2003-12-12 00:52:35 +00:00
< ? php
/*
$Id $
This code is part of LDAP Account Manager ( http :// www . sourceforge . net / projects / lam )
Copyright ( C ) 2003 Tilo Lutz
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 2 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program ; if not , write to the Free Software
Foundation , Inc . , 59 Temple Place , Suite 330 , Boston , MA 02111 - 1307 USA
*/
/*
* Variables in basearray which are no objects :
* type : Type of account . Can be user , group , host
* attributes : List of all attributes , how to get them and are theiy required or optional
* dn : current DN without uid = or cn =
* dn_orig : old DN if account was loaded with uid = or cn =
* External functions which are used
2003-12-12 18:21:15 +00:00
* account . inc :
2003-12-12 00:52:35 +00:00
*/
/* This class contains all inetOrgPerson LDAP attributes
* and funtioncs required to deal with inetOrgPerson
* inetOrgPerson can only be created when it should be added
* to an array .
* basearray is the same array inetOrgPerson should be added
* to . If basearray is not given the constructor tries to
* create an array with inetOrgPerson and all other required
* objects .
* Example : $user [] = new inetOrgPerson ( $user );
*
*/
class inetOrgPerson {
// Constructor
2003-12-19 12:45:23 +00:00
function inetOrgPerson ( $base ) {
2003-12-12 00:52:35 +00:00
/* Return an error if posixAccount should be created without
* base container
*/
2003-12-19 12:45:23 +00:00
if ( ! $base ) trigger_error ( _ ( 'Please create a base object with $var = new accountContainer();' ), E_USER_ERROR );
if ( ! is_string ( $base )) trigger_error ( _ ( 'Please create a new module object with $accountContainer->add_objectClass(\'inetOrgPerson\');' ), E_USER_ERROR );
$this -> base = $base ;
2003-12-12 00:52:35 +00:00
// posixAccount is only a valid objectClass for user and host
2003-12-19 12:45:23 +00:00
if ( $_SESSION [ $this -> base ] -> get_type () != 'user' ) trigger_error ( _ ( 'inetOrgPerson can only be used for users.' ), E_USER_WARNING );
2003-12-12 00:52:35 +00:00
// Add account type to object
2003-12-12 11:52:52 +00:00
$line =- 1 ;
2003-12-19 12:45:23 +00:00
for ( $i = 0 ; $i < count ( $_SESSION [ $_SESSION [ $this -> base ] -> ldap ] -> objectClasses ) || $i ==- 1 ; $i ++ ) {
if ( strpos ( $_SESSION [ $_SESSION [ $this -> base ] -> ldap ] -> objectClasses [ $i ], " NAME 'inetOrgPerson' " )) $line = $i ;
2003-12-12 11:52:52 +00:00
}
// Return error if objectClass isn't found
2003-12-15 15:11:44 +00:00
if ( $line ==- 1 ) trigger_error ( sprintf ( _ ( " ObjectClass %s required but not defined in ldap. " ), 'inetOrgPerson' ), E_USER_WARNING );
// Add Array with all attributes and type
2003-12-19 12:45:23 +00:00
$_SESSION [ $this -> base ] -> add_attributes ( 'inetOrgPerson' );
2003-12-12 11:52:52 +00:00
// create array with must-attributes
// Get startposition in string
2003-12-19 12:45:23 +00:00
if ( strpos ( $_SESSION [ $_SESSION [ $this -> base ] -> ldap ] -> objectClasses [ $line ], 'MUST (' )) {
$string_withtail = substr ( $_SESSION [ $_SESSION [ $this -> base ] -> ldap ] -> objectClasses [ $line ], strpos ( $_SESSION [ $_SESSION [ $this -> base ] -> ldap ] -> objectClasses [ $line ], 'MUST (' ) + 6 );
2003-12-12 11:52:52 +00:00
// Now we have a string with all must-attributes
$string = substr ( $string_withtail , 0 , strpos ( $string_withtail , ')' ));
$string = trim ( $string );
// Ad must
foreach ( explode ( " $ " , $string ) as $attribute ) {
$this -> attributes [ $attribute ] = '' ;
}
}
// create array with may-attributes
// Get startposition in string
2003-12-19 12:45:23 +00:00
if ( strpos ( $_SESSION [ $_SESSION [ $this -> base ] -> ldap ] -> objectClasses [ $line ], 'MAY (' )) {
