deon
/
phpldapadmin
1
0
Fork 0
Code Issues 36 Pull Requests Packages Projects Releases Wiki Activity

RELEASE 0.9.0

This commit is contained in:
Deon George 2009-06-30 18:05:37 +10:00
commit 763843c16a
77 changed files with 6757 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
INSTALL Normal file
View File

@ -0,0 +1,40 @@
These instructions assume that you have a working install of:
a. A web server (Apache, IIS, etc).
b. PHP (with LDAP support)
Installing phpLDAPAdmin in 4 easy steps:
1. Untar the archive (if you're reading this, you've already done that).
2. Put the resulting phpldapadmin directory somewhere in your webroot.
3. Copy 'config.php.example' to 'config.php' and edit to taste.
4. Then, point your browser to the phpldapadmin directory.
Browsers
phpLDAPAdmin was developed on Mozilla, and will most likely run best thereon.
However, testing has been done on Internet Explorer, and it should work
well also. No testing has been done on either Konqueror (or any khtml-based
browser like Safari) or Opera. If you find a browser incompatibility,
please report it.
Contributors (thank you!)
Patch writers:
- Mario Valdez jpegPhoto support, localization (not yet in 0.8.x), html fixes
- Bayu Irawan userPassword encryption support, html fixes, ldap_modify fixes
- Uwe Ebel short_open_tags fix-it script
- Philippe Broussard form auth_type bug report
- Andrew Tipton SUP support in schema-fetching
- Eigil Bjørgum UTF-8 support
- Brandon Lederer DNS entry template
Nathan Rotschafer
- Steve Rigler Password hash patch
- Chric Jackson Blowfish and md5crypt passwords
Bug reporters:
- Colin Tinker (short_open_tags bug report)
- Greg Felix (multi-value update bug report)
- Moritz Mertinkat (creation bug report)

341
LICENSE Normal file
View File

@ -0,0 +1,341 @@
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.
59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Library General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) year name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
`Gnomovision' (which makes passes at compilers) written by James Hacker.
<signature of Ty Coon>, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Library General
Public License instead of this License.

1
VERSION Normal file
View File

@ -0,0 +1 @@
0.9.0

55
add_oclass.php Normal file
View File

@ -0,0 +1,55 @@
<?php
/*
* add_oclass.php
* Adds an objectClass to the specified dn.
* Variables that come in as POST vars:
*
* Note, this does not do any schema violation checking. That is
* performed in add_oclass_form.php.
*
* Vars that come in as POST:
* - dn (rawurlencoded)
* - server_id
* - new_oclass
* - new_attrs (array, if any)
*/
require 'config.php';
require 'functions.php';
$dn = stripslashes( rawurldecode( $_POST['dn'] ) );
$encoded_dn = rawurlencode( $dn );
$new_oclass = stripslashes( $_POST['new_oclass'] );
$server_id = $_POST['server_id'];
$new_attrs = $_POST['new_attrs'];
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
$new_entry = array();
$new_entry['objectClass'] = $new_oclass;
$new_attrs_entry = array();
$new_oclass_entry = array( 'objectClass' => $new_oclass );
if( is_array( $new_attrs ) && count( $new_attrs ) > 0 )
foreach( $new_attrs as $attr => $val )
$new_entry[ $attr ] = $val;
//echo "<pre>";
//print_r( $new_entry );
//exit;
$ds = pla_ldap_connect( $server_id ) or pla_error( "Could not connect to LDAP server." );
$add_res = @ldap_mod_add( $ds, $dn, $new_entry );
if( ! $add_res )
{
pla_error( "Could not perform ldap_mod_add operation", ldap_error( $ds ), ldap_errno( $ds ) );
}
else
{
header( "Location: edit.php?server_id=$server_id&dn=$encoded_dn" );
}
?>

108
add_oclass_form.php Normal file
View File

@ -0,0 +1,108 @@
<?php
/*
* add_oclass_form.php
* This page may simply add the objectClass and take you back to the edit page,
* but, in one condition it may prompt the user for input. That condition is this:
*
* If the user has requested to add an objectClass that requires a set of
* attributes with 1 or more not defined by the object. In that case, we will
* present a form for the user to add those attributes to the object.
*
* Variables that come in as POST vars:
* - dn (rawurlencoded)
* - server_id
* - new_oclass
*/
require 'config.php';
require_once 'functions.php';
$dn = stripslashes( rawurldecode( $_POST['dn'] ) );
$encoded_dn = rawurlencode( $dn );
$new_oclass = stripslashes( $_POST['new_oclass'] );
$server_id = $_POST['server_id'];
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
/* Ensure that the object has defined all MUST attrs for this objectClass.
* If it hasn't, present a form to have the user enter values for all the
* newly required attrs. */
$entry = get_object_attrs( $server_id, $dn, true );
$current_attrs = array();
foreach( $entry as $attr => $junk )
$current_attrs[] = strtolower($attr);
// grab the required attributes for the new objectClass
$must_attrs = get_schema_objectclasses( $server_id );
$must_attrs = $must_attrs[ strtolower($new_oclass) ]['must_attrs'];
sort( $must_attrs );
// build a list of the attributes that this new objectClass requires,
// but that the object does not currently contain
$needed_attrs = array();
foreach( $must_attrs as $attr )
if( ! in_array( strtolower($attr), $current_attrs ) )
$needed_attrs[] = $attr;
if( count( $needed_attrs ) > 0 )
{
?>
<?php include 'header.php'; ?>
<body>
<h3 class="title">New Required Attributes</h3>
<h3 class="subtitle">This action requires you to add <?php echo count($needed_attrs); ?> new attribute<?php echo (count($needed_attrs)>1?'s':''); ?></h3>
<small>
Instrucitons: In order to add the objectClass <b><?php echo $new_oclass; ?></b> to the object <b><?php echo htmlspecialchars($dn); ?></b>,
you must specify <?php echo count( $needed_attrs ); ?> new attribute<?php echo (count($needed_atts)>1?'s':''); ?> that this
objectClass requires. You can do so in this form.</small>
<br />
<br />
<form action="add_oclass.php" method="post">
<input type="hidden" name="new_oclass" value="<?php echo htmlspecialchars( $new_oclass ); ?>" />
<input type="hidden" name="dn" value="<?php echo $encoded_dn; ?>" />
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<table class="edit_dn" cellspacing="0">
<tr><th colspan="2">New Required Attributes</th></tr>
<?php foreach( $needed_attrs as $count => $attr ) { ?>
<?php if( $count % 2 == 0 ) { ?>
<tr class="row1">
<?php } else { ?>
<tr class="row2">
<?php } ?>
<td class="attr"><b><?php echo htmlspecialchars($attr); ?></b></td>
<td class="val"><input type="text" name="new_attrs[<?php echo htmlspecialchars($attr); ?>]" value="" size="40" />
</tr>
<?php } ?>
</table>
<br />
<br />
<center><input type="submit" value="Add ObjectClass and Attributes" /></center>
</form>
</body>
</html>
<?php
}
else
{
$ds = pla_ldap_connect( $server_id ) or pla_error( "Could not connect to LDAP server." );
$add_res = @ldap_mod_add( $ds, $dn, array( 'objectClass' => $new_oclass ) );
if( ! $add_res )
pla_error( "Could not perform ldap_mod_add operation.", ldap_error( $ds ), ldap_errno( $ds ) );
else
header( "Location: edit.php?server_id=$server_id&dn=$encoded_dn" );
}
?>

52
add_value.php Normal file
View File

@ -0,0 +1,52 @@
<?php
/*
* add_value.php
* Adds a value to an attribute for a given dn.
* Variables that come in as POST vars:
* - dn (rawurlencoded)
* - attr (rawurlencoded) the attribute to which we are adding a value
* - server_id
* - new_value (form element)
*
* On success, redirect to the edit_dn page.
* On failure, echo an error.
*/
require 'config.php';
require_once 'functions.php';
$dn = stripslashes( rawurldecode( $_POST['dn'] ) );
$encoded_dn = rawurlencode( $dn );
$attr = stripslashes( $_POST['attr'] );
$encoded_attr = rawurlencode( $attr );
$server_id = $_POST['server_id'];
$new_value = stripslashes( $_POST['new_value'] );
$new_value = utf8_encode($new_value);
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
$ds = pla_ldap_connect( $server_id ) or pla_error( "Could not connect to LDAP server" );
// special case for jpegPhoto attributes:
// we must go read the data from the file.
if( 0 == strcasecmp( $attr, 'jpegPhoto' ) )
{
$file = $_FILES['jpeg_photo_file']['tmp_name'];
$f = fopen( $file, 'r' );
$jpeg_data = fread( $f, filesize( $file ) );
fclose( $f );
$new_value = $jpeg_data;
}
$new_entry = array( $attr => $new_value );
$add_result = @ldap_mod_add( $ds, $dn, $new_entry );
if( ! $add_result )
pla_error( "Could not perform ldap_mod_add operation.", ldap_error( $ds ), ldap_errno( $ds ) );
header( "Location: edit.php?server_id=$server_id&dn=$encoded_dn&updated_attr=$encoded_attr" );
?>

133
add_value_form.php Normal file
View File

@ -0,0 +1,133 @@
<?php
/*
* add_value_form.php
* Displays a form to allow the user to enter a new value to add
* to the existing list of values for a multi-valued attribute.
* Variables that come in as GET vars:
* - dn (rawurlencoded)
* - attr (rawurlencoded) the attribute to which we are adding a value
* - server_id
*
*/
require 'config.php';
require_once 'functions.php';
$dn = stripslashes( $_GET['dn'] );
$encoded_dn = rawurlencode( $dn );
$server_id = $_GET['server_id'];
$rdn = ldap_explode_dn( $dn, 0 );
$rdn = $rdn[0];
$server_name = $servers[$server_id]['name'];
$attr = stripslashes( $_GET['attr'] );
$encoded_attr = rawurlencode( $attr );
$current_values = get_object_attr( $server_id, $dn, $attr );
$num_current_values = ( is_array($current_values) ? count($current_values) : 1 );
$is_object_class = ( 0 == strcasecmp( $attr, 'objectClass' ) ) ? true : false;
$is_jpeg_photo = ( 0 == strcasecmp( $attr, 'jpegPhoto' ) ) ? true : false;
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
if( $is_object_class ) {
// fetch all available objectClasses and remove those from the list that are already defined in the entry
$schema_oclasses = get_schema_objectclasses( $server_id );
if( ! is_array( $current_values ) )
$current_values = array( $current_values );
foreach( $current_values as $oclass )
unset( $schema_oclasses[ strtolower( $oclass ) ] );
} else {
$schema_attrs = get_schema_attributes( $server_id );
}
?>
<?php include 'header.php'; ?>
<body>
<h3 class="title">New <b><?php echo htmlspecialchars($attr); ?></b> value for <b><?php echo htmlentities($rdn); ?></b></h3>
<h3 class="subtitle">Server: <b><?php echo $server_name; ?></b> &nbsp;&nbsp;&nbsp; Distinguished Name: <b><?php echo $dn; ?></b></h3>
Current list of <b><?php echo $num_current_values; ?></b> value<?php echo $num_current_values>1?'s':''; ?>
for attribute <b><?php echo htmlspecialchars($attr); ?></b>:
<?php if( $is_jpeg_photo ) { ?>
<table><td>
<?php draw_jpeg_photos( $server_id, $dn ); ?>
</td></table>
<!-- Temporary warning until we find a way to add jpegPhoto values without an INAPROPRIATE_MATCHING error -->
<p><small>
Note: You will get an "inappropriate matching" error if you have not<br />
setup an <tt>EQUALITY</tt> rule on your LDAP server for <tt>jpegPhoto</tt> attributes.
</small></p>
<!-- End of temporary warning -->
<?php } else { ?>
<ul class="current_values">
<?php if( is_array( $current_values ) ) /*$num_current_values > 1 )*/ {
foreach( $current_values as $val ) { ?>
<li><nobr><?php echo htmlspecialchars(utf8_decode($val)); ?></nobr></li>
<?php } ?>
<?php } else { ?>
<li><nobr><?php echo htmlspecialchars(utf8_decode($current_values)); ?></nobr></li>
<?php } ?>
</ul>
<?php } ?>
Enter the value you would like to add:<br />
<br />
<?php if( $is_object_class ) { ?>
<form action="add_oclass_form.php" method="post" class="new_value">
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="dn" value="<?php echo $encoded_dn; ?>" />
<select name="new_oclass">
<?php foreach( $schema_oclasses as $oclass => $desc ) { ?>
<option value="<?php echo $desc['name']; ?>"><?php echo $desc['name']; ?></option>
<?php } ?>
</select> <input type="submit" value="Add new objectClass" />
<br /><small>Note: you may be required to enter new attributes<br />
that this objectClass requires (MUST attrs)</small>
<?php } elseif( $is_jpeg_photo ) { ?>
<form action="add_value.php" method="post" class="new_value" enctype="multipart/form-data">
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="dn" value="<?php echo $encoded_dn; ?>" />
<input type="hidden" name="attr" value="<?php echo $encoded_attr; ?>" />
<input type="file" name="jpeg_photo_file" value="" /><br />
<br />
<input type="submit" name="submit" value="Add new jpeg &gt;&gt;" />
<?php } else { ?>
<form action="add_value.php" method="post" class="new_value">
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="dn" value="<?php echo $encoded_dn; ?>" />
<input type="hidden" name="attr" value="<?php echo $encoded_attr; ?>" />
<input type="text" name="new_value" size="40" value="" />
<input type="submit" name="submit" value="Add New Value" />
<br />
<small>Syntax: <?php echo $schema_attrs[ strtolower($attr) ]['type']; ?></small>
</form>
<?php } ?>
</body>
</html>

43
collapse.php Normal file
View File

@ -0,0 +1,43 @@
<?php
/*
* collapse.php
* This script alters the session variable 'tree', collapsing it
* at the dn specified in the query string.
*
* Variables that come in as GET vars:
* - dn (rawurlencoded)
* - server_id
*
* Note: this script is equal and opposite to expand.php
*/
require 'config.php';
require_once 'functions.php';
$dn = stripslashes( $_GET['dn'] );
$encoded_dn = rawurlencode( $dn );
$server_id = $_GET['server_id'];
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
session_start();
session_is_registered( 'tree' ) or pla_error( "Your session tree is not registered. That's weird. Shouldn't ever happen".
". Just go back and it should be fixed automagically." );
$tree = $_SESSION['tree'];
// and remove this instance of the dn as well
unset( $tree[$server_id][$dn] );
$_SESSION['tree'] = $tree;
session_write_close();
// This is for Opera. By putting "random junk" in the query string, it thinks
// that it does not have a cached version of the page, and will thus
// fetch the page rather than display the cached version
$time = gettimeofday();
$random_junk = md5( strtotime( 'now' ) . $time['usec'] );
header( "Location: tree.php?foo=$random_junk#{$server_id}_{$encoded_dn}" );
; ?>

163
config.php.example Normal file
View File

@ -0,0 +1,163 @@
<?php
/*
* The phpLDAPAdmin config file
* This is where you customize phpLDAPAdmin. The most important
* part is immediately below: The "LDAP Servers" section.
* You must specify at least one LDAP server there.
*/
// Required Configuration
// Your LDAP servers
$i=0;
$servers = array();
$servers[$i]['name'] = 'My LDAP Server'; /* A convenient name that will appear in the tree viewer */
$servers[$i]['host'] = 'ldap.example.com'; /* Examples: 'ldap.example.com', 'ldaps://ldap.example.com/'
Note: Leave blank to remove it from the list of servers in the
tree viewer*/
$servers[$i]['base'] = 'dc=example,dc=com';/* The base DN of your LDAP server. Leave this blank to have phpLDAPAdmin
auto-detect it for you. */
$servers[$i]['port'] = 389; /* The port your LDAP server listens on (no quotes) */
$servers[$i]['auth_type'] = 'config'; /* 2 options: 'form': you will be prompted, and a cookie stored
with your login dn and password. 'config': specify your login dn
and password here. In both cases, use caution! */
$servers[$i]['login_dn'] = 'cn=Manager,dc=example,dc=com'; /* For anonymous binds, leave the login_dn and
login_pass blank */
$servers[$i]['login_pass'] = 'secret'; /* Your password (only if you specified 'config' for 'auth_type' */
$servers[$i]['tls'] = false; /* Use TLS to connect. Requires PHP 4.2 or greater */
/* If you want to configure an additional LDAP server, do so below. */
$i++;
$servers[$i]['name'] = 'Another server';
$servers[$i]['host'] = '';
$servers[$i]['base'] = 'dc=example,dc=com';
$servers[$i]['port'] = 389;
$servers[$i]['auth_type'] = 'config';
$servers[$i]['login_dn'] = '';
$servers[$i]['login_pass'] = '';
$servers[$i]['tls'] = false;
$i++;
$servers[$i]['name'] = 'Another server';
$servers[$i]['host'] = '';
$servers[$i]['base'] = 'dc=example,dc=com';
$servers[$i]['port'] = 389;
$servers[$i]['auth_type'] = 'config';
$servers[$i]['login_dn'] = '';
$servers[$i]['login_pass'] = '';
$servers[$i]['tls'] = false;
/* If you want to configure more LDAP servers, copy and paste the sections above (including the "$i++;") */
// The temporary storage directory where we will put jpegPhoto data
// This directory must be readable and writable by your web server
$jpeg_temp_dir = "/tmp"; // for Unix systems
//$jpeg_temp_dir = "c:\\temp"; // for Windows systems
// Optional Configuration Below
/** **/
/** Appearance and Behavior **/
/** **/
// If you used auth_type 'form' in the servers list, you can adjust how long the cookie will last
// (default is 0 seconds, which expires when you close the browser)
$cookie_time = 0;
// How many pixels wide do you want your left frame view (for the tree browser)
$tree_width = 300;
// Do you want phpLDAPAdmin to check the schema of the server when you edit a DN and draw
// specialized for elements based on that schema (ie, for booleans, draw a true/false
// drop-down instead of a text box). This may cause a performance slow-down.
// Note:
// This will have problems with non-LDAP compliant servers that do not properly represent
// their schema.
$edit_dn_schema_lookup = true;
// How long to keep jpegPhoto temporary files around (in seconds)
$jpeg_tmp_keep_time = 120;
/** **/
/** Simple Search Form Config **/
/** **/
// Which attributes to include in the drop-down menu of the simple search form (comma-separated)
$search_attributes = "uid, cn, gidNumber";
// This list correlates to the list directly above. If you want to present more readable names
// for your search attributes, do so here. Both lists must have the same number of entries.
$search_attributes_display = "User Name, Full Name, Group ID";
// The list of attributes to display in each search result entry summary
$search_result_attributes = "dn, cn";
// Search methods in the drop down box for the simple search form
// (if you change this, you will also have to edit search.php to properly handle the new option)
$search_criteria_options = "equals, starts with, contains, ends with, sounds like";
/** **/
/** Templates for entry creation **/
/** **/
$templates = array();
// Fill in this array with templates that you can create to suit your needs.
// Each entry defines a description (for display in the template list) and
// a handler, which is a file that will be executed with certain POST vars set.
// See the templates provided here for an example of how to make your own template.
$templates[] =
array( 'desc' => 'User',
'icon' => 'images/user.png',
'handler' => 'new_user_template.php' );
$templates[] =
array( 'desc' => 'inetOrgPerson',
'icon' => 'images/user.png',
'handler' => 'new_address_template.php' );
$templates[] =
array( 'desc' => 'Organizational Unit',
'icon' => 'images/ou.png',
'handler' => 'new_ou_template.php' );
$templates[] =
array( 'desc' => 'Samba NT Machine',
'icon' => 'images/terminal.png',
'handler' => 'new_nt_machine.php' );
$templates[] =
array( 'desc' => 'DNS Entry',
'icon' => 'images/dc.png',
'handler' => 'new_dns_entry.php' );
/** **/
/** User-friendly attribute translation **/
/** **/
$friendly_attrs = array();
// Use this array to map attribute names to user friendly names. For example, if you
// don't want to see "facsimileTelephoneNumber" but rather "Fax".
$friendly_attrs[ 'facsimileTelephoneNumber' ] = 'Fax';
$friendly_attrs[ 'telephoneNumber' ] = 'Phone';
/** **/
/** Some phpLDAPAdmin code to be executed. No touchy. **/
/** **/
// Turn off notices about referencing arrays and such, but leave everything else on.
error_reporting( E_ALL ^ E_NOTICE );
// Always including the 'custom' template (the most generic and flexible)
$templates['custom'] =
array( 'desc' => 'Custom',
'icon' => 'images/object.png',
'handler' => 'custom.php' );
?>

