additional checks
This commit is contained in:
parent
2b26a46305
commit
6418d24cdd
|
@ -97,8 +97,7 @@ function displayHelp($helpEntry,$helpVariables) {
|
|||
}
|
||||
|
||||
/* If no help number was submitted print error message */
|
||||
if(!isset($_GET['HelpNumber']))
|
||||
{
|
||||
if (!isset($_GET['HelpNumber'])) {
|
||||
$errorMessage = "Sorry no help number submitted.";
|
||||
echoHTMLHead();
|
||||
statusMessage("ERROR","",$errorMessage);
|
||||
|
@ -119,8 +118,8 @@ if(isset($_GET['module']) && !($_GET['module'] == 'main') && !($_GET['module'] =
|
|||
}
|
||||
if (!$helpEntry) {
|
||||
$variables = array();
|
||||
array_push($variables,$_GET['HelpNumber']);
|
||||
array_push($variables,$_GET['module']);
|
||||
array_push($variables, htmlspecialchars($_GET['HelpNumber']));
|
||||
array_push($variables, htmlspecialchars($_GET['module']));
|
||||
$errorMessage = _("Sorry this help id ({bold}%s{endbold}) is not available for this module ({bold}%s{endbold}).");
|
||||
echoHTMLHead();
|
||||
statusMessage("ERROR","",$errorMessage,$variables);
|
||||
|
@ -131,11 +130,10 @@ if(isset($_GET['module']) && !($_GET['module'] == 'main') && !($_GET['module'] =
|
|||
// help entry in help.inc
|
||||
else {
|
||||
/* If submitted help number is not in help/help.inc print error message */
|
||||
if(!array_key_exists($_GET['HelpNumber'],$helpArray))
|
||||
{
|
||||
if (!array_key_exists($_GET['HelpNumber'],$helpArray)) {
|
||||
$variables = array();
|
||||
array_push($variables,$_GET['HelpNumber']);
|
||||
$errorMessage = _("Sorry this help number ({bold}%d{endbold}) is not available.");
|
||||
array_push($variables, htmlspecialchars($_GET['HelpNumber']));
|
||||
$errorMessage = _("Sorry this help number ({bold}%s{endbold}) is not available.");
|
||||
echoHTMLHead();
|
||||
statusMessage("ERROR","",$errorMessage,$variables);
|
||||
echoHTMLFoot();
|
||||
|
@ -151,7 +149,7 @@ $moreVariables = true;
|
|||
$helpVariables = array();
|
||||
while($moreVariables) {
|
||||
if (isset($_GET['var' . $i])) {
|
||||
array_push($helpVariables,$_GET['var' . $i]);
|
||||
array_push($helpVariables, htmlspecialchars($_GET['var' . $i]));
|
||||
$i++;
|
||||
}
|
||||
else {
|
||||
|
|
|
@ -148,7 +148,7 @@ if (isset($_POST['add_suff']) || isset($_POST['cancel'])) {
|
|||
if (sizeof($fail) > 0) {
|
||||
// print error messages
|
||||
for ($i = 0; $i < sizeof($fail); $i++) {
|
||||
StatusMessage("ERROR", _("Failed to create entry!") . "<br>" . $error[$i], $fail[$i]);
|
||||
StatusMessage("ERROR", _("Failed to create entry!") . "<br>" . htmlspecialchars($error[$i]), htmlspecialchars($fail[$i]));
|
||||
}
|
||||
include 'main_footer.php';
|
||||
}
|
||||
|
|
|
@ -87,7 +87,8 @@ if (isset($_GET['showldif'])) {
|
|||
}
|
||||
|
||||
include 'main_header.php';
|
||||
echo '<div class="' . $_POST['scope'] . 'list-bright smallPaddingContent">';
|
||||
$scope = htmlspecialchars($_POST['scope']);
|
||||
echo '<div class="' . $scope . 'list-bright smallPaddingContent">';
|
||||
|
||||
$selectedModules = explode(',', $_POST['selectedModules']);
|
||||
if ($_FILES['inputfile'] && ($_FILES['inputfile']['size'] > 0)) {
|
||||
|
