diff --git a/gosa-plugins/fai/admin/fai/class_faiScriptEntry.inc b/gosa-plugins/fai/admin/fai/class_faiScriptEntry.inc
index 143d6f506b79cd87588ba77187ff6bc9023e37f1..a0ba363c99bb006685447226502687eefeee6e2c 100644 (file)
function faiScriptEntry (&$config, $dn= NULL,$object=false)
{
function faiScriptEntry (&$config, $dn= NULL,$object=false)
{
- plugin::plugin ($config, $dn);
+ plugin::plugin ($config, NULL);
if($dn != "new"){
$this->orig_cn= $object['cn'];
$this->dn=$object['dn'];
if($dn != "new"){
$this->orig_cn= $object['cn'];
$this->dn=$object['dn'];
$oname = $name;
$this->$oname=$value;
}
$oname = $name;
$this->$oname=$value;
}
-
- if(isset($this->attrs['FAIstate'][0])){
- $this->FAIstate = $this->attrs['FAIstate'][0];
- }
-
}else{
if(is_array($object)&&count($object)){
$this->orig_cn= $object['cn'];
}else{
if(is_array($object)&&count($object)){
$this->orig_cn= $object['cn'];
/* Fill templating stuff */
$smarty = get_smarty();
/* Fill templating stuff */
$smarty = get_smarty();
+ $smarty->assign("freeze", preg_match("/freeze/i",$this->FAIstate));
$display = "";
if(isset($_POST['ImportUpload']) && $this->acl_is_writeable("FAIscript")){
if(($_FILES['ImportFile']['error']!=0)){
$display = "";
if(isset($_POST['ImportUpload']) && $this->acl_is_writeable("FAIscript")){
if(($_FILES['ImportFile']['error']!=0)){
- msg_dialog::display(_("Error"), _("Upload failed!"), ERROR_DIALOG);
+ msg_dialog::display(_("Error"), msgPool::incorrectUpload(), ERROR_DIALOG);
}else
if(($_FILES['ImportFile']['size']==0)){
}else
if(($_FILES['ImportFile']['size']==0)){
- msg_dialog::display(_("Error"), _("Uploaded file is empty!"), ERROR_DIALOG);
+ msg_dialog::display(_("Error"), msgPool::incorrectUpload(_("file is empty")), ERROR_DIALOG);
}else{
$str = utf8_encode(addslashes(file_get_contents($_FILES['ImportFile']['tmp_name'])));
$this->FAIscript = $str;
}
}
}else{
$str = utf8_encode(addslashes(file_get_contents($_FILES['ImportFile']['tmp_name'])));
$this->FAIscript = $str;
}
}
+ /* Magic quotes GPC, escapes every ' " \, to solve some security risks
+ * If we post the escaped strings they will be escaped again
+ */
foreach($this->attributes as $attrs){
if(get_magic_quotes_gpc()){
foreach($this->attributes as $attrs){
if(get_magic_quotes_gpc()){
- $smarty->assign($attrs,stripslashes($this->$attrs));
+ $smarty->assign($attrs,(stripslashes($this->$attrs)));
}else{
}else{
- $smarty->assign($attrs,($this->$attrs));
- }
+ $smarty->assign($attrs,($this->$attrs));
+ }
}
/* File download requested */
}
/* File download requested */
- if(isset($_GET['getFAIScript'])){
- send_binary_content($this->FAIscript,$this->cn.".FAIscript");
+ if(isset($_POST['download'])){
+ send_binary_content(stripslashes($this->FAIscript),$this->cn.".FAIscript");
}
/* Create download button*/
if($this->dn != "new" && $this->acl_is_readable("FAIscript")){
}
/* Create download button*/
if($this->dn != "new" && $this->acl_is_readable("FAIscript")){
- $smarty->assign("DownMe","<a href='?plug=".$_GET['plug']."&getFAIScript'>
- <img src='images/save.png' alt='"._("Download")."' title='"._("Download")."' border=0 class='center'>
- </a>");
+ $smarty->assign("DownMe", image('images/save.png','download',_("Download")));
}else{
$smarty->assign("DownMe","");
}
}else{
$smarty->assign("DownMe","");
}
$tmp = $this->plInfo();
foreach($tmp['plProvidedAcls'] as $name => $translated){
$tmp = $this->plInfo();
foreach($tmp['plProvidedAcls'] as $name => $translated){
- $acl = $this->getacl($name);
- if($this->FAIstate == "freezed"){
- $acl = preg_replace("/w/","",$acl);
- }
+ $acl = $this->getacl($name,preg_match("/freeze/i",$this->FAIstate));
$smarty->assign($name."ACL",$acl);
}
$smarty->assign($name."ACL",$acl);
}
- $smarty->assign("FAIprioritys",$FAIprioritys);
if(get_magic_quotes_gpc()){
$smarty->assign("FAIscript" , htmlentities(stripslashes($this->FAIscript)));
}else{
$smarty->assign("FAIscript" , htmlentities($this->FAIscript));
}
if(get_magic_quotes_gpc()){
$smarty->assign("FAIscript" , htmlentities(stripslashes($this->FAIscript)));
}else{
$smarty->assign("FAIscript" , htmlentities($this->FAIscript));
}
+ $smarty->assign("FAIprioritys",$FAIprioritys);
$display.= $smarty->fetch(get_template_path('faiScriptEntry.tpl', TRUE));
return($display);
}
$display.= $smarty->fetch(get_template_path('faiScriptEntry.tpl', TRUE));
return($display);
}
/* Save data to object */
function save_object()
{
/* Save data to object */
function save_object()
{
- if((isset($_POST['SubObjectFormSubmitted'])) && ($this->FAIstate != "freeze")){
+ if((isset($_POST['SubObjectFormSubmitted'])) && !preg_match("/freeze/", $this->FAIstate)){
foreach($this->attributes as $attrs){
if($this->acl_is_writeable($attrs)){
if(isset($_POST[$attrs])){
foreach($this->attributes as $attrs){
if($this->acl_is_writeable($attrs)){
if(isset($_POST[$attrs])){
$message= plugin::check();
if(isset($this->parent->SubObjects[$this->cn]) && $this->cn != $this->orig_cn){
$message= plugin::check();
if(isset($this->parent->SubObjects[$this->cn]) && $this->cn != $this->orig_cn){
- $message[] =_("Name is already in use!");
+ $message[] = msgPool::duplicated(_("Name"));
}
}
- if(empty($this->cn)){
- $message[] = _("Name is empty!");
+ $c = trim($this->cn);
+ if($c == ""){
+ $message[] = msgPool::required(_("Name"));
+ }
+ if(preg_match("/[^a-z0-9_\-]/i",$c)){
+ $message[] = msgPool::invalid(_("Name"),$c,"/[a-z0-9_\-]/i");
}
}
- if(empty($this->FAIscript)){
- $message[]=_("Please enter a script!");
+ $s = trim($this->FAIscript);
+ if($s == ""){
+ $message[]= msgPool::required(_("Script"));
}
return ($message);
}
return ($message);