use the organization attribute from namedentries() instead of hardcoded o

[contagged] / index.php

diff --git a/index.php b/index.php
index 128bd3dd4d93a2d5631ea5ec2106e816336d238f..ae8912952a83281c4d9eb2267938d8d61e8464f5 100644 (file)
--- a/index.php
+++ b/index.php
@@ -14,12 +14,14 @@
                     $conf['privatebook'].','.$_SESSION['ldapab']['binddn'],
                     $ldapfilter);
     $result2 = ldap_get_binentries($LDAP_CON, $sr);
+  }else{
+    $result2 = '';
   }
   
   $result = array_merge((array)$result1,(array)$result2);
 
   // select entry template
-  if($_REQUEST['export'] == 'csv'){
+  if(!empty($_REQUEST['export']) && $_REQUEST['export'] == 'csv'){
     $entrytpl = 'export_list_csv_entry.tpl';
   }else{
     $entrytpl = 'list_entry.tpl';
@@ -45,15 +47,24 @@
   tpl_categories();
   tpl_timezone();
   tpl_country();
+  if (empty($_REQUEST['filter'])) $_REQUEST['filter']='';
+  if (empty($_REQUEST['marker'])) $_REQUEST['marker']='';
+  if (empty($_REQUEST['search'])) $_REQUEST['search']='';
   $smarty->assign('list',$list);
   $smarty->assign('filter',$_REQUEST['filter']);
   $smarty->assign('marker',$_REQUEST['marker']);
   $smarty->assign('search',$_REQUEST['search']);
   //display templates
-  if($_REQUEST['export'] == 'csv'){
-    header("Content-Type: text/csv");
-    header('Content-Disposition: Attachement; filename="ldapabexport.csv"');
-    $smarty->display('export_list_csv.tpl');
+  if(!empty($_REQUEST['export']) && $_REQUEST['export'] == 'csv'){
+    if ($conf['userlogreq'] == 1 && $user == '')
+    {
+      header("HTTP/1.1 401 ACCESS DENIED");
+      exit();
+    } else {
+      header("Content-Type: text/csv");
+      header('Content-Disposition: Attachement; filename="contagged_export.csv"');
+      $smarty->display('export_list_csv.tpl');
+    }
   }else{
     //save location in session
     $_SESSION['ldapab']['lastlocation']=$_SERVER["REQUEST_URI"];
@@ -70,6 +81,8 @@
    */
   function _namesort($a,$b){
     global $result;
+    if (empty($result[$a]['givenName'])) { $result[$a]['givenName']=''; }
+    if (empty($result[$b]['givenName'])) { $result[$b]['givenName']=''; }
     $x = $result[$a]['sn'][0].$result[$a]['givenName'][0];
     $y = $result[$b]['sn'][0].$result[$b]['givenName'][0];
     return(strcasecmp($x,$y));
@@ -80,8 +93,16 @@
    * Creates an LDAP filter from given request variables search or filter
    */
   function _makeldapfilter(){
+
+    $f_entries = namedentries(true);
+
     //handle given filter
 
+    if (empty($_REQUEST['filter'])) { $_REQUEST['filter']=''; }
+    if (empty($_REQUEST['search'])) { $_REQUEST['search']=''; }
+    if (empty($_REQUEST['org'])) { $_REQUEST['org']=''; }
+    if (empty($_REQUEST['marker'])) { $_REQUEST['marker']=''; }
+    if (empty($_REQUEST['categories'])) { $_REQUEST['categories']=''; }
     $filter = ldap_filterescape($_REQUEST['filter']);
     $search = ldap_filterescape($_REQUEST['search']);
     $org    = ldap_filterescape($_REQUEST['org']);
@@ -105,11 +126,11 @@
       $words=preg_split('/\s+/',$search);
       $filter='';
       foreach($words as $word){
-        $filter .= "(|(|(sn=*$word*)(givenName=*$word*))(o=*$word*))";
+        $filter .= "(|(|(sn=*$word*)(givenName=*$word*))(".$f_entries['organization']."=*$word*))";
       }
       $ldapfilter = "(&(objectClass=inetOrgPerson)$filter)";
     }elseif(!empty($org)){
-      $ldapfilter = "(&(objectClass=inetOrgPerson)(o=$org))";
+      $ldapfilter = "(&(objectClass=inetOrgPerson)(".$f_entries['organization']."=$org))";
     }elseif($filter=='other'){
       $other='';
       for ($i=ord('a');$i<=ord('z');$i++){