Qual: Clean LDAP code

htdocs/conf/conf.php.example

@@ -179,7 +179,7 @@ $dolibarr_main_authentication='dolibarr';
 # $dolibarr_main_auth_ldap_servertype='openldap';			# openldap, activedirectory or egroupware
 # $dolibarr_main_auth_ldap_login_attribute='loginfield';	   # Ex: uid or samaccountname for active directory
 # $dolibarr_main_auth_ldap_dn='ou=users,dc=my-domain,dc=com';  # Ex: ou=users,dc=my-domain,dc=com
-# $dolibarr_main_auth_ldap_filter = '';                        # If defined, two previous parameters are not used to find a user into LDAP. Ex: &(uid=%1%)(isMemberOf=cn=Sales,ou=Groups,dc=opencsi,dc=com).
+# $dolibarr_main_auth_ldap_filter = '';                        # If defined, two previous parameters are not used to find a user into LDAP. Ex: (uid=%1%) or &(uid=%1%)(isMemberOf=cn=Sales,ou=Groups,dc=opencsi,dc=com).
 # $dolibarr_main_auth_ldap_admin_login='';					# Required only if anonymous bind disabled. Ex: cn=admin,dc=example,dc=com
 # $dolibarr_main_auth_ldap_admin_pass='';					# Required only if anonymous bind disabled. Ex: secret
 

htdocs/includes/login/functions_ldap.php

@@ -123,12 +123,16 @@ function check_user_password_ldap($usertotest,$passwordtotest)
 		}
 
 		// Forge LDAP user and password to test with them
-		$ldap->searchUser=$ldapuserattr."=".$usertotest.",".$ldapdn;  // Default dn
+		// If LDAP need a dn with login like "uid=jbloggs,ou=People,dc=foo,dc=com", default dn may work even if previous code with
+		// admin login no exectued.
+        $ldap->searchUser=$ldapuserattr."=".$usertotest.",".$ldapdn;  // Default dn (will work if LDAP accept a dn with login value inside)
+		// But if LDAP need a dn with name like "cn=Jhon Bloggs,ou=People,dc=foo,dc=com", previous part must have been executed to have
+		// dn detected into ldapUserDN.
 		if ($resultFetchLdapUser) $ldap->searchUser = $ldap->ldapUserDN;
         $ldap->searchPassword=$passwordtotest;
 
 		// Test with this->seachUser and this->searchPassword
-        //print $ldap->searchUser.'-'.$ldap->searchPassword;exit;
+        //print $resultFetchLdapUser."-".$ldap->ldapUserDN."-".$ldap->searchUser.'-'.$ldap->searchPassword;exit;
         $result=$ldap->connect_bind();
 		if ($result > 0)
 		{

htdocs/includes/modules/import/import_csv.modules.php

@@ -117,8 +117,8 @@ class ImportCsv extends ModeleImports
 
 
     /**
-	 * 	\brief		Output header of an example file for this format
-	 * 	\param		langs		Output language
+	 * 	Output header of an example file for this format
+	 * 	@param		outputlangs		Output language
 	 */
     function write_header_example($outputlangs)
     {
@@ -126,30 +126,34 @@ class ImportCsv extends ModeleImports
     }
 
     /**
-	 * 	\brief		Output title line of an example file for this format
-	 * 	\param		langs		Output language
+	 * 	Output title line of an example file for this format
+	 * 	@param		outputlangs		Output language
 	 */
     function write_title_example($outputlangs,$headerlinefields)
     {
-    	$s='';
-		$s.=join($this->separator,$headerlinefields);
+        $func = function($value) {
+          return str_replace($this->separator,'/',$value);
+        };
+		$s.=join($this->separator,array_map($headerlinefields));
     	return $s."\n";
     }
 
