdeskMail = Input::sanitizeEmail($_POST['helpdesk_email']);
$this->validationError = false;
if ($_POST['contact_email'] != $sanitizedMail) {
$this->displayInvalidCharError($_POST['contact_email'], $sanitizedMail, 'l10n_label_contactemail');
$this->validationError = true;
}
if ($_POST['contact_phone'] != $sanitizedPhone) {
$this->displayInvalidCharError($_POST['contact_phone'], $sanitizedPhone, 'l10n_label_contactphone');
$this->validationError = true;
}
if ($_POST['resp_name'] != $sanitizedRespName) {
$this->displayInvalidCharError($_POST['resp_name'], $sanitizedRespName, 'l10n_label_respname');
$this->validationError = true;
}
if ($_POST['resp_email'] != $sanitizedRespMail) {
$this->displayInvalidCharError($_POST['resp_email'], $sanitizedRespMail, 'l10n_label_respemail');
$this->validationError = true;
}
if ($_POST['helpdesk_url'] != $sanitizedHelpdeskURL) {
$this->displayInvalidCharError($_POST['helpdesk_url'], $sanitizedHelpdeskURL, 'l10n_label_helpdeskurl');
$this->validationError = true;
}
if ($_POST['helpdesk_email'] != $sanitizedHelpdeskMail) {
$this->displayInvalidCharError($_POST['helpdesk_email'], $sanitizedHelpdeskMail, 'l10n_label_helpemail');
$this->validationError = true;
}
/*
* don't continue if data got stripped
*/
if ($this->validationError) {
return;
}
$this->updateSubscriberContact($sanitizedMail, $sanitizedPhone, $sanitizedRespName, $sanitizedRespMail, $sanitizedHelpdeskURL, $sanitizedHelpdeskMail, Input::sanitizeLangCode($_POST['language']));
}
break;
default:
Framework::error_output("Unknown action (" . htmlentities($_POST['setting']) . ")");
break;
}
}
}
public function pre_process($person)
{
parent::pre_process($person);
/* If user is not subscriber- or nren-admin, we stop here */
if (!$this->person->isNRENAdmin()) {
return false;
}
/* are we running in grid-mode? We must check this before we do
* any other processing */
if (Config::get_config('cert_product') == PRD_ESCIENCE) {
$this->tpl->assign('confusa_grid_restrictions', true);
} else {
$this->tpl->assign('confusa_grid_restrictions', false);
}
/* if the function exists due to failed field validation, it should
* display all affected fiels. Everything else is very annoying for
* the user.
*/
$this->validationErrors = false;
/* handle nren-flags */
if (isset($_POST['subscriber'])) {
if (isset($_POST['id'])) {
$id = Input::sanitizeID($_POST['id']);
}
if (isset($_POST['state'])) {
$state = Input::sanitizeOrgState($_POST['state']);
}
if (isset($_POST['db_name'])) {
$db_name_trim = trim($_POST['db_name']);
$this->form_data['db_name'] = htmlentities($db_name_trim);
if ($this->form_data['db_name'] != $db_name_trim) {
$this->displayInvalidCharError($db_name_trim, $this->form_data['db_name'], 'l10n_heading_attnm');
$this->form_data['db_name'] = "";
$this->form_data['db_name_invalid'] = true;
$this->validationErrors = true;
}
}
/* db_name */
if (isset($_POST['dn_name'])) {
$dn_name_trim = trim($_POST['dn_name']);
/* personal certificates may have UTF-8 chars in the DN */
if (Config::get_config('cert_product') == PRD_PERSONAL) {
$this->form_data['dn_name'] = mysql_real_escape_string($dn_name_trim);
} else {
$this->form_data['dn_name'] = Input::sanitizeOrgName($dn_name_trim);
}
/* warn user if characters got sanitized away */
if ($this->form_data['dn_name'] != $dn_name_trim) {
$this->displayInvalidCharError($dn_name_trim, $this->form_data['dn_name'], 'l10n_heading_dnoname');
$this->form_data['dn_name'] = "";
$this->form_data['dn_name_invalid'] = true;
$this->validationErrors = true;
}
}
/* dn_name */
if (isset($_POST['subscr_email']) && $_POST['subscr_email'] != "") {
$subscr_email_trim = trim($_POST['subscr_email']);
$this->form_data['subscr_email'] = Input::sanitizeEmail($subscr_email_trim);
