2003-02-17 18:21:44 +00:00
< ? php
2017-02-11 17:16:08 +00:00
use \LAM\LIB\TWO_FACTOR\TwoFactorProviderService ;
2003-02-21 22:01:01 +00:00
/*
2009-10-27 18:47:12 +00:00
This code is part of LDAP Account Manager ( http :// www . ldap - account - manager . org / )
2019-01-04 18:00:05 +00:00
Copyright ( C ) 2003 - 2019 Roland Gruber
2003-02-21 22:01:01 +00:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 2 of the License , or
( at your option ) any later version .
2003-03-30 19:51:47 +00:00
2003-02-21 22:01:01 +00:00
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
2003-05-14 13:45:52 +00:00
2003-02-21 22:01:01 +00:00
You should have received a copy of the GNU General Public License
along with this program ; if not , write to the Free Software
Foundation , Inc . , 59 Temple Place , Suite 330 , Boston , MA 02111 - 1307 USA
2003-05-14 13:45:52 +00:00
2004-05-31 14:04:00 +00:00
*/
2003-03-15 11:42:08 +00:00
2004-05-31 14:04:00 +00:00
/**
* This file includes functions to manage the configuration files .
*
* @ package configuration
* @ author Roland Gruber
2007-02-22 17:16:14 +00:00
* @ author Thomas Manninger
2003-02-21 22:01:01 +00:00
*/
2004-05-31 14:04:00 +00:00
/** Used to print messages. */
2017-02-11 17:16:08 +00:00
include_once " status.inc " ;
2004-05-31 14:04:00 +00:00
/** Used to get module information. */
2017-02-11 17:16:08 +00:00
include_once " modules.inc " ;
2006-01-01 16:30:05 +00:00
/** Used to get type information. */
2017-02-11 17:16:08 +00:00
include_once " types.inc " ;
/** 2-factor */
include_once '2factor.inc' ;
2003-05-14 13:45:52 +00:00
2013-08-10 12:43:01 +00:00
/**
* Sets the environment variables for custom SSL CA certificates .
*/
function setSSLCaCert () {
2017-11-19 09:31:26 +00:00
$config = null ;
2013-08-10 12:43:01 +00:00
if ( isset ( $_SESSION [ 'cfgMain' ])) {
2017-11-19 09:31:26 +00:00
$config = $_SESSION [ 'cfgMain' ];
}
else {
$config = new LAMCfgMain ();
}
// set SSL certificate if set
$sslCaPath = $config -> getSSLCaCertPath ();
if ( $sslCaPath != null ) {
putenv ( 'LDAPTLS_CACERT=' . $sslCaPath );
putenv ( 'TLS_CACERT=' . $sslCaPath );
2013-08-10 12:43:01 +00:00
}
}
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Sets language settings for automatic translation
2004-05-30 12:16:01 +00:00
*/
2003-05-06 15:17:09 +00:00
function setlanguage () {
2014-02-02 12:36:12 +00:00
$code = 'en_GB.utf8' ;
$encoding = 'UTF-8' ;
2004-10-07 09:48:31 +00:00
if ( ! isset ( $_SESSION [ 'language' ])) {
2014-02-02 12:36:12 +00:00
$_SESSION [ 'language' ] = " en_GB.utf8 " ;
2003-05-06 15:17:09 +00:00
}
2014-02-02 12:36:12 +00:00
$possibleLanguages = getLanguages ();
foreach ( $possibleLanguages as $lang ) {
if ( $lang -> code == $_SESSION [ 'language' ]) {
$code = $lang -> code ;
$encoding = $lang -> encoding ;
break ;
}
}
2019-09-13 19:16:22 +00:00
putenv ( " LANG= $code " ); // e.g. LANG=de_DE
putenv ( " LC_ALL= $code " );
putenv ( " LC_LANG= $code " );
putenv ( " LC_LANGUAGE= $code " );
$setLocaleResult = setlocale ( LC_ALL , $code ); // set LC_ALL
if ( $setLocaleResult === false ) {
logNewMessage ( LOG_WARNING , " Unable to set locale, check if 'locale -a' returns $code " );
}
2004-10-07 09:48:31 +00:00
$locdir = substr ( __FILE__ , 0 , strlen ( __FILE__ ) - 15 ) . " /locale " ; // set path to translations
bindtextdomain ( " messages " , $locdir );
2019-09-13 19:16:22 +00:00
$bindTextResult = bind_textdomain_codeset ( " messages " , $encoding );
if ( ! is_string ( $bindTextResult )) {
logNewMessage ( LOG_WARNING , " Unable to bind text domain, check if 'locale -a' returns $code " );
}
$textDomainResult = textdomain ( " messages " );
if ( ! is_string ( $textDomainResult )) {
logNewMessage ( LOG_WARNING , " Unable to set text domain, check if 'locale -a' returns $code " );
}
2014-02-02 12:36:12 +00:00
header ( " Content-type: text/html; charset= " . $encoding , true );
2003-05-06 15:17:09 +00:00
}
2003-02-21 22:01:01 +00:00
2007-02-22 17:16:14 +00:00
/**
2007-11-03 13:22:12 +00:00
* Checks whether a specific flag in the rights string is set .
2007-02-22 17:16:14 +00:00
*
2007-11-03 13:17:39 +00:00
* @ param $right read , write or execute
* @ param $target owner , group or other
* @ param $chmod the chmod rights
2007-02-22 17:16:14 +00:00
*
* @ return true , if the chmod $right for $target were set
*/
function checkChmod ( $right , $target , $chmod ) {
2018-12-26 08:53:58 +00:00
$right_arr = array ( " read " , " write " , " execute " );
$target_arr = array ( " owner " , " group " , " other " );
2007-02-22 17:16:14 +00:00
// Check, if $right and $target has right parameters
if ( ! in_array ( $right , $right_arr ) ||! in_array ( $target , $target_arr )) {
return false ;
}
2015-07-26 07:59:24 +00:00
2007-02-22 17:16:14 +00:00
$chmod_num = - 1 ;
// owner:
2018-12-26 08:53:58 +00:00
if ( $target == " owner " ) {
$chmod_num = 0 ;
}
if ( $target == " group " ) {
$chmod_num = 1 ;
}
if ( $target == " other " ) {
$chmod_num = 2 ;
}
2015-07-26 07:59:24 +00:00
2007-02-22 17:16:14 +00:00
// Cut the number from the chmod:
$chmod_num = $chmod { $chmod_num };
2015-07-26 07:59:24 +00:00
2007-02-22 17:16:14 +00:00
// Now check, if the chmod_num can be right with the $right
// What numbers allow "read"
$read = array ( 4 , 5 , 6 , 7 );
// What numbers allow "write"
$write = array ( 2 , 3 , 6 , 7 );
// What numbers allow "execute"
$execute = array ( 1 , 3 , 5 , 7 );
2018-12-26 08:53:58 +00:00
if ((( $right == " read " ) && in_array ( $chmod_num , $read ))
|| (( $right == " write " ) && in_array ( $chmod_num , $write ))
|| (( $right == " execute " ) && in_array ( $chmod_num , $execute ))) {
return true ;
}
return false ;
2007-02-22 17:16:14 +00:00
}
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Returns an array of string with all available configuration profiles ( without . conf )
*
* @ return array profile names
2004-05-30 12:16:01 +00:00
*/
2003-07-06 10:24:41 +00:00
function getConfigProfiles () {
2019-01-04 18:00:05 +00:00
$dirName = substr ( __FILE__ , 0 , strlen ( __FILE__ ) - 15 ) . " /config " ;
$dir = dir ( $dirName );
2003-07-06 10:24:41 +00:00
$ret = array ();
$pos = 0 ;
while ( $entry = $dir -> read ()){
$ext = substr ( $entry , strlen ( $entry ) - 5 , 5 );
$name = substr ( $entry , 0 , strlen ( $entry ) - 5 );
2003-10-11 12:17:28 +00:00
// check if extension is right, add to profile list
2019-01-04 18:00:05 +00:00
if (( $ext == " .conf " ) && is_readable ( $dirName . '/' . $entry )) {
2003-07-06 10:24:41 +00:00
$ret [ $pos ] = $name ;
$pos ++ ;
}
}
sort ( $ret );
return $ret ;
}
2003-02-17 18:21:44 +00:00
2014-12-25 07:31:04 +00:00
/**
* Returns an array of string with all available configuration templates ( without . conf . sample )
*
* @ return array template names
*/
function getConfigTemplates () {
$dir = dir ( dirname ( __FILE__ ) . " /../config " );
$ret = array ();
$pos = 0 ;
while ( $entry = $dir -> read ()){
$ext = substr ( $entry , strlen ( $entry ) - 12 , 12 );
$name = substr ( $entry , 0 , strlen ( $entry ) - 12 );
// check if extension is right, add to profile list
if ( $ext == " .conf.sample " ) {
$ret [ $pos ] = $name ;
$pos ++ ;
}
}
sort ( $ret );
return $ret ;
}
2014-12-22 20:21:54 +00:00
/**
* Creates a new server profile .