$string_withtail = substr ( $_SESSION [ $_SESSION [ $this -> base ] -> ldap ] -> objectClasses [ $line ], strpos ( $_SESSION [ $_SESSION [ $this -> base ] -> ldap ] -> objectClasses [ $line ], 'MAY (' ) + 5 );
2003-12-12 11:52:52 +00:00
// Now we have a string with all must-attributes
$string = substr ( $string_withtail , 0 , strpos ( $string_withtail , ')' ));
$string = trim ( $string );
// Ad may
foreach ( explode ( " $ " , $string ) as $attribute ) {
$this -> attributes [ $attribute ] = '' ;
}
}
// Get attributes of subclasses
2003-12-19 12:45:23 +00:00
while ( strpos ( $_SESSION [ $_SESSION [ $this -> base ] -> ldap ] -> objectClasses [ $line ], " SUP " )) {
$string_withtail = substr ( $_SESSION [ $_SESSION [ $this -> base ] -> ldap ] -> objectClasses [ $line ], strpos ( $_SESSION [ $_SESSION [ $this -> base ] -> ldap ] -> objectClasses [ $line ], 'SUP ' ) + 4 );
2003-12-12 11:52:52 +00:00
$subclass = substr ( $string_withtail , 0 , strpos ( $string_withtail , ' ' ));
// Add account type to object
2003-12-19 12:45:23 +00:00
for ( $i = 0 ; $i < count ( $_SESSION [ $_SESSION [ $this -> base ] -> ldap ] -> objectClasses ) || $i ==- 1 ; $i ++ ) {
if ( strpos ( $_SESSION [ $_SESSION [ $this -> base ] -> ldap ] -> objectClasses [ $i ], " NAME ' $subclass ' " )) $line = $i ;
2003-12-12 11:52:52 +00:00
}
// Return error if objectClass isn't found
2003-12-15 15:11:44 +00:00
// *** fixme, fix error message
2003-12-12 11:52:52 +00:00
if ( $line ==- 1 ) trigger_error ( _ ( " objectClass objectClass required but not defined in ldap. " ), E_USER_WARNING );
// create array with must-attributes
// Get startposition in string
2003-12-19 12:45:23 +00:00
if ( strpos ( $_SESSION [ $_SESSION [ $this -> base ] -> ldap ] -> objectClasses [ $line ], 'MUST (' )) {
$string_withtail = substr ( $_SESSION [ $_SESSION [ $this -> base ] -> ldap ] -> objectClasses [ $line ], strpos ( $_SESSION [ $_SESSION [ $this -> base ] -> ldap ] -> objectClasses [ $line ], 'MUST (' ) + 6 );
2003-12-12 11:52:52 +00:00
// Now we have a string with all must-attributes
$string = substr ( $string_withtail , 0 , strpos ( $string_withtail , ')' ));
$string = trim ( $string );
// Ad must
foreach ( explode ( " $ " , $string ) as $attribute ) {
$this -> attributes [ $attribute ] = '' ;
}
}
// create array with may-attributes
// Get startposition in string
2003-12-19 12:45:23 +00:00
if ( strpos ( $_SESSION [ $_SESSION [ $this -> base ] -> ldap ] -> objectClasses [ $line ], 'MAY (' )) {
$string_withtail = substr ( $_SESSION [ $_SESSION [ $this -> base ] -> ldap ] -> objectClasses [ $line ], strpos ( $_SESSION [ $_SESSION [ $this -> base ] -> ldap ] -> objectClasses [ $line ], 'MAY (' ) + 5 );
2003-12-12 11:52:52 +00:00
// Now we have a string with all must-attributes
$string = substr ( $string_withtail , 0 , strpos ( $string_withtail , ')' ));
$string = trim ( $string );
// Ad may
foreach ( explode ( " $ " , $string ) as $attribute ) {
$this -> attributes [ $attribute ] = '' ;
}
}
}
2003-12-12 18:21:15 +00:00
$this -> orig = $this -> attributes ;
2003-12-19 12:45:23 +00:00
$this -> attributes [ 'objectClass' ][ 0 ] = 'inetOrgPerson' ;
if ( isset ( $this -> attributes [ 'userPassword' ])) unset ( $this -> attributes [ 'userPassword' ]);
2003-12-12 00:52:35 +00:00
$this -> alias = _ ( 'inetOrgPerson' );
2003-12-19 12:45:23 +00:00
// Add attributes which should be cached
$_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> add_cache ( array ( 'user' => array ( 'uid' ), 'host' => array ( 'uid' )));
2003-12-12 00:52:35 +00:00
}
// Variables
// Alias Name. This name is shown in the menu instead of posixAccount
var $alias ;
// reference to base-array so we can read other classes in basearray
var $base ;
2003-12-12 18:21:15 +00:00
// Use a unix password?
var $userPassword_no ;
// Lock account?
