WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

check if user is logged in

This commit is contained in:
Roland Gruber 2017-02-11 17:11:37 +01:00
parent 5274f7d048
commit f405f7910b
28 changed files with 100 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
lam/lib/account.inc
View File

@ -1467,6 +1467,22 @@ function validateReCAPTCHA($secretKey) {
return $responseJSON->{'success'} === true; return $responseJSON->{'success'} === true;
} }
/**
* Checks if the user is logged in. Stops script execution if not.
*
* @param boolean $check2ndFactor check if the 2nd factor was provided if required
*/
function enforceUserIsLoggedIn($check2ndFactor = true) {
if (!isset($_SESSION['loggedIn']) || ($_SESSION['loggedIn'] !== true)) {
logNewMessage(LOG_WARNING, 'Detected unauthorized access to page that requires login: ' . $_SERVER["SCRIPT_FILENAME"]);
die();
}
if ($check2ndFactor && isset($_SESSION['2factorRequired'])) {
die();
logNewMessage(LOG_WARNING, 'Detected unauthorized access to page that requires login (2nd factor not provided): ' . $_SERVER["SCRIPT_FILENAME"]);
}
}
class LAMException extends Exception { class LAMException extends Exception {
private $title; private $title;

1
lam/templates/3rdParty/pla/lib/session_functions.php vendored
View File

@ -21,6 +21,7 @@ function app_session_start() {
include_once '../../../../lib/config.inc'; include_once '../../../../lib/config.inc';
include_once '../../../../lib/ldap.inc'; include_once '../../../../lib/ldap.inc';
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
$config_file = CONFDIR.'config.php'; $config_file = CONFDIR.'config.php';
$config = check_config($config_file); $config = check_config($config_file);
# If we came via index.php, then set our $config. # If we came via index.php, then set our $config.

3
lam/templates/account/edit.php
View File

@ -4,7 +4,7 @@ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2003 - 2006 Tilo Lutz Copyright (C) 2003 - 2006 Tilo Lutz
2005 - 2016 Roland Gruber 2005 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -47,6 +47,7 @@ include_once('../../lib/modules.inc');
// Start session // Start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
// Redirect to startpage if user is not loged in // Redirect to startpage if user is not loged in
if (!isLoggedIn()) { if (!isLoggedIn()) {

1
lam/templates/delete.php
View File

@ -49,6 +49,7 @@ include_once('../lib/modules.inc');
// Start session // Start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
if (!checkIfWriteAccessIsAllowed()) { if (!checkIfWriteAccessIsAllowed()) {
die(); die();

7
lam/templates/initsuff.php
View File

@ -3,7 +3,7 @@
$Id$ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2003 - 2015 Roland Gruber Copyright (C) 2003 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -39,6 +39,7 @@ include_once("../lib/status.inc");
// start session // start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
if (!checkIfWriteAccessIsAllowed()) { if (!checkIfWriteAccessIsAllowed()) {
die(); die();
@ -196,10 +197,10 @@ include 'main_header.php';
$buttonContainer->addElement(new htmlHiddenInput('new_suff', implode(";", $new_suff))); $buttonContainer->addElement(new htmlHiddenInput('new_suff', implode(";", $new_suff)));
$container->addElement($buttonContainer); $container->addElement($buttonContainer);
addSecurityTokenToMetaHTML($container); addSecurityTokenToMetaHTML($container);
$tabindex = 1; $tabindex = 1;
parseHtml(null, $container, array(), false, $tabindex, 'user'); parseHtml(null, $container, array(), false, $tabindex, 'user');
echo "</form><br>\n"; echo "</form><br>\n";
echo "</div>\n"; echo "</div>\n";
include 'main_footer.php'; include 'main_footer.php';

3
lam/templates/lists/deletelink.php
View File

@ -3,7 +3,7 @@
$Id$ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2007 - 2013 Roland Gruber Copyright (C) 2007 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -39,6 +39,7 @@ include_once("../../lib/status.inc");
// start session // start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
setlanguage(); setlanguage();

