From d83df7a4468542fbd1297243c06fe8901858b4ee Mon Sep 17 00:00:00 2001 From: Roland Gruber Date: Thu, 1 Sep 2005 15:20:15 +0000 Subject: [PATCH] changed subpage handling; fixed another magic_quotes_gpc bug --- lam/HISTORY | 3 + lam/docs/devel/modules-specification.htm | 63 +++++++---- lam/lib/modules.inc | 28 +++-- lam/lib/modules/inetOrgPerson.inc | 11 +- lam/lib/modules/kolabUser.inc | 11 +- lam/lib/modules/posixAccount.inc | 38 +++---- lam/lib/modules/posixGroup.inc | 18 ++-- lam/lib/modules/sambaAccount.inc | 127 ++++++++++------------- lam/lib/modules/sambaSamAccount.inc | 42 +++----- lam/templates/account/edit.php | 10 +- 10 files changed, 178 insertions(+), 173 deletions(-) diff --git a/lam/HISTORY b/lam/HISTORY index 9f15c0ba..68922764 100644 --- a/lam/HISTORY +++ b/lam/HISTORY @@ -1,9 +1,12 @@ ??? 0.5.rc3 + - INFO messages no longer prevent changing to subpages of a module - fixed bugs: -> buttons on account page are better sorted -> account module: some problems solved when used for user accounts -> nisMailAlias: fixed missing RDN possibility -> fixed conflicts when accounts were built with other base modules + -> Samba 2/3: setting allowed workstations failed + -> magic_quotes_gpc = Off prevented editing of accounts 18.08.2005 0.5.rc2 diff --git a/lam/docs/devel/modules-specification.htm b/lam/docs/devel/modules-specification.htm index ec199b9e..2ac70e0c 100644 --- a/lam/docs/devel/modules-specification.htm +++ b/lam/docs/devel/modules-specification.htm @@ -745,27 +745,19 @@ is needed t interact with the user.

-This function processes user inputs. It checks user inputs. It also +This function processes user input. It checks user input. It also saves changes in attributes.
-$post is the $_POST -array.  Some attributes ar not part of a profile, e.g. uidNumber. -If $profile
-is true attributes wich are not part of a profile won't be checked.
-LDAP attributes have to be stored in $this->attributes array. First -index is the attribute name. Second
-index is an array of values of an attribute.
-This functions can return three different variables. When 0 is returned -everything is ok. When a string is
-returned the string is the name of a subpage of the module. If it +This functions can return two different variables. When 0 is returned +everything is ok. If it returns an array the array contains status
-messages. First Index is the attribute which has triggered a message. -Second index is an array containing
-status message arrays.
+messages. First index is the attribute which has triggered a message. +Second index is an array containing status message arrays.
This function must reset $this->triggered_messages when it wants to display status messages. This can be done with $this->triggered_messages = array();
-
+$post is the $_POST +array.


2.2.14. process_*
@@ -785,7 +777,7 @@ This function has the exact behavoir like process_attributes function. * is the name of the subpage which
should be processed.
$post is the $_POST array. It -is needed t interact with the user.
+is needed to interact with the user.


2.2.15. display_html_attributes($post)
@@ -981,21 +973,46 @@ height attribute for td elements

+Input buttons which should load a different subpage of a module must +have a special name attribute:
+
+name => 'form_subpage_' . <module name> . '_' . <subpage name> . '_' . <button name>
+ +
+
Example:

array(
-  array(
-    array("kind" => "text", "text" => "This is an +  0 => array(
+    0 => array("kind" => "text", "text" => +"This is an example", "td" => array("colspan" => 3))
  ),
-  array(
-    array("kind" => "text", "text" => "Input:"),
-    array("kind" => "input", "name" => "myinput", +  1 => array(
+    0 => array("kind" => "text", "text" => +"Input:"),
+    1 => array("kind" => "input", "name" => +"myinput", "type" => "text"),
-    array("kind" => "help", "value" => "42")
+    2 => array("kind" => "help", "value" => "42")
+  ),
+  2 => array(
+    0 => array("kind" => "input", "name" => +'form_subpage_myModule_attributes_back', "value" => _("Back"))
  )
-)
+)