2015-07-26 07:59:24 +00:00
*
2014-12-22 20:21:54 +00:00
* @ param String $name profile name
* @ param String $password profile password
* @ param String $template name of template file
* @ return mixed Boolean TRUE if creation was ok , error message if not
*/
function createConfigProfile ( $name , $password , $template ) {
if ( ! preg_match ( " /^[a-z0-9_-]+ $ /i " , $name ) || ! preg_match ( " /^[a-z0-9 \\ ._-]+ $ /i " , $template ) || in_array ( $name , getConfigProfiles ())) {
return _ ( " Profile name is invalid! " );
}
2016-01-03 10:56:57 +00:00
$dir = dirname ( dirname ( __FILE__ )) . " /config/ " ;
2014-12-22 20:21:54 +00:00
// check if template exists
2016-01-02 14:28:03 +00:00
if ( ! is_file ( $dir . $template )) {
2015-07-26 07:59:24 +00:00
return " The file config/ $template was not found. Please restore it. " ;
2014-12-22 20:21:54 +00:00
}
// create new profile file
2016-01-02 14:28:03 +00:00
$path = $dir . $name . " .conf " ;
@ copy ( $dir . $template , $path );
2014-12-22 20:21:54 +00:00
@ chmod ( $path , 0600 );
$file = is_file ( $path );
if ( $file ) {
// load as config and write new password
$conf = new LAMConfig ( $name );
$conf -> set_Passwd ( $password );
$conf -> save ();
}
else {
return _ ( " Unable to create new profile! " );
}
return true ;
}
2012-10-28 14:37:54 +00:00
/**
* Deletes the given server profile .
2015-07-26 07:59:24 +00:00
*
2012-10-28 14:37:54 +00:00
* @ param String $name profile name
* @ return String null if success or error message if failed
*/
function deleteConfigProfile ( $name ) {
if ( ! preg_match ( " /^[a-z0-9_-]+ $ /i " , $name )) {
return _ ( " Unable to delete profile! " );
}
2016-01-03 10:56:57 +00:00
$dir = dirname ( dirname ( __FILE__ )) . " /config/ " ;
2012-10-28 14:37:54 +00:00
// delete account profiles and PDF structures
$subDirs = array ( $dir . 'pdf/' . $name . '/logos' , $dir . 'pdf/' . $name , $dir . 'profiles/' . $name );
for ( $i = 0 ; $i < sizeof ( $subDirs ); $i ++ ) {
if ( is_dir ( $subDirs [ $i ])) {
$dirHandle = @ opendir ( $subDirs [ $i ]);
while ( false !== ( $path = readdir ( $dirHandle ))) {
2018-12-26 08:53:58 +00:00
if (( $path != '.' ) && ( $path != '..' ) && !@ unlink ( $subDirs [ $i ] . '/' . $path )) {
logNewMessage ( LOG_ERR , 'Unable to delete ' . $subDirs [ $i ] . '/' . $path );
return _ ( " Unable to delete profile! " );
2012-10-28 14:37:54 +00:00
}
}
@ closedir ( $dirHandle );
if ( !@ rmdir ( $subDirs [ $i ])) {
logNewMessage ( LOG_ERR , 'Unable to delete ' . $subDirs [ $i ]);
return _ ( " Unable to delete profile! " );
}
}
}
// delete config file
2016-01-02 13:39:28 +00:00
$confFile = $dir . $name . " .conf " ;
2012-10-28 14:37:54 +00:00
if ( !@ unlink ( $confFile )) {
logNewMessage ( LOG_ERR , 'Unable to delete ' . $confFile );
return _ ( " Unable to delete profile! " );
}
}
2005-04-07 13:12:38 +00:00
/**
* Returns the version number of this LAM installation .
* Format : < major version >.< minor version >.< patch level >
* < br > Major / minor version are always numbers , patch level may contain letters for inofficial releases only ( e . g . 0.5 . alpha1 ) .
*
* @ return string version number
*/
function LAMVersion () {
$file = substr ( __FILE__ , 0 , strlen ( __FILE__ ) - 15 ) . " /VERSION " ;
if ( is_readable ( $file )) {
$handle = fopen ( $file , " r " );
if ( ! feof ( $handle )) {
return trim ( fgets ( $handle , 20 ));
}
}
// file was not readable
return '0.0.unknown' ;
}
2014-07-12 13:29:15 +00:00
/**
* Extracts config options from HTTP POST data .