3
lam/templates/lists/list.php
View File

@ -3,7 +3,7 @@
$Id$ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2003 - 2016 Roland Gruber Copyright (C) 2003 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -38,6 +38,7 @@ include_once("../../lib/config.inc");
// start session // start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
setlanguage(); setlanguage();

3
lam/templates/lists/userlink.php
View File

@ -3,7 +3,7 @@
$Id$ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2003 - 2010 Roland Gruber Copyright (C) 2003 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -39,6 +39,7 @@ include_once("../../lib/status.inc");
// start session // start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
setlanguage(); setlanguage();

3
lam/templates/logout.php
View File

@ -3,7 +3,7 @@
$Id$ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2003 - 2006 Roland Gruber Copyright (C) 2003 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -44,6 +44,7 @@ include_once("../lib/ldap.inc");
// start session // start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
// log message // log message
$ldapUser = $_SESSION['ldap']->decrypt_login(); $ldapUser = $_SESSION['ldap']->decrypt_login();

3
lam/templates/main.php
View File

@ -4,7 +4,7 @@ namespace LAM\INIT;
$Id$ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2003 - 2016 Roland Gruber Copyright (C) 2003 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -36,6 +36,7 @@ include_once '../lib/profiles.inc';
// start session // start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
setlanguage(); setlanguage();

8
lam/templates/misc/ajax.php
View File

@ -63,6 +63,7 @@ class lamAjax {
validateSecurityToken(false); validateSecurityToken(false);
if (isset($_GET['module']) && isset($_GET['scope']) && in_array($_GET['module'], getAvailableModules($_GET['scope']))) { if (isset($_GET['module']) && isset($_GET['scope']) && in_array($_GET['module'], getAvailableModules($_GET['scope']))) {
enforceUserIsLoggedIn();
if (isset($_GET['useContainer']) && ($_GET['useContainer'] == '1')) { if (isset($_GET['useContainer']) && ($_GET['useContainer'] == '1')) {
if (!isset($_SESSION['account'])) die(); if (!isset($_SESSION['account'])) die();
$module = $_SESSION['account']->getAccountModule($_GET['module']); $module = $_SESSION['account']->getAccountModule($_GET['module']);
@ -82,12 +83,13 @@ class lamAjax {
} }
$jsonInput = $_POST['jsonInput']; $jsonInput = $_POST['jsonInput'];
if ($function == 'passwordStrengthCheck') {
lamAjax::checkPasswordStrength($jsonInput);
}
enforceUserIsLoggedIn();
if ($function == 'passwordChange') { if ($function == 'passwordChange') {
lamAjax::managePasswordChange($jsonInput); lamAjax::managePasswordChange($jsonInput);
} }
elseif ($function == 'passwordStrengthCheck') {
lamAjax::checkPasswordStrength($jsonInput);
}
elseif ($function == 'upload') { elseif ($function == 'upload') {
include_once('../../lib/upload.inc'); include_once('../../lib/upload.inc');
$typeManager = new \LAM\TYPES\TypeManager(); $typeManager = new \LAM\TYPES\TypeManager();

3
lam/templates/multiEdit.php
View File

@ -21,7 +21,7 @@ use \htmlInputTextarea;
$Id$ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2013 - 2016 Roland Gruber Copyright (C) 2013 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -57,6 +57,7 @@ include_once("../lib/status.inc");
// start session // start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
// die if no write access // die if no write access
if (!checkIfWriteAccessIsAllowed()) die(); if (!checkIfWriteAccessIsAllowed()) die();

1
lam/templates/ou_edit.php
View File

@ -50,6 +50,7 @@ include_once("../lib/status.inc");
// start session // start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
// die if no write access // die if no write access
if (!checkIfWriteAccessIsAllowed()) die(); if (!checkIfWriteAccessIsAllowed()) die();

