LDAPAccountManager/lam/templates/main.php

<?php
namespace LAM\INIT;

use locking389ds;

/*

  This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
  Copyright (C) 2003 - 2020  Roland Gruber

  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
  the Free Software Foundation; either version 2 of the License, or
  (at your option) any later version.

  This program is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

*/

/**
* This page redirects to the correct start page after login.
*
* @package main
* @author Roland Gruber
*/

/** config object */
include_once '../lib/config.inc';
/** profiles */
include_once '../lib/profiles.inc';

// start session
startSecureSession();
enforceUserIsLoggedIn();

setlanguage();

\LAM\PROFILES\installProfileTemplates();
\LAM\PDF\installPDFTemplates();

$conf = $_SESSION['config'];

// check if user password is not expired
if ((version_compare(phpversion(), '7.2.0') >= 0) && !$conf->isHidePasswordPromptForExpiredPasswords()) {
	$userDn = $_SESSION['ldap']->getUserName();
	$userData = ldapGetDN($userDn, array('*', '+', 'pwdReset', 'passwordExpirationTime'));
	$ldapErrorCode = ldap_errno($_SESSION['ldap']->server());
	if ($ldapErrorCode != 32) {
		$pwdResetMarker = (!empty($userData['pwdreset'][0]) && ($userData['pwdreset'][0] == 'TRUE'));
		$pwdExpiration = (!empty($userData)) && locking389ds::isPasswordExpired($userData);
		if (($userData === null) || $pwdResetMarker || $pwdExpiration) {
			metaRefresh("changePassword.php");
			exit();
		}
	}
}

// check if all suffixes in conf-file exist
$new_suffs = array();
// get list of active types
$typeManager = new \LAM\TYPES\TypeManager();
$types = $typeManager->getConfiguredTypes();
foreach ($types as $type) {
	$info = @ldap_read($_SESSION['ldap']->server(), escapeDN($type->getSuffix()), "(objectClass=*)", array('objectClass'), 0, 0, 0, LDAP_DEREF_NEVER);
	if (($info === false) && !in_array($type->getSuffix(), $new_suffs)) {
		$new_suffs[] = $type->getSuffix();
		continue;
	}
	$res = ldap_get_entries($_SESSION['ldap']->server(), $info);
	if (!$res && !in_array($type->getSuffix(), $new_suffs)) {
		$new_suffs[] = $type->getSuffix();
	}
}

// display page to add suffixes, if needed
if ((sizeof($new_suffs) > 0) && checkIfWriteAccessIsAllowed()) {
	metaRefresh("initsuff.php?suffs='" . implode(";", $new_suffs));
	exit();
}

if (sizeof($types) > 0) {
	foreach ($types as $type) {
		if ($type->isHidden()) {
			continue;
		}
		metaRefresh("lists/list.php?type=" . $type->getId());
		exit();
	}
}

metaRefresh("tree/treeViewContainer.php");
added session_save_path minor layout changes 2003-03-23 18:42:40 +00:00			`<?php`
init PDF and account profiles 2017-01-06 12:56:17 +00:00			`namespace LAM\INIT;`
show password prompt if user with expired password logs in 2020-06-18 11:08:23 +00:00
			`use locking389ds;`

main page 2003-03-14 21:59:04 +00:00			`/*`

new homepage 2009-10-27 18:47:12 +00:00			`This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)`
show password prompt if user with expired password logs in 2020-06-18 11:08:23 +00:00			`Copyright (C) 2003 - 2020 Roland Gruber`
main page 2003-03-14 21:59:04 +00:00
			`This program is free software; you can redistribute it and/or modify`
			`it under the terms of the GNU General Public License as published by`
			`the Free Software Foundation; either version 2 of the License, or`
			`(at your option) any later version.`
implemented check for main suffixes and possibility to create them 2003-07-28 18:36:38 +00:00
main page 2003-03-14 21:59:04 +00:00			`This program is distributed in the hope that it will be useful,`
			`but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`GNU General Public License for more details.`
implemented check for main suffixes and possibility to create them 2003-07-28 18:36:38 +00:00
main page 2003-03-14 21:59:04 +00:00			`You should have received a copy of the GNU General Public License`
			`along with this program; if not, write to the Free Software`
			`Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA`

documentation update 2004-06-10 19:01:18 +00:00			`*/`
implemented check for main suffixes and possibility to create them 2003-07-28 18:36:38 +00:00
documentation update 2004-06-10 19:01:18 +00:00			`/**`
updated language handling 2014-02-02 12:36:12 +00:00			`* This page redirects to the correct start page after login.`
documentation update 2004-06-10 19:01:18 +00:00			`*`
			`* @package main`
			`* @author Roland Gruber`
main page 2003-03-14 21:59:04 +00:00			`*/`

