better tool protection
This commit is contained in:
		
							parent
							
								
									c2243010a2
								
							
						
					
					
						commit
						79fcf4ca0e
					
				|  | @ -1,4 +1,9 @@ | ||||||
| July 2012 | September 2012 3.9 | ||||||
|  |   - fixed bugs | ||||||
|  |    -> Hidden tools are still shown in the "Tools" page (3546092) | ||||||
|  | 
 | ||||||
|  | 
 | ||||||
|  | 19.07.2012 3.8 | ||||||
|   - quick (un)lock for users |   - quick (un)lock for users | ||||||
|   - allow to disable tools |   - allow to disable tools | ||||||
|   - LAM Pro: |   - LAM Pro: | ||||||
|  |  | ||||||
|  | @ -3,7 +3,7 @@ | ||||||
| $Id$ | $Id$ | ||||||
| 
 | 
 | ||||||
|   This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) |   This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) | ||||||
|   Copyright (C) 2006 - 2010  Roland Gruber |   Copyright (C) 2006 - 2012  Roland Gruber | ||||||
| 
 | 
 | ||||||
|   This program is free software; you can redistribute it and/or modify |   This program is free software; you can redistribute it and/or modify | ||||||
|   it under the terms of the GNU General Public License as published by |   it under the terms of the GNU General Public License as published by | ||||||
|  | @ -291,4 +291,19 @@ function checkPasswordStrength($password) { | ||||||
| 	return true; | 	return true; | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  | /** | ||||||
|  |  * Checks if the given tool is active. | ||||||
|  |  * Otherwise, an error message is logged and the execution is stopped (die()). | ||||||
|  |  *  | ||||||
|  |  * @param String $tool tool class name (e.g. toolFileUpload) | ||||||
|  |  */ | ||||||
|  | function checkIfToolIsActive($tool) { | ||||||
|  | 	$toolSettings = $_SESSION['config']->getToolSettings(); | ||||||
|  | 		// check if hidden by config
 | ||||||
|  | 	if (isset($toolSettings['tool_hide_' . $tool]) && ($toolSettings['tool_hide_' . $tool] == 'true')) { | ||||||
|  | 		logNewMessage(LOG_ERR, 'Unauthorized access to tool ' . $tool . ' denied.'); | ||||||
|  | 		die(); | ||||||
|  | 	} | ||||||
|  | } | ||||||
|  | 
 | ||||||
| ?>
 | ?>
 | ||||||
|  | @ -46,6 +46,8 @@ startSecureSession(); | ||||||
| // die if no write access
 | // die if no write access
 | ||||||
| if (!checkIfWriteAccessIsAllowed()) die(); | if (!checkIfWriteAccessIsAllowed()) die(); | ||||||
| 
 | 
 | ||||||
|  | checkIfToolIsActive('toolFileUpload'); | ||||||
|  | 
 | ||||||
| // Redirect to startpage if user is not loged in
 | // Redirect to startpage if user is not loged in
 | ||||||
| if (!isset($_SESSION['loggedIn']) || ($_SESSION['loggedIn'] !== true)) { | if (!isset($_SESSION['loggedIn']) || ($_SESSION['loggedIn'] !== true)) { | ||||||
| 	metaRefresh("login.php"); | 	metaRefresh("login.php"); | ||||||
|  |  | ||||||
|  | @ -43,6 +43,8 @@ startSecureSession(); | ||||||
| // die if no write access
 | // die if no write access
 | ||||||
| if (!checkIfWriteAccessIsAllowed()) die(); | if (!checkIfWriteAccessIsAllowed()) die(); | ||||||
| 
 | 
 | ||||||
|  | checkIfToolIsActive('toolOUEditor'); | ||||||
|  | 
 | ||||||
| setlanguage(); | setlanguage(); | ||||||
| 
 | 
 | ||||||
| $types = $_SESSION['config']->get_ActiveTypes(); | $types = $_SESSION['config']->get_ActiveTypes(); | ||||||
|  |  | ||||||
|  | @ -4,7 +4,7 @@ $Id$ | ||||||
| 
 | 
 | ||||||
|   This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) |   This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) | ||||||