diff --git a/lam/lib/modules.inc b/lam/lib/modules.inc index 50a24ccd..03e024f9 100644 --- a/lam/lib/modules.inc +++ b/lam/lib/modules.inc @@ -806,7 +806,7 @@ class accountContainer { $this->dn = $profile['ldap_suffix'][0]; } $result = 0; - } + } // save account if ($post['create']) { $errors = $this->save_account(); @@ -814,9 +814,9 @@ class accountContainer { $result = array($errors); $stopProcessing = true; } - else $result = 'finish'; - } + else $this->subpage = 'finish'; } + } if ($this->subpage=='finish') { if ($post['createagain']) { // Reset objects @@ -832,24 +832,23 @@ class accountContainer { // Add all required objects etc. $this->new_account(); $result = 0; - } + } if ($post['backmain']) { // Return to *-list // *** fixme unset accountContainer in session metaRefresh("../lists/list".$this->type."s.php"); exit; - } + } if ($post['outputpdf']) { // Create / display PDf-file createModulePDF(array($_SESSION[$this->base]), $post['pdfStructure']); exit; - } } } - else $result = call_user_func(array(&$this->module[$this->order[$this->current_page]], 'process_'.$this->subpage), $post); } + else $result = call_user_func(array(&$this->module[$this->order[$this->current_page]], 'process_'.$this->subpage), $post); + } // change to next page - if (is_string($result)) $this->subpage = $result; // go to subpage of current module $errorsOccured = false; if (is_array($result)) { // messages were returned, check for errors $errorKeys = array_keys($result); @@ -862,6 +861,19 @@ class accountContainer { } } } + // go to subpage of current module + if (!$errorsOccured) { + $postKeys = array_keys($post); + for ($p = 0; $p < sizeof($postKeys); $p++) { + if (is_string($postKeys[$p]) && (strpos($postKeys[$p], 'form_subpage_' . $this->order[$this->current_page]) === 0)) { + $temp = substr($postKeys[$p], strlen($this->order[$this->current_page]) + 14); + $temp = explode('_', $temp); + if (sizeof($temp) == 2) { + $this->subpage = $temp[0]; + } + } + } + } if (is_int($result) || !$errorsOccured) { // numeric return value means to change to another module if ($post['form_main_main']) { $this->current_page = 0; diff --git a/lam/lib/modules/inetOrgPerson.inc b/lam/lib/modules/inetOrgPerson.inc index c1c7c0db..4931a263 100644 --- a/lam/lib/modules/inetOrgPerson.inc +++ b/lam/lib/modules/inetOrgPerson.inc @@ -552,7 +552,7 @@ class inetOrgPerson extends baseModule { else { $return[] = array( 0 => array('kind' => 'text', 'text' => _('Password') ), - 1 => array('kind' => 'input', 'name' => 'changepass', 'type' => 'submit', 'value' => _('Change password'))); + 1 => array('kind' => 'input', 'name' => 'form_subpage_inetOrgPerson_password_open', 'type' => 'submit', 'value' => _('Change password'))); } $return[] = array(0 => array('kind' => 'text', 'td' => array('colspan' => 3))); @@ -637,7 +637,7 @@ class inetOrgPerson extends baseModule { * @param $post HTTP POST */ function process_password(&$post) { - if ($post['back']) return 'attributes'; + if ($post['form_subpage_inetOrgPerson_attributes_back']) return; $messages = array(); if ($post['userPassword'] != $post['userPassword2']) { $messages['userPassword'][] = $this->messages['userPassword'][0]; @@ -650,8 +650,7 @@ class inetOrgPerson extends baseModule { $this->attributes['userPassword'][0] = $post['userPassword']; } } - if (sizeof($messages) > 0) return $messages; - else return 'attributes'; + return $messages; } /** @@ -671,8 +670,8 @@ class inetOrgPerson extends baseModule { $return[] = array( 0 => array('kind' => 'table', 'value' => array( 0 => array( - 0 => array('kind' => 'input', 'type' => 'submit', 'value' => _('Submit'), 'name' => 'submit'), - 1 => array('kind' => 'input', 'type' => 'submit', 'value' => _('Back'), 'name' => 'back'), + 0 => array('kind' => 'input', 'type' => 'submit', 'value' => _('Submit'), 'name' => 'form_subpage_inetOrgPerson_attributes_submit'), + 1 => array('kind' => 'input', 'type' => 'submit', 'value' => _('Back'), 'name' => 'form_subpage_inetOrgPerson_attributes_back'), 2 => array('kind' => 'text'))))); return $return; } diff --git a/lam/lib/modules/kolabUser.inc b/lam/lib/modules/kolabUser.inc index bc86132b..c146f956 100644 --- a/lam/lib/modules/kolabUser.inc +++ b/lam/lib/modules/kolabUser.inc @@ -423,7 +423,7 @@ class kolabUser extends baseModule { // delete flag if (!$_SESSION[$this->base]->isNewAccount) { $returnDelete = array( - 0 => array('kind' => 'input', 'type' => 'submit', 'value' => _('Mark account for deletion'), 'name' => 'kolabDelete'), + 0 => array('kind' => 'input', 'type' => 'submit', 'value' => _('Mark account for deletion'), 'name' => 'form_subpage_kolabUser_deleteUser_open'), 1 => array('kind' => 'help', 'value' => 'deleteFlag')); $return[] = array( array('kind' => 'fieldset', 'legend' => _('Delete Kolab account'), 'value' => array($returnDelete), 'td' => array('colspan' => 3)) @@ -438,7 +438,7 @@ class kolabUser extends baseModule { * @param array $post HTTP-POST values */ function process_attributes(&$post) { - if ($post['kolabDelete']) return 'deleteUser'; + if ($post['form_subpage_kolabUser_deleteUser_open']) return; $this->triggered_messages = array(); $this->attributes['kolabInvitationPolicy'] = array(); // country @@ -598,8 +598,8 @@ class kolabUser extends baseModule { $return[] = array( 0 => array('kind' => 'text', 'text' => ' ', 'td' => array('colspan' => 2))); $return[] = array( - 0 => array('kind' => 'input', 'type' => 'submit', 'value' => _('Mark account