www/dbq/dbq.php

diff --git a/etc/dbq/ldap.php b/etc/dbq/ldap.php
index d57ae0eb07dbbbd63cb192fef50384457e7c076f..1729cf0790e03214ecaeb3bd96c9e0834efb0454 100644 (file)
--- a/etc/dbq/ldap.php
+++ b/etc/dbq/ldap.php
@@ -22,9 +22,9 @@ foreach (array_unique(glob('~/.ldap.conf')+glob('/etc/ldap/ldap.conf')) as $f) {
        break;
 }
 
+#if (!empty($_SERVER['DBQ_LDAP_BASE'])) $base = $_SERVER['DBQ_LDAP_BASE'];
 $suff = empty($_SERVER['DBQ_LDAP_USER_SUFF']) ? '' : $_SERVER['DBQ_LDAP_USER_SUFF'];
 #debug($_SERVER);
-#$base = $suff . $base;
 $GLOBALS['DBQ_LDAP'] = [
        'user' => 'cn=' . $user . ',' . $suff . $base,
        'password' => $password,

diff --git a/lib/php/ldap.php b/lib/php/ldap.php
index 919979700e91d287e27d30150a3b03826001a597..16e03c6795243f7b350c72054f9eca23b131a2af 100644 (file)
--- a/lib/php/ldap.php
+++ b/lib/php/ldap.php
@@ -146,7 +146,7 @@ class Ldap {
                ldap_set_option($this->conn, LDAP_OPT_REFERRALS, 0);
 
 #debug($this);
-               if (!@ldap_bind($this->conn, $this->user, $this->password)) self::bye("Could not bind to LDAP server");
+               if (!@ldap_bind($this->conn, $this->user, $this->password)) self::bye("Could not authenticate to LDAP server");
                return $this->conn;
        }
 
@@ -160,7 +160,6 @@ class Ldap {
 
                if (!isset($o['dn'])) $o['dn'] = true;
                if (!isset($o['base'])) $o['base'] = null;
-# NB 25.01.18          if (!isset($o['filter'])) $o['filter'] = null;
                if (!isset($o['filter'])) $o = array_merge($o,[ 'filter' => 'objectClass=*', 'attrs' => ['dn','objectClass'], 'dn' => true ]);
                if (!isset($o['attrs'])) $o['attrs'] = [];
                if (!is_array($o['attrs'])) $o['attrs'] = [$o['attrs']];
@@ -198,11 +197,12 @@ class Ldap {
 
        public function add($dn,$data) {
                $conn = $this->conn();
-               return ldap_add($conn, $dn, $data);
+               return ldap_add($conn, $dn . ',' . $this->base, $data);
        }
 
        public function update($dn,$data) {
-               return ldap_mod_add($this->conn(), $dn, $data);
+# NB 28.01.18          return ldap_mod_add($this->conn(), $dn . ',' . $this->base, $data);
+               return ldap_mod_replace($this->conn(), $dn . ',' . $this->base, $data);
        }
 
        public function delete($dn) {

diff --git a/www/dbq/dbq.php b/www/dbq/dbq.php
index 1b521b095df52082be9c8e99b297461c6221eacb..4a7252bcc07574e9b658ece9cb25a4af0e103bd8 100644 (file)
--- a/www/dbq/dbq.php
+++ b/www/dbq/dbq.php
@@ -169,8 +169,9 @@ class DbQ extends nb {
 
        }
 
-       public function page_ldap() {
+       public function ldap() {
                $this->deniedUnless($this->perm >= self::READ);
+               #$this->deniedUnless($this->perm >= self::ADMIN);
 
                require_once(NB_ROOT.'/lib/php/ldap.php');
                #debug($GLOBALS['DBQ_LDAP']);
@@ -179,17 +180,14 @@ class DbQ extends nb {
                if ($this->params['table'] == 'add') {
                        $this->deniedUnless($this->perm >= self::WRITE);
                        $rows = (int)$ldap->add($this->params['action'],$_POST);
-                       $this->page($rows);
 
                } elseif ($this->params['table'] == 'update') {
                        $this->deniedUnless($this->perm >= self::WRITE);
                        $rows = (int)$ldap->update($this->params['action'],$_POST);
-                       $this->page($rows);
 
                } elseif ($this->params['table'] == 'rm') {
                        $this->deniedUnless($this->perm >= self::DELETE);
                        $rows = (int)$ldap->delete($this->params['action'],$_POST);
-                       $this->page($rows);
 
                } else { // Search
                        $filter = ($this->params['table'] ? $this->params['table'] : '');
@@ -206,7 +204,10 @@ class DbQ extends nb {
                        ];
 
                        if (!$search['filter']) {
-                               if (preg_match('/^([^,]+),(.*?)$/',$GLOBALS['DBQ_LDAP']['user'],$m)) {
+                               if (1
+                                       and !empty($GLOBALS['DBQ_LDAP']['user'])
+                                       and preg_match('/^([^,]+),(.*?)$/',$GLOBALS['DBQ_LDAP']['user'],$m)
+                               ) {
                                        $search['filter'] = $m[1];
                                        $search['base'] = $m[2];
                                } else {
@@ -223,9 +224,9 @@ class DbQ extends nb {
                                        or ($this->params['format'] == 'csv')
                        ) $rows = $this->array_fill_assoc($rows);
 
-                       $this->page($rows);
                }
 
+               return $rows;
        }
 
        public function page_table_ls($args=null) {
@@ -313,8 +314,8 @@ class DbQ extends nb {
 
                }
 
-# NB 18.12.17          if (!empty($rows))
 #if (empty($rows)) bye($rows);
+# NB 18.12.17          if (!empty($rows))
                $this->db->out($rows,$head,$conf);
 
                if (empty($this->_nopage)) {
@@ -1127,8 +1128,7 @@ EOF;
                        $this->page($types);
 
                } elseif ($action == 'ldap') {
-                       $this->deniedUnless($this->perm >= self::ADMIN);
-                       $this->page_ldap();
+                       $this->page($this->ldap());
 
                } elseif ($action == 'phpinfo') {
                        $this->deniedUnless($this->perm >= self::ADMIN);