@ -95,7 +96,7 @@ if ($_FILES['inputfile'] && ($_FILES['inputfile']['size'] > 0)) {
|
|||
$data = array(); // input values without first row
|
||||
$ids = array(); // <column name> => <column number for $data>
|
||||
// get input fields from modules
|
||||
$columns = getUploadColumns($_POST['scope'], $selectedModules);
|
||||
$columns = getUploadColumns($scope, $selectedModules);
|
||||
// read input file
|
||||
$handle = fopen ($_FILES['inputfile']['tmp_name'], "r");
|
||||
if (($head = fgetcsv($handle, 2000)) !== false ) { // head row
|
||||
|
@ -158,15 +159,15 @@ if ($_FILES['inputfile'] && ($_FILES['inputfile']['size'] > 0)) {
|
|||
// if input data is invalid just display error messages (max 50)
|
||||
if (sizeof($errors) > 0) {
|
||||
for ($i = 0; $i < sizeof($errors); $i++) StatusMessage("ERROR", $errors[$i][0], $errors[$i][1]);
|
||||
massPrintBackButton($_POST['scope'], $selectedModules);
|
||||
massPrintBackButton($scope, $selectedModules);
|
||||
}
|
||||
|
||||
// let modules build accounts
|
||||
else {
|
||||
$accounts = buildUploadAccounts($_POST['scope'], $data, $ids, $selectedModules);
|
||||
$accounts = buildUploadAccounts($scope, $data, $ids, $selectedModules);
|
||||
if ($accounts != false) {
|
||||
$rdnList = getRDNAttributes($_POST['scope'], $selectedModules);
|
||||
$suffix = $_SESSION['config']->get_Suffix($_POST['scope']);
|
||||
$rdnList = getRDNAttributes($scope, $selectedModules);
|
||||
$suffix = $_SESSION['config']->get_Suffix($scope);
|
||||
// set DN
|
||||
for ($i = 0; $i < sizeof($accounts); $i++) {
|
||||
// check against list of possible RDN attributes
|
||||
|
@ -193,7 +194,7 @@ if ($_FILES['inputfile'] && ($_FILES['inputfile']['size'] > 0)) {
|
|||
$_SESSION['mass_postActions'] = array();
|
||||
$_SESSION['mass_data'] = $_SESSION['ldap']->encrypt(serialize($data));
|
||||
$_SESSION['mass_ids'] = $ids;
|
||||
$_SESSION['mass_scope'] = $_POST['scope'];
|
||||
$_SESSION['mass_scope'] = $scope;
|
||||
$_SESSION['mass_selectedModules'] = $selectedModules;
|
||||
if (isset($_SESSION['mass_pdf'])) {
|
||||
unset($_SESSION['mass_pdf']);
|
||||
|
@ -225,13 +226,13 @@ if ($_FILES['inputfile'] && ($_FILES['inputfile']['size'] > 0)) {
|
|||
}
|
||||
}
|
||||
else {
|
||||
massPrintBackButton($_POST['scope'], $selectedModules);
|
||||
massPrintBackButton($scope, $selectedModules);
|
||||
}
|
||||
}
|
||||
}
|
||||
else {
|
||||
StatusMessage('ERROR', _('Please provide a file to upload.'));
|
||||
massPrintBackButton($_POST['scope'], $selectedModules);
|
||||
massPrintBackButton($scope, $selectedModules);
|
||||
}
|
||||
|
||||
echo '</div>';
|
||||
|
|
|
@ -58,7 +58,8 @@ if (!isset($_SESSION['loggedIn']) || ($_SESSION['loggedIn'] !== true)) {
|
|||
setlanguage();
|
||||
|
||||
include 'main_header.php';
|
||||
echo '<div class="' . $_SESSION['mass_scope'] . 'list-bright smallPaddingContent">';
|
||||
$scope = htmlspecialchars($_SESSION['mass_scope']);
|
||||
echo '<div class="' . $scope . 'list-bright smallPaddingContent">';
|
||||
|
||||
// create accounts
|
||||
$accounts = unserialize($_SESSION['ldap']->decrypt($_SESSION['mass_accounts']));
|
||||
|