2015-07-26 07:59:24 +00:00
*
2014-07-12 13:29:15 +00:00
* @ param array $confTypes array ( option name => type ( e . g . multiselect ))
* @ return array list of config options ( name => array ( values ))
*/
function extractConfigOptionsFromPOST ( $confTypes ) {
$options = array ();
foreach ( $confTypes as $element => $type ) {
// text fields
if ( $type == " text " ) {
$options [ $element ] = array ( $_POST [ $element ]);
}
// text fields
elseif ( $type == " text_obfuscated " ) {
$options [ $element ] = array ( obfuscateText ( $_POST [ $element ]));
}
// hidden fields
elseif ( $type == " hidden " ) {
$options [ $element ] = array ( $_POST [ $element ]);
}
// checkboxes
elseif ( $type == " checkbox " ) {
2018-12-26 08:53:58 +00:00
if ( isset ( $_POST [ $element ]) && ( $_POST [ $element ] == " on " )) {
$options [ $element ] = array ( 'true' );
}
else {
$options [ $element ] = array ( 'false' );
}
2014-07-12 13:29:15 +00:00
}
// dropdownbox
elseif ( $type == " select " ) {
$options [ $element ] = array ( $_POST [ $element ]);
}
// multiselect
elseif ( $type == " multiselect " ) {
$options [ $element ] = $_POST [ $element ]; // value is already an array
}
// textarea
elseif ( $type == " textarea " ) {
$options [ $element ] = explode ( " \r \n " , $_POST [ $element ]);
}
}
return $options ;
}
2005-04-07 13:12:38 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Prints a meta refresh page
2004-05-30 12:16:01 +00:00
*
2004-05-31 14:04:00 +00:00
* @ param string $page the URL of the target page
2004-05-30 12:16:01 +00:00
*/
2003-08-28 12:41:47 +00:00
function metaRefresh ( $page ) {
2018-11-18 08:19:12 +00:00
if ( ! headers_sent ()) {
header ( 'Location: ' . $page );
return ;
}
2010-09-13 20:05:58 +00:00
if ( isset ( $_SESSION [ 'header' ])) {
echo $_SESSION [ 'header' ];
}
else {
echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">' ;
echo " <html><head> \n " ;
}
2003-08-28 12:41:47 +00:00
echo " <meta http-equiv= \" refresh \" content= \" 0; URL= " . $page . " \" > \n " ;
2003-11-29 12:54:00 +00:00
echo " <title></title> \n " ;
2003-08-28 12:41:47 +00:00
echo " </head> \n " ;
echo " <body> \n " ;
// print link if refresh does not work
echo " <p> \n " ;
echo " <a href= \" " . $page . " \" > " . _ ( " Click here if you are not directed to the next page. " ) . " </a> \n " ;
echo " </p> \n " ;
echo " </body> \n " ;
echo " </html> \n " ;
}
2013-01-01 20:46:28 +00:00
/**
* Checks if the given account type is hidden .
2015-07-26 07:59:24 +00:00
*
2013-01-01 20:46:28 +00:00
* @ param String $type account type ( e . g . user )
* @ return boolean is hidden
*/
function isAccountTypeHidden ( $type ) {
$typeSettings = $_SESSION [ 'config' ] -> get_typeSettings ();
2018-12-26 08:53:58 +00:00
return isset ( $typeSettings [ 'hidden_' . $type ]) && ( $typeSettings [ 'hidden_' . $type ]);
2013-01-01 20:46:28 +00:00
}
2003-07-06 10:24:41 +00:00
2014-02-02 12:36:12 +00:00
/**
* Returns a list of all supported languages .
2015-07-26 07:59:24 +00:00
*
2017-11-04 09:49:28 +00:00
* @ return LAMLanguage [] languages
2014-02-02 12:36:12 +00:00
*/
function getLanguages () {
$languages = array ();
// loading available languages from language.conf file
$languagefile = dirname ( __FILE__ ) . " /../config/language " ;
2018-12-26 08:53:58 +00:00
if ( is_file ( $languagefile )) {
2014-02-02 12:36:12 +00:00
$file = fopen ( $languagefile , " r " );
while ( ! feof ( $file )) {
$line = fgets ( $file , 1024 );
2018-12-26 08:53:58 +00:00
if ( $line == " " || $line == " \n " || $line [ 0 ] == " # " ) {
continue ; // ignore comment and empty lines
}
2014-02-02 12:36:12 +00:00
$value = explode ( " : " , $line );
$languages [] = new LAMLanguage ( $value [ 0 ], $value [ 1 ], $value [ 2 ]);
}
fclose ( $file );
}
return $languages ;
}
/**
* Represents a supported language .
2015-07-26 07:59:24 +00:00
*
2014-02-02 12:36:12 +00:00
* @ package configuration
*/
class LAMLanguage {
/** language code (e.g. en_GB.utf8) */
public $code ;
/** character encoding (e.g. UTF-8) */
public $encoding ;
/** description for GUI */
public $description ;
2015-07-26 07:59:24 +00:00
2014-02-02 12:36:12 +00:00
/**
* Constructor
2015-07-26 07:59:24 +00:00
*
2014-02-02 12:36:12 +00:00
* @ param String $code language code ( e . g . en_GB . utf8 )
* @ param String $encoding character encoding ( e . g . UTF - 8 )
* @ param String $description description for GUI
*/
public function __construct ( $code , $encoding , $description ) {
$this -> code = $code ;
$this -> encoding = $encoding ;
$this -> description = $description ;
}
}
2004-05-30 12:16:01 +00:00
/**
2016-01-02 13:39:28 +00:00
* This class manages conf files .
2004-05-31 14:04:00 +00:00
*
* @ package configuration
2003-07-06 10:24:41 +00:00
*/
2006-09-24 14:19:50 +00:00
class LAMConfig {
2015-07-26 07:59:24 +00:00
2009-03-07 16:22:30 +00:00
/* access levels */
2007-12-30 12:32:48 +00:00
const ACCESS_ALL = 100 ;
const ACCESS_PASSWORD_CHANGE = 20 ;
const ACCESS_READ_ONLY = 0 ;
2015-07-26 07:59:24 +00:00
2010-05-28 13:45:34 +00:00
/* return codes for saving configuration file */
const SAVE_OK = 0 ;
const SAVE_FAIL = 1 ;
2015-07-26 07:59:24 +00:00
2009-03-07 16:22:30 +00:00
/* login method: predefined list or LDAP search */
const LOGIN_LIST = 'list' ;
const LOGIN_SEARCH = 'search' ;
2015-07-26 07:59:24 +00:00
2010-08-29 16:02:51 +00:00
/** line separator */
const LINE_SEPARATOR = '+::+' ;
2015-07-26 07:59:24 +00:00
2016-02-26 19:49:57 +00:00
/** show password on screen by default */
const PWDRESET_DEFAULT_SCREEN = 1 ;
/** send password via email by default */
const PWDRESET_DEFAULT_MAIL = 2 ;
/** show password on screen and send via email by default */
const PWDRESET_DEFAULT_BOTH = 3 ;
2004-05-31 14:04:00 +00:00
/** Server address (e.g. ldap://127.0.0.1:389) */
2007-12-29 18:59:09 +00:00
private $ServerURL ;
2015-07-26 07:59:24 +00:00
2016-01-03 10:56:57 +00:00
/** Display name of LDAP server */
private $serverDisplayName ;
2009-05-03 17:31:39 +00:00
/** enables/disables TLS encryption */
private $useTLS ;
2015-07-26 07:59:24 +00:00
2014-01-12 10:18:35 +00:00
/** automatically follow referrals */
private $followReferrals = 'false' ;
2015-07-26 07:59:24 +00:00
2014-11-29 17:40:39 +00:00
/** use paged results */
private $pagedResults = 'false' ;
2015-07-26 07:59:24 +00:00
2017-12-31 11:37:50 +00:00
/** overlay for referential integrity is activated */
private $referentialIntegrityOverlay = 'false' ;
2004-05-31 14:04:00 +00:00
/** Array of string: users with admin rights */
2007-12-29 18:59:09 +00:00
private $Admins ;
2003-05-14 13:45:52 +00:00
2004-05-31 14:04:00 +00:00
/** Password to edit preferences */
2007-11-07 21:02:13 +00:00
private $Passwd ;
2003-02-17 18:21:44 +00:00
2005-02-27 12:40:06 +00:00
/** LDAP suffix for tree view */
2007-12-29 18:59:09 +00:00
private $treesuffix ;
2005-02-27 12:40:06 +00:00
2004-05-31 14:04:00 +00:00
/** Default language */
2007-12-29 18:59:09 +00:00
private $defaultLanguage ;
2015-06-08 18:33:38 +00:00
/** time zone */
private $timeZone = 'Europe/London' ;
2003-05-09 16:22:46 +00:00
2004-07-18 10:18:25 +00:00
/** module settings */
2007-12-29 18:59:09 +00:00
private $moduleSettings = array ();
2004-07-18 10:18:25 +00:00
2006-01-01 16:30:05 +00:00
/** type settings */
2007-12-29 18:59:09 +00:00
private $typeSettings = array ();
2015-07-26 07:59:24 +00:00
2012-05-26 20:05:56 +00:00
/** tool settings */
private $toolSettings = array ();
2006-01-01 16:30:05 +00:00
2004-05-30 12:16:01 +00:00
/**
* Path to external lamdaemon script on server where it is executed
2004-05-31 14:04:00 +00:00
*
* This is used for managing quota and home directories .
