|
0
|
1 |
<?php
|
|
|
2 |
|
|
|
3 |
require('includes/starthere.php');
|
|
|
4 |
|
|
|
5 |
// POSTed actions
|
|
|
6 |
if ( !empty($_SERVER['PATH_INFO']) )
|
|
|
7 |
{
|
|
|
8 |
$pi = explode('/', trim($_SERVER['PATH_INFO'], '/'));
|
|
|
9 |
switch($pi[0])
|
|
|
10 |
{
|
|
|
11 |
case 'disable':
|
|
|
12 |
if ( !isset($pi[1]) )
|
|
|
13 |
break;
|
|
|
14 |
|
|
|
15 |
$user =& $pi[1];
|
|
|
16 |
$userinfo = ldap_get_user($user);
|
|
|
17 |
if ( !$userinfo )
|
|
|
18 |
break;
|
|
|
19 |
|
|
|
20 |
disable_user($user);
|
|
|
21 |
|
|
|
22 |
queue_message(E_NOTICE, "{$userinfo['cn']}'s account was disabled.");
|
|
|
23 |
break;
|
|
|
24 |
case 'enable':
|
|
|
25 |
if ( !isset($pi[1]) )
|
|
|
26 |
break;
|
|
|
27 |
|
|
|
28 |
$user =& $pi[1];
|
|
|
29 |
$userinfo = ldap_get_user($user);
|
|
|
30 |
if ( !$userinfo )
|
|
|
31 |
break;
|
|
|
32 |
|
|
|
33 |
enable_user($user);
|
|
|
34 |
|
|
|
35 |
queue_message(E_NOTICE, "{$userinfo['cn']}'s account was enabled.");
|
|
|
36 |
break;
|
|
|
37 |
case 'delete':
|
|
|
38 |
if ( !isset($pi[1]) )
|
|
|
39 |
break;
|
|
|
40 |
|
|
|
41 |
$user =& $pi[1];
|
|
|
42 |
$userinfo = ldap_get_user($user);
|
|
|
43 |
if ( !$userinfo )
|
|
|
44 |
break;
|
|
|
45 |
|
|
|
46 |
delete_user($user);
|
|
|
47 |
|
|
|
48 |
queue_message(E_NOTICE, "{$userinfo['cn']}'s account was deleted.");
|
|
|
49 |
break;
|
|
|
50 |
case 'create':
|
|
|
51 |
|
|
|
52 |
if ( empty($_POST) )
|
|
|
53 |
{
|
|
|
54 |
queue_message(E_ERROR, "Bad request");
|
|
|
55 |
break;
|
|
|
56 |
}
|
|
|
57 |
|
|
|
58 |
// basic re-validation
|
|
|
59 |
if ( $_POST['password'] !== $_POST['password_confirm'] )
|
|
|
60 |
{
|
|
|
61 |
queue_message(E_ERROR, "Passwords do not match");
|
|
|
62 |
break;
|
|
|
63 |
}
|
|
|
64 |
|
|
|
65 |
if ( empty($_POST['cn']) )
|
|
|
66 |
$_POST['cn'] = "{$_POST['givenName']} {$_POST['surname']}";
|
|
|
67 |
|
|
|
68 |
if ( empty($_POST['uid']) )
|
|
|
69 |
$_POST['uid'] = sprintf("%s%s", strtolower($_POST['givenName']{0}), strtolower(preg_replace('/[^A-Za-z0-9]/', '', $_POST['surname'])));
|
|
|
70 |
|
|
|
71 |
if ( create_user($_POST['uid'], $_POST['password'], $_POST['givenName'], $_POST['surname'], $_POST['cn'], $_POST['title']) )
|
|
|
72 |
queue_message(E_NOTICE, "{$_POST['cn']}'s account has been created!");
|
|
|
73 |
else
|
|
|
74 |
queue_message(E_ERROR, "Failed to create account");
|
|
|
75 |
|
|
|
76 |
break;
|
|
|
77 |
case 'resetpw':
|
|
|
78 |
|
|
|
79 |
if ( empty($_POST) )
|
|
|
80 |
{
|
|
|
81 |
queue_message(E_ERROR, "Bad request");
|
|
|
82 |
break;
|
|
|
83 |
}
|
|
|
84 |
|
|
|
85 |
// basic re-validation
|
|
|
86 |
if ( $_POST['password'] !== $_POST['password_confirm'] || empty($_POST['uid']) )
|
|
|
87 |
{
|
|
|
88 |
queue_message(E_ERROR, "Passwords do not match");
|
|
|
89 |
break;
|
|
|
90 |
}
|
|
|
91 |
|
|
|
92 |
$userinfo = ldap_get_user($_POST['uid']);
|
|
|
93 |
if ( !$userinfo )
|
|
|
94 |
break;
|
|
|
95 |
|
|
|
96 |
if ( reset_password($_POST['uid'], $_POST['password']) )
|
|
|
97 |
queue_message(E_NOTICE, "{$userinfo['cn']}'s password has been reset.");
|
|
|
98 |
else
|
|
|
99 |
queue_message(E_ERROR, "Failed to reset password");
|
|
|
100 |
|
|
|
101 |
break;
|
|
|
102 |
|
|
|
103 |
case 'edit':
|
|
|
104 |
if ( !isset($pi[1]) )
|
|
|
105 |
break;
|
|
|
106 |
|
|
|
107 |
$user =& $pi[1];
|
|
|
108 |
$userinfo = ldap_get_user($user);
|
|
|
109 |
if ( !$userinfo )
|
|
|
110 |
break;
|
|
|
111 |
|
|
|
112 |
if ( !empty($_POST) )
|
|
|
113 |
{
|
|
|
114 |
if ( ldap_update_user($user, $_POST['entry']) )
|
|
|
115 |
{
|
|
|
116 |
queue_message(E_NOTICE, "Updated user \"{$_POST['entry']['cn'][0]}\".");
|
|
|
117 |
redirect('/users');
|
|
|
118 |
}
|
|
|
119 |
}
|
|
|
120 |
|
|
|
121 |
display_template('useredit', array(
|
|
|
122 |
'this_user' => $userinfo
|
|
|
123 |
, 'readonly' => $ldap_readonly_attrs
|
|
|
124 |
, 'field_names' => $ldap_field_names
|
|
|
125 |
, 'dn' => ldap_make_user_dn($user)
|
|
|
126 |
));
|
|
|
127 |
|
|
|
128 |
exit;
|
|
|
129 |
break;
|
|
|
130 |
}
|
|
|
131 |
}
|
|
|
132 |
|
|
|
133 |
// list users, and fill with enabled status for the UI
|
|
|
134 |
$users = ldap_list_users();
|
|
|
135 |
foreach ( $users as $username => &$u )
|
|
|
136 |
{
|
|
|
137 |
$u['enabled'] = is_user_enabled($username);
|
|
|
138 |
}
|
|
|
139 |
unset($u);
|
|
|
140 |
|
|
|
141 |
// Present the UI
|
|
|
142 |
display_template('users', array(
|
|
|
143 |
'users' => $users
|
|
|
144 |
));
|