4
lam/templates/pdfedit/pdfmain.php
View File

@ -15,13 +15,12 @@ use \htmlInputFileUpload;
use \htmlHelpLink; use \htmlHelpLink;
use \htmlInputField; use \htmlInputField;
use \htmlHiddenInput; use \htmlHiddenInput;
use \htmlDiv;
/* /*
$Id$ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2003 - 2006 Michael Duergner Copyright (C) 2003 - 2006 Michael Duergner
2005 - 2016 Roland Gruber 2005 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -60,6 +59,7 @@ include_once("../../lib/modules.inc");
// start session // start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
// die if no write access // die if no write access
if (!checkIfWriteAccessIsAllowed()) die(); if (!checkIfWriteAccessIsAllowed()) die();

3
lam/templates/pdfedit/pdfpage.php
View File

@ -19,7 +19,7 @@ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2003 - 2006 Michael Duergner Copyright (C) 2003 - 2006 Michael Duergner
2007 - 2016 Roland Gruber 2007 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -62,6 +62,7 @@ include_once('../../lib/xml_parser.inc');
// start session // start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
// die if no write access // die if no write access
if (!checkIfWriteAccessIsAllowed()) die(); if (!checkIfWriteAccessIsAllowed()) die();

3
lam/templates/profedit/profilemain.php
View File

@ -18,7 +18,7 @@ use \htmlInputField;
$Id$ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2003 - 2016 Roland Gruber Copyright (C) 2003 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -54,6 +54,7 @@ include_once("../../lib/config.inc");
// start session // start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
// die if no write access // die if no write access
if (!checkIfWriteAccessIsAllowed()) die(); if (!checkIfWriteAccessIsAllowed()) die();

3
lam/templates/profedit/profilepage.php
View File

@ -12,7 +12,7 @@ use \htmlHiddenInput;
$Id$ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2003 - 2016 Roland Gruber Copyright (C) 2003 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -52,6 +52,7 @@ include_once("../../lib/status.inc");
// start session // start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
// die if no write access // die if no write access
if (!checkIfWriteAccessIsAllowed()) die(); if (!checkIfWriteAccessIsAllowed()) die();