167
copy.php Normal file
View File

@ -0,0 +1,167 @@
<?php
/*
* copy.php
* Copies a given object to create a new one.
*
* Vars that come in as POST vars
* - source_dn (rawurlencoded)
* - new_dn (form element)
* - server_id
*/
require 'config.php';
require_once 'functions.php';
session_start();
$source_dn = stripslashes( rawurldecode( $_POST['old_dn'] ) );
$dest_dn = stripslashes( $_POST['new_dn'] );
$encoded_dn = rawurlencode( $old_dn );
$source_server_id = $_POST['server_id'];
$dest_server_id = $_POST['dest_server_id'];
$do_recursive = $_POST['recursive'] == 'on' ? true : false;
check_server_id( $source_server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $source_server_id ) );
have_auth_info( $source_server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
check_server_id( $dest_server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $dest_server_id ) );
have_auth_info( $dest_server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
include 'header.php';
/* Error checking */
if( 0 == strlen( trim( $dest_dn ) ) )
pla_error( "You left the destination DN blank." );
if( strcasecmp( $source_dn,$dest_dn ) == 0 && $source_server_id == $dest_server_id )
pla_error( "The source and destination DN are the same." );
if( $do_recursive ) {
// build a tree similar to that of the tree browser to give to r_copy_dn
$snapshot_tree = array();
include 'header.php';
echo "<body>\n";
echo "<h3 class=\"title\">Copying " . htmlspecialchars( $source_dn ) . "</h3>\n";
echo "<h3 class=\"subtitle\">Recursive copy progress</h3>\n";
echo "<br /><br />";
echo "<small>\n";
echo "Building snapshot of tree to copy... ";
flush();
build_tree( $source_server_id, $source_dn, $snapshot_tree );
echo " <span style=\"color:green\">Success</span><br />\n";
flush();
// prevent script from bailing early on a long delete
@set_time_limit( 0 );
$copy_result = r_copy_dn( $source_server_id, $dest_server_id, $snapshot_tree, $source_dn, $dest_dn );
echo "</small>\n";
} else {
$copy_result = copy_dn( $source_server_id, $source_dn, $dest_server_id, $dest_dn );
}
if( $copy_result )
{
$edit_url="edit.php?server_id=$dest_server_id&dn=" . rawurlencode( $dest_dn );
$new_rdn = get_rdn( $dest_dn );
$container = get_container( $dest_dn );
if( session_is_registered( 'tree' ) )
{
$tree = $_SESSION['tree'];
$tree_icons = $_SESSION['tree_icons'];
if( isset( $tree[$dest_server_id][$container] ) )
{
$tree[$dest_server_id][$container][] = $dest_dn;
$tree_icons[$dest_server_id][$dest_dn] = get_icon( $dest_server_id, $dest_dn );
$_SESSION['tree'] = $tree;
$_SESSION['tree_icons'] = $tree_icons;
session_write_close();
}
}
?>
<!-- refresh the tree view (with the new DN renamed)
and redirect to the edit_dn page -->
<script language="javascript">
parent.left_frame.location.reload();
</script>
<br />
Copy successful! Would you like to <a href="<?php echo $edit_url; ?>">view the new entry</a>?
<br />
<br />
<br />
<br />
</body>
</html>
<?php
}
else
{
exit;
}
function r_copy_dn( $source_server_id, $dest_server_id, &$tree, $root_dn, $dest_dn )
{
echo "<nobr>Copying " . htmlspecialchars( utf8_decode( $root_dn ) ) . "...";
flush();
$copy_result = copy_dn( $source_server_id, $root_dn, $dest_server_id, $dest_dn );
if( ! $copy_result ) {
global $R_COPY_ERROR;
return false;
}
echo "<span style=\"color:green\">Success</span></nobr><br />\n";
flush();
$children = $tree[ $root_dn ];
if( is_array( $children ) && count( $children ) > 0 )
{
foreach( $children as $child_dn ) {
$child_rdn = get_rdn( $child_dn );
$new_dest_dn = $child_rdn . ',' . $dest_dn;
r_copy_dn( $source_server_id, $dest_server_id, $tree, $child_dn, $new_dest_dn );
}
}
else
{
return true;
}
return true;
}
function copy_dn( $source_server_id, $source_dn, $dest_server_id, $dest_dn )
{
global $ds;
$ds = pla_ldap_connect( $dest_server_id ) or pla_error( "Could not connect to LDAP server" );
$attrs = get_object_attrs( $source_server_id, $source_dn );
$new_entry = $attrs;
// modify the prefix-value (ie "bob" in cn=bob) to match the destination DN's value.
$rdn_attr = substr( $dest_dn, 0, strpos( $dest_dn, '=' ) );
$rdn_value = get_rdn( $dest_dn );
$rdn_value = substr( $rdn_value, strpos( $rdn_value, '=' ) + 1 );
$new_entry[ $rdn_attr ] = $rdn_value;
// don't need a dn attribute in the new entry
unset( $new_entry['dn'] );
$add_result = @ldap_add( $ds, $dest_dn, $new_entry );
if( ! $add_result ) {
echo "</small><br /><br />";
pla_error( "Failed to copy $source_dn (server: $source_server_id) to " .
"$dest_dn (server: $dest_server_id)", ldap_error( $ds ), ldap_errno( $ds ) );
}
return $add_result;
}
function build_tree( $source_server_id, $root_dn, &$tree )
{
$children = get_container_contents( $source_server_id, $root_dn );
if( is_array( $children ) && count( $children ) > 0 )
{
$tree[ $root_dn ] = $children;
foreach( $children as $child_dn )
build_tree( $source_server_id, $child_dn, $tree );
}
}

86
copy_form.php Normal file
View File

@ -0,0 +1,86 @@
<?php
/*
* copy_form.php
* Copies a given object to create a new one.
*
* - dn (rawurlencoded)
* - server_id
*/
require 'config.php';
require_once 'functions.php';
$dn = stripslashes( rawurldecode( $_GET['dn'] ) );
$encoded_dn = rawurlencode( $dn );
$server_id = $_GET['server_id'];
$rdn = ldap_explode_dn( $dn, 0 );
$container = $rdn[ 1 ];
for( $i=2; $i<count($rdn)-1; $i++ )
$container .= ',' . $rdn[$i];
$rdn = $rdn[0];
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
$attrs = get_object_attrs( $server_id, $dn );
$server_name = $servers[$server_id]['name'];
$select_server_html = "";
foreach( $servers as $id => $server )
{
if( $server['host'] )
{
$select_server_html .= "<option value=\"$id\"". ($id==$server_id?" selected":"") .">" . $server['name'] . "</option>\n";
}
}
$children = get_container_contents( $server_id, $dn );
?>
<?php include 'header.php'; ?>
<body>
<h3 class="title">Copy <?php echo $rdn; ?></h3>
<h3 class="subtitle">Server: <b><?php echo $server_name; ?></b> &nbsp;&nbsp;&nbsp; Distinguished Name: <b><?php echo $dn; ?></b></h3>
<center>
Copy <b><?php echo htmlspecialchars($rdn); ?></b> to a new object:<br />
<br />
<form action="copy.php" method="post" name="copy_form">
<input type="hidden" name="old_dn" value="<?php echo $encoded_dn; ?>" />
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<table>
<tr>
<td>Destination DN:</td>
<td>
<input type="text" name="new_dn" size="45" value="<?php echo htmlspecialchars($dn); ?>" />
<?php draw_chooser_link( 'copy_form.new_dn' ); ?></td>
</td>
</tr>
<tr>
<td>Destination Server:</td>
<td><select name="dest_server_id"><?php echo $select_server_html; ?></select></td>
</tr>
<tr>
<td colspan="2"><small>Note: Copying between different servers only works if there are no schema violations</small></td>
</tr>
<?php if( is_array( $children ) && count( $children ) > 0 ) { ?>
<tr>
<td colspan="2"><input type="checkbox" name="recursive" />
Recursively copy all children of this object as well.</td>
</tr>
<?php } ?>
<tr>
<td colspan="2" align="right"><input type="submit" value="Copy" /></td>
</tr>
</table>
</form>
</center>
</body>
</html>

114
create.php Normal file
View File

@ -0,0 +1,114 @@
<?php
/*
* create.php
* Creates a new object.
*
* Variables that come in as POST vars:
* - new_dn
* - attrs (an array of attributes)
* - vals (an array of values for the above attrs)
* - required_attrs (an array with indices being the attributes,
* and the values being their respective values)
* - object_classes (rawurlencoded, and serialized array of objectClasses)
* - server_id
*/
require 'config.php';
require_once 'functions.php';
$new_dn = stripslashes( $_POST['new_dn'] );
$new_dn = utf8_encode( $new_dn );
$encoded_dn = rawurlencode( $new_dn );
$server_id = $_POST['server_id'];
$vals = $_POST['vals'];
$attrs = $_POST['attrs'];
$required_attrs = $_POST['required_attrs'];
$object_classes = unserialize( rawurldecode( $_POST['object_classes'] ) );
$container = get_container( $new_dn );
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
// build the new entry
$new_entry = array();
if( isset( $required_attrs ) && is_array( $required_attrs ) )
{
foreach( $required_attrs as $attr => $val )
{
if( $val == '' )
pla_error( "Error, you left the value for required attribute <b>" .
htmlspecialchars( $attr ) . "</b> blank." );
$attr = stripslashes( $attr );
$val = stripslashes( $val );
$new_entry[ $attr ][] = utf8_encode( $val );
}
}
if( isset( $vals ) && is_array( $vals ) )
{
foreach( $vals as $i => $val )
{
$val = stripslashes( $val );
$attr = $attrs[$i];
$attr = stripslashes( $attr );
if( trim($val) )
$new_entry[ $attr ][] = utf8_encode( $val );
}
}
$new_entry['objectClass'] = $object_classes;
if( ! in_array( 'top', $new_entry['objectClass'] ) )
$new_entry['objectClass'][] = 'top';
$ds = pla_ldap_connect( $server_id );
$add_result = @ldap_add( $ds, $new_dn, $new_entry );
if( $add_result )
{
$edit_url="edit.php?server_id=$server_id&dn=" . rawurlencode( $new_dn );
// update the session tree to reflect the change
session_start();
if( session_is_registered( 'tree' ) )
{
$tree = $_SESSION['tree'];
$tree_icons = $_SESSION['tree_icons'];
if( isset( $tree[$server_id][$container] ) ) {
$tree[$server_id][$container][] = $new_dn;
$tree_icons[$server_id][$new_dn] = get_icon( $server_id, $new_dn );
}
$_SESSION['tree'] = $tree;
$_SESSION['tree_icons'] = $tree_icons;
session_write_close();
}
?>
<html>
<head>
<?php if( isset( $tree[$server_id][$container] ) ) { ?>
<!-- refresh the tree view (with the new DN renamed)
and redirect to the edit_dn page -->
<script language="javascript">
parent.left_frame.location.reload();
</script>
<?php } ?>
<meta http-equiv="refresh" content="0; url=<?php echo $edit_url; ?>" />
</head>
<body>
Redirecting... <a href="<?php echo $edit_url; ?>">here</a>.
</body>
</html>
<?php
}
else
{
pla_error( "Could not add the object to the LDAP server.", ldap_error( $ds ), ldap_errno( $ds ) );
}
?>

81
create_form.php Normal file
View File

@ -0,0 +1,81 @@
<?php
/*
* create_form.php
* The menu where the user chooses an RDN, Container, and Template for creating a new entry.
* After submitting this form, the user is taken to their chosen Template handler.
*
* Variables that come in as GET vars
* - server_id (optional)
* - container (rawurlencoded) (optional)
*/
require 'config.php';
require_once 'functions.php';
$server_id = $_REQUEST['server_id'];
$step = $_REQUEST['step'] ? $_REQUEST['step'] : 1; // defaults to 1
$container = stripslashes( $_REQUEST['container'] );
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
$server_name = $servers[$server_id]['name'];
// build the server drop-down html
$server_menu_html = '<select name="server_id">';
$js_dn_list = '';
foreach( $servers as $id => $server ) {
if( $server['host'] ) {
$server_menu_html .= '<option value="'.$id.'"' . ( $id==$server_id? ' selected' : '' ) . '>';
$server_menu_html .= $server['name'] . '</option>';
}
}
$server_menu_html .= '</select>';
?>
<?php include 'header.php'; ?>
<body>
<h3 class="title">Create Object</h3>
<h3 class="subtitle">Choose a template</h3>
<center><h3>Select a template for the creation process</h3></center>
<form action="creation_template.php" method="post">
<input type="hidden" name="container" value="<?php echo htmlspecialchars( $container ); ?>" />
<table class="create">
<tr>
<td class="heading">Server:</td>
<td><?php echo $server_menu_html; ?></td>
</tr>
<tr>
<td class="heading">Template:</td>
<td>
<table class="templates">
<?php foreach( $templates as $name => $template ) { ?>
<tr>
<td><input type="radio"
name="template"
value="<?php echo htmlspecialchars($name);?>"
id="<?php echo htmlspecialchars($name); ?>" /></td>
<td><label for="<?php echo htmlspecialchars($name);?>">
<img src="<?php echo $template['icon']; ?>" /></label></td>
<td><label for="<?php echo htmlspecialchars($name);?>">
<?php echo htmlspecialchars( $template['desc'] ); ?></label></td>
</tr>
<?php } ?>
</table>
</td>
</tr>
<tr>
<td colspan="2"><center><input type="submit" name="submit" value="Proceed &gt;&gt;" /></center></td>
</tr>
</table>
</form>
</body>
</html>

45
creation_template.php Normal file
View File

@ -0,0 +1,45 @@
<?php
/* file: creation_template.php
* This file simply acts as a plugin grabber for the creator templates in
* the directory templates/creation/
*
* Expected POST vars:
* server_id
* template
*/
require 'config.php';
require_once 'functions.php';
$template = stripslashes( $_POST['template'] );
$template = $templates[$template];
$server_id = $_POST['server_id'];
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
$server_name = $servers[ $server_id ][ 'name' ];
include 'header.php';
?>
<body>
<h3 class="title">Create Object</h3>
<h3 class="subtitle">On server '<?php echo htmlspecialchars( $server_name ); ?>',
using template '<?php echo htmlspecialchars( $template['desc'] ); ?>'</h3>
<?php
if( ! isset( $_POST['template'] ) )
pla_error( "No template specified in POST variables.\n" );
$handler = 'templates/creation/' . $template['handler'];
if( file_exists( $handler ) )
include $handler;
else
pla_error( "Your config specifies a handler of <b>" . htmlspecialchars( $template['handler'] ) .
"</b> for this template. But, this handler does not exist in the 'templates/creation' directory." );

65
delete.php Normal file
View File

@ -0,0 +1,65 @@
<?php
/*
* delete.php
* Deletes a DN and presents a "job's done" message.
*
* Variables that come in as POST vars:
* - dn (rawurlencoded)
* - server_id
*/
require 'config.php';
require_once 'functions.php';
$encoded_dn = $_POST['dn'];
$dn = stripslashes( rawurldecode( $encoded_dn ) );
$server_id = $_POST['server_id'];
if( $dn === null )
pla_error( "You must specify a DN." );
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
$ds = pla_ldap_connect( $server_id ) or pla_error( "Could not connect to LDAP server" );
$del_result = @ldap_delete( $ds, $dn );
if( $del_result )
{
// kill the DN from the tree browser session variable and
// refresh the tree viewer frame (left_frame)
session_start();
if( session_is_registered( 'tree' ) )
{
$tree = $_SESSION['tree'];
// does it have children? (it shouldn't, but hey, you never know)
if( isset( $tree[$server_id][$dn] ) )
unset( $tree[$server_id][$dn] );
// search and destroy
foreach( $tree[$server_id] as $tree_dn => $subtree )
foreach( $subtree as $key => $sub_tree_dn )
if( 0 == strcasecmp( $sub_tree_dn, $dn ) )
unset( $tree[$server_id][$tree_dn][$key] );
}
$_SESSION['tree'] = $tree;
session_write_close();
?>
<script language="javascript">
parent.left_frame.location.reload();
</script>
Object deleted successfully.
<?php
} else {
pla_error( "Could not delete the object: " . htmlspecialchars( utf8_decode( $dn ) ), ldap_error( $ds ), ldap_errno( $ds ) );
}

157
delete_form.php Normal file
View File

@ -0,0 +1,157 @@
<?php
/*
* delete_form.php
* Displays a last chance confirmation form to delete a dn.
*
* Variables that come in as GET vars:
* - dn (rawurlencoded)
* - server_id
*/
require 'config.php';
require_once 'functions.php';
$dn = stripslashes( $_GET['dn'] );
$encoded_dn = rawurlencode( $dn );
$server_id = $_GET['server_id'];
$rdn = ldap_explode_dn( $dn, 0 );
$rdn = $rdn[0];
$server_name = $servers[$server_id]['name'];
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
$children = get_container_contents( $server_id, $dn );
$has_children = count($children)>0 ? true : false;
?>
<?php include 'header.php'; ?>
<body>
<h3 class="title">Delete <b><?php echo htmlspecialchars( utf8_decode( $rdn ) ); ?></b></h3>
<h3 class="subtitle">Server: <b><?php echo $server_name; ?></b> &nbsp;&nbsp;&nbsp; Distinguished Name: <b><?php echo htmlspecialchars( utf8_decode( $dn ) ); ?></b></h3>
<?php if( 0 == strcasecmp( $dn, $servers[$server_id]['base'] ) ) { ?>
<center><b>You cannot delete the base <acronym title="Distinguished Name">DN</acronym> entry of the LDAP server.</b></center>
</body>
</html>
<?php exit; ?>
<?php } ?>
<?php if( $has_children ) { ?>
<center><b>Permanently delete all children also?</b><br /><br />
<?php
flush(); // so the user can get something on their screen while we figure out how many children this object has
if( $has_children ) {
// get the total number of child objects (whole sub-tree)
$s = pla_ldap_search( $server_id, 'objectClass=*', $dn, array('dn'), 'sub' );
$sub_tree_count = count( $s );
}
?>
<table class="delete_confirm">
<td>
<p>This object is the root of a sub-tree containing <a href="search.php?search=true&amp;server_id=<?php echo $server_id; ?>&amp;filter=<?php echo rawurlencode('objectClass=*'); ?>&amp;base_dn=<?php echo $encoded_dn; ?>&amp;form=advanced&amp;scope=sub"><?php echo ($sub_tree_count); ?> objects</a>
phpLDAPAdmin can recursively delete this object and all <?php echo ($sub_tree_count-1); ?> of its children. See below for a list of DNs
that this will delete. Do you want to do this?<br />
<br />
<small>Note: This is potentially very dangerous and you do this at your own risk. This operation cannot be undone.
Take into consideration aliases and other such things that may cause problems.</small>
<br />
<br />
<table width="100%">
<tr>
<td>
<center>
<form action="rdelete.php" method="post">
<input type="hidden" name="dn" value="<?php echo $encoded_dn; ?>" />
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="submit" class="scary" value="Delete all <?php echo ($sub_tree_count); ?> objects" />
</form>
</td>
<td>
<center>
<form action="edit.php" method="get">
<input type="hidden" name="dn" value="<?php echo $encoded_dn; ?>" />
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="submit" name="submit" value="Cancel" class="cancel" />
</form>
</center>
</td>
</tr>
</table>
</td>
</table>
<?php flush(); ?>
<br />
<br />
A list of all the <?php echo ($sub_tree_count); ?> <acronym title="Distinguished Name">DN</acronym>s that this action will delete:<br />
<select size="<?php echo min( 10, $sub_tree_count );?>" multiple disabled style="background:white; color:black;width:500px" >
<?php $i=0; ?>
<?php foreach( $s as $dn => $junk ) { ?>
<?php $i++; ?>
<option><?php echo $i; ?>. <?php echo htmlspecialchars( utf8_decode( $dn ) ); ?></option>
<?php } ?>
</select>
<br />
<?php } else { ?>
<center>
<table class="delete_confirm">
<td>
Are you sure you want to permanently delete this object?<br />
<br />
<nobr><acronym title="Distinguished Name">DN</acronym>: <b><?php echo htmlspecialchars(utf8_decode($dn)); ?></b><nobr><br />
<nobr>Server: <b><?php echo htmlspecialchars($server_name); ?></b></nobr><br />
<br />
<table width="100%">
<tr>
<td>
<center>
<form action="delete.php" method="post">
<input type="hidden" name="dn" value="<?php echo $encoded_dn; ?>" />
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="submit" name="submit" value="Delete It" class="scary" />
</center>
</form>
</td>
<td>
<center>
<form action="edit.php" method="get">
<input type="hidden" name="dn" value="<?php echo $encoded_dn; ?>" />
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="submit" name="submit" value="Cancel" class="cancel" />
</form>
</center>
</td>
</tr>
</table>
</td>
</table>
</center>
<?php } ?>
</body>
</html>

