Merge branch 'encode' into future

diff --git a/lib/LiCoM/Config.pm b/lib/LiCoM/Config.pm
index 295f7eb..be8359f 100644 (file)
--- a/lib/LiCoM/Config.pm
+++ b/lib/LiCoM/Config.pm
@@ -4,6 +4,8 @@ use strict;
 use warnings;
 use Carp (qw(cluck confess));
 
+use File::Basename (qw(dirname));
+
 use Exporter;
 
 @LiCoM::Config::EXPORT_OK = (qw(get_config set_config read_config));
@@ -72,6 +74,10 @@ sub read_config
        {
                push (@files, $ENV{'HOME'} . '/.licomrc');
        }
+       elsif (defined ($ENV{'SCRIPT_FILENAME'}))
+       {
+               push (@files, dirname ($ENV{'SCRIPT_FILENAME'}) . '/licom.conf');
+       }
 
        for (@files)
        {

diff --git a/lib/LiCoM/Group.pm b/lib/LiCoM/Group.pm
index a5cade9..8ebc7ac 100644 (file)
--- a/lib/LiCoM/Group.pm
+++ b/lib/LiCoM/Group.pm
@@ -3,6 +3,8 @@ package LiCoM::Group;
 use strict;
 use warnings;
 
+use Encode (qw(encode decode));
+
 use LiCoM::Config (qw(get_config));
 use LiCoM::Connection (qw($Ldap));
 use Net::LDAP;
@@ -22,9 +24,9 @@ sub new
        my $entry = shift;
        my $obj = {};
 
-       $obj->{'name'}        = $entry->get_value ('cn', asref => 0);
-       $obj->{'description'} = $entry->get_value ('description', asref => 0);
-       $obj->{'members'}     = [map { m/cn=([^,]+)/i; $1; } ($entry->get_value ('member', asref => 0))];
+       $obj->{'name'}        = decode ('utf-8', $entry->get_value ('cn', asref => 0));
+       $obj->{'description'} = decode ('utf-8', $entry->get_value ('description', asref => 0));
+       $obj->{'members'}     = [map { m/cn=([^,]+)/i; decode ('utf-8', $1); } ($entry->get_value ('member', asref => 0))];
        $obj->{'ldap'}        = $entry;
 
        return (bless ($obj, $pkg));
@@ -114,12 +116,12 @@ sub create ($$$@)
 
        my $entry = Net::LDAP::Entry->new ();
 
-       $entry->add (objectClass => [qw(top groupOfNames)]);
-       $entry->add (ou => $ou);
-       $entry->add (cn => $name);
-       $entry->add (member => [map { _cn_to_dn ($_) } (@members)]);
-       $entry->add (description => $desc) if ($desc);
-       $entry->dn ($dn);
+       $entry->add (objectClass => [map { encode ('UTF-8', $_) } (qw(top groupOfNames))]);
+       $entry->add (ou => encode ('UTF-8', $ou));
+       $entry->add (cn => encode ('UTF-8', $name));
+       $entry->add (member => [map { encode ('UTF-8', _cn_to_dn ($_)) } (@members)]);
+       $entry->add (description => encode ('UTF-8', $desc)) if ($desc);
+       $entry->dn (encode ('UTF-8', $dn));
 
        $entry->changetype ('add');
        my $mesg = $entry->update ($Ldap);
@@ -270,6 +272,7 @@ sub name
                my $entry = $obj->{'ldap'};
                $obj->{'name'} = shift;
 
+               # FIXME
                $entry->changetype ('modify');
                $entry->replace (cn => $obj->{'name'});
                $entry->update ($Ldap);
@@ -296,7 +299,7 @@ sub description
                $obj->{'description'} = shift;
 
                $entry->changetype ('modify');
-               $entry->replace (description => [$obj->{'description'}]);
+               $entry->replace (description => [encode ('UTF-8', $obj->{'description'})]);
                $entry->update ($Ldap);
        }
 
