// Author: Jon Belanger // Date: Nov. 2004 // comments: linked to in display_users.php // start the session session_start(); include("functions.php"); include("gui.php"); // check if the session username or seclevel are not set // this would occur if the user was trying to get here without logging in if (! $_SESSION['username'] | ! $_SESSION['seclevel']) { redirect("logout.php"); exit(1); } // check if the logged in user is a user and that they are trying // to edit themselves if ($_SESSION['username'] != $_GET['uid'] & $_SESSION['seclevel']=="user") { redirect("logout.php"); exit(1); } // connect to ldap server $ds=connect_to_ldap($_SESSION['server'], $_SESSION['port'], $_SESSION['ssl'], 3); // if connection is succesful if ($ds) { // bind to server anonymously $r=ldap_bind($ds,$_SESSION['managerdn'],$_SESSION['managerpass']); // search for all readable attributes of this user $sr=ldap_search($ds, $_SESSION['userbase'], "uid=$_GET[uid]"); // put the entries into a 3d array $info=ldap_get_entries($ds,$sr); // check the seclevel of the logged in user is not admin if ($_SESSION['seclevel']=="expert" | $_SESSION['seclevel']=="user") { // if not admin, then check if the edited user is admin or expert if ($info[0]['description'][0]=="admin" | $info[0]['description'][0]=="expert") { // users can only edit themselves // experts can only edit other users or themsevles if ($_GET['uid']!=$_SESSION['username']) { // redirect back to display_users.php if conditions not met ldap_close($ds); redirect("display_users.php?error=Can't edit admin or expert users: permission denied"); exit(1); } } } } // display HTML meta and ui headers display_meta($_SESSION['version']." - Editing User"); display_header("Editing User - ".$_GET['uid']); ?>
if ($_SESSION['seclevel']=="user") { echo "Editing ".$_GET['uid']; } else {?> Main - Edit Users - Editing echo $_GET["uid"]; ?> } ?> |
if ($_GET["error"]) { echo "** ".$_GET["error"]; } else { echo " "; } ?> |