Version updated

[contagged] / ajax.php

diff --git a/ajax.php b/ajax.php
index 73101807035813425cec9ee6f64cdef14fea60a3..2ccb52f95af89019853ffd8e092b80e8ac40d7b0 100644 (file)
--- a/ajax.php
+++ b/ajax.php
@@ -1,15 +1,27 @@
-<?
-require_once('init.php');
+<?php
+require_once('inc/init.php');
 ldap_login();
 
-header('Content-Type: text/html; charset=utf-8');
+if ($conf['userlogreq'] && $user == ''){
+  header("HTTP/1.1 401 Access Denied");
+  echo '<h1>Access Denied</h1>';
+  exit();
+}
+
 
-if(!empty($_REQUEST['taglookup'])){
-  ajax_taglookup($_REQUEST['taglookup']);
-}elseif(!empty($_REQUEST['addnote'])){
-  ajax_addnote($_REQUEST['addnote'],$_REQUEST['note']);
-}elseif(!empty($_REQUEST['settags'])){
-  ajax_settags($_REQUEST['settags'],$_REQUEST['tags']);
+$FIELD = preg_replace('/entry\[/','',$_REQUEST['field']);
+$FIELD = preg_replace('/\W+/','',$FIELD);
+
+if($_REQUEST['dn'] && $_REQUEST['addnote']){
+  ajax_addnote($_REQUEST['dn'],$_REQUEST['addnote']);
+}elseif($_REQUEST['dn'] && $_REQUEST['settags']){
+  ajax_settags($_REQUEST['dn'],$_REQUEST['settags']);
+}elseif($_REQUEST['dn'] && $_REQUEST['loadtags']){
+  ajax_loadtags($_REQUEST['dn'],$_REQUEST['loadtags']);
+}elseif($FIELD == 'marker'||$FIELD == 'markers'){
+  ajax_taglookup($_REQUEST['value']);
+}else{
+  ajax_lookup($FIELD,$_REQUEST['value']);
 }
 
 /**
@@ -20,6 +32,8 @@ function ajax_addnote($dn,$note){
   global $LDAP_CON;
   global $FIELDS;
 
+  header('Content-Type: text/html; charset=utf-8');
+
   // fetch the existing note
   $result = ldap_search($LDAP_CON,$dn,'(objectClass=inetOrgPerson)',array($FIELDS['note']));
   if(ldap_count_entries($LDAP_CON,$result)){
@@ -32,12 +46,12 @@ function ajax_addnote($dn,$note){
   ldap_modify($LDAP_CON,$dn,$entry);
 
 
-  require_once(dirname(__FILE__).'/smarty/plugins/modifier.noteparser.php');
+  require_once(dirname(__FILE__).'/inc/smarty/plugins/modifier.noteparser.php');
   print smarty_modifier_noteparser($note);
 }
 
 /**
- * Sett tags for a contact
+ * Set tags for a contact
  */
 function ajax_settags($dn,$tags){
   global $conf;
@@ -45,6 +59,8 @@ function ajax_settags($dn,$tags){
   global $FIELDS;
   if(!$FIELDS['_marker']) return;
 
+  header('Content-Type: text/html; charset=utf-8');
+
   $tags = explode(',',$tags);
   $tags = array_map('trim',$tags);
   $tags = array_unique($tags);
@@ -62,17 +78,48 @@ function ajax_settags($dn,$tags){
   }
 }
 
+/**
+ * Load current tags of an entry
+ */
+function ajax_loadtags($dn,$type='plain'){
+  global $conf;
+  global $LDAP_CON;
+  global $FIELDS;
+  if(!$FIELDS['_marker']) return;
+
+  header('Content-Type: text/html; charset=utf-8');
+
+  $sr = ldap_search($LDAP_CON,$dn,'(objectClass=inetOrgPerson)',array($FIELDS['_marker']));
+  if(!ldap_count_entries($LDAP_CON,$sr)) return false;
+  $result = ldap_get_binentries($LDAP_CON, $sr);
+  $entry  = $result[0];
+
+  if($type == 'plain'){
+    echo join(', ',(array) $entry[$FIELDS['_marker']]);
+  }else{
+    foreach ((array) $entry[$FIELDS['_marker']] as $tag){
+      echo '<a href="index.php?marker=';
+      echo rawurlencode($tag);
+      echo '" class="tag">';
+      echo htmlspecialchars($tag);
+      echo '</a> ';
+    }
+  }
+}
+
 /**
  * Find all tags (markers) starting with the given
  * string
  */
 function ajax_taglookup($tag){
+  header('Content-Type: text/xml; charset=utf-8');
   global $conf;
   global $LDAP_CON;
+  global $FIELDS;
   if(!$FIELDS['_marker']) return;
 
   $search = ldap_filterescape($tag);
-  $filter = "(&(objectClass=inetOrgPerson)('.$FIELDS['_marker'].'=$search*))";
+  $filter = "(&(objectClass=inetOrgPerson)(".$FIELDS['_marker']."=$search*))";
   $result = ldap_queryabooks($filter,$FIELDS['_marker']);
 
   if(!count($result)) return;
@@ -91,11 +138,53 @@ function ajax_taglookup($tag){
   $tags = array_unique($tags);
   sort($tags,SORT_STRING);
 
-  print '<ul>';
+  echo '<?xml version="1.0"?>'.NL;
+  echo '<ajaxresponse>'.NL;
   foreach($tags as $out){
-    print '<li>'.htmlspecialchars($out).'</li>';
+    echo '<item>'.NL;
+    echo '<value>'.htmlspecialchars($out).'</value>'.NL;
+    echo '<text>'.htmlspecialchars($out).'</text>'.NL;
+    echo '</item>'.NL;
   }
-  print '</ul>';
+  echo '</ajaxresponse>'.NL;
+}
+
+/**
+ * Do a simple lookup in any simple field
+ */
+function ajax_lookup($field,$search){
+    header('Content-Type: text/xml; charset=utf-8');
+    global $conf;
+    global $LDAP_CON;
+    global $FIELDS;
+
+    if(!$FIELDS[$field]) return;
+    $field = $FIELDS[$field];
+
+    $search = ldap_filterescape($search);
+    $filter = "(&(objectClass=inetOrgPerson)($field=$search*))";
+    $result = ldap_queryabooks($filter,$field);
+    if(!count($result)) return;
+
+    $items = array();
+    foreach ($result as $entry){
+        if(isset($entry[$field]) && !empty($entry[$field])){
+            $items[] = $entry[$field][0];
+        }
+    }
+
+    $items = array_unique($items);
+    sort($items,SORT_STRING);
+
+    echo '<?xml version="1.0"?>'.NL;
+    echo '<ajaxresponse>'.NL;
+    foreach($items as $out){
+        echo '<item>'.NL;
+        echo '<value>'.htmlspecialchars($out).'</value>'.NL;
+        echo '<text>'.htmlspecialchars($out).'</text>'.NL;
+        echo '</item>'.NL;
+    }
+    echo '</ajaxresponse>'.NL;
 }
 
 ?>