472
edit.php Normal file
View File

@ -0,0 +1,472 @@
<?php
/*
* edit.php
* Displays the specified dn from the specified server for editing
*
* Variables that come in as GET vars:
* - dn (rawurlencoded)
* - server_id
*/
/** If an entry has more children than this, stop searching and display this amount with a '+' */
$max_children = 100;
require 'config.php';
require_once 'functions.php';
$dn = stripslashes( rawurldecode( $_GET['dn'] ) );
$encoded_dn = rawurlencode( $dn );
$updated_attr = stripslashes( $_GET['updated_attr'] );
$server_id = $_GET['server_id'];
$show_internal_attrs = isset( $_GET['show_internal_attrs'] ) ? true : false;
$rdn = ldap_explode_dn( $dn, 0 );
$rdn = $rdn[0];
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
pla_ldap_connect( $server_id ) or pla_error( "Coult not connect to LDAP server." );
$friendly_attrs = process_friendly_attr_table();
$attrs = get_object_attrs( $server_id, $dn );
pla_ldap_connect( $server_id ) or pla_error( "Could not connect to LDAP server" );
$system_attrs = get_entry_system_attrs( $server_id, $dn );
if( ! $attrs )
pla_error( "No such dn, " . htmlspecialchars( utf8_decode( $dn ) ) );
$server_name = $servers[$server_id]['name'];
// build a list of attributes available for this object based on its objectClasses
$oclasses = get_object_attr( $server_id, $dn, 'objectClass' );
if( ! is_array( $oclasses ) )
$oclasses = array( $oclasses );
$avail_attrs = array();
$schema_oclasses = get_schema_objectclasses( $server_id, true );
foreach( $oclasses as $oclass )
$avail_attrs = array_merge( $schema_oclasses[ strtolower( $oclass ) ]['must_attrs'],
$schema_oclasses[ strtolower( $oclass ) ]['may_attrs'],
$avail_attrs );
$avail_attrs = array_unique( $avail_attrs );
$avail_attrs = array_filter( $avail_attrs, "not_an_attr" );
sort( $avail_attrs );
/* A boolean flag to indicate whether this entry has a jpegPhoto associated with it.
* TODO If it does, the jpegPhotos will be drawn at the bottom of the form */
$has_jpeg_photo = false;
?>
<?php include 'header.php'; ?>
<body>
<h3 class="title"><?php echo htmlspecialchars( utf8_decode( $rdn ) ); ?></h3>
<h3 class="subtitle">Server: <b><?php echo $server_name; ?></b> &nbsp;&nbsp;&nbsp; Distinguished Name: <b><?php echo htmlspecialchars( utf8_decode( $dn ) ); ?></b></h3>
<table class="edit_dn_menu">
<tr>
<?php $time = gettimeofday(); $random_junk = md5( strtotime( 'now' ) . $time['usec'] ); ?>
<td><img src="images/refresh.png" /></td>
<td><a href="edit.php?server_id=<?php echo $server_id; ?>&amp;dn=<?php echo $encoded_dn; ?>&amp;random=<?php
echo $random_junk; ?>"
title="Refresh this entry">Refresh</a></td>
</tr>
<?php if( 0 != strcasecmp( $dn, $servers[$server_id]['base'] ) ) { ?>
<?php /* We won't allow them to delete the base dn of the server */ ?>
<tr>
<td><img src="images/trash.png" /></td>
<td><a href="delete_form.php?server_id=<?php echo $server_id; ?>&amp;dn=<?php echo $encoded_dn; ?>"
title="You will be prompted to confirm this decision">Delete this entry</a></td>
</tr>
<?php } ?>
<tr>
<td><img src="images/cut.png" /></td>
<td><a href="copy_form.php?server_id=<?php echo $server_id; ?>&amp;dn=<?php echo $encoded_dn?>"
title="Copy this object to another location, a new DN, or another server">Copy this entry</a></td>
</tr>
<tr>
<td><img src="images/save.png" /></td>
<?php $ldif_url = "ldif_export.php?server_id=$server_id&amp;dn=$encoded_dn&amp;scope=base"; ?>
<td><a href="<?php echo $ldif_url; ?>" title="Save an LDIF dump of this object">Export to LDIF</a>
(<a href="<?php echo $ldif_url; ?>&amp;format=mac" title="Macintosh style carriage returns">mac</a>)
(<a href="<?php echo $ldif_url; ?>&amp;format=win" title="Windows style carriage returns">win</a>)
(<a href="<?php echo $ldif_url; ?>&amp;format=unix" title="Unix style carriage returns">unix</a>)
</td>
</tr>
<tr>
<td><img src="images/star.png" /></td>
<td><a href="<?php echo "create_form.php?server_id=$server_id&amp;container=$encoded_dn"; ?>">Create a child entry</a></td>
</tr>
<?php flush(); ?>
<?php $children = get_container_contents( $server_id, $dn, $max_children );
if( ($children_count = count( $children ) ) > 0 ) {
if( $children_count == $max_children )
$children_count = $children_count . '+';
?>
<tr>
<td><img src="images/children.png" /></td>
<td><a href="search.php?search=true&amp;server_id=<?php echo $server_id; ?>&amp;filter=<?php echo rawurlencode('objectClass=*'); ?>&amp;base_dn=<?php echo $encoded_dn; ?>&amp;form=advanced&amp;scope=one">View <?php echo $children_count; ?> <?php echo ($children_count==1?'child':'children');?></a></td>
</tr>
<?php } ?>
<?php if( $children_count > 0 ) { ?>
<tr>
<td><img src="images/save.png" /></td>
<?php $ldif_url = "ldif_export.php?server_id=$server_id&amp;dn=$encoded_dn&amp;scope=sub"; ?>
<td><a href="<?php echo $ldif_url; ?>" title="Save an LDIF dump of this object and all of its children">Export subtree to LDIF</a>
(<a href="<?php echo $ldif_url; ?>&amp;format=mac" title="Macintosh style carriage returns">mac</a>)
(<a href="<?php echo $ldif_url; ?>&amp;format=win" title="Windows style carriage returns">win</a>)
(<a href="<?php echo $ldif_url; ?>&amp;format=unix" title="Unix style carriage returns">unix</a>)
</td>
</tr>
<?php } ?>
<?php if( in_array( 'jpegPhoto', $avail_attrs ) ) { ?>
<?php $new_jpeg_href = "new_jpeg_photo_form.php?server_id=$server_id&amp;dn=$encoded_dn&amp;attr=jpegPhoto"; ?>
<tr>
<td><img src="images/photo.png" /></td>
<td><a href="<?php echo $new_jpeg_href; ?>">Add a jpegPhoto</a></td>
</tr>
<?php } ?>
</table>
<br />
<table class="edit_dn" cellspacing="0">
<!-- Form to rename this entry -->
<tr class="row1">
<td class="heading"><acronym title="Change this entry's RDN">Rename Entry</acronym></td>
<td class="heading" align="right">
<nobr>
<form action="rename.php" method="post" class="edit_dn" />
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="dn" value="<?php echo $encoded_dn; ?>" />
<input type="text" name="new_rdn" size="40" value="<?php echo htmlspecialchars( utf8_decode( $rdn ) ); ?>" />
<input class="update_dn" type="submit" value="Rename" />
</form>
</nobr>
</td>
<tr class="spacer"><td colspan="2"></td></tr>
<form action="new_attr.php" method="post">
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="dn" value="<?php echo $encoded_dn; ?>" />
<!-- Form to add a new attribute to this entry -->
<tr class="row1">
<td class="heading">
<nobr>
<acronym title="Add a new attribute/value to this entry">Add New Attribute</acronym>
</nobr>
</td>
<td class="heading" align="right"><nobr>
<?php if( is_array( $avail_attrs ) && count( $avail_attrs ) > 0 ) { ?>
<select name="attr">
<?php foreach( $avail_attrs as $a ) {
// is there a user-friendly translation available for this attribute?
if( isset( $friendly_attrs[ strtolower( $a ) ] ) ) {
$attr_display = htmlspecialchars( $friendly_attrs[ strtolower( $a ) ] ) . " (" .
htmlspecialchars($a) . ")";
} else {
$attr_display = htmlspecialchars( $a );
}
echo $attr_display;
$attr_select_html .= "<option>$attr_display</option>\n";
echo "<option value=\"" . htmlspecialchars($a) . "\">$attr_display</option>";
} ?>
</select>
<input type="text" name="val" size="20" />
<input type="submit" name="submit" value="Add" class="update_dn" />
<?php } else { ?>
<small>(no new attributes available for this entry)</small>
<?php } ?>
</nobr></td>
</form>
</tr>
<?php flush(); ?>
<tr class="spacer"><td colspan="2"></td></tr>
<tr class="row1">
<td class="heading" colspan="2">
<nobr>
<?php if( $show_internal_attrs ) { ?>
<a href="edit.php?server_id=<?php echo $server_id; ?>&amp;dn=<?php echo $encoded_dn; ?>"
><img src="images/minus.png" title="Hide internal attributes" /></a>
<acronym title="Attributes set automatically by the system">Internal Attriubtes</acronym>
<?php } else { ?>
<a href="edit.php?server_id=<?php echo $server_id; ?>&amp;dn=<?php echo $encoded_dn; ?>&amp;show_internal_attrs=true">
<img src="images/plus.png" title="Show internal attributes" /></a>
<acronym title="Attributes set automatically by the system (click + to display)">Internal Attriubtes</acronym>
<small>(hidden)</small>
<?php } ?>
</nobr>
</td>
</tr>
<?php
if( $show_internal_attrs ) {
$counter = 0;
foreach( get_entry_system_attrs( $server_id, $dn ) as $attr => $val ) {
$counter++
?>
<tr class="<?php echo ($counter%2==0?'row1':'row2');?>">
<td class="attr"><b><?php echo htmlspecialchars( $attr ); ?></b></td>
<td class="val"><?php echo htmlspecialchars( $val ); ?></td>
</tr>
<?php }
if( $counter == 0 )
echo "<tr class=\"row2\"><td colspan=\"2\"><center>(none)</center></td></tr>\n";
}
?>
<?php flush(); ?>
<tr class="spacer"><td colspan="2"></td></tr>
<!-- Table of attributes/values to edit -->
<tr class="row1">
<td class="heading" colspan="2">
<nobr>
<acronym title="Edit the contents of the form below and click Save.">Modify Attributes</acronym>
</nobr>
</td>
</tr>
<form action="update_confirm.php" method="post">
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="dn" value="<?php echo rawurlencode($dn); ?>" />
<?php if( $edit_dn_schema_lookup ) $schema_attrs = get_schema_attributes( $server_id ); ?>
<?php $counter=0; ?>
<?php foreach( $attrs as $attr => $vals ) {
flush();
if( $attr == 'dn' )
continue;
// is there a user-friendly translation available for this attribute?
if( isset( $friendly_attrs[ strtolower( $attr ) ] ) ) {
$attr_display = "<acronym title=\"Alias for $attr\">" .
$friendly_attrs[ strtolower( $attr ) ] . "</acronym>";
} else {
$attr_display = $attr;
}
?>
<?php if( $attr == $updated_attr ) { ?>
<tr class="updated_attr">
<?php } else { ?>
<?php if( $counter++ % 2 == 0 ) { ?>
<tr class="row2">
<?php } else { ?>
<tr class="row1">
<?php } ?>
<?php } ?>
<?php $add_href = "add_value_form.php?server_id=$server_id&amp;dn=$encoded_dn&amp;attr=" . rawurlencode( $attr ); ?>
<td class="attr">
<b><?php echo $attr_display; ?></b><br />
<small>(<a href="<?php echo $add_href; ?>"
title="Add an additional value to this attribute">add value</a>)</small>
</td>
<td class="val">
<?php if( 0==strcasecmp( $attr, 'jpegPhoto' ) ) {
$has_jpeg_photo = true;
// Don't draw the delete buttons if there is more than one jpegPhoto
// (phpLDAPAdmin can't handle this case yet)
if( is_array( $vals ) )
draw_jpeg_photos( $server_id, $dn, false );
else
draw_jpeg_photos( $server_id, $dn, true );
// proceed to the next attribute
continue;
} ?>
<?php /*
* This is next IF statement is a KLUGE!! If anyone knows a better way to check for
* binary data that works with UTF-8 encoded strings, please help
*/
?>
<?php if( 0==strcasecmp( $attr, 'networkAddress' ) ) { ?>
<small>This attribute contains binary data,<br />
which cannot be safely displayed<br />
or edited in a web-browser.</small>
</td>
<?php continue; ?>
<?php } ?>
<?php /* is this a multi-valued attribute? */ ?>
<?php if( is_array( $vals ) ) { ?>
<?php foreach( $vals as $i => $val ) { ?>
<?php $val = utf8_decode( $val ); ?>
<nobr>
<!-- The old_values array will let update.php know if the entry contents changed
between the time the user loaded this page and saved their changes. -->
<input type="hidden"
name="old_values[<?php echo htmlspecialchars( $attr ); ?>][<?php echo $i; ?>]"
value="<?php echo htmlspecialchars($val); ?>" />
<input type="text"
size="60"
name="new_values[<?php echo htmlspecialchars( $attr ); ?>][<?php echo $i; ?>]"
value="<?php echo htmlspecialchars($val); ?>" /></nobr><br />
<?php } ?>
<?php /* this a single-valued attribute */ ?>
<?php } else { ?>
<?php $val = $vals; ?>
<?php $val = utf8_decode( $val ); ?>
<nobr>
<?php /* This series of if/elseif/else is for special cases of attributes (userPassword, boolean, etc) */ ?>
<?php if( 0 == strcasecmp( $attr, 'userpassword' ) ) { ?>
<?php /* Capture the stuff in the { } if any */
preg_match( "/{([^}]+)}/", $val, $enc_type); $enc_type = strtolower($enc_type[1]); ?>
<?php /* handle crypt types */
if($enc_type == "crypt") {
preg_match( '/{[^}]+}\$(.)\$/', $val, $salt);
switch( $salt[1] ) {
case '': // CRYPT_STD_DES
$enc_type = "crypt";
break;
case '1': // CRYPT_MD5
$enc_type = "md5crypt";
break;
case '2': // CRYPT_BLOWFISH
$enc_type = "blowfish";
break;
default:
$enc_type = "crypt";
}
} ?>
<input type="hidden"
name="old_values[userpassword]"
value="<?php echo htmlspecialchars($val); ?>" />
<input size="48"
type="text"
name="new_values[userpassword]"
value="<?php echo htmlspecialchars($val); ?>" />
<select name="enc_type">
<option>clear</option>
<option<?php echo $enc_type=='crypt'?' selected':''; ?>>crypt</option>
<option<?php echo $enc_type=='md5'?' selected':''; ?>>md5</option>
<option<?php echo $enc_type=='md5crypt'?' selected':''; ?>>md5crypt</option>
<option<?php echo $enc_type=='blowfish'?' selected':''; ?>>blowfish</option>
<option<?php echo $enc_type=='sha'?' selected':''; ?>>sha</option>
</select>
<?php } elseif( $edit_dn_schema_lookup &&
'Boolean' == $schema_attrs[ strtolower($attr) ]['type'] ) { ?>
<input type="hidden"
name="old_values[<?php echo htmlspecialchars( $attr ); ?>]"
value="<?php echo htmlspecialchars($val); ?>" />
<select name="new_values[<?php echo htmlspecialchars( $attr ); ?>]">
<option value="TRUE"<?php echo ($val=='TRUE' ? ' selected' : ''); ?>>TRUE</option>
<option value="FALSE"<?php echo ($val=='FALSE' ? ' selected' : ''); ?>>FALSE</option>
<option value="">(none -- remove value)</option>
</select>
<?php } else { ?>
<input type="hidden"
name="old_values[<?php echo htmlspecialchars( $attr ); ?>]"
value="<?php echo htmlspecialchars($val); ?>" />
<input size="60"
type="text"
name="new_values[<?php echo htmlspecialchars( $attr ); ?>]"
value="<?php echo htmlspecialchars($val); ?>" />
<?php } ?>
</nobr>
<?php } ?>
</td>
</tr>
<?php } ?>
<tr><td colspan="2"><center><input type="submit" value="Save Changes" /></center></form></td></tr>
<?php
?>
</table>
<?php /* If this entry has a jpegPhoto, we need to provide a form for it to submit when deleting it. */ ?>
<?php if( $has_jpeg_photo ) { ?>
<script language="javascript">
<!--
function deleteJpegPhoto()
{
if( confirm( "Really delete jpegPhoto?" ) )
document.delete_jpeg_photo_form.submit();
}
-->
</script>
<!-- TODO: Go to update_confirm.php instead of directly to update.php -->
<form name="delete_jpeg_photo_form" action="update.php" method="post">
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="dn" value="<?php echo $encoded_dn; ?>" />
<input type="hidden" name="update_array[jpegPhoto]" value="" />
</form>
<?php } ?>
<?php
function not_an_attr( $x )
{
global $attrs;
return ! isset( $attrs[ strtolower( $x ) ] );
}
?>

6
entry_chooser.js Normal file
View File

@ -0,0 +1,6 @@
function dnChooserPopup( form_element )
{
mywindow=open('entry_chooser.php','myname','resizable=no,width=600,height=370,scrollbars=1');
mywindow.location.href = 'entry_chooser.php?form_element=' + form_element;
if (mywindow.opener == null) mywindow.opener = self;
}

73
entry_chooser.php Normal file
View File

@ -0,0 +1,73 @@
<?php
require 'config.php';
require_once 'functions.php';
$container = isset( $_GET['container'] ) ? rawurldecode( $_GET['container'] ) : false;
$server_id = isset( $_GET['server_id'] ) ? $_GET['server_id'] : false;
$return_form_element = $_GET['form_element'];
include "header.php";
echo "<h3 class=\"subtitle\">Automagic Entry Chooser</h3>\n";
if( $container ) {
echo "Server: <b>" . htmlspecialchars( $servers[ $server_id ][ 'name' ] ) . "</b><br />\n";
echo "Looking in: <b>" . htmlspecialchars( $container ) . "</b><br />\n";
}
if( $server_id !== false && $container !== false )
{
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. ".
"Please check your configuration." );
pla_ldap_connect( $server_id ) or pla_error( "Coult not connect to LDAP server." );
$dn_list = get_container_contents( $server_id, $container );
$base_dn = $servers[ $server_id ][ 'base' ];
if( ! $base_dn )
$base_dn = try_to_get_root_dn( $server_id );
if( $container == $base_dn ) {
$parent_container = false;
$up_href = "entry_chooser.php?form_element=$return_form_element";
} else {
$parent_container = get_container( $container );
$up_href = "entry_chooser.php?form_element=$return_form_element&amp;server_id=$server_id&amp;container=" .
rawurlencode( $parent_container );
}
echo "&nbsp;<a href=\"$up_href\" style=\"text-decoration:none\">" .
"<img src=\"images/up.png\"> Back Up...</a><br />\n";
if( count( $dn_list ) == 0 )
echo "&nbsp;&nbsp;&nbsp;(no entries)<br />\n";
else
foreach( $dn_list as $dn ) {
$href = "javascript:returnDN( '$dn' )";
echo "&nbsp;&nbsp;&nbsp;<a href=\"entry_chooser.php?form_element=$return_form_element&amp;server_id=$server_id&amp;container=" .
rawurlencode( $dn ) . "\"><img src=\"images/plus.png\" /></a> " .
"<a href=\"$href\">" . htmlspecialchars( $dn ) . "</a><br />\n";
}
}
else
{
foreach( $servers as $id => $server ) {
if( $server['host'] ) {
echo htmlspecialchars( $server['name'] ) . "<br />\n";
$dn = ( $server['base'] ? $server['base'] : try_to_get_root_dn( $id ) );
$href = "javascript:returnDN( '$dn' )";
echo "&nbsp;&nbsp;&nbsp;<a href=\"entry_chooser.php?form_element=$return_form_element&amp;server_id=$id&amp;container=" .
rawurlencode( $dn ) . "\"><img src=\"images/plus.png\" /></a> " .
"<a href=\"$href\">" . htmlspecialchars( $dn ) . "</a><br />\n";
}
}
}
?>
<script language="javascript">
function returnDN( dn )
{
opener.document.<?php echo $return_form_element; ?>.value = dn;
close();
}
</script>

60
expand.php Normal file
View File

@ -0,0 +1,60 @@
<?php
/*
* expand.php
* This script alters the session variable 'tree', expanding it
* at the dn specified in the query string.
*
* Variables that come in as GET vars:
* - dn (rawurlencoded)
* - server_id
*
* Note: this script is equal and opposite to collapse.php
*/
require 'config.php';
require_once 'functions.php';
// no expire header stuff
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
$dn = stripslashes( $_GET['dn'] );
$encoded_dn = rawurlencode( $dn );
$server_id = $_GET['server_id'];
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
session_start();
session_is_registered( 'tree' ) or pla_error( "Your session tree is not registered. That's weird. Shouldn't ever happen".
". Just go back and it should be fixed automagically." );
$tree = $_SESSION['tree'];
$tree_icons = $_SESSION['tree_icons'];
pla_ldap_connect( $server_id ) or pla_error( "Could not connect to LDAP server" );
$contents = get_container_contents( $server_id, $dn );
sort( $contents );
$tree[$server_id][$dn] = $contents;
foreach( $contents as $dn )
$tree_icons[$server_id][$dn] = get_icon( $server_id, $dn );
$_SESSION['tree'] = $tree;
$_SESSION['tree_icons'] = $tree_icons;
session_write_close();
// This is for Opera. By putting "random junk" in the query string, it thinks
// that it does not have a cached version of the page, and will thus
// fetch the page rather than display the cached version
$time = gettimeofday();
$random_junk = md5( strtotime( 'now' ) . $time['usec'] );
header( "Location: tree.php?foo=$random_junk#{$server_id}_{$encoded_dn}" );
?>

