From: Nicolas Boisselier <nicolas.boisselier@gmail.com>
Date: Wed, 13 Dec 2017 02:33:24 +0000 (+0000)
Subject: www/dbq/dbq.php
X-Git-Url: https://git.nbdom.net/?a=commitdiff_plain;h=4614e70b4dc7d3a9223ceaf348f63a417360fc75;p=nb.git

www/dbq/dbq.php
---

diff --git a/lib/php/nb.php b/lib/php/nb.php
index ca31a60d..127d65c4 100644
--- a/lib/php/nb.php
+++ b/lib/php/nb.php
@@ -1082,10 +1082,10 @@ class NB {
 
 		if (!isset($o['bind_dn'])) $o['bind_dn'] = 'cn=' . $o['user'] . $o['bind_dn_preff'] . $o['base_dn'];
 
-		if (!isset($o['filter'])) $o['filter'] = "(cn=".$o['user'].")";
-		if (!isset($o['attrs'])) $o['attrs'] = [];
+		if (empty($o['filter'])) $o['filter'] = "(cn=".$o['user'].")";
+		if (empty($o['attrs'])) $o['attrs'] = [];
 
-		#return $o;
+		#return [$o];
 
 		$connect = ldap_connect($o['host']) or exit(">>Could not connect to LDAP server<<");
 		ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
diff --git a/www/dbq/dbq.php b/www/dbq/dbq.php
index 3806ece7..16abac39 100644
--- a/www/dbq/dbq.php
+++ b/www/dbq/dbq.php
@@ -7,10 +7,12 @@ require_once(NB_ROOT.'/lib/php/http.php');
 require_once(NB_ROOT.'/lib/php/mime.php');
 
 function dbqErrHandle($errNo, $errStr, $errFile, $errLine) {
-		$msg = "$errStr in $errFile on line $errLine";
+		$msg = "$errStr in $errFile on line $errLine\n";
 		if ($errNo == E_NOTICE || $errNo == E_WARNING) {
 				header("HTTP/1.0 500 Internal Server Error");
-				throw new ErrorException($msg, $errNo);
+# NB 13.12.17 				Revel args from function which could be passwords !!!
+# NB 13.12.17 				throw new ErrorException($msg, $errNo);
+				nb::bye("$errNo: $msg");
 		} else {
 				echo $msg;
 		}
@@ -48,7 +50,8 @@ class DbQ extends nb {
 	public $uri;
 	public $uri_params;
 	private $param_args_sep = ' ';
-	private $param_exp_value = '[\w\._:-]{2,100}';
+# NB 13.12.17 	private $param_exp_value = '[\w\._:-]{2,100}';
+	private $param_exp_value = '[^/]{2,100}';
 
 	public $params = [
 		'format' => '',
@@ -995,10 +998,15 @@ EOF;
 		// NOW ONLY FOR ADMIN !
 		} elseif ($this->perm < self::ADMIN) {
 
-		} elseif ($action == 'ldap_search') {
-			$this->page($this->ldap_search([
-				'bind_dn_preff'=>'ou=auth',
-			]));
+		} elseif ($action == 'ldap') {
+			#debug($this->params);
+			$rows = $this->ldap_search([
+				'bind_dn_preff' => 'ou=auth',
+				'filter' => ($this->params['table'] ? $this->params['table'] : ''),
+				'attrs' => ($this->params['action'] ? explode(',',$this->params['action']) : []),
+			]);
+			if ($this->is_html) $rows = $this->array_fill_assoc($rows);
+			$this->page($rows);
 
 		} elseif ($action == 'phpinfo') {
 			$this->rows_table($action,$this->phpinfo_rows());