var $userPassword_lock ;
// This variable contains all inetOrgPerson attributes
2003-12-12 11:52:52 +00:00
var $attributes ;
2003-12-12 00:52:35 +00:00
/* If an account was loaded all attributes are kept in this array
* to compare it with new changed attributes
*/
var $orig ;
2003-12-12 11:52:52 +00:00
/* $attribute [ 'password' ] can 't accessed directly because it' s enrcypted
* To read / write password function userPassword is needed
*/
2003-12-12 18:21:15 +00:00
/* This function will return the unencrypted password when
* called without a variable
* If it ' s called with a new password , the
* new password will be stored encrypted
*/
function userPassword ( $newpassword = false ) {
2003-12-19 12:45:23 +00:00
if ( is_string ( $newpassword )) {
// Write new password
2003-12-12 18:21:15 +00:00
$iv = base64_decode ( $_COOKIE [ " IV " ]);
$key = base64_decode ( $_COOKIE [ " Key " ]);
$this -> attributes [ 'userPassword' ][ 0 ] = base64_encode ( mcrypt_encrypt ( MCRYPT_RIJNDAEL_256 , $key , $newpassword , MCRYPT_MODE_ECB , $iv ));
return 0 ;
}
2003-12-19 12:45:23 +00:00
else {
// Read existing password if set
$iv = base64_decode ( $_COOKIE [ " IV " ]);
$key = base64_decode ( $_COOKIE [ " Key " ]);
$password = mcrypt_decrypt ( MCRYPT_RIJNDAEL_256 , $key , base64_decode ( $this -> attributes [ 'userPassword' ][ 0 ]), MCRYPT_MODE_ECB , $iv );
$password = str_replace ( chr ( 00 ), '' , $password );
return $password ;
}
2003-12-12 18:21:15 +00:00
}
2003-12-12 00:52:35 +00:00
/* This function returns a list with all required modules
*/
function dependencies () {
2003-12-15 15:11:44 +00:00
return array ( 'main' );
2003-12-12 00:52:35 +00:00
}
/* Write variables into object and do some regexp checks
*/
2003-12-19 12:45:23 +00:00
function proccess_attributes ( $post ) {
2003-12-12 00:52:35 +00:00
// Load attributes
2003-12-19 12:45:23 +00:00
if (( $this -> attributes [ 'uid' ][ 0 ] != $post [ 'form_inetOrgPerson_uid' ]) && ereg ( '[A-Z]$' , $post [ 'form_inetOrgPerson_uid' ]))
2003-12-12 18:21:15 +00:00
$errors [] = array ( 'WARN' , _ ( 'Username' ), _ ( 'You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.' ));
2003-12-19 12:45:23 +00:00
$this -> attributes [ 'uid' ][ 0 ] = $post [ 'form_inetOrgPerson_uid' ];
$this -> attributes [ 'cn' ][ 0 ] &= $this -> attributes [ 'uid' ][ 0 ];
$this -> attributes [ 'description' ][ 0 ] = $post [ 'form_inetOrgPerson_description' ];
$this -> attributes [ 'sn' ][ 0 ] = $post [ 'form_inetOrgPerson_sn' ];
$this -> attributes [ 'givenName' ][ 0 ] = $post [ 'form_inetOrgPerson_givenName' ];
$this -> attributes [ 'title' ][ 0 ] = $post [ 'form_inetOrgPerson_title' ];
$this -> attributes [ 'mail' ][ 0 ] = $post [ 'form_inetOrgPerson_mail' ];
$this -> attributes [ 'telephoneNumber' ][ 0 ] = $post [ 'form_inetOrgPerson_telephoneNumber' ];
$this -> attributes [ 'mobileTelephoneNumber' ][ 0 ] = $post [ 'form_inetOrgPerson_mobileTelephoneNumber' ];
$this -> attributes [ 'facsimileTelephoneNumber' ][ 0 ] = $post [ 'form_inetOrgPerson_facsimileTelephoneNumber' ];
$this -> attributes [ 'street' ][ 0 ] = $post [ 'form_inetOrgPerson_street' ];
$this -> attributes [ 'postalCode' ][ 0 ] = $post [ 'form_inetOrgPerson_postalCode' ];
$this -> attributes [ 'postalAddress' ][ 0 ] = $post [ 'form_inetOrgPerson_postalAddress' ];
$this -> attributes [ 'employeeType' ][ 0 ] = $post [ 'form_inetOrgPerson_employeeType' ];
2003-12-12 18:21:15 +00:00
2003-12-19 12:45:23 +00:00
if ( $post [ 'form_inetOrgPerson_userPassword_no' ]) $this -> userPassword_no = true ;
2003-12-12 18:21:15 +00:00
else $this -> userPassword_no = false ;
2003-12-19 12:45:23 +00:00
if ( $post [ 'form_inetOrgPerson_userPassword_lock' ]) $this -> userPassword_lock = true ;
2003-12-12 18:21:15 +00:00
else $this -> userPassword_lock = false ;
2003-12-19 12:45:23 +00:00
if ( isset ( $post [ 'form_inetOrgPerson_userPassword' ])) {
if ( $post [ 'form_inetOrgPerson_userPassword' ] != $post [ 'form_inetOrgPerson_userPassword2' ]) {
2003-12-12 18:21:15 +00:00
$errors [] = array ( 'ERROR' , _ ( 'Password' ), _ ( 'Please enter the same password in both password-fields.' ));
2003-12-19 12:45:23 +00:00
unset ( $post [ 'form_inetOrgPerson_userPassword2' ]);
2003-12-12 18:21:15 +00:00
}
2003-12-19 12:45:23 +00:00
else $this -> userPassword ( $post [ 'form_inetOrgPerson_userPassword' ]);
2003-12-12 18:21:15 +00:00
}
2003-12-19 12:45:23 +00:00
if ( $post [ 'form_inetOrgPerson_genpass' ]) $this -> userPassword ( genpasswd ());
2003-12-12 00:52:35 +00:00
2003-12-12 18:21:15 +00:00
// Check if givenname is valid
2003-12-19 12:45:23 +00:00
if ( ! ereg ( '^([a-z]|[A-Z]|[-]|[ ]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ])+$' , $this -> attributes [ 'givenName' ][ 0 ])) $errors [] = array ( 'ERROR' , _ ( 'Given name' ), _ ( 'Given name contains invalid characters' ));
2003-12-12 18:21:15 +00:00
// Check if surname is valid
2003-12-19 12:45:23 +00:00
if ( ! ereg ( '^([a-z]|[A-Z]|[-]|[ ]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ])+$' , $this -> attributes [ 'sn' ][ 0 ])) $errors [] = array ( 'ERROR' , _ ( 'Surname' ), _ ( 'Surname contains invalid characters' ));
2003-12-12 00:52:35 +00:00
// Check if Username contains only valid characters
2003-12-19 12:45:23 +00:00
if ( ! ereg ( '^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+$' , $this -> attributes [ 'uid' ][ 0 ]))
2003-12-12 00:52:35 +00:00
$errors [] = array ( 'ERROR' , _ ( 'Username' ), _ ( 'Username contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !' ));
// Create automatic useraccount with number if original user already exists
// Reset name to original name if new name is in use
// Set username back to original name if new username is in use
2003-12-19 12:45:23 +00:00
if ( $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> in_cache ( $this -> attributes [ 'uid' ][ 0 ], 'uid' , '*' ) != false && ( $this -> orig [ 'uid' ][ 0 ] != '' )) {
$this -> attributes [ 'uid' ][ 0 ] = $this -> orig [ 'uid' ][ 0 ];
}
2003-12-12 00:52:35 +00:00
// Change uid to a new uid until a free uid is found
2003-12-19 12:45:23 +00:00
else while ( $_SESSION [ $_SESSION [ $this -> base ] -> cache ] -> in_cache ( $this -> attributes [ 'uid' ][ 0 ], 'uid' , '*' )) {
2003-12-12 00:52:35 +00:00
// get last character of username
2003-12-19 12:45:23 +00:00
$lastchar = substr ( $this -> attributes [ 'uid' ][ 0 ], strlen ( $this -> attributes [ 'uid' ][ 0 ]) - 1 , 1 );
2003-12-12 00:52:35 +00:00
// Last character is no number
if ( ! ereg ( '^([0-9])+$' , $lastchar ))
/* Last character is no number . Therefore we only have to
* add " 2 " to it .