1174
functions.php Normal file
View File

File diff suppressed because it is too large Load Diff

11
header.php Normal file
View File

@ -0,0 +1,11 @@
<?php echo "<?xml version=\"1.0\" encoding=\"utf-8\?>\n"; ?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML Basic 1.0//EN"
"http://www.w3.org/TR/xhtml-basic/xhtml-basic10.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="no-NO">
<head>
<title>phpLDAPAdmin</title>
<link rel="stylesheet" href="style.css" />
<script src="entry_chooser.js"></script>
</head>

BIN
images/bug.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 278 B

BIN
images/children.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 438 B

BIN
images/country.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 707 B

BIN
images/cut.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 340 B

BIN
images/dc.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.1 KiB

BIN
images/find.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.4 KiB

BIN
images/folder.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.2 KiB

BIN
images/light.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 733 B

BIN
images/locality.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 751 B

BIN
images/lock.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 858 B

BIN
images/mail.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 899 B

BIN
images/minus.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 98 B

BIN
images/move.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 483 B

BIN
images/o.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.3 KiB

BIN
images/object.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.3 KiB

BIN
images/ou.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.3 KiB

BIN
images/phone.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 878 B

BIN
images/photo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 572 B

BIN
images/plus.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 102 B

BIN
images/refresh.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 785 B

BIN
images/save.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 658 B

BIN
images/server.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.4 KiB

BIN
images/star.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 700 B

BIN
images/terminal.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 851 B

BIN
images/trash.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 678 B

BIN
images/uid.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 654 B

BIN
images/up.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 382 B

BIN
images/user.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 773 B

161
index.php Normal file
View File

@ -0,0 +1,161 @@
<?php/*
If you are seeing this in your browser,
PHP is not installed on your web server!!!
*/?>
<?php require_once( 'functions.php' ); ?>
<?php if( ! file_exists( 'config.php' ) ) { ?>
<html>
<head>
<title>phpLDAPAdmin - <?php echo pla_version(); ?></title>
<link rel="stylesheet" href="style.css" />
</head>
<body>
<h3 class="title">Configure phpLDAPAdmin</h1>
<br />
<br />
<center>
You need to configure phpLDAPAdmin. Edit the file 'config.php' to do so.<br />
<br />
An example config file is provided in 'config.php.example'
</center>
</body>
</html>
<?php } elseif( check_config() ) {
require 'config.php';
echo "<?xml version=\"1.0\" encoding=\"utf-8\?>\n";
?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML Basic 1.0//EN"
"http://www.w3.org/TR/xhtml-basic/xhtml-basic10.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="no-NO">
<head><title>phpLDAPAdmin - <?php echo pla_version(); ?></title></head>
<frameset cols="<?php echo $tree_width; ?>,*">
<frame src="tree.php" name="left_frame" id="left_frame" />
<frame src="search.php" name="right_frame" id="right_frame" />
</frameset>
</html>
<?php } else { ?>
<?php } ?>
<?php
/*
* Makes sure that the config file is properly setup and
* that your install of PHP can handle LDAP stuff.
* TODO: Check ALL config elements for correctness in syntax
* TODO: Make sure all required config stuff is defined.
*/
function check_config()
{
/* Make sure this PHP install has LDAP support */
if( ! extension_loaded( 'ldap' ) )
{
pla_error( "Your install of PHP appears to be missing LDAP support. Please install " .
"LDAP support before using phpLDAPAdmin." );
return false;
}
/* Make sure the config file is readable */
if( ! is_readable( 'config.php' ) )
{
echo "The config file 'config.php' is not readable. Please check its permissions.";
return false;
}
/* check for syntax errors in config.php */
// capture the result of including the file with output buffering
ob_start();
include 'config.php';
$str = ob_get_contents();
ob_end_clean();
if( $str && false !== strpos( $str, 'error' ) )
{
$str = strip_tags( $str );
$parse_error = preg_match( "/on line (\d+)/", $str, $matches );
$line_num = $matches[1];
$file = file( 'config.php' );
?>
<html>
<head>
<title>phpLDAPAdmin Config File Error</title>
<link rel="stylesheet" href="style.css" />
</head>
<body>
<h3 class="title">Config file error</h3>
<h3 class="subtitle">Syntax error on line <?php echo $line_num; ?></h3>
<center>
Looks like your config file has a syntax error on line <?php echo $line_num; ?>.
Here is a snippet around that line
<br />
<br />
<div style="text-align: left; margin-left: 80px; margin-right: 80px; border: 1px solid black; padding: 10px;">
<tt>
<?php
for( $i=$line_num-9; $i<$line_num+5; $i++ ) {
if( $i+1 == $line_num )
echo "<div style=\"color:red;background:#fdd\">";
if( $i < 0 )
continue;
echo "<b>" . ($i+1) . "</b>: " . htmlspecialchars($file[ $i ]) . "<br />";
if( $i+1 == $line_num )
echo "</div>";
}
?>
</tt>
</div>
<br />
Hint: Sometimes these errors are caused by lines <b>preceding</b> the line reported.
</body>
</html>
<?php
return false;
}
if( $str && false !== strpos( $str, 'Warning' ) )
{
}
/* check the existence of the servers array */
require 'config.php';
if( ! is_array( $servers ) || count( $servers ) == 0 )
{
echo "Your config.php is missing the servers array or the array is empty. ";
echo " Please see the sample file config.php.example ";
return false;
}
/* Make sure there is at least one server in the array */
$count = 0;
foreach( $servers as $i => $server )
if( $server['host'] )
$count++;
if( $count == 0 )
{
echo "None of the " . count($servers) . " servers in your \$servers array is ";
echo "active in config.php. phpLDAPAdmin cannot proceed util you correct this.";
return false;
}
return true;
}
?>

85
ldap_error_codes.txt Normal file
View File

@ -0,0 +1,85 @@
0x00 LDAP_SUCCESS "The operation completed successfully."
0x01 LDAP_OPERATIONS_ERROR "An operations error occurred."
0x02 LDAP_PROTOCOL_ERROR "A protocol violation was detected."
0x03 LDAP_TIMELIMIT_EXCEEDED "The operation timed out waiting to complete."
0x04 LDAP_SIZELIMIT_EXCEEDED "The LDAP sever refused to serve such a large result set."
0x05 LDAP_COMPARE_FALSE "A compare operation returned false."
0x06 LDAP_COMPARE_TRUE "A compare operation returned true."
0x07 LDAP_AUTH_METHOD_NOT_SUPPORTED "The authentication method you specified is not supported by
the LDAP server."
0x08 LDAP_STRONG_AUTH_REQUIRED "This LDAP server requires strong (encrypted) authentication,
not clear text."
0x09 LDAP_PARTIAL_RESULTS "The result set received is a partial result set."
0x0a LDAP_REFERRAL ""
0x0b LDAP_ADMINLIMIT_EXCEEDED ""
0x0c LDAP_UNAVAILABLE_CRITICAL_EXTENSION ""
0x0d LDAP_CONFIDENTIALITY_REQUIRED ""
0x0e LDAP_SASL_BIND_INPROGRESS ""
0x10 LDAP_NO_SUCH_ATTRIBUTE "That entry does not contain the attribute specified."
0x11 LDAP_UNDEFINED_TYPE "The attribute type specified is invalid."
0x12 LDAP_INAPPROPRIATE_MATCHING "This usually means that your LDAP server has not defined an equality rule
for the attribute you are trying to alter. This is not phpLDAPAdmin's fault as the
LDAP server has refused to perform the operation (as well it should if there is
no equality rule for it to use for the operation)."
0x13 LDAP_CONSTRAINT_VIOLATION "Some constraint would be violated by performing the action. This can happen when
you try to add a second value to a single-valued attribute, for example."
0x14 LDAP_TYPE_OR_VALUE_EXISTS "An attribute type or attribute value
specified already exists in the entry"
0x15 LDAP_INVALID_SYNTAX "An invalid attribute value was specified."
0x20 LDAP_NO_SUCH_OBJECT "That object does not exist."
0x21 LDAP_ALIAS_PROBLEM "An alias in the directory points to a
non-existent entry."
0x22 LDAP_INVALID_DN_SYNTAX "You used an invalid syntax in the specified DN."
0x23 LDAP_IS_LEAF "The object specified is a leaf"
0x24 LDAP_ALIAS_DEREF_PROBLEM "A problem was encountereed when
dereferencing an alias"
0x30 LDAP_INAPPROPRIATE_AUTH "Inappropriate authentication was
specifiedi (e.g., LDAP_AUTH_SIMPLE was
specified and the entry does not have
a userPassword attribute)."
0x31 LDAP_INVALID_CREDENTIALS "Incorrect login DN and/or password."
0x32 LDAP_INSUFFICIENT_ACCESS "You do not have sufficient permissions
to perform that operation."
0x33 LDAP_BUSY "The LDAP server is busy."
0x34 LDAP_UNAVAILABLE "The LDAP server is unavailable."
0x35 LDAP_UNWILLING_TO_PERFORM "The LDAP server refused to perform the operation."
0x36 LDAP_LOOP_DETECT "A loop was detected."
0x3C LDAP_SORT_CONTROL_MISSING ""
0x3D LDAP_INDEX_RANGE_ERROR ""
0x40 LDAP_NAMING_VIOLATION "A naming violation occurred."
0x41 LDAP_OBJECT_CLASS_VIOLATION "You tried to perform an operation that would cause an undefined attribute
to exist or that would remove a required attribute, given the current list
of ObjectClasses."
0x42 LDAP_NOT_ALLOWED_ON_NONLEAF "The entry you tried to operate on has children. (usually this means you
tried to delete the entry, which you cannot do to an entry with children)."
0x43 LDAP_NOT_ALLOWED_ON_RDN "You cannot preform that operation on a the relative distinguished name
(RDN) of an object."
0x44 LDAP_ALREADY_EXISTS "The object already exists (usually you are trying to create a new object
on top of an existing one)"
0x45 LDAP_NO_OBJECT_CLASS_MODS "ObjectClass modifications are not
allolwed."
0x46 LDAP_RESULTS_TOO_LARGE ""
0x47 LDAP_AFFECTS_MULTIPLE_DSAS ""
0x50 LDAP_OTHER ""
0x51 LDAP_SERVER_DOWN "The LDAP server is down."
0x52 LDAP_LOCAL_ERROR ""
0x53 LDAP_ENCODING_ERROR ""
0x54 LDAP_DECODING_ERROR ""
0x55 LDAP_TIMEOUT ""
0x56 LDAP_AUTH_UNKNOWN ""
0x57 LDAP_FILTER_ERROR "The LDAP search filter specified is inavlid."
0x58 LDAP_USER_CANCELLED "The user cancelled the LDAP operation."
0x59 LDAP_PARAM_ERROR "An ldap routine was called with a bad
parameter."
0x5a LDAP_NO_MEMORY "An memory allocation (e.g., malloc(3)
or other dynamic memory allocator)
call failed in an ldap library rou-
tine."
0x5b LDAP_CONNECT_ERROR ""
0x5c LDAP_NOT_SUPPORTED "The requested operation is not supported by the LDAP server."
0x5d LDAP_CONTROL_NOT_FOUND ""
0x5e LDAP_NO_RESULTS_RETURNED "The search came back empty."
0x5f LDAP_MORE_RESULTS_TO_RETURN "The LDAP server has more results that it would like to return."
0x60 LDAP_CLIENT_LOOP ""
0x61 LDAP_REFERRAL_LIMIT_EXCEEDED "This means that a search was performed that required the LDAP
server to follow a chain of referrals that was too lengthy."

93
ldif_export.php Normal file
View File

@ -0,0 +1,93 @@
<?php
/*
* ldif_export.php
* Dumps the LDIF file for a given DN
*
* Variables that come in as GET vars:
* - dn (rawurlencoded)
* - server_id
* - format (one of 'win', 'unix', 'mac'
* - scope (one of 'sub', 'base', or 'one')
*/
require 'config.php';
require_once 'functions.php';
$dn = stripslashes( rawurldecode( $_GET['dn'] ) );
$server_id = $_GET['server_id'];
$format = $_GET['format'];
$scope = $_GET['scope'] ? $_GET['scope'] : 'base';
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
$objects = pla_ldap_search( $server_id, 'objectClass=*', $dn, array(), $scope, false );
//echo "<pre>";
//print_r( $objects );
//exit;
$rdn = get_rdn( $dn );
switch( $format ) {
case 'win': $br = "\r\n"; break;
case 'mac': $br = "\r"; break;
case 'unix':
default: $br = "\n"; break;
}
if( ! $objects )
pla_error( "Search on dn (" . htmlspecialchars($dn) . ") came back empty" );
header( "Content-type: text/plain" );
header( "Content-disposition: attachment; filename=\"$rdn.ldif\"" );
header( "Expires: Mon, 26 Jul 1997 05:00:00 GMT" );
header( "Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT" );
header( "Cache-Control: post-check=0, pre-check=0", false );
header( "Pragma: no-cache" );
echo "version: 1$br$br";
echo "# LDIF Export for: $rdn$br";
echo "# Scope: $scope, " . count( $objects ) . " entries$br";
echo "# Generated by phpLDAPAdmin on " . date("F j, Y g:i a") . "$br";
echo $br;
foreach( $objects as $dn => $attrs )
{
unset( $attrs['dn'] );
unset( $attrs['count'] );
if( is_safe_ascii( $dn ) )
echo "dn: $dn$br";
else
echo "dn:: " . base64_encode( $dn ) . $br;
foreach( $attrs as $attr => $val ) {
if( is_array( $val ) ) {
foreach( $val as $v ) {
if( is_safe_ascii( $v ) ) {
echo "$attr: $v$br";
} else {
echo "$attr:: " . base64_encode( $v ) . $br;
}
}
} else {
$v = $val;
if( is_safe_ascii( $v ) ) {
echo "$attr: $v$br";
} else {
echo "$attr:: " . base64_encode( $v ) . $br;
}
}
}
echo $br;
}
function is_safe_ascii( $str )
{
for( $i=0; $i<strlen($str); $i++ )
if( ord( $str{$i} ) < 32 || ord( $str{$i} ) > 127 )
return false;
return true;
}

107
login.php Normal file
View File

@ -0,0 +1,107 @@
<?php
/*
* login.php
* For servers whose auth_type is set to 'form'. Pass me the login info
* and I'll write two cookies, pla_login_dn_X and pla_pass_X
* where X is the server_id. The cookie_time comes from config.php
*
* Note: this file uses ldap_connect() and ldap_bind() only for purposes
* of verifying the user-supplied DN and Password.
*
* Variables that come in as POST vars:
* - login_dn
* - login_pass
* - server_id
*/
require 'config.php';
require_once 'functions.php';
$server_id = $_POST['server_id'];
$dn = stripslashes( $_POST['login_dn'] );
$pass = stripslashes( $_POST['login_pass'] );
$redirect = rawurldecode( $_POST['redirect'] );
$anon_bind = $_POST['anonymous_bind'] == 'on' ? true : false;
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
if( ! $anon_bind ) {
strlen($pass) or pla_error( "You left the password blank." );
}
if( $anon_bind ) {
$dn = null;
$pass = null;
}
$host = $servers[$server_id]['host'];
$port = $servers[$server_id]['port'];
// verify that the login is good
$ds = @ldap_connect( $host, $port );
$ds or pla_error( "Could not connect to '" . htmlspecialchars( $host ) . "' on port '" . htmlentities( $port ) . "'" );
// go with LDAP version 3 if possible (needed for renaming and Novell schema fetching)
@ldap_set_option( $ds, LDAP_OPT_PROTOCOL_VERSION, 3 );
$bind_result = @ldap_bind( $ds, $dn, $pass );
if( ! $bind_result )
pla_error( "Bad username/password. Try again" );
$expire = $cookie_time==0 ? null : time()+$cookie_time;
if( $anon_bind ) {
// we set the cookie val to 0 for anonymous binds.
$res1 = setcookie( "pla_login_dn_$server_id", '0', $expire, dirname( $_SERVER['PHP_SELF'] ) );
$res2 = setcookie( "pla_pass_$server_id", '0', $expire, dirname( $_SERVER['PHP_SELF'] ) );
} else {
$res1 = setcookie( "pla_login_dn_$server_id", $dn, $expire, dirname( $_SERVER['PHP_SELF'] ) );
$res2 = setcookie( "pla_pass_$server_id", $pass, $expire, dirname( $_SERVER['PHP_SELF'] ) );
}
if( ! $res1 || ! $res2 )
pla_error( "Could not set cookie!" );
?>
<html>
<head>
<script language="javascript">
parent.left_frame.location.reload();
<?php if( $redirect ) { ?>
location.href='<?php echo $redirect; ?>';
<?php } ?>
</script>
<link rel="stylesheet" href="style.css" />
<?php if( $redirect ) { ?>
<meta http-equiv="refresh" content="0;<?php echo $redirect; ?>" />
<?php } ?>
</head>
<body>
<?php if( $redirect ) { ?>
Redirecting... Click <a href="<?php echo $redirect; ?>">here</a> if nothing happens.<br />
<?php } else { ?>
<center>
<br />
<br />
Logged in to <b><?php echo htmlspecialchars($servers[$server_id]['name']); ?></b><br />
<?php if( $anon_bind ) { ?>
(anonymous bind)
<?php } ?>
<br />
<br />
<br />
Click <a href="search.php?server_id=<?php echo $server_id?>">here</a> to go to the search form.
</center>
<?php } ?>
</body>
</html>

79
login_form.php Normal file
View File

@ -0,0 +1,79 @@
<?php
/*
* login_form.php
* Displays the login form for a server for users who specify
* 'form' for their auth_type.
*
* Variables that come in as GET vars:
* - server_id
*/
require 'config.php';
require_once 'functions.php';
$server_id = $_GET['server_id'];
$server = $servers[$server_id];
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
?>
<?php include 'header.php'; ?>
<body>
<script language="javascript">
<!--
function toggle_disable_login_fields( anon_checkbox )
{
if( anon_checkbox.checked) {
anon_checkbox.form.login_dn.disabled = true;
anon_checkbox.form.login_pass.disabled = true;
} else {
anon_checkbox.form.login_dn.disabled = false;
anon_checkbox.form.login_pass.disabled = false;
}
}
-->
</script>
<center>
<h3 class="title">Authenticate to server <b><?php echo $servers[$server_id]['name']; ?></b></h3>
<br />
<?php if( $_SERVER['SERVER_PORT'] != 443 ) { ?>
<span style="color:red">Warning: this is an insecure (non-SSL) connection!<br />
SSL is recommended when transmitting sensitive passwords.</span>
<br />
<?php } ?>
<br />
<form action="login.php" method="post" name="login_form">
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<?php if( $_GET['redirect'] ) { ?>
<input type="hidden" name="redirect" value="<?php echo rawurlencode( $_GET['redirect'] ) ?>" />
<?php } ?>
<center>
<table class="login">
<tr>
</tr>
<tr>
<td colspan="2"><small>Anonymous Bind</small> <input type="checkbox" name="anonymous_bind" onclick="toggle_disable_login_fields(this)" /></td>
</tr>
<tr>
<td><small>Login <acronym title="Distinguished Name">DN</acronym></small></td>
<td><input type="text" name="login_dn" size="40" value="<?php echo $servers[$server_id]['login_dn']; ?>" name="login_dn" /></td>
</tr>
<tr>
<td><small>Password</small></td>
<td><input type="password" name="login_pass" size="40" value="" name="login_pass" /></td>
</tr>
<tr>
<td colspan="2"><center><input type="submit" name="submit" value="Authenticate" /></center></td>
</tr>
</table>
</form>
</center>

54
logout.php Normal file
View File

@ -0,0 +1,54 @@
<?php
/*
* logout.php
* For servers whose auth_type is set to 'form'. Pass me
* the server_id and I will log out the user (delete the cookie)
*
* Variables that come in as GET vars:
* - server_id
*/
require 'config.php';
require_once 'functions.php';
$server_id = $_GET['server_id'];
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "No one is logged in to that server." );
$logged_in_dn = get_logged_in_dn( $server_id );
$logged_in_pass = get_logged_in_pass( $server_id );
$anon_bind = $logged_in_dn == 'Anonymous' ? true : false;
$expire = time()-3600;
if( $anon_bind ) {
$res1 = setcookie( "pla_login_dn_$server_id", '0', $expire, dirname( $_SERVER['PHP_SELF'] ) );
$res2 = setcookie( "pla_pass_$server_id", '0', $expire, dirname( $_SERVER['PHP_SELF'] ) );
} else {
$res1 = setcookie( "pla_login_dn_$server_id", $logged_in_dn, $expire, dirname( $_SERVER['PHP_SELF'] ) );
$res2 = setcookie( "pla_pass_$server_id", $logged_in_pass, $expire, dirname( $_SERVER['PHP_SELF'] ) );
}
if( ! $res1 || ! $res2 )
pla_error( "Could not delete cookie!" );
?>
<html>
<head>
<script language="javascript">
parent.left_frame.location.reload();
</script>
<link rel="stylesheet" href="style.css" />
</head>
<body>
<center>
<br />
<br />
Logged out successfully from <b><?php echo htmlspecialchars($servers[$server_id]['name']); ?></b><br />
</center>
</body>
</html>

