X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=search.cgi;h=59b6471ec50729170336bed03365535f91d291cd;hb=b676960875b6a9fa079d8f9ce12ab8518f95f420;hp=5a328c093297b1021f398de4f1c2686ca2f71303;hpb=564e86b5e750fb3f448a336fdd7f441b6e57e4ed;p=mirror%2Fuserdir-ldap-cgi.git
diff --git a/search.cgi b/search.cgi
index 5a328c0..59b6471 100755
--- a/search.cgi
+++ b/search.cgi
@@ -19,10 +19,19 @@ my %config = &Util::ReadConfigFile;
my $query = new CGI;
my $id = $query->param('id');
my $authtoken = $query->param('authtoken');
-my $password = &Util::CheckAuthToken($authtoken);
-my $dosearch = $query->param('dosearch');
-my $searchdn = $query->param('searchdn');
+my $dosearch = uri_escape($query->param('dosearch'));
+my $searchdn = uri_escape($query->param('searchdn'));
+
my $ldap = undef;
+my $password = undef;
+
+if ($authtoken || $id) {
+ $password = Util::TouchAuthToken($authtoken, $id);
+} else {
+ $password = '';
+ $id = '';
+ $authtoken = '';
+}
my $proto = ($ENV{HTTPS} ? "https" : "http");
@@ -30,7 +39,7 @@ sub DieHandler {
$ldap->unbind if (defined($ldap));
}
-$SIG{__DIE__} = \&DieHandler;
+#$SIG{__DIE__} = \&DieHandler;
if (!$dosearch) {
# No action yet, send back the search form...
@@ -61,7 +70,7 @@ if (!$dosearch) {
# go through %searchdata and pull out all the search criteria the user
# specified...
- my $filter = "(objectclass=inetOrgPerson)";
+ my $filter = "(objectclass=inetOrgPerson)(!(accountStatus=*))";
foreach (keys(%searchdata)) {
if ($query->param($searchdata{$_}{formname})) {
if ($query->param($searchdata{$_}{fuzzy})) {
@@ -236,7 +245,7 @@ if (!$dosearch) {
# If this is ourselves, present a link to do mods
if ($auth && ($id eq $data->{uid}->[0])) { #TODO: extract this string into a url for translation...
- $outsub{searchresults} .= "Edit my settings\n";
+ $outsub{searchresults} .= "Edit my settings\n";
}
$outsub{searchresults} .= "
\n";