2004-05-30 12:16:01 +00:00
* optional setting , may not be defined
*/
2007-12-29 18:59:09 +00:00
private $scriptPath ;
2003-05-12 17:52:54 +00:00
2004-05-30 12:16:01 +00:00
/**
2007-02-22 17:16:14 +00:00
* The rights for the home directory
*/
2007-12-29 18:59:09 +00:00
private $scriptRights = '750' ;
2007-02-22 17:16:14 +00:00
/**
* Servers where lamdaemon script is executed
2004-05-31 14:04:00 +00:00
*
* This is used for managing quota and home directories .
2004-05-30 12:16:01 +00:00
* optional setting , may not be defined
*/
2007-12-29 18:59:09 +00:00
private $scriptServer ;
2003-05-28 15:37:48 +00:00
2016-08-08 20:01:36 +00:00
/**
* user name for lamdaemon
*/
private $scriptUserName ;
/**
* File name of SSH key for lamdaemon .
*/
private $scriptSSHKey ;
/**
* Password for lamdaemon SSH key .
*/
private $scriptSSHKeyPassword ;
2004-05-30 12:16:01 +00:00
/** LDAP cache timeout */
2007-12-29 18:59:09 +00:00
private $cachetimeout ;
2015-07-26 07:59:24 +00:00
2010-02-06 18:30:21 +00:00
/** LDAP search limit */
private $searchLimit = 0 ;
2003-08-18 15:21:27 +00:00
2006-01-01 16:30:05 +00:00
/** Active account types */
2019-01-18 18:11:10 +00:00
private $activeTypes = " " ;
2004-01-30 17:06:28 +00:00
2004-05-31 14:04:00 +00:00
/** Name of configuration file */
2007-12-29 18:59:09 +00:00
private $file ;
2015-07-26 07:59:24 +00:00
2009-03-07 16:22:30 +00:00
/** access level */
private $accessLevel = LAMconfig :: ACCESS_ALL ;
2015-07-26 07:59:24 +00:00
2009-03-07 16:22:30 +00:00
/** login method */
private $loginMethod = LAMconfig :: LOGIN_LIST ;
2015-07-26 07:59:24 +00:00
2009-03-07 16:22:30 +00:00
/** search suffix for login */
private $loginSearchSuffix = 'dc=yourdomain,dc=org' ;
2015-07-26 07:59:24 +00:00
2009-03-07 16:22:30 +00:00
/** search filter for login */
private $loginSearchFilter = 'uid=%USER%' ;
2015-07-26 07:59:24 +00:00
2011-12-03 19:02:28 +00:00
/** bind user for login search */
private $loginSearchDN = '' ;
2015-07-26 07:59:24 +00:00
2011-12-03 19:02:28 +00:00
/** bind password for login search */
private $loginSearchPassword = '' ;
2015-07-26 07:59:24 +00:00
2011-08-23 19:05:05 +00:00
/** specifies if HTTP authentication should be used */
private $httpAuthentication = 'false' ;
2015-07-26 07:59:24 +00:00
2010-08-29 16:02:51 +00:00
/** email address for sender of password reset mails */
private $lamProMailFrom = '' ;
2011-08-15 12:33:04 +00:00
/** reply-to email address for password reset mails */
private $lamProMailReplyTo = '' ;
2010-08-29 16:02:51 +00:00
/** subject for password reset mails */
private $lamProMailSubject = '' ;
2011-05-22 15:02:14 +00:00
/** treat password reset mail body as HTML */
private $lamProMailIsHTML = 'false' ;
2014-02-10 19:16:37 +00:00
/** allow sending mails to an alternative address */
private $lamProMailAllowAlternateAddress = 'true' ;
2010-08-29 16:02:51 +00:00
/** mail body for password reset mails */
private $lamProMailText = '' ;
2015-07-26 07:59:24 +00:00
2016-02-26 19:49:57 +00:00
/** password reset page: allow to set a specific password */
private $pwdResetAllowSpecificPassword = 'true' ;
/** password reset page: allow to show password on screen */
private $pwdResetAllowScreenPassword = 'true' ;
/** password reset page: force password change by default */
private $pwdResetForcePasswordChange = 'true' ;
/** password reset page : default selection for password output
* PWDRESET_DEFAULT_SCREEN , PWDRESET_DEFAULT_MAIL , PWDRESET_DEFAULT_BOTH */
private $pwdResetDefaultPasswordOutput = LAMconfig :: PWDRESET_DEFAULT_MAIL ;
2015-06-12 18:28:25 +00:00
/** LDAP user for jobs */
private $jobsBindUser = null ;
/** LDAP password for jobs */
private $jobsBindPassword = null ;
2015-07-26 07:59:24 +00:00
/** database type for jobs */
2015-06-12 18:28:25 +00:00
private $jobsDatabase = null ;
2015-07-26 07:59:24 +00:00
/** host of job database */
private $jobsDBHost = null ;
/** port of job database */
private $jobsDBPort = null ;
/** user of job database */
private $jobsDBUser = null ;
/** password of job database */
private $jobsDBPassword = null ;
/** name of job database */
private $jobsDBName = null ;
2015-06-16 18:59:56 +00:00
/** random job token */
private $jobToken = null ;
/** job configuration */
private $jobSettings = array ();
2003-07-06 10:24:41 +00:00
2017-02-11 17:16:08 +00:00
private $twoFactorAuthentication = TwoFactorProviderService :: TWO_FACTOR_NONE ;
private $twoFactorAuthenticationURL = 'https://localhost' ;
2018-12-31 09:51:44 +00:00
private $twoFactorAuthenticationClientId = null ;
private $twoFactorAuthenticationSecretKey = null ;
2017-02-11 17:16:08 +00:00
private $twoFactorAuthenticationInsecure = false ;
private $twoFactorAuthenticationLabel = null ;
private $twoFactorAuthenticationOptional = false ;
private $twoFactorAuthenticationCaption = '' ;
2019-08-11 07:39:47 +00:00
private $twoFactorAuthenticationAttribute = '' ;
2017-02-11 17:16:08 +00:00
2004-05-31 14:04:00 +00:00
/** List of all settings in config file */
2014-11-29 17:40:39 +00:00
private $settings = array ( " ServerURL " , " useTLS " , " followReferrals " , 'pagedResults' , " Passwd " , " Admins " , " treesuffix " ,
