X-Git-Url: https://git.adam-barratt.org.uk/?p=mirror%2Fuserdir-ldap-cgi.git;a=blobdiff_plain;f=search.cgi;h=f170025dd1e59003e2e4d80482d5d237c2d310c3;hp=e3eb882bcd27171a4898b46688b95da77bce033d;hb=036702ecd044b501dce1b05dfbf19a17921120da;hpb=f9609dae4f7fce6ca978c830f8e6311b7a94723c diff --git a/search.cgi b/search.cgi index e3eb882..f170025 100755 --- a/search.cgi +++ b/search.cgi @@ -4,6 +4,7 @@ # (c) 1999 Randolph Chung. Licensed under the GPL. # (c) 2004 Martin Schulze. Licensed under the GPL. # (c) 2006 Ryan Murray. Licensed under the GPL. +# Copyright (c) 2008, 2011, 2013, 2015 Peter Palfrader use lib '.'; use strict vars; @@ -11,7 +12,7 @@ use strict vars; use CGI; use Util; use URI::Escape; -use Net::LDAP qw(:all); +use Net::LDAP qw(LDAP_SUCCESS LDAP_PROTOCOL_ERROR); # Global settings... my %config = &Util::ReadConfigFile; @@ -19,10 +20,19 @@ my %config = &Util::ReadConfigFile; my $query = new CGI; my $id = $query->param('id'); my $authtoken = $query->param('authtoken'); -my $password = &Util::CheckAuthToken($authtoken); -my $dosearch = $query->param('dosearch'); -my $searchdn = $query->param('searchdn'); +my $dosearch = uri_escape($query->param('dosearch')); +my $searchdn = uri_escape($query->param('searchdn')); + my $ldap = undef; +my $password = undef; + +if ($authtoken || $id) { + $password = Util::TouchAuthToken($authtoken, $id); +} else { + $password = ''; + $id = ''; + $authtoken = ''; +} my $proto = ($ENV{HTTPS} ? "https" : "http"); @@ -30,7 +40,7 @@ sub DieHandler { $ldap->unbind if (defined($ldap)); } -$SIG{__DIE__} = \&DieHandler; +#$SIG{__DIE__} = \&DieHandler; if (!$dosearch) { # No action yet, send back the search form... @@ -61,7 +71,7 @@ if (!$dosearch) { # go through %searchdata and pull out all the search criteria the user # specified... - my $filter = "(objectclass=inetOrgPerson)"; + my $filter = "(objectclass=inetOrgPerson)(!(accountStatus=*))"; foreach (keys(%searchdata)) { if ($query->param($searchdata{$_}{formname})) { if ($query->param($searchdata{$_}{fuzzy})) { @@ -117,14 +127,18 @@ if (!$dosearch) { # Format the output.... foreach $dn (sort {$entries->{$a}->{sn}->[0] <=> $entries->{$b}->{sn}->[0]} keys(%$entries)) { my $ok = 0; + # These are local variables.. i have enough global vars as it is... + my ($ufdn, $login, $name, $icquin, $jabberjid, $email, $fingerprint, + $address, $latlong, $vacation, $created, $modified, $lastseen, $gender) = undef; + + # Last seen information (Echelon) + $lastseen = &Util::FormatLastSeen($entries->{$dn}->{"activity-pgp"}->[0], + $entries->{$dn}->{"activity-from"}->[0]); + $data = $entries->{$dn}; for my $key (keys %{$data}) { @{$data->{$key}} = map { CGI::escapeHTML($_); } @{$data->{$key}}; } - - # These are local variables.. i have enough global vars as it is... - my ($ufdn, $login, $name, $icquin, $jabberjid, $email, $fingerprint, - $address, $latlong, $vacation, $created, $modified, $lastseen, $gender) = undef; $ufdn = $dn; # Net::LDAP does not have a dn2ufn function, but this is close enough :) @@ -179,10 +193,6 @@ if (!$dosearch) { $modified = &Util::FormatTimestamp($data->{modifytimestamp}->[0]); $created = &Util::FormatTimestamp($data->{createtimestamp}->[0]); - # Last seen information (Echelon) - $lastseen = &Util::FormatLastSeen($data->{"activity-pgp"}->[0], - $data->{"activity-from"}->[0]); - # Link in the debian login id $login = $data->{uid}->[0]; $login = "$login"; @@ -191,7 +201,7 @@ if (!$dosearch) { $vacation = $data->{onvacation}->[0] if ($authtoken && $id); # OK, now generate output... (i.e. put the output into the buffer ) - $outsub{searchresults} .= ''; + $outsub{searchresults} .= '
'; $outsub{searchresults} .= '\n"; @@ -236,7 +246,7 @@ if (!$dosearch) { # If this is ourselves, present a link to do mods if ($auth && ($id eq $data->{uid}->[0])) { #TODO: extract this string into a url for translation... - $outsub{searchresults} .= "Edit my settings\n"; + $outsub{searchresults} .= "Edit my settings\n"; } $outsub{searchresults} .= "


\n";
'."$name "; $outsub{searchresults} .= "($ufdn)