for deletion'), 'name' => 'kolabDeleteConfirm'), - 1 => array('kind' => 'input', 'type' => 'submit', 'value' => _('Cancel'), 'name' => 'kolabDeleteCancel')); + 0 => array('kind' => 'input', 'type' => 'submit', 'value' => _('Mark account for deletion'), 'name' => 'form_subpage_kolabUser_attributes_confirm'), + 1 => array('kind' => 'input', 'type' => 'submit', 'value' => _('Cancel'), 'name' => 'form_subpage_kolabUser_attributes_cancel')); return $return; } @@ -609,11 +609,10 @@ class kolabUser extends baseModule { * @param array $post HTTP-POST values */ function process_deleteUser(&$post) { - if ($post['kolabDeleteConfirm']) { + if ($post['form_subpage_kolabUser_attributes_confirm']) { // set delete flag $this->attributes['kolabDeleteflag'][0] = $this->attributes['kolabHomeServer'][0]; } - return 'attributes'; } /** diff --git a/lam/lib/modules/posixAccount.inc b/lam/lib/modules/posixAccount.inc index c235c760..25501cf7 100644 --- a/lam/lib/modules/posixAccount.inc +++ b/lam/lib/modules/posixAccount.inc @@ -817,20 +817,16 @@ class posixAccount extends baseModule { if ($_SESSION[$this->base]->isNewAccount && !get_preg($this->attributes['userPassword'][0], 'password')) $triggered_messages['userPassword'][] = $this->messages['userPassword'][1]; } - - $temp = $this->input_check(); - // TODO is this really OK? - if (is_array($temp)) $triggered_messages = array_merge_recursive($triggered_messages, $temp); - // Return error-messages - if (count($triggered_messages)!=0) { - $this->triggered_messages = $triggered_messages; - return $triggered_messages; - } - else $this->triggered_messages = array(); - // Go to additional group page when no error did ocour and button was pressed - if ($post['addgroup']) return 'group'; - if ($post['changepass']) return 'password'; - return 0; + $temp = $this->input_check(); + // TODO is this really OK? + if (is_array($temp)) $triggered_messages = array_merge_recursive($triggered_messages, $temp); + // Return error-messages + if (count($triggered_messages)!=0) { + $this->triggered_messages = $triggered_messages; + return $triggered_messages; + } + else $this->triggered_messages = array(); + return 0; } /* Write variables into object and do some regexp checks @@ -850,7 +846,6 @@ class posixAccount extends baseModule { } } while(0); if (isset($post['addgroups_button']) || isset($post['removegroups_button'])) return 'group'; - if ($post['back']) return 'attributes'; return 0; } @@ -860,7 +855,7 @@ class posixAccount extends baseModule { * @param $post HTTP POST */ function process_password(&$post) { - if ($post['back']) return 'attributes'; + if ($post['form_subpage_posixAccount_attributes_back']) return; $messages = array(); if ($post['userPassword'] != $post['userPassword2']) { $messages['userPassword'][] = $this->messages['userPassword'][0]; @@ -877,7 +872,6 @@ class posixAccount extends baseModule { } } if (sizeof($messages) > 0) return $messages; - else return 'attributes'; } /* This function will create the html-page @@ -935,7 +929,7 @@ class posixAccount extends baseModule { if ($_SESSION[$this->base]->type=='user') { $return[] = array( 0 => array('kind' => 'text', 'text' => _('Additional groups')), - 1 => array('kind' => 'input', 'name' => 'addgroup', 'type' => 'submit', 'value' => _('Edit groups')), + 1 => array('kind' => 'input', 'name' => 'form_subpage_posixAccount_group_open', 'type' => 'submit', 'value' => _('Edit groups')), 2 => array('kind' => 'help', 'value' => 'addgroup')); $return[] = array( 0 => array('kind' => 'text', 'text' => _('Home directory').'*'), @@ -960,7 +954,7 @@ class posixAccount extends baseModule { else { $return[] = array( 0 => array('kind' => 'text', 'text' => _('Password') ), - 1 => array('kind' => 'input', 'name' => 'changepass', 'type' => 'submit', 'value' => _('Change password'))); + 1 => array('kind' => 'input', 'name' => 'form_subpage_posixAccount_password_open', 'type' => 'submit', 'value' => _('Change password'))); } $return[] = array( 0 => array('kind' => 'text', 'text' => _('Set no password')), @@ -1038,7 +1032,7 @@ class posixAccount extends baseModule { )))); $return[] = array( - 0 => array('kind' => 'input', 'type' => 'submit', 'value' => _('Back'), 'name' => 'back'), + 0 => array('kind' => 'input', 'type' => 'submit', 'value' => _('Back'), 'name' => 'form_subpage_posixAccount_attributes_back'), 1 => array('kind' => 'text'), 2 => array('kind' => 'text')); return $return; @@ -1061,8 +1055,8 @@ class posixAccount extends baseModule { $return[] = array( 0 => array('kind' => 'table', 'value' => array( 0 => array( - 0 => array('kind' => 'input', 'type' => 'submit', 'value' => _('Submit'), 'name' => 'submit'), - 1 => array('kind' => 'input', 'type' => 'submit', 'value' => _('Back'), 'name' => 'back'), + 0 => array('kind' => 'input', 'type' => 'submit', 'value' => _('Submit'), 'name' => 'form_subpage_posixAccount_attributes_submit'), + 1 => array('kind' => 'input', 'type' => 'submit', 'value' => _('Back'), 'name' => 'form_subpage_posixAccount_attributes_back'), 2 => array('kind' => 'text'))))); return $return; } diff --git a/lam/lib/modules/posixGroup.inc b/lam/lib/modules/posixGroup.inc index d8d6cc5d..551d8fdc 100644 --- a/lam/lib/modules/posixGroup.inc +++ b/lam/lib/modules/posixGroup.inc @@ -175,7 +175,7 @@ class posixGroup extends baseModule { 2 => array ('kind' => 'help', 'value' => 'description')); $return[] = array( 0 => array('kind' => 'text', 'text' => _("Group members").'