X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=update.cgi;h=a8e7ba040afef64fe6190a6cb4346baa448d331b;hb=f1af5002f6710b37cf3d2b3903ef3103a34424a6;hp=d2d1929008ee90d5fb14c924a92cf5b60a4ea257;hpb=c7fda50cb6034976bba8b8eec9c52a3f41d20e08;p=mirror%2Fuserdir-ldap-cgi.git

diff --git a/update.cgi b/update.cgi
index d2d1929..a8e7ba0 100755
--- a/update.cgi
+++ b/update.cgi
@@ -1,6 +1,6 @@
 #!/usr/bin/perl
 
-# $Id: update.cgi,v 1.3 1999/10/23 04:01:44 tausq Exp $
+# $Id: update.cgi,v 1.11 2004/11/18 19:17:00 joey Exp $
 # (c) 1999 Randolph Chung. Licensed under the GPL. <tausq@debian.org>
 
 use lib '.';
@@ -43,7 +43,7 @@ $auth = ($mesg->code == LDAP_SUCCESS);
 
 if (!$auth) {
   $ldap->unbind;
-  &Util::HTMLError("You have not been authenticated. Please <a href=\"$proto://$ENV{SERVER_NAME}/$config{webloginurl}\">Login</a>");
+  &Util::HTMLError("You have not been authenticated. Please <a href=\"https://$ENV{SERVER_NAME}/$config{webloginurl}\">Login</a>");
 }
 
 # Authenticated....
@@ -77,9 +77,6 @@ if (!($query->param('doupdate'))) {
   $data{staddress} = $entry->{postaladdress}->[0];
   $data{staddress} =~ s/\$/\n/;
   $data{countryname} = &Util::LookupCountry($data{c});
-  if ($data{labeledurl} !~ /^https?:\/\//i) {
-    &Util::HTMLError("Malformed URL entered");
-  }
   
   $data{email} = join(", ", @{$entry->{emailforward}});  
 
@@ -97,6 +94,13 @@ if (!($query->param('doupdate'))) {
   # Actually update stuff...
   my ($newpassword, $newstaddress);
   
+  &Util::FixParams($query);
+
+  if (($query->param('labeleduri')) && 
+      ($query->param('labeleduri') !~ /^https?:\/\//i)) {
+    &Util::HTMLError("Your homepage URL is invalid");
+  }
+  
   if ($query->param('newpass') && $query->param('newpassvrfy')) {
     if ($query->param('newpass') ne $query->param('newpassvrfy')) {
       # passwords don't match...
@@ -105,7 +109,7 @@ if (!($query->param('doupdate'))) {
     # create a md5 crypted password
     $newpassword = '{crypt}'.crypt($query->param('newpass'), &Util::CreateCryptSalt(1));
     
-    LDAPUpdate($ldap, $editdn, 'userPassword', $newpassword);
+    &Util::LDAPUpdate($ldap, $editdn, 'userPassword', $newpassword);
     &Util::UpdateAuthToken($authtoken, $query->param('newpass'));
   }  
 
@@ -116,20 +120,22 @@ if (!($query->param('doupdate'))) {
   ($lat, $long) = &Util::CheckLatLong($query->param('latitude'), 
                                       $query->param('longitude'));
   
-  LDAPUpdate($ldap, $editdn, 'postalAddress', $newstaddress);
-  LDAPUpdate($ldap, $editdn, 'l', $query->param('l'));
-  LDAPUpdate($ldap, $editdn, 'latitude', $lat);
-  LDAPUpdate($ldap, $editdn, 'longitude', $long);
-  LDAPUpdate($ldap, $editdn, 'c', $query->param('country'));
-  LDAPUpdate($ldap, $editdn, 'postalcode', $query->param('postalcode'));
-  LDAPUpdate($ldap, $editdn, 'telephoneNumber', $query->param('telephonenumber'));
-  LDAPUpdate($ldap, $editdn, 'facsimileTelephoneNumber', $query->param('facsimiletelephonenumber'));
-  LDAPUpdate($ldap, $editdn, 'loginShell', $query->param('loginshell'));
-  LDAPUpdate($ldap, $editdn, 'emailForward', $query->param('email'));
-  LDAPUpdate($ldap, $editdn, 'privatesub', $query->param('privatesub'));
-  LDAPUpdate($ldap, $editdn, 'ircNick', $query->param('ircnick'));
-  LDAPUpdate($ldap, $editdn, 'labeledUrl', $query->param('labeledurl'));
-  LDAPUpdate($ldap, $editdn, 'onvacation', $query->param('onvacation'));
+  &Util::LDAPUpdate($ldap, $editdn, 'postalAddress', $newstaddress);
+  &Util::LDAPUpdate($ldap, $editdn, 'l', $query->param('l'));
+  &Util::LDAPUpdate($ldap, $editdn, 'latitude', $lat);
+  &Util::LDAPUpdate($ldap, $editdn, 'longitude', $long);
+  &Util::LDAPUpdate($ldap, $editdn, 'c', $query->param('country'));
+  &Util::LDAPUpdate($ldap, $editdn, 'postalCode', $query->param('postalcode'));
+  &Util::LDAPUpdate($ldap, $editdn, 'telephoneNumber', $query->param('telephonenumber'));
+  &Util::LDAPUpdate($ldap, $editdn, 'facsimileTelephoneNumber', $query->param('facsimiletelephonenumber'));
+  &Util::LDAPUpdate($ldap, $editdn, 'loginShell', $query->param('loginshell'));
+  &Util::LDAPUpdate($ldap, $editdn, 'emailForward', $query->param('email'));
+  &Util::LDAPUpdate($ldap, $editdn, 'privateSub', $query->param('privatesub'));
+  &Util::LDAPUpdate($ldap, $editdn, 'ircNick', $query->param('ircnick'));
+  &Util::LDAPUpdate($ldap, $editdn, 'icqUin', $query->param('icquin'));
+  &Util::LDAPUpdate($ldap, $editdn, 'jabberJID', $query->param('jabberjid'));
+  &Util::LDAPUpdate($ldap, $editdn, 'labeledURI', $query->param('labeleduri'));
+  &Util::LDAPUpdate($ldap, $editdn, 'onVacation', $query->param('onvacation'));
 
   # when we are done, reload the page with the updated details.
   my $url = "$proto://$ENV{SERVER_NAME}/$config{webupdateurl}?id=$id&authtoken=$authtoken&editdn=";
@@ -139,18 +145,3 @@ if (!($query->param('doupdate'))) {
 
 $ldap->unbind;
 
-sub LDAPUpdate {
-  my $ldap = shift;
-  my $dn = shift;
-  my $attr = shift;
-  my $val = shift;
-  my $mesg;
-  
-  if (!$val) {
-    $mesg = $ldap->modify($dn, delete => { $attr => [] });
-  } else {
-    $val = [ $val ] if (!ref($val));
-    $mesg = $ldap->modify($dn, replace => { $attr => $val });
-    $mesg->code && &Util::HTMLError("error updating $attr: ".$mesg->error);
-  }
-}