@@ -317,6 +320,8 @@ sub _update_members
        my $entry = $obj->{'ldap'};
        my @tmp = map { _cn_to_dn ($_); } (@{$obj->{'members'}});
 
+       $_ = encode ('UTF-8', $_) for (@tmp);
+
        $entry->changetype ('modify');
        $entry->replace (member => \@tmp);
        $entry->update ($Ldap);

diff --git a/lib/LiCoM/Person.pm b/lib/LiCoM/Person.pm
index 3c43a4b..efc37c2 100644 (file)
--- a/lib/LiCoM/Person.pm
+++ b/lib/LiCoM/Person.pm
@@ -3,6 +3,9 @@ package LiCoM::Person;
 use strict;
 use warnings;
 
+use Carp (qw(cluck confess));
+use Encode (qw(encode decode is_utf8));
+
 use LiCoM::Config (qw(get_config));
 use LiCoM::Connection (qw($Ldap));
 
@@ -59,7 +62,16 @@ sub new
        for (keys %ValidFields)
        {
                my $key = $_;
-               $obj->{$key} = $entry->get_value ($key, asref => $ValidFields{$key});
+               my $val = $entry->get_value ($key, asref => $ValidFields{$key});
+
+               if (ref ($val))
+               {
+                       $obj->{$key} = [map { decode ('UTF-8', $_) } (@$val)];
+               }
+               else
+               {
+                       $obj->{$key} = decode ('UTF-8', $val);
+               }
        }
 
        return (bless ($obj, $pkg));
@@ -84,8 +96,8 @@ sub load
 
        if (!$retval)
        {
-               warn ("CN '$cn' could not be found");
-               return (undef);
+               cluck ("CN '$cn' could not be found");
+               return;
        }
        
        return ($retval);
@@ -125,11 +137,11 @@ sub create
                {
                        if (ref ($val) eq 'ARRAY')
                        {
-                               $entry->add ($field => [@$val]) if (@$val);
+                               $entry->add ($field => [map { encode ('UTF-8', $_) } (@$val)]) if (@$val);
                        }
                        elsif (!ref ($val))
                        {
-                               $entry->add ($field => [$val]) if ($val);
+                               $entry->add ($field => [encode ('UTF-8', $val)]) if ($val);
                        }
                        else
                        {
@@ -141,32 +153,33 @@ sub create
                        my $temp;
                        if (ref ($val) eq 'ARRAY')
                        {
-                               $temp = $val->[0];
+                               $temp = encode ('UTF-8', $val->[0]);
                        }
                        elsif (!ref ($val))
                        {
-                               $temp = $val;
+                               $temp = encode ('UTF-8', $val);
                        }
                        else
                        {
                                warn ("You cannot pass ref-type " . ref ($val));
                        }
 
-                       $entry->add ($field => $val) if (defined ($val) and $val);
+                       $entry->add ($field => $temp) if (defined ($temp) and $temp);
                }
        }
 
+       # $sn and $gn are UTF-8
        my $sn = $entry->get_value ('sn');
        my $gn = $entry->get_value ('givenName');
 
        if (!defined ($sn) or !defined ($gn))
        {
                warn ("sn or givenName not given");
-               return (undef);
+               return;
        }
 
-       $ou = 'Person';
-       $dn = "cn=$sn $gn,ou=$ou," . get_config ('base_dn');
+       $ou = encode ('UTF-8', 'Person');
+       $dn = "cn=$sn $gn,ou=$ou," . encode ('UTF-8', get_config ('base_dn'));
        
        $entry->add (cn => "$sn $gn", ou => $ou);
        $entry->dn ($dn);
@@ -176,8 +189,9 @@ sub create
 
        if ($mesg->is_error ())
        {
-               warn ("Error while creating entry '$dn' on LDAP server: " . $mesg->error_text ());
-               return (undef);
+               my $tmp = decode ('UTF-8', $dn);
+               warn ("Error while creating entry '$tmp' on LDAP server: " . $mesg->error_text ());
+               return;
        }
 
        return (new ($pkg, $entry));
@@ -228,6 +242,8 @@ sub search
 
                        $value =~ s/([\(\)\\])/\\$1/g;
 