*'), - 1 => array('kind' => 'input', 'name' => 'adduser', 'type' => 'submit', 'value' => _('Edit members')), + 1 => array('kind' => 'input', 'name' => 'form_subpage_posixGroup_user_open', 'type' => 'submit', 'value' => _('Edit members')), 2 => array ('kind' => 'help', 'value' => 'adduser')); if ($_SESSION[$this->base]->isNewAccount) { $return[] = array( @@ -190,7 +190,7 @@ class posixGroup extends baseModule { else { $return[] = array( 0 => array('kind' => 'text', 'text' => _('Password') ), - 1 => array('kind' => 'input', 'name' => 'changepass', 'type' => 'submit', 'value' => _('Change password'))); + 1 => array('kind' => 'input', 'name' => 'form_subpage_posixGroup_password_open', 'type' => 'submit', 'value' => _('Change password'))); } $return[] = array( 0 => array('kind' => 'text', 'text' => _('Set no password')), @@ -259,7 +259,7 @@ class posixGroup extends baseModule { )))); $return[] = array( - 0 => array('kind' => 'input', 'name' => 'toattributes' ,'type' => 'submit', 'value' => _('Back') ), + 0 => array('kind' => 'input', 'name' => 'form_subpage_posixGroup_attributes_back' ,'type' => 'submit', 'value' => _('Back') ), 1 => array('kind' => 'text'), 2 => array('kind' => 'text')); return $return; @@ -282,8 +282,8 @@ class posixGroup extends baseModule { $return[] = array( 0 => array('kind' => 'table', 'value' => array( 0 => array( - 0 => array('kind' => 'input', 'type' => 'submit', 'value' => _('Submit'), 'name' => 'submit'), - 1 => array('kind' => 'input', 'type' => 'submit', 'value' => _('Back'), 'name' => 'back'), + 0 => array('kind' => 'input', 'type' => 'submit', 'value' => _('Submit'), 'name' => 'form_subpage_posixGroup_attributes_submit'), + 1 => array('kind' => 'input', 'type' => 'submit', 'value' => _('Back'), 'name' => 'form_subpage_posixGroup_attributes_back'), 2 => array('kind' => 'text'))))); return $return; } @@ -672,9 +672,6 @@ class posixGroup extends baseModule { return $triggered_messages; } else $this->triggered_messages = array(); - // Go to additional group page when no error did ocour and button was pressed - if ($post['adduser']) return 'user'; - if ($post['changepass']) return 'password'; return 0; } @@ -699,8 +696,6 @@ class posixGroup extends baseModule { elseif (isset($post['removeusers']) && isset($post['removeusers_button'])) { // remove users from list $this->attributes['memberUid'] = array_delete($post['removeusers'], $this->attributes['memberUid']); } - if (isset($post['adduser_button']) || isset($post['removeuser_button'])) return 'user'; - elseif ($post['toattributes']) return 'attributes'; return 0; } @@ -711,7 +706,7 @@ class posixGroup extends baseModule { * @param $post HTTP POST */ function process_password(&$post) { - if ($post['back']) return 'attributes'; + if ($post['form_subpage_posixGroup_attributes_back']) return; $messages = array(); if ($post['userPassword'] != $post['userPassword2']) { $messages['userPassword'][] = $this->messages['userPassword'][0]; @@ -725,7 +720,6 @@ class posixGroup extends baseModule { $this->userPassword_nopassword = false; } if (sizeof($messages) > 0) return $messages; - else return 'attributes'; } /* This function returns an array with 3 entries: diff --git a/lam/lib/modules/sambaAccount.inc b/lam/lib/modules/sambaAccount.inc index 088a23bd..3860adfe 100644 --- a/lam/lib/modules/sambaAccount.inc +++ b/lam/lib/modules/sambaAccount.inc @@ -487,10 +487,6 @@ class sambaAccount extends baseModule { return $return; } - function delete_attributes($post) { - return 0; - } - /* Write variables into object and do some regexp checks */ function process_attributes(&$post) { @@ -545,10 +541,10 @@ class sambaAccount extends baseModule { $post['pwdCanChange_mon'], $post['pwdCanChange_day'], $post['pwdCanChange_yea']); $this->attributes['pwdMustChange'][0] = mktime($post['pwdMustChange_h'], $post['pwdMustChange_m'], $post['pwdMustChange_s'], $post['pwdMustChange_mon'], $post['pwdMustChange_day'], $post['pwdMustChange_yea']); - $this->attributes['smbHome'][0] = stripslashes($post['smbHome']); + $this->attributes['smbHome'][0] = $post['smbHome']; $this->attributes['homeDrive'][0] = $post['homeDrive']; - $this->attributes['scriptPath'][0] = stripslashes($post['scriptPath']); - $this->attributes['profilePath'][0] = stripslashes($post['profilePath']); + $this->attributes['scriptPath'][0] = $post['scriptPath']; + $this->attributes['profilePath'][0] = $post['profilePath']; $rids = array_keys($this->rids); $wrid = false; for ($i=0; $iattributes['smbHome'][0] = str_replace('$user', $_SESSION[$this->base]->module['posixAccount']->attributes['uid'][0], $this->attributes['smbHome'][0]); $this->attributes['smbHome'][0] = str_replace('$group', $_SESSION['cache']->getgrnam($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]), $this->attributes['smbHome'][0]); - if ($this->attributes['smbHome'][0] != stripslashes($post['smbHome'])) $triggered_messages['smbHome'][] = $this->messages['homePath'][1]; + if ($this->attributes['smbHome'][0] != $post['smbHome']) $triggered_messages['smbHome'][] = $this->messages['homePath'][1]; $this->attributes['scriptPath'][0] = str_replace('$user', $_SESSION[$this->base]->module['posixAccount']->attributes['uid'][0], $this->attributes['scriptPath'][0]); $this->attributes['scriptPath'][0] = str_replace('$group', $_SESSION['cache']->getgrnam($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]), $this->attributes['scriptPath'][0]); - if ($this->attributes['scriptPath'][0] != stripslashes($post['scriptPath'])) $triggered_messages['scriptPath'][] = $this->messages['logonScript'][1]; + if ($this->attributes['scriptPath'][0] != $post['scriptPath']) $triggered_messages['scriptPath'][] = $this->messages['logonScript'][1]; $this->attributes['profilePath'][0] = str_replace('$user', $_SESSION[$this->base]->module['posixAccount']->attributes['uid'][0], $this->attributes['profilePath'][0]); $this->attributes['profilePath'][0] = str_replace('$group', $_SESSION['cache']->getgrnam($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]), $this->attributes['profilePath'][0]); - if ($this->attributes['profiletPath'][0] != stripslashes($post['profilePath'])) $triggered_messages['profilePath'][] = $this->messages['profilePath'][1]; + if ($this->attributes['profiletPath'][0] != $post['profilePath']) $triggered_messages['profilePath'][] = $this->messages['profilePath'][1]; if ( (!$this->attributes['smbHome'][0]=='') && (!get_preg($this->attributes['smbHome'][0], 'UNC'))) $triggered_messages['smbHome'][] = $this->messages['homePath'][0]; if ( (!$this->attributes['scriptPath'][0]=='') && (!get_preg($this->attributes['scriptPath'][0], 'logonscript'))) @@ -624,7 +620,6 @@ class sambaAccount extends baseModule { return $triggered_messages; } else $this->triggered_messages = array(); - if ($post['userWorkstations']) return 'userWorkstations'; return 0; } @@ -633,49 +628,46 @@ class sambaAccount extends baseModule { function process_userWorkstations(&$post) { // Load attributes if ($_SESSION[$this->base]->type=='user') { - do { // X-Or, only one if() can be true - if (isset($post['availableUserWorkstations']) && isset($post['userWorkstations_add'])) { // Add workstations to list - $temp = str_replace(' ', '', $this->attributes['userWorkstations'][0]); - $workstations = explode (',', $temp); - for ($i=0; $iattributes['userWorkstations'][0] = $workstations[0]; - for ($i=1; $iattributes['userWorkstations'][0] = $this->attributes['userWorkstations'][0] . "," . $workstations[$i]; - } - break; - } - if (isset($post['userWorkstations']) && isset($post['userWorkstations_remove'])) { // remove // Add workstations from list - // Put all workstations in array - $temp = str_replace(' ', '', $this->attributes['userWorkstations'][0]); - $workstations = explode (',', $temp); - for ($i=0; $iattributes['userWorkstations'][0] = $workstations[0]; - for ($i=1; $iattributes['userWorkstations'][0] = $this->attributes['userWorkstations'][0] . "," . $workstations[$i]; - } - break; - } - } while(0); - if ($post['attributes']) return 'attributes'; + if (isset($post['availableUserWorkstations']) && isset($post['userWorkstations_add'])) { // Add workstations to list + $temp = str_replace(' ', '', $this->attributes['userWorkstations'][0]); + $workstations = explode (',', $temp); + for ($i=0; $iattributes['userWorkstations'][0] = $workstations[0]; + for ($i=1; $iattributes['userWorkstations'][0] = $this->attributes['userWorkstations'][0] . "," . $workstations[$i]; + } + } + elseif (isset($post['userWorkstations']) && isset($post['userWorkstations_remove'])) { // remove // Add workstations from list + // Put all workstations in array + $temp = str_replace(' ', '', $this->attributes['userWorkstations'][0]); + $workstations = explode (',', $temp); + for ($i=0; $iattributes['userWorkstations'][0] = $workstations[0]; + for ($i=1; $iattributes['userWorkstations'][0] = $this->attributes['userWorkstations'][0] . "," . $workstations[$i]; + } } - return 0; } + return 0; + } /* This function will create the html-page * to show a page with all attributes. @@ -746,7 +738,7 @@ class sambaAccount extends baseModule { 1 => array ( 'kind' => 'input', 'type' => 'text', 'name' => 'scriptPath', 'size' => '20', 'maxlength' => '255', 'value' => $this->attributes['scriptPath'][0]), 2 => array ( 'kind' => 'help', 'value' => 'scriptPath' )); $return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Samba workstations') ), - 1 => array ( 'kind' => 'input', 'type' => 'submit', 'name' => 'userWorkstations', 'value' => _('Edit workstations')), + 1 => array ( 'kind' => 'input', 'type' => 'submit', 'name' => 'form_subpage_sambaAccount_userWorkstations_open', 'value' => _('Edit workstations')), 2 => array ( 'kind' => 'help', 'value' => 'userWorkstations' )); $names = array_keys($this->rids); @@ -780,7 +772,7 @@ class sambaAccount extends baseModule { $return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Special user') ), 1 => array ( 'kind' => 'select', 'name' => 'rid', 'options' => $options, 'options_selected' => $selected), 2 => array ( 'kind' => 'help', 'value' => 'rid' )); - } + } $return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Domain') ), 1 => array ( 'kind' => 'input', 'type' => 'text', 'name' => 'domain', 'size' => '20', 'maxlength' => '255', 'value' => $this->attributes['domain'][0]), 2 => array ( 'kind' => 'help', 'value' => 'domain' )); @@ -789,13 +781,9 @@ class sambaAccount extends baseModule { $return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Reset password') ), 1 => array ( 'kind' => 'input', 'type' => 'submit', 'name' => 'ResetSambaPassword', 'value' => _('Submit')), 2 => array ( 'kind' => 'help', 'value' => 'ResetSambaPassword' )); - } + } return $return; - } - - function display_html_delete(&$post) { - return 0; - } + } /* This function will create the html-page * to show a page with all attributes. @@ -811,25 +799,24 @@ class sambaAccount extends baseModule { $result = str_replace(' ', '', $this->attributes['userWorkstations'][0]); $userWorkstations = explode (',', $result); $availableUserWorkstations = array_delete($userWorkstations, $availableUserWorkstations); - } - + } $return[] = array ( 0 => array ( 'kind' => 'fieldset', 'legend' => _("Allowed workstations"), 'value' => array ( 0 => array ( 0 => array ('kind' => 'fieldset', 'td' => array ('valign' => 'top'), 'legend' => _("Allowed workstations"), 'value' => - array ( 0 => array ( 0 => array ( 'kind' => 'select', 'name' => 'userWorkstations[]', 'size' => '15', 'multiple', 'options' => $userWorkstations)))), + array ( 0 => array ( 0 => array ( 'kind' => 'select', 'name' => 'userWorkstations', 'size' => '15', 'multiple' => true, 'options' => $userWorkstations)))), 1 => array ( 'kind' => 'table', 'value' => array ( 0 => array ( 0 => array ( 'kind' => 'input', 'type' => 'submit', 'name' => 'userWorkstations_add', 'value' => '<=')), 1 => array ( 0 => array ( 'kind' => 'input', 'type' => 'submit', 'name' => 'userWorkstations_remove', 'value' => '=>' )), 2 => array ( 0 => array ( 'kind' => 'help', 'value' => 'userWorkstations' )))), 2 => array ('kind' => 'fieldset', 'td' => array ('valign' => 'top'), 'legend' => _("Available workstations"), 'value' => - array ( 0 => array ( 0 => array ( 'kind' => 'select', 'name' => 'availableUserWorkstations[]', 'size' => '15', 'multiple', 'options' => $availableUserWorkstations)))) + array ( 0 => array ( 0 => array ( 'kind' => 'select', 'name' => 'availableUserWorkstations', 'size' => '15', 'multiple' => true, 'options' => $availableUserWorkstations)))) )))); - $return[] = array ( 0 => array ( 'kind' => 'input', 'type' => 'submit', 'value' => _('Back') ), - 1 => array ( 'kind' => 'text'), - 2 => array ('kind' => 'text')); - } - - return $return; + $return[] = array( + 0 => array('kind' => 'input', 'type' => 'submit', 'name' => 'form_subpage_sambaAccount_attributes_back', 'value' => _('Back')), + 1 => array('kind' => 'text'), + 2 => array('kind' => 'text')); } + return $return; + } /* * (non-PHPDoc) diff --git a/lam/lib/modules/sambaSamAccount.inc b/lam/lib/modules/sambaSamAccount.inc index fc368402..24330d06 100644 --- a/lam/lib/modules/sambaSamAccount.inc +++ b/lam/lib/modules/sambaSamAccount.inc @@ -537,10 +537,10 @@ class sambaSamAccount extends baseModule { $post['sambaPwdCanChange_mon'], $post['sambaPwdCanChange_day'], $post['sambaPwdCanChange_yea']); $this->attributes['sambaPwdMustChange'][0] = mktime($post['sambaPwdMustChange_h'], $post['sambaPwdMustChange_m'], $post['sambaPwdMustChange_s'], $post['sambaPwdMustChange_mon'], $post['sambaPwdMustChange_day'], $post['sambaPwdMustChange_yea']); - $this->attributes['sambaHomePath'][0] = stripslashes($post['sambaHomePath']); + $this->attributes['sambaHomePath'][0] = $post['sambaHomePath']; $this->attributes['sambaHomeDrive'][0] = $post['sambaHomeDrive']; - $this->attributes['sambaLogonScript'][0] = stripslashes($post['sambaLogonScript']); - $this->attributes['sambaProfilePath'][0] = stripslashes($post['sambaProfilePath']); + $this->attributes['sambaLogonScript'][0] = $post['sambaLogonScript']; + $this->attributes['sambaProfilePath'][0] = $post['sambaProfilePath']; $rids = array_keys($this->rids); $wrid = false; for ($i=0; $iattributes['sambaHomePath'][0] = str_replace('$user', $_SESSION[$this->base]->module['posixAccount']->attributes['uid'][0], $this->attributes['sambaHomePath'][0]); $this->attributes['sambaHomePath'][0] = str_replace('$group', $_SESSION['cache']->getgrnam($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]), $this->attributes['sambaHomePath'][0]); - if ($this->attributes['sambaHomePath'][0] != stripslashes($post['sambaHomePath'])) $triggered_messages['sambaHomePath'][] = $this->messages['homePath'][1]; + if ($this->attributes['sambaHomePath'][0] != $post['sambaHomePath']) $triggered_messages['sambaHomePath'][] = $this->messages['homePath'][1]; $this->attributes['sambaLogonScript'][0] = str_replace('$user', $_SESSION[$this->base]->module['posixAccount']->attributes['uid'][0], $this->attributes['sambaLogonScript'][0]); $this->attributes['sambaLogonScript'][0] = str_replace('$group', $_SESSION['cache']->getgrnam($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]), $this->attributes['sambaLogonScript'][0]); - if ($this->attributes['sambaLogonScript'][0] != stripslashes($post['sambaLogonScript'])) $triggered_messages['sambaLogonScript'][] = $this->messages['logonScript'][1]; + if ($this->attributes['sambaLogonScript'][0] != $post['sambaLogonScript']) $triggered_messages['sambaLogonScript'][] = $this->messages['logonScript'][1]; $this->attributes['sambaProfilePath'][0] = str_replace('$user', $_SESSION[$this->base]->module['posixAccount']->attributes['uid'][0], $this->attributes['sambaProfilePath'][0]); $this->attributes['sambaProfilePath'][0] = str_replace('$group', $_SESSION['cache']->getgrnam($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]), $this->attributes['sambaProfilePath'][0]); - if ($this->attributes['sambaProfilePath'][0] != stripslashes($post['sambaProfilePath'])) $triggered_messages['sambaProfilePath'][] = $this->messages['profilePath'][1]; + if ($this->attributes['sambaProfilePath'][0] != $post['sambaProfilePath']) $triggered_messages['sambaProfilePath'][] = $this->messages['profilePath'][1]; if ( (!$this->attributes['sambaHomePath'][0]=='') && (!get_preg($this->attributes['sambaHomePath'][0], 'UNC'))) $triggered_messages['sambaHomePath'][] = $this->messages['homePath'][0]; if ( (!$this->attributes['sambaLogonScript'][0]=='') && (!get_preg($this->attributes['sambaLogonScript'][0], 'logonscript'))) @@ -626,10 +626,8 @@ class sambaSamAccount extends baseModule { return $triggered_messages; } else $this->triggered_messages = array(); - if ($post['sambaUserWorkstations']) return 'sambaUserWorkstations'; - if ($post['logonHours']) return 'logonHours'; return 0; - } + } /* Write variables into object and do some regexp checks */ @@ -675,10 +673,9 @@ class sambaSamAccount extends baseModule { break; } } while(0); - if ($post['attributes']) return 'attributes'; } return 0; - } + } /** * Save logon hours @@ -687,7 +684,7 @@ class sambaSamAccount extends baseModule { * @return string next page name (attributes or logonHours) */ function process_logonHours(&$post) { - if ($post['abort']) return 'attributes'; + if ($post['form_subpage_sambaSamAccount_attributes_abort']) return; // set new logon hours $logonHours = ''; for ($i = 0; $i < 7; $i++) { @@ -712,7 +709,6 @@ class sambaSamAccount extends baseModule { $logonHoursNew = $logonHoursNew . $hex; } $this->attributes['sambaLogonHours'][0] = $logonHoursNew; - if ($post['submit']) return 'attributes'; } /* This function will create the html-page @@ -794,7 +790,7 @@ class sambaSamAccount extends baseModule { 1 => array ( 'kind' => 'input', 'type' => 'text', 'name' => 'sambaLogonScript', 'size' => '20', 'maxlength' => '255', 'value' => $this->attributes['sambaLogonScript'][0]), 2 => array ( 'kind' => 'help', 'value' => 'sambaLogonScript' )); $return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Samba workstations') ), - 1 => array ( 'kind' => 'input', 'type' => 'submit', 'name' => 'sambaUserWorkstations', 'value' => _('Edit workstations')), + 1 => array ( 'kind' => 'input', 'type' => 'submit', 'name' => 'form_subpage_sambaSamAccount_sambaUserWorkstations_open', 'value' => _('Edit workstations')), 2 => array ( 'kind' => 'help', 'value' => 'sambaUserWorkstations' )); $names = array_keys($this->rids); @@ -836,7 +832,7 @@ class sambaSamAccount extends baseModule { // logon hours if ($_SESSION[$this->base]->type=='user') { $return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Logon hours') ), - 1 => array ( 'kind' => 'input', 'type' => 'submit', 'name' => 'logonHours', 'value' => _('Edit logon hours')), + 1 => array ( 'kind' => 'input', 'type' => 'submit', 'name' => 'form_subpage_sambaSamAccount_logonHours_open', 'value' => _('Edit logon hours')), 2 => array ( 'kind' => 'help', 'value' => 'logonHours' )); } // reset host password @@ -849,10 +845,6 @@ class sambaSamAccount extends baseModule { return $return; } - function display_html_delete(&$post) { - return 0; - } - /* This function will create the html-page * to show a page with all attributes. * It will output a complete html-table @@ -869,17 +861,17 @@ class sambaSamAccount extends baseModule { $availableUserWorkstations = array_delete($userWorkstations, $availableUserWorkstations); } - $return[] = array ( 0 => array ( 'kind' => 'fieldset', 'legend' => _("Allowed workstations"), 'value' => + $return[] = array( 0 => array ( 'kind' => 'fieldset', 'legend' => _("Allowed workstations"), 'value' => array ( 0 => array ( 0 => array ('kind' => 'fieldset', 'td' => array ('valign' => 'top'), 'legend' => _("Allowed workstations"), 'value' => - array ( 0 => array ( 0 => array ( 'kind' => 'select', 'name' => 'sambaUserWorkstations[]', 'size' => '15', 'multiple', 'options' => $userWorkstations)))), + array ( 0 => array ( 0 => array ( 'kind' => 'select', 'name' => 'sambaUserWorkstations', 'size' => '15', 'multiple' => true, 'options' => $userWorkstations)))), 1 => array ( 'kind' => 'table', 'value' => array ( 0 => array ( 0 => array ( 'kind' => 'input', 'type' => 'submit', 'name' => 'sambaUserWorkstations_add', 'value' => '<=')), 1 => array ( 0 => array ( 'kind' => 'input', 'type' => 'submit', 'name' => 'sambaUserWorkstations_remove', 'value' => '=>' )), 2 => array ( 0 => array ( 'kind' => 'help', 'value' => 'sambaUserWorkstations' )))), 2 => array ('kind' => 'fieldset', 'td' => array ('valign' => 'top'), 'legend' => _("Available workstations"), 'value' => - array ( 0 => array ( 0 => array ( 'kind' => 'select', 'name' => 'availableSambaUserWorkstations[]', 'size' => '15', 'multiple', 'options' => $availableUserWorkstations)))) + array ( 0 => array ( 0 => array ( 'kind' => 'select', 'name' => 'availableSambaUserWorkstations', 'size' => '15', 'multiple' => true, 'options' => $availableUserWorkstations)))) )))); - $return[] = array ( 0 => array ( 'kind' => 'input', 'type' => 'submit', 'value' => _('Back') ), + $return[] = array ( 0 => array ( 'kind' => 'input', 'name' => 'form_subpage_sambaSamAccount_attributes_back', 'type' => 'submit', 'value' => _('Back') ), 1 => array ( 'kind' => 'text'), 2 => array ('kind' => 'text')); } @@ -953,8 +945,8 @@ class sambaSamAccount extends baseModule { array_unshift($timezones, 'GMT-' . $t); } $return[] = array( - 0 => array('kind' => 'input', 'name' => 'submit', 'type' => 'submit', 'value' => _('Submit'), 'td' => array('align' => 'right')), - 1 => array('kind' => 'input', 'name' => 'abort', 'type' => 'submit', 'value' => _('Abort'), 'td' => array('align' => 'left')), + 0 => array('kind' => 'input', 'name' => 'form_subpage_sambaSamAccount_attributes_submit', 'type' => 'submit', 'value' => _('Submit'), 'td' => array('align' => 'right')), + 1 => array('kind' => 'input', 'name' => 'form_subpage_sambaSamAccount_attributes_abort', 'type' => 'submit', 'value' => _('Abort'), 'td' => array('align' => 'left')), 2 => array('kind' => 'text', 'td' => array('colspan' => 2)), 3 => array('kind' => 'table', 'td' => array('colspan' => 4, 'align' => 'right'), 'value' => array(0 => array( 0 => array('kind' => 'text', 'text' => _('Time zone')), diff --git a/lam/templates/account/edit.php b/lam/templates/account/edit.php index 16284589..4a2f0abc 100644 --- a/lam/templates/account/edit.php +++ b/lam/templates/account/edit.php @@ -67,10 +67,18 @@ if ($_GET['DN']) { else if (count($_POST)==0) { $type = str_replace("\'", '', $_GET['type']); if ($_GET['type'] == $type) $type = str_replace("'", '',$_GET['type']); - if ($_GET['DN'] == $DN) $DN = str_replace("'", '',$_GET['DN']); $_SESSION['account'] = new accountContainer($type, 'account'); $_SESSION['account']->new_account(); } + +// remove double slashes if magic quotes are on +if (get_magic_quotes_gpc() == 1) { + $postKeys = array_keys($_POST); + for ($i = 0; $i < sizeof($postKeys); $i++) { + if (is_string($_POST[$postKeys[$i]])) $_POST[$postKeys[$i]] = stripslashes($_POST[$postKeys[$i]]); + } +} + // show account page $_SESSION['account']->continue_main($_POST);