*/
2003-12-19 12:45:23 +00:00
$this -> attributes [ 'uid' ][ 0 ] = $this -> attributes [ 'uid' ][ 0 ] . '2' ;
2003-12-12 00:52:35 +00:00
else {
/* Last character is a number -> we have to increase the number until we ' ve
* found a groupname with trailing number which is not in use .
*
* $i will show us were we have to split groupname so we get a part
* with the groupname and a part with the trailing number
*/
2003-12-19 12:45:23 +00:00
$i = strlen ( $this -> attributes [ 'uid' ][ 0 ]) - 1 ;
2003-12-12 00:52:35 +00:00
$mark = false ;
// Set $i to the last character which is a number in $account_new->general_username
2003-12-19 12:45:23 +00:00
while ( ! $mark ) {
if ( ereg ( '^([0-9])+$' , substr ( $this -> attributes [ 'uid' ][ 0 ], $i , strlen ( $this -> attributes [ 'uid' ][ 0 ]) - $i ))) $i -- ;
2003-12-12 00:52:35 +00:00
else $mark = true ;
}
// increase last number with one
2003-12-19 12:45:23 +00:00
$firstchars = substr ( $this -> attributes [ 'uid' ][ 0 ], 0 , $i + 1 );
$lastchars = substr ( $this -> attributes [ 'uid' ][ 0 ], $i + 1 , strlen ( $this -> attributes [ 'uid' ][ 0 ]) - $i );
2003-12-12 00:52:35 +00:00
// Put username together
2003-12-19 12:45:23 +00:00
$this -> attributes [ 'uid' ][ 0 ] = $firstchars . ( intval ( $lastchars ) + 1 );
2003-12-12 00:52:35 +00:00
}
}
// Show warning if lam has changed username
2003-12-19 12:45:23 +00:00
if ( $this -> attributes [ 'uid' ][ 0 ] != $post [ 'form_inetOrgPerson_uid' ]) $errors [] = array ( 'WARN' , _ ( 'Username' ), _ ( 'Username in use. Selected next free username.' ));
2003-12-12 18:21:15 +00:00
if ( ! ereg ( '^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$' , $this -> userPassword ()))
$errors [] = array ( 'ERROR' , _ ( 'Password' ), _ ( 'Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !' ));
2003-12-19 12:45:23 +00:00
if ( ! ereg ( '^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$' , $this -> attributes [ 'telephoneNumber' ][ 0 ])) $errors [] = array ( 'ERROR' , _ ( 'Telephone number' ), _ ( 'Please enter a valid telephone number!' ));
if ( ! ereg ( '^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$' , $this -> attributes [ 'mobileTelephoneNumber' ][ 0 ])) $errors [] = array ( 'ERROR' , _ ( 'Mobile number' ), _ ( 'Please enter a valid mobile number!' ));
if ( ! ereg ( '^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$' , $this -> attributes [ 'facsimileTelephoneNumber' ][ 0 ])) $errors [] = array ( 'ERROR' , _ ( 'Fax number' ), _ ( 'Please enter a valid fax number!' ));
if ( ! ereg ( '^(([0-9]|[A-Z]|[a-z]|[.]|[-]|[_])+[@]([0-9]|[A-Z]|[a-z]|[-])+([.]([0-9]|[A-Z]|[a-z]|[-])+)*)*$' , $this -> attributes [ 'mail' ][ 0 ])) $errors [] = array ( 'ERROR' , _ ( 'eMail address' ), _ ( 'Please enter a valid eMail address!' ));
if ( ! ereg ( '^([0-9]|[A-Z]|[a-z]|[-]|[ ]|[.]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ])*$' , $this -> attributes [ 'street' ][ 0 ])) $errors [] = array ( 'ERROR' , _ ( 'Street' ), _ ( 'Please enter a valid street name!' ));
if ( ! ereg ( '^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ])*$' , $this -> attributes [ 'postalAddress' ][ 0 ])) $errors [] = array ( 'ERROR' , _ ( 'Postal address' ), _ ( 'Please enter a valid postal address!' ));
if ( ! ereg ( '^([0-9]|[A-Z]|[a-z]|[-]|[ ]|[.]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ])*$' , $this -> attributes [ 'title' ][ 0 ])) $errors [] = array ( 'ERROR' , _ ( 'Title' ), _ ( 'Please enter a valid title!' ));
if ( ! ereg ( '^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ]|[<5B> ])*$' , $this -> attributes [ 'employeeType' ][ 0 ])) $errors [] = array ( 'ERROR' , _ ( 'Employee type' ), _ ( 'Please enter a valid employee type!' ));
