Exemplo n.º 1
0
 public function pre_process($person)
 {
     parent::pre_process($person);
     /* If user is not subscriber- or nren-admin, we stop here */
     if (!$this->person->isNRENAdmin()) {
         return false;
     }
     /* are we running in grid-mode? We must check this before we do
      * any other processing */
     if (Config::get_config('cert_product') == PRD_ESCIENCE) {
         $this->tpl->assign('confusa_grid_restrictions', true);
     } else {
         $this->tpl->assign('confusa_grid_restrictions', false);
     }
     /* if the function exists due to failed field validation, it should
      * display all affected fiels. Everything else is very annoying for
      * the user.
      */
     $this->validationErrors = false;
     /* handle nren-flags */
     if (isset($_POST['subscriber'])) {
         if (isset($_POST['id'])) {
             $id = Input::sanitizeID($_POST['id']);
         }
         if (isset($_POST['state'])) {
             $state = Input::sanitizeOrgState($_POST['state']);
         }
         if (isset($_POST['db_name'])) {
             $db_name_trim = trim($_POST['db_name']);
             $this->form_data['db_name'] = htmlentities($db_name_trim);
             if ($this->form_data['db_name'] != $db_name_trim) {
                 $this->displayInvalidCharError($db_name_trim, $this->form_data['db_name'], 'l10n_heading_attnm');
                 $this->form_data['db_name'] = "";
                 $this->form_data['db_name_invalid'] = true;
                 $this->validationErrors = true;
             }
         }
         /* db_name */
         if (isset($_POST['dn_name'])) {
             $dn_name_trim = trim($_POST['dn_name']);
             /* personal certificates may have UTF-8 chars in the DN */
             if (Config::get_config('cert_product') == PRD_PERSONAL) {
                 $this->form_data['dn_name'] = mysql_real_escape_string($dn_name_trim);
             } else {
                 $this->form_data['dn_name'] = Input::sanitizeOrgName($dn_name_trim);
             }
             /* warn user if characters got sanitized away */
             if ($this->form_data['dn_name'] != $dn_name_trim) {
                 $this->displayInvalidCharError($dn_name_trim, $this->form_data['dn_name'], 'l10n_heading_dnoname');
                 $this->form_data['dn_name'] = "";
                 $this->form_data['dn_name_invalid'] = true;
                 $this->validationErrors = true;
             }
         }
         /* dn_name */
         if (isset($_POST['subscr_email']) && $_POST['subscr_email'] != "") {
             $subscr_email_trim = trim($_POST['subscr_email']);
             $this->form_data['subscr_email'] = Input::sanitizeEmail($subscr_email_trim);
             if ($this->form_data['subscr_email'] != $subscr_email_trim) {
                 $this->displayInvalidCharError($subscr_email_trim, $this->form_data['subscr_email'], 'l10n_label_contactemail');
                 $this->form_data['subscr_email'] = "";
                 $this->form_data['subscr_email_invalid'] = true;
                 $this->validationErrors = true;
             }
         }
         /* subscr_email */
         if (isset($_POST['subscr_phone']) && $_POST['subscr_phone'] != "") {
             $subscr_phone_trim = trim($_POST['subscr_phone']);
             $this->form_data['subscr_phone'] = Input::sanitizePhone($subscr_phone_trim);
             if ($this->form_data['subscr_phone'] != $subscr_phone_trim) {
                 $this->displayInvalidCharError($subscr_phone_trim, $this->form_data['subscr_phone'], 'l10n_label_contactphone');
                 $this->form_data['subscr_phone'] = "";
                 $this->form_data['subscr_phone_invalid'] = true;
                 $this->validationErrors = true;
             }
         }
         /* subscr_phone */
         if (isset($_POST['subscr_responsible_name']) && $_POST['subscr_responsible_name'] != "") {
             $subscr_responsible_name_trim = trim($_POST['subscr_responsible_name']);
             $this->form_data['subscr_responsible_name'] = Input::sanitizePersonName($subscr_responsible_name_trim);
             if ($this->form_data['subscr_responsible_name'] != $subscr_responsible_name_trim) {
                 $this->displayInvalidCharError($subscr_responsible_name_trim, $this->form_data['subscr_responsible_name'], 'l10n_heading_resppers');
                 $this->form_data['subscr_responsible_name'] = "";
                 $this->form_data['subscr_responsible_name_invalid'] = true;
                 $this->validationErrors = true;
