check if accounts are edited in multiple browser tabs
This commit is contained in:
Roland Gruber
parent
8d9eb36e0c
commit
75b42a68ff
|
|
@ -3,7 +3,7 @@
|
|||
$Id$
|
||||
|
||||
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
||||
Copyright (C) 2003 - 2014 Roland Gruber
|
||||
Copyright (C) 2003 - 2015 Roland Gruber
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
|
@ -1078,6 +1078,9 @@ class lamList {
|
|||
StatusMessage('INFO', sprintf(_('You can download your PDF files {link=%s}{color=#d2131a}here{endcolor}{endlink}.'), '../' . $_SESSION['mass_pdf']['file']));
|
||||
}
|
||||
}
|
||||
elseif (isset($_GET['accountEditInvalidID'])) {
|
||||
StatusMessage('WARN', _('Please do not edit multiple accounts in parallel in multiple browser tabs.'));
|
||||
}
|
||||
if (isset($_SESSION['listRedirectMessages'])) {
|
||||
for ($i = 0; $i < sizeof($_SESSION['listRedirectMessages']); $i++) {
|
||||
call_user_func_array('StatusMessage', $_SESSION['listRedirectMessages'][$i]);
|
||||
|
|
|
|||
|
|
@ -683,8 +683,9 @@ class accountContainer {
|
|||
*
|
||||
* @param string $type account type
|
||||
* @param string $base key in $_SESSION where this object is saved
|
||||
* @param integer $randomID random ID to avoid parallel editing (default: null)
|
||||
*/
|
||||
function __construct($type, $base) {
|
||||
function __construct($type, $base, $randomID = null) {
|
||||
/* Set the type of account. Valid
|
||||
* types are: user, group, host
|
||||
*/
|
||||
|
|
@ -698,8 +699,9 @@ class accountContainer {
|
|||
$this->current_page=0;
|
||||
$this->subpage='attributes';
|
||||
$this->isNewAccount = false;
|
||||
$this->randomID = $randomID;
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Array of all used attributes
|
||||
|
|
@ -760,6 +762,9 @@ class accountContainer {
|
|||
private $sendPasswordViaMail = null;
|
||||
/** send password via mail to this alternate address */
|
||||
private $sendPasswordViaMailAlternateAddress = null;
|
||||
|
||||
/** random ID number to avoid parallel editing of accounts in multiple browser tabs */
|
||||
private $randomID = null;
|
||||
|
||||
/**
|
||||
* Returns the account module with the given class name
|
||||
|
|
@ -799,6 +804,10 @@ class accountContainer {
|
|||
* It prints the HTML code of each account page.
|
||||
*/
|
||||
function continue_main() {
|
||||
if (!empty($_POST['account_randomID']) && ($this->randomID != $_POST['account_randomID'])) {
|
||||
metaRefresh("../lists/list.php?type=" . $this->type . '&accountEditInvalidID=true');
|
||||
exit();
|
||||
}
|
||||
$oldPage = $this->current_page;
|
||||
$oldSubpage = $this->subpage;
|
||||
$post = $_POST;
|
||||
|
|
@ -1294,7 +1303,8 @@ class accountContainer {
|
|||
jQuery("#inputForm").validationEngine();
|
||||
});
|
||||
</script>';
|
||||
echo "<form id=\"inputForm\" enctype=\"multipart/form-data\" action=\"edit.php\" method=\"post\" onSubmit=\"saveScrollPosition('inputForm')\" autocomplete=\"off\">\n";
|
||||
echo "<form id=\"inputForm\" enctype=\"multipart/form-data\" action=\"edit.php\" method=\"post\" onSubmit=\"saveScrollPosition('inputForm')\" autocomplete=\"off\">\n";
|
||||
echo '<input type="hidden" name="account_randomID" value="' . $this->randomID . '">';
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ $Id$
|
|||
|
||||
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
||||
Copyright (C) 2003 - 2006 Tilo Lutz
|
||||
2005 - 2014 Roland Gruber
|
||||
2005 - 2015 Roland Gruber
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
|
@ -57,6 +57,7 @@ if (!isLoggedIn()) {
|
|||
// Set correct language, codepages, ....
|
||||
setlanguage();
|
||||
|
||||
|
||||
//load account
|
||||
if (isset($_GET['DN'])) {
|
||||
$DN = str_replace("\\'", '', $_GET['DN']);
|
||||
|
|
@ -80,7 +81,7 @@ if (isset($_GET['DN'])) {
|
|||
logNewMessage(LOG_ERR, 'User tried to access entry of type ' . $type . ' outside suffix ' . $suffix);
|
||||
die();
|
||||
}
|
||||
$_SESSION['account'] = new accountContainer($type, 'account');
|
||||
$_SESSION['account'] = new accountContainer($type, 'account', getRandomNumber());
|
||||
$result = $_SESSION['account']->load_account($DN);
|
||||
if (sizeof($result) > 0) {
|
||||
include '../main_header.php';
|
||||
|
|
@ -103,7 +104,7 @@ else if (count($_POST)==0) {
|
|||
logNewMessage(LOG_ERR, 'User tried to create entry of forbidden account type: ' . $type);
|
||||
die();
|
||||
}
|
||||
$_SESSION['account'] = new accountContainer($type, 'account');
|
||||
$_SESSION['account'] = new accountContainer($type, 'account', getRandomNumber());
|
||||
$_SESSION['account']->new_account();
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue