Fixed magic_quotes_gpc escaping in faiTemplate faiTemplateEntry faiScript faiScriptEntry

[gosa.git] / plugins / admin / fai / class_faiTemplateEntry.inc

<?php

class faiTemplateEntry extends plugin
{
  /* CLI vars */
  var $cli_summary= "Manage server basic objects";
  var $cli_description= "Some longer text\nfor help";
  var $cli_parameters= array("eins" => "Eins ist toll", "zwei" => "Zwei ist noch besser");

  /* attribute list for save action */
  var $ignore_account= TRUE;
  var $attributes   = array("Object_cn","Object_description","Object_FAItemplateFile","Object_FAItemplatePath");
  var $objectclasses= array();

  var $orig_cn              = "";

  var $Object_dn            = "";
  var $Object_cn            = "";
  var $Object_FAItemplateFile   = "";
  var $Object_FAItemplatePath   = "";
  var $Object_description   = "";
  var $Object_status        = "new";
  
  function faiTemplateEntry ($config, $dn= NULL,$object=false)
  {
    plugin::plugin ($config, $dn);
    if($dn != "new"){
      $this->orig_cn= $object['cn'];
      $this->dn=$object['dn'];
      foreach($object as $name=>$value){
        $oname = "Object_".$name;
        $this->$oname=$value;
      }
    }else{
      $this->Object_status = "new";
      $this->orig_cn       = false;
    }
  }

  function execute()
  {
    /* Fill templating stuff */
    $smarty     = get_smarty();
    $display = "";

    if(isset($_POST['TmpFileUpload'])){
      if($str=file_get_contents($_FILES['FAItemplateFile']['tmp_name'])){
        $this->Object_FAItemplateFile = $str;
      }
    
    }
    
    $status="<br>"._("No file uploaded");
    if(strlen($this->Object_FAItemplateFile)){
      $status="<br>".sprintf(_("File uploaded, size : %s byte"),strlen($this->Object_FAItemplateFile));
    }
    $smarty->assign("status",$status);

    /* Magic quotes GPC, escapes every ' " \, to solve some security risks 
     * If we post the escaped strings they will be escaped again
     */
    foreach($this->attributes as $attrs){
      if(get_magic_quotes_gpc()){
        $smarty->assign($attrs,stripslashes($this->$attrs));
      }else{
        $smarty->assign($attrs,($this->$attrs));
      }
    }

    $smarty->assign("Object_FAItemplateFile","");

    for($i =1 ; $i <= 100 ; $i++){
      $Object_FAIprioritys[$i]=$i;
    }
    $smarty->assign("Object_FAIprioritys",$Object_FAIprioritys);
    $display.= $smarty->fetch(get_template_path('faiTemplateEntry.tpl', TRUE));
    return($display);
  }

  /* Save data to object */
  function save_object()
  {
    if(isset($_POST['SubObjectFormSubmitted'])){
      foreach($this->attributes as $attrs){
        if($attrs == "Object_FAItemplateFile") continue;
        if(isset($_POST[$attrs])){
          $this->$attrs = $_POST[$attrs];
        }else{
          $this->$attrs = "";
        }
      }
    }
  }

  /* Check supplied data */
  function check()
  {
    $message= array();
    if(empty($this->Object_FAItemplateFile)){
      $message[]=_("Please specify a value for attribute 'file'.");
    } 

    if(empty($this->Object_FAItemplatePath)){
      $message[]=_("Please specify a value for attribute 'path'.");
    } 
  
    if(empty($this->Object_cn)){
      $message[] = _("Please enter a name.");
    }

    if(preg_match("/[^0-9a-z]/i",$this->Object_cn)){
      $message[] = _("Please enter a valid name. Only a-Z 0-9 are allowed.");
    }
    return ($message);
  }
 
  function save()
  {
    $tmp=array();
    foreach($this->attributes as $attrs){ 
      $attr = preg_replace("/^Object_/","",$attrs);
      $tmp[$attr] = $this->$attrs;
    }

    if(($this->orig_cn)&&($tmp['cn']!=$this->orig_cn)){
      $tmp['remove']['from']  = $this->orig_cn;
      $tmp['remove']['to']    = $tmp['cn'];
    }
  
    $tmp['dn']      = $this->dn;  
    $tmp['status']  = $this->Object_status;  

    return($tmp);
  }
}
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>