2016-01-03 10:56:57 +00:00
" defaultLanguage " , " scriptPath " , " scriptServer " , " scriptRights " , " cachetimeout " , 'serverDisplayName' ,
2012-05-26 20:05:56 +00:00
" modules " , " activeTypes " , " types " , " tools " , " accessLevel " , 'loginMethod' , 'loginSearchSuffix' ,
2011-08-15 12:33:04 +00:00
'loginSearchFilter' , 'searchLimit' , 'lamProMailFrom' , 'lamProMailReplyTo' , 'lamProMailSubject' ,
2014-02-10 19:16:37 +00:00
'lamProMailText' , 'lamProMailIsHTML' , 'lamProMailAllowAlternateAddress' , 'httpAuthentication' , 'loginSearchDN' ,
2015-07-26 07:59:24 +00:00
'loginSearchPassword' , 'timeZone' , 'jobsBindUser' , 'jobsBindPassword' , 'jobsDatabase' , 'jobToken' , 'jobs' ,
2016-02-26 19:49:57 +00:00
'jobsDBHost' , 'jobsDBPort' , 'jobsDBUser' , 'jobsDBPassword' , 'jobsDBName' , 'pwdResetAllowSpecificPassword' ,
2016-08-08 20:01:36 +00:00
'pwdResetAllowScreenPassword' , 'pwdResetForcePasswordChange' , 'pwdResetDefaultPasswordOutput' ,
2017-02-11 17:16:08 +00:00
'scriptUserName' , 'scriptSSHKey' , 'scriptSSHKeyPassword' , 'twoFactorAuthentication' , 'twoFactorAuthenticationURL' ,
'twoFactorAuthenticationInsecure' , 'twoFactorAuthenticationLabel' , 'twoFactorAuthenticationOptional' ,
2019-08-11 07:39:47 +00:00
'twoFactorAuthenticationCaption' , 'twoFactorAuthenticationClientId' , 'twoFactorAuthenticationSecretKey' ,
'twoFactorAuthenticationAttribute' , 'referentialIntegrityOverlay'
2015-07-26 07:59:24 +00:00
);
2003-09-21 20:10:52 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Loads preferences from config file
2004-05-30 12:16:01 +00:00
*
2012-03-13 21:02:37 +00:00
* @ param String $file file name without " .conf " ( e . g . lam )
2004-05-30 12:16:01 +00:00
*/
2012-03-13 21:02:37 +00:00
function __construct ( $file ) {
if ( empty ( $file ) || ! preg_match ( " /^[a-z0-9_-]+ $ /i " , $file )) {
2012-03-13 21:34:13 +00:00
logNewMessage ( LOG_ERR , 'Invalid config file name: ' . $file );
2012-03-13 21:02:37 +00:00
die ();
}
2003-10-11 12:17:28 +00:00
// load first profile if none is given
2003-09-21 20:10:52 +00:00
if ( ! is_string ( $file )) {
$profiles = getConfigProfiles ();
$file = $profiles [ 0 ];
}
$this -> file = $file ;
$this -> reload ();
2003-07-06 10:24:41 +00:00
}
2003-05-14 13:45:52 +00:00
2004-07-18 10:18:25 +00:00
/**
* Reloads preferences from config file
*
* @ return boolean true if file was readable
*/
2007-10-26 17:51:56 +00:00
private function reload () {
$conffile = $this -> getPath ();
2018-12-26 08:53:58 +00:00
if ( is_file ( $conffile )) {
2004-07-18 10:18:25 +00:00
$file = @ fopen ( $conffile , " r " );
2018-12-26 08:53:58 +00:00
if ( ! $file ) {
return false ; // abort if file is not readable
}
2003-09-15 16:24:44 +00:00
while ( ! feof ( $file )) {
2015-06-16 18:59:56 +00:00
$line = fgets ( $file , 1000000 );
2003-10-11 12:17:28 +00:00
$line = trim ( $line ); // remove spaces at the beginning and end
if (( $line == " " ) || ( $line [ 0 ] == " # " )) continue ; // ignore comments and empty lines
2003-09-15 16:24:44 +00:00
// search keywords
2017-01-06 10:38:52 +00:00
$parts = explode ( ': ' , $line );
$keyword = $parts [ 0 ];
if ( ! in_array ( $keyword , $this -> settings )) {
continue ;
}
$startIndex = strlen ( $keyword ) + 2 ;
if ( sizeof ( $parts ) == 1 ) {
// empty global settings
$this -> $keyword = '' ;
}
2017-02-09 18:39:10 +00:00
elseif (( sizeof ( $parts ) > 1 ) && ! in_array ( $keyword , array ( 'modules' , 'types' , 'tools' , 'jobs' ))) {
2017-01-06 10:38:52 +00:00
// global setting with value
$this -> $keyword = substr ( $line , $startIndex );
}
else {
$subKeyword = $parts [ 1 ];
$startIndex = $startIndex + strlen ( $subKeyword ) + 2 ;
2017-07-02 07:35:27 +00:00
$option = substr ( $line , $startIndex );
if ( empty ( $option )) {
continue ;
}
2017-01-06 10:38:52 +00:00
// module settings
if ( $keyword == 'modules' ) {
$this -> moduleSettings [ $subKeyword ] = explode ( LAMConfig :: LINE_SEPARATOR , $option );
}
// type settings
if ( $keyword == 'types' ) {
$this -> typeSettings [ $subKeyword ] = $option ;
2003-09-21 20:10:52 +00:00
}
2017-01-06 10:38:52 +00:00
// tool settings
if ( $keyword == 'tools' ) {
$this -> toolSettings [ $subKeyword ] = $option ;
}
// job settings
if ( $keyword == 'jobs' ) {
$this -> jobSettings [ $subKeyword ] = explode ( LAMConfig :: LINE_SEPARATOR , $option );
2006-02-03 15:36:39 +00:00
}
2003-09-15 16:24:44 +00:00
}
}
fclose ( $file );
}
2017-01-06 10:38:52 +00:00
$this -> removeInvalidTypes ();
$this -> removeInvalidModules ();
return true ;
}
/**
* Removes any non - existing types from the configuration .
*/
private function removeInvalidTypes () {
2016-12-19 20:32:08 +00:00
$allTypes = LAM\TYPES\getTypes ();
2012-03-11 19:29:06 +00:00
$activeTypes = $this -> get_ActiveTypes ();
for ( $i = 0 ; $i < sizeof ( $activeTypes ); $i ++ ) {
2016-12-28 18:53:18 +00:00
if ( ! in_array ( \LAM\TYPES\getScopeFromTypeId ( $activeTypes [ $i ]), $allTypes )) {
2012-03-11 19:29:06 +00:00
unset ( $activeTypes [ $i ]);
}
}
$activeTypes = array_values ( $activeTypes );
$this -> set_ActiveTypes ( $activeTypes );
2017-01-06 10:38:52 +00:00
}
/**
* Removes any non - existing modules from the configuration .