             }
         }
         /* subscr_responsible_name */
         if (isset($_POST['subscr_responsible_email']) && $_POST['subscr_responsible_email'] != "") {
             $subscr_responsible_email_trim = trim($_POST['subscr_responsible_email']);
             $this->form_data['subscr_responsible_email'] = Input::sanitizeEmail($subscr_responsible_email_trim);
             if ($this->form_data['subscr_responsible_email'] != $subscr_responsible_email_trim) {
                 $this->displayInvalidCharError($subscr_responsible_email_trim, $this->form_data['subscr_responsible_email'], 'l10n_label_respemail');
                 $this->validationErrors = true;
             }
         }
         /* subscr_responsible_email */
         if (isset($_POST['subscr_comment']) && $_POST['subscr_comment'] != "") {
             $this->form_data['subscr_comment'] = Input::sanitizeText(trim($_POST['subscr_comment']));
         }
         if (isset($_POST['subscr_help_url']) && $_POST['subscr_help_url'] != "") {
             $subscr_help_url_trim = trim($_POST['subscr_help_url']);
             $this->form_data['subscr_help_url'] = Input::sanitizeURL($subscr_help_url_trim);
             if ($this->form_data['subscr_help_url'] != $subscr_help_url_trim) {
                 $this->displayInvalidCharError($subscr_help_url_trim, $this->form_data['subscr_help_url'], 'l10n_label_helpdeskurl');
                 $this->form_data['subscr_help_url'] = "";
                 $this->form_data['subscr_help_url_invalid'] = true;
                 $this->validationErrors = true;
             }
         }
         /* subscr_help_url */
         if (isset($_POST['subscr_help_email']) && $_POST['subscr_help_email'] != "") {
             $subscr_help_email_trim = trim($_POST['subscr_help_email']);
             $this->form_data['subscr_help_email'] = Input::sanitizeEmail($subscr_help_email_trim);
             if ($this->form_data['subscr_help_email'] != $subscr_help_email_trim) {
                 $this->form_data['subscr_help_email'] = "";
                 $this->form_data['subscr_help_email_invalid'] = true;
                 $this->displayInvalidCharError($subscr_help_email_trim, $this->form_data['subscr_help_email'], 'l10n_label_helpdeskemail');
                 $this->validationErrors = true;
             }
         }
         /* subscr_help_email */
         /* don't continue, if data was stripped due to the field
          * sanitation */
         if ($this->validationErrors) {
             return;
         }
         switch (htmlentities($_POST['subscriber'])) {
             case 'edit':
                 $subscriber = null;
                 if ($this->person->getSubscriber()->hasDBID($id)) {
                     $subscriber = $this->person->getSubscriber();
                 } else {
                     /* Other subscruber than user's
                      * subscriber, must create new object
                      * from DB */
                     $subscriber = Subscriber::getSubscriberByID($id, $this->person->getNREN());
                 }
                 if (!is_null($subscriber)) {
                     /* subscriber will clean input */
                     $update = $subscriber->setState($state);
                     $update |= $subscriber->setEmail($this->form_data['subscr_email']);
                     $update |= $subscriber->setPhone($this->form_data['subscr_phone']);
                     $update |= $subscriber->setRespName($this->form_data['subscr_responsible_name']);
                     $update |= $subscriber->setRespEmail($this->form_data['subscr_responsible_email']);
                     $update |= $subscriber->setComment($this->form_data['subscr_comment']);
                     $update |= $subscriber->setHelpURL($this->form_data['subscr_help_url']);
                     $update |= $subscriber->setHelpEmail($this->form_data['subscr_help_email']);
                     if ($update) {
                         if (!$subscriber->save(true)) {
                             Framework::error_output($this->translateTag('l10n_fail_editsubs1', 'nrenadmin'));
                         } else {
                             Framework::success_output($this->translateTag('l10n_suc_editsubs1', 'nrenadmin'));
                         }
                     }
                     /* show info-list for subscriber */
                     $this->tpl->assign('subscr_details', Subscriber::getSubscriberByID($id, $this->person->GetNREN())->getInfo());
                     $this->tpl->assign('subscriber_details', true);
