WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

removed parallel editing check

This commit is contained in:
Roland Gruber 2019-05-20 18:06:07 +02:00
parent 89aa75c61a
commit 8186aed796
2 changed files with 4 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
lam/lib/modules.inc
View File

@ -745,9 +745,8 @@ class accountContainer {
* *
* @param ConfiguredType $type account type * @param ConfiguredType $type account type
* @param string $base key in $_SESSION where this object is saved * @param string $base key in $_SESSION where this object is saved
* @param integer $randomID random ID to avoid parallel editing (default: null)
*/ */
function __construct($type, $base, $randomID = null) { function __construct($type, $base) {
if (!($type instanceof ConfiguredType)) { if (!($type instanceof ConfiguredType)) {
trigger_error('Argument of accountContainer must be ConfiguredType.', E_USER_ERROR); trigger_error('Argument of accountContainer must be ConfiguredType.', E_USER_ERROR);
} }
@ -760,7 +759,6 @@ class accountContainer {
$this->current_page=0; $this->current_page=0;
$this->subpage='attributes'; $this->subpage='attributes';
$this->isNewAccount = false; $this->isNewAccount = false;
$this->randomID = $randomID;
return 0; return 0;
} }
@ -824,8 +822,6 @@ class accountContainer {
/** send password via mail to this alternate address */ /** send password via mail to this alternate address */
private $sendPasswordViaMailAlternateAddress = null; private $sendPasswordViaMailAlternateAddress = null;
/** random ID number to avoid parallel editing of accounts in multiple browser tabs */
private $randomID = null;
/** /**
* Returns the account module with the given class name * Returns the account module with the given class name
@ -865,10 +861,6 @@ class accountContainer {
* It prints the HTML code of each account page. * It prints the HTML code of each account page.
*/ */
function continue_main() { function continue_main() {
if (!empty($_POST['account_randomID']) && ($this->randomID != $_POST['account_randomID'])) {
metaRefresh("../lists/list.php?type=" . $this->type->getId() . '&accountEditInvalidID=true');
exit();
}
$oldPage = $this->current_page; $oldPage = $this->current_page;
$oldSubpage = $this->subpage; $oldSubpage = $this->subpage;
$result = array(); $result = array();
@ -1378,7 +1370,6 @@ class accountContainer {
}); });
</script>'; </script>';
echo "<form id=\"inputForm\" enctype=\"multipart/form-data\" action=\"edit.php\" method=\"post\" onSubmit=\"saveScrollPosition('inputForm')\" autocomplete=\"off\">\n"; echo "<form id=\"inputForm\" enctype=\"multipart/form-data\" action=\"edit.php\" method=\"post\" onSubmit=\"saveScrollPosition('inputForm')\" autocomplete=\"off\">\n";
echo '<input type="hidden" name="account_randomID" value="' . $this->randomID . '">';
echo '<input type="hidden" name="' . getSecurityTokenName() . '" value="' . getSecurityTokenValue() . '">'; echo '<input type="hidden" name="' . getSecurityTokenName() . '" value="' . getSecurityTokenValue() . '">';
} }

6
lam/templates/account/edit.php
View File

@ -3,7 +3,7 @@
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2003 - 2006 Tilo Lutz Copyright (C) 2003 - 2006 Tilo Lutz
2005 - 2018 Roland Gruber 2005 - 2019 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -80,7 +80,7 @@ if (isset($_GET['DN'])) {
logNewMessage(LOG_ERR, 'User tried to access entry of type ' . $type->getId() . ' outside suffix ' . $suffix); logNewMessage(LOG_ERR, 'User tried to access entry of type ' . $type->getId() . ' outside suffix ' . $suffix);
die(); die();
} }
$_SESSION['account'] = new accountContainer($type, 'account', getRandomNumber()); $_SESSION['account'] = new accountContainer($type, 'account');
$result = $_SESSION['account']->load_account($DN); $result = $_SESSION['account']->load_account($DN);
if (sizeof($result) > 0) { if (sizeof($result) > 0) {
include __DIR__ . '/../../lib/adminHeader.inc'; include __DIR__ . '/../../lib/adminHeader.inc';
@ -102,7 +102,7 @@ else if (count($_POST) == 0) {
logNewMessage(LOG_ERR, 'User tried to create entry of forbidden account type: ' . $type->getId()); logNewMessage(LOG_ERR, 'User tried to create entry of forbidden account type: ' . $type->getId());
die(); die();
} }
$_SESSION['account'] = new accountContainer($type, 'account', getRandomNumber()); $_SESSION['account'] = new accountContainer($type, 'account');
$_SESSION['account']->new_account(); $_SESSION['account']->new_account();
} }