+                       confess ("Value is not UTF-8 encoded: `$value'") if (!is_utf8 ($value));
+
                        push (@disjunc, "($field=$value)");
                }
                        
@@ -258,7 +274,7 @@ sub search
        $mesg = $Ldap->search
        (
                base   => 'ou=Person,' . get_config ('base_dn'),
-               filter => $filter
+               filter => encode ('UTF-8', $filter)
        );
 
        if ($mesg->is_error ())
@@ -290,7 +306,7 @@ sub get_user
        my $dn = shift;
        my ($search) = $dn =~ m/cn\s*=\s*([^,]+)/i;
 
-       die unless ($search);
+       return unless ($search);
        
        my $cn = '';
        my $id = '';
@@ -303,8 +319,8 @@ sub get_user
 
        if ($mesg->is_error ())
        {
-               warn ("Error while querying LDAP server: " . $mesg->error_text ());
-               return ('');
+               cluck ("Error while querying LDAP server: " . $mesg->error_text ());
+               return;
        }
 
        for ($mesg->entries ())
@@ -355,22 +371,35 @@ Get or set the lastname.
 
 sub _update_dn
 {
+       confess ("Wrong number of arguments") if (@_ != 3);
        my $obj = shift;
+
+       my $obj_new;
+       my %hash_new;
+
+       my $sn = shift;
+       my $gn = shift;
+
        my $entry = $obj->{'ldap'};
-       my $sn = $obj->{'sn'};
-       my $gn = $obj->{'givenName'};
-       my $cn = "$sn $gn";
-       my $dn = "cn=$cn,ou=Person," . get_config ('base_dn');
 
-       $obj->{'cn'} = $cn;
+       if (($sn eq $obj->{'sn'}) && ($gn eq $obj->{'givenName'}))
+       {
+               return;
+       }
 
-       print STDERR "This is _update_dn, trying to set dn=$dn";
+       $hash_new{$_} = $obj->{$_} for (keys %ValidFields);
+       $hash_new{'sn'} = $sn;
+       $hash_new{'givenName'} = $gn;
+       delete ($hash_new{'cn'});
 
-       $entry->changetype ('modify');
-       $entry->replace (sn => $sn, givenName => $gn, cn => $cn);
-       $entry->update ($Ldap);
-       $entry->dn ($dn);
-       $entry->update ($Ldap);
+       $obj_new = LiCoM::Person->create (%hash_new)
+               or confess ("Cannot duplicate LDAP entry");
+
+       $obj->delete ();
+
+       %$obj = %$obj_new;
+
+       return ($obj->{'dn'});
 }
 
 sub lastname
@@ -379,8 +408,7 @@ sub lastname
 
        if (@_)
        {
-               $obj->{'sn'} = shift;
-               _update_dn ($obj);
+               _update_dn ($obj, shift, $obj->{'givenName'});
        }
 
        return ($obj->{'sn'});
@@ -398,8 +426,7 @@ sub firstname
 
        if (@_)
        {
-               $obj->{'givenName'} = shift;
-               _update_dn ($obj);
+               _update_dn ($obj, $obj->{'sn'}, shift);
        }
 
        return ($obj->{'givenName'});
@@ -495,6 +522,8 @@ sub set
 
        if (defined ($value))
        {
+               $_ = encode ('UTF-8', $_) for (@$value);
+
                $entry->changetype ('modify');
 
                if ($ValidFields{$field})

diff --git a/licom.cgi b/licom.cgi
index 2a9c7c9..26c13a8 100755 (executable)
--- a/licom.cgi
+++ b/licom.cgi
@@ -20,6 +20,7 @@ use strict;
 use warnings;
 use lib (qw(lib));
 
+use Encode (qw(encode decode is_utf8));
 use CGI (':cgi');
 use CGI::Carp (qw(fatalsToBrowser));
 use URI::Escape;
@@ -48,7 +49,7 @@ our %FieldNames =
 
 our $MySelf = $ENV{'SCRIPT_NAME'};
 