46
new_attr.php Normal file
View File

@ -0,0 +1,46 @@
<?php
/*
* new_attr.php
* Adds an attribute/value pair to an object
*
* Variables that come in as POST vars:
* - dn (rawurlencoded)
* - server_id
* - attr
* - val
*/
require 'config.php';
require_once 'functions.php';
$dn = stripslashes( rawurldecode( $_POST['dn'] ) );
$server_id = $_POST['server_id'];
$attr = stripslashes( $_POST['attr'] );
$val = stripslashes( $_POST['val'] );
$val = utf8_encode( $val );
$encoded_dn = rawurlencode( $dn );
$encoded_attr = rawurlencode( $attr );
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
// special case for jpegPhoto attributes:
// we must go read the data from the file.
if( 0 == strcasecmp( $attr, 'jpegPhoto' ) )
{
$file = $_FILES['jpeg_photo_file']['tmp_name'];
$f = fopen( $file, 'r' );
$jpeg_data = fread( $f, filesize( $file ) );
fclose( $f );
$val = $jpeg_data;
}
$ds = pla_ldap_connect( $server_id ) or pla_error( "Could not connect to LDAP server" );
$new_entry = array( $attr => $val );
$result = @ldap_mod_add( $ds, $dn, $new_entry );
if( $result )
header( "Location: edit.php?server_id=$server_id&dn=$encoded_dn&updated_attr=$encoded_attr" );
else
pla_error( "Failed to add the attribute.", ldap_error( $ds ) , ldap_errno( $ds ) );

46
new_jpeg_photo_form.php Normal file
View File

@ -0,0 +1,46 @@
<?php
/*
* new_jpeg_photo_form.php
* Displays a form to allow the user to a jpegPhoto to an object.
* - dn (rawurlencoded)
* - server_id
*/
require 'config.php';
require_once 'functions.php';
$dn = stripslashes( rawurldecode( $_GET['dn'] ) );
$encoded_dn = rawurlencode( $dn );
$server_id = $_GET['server_id'];
$rdn = ldap_explode_dn( $dn, 0 );
$rdn = $rdn[0];
$server_name = $servers[$server_id]['name'];
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
include 'header.php'; ?>
<body>
<h3 class="title">Add a <b>jpegPhoto</b> to <b><?php echo htmlspecialchars($rdn); ?></b></h3>
<h3 class="subtitle">Server2: <b><?php echo $server_name; ?></b> &nbsp;&nbsp;&nbsp; Distinguished Name: <b><?php echo $dn; ?>
</b></h3>
Select a jpeg file:<br />
<br />
<form action="new_attr.php" method="post" class="new_value" enctype="multipart/form-data">
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="dn" value="<?php echo $encoded_dn; ?>" />
<input type="hidden" name="attr" value="jpegPhoto" />
<input type="file" name="jpeg_photo_file" /><br />
<br />
<input type="submit" value="Proceed &gt;&gt;" />
</form>
</body>
</html>

113
rdelete.php Normal file
View File

@ -0,0 +1,113 @@
<?php
/*
* rdelete.php
*
* Recursively deletes the specified DN and all of its children
* Variables that come in as POST vars:
* - dn (rawurlencoded)
* - server_id
*/
require 'config.php';
require_once 'functions.php';
$encoded_dn = $_POST['dn'];
$dn = stripslashes( rawurldecode( $encoded_dn ) );
$server_id = $_POST['server_id'];
if( ! $dn )
pla_error( "You must specify a DN." );
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
pla_ldap_connect( $server_id ) or pla_error( "Could not connect to LDAP server" );
session_start();
include 'header.php';
echo "<body>\n";
echo "<h3 class=\"title\">Deleting" . htmlspecialchars( $dn) . "</h3>\n";
echo "<h3 class=\"subtitle\">Recursive delete progress</h3>\n";
echo "<br /><br />";
echo "<small>\n";
flush();
// prevent script from bailing early on a long delete
@set_time_limit( 0 );
$del_result = pla_rdelete( $server_id, $dn );
echo "</small><br />\n";
if( $del_result )
{
// kill the DN from the tree browser session variable and
// refresh the tree viewer frame (left_frame)
if( session_is_registered( 'tree' ) )
{
$tree = $_SESSION['tree'];
// does it have children? (it shouldn't, but hey, you never know)
if( isset( $tree[$server_id][$dn] ) )
unset( $tree[$server_id][$dn] );
// search and destroy
foreach( $tree[$server_id] as $tree_dn => $subtree )
foreach( $subtree as $key => $sub_tree_dn )
if( 0 == strcasecmp( $sub_tree_dn, $dn ) )
unset( $tree[$server_id][$tree_dn][$key] );
}
$_SESSION['tree'] = $tree;
session_write_close();
?>
<script language="javascript">
parent.left_frame.location.reload();
</script>
Object <b><?php echo htmlspecialchars( utf8_decode( $dn ) ); ?></b> and sub-tree deleted successfully.
<?php
} else {
pla_error( "Could not delete the object: " . htmlspecialchars( utf8_decode( $dn ) ), ldap_error( $ds ), ldap_errno( $ds ) );
}
exit;
function pla_rdelete( $server_id, $dn )
{
$children = get_container_contents( $server_id, $dn );
global $ds;
$ds = pla_ldap_connect( $server_id );
if( ! is_array( $children ) || count( $children ) == 0 ) {
echo "<nobr>Deleting " . htmlspecialchars( utf8_decode( $dn ) ) . "...";
flush();
if( ldap_delete( $ds, $dn ) ) {
echo " <span style=\"color:green\">Success</span></nobr><br />\n";
return true;
} else {
pla_error( "Failed to delete dn: " . htmlspecialchars( utf8_decode( $dn ) ),
ldap_error( $ds ), ldap_errno( $ds ) );
}
} else {
foreach( $children as $child_dn ) {
pla_rdelete( $server_id, $child_dn );
}
echo "<nobr>Deleting " . htmlspecialchars( utf8_decode( $dn ) ) . "...";
flush();
if( ldap_delete( $ds, $dn ) ) {
echo " <span style=\"color:green\">Success</span></nobr><br />\n";
return true;
} else {
pla_errror( "Failed to delete dn: " . htmlspecialchars( utf8_decode( $dn ) ),
ldap_error( $ds ), ldap_errno( $ds ) );
}
}
}

54
refresh.php Normal file
View File

@ -0,0 +1,54 @@
<?php
/*
* refresh.php
* This script alters the session variable 'tree', by re-querying
* the LDAP server to grab the contents of every expanded container.
*
* Variables that come in as GET vars:
* - server_id
*/
require 'config.php';
require_once 'functions.php';
$server_id = $_GET['server_id'];
if( ! check_server_id( $server_id ) || ! have_auth_info( $server_id ) )
header( "Location: tree.php" );
session_start();
if( ! session_is_registered( 'tree' ) )
header( "Location: tree.php" );
$tree = $_SESSION['tree'];
$tree_icons = $_SESSION['tree_icons'];
// Get the icon for the base object for this server
$base_dn = $servers[ $server_id ][ 'base' ];
$tree_icons[$server_id][ $base_dn ] = get_icon( $server_id, $base_dn );
// get all the icons and container contents for all expanded entries
if( $tree[$server_id] && is_array( $tree[$server_id] ) )
{
foreach( $tree[$server_id] as $dn => $children )
{
$tree[$server_id][$dn] = get_container_contents( $server_id, $dn );
foreach( $tree[$server_id][$dn] as $child_dn )
$tree_icons[$server_id][$child_dn] = get_icon( $server_id, $child_dn );
sort( $tree[ $server_id ][ $dn ] );
}
}
else
{
header( "Location: tree.php#$server_id" );
}
$_SESSION['tree'] = $tree;
$_SESSION['tree_icons'] = $tree_icons;
session_write_close();
header( "Location: tree.php#$server_id" );
?>

91
rename.php Normal file
View File

@ -0,0 +1,91 @@
<?php
/*
* rename.php
* Renames a DN to a different name.
*
* Variables that come in as POST vars:
* - dn (rawurlencoded)
* - server_id
* - new_rdn
*/
require 'config.php';
require_once 'functions.php';
$dn = rawurldecode( stripslashes( $_POST['dn'] ) );
$server_id = $_POST['server_id'];
$new_rdn = stripslashes( $_POST['new_rdn'] );
$new_rdn = utf8_encode($new_rdn);
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
$ds = pla_ldap_connect( $server_id ) or pla_error( "Could not connect to LDAP sever" );
// build the container string
$old_rdn = ldap_explode_dn( $dn, 0 );
$container = $old_rdn[ 1 ];
for( $i=2; $i<count($old_rdn)-1; $i++ )
$container .= ',' . $old_rdn[$i];
if( ! $container )
pla_error( "Error: Container is null!" );
if( ! ldap_rename( $ds, $dn, $new_rdn, $container, false ) )
{
pla_error( "Error: Could not rename the object.", ldap_error( $ds ), ldap_errno( $ds ) );
}
else
{
// update the session tree to reflect the name change
session_start();
if( session_is_registered( 'tree' ) )
{
$tree = $_SESSION['tree'];
$tree_icons = $_SESSION['tree_icons'];
$new_dn = $new_rdn . ',' . $container;
$old_dn = $dn;
// gotta search the whole tree for the entry (must be a leaf node since RDN changes
// cannot occur on parents)
foreach( $tree[$server_id] as $parent_dn => $children ) {
foreach( $children as $i => $child_dn ) {
if( 0 == strcasecmp( $child_dn, $old_dn ) ) {
$tree[$server_id][$parent_dn][$i] = $new_dn;
}
}
}
// Update the icon tree to reflect the change (remove the old DN and add the new one)
$tree_icons[ $server_id ][ $new_dn ] = $tree_icons[ $server_id ][ $old_dn ];
unset( $tree_icons[ $server_id ][ $old_dn ] );
$_SESSION['tree'] = $tree;
$_SESSION['tree_icons'] = $tree_icons;
session_write_close();
$edit_url="edit.php?server_id=$server_id&dn=" . rawurlencode( "$new_rdn,$container" );
?>
<html>
<head>
<!-- refresh the tree view (with the new DN renamed)
and redirect to the edit_dn page -->
<script language="javascript">
parent.left_frame.location.reload();
location.href='<?php echo $edit_url; ?>';
</script>
<!-- If the JavaScript didn't work, here's a meta tag to the job -->
<meta http-equiv="refresh" content="0; url=<?php echo $edit_url; ?>" />
</head>
<body>
Redirecting... click <a href="<?php echo $edit_url; ?>">here</a> if you're impatient.
</body>
</html>
<?php
}
}

226
schema.php Normal file
View File

@ -0,0 +1,226 @@
<?php
/*
* schema.php
* Displays the schema for the specified server_id
*
* Variables that come in as GET vars:
* - server_id
* - view (optional: can be 'attr' or empty. If 'attr', show that attribute)
* - attr (optional)
*/
require 'config.php';
require_once 'functions.php';
$server_id = $_GET['server_id'];
$view = isset( $_GET['view'] ) ? $_GET['view'] : 'objectClasses';
check_server_id( $server_id ) or
pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or
pla_error( "Not enough information to login to server. Please check your configuration." );
pla_ldap_connect( $server_id ) or
pla_error( "Coult not connect to LDAP server." );
$schema = get_schema( $server_id );
include 'header.php';
?>
<body>
<?php if( ! $schema ) {
pla_error( "Could not retrieve schema from <b>" . htmlspecialchars($servers[$server_id]['name']) . "</b>.<br />
<br />
This could happen for several reasons, the most probable of which are:
<ul>
<li>The server does not fully support the LDAP protocol.</li>
<li>Your version of PHP does not correctly perform the query.</li>
<li>Or lastly, phpLDAPAdmin doesn't know how to fetch the schema for your server.</li>
</ul>
Please <a href=\"http://sourceforge.net/tracker/?func=add&group_id=80217&atid=559082\">report this</a>
as a bug.
" );
} else { ?>
<h3 class="title">Schema for server <b><?php echo htmlspecialchars($servers[$server_id]['name']); ?></b></h3>
<br />
<center>
<?php echo ( $view=='objectClasses' ?
'objectClasses' :
'<a href="schema.php?server_id=' . $server_id . '&amp;view=objectClasses">objectClasses</a>' ); ?>
|
<?php echo ( $view=='syntaxes' ?
'Syntaxes' :
'<a href="schema.php?server_id=' . $server_id . '&amp;view=syntaxes">Syntaxes</a>' ); ?>
|
<?php echo ( $view=='attributes' ?
'Attributes' :
'<a href="schema.php?server_id=' . $server_id . '&amp;view=attributes">Attributes</a>' ); ?>
|
<?php echo ( $view=='matching_rules' ?
'Matching Rules' :
'<a href="schema.php?server_id=' . $server_id . '&amp;view=matching_rules">Matching Rules</a>' ); ?>
</center>
<br />
<?php flush(); ?>
<?php
if( $view == 'attr' )
{
$attr = $_GET['attr'];
if( ! isset( $_GET['attr'] ) )
pla_error( "No attribute specified in the query string." );
//echo '<pre>'; print_r( $schema['attrs'] );
?>
<center>
Attribute definition for <b><?php echo htmlspecialchars( $attr ); ?></b><br /><br />
<table class="schema_attr">
<?php
if( is_array( $schema['attrs'][strtolower($attr)] ) )
{
$counter = 0;
foreach( $schema['attrs'][strtolower($attr)] as $key => $val )
{
if( $key != 'val' && $val != null ) {
$counter++;
echo "<tr class=\"" . ($counter%2==0 ? 'even' : 'odd') . "\"><td>$key</td><td>$val</td></tr>\n";
}
}
}
else
pla_error( "Bad schema entry for attribute: " . htmlspecialchars( $attr ) );
?>
</table>
</center>
<?php
} elseif( $view == 'syntaxes' ) {
echo "<center>The following <b>syntaxes</b> are supported by this LDAP server</center><br />\n\n";
echo "\n\n<table class=\"schema_attr\" width=\"100%\">\n";
echo "<tr><th>Syntax OID</th><th>Description</th></tr>\n";
$counter=1;
foreach( get_schema_syntaxes( $server_id ) as $oid => $desc ) {
$counter++;
$oid = htmlspecialchars( $oid );
$desc = htmlspecialchars( $desc['description'] );
echo "<tr class=\"" . ($counter%2==0?'even':'odd'). "\"><td>$oid</td><td>$desc</td></tr>\n";
}
echo "</table>\n";
} elseif( $view == 'attributes' ) {
echo "<center>The following <b>attributes</b> are supported by this LDAP server</center><br />\n\n";
echo "<table class=\"schema_attr\" width=\"100%\">\n";
foreach( get_schema_attributes( $server_id ) as $attr ) {
echo "<tr><th colspan=\"2\">" . $attr['name'] . "</th></tr>\n";
$counter = 0;
foreach( $attr as $key => $val )
{
if( $key != 'val' && $val != null ) {
$counter++;
echo "<tr class=\"" . ($counter%2==0 ? 'even' : 'odd') . "\">";
echo "<td>$key</td><td>$val</td></tr>\n";
}
}
}
echo "</table>\n";
} elseif( $view == 'matching_rules' ) {
echo "<center>The following <b>matching rules</b> are supported by this LDAP server</center><br />\n\n";
echo "\n\n<table class=\"schema_attr\" width=\"100%\">\n";
echo "<tr><th>Matching Rule OID</th><th>Description</th></tr>\n";
$counter=1;
foreach( get_schema_matching_rules( $server_id ) as $oid => $attr ) {
$counter++;
$oid = htmlspecialchars( $oid );
$desc = htmlspecialchars( $attr );
echo "<tr class=\"" . ($counter%2==0?'even':'odd'). "\"><td>$oid</td><td>$attr</td></tr>\n";
}
echo "</table>\n";
} else { ?>
<small>Jump to an objectClass:</small>
<select name="oclass_jumper"
onChange="window.location.href='schema.php?server_id=<?php echo $server_id; ?>#'+this.value">
<?php foreach( $schema['oclasses'] as $oclass => $desc ) { ?>
<option value="<?php echo $oclass; ?>"><?php echo $desc['name']; ?></option>
<?php } ?>
</select>
<br />
<?php foreach( $schema['oclasses'] as $oclass => $attrs ) { ?>
<small>[<a name="<?php echo $oclass; ?>" href="#" title="Head on up to the top.">top</a>]</small>
<h4 class="oclass">objectClass <b><?php echo $attrs['name']; ?></b></h4>
<h4 class="oclass_sub">OID <b><?php echo $attrs['oid']; ?></b></h4>
<?php if( $attrs['description'] ) { ?>
<h4 class="oclass_sub">Description <b><?php echo $attrs['description']; ?></b></h4>
<?php } ?>
<h4 class="oclass_sub">Inherits <b><?php echo $attrs['sup']; ?></b></h4>
<br />
<table width="100%" class="schema_oclasses">
<tr>
<th width="50%"><b>Required Attributes</b></th>
<th width="50%"><b>Optional Attributes</b></th>
</tr>
<tr>
<td>
<?php
if( count( $attrs['must_attrs'] ) > 0 ) {
echo '<ul class="schema">';
foreach( $attrs['must_attrs'] as $attr )
echo "<li><a href=\"schema.php?server_id=$server_id&amp;view=attr&amp;attr=" .
rawurlencode( $attr ) . "\">" . htmlspecialchars($attr) . "</a></li>\n";
}
else
echo "<center>(none)</center>\n";
?>
</ul>
</td>
<td width="50%">
<?php
if( count( $attrs['may_attrs'] ) > 0 ) {
echo '<ul class="schema">';
foreach( $attrs['may_attrs'] as $attr )
echo "<li><a href=\"schema.php?server_id=$server_id&amp;view=attr&amp;attr=" .
rawurlencode( $attr ) . "\">" . htmlspecialchars($attr) . "</a></li>\n";
}
else
echo "<center>(none)</center>\n";
?>
</ul>
</td>
</tr>
</table>
<?php } /* End foreach objectClass */ ?>
<?php } /* End else (displaying objectClasses */ ?>
<?php } /* End else (schema _is_ available) */ ?>
</body>
</html>

