X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=index.php;h=8fdc91cb3752524e9ae4458c9c65d33beb09cd47;hb=3d0fc02bdedf33a6746db23b34bce6a58d9b75bb;hp=3f095738d55e8403b1cf8a959085305e9c5f9043;hpb=aa36c490d2218814cb6faa20e31c10b5599d4483;p=contagged

diff --git a/index.php b/index.php
index 3f09573..8fdc91c 100644
--- a/index.php
+++ b/index.php
@@ -1,49 +1,75 @@
-<?
-  require_once('init.php');
+<?php
+
+  require_once('inc/init.php');
   ldap_login();
 
+  // select entry template
+  if(!empty($_REQUEST['export']) && $_REQUEST['export'] == 'csv'){
+    $entrytpl = 'list_csv_entry.tpl';
+  }elseif(!empty($_REQUEST['export']) && $_REQUEST['export'] == 'map'){
+    $entrytpl = 'list_map_entry.tpl';
+  }else{
+    $entrytpl = 'list_entry.tpl';
+  }
+
+  // check which fields are needed
+  $fields = get_fields_from_template($entrytpl);
+
+
   //prepare filter
   $ldapfilter = _makeldapfilter();
 
-  //check public addressbook
-  $sr = ldap_list($LDAP_CON,$conf[publicbook],$ldapfilter);
-  $result1 = ldap_get_binentries($LDAP_CON, $sr);
-  //check users private addressbook
-  if(!empty($_SESSION[ldapab][binddn])){
-    $sr = @ldap_list($LDAP_CON,
-                    $conf[privatebook].','.$_SESSION[ldapab][binddn],
-                    $ldapfilter);
-    $result2 = ldap_get_binentries($LDAP_CON, $sr);
-  }
-  
-  $result = array_merge($result1,$result2);
+  // fetch results
+  $result = ldap_queryabooks($ldapfilter,$fields);
 
   $list = '';
-  if(count($result)==1 && $_REQUEST[search]){
+  if(count($result)==1 && $_REQUEST['search']){
     //only one result on a search -> display page
-    header("Location: entry.php?dn=".$result[0][dn]);
+    header("Location: entry.php?dn=".$result[0]['dn']);
     exit;
   }elseif(count($result)){
     $keys = array_keys($result);
     uksort($keys,"_namesort");
     foreach($keys as $key){
       tpl_entry($result[$key]);
-      $list .= $smarty->fetch('list_entry.tpl');
+      $list .= $smarty->fetch($entrytpl);
     }
   }
 
-  //save location in session
-  $_SESSION[ldapab][lastlocation]=$_SERVER["REQUEST_URI"];
-   
   //prepare templates
   tpl_std();
-  tpl_markers();
+  if (empty($_REQUEST['filter'])) $_REQUEST['filter']='';
+  if (empty($_REQUEST['marker'])) $_REQUEST['marker']='';
+  if (empty($_REQUEST['search'])) $_REQUEST['search']='';
   $smarty->assign('list',$list);
+  $smarty->assign('filter',$_REQUEST['filter']);
+  $smarty->assign('marker',$_REQUEST['marker']);
+  $smarty->assign('search',$_REQUEST['search']);
+  $smarty->assign('org',$_REQUEST['org']);
   //display templates
-  $smarty->display('header.tpl');
-  $smarty->display('list_filter.tpl');
-  $smarty->display('list.tpl');
-  $smarty->display('footer.tpl');
+  if(!empty($_REQUEST['export'])){
+    if ($conf['userlogreq'] == 1 && $user == ''){
+      header("HTTP/1.1 401 ACCESS DENIED");
+      exit();
+    }
+
+    if($_REQUEST['export'] == 'csv'){
+      header("Content-Type: text/csv");
+      header('Content-Disposition: Attachement; filename="contagged_export.csv"');
+      $smarty->display('list_csv.tpl');
+      exit;
+    }elseif($_REQUEST['export'] == 'map'){
+      header('Content-Type: text/html; charset=utf-8');
+      $smarty->display('list_map.tpl');
+      exit;
+    }
+  }else{
+    //save location in session
+    $_SESSION['ldapab']['lastlocation']=$_SERVER["REQUEST_URI"];
+
+    header('Content-Type: text/html; charset=utf-8');
+    $smarty->display('list.tpl');
+  }
 
