Use the correct max results variable in lib/*/find.php3

diff --git a/dialup_admin/Changelog b/dialup_admin/Changelog
index 9e07b5a..fff13e6 100644 (file)
--- a/dialup_admin/Changelog
+++ b/dialup_admin/Changelog
@@ -7,6 +7,7 @@ Ver 1.80:
 * Rename the badusers date field to incidentdate to avoid reserved words in databases. Bug found by
   Peter Nixon
 * Count online users correctly (through a separate query) in user_finger.
+* Use the correct max results variable in lib/*/find.php3
 Ver 1.78:
 * Add a snmp_clearsession which can disconnect a user by using the Cisco AAA Session MIB
 * Add a configuration directive general_sessionclear_bin

diff --git a/dialup_admin/lib/ldap/find.php3 b/dialup_admin/lib/ldap/find.php3
index 5b9e4a3..3d24e7e 100644 (file)
--- a/dialup_admin/lib/ldap/find.php3
+++ b/dialup_admin/lib/ldap/find.php3
@@ -2,6 +2,10 @@
 require_once('../lib/ldap/functions.php3');
 $ds=@ldap_connect("$config[ldap_server]");  // must be a valid ldap server!
 if ($ds) {
+       if (!is_numeric($max))
+               $max = 10;
+       if ($max > 500)
+               $max = 10;
        $r=@da_ldap_bind($ds,$config);
        if ($search_IN == 'name' || $search_IN == 'ou')
                $attr = ($search_IN == 'name') ? 'cn' : 'ou';
@@ -11,7 +15,7 @@ if ($ds) {
        }
        if ($config[ldap_debug] == 'true')
                print "<b>DEBUG(LDAP): Search Query: BASE='$config[ldap_base]',FILTER='$attr=*$search*'</b><br>\n";
-       $sr=@ldap_search($ds,"$config[ldap_base]", "$attr=*$search*",array('uid'),0,$max_results);
+       $sr=@ldap_search($ds,"$config[ldap_base]", "$attr=*$search*",array('uid'),0,$max);
        if (($info = @ldap_get_entries($ds, $sr))){
                for ($i = 0; $i < $info["count"]; $i++)
                        $found_users[] = $info[$i]['uid'][0];

diff --git a/dialup_admin/lib/sql/find.php3 b/dialup_admin/lib/sql/find.php3
index eca24d1..f7e9429 100644 (file)
--- a/dialup_admin/lib/sql/find.php3
+++ b/dialup_admin/lib/sql/find.php3
@@ -11,16 +11,16 @@ unset($found_users);
 $link = @da_sql_pconnect($config);
 if ($link){
        $search = da_sql_escape_string($search);
-       if (!is_numeric($max_results))
-               $max_results = 10;
-       if ($max_results > 500)
-               $max_results = 10;
+       if (!is_numeric($max))
+               $max = 10;
+       if ($max > 500)
+               $max = 10;
        if (($search_IN == 'name' || $search_IN == 'department' || $search_IN == 'username') && 
                        $config[sql_use_user_info_table] == 'true'){
                $res = @da_sql_query($link,$config,
-               "SELECT " . da_sql_limit($max_results,0,$config) . " username FROM $config[sql_user_info_table] WHERE
+               "SELECT " . da_sql_limit($max,0,$config) . " username FROM $config[sql_user_info_table] WHERE
                lower($search_IN) LIKE '%$search%' " .
-               da_sql_limit($max_results,1,$config) . " " . da_sql_limit($max_results,2,$config) . " ;");
+               da_sql_limit($max,1,$config) . " " . da_sql_limit($max,2,$config) . " ;");
                if ($res){
                        while(($row = @da_sql_fetch_array($res,$config)))
                                $found_users[] = $row[username];
@@ -38,8 +38,8 @@ if ($link){
                $attr = $attrmap[$radius_attr];
                $attr = da_sql_escape_string($attr);
                $res = @da_sql_query($link,$config,
-               "SELECT " . da_sql_limit($max_results,0,$config) . " username FROM $table WHERE attribute = '$attr'
-               AND value LIKE '%$search%' " . da_sql_limit($max_results,1,$config) . " " . da_sql_limit($max_results,2,$config) . " ;");
+               "SELECT " . da_sql_limit($max,0,$config) . " username FROM $table WHERE attribute = '$attr'
+               AND value LIKE '%$search%' " . da_sql_limit($max,1,$config) . " " . da_sql_limit($max,2,$config) . " ;");
                if ($res){
                        while(($row = @da_sql_fetch_array($res,$config)))
                                $found_users[] = $row[username];
@@ -50,4 +50,4 @@ if ($link){
 }
 else
        echo "<b>Could not connect to SQL database</b><br>\n";
-?>
+>