if ( ! ereg ( '^([0-9]|[A-Z]|[a-z])*$' , $this -> attributes [ 'personal_postalCode' ][ 0 ])) $errors [] = array ( 'ERROR' , _ ( 'Postal code' ), _ ( 'Please enter a valid postal code!' ));
2003-12-12 00:52:35 +00:00
// Return error-messages
if ( is_array ( $errors )) return $errors ;
return 0 ;
}
/* This function loads all attributes into the object
* $attr is an array as it ' s retured from ldap_get_attributes
*/
function load_attributes ( $attr ) {
// Load attributes which are displayed
2003-12-12 18:21:15 +00:00
// unset count entries
unset ( $attr [ 'count' ]);
$attributes = array_keys ( $attr );
foreach ( $attributes as $attribute ) unset ( $attr [ $attribute ][ 'count' ]);
// unset double entries
for ( $i = 0 ; $i < count ( $attr ); $i ++ )
if ( isset ( $attr [ $i ])) unset ( $attr [ $i ]);
foreach ( $attributes as $attribute ) {
2003-12-19 12:45:23 +00:00
if ( isset ( $this -> orig [ $attribute ])) {
$this -> orig [ $attribute ] = $attr [ $attribute ];
2003-12-12 18:21:15 +00:00
// decode as unicode
2003-12-19 12:45:23 +00:00
for ( $i = 0 ; $i < count ( $this -> orig [ $attribute ]); $i ++ ) $this -> orig [ $attribute ][ $i ] = utf8_decode ( $this -> orig [ $attribute ][ $i ]);
2003-12-12 18:21:15 +00:00
}
}
2003-12-12 00:52:35 +00:00
// Values are kept as copy so we can compare old attributes with new attributes
2003-12-19 12:45:23 +00:00
$this -> orig [ 'objectClass' ][ 0 ] = 'inetOrgPerson' ;
$this -> attributes = $this -> orig ;
2003-12-12 18:21:15 +00:00
$this -> userPassword ( '' ); // Remove old password so it won't displayed as hash
return 0 ;
2003-12-12 00:52:35 +00:00
}
/* This function returns an array with 3 entries :
* array ( DN1 ( 'add' => array ( $attr ), 'remove' => array ( $attr ), 'modify' => array ( $attr )), DN2 .... )
* DN is the DN to change . It may be possible to change several DNs ,
* e . g . create a new user and add him to some groups via attribute memberUid
* add are attributes which have to be added to ldap entry
* remove are attributes which have to be removed from ldap entry
*/
function save_attributes () {
// Get list of all "easy" attributes
2003-12-19 12:45:23 +00:00
$attr_names = array_keys ( $this -> attributes );
// Get attributes which should be added
for ( $i = 0 ; $i < count ( $attr_names ); $i ++ ) {
for ( $j = 0 ; $j < count ( $this -> orig [ $attr_names [ $i ]]); $j ++ ) {
if ( is_array ( $this -> attributes [ $attr_names [ $i ]])) {
if ( ! in_array ( $this -> orig [ $attr_names [ $i ]][ $j ], $this -> attributes [ $attr_names [ $i ]]))
if ( $this -> orig [ $attr_names [ $i ]][ $j ] != '' ) $torem [ $attr_names [ $i ]][] = utf8_encode ( $this -> orig [ $attr_names [ $i ]][ $j ]);
}
else if ( $this -> orig [ $attr_names [ $i ]][ $j ] != '' ) $torem [ $attr_names [ $i ]][] = utf8_encode ( $this -> orig [ $attr_names [ $i ]][ $j ]);
}
for ( $j = 0 ; $j < count ( $this -> attributes [ $attr_names [ $i ]]); $j ++ ) {
if ( is_array ( $this -> orig [ $attr_names [ $i ]])) {
if ( ! in_array ( $this -> attributes [ $attr_names [ $i ]][ $j ], $this -> orig [ $attr_names [ $i ]]))
if ( $this -> attributes [ $attr_names [ $i ]][ $j ] != '' ) $toadd [ $attr_names [ $i ]][] = utf8_encode ( $this -> attributes [ $attr_names [ $i ]][ $j ]);
}
else if ( $this -> attributes [ $attr_names [ $i ]][ $j ] != '' ) $toadd [ $attr_names [ $i ]][] = utf8_encode ( $this -> attributes [ $attr_names [ $i ]][ $j ]);
}
for ( $j = 0 ; $j < count ( $this -> attributes [ $attr_names [ $i ]]); $j ++ ) {
if ( is_array ( $this -> orig [ $attr_names [ $i ]]) && is_array ( $this -> attributes [ $attr_names [ $i ]])) {
if (( $this -> attributes [ $attr_names [ $i ]][ $j ] == $this -> orig [ $attr_names [ $i ]][ $j ]) && $this -> attributes [ $attr_names [ $i ]][ $j ] != '' )