-our $Action = param ('action');
+our $Action = param_utf8 ('action');
 $Action ||= 'default';
 
 our %Actions =
@@ -78,7 +79,7 @@ our %Actions =
 die unless ($ENV{'REMOTE_USER'});
 #set_config ('base_dn', $ENV{'REMOTE_USER'});
 
-die unless (defined (get_config ('uri'))
+die ("Configuration is incomplete") unless (defined (get_config ('uri'))
        and defined (get_config ('base_dn'))
        and defined (get_config ('bind_dn'))
        and defined (get_config ('password')));
@@ -88,7 +89,7 @@ LiCoM::Connection->connect
        uri      => get_config ('uri'),
        bind_dn  => get_config ('bind_dn'),
        password => get_config ('password')
-) or die ("LiCoM::Connection->connect failed.");
+) or die ("Unable to connect to LDAP directory server " . get_config ('uri'));
 
 our ($UserCN, $UserID) = LiCoM::Person->get_user ($ENV{'REMOTE_USER'});
 
@@ -127,7 +128,7 @@ exit (0);
 
 sub action_browse
 {
-       my $group = param ('group');
+       my $group = param_utf8 ('group');
        $group = shift if (@_);
        $group ||= '';
 
@@ -142,7 +143,7 @@ sub action_browse
                        my @members = $group->get_members ();
                        my $members = scalar (@members);
                        my $group_name = $group->name ();
-                       my $group_uri  = uri_escape ($group_name);
+                       my $group_uri  = uri_escape_utf8 ($group_name);
                        my $desc = $group->description ();
 
                        print qq#\t\t\t<li><a href="$MySelf?action=browse&group=$group_uri">#,
@@ -166,7 +167,7 @@ EOF
        else
        {
                my $group_obj    = LiCoM::Group->load ($group);
-               my $group_uri    = uri_escape ($group_obj->name ());
+               my $group_uri    = uri_escape_utf8 ($group_obj->name ());
                my $group_html   = encode_entities ($group_obj->name ());
                my @member_names = $group_obj->get_members ();
                my $desc         = $group_obj->description ();
@@ -178,7 +179,7 @@ EOF
                for (sort (@member_names))
                {
                        my $cn = $_;
-                       my $cn_uri  = uri_escape ($cn);
+                       my $cn_uri  = uri_escape_utf8 ($cn);
                        my $cn_html = encode_entities ($cn);
 
                        print qq(\t\t\t<li><a href="$MySelf?action=detail&cn=$cn_uri">$cn_html</a></li>\n);
@@ -197,7 +198,7 @@ EOF
 
 sub action_list
 {
-       my $group_name = param ('group');
+       my $group_name = param_utf8 ('group');
        $group_name = shift if (@_);
        $group_name ||= '';
 
@@ -259,7 +260,7 @@ EOF
                my $sn = $person->lastname ();
                my $gn = $person->firstname ();
 
-               my $cn_uri  = uri_escape ($cn);
+               my $cn_uri  = uri_escape_utf8 ($cn);
                my $cn_html = encode_entities ("$sn, $gn");
 
                print "\t\t\t<tr>\n",
@@ -278,7 +279,7 @@ EOF
 
        if ($group_name)
        {
-               my $group_esc = uri_escape ($group_name);
+               my $group_esc = uri_escape_utf8 ($group_name);
                print qq(\t\t<div class="menu">[<a href="$MySelf?action=browse&group=$group_esc">Back</a>]</div>\n);
        }
        else
@@ -289,12 +290,12 @@ EOF
 
 sub action_detail
 {
-       my $cn = param ('cn');
+       my $cn = param_utf8 ('cn');
        $cn = shift if (@_);
        die unless ($cn);
 
        my $cn_html = encode_entities ($cn);
-       my $cn_uri  = uri_escape ($cn);
+       my $cn_uri  = uri_escape_utf8 ($cn);
 
        my $person = LiCoM::Person->load ($cn);
        if (!$person)
@@ -353,7 +354,7 @@ EOF
                {
                        my $group = $groups[$i];
                        my $group_name = $group->name ();
-                       my $group_uri  = uri_escape ($group_name);
+                       my $group_uri  = uri_escape_utf8 ($group_name);
                        my $group_html = encode_entities ($group_name);
 