|   Copyright (C) 2003 - 2006  Michael Duergner |   Copyright (C) 2003 - 2006  Michael Duergner | ||||||
|                 2005 - 2011  Roland Gruber |                 2005 - 2012  Roland Gruber | ||||||
| 
 | 
 | ||||||
|   This program is free software; you can redistribute it and/or modify |   This program is free software; you can redistribute it and/or modify | ||||||
|   it under the terms of the GNU General Public License as published by |   it under the terms of the GNU General Public License as published by | ||||||
|  | @ -47,6 +47,8 @@ startSecureSession(); | ||||||
| // die if no write access
 | // die if no write access
 | ||||||
| if (!checkIfWriteAccessIsAllowed()) die(); | if (!checkIfWriteAccessIsAllowed()) die(); | ||||||
| 
 | 
 | ||||||
|  | checkIfToolIsActive('toolPDFEditor'); | ||||||
|  | 
 | ||||||
| setlanguage(); | setlanguage(); | ||||||
| 
 | 
 | ||||||
| // Unset pdf structure definitions in session if set
 | // Unset pdf structure definitions in session if set
 | ||||||
|  |  | ||||||
|  | @ -3,7 +3,7 @@ | ||||||
| $Id$ | $Id$ | ||||||
| 
 | 
 | ||||||
|   This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) |   This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) | ||||||
|   Copyright (C) 2003 - 2011  Roland Gruber |   Copyright (C) 2003 - 2012  Roland Gruber | ||||||
| 
 | 
 | ||||||
|   This program is free software; you can redistribute it and/or modify |   This program is free software; you can redistribute it and/or modify | ||||||
|   it under the terms of the GNU General Public License as published by |   it under the terms of the GNU General Public License as published by | ||||||
|  | @ -43,6 +43,8 @@ startSecureSession(); | ||||||
| // die if no write access
 | // die if no write access
 | ||||||
| if (!checkIfWriteAccessIsAllowed()) die(); | if (!checkIfWriteAccessIsAllowed()) die(); | ||||||
| 
 | 
 | ||||||
|  | checkIfToolIsActive('toolProfileEditor'); | ||||||
|  | 
 | ||||||
| setlanguage(); | setlanguage(); | ||||||
| 
 | 
 | ||||||
| $types = $_SESSION['config']->get_ActiveTypes(); | $types = $_SESSION['config']->get_ActiveTypes(); | ||||||
|  |  | ||||||
|  | @ -3,7 +3,7 @@ | ||||||
| $Id$ | $Id$ | ||||||
| 
 | 
 | ||||||
|   Copyright (C) 2004 David Smith |   Copyright (C) 2004 David Smith | ||||||
|   modified to fit for LDAP Account Manager 2005 - 2010 Roland Gruber |   modified to fit for LDAP Account Manager 2005 - 2012 Roland Gruber | ||||||
| 
 | 
 | ||||||
|   This program is free software; you can redistribute it and/or modify |   This program is free software; you can redistribute it and/or modify | ||||||
|   it under the terms of the GNU General Public License as published by |   it under the terms of the GNU General Public License as published by | ||||||
|  | @ -43,6 +43,8 @@ require_once("../../lib/schema.inc"); | ||||||
| // start session
 | // start session
 | ||||||
| startSecureSession(); | startSecureSession(); | ||||||
| 
 | 
 | ||||||
|  | checkIfToolIsActive('toolSchemaBrowser'); | ||||||
|  | 
 | ||||||
| setlanguage(); | setlanguage(); | ||||||
| 
 | 
 | ||||||
| include '../main_header.php'; | include '../main_header.php'; | ||||||
|  |  | ||||||
|  | @ -3,7 +3,7 @@ | ||||||
| $Id$ | $Id$ | ||||||
| 
 | 
 | ||||||
|   This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) |   This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) | ||||||
