header('Content-Type: text/html; charset=utf-8');
-if($_REQUEST['taglookup']){
+if(!empty($_REQUEST['taglookup'])){
ajax_taglookup($_REQUEST['taglookup']);
-}elseif($_REQUEST['addnote']){
+}elseif(!empty($_REQUEST['addnote'])){
ajax_addnote($_REQUEST['addnote'],$_REQUEST['note']);
-}elseif($_REQUEST['settags']){
+}elseif(!empty($_REQUEST['settags'])){
ajax_settags($_REQUEST['settags'],$_REQUEST['tags']);
}
$users = get_users();
//select template to use
+ if (empty($_REQUEST['mode'])) { $_REQUEST['mode']='show'; }
if( $_SESSION['ldapab']['username'] &&
($_REQUEST['mode']=='edit' || $_REQUEST['mode']=='copy')){
$template='entry_edit.tpl';
$template='entry_show.tpl';
}
- $dn = $_REQUEST['dn'];
- #$dn = 'cn=bar foo, ou=contacts, o=cosmocode, c=de';
+ if (empty($_REQUEST['dn'])) {
+ $dn = "";
+ }else{
+ $dn = $_REQUEST['dn'];
+ #$dn = 'cn=bar foo, ou=contacts, o=cosmocode, c=de';
+ }
//save data if asked for
- if($_SESSION['ldapab']['username'] && $_REQUEST['save']){
+ if($_SESSION['ldapab']['username'] && !empty($_REQUEST['save']) && $_REQUEST['save']){
// prepare special data
$_REQUEST['entry']['jpegPhoto'][]=_getUploadData();
$_REQUEST['entry']['marker'] = explode(',',$_REQUEST['entry']['markers']);
$smarty->assign('error','No dn was given');
$template = 'error.tpl';
}
- }elseif($_REQUEST['del']){
+ }elseif(!empty($_REQUEST['del']) && $_REQUEST['del']){
_delEntry($dn);
}elseif(!_fetchData($dn)){
$smarty->assign('error',"The requested entry '$dn' was not found");
$entry = $result[0];
//remove dn from entry when copy
- if($_REQUEST['mode'] == 'copy'){
+ if(!empty($_REQUEST['mode']) && $_REQUEST['mode'] == 'copy'){
$entry['dn']='';
}
print '</pre>';*/
// make username from dn for manager:
+ if (empty($entry['manager'])) { $entry['manager']=array(""); }
+ if (empty($users[$entry['manager'][0]])) { $users[$entry['manager'][0]]=''; }
$smarty->assign('managername',$users[$entry['manager'][0]]);
return true;
}
$entries = namedentries();
$entries['mail']='mail'; //special field mail isn't in entries so we add it here
if($conf['extended']){
- $entries['marker']='marker'; //same for marker inextended schema
+ $entries['marker']='marker'; //same for marker in extended schema
}
$entry = $_REQUEST['entry'];
//construct new dn
$now = time();
$newdn = 'uid='.$now;
+ if (empty($_REQUEST['type'])) { $_REQUEST['type']='public'; }
if($_REQUEST['type'] == 'private'){
$newdn .= ', '.$conf['privatebook'].', '.$_SESSION['ldapab']['binddn'];
}else{
if($key == 'dn'){
continue;
}elseif(empty($entry[$key])){
+ if (empty($_REQUEST['delphoto'])) { $_REQUEST['delphoto']=0; }
if($key == 'jpegPhoto' && !$_REQUEST['delphoto']){
continue;
}
// use HTTP auth if wanted and possible
$_SESSION['ldapab']['username'] = $_SERVER['PHP_AUTH_USER'];
$_SESSION['ldapab']['password'] = $_SERVER['PHP_AUTH_PW'];
- } elseif ($_COOKIE['ldapabauth']) {
+ } elseif (!empty($_COOKIE['ldapabauth'])) {
// check persistent cookie
$cookie = base64_decode($_COOKIE['ldapabauth']);
$cookie = x_Decrypt($cookie,get_cookie_secret());
