![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 05ca5d6)
raw | patch | inline | side by side (parent: 05ca5d6)
| author | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Mon, 12 Jul 2010 06:54:36 +0000 (06:54 +0000) | ||
| committer | hickert <hickert@594d385d-05f5-0310-b6e9-bd551577e9d8> | |
| Mon, 12 Jul 2010 06:54:36 +0000 (06:54 +0000) |
-We ware now able to create users containing special chars in their name from templates.
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@18985 594d385d-05f5-0310-b6e9-bd551577e9d8
git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@18985 594d385d-05f5-0310-b6e9-bd551577e9d8
index e01cfb2320a59bf1e2fd75e7be3710e517af065d..d2340c80db327d90c47d760d9b34c410316994b9 100644 (file)
function set_post($value)
{
+ // Take care of array, recursivly convert each array entry.
if(is_array($value)){
foreach($value as $key => $val){
$value[$key] = set_post($val);
}
return($value);
}
+
+ // Do not touch boolean values, we may break them.
+ if($value === TRUE || $value === FALSE ) return($value);
+
+ // Return a fixed string which can then be used in HTML fields without
+ // breaking the layout or the values. This allows to use '"<> in input fields.
return(htmlentities($value, ENT_QUOTES, 'utf-8'));
}
diff --git a/gosa-core/plugins/admin/users/class_userManagement.inc b/gosa-core/plugins/admin/users/class_userManagement.inc
index 8d4e1b5283b89c908c08eb3ea8d645e576d57df4..e62358c7e45a4910d65ecc5f77e7be0823434d88 100644 (file)
$this->enforcePasswordChange = isset($_POST['new_password']) && isset($_POST['enforcePasswordChange']);
$smarty = get_smarty();
- $smarty->assign("proposal" , $this->proposal);
+ $smarty->assign("proposal" , set_post($this->proposal));
$smarty->assign("proposalEnabled" , $this->proposalEnabled);
$smarty->assign("proposalSelected" , $this->proposalSelected);
$smarty->assign("enforcePasswordChange" , $this->enforcePasswordChange);
// Assign proposal variables
- $smarty->assign("proposal" , $this->proposal);
+ $smarty->assign("proposal" , set_post($this->proposal));
$smarty->assign("proposalEnabled" , $this->proposalEnabled);
$smarty->assign("proposalSelected" , $this->proposalSelected);
return($smarty->fetch(get_template_path('template.tpl', TRUE)));
}
-
/********************
* 2 There was a template selected, now ask for the uid.
********************/
$ldap= $this->config->get_ldap_link();
$ldap->cd ($dn);
$ldap->search ("(&(sn=".normalizeLdap($this->sn).")(givenName=".normalizeLdap($this->givenName)."))", array("givenName"));
+
if ($ldap->count () != 0){
msg_dialog::displayChecks(array(msgPool::duplicated(_("Name"))));
}else{
// Assign user input
foreach(array("sn", "givenName", "uid", "got_uid") as $attr){
- $smarty->assign("$attr", $this->$attr);
+ $smarty->assign("$attr", set_post($this->$attr));
}
if (isset($_POST['template'])){
$smarty->assign("template", get_post('template'));
diff --git a/gosa-core/plugins/personal/generic/class_user.inc b/gosa-core/plugins/personal/generic/class_user.inc
index 12effd8a2875b5242232519e5b88396e7324447b..9d8cae186e0e58269e4f1bf9d3aeb60e3f5f9d02 100644 (file)
/* Handle add/delete for restriction mode */
if (isset($_POST['add_res']) && isset($_POST['res'])) {
- $val= validate($_POST['res']);
+ $val= get_post('res');
if (preg_match('/^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$/', $val) ||
preg_match('/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)\/([0-9]+)$/', $val) ||
preg_match('/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)\/([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)$/', $val)) {
if (isset($_POST["certificateSerialNumber"]) &&
$_POST["certificateSerialNumber"] != ""){
- if (!tests::is_id($_POST["certificateSerialNumber"])){
+ if (!tests::is_id(get_post('certificateSerialNumber'))){
$fail = true;
msg_dialog::display(_("Error"), msgPool::invalid(_("Serial number"),$_POST["certificateSerialNumber"],"/[0-9]/"),ERROR_DIALOG);
}
}
- $this->certificateSerialNumber= $_POST["certificateSerialNumber"];
+ $this->certificateSerialNumber= get_post("certificateSerialNumber");
$this->is_modified= TRUE;
}
if(!$fail){
/* Load attributes and acl's */
$ui =get_userinfo();
foreach($this->attributes as $val){
- $smarty->assign("$val", $this->$val);
+ $smarty->assign("$val", set_post($this->$val));
if(in_array($val,$this->multi_boxes)){
$smarty->assign("use_".$val,TRUE);
}else{
// In case of multiple edit, we need a readonly ACL for the list.
