get_bind_status()){ $response['error']='Errore di connessione a ldap'; echo json_encode($response); exit; } #bind ldap or exit $loggedin=$u->check_password($_SESSION['password']); $response['loggedin']=$loggedin; if (!$loggedin){ $response['error']='Credenziali non valide'; echo json_encode($response); exit; } $admin=$u->is_admin(); $response['admin']=$admin; $user=$_SESSION['username']; if (isset($_GET['user']) and $_GET['user']!=$_SESSION['username']){ if ($admin){ $user=$_GET['user']; }else{ $response['error']='Permessi non sufficienti per visualizzare l\'utente'; echo json_encode($response); exit; } } if (isset($_POST['new_user'])){ if($admin){ $u3=new LilikUser($user); $u3->create($_POST['new_name'],$_POST['new_surname'],$_POST['new_passwd']); $response['success']='Utente creato vai alla pagina'; echo json_encode($response); exit; }else{ $response['error']='Permessi non sufficienti per creare l\'utente'; } } $u2=new LilikUser($user); if (!$u2->exist()){ $response['error']='Utente inesistente'; $response['exist']=false; echo json_encode($response); exit; } $response['avaible_services']=$u2->get_services(); if (isset($_POST['new_password'])) { if(!$admin and !$u2->check_password($_POST['old_password'])){ $response['error']='Password errata'; }else{ if ($_POST['new_password']==$_POST['new_password2'] and $_POST['new_password']!=''){ $u2->set_attr('userPassword', $_POST['new_password']); $response['edit']=True; if ($user==$_SESSION['username']){ $_SESSION['password']=$_POST['new_password']; } }else{ $response['error']='La password non coincide'; } } } if (isset($_POST['services'])) { if($admin){ $response['edit']=True; $actual=$u2->get_enabled_services(); $to_disable=array_diff($actual, $_POST['services']); $to_enable=array_diff($_POST['services'], $actual); foreach (["enable"=>$to_enable, "disable"=>$to_disable] as $function=>$services){ foreach ($services as $service){ try { $u2->$function($service); } catch (Exception $e) { if ($e->getMessage()=="Service not found"){ $response['error']="Servizio sconosciuto: $service"; }else{ throw $e; } } } } }else{ $response['error']='Permessi non sufficienti'; } } if (isset($_POST['cn'])) { if($admin){ $response['edit']=True; if ($u2->get_attr('cn')!=$_POST['cn']){ $u2->set_attr('cn', $_POST['cn']); } }else{ $response['error']='Permessi non sufficienti'; } } if ($response['edit']==True and !isset($response['error'])){ $response['success']='Salvataggio effettuato'; } $response['services']=$u2->get_enabled_services(); $response['username']=$user; $response['cn']=$u2->get_attr('cn'); echo json_encode($response); ?>