                        print "\t\t\t<tr>\n" if ($i != 0);
@@ -377,7 +378,7 @@ EOF
 
 sub action_search
 {
-       my $search = param ('search');
+       my $search = param_utf8 ('search');
 
        $search ||= '';
        $search =~ s/[^\s\w]//g;
@@ -419,7 +420,7 @@ sub action_search
        {
                my $person = $_;
                my $cn = $person->name ();
-               my $cn_uri  = uri_escape ($cn);
+               my $cn_uri  = uri_escape_utf8 ($cn);
                my $cn_html = encode_entities ($cn);
 
                print qq(\t\t<li><a href="$MySelf?action=detail&cn=$cn_uri">$cn_html</a></li>\n);
@@ -431,7 +432,7 @@ sub action_edit
 {
        my %opts = @_;
 
-       my $cn = param ('cn');
+       my $cn = param_utf8 ('cn');
 
        $cn = $opts{'cn'} if (defined ($opts{'cn'}));
        $cn ||= '';
@@ -448,6 +449,9 @@ sub action_edit
        my $lastname;
        my $firstname;
 
+       my $lastname_html;
+       my $firstname_html;
+
        my $contacts = {};
        $contacts->{$_} = [] for (@MultiFields);
 
@@ -470,13 +474,16 @@ sub action_edit
                }
        }
 
-       $lastname    = param ('lastname')    if (param ('lastname')  and $UserID);
-       $firstname   = param ('firstname')   if (param ('firstname') and $UserID);
+       $lastname  = param_utf8 ('lastname')  if (param_utf8 ('lastname')  and $UserID);
+       $firstname = param_utf8 ('firstname') if (param_utf8 ('firstname') and $UserID);
 
        get_contacts ($contacts);
        
        $lastname    =   $opts{'lastname'}     if (defined ($opts{'lastname'}));
        $firstname   =   $opts{'firstname'}    if (defined ($opts{'firstname'}));
+       $lastname_html  = encode_entities ($lastname);
+       $firstname_html = encode_entities ($firstname);
+
        for (@MultiFields)
        {
                my $field = $_;
@@ -493,7 +500,7 @@ sub action_edit
        }
 
        print <<EOF;
-               <form action="$MySelf" method="post">
+               <form action="$MySelf" method="post" accept-charset="UTF-8">
                <input type="hidden" name="action" value="save" />
                <input type="hidden" name="cn" value="$cn_html" />
                <table class="edit">
@@ -502,11 +509,11 @@ sub action_edit
 EOF
        if ($UserID)
        {
-               print qq(\t\t\t\t<td><input type="text" name="lastname" value="$lastname" /></td>\n);
+               print qq(\t\t\t\t<td><input type="text" name="lastname" value="$lastname_html" /></td>\n);
        }
        else
        {
-               print qq(\t\t\t\t<td>$lastname</td>\n);
+               print qq(\t\t\t\t<td>$lastname_html</td>\n);
        }
        print <<EOF;
                        </tr>
@@ -515,11 +522,11 @@ EOF
 EOF
        if ($UserID)
        {
-               print qq(\t\t\t\t<td><input type="text" name="firstname" value="$firstname" /></td>\n);
+               print qq(\t\t\t\t<td><input type="text" name="firstname" value="$firstname_html" /></td>\n);
        }
        else
        {
-               print qq(\t\t\t\t<td>$firstname</td>\n);
+               print qq(\t\t\t\t<td>$firstname_html</td>\n);
        }
        
        print "\t\t\t</tr>\n";
@@ -605,7 +612,7 @@ EOF
 
 sub action_save
 {
-       my $cn = $UserID ? param ('cn') : $UserCN;
+       my $cn = $UserID ? param_utf8 ('cn') : $UserCN;
 
        if (verify_fields ())
        {
@@ -621,7 +628,7 @@ sub action_save
 
        die unless ($UserID);
 