|   Copyright (C) 2009 - 2011  Roland Gruber |   Copyright (C) 2009 - 2012  Roland Gruber | ||||||
| 
 | 
 | ||||||
|   This program is free software; you can redistribute it and/or modify |   This program is free software; you can redistribute it and/or modify | ||||||
|   it under the terms of the GNU General Public License as published by |   it under the terms of the GNU General Public License as published by | ||||||
|  | @ -36,6 +36,8 @@ include_once("../lib/config.inc"); | ||||||
| // start session
 | // start session
 | ||||||
| startSecureSession(); | startSecureSession(); | ||||||
| 
 | 
 | ||||||
|  | checkIfToolIsActive('toolServerInformation'); | ||||||
|  | 
 | ||||||
| setlanguage(); | setlanguage(); | ||||||
| 
 | 
 | ||||||
| $namingContexts = ''; | $namingContexts = ''; | ||||||
|  |  | ||||||
|  | @ -3,7 +3,7 @@ | ||||||
| $Id$ | $Id$ | ||||||
| 
 | 
 | ||||||
|   This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) |   This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) | ||||||
|   Copyright (C) 2006 - 2010  Roland Gruber |   Copyright (C) 2006 - 2012  Roland Gruber | ||||||
| 
 | 
 | ||||||
|   This program is free software; you can redistribute it and/or modify |   This program is free software; you can redistribute it and/or modify | ||||||
|   it under the terms of the GNU General Public License as published by |   it under the terms of the GNU General Public License as published by | ||||||
|  | @ -39,6 +39,8 @@ startSecureSession(); | ||||||
| // die if no write access
 | // die if no write access
 | ||||||
| if (!checkIfWriteAccessIsAllowed()) die(); | if (!checkIfWriteAccessIsAllowed()) die(); | ||||||
| 
 | 
 | ||||||
|  | checkIfToolIsActive('toolTests'); | ||||||
|  | 
 | ||||||
| setlanguage(); | setlanguage(); | ||||||
| 
 | 
 | ||||||
| include '../main_header.php'; | include '../main_header.php'; | ||||||
|  |  | ||||||
|  | @ -3,7 +3,7 @@ | ||||||
| $Id$ | $Id$ | ||||||
| 
 | 
 | ||||||
|   This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) |   This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) | ||||||
|   Copyright (C) 2006 - 2010  Roland Gruber |   Copyright (C) 2006 - 2012  Roland Gruber | ||||||
| 
 | 
 | ||||||
|   This program is free software; you can redistribute it and/or modify |   This program is free software; you can redistribute it and/or modify | ||||||
|   it under the terms of the GNU General Public License as published by |   it under the terms of the GNU General Public License as published by | ||||||
|  | @ -40,6 +40,8 @@ startSecureSession(); | ||||||
| // die if no write access
 | // die if no write access
 | ||||||
| if (!checkIfWriteAccessIsAllowed()) die(); | if (!checkIfWriteAccessIsAllowed()) die(); | ||||||
| 
 | 
 | ||||||
|  | checkIfToolIsActive('toolTests'); | ||||||
|  | 
 | ||||||
| setlanguage(); | setlanguage(); | ||||||
| 
 | 
 | ||||||
| include '../main_header.php'; | include '../main_header.php'; | ||||||
|  |  | ||||||
|  | @ -43,6 +43,8 @@ startSecureSession(); | ||||||
| // die if no write access
 | // die if no write access
 | ||||||
| if (!checkIfWriteAccessIsAllowed()) die(); | if (!checkIfWriteAccessIsAllowed()) die(); | ||||||
| 
 | 
 | ||||||
|  | checkIfToolIsActive('toolTests'); | ||||||
|  | 
 | ||||||
| setlanguage(); | setlanguage(); | ||||||
| 
 | 
 | ||||||
| include '../main_header.php'; | include '../main_header.php'; | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue