From cdaa9a8a121b29e7c0184b492e8ea9c9cb4a8e7b Mon Sep 17 00:00:00 2001 From: Roland Gruber Date: Sat, 7 Jan 2017 18:23:04 +0100 Subject: [PATCH 1/2] new type API for upload --- lam/lib/upload.inc | 28 ++++--- lam/templates/lib/500_lam.js | 4 +- lam/templates/misc/ajax.php | 5 +- lam/templates/upload/massBuildAccounts.php | 52 +++++++----- lam/templates/upload/massDoUpload.php | 19 +++-- lam/templates/upload/masscreate.php | 92 ++++++++++++++-------- 6 files changed, 119 insertions(+), 81 deletions(-) diff --git a/lam/lib/upload.inc b/lam/lib/upload.inc index 2ac48eed..119d8d5e 100644 --- a/lam/lib/upload.inc +++ b/lam/lib/upload.inc @@ -6,7 +6,7 @@ use accountContainer; $Id$ This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) - Copyright (C) 2016 Roland Gruber + Copyright (C) 2016 - 2017 Roland Gruber This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -46,7 +46,7 @@ class Uploader { private $accounts = null; private $data = null; - private $scope = null; + private $type = null; private $endTime; const TIME_LIMIT = 10; @@ -61,11 +61,13 @@ class Uploader { /** * Constructor + * + * @param \LAM\TYPES\ConfiguredType $type account type */ - public function __construct($scope) { + public function __construct($type) { $this->accounts = unserialize(lamDecrypt($_SESSION['mass_accounts'])); $this->data = unserialize(lamDecrypt($_SESSION['mass_data'])); - $this->scope = $scope; + $this->type = $type; $startTime = time(); $maxTime = get_cfg_var('max_execution_time') - 5; if ($maxTime > Uploader::TIME_LIMIT) $maxTime = Uploader::TIME_LIMIT; @@ -131,7 +133,7 @@ class Uploader { $preAttributes[$key] = &$attrs[$key]; } $preAttributes['dn'] = &$dn; - $preMessages = doUploadPreActions($this->scope, $_SESSION['mass_selectedModules'], $preAttributes); + $preMessages = doUploadPreActions($this->type->getScope(), $_SESSION['mass_selectedModules'], $preAttributes); $preActionOk = true; for ($i = 0; $i < sizeof($preMessages); $i++) { if (($preMessages[$i][0] == 'ERROR') || ($preMessages[$i][0] == 'WARN')) { @@ -202,7 +204,7 @@ class Uploader { 'pdfFinished' => $pdfFinished, 'allDone' => $allDone, 'errorHtml' => $errorHtml, - 'scope' => $this->scope + 'typeId' => $this->type->getId() ); return json_encode($status); } @@ -211,10 +213,10 @@ class Uploader { * Checks for security violations and stops processing if needed. */ private function securityCheck() { - if (!isLoggedIn() || empty($this->scope) - || isAccountTypeHidden($this->scope) - || !checkIfNewEntriesAreAllowed($this->scope) - || !checkIfWriteAccessIsAllowed($this->scope)) { + if (!isLoggedIn() || empty($this->type) + || $this->type->isHidden() + || !checkIfNewEntriesAreAllowed($this->type->getId()) + || !checkIfWriteAccessIsAllowed($this->type->getId())) { die; } } @@ -229,7 +231,7 @@ class Uploader { while (!isset($_SESSION['mass_postActions']['finished']) && ($this->endTime > time())) { $return = $this->runModulePostActions(); } - $title = _("Additional tasks for module:") . ' ' . getModuleAlias($return['module'], $this->scope); + $title = _("Additional tasks for module:") . ' ' . getModuleAlias($return['module'], $this->type->getScope()); $progress = round($return['progress'], 2); $finished = isset($_SESSION['mass_postActions']['finished']); return $this->buildUploadStatus(100, true, $title, $progress, $finished); @@ -241,7 +243,7 @@ class Uploader { * @return array status array */ private function runModulePostActions() { - $return = doUploadPostActions($this->scope, $this->data, $_SESSION['mass_ids'], $_SESSION['mass_failed'], $_SESSION['mass_selectedModules'], $this->accounts); + $return = doUploadPostActions($this->type->getScope(), $this->data, $_SESSION['mass_ids'], $_SESSION['mass_failed'], $_SESSION['mass_selectedModules'], $this->accounts); if ($return['status'] == 'finished') { $_SESSION['mass_postActions']['finished'] = true; } @@ -284,7 +286,7 @@ class Uploader { } // load account $typeManager = new \LAM\TYPES\TypeManager(); - $_SESSION['mass_pdfAccount'] = new accountContainer($typeManager->getConfiguredType($this->scope), 'mass_pdfAccount'); + $_SESSION['mass_pdfAccount'] = new accountContainer($this->type, 'mass_pdfAccount'); $pdfErrors = $_SESSION['mass_pdfAccount']->load_account($dn, $infoAttributes); if (sizeof($pdfErrors) > 0) { $_SESSION['mass_errors'] = array_merge($_SESSION['mass_errors'], $pdfErrors); diff --git a/lam/templates/lib/500_lam.js b/lam/templates/lib/500_lam.js index e9350bd8..b5fbeebf 100644 --- a/lam/templates/lib/500_lam.js +++ b/lam/templates/lib/500_lam.js @@ -3,7 +3,7 @@ $Id$ This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) - Copyright (C) 2003 - 2016 Roland Gruber + Copyright (C) 2003 - 2017 Roland Gruber This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -757,6 +757,6 @@ window.lam.upload.uploadDone = function(jsonData) { jQuery('#uploadContent').html(htmlOut); } else { - top.location.href = '../lists/list.php?type=' + jsonData.scope + '&uploadAllOk'; + top.location.href = '../lists/list.php?type=' + jsonData.typeId + '&uploadAllOk'; } } diff --git a/lam/templates/misc/ajax.php b/lam/templates/misc/ajax.php index ca870ea5..c8936e2d 100644 --- a/lam/templates/misc/ajax.php +++ b/lam/templates/misc/ajax.php @@ -3,7 +3,7 @@ $Id$ This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) - Copyright (C) 2011 - 2016 Roland Gruber + Copyright (C) 2011 - 2017 Roland Gruber This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -90,7 +90,8 @@ class lamAjax { } elseif ($function == 'upload') { include_once('../../lib/upload.inc'); - $uploader = new LAM\UPLOAD\Uploader($_GET['scope']); + $typeManager = new \LAM\TYPES\TypeManager(); + $uploader = new LAM\UPLOAD\Uploader($typeManager->getConfiguredType($_GET['typeId'])); ob_start(); $jsonOut = $uploader->doUpload(); ob_end_clean(); diff --git a/lam/templates/upload/massBuildAccounts.php b/lam/templates/upload/massBuildAccounts.php index 05567514..e41943ed 100644 --- a/lam/templates/upload/massBuildAccounts.php +++ b/lam/templates/upload/massBuildAccounts.php @@ -1,9 +1,17 @@ getConfiguredType($typeId); // check if account type is ok -if (isAccountTypeHidden($scope)) { - logNewMessage(LOG_ERR, 'User tried to access hidden upload: ' . $scope); +if ($type->isHidden()) { + logNewMessage(LOG_ERR, 'User tried to access hidden upload: ' . $type->getId()); die(); } -if (!checkIfNewEntriesAreAllowed($scope) || !checkIfWriteAccessIsAllowed($scope)) { - logNewMessage(LOG_ERR, 'User tried to access forbidden upload: ' . $scope); +if (!checkIfNewEntriesAreAllowed($type->getId()) || !checkIfWriteAccessIsAllowed($type->getId())) { + logNewMessage(LOG_ERR, 'User tried to access forbidden upload: ' . $type->getId()); die(); } echo '
'; -echo '
'; +echo '
'; $container = new htmlTable(); $selectedModules = explode(',', $_POST['selectedModules']); @@ -111,7 +121,7 @@ if ($_FILES['inputfile'] && ($_FILES['inputfile']['size'] > 0)) { $data = array(); // input values without first row $ids = array(); // => // get input fields from modules - $columns = getUploadColumns($scope, $selectedModules); + $columns = getUploadColumns($type->getScope(), $selectedModules); // read input file $handle = fopen ($_FILES['inputfile']['tmp_name'], "r"); if (($head = fgetcsv($handle, 2000)) !== false ) { // head row @@ -184,15 +194,15 @@ if ($_FILES['inputfile'] && ($_FILES['inputfile']['size'] > 0)) { $container->addElement(new htmlStatusMessage("ERROR", $errors[$i][0], $errors[$i][1]), true); } $container->addElement(new htmlSpacer(null, '10px'), true); - massPrintBackButton($scope, $selectedModules, $container); + massPrintBackButton($type->getId(), $selectedModules, $container); } // let modules build accounts else { - $accounts = buildUploadAccounts($scope, $data, $ids, $selectedModules); + $accounts = buildUploadAccounts($type->getId(), $data, $ids, $selectedModules); if ($accounts != false) { - $rdnList = getRDNAttributes($scope, $selectedModules); - $suffix = $_SESSION['config']->get_Suffix($scope); + $rdnList = getRDNAttributes($type->getId(), $selectedModules); + $suffix = $type->getSuffix(); // set DN foreach ($accounts as $i => $account) { // check against list of possible RDN attributes @@ -220,7 +230,7 @@ if ($_FILES['inputfile'] && ($_FILES['inputfile']['size'] > 0)) { $_SESSION['mass_postActions'] = array(); $_SESSION['mass_data'] = lamEncrypt(serialize($data)); $_SESSION['mass_ids'] = $ids; - $_SESSION['mass_scope'] = $scope; + $_SESSION['mass_typeId'] = $type->getId(); $_SESSION['mass_selectedModules'] = $selectedModules; if (isset($_SESSION['mass_pdf'])) { unset($_SESSION['mass_pdf']); @@ -240,25 +250,25 @@ if ($_FILES['inputfile'] && ($_FILES['inputfile']['size'] > 0)) { $buttonContainer->addElement(new htmlLink(_("Upload accounts to LDAP"), 'massDoUpload.php', '../../graphics/up.gif', true)); $buttonContainer->addElement(new htmlLink(_("Show LDIF file"), 'massBuildAccounts.php?showldif=true', '../../graphics/edit.png', true)); $buttonContainer->addElement(new htmlSpacer('10px', null)); - massPrintBackButton($scope, $selectedModules, $buttonContainer); + massPrintBackButton($type->getId(), $selectedModules, $buttonContainer); $container->addElement($buttonContainer, true); } } else { $container->addElement(new htmlSpacer(null, '10px'), true); - massPrintBackButton($scope, $selectedModules, $container); + massPrintBackButton($type->getId(), $selectedModules, $container); } } } else { $container->addElement(new htmlStatusMessage('ERROR', _('Please provide a file to upload.')), true); $container->addElement(new htmlSpacer(null, '10px'), true); - massPrintBackButton($scope, $selectedModules, $container); + massPrintBackButton($type->getId(), $selectedModules, $container); } addSecurityTokenToMetaHTML($container); $tabindex = 1; -parseHtml(null, $container, array(), false, $tabindex, $scope); +parseHtml(null, $container, array(), false, $tabindex, $type->getScope()); echo '
'; echo ''; @@ -267,15 +277,15 @@ include '../main_footer.php'; /** * Prints a back button to the page where the user enters a file to upload. * - * @param String $scope account type (e.g. user) + * @param String $typeId account type (e.g. user) * @param array $selectedModules selected modules for upload * @param htmlTable $container table container */ -function massPrintBackButton($scope, $selectedModules, &$container) { +function massPrintBackButton($typeId, $selectedModules, &$container) { $backButton = new htmlButton('submit', _('Back')); $backButton->setIconClass('backButton'); $container->addElement($backButton); - $container->addElement(new htmlHiddenInput('type', $scope)); + $container->addElement(new htmlHiddenInput('type', $typeId)); $createPDF = 0; if (isset($_POST['createPDF']) && ($_POST['createPDF'] == 'on')) { $createPDF = 1; @@ -283,7 +293,7 @@ function massPrintBackButton($scope, $selectedModules, &$container) { $container->addElement(new htmlHiddenInput('createPDF', $createPDF)); $container->addElement(new htmlHiddenInput('pdfStructure', $_POST['pdfStructure'])); for ($i = 0; $i < sizeof($selectedModules); $i++) { - $container->addElement(new htmlHiddenInput($scope . '_' . $selectedModules[$i], 'on')); + $container->addElement(new htmlHiddenInput($typeId . '___' . $selectedModules[$i], 'on')); } } diff --git a/lam/templates/upload/massDoUpload.php b/lam/templates/upload/massDoUpload.php index b0fca7dc..bbc5b3b9 100644 --- a/lam/templates/upload/massDoUpload.php +++ b/lam/templates/upload/massDoUpload.php @@ -1,9 +1,10 @@ getConfiguredType($typeId); // check if account type is ok -if (isAccountTypeHidden($scope)) { - logNewMessage(LOG_ERR, 'User tried to access hidden upload: ' . $scope); +if ($type->isHidden()) { + logNewMessage(LOG_ERR, 'User tried to access hidden upload: ' . $type->getId()); die(); } -if (!checkIfNewEntriesAreAllowed($scope) || !checkIfWriteAccessIsAllowed($scope)) { - logNewMessage(LOG_ERR, 'User tried to access forbidden upload: ' . $scope); +if (!checkIfNewEntriesAreAllowed($type->getId()) || !checkIfWriteAccessIsAllowed($type->getId())) { + logNewMessage(LOG_ERR, 'User tried to access forbidden upload: ' . $type->getId()); die(); } -echo '
'; +echo '
'; $tokenPrefix = '?' . getSecurityTokenName() . '=' . getSecurityTokenValue(); ?> diff --git a/lam/templates/upload/masscreate.php b/lam/templates/upload/masscreate.php index 9fad8e51..6b29a4eb 100644 --- a/lam/templates/upload/masscreate.php +++ b/lam/templates/upload/masscreate.php @@ -1,9 +1,28 @@ get_ActiveTypes(); +$typeManager = new \LAM\TYPES\TypeManager(); +$types = $typeManager->getConfiguredTypes(); $count = sizeof($types); for ($i = 0; $i < $count; $i++) { - $myType = new $types[$i](); - if (!$myType->supportsFileUpload() || isAccountTypeHidden($types[$i]) - || !checkIfNewEntriesAreAllowed($types[$i]) || !checkIfWriteAccessIsAllowed($types[$i])) { + $myType = $types[$i]; + if (!$myType->getBaseType()->supportsFileUpload() || $myType->isHidden() + || !checkIfNewEntriesAreAllowed($myType->getId()) || !checkIfWriteAccessIsAllowed($myType->getId())) { unset($types[$i]); } } @@ -93,26 +113,27 @@ $types = array_values($types); // check if account specific page should be shown if (isset($_POST['type'])) { // get selected type - $scope = htmlspecialchars($_POST['type']); + $typeId = htmlspecialchars($_POST['type']); + $type = $typeManager->getConfiguredType($typeId); // get selected modules $selectedModules = array(); $checkedBoxes = array_keys($_POST, 'on'); for ($i = 0; $i < sizeof($checkedBoxes); $i++) { - if (strpos($checkedBoxes[$i], $scope . '_') === 0) { - $selectedModules[] = substr($checkedBoxes[$i], strlen($scope) + 1); + if (strpos($checkedBoxes[$i], $typeId . '___') === 0) { + $selectedModules[] = substr($checkedBoxes[$i], strlen($typeId) + strlen('___')); } } - $deps = getModulesDependencies($scope); + $deps = getModulesDependencies($type->getScope()); $depErrors = check_module_depends($selectedModules, $deps); if (is_array($depErrors) && (sizeof($depErrors) > 0)) { for ($i = 0; $i < sizeof($depErrors); $i++) { StatusMessage('ERROR', _("Unsolved dependency:") . ' ' . - getModuleAlias($depErrors[$i][0], $scope) . " (" . - getModuleAlias($depErrors[$i][1], $scope) . ")"); + getModuleAlias($depErrors[$i][0], $type->getScope()) . " (" . + getModuleAlias($depErrors[$i][1], $type->getScope()) . ")"); } } else { - showMainPage($scope, $selectedModules); + showMainPage($type, $selectedModules); exit; } } @@ -120,7 +141,7 @@ if (isset($_POST['type'])) { // show start page $divClass = 'user'; if (isset($_REQUEST['type'])) { - $divClass = $_REQUEST['type']; + $divClass = \LAM\TYPES\getScopeFromTypeId($_REQUEST['type']); } echo '
'; echo "
\n"; @@ -141,15 +162,15 @@ $table = new htmlTable(); // account type $typeList = array(); -for ($i = 0; $i < sizeof($types); $i++) { - $typeList[LAM\TYPES\getTypeAlias($types[$i])] = $types[$i]; +foreach ($types as $type) { + $typeList[$type->getAlias()] = $type->getId(); } $selectedType = array(); if (isset($_REQUEST['type'])) { $selectedType[] = $_REQUEST['type']; } elseif (!empty($types)) { - $selectedType[] = $types[0]; + $selectedType[] = $types[0]->getId(); } $typeSelect = new htmlTableExtendedSelect('type', $typeList, $selectedType, _("Account type")); $typeSelect->setHasDescriptiveElements(true); @@ -162,32 +183,32 @@ $moduleLabel = new htmlOutputText(_('Selected modules')); $moduleLabel->alignment = htmlElement::ALIGN_TOP; $table->addElement($moduleLabel); $moduleGroup = new htmlGroup(); -for ($i = 0; $i < sizeof($types); $i++) { +foreach ($types as $type) { $divClasses = array('typeOptions'); - if ((!isset($_REQUEST['type']) && ($i != 0)) || (isset($_REQUEST['type']) && ($_REQUEST['type'] != $types[$i]))) { + if ((!isset($_REQUEST['type']) && ($i != 0)) || (isset($_REQUEST['type']) && ($_REQUEST['type'] != $type->getId()))) { $divClasses[] = 'hidden'; } $innerTable = new htmlTable(); - $modules = $_SESSION['config']->get_AccountModules($types[$i]); + $modules = $_SESSION['config']->get_AccountModules($type->getId()); for ($m = 0; $m < sizeof($modules); $m++) { if (($m != 0) && ($m%3 == 0)) { echo $innerTable->addNewLine(); } - $module = moduleCache::getModule($modules[$m], $types[$i]); + $module = moduleCache::getModule($modules[$m], $type->getScope()); $iconImage = $module->getIcon(); if (!is_null($iconImage) && !(strpos($iconImage, 'http') === 0) && !(strpos($iconImage, '/') === 0)) { $iconImage = '../../graphics/' . $iconImage; } $innerTable->addElement(new htmlImage($iconImage)); $enabled = true; - if (is_base_module($modules[$m], $types[$i])) { + if (is_base_module($modules[$m], $type->getScope())) { $enabled = false; } $checked = true; - if (isset($_POST['submit']) && !isset($_POST[$types[$i] . '_' . $modules[$m]])) { + if (isset($_POST['submit']) && !isset($_POST[$type->getId() . '___' . $modules[$m]])) { $checked = false; } - $checkbox = new htmlTableExtendedInputCheckbox($types[$i] . '_' . $modules[$m], $checked, getModuleAlias($modules[$m], $types[$i]), null, false); + $checkbox = new htmlTableExtendedInputCheckbox($type->getId() . '___' . $modules[$m], $checked, getModuleAlias($modules[$m], $type->getScope()), null, false); $checkbox->setIsEnabled($enabled); if ($enabled) { $innerTable->addElement($checkbox); @@ -196,12 +217,12 @@ for ($i = 0; $i < sizeof($types); $i++) { $boxGroup = new htmlGroup(); $boxGroup->addElement($checkbox); // add hidden field to fake disabled checkbox value - $boxGroup->addElement(new htmlHiddenInput($types[$i] . '_' . $modules[$m], 'on')); + $boxGroup->addElement(new htmlHiddenInput($type->getId() . '___' . $modules[$m], 'on')); $innerTable->addElement($boxGroup); } $innerTable->addElement(new htmlSpacer('10px', null)); } - $typeDiv = new htmlDiv($types[$i], $innerTable); + $typeDiv = new htmlDiv($type->getId(), $innerTable); $typeDiv->setCSSClasses($divClasses); $moduleGroup->addElement($typeDiv); } @@ -231,10 +252,11 @@ include '../main_footer.php'; /** * Displays the acount type specific main page of the upload. * -* @param string $scope account type +* @param \LAM\TYPES\ConfiguredType $type account type * @param array $selectedModules list of selected account modules */ -function showMainPage($scope, $selectedModules) { +function showMainPage($type, $selectedModules) { + $scope = $type->getScope(); echo '
'; // get input fields from modules $columns = getUploadColumns($scope, $selectedModules); @@ -257,7 +279,7 @@ function showMainPage($scope, $selectedModules) { $inputContainer->addElement(new htmlInputFileUpload('inputfile')); $inputContainer->addElement(new htmlSpacer('10px', null)); $inputContainer->addElement(new htmlLink(_("Download sample CSV file"), 'masscreate.php?getCSV=1', '../../graphics/save.png', true)); - $inputContainer->addElement(new htmlHiddenInput('scope', $scope)); + $inputContainer->addElement(new htmlHiddenInput('typeId', $type->getId())); $inputContainer->addElement(new htmlHiddenInput('selectedModules', implode(',', $selectedModules)), true); // PDF $createPDF = false; @@ -267,7 +289,7 @@ function showMainPage($scope, $selectedModules) { $pdfCheckbox = new htmlTableExtendedInputCheckbox('createPDF', $createPDF, _('Create PDF files')); $pdfCheckbox->setTableRowsToShow(array('pdfStructure')); $inputContainer->addElement($pdfCheckbox, true); - $pdfStructures = \LAM\PDF\getPDFStructures($scope); + $pdfStructures = \LAM\PDF\getPDFStructures($type->getId()); $pdfSelected = array(); if (isset($_POST['pdfStructure'])) { $pdfSelected = array($_POST['pdfStructure']); @@ -321,9 +343,9 @@ function showMainPage($scope, $selectedModules) { $dnSuffixRowCells[] = $columnSpacer; $dnSuffixRowCells[] = new htmlOutputText('dn_suffix'); $dnSuffixRowCells[] = $columnSpacer; - $dnSuffixRowCells[] = new htmlOutputText($_SESSION['config']->get_Suffix($scope)); + $dnSuffixRowCells[] = new htmlOutputText($type->getSuffix()); $dnSuffixRowCells[] = $columnSpacer; - $dnSuffixRowCells[] = new htmlOutputText($_SESSION['config']->get_Suffix($scope)); + $dnSuffixRowCells[] = new htmlOutputText($type->getSuffix()); $dnSuffixRowCells[] = $columnSpacer; $dnSuffixRowCells[] = new htmlOutputText(''); $dnSuffixRowCells[] = new htmlSpacer(null, '25px'); @@ -340,7 +362,7 @@ function showMainPage($scope, $selectedModules) { $dnRDNRowCells[] = $columnSpacer; $dnRDNRowCells[] = new htmlOutputText('dn_rdn'); $dnRDNRowCells[] = $columnSpacer; - $rdnAttributes = getRDNAttributes($scope, $selectedModules); + $rdnAttributes = getRDNAttributes($type->getId(), $selectedModules); $dnRDNRowCells[] = new