]> git.sur5r.net Git - contagged/blobdiff - index.php
projects / contagged / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Remove magic_quotes function
[contagged] / index.php
diff --git a/index.php b/index.php
index 26c591204e3374081264d153b2a7abca04131ce3..5a9ab819da54fab7dd2615819abf63be3d31c1bf 100644 (file)
--- a/index.php
+++ b/index.php
@@ -12,6 +12,8 @@
     $entrytpl = 'list_entry.tpl';
   }
 
+  tpl_std();
+
   // check which fields are needed
   $fields = get_fields_from_template($entrytpl);
 
@@ -25,7 +27,7 @@
   $list = '';
   if(count($result)==1 && $_REQUEST['search']){
     //only one result on a search -> display page
-    header("Location: entry.php?dn=".$result[0]['dn']);
+    header("Location: entry.php?dn=".rawurlencode($result[0]['dn']));
     exit;
   }elseif(count($result)){
     $keys = array_keys($result);
@@ -37,7 +39,6 @@
   }
 
   //prepare templates
-  tpl_std();
   if (empty($_REQUEST['filter'])) $_REQUEST['filter']='';
   if (empty($_REQUEST['marker'])) $_REQUEST['marker']='';
   if (empty($_REQUEST['search'])) $_REQUEST['search']='';
@@ -48,8 +49,9 @@
   $smarty->assign('org',$_REQUEST['org']);
   //display templates
   if(!empty($_REQUEST['export'])){
-    if ($conf['userlogreq'] == 1 && $user == ''){
-      header("HTTP/1.1 401 ACCESS DENIED");
+    if ($conf['userlogreq'] && $user == ''){
+      header("HTTP/1.1 401 Access Denied");
+      echo '<h1>Access Denied</h1>';
       exit();
     }
 
@@ -93,6 +95,7 @@
    */
   function _makeldapfilter(){
     global $FIELDS;
+    global $conf;
 
     //handle given filter
 
@@ -110,7 +113,7 @@
 
     if(!empty($marker)){
       // Search by tag
-      $ldapfilter = '(&(objectClass=contactPerson)';
+      $ldapfilter = '(&( |(objectClass=evolutionPerson)(objectClass=contactPerson) )';
       $marker = explode(',',$marker);
       foreach($marker as $m){
         $m = trim($m);
@@ -133,7 +136,7 @@
                                 '('.$FIELDS['phone'].'='.$filter.')'.
                                 '('.$FIELDS['homephone'].'='.$filter.')'.
                             ')'.
-                            '('.$FIELDS['homephone'].'='.$filter.')'.
+                            '('.$FIELDS['mobile'].'='.$filter.')'.
                         ')'.
                     ')';
     }elseif(!empty($search)){
@@ -142,9 +145,14 @@
       $words=preg_split('/\s+/',$search);
       $filter='';
       foreach($words as $word){
-        $filter .= '(|(|('.$FIELDS['name'].'=*'.$word.'*)('.
-                   $FIELDS['givenname'].'=*'.$word.'*))('.
-                   $FIELDS['organization'].'=*'.$word.'*))';
+        $wordfilter='';
+        foreach($conf['searchfields'] as $field) {
+          $wordfilter .= '('.$field.'=*'.$word.'*)';
+        }
+        for($i=0; $i <count($conf['searchfields']); $i++){
+          $wordfilter = '(|'.$wordfilter.')';
+        }
+        $filter .= '(&'.$wordfilter.')';
       }
       $ldapfilter = "(&(objectClass=inetOrgPerson)$filter)";
     }elseif(!empty($org)){
ConTagged is a web-based address book for small companies written in PHP.