$notchanged [ $attr_names [ $i ]][] = utf8_encode ( $this -> attributes [ $attr_names [ $i ]][ $j ]);
}
2003-12-12 18:21:15 +00:00
}
2003-12-12 00:52:35 +00:00
}
2003-12-19 12:45:23 +00:00
// create modify wuth add and remove
if ( is_array ( $toadd )) {
$attributes = array_keys ( $toadd );
for ( $i = 0 ; $i < count ( $attributes ); $i ++ ) {
if ( isset ( $torem [ $attributes [ $i ]])) {
// found modify entry
// Add unchanged attributes
if ( isset ( $notchanged [ $attributes [ $i ]])) $tomodify [ $attributes [ $i ]] = $notchanged [ $attributes [ $i ]];
$tomodify [ $attributes [ $i ]] = array_merge_recursive ( $tomodify [ $attributes [ $i ]], $toadd [ $attributes [ $i ]]);
// unset attributes
if ( isset ( $notchanged [ $attributes [ $i ]])) unset ( $notchanged [ $attributes [ $i ]]);
if ( isset ( $toadd [ $attributes [ $i ]])) unset ( $toadd [ $attributes [ $i ]]);
if ( isset ( $torem [ $attributes [ $i ]])) unset ( $torem [ $attributes [ $i ]]);
}
}
}
if ( count ( $toadd ) != 0 ) $return [ $_SESSION [ $this -> base ] -> dn ][ 'add' ] = $toadd ;
if ( count ( $torem ) != 0 ) $return [ $_SESSION [ $this -> base ] -> dn ][ 'remove' ] = $torem ;
if ( count ( $tomodify ) != 0 ) $return [ $_SESSION [ $this -> base ] -> dn ][ 'modify' ] = $tomodify ;
if ( count ( $notchanged ) != 0 ) $return [ $_SESSION [ $this -> base ] -> dn ][ 'notchanged' ] = $notchanged ;
2003-12-12 00:52:35 +00:00
// Set unix password
2003-12-12 18:21:15 +00:00
if ( count ( $this -> orig [ 'userPassword' ]) == 0 ) {
2003-12-12 00:52:35 +00:00
// New user or no old password set
2003-12-12 18:21:15 +00:00
if ( $this -> userPassword_no ) {
2003-12-19 12:45:23 +00:00
$return [ $_SESSION [ $this -> base ] -> dn ][ 'modify' ][ 'userPassword' ][ 0 ] = pwd_hash ( '' , ! $this -> userPassword_lock );
2003-12-12 18:21:15 +00:00
}
2003-12-19 12:45:23 +00:00
else $return [ $_SESSION [ $this -> base ] -> dn ][ 'modify' ][ 'userPassword' ][ 0 ] = utf8_encode ( pwd_hash ( $this -> userPassword (), ! $this -> userPassword_lock ));
2003-12-12 00:52:35 +00:00
}
else {
if ( $this -> userPassword () != '' || $this -> userPassword_no ) {
// Write new password
2003-12-19 12:45:23 +00:00
if ( $this -> userPassword_no ) $return [ $_SESSION [ $this -> base ] -> dn ][ 'modify' ][ 'userPassword' ][ 0 ] = pwd_hash ( '' , ! $this -> userPassword_lock );
else $return [ $_SESSION [ $this -> base ] -> dn ][ 'modify' ][ 'userPassword' ][ 0 ] = utf8_encode ( pwd_hash ( $this -> userPassword (), ! $this -> userPassword_lock ));
2003-12-12 00:52:35 +00:00
}
else { // No new password but old password
// (un)lock password
2003-12-19 12:45:23 +00:00
if ( $this -> userPassword_lock == pwd_is_enabled ( $this -> orig [ 'userPassword' ][ 0 ])) {
2003-12-12 00:52:35 +00:00
// Split old password hash in {CRYPT} and password-hash
$i = 0 ;
2003-12-19 12:45:23 +00:00
while ( $this -> orig [ 'userPassword' ][ 0 ]{ $i } != '}' ) $i ++ ;
$passwd = substr ( $this -> orig [ 'userPassword' ][ 0 ], $i + 1 );
$crypt = substr ( $this -> orig [ 'userPassword' ][ 0 ], 0 , $i + 1 );
2003-12-12 00:52:35 +00:00
// remove trailing ! from password hash
if ( $passwd { 0 } == '!' ) $passwd = substr ( $passwd , 1 );
// Write new password
2003-12-19 12:45:23 +00:00
if ( $this -> userPassword_lock ) $return [ $_SESSION [ $this -> base ] -> dn ][ 'modify' ][ 'userPassword' ][ 0 ] = utf8_encode ( " $crypt ! $passwd " );
else $return [ $_SESSION [ $this -> base ] -> dn ][ 'modify' ][ 'userPassword' ][ 0 ] = utf8_encode ( " $crypt $passwd " );
2003-12-12 00:52:35 +00:00
}
}
}
2003-12-15 15:11:44 +00:00
return $return ;
2003-12-12 00:52:35 +00:00
}
/* This function returns all ldap attributes
2003-12-12 18:21:15 +00:00
* which are part of inetOrgPerson and returns
2003-12-12 00:52:35 +00:00
* also their values .
