X-Git-Url: https://git.sur5r.net/?p=contagged;a=blobdiff_plain;f=index.php;h=5a9ab819da54fab7dd2615819abf63be3d31c1bf;hp=22d5c10936c3e3fb53bc2d9b309916dc739f7be3;hb=HEAD;hpb=dc1cf7d3f358421bcc6ac13019ce82a5a34250ad
diff --git a/index.php b/index.php
index 22d5c10..5a9ab81 100644
--- a/index.php
+++ b/index.php
@@ -1,34 +1,33 @@
-
- require_once('init.php');
- ldap_login();
-
- //prepare filter
- $ldapfilter = _makeldapfilter();
+ display page
- header("Location: entry.php?dn=".$result[0][dn]);
+ header("Location: entry.php?dn=".rawurlencode($result[0]['dn']));
exit;
}elseif(count($result)){
$keys = array_keys($result);
@@ -40,22 +39,38 @@
}
//prepare templates
- tpl_std();
- tpl_markers();
+ if (empty($_REQUEST['filter'])) $_REQUEST['filter']='';
+ if (empty($_REQUEST['marker'])) $_REQUEST['marker']='';
+ if (empty($_REQUEST['search'])) $_REQUEST['search']='';
$smarty->assign('list',$list);
$smarty->assign('filter',$_REQUEST['filter']);
+ $smarty->assign('marker',$_REQUEST['marker']);
+ $smarty->assign('search',$_REQUEST['search']);
+ $smarty->assign('org',$_REQUEST['org']);
//display templates
- if($_REQUEST['export'] == 'csv'){
- header("Content-Type: text/csv");
- header('Content-Disposition: Attachement; filename="ldapabexport.csv"');
- $smarty->display('export_list_csv.tpl');
+ if(!empty($_REQUEST['export'])){
+ if ($conf['userlogreq'] && $user == ''){
+ header("HTTP/1.1 401 Access Denied");
+ echo '
Access Denied
';
+ exit();
+ }
+
+ if($_REQUEST['export'] == 'csv'){
+ header("Content-Type: text/csv");
+ header('Content-Disposition: Attachement; filename="contagged_export.csv"');
+ $smarty->display('list_csv.tpl');
+ exit;
+ }elseif($_REQUEST['export'] == 'map'){
+ header('Content-Type: text/html; charset=utf-8');
+ $smarty->display('list_map.tpl');
+ exit;
+ }
}else{
//save location in session
- $_SESSION[ldapab][lastlocation]=$_SERVER["REQUEST_URI"];
- $smarty->display('header.tpl');
- $smarty->display('list_filter.tpl');
+ $_SESSION['ldapab']['lastlocation']=$_SERVER["REQUEST_URI"];
+
+ header('Content-Type: text/html; charset=utf-8');
$smarty->display('list.tpl');
- $smarty->display('footer.tpl');
}
//------- functions -----------//
@@ -66,8 +81,11 @@
*/
function _namesort($a,$b){
global $result;
- $x = $result[$a][sn][0].$result[$a][givenName][0];
- $y = $result[$b][sn][0].$result[$b][givenName][0];
+ global $FIELDS;
+ if (empty($result[$a][$FIELDS['givenname']])) { $result[$a][$FIELDS['givenname']]=''; }
+ if (empty($result[$b][$FIELDS['givenname']])) { $result[$b][$FIELDS['givenname']]=''; }
+ $x = $result[$a][$FIELDS['name']][0].$result[$a][$FIELDS['givenname']][0];
+ $y = $result[$b][$FIELDS['name']][0].$result[$b][$FIELDS['givenname']][0];
return(strcasecmp($x,$y));
}
@@ -76,39 +94,83 @@
* Creates an LDAP filter from given request variables search or filter
*/
function _makeldapfilter(){
+ global $FIELDS;
+ global $conf;
+
//handle given filter
- $filter = $_REQUEST['filter'];
- $search = $_REQUEST['search'];
- $org = $_REQUEST['org'];
- $marker = $_REQUEST['marker'];
- $_SESSION[ldapab][filter] = $filter;
+ if (empty($_REQUEST['filter'])) { $_REQUEST['filter']=''; }
+ if (empty($_REQUEST['search'])) { $_REQUEST['search']=''; }
+ if (empty($_REQUEST['org'])) { $_REQUEST['org']=''; }
+ if (empty($_REQUEST['marker'])) { $_REQUEST['marker']=''; }
+ if(is_numeric($_REQUEST['search'])) $number = $_REQUEST['search'];
+ $filter = ldap_filterescape($_REQUEST['filter']);
+ $search = ldap_filterescape($_REQUEST['search']);
+ $org = ldap_filterescape($_REQUEST['org']);
+ $marker = ldap_filterescape($_REQUEST['marker']);
+ $_SESSION['ldapab']['filter'] = $_REQUEST['filter'];
if(empty($filter)) $filter='a';
if(!empty($marker)){
- $marker = utf8_encode($marker);
- $ldapfilter = "(&(objectClass=contactPerson)(marker=$marker))";
+ // Search by tag
+ $ldapfilter = '(&( |(objectClass=evolutionPerson)(objectClass=contactPerson) )';
+ $marker = explode(',',$marker);
+ foreach($marker as $m){
+ $m = trim($m);
+ $ldapfilter .= '('.$FIELDS['_marker'].'='.$m.')';
+ }
+ $ldapfilter .= ')';
+ }elseif($number){
+ // Search by telephone number
+ $filter = '';
+ // add wildcards between digits to compensate for any formatting
+ $length = strlen($number);
+ for($i=0; $i <$length; $i++){
+ $filter .= '*'.$number{$i};
+ }
+ $filter .= '*';
+ $ldapfilter = '(&'.
+ '(objectClass=inetOrgPerson)'.
+ '(|'.
+ '(|'.
+ '('.$FIELDS['phone'].'='.$filter.')'.
+ '('.$FIELDS['homephone'].'='.$filter.')'.
+ ')'.
+ '('.$FIELDS['mobile'].'='.$filter.')'.
+ ')'.
+ ')';
}elseif(!empty($search)){
+ // Search name and organization
$search = trim($search);
$words=preg_split('/\s+/',$search);
$filter='';
foreach($words as $word){
- $word = utf8_encode($word);
- $filter .= "(|(|(sn=*$word*)(givenName=*$word*))(o=*$word*))";
+ $wordfilter='';
+ foreach($conf['searchfields'] as $field) {
+ $wordfilter .= '('.$field.'=*'.$word.'*)';
+ }
+ for($i=0; $i