53
lam/templates/schema/schema.php
View File

@ -3,7 +3,7 @@
$Id$ $Id$
Copyright (C) 2004 David Smith Copyright (C) 2004 David Smith
modified to fit for LDAP Account Manager 2005 - 2012 Roland Gruber modified to fit for LDAP Account Manager 2005 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -29,8 +29,8 @@ $Id$
* @author David Smith * @author David Smith
* @author Roland Gruber * @author Roland Gruber
*/ */
/** security functions */ /** security functions */
include_once("../../lib/security.inc"); include_once("../../lib/security.inc");
/** access to LDAP server */ /** access to LDAP server */
@ -42,6 +42,7 @@ require_once("../../lib/schema.inc");
// start session // start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
checkIfToolIsActive('toolSchemaBrowser'); checkIfToolIsActive('toolSchemaBrowser');
@ -51,7 +52,7 @@ include '../main_header.php';
$view = isset( $_GET['view'] ) ? $_GET['view'] : 'objectClasses'; $view = isset( $_GET['view'] ) ? $_GET['view'] : 'objectClasses';
$viewvalue = isset( $_GET['viewvalue'] ) ? $_GET['viewvalue'] : null; $viewvalue = isset( $_GET['viewvalue'] ) ? $_GET['viewvalue'] : null;
if( trim( $viewvalue ) == "" ) if( trim( $viewvalue ) == "" )
$viewvalue = null; $viewvalue = null;
if( ! is_null( $viewvalue ) ) if( ! is_null( $viewvalue ) )
@ -89,7 +90,7 @@ if( $view == 'syntaxes' ) {
echo "<tr><th>" . _('Syntax OID') . "</th><th>" . _('Description') . "</th></tr>\n"; echo "<tr><th>" . _('Syntax OID') . "</th><th>" . _('Description') . "</th></tr>\n";
flush(); flush();
$counter=1; $counter=1;
$schema_syntaxes = get_schema_syntaxes(null); $schema_syntaxes = get_schema_syntaxes(null);
if( ! $schema_syntaxes ) StatusMessage("ERROR", _("Unable to retrieve schema!"), ""); if( ! $schema_syntaxes ) StatusMessage("ERROR", _("Unable to retrieve schema!"), "");
foreach( $schema_syntaxes as $syntax ) { foreach( $schema_syntaxes as $syntax ) {
$counter++; $counter++;
@ -107,7 +108,7 @@ if( $view == 'syntaxes' ) {
flush(); flush();
$schema_attrs = get_schema_attributes(null); $schema_attrs = get_schema_attributes(null);
$schema_object_classes = get_schema_objectclasses(null); $schema_object_classes = get_schema_objectclasses(null);
if( ! $schema_attrs || ! $schema_object_classes ) if( ! $schema_attrs || ! $schema_object_classes )
StatusMessage("ERROR", _("Unable to retrieve schema!"), ""); StatusMessage("ERROR", _("Unable to retrieve schema!"), "");
?> ?>
@ -116,7 +117,7 @@ if( $view == 'syntaxes' ) {
<select name="viewvalue" onChange="submit()"> <select name="viewvalue" onChange="submit()">
<option value=""> - all -</option> <option value=""> - all -</option>
<?php foreach( $schema_attrs as $attr ) { <?php foreach( $schema_attrs as $attr ) {
echo( '<option value="' echo( '<option value="'
.$attr->getName() .$attr->getName()
.'" ' .'" '
@ -130,7 +131,7 @@ if( $view == 'syntaxes' ) {
<br /> <br />
<table class="schema_attr" width="100%"> <table class="schema_attr" width="100%">
<?php <?php
foreach( $schema_attrs as $attr ) { foreach( $schema_attrs as $attr ) {
if ( is_null( $viewvalue ) || 0 == strcasecmp( $viewvalue, $attr->getName() ) ) { if ( is_null( $viewvalue ) || 0 == strcasecmp( $viewvalue, $attr->getName() ) ) {
if( ! is_null( $viewvalue ) ) if( ! is_null( $viewvalue ) )
@ -218,13 +219,13 @@ if( $view == 'syntaxes' ) {
echo number_format( $attr->getMaxLength() ) ." "; echo number_format( $attr->getMaxLength() ) ." ";
if ( $attr->getMaxLength()>1) {echo _('characters');} if ( $attr->getMaxLength()>1) {echo _('characters');}
else { echo _('character') ;} else { echo _('character') ;}
} }
echo "</td>\n"; echo "</td>\n";
echo "</tr>\n\n"; echo "</tr>\n\n";
echo "<tr class=\"" . (++$counter%2==0?'even':'odd') . "\">\n"; echo "<tr class=\"" . (++$counter%2==0?'even':'odd') . "\">\n";
