X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=index.php;h=7fcf106a9d1dc464785e6d972cfd26ae3e8d0f0c;hb=957e03f1c6791f6275ecfdc5e954c673c930844e;hp=58e4a6f3968a2592893fe9bb6b918b4852515cfa;hpb=55e57dc0b0041d58c671cfdcb9fb183f0b868969;p=contagged

diff --git a/index.php b/index.php
index 58e4a6f..7fcf106 100644
--- a/index.php
+++ b/index.php
@@ -3,24 +3,6 @@
   require_once('inc/init.php');
   ldap_login();
 
-  //prepare filter
-  $ldapfilter = _makeldapfilter();
-
-  //check public addressbook
-  $sr = ldap_list($LDAP_CON,$conf['publicbook'],$ldapfilter);
-  $result1 = ldap_get_binentries($LDAP_CON, $sr);
-  //check users private addressbook
-  if(!empty($_SESSION['ldapab']['binddn'])){
-    $sr = @ldap_list($LDAP_CON,
-                    $conf['privatebook'].','.$_SESSION['ldapab']['binddn'],
-                    $ldapfilter);
-    $result2 = ldap_get_binentries($LDAP_CON, $sr);
-  }else{
-    $result2 = '';
-  }
-
-  $result = array_merge((array)$result1,(array)$result2);
-
   // select entry template
   if(!empty($_REQUEST['export']) && $_REQUEST['export'] == 'csv'){
     $entrytpl = 'list_csv_entry.tpl';
@@ -30,10 +12,20 @@
     $entrytpl = 'list_entry.tpl';
   }
 
+  // check which fields are needed
+  $fields = get_fields_from_template($entrytpl);
+
+
+  //prepare filter
+  $ldapfilter = _makeldapfilter();
+
+  // fetch results
+  $result = ldap_queryabooks($ldapfilter,$fields);
+
   $list = '';
   if(count($result)==1 && $_REQUEST['search']){
     //only one result on a search -> display page
-    header("Location: entry.php?dn=".$result[0]['dn']);
+    header("Location: entry.php?dn=".rawurlencode($result[0]['dn']));
     exit;
   }elseif(count($result)){
     $keys = array_keys($result);
@@ -53,10 +45,12 @@
   $smarty->assign('filter',$_REQUEST['filter']);
   $smarty->assign('marker',$_REQUEST['marker']);
   $smarty->assign('search',$_REQUEST['search']);
+  $smarty->assign('org',$_REQUEST['org']);
   //display templates
   if(!empty($_REQUEST['export'])){
-    if ($conf['userlogreq'] == 1 && $user == ''){
-      header("HTTP/1.1 401 ACCESS DENIED");
+    if ($conf['userlogreq'] && $user == ''){
+      header("HTTP/1.1 401 Access Denied");
+      echo '<h1>Access Denied</h1>';
       exit();
     }
 
@@ -107,6 +101,7 @@
     if (empty($_REQUEST['search'])) { $_REQUEST['search']=''; }
     if (empty($_REQUEST['org'])) { $_REQUEST['org']=''; }
     if (empty($_REQUEST['marker'])) { $_REQUEST['marker']=''; }
+    if(is_numeric($_REQUEST['search'])) $number = $_REQUEST['search'];
     $filter = ldap_filterescape($_REQUEST['filter']);
     $search = ldap_filterescape($_REQUEST['search']);
     $org    = ldap_filterescape($_REQUEST['org']);
@@ -123,6 +118,25 @@
         $ldapfilter .= '('.$FIELDS['_marker'].'='.$m.')';
       }
       $ldapfilter .= ')';
+    }elseif($number){
+      // Search by telephone number
+      $filter = '';
+      // add wildcards between digits to compensate for any formatting
+      $length = strlen($number);
+      for($i=0; $i <$length; $i++){
+        $filter .= '*'.$number{$i};
+      }
+      $filter .= '*';
+      $ldapfilter = '(&'.
+                        '(objectClass=inetOrgPerson)'.
+                        '(|'.
+                            '(|'.
+                                '('.$FIELDS['phone'].'='.$filter.')'.
+                                '('.$FIELDS['homephone'].'='.$filter.')'.
+                            ')'.
+                            '('.$FIELDS['mobile'].'='.$filter.')'.
+                        ')'.
+                    ')';
     }elseif(!empty($search)){
       // Search name and organization
       $search = trim($search);