if ($this->form_data['subscr_email'] != $subscr_email_trim) {
$this->displayInvalidCharError($subscr_email_trim, $this->form_data['subscr_email'], 'l10n_label_contactemail');
$this->form_data['subscr_email'] = "";
$this->form_data['subscr_email_invalid'] = true;
$this->validationErrors = true;
}
}
/* subscr_email */
if (isset($_POST['subscr_phone']) && $_POST['subscr_phone'] != "") {
$subscr_phone_trim = trim($_POST['subscr_phone']);
$this->form_data['subscr_phone'] = Input::sanitizePhone($subscr_phone_trim);
if ($this->form_data['subscr_phone'] != $subscr_phone_trim) {
$this->displayInvalidCharError($subscr_phone_trim, $this->form_data['subscr_phone'], 'l10n_label_contactphone');
$this->form_data['subscr_phone'] = "";
$this->form_data['subscr_phone_invalid'] = true;
$this->validationErrors = true;
}
}
/* subscr_phone */
if (isset($_POST['subscr_responsible_name']) && $_POST['subscr_responsible_name'] != "") {
$subscr_responsible_name_trim = trim($_POST['subscr_responsible_name']);
$this->form_data['subscr_responsible_name'] = Input::sanitizePersonName($subscr_responsible_name_trim);
if ($this->form_data['subscr_responsible_name'] != $subscr_responsible_name_trim) {
$this->displayInvalidCharError($subscr_responsible_name_trim, $this->form_data['subscr_responsible_name'], 'l10n_heading_resppers');
$this->form_data['subscr_responsible_name'] = "";
$this->form_data['subscr_responsible_name_invalid'] = true;
$this->validationErrors = true;
}
}
/* subscr_responsible_name */
if (isset($_POST['subscr_responsible_email']) && $_POST['subscr_responsible_email'] != "") {
$subscr_responsible_email_trim = trim($_POST['subscr_responsible_email']);
$this->form_data['subscr_responsible_email'] = Input::sanitizeEmail($subscr_responsible_email_trim);
if ($this->form_data['subscr_responsible_email'] != $subscr_responsible_email_trim) {
$this->displayInvalidCharError($subscr_responsible_email_trim, $this->form_data['subscr_responsible_email'], 'l10n_label_respemail');
$this->validationErrors = true;
}
}
/* subscr_responsible_email */
if (isset($_POST['subscr_comment']) && $_POST['subscr_comment'] != "") {
$this->form_data['subscr_comment'] = Input::sanitizeText(trim($_POST['subscr_comment']));
}
if (isset($_POST['subscr_help_url']) && $_POST['subscr_help_url'] != "") {
$subscr_help_url_trim = trim($_POST['subscr_help_url']);
$this->form_data['subscr_help_url'] = Input::sanitizeURL($subscr_help_url_trim);
if ($this->form_data['subscr_help_url'] != $subscr_help_url_trim) {
$this->displayInvalidCharError($subscr_help_url_trim, $this->form_data['subscr_help_url'], 'l10n_label_helpdeskurl');
$this->form_data['subscr_help_url'] = "";
$this->form_data['subscr_help_url_invalid'] = true;
$this->validationErrors = true;
}
}
/* subscr_help_url */
if (isset($_POST['subscr_help_email']) && $_POST['subscr_help_email'] != "") {
$subscr_help_email_trim = trim($_POST['subscr_help_email']);
$this->form_data['subscr_help_email'] = Input::sanitizeEmail($subscr_help_email_trim);
if ($this->form_data['subscr_help_email'] != $subscr_help_email_trim) {
$this->form_data['subscr_help_email'] = "";
$this->form_data['subscr_help_email_invalid'] = true;
$this->displayInvalidCharError($subscr_help_email_trim, $this->form_data['subscr_help_email'], 'l10n_label_helpdeskemail');
$this->validationErrors = true;
}
}
/* subscr_help_email */
/* don't continue, if data was stripped due to the field
* sanitation */
if ($this->validationErrors) {
return;
}
switch (htmlentities($_POST['subscriber'])) {
case 'edit':
$subscriber = null;
if ($this->person->getSubscriber()->hasDBID($id)) {
$subscriber = $this->person->getSubscriber();
} else {
/* Other subscruber than user's
* subscriber, must create new object
