X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=index.php;h=7fcf106a9d1dc464785e6d972cfd26ae3e8d0f0c;hb=03bedef53fe38250f38315c10e3bf04ad737f3f1;hp=8fdc91cb3752524e9ae4458c9c65d33beb09cd47;hpb=3d0fc02bdedf33a6746db23b34bce6a58d9b75bb;p=contagged diff --git a/index.php b/index.php index 8fdc91c..7fcf106 100644 --- a/index.php +++ b/index.php @@ -25,7 +25,7 @@ $list = ''; if(count($result)==1 && $_REQUEST['search']){ //only one result on a search -> display page - header("Location: entry.php?dn=".$result[0]['dn']); + header("Location: entry.php?dn=".rawurlencode($result[0]['dn'])); exit; }elseif(count($result)){ $keys = array_keys($result); @@ -48,8 +48,9 @@ $smarty->assign('org',$_REQUEST['org']); //display templates if(!empty($_REQUEST['export'])){ - if ($conf['userlogreq'] == 1 && $user == ''){ - header("HTTP/1.1 401 ACCESS DENIED"); + if ($conf['userlogreq'] && $user == ''){ + header("HTTP/1.1 401 Access Denied"); + echo '

Access Denied

'; exit(); } @@ -100,6 +101,7 @@ if (empty($_REQUEST['search'])) { $_REQUEST['search']=''; } if (empty($_REQUEST['org'])) { $_REQUEST['org']=''; } if (empty($_REQUEST['marker'])) { $_REQUEST['marker']=''; } + if(is_numeric($_REQUEST['search'])) $number = $_REQUEST['search']; $filter = ldap_filterescape($_REQUEST['filter']); $search = ldap_filterescape($_REQUEST['search']); $org = ldap_filterescape($_REQUEST['org']); @@ -116,6 +118,25 @@ $ldapfilter .= '('.$FIELDS['_marker'].'='.$m.')'; } $ldapfilter .= ')'; + }elseif($number){ + // Search by telephone number + $filter = ''; + // add wildcards between digits to compensate for any formatting + $length = strlen($number); + for($i=0; $i <$length; $i++){ + $filter .= '*'.$number{$i}; + } + $filter .= '*'; + $ldapfilter = '(&'. + '(objectClass=inetOrgPerson)'. + '(|'. + '(|'. + '('.$FIELDS['phone'].'='.$filter.')'. + '('.$FIELDS['homephone'].'='.$filter.')'. + ')'. + '('.$FIELDS['mobile'].'='.$filter.')'. + ')'. + ')'; }elseif(!empty($search)){ // Search name and organization $search = trim($search);