|
1 <?php |
|
2 |
|
3 require('includes/starthere.php'); |
|
4 |
|
5 // POSTed actions |
|
6 if ( !empty($_SERVER['PATH_INFO']) ) |
|
7 { |
|
8 $pi = explode('/', trim($_SERVER['PATH_INFO'], '/')); |
|
9 switch($pi[0]) |
|
10 { |
|
11 case 'disable': |
|
12 if ( !isset($pi[1]) ) |
|
13 break; |
|
14 |
|
15 $user =& $pi[1]; |
|
16 $userinfo = ldap_get_user($user); |
|
17 if ( !$userinfo ) |
|
18 break; |
|
19 |
|
20 disable_user($user); |
|
21 |
|
22 queue_message(E_NOTICE, "{$userinfo['cn']}'s account was disabled."); |
|
23 break; |
|
24 case 'enable': |
|
25 if ( !isset($pi[1]) ) |
|
26 break; |
|
27 |
|
28 $user =& $pi[1]; |
|
29 $userinfo = ldap_get_user($user); |
|
30 if ( !$userinfo ) |
|
31 break; |
|
32 |
|
33 enable_user($user); |
|
34 |
|
35 queue_message(E_NOTICE, "{$userinfo['cn']}'s account was enabled."); |
|
36 break; |
|
37 case 'delete': |
|
38 if ( !isset($pi[1]) ) |
|
39 break; |
|
40 |
|
41 $user =& $pi[1]; |
|
42 $userinfo = ldap_get_user($user); |
|
43 if ( !$userinfo ) |
|
44 break; |
|
45 |
|
46 delete_user($user); |
|
47 |
|
48 queue_message(E_NOTICE, "{$userinfo['cn']}'s account was deleted."); |
|
49 break; |
|
50 case 'create': |
|
51 |
|
52 if ( empty($_POST) ) |
|
53 { |
|
54 queue_message(E_ERROR, "Bad request"); |
|
55 break; |
|
56 } |
|
57 |
|
58 // basic re-validation |
|
59 if ( $_POST['password'] !== $_POST['password_confirm'] ) |
|
60 { |
|
61 queue_message(E_ERROR, "Passwords do not match"); |
|
62 break; |
|
63 } |
|
64 |
|
65 if ( empty($_POST['cn']) ) |
|
66 $_POST['cn'] = "{$_POST['givenName']} {$_POST['surname']}"; |
|
67 |
|
68 if ( empty($_POST['uid']) ) |
|
69 $_POST['uid'] = sprintf("%s%s", strtolower($_POST['givenName']{0}), strtolower(preg_replace('/[^A-Za-z0-9]/', '', $_POST['surname']))); |
|
70 |
|
71 if ( create_user($_POST['uid'], $_POST['password'], $_POST['givenName'], $_POST['surname'], $_POST['cn'], $_POST['title']) ) |
|
72 queue_message(E_NOTICE, "{$_POST['cn']}'s account has been created!"); |
|
73 else |
|
74 queue_message(E_ERROR, "Failed to create account"); |
|
75 |
|
76 break; |
|
77 case 'resetpw': |
|
78 |
|
79 if ( empty($_POST) ) |
|
80 { |
|
81 queue_message(E_ERROR, "Bad request"); |
|
82 break; |
|
83 } |
|
84 |
|
85 // basic re-validation |
|
86 if ( $_POST['password'] !== $_POST['password_confirm'] || empty($_POST['uid']) ) |
|
87 { |
|
88 queue_message(E_ERROR, "Passwords do not match"); |
|
89 break; |
|
90 } |
|
91 |
|
92 $userinfo = ldap_get_user($_POST['uid']); |
|
93 if ( !$userinfo ) |
|
94 break; |
|
95 |
|
96 if ( reset_password($_POST['uid'], $_POST['password']) ) |
|
97 queue_message(E_NOTICE, "{$userinfo['cn']}'s password has been reset."); |
|
98 else |
|
99 queue_message(E_ERROR, "Failed to reset password"); |
|
100 |
|
101 break; |
|
102 |
|
103 case 'edit': |
|
104 if ( !isset($pi[1]) ) |
|
105 break; |
|
106 |
|
107 $user =& $pi[1]; |
|
108 $userinfo = ldap_get_user($user); |
|
109 if ( !$userinfo ) |
|
110 break; |
|
111 |
|
112 if ( !empty($_POST) ) |
|
113 { |
|
114 if ( ldap_update_user($user, $_POST['entry']) ) |
|
115 { |
|
116 queue_message(E_NOTICE, "Updated user \"{$_POST['entry']['cn'][0]}\"."); |
|
117 redirect('/users'); |
|
118 } |
|
119 } |
|
120 |
|
121 display_template('useredit', array( |
|
122 'this_user' => $userinfo |
|
123 , 'readonly' => $ldap_readonly_attrs |
|
124 , 'field_names' => $ldap_field_names |
|
125 , 'dn' => ldap_make_user_dn($user) |
|
126 )); |
|
127 |
|
128 exit; |
|
129 break; |
|
130 } |
|
131 } |
|
132 |
|
133 // list users, and fill with enabled status for the UI |
|
134 $users = ldap_list_users(); |
|
135 foreach ( $users as $username => &$u ) |
|
136 { |
|
137 $u['enabled'] = is_user_enabled($username); |
|
138 } |
|
139 unset($u); |
|
140 |
|
141 // Present the UI |
|
142 display_template('users', array( |
|
143 'users' => $users |
|
144 )); |