$smarty->assign('gosaLoginRestriction_ONLY_R_ACL', preg_replace("/[^r]/i","", $this->getacl($val)));
- $smarty->assign("pwmode", $pwd_methods);
- $smarty->assign("pwmode_select", $this->pw_storage);
+ $smarty->assign("pwmode", set_post($pwd_methods));
+ $smarty->assign("pwmode_select", set_post($this->pw_storage));
$smarty->assign("pw_configurable", $is_configurable);
$smarty->assign("passwordStorageACL", $this->getacl("userPassword"));
$smarty->assign("CertificatesACL", $this->getacl("Certificate"));
"internet,ivbv", "internet,testa", "internet,ivbv,testa");
$smarty->assign("ivbbmodes", $ivbbmodes);
foreach ($this->govattrs as $val){
- $smarty->assign("$val", $this->$val);
+ $smarty->assign("$val", set_post($this->$val));
$smarty->assign("$val"."ACL", $this->getacl($val));
}
} else {
$smarty->assign("has_phoneaccount", "false");
}
$smarty->assign("multiple_support" , $this->multiple_support_active);
- $smarty->assign("manager_name",$this->manager_name);
+ $smarty->assign("manager_name", set_post($this->manager_name));
return($smarty->fetch (get_template_path('generic.tpl', TRUE, dirname(__FILE__))));
}
if ($this->governmentmode){
foreach ($this->govattrs as $val){
if ($this->acl_is_writeable($val)){
- $data= stripcslashes($_POST["$val"]);
+ $data= get_post($val);
if ($data != $this->$val){
$this->is_modified= TRUE;
}
if (isset($_POST['pw_storage'])){
foreach(array("pw_storage") as $val){
if(isset($_POST[$val])){
- $data= validate($_POST[$val]);
+ $data= get_post($val);
if ($data != $this->$val){
$this->is_modified= TRUE;
}
$smarty->assign("passwordTodo","clear");
if(isset($_POST['passwordTodo'])){
- $smarty->assign("passwordTodo",$_POST['passwordTodo']);
+ $smarty->assign("passwordTodo",set_post(get_post('passwordTodo')));
}
- $smarty->assign("sn", $this->sn);
- $smarty->assign("givenName",$this->givenName);
- $smarty->assign("uid", $this->uid);
+ $smarty->assign("sn", set_post($this->sn));
+ $smarty->assign("givenName",set_post($this->givenName));
+ $smarty->assign("uid", set_post($this->uid));
$smarty->assign("rand", $rand);
$str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE,dirname(__FILE__)));
$attrs = array("uid","givenName","sn");
foreach($attrs as $attr){
if(isset($_POST[$attr])){
- $this->$attr = $_POST[$attr];
+ $this->$attr = get_post($attr);
}
}
}
if (isset($_POST['pw_storage'])){
foreach(array("pw_storage") as $val){
if(isset($_POST[$val])){
- $data= validate(get_post($val));
+ $data= get_post($val);
if ($data != $this->$val){
$this->is_modified= TRUE;
}