WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

removed input_check() function

This commit is contained in:
Roland Gruber 2006-05-21 19:45:57 +00:00
parent 2919c5aecd
commit fda2a57e05
2 changed files with 36 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
lam/lib/baseModule.inc
View File

@ -555,67 +555,6 @@ class baseModule {
return "enabled"; return "enabled";
} }
/**
* Checks if the attribute values follow the LDAP syntax.
* Not every LDAP attribute allows UTF-8 strings. Therefore we do a syntax check here
* and change UTF-8 strings to ASCII strings if needed.
* The maximum length of the attributes is checked, too.
*
* @return mixed 0 if no errors/warnings occured, otherwise an array of status messages.
*
* TODO: remove this function and move checks to posixAccount.inc
*/
function input_check() {
$messages = array();
// Do a check for every ldap attribute
$attributes = array_keys($this->attributes);
for ($i=0; $i<count($attributes); $i++) {
if ($_SESSION['ldap']->attributes[$attributes[$i]]['SYNTAX']=='1.3.6.1.4.1.1466.115.121.1.36') {
// found numeric attribute
for ($j=0; $j<count($this->attributes[$attributes[$i]]); $j++)
if ($this->attributes[$attributes[$i]][$j]!=intval($this->attributes[$attributes[$i]][$j])) {
$this->attributes[$attributes[$i]][$j] = intval($this->attributes[$attributes[$i]][$j]);
$messages[$attributes[$i]] = array('WARN', _($attributes[$i]), _('Changed value %s because only numeric values are allowed.'));
}
}
else if ($_SESSION['ldap']->attributes[$attributes[$i]]['SYNTAX']=='1.3.6.1.4.1.1466.115.121.1.26' ||
$_SESSION['ldap']->attributes[$attributes[$i]]['SYNTAX']=='1.3.6.1.4.1.1466.115.121.1.44' ||
$_SESSION['ldap']->attributes[$attributes[$i]]['SYNTAX']=='1.3.6.1.4.1.1466.115.121.1.11') {
// found "7bit" ascii attribute
// convert utf8 in us-ascii
$convert = array ( 'ä' => 'ae', 'Ä' => 'Ae', 'ö' => 'Oe', 'ü' => 'ue', 'Ü' => 'Ue',
'ß' => 'ss', 'é' => 'e', 'è' => 'e', 'ô' => 'o', 'ç' => 'c'
);
$index = array_keys($convert);
for ($j=0; $j<count($this->attributes[$attributes[$i]]); $j++) {
$replaced = false;
// replace special characters
for ($k=0; $k<count($index); $k++) {
$temp = str_replace($index[$k], $convert[$index[$k]], $this->attributes[$attributes[$i]][$j]);
if ($temp!=$this->attributes[$attributes[$i]][$j]) {
$this->attributes[$attributes[$i]][$j] = $temp;
$replaced = true;
}
}
// remove remaining UTF-8 characters
for ($c = 0; $c < strlen($this->attributes[$attributes[$i]][$j]); $c++) {
if (ord($this->attributes[$attributes[$i]][$j][$c]) > 127) {
$this->attributes[$attributes[$i]][$j] = substr($this->attributes[$attributes[$i]][$j], 0, $c) .
substr($this->attributes[$attributes[$i]][$j], $c + 2);
$replaced = true;
}
}
if ($replaced) {
$messages[$attributes[$i]][] = array('WARN', _($attributes[$i]), _('Changed value because only ASCII characters are allowed.'));
}
}
}
// TODO length check
}
if (count($messages)!=0) return $messages;
else return 0;
}
/** /**
* This function executes one post upload action. * This function executes one post upload action.
* *

39
lam/lib/modules/posixAccount.inc
View File

@ -796,13 +796,46 @@ class posixAccount extends baseModule {
if ($_SESSION[$this->base]->isNewAccount && !get_preg($this->attributes['userPassword'][0], 'password')) if ($_SESSION[$this->base]->isNewAccount && !get_preg($this->attributes['userPassword'][0], 'password'))
$errors['userPassword'][] = $this->messages['userPassword'][1]; $errors['userPassword'][] = $this->messages['userPassword'][1];
} }
$temp = $this->input_check(); $attributeList = array('gecos', 'homeDirectory');
// TODO is this really OK? for ($i = 0; $i < sizeof($attributeList); $i++) {
if (is_array($temp)) $errors = array_merge_recursive($errors, $temp); if (isset($this->attributes[$attributeList[$i]][0])) {
$value = $this->attributes[$attributeList[$i]][0];
$replacedValue = $this->checkASCII($value);
if ($value != $replacedValue) {
$this->attributes[$attributeList[$i]][0] = $replacedValue;
$errors['ascii'][] = array('WARN', $attributeList[$i], _('Changed value because only ASCII characters are allowed.'));
}
}
}
// Return error-messages // Return error-messages
return $errors; return $errors;
} }
/**
* Checks if an attribute contains only ASCII charaters and replaces invalid characters.
*
* @param string $attribute attribute value
* @return string attribute value with replaced non-ASCII characters
*/
function checkASCII($attribute) {
// convert UTF8 to ASCII
$convert = array ( 'ä' => 'ae', 'Ä' => 'Ae', 'ö' => 'oe', 'Ö' => 'Oe', 'ü' => 'ue', 'Ü' => 'Ue',
'ß' => 'ss', 'é' => 'e', 'è' => 'e', 'ô' => 'o', 'ç' => 'c'
);
$index = array_keys($convert);
// replace special characters
for ($k = 0; $k < count($index); $k++) {
$attribute = str_replace($index[$k], $convert[$index[$k]], $attribute);
}
// remove remaining UTF-8 characters
for ($c = 0; $c < strlen($attribute); $c++) {
if (ord($attribute[$c]) > 127) {
$attribute = substr($attribute, 0, $c) . substr($attribute, $c + 2);
}
}
return $attribute;
}
/** /**
* Processes user input of the group selection page. * Processes user input of the group selection page.
* It checks if all input values are correct and updates the associated LDAP attributes. * It checks if all input values are correct and updates the associated LDAP attributes.