*/
private function removeInvalidModules () {
2016-12-28 18:53:18 +00:00
$types = $this -> get_ActiveTypes ();
2017-01-06 10:38:52 +00:00
$availableByScope = array ();
2016-12-28 18:53:18 +00:00
foreach ( $types as $type ) {
$scope = \LAM\TYPES\getScopeFromTypeId ( $type );
$moduleVar = " modules_ " . $type ;
2011-03-22 17:40:40 +00:00
if ( isset ( $this -> typeSettings [ $moduleVar ])){
$modules = explode ( " , " , $this -> typeSettings [ $moduleVar ]);
2017-01-06 10:38:52 +00:00
if ( empty ( $availableByScope [ $scope ])) {
$availableByScope [ $scope ] = getAvailableModules ( $scope );
}
$available = $availableByScope [ $scope ];
2011-03-22 17:40:40 +00:00
// only return available modules
$ret = array ();
for ( $i = 0 ; $i < sizeof ( $modules ); $i ++ ) {
2018-12-26 08:53:58 +00:00
if ( in_array ( $modules [ $i ], $available )) {
$ret [] = $modules [ $i ];
}
2011-03-22 17:40:40 +00:00
}
2012-04-06 08:39:24 +00:00
$this -> typeSettings [ $moduleVar ] = implode ( " , " , $ret );
2004-10-14 18:59:26 +00:00
}
}
2003-09-15 16:24:44 +00:00
}
2003-05-14 13:45:52 +00:00
2004-05-31 14:04:00 +00:00
/** Saves preferences to config file */
2007-10-26 17:51:56 +00:00
public function save () {
$conffile = $this -> getPath ();
2019-01-04 18:00:05 +00:00
if ( is_file ( $conffile ) && is_readable ( $conffile )) {
2003-08-18 15:21:27 +00:00
$file = fopen ( $conffile , " r " );
$file_array = array ();
// read config file
while ( ! feof ( $file )) {
2015-06-16 18:59:56 +00:00
array_push ( $file_array , fgets ( $file , 1000000 ));
2003-08-18 15:21:27 +00:00
}
fclose ( $file );
// generate new configuration file
2003-09-21 20:10:52 +00:00
$saved = array (); // includes all settings which have been saved
2004-07-18 10:18:25 +00:00
$mod_saved = array (); // includes all module settings which have been saved
2017-07-03 18:23:49 +00:00
$count = sizeof ( $file_array );
for ( $i = 0 ; $i < $count ; $i ++ ) {
2003-09-21 20:10:52 +00:00
$line = trim ( $file_array [ $i ]);
2003-10-11 12:17:28 +00:00
if (( $line == " " ) || ( $line [ 0 ] == " # " )) continue ; // ignore comments and empty lines
2003-08-18 15:21:27 +00:00
// search for keywords
2003-09-21 20:10:52 +00:00
for ( $k = 0 ; $k < sizeof ( $this -> settings ); $k ++ ) {
$keyword = $this -> settings [ $k ];
$keylen = strlen ( $keyword );
2003-09-30 18:42:14 +00:00
if ( strtolower ( substr ( $line , 0 , $keylen + 1 )) == strtolower ( $keyword . " : " )) {
2004-07-18 10:18:25 +00:00
// module settings
if ( strtolower ( substr ( $line , 0 , $keylen + 2 )) == " modules: " ) {
$option = substr ( $line , $keylen + 2 , strlen ( $line ) - $keylen - 2 );
$pos = strpos ( $option , " : " );
$name = substr ( $option , 0 , $pos );
2017-07-03 18:23:49 +00:00
if ( ! isset ( $this -> moduleSettings [ $name ])) {
unset ( $file_array [ $i ]);
continue ;
}
2010-08-29 16:02:51 +00:00
$file_array [ $i ] = " modules: " . $name . " : " . implode ( LAMConfig :: LINE_SEPARATOR , $this -> moduleSettings [ $name ]) . " \n " ;
2004-07-18 10:18:25 +00:00
$mod_saved [] = $name ; // mark keyword as saved
}
2006-01-01 16:30:05 +00:00
// type settings
elseif ( strtolower ( substr ( $line , 0 , $keylen + 2 )) == " types: " ) {
$option = substr ( $line , $keylen + 2 , strlen ( $line ) - $keylen - 2 );
$pos = strpos ( $option , " : " );
$name = substr ( $option , 0 , $pos );
2017-07-03 18:23:49 +00:00
if ( ! isset ( $this -> typeSettings [ $name ])) {
unset ( $file_array [ $i ]);
continue ;
}
2006-01-01 16:30:05 +00:00
$file_array [ $i ] = " types: " . $name . " : " . $this -> typeSettings [ $name ] . " \n " ;
$mod_saved [] = $name ; // mark keyword as saved
}
2012-05-26 20:05:56 +00:00
// tool settings
elseif ( strtolower ( substr ( $line , 0 , $keylen + 2 )) == " tools: " ) {
$option = substr ( $line , $keylen + 2 , strlen ( $line ) - $keylen - 2 );
$pos = strpos ( $option , " : " );
$name = substr ( $option , 0 , $pos );
2017-07-03 18:23:49 +00:00
if ( ! isset ( $this -> toolSettings [ $name ])) {
unset ( $file_array [ $i ]);
continue ;
}
2012-05-26 20:05:56 +00:00
$file_array [ $i ] = " tools: " . $name . " : " . $this -> toolSettings [ $name ] . " \n " ;
$mod_saved [] = $name ; // mark keyword as saved
}
2015-06-16 18:59:56 +00:00
// job settings
elseif ( strtolower ( substr ( $line , 0 , $keylen + 2 )) == " jobs: " ) {
$option = substr ( $line , $keylen + 2 , strlen ( $line ) - $keylen - 2 );
$pos = strpos ( $option , " : " );
$name = substr ( $option , 0 , $pos );
2017-07-03 18:23:49 +00:00
if ( ! isset ( $this -> jobSettings [ $name ])) {
unset ( $file_array [ $i ]);
continue ;
}
2015-06-16 18:59:56 +00:00
$file_array [ $i ] = " jobs: " . $name . " : " . implode ( LAMConfig :: LINE_SEPARATOR , $this -> jobSettings [ $name ]) . " \n " ;
$mod_saved [] = $name ; // mark keyword as saved
}
2004-07-18 10:18:25 +00:00
// general settings
else {
$file_array [ $i ] = $keyword . " : " . $this -> $keyword . " \n " ;
$saved [] = $keyword ; // mark keyword as saved
}
2003-09-21 20:10:52 +00:00
break ;
}
2003-08-18 15:21:27 +00:00
}
}
// check if we have to add new entries (e.g. if user upgraded LAM and has an old config file)
2017-09-07 05:17:52 +00:00
if ( ! in_array ( " ServerURL " , $saved )) array_push ( $file_array , " \n \n # server address (e.g. ldap://localhost:389 or ldaps://localhost:636) \n " . " ServerURL: " . $this -> ServerURL . " \n " );
2016-01-03 10:56:57 +00:00
if ( ! in_array ( " serverDisplayName " , $saved )) array_push ( $file_array , " \n \n serverDisplayName: " . $this -> serverDisplayName . " \n " );
2009-05-03 17:31:39 +00:00
if ( ! in_array ( " useTLS " , $saved )) array_push ( $file_array , " \n \n # enable TLS encryption \n " . " useTLS: " . $this -> useTLS . " \n " );
2014-01-12 10:18:35 +00:00
if ( ! in_array ( " followReferrals " , $saved )) array_push ( $file_array , " \n \n # follow referrals \n " . " followReferrals: " . $this -> followReferrals . " \n " );
2014-11-29 17:40:39 +00:00
if ( ! in_array ( " pagedResults " , $saved )) array_push ( $file_array , " \n \n # paged results \n " . " pagedResults: " . $this -> pagedResults . " \n " );
2017-12-31 11:37:50 +00:00
if ( ! in_array ( " referentialIntegrityOverlay " , $saved )) array_push ( $file_array , " \n " . " referentialIntegrityOverlay: " . $this -> referentialIntegrityOverlay . " \n " );
2017-09-07 05:17:52 +00:00
if ( ! in_array ( " Passwd " , $saved )) array_push ( $file_array , " \n \n # password to change these preferences via webfrontend \n " . " Passwd: " . $this -> Passwd . " \n " );
2003-09-21 20:10:52 +00:00
if ( ! in_array ( " Admins " , $saved )) array_push ( $file_array , " \n \n # list of users who are allowed to use LDAP Account Manager \n " .
