LDAPAccountManager/lam/templates/lists/deletelink.php

<?php
/*

  This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
  Copyright (C) 2007 - 2018  Roland Gruber

  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
  the Free Software Foundation; either version 2 of the License, or
  (at your option) any later version.

  This program is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more detaexils.

  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

*/

/**
* This page will redirect to delete.php if the given user is valid.
*
* It is called from the list views via the delete links.
*
* @package lists
* @author Roland Gruber
*/

/** security functions */
include_once(__DIR__ . "/../../lib/security.inc");
/** Needed to find DNs of users */
include_once(__DIR__ . "/../../lib/ldap.inc");
/** Used to display error messages */
include_once(__DIR__ . "/../../lib/status.inc");

// start session
startSecureSession();
enforceUserIsLoggedIn();

setlanguage();

// get account name and type
$dn = $_GET['DN'];
$type = $_GET['type'];
if (!preg_match('/^[a-z0-9_]+$/i', $type)) {
	logNewMessage(LOG_ERR, 'Invalid type: ' . $type);
	die();
}

if (isset($dn) && isset($type)) {
	if (substr($dn, 0, 1) === "'") {
		$dn = substr($dn, 1);
	}
	if (substr($dn, -1, 1) === "'") {
		$dn = substr($dn, 0, -1);
	}
	$_SESSION['delete_dn'] = array($dn);
	// redirect to delete.php
	metaRefresh("../delete.php?type=" . htmlspecialchars($type));

}
else {
	// print error message if arguments are missing
	include __DIR__ . '/../../lib/adminHeader.inc';
	StatusMessage("ERROR", "No account or type given.");
	include __DIR__ . '/../../lib/adminFooter.inc';
}

?>
added delete links and updated images 2007-04-21 11:04:50 +00:00			`<?php`
			`/*`

new homepage 2009-10-27 18:47:12 +00:00			`This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)`
support "," in DN 2018-05-20 06:22:51 +00:00			`Copyright (C) 2007 - 2018 Roland Gruber`
added delete links and updated images 2007-04-21 11:04:50 +00:00
			`This program is free software; you can redistribute it and/or modify`
			`it under the terms of the GNU General Public License as published by`
			`the Free Software Foundation; either version 2 of the License, or`
			`(at your option) any later version.`

			`This program is distributed in the hope that it will be useful,`
			`but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`GNU General Public License for more detaexils.`

			`You should have received a copy of the GNU General Public License`
			`along with this program; if not, write to the Free Software`
			`Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA`

			`*/`

			`/**`
			`* This page will redirect to delete.php if the given user is valid.`
			`*`
			`* It is called from the list views via the delete links.`
			`*`
			`* @package lists`
			`* @author Roland Gruber`
			`*/`

			`/** security functions */`
refactoring 2018-12-23 16:39:44 +00:00			`include_once(__DIR__ . "/../../lib/security.inc");`
added delete links and updated images 2007-04-21 11:04:50 +00:00			`/** Needed to find DNs of users */`
refactoring 2018-12-23 16:39:44 +00:00			`include_once(__DIR__ . "/../../lib/ldap.inc");`
added delete links and updated images 2007-04-21 11:04:50 +00:00			`/** Used to display error messages */`
refactoring 2018-12-23 16:39:44 +00:00			`include_once(__DIR__ . "/../../lib/status.inc");`
added delete links and updated images 2007-04-21 11:04:50 +00:00
			`// start session`
			`startSecureSession();`
check if user is logged in 2017-02-11 16:11:37 +00:00			`enforceUserIsLoggedIn();`
added delete links and updated images 2007-04-21 11:04:50 +00:00
			`setlanguage();`

			`// get account name and type`
			`$dn = $_GET['DN'];`
			`$type = $_GET['type'];`
additional checks 2012-03-13 21:34:13 +00:00			`if (!preg_match('/^[a-z0-9_]+$/i', $type)) {`
			`logNewMessage(LOG_ERR, 'Invalid type: ' . $type);`
			`die();`
			`}`
added delete links and updated images 2007-04-21 11:04:50 +00:00
			`if (isset($dn) && isset($type)) {`
handle quotes in DN 2013-11-04 16:32:10 +00:00			`if (substr($dn, 0, 1) === "'") {`
			`$dn = substr($dn, 1);`
			`}`
			`if (substr($dn, -1, 1) === "'") {`
			`$dn = substr($dn, 0, -1);`
			`}`
added delete links and updated images 2007-04-21 11:04:50 +00:00			`$_SESSION['delete_dn'] = array($dn);`
			`// redirect to delete.php`
additional checks 2012-03-18 18:31:36 +00:00			`metaRefresh("../delete.php?type=" . htmlspecialchars($type));`
added delete links and updated images 2007-04-21 11:04:50 +00:00
			`}`
			`else {`
removed frames 2010-01-01 17:21:46 +00:00			`// print error message if arguments are missing`
refactoring 2018-12-23 16:39:44 +00:00			`include __DIR__ . '/../../lib/adminHeader.inc';`
added delete links and updated images 2007-04-21 11:04:50 +00:00			`StatusMessage("ERROR", "No account or type given.");`
refactoring 2018-12-23 16:39:44 +00:00			`include __DIR__ . '/../../lib/adminFooter.inc';`
added delete links and updated images 2007-04-21 11:04:50 +00:00			`}`

			`?>`