@ -120,12 +121,12 @@ if (($_SESSION['mass_counter'] < sizeof($accounts)) || !isset($_SESSION['mass_po
|
|||
// do post upload actions after all accounts are created
|
||||
if ($_SESSION['mass_counter'] >= sizeof($accounts)) {
|
||||
$data = unserialize($_SESSION['ldap']->decrypt($_SESSION['mass_data']));
|
||||
$return = doUploadPostActions($_SESSION['mass_scope'], $data, $_SESSION['mass_ids'], $_SESSION['mass_failed'], $_SESSION['mass_selectedModules'], $accounts);
|
||||
$return = doUploadPostActions($scope, $data, $_SESSION['mass_ids'], $_SESSION['mass_failed'], $_SESSION['mass_selectedModules'], $accounts);
|
||||
if ($return['status'] == 'finished') {
|
||||
$_SESSION['mass_postActions']['finished'] = true;
|
||||
}
|
||||
for ($i = 0; $i < sizeof($return['errors']); $i++) $_SESSION['mass_errors'][] = $return['errors'][$i];
|
||||
echo "<h1>" . _("Additional tasks for module:") . ' ' . getModuleAlias($return['module'], $_SESSION['mass_scope']) . "</h1>\n";
|
||||
echo "<h1>" . _("Additional tasks for module:") . ' ' . getModuleAlias($return['module'], $scope) . "</h1>\n";
|
||||
?>
|
||||
<div id="progressbar<?php echo $return['module']; ?>"></div>
|
||||
<script type="text/javascript">
|
||||
|
@ -138,7 +139,7 @@ if (($_SESSION['mass_counter'] < sizeof($accounts)) || !isset($_SESSION['mass_po
|
|||
<?php
|
||||
flush();
|
||||
while (!isset($_SESSION['mass_postActions']['finished']) && (($startTime + $maxTime) > time())) {
|
||||
$return = doUploadPostActions($_SESSION['mass_scope'], $data, $_SESSION['mass_ids'], $_SESSION['mass_failed'], $_SESSION['mass_selectedModules'], $accounts);
|
||||
$return = doUploadPostActions($scope, $data, $_SESSION['mass_ids'], $_SESSION['mass_failed'], $_SESSION['mass_selectedModules'], $accounts);
|
||||
if ($return['status'] == 'finished') {
|
||||
$_SESSION['mass_postActions']['finished'] = true;
|
||||
}
|
||||
|
@ -190,7 +191,7 @@ if (($_SESSION['mass_counter'] < sizeof($accounts)) || !isset($_SESSION['mass_po
|
|||
}
|
||||
}
|
||||
// load account
|
||||
$_SESSION['pdfAccount'] = new accountContainer($_SESSION['mass_scope'], 'pdfAccount');
|
||||
$_SESSION['pdfAccount'] = new accountContainer($scope, 'pdfAccount');
|
||||
$pdfErrors = $_SESSION['pdfAccount']->load_account($dn, $infoAttributes);
|
||||
if (sizeof($pdfErrors) > 0) {
|
||||
$_SESSION['mass_errors'] = array_merge($_SESSION['mass_errors'], $pdfErrors);
|
||||
|
@ -233,7 +234,7 @@ else {
|
|||
else {
|
||||
// redirect to list if no errors occured
|
||||
echo "<script type=\"text/javascript\">\n";
|
||||
echo "top.location.href = \"lists/list.php?type=" . $_SESSION['mass_scope'] . "&uploadAllOk\";\n";
|
||||
echo "top.location.href = \"lists/list.php?type=" . $scope . "&uploadAllOk\";\n";
|
||||
echo "</script>\n";
|
||||
}
|
||||
}
|
||||
|
|
|
@ -84,7 +84,7 @@ $types = array_values($types);
|
|||
// check if account specific page should be shown
|
||||
if (isset($_POST['type'])) {
|
||||
// get selected type
|
||||
$scope = $_POST['type'];
|
||||
$scope = htmlspecialchars($_POST['type']);
|
||||
// get selected modules
|
||||
$selectedModules = array();
|
||||
$checkedBoxes = array_keys($_POST, 'on');
|
||||
|
|
Loading…
Reference in New Issue