echo "<td>"._('Aliases')."</td>\n"; echo "<td>"._('Aliases')."</td>\n";
echo "<td>"; echo "<td>";
if( count( $attr->getAliases() ) == 0 ) if( count( $attr->getAliases() ) == 0 )
echo '('._('none').')'; echo '('._('none').')';
else else
@ -251,7 +252,7 @@ if( $view == 'syntaxes' ) {
echo "</table>\n"; echo "</table>\n";
} elseif( $view == 'matching_rules' ) { } elseif( $view == 'matching_rules' ) {
$schema_matching_rules = get_schema_matching_rules(null); $schema_matching_rules = get_schema_matching_rules(null);
echo '<small>' . _('Jump to a matching rule').'</small><br />'; echo '<small>' . _('Jump to a matching rule').'</small><br />';
echo '<form action="schema.php" method="get">'; echo '<form action="schema.php" method="get">';
echo '<input type="hidden" name="view" value="matching_rules" />'; echo '<input type="hidden" name="view" value="matching_rules" />';
@ -260,7 +261,7 @@ if( $view == 'syntaxes' ) {
foreach( $schema_matching_rules as $rule ) { foreach( $schema_matching_rules as $rule ) {
echo '<option value="'.$rule->getName().'"'.($rule->getName()==$viewvalue? ' selected ': '').'>'.$rule->getName().'</option>'; echo '<option value="'.$rule->getName().'"'.($rule->getName()==$viewvalue? ' selected ': '').'>'.$rule->getName().'</option>';
} }
echo '</select>'; echo '</select>';
echo '<input type="submit" value="'._('Go').'" />'; echo '<input type="submit" value="'._('Go').'" />';
echo '</form>'; echo '</form>';
@ -268,7 +269,7 @@ if( $view == 'syntaxes' ) {
echo "<tr><th>" . _('Matching rule OID') . "</th><th>" . _('Name') . "</th><th>"._('Used by attributes')."</th></tr>\n"; echo "<tr><th>" . _('Matching rule OID') . "</th><th>" . _('Name') . "</th><th>"._('Used by attributes')."</th></tr>\n";
flush(); flush();
$counter=1; $counter=1;
$schema_matching_rules = get_schema_matching_rules(null); $schema_matching_rules = get_schema_matching_rules(null);
if( ! $schema_matching_rules ) StatusMessage("ERROR", _("Unable to retrieve schema!"), ""); if( ! $schema_matching_rules ) StatusMessage("ERROR", _("Unable to retrieve schema!"), "");
foreach( $schema_matching_rules as $rule ) { foreach( $schema_matching_rules as $rule ) {
$counter++; $counter++;
@ -300,7 +301,7 @@ if( $view == 'syntaxes' ) {
} }
echo "</table>\n"; echo "</table>\n";
} elseif( $view == 'objectClasses' ) { } elseif( $view == 'objectClasses' ) {
flush(); flush();
$schema_oclasses = get_schema_objectclasses(null); $schema_oclasses = get_schema_objectclasses(null);
if( ! $schema_oclasses ) StatusMessage("ERROR", _("Unable to retrieve schema!"), ""); if( ! $schema_oclasses ) StatusMessage("ERROR", _("Unable to retrieve schema!"), "");
@ -310,7 +311,7 @@ if( $view == 'syntaxes' ) {
<select name="viewvalue" <select name="viewvalue"
onChange="submit()"> onChange="submit()">
<option value=""> - all - </option> <option value=""> - all - </option>
<?php foreach( $schema_oclasses as $name => $oclass ) { <?php foreach( $schema_oclasses as $name => $oclass ) {
echo '<option value="' echo '<option value="'
.$oclass->getName() .$oclass->getName()
.'"' .'"'
@ -323,8 +324,8 @@ if( $view == 'syntaxes' ) {
<?php flush(); ?> <?php flush(); ?>
<?php foreach( $schema_oclasses as $name => $oclass ) { <?php foreach( $schema_oclasses as $name => $oclass ) {
foreach( $oclass->getSupClasses() as $parent_name ) { foreach( $oclass->getSupClasses() as $parent_name ) {
$parent_name = $parent_name; $parent_name = $parent_name;
if( isset( $schema_oclasses[ $parent_name ] ) ) { if( isset( $schema_oclasses[ $parent_name ] ) ) {
$schema_oclasses[ $parent_name ]->addChildObjectClass( $oclass->getName() ); $schema_oclasses[ $parent_name ]->addChildObjectClass( $oclass->getName() );
@ -337,9 +338,9 @@ if( $view == 'syntaxes' ) {
<?php foreach( $schema_oclasses as $name => $oclass ) { <?php foreach( $schema_oclasses as $name => $oclass ) {