$_SESSION['ldapab']['password'] = $p;
}
- if(!do_ldap_bind($_SESSION['ldapab']['username'],
+ if(empty($_SESSION['ldapab']) ||
+ !do_ldap_bind($_SESSION['ldapab']['username'],
$_SESSION['ldapab']['password'],
$_SESSION['ldapab']['binddn'])){
header('Location: login.php?username=');
*/
function auth_browseruid(){
$uid = '';
+ if (empty($_SERVER['HTTP_USER_AGENT'])) { $_SERVER['HTTP_USER_AGENT']='USER_AGENT'; }
+ if (empty($_SERVER['HTTP_ACCEPT_ENCODING'])) { $_SERVER['HTTP_ACCEPT_ENCODING']='ACCEPT_ENCODING'; }
+ if (empty($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { $_SERVER['HTTP_ACCEPT_LANGUAGE']='ACCEPT_LANGUAGE'; }
+ if (empty($_SERVER['HTTP_ACCEPT_CHARSET'])) { $_SERVER['HTTP_ACCEPT_CHARSET']='ACCEPT_CHARSET'; }
$uid .= $_SERVER['HTTP_USER_AGENT'];
$uid .= $_SERVER['HTTP_ACCEPT_ENCODING'];
$uid .= $_SERVER['HTTP_ACCEPT_LANGUAGE'];
$_SESSION['ldapab']['password'] = $pass;
$_SESSION['ldapab']['browserid'] = auth_browseruid();
- // (re)set the persistant auth cookie
+ // (re)set the persistent auth cookie
if($user == ''){
setcookie('ldapabauth','',time()+60*60*24*365);
- }elseif($_REQUEST['remember']){
+ }elseif(!empty($_REQUEST['remember'])){
$cookie = serialize(array($user,$pass));
$cookie = x_Encrypt($cookie,get_cookie_secret());
$cookie = base64_encode($cookie);
}
/**
- * Creates a random string to encrypt persistant auth
- * cookies the string is stored inside the cache dir
+ * Creates a random string to encrypt persistent auth
+ * cookies; the string is stored inside the cache dir
*/
function get_cookie_secret(){
$file = dirname(__FILE__).'/cache/.htcookiesecret.php';
$sr = ldap_list($LDAP_CON,$conf['usertree'],"ObjectClass=inetOrgPerson");
$result = ldap_get_binentries($LDAP_CON, $sr);
+ $users = array();
if(count($result)){
foreach ($result as $entry){
if(!empty($entry['sn'][0])){
$conf['privatebook'].','.$_SESSION['ldapab']['binddn'],
$ldapfilter);
$result2 = ldap_get_binentries($LDAP_CON, $sr);
+ }else{
+ $result2 = '';
}
$result = array_merge((array)$result1,(array)$result2);
// select entry template
- if($_REQUEST['export'] == 'csv'){
+ if(!empty($_REQUEST['export']) && $_REQUEST['export'] == 'csv'){
$entrytpl = 'export_list_csv_entry.tpl';
}else{
$entrytpl = 'list_entry.tpl';
tpl_categories();
tpl_timezone();
tpl_country();
+ if (empty($_REQUEST['filter'])) $_REQUEST['filter']='';
+ if (empty($_REQUEST['marker'])) $_REQUEST['marker']='';
+ if (empty($_REQUEST['search'])) $_REQUEST['search']='';
$smarty->assign('list',$list);
$smarty->assign('filter',$_REQUEST['filter']);
$smarty->assign('marker',$_REQUEST['marker']);
$smarty->assign('search',$_REQUEST['search']);
//display templates
- if($_REQUEST['export'] == 'csv'){
+ if(!empty($_REQUEST['export']) && $_REQUEST['export'] == 'csv'){
if ($conf['userlogreq'] == 1 && $user == '')
{
header("HTTP/1.1 401 ACCESS DENIED");
*/
function _namesort($a,$b){
global $result;
+ if (empty($result[$a]['givenName'])) { $result[$a]['givenName']=''; }
+ if (empty($result[$b]['givenName'])) { $result[$b]['givenName']=''; }