htmlOutputText($rdnAttributes[0]); $dnRDNRowCells[] = $columnSpacer; $dnRDNRowCells[] = new htmlOutputText(''); @@ -456,9 +478,9 @@ function showMainPage($scope, $selectedModules) { $sampleCSV_head[] = "\"" . $columns[$modules[$m]][$i]['name'] . "\""; } } - $RDNs = getRDNAttributes($scope, $selectedModules); + $RDNs = getRDNAttributes($type->getId(), $selectedModules); // DN attributes - $sampleCSV_row[] = "\"" . $_SESSION['config']->get_Suffix($scope) . "\""; + $sampleCSV_row[] = "\"" . $type->getSuffix() . "\""; $sampleCSV_row[] = "\"" . $RDNs[0] . "\""; // module attributes for ($m = 0; $m < sizeof($modules); $m++) { From 84f2b4392318421fb0e4564adf6003b118e00b7f Mon Sep 17 00:00:00 2001 From: Roland Gruber Date: Sat, 7 Jan 2017 18:39:40 +0100 Subject: [PATCH 2/2] new type API for delete --- lam/templates/delete.php | 44 +++++++++++++++++++++++----------------- 1 file changed, 25 insertions(+), 19 deletions(-) diff --git a/lam/templates/delete.php b/lam/templates/delete.php index 4078836b..4b299ebd 100644 --- a/lam/templates/delete.php +++ b/lam/templates/delete.php @@ -1,10 +1,11 @@ getConfiguredType($_POST['type']) == null)) { logNewMessage(LOG_ERR, 'Invalid type: ' . $_POST['type']); die(); } if (isset($_GET['type']) && isset($_SESSION['delete_dn'])) { - if (!preg_match('/^[a-z0-9_]+$/i', $_GET['type'])) { - logNewMessage(LOG_ERR, 'Invalid type: ' . $_GET['type']); + $typeId = $_GET['type']; + $type = $typeManager->getConfiguredType($typeId); + if ($type == null) { + logNewMessage(LOG_ERR, 'Invalid type: ' . $type->getId()); die(); } - if (!checkIfDeleteEntriesIsAllowed($_GET['type']) || !checkIfWriteAccessIsAllowed($_GET['type'])) { - logNewMessage(LOG_ERR, 'User tried to delete entries of forbidden type '. $_GET['type']); + if (!checkIfDeleteEntriesIsAllowed($type->getId()) || !checkIfWriteAccessIsAllowed($type->getId())) { + logNewMessage(LOG_ERR, 'User tried to delete entries of forbidden type '. $type->getId()); die(); } // Create account list @@ -88,15 +93,14 @@ if (isset($_GET['type']) && isset($_SESSION['delete_dn'])) { } //load account - $typeManager = new LAM\TYPES\TypeManager(); - $_SESSION['account'] = new accountContainer($typeManager->getConfiguredType($_GET['type']), 'account'); + $_SESSION['account'] = new \accountContainer($type, 'account'); // Show HTML Page include 'main_header.php'; - echo "
"; + echo "
getScope() . "-bright smallPaddingContent\">"; echo "
\n"; echo "
\n"; echo ''; - echo "\n"; + echo "getId() . "\">\n"; echo "" . _("Do you really want to remove the following accounts?") . ""; echo "

\n"; echo "\n"; @@ -117,12 +121,12 @@ if (isset($_GET['type']) && isset($_SESSION['delete_dn'])) { echo "
\n"; // Print delete rows from modules echo "
\n
"; - $modules = $_SESSION['config']->get_AccountModules($_GET['type']); + $modules = $_SESSION['config']->get_AccountModules($type->getId()); $values = array(); $tabindex = 100; foreach ($modules as $module) { - $module = moduleCache::getModule($module, $_GET['type']); - parseHtml(get_class($module), $module->display_html_delete(), $values, true, $tabindex, $_GET['type']); + $module = \moduleCache::getModule($module, $type->getScope()); + parseHtml(get_class($module), $module->display_html_delete(), $values, true, $tabindex, $type->getScope()); } echo "
\n"; echo "
\n"; @@ -131,7 +135,7 @@ if (isset($_GET['type']) && isset($_SESSION['delete_dn'])) { echo "
\n"; echo "
\n"; ?> -