     /**
-	 * 	\brief		Output record of an example file for this format
-	 * 	\param		langs		Output language
+	 * 	Output record of an example file for this format
+	 * 	@param		outputlangs		Output language
 	 */
     function write_record_example($outputlangs,$contentlinevalues)
     {
-    	$s='';
-		$s.=join($this->separator,$contentlinevalues);
+        $func = function($value) {
+          return str_replace($this->separator,'/',$value);
+        };
+        $s=join($this->separator,array_map($contentlinevalues));
     	return $s."\n";
     }
 
 	/**
-	 * 	\brief		Output footer of an example file for this format
-	 * 	\param		langs		Output language
+	 * 	Output footer of an example file for this format
+	 * 	@param		outputlangs		Output language
 	 */
     function write_footer_example($outputlangs)
     {
@@ -159,9 +163,9 @@ class ImportCsv extends ModeleImports
 
 
     /**
- 	 *	\brief		Open input file
-	 *	\param		file		Path of filename
-	 *	\return		int			<0 if KO, >=0 if OK
+ 	 *	Open input file
+	 *	@param		file		Path of filename
+	 *	@return		int			<0 if KO, >=0 if OK
 	 */
 	function import_open_file($file)
     {

htdocs/lib/ldap.class.php

@@ -1131,13 +1131,14 @@ class Ldap
 			if ($this->result)
 			{
 				$result = @ldap_get_entries($this->connection, $this->result);
-				dol_syslog("Ldap::fetch search found");
+				if ($result['count'] > 0) dol_syslog('Ldap::fetch search found '.$result['count'].' records');
+				else dol_syslog('Ldap::fetch search returns but found no records');
 				//var_dump($result);exit;
 			}
 			else
 			{
 			    $this->error = ldap_errno($this->connection)." ".ldap_error($this->connection);
-                dol_syslog("Ldap::fetch search not found");
+                dol_syslog("Ldap::fetch search fails");
 			    return -1;
 			}
 
@@ -1186,7 +1187,7 @@ class Ldap
 			$this->domainFQDN = $domain;
 
 			// Set ldapUserDn (each user can have a different dn)
-            //var_dump($result[0]['dn']);exit;
+            //var_dump($result[0]);exit;
 			$this->ldapUserDN=$result[0]['dn'];
 
 			ldap_free_result($this->result);

htdocs/user/class/usergroup.class.php

@@ -525,9 +525,9 @@ class UserGroup extends CommonObject
 
 
 	/**
-	 *		\brief      Update group into database
-	 *      \param      notrigger	    0=trigers enabled, 1=trigers disabled
-	 *    	\return     int				<0 if KO, >=0 if OK
+	 *		Update group into database
+	 *      @param      notrigger	    0=triggers enabled, 1=triggers disabled
+	 *    	@return     int				<0 if KO, >=0 if OK
 	 */
 	function update($notrigger=0)
 	{

htdocs/user/fiche.php

@@ -1,7 +1,7 @@
 <?php
 /* Copyright (C) 2002-2006 Rodolphe Quiedeville <rodolphe@quiedeville.org>
  * Copyright (C) 2002-2003 Jean-Louis Bergamo   <jlb@j1b.org>
- * Copyright (C) 2004-2010 Laurent Destailleur  <eldy@users.sourceforge.net>
+ * Copyright (C) 2004-2011 Laurent Destailleur  <eldy@users.sourceforge.net>
  * Copyright (C) 2004      Eric Seigne          <eric.seigne@ryxeo.com>
  * Copyright (C) 2005-2011 Regis Houssin        <regis@dolibarr.fr>
  * Copyright (C) 2005      Lionel Cousteix      <etm_ltd@tiscali.co.uk>
@@ -23,7 +23,7 @@
 
 /**
  *       \file       htdocs/user/fiche.php
- *       \brief      Onglet user et permissions de la fiche utilisateur
+ *       \brief      Tab of user card
  *       \version    $Id$
  */
 
@@ -59,6 +59,7 @@ if ($_GET["id"])
 }
 
 $action=GETPOST("action");
+$group=GETPOST("group","int",3);
 $confirm=GETPOST("confirm");
 
 // Security check
@@ -222,16 +223,30 @@ if ($_POST["action"] == 'add' && $canadduser)
 }
 
