* Add support for the rest of the operators. Created the lib/operators.php3 file...

diff --git a/Changelog b/Changelog
index 9d0b751e13865a6edf999953b2fc3dd7557f7632..afd005e3d96d19117632db6304c900dfded06375 100644 (file)
--- a/Changelog
+++ b/Changelog
@@ -11,6 +11,7 @@ Ver 1.29:
   sql_use_operators configuration directive. Hope everything works.
 * Fixed a bug in sql/change_attrs which did not allow multi valued attributes in sql.
 * unset item_vals before adding info in ldap and sql user_info files.
+* Add support for the rest of the operators. Created the lib/operators.php3 file containing helper functions
 Ver 1.28:
 * Make user_delete.php3 print something when a user is deleted
 * Cache nas hostname lookups in user_accounting

diff --git a/htdocs/user_edit.php3 b/htdocs/user_edit.php3
index 765e2f982cb893f8c90e1dff630eda5ea67f30dd..bd8bf681ab1dd6189ecaee8d58278ee859fa3404 100644 (file)
--- a/htdocs/user_edit.php3
+++ b/htdocs/user_edit.php3
@@ -7,9 +7,7 @@ if (is_file("../lib/$config[general_lib_type]/user_info.php3"))
 if ($config[general_lib_type] == 'sql' && $config[sql_use_operators] == 'true'){
        $colspan=2;
        $show_ops = 1;
-       $op_eq = '=';
-       $op_set = ':=';
-       $op_add = '+=';
+       include("../lib/operators.php3");
 }
 else{
        $show_ops = 0;
@@ -132,6 +130,14 @@ EOM;
 <option $selected[$op_eq] value="=">=
 <option $selected[$op_set] value=":=">:=
 <option $selected[$op_add] value="+=">+=
+<option $selected[$op_eq2] value="==">==
+<option $selected[$op_ne] value="!=">!=
+<option $selected[$op_gt] value=">">&gt;
+<option $selected[$op_ge] value=">=">&gt;=
+<option $selected[$op_lt] value="<">&lt;
+<option $selected[$op_le] value="<=">&lt;=
+<option $selected[$op_regeq] value="=~">=~
+<option $selected[$op_regne] value="!~">!~
 </select>
 </td>
 EOM;

diff --git a/htdocs/user_new.php3 b/htdocs/user_new.php3
index 90104bba101b4464c9984360bff5cd935b39757b..77b70f0a1072a9f0ab88195a7773b0084c8d5647 100644 (file)
--- a/htdocs/user_new.php3
+++ b/htdocs/user_new.php3
@@ -10,9 +10,6 @@ require('../lib/defaults.php3');
 if ($config[general_lib_type] == 'sql' && $config[sql_use_operators] == 'true'){
        $colspan=2;
        $show_ops=1;
-       $op_eq = '=';
-       $op_set = ':=';
-       $op_add = '+=';
 }else{
        $show_ops = 0;
        $colspan=1;
@@ -151,6 +148,15 @@ EOM;
 <option selected value="=">=
 <option value=":=">:=
 <option value="+=">+=
+<option value="==">==
+<option value="!=">!=
+<option value=">">&gt;
+<option value=">=">&gt;=
+<option value="<">&lt;
+<option value="<=">&lt;=
+<option value="=~">=~
+<option value="!~">!~
+
 </select>
 </td>
 EOM;

diff --git a/lib/operators.php3 b/lib/operators.php3
new file mode 100644 (file)
index 0000000..b4841af
--- /dev/null
+++ b/lib/operators.php3
@@ -0,0 +1,38 @@
+<?php
+$op_eq = '=';
+$op_set = ':=';
+$op_add = '+=';
+$op_eq2 = '==';
+$op_ne = '!=';
+$op_gt = '>';
+$op_ge = '>=';
+$op_lt = '<';
+$op_le = '<=';
+$op_regeq = '=~';
+$op_regne = '!~';
+
+// Check the operator if it is allowed for this type of
+// attribute (check or reply).
+// Arguments:
+// $op: The operator
+// $type: 1(check),2(reply)
+// Return value:0 for OK, -1 for error
+function check_operator($op,$type)
+{
+       switch($op){
+               case '=': 
+               case ':=':
+               case '+=':
+                       return 0;
+               case '==':
+               case '!=':
+               case '>':
+               case '>=':
+               case '<':
+               case '<=':
+               case '=~':
+               case '!~':
+                       return ($type == 1) ? 0 : -1;
+       }
+}
+?>