if ( $viewvalue==null || 0 == strcasecmp( $viewvalue, $oclass->getName() ) ){ if ( $viewvalue==null || 0 == strcasecmp( $viewvalue, $oclass->getName() ) ){
if( ! is_null( $viewvalue ) ) if( ! is_null( $viewvalue ) )
$viewed = true; $viewed = true;
?> ?>
<h4 class="schema_oclass"><?php echo $oclass->getName(); ?></h4> <h4 class="schema_oclass"><?php echo $oclass->getName(); ?></h4>
<h4 class="schema_oclass_sub"><?php echo _('OID'); ?>: <b><?php echo $oclass->getOID(); ?></b></h4> <h4 class="schema_oclass_sub"><?php echo _('OID'); ?>: <b><?php echo $oclass->getOID(); ?></b></h4>
<?php if( $oclass->getDescription() ) { ?> <?php if( $oclass->getDescription() ) { ?>
@ -350,12 +351,12 @@ if( $view == 'syntaxes' ) {
<h4 class="schema_oclass_sub"><?php echo _('This object class is obsolete.'); ?></h4> <h4 class="schema_oclass_sub"><?php echo _('This object class is obsolete.'); ?></h4>
<?php } ?> <?php } ?>
<h4 class="schema_oclass_sub"><?php echo _('Inherits from'); ?>: <b><?php <h4 class="schema_oclass_sub"><?php echo _('Inherits from'); ?>: <b><?php
if( count( $oclass->getSupClasses() ) == 0 ) if( count( $oclass->getSupClasses() ) == 0 )
echo "(" . _('none') . ")"; echo "(" . _('none') . ")";
else else
foreach( $oclass->getSupClasses() as $i => $object_class ) { foreach( $oclass->getSupClasses() as $i => $object_class ) {
echo '<a title="' . _('Jump to an object class') . ' " echo '<a title="' . _('Jump to an object class') . ' "
href="?view='.$view.'&amp;viewvalue='.htmlspecialchars( $object_class ) ; href="?view='.$view.'&amp;viewvalue='.htmlspecialchars( $object_class ) ;
echo '">' . htmlspecialchars( $object_class ) . '</a>'; echo '">' . htmlspecialchars( $object_class ) . '</a>';
if( $i < count( $oclass->getSupClasses() ) - 1 ) if( $i < count( $oclass->getSupClasses() ) - 1 )
@ -363,14 +364,14 @@ if( $view == 'syntaxes' ) {
} }
?></b></h4> ?></b></h4>
<h4 class="schema_oclass_sub"><?php echo _('Parent to'); ?>: <b><?php <h4 class="schema_oclass_sub"><?php echo _('Parent to'); ?>: <b><?php
if( 0 == strcasecmp( $oclass->getName(), 'top' ) ) if( 0 == strcasecmp( $oclass->getName(), 'top' ) )
echo "(<a href=\"schema.php?view=objectClasses\">all</a>)"; echo "(<a href=\"schema.php?view=objectClasses\">all</a>)";
elseif( count( $oclass->getChildObjectClasses() ) == 0 ) elseif( count( $oclass->getChildObjectClasses() ) == 0 )
echo "(" . _('none') . ")"; echo "(" . _('none') . ")";
else else
foreach( $oclass->getChildObjectClasses() as $i => $object_class ) { foreach( $oclass->getChildObjectClasses() as $i => $object_class ) {
echo '<a title="' . _('Jump to an object class') . ' " echo '<a title="' . _('Jump to an object class') . ' "
href="?view='.$view.'&amp;viewvalue='.htmlspecialchars( $object_class ) ; href="?view='.$view.'&amp;viewvalue='.htmlspecialchars( $object_class ) ;
echo '">' . htmlspecialchars( $object_class ) . '</a>'; echo '">' . htmlspecialchars( $object_class ) . '</a>';
if( $i < count( $oclass->getChildObjectClasses() ) - 1 ) if( $i < count( $oclass->getChildObjectClasses() ) - 1 )
@ -400,12 +401,12 @@ if( $view == 'syntaxes' ) {
echo "</li>\n"; echo "</li>\n";
} }
echo "</ul>"; echo "</ul>";
} else } else
echo "<center>(" . _('none') . ")</center>\n"; echo "<center>(" . _('none') . ")</center>\n";
?> ?>
</td> </td>
<td width="50%"> <td width="50%">
<?php <?php
if( count( $oclass->getMayAttrs($schema_oclasses) ) > 0 ) { if( count( $oclass->getMayAttrs($schema_oclasses) ) > 0 ) {
echo '<ul class="schema">'; echo '<ul class="schema">';
foreach( $oclass->getMayAttrs($schema_oclasses) as $attr ) { foreach( $oclass->getMayAttrs($schema_oclasses) as $attr ) {
@ -422,7 +423,7 @@ if( $view == 'syntaxes' ) {
} }
echo "</ul>"; echo "</ul>";
} }
else else
echo "<center>(" . _('none') . ")</center>\n"; echo "<center>(" . _('none') . ")</center>\n";
?> ?>

