LDAPAccountManager/lam/templates/misc/ajax.php

139 lines
3.4 KiB
PHP
Raw Normal View History

2011-05-15 18:26:28 +00:00
<?php
2017-09-16 20:16:35 +00:00
namespace LAM\AJAX;
2011-05-15 18:26:28 +00:00
/*
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
2018-03-04 08:37:32 +00:00
Copyright (C) 2011 - 2018 Roland Gruber
2011-05-15 18:26:28 +00:00
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
2011-05-15 18:26:28 +00:00
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
2011-05-15 18:26:28 +00:00
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/**
* Manages all AJAX requests.
*
* @author Roland Gruber
* @package tools
*/
/** security functions */
include_once("../../lib/security.inc");
// start session
2012-11-25 17:01:44 +00:00
if (isset($_GET['selfservice'])) {
// self service uses a different session name
session_name('SELFSERVICE');
}
// return standard JSON response if session expired
if (startSecureSession(false, true) === false) {
echo json_encode(array(
'sessionExpired' => "true"
));
die();
}
2011-05-15 18:26:28 +00:00
2011-05-15 19:42:52 +00:00
setlanguage();
2017-09-16 20:16:35 +00:00
$ajax = new Ajax();
$ajax->handleRequest();
2011-05-15 18:26:28 +00:00
/**
* Manages all AJAX requests.
*/
2017-09-16 20:16:35 +00:00
class Ajax {
2011-05-15 18:26:28 +00:00
/**
* Manages an AJAX request.
*/
2017-09-16 20:16:35 +00:00
public function handleRequest() {
$this->setHeader();
2015-05-14 09:18:45 +00:00
// check token
validateSecurityToken(false);
if (isset($_GET['module']) && isset($_GET['scope']) && in_array($_GET['module'], getAvailableModules($_GET['scope']))) {
2017-02-11 16:11:37 +00:00
enforceUserIsLoggedIn();
if (isset($_GET['useContainer']) && ($_GET['useContainer'] == '1')) {
if (!isset($_SESSION['account'])) die();
$module = $_SESSION['account']->getAccountModule($_GET['module']);
$module->handleAjaxRequest();
}
else {
$module = new $_GET['module']($_GET['scope']);
$module->handleAjaxRequest();
}
}
2011-05-15 18:26:28 +00:00
if (!isset($_GET['function'])) {
die();
}
$function = $_GET['function'];
if (!isset($_POST['jsonInput'])) {
die();
}
2015-05-14 09:18:45 +00:00
2011-05-15 18:26:28 +00:00
$jsonInput = $_POST['jsonInput'];
2017-02-11 16:11:37 +00:00
if ($function == 'passwordStrengthCheck') {
2017-09-16 20:16:35 +00:00
$this->checkPasswordStrength($jsonInput);
2017-02-11 16:11:37 +00:00
}
enforceUserIsLoggedIn();
2011-05-15 18:26:28 +00:00
if ($function == 'passwordChange') {
2017-09-16 20:16:35 +00:00
$this->managePasswordChange($jsonInput);
2011-05-15 18:26:28 +00:00
}
2016-12-07 20:18:06 +00:00
elseif ($function == 'upload') {
include_once('../../lib/upload.inc');
2017-01-07 17:23:04 +00:00
$typeManager = new \LAM\TYPES\TypeManager();
2017-09-17 07:21:37 +00:00
$uploader = new \LAM\UPLOAD\Uploader($typeManager->getConfiguredType($_GET['typeId']));
2016-12-07 20:18:06 +00:00
ob_start();
$jsonOut = $uploader->doUpload();
ob_end_clean();
echo $jsonOut;
}
2011-05-15 18:26:28 +00:00
}
/**
* Sets JSON HTTP header.
*/
private static function setHeader() {
if (!headers_sent()) {
header('Content-Type: application/json; charset=utf-8');
}
}
2011-05-15 18:26:28 +00:00
/**
* Manages a password change request on the edit account page.
*
* @param array $input input parameters
*/
2017-09-16 20:16:35 +00:00
private static function managePasswordChange($input) {
2011-05-15 18:26:28 +00:00
$return = $_SESSION['account']->setNewPassword($input);
echo json_encode($return);
}
/**
* Checks if a password is accepted by LAM's password policy.
*
* @param array $input input parameters
*/
2017-09-16 20:16:35 +00:00
private function checkPasswordStrength($input) {
$password = $input['password'];
$result = checkPasswordStrength($password, null, null);
echo json_encode(array("result" => $result));
}
2011-05-15 18:26:28 +00:00
}
?>