-       my $button = lc (param ('button'));
+       my $button = lc (param_utf8 ('button'));
        $button ||= 'save';
 
        if ($button eq 'cancel')
@@ -630,15 +637,15 @@ sub action_save
                return;
        }
 
-       if (!param ('lastname') or !param ('firstname'))
+       if (!param_utf8 ('lastname') or !param_utf8 ('firstname'))
        {
                print qq(\t<div class="error">You have to give both, first and lastname, to identify this record.</div>\n);
                action_edit (cn => '');
                return;
        }
 
-       my $lastname  = param ('lastname');
-       my $firstname = param ('firstname');
+       my $lastname  = param_utf8 ('lastname');
+       my $firstname = param_utf8 ('firstname');
 
        my $contacts = get_contacts ();
 
@@ -652,7 +659,7 @@ sub action_save
        
        $cn = $person->name ();
 
-       for (param ('group'))
+       for (param_utf8 ('group'))
        {
                my $group_name = $_;
                my $group = LiCoM::Group->load ($group_name);
@@ -668,10 +675,10 @@ sub action_save
                }
        }
 
-       if (param ('newgroup'))
+       if (param_utf8 ('newgroup'))
        {
                # FIXME add error handling
-               my $group_name = param ('newgroup');
+               my $group_name = param_utf8 ('newgroup');
                LiCoM::Group->create ($group_name, '', $cn);
        }
 
@@ -687,12 +694,12 @@ sub action_save
 
 sub action_update
 {
-       my $cn = $UserID ? param ('cn') : $UserCN;
-       my $person = LiCoM::Person->load ($cn);
+       my $cn = $UserID ? param_utf8 ('cn') : $UserCN;
 
-       die unless ($person);
+       my $person = LiCoM::Person->load ($cn);
+       die ("Unable to load CN `$cn'") unless ($person);
 
-       my $button = lc (param ('button'));
+       my $button = lc (param_utf8 ('button'));
        $button ||= 'save';
 
        if ($UserID and $button eq 'cancel')
@@ -703,17 +710,39 @@ sub action_update
 
        if ($UserID)
        {
-               my $lastname  = param ('lastname');
-               my $firstname = param ('firstname');
+               my $lastname  = param_utf8 ('lastname');
+               my $firstname = param_utf8 ('firstname');
+
+               my $old_cn = $person->name ();
+
+               print <<HTML;
+<div><code>
+       \$lastname = $lastname<br />
+       \$firstname = $firstname<br />
+       \$old_cn = $old_cn
+</code></div>
+HTML
 
                $person->lastname  ($lastname)  if ($lastname  and $lastname  ne $person->lastname ());
                $person->firstname ($firstname) if ($firstname and $firstname ne $person->firstname ());
 
                $cn = $person->name ();
-               # FIXME Fix groups:
-               # Each group is one entry of type (objectClass=groupOfNames)
-               # with one or more `member' attributes. These attributes are
-               # the `dn' (distinguished name) of the member entries.
+
+               # Change the cn's saved in the groups
+               if ($old_cn ne $cn)
+               {
+                       my @groups = LiCoM::Group->load_by_member ($old_cn);
+                       for (@groups)
+                       {
+                               # ->del_members automatically deleted the
+                               # group, if no more members exist. So this
+                               # order is important.
+                               print "<div><code>\$cn = " . encode_entities ($cn) . "; "
+                               . "\$old_cn = " . encode_entities ($old_cn) . ";</code></div>\n";
+                               $_->add_members ($cn);
+                               $_->del_members ($old_cn);
+                       }
+               } # if ($old_cn ne $cn)
        }
 
        my $contacts = get_contacts ();
@@ -738,7 +767,7 @@ sub action_update
        # only `authorized' users may see and change groups
        if ($UserID)
        {
-               my %changed_groups = map { $_ => 1 } (param ('group'));
+               my %changed_groups = map { $_ => 1 } (param_utf8 ('group'));
                my @current_groups = LiCoM::Group->load_by_member ($cn);
 
                for (@current_groups)
@@ -763,10 +792,10 @@ sub action_update
                        $group_obj->add_members ($cn);
                }
 