212
search.php Normal file
View File

@ -0,0 +1,212 @@
<?php
/*
* search.php
* Perform LDAP searches and draw the advanced/simple search forms
*
* Variables that come in as GET vars:
* - server_id
* - search (true if performing a search, empty to just draw form)
* For simple searches:
* - attribute, criterion, filter
* For advanced searches:
* - base_dn, scope, filter
*/
require 'config.php';
require_once 'functions.php';
$server_id = $_GET['server_id'];
// try to get an available server_id if one is not provided
if( ! isset( $server_id ) )
{
$server_id = get_avail_server_id();
}
else
{
check_server_id( $server_id ) or pla_error( "Bad server_id: " . var_dump( htmlspecialchars( $server_id ) ) );
}
// build the server drop-down html and JavaScript array (for base_dns)
$server_menu_html = '<select name="server_id" onChange="base_dn.value = server_base_dns[ this.value ]">';
$js_dn_list = '';
foreach( $servers as $id => $server ) {
$base_dn = $server['base'] ? $server['base'] : try_to_get_root_dn( $id );
$js_dn_list .= '"' . $server['base'] . '",';
if( $server['host'] ) {
$server_menu_html .= '<option value="'.$id.'"' . ( $id==$server_id? ' selected' : '' ) . '>';
$server_menu_html .= $server['name'] . '</option>';
}
}
// trim off the trailing comma
$js_dn_list = substr( $js_dn_list, 0, strlen($js_dn_list)-1 );
$server_menu_html .= '</select>';
$filter = stripslashes( $_GET['filter'] );
$filter = utf8_encode($filter);
$attr = stripslashes( $_GET['attribute'] );
// grab the base dn for the search
if( isset( $_GET['base_dn'] ) )
$base_dn = $_GET['base_dn'];
elseif( '' != $servers[$server_id]['base'] )
$base_dn = $servers[$server_id]['base'];
else
$base_dn = try_to_get_root_dn( $server_id );
$criterion = stripslashes( $_GET['criterion'] );
$form = stripslashes( $_GET['form'] );
$scope = $_GET['scope'] ? $_GET['scope'] : 'sub';
//echo "<PRE>";print_r( $_GET );echo "</pre>";
?>
<?php include 'header.php'; ?>
<body>
<center>
<?php if( $form == 'advanced' ) {
include 'search_form_advanced.php';
} else /* Draw simple search form */ {
process_config();
include 'search_form_simple.php';
} ?>
</center>
<?php flush(); ?>
<?php
if( $_GET['search'] )
{
if( $form == 'advanced' ) {
$search_result_attributes = isset( $_GET['display_attrs'] ) ?
stripslashes( $_GET['display_attrs'] ) :
$search_result_attributes;
process_config();
}
// do we have enough authentication information for the specified server_id
if( ! have_auth_info( $server_id ) )
{
$login_url = "login_form.php?server_id=$server_id&amp;redirect=" . rawurlencode( $_SERVER['REQUEST_URI'] );
?>
<center>
<br />
You haven't logged into server <b><?php echo htmlspecialchars( $servers[$server_id]['name'] ); ?></b>
yet. Go to the <a href="<?php echo $login_url; ?>">login form</a> to do so.
</center>
<?php
exit;
}
pla_ldap_connect( $server_id ) or pla_error( "Could not connect to LDAP server." );
if( $filter )
{
// if they are using the simple search form, build an LDAP search filter from their input
if( $form == 'simple' )
{
switch( $criterion ) {
case 'starts with':
$filter = "($attr=$filter*)";
break;
case 'contains':
$filter = "($attr=*$filter*)";
break;
case 'ends with':
$filter = "($attr=*$filter)";
break;
case 'equals':
$filter = "($attr=$filter)";
break;
case 'sounds like':
$filter = "($attr~=$filter)";
break;
default:
pla_error( "Unrecognized criteria option: " . htmlspecialchars( $criterion ) .
"If you want to add your own criteria to the list. Be sure to edit " .
"search.php to handle them. Quitting." );
}
}
$time_start = utime();
$results = pla_ldap_search( $server_id, $filter, $base_dn,
array_merge( $search_result_attributes, array( $search_result_title_attribute ) ),
$scope );
$time_end = utime();
$time_elapsed = round( $time_end - $time_start, 2 );
$count = count( $results );
?>
<br />
<center>Found <b><?php echo $count; ?></b> <?php echo $count==1?'entry':'entries'; ?>.
<?php if( $form == 'simple' ) { ?>
<center><small>Filter performed: <?php echo htmlspecialchars( $filter ); ?></small></center>
<?php } ?>
</center>
<?php flush(); ?>
<?php if( $results ) foreach( $results as $dn => $attrs ) { ?>
<?php $encoded_dn = rawurlencode($attrs['dn']); ?>
<?php $rdn = utf8_decode( get_rdn( $attrs['dn'] ) ); ?>
<div class="search_result">
<a href="edit.php?server_id=<?php echo $server_id; ?>&amp;dn=<?php echo $encoded_dn; ?>">
<?php echo htmlspecialchars($rdn); ?>
</a>
</div>
<table class="attrs">
<?php if( is_array( $search_result_attributes ) ) foreach( $search_result_attributes as $attr ) { ?>
<tr>
<td class="attr" valign="top"><?php echo htmlspecialchars($attr); ?></td>
<td class="val">
<?php if( is_array( $attrs[strtolower($attr)] ) ) { ?>
<?php foreach( $attrs[strtolower($attr)] as $a ) { ?>
<?php echo str_replace( ' ', '&nbsp;', htmlspecialchars(utf8_decode($a))); ?><br />
<?php } ?>
<?php } else { ?>
<?php echo str_replace( ' ', '&nbsp;', htmlspecialchars(utf8_decode($attrs[strtolower($attr)]))); ?>
<?php } ?>
</td>
</tr>
<?php } ?>
</table>
<?php } ?>
<br /><br />
<div class="search_result"><center><span style="font-weight:normal;font-size:75%;">Search happily performed by phpLDAPAdmin in
<b><?php echo $time_elapsed; ?></b> seconds.</small></center></div>
<?php
}
}
?>
</body>
</html>
<?php
function utime ()
{
$time = explode( " ", microtime());
$usec = (double)$time[0];
$sec = (double)$time[1];
return $sec + $usec;
}
?>

50
search_form_advanced.php Normal file
View File

@ -0,0 +1,50 @@
<form action="search.php" method="get" class="search">
<input type="hidden" name="search" value="true" />
<input type="hidden" name="form" value="advanced" />
<center><b>Advanced Search Form</b></center>
<small>(<a href="search.php?server_id=<?php echo $server_id; ?>&amp;form=simple">Simple Search Form</a>)</small><br />
<br />
<table>
<tr>
<td><small>Server</small></td>
<td><?php echo $server_menu_html; ?></td>
</tr>
<tr>
<td><small>Base <acronym title="Distinguished Name">DN</acronym></small></td>
<td><input type="text" name="base_dn" value="<?php echo htmlspecialchars($base_dn); ?>" size="30" id="base_dn" /></td>
</tr>
<tr>
<td><small><acronym title="The scope in which to search">Search Scope</acronym></small></td>
<td>
<select name="scope">
<option<?php echo $scope=='sub'?' selected':''; ?> value="sub">Sub (entire subtree)</option>
<option<?php echo $scope=='one'?' selected':''; ?> value="one">One (one level beneath base)</option>
<option<?php echo $scope=='base'?' selected':''; ?> value="base">Base (base dn only)</option>
</select>
</td>
</tr>
<tr>
<td><small><acronym title="Standard LDAP search filter. Example: (&(sn=Smith)(givenname=David))">
Search Filter</acronym></small></td>
<td><input type="text" name="filter" size="30" value="<?php echo $filter ? htmlspecialchars(utf8_decode($filter)) : 'objectClass=*'; ?>" /></td>
</tr>
<tr>
<td><small><acronym title="A list of attributes to display in the results (comma-separated)">
Show Attributes</acronym></small></td>
<td><input type="text" name="display_attrs" size="30" value="<?php
echo isset( $_GET['display_attrs'] ) ? $_GET['display_attrs'] : $search_result_attributes; ?>" />
<tr>
<td colspan="2"><br /><center><input type="submit" value="Search" /></center></td>
</tr>
</table>
</form>

42
search_form_simple.php Normal file
View File

@ -0,0 +1,42 @@
<form action="search.php" method="get" class="search">
<input type="hidden" name="search" value="true" />
<input type="hidden" name="form" value="simple" />
<input type="hidden" name="scope" value="sub" />
<table>
<td>
<center><b>Simple Search Form</b><br />
<small>(<a href="search.php?server_id=<?php echo $server_id; ?>&amp;form=advanced">Advanced Search Form</a>)</small><br />
<br />
</center>
<small>Server</small><br /> <?php echo $server_menu_html; ?><br />
<br />
<small>Search for entries whose:</small><br />
<nobr>
<select name="attribute">
<?php foreach( $search_attributes as $id => $attribute ) { ?>
<option value="<?php echo rawurlencode( $attribute ); ?>"<?php echo $attribute==$attr?' selected':''; ?>>
<?php echo htmlspecialchars($search_attributes_display[$id]); ?>
</option>
<?php } ?>
</select>
<select name="criterion">
<?php foreach( $search_criteria_options as $c ) { ?>
<option value="<?php echo $c; ?>"<?php echo $c==$criterion?' selected':''; ?>>
<?php echo htmlspecialchars($c); ?>
</option>
<?php } ?>
</select>
<input type="text" name="filter" size="20" value="<?php echo htmlspecialchars(utf8_decode($filter)); ?>" /><br />
<br />
<center><input type="submit" value="Search" /></center>
</nobr>
</td>
</table>
</form>

49
server_info.php Normal file
View File

@ -0,0 +1,49 @@
<?php
/*
* server_info.php
* Fetches and displays all information that it can from the specified server
*
* Variables that come in as GET vars:
* - server_id
*/
require 'config.php';
require_once 'functions.php';
$server_id = $_GET['server_id'];
$server_name = $servers[$server_id]['name'];
$ds = pla_ldap_connect( $server_id ) or pla_error( "Could not connect or authenticate to LDAP server" );
$r = @ldap_read( $ds, '', 'objectClass=*', array( '+' ) );
if( ! $r )
pla_error( "Could not fetch any information from the server" );
$entry = @ldap_first_entry( $ds, $r );
$attrs = @ldap_get_attributes( $ds, $entry );
$count = @ldap_count_entries( $ds, $r );
//echo "<pre>"; print_r( $attrs ); echo "</pre>";
include 'header.php';
?>
<h3 class="title">Server info for <?php echo htmlspecialchars( $server_name ); ?></h3>
<h3 class="subtitle">Server reports the following information about itself</h3>
<?php if( $count == 0 || $attrs['count'] == 0 ) { ?>
<br /><br /><center>This server has nothing to report.</center>
<?php exit; ?>
<?php } ?>
<table class="edit_dn">
<?php
for( $i=0; $i<$attrs['count']; $i++ ) {
$attr = $attrs[$i];
echo "<tr class=\"row" . ($i%2!=0?"1":"2") . "\"><td class=\"attr\"><b>";
echo htmlspecialchars($attr) . "</b></td><td class=\"val\">";
for( $j=0; $j<$attrs[ $attr ][ 'count' ]; $j++ )
echo htmlspecialchars( $attrs[ $attr ][ $j ] ) . "<br />\n";
}
?>
</table>

360
style.css Normal file
View File

@ -0,0 +1,360 @@
table.schema_oclasses td {
vertical-align: top;
text-align: left;
}
table.schema_attr th {
background-color: #016;
padding: 5px;
color: white;
font-weight: normal;
}
table.schema_attr td {
padding: 5px;
}
table.schema_attr tr.even {
background-color: #eee;
}
table.schema_attr tr.odd {
background-color: #ccc;
}
div.error {
background-color: #eec;
border: solid black 1px;
padding: 15px;
padding-top: 0px;
width: 380px;
text-align: left;
}
table.confirm th {
background-color: #016;
padding: 5px;
color: white;
font-weight: normal;
}
table.confirm tr.spacer {
background-color: #ddd;
}
table.confirm tr.even {
background-color: #ccc;
}
table.confirm tr.odd{
background-color: #eee;
}
table.confirm tr td {
padding: 4px;
vertical-align: top;
}
table.confirm tr td.heading {
font-size: 75%;
}
table.templates tr td {
text-align: left;
vertical-align: center;
}
table.templates tr {
height: 25px;
}
a img {
border: 0px;
}
body {
font-family: arial, helvetica, sans-serif;
background-color: white;
font-size: 12pt;
}
table.tree {
border: 0px;
}
table.tree img {
border: 0px;
}
table.tree td {
padding: 2px;
border: 0px solid black;
}
table.tree tr {
}
table.tree tr.server {
vertical-align: top;
}
table.tree td.icon {
text-align: center;
padding: 0px;
width: 22px;
}
table.tree td.rdn a {
text-decoration: none;
color: black;
}
table.tree td.rdn a:hover {
text-decoration: underline;
color: blue;
}
table.tree td.create a {
text-decoration: none;
color: black;
}
table.tree td.create a:hover {
text-decoration: underline;
color: blue;
}
table.tree td.spacer {
width: 22px;
}
table.tree td.expander {
text-align: center;
width: 22px;
min-width: 22px;
}
table.tree td span.count {
color: gray;
font-size: 85%;
}
h3.title {
text-align: center;
margin: 0px;
padding: 10px;
color: white;
background-color: #018;
border: 1px solid black;
font-weight: normal;
font-size: 150%;
}
h3.subtitle {
text-align: center;
margin: 0px;
margin-bottom: 15px;
font-size: 75%;
color: white;
border-bottom: 1px solid black;
border-left: 1px solid black;
border-right: 1px solid black;
background: #018;
padding: 4px;
font-weight: normal;
}
table.edit_dn tr.spacer td {
height: 20px;
}
table.edit_dn {
width: 100%;
}
table.edit_dn th {
background: #777;
color: white;
font-weight: normal;
font-size: 125%;
padding: 5px;
}
table.edit_dn tr td {
padding: 4px;
}
table.edit_dn tr td.attr {
vertical-align: top;
}
table.edit_dn tr td.heading {
border-top: 3px solid #ccc;
font-weight: bold;
}
table.edit_dn tr td.val {
text-align: right;
vertical-align: center;
}
table.edit_dn tr.updated_attr {
background: #def;
}
table.edit_dn tr.updated_attr td {
border-top: 1px solid black;
border-bottom: 1px solid black;
color: #005;
}
table.edit_dn tr.updated_attr a {
}
table.edit_dn tr.mod_dn {
background: #def;
}
table.edit_dn tr.row1 {
background: #eee;
}
table.edit_dn tr.row2 {
background: #ccc;
}
input.update_dn {
font-size: 65%;
}
small {
font-size: 10pt;
}
form.edit_dn {
margin: 0px;
padding: 0px;
}
h4.oclass {
background: #88b;
padding: 5px;
margin: 0px;
margin-top: 8px;
font-weight: normal;
border: 1px solid black;
font-size: 140%;
color: white;
}
h4.oclass_sub {
background: #dde;
border: 1px solid black;
border-top: 0px;
font-weight: normal;
margin: 0px;
padding: 2px;
padding-left: 5px;
font-size: 80%;
}
ul.schema {
margin: 5px;
}
ul.schema li {
margin-left: 10px;
}
ul.current_values {
padding: 5px;
padding-left: 25px;
width: 200px;
margin-left: 50px;
}
form.new_value {
margin-left: 70px;
}
ul.search {
font-weight: bold;
}
div.search_result {
list-style-type: none;
background: #ffb;
padding: 6px;
padding-left: 10px;
margin-right: 40px;
}
table.attrs {
font-weight: normal;
font-size: 75%;
margin: 0px;
}
table.attrs td {
padding-right: 10px;
}
table.attrs td.attr {
color: #aaa;
padding-left: 15px;
}
form.search {
width: 500px;
background-color: #ddf;
padding: 5px;
}
table.edit_dn_menu {
font-size: 75%;
}
input.scary {
background: red;
font-weight: bold;
color: white;
}
input.cancel {
padding-left: 10px;
padding-right: 10px;
font-weight: bold;
}
input.happy {
background: green;
font-weight: bold;
color: white;
}
table.delete_confirm {
width: 76%;
background-color: #ddf;
padding: 20px;
text-align: left;
}
table.login {
background-color: #ddf;
padding: 10px;
}
table.login td {
padding: 5px;
}
table.create {
font-size: 75%;
}
table.create td.heading {
vertical-align: top;
padding: 10px;
}

186
templates/creation/custom.php Normal file
View File

@ -0,0 +1,186 @@
<?php
require 'config.php';
// Common to all templates
$rdn = stripslashes( $_POST['rdn'] );
$container = stripslashes( $_POST['container'] );
$server_id = $_POST['server_id'];
// Unique to this template
$step = $_POST['step'];
if( ! $step )
$step = 1;
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
if( $step == 1 )
{
$oclasses = get_schema_objectClasses( $server_id );
?>
<h4>Step 1 of 2: Name and ObjectClass(es)</h4>
<form action="creation_template.php" method="post" name="creation_form">
<input type="hidden" name="step" value="2" />
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="template" value="<?php echo $_POST['template']; ?>" />
<table class="create">
<tr>
<td class="heading"><acronym title="Relative Distinguished Name">RDN</acronym>:</td>
<td><input type="text" name="rdn" value="" size="20" /> (example: cn=MyNewObject)</td>
</tr>
<tr>
<td class="heading">Container:</td>
<td><input type="text" name="container" size="40" value="<?php echo htmlspecialchars($container); ?>" />
<?php draw_chooser_link( 'creation_form.container' ); ?></td>
</tr>
<tr>
<td class="heading">ObjectClass(es):</td>
<td>
<select name="object_classes[]" multiple size="15">
<?php foreach( $oclasses as $oclass => $attrs ) { ?>
<option value="<?php echo htmlspecialchars($oclass); ?>">
<?php echo htmlspecialchars($attrs['name']); ?>
</option>
<?php } ?>
</select>
</td>
</tr>
<tr>
<td></td>
<td><input type="submit" value="Proceed >>" /></td>
</tr>
</table>
</form>
<?php
}
if( $step == 2 )
{
strlen( trim( $rdn ) ) != 0 or
pla_error( "You left the RDN field blank" );
strlen( $container ) == 0 or dn_exists( $server_id, $container ) or
pla_error( "The container you specified (" . htmlspecialchars( $container ) . ") does not exist. " .
"Please go back and try again." );
$friendly_attrs = process_friendly_attr_table();
$oclasses = $_POST['object_classes'];
if( count( $oclasses ) == 0 )
pla_error( "You did not select any ObjectClasses for this object. Please go back and do so." );
// build a list of required attributes:
$dn = $rdn . ',' . $container;
$schema = get_schema( $server_id );
$attrs = $schema['attrs'];
$required_attrs = array();
$all_attrs = array();
foreach( $oclasses as $oclass ) {
$required_attrs = array_merge( $required_attrs, $schema['oclasses'][strtolower($oclass)]['must_attrs'] );
$all_attrs = array_merge( $all_attrs, $schema['oclasses'][strtolower($oclass)]['must_attrs'],
$schema['oclasses'][strtolower($oclass)]['may_attrs'] );
}
$required_attrs = array_unique( $required_attrs );
$all_attrs = array_unique( $all_attrs );
sort( $required_attrs );
sort( $all_attrs );
$attr_select_html = "";
foreach( $all_attrs as $a ) {
// is there a user-friendly translation available for this attribute?
if( isset( $friendly_attrs[ strtolower( $a ) ] ) ) {
$attr_display = htmlspecialchars( $friendly_attrs[ strtolower( $a ) ] ) . " (" .
htmlspecialchars($a) . ")";
} else {
$attr_display = htmlspecialchars( $a );
}
echo $attr_display;
$attr_select_html .= "<option>$attr_display</option>\n";
}
// add the required attribute based on the RDN provided by the user
// (ie, if the user specifies "cn=Bob" for their RDN, make sure "cn" is
// in the list of required attributes.
$rdn_attr = trim( substr( $rdn, 0, strpos( $rdn, '=' ) ) );
$rdn_value = trim( substr( $rdn, strpos( $rdn, '=' ) + 1 ) );
if( ! in_array( $rdn_attr, $required_attrs ) )
$required_attrs[] = $rdn_attr;
?>
<h4>Step 2 of 2: Specify attributes and values</h4>
<table>
<tr>
<td style="padding-right:10px">
<small>Creating entry with <acronym title="Distinguished Name">DN</acronym>:
<b><?php echo htmlspecialchars( $dn ); ?></b></small></td>
<td>
<small><b>Instrucions</b>: Enter values for the <?php echo count($required_attrs); ?>
required attributes. Then create any optional attributes. You
can specify multi-valued attributes as well.</small><br />
</td>
</tr>
</table>
<form action="create.php" method="post">
<input type="hidden" name="step" value="2" />
<input type="hidden" name="new_dn" value="<?php echo htmlspecialchars( $dn ); ?>" />
<input type="hidden" name="new_rdn" value="<?php echo htmlspecialchars( $rdn ); ?>" />
<input type="hidden" name="container" value="<?php echo htmlspecialchars( $container ); ?>" />
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="object_classes" value="<?php echo rawurlencode(serialize($oclasses)); ?>" />
<table class="edit_dn" cellspacing="0">
<tr><th colspan="2">Required Attributes</th></tr>
<?php foreach( $required_attrs as $count => $attr ) { ?>
<?php if( $count % 2 == 0 ) { ?>
<tr class="row1">
<?php } else { ?>
<tr class="row2">
<?php } ?>
<td class="attr"><b><?php
// is there a user-friendly translation available for this attribute?
if( isset( $friendly_attrs[ strtolower( $attr ) ] ) ) {
$attr_display = "<acronym title=\"Alias for " . htmlspecialchars($attr) . "\">" .
htmlspecialchars( $friendly_attrs[ strtolower( $attr ) ] ) . "</acronym>";
} else {
$attr_display = htmlspecialchars( $attr );
}
echo $attr_display;
?></b></td>
<td class="val"><input type="text"
name="required_attrs[<?php echo htmlspecialchars($attr); ?>]"
value="<?php echo $attr == $rdn_attr ? $rdn_value : '' ?>" size="40" />
</tr>
<?php } ?>
<tr><th colspan="2">Optional Attributes</th></tr>
<?php for($i=0; $i<10; $i++ ) { ?>
<?php if( $i % 2 == 0 ) { ?>
<tr class="row1">
<?php } else { ?>
<tr class="row2">
<?php } ?>
<td class="attr"><select name="attrs[<?php echo $i; ?>]"><?php echo $attr_select_html; ?></select></td>
<td class="val"><input type="text" name="vals[<?php echo $i; ?>]" value="" size="40" />
</tr>
<?php } ?>
</table>
<center>
<input type="submit" name="submit" value="Create Object" />
</center>
<?php } ?>

