www/dbq/dbq.php

diff --git a/www/dbq/dbq.php b/www/dbq/dbq.php
index 8dbf539ef2975bfb99768afa1a42266d5a6f361c..57a350684128e4e89ca58f507ab7cfa4be86f191 100644 (file)
--- a/www/dbq/dbq.php
+++ b/www/dbq/dbq.php
@@ -172,26 +172,25 @@ class DbQ extends nb {
        public function page_ldap() {
                $this->deniedUnless($this->perm >= self::READ);
 
-               require_once(NB_ROOT.'/lib/php/ldap.php');
-               #debug($GLOBALS['DBQ_LDAP']);
+               require_once(NB_ROOT.'/lib/php/ldap.php'); #debug($GLOBALS['DBQ_LDAP']);
                $ldap = new Ldap($GLOBALS['DBQ_LDAP']);
 
                if ($this->params['table'] == 'add') {
-                       #debug($this->params);
+                       $this->deniedUnless($this->perm >= self::WRITE);
                        $rows = (int)$ldap->add($this->params['action'],$_POST);
-                       #bye($_POST);
                        $this->page($rows);
 
                } elseif ($this->params['table'] == 'update') {
+                       $this->deniedUnless($this->perm >= self::WRITE);
                        $rows = (int)$ldap->update($this->params['action'],$_POST);
                        $this->page($rows);
 
                } elseif ($this->params['table'] == 'rm') {
+                       $this->deniedUnless($this->perm >= self::DELETE);
                        $rows = (int)$ldap->delete($this->params['action'],$_POST);
                        $this->page($rows);
 
-               } else {
-
+               } else { // Search
                        $filter = ($this->params['table'] ? $this->params['table'] : '');
                        $attrs = ($this->params['action'] ? explode(',',$this->params['action']) : []);