-               if (param ('newgroup'))
+               if (param_utf8 ('newgroup'))
                {
                        # FIXME add error handling
-                       my $group_name = param ('newgroup');
+                       my $group_name = param_utf8 ('newgroup');
                        LiCoM::Group->create ($group_name, '', $cn);
                }
        }
@@ -792,7 +821,7 @@ HTML
 
 sub action_vcard
 {
-       my $cn = param ('cn');
+       my $cn = param_utf8 ('cn');
        $cn = shift if (@_);
        die unless ($cn);
 
@@ -812,7 +841,7 @@ sub action_vcard
 
        my $sn = $person->lastname ();
        my $gn = $person->firstname ();
-       my $cn_esc = uri_escape ($cn);
+       my $cn_esc = uri_escape_utf8 ($cn);
 
        print <<EOF;
 Content-Type: text/x-vcard
@@ -843,7 +872,7 @@ EOF
 
 sub action_verify
 {
-       my $cn = param ('cn');
+       my $cn = param_utf8 ('cn');
        $cn = shift if (@_);
        die unless ($cn);
 
@@ -895,7 +924,7 @@ sub action_verify_send_mail
        my ($owner_mail) = $owner->get ('mail');
        if (!$owner_mail)
        {
-               my $cn_uri = uri_escape ($UserCN);
+               my $cn_uri = uri_escape_utf8 ($UserCN);
                print qq(\t\t<div class="error">You have no email set in your own profile. <a href="$MySelf?action=edit&cn=$cn_uri">Edit it now</a>!</div>\n);
                return (0);
        }
@@ -958,13 +987,13 @@ EOM
 
 sub action_ask_del
 {
-       my $cn = param ('cn');
+       my $cn = param_utf8 ('cn');
        $cn or die;
 
        my $person = LiCoM::Person->load ($cn);
        $person or die;
 
-       my $cn_uri  = uri_escape ($cn);
+       my $cn_uri  = uri_escape_utf8 ($cn);
        my $cn_html = encode_entities ($cn);
 
        print <<EOF;
@@ -985,7 +1014,7 @@ EOF
 
 sub action_do_del
 {
-       my $cn = param ('cn');
+       my $cn = param_utf8 ('cn');
        $cn or die;
 
        my $cn_html = encode_entities ($cn);
@@ -1004,7 +1033,7 @@ EOF
 
 sub action_edit_group
 {
-       my $group_name = param ('group') or die;
+       my $group_name = param_utf8 ('group') or die;
 
        my $group_name_html = encode_entities ($group_name);
 
@@ -1022,7 +1051,7 @@ sub action_edit_group
 
        print <<HTML;
        <h2>Edit contact group &quot;$group_name_html&quot;</h2>
-       <form action="$MySelf" method="post">
+       <form action="$MySelf" method="post" accept-charset="UTF-8">
          <input type="hidden" name="action" value="save_group" />
          <input type="hidden" name="group" value="$group_name_html" />
          <table>
@@ -1044,7 +1073,7 @@ HTML
 
 sub action_save_group
 {
-       my $group_name = param ('group') or die;
+       my $group_name = param_utf8 ('group') or die;
 
        my $group_name_html = encode_entities ($group_name);
 
