From a72d950e61e760ec8f9247888499afb87b4ecfec Mon Sep 17 00:00:00 2001 From: hickert Date: Mon, 12 Jul 2010 06:54:36 +0000 Subject: [PATCH] Updated class user and class userManagement -We ware now able to create users containing special chars in their name from templates. git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@18985 594d385d-05f5-0310-b6e9-bd551577e9d8 --- gosa-core/include/functions.inc | 7 ++++ .../admin/users/class_userManagement.inc | 8 ++--- .../plugins/personal/generic/class_user.inc | 32 +++++++++---------- 3 files changed, 27 insertions(+), 20 deletions(-) diff --git a/gosa-core/include/functions.inc b/gosa-core/include/functions.inc index e01cfb232..d2340c80d 100644 --- a/gosa-core/include/functions.inc +++ b/gosa-core/include/functions.inc @@ -2934,12 +2934,19 @@ function get_binary_post($name) function set_post($value) { + // Take care of array, recursivly convert each array entry. if(is_array($value)){ foreach($value as $key => $val){ $value[$key] = set_post($val); } return($value); } + + // Do not touch boolean values, we may break them. + if($value === TRUE || $value === FALSE ) return($value); + + // Return a fixed string which can then be used in HTML fields without + // breaking the layout or the values. This allows to use '"<> in input fields. return(htmlentities($value, ENT_QUOTES, 'utf-8')); } diff --git a/gosa-core/plugins/admin/users/class_userManagement.inc b/gosa-core/plugins/admin/users/class_userManagement.inc index 8d4e1b528..e62358c7e 100644 --- a/gosa-core/plugins/admin/users/class_userManagement.inc +++ b/gosa-core/plugins/admin/users/class_userManagement.inc @@ -253,7 +253,7 @@ class userManagement extends management $this->enforcePasswordChange = isset($_POST['new_password']) && isset($_POST['enforcePasswordChange']); $smarty = get_smarty(); - $smarty->assign("proposal" , $this->proposal); + $smarty->assign("proposal" , set_post($this->proposal)); $smarty->assign("proposalEnabled" , $this->proposalEnabled); $smarty->assign("proposalSelected" , $this->proposalSelected); @@ -280,7 +280,7 @@ class userManagement extends management $smarty->assign("enforcePasswordChange" , $this->enforcePasswordChange); // Assign proposal variables - $smarty->assign("proposal" , $this->proposal); + $smarty->assign("proposal" , set_post($this->proposal)); $smarty->assign("proposalEnabled" , $this->proposalEnabled); $smarty->assign("proposalSelected" , $this->proposalSelected); @@ -564,7 +564,6 @@ class userManagement extends management return($smarty->fetch(get_template_path('template.tpl', TRUE))); } - /******************** * 2 There was a template selected, now ask for the uid. ********************/ @@ -581,6 +580,7 @@ class userManagement extends management $ldap= $this->config->get_ldap_link(); $ldap->cd ($dn); $ldap->search ("(&(sn=".normalizeLdap($this->sn).")(givenName=".normalizeLdap($this->givenName)."))", array("givenName")); + if ($ldap->count () != 0){ msg_dialog::displayChecks(array(msgPool::duplicated(_("Name")))); }else{ @@ -603,7 +603,7 @@ class userManagement extends management // Assign user input foreach(array("sn", "givenName", "uid", "got_uid") as $attr){ - $smarty->assign("$attr", $this->$attr); + $smarty->assign("$attr", set_post($this->$attr)); } if (isset($_POST['template'])){ $smarty->assign("template", get_post('template')); diff --git a/gosa-core/plugins/personal/generic/class_user.inc b/gosa-core/plugins/personal/generic/class_user.inc index 12effd8a2..9d8cae186 100644 --- a/gosa-core/plugins/personal/generic/class_user.inc +++ b/gosa-core/plugins/personal/generic/class_user.inc @@ -288,7 +288,7 @@ class user extends plugin /* Handle add/delete for restriction mode */ if (isset($_POST['add_res']) && isset($_POST['res'])) { - $val= validate($_POST['res']); + $val= get_post('res'); if (preg_match('/^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$/', $val) || preg_match('/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)\/([0-9]+)$/', $val) || preg_match('/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)\/([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)$/', $val)) { @@ -516,7 +516,7 @@ class user extends plugin if (isset($_POST["certificateSerialNumber"]) && $_POST["certificateSerialNumber"] != ""){ - if (!tests::is_id($_POST["certificateSerialNumber"])){ + if (!tests::is_id(get_post('certificateSerialNumber'))){ $fail = true; msg_dialog::display(_("Error"), msgPool::invalid(_("Serial number"),$_POST["certificateSerialNumber"],"/[0-9]/"),ERROR_DIALOG); @@ -529,7 +529,7 @@ class user extends plugin } } - $this->certificateSerialNumber= $_POST["certificateSerialNumber"]; + $this->certificateSerialNumber= get_post("certificateSerialNumber"); $this->is_modified= TRUE; } if(!$fail){ @@ -627,7 +627,7 @@ class user extends plugin /* Load attributes and acl's */ $ui =get_userinfo(); foreach($this->attributes as $val){ - $smarty->assign("$val", $this->$val); + $smarty->assign("$val", set_post($this->$val)); if(in_array($val,$this->multi_boxes)){ $smarty->assign("use_".$val,TRUE); }else{ @@ -652,8 +652,8 @@ class user extends plugin // In case of multiple edit, we need a readonly ACL for the list. $smarty->assign('gosaLoginRestriction_ONLY_R_ACL', preg_replace("/[^r]/i","", $this->getacl($val))); - $smarty->assign("pwmode", $pwd_methods); - $smarty->assign("pwmode_select", $this->pw_storage); + $smarty->assign("pwmode", set_post($pwd_methods)); + $smarty->assign("pwmode_select", set_post($this->pw_storage)); $smarty->assign("pw_configurable", $is_configurable); $smarty->assign("passwordStorageACL", $this->getacl("userPassword")); $smarty->assign("CertificatesACL", $this->getacl("Certificate")); @@ -670,7 +670,7 @@ class user extends plugin "internet,ivbv", "internet,testa", "internet,ivbv,testa"); $smarty->assign("ivbbmodes", $ivbbmodes); foreach ($this->govattrs as $val){ - $smarty->assign("$val", $this->$val); + $smarty->assign("$val", set_post($this->$val)); $smarty->assign("$val"."ACL", $this->getacl($val)); } } else { @@ -702,7 +702,7 @@ class user extends plugin $smarty->assign("has_phoneaccount", "false"); } $smarty->assign("multiple_support" , $this->multiple_support_active); - $smarty->assign("manager_name",$this->manager_name); + $smarty->assign("manager_name", set_post($this->manager_name)); return($smarty->fetch (get_template_path('generic.tpl', TRUE, dirname(__FILE__)))); } @@ -829,7 +829,7 @@ class user extends plugin if ($this->governmentmode){ foreach ($this->govattrs as $val){ if ($this->acl_is_writeable($val)){ - $data= stripcslashes($_POST["$val"]); + $data= get_post($val); if ($data != $this->$val){ $this->is_modified= TRUE; } @@ -848,7 +848,7 @@ class user extends plugin if (isset($_POST['pw_storage'])){ foreach(array("pw_storage") as $val){ if(isset($_POST[$val])){ - $data= validate($_POST[$val]); + $data= get_post($val); if ($data != $this->$val){ $this->is_modified= TRUE; } @@ -1587,12 +1587,12 @@ class user extends plugin $smarty->assign("passwordTodo","clear"); if(isset($_POST['passwordTodo'])){ - $smarty->assign("passwordTodo",$_POST['passwordTodo']); + $smarty->assign("passwordTodo",set_post(get_post('passwordTodo'))); } - $smarty->assign("sn", $this->sn); - $smarty->assign("givenName",$this->givenName); - $smarty->assign("uid", $this->uid); + $smarty->assign("sn", set_post($this->sn)); + $smarty->assign("givenName",set_post($this->givenName)); + $smarty->assign("uid", set_post($this->uid)); $smarty->assign("rand", $rand); $str = $smarty->fetch(get_template_path("paste_generic.tpl",TRUE,dirname(__FILE__))); @@ -1622,7 +1622,7 @@ class user extends plugin $attrs = array("uid","givenName","sn"); foreach($attrs as $attr){ if(isset($_POST[$attr])){ - $this->$attr = $_POST[$attr]; + $this->$attr = get_post($attr); } } } @@ -1806,7 +1806,7 @@ class user extends plugin if (isset($_POST['pw_storage'])){ foreach(array("pw_storage") as $val){ if(isset($_POST[$val])){ - $data= validate(get_post($val)); + $data= get_post($val); if ($data != $this->$val){ $this->is_modified= TRUE; } -- 2.30.2