tags:

views:

33

answers:

1

I have a web form that collects information and submits it to a cgi that attempts to insert the data into LDAP. The problem is that I'm trying to use a variable with ::ldap::add and it's just not working. Here's the code:

if {[string length env(QUERY_STRING)] != 0} {
    set handle [::ldap::connect localhost]
    set dn "cn=admin,dc=mycompany,dc=com"
    set pw "myPassword"

    ::ldap::bind $handle $dn $pw

    set dn "cn=[ncgi::value givenName] [ncgi::value sn],ou=people,dc=mycompany,dc=com"

    set formValues [
            puts "cn        {{[ncgi::value givenName] [ncgi::value sn]}}"
            puts "displayName       [ncgi::value givenName] [ncgi::value sn]"
            foreach {key value} [ncgi::nvlist] {
                    if {[string length $value] != 0} {
                            puts "$key      $value"
                    }
            }
            puts "objectClass       top"
            puts "objectClass       person"
            puts "objectClass       organizationalPerson"
            puts "objectClass       inetOrgPerson"
    ]

    ::ldap::add $handle $dn {
            $formValues
    }

    ldap::unbind $handle

}

However, if I replace $formValues with the actual entries that I want to insert into LDAP, they get added just fine.

I'm new to TCL so I wouldn't be surprised if there were some glaring errors in this snippet.

Thanks in advance!

+3  A: 

The big mistakes:

  1. The square brackets substitute the result of the script inside it and not its output.
  2. The puts commands sends strings to stdout (or a file) and doesn't save them for processing later.
  3. The curly braces totally quash all substitutions inside them.

The fixes are to use list commands to build the description to use with ldap::add. For example:

set formValues {}
lappend formValues cn          "[ncgi::value givenName] [ncgi::value sn]"
### Might need this instead; it depends on how you want to do the construction
# lappend formValues cn        [list [ncgi::value givenName] [ncgi::value sn]]
lappend formValues displayName "[ncgi::value givenName] [ncgi::value sn]"
foreach {key value} [ncgi::nvlist] {
    ### Could also use {$value ne ""} here
    if {[string length $value] != 0} {
        lappend formValues $key $value
    }
}
lappend formValues objectClass top
lappend formValues objectClass person
lappend formValues objectClass organizationalPerson
lappend formValues objectClass inetOrgPerson

::ldap::add $handle $dn $formValues

Also, if those keys are coming from a form, you should add more validation to stop malicious users from adding unexpected extras like additional objectClasses. An ounce of prevention is worth a hundredweight of cure.

Donal Fellows
Thank you very much! I do plan on validating inputs; I didn't include that code in this example because I thought it would take away from the problem that I was trying to solve. Thanks again!!
musashiXXX
I've made the changes and I'm still having some problems, however I now understand what I was doing wrong. After fixing the code, I inserted the following line just so see if the command was being built correctly:puts $formValuesIt spits out the appropriate information, and I've checked it thoroughly to ensure that it is in the correct format, but for some reason the entry isn't being inserted. I appreciate your help!
musashiXXX
Can't tell from the description now. Try stopping by #tcl on freenode. There's plenty of knowledgeable folks there who will be able to help out, and some things are just easier to debug with more direct interaction...
Donal Fellows
thank you very much!
musashiXXX