$x = $result[$a]['sn'][0].$result[$a]['givenName'][0];
$y = $result[$b]['sn'][0].$result[$b]['givenName'][0];
return(strcasecmp($x,$y));
function _makeldapfilter(){
//handle given filter
+ if (empty($_REQUEST['filter'])) { $_REQUEST['filter']=''; }
+ if (empty($_REQUEST['search'])) { $_REQUEST['search']=''; }
+ if (empty($_REQUEST['org'])) { $_REQUEST['org']=''; }
+ if (empty($_REQUEST['marker'])) { $_REQUEST['marker']=''; }
+ if (empty($_REQUEST['categories'])) { $_REQUEST['categories']=''; }
$filter = ldap_filterescape($_REQUEST['filter']);
$search = ldap_filterescape($_REQUEST['search']);
$org = ldap_filterescape($_REQUEST['org']);
$msg = $lang['msg_login'];
if(isset($_REQUEST['username'])){
+ if (empty($_REQUEST['password'])) { $_REQUEST['password']=''; }
if (do_ldap_bind($_REQUEST['username'],$_REQUEST['password'])){
//forward to next page
if(!empty($_SESSION['ldapab']['lastlocation'])){
$max = 0;
$tags = array();
foreach ($result as $entry){
- if(count($entry['marker'])){
+ if(!empty($entry['marker']) && count($entry['marker'])){
foreach($entry['marker'] as $marker){
$marker = strtolower($marker);
+ if (empty($tags[$marker])) { $tags[$marker]=0; }
$tags[$marker] += 1;
if($tags[$marker] > $max) $max = $tags[$marker];
}
global $smarty;
global $conf;
$entries = namedentries();
-
+ $out=array();
//handle named entries
foreach(array_keys($entries) as $key){
- if($in[$key]){
+ if(!empty($in[$key])){
if(is_array($in[$key])){
$out[$entries[$key]] = $in[$key][0];
}else{
}
//set the type
- $out['dn'] = normalize_dn($out['dn']);
+ if (empty($out['dn'])) { $out['dn']=''; }
+ $out['dn'] = normalize_dn($out['dn']);
$conf['publicbook'] = normalize_dn($conf['publicbook']);
if($out['dn']){
if(strstr($out['dn'],$conf['publicbook'])){
}
}
- //mail entries are handled special
+ //mail entries are handled specially
+ if (empty($in['mail'])) { $in['mail']=''; }
$out['mail'] = $in['mail'];
if ($conf['extended']){
- //handle marker special in extended mode
+ //handle marker specially in extended mode
+ if (empty($in['marker'])) { $in['marker']=''; }
$out['marker'] = $in['marker'];
if(is_array($in['marker'])) $out['markers'] = join(', ',$in['marker']);
}
if ($conf['openxchange']){
- //handle categories special in openxchange mode
+ //handle categories specially in openxchange mode
$out['categories'] = $in['OXUserCategories'];
}
$conf['privatebook'].','.$_SESSION['ldapab']['binddn'],
"ObjectClass=inetOrgPerson",array("marker"));
$result2 = ldap_get_binentries($LDAP_CON, $sr);
+ }else{
+ $result2 = '';
}
$result = array_merge((array)$result1,(array)$result2);
if(count($result)){
foreach ($result as $entry){
- if(count($entry['marker'])){
+ if(!empty($entry['marker']) && count($entry['marker'])){
foreach($entry['marker'] as $marker){
array_push($markers, $marker);
}
+{if $entry.type}
<tr>
<td class="result" width="25">
<img src="pix/{$entry.type}.png" border="0" width="16" height="16" align="middle" title="{$entry.type}">
{/if}
</td>
</tr>
-
+{/if}
projects / contagged / commitdiff