*/
function get_attributes () {
2003-12-12 18:21:15 +00:00
$return = $this -> attributes ;
$return [ 'userPassword' ] = $this -> userPassword ();
2003-12-12 00:52:35 +00:00
return $return ;
}
/* This function will create the html - page
* to show a page with all attributes .
* It will output a complete html - table
*/
2003-12-19 12:45:23 +00:00
function display_html_attributes ( $post ) {
2003-12-12 00:52:35 +00:00
echo " <table border=0 width= \" 100% \" > \n <tr> \n " ;
echo '<td>' . _ ( 'Username' ) . " *</td> \n " ;
2003-12-12 18:21:15 +00:00
echo " <td><input name= \" form_inetOrgPerson_uid \" type= \" text \" size= \" 20 \" maxlength= \" 20 \" value= \" " . $this -> attributes [ 'uid' ][ 0 ] . " \" ></td> \n " ;
2003-12-12 00:52:35 +00:00
echo " <td><a href= \" ../help.php?HelpNumber=400 \" target= \" lamhelp \" > " . _ ( 'Help' ) . " </a></td> \n " ;
echo " </tr> \n " ;
echo " <tr> \n " ;
2003-12-12 18:21:15 +00:00
echo " <td> " . _ ( 'Description' ) . " </td> \n " ;
echo " <td><input name= \" form_inetOrgPerson_description \" type= \" text \" size= \" 30 \" maxlength= \" 255 \" value= \" " . $this -> attributes [ 'description' ][ 0 ] . " \" ></td> \n " ;
echo " <td><a href= \" ../help.php?HelpNumber=404 \" target= \" lamhelp \" > " . _ ( 'Help' ) . " </a></td> \n " ;
2003-12-12 00:52:35 +00:00
echo " </tr> \n " ;
echo " <tr> \n " ;
2003-12-12 18:21:15 +00:00
echo " <td> " . _ ( 'Password' ) . " </td> \n " ;
echo " <td><input name= \" form_inetOrgPerson_userPassword \" type= \" password \" size= \" 20 \" maxlength= \" 20 \" value= \" " . $this -> userPassword () . " \" ></td> \n " ;
echo " <td><input name= \" form_inetOrgPerson_genpass \" type= \" submit \" value= \" " . _ ( 'Generate password' ) . " \" ></td> \n " ;
2003-12-12 00:52:35 +00:00
echo " </tr> \n " ;
echo " <tr> \n " ;
2003-12-12 18:21:15 +00:00
echo " <td> " . _ ( 'Repeat password' ) . " </td> \n " ;
echo " <td><input name= \" form_inetOrgPerson_userPassword2 \" type= \" password \" size= \" 20 \" maxlength= \" 20 \" value= \" " ;
2003-12-19 12:45:23 +00:00
if ( $post [ 'form_inetOrgPerson_userPassword2' ] != '' ) echo $post [ 'form_posixAccount_userPassword2' ];
2003-12-12 18:21:15 +00:00
else echo $this -> userPassword ();
echo " \" ></td> \n " ;
echo " <td></td> \n " ;
2003-12-12 00:52:35 +00:00
echo " </tr> \n " ;
echo " <tr> \n " ;
2003-12-12 18:21:15 +00:00
echo " <td> " . _ ( 'Use no password' ) . " </td> \n " ;
echo " <td><input name= \" form_inetOrgPerson_userPassword_no \" type= \" checkbox \" " ;
if ( $this -> userPassword_no ) echo " checked " ;
echo " ></td> \n " ;
echo " <td><a href= \" ../help.php?HelpNumber=426 \" target= \" lamhelp \" > " . _ ( 'Help' ) . " </a></td> \n " ;
echo " </tr> \n " ;
echo " <tr> \n " ;
echo " <td> " . _ ( 'Lock password' ) . " </td> \n " ;
2003-12-19 12:45:23 +00:00
echo " <td><input name= \" form_inetOrgPerson_userPassword_lock \" type= \" checkbox \" " ;
if ( $this -> userPassword_lock ) echo " checked " ;
2003-12-12 18:21:15 +00:00
echo " ></td> \n " ;
echo " <td><a href= \" ../help.php?HelpNumber=426 \" target= \" lamhelp \" > " . _ ( 'Help' ) . " </a></td> \n " ;
echo " </tr> \n " ;
echo " <tr> \n " ;
echo " <td> " . _ ( 'Title' ) . " </td> \n " ;
echo " <td><input name= \" form_inetOrgPerson_title \" type= \" text \" size= \" 10 \" maxlength= \" 10 \" value= \" " . $this -> attributes [ 'title' ][ 0 ] . " \" ></td> \n " ;
echo " <td><a href= \" ../help.php?HelpNumber=448 \" target= \" lamhelp \" > " . _ ( 'Help' ) . " </a></td> \n " ;
echo " </tr> \n " ;
echo " <tr> \n " ;
echo " <td> " . _ ( 'First name' ) . " *</td> \n " ;
echo " <td><input name= \" form_inetOrgPerson_givenName \" type= \" text \" size= \" 20 \" maxlength= \" 20 \" value= \" " . $this -> attributes [ 'givenName' ][ 0 ] . " \" ></td> \n " ;