 // Action ajout groupe utilisateur
-if ($_POST["action"] == 'addgroup' && $caneditfield)
+if (($action == 'addgroup' || $action == 'removegroup') && $caneditfield)
 {
-	if ($_POST["group"])
+	if ($group)
 	{
-		$edituser = new User($db);
-		$edituser->fetch($_GET["id"]);
-		$edituser->SetInGroup($_POST["group"]);
+        $editgroup = new UserGroup($db);
+        $editgroup->fetch($group);
+        $editgroup->oldcopy=dol_clone($editgroup);
 
-		Header("Location: fiche.php?id=".$_GET["id"]);
-		exit;
+        $edituser = new User($db);
+        $edituser->fetch($_GET["id"]);
+        if ($action == 'addgroup')    $edituser->SetInGroup($group);
+        if ($action == 'removegroup') $edituser->RemoveFromGroup($group);
+
+        // We reload members (list has changed)
+        $editgroup->members=$editgroup->listUsersForGroup();
+
+        // We update group to force triggers that update groups content
+        $result=$editgroup->update();
+
+        if ($result > 0)
+        {
+            header("Location: fiche.php?id=".$_GET["id"]);
+            exit;
+        }
 	}
 }
 

htdocs/user/group/fiche.php

@@ -48,6 +48,7 @@ $result = restrictedArea($user, 'user', $_GET["id"], 'usergroup', 'user');
 
 $action=GETPOST("action");
 $confirm=GETPOST("confirm");
+$userid=GETPOST("user","int");
 
 
 /**
@@ -61,6 +62,7 @@ if ($action == 'confirm_delete' && $confirm == "yes")
 		$editgroup->fetch($_GET["id"]);
 		$editgroup->delete();
 		Header("Location: index.php");
+		exit;
 	}
 	else
 	{
@@ -114,20 +116,21 @@ if ($_POST["action"] == 'add')
 	}
 }
 
-// Add user into group
-if ($_POST["action"] == 'adduser')
+// Add/Remove user into group
+if ($action == 'adduser' || $action =='removeuser')
 {
-	if($caneditperms)
+	if ($caneditperms)
 	{
-		if ($_POST["user"])
+		if ($userid)
 		{
 			$editgroup = new UserGroup($db);
 			$editgroup->fetch($_GET["id"]);
 			$editgroup->oldcopy=dol_clone($editgroup);
 
 			$edituser = new User($db);
-			$edituser->fetch($_POST["user"]);
-			$result=$edituser->SetInGroup($_GET["id"]);
+			$edituser->fetch($userid);
+			if ($action == 'adduser')    $result=$edituser->SetInGroup($_GET["id"]);
+			if ($action == 'removeuser') $result=$edituser->RemoveFromGroup($_GET["id"]);
 
 			// We reload members (list has changed)
 			$editgroup->members=$editgroup->listUsersForGroup();
@@ -146,37 +149,6 @@ if ($_POST["action"] == 'adduser')
 	}
 }
 
-// Remove user from group
-if ($_GET["action"] == 'removeuser')
-{
-	if($caneditperms)
-	{
-		if ($_GET["user"])
-		{
-			$editgroup = new UserGroup($db);
-			$editgroup->fetch($_GET["id"]);
-			$editgroup->oldcopy=dol_clone($editgroup);
-
-			$edituser = new User($db);
-			$edituser->fetch($_GET["user"]);
-			$edituser->RemoveFromGroup($_GET["id"]);
-
-			// We reload members (list has changed)
-			$editgroup->members=$editgroup->listUsersForGroup();
-
-			// We update group to force triggers that update groups content
-			$result=$editgroup->update();
-
-			if ($result > 0)
-			{
-				header("Location: fiche.php?id=".$_GET["id"]);
-				exit;
-			}
-		}
-	}else{
-		$message = '<div class="error">'.$langs->trans('ErrorForbidden').'</div>';
-	}
-}
 
 if ($_POST["action"] == 'update')
 {