                     $this->tpl->assign('subscriber_detail_id', $id);
                 }
                 break;
             case 'editState':
                 $subscriber = null;
                 if ($this->person->getSubscriber()->hasDBID($id)) {
                     $subscriber = $this->person->getSubscriber();
                 } else {
                     $subscriber = Subscriber::getSubscriberByID($id, $this->person->getNREN());
                 }
                 if (!is_null($subscriber)) {
                     if ($subscriber->setState($state)) {
                         if (!$subscriber->save(true)) {
                             Framework::error_output("Could not update state of subscriber. Is the database-layer broken?");
                             Framework::error_output($this->translateTag("l10n_fail_edit_subscr_state", "nrenadmin"));
                         }
                     }
                 }
                 break;
             case 'info':
                 $this->tpl->assign('subscr_details', Subscriber::getSubscriberByID($id, $this->person->getNREN())->getInfo());
                 $this->tpl->assign('subscriber_details', true);
                 $this->tpl->assign('subscriber_detail_id', $id);
                 break;
             case 'add':
                 if (!isset($this->form_data['db_name'])) {
                     break;
                 }
                 $inheritUIDAttr = isset($_POST['inherit_uid_attr']);
                 $subscriber = new Subscriber($this->form_data['db_name'], $this->person->getNREN());
                 if ($subscriber->isValid()) {
                     Framework::error_output("Cannot create new, already existing.");
                     break;
                 }
                 $update = $subscriber->setState($state);
                 $update |= $subscriber->setOrgName($this->form_data['dn_name']);
                 $update |= $subscriber->setEmail($this->form_data['subscr_email']);
                 $update |= $subscriber->setPhone($this->form_data['subscr_phone']);
                 $update |= $subscriber->setRespName($this->form_data['subscr_responsible_name']);
                 $update |= $subscriber->setRespEmail($this->form_data['subscr_responsible_email']);
                 $update |= $subscriber->setComment($this->form_data['subscr_comment']);
                 $update |= $subscriber->setHelpURL($this->form_data['subscr_help_url']);
                 $update |= $subscriber->setHelpEmail($this->form_data['subscr_help_email']);
                 if ($update && $subscriber->create()) {
                     Framework::success_output($this->translateTag('l10n_suc_addsubs1', 'nrenadmin') . " " . htmlentities($dn_name, ENT_COMPAT, "UTF-8") . " " . $this->translateTag('l10n_suc_addsubs2', 'nrenadmin'));
                 }
                 if (!$inheritUIDAttr) {
                     $nren = $this->person->getNREN();
                     $nrenMap = $nren->getMap();
                     $uidAttr = Input::sanitizeAlpha($_POST['uid_attr']);
                     $subscriber->saveMap($uidAttr, $nrenMap['cn'], $nrenMap['mail']);
                 }
                 break;
             case 'delete':
                 $this->delSubscriber($id);
                 break;
         }
     }
     /* isset($_POST['subscriber'] */
 }
Exemplo n.º 2
0
 /**
  * get the list of subscribers for that NREN
  *
  * @param void
  * @return array<Subscriber> the subscribers signed up to this NREN
  * @since Confusa v0.4-rc0
  * @access public
  */
 public function getSubscriberList($orderBy = 'subscriber_id')
 {
     $subscribers = null;
     $query = "SELECT subscriber_id, name, org_state, lang, subscr_email, ";
     $query .= "subscr_phone, subscr_resp_name, subscr_resp_email, ";
     $query .= "subscr_comment, dn_name FROM subscribers WHERE nren_id=?\n\t\tORDER BY trim({$orderBy})";
     $res = MDB2Wrapper::execute($query, array('integer'), array($this->getID()));
     if (count($res) > 0) {
         foreach ($res as $row) {
             $subs = new Subscriber($row['name'], $this->getName(), $row['dn_name'], $row['org_state'], $row['subscriber_id']);
             $subs->setEmail($row['subscr_email']);
             $subs->setPhone($row['subscr_phone']);
             $subs->setRespName($row['subscr_resp_name']);
             $subs->setRespEmail($row['subscr_resp_email']);
             $subs->setComment($row['subscr_comment']);
             $subscribers[] = $subs;
         }
     }
     return $subscribers;
 }