Merge pull request #15 from cweiske/master

[contagged] / entry.php

diff --git a/entry.php b/entry.php
index b79bc69680ae49bc1ed2ad62b4e66b856eac25e5..1e5e7552976de876ee184fccb105b3866df15614 100644 (file)
--- a/entry.php
+++ b/entry.php
@@ -2,6 +2,11 @@
 require_once('inc/init.php');
 ldap_login();
 
+if ($conf['userlogreq'] && !isset($_SESSION['ldapab']['username'])){
+  header('Location: login.php');
+  exit();
+}
+
 $users = get_users();
 
 //select template to use
@@ -66,7 +71,9 @@ if($_REQUEST['mode']=='vcf'){
   $filename = $entry['givenname'].'_'.$entry['name'].'.vcf';
   header("Content-Disposition: attachment; filename=\"$filename\"");
   header("Content-type: text/x-vcard; name=\"$filename\"; charset=utf-8");
-  $smarty->display($template);
+  $output = $smarty->fetch($template) . "\n";
+  $output = str_replace("\n", "\r\n", $output);
+  echo $output;
 }else{
   header('Content-Type: text/html; charset=utf-8');
   $smarty->display($template);
@@ -84,8 +91,9 @@ function _fetchData($dn){
   global $smarty;
   global $users; //contains the users for manager role
 
-  $sr = ldap_search($LDAP_CON,$dn,'(objectClass=inetOrgPerson)');
-  if(!ldap_count_entries($LDAP_CON,$sr)){
+  $sr = @ldap_search($LDAP_CON,$dn,'(objectClass=inetOrgPerson)');
+  tpl_ldaperror();
+  if(!@ldap_count_entries($LDAP_CON,$sr)){
     return false;
   }
   $result = ldap_get_binentries($LDAP_CON, $sr);
@@ -124,13 +132,13 @@ function _saveData(){
   $entry = $_REQUEST['entry'];
   $dn    = $_REQUEST['dn'];
   //construct new dn
-  $now    = time();
-  $newdn  = 'uid='.$now;
+  $new_uid = time().str_pad(mt_rand(0,99999999),8,"0", STR_PAD_LEFT);
+  $newdn   = 'uid='.$new_uid;
   if (empty($_REQUEST['type'])) { $_REQUEST['type']='public'; }
-  if($_REQUEST['type'] == 'private'){
-    $newdn .= ', '.$conf['privatebook'].', '.$_SESSION['ldapab']['binddn'];
+  if($_REQUEST['type'] == 'private' && $conf['privatebook']){
+    $newdn .= ','.$conf['privatebook'].','.$_SESSION['ldapab']['binddn'];
   }else{
-    $newdn .= ', '.$conf['publicbook'];
+    $newdn .= ','.$conf['publicbook'];
   }
   $entry['displayname'] = $entry['givenname'].' '.$entry['name'];;
   $entry = prepare_ldap_entry($entry);
@@ -143,8 +151,8 @@ print '</pre>';
 
   if(empty($dn)){
     //new entry
-    $entry['uid'][] = $now;
-    $r = ldap_add($LDAP_CON,$newdn,$entry);
+    $entry['uid'][] = $new_uid;
+    $r = @ldap_add($LDAP_CON,$newdn,$entry);
     tpl_ldaperror();
     return $newdn;
   }else{
@@ -213,6 +221,8 @@ function _delEntry($dn){
  * gets the binary data from an uploaded file
  */
 function _getUploadData(){
+  global $smarty;
+  global $lang;
   $file = $_FILES['photoupload'];
 
   if (is_uploaded_file($file['tmp_name'])) {
@@ -222,7 +232,19 @@ function _getUploadData(){
       fclose($fh);
       unlink($file['tmp_name']);
       return $data;
+    } else {
+      $smarty->assign('jpegError',$lang['err_wrongFileType']);
+    }
+  } elseif (preg_match('/http:\/\//', $_REQUEST["photo"])) {
+    $fd = fopen($_REQUEST["photo"], "rb");
+    $data = '';
+    while (!feof($fd)) {
+      $data .= fread($fd, 8192);
     }
+    fclose($fd);
+    return $data;
+  } else {
+    $smarty->assign('jpegError',$lang['err_fileNotUploaded']);
   }
   return '';
 }