   //------- functions -----------//
 
@@ -53,8 +79,11 @@
    */
   function _namesort($a,$b){
     global $result;
-    $x = $result[$a][sn][0].$result[$a][givenName][0];
-    $y = $result[$b][sn][0].$result[$b][givenName][0];
+    global $FIELDS;
+    if (empty($result[$a][$FIELDS['givenname']])) { $result[$a][$FIELDS['givenname']]=''; }
+    if (empty($result[$b][$FIELDS['givenname']])) { $result[$b][$FIELDS['givenname']]=''; }
+    $x = $result[$a][$FIELDS['name']][0].$result[$a][$FIELDS['givenname']][0];
+    $y = $result[$b][$FIELDS['name']][0].$result[$b][$FIELDS['givenname']][0];
     return(strcasecmp($x,$y));
   }
 
@@ -63,39 +92,57 @@
    * Creates an LDAP filter from given request variables search or filter
    */
   function _makeldapfilter(){
+    global $FIELDS;
+
     //handle given filter
 
-    $filter = $_REQUEST['filter'];
-    $search = $_REQUEST['search'];
-    $org    = $_REQUEST['org'];
-    $marker = $_REQUEST['marker'];
-    $_SESSION[ldapab][filter] = $filter;
+    if (empty($_REQUEST['filter'])) { $_REQUEST['filter']=''; }
+    if (empty($_REQUEST['search'])) { $_REQUEST['search']=''; }
+    if (empty($_REQUEST['org'])) { $_REQUEST['org']=''; }
+    if (empty($_REQUEST['marker'])) { $_REQUEST['marker']=''; }
+    $filter = ldap_filterescape($_REQUEST['filter']);
+    $search = ldap_filterescape($_REQUEST['search']);
+    $org    = ldap_filterescape($_REQUEST['org']);
+    $marker = ldap_filterescape($_REQUEST['marker']);
+    $_SESSION['ldapab']['filter'] = $_REQUEST['filter'];
     if(empty($filter)) $filter='a';
 
     if(!empty($marker)){
-      $marker = utf8_encode($marker);
-      $ldapfilter = "(&(objectClass=contactPerson)(marker=$marker))";
+      // Search by tag
+      $ldapfilter = '(&(objectClass=contactPerson)';
+      $marker = explode(',',$marker);
+      foreach($marker as $m){
+        $m = trim($m);
+        $ldapfilter .= '('.$FIELDS['_marker'].'='.$m.')';
+      }
+      $ldapfilter .= ')';
     }elseif(!empty($search)){
+      // Search name and organization
       $search = trim($search);
       $words=preg_split('/\s+/',$search);
       $filter='';
       foreach($words as $word){
-        $word = utf8_encode($word);
-        $filter .= "(|(|(sn=*$word*)(givenName=*$word*))(o=*$word*))";
+        $filter .= '(|(|('.$FIELDS['name'].'=*'.$word.'*)('.
+                   $FIELDS['givenname'].'=*'.$word.'*))('.
+                   $FIELDS['organization'].'=*'.$word.'*))';
       }
       $ldapfilter = "(&(objectClass=inetOrgPerson)$filter)";
     }elseif(!empty($org)){
-      $org = utf8_encode($org);
-      $ldapfilter = "(&(objectClass=inetOrgPerson)(o=$org))";
+      // List organization members
+      $ldapfilter = '(&(objectClass=inetOrgPerson)('.$FIELDS['organization']."=$org))";
     }elseif($filter=='other'){
+      // Alphabetic listing of last names
       $other='';
       for ($i=ord('a');$i<=ord('z');$i++){
-        $other .= '(!(sn='.chr($i).'*))';
+        $other .= '(!('.$FIELDS['name'].'='.chr($i).'*))';
       }
       $ldapfilter = "(&(objectClass=inetOrgPerson)$other)";
+    }elseif($filter=='\2a'){ //escaped asterisk
+      // List all
+      $ldapfilter = "(objectClass=inetOrgPerson)";
     }else{
-      $filter = utf8_encode($filter);
-      $ldapfilter = "(&(objectClass=inetOrgPerson)(sn=$filter*))";
+      // Search by last name start
+      $ldapfilter = '(&(objectClass=inetOrgPerson)('.$FIELDS['name']."=$filter*))";
     }
     return $ldapfilter;
   }