From 1c283cbcb555ac96e96443ba59a4530107b8349a Mon Sep 17 00:00:00 2001 From: Nicolas Boisselier Date: Sun, 28 Jan 2018 03:30:24 +0000 Subject: [PATCH] www/dbq/dbq.php --- etc/dbq/ldap.php | 2 +- lib/php/ldap.php | 8 ++++---- www/dbq/dbq.php | 18 +++++++++--------- 3 files changed, 14 insertions(+), 14 deletions(-) diff --git a/etc/dbq/ldap.php b/etc/dbq/ldap.php index d57ae0eb..1729cf07 100644 --- a/etc/dbq/ldap.php +++ b/etc/dbq/ldap.php @@ -22,9 +22,9 @@ foreach (array_unique(glob('~/.ldap.conf')+glob('/etc/ldap/ldap.conf')) as $f) { break; } +#if (!empty($_SERVER['DBQ_LDAP_BASE'])) $base = $_SERVER['DBQ_LDAP_BASE']; $suff = empty($_SERVER['DBQ_LDAP_USER_SUFF']) ? '' : $_SERVER['DBQ_LDAP_USER_SUFF']; #debug($_SERVER); -#$base = $suff . $base; $GLOBALS['DBQ_LDAP'] = [ 'user' => 'cn=' . $user . ',' . $suff . $base, 'password' => $password, diff --git a/lib/php/ldap.php b/lib/php/ldap.php index 91997970..16e03c67 100644 --- a/lib/php/ldap.php +++ b/lib/php/ldap.php @@ -146,7 +146,7 @@ class Ldap { ldap_set_option($this->conn, LDAP_OPT_REFERRALS, 0); #debug($this); - if (!@ldap_bind($this->conn, $this->user, $this->password)) self::bye("Could not bind to LDAP server"); + if (!@ldap_bind($this->conn, $this->user, $this->password)) self::bye("Could not authenticate to LDAP server"); return $this->conn; } @@ -160,7 +160,6 @@ class Ldap { if (!isset($o['dn'])) $o['dn'] = true; if (!isset($o['base'])) $o['base'] = null; -# NB 25.01.18 if (!isset($o['filter'])) $o['filter'] = null; if (!isset($o['filter'])) $o = array_merge($o,[ 'filter' => 'objectClass=*', 'attrs' => ['dn','objectClass'], 'dn' => true ]); if (!isset($o['attrs'])) $o['attrs'] = []; if (!is_array($o['attrs'])) $o['attrs'] = [$o['attrs']]; @@ -198,11 +197,12 @@ class Ldap { public function add($dn,$data) { $conn = $this->conn(); - return ldap_add($conn, $dn, $data); + return ldap_add($conn, $dn . ',' . $this->base, $data); } public function update($dn,$data) { - return ldap_mod_add($this->conn(), $dn, $data); +# NB 28.01.18 return ldap_mod_add($this->conn(), $dn . ',' . $this->base, $data); + return ldap_mod_replace($this->conn(), $dn . ',' . $this->base, $data); } public function delete($dn) { diff --git a/www/dbq/dbq.php b/www/dbq/dbq.php index 1b521b09..4a7252bc 100644 --- a/www/dbq/dbq.php +++ b/www/dbq/dbq.php @@ -169,8 +169,9 @@ class DbQ extends nb { } - public function page_ldap() { + public function ldap() { $this->deniedUnless($this->perm >= self::READ); + #$this->deniedUnless($this->perm >= self::ADMIN); require_once(NB_ROOT.'/lib/php/ldap.php'); #debug($GLOBALS['DBQ_LDAP']); @@ -179,17 +180,14 @@ class DbQ extends nb { if ($this->params['table'] == 'add') { $this->deniedUnless($this->perm >= self::WRITE); $rows = (int)$ldap->add($this->params['action'],$_POST); - $this->page($rows); } elseif ($this->params['table'] == 'update') { $this->deniedUnless($this->perm >= self::WRITE); $rows = (int)$ldap->update($this->params['action'],$_POST); - $this->page($rows); } elseif ($this->params['table'] == 'rm') { $this->deniedUnless($this->perm >= self::DELETE); $rows = (int)$ldap->delete($this->params['action'],$_POST); - $this->page($rows); } else { // Search $filter = ($this->params['table'] ? $this->params['table'] : ''); @@ -206,7 +204,10 @@ class DbQ extends nb { ]; if (!$search['filter']) { - if (preg_match('/^([^,]+),(.*?)$/',$GLOBALS['DBQ_LDAP']['user'],$m)) { + if (1 + and !empty($GLOBALS['DBQ_LDAP']['user']) + and preg_match('/^([^,]+),(.*?)$/',$GLOBALS['DBQ_LDAP']['user'],$m) + ) { $search['filter'] = $m[1]; $search['base'] = $m[2]; } else { @@ -223,9 +224,9 @@ class DbQ extends nb { or ($this->params['format'] == 'csv') ) $rows = $this->array_fill_assoc($rows); - $this->page($rows); } + return $rows; } public function page_table_ls($args=null) { @@ -313,8 +314,8 @@ class DbQ extends nb { } -# NB 18.12.17 if (!empty($rows)) #if (empty($rows)) bye($rows); +# NB 18.12.17 if (!empty($rows)) $this->db->out($rows,$head,$conf); if (empty($this->_nopage)) { @@ -1127,8 +1128,7 @@ EOF; $this->page($types); } elseif ($action == 'ldap') { - $this->deniedUnless($this->perm >= self::ADMIN); - $this->page_ldap(); + $this->page($this->ldap()); } elseif ($action == 'phpinfo') { $this->deniedUnless($this->perm >= self::ADMIN); -- 2.47.3