@@ -1056,7 +1085,7 @@ sub action_save_group
                return;
        }
 
-       my $desc = param ('description');
+       my $desc = param_utf8 ('description');
        $group_obj->description ($desc);
 
        action_browse ();
@@ -1290,20 +1319,20 @@ EOF
 
        if ($UserID)
        {
-               my $search = param ('search') || '';
+               my $search = param_utf8 ('search') || '';
                $search = encode_entities ($search);
                print <<EOF;
                <div class="topmenu">
-                       <form action="$MySelf" method="post">
+                       <form action="$MySelf" method="post" accept-charset="UTF-8">
                                <input type="hidden" name="action" value="browse" />
                                <input type="submit" name="button" value="Browse" />
                        </form>
-                       <form action="$MySelf" method="post">
+                       <form action="$MySelf" method="post" accept-charset="UTF-8">
                                <input type="hidden" name="action" value="search" />
                                <input type="text" name="search" value="$search" />
                                <input type="submit" name="button" value="Search" />
                        </form>
-                       <form action="$MySelf" method="post">
+                       <form action="$MySelf" method="post" accept-charset="UTF-8">
                                <input type="hidden" name="action" value="edit" />
                                <input type="hidden" name="dn" value="" />
                                <input type="submit" name="button" value="Add New" />
@@ -1370,7 +1399,7 @@ sub pwgen
 sub verify_fields
 {
        my @errors = ();
-       for (param ('uri'))
+       for (param_utf8 ('uri'))
        {
                my $val = $_;
                next unless ($val);
@@ -1382,7 +1411,7 @@ sub verify_fields
                }
        }
 
-       for (param ('homephone'), param ('cellphone'), param ('officephone'), param ('fax'))
+       for (param_utf8 ('homephone'), param_utf8 ('cellphone'), param_utf8 ('officephone'), param_utf8 ('fax'))
        {
                my $number = $_;
                next unless ($number);
@@ -1412,7 +1441,7 @@ sub markup_field
        my $field = shift;
        my $value = shift;
 
-       my $value_uri  = uri_escape ($value);
+       my $value_uri  = uri_escape_utf8 ($value);
        my $value_html = encode_entities ($value);
 
        if ($field eq 'group')
@@ -1423,11 +1452,11 @@ sub markup_field
        {
                if ($value =~ m#^([a-z]+)://(.+)$#)
                {
-                       $value_uri = $1 . '://' . uri_escape ($2);
+                       $value_uri = $1 . '://' . uri_escape_utf8 ($2);
                }
                else
                {
-                       $value_uri = 'http://' . uri_escape ($value);
+                       $value_uri = 'http://' . uri_escape_utf8 ($value);
                }
                return (qq(<a href="$value_uri" class="extern">$value_html</a>));
        }
@@ -1445,7 +1474,7 @@ sub get_contacts
        for (@MultiFields)
        {
                my $field = $_;
-               my @values = grep { $_ } (param ($field));
+               my @values = grep { $_ } (param_utf8 ($field));
 
                next unless (@values);
 
@@ -1463,3 +1492,35 @@ sub get_contacts
 
        return ($contacts);
 }
+
+sub is_valid_utf8
+{
+       my $str = join ('', @_);
+
+       # Taken from here: <http://www.w3.org/International/questions/qa-forms-utf-8>
+       return ($str =~ m/^(
+     [\x09\x0A\x0D\x20-\x7E]            # ASCII
+   | [\xC2-\xDF][\x80-\xBF]             # non-overlong 2-byte
+   |  \xE0[\xA0-\xBF][\x80-\xBF]        # excluding overlongs
+   | [\xE1-\xEC\xEE\xEF][\x80-\xBF]{2}  # straight 3-byte
+   |  \xED[\x80-\x9F][\x80-\xBF]        # excluding surrogates
+   |  \xF0[\x90-\xBF][\x80-\xBF]{2}     # planes 1-3
+   | [\xF1-\xF3][\x80-\xBF]{3}          # planes 4-15
+   |  \xF4[\x80-\x8F][\x80-\xBF]{2}     # plane 16
+  )*$/x);
+}
+
+sub param_utf8
+{
+       my @args = @_;
+       my @ret = ();
+
+       @ret = grep { is_valid_utf8 ($_) } (param (@args));
+       $_ = decode ('UTF-8', $_) for (@ret);
+       return (wantarray () ? @ret : $ret[0]);
+}
+
+sub uri_escape_utf8
+{
+       return (uri_escape (encode ('UTF-8', shift)));
+}