2003-08-18 15:21:27 +00:00
" # names have to be seperated by semicolons \n " .
2017-09-07 05:17:52 +00:00
" # e.g. admins: cn=admin,dc=yourdomain,dc=org;cn=root,dc=yourdomain,dc=org \n " . " Admins: " . $this -> Admins . " \n " );
2005-02-27 12:40:06 +00:00
if ( ! in_array ( " treesuffix " , $saved )) array_push ( $file_array , " \n \n # suffix of tree view \n " .
" # e.g. dc=yourdomain,dc=org \n " . " treesuffix: " . $this -> treesuffix . " \n " );
2003-09-30 18:42:14 +00:00
if ( ! in_array ( " defaultLanguage " , $saved )) array_push ( $file_array , " \n \n # default language (a line from config/language) \n " . " defaultLanguage: " . $this -> defaultLanguage . " \n " );
2015-06-08 18:33:38 +00:00
if ( ! in_array ( " timeZone " , $saved )) array_push ( $file_array , " \n \n # time zone \n " . " timeZone: " . $this -> timeZone . " \n " );
2003-09-30 18:42:14 +00:00
if ( ! in_array ( " scriptPath " , $saved )) array_push ( $file_array , " \n \n # Path to external Script \n " . " scriptPath: " . $this -> scriptPath . " \n " );
2007-02-25 14:15:08 +00:00
if ( ! in_array ( " scriptServer " , $saved )) array_push ( $file_array , " \n \n # Servers of external script \n " . " scriptServer: " . $this -> scriptServer . " \n " );
2007-02-22 17:16:14 +00:00
if ( ! in_array ( " scriptRights " , $saved )) array_push ( $file_array , " \n \n # Access rights for home directories \n " . " scriptRights: " . $this -> scriptRights . " \n " );
2016-08-08 20:01:36 +00:00
if ( ! in_array ( " scriptUserName " , $saved )) array_push ( $file_array , " \n " . " scriptUserName: " . $this -> scriptUserName . " \n " );
if ( ! in_array ( " scriptSSHKey " , $saved )) array_push ( $file_array , " \n " . " scriptSSHKey: " . $this -> scriptSSHKey . " \n " );
if ( ! in_array ( " scriptSSHKeyPassword " , $saved )) array_push ( $file_array , " \n " . " scriptSSHKeyPassword: " . $this -> scriptSSHKeyPassword . " \n " );
2003-09-30 18:42:14 +00:00
if ( ! in_array ( " cachetimeout " , $saved )) array_push ( $file_array , " \n \n # Number of minutes LAM caches LDAP searches. \n " . " cacheTimeout: " . $this -> cachetimeout . " \n " );
2010-02-06 18:30:21 +00:00
if ( ! in_array ( " searchLimit " , $saved )) array_push ( $file_array , " \n \n # LDAP search limit. \n " . " searchLimit: " . $this -> searchLimit . " \n " );
2006-01-01 16:30:05 +00:00
if ( ! in_array ( " activeTypes " , $saved )) array_push ( $file_array , " \n \n # List of active account types. \n " . " activeTypes: " . $this -> activeTypes . " \n " );
2007-12-30 12:32:48 +00:00
if ( ! in_array ( " accessLevel " , $saved )) array_push ( $file_array , " \n \n # Access level for this profile. \n " . " accessLevel: " . $this -> accessLevel . " \n " );
2009-03-07 16:22:30 +00:00
if ( ! in_array ( " loginMethod " , $saved )) array_push ( $file_array , " \n \n # Login method. \n " . " loginMethod: " . $this -> loginMethod . " \n " );
if ( ! in_array ( " loginSearchSuffix " , $saved )) array_push ( $file_array , " \n \n # Search suffix for LAM login. \n " . " loginSearchSuffix: " . $this -> loginSearchSuffix . " \n " );
if ( ! in_array ( " loginSearchFilter " , $saved )) array_push ( $file_array , " \n \n # Search filter for LAM login. \n " . " loginSearchFilter: " . $this -> loginSearchFilter . " \n " );
2011-12-03 19:02:28 +00:00
if ( ! in_array ( " loginSearchDN " , $saved )) array_push ( $file_array , " \n \n # Bind DN for login search. \n " . " loginSearchDN: " . $this -> loginSearchDN . " \n " );
if ( ! in_array ( " loginSearchPassword " , $saved )) array_push ( $file_array , " \n \n # Bind password for login search. \n " . " loginSearchPassword: " . $this -> loginSearchPassword . " \n " );
2011-08-23 19:05:05 +00:00
if ( ! in_array ( " httpAuthentication " , $saved )) array_push ( $file_array , " \n \n # HTTP authentication for LAM login. \n " . " httpAuthentication: " . $this -> httpAuthentication . " \n " );
2010-08-29 16:02:51 +00:00
if ( ! in_array ( " lamProMailFrom " , $saved )) array_push ( $file_array , " \n \n # Password mail from \n " . " lamProMailFrom: " . $this -> lamProMailFrom . " \n " );
2011-08-15 12:33:04 +00:00
if ( ! in_array ( " lamProMailReplyTo " , $saved )) array_push ( $file_array , " \n \n # Password mail reply-to \n " . " lamProMailReplyTo: " . $this -> lamProMailReplyTo . " \n " );
2010-08-29 16:02:51 +00:00
if ( ! in_array ( " lamProMailSubject " , $saved )) array_push ( $file_array , " \n \n # Password mail subject \n " . " lamProMailSubject: " . $this -> lamProMailSubject . " \n " );
2011-05-22 15:02:14 +00:00
if ( ! in_array ( " lamProMailIsHTML " , $saved )) array_push ( $file_array , " \n \n # Password mail is HTML \n " . " lamProMailIsHTML: " . $this -> lamProMailIsHTML . " \n " );
2014-02-10 19:16:37 +00:00
if ( ! in_array ( " lamProMailAllowAlternateAddress " , $saved )) array_push ( $file_array , " \n \n # Allow alternate address \n " . " lamProMailAllowAlternateAddress: " . $this -> lamProMailAllowAlternateAddress . " \n " );
2010-08-29 16:02:51 +00:00
if ( ! in_array ( " lamProMailText " , $saved )) array_push ( $file_array , " \n \n # Password mail text \n " . " lamProMailText: " . $this -> lamProMailText . " \n " );
2015-06-12 18:28:25 +00:00
if ( ! in_array ( " jobsBindPassword " , $saved )) array_push ( $file_array , " \n " . " jobsBindPassword: " . $this -> jobsBindPassword . " \n " );
if ( ! in_array ( " jobsBindUser " , $saved )) array_push ( $file_array , " \n " . " jobsBindUser: " . $this -> jobsBindUser . " \n " );
if ( ! in_array ( " jobsDatabase " , $saved )) array_push ( $file_array , " \n " . " jobsDatabase: " . $this -> jobsDatabase . " \n " );
2015-07-26 07:59:24 +00:00
if ( ! in_array ( " jobsDBHost " , $saved )) array_push ( $file_array , " \n " . " jobsDBHost: " . $this -> jobsDBHost . " \n " );