echo " <td><a href= \" ../help.php?HelpNumber=425 \" target= \" lamhelp \" > " . _ ( 'Help' ) . " </a></td> \n " ;
echo " </tr> \n " ;
echo " <tr> \n " ;
echo " <td> " . _ ( 'Last name' ) . " *</td> \n " ;
echo " <td><input name= \" form_inetOrgPerson_sn \" type= \" text \" size= \" 20 \" maxlength= \" 50 \" value= \" " . $this -> attributes [ 'sn' ][ 0 ] . " \" ></td> \n " ;
echo " <td><a href= \" ../help.php?HelpNumber=424 \" target= \" lamhelp \" > " . _ ( 'Help' ) . " </a></td> \n " ;
echo " </tr> \n " ;
echo " <tr> \n " ;
echo " <td> " . _ ( 'Employee type' ) . " </td> \n " ;
echo " <td><input name= \" form_inetOrgPerson_employeeType \" type= \" text \" size= \" 30 \" maxlength= \" 30 \" value= \" " . $this -> attributes [ 'employeeType' ][ 0 ] . " \" ></td> \n " ;
echo " <td><a href= \" ../help.php?HelpNumber=449 \" target= \" lamhelp \" > " . _ ( 'Help' ) . " </a></td> \n " ;
echo " </tr> \n " ;
echo " <tr> \n " ;
echo " <td> " . _ ( 'Street' ) . " </td> \n " ;
echo " <td><input name= \" form_inetOrgPerson_street \" type= \" text \" size= \" 30 \" maxlength= \" 50 \" value= \" " . $this -> attributes [ 'street' ][ 0 ] . " \" ></td> \n " ;
echo " <td><a href= \" ../help.php?HelpNumber=450 \" target= \" lamhelp \" > " . _ ( 'Help' ) . " </a></td> \n " ;
echo " </tr> \n " ;
echo " <tr> \n " ;
echo " <td> " . _ ( 'Postal code' ) . " </td> \n " ;
echo " <td><input name= \" form_inetOrgPerson_postalCode \" type= \" text \" size= \" 5 \" maxlength= \" 5 \" value= \" " . $this -> attributes [ 'postalCode' ][ 0 ] . " \" ></td> \n " ;
echo " <td><a href= \" ../help.php?HelpNumber=451 \" target= \" lamhelp \" > " . _ ( 'Help' ) . " </a></td> \n " ;
echo " </tr> \n " ;
echo " <tr> \n " ;
echo " <td> " . _ ( 'Postal address' ) . " </td> \n " ;
echo " <td><input name= \" form_inetOrgPerson_postalAddress \" type= \" text \" size= \" 30 \" maxlength= \" 80 \" value= \" " . $this -> attributes [ 'postalAddress' ][ 0 ] . " \" ></td> \n " ;
echo " <td><a href= \" ../help.php?HelpNumber=452 \" target= \" lamhelp \" > " . _ ( 'Help' ) . " </a></td> \n " ;
echo " </tr> \n " ;
echo " <tr> \n " ;
echo " <td> " . _ ( 'Telephone number' ) . " </td> \n " ;
echo " <td><input name= \" form_inetOrgPerson_telephoneNumber \" type= \" text \" size= \" 30 \" maxlength= \" 30 \" value= \" " . $this -> attributes [ 'telephoneNumber' ][ 0 ] . " \" ></td> \n " ;
echo " <td><a href= \" ../help.php?HelpNumber=453 \" target= \" lamhelp \" > " . _ ( 'Help' ) . " </a></td> \n " ;
echo " </tr> \n " ;
echo " <tr> \n " ;
echo " <td> " . _ ( 'Mobile number' ) . " </td> \n " ;
echo " <td><input name= \" form_inetOrgPerson_mobileTelephoneNumber \" type= \" text \" size= \" 30 \" maxlength= \" 30 \" value= \" " . $this -> attributes [ 'mobileTelephoneNumber' ][ 0 ] . " \" ></td> \n " ;
echo " <td><a href= \" ../help.php?HelpNumber=454 \" target= \" lamhelp \" > " . _ ( 'Help' ) . " </a></td> \n " ;
echo " </tr> \n " ;
echo " <tr> \n " ;
echo " <td> " . _ ( 'Fax number' ) . " </td> \n " ;
echo " <td><input name= \" form_inetOrgPerson_facsimileTelephoneNumber \" type= \" text \" size= \" 30 \" maxlength= \" 30 \" value= \" " . $this -> attributes [ 'facsimileTelephoneNumber' ][ 0 ] . " \" ></td> \n " ;
echo " <td><a href= \" ../help.php?HelpNumber=455 \" target= \" lamhelp \" > " . _ ( 'Help' ) . " </a></td> \n " ;
echo " </tr> \n " ;
echo " <tr> \n " ;
echo " <td> " . _ ( 'eMail address' ) . " </td> \n " ;
echo " <td><input name= \" form_inetOrgPerson_mail \" type= \" text \" size= \" 30 \" maxlength= \" 80 \" value= \" " . $this -> attributes [ 'mail' ][ 0 ] . " \" ></td> \n " ;
echo " <td><a href= \" ../help.php?HelpNumber=456 \" target= \" lamhelp \" > " . _ ( 'Help' ) . " </a></td> \n " ;
2003-12-12 00:52:35 +00:00
echo " </tr> \n " ;
echo " </table> \n " ;
return 0 ;
}
}
?>