X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=entry.php;h=2bf488a7f15e3bff60579c19f1baf7bf37de9756;hb=ae9c03c947498d611ca8ffef049369905a61924f;hp=bb207ceb10e62d40a22faade43995ac6e9dfe9dd;hpb=957e03f1c6791f6275ecfdc5e954c673c930844e;p=contagged

diff --git a/entry.php b/entry.php
index bb207ce..2bf488a 100644
--- a/entry.php
+++ b/entry.php
@@ -2,7 +2,7 @@
 require_once('inc/init.php');
 ldap_login();
 
-if ($conf['userlogreq'] && $user == ''){
+if ($conf['userlogreq'] && !isset($_SESSION['ldapab']['username'])){
   header('Location: login.php');
   exit();
 }
@@ -89,8 +89,9 @@ function _fetchData($dn){
   global $smarty;
   global $users; //contains the users for manager role
 
-  $sr = ldap_search($LDAP_CON,$dn,'(objectClass=inetOrgPerson)');
-  if(!ldap_count_entries($LDAP_CON,$sr)){
+  $sr = @ldap_search($LDAP_CON,$dn,'(objectClass=inetOrgPerson)');
+  tpl_ldaperror();
+  if(!@ldap_count_entries($LDAP_CON,$sr)){
     return false;
   }
   $result = ldap_get_binentries($LDAP_CON, $sr);
@@ -129,13 +130,13 @@ function _saveData(){
   $entry = $_REQUEST['entry'];
   $dn    = $_REQUEST['dn'];
   //construct new dn
-  $now    = time();
-  $newdn  = 'uid='.$now;
+  $new_uid = time().str_pad(mt_rand(0,99999999),8,"0", STR_PAD_LEFT);
+  $newdn   = 'uid='.$new_uid;
   if (empty($_REQUEST['type'])) { $_REQUEST['type']='public'; }
-  if($_REQUEST['type'] == 'private'){
-    $newdn .= ', '.$conf['privatebook'].', '.$_SESSION['ldapab']['binddn'];
+  if($_REQUEST['type'] == 'private' && $conf['privatebook']){
+    $newdn .= ','.$conf['privatebook'].','.$_SESSION['ldapab']['binddn'];
   }else{
-    $newdn .= ', '.$conf['publicbook'];
+    $newdn .= ','.$conf['publicbook'];
   }
   $entry['displayname'] = $entry['givenname'].' '.$entry['name'];;
   $entry = prepare_ldap_entry($entry);
@@ -148,8 +149,8 @@ print '</pre>';
 
   if(empty($dn)){
     //new entry
-    $entry['uid'][] = $now;
-    $r = ldap_add($LDAP_CON,$newdn,$entry);
+    $entry['uid'][] = $new_uid;
+    $r = @ldap_add($LDAP_CON,$newdn,$entry);
     tpl_ldaperror();
     return $newdn;
   }else{
@@ -218,6 +219,8 @@ function _delEntry($dn){
  * gets the binary data from an uploaded file
  */
 function _getUploadData(){
+  global $smarty;
+  global $lang;
   $file = $_FILES['photoupload'];
 
   if (is_uploaded_file($file['tmp_name'])) {
@@ -227,7 +230,19 @@ function _getUploadData(){
       fclose($fh);
       unlink($file['tmp_name']);
       return $data;
+    } else {
+      $smarty->assign('jpegError',$lang['err_wrongFileType']);
+    }
+  } elseif (preg_match('/http:\/\//', $_REQUEST["photo"])) {
+    $fd = fopen($_REQUEST["photo"], "rb");
+    $data = '';
+    while (!feof($fd)) {
+      $data .= fread($fd, 8192);
     }
+    fclose($fd);
+    return $data;
+  } else {
+    $smarty->assign('jpegError',$lang['err_fileNotUploaded']);
   }
   return '';
 }