210
templates/creation/new_address_template.php Executable file
View File

@ -0,0 +1,210 @@
<?php
require 'config.php';
// customize this to your needs
$default_container = "ou=Addresses";
// Common to all templates
$container = stripslashes( $_POST['container'] );
$server_id = $_POST['server_id'];
// Unique to this template
$step = $_POST['step'];
if( ! $step )
$step = 1;
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
?>
<script language="javascript">
<!--
/*
* Populates the common name field based on the last
* name concatenated with the first name, separated
* by a blank
*/
function autoFillCommonName( form )
{
var first_name;
var last_name;
var common_name;
first_name = form.first_name.value;
last_name = form.last_name.value;
if( last_name == '' ) {
return false;
}
common_name = last_name + ' ' + first_name;
form.common_name.value = common_name;
}
-->
</script>
<center><h2>New Address Book Entry<br />
<small>(InetOrgPerson)</small></h2>
</center>
<?php if( $step == 1 ) { ?>
<form action="creation_template.php" method="post" id="address_form" name="address_form">
<input type="hidden" name="step" value="2" />
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="template" value="<?php echo $_POST['template']; ?>" />
<center>
<table class="confirm">
<tr class="spacer"><td colspan="3"></tr>
<tr>
<td><img src="images/uid.png" /></td>
<td class="heading">Name:</td>
<td>
<input type="text" name="first_name" id="first_name" value="first" onChange="autoFillCommonName(this.form)" />
<input type="text" name="last_name" id="last_name" value="last" onChange="autoFillCommonName(this.form)" />
</td>
</tr>
<tr>
<td></td>
<td class="heading">Common name:</td>
<td><input type="text" name="common_name" id="common_name" value="" /></td>
</tr>
<tr>
<td></td>
<td class="heading">Organization:</td>
<td><input type="text" name="organization" id="organization" value="" /></td>
</tr>
<tr class="spacer"><td colspan="3"></tr>
<tr>
<td><img src="images/mail.png" /></td>
<td class="heading">Address:</td>
<td><input type="text" name="street" id="street" value="" /></td>
</tr>
<tr>
<td></td>
<td class="heading">City:</td>
<td><input type="text" name="city" id="city" value="" /></td>
</tr>
<tr>
<td></td>
<td class="heading">Postal code:</td>
<td><input type="text" name="postal_code" id="postal_code" value="" /></td>
</tr>
<tr class="spacer"><td colspan="3"></tr>
<tr>
<td><img src="images/phone.png" /></td>
<td class="heading">Work phone:</td>
<td><input type="text" name="telephone_number" id="telephone_number" value="" /></td>
</tr>
<tr>
<td></td>
<td class="heading">Fax:</td>
<td><input type="text" name="fax_number" id="fax_number" value="" /></td>
</tr>
<tr>
<td></td>
<td class="heading">Mobile:</td>
<td><input type="text" name="mobile_number" id="mobile_number" value="" /></td>
</tr>
<tr>
<td></td>
<td class="heading">Email:</td>
<td><input type="text" name="email_address" id="email_address" value="" /></td>
</tr>
<tr class="spacer"><td colspan="3"></tr>
<tr>
<td></td>
<td class="heading">Container:</td>
<td><input type="text" name="container" size="40"
value="<?php if( isset( $container ) )
echo htmlspecialchars( $container );
else
echo htmlspecialchars( $default_container . ',' . $servers[$server_id]['base'] ); ?>" />
<?php draw_chooser_link( 'address_form.container' ); ?></td>
</td>
</tr>
<tr>
<td colspan="3"><center><br /><input type="submit" value="Proceed &gt;&gt;" /></td>
</tr>
</table>
</center>
<?php } elseif( $step == 2 ) {
$common_name = trim( stripslashes( $_POST['common_name'] ) );
$first_name = trim( stripslashes( $_POST['first_name'] ) );
$last_name = trim( stripslashes( $_POST['last_name'] ) );
$organization = trim( stripslashes( $_POST['organization'] ) );
$city = trim( stripslashes( $_POST['city'] ) );
$postal_code = trim( stripslashes( $_POST['postal_code'] ) );
$street = trim( stripslashes( $_POST['street'] ) );
$telephone_number = trim( stripslashes( $_POST['telephone_number'] ) );
$fax_number = trim( stripslashes( $_POST['fax_number'] ) );
$mobile_number = trim( stripslashes( $_POST['mobile_number'] ) );
$email_address = trim( stripslashes( $_POST['email_address'] ) );
$container = trim( stripslashes( $_POST['container'] ) );
/* Critical assertions */
0 != strlen( $common_name ) or
pla_error( "You cannot leave the Common Name blank. Please go back and try again." );
?>
<center><h3>Confirm entry creation:</h3></center>
<form action="create.php" method="post">
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="new_dn" value="<?php echo htmlspecialchars( 'cn=' . $common_name . ',' . $container ); ?>" />
<!-- ObjectClasses -->
<?php $object_classes = rawurlencode( serialize( array( 'top', 'inetOrgPerson' ) ) ); ?>
<input type="hidden" name="object_classes" value="<?php echo $object_classes; ?>" />
<!-- The array of attributes/values -->
<input type="hidden" name="attrs[]" value="cn" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($common_name);?>" />
<input type="hidden" name="attrs[]" value="givenName" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($first_name);?>" />
<input type="hidden" name="attrs[]" value="sn" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($last_name);?>" />
<input type="hidden" name="attrs[]" value="o" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($organization);?>" />
<input type="hidden" name="attrs[]" value="l" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($city);?>" />
<input type="hidden" name="attrs[]" value="postalCode" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($postal_code);?>" />
<input type="hidden" name="attrs[]" value="street" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($street);?>" />
<input type="hidden" name="attrs[]" value="telephoneNumber" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($telephone_number);?>" />
<input type="hidden" name="attrs[]" value="facsimileTelephoneNumber" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($fax_number);?>" />
<input type="hidden" name="attrs[]" value="mobile" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($mobile_number);?>" />
<input type="hidden" name="attrs[]" value="mail" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($email_address);?>" />
<center>
<table class="confirm">
<tr class="even"><td class="heading">Common name:</td><td><b><?php echo htmlspecialchars( $common_name ); ?></b></td></tr>
<tr class="odd"><td class="heading">First name:</td><td><b><?php echo htmlspecialchars( $first_name ); ?></b></td></tr>
<tr class="even"><td class="heading">Last name:</td><td><b><?php echo htmlspecialchars( $last_name ); ?></b></td></tr>
<tr class="odd"><td class="heading">Organization:</td><td><?php echo htmlspecialchars( $organization ); ?></td></tr>
<tr class="even"><td class="heading">City:</td><td><?php echo htmlspecialchars( $city ); ?></td></tr>
<tr class="odd"><td class="heading">Postal code:</td><td><?php echo htmlspecialchars( $postal_code ); ?></td></tr>
<tr class="even"><td class="heading">Street:</td><td><?php echo htmlspecialchars( $street ); ?></td></tr>
<tr class="odd"><td class="heading">Work phone:</td><td><?php echo htmlspecialchars( $telephone_number ); ?></td></tr>
<tr class="even"><td class="heading">Fax:</td><td><?php echo htmlspecialchars( $fax_number ); ?></td></tr>
<tr class="odd"><td class="heading">Mobile:</td><td><?php echo htmlspecialchars( $mobile_number ); ?></td></tr>
<tr class="even"><td class="heading">Email:</td><td><?php echo htmlspecialchars( $email_address ); ?></td></tr>
<tr class="odd"><td class="heading">Container:</td><td><?php echo htmlspecialchars( $container ); ?></td></tr>
</table>
<br /><input type="submit" value="Create Address" />
</center>
<?php } ?>

91
templates/creation/new_dns_entry.php Executable file
View File

@ -0,0 +1,91 @@
<?php
require 'config.php';
// Common to all templates
$container = stripslashes( $_POST['container'] );
$server_id = $_POST['server_id'];
// Unique to this template
$step = $_POST['step'];
if( ! $step )
$step = 1;
check_server_id( $server_id ) or die( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or die( "Not enough information to login to server. Please check your configuration." );
?>
<center><h2>New DNS Entry</h2></center>
<?php if( $step == 1 ) { ?>
<form action="creation_template.php" method="post" name="dns_form">
<input type="hidden" name="step" value="2" />
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="template" value="<?php echo $_POST['template']; ?>" />
<center>
<table class="confirm">
<tr>
<td></td>
<td class="heading"><acronym title="Domain Component">DC</acronym> Name:</td>
<td><input type="text" name="dc_name" value="" /> <small>(hint: don't include "dc=")</small></td>
</tr>
<tr>
<td></td>
<td class="heading">Associated Domain:</td>
<td><input type="text" name="associateddomain" value="" /></td>
<tr>
<tr>
<td></td>
<td class="heading">Container <acronym title="Distinguished Name">DN</acronym>:</td>
<td><input type="text" name="container" size="40" value="<?php echo htmlspecialchars( utf8_decode( $container ) ); ?>" />
<?php draw_chooser_link( 'dns_form.container' ); ?></td>
</td>
</tr>
<tr>
<td colspan="3"><center><br /><input type="submit" value="Proceed &gt;&gt;" /></td>
</tr>
</table>
</center>
<?php } elseif( $step == 2 ) {
$dc_name = trim( stripslashes( $_POST['dc_name'] ) );
$container = trim( stripslashes( $_POST['container'] ) );
$associateddomain = trim( stripslashes( $_POST['associateddomain'] ) );
dn_exists( $server_id, $container ) or
pla_error( "The container you specified (" . htmlspecialchars( $container ) . ") does not exist. " .
"Please go back and try again." );
?>
<form action="create.php" method="post">
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="new_dn" value="<?php echo htmlspecialchars( 'dc=' . $dc_name . ',' . $container ); ?>" />
<!-- ObjectClasses -->
<?php $object_classes = rawurlencode( serialize( array( 'top', 'dnsdomain', 'domainRelatedObject') ) ); ?>
<input type="hidden" name="object_classes" value="<?php echo $object_classes; ?>" />
<input type="hidden" name="attrs[]" value="associatedDomain" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($associateddomain);?>" />
<input type="hidden" name="attrs[]" value="objectClass" />
<input type="hidden" name="vals[]" value="top" />
<input type="hidden" name="attrs[]" value="domainComponent" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($dc_name);?>" />
<center>
Really create this new <acronym title="Domain Component">DC</acronym> entry?<br />
<br />
<table class="confirm">
<tr class="even"><td>Name</td><td><b><?php echo htmlspecialchars($dc_name); ?></b></td></tr>
<tr class="odd"><td>Domain</td><td><b><?php echo htmlspecialchars($associateddomain); ?></b></td></tr>
<tr class="even"><td>Container</td><td><b><?php echo htmlspecialchars( $container ); ?></b></td></tr>
</table>
<br /><input type="submit" value="Create Entry" />
</center>
<?php } ?>

128
templates/creation/new_nt_machine.php Normal file
View File

@ -0,0 +1,128 @@
<?php
require 'config.php';
// Common to all templates
$container = stripslashes( $_POST['container'] );
$server_id = $_POST['server_id'];
// Unique to this template
$step = $_POST['step'];
if( ! $step )
$step = 1;
// A little config for this template
$default_gid_number = 30000;
$default_acct_flags = '[W ]';
$default_cn = 'Root User';
$default_home_dir = '/dev/null';
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
?>
<center><h2>New Samba NT Machine</h2></center>
<?php if( $step == 1 ) { ?>
<form action="creation_template.php" method="post" name="machine_form">
<input type="hidden" name="step" value="2" />
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="template" value="<?php echo $_POST['template']; ?>" />
<center>
<table class="confirm">
<tr class="spacer"><td colspan="3"></td></tr>
<tr>
<td><img src="images/server.png" /></td>
<td class="heading">Machine Name:</td>
<td><input type="text" name="machine_name" value="" /> <small>(hint: don't include "$" at the end)</small></td>
</tr>
<tr>
<td></td>
<td class="heading">UID Number:</td>
<td><input type="text" name="uid_number" value="" /></td>
</tr>
<tr>
<td></td>
<td class="heading">Container:</td>
<td><input type="text" size="40" name="container" value="<?php echo htmlspecialchars( utf8_decode( $container ) ); ?>" />
<?php draw_chooser_link( 'machine_form.container' ); ?></td>
</td>
</tr>
<tr>
<td colspan="3"><center><br /><input type="submit" value="Proceed &gt;&gt;" />
<br /><br /><br /><br /><br /><br /></td>
</tr>
<tr class="spacer"><td colspan="3"></td></tr>
<tr>
<td colspan="3">
This will create a new NT machine with:<br />
<small>
<ul>
<li>gidNumber <b><?php echo htmlspecialchars( $default_gid_number ); ?></b></li>
<li>acctFlags <b><?php echo str_replace(' ', "&nbsp;", htmlspecialchars($default_acct_flags)); ?></b></li>
<li>cn <b><?php echo htmlspecialchars($default_cn); ?></b></li>
<li>in container <b><?php echo htmlspecialchars($container); ?></b></li>
</ul>
To change these values, edit the template file:
<code>templates/creation/new_nt_machine.php</code><br />
Note: You must have the samba schema installed on your LDAP server.
</small>
</td>
</tr>
</table>
</center>
<?php } elseif( $step == 2 ) {
$machine_name = trim( stripslashes( $_POST['machine_name'] ) );
$uid_number = trim( stripslashes( $_POST['uid_number'] ) );
dn_exists( $server_id, $container ) or
pla_error( "The container you specified (" . htmlspecialchars( $container ) . ") does not exist. " .
"Please go back and try again." );
?>
<form action="create.php" method="post">
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="new_dn" value="<?php echo htmlspecialchars( 'uid=' . $machine_name . '$,' . $container ); ?>" />
<!-- ObjectClasses -->
<?php $object_classes = rawurlencode( serialize( array( 'top', 'sambaAccount', 'posixAccount' ) ) ); ?>
<input type="hidden" name="object_classes" value="<?php echo $object_classes; ?>" />
<!-- The array of attributes/values -->
<input type="hidden" name="attrs[]" value="gidNumber" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($default_gid_number);?>" />
<input type="hidden" name="attrs[]" value="uidNumber" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($uid_number);?>" />
<input type="hidden" name="attrs[]" value="uid" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($machine_name . '$');?>" />
<input type="hidden" name="attrs[]" value="rid" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars( decoct($uid_number));?>" />
<input type="hidden" name="attrs[]" value="acctFlags" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($default_acct_flags);?>" />
<input type="hidden" name="attrs[]" value="cn" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($default_cn);?>" />
<input type="hidden" name="attrs[]" value="homeDirectory" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($default_home_dir);?>" />
<center>
Realy create this new Samba machine?<br />
<br />
<table class="confirm">
<tr class="even"><td>Name</td><td><b><?php echo htmlspecialchars($machine_name); ?></b></td></tr>
<tr class="odd"><td>UID</td><td><b><?php echo htmlspecialchars($uid_number); ?></b></td></tr>
<tr class="even"><td>Container</td><td><b><?php echo htmlspecialchars( $container ); ?></b></td></tr>
</table>
<br /><input type="submit" value="Create Machine" />
</center>
<?php } ?>

84
templates/creation/new_ou_template.php Normal file
View File

@ -0,0 +1,84 @@
<?php
require 'config.php';
// Common to all templates
$container = stripslashes( $_POST['container'] );
$server_id = $_POST['server_id'];
// Unique to this template
$step = $_POST['step'];
if( ! $step )
$step = 1;
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
?>
<center><h2>New Organizational Unit</h2></center>
<?php if( $step == 1 ) { ?>
<form action="creation_template.php" method="post" name="ou_form">
<input type="hidden" name="step" value="2" />
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="template" value="<?php echo $_POST['template']; ?>" />
<center>
<table class="confirm">
<tr>
<td></td>
<td class="heading"><acronym title="Organizational Unit">OU</acronym> Name:</td>
<td><input type="text" name="ou_name" value="" /> <small>(hint: don't include "ou=")</small></td>
</tr>
<tr>
<td></td>
<td class="heading">Container <acronym title="Distinguished Name">DN</acronym>:</td>
<td><input type="text" name="container" size="40" value="<?php echo htmlspecialchars( utf8_decode( $container ) ); ?>" />
<?php draw_chooser_link( 'ou_form.container' ); ?></td>
</td>
</tr>
<tr>
<td colspan="3"><center><br /><input type="submit" value="Proceed &gt;&gt;" /></td>
</tr>
</table>
</center>
<?php } elseif( $step == 2 ) {
$ou_name = trim( stripslashes( $_POST['ou_name'] ) );
$container = trim( stripslashes( $_POST['container'] ) );
dn_exists( $server_id, $container ) or
pla_error( "The container you specified (" . htmlspecialchars( $container ) . ") does not exist. " .
"Please go back and try again." );
?>
<form action="create.php" method="post">
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="new_dn" value="<?php echo htmlspecialchars( 'ou=' . $ou_name . ',' . $container ); ?>" />
<!-- ObjectClasses -->
<?php $object_classes = rawurlencode( serialize( array( 'top', 'organizationalUnit' ) ) ); ?>
<input type="hidden" name="object_classes" value="<?php echo $object_classes; ?>" />
<!-- The array of attributes/values -->
<input type="hidden" name="attrs[]" value="ou" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($ou_name);?>" />
<input type="hidden" name="attrs[]" value="cn" />
<center>
Really create this new <acronym title="Organizational Unit">OU</acronym>?<br />
<br />
<table class="confirm">
<tr class="even"><td>Name</td><td><b><?php echo htmlspecialchars($ou_name); ?></b></td></tr>
<tr class="odd"><td>Container</td><td><b><?php echo htmlspecialchars( $container ); ?></b></td></tr>
</table>
<br /><input type="submit" value="Create OU" />
</center>
<?php } ?>

242
templates/creation/new_user_template.php Normal file
View File

@ -0,0 +1,242 @@
<?php
require 'config.php';
// customize this to your needs
$default_container = "ou=People";
// Common to all templates
$container = stripslashes( $_POST['container'] );
$server_id = $_POST['server_id'];
// Unique to this template
$step = $_POST['step'];
if( ! $step )
$step = 1;
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
?>
<script language="javascript">
<!--
/*
* Pipulates the user name field based on the first letter
* of the firsr name concatenated with the last name
* all in lower case.
*/
function autoFillUserName( form )
{
var first_name;
var last_name;
var user_name;
first_name = form.first_name.value.toLowerCase();
last_name = form.last_name.value.toLowerCase();
if( last_name == '' ) {
return false;
}
user_name = first_name.substr( 0,1 ) + last_name;
form.user_name.value = user_name;
autoFillHomeDir( form );
}
/*
* Pipulates the home directory field based on the username provided
*/
function autoFillHomeDir( form )
{
var user_name;
var hime_dir;
user_name = form.user_name.value.toLowerCase();
home_dir = '/home/';
home_dir += user_name;
form.home_dir.value = home_dir;
}
-->
</script>
<center><h2>New User Account</h2></center>
<?php if( $step == 1 ) { ?>
<form action="creation_template.php" method="post" id="user_form" name="user_form">
<input type="hidden" name="step" value="2" />
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="template" value="<?php echo $_POST['template']; ?>" />
<center>
<table class="confirm">
<tr class="spacer"><td colspan="3"></tr>
<tr>
<td><img src="images/uid.png" /></td>
<td class="heading">First name:</td>
<td><input type="text" name="first_name" id="first_name" value="" onChange="autoFillUserName(this.form)" /></td>
</tr>
<tr>
<td></td>
<td class="heading">Last name:</td>
<td><input type="text" name="last_name" id="last_name" value="" onChange="autoFillUserName(this.form)" /></td>
</tr>
<tr>
<td></td>
<td class="heading">User name:</td>
<td><input type="text" name="user_name" id="user_name" value=""
onChange="autoFillHomeDir(this.form)" onExit="autoFillHomeDir(this.form)" /></td>
</tr>
<tr class="spacer"><td colspan="3"></tr>
<tr>
<td><img src="images/lock.png" /></td>
<td class="heading">Password:</td>
<td><input type="password" name="user_pass1" value="" /></td>
</tr>
<tr>
<td></td>
<td class="heading">Password:</td>
<td><input type="password" name="user_pass2" value="" /></td>
</tr>
<tr>
<td></td>
<td class="heading">Encryption:</td>
<td><select name="encryption">
<option>clear</option>
<option>md5</option>
<option>crypt</option>
<option>sha</option>
</select></td>
</tr>
<tr class="spacer"><td colspan="3"></tr>
<tr>
<td><img src="images/terminal.png" /></td>
<td class="heading">Login Shell:</td>
<!--<td><input type="text" name="login_shell" value="/bin/bash" /></td>-->
<td>
<select name="login_shell">
<option>/bin/bash</option>
<option>/bin/csh</option>
<option>/bin/ksh</option>
<option>/bin/tcsh</option>
<option>/bin/zsh</option>
<option>/bin/sh</option>
</select>
</td>
</tr>
<tr>
<td></td>
<td class="heading">Container:</td>
<td><input type="text" name="container" size="40"
value="<?php if( isset( $container ) )
echo htmlspecialchars( $container );
else
echo htmlspecialchars( $default_container . ',' . $servers[$server_id]['base'] ); ?>" />
<?php draw_chooser_link( 'user_form.container' ); ?></td>
</td>
</tr>
<tr>
<td></td>
<td class="heading">UID Number:</td>
<td><input type="text" name="uid_number" value="" /></td>
</tr>
<tr>
<td></td>
<td class="heading">Group:</td>
<td><select name="group">
<option value="1000">admins (1000)</option>
<option value="2000">users (2000)</option>
<option value="3000">staff (3000)</option>
<option value="5000">guest (5000)</option>
</select></td>
</tr>
<tr>
<td></td>
<td class="heading">Home Directory:</td>
<td><input type="text" name="home_dir" value="/home/" id="home_dir" /></td>
</tr>
<tr>
<td colspan="3"><center><br /><input type="submit" value="Proceed &gt;&gt;" /></td>
</tr>
</table>
</center>
<?php } elseif( $step == 2 ) {
$user_name = trim( stripslashes( $_POST['user_name'] ) );
$first_name = trim( stripslashes( $_POST['first_name'] ) );
$last_name = trim( stripslashes( $_POST['last_name'] ) );
$password1 = stripslashes( $_POST['user_pass1'] );
$password2 = stripslashes( $_POST['user_pass2'] );
$encryption = stripslashes( $_POST['encryption'] );
$login_shell = trim( stripslashes( $_POST['login_shell'] ) );
$uid_number = trim( stripslashes( $_POST['uid_number'] ) );
$gid_number = trim( stripslashes( $_POST['group'] ) );
$container = trim( stripslashes( $_POST['container'] ) );
$home_dir = trim( stripslashes( $_POST['home_dir'] ) );
/* Critical assertions */
$password1 == $password2 or
pla_error( "Your passwords don't match. Please go back and try again." );
0 != strlen( $uid_number ) or
pla_error( "You cannot leave the UID number blank. Please go back and try again." );
is_numeric( $uid_number ) or
pla_error( "You can only enter numeric values for the UID number field. Please go back and try again." );
dn_exists( $server_id, $container ) or
pla_error( "The container you specified (" . htmlspecialchars( $container ) . ") does not exist. " .
"Please go back and try again." );
$password = password_hash( $password1, $encryption );
?>
<center><h3>Confirm account creation:</h3></center>
<form action="create.php" method="post">
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="new_dn" value="<?php echo htmlspecialchars( 'uid=' . $user_name . ',' . $container ); ?>" />
<!-- ObjectClasses -->
<?php $object_classes = rawurlencode( serialize( array( 'top', 'person', 'posixAccount' ) ) ); ?>
<input type="hidden" name="object_classes" value="<?php echo $object_classes; ?>" />
<!-- The array of attributes/values -->
<input type="hidden" name="attrs[]" value="uid" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($user_name);?>" />
<input type="hidden" name="attrs[]" value="cn" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($first_name);?>" />
<input type="hidden" name="attrs[]" value="sn" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($last_name);?>" />
<input type="hidden" name="attrs[]" value="userPassword" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($password);?>" />
<input type="hidden" name="attrs[]" value="loginShell" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($login_shell);?>" />
<input type="hidden" name="attrs[]" value="uidNumber" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($uid_number);?>" />
<input type="hidden" name="attrs[]" value="gidNumber" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($gid_number);?>" />
<input type="hidden" name="attrs[]" value="homeDirectory" />
<input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($home_dir);?>" />
<center>
<table class="confirm">
<tr class="even"><td class="heading">User name:</td><td><b><?php echo htmlspecialchars( $user_name ); ?></b></td></tr>
<tr class="odd"><td class="heading">First name:</td><td><b><?php echo htmlspecialchars( $first_name ); ?></b></td></tr>
<tr class="even"><td class="heading">Last name:</td><td><b><?php echo htmlspecialchars( $last_name ); ?></b></td></tr>
<tr class="odd"><td class="heading">Password:</td><td>[secret]</td></tr>
<tr class="even"><td class="heading">Login Shell:</td><td><?php echo htmlspecialchars( $login_shell); ?></td></tr>
<tr class="odd"><td class="heading">UID Number:</td><td><?php echo htmlspecialchars( $uid_number ); ?></td></tr>
<tr class="even"><td class="heading">GID Number:</td><td><?php echo htmlspecialchars( $gid_number ); ?></td></tr>
<tr class="odd"><td class="heading">Container:</td><td><?php echo htmlspecialchars( $container ); ?></td></tr>
<tr class="even"><td class="heading">Home dir:</td><td><?php echo htmlspecialchars( $home_dir ); ?></td></tr>
</table>
<br /><input type="submit" value="Create Account" />
</center>
<?php } ?>