7
lam/templates/serverInfo.php
View File

@ -3,18 +3,18 @@
$Id$ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2009 - 2012 Roland Gruber Copyright (C) 2009 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or the Free Software Foundation; either version 2 of the License, or
(at your option) any later version. (at your option) any later version.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
@ -35,6 +35,7 @@ include_once("../lib/config.inc");
// start session // start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
checkIfToolIsActive('toolServerInformation'); checkIfToolIsActive('toolServerInformation');

7
lam/templates/tests/index.php
View File

@ -3,18 +3,18 @@
$Id$ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2006 - 2012 Roland Gruber Copyright (C) 2006 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or the Free Software Foundation; either version 2 of the License, or
(at your option) any later version. (at your option) any later version.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
@ -35,6 +35,7 @@ include_once("../../lib/config.inc");
// start session // start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
// die if no write access // die if no write access
if (!checkIfWriteAccessIsAllowed()) die(); if (!checkIfWriteAccessIsAllowed()) die();

3
lam/templates/tests/lamdaemonTest.php
View File

@ -3,7 +3,7 @@
$Id$ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2006 - 2016 Roland Gruber Copyright (C) 2006 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -36,6 +36,7 @@ include_once("../../lib/config.inc");
// start session // start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
// die if no write access // die if no write access
if (!checkIfWriteAccessIsAllowed()) die(); if (!checkIfWriteAccessIsAllowed()) die();

3
lam/templates/tests/schemaTest.php
View File

@ -3,7 +3,7 @@
$Id$ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2007 - 2016 Roland Gruber Copyright (C) 2007 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -39,6 +39,7 @@ include_once("../../lib/schema.inc");
// start session // start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
// die if no write access // die if no write access
if (!checkIfWriteAccessIsAllowed()) die(); if (!checkIfWriteAccessIsAllowed()) die();

7
lam/templates/tools.php
View File

@ -3,18 +3,18 @@
$Id$ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2003 - 2011 Roland Gruber Copyright (C) 2003 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or the Free Software Foundation; either version 2 of the License, or
(at your option) any later version. (at your option) any later version.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
@ -37,6 +37,7 @@ include_once("../lib/tools.inc");
// start session // start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
setlanguage(); setlanguage();

7
lam/templates/tree/treeViewContainer.php
View File

@ -3,18 +3,18 @@
$Id$ $Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2010 - 2011 Roland Gruber Copyright (C) 2010 - 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or the Free Software Foundation; either version 2 of the License, or
(at your option) any later version. (at your option) any later version.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. GNU General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
@ -36,6 +36,7 @@ include_once("../../lib/config.inc");
// start session // start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
setlanguage(); setlanguage();

1
lam/templates/upload/massBuildAccounts.php
View File

@ -48,6 +48,7 @@ include_once('../../lib/modules.inc');
// Start session // Start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
// check if this tool may be run // check if this tool may be run
checkIfToolIsActive('toolFileUpload'); checkIfToolIsActive('toolFileUpload');

1
lam/templates/upload/massDoUpload.php
View File

@ -45,6 +45,7 @@ include_once('../../lib/pdf.inc');
// Start session // Start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
// check if this tool may be run // check if this tool may be run
checkIfToolIsActive('toolFileUpload'); checkIfToolIsActive('toolFileUpload');

1
lam/templates/upload/masscreate.php
View File

@ -62,6 +62,7 @@ include_once('../../lib/upload.inc');
// Start session // Start session
startSecureSession(); startSecureSession();
enforceUserIsLoggedIn();
// check if this tool may be run // check if this tool may be run
checkIfToolIsActive('toolFileUpload'); checkIfToolIsActive('toolFileUpload');

1
lam/tmp/.gitignore vendored
View File

@ -1 +0,0 @@
/*.jpg