* from DB */
$subscriber = Subscriber::getSubscriberByID($id, $this->person->getNREN());
}
if (!is_null($subscriber)) {
/* subscriber will clean input */
$update = $subscriber->setState($state);
$update |= $subscriber->setEmail($this->form_data['subscr_email']);
$update |= $subscriber->setPhone($this->form_data['subscr_phone']);
$update |= $subscriber->setRespName($this->form_data['subscr_responsible_name']);
$update |= $subscriber->setRespEmail($this->form_data['subscr_responsible_email']);
$update |= $subscriber->setComment($this->form_data['subscr_comment']);
$update |= $subscriber->setHelpURL($this->form_data['subscr_help_url']);
$update |= $subscriber->setHelpEmail($this->form_data['subscr_help_email']);
if ($update) {
if (!$subscriber->save(true)) {
Framework::error_output($this->translateTag('l10n_fail_editsubs1', 'nrenadmin'));
} else {
Framework::success_output($this->translateTag('l10n_suc_editsubs1', 'nrenadmin'));
}
}
/* show info-list for subscriber */
$this->tpl->assign('subscr_details', Subscriber::getSubscriberByID($id, $this->person->GetNREN())->getInfo());
$this->tpl->assign('subscriber_details', true);
$this->tpl->assign('subscriber_detail_id', $id);
}
break;
case 'editState':
$subscriber = null;
if ($this->person->getSubscriber()->hasDBID($id)) {
$subscriber = $this->person->getSubscriber();
} else {
$subscriber = Subscriber::getSubscriberByID($id, $this->person->getNREN());
}
if (!is_null($subscriber)) {
if ($subscriber->setState($state)) {
if (!$subscriber->save(true)) {
Framework::error_output("Could not update state of subscriber. Is the database-layer broken?");
Framework::error_output($this->translateTag("l10n_fail_edit_subscr_state", "nrenadmin"));
}
}
}
break;
case 'info':
$this->tpl->assign('subscr_details', Subscriber::getSubscriberByID($id, $this->person->getNREN())->getInfo());
$this->tpl->assign('subscriber_details', true);
$this->tpl->assign('subscriber_detail_id', $id);
break;
case 'add':
if (!isset($this->form_data['db_name'])) {
break;
}
$inheritUIDAttr = isset($_POST['inherit_uid_attr']);
$subscriber = new Subscriber($this->form_data['db_name'], $this->person->getNREN());
if ($subscriber->isValid()) {
Framework::error_output("Cannot create new, already existing.");
break;
}
$update = $subscriber->setState($state);
$update |= $subscriber->setOrgName($this->form_data['dn_name']);
$update |= $subscriber->setEmail($this->form_data['subscr_email']);
$update |= $subscriber->setPhone($this->form_data['subscr_phone']);
$update |= $subscriber->setRespName($this->form_data['subscr_responsible_name']);
$update |= $subscriber->setRespEmail($this->form_data['subscr_responsible_email']);
$update |= $subscriber->setComment($this->form_data['subscr_comment']);
$update |= $subscriber->setHelpURL($this->form_data['subscr_help_url']);
$update |= $subscriber->setHelpEmail($this->form_data['subscr_help_email']);
if ($update && $subscriber->create()) {
Framework::success_output($this->translateTag('l10n_suc_addsubs1', 'nrenadmin') . " " . htmlentities($dn_name, ENT_COMPAT, "UTF-8") . " " . $this->translateTag('l10n_suc_addsubs2', 'nrenadmin'));
}
if (!$inheritUIDAttr) {
$nren = $this->person->getNREN();
$nrenMap = $nren->getMap();
$uidAttr = Input::sanitizeAlpha($_POST['uid_attr']);
$subscriber->saveMap($uidAttr, $nrenMap['cn'], $nrenMap['mail']);
}
break;
case 'delete':
$this->delSubscriber($id);
break;
}
}
/* isset($_POST['subscriber'] */
}
/**
* setContactPhone()
*
* @see setContactEmail
*/
public function setContactPhone($contact_phone)
{
if (!is_null($contact_phone)) {
if ($this->data['contact_phone'] != $contact_phone) {
$this->data['contact_phone'] = Input::sanitizePhone($contact_phone);
$this->pendingChanges = true;
}
}
}