281
tree.php Normal file
View File

@ -0,0 +1,281 @@
<?php
/*
* tree.php
* This script displays the LDAP tree for all the servers that you have
* in config.php. We read the session variable 'tree' to know which
* dns are expanded or collapsed. No query string parameters are expected,
* however, you can use a '#' offset to scroll to a given dn. The syntax is
* tree.php#<server_id>_<rawurlencoded dn>, so if I wanted to scroll to
* dc=example,dc=com for server 3, the URL would be:
* tree.php#3_dc%3Dexample%2Cdc%3Dcom
*/
require 'config.php';
require_once 'functions.php';
// no expire header stuff
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
// The entire visible tree is stored in the session.
session_start();
// do we not have a tree yet? Build a new one.
if( ! session_is_registered( 'tree' ) ) {
session_register( 'tree' );
$_SESSION['tree'] = build_initial_tree();
session_register( 'tree_icons' );
$_SESSION['tree_icons'] = build_initial_tree_icons();
}
// grab the tree out of the session variable
$tree = $_SESSION['tree'];
$tree_icons = $_SESSION['tree_icons'];
?>
<?php include 'header.php'; ?>
<body>
<?php
$group_id = "61828";
$bug_atid = "498546";
$rfe_atid = "498549";
$bug_href = "http://sourceforge.net/tracker/?func=add&amp;group_id=$group_id&amp;atid=$bug_atid";
$open_bugs_href = "http://sourceforge.net/tracker/?group_id=$group_id&amp;atid=$bug_atid";
$feature_href = "http://sourceforge.net/tracker/?func=add&amp;group_id=$group_id&amp;atid=$rfe_atid";
$open_features_href = "http://sourceforge.net/tracker/?atid=$rfe_atid&group_id=$group_id&amp;func=browse";
?>
<h3 class="subtitle" style="margin:0px">phpLDAPAdmin - <?php echo pla_version(); ?></h3>
<table class="edit_dn_menu">
<tr>
<td><img src="images/light.png" /></td>
<td><a href="<?php echo $feature_href; ?>" target="new">Request a new feature</a>
(<a href="<?php echo $open_features_href; ?>" target="new">see open requests</a>)</td>
</tr>
<tr>
<td><img src="images/bug.png" /></td>
<td><a href="<?php echo $bug_href; ?>" target="new">Report a bug</a>
(<a href="<?php echo $open_bugs_href; ?>" target="new">see open bugs</a>)</td>
</tr>
</table>
<br />
<table class="tree" cellspacing="0">
<?php
foreach( $servers as $server_id => $server_tree ) {
if( $servers[$server_id]['host'] != '' ) {
$server_name = $servers[$server_id]['name'];
echo '<tr class="server">';
echo '<td class="icon"><img src="images/server.png" alt="server"/></td>';
echo '<td colspan="99"><b><a name="' . $id . '">' . htmlspecialchars( $server_name ) . '</a></b><br />';
// do we have what it takes to authenticate here, or do we need to
// present the user with a login link (for 'form' auth_types)?
if( have_auth_info( $server_id ) )
{
$schema_href = 'schema.php?server_id=' . $server_id . '" target="right_frame';
$search_href= 'search.php?server_id=' . $server_id . '" target="right_frame';
$refresh_href = 'refresh.php?server_id=' . $server_id;
$create_href = 'create_form.php?server_id=' . $server_id . '&amp;container=' .
rawurlencode( $servers[$server_id]['base'] );
$logout_href = 'logout.php?server_id=' . $server_id;
$info_href = 'server_info.php?server_id=' . $server_id;
if( $servers[$server_id]['auth_type'] == 'form' && have_auth_info( $server_id ) )
echo "<small><nobr>Logged in as: " . htmlspecialchars(get_logged_in_dn($server_id)) . "</small></nobr><br />";
// Draw the quick-links below the server name:
// ( schema | search | refresh | create )
echo '<small>(';
echo '<a title="View schema for ' . $server_name . '"'.
' href="' . $schema_href . '">schema</a> | ';
echo '<a title="Search ' . $server_name . ' for entries"'.
' href="' . $search_href . '">search</a> | ';
echo '<a title="Re-query ' . $server_name . ' to refresh all expanded containers"'.
' href="' . $refresh_href . '">refresh</a> | ';
echo '<a title="Create a new entry on ' . $server_name . '"'.
' href="' . $create_href . '" target="right_frame">create</a> | ';
echo '<a title="View server-supplied information" target="right_frame"'.
'href="' . $info_href . '">info</a>';
if( $servers[ $server_id ][ 'auth_type' ] == 'form' )
echo ' | <a title="Logout of this server" href="' . $logout_href . '" target="right_frame">logout</a>';
echo ')</small></td></tr>';
$rdn = utf8_decode( $dn );
if( null == $servers[ $server_id ]['base'] ) {
$base_dn = try_to_get_root_dn( $server_id );
} else {
$base_dn = $servers[ $server_id ]['base'];
}
// Did we get a base_dn for this server somehow?
if( $base_dn ) {
// is the root of the tree expanded already?
if( isset( $tree[$server_id][$base_dn] ) ) {
$expand_href = "collapse.php?server_id=$server_id&amp;" .
"dn=" . rawurlencode( $base_dn );
$expand_img = "images/minus.png";
} else {
$expand_href = "expand.php?server_id=$server_id&amp;" .
"dn=" . rawurlencode( $base_dn );
$expand_img = "images/plus.png";
}
$edit_href = "edit.php?server_id=$server_id&amp;dn=" . rawurlencode( $base_dn );
$icon = get_icon( $server_id, $base_dn );
echo "<tr><td class=\"spacer\"></td>\n";
echo "<td class=\"expander\"><a href=\"$expand_href\"><img src=\"$expand_img\" /></td>";
echo "<td class=\"icon\"><a href=\"$edit_href\" target=\"right_frame\"><img src=\"images/$icon\" /></a></td>\n";
echo "<td class=\"rdn\" colspan=\"99\"><nobr><a href=\"$edit_href\" " .
"target=\"right_frame\">$base_dn</nobr></td>\n";
echo "</tr>\n";
} else {
if( "" === $base_dn || null === $base_dn ) {
// The server refuses to give out the base dn
echo "<tr><td class=\"spacer\"></td><td colspan=\"99\"><small>Could not determine ";
echo "the root of your LDAP tree.<br />It appears that the LDAP server has ";
echo "been <b>configured to not give it out</b>. Please specify it in config.php";
echo "</small></td></tr>";
// Proceed to the next server. We cannot draw anything else for this server.
continue;
} else {
// For some unknown reason, we couldn't determine the base dn
echo "<tr><td class=\"spacer\"></td><td colspan=\"99\"><small>Could not determine ";
echo "the root of your LDAP tree.<br />Please specify it in config.php";
echo "</small></td></tr>";
// Proceed to the next server. We cannot draw anything else for this server.
continue;
}
}
flush();
// Is the root of the tree expanded already?
if( isset( $tree[$server_id][$base_dn] ) ) {
foreach( $tree[ $server_id ][ $base_dn ] as $child_dn )
draw_tree_html( $child_dn, $server_id, 1 );
echo '<td class="spacer"></td>';
echo '<td class="spacer"></td>';
echo '<td class="icon"><a href="' . $create_href .
'" target="right_frame"><img src="images/star.png" /></a></td>';
echo '<td class="create" colspan="99"><a href="' . $create_href .
'" target="right_frame" title="Create a new object in '. $base_dn.'">Create New</a></td></tr>';
}
}
else // have_auth_info() returned false.
{
// We don't have enough information to login to this server
$login_href = "login_form.php?server_id=$server_id";
echo '&nbsp;&nbsp;&nbsp;<a href="' . $login_href . '" target="right_frame">';
echo '<img src="images/uid.png" align="top" alt="login"/></a> ';
echo '<a href="' . $login_href . '" target="right_frame">login...</a>';
echo '</td></tr>';
}
}
}
?>
</table>
</body>
</html>
<?php
exit;
/**
* Recursively descend on the given dn and draw the tree in html
*/
function draw_tree_html( $dn, $server_id, $level=0 )
{
global $servers, $tree, $tree_icons;
$id = $server_id;
$encoded_dn = rawurlencode( $dn );
$expand_href = "expand.php?server_id=$id&amp;dn=$encoded_dn";
$collapse_href = "collapse.php?server_id=$id&amp;dn=$encoded_dn";
$edit_href = "edit.php?server_id=$id&amp;dn=$encoded_dn";
// should never happen, but just in case
if( ! isset( $tree_icons[ $server_id ][ $dn ] ) )
$tree_icons[ $server_id ][ $dn ] = get_icon( $server_id, $dn );
$img_src = 'images/' . $tree_icons[ $server_id ][ $dn ];
$rdn = ldap_explode_dn( $dn, 0 );
$rdn = utf8_decode( $rdn[0] );
echo '<tr>';
for( $i=0; $i<=$level; $i++ ) {
echo '<td class="spacer"></td>';
}
// is this node expanded?
if( isset( $tree[$server_id][$dn] ) ) { ?>
<td class="expander">
<nobr>
<a href="<?php echo $collapse_href; ?>"><img src="images/minus.png" alt="plus" /></a>
</nobr>
</td>
<?php $object_count = ' <span class="count">(' . count( $tree[$server_id][$dn] ) . ')</span>'; ?>
<?php } else { ?>
<td class="expander">
<nobr>
<a href="<?php echo $expand_href; ?>"><img src="images/plus.png" alt="minus" /></a>
</nobr>
</td>
<?php $object_count = ''; ?>
<?php } ?>
<td class="icon">
<a href="<?php echo $edit_href; ?>"
target="right_frame"
name="<?php echo $server_id; ?>_<?php echo $encoded_dn; ?>"><img src="<?php echo $img_src; ?>" /></a>
</td>
<td class="rdn" colspan="99">
<nobr>
<a href="<?php echo $edit_href; ?>"
target="right_frame"><?php echo htmlspecialchars($rdn); ?></a>
<?php echo $object_count; ?>
</nobr>
</td>
</tr>
<?php
if( isset( $tree[$server_id][$dn] ) && is_array( $tree[$server_id][$dn] ) ) {
foreach( $tree[$server_id][$dn] as $dn ) {
draw_tree_html( $dn, $server_id, $level+1 );
}
// print the "Create New object" link.
$create_href = "create_form.php?server_id=$server_id&amp;container=$encoded_dn";
echo '<tr>';
for( $i=0; $i<=$level; $i++ ) {
echo '<td class="spacer"></td>';
}
echo '<td class="spacer"></td>';
echo '<td class="icon"><a href="' . $create_href .
'" target="right_frame"><img src="images/star.png" /></a></td>';
echo '<td class="create" colspan="99"><a href="' . $create_href .
'" target="right_frame" title="Create a new object in '. $rdn.'">Create New</a></td></tr>';
}
echo '</tr>';
}
?>

49
update.php Normal file
View File

@ -0,0 +1,49 @@
<?php
/*
* update.php
* Updates or deletes a value from a specified
* attribute for a specified dn.
* Variables that come in on the query string:
* - dn (rawurlencoded)
* - server_id
* - update_array (an array in the form expected by PHP's ldap_modify)
* (will never be empty: update_confirm.php ensures that)
* On success, redirect to edit.php
* On failure, echo an error.
*/
require 'config.php';
require_once 'functions.php';
$server_id = $_POST['server_id'];
$dn = stripslashes( rawurldecode( $_POST['dn'] ) );
$encoded_dn = rawurlencode( $dn );
$update_array = $_POST['update_array'];
//echo "<pre>"; print_r( $update_array ); echo "</pre>";
check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );
have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );
is_array( $update_array ) or pla_error( "update_array is malformed. This might be a phpLDAPAdmin bug. Please report it." );
foreach( $update_array as $attr => $val )
if( ! is_array( $val ) )
if( $val == '' )
$update_array[ $attr ] = array();
$ds = pla_ldap_connect( $server_id );
$res = @ldap_modify( $ds, $dn, $update_array );
if( $res )
{
$redirect_url = "edit.php?server_id=$server_id&dn=$encoded_dn";
foreach( $update_array as $attr => $junk )
$redirect_url .= "&modified_attrs[]=$attr";
header( "Location: $redirect_url" );
}
else
{
pla_error( "Could not perform ldap_modify operation.", ldap_error( $ds ), ldap_errno( $ds ) );
}
?>

143
update_confirm.php Normal file
View File

@ -0,0 +1,143 @@
<?php
/*
* udpate_confirm.php
* Takes the results of clicking "Save" in edit.php and determines which
* attributes need to be updated (ie, which ones actually changed). Then,
* we present a confirmation table to the user outlining the changes they
* are about to make. That form submits directly to update.php, which
* makes the change.
*
*/
include 'config.php';
include 'functions.php';
include 'header.php';
$server_id = $_POST['server_id'];
$encoded_dn = $_POST['dn'];
$dn = rawurldecode( $encoded_dn );
$rdn = get_rdn( $dn );
$old_values = $_POST['old_values'];
$new_values = $_POST['new_values'];
$update_array = array();
?>
<body>
<h3 class="title"><?php echo htmlspecialchars( utf8_decode( $rdn ) ); ?></h3>
<h3 class="subtitle">Server: <b><?php echo $server_name; ?></b> &nbsp;&nbsp;&nbsp; Distinguished Name: <b><?php echo htmlspecialchars( utf8_decode( $dn ) ); ?></b></h3>
<?php
foreach( $new_values as $attr => $new_val )
{
// did the user change the field?
if( $new_val != $old_values[ $attr ] ) {
// special case for userPassword attributes
if( 0 == strcasecmp( $attr, 'userPassword' ) )
{
$enc_type = $_POST['enc_type'];
$new_val = password_hash( $new_val, $enc_type );
}
$update_array[ $attr ] = $new_val;
}
}
//echo "<pre>"; print_r( $update_array ); echo "</pre>";
?>
<?php if( count( $update_array ) > 0 ) { ?>
<br />
<center>
Do you want to make these changes?
<br />
<br />
<table class="confirm">
<tr><th>Attribute</th><th>Old Value</th><th>New Value</th></tr>
<?php $counter=0; foreach( $update_array as $attr => $new_val ) { $counter++ ?>
<tr class="<?php echo $counter%2 ? 'even' : 'odd'; ?>">
<td><b><?php echo htmlspecialchars( $attr ); ?></b></td>
<td><nobr>
<?php
if( is_array( $old_values[ $attr ] ) )
foreach( $old_values[ $attr ] as $v )
echo htmlspecialchars( $v ) . "<br />";
else
echo htmlspecialchars( $old_values[ $attr ] ) . "<br />";
echo "</nobr></td><td><nobr>";
if( is_array( $new_val ) )
foreach( $new_val as $i => $v )
if( $v == '' ) {
// remove it from the update array if it's empty
unset( $update_array[ $attr ][ $i ] );
$update_array[ $attr ] = array_values( $update_array[ $attr ] );
} else
echo htmlspecialchars( $v ) . "<br />";
else
if( $new_val != '' )
echo htmlspecialchars( $new_val ) . "<br />";
echo "</nobr></td></tr>\n\n";
}
?>
</table>
<br />
<table>
<tr>
<td>
<!-- Commit button and acompanying form -->
<form action="update.php" method="post">
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="dn" value="<?php echo $encoded_dn; ?>" />
<?php foreach( $update_array as $attr => $val ) { ?>
<?php if( is_array( $val ) ) { ?>
<?php foreach( $val as $i => $v ) { ?>
<input type="hidden"
name="update_array[<?php echo htmlspecialchars( utf8_encode( $attr ) ); ?>][<?php echo $i; ?>]"
value="<?php echo htmlspecialchars( utf8_encode( $v ) ); ?>" />
<?php } ?>
<?php } else { ?>
<input type="hidden"
name="update_array[<?php echo htmlspecialchars( utf8_encode( $attr ) ); ?>]"
value="<?php echo htmlspecialchars( utf8_encode( $val ) ); ?>" />
<?php } ?>
<?php } ?>
<input type="submit" value="Commit" class="happy" />
</form>
</td>
<td>
<!-- Cancel button -->
<form action="edit.php" method="get">
<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />
<input type="hidden" name="dn" value="<?php echo $encoded_dn; ?>" />
<input type="submit" value="Cancel" class="scary" />
</form>
</td>
</tr>
</table>
</center>
</body>
<?php
} else { ?>
<center>
You made no changes.
<a href="edit.php?server_id=<?php echo $server_id; ?>&amp;dn=<?php echo $encoded_dn; ?>">Go back</a>.
</center>
<?php } ?>
</form>

28
view_jpeg_photo.php Normal file
View File

@ -0,0 +1,28 @@
<?php
require 'config.php';
$file = $_GET['file'];
// Security check (we don't want anyone tryting to get at /etc/passwd or something)
preg_match( "/^djp/", $file ) or
pla_error( "Unsafe file name: " . htmlspecialchars( $file ) );
$file = $jpeg_temp_dir . '/' . $file;
file_exists( $file ) or
pla_error( "No such file: " . htmlspecialchars( $file ) );
// little security measure here (prevents users from accessing
// files, like /etc/passwd for example)
$file = basename( $file );
$file = addcslashes( $file, '/\\' );
$f = fopen( "$jpeg_temp_dir/$file", 'r' );
$jpeg = fread( $f, filesize( "$jpeg_temp_dir/$file" ) );
fclose( $f );
Header( "Content-type: image/jpeg" );
Header( "Content-disposition: inline; filename=jpeg_photo.jpg" );
echo $jpeg;
?>