Question

I have a web form that collects information and submits it to a cgi that attempts to insert the data into LDAP. The problem is that I m trying to use a variable with ::ldap::add and it s just not working. Here s the code:

if {[string length env(QUERY_STRING)] != 0} {
    set handle [::ldap::connect localhost]
    set dn "cn=admin,dc=mycompany,dc=com"
    set pw "myPassword"

    ::ldap::bind $handle $dn $pw

    set dn "cn=[ncgi::value givenName] [ncgi::value sn],ou=people,dc=mycompany,dc=com"

    set formValues [
            puts "cn        {{[ncgi::value givenName] [ncgi::value sn]}}"
            puts "displayName       [ncgi::value givenName] [ncgi::value sn]"
            foreach {key value} [ncgi::nvlist] {
                    if {[string length $value] != 0} {
                            puts "$key      $value"
                    }
            }
            puts "objectClass       top"
            puts "objectClass       person"
            puts "objectClass       organizationalPerson"
            puts "objectClass       inetOrgPerson"
    ]

    ::ldap::add $handle $dn {
            $formValues
    }

    ldap::unbind $handle

}

However, if I replace $formValues with the actual entries that I want to insert into LDAP, they get added just fine.

I m new to TCL so I wouldn t be surprised if there were some glaring errors in this snippet.

Thanks in advance!

Answer 1

The big mistakes:

The square brackets substitute the result of the script inside it and not its output.
The puts commands sends strings to stdout (or a file) and doesn t save them for processing later.
The curly braces totally quash all substitutions inside them.

The fixes are to use list commands to build the description to use with ldap::add. For example:

set formValues {}
lappend formValues cn          "[ncgi::value givenName] [ncgi::value sn]"
### Might need this instead; it depends on how you want to do the construction
# lappend formValues cn        [list [ncgi::value givenName] [ncgi::value sn]]
lappend formValues displayName "[ncgi::value givenName] [ncgi::value sn]"
foreach {key value} [ncgi::nvlist] {
    ### Could also use {$value ne ""} here
    if {[string length $value] != 0} {
        lappend formValues $key $value
    }
}
lappend formValues objectClass top
lappend formValues objectClass person
lappend formValues objectClass organizationalPerson
lappend formValues objectClass inetOrgPerson

::ldap::add $handle $dn $formValues

Also, if those keys are coming from a form, you should add more validation to stop malicious users from adding unexpected extras like additional objectClasses. An ounce of prevention is worth a hundredweight of cure.

友情链接