diff --git a/lib/sql/change_attrs.php3 b/lib/sql/change_attrs.php3
index f12fd1f25f23cf389c8a27bb0460a67d8b218580..bc09b115d81c2aadc57a6f4e5af5c415edbeb843 100644 (file)
--- a/lib/sql/change_attrs.php3
+++ b/lib/sql/change_attrs.php3
@@ -22,21 +22,31 @@ if ($link){
                while(isset($$name)){
                        $val=$$name;
                        $op_name = $name . '_op';
-                       $op_val = $$op_name;
-                       if ($op_val != ''){
-                               $op_val1 = "'$op_val'";
-                               $op_val2 = ",'$op_val'";
-                       }
                        $i++;
                        $j++;
                        $name = $attrmap["$key"] . $i;
 
                        $sql_attr=$attrmap["$key"];
-                       if ($attr_type["$key"] == 'checkItem')
+                       if ($attr_type["$key"] == 'checkItem'){
                                $table = $config[sql_check_table];
-                       else if ($attr_type["$key"] == 'replyItem')
+                               $type = 1;
+                       }
+                       else if ($attr_type["$key"] == 'replyItem'){
                                $table = $config[sql_reply_table];
-       // if we have operators the operator has changed and the corresponding value exists then update
+                               $type = 2;
+                       }
+                       if ($use_ops){
+                               $op_val = $$op_name;
+                               if ($op_val != ''){
+                                       if (check_operator($op_val,$type) == -1){
+                                               echo "<b>Invalid operator ($op_val) for attribute $key</b><br>\n";
+                                               continue;
+                                       }
+                                       $op_val1 = "'$op_val'";
+                                       $op_val2 = ",'$op_val'";
+                               }
+                       }
+       // if we have operators, the operator has changed and the corresponding value exists then update
                        if ($use_ops && isset($item_vals["$key"][operator][$j]) &&
                                $op_val != $item_vals["$key"][operator][$j] ){
                                $res = @da_sql_query($link,$config,

diff --git a/lib/sql/create_user.php3 b/lib/sql/create_user.php3
index 7cc51855b370c41a3ba421eb415bd4ca7cb9dc84..012850a873af3172ddbe1e0d8932632ca8bca780 100644 (file)
--- a/lib/sql/create_user.php3
+++ b/lib/sql/create_user.php3
@@ -6,6 +6,7 @@ else{
        exit();
 }
 if ($config[sql_use_operators] == 'true'){
+       include("../lib/operators.php3");
        $text = ',op';
        $passwd_op = ",':='";
 }
@@ -43,15 +44,24 @@ if ($link){
                        foreach($show_attrs as $key => $attr){
                                if ($attrmap["$key"] == 'none')
                                        continue;
-                               if ($attr_type[$key] == 'checkItem')
+                               if ($attr_type[$key] == 'checkItem'){
                                        $table = "$config[sql_check_table]";
-                               else if ($attr_type[$key] == 'replyItem')
+                                       $type = 1;
+                               }
+                               else if ($attr_type[$key] == 'replyItem'){
                                        $table = "$config[sql_reply_table]";
+                                       $type = 2;
+                               }
                                $val = $$attrmap["$key"];
                                $op_name = $attrmap["$key"] . '_op';
                                $op_val = $$op_name;
-                               if ($op_val != '')
+                               if ($op_val != ''){
+                                       if (check_operator($op_val,$type) == -1){
+                                               echo "<b>Invalid operator ($op_val) for attribute $key</b><br>\n";
+                                               coninue;
+                                       }
                                        $op_val = ",'$op_val'";
+                               }
                                if ($val == '' || $val == $default_vals["$key"])
                                        continue;
                                $res = @da_sql_query($link,$config,