changed main page loading 2007-06-16 11:50:25 +00:00			`/** config object */`
init PDF and account profiles 2017-01-06 12:56:17 +00:00			`include_once '../lib/config.inc';`
			`/** profiles */`
			`include_once '../lib/profiles.inc';`
changed main page loading 2007-06-16 11:50:25 +00:00
			`// start session`
			`startSecureSession();`
check if user is logged in 2017-02-11 16:11:37 +00:00			`enforceUserIsLoggedIn();`
changed main page loading 2007-06-16 11:50:25 +00:00
			`setlanguage();`
moved cache creation from modules.inc to main.php 2004-10-02 16:40:02 +00:00
init PDF and account profiles 2017-01-06 12:56:17 +00:00			`\LAM\PROFILES\installProfileTemplates();`
			`\LAM\PDF\installPDFTemplates();`

implemented check for main suffixes and possibility to create them 2003-07-28 18:36:38 +00:00			`$conf = $_SESSION['config'];`
show password prompt if user with expired password logs in 2020-06-18 11:08:23 +00:00
			`// check if user password is not expired`
			`if ((version_compare(phpversion(), '7.2.0') >= 0) && !$conf->isHidePasswordPromptForExpiredPasswords()) {`
			`$userDn = $_SESSION['ldap']->getUserName();`
			`$userData = ldapGetDN($userDn, array('*', '+', 'pwdReset', 'passwordExpirationTime'));`
			`$ldapErrorCode = ldap_errno($_SESSION['ldap']->server());`
			`if ($ldapErrorCode != 32) {`
			`$pwdResetMarker = (!empty($userData['pwdreset'][0]) && ($userData['pwdreset'][0] == 'TRUE'));`
			`$pwdExpiration = (!empty($userData)) && locking389ds::isPasswordExpired($userData);`
			`if (($userData === null) \|\| $pwdResetMarker \|\| $pwdExpiration) {`
			`metaRefresh("changePassword.php");`
			`exit();`
			`}`
			`}`
			`}`

			`// check if all suffixes in conf-file exist`
implemented check for main suffixes and possibility to create them 2003-07-28 18:36:38 +00:00			`$new_suffs = array();`
merge with 0_6_dev branch 2006-01-01 16:30:05 +00:00			`// get list of active types`
init PDF and account profiles 2017-01-06 12:56:17 +00:00			`$typeManager = new \LAM\TYPES\TypeManager();`
new type API 2016-12-24 12:04:31 +00:00			`$types = $typeManager->getConfiguredTypes();`
			`foreach ($types as $type) {`
refactoring 2017-11-04 18:27:02 +00:00			`$info = @ldap_read($_SESSION['ldap']->server(), escapeDN($type->getSuffix()), "(objectClass=*)", array('objectClass'), 0, 0, 0, LDAP_DEREF_NEVER);`
			`if (($info === false) && !in_array($type->getSuffix(), $new_suffs)) {`
			`$new_suffs[] = $type->getSuffix();`
			`continue;`
			`}`
refactoring 2017-10-24 18:48:34 +00:00			`$res = ldap_get_entries($_SESSION['ldap']->server(), $info);`
new type API 2016-12-24 12:04:31 +00:00			`if (!$res && !in_array($type->getSuffix(), $new_suffs)) {`
			`$new_suffs[] = $type->getSuffix();`
			`}`
implemented check for main suffixes and possibility to create them 2003-07-28 18:36:38 +00:00			`}`

removed domain check 2004-05-30 11:54:18 +00:00			`// display page to add suffixes, if needed`
added new security model 2007-12-30 16:08:54 +00:00			`if ((sizeof($new_suffs) > 0) && checkIfWriteAccessIsAllowed()) {`
removed frames 2010-01-01 17:21:46 +00:00			`metaRefresh("initsuff.php?suffs='" . implode(";", $new_suffs));`
show password prompt if user with expired password logs in 2020-06-18 11:08:23 +00:00			`exit();`
added new security model 2007-12-30 16:08:54 +00:00			`}`
show password prompt if user with expired password logs in 2020-06-18 11:08:23 +00:00
			`if (sizeof($types) > 0) {`
			`foreach ($types as $type) {`
			`if ($type->isHidden()) {`
			`continue;`
allow to hide account types additional LDAP filter for account types 2013-01-01 20:46:28 +00:00			`}`
show password prompt if user with expired password logs in 2020-06-18 11:08:23 +00:00			`metaRefresh("lists/list.php?type=" . $type->getId());`
			`exit();`
merge with 0_6_dev branch 2006-01-01 16:30:05 +00:00			`}`
			`}`
init PDF and account profiles 2017-01-06 12:56:17 +00:00
show password prompt if user with expired password logs in 2020-06-18 11:08:23 +00:00			`metaRefresh("tree/treeViewContainer.php");`