if ( ! in_array ( " jobsDBPort " , $saved )) array_push ( $file_array , " \n " . " jobsDBPort: " . $this -> jobsDBPort . " \n " );
if ( ! in_array ( " jobsDBUser " , $saved )) array_push ( $file_array , " \n " . " jobsDBUser: " . $this -> jobsDBUser . " \n " );
if ( ! in_array ( " jobsDBPassword " , $saved )) array_push ( $file_array , " \n " . " jobsDBPassword: " . $this -> jobsDBPassword . " \n " );
if ( ! in_array ( " jobsDBName " , $saved )) array_push ( $file_array , " \n " . " jobsDBName: " . $this -> jobsDBName . " \n " );
2015-06-16 18:59:56 +00:00
if ( ! in_array ( " jobToken " , $saved )) array_push ( $file_array , " \n " . " jobToken: " . $this -> getJobToken () . " \n " );
2016-02-26 19:49:57 +00:00
if ( ! in_array ( " pwdResetAllowSpecificPassword " , $saved )) array_push ( $file_array , " \n " . " pwdResetAllowSpecificPassword: " . $this -> pwdResetAllowSpecificPassword . " \n " );
if ( ! in_array ( " pwdResetAllowScreenPassword " , $saved )) array_push ( $file_array , " \n " . " pwdResetAllowScreenPassword: " . $this -> pwdResetAllowScreenPassword . " \n " );
if ( ! in_array ( " pwdResetForcePasswordChange " , $saved )) array_push ( $file_array , " \n " . " pwdResetForcePasswordChange: " . $this -> pwdResetForcePasswordChange . " \n " );
if ( ! in_array ( " pwdResetDefaultPasswordOutput " , $saved )) array_push ( $file_array , " \n " . " pwdResetDefaultPasswordOutput: " . $this -> pwdResetDefaultPasswordOutput . " \n " );
2019-08-11 07:39:47 +00:00
if ( ! in_array ( " twoFactorAuthentication " , $saved )) {
array_push ( $file_array , " \n " . " twoFactorAuthentication: " . $this -> twoFactorAuthentication . " \n " );
}
if ( ! in_array ( " twoFactorAuthenticationURL " , $saved )) {
array_push ( $file_array , " \n " . " twoFactorAuthenticationURL: " . $this -> twoFactorAuthenticationURL . " \n " );
}
if ( ! in_array ( " twoFactorAuthenticationClientId " , $saved )) {
array_push ( $file_array , " \n " . " twoFactorAuthenticationClientId: " . $this -> twoFactorAuthenticationClientId . " \n " );
}
if ( ! in_array ( " twoFactorAuthenticationSecretKey " , $saved )) {
array_push ( $file_array , " \n " . " twoFactorAuthenticationSecretKey: " . $this -> twoFactorAuthenticationSecretKey . " \n " );
}
if ( ! in_array ( " twoFactorAuthenticationInsecure " , $saved )) {
array_push ( $file_array , " \n " . " twoFactorAuthenticationInsecure: " . $this -> twoFactorAuthenticationInsecure . " \n " );
}
if ( ! in_array ( " twoFactorAuthenticationLabel " , $saved )) {
array_push ( $file_array , " \n " . " twoFactorAuthenticationLabel: " . $this -> twoFactorAuthenticationLabel . " \n " );
}
if ( ! in_array ( " twoFactorAuthenticationOptional " , $saved )) {
array_push ( $file_array , " \n " . " twoFactorAuthenticationOptional: " . $this -> twoFactorAuthenticationOptional . " \n " );
}
if ( ! in_array ( " twoFactorAuthenticationCaption " , $saved )) {
array_push ( $file_array , " \n " . " twoFactorAuthenticationCaption: " . $this -> twoFactorAuthenticationCaption . " \n " );
}
if ( ! in_array ( " twoFactorAuthenticationAttribute " , $saved )) {
array_push ( $file_array , " \n " . " twoFactorAuthenticationAttribute: " . $this -> twoFactorAuthenticationAttribute . " \n " );
}
2004-07-18 10:18:25 +00:00
// check if all module settings were added
$m_settings = array_keys ( $this -> moduleSettings );
for ( $i = 0 ; $i < sizeof ( $m_settings ); $i ++ ) {
if ( ! in_array ( $m_settings [ $i ], $mod_saved )) {
2010-08-29 16:02:51 +00:00
array_push ( $file_array , " modules: " . $m_settings [ $i ] . " : " . implode ( LAMConfig :: LINE_SEPARATOR , $this -> moduleSettings [ $m_settings [ $i ]]) . " \n " );
2004-07-18 10:18:25 +00:00
}
}
2006-01-01 16:30:05 +00:00
// check if all type settings were added
$t_settings = array_keys ( $this -> typeSettings );
for ( $i = 0 ; $i < sizeof ( $t_settings ); $i ++ ) {
if ( ! in_array ( $t_settings [ $i ], $mod_saved )) {
array_push ( $file_array , " types: " . $t_settings [ $i ] . " : " . $this -> typeSettings [ $t_settings [ $i ]] . " \n " );
}
}
2012-05-26 20:05:56 +00:00
// check if all tool settings were added
$tool_settings = array_keys ( $this -> toolSettings );
for ( $i = 0 ; $i < sizeof ( $tool_settings ); $i ++ ) {
if ( ! in_array ( $tool_settings [ $i ], $mod_saved )) {
array_push ( $file_array , " tools: " . $tool_settings [ $i ] . " : " . $this -> toolSettings [ $tool_settings [ $i ]] . " \n " );
}
}
2015-06-16 18:59:56 +00:00
// check if all job settings were added
$jobSettings = array_keys ( $this -> jobSettings );
for ( $i = 0 ; $i < sizeof ( $jobSettings ); $i ++ ) {
if ( ! in_array ( $jobSettings [ $i ], $mod_saved )) {
array_push ( $file_array , " jobs: " . $jobSettings [ $i ] . " : " . implode ( LAMConfig :: LINE_SEPARATOR , $this -> jobSettings [ $jobSettings [ $i ]]) . " \n " );
}
}
2009-11-06 19:15:56 +00:00
$file = @ fopen ( $conffile , " w " );
2013-08-10 12:43:01 +00:00
$saveResult = LAMConfig :: SAVE_OK ;
2003-08-18 15:21:27 +00:00
if ( $file ) {
2017-07-03 18:23:49 +00:00
foreach ( $file_array as $line ) {
fputs ( $file , $line );
}
2003-08-18 15:21:27 +00:00
fclose ( $file );
2013-08-10 12:43:01 +00:00
@ chmod ( $conffile , 0600 );
2003-08-18 15:21:27 +00:00
}
else {
2013-08-10 12:43:01 +00:00
$saveResult = LAMConfig :: SAVE_FAIL ;
2003-08-18 15:21:27 +00:00
}
2013-08-10 12:43:01 +00:00
return $saveResult ;
2003-06-24 15:50:38 +00:00
}
2019-01-04 18:00:05 +00:00
return LAMConfig :: SAVE_FAIL ;
2003-06-24 15:50:38 +00:00
}
2015-07-26 07:59:24 +00:00
2007-12-29 18:59:09 +00:00
/**
* Returns the name of the config file
*
* @ return String name
*/
public function getName () {
return $this -> file ;
}
2015-07-26 07:59:24 +00:00
2007-10-26 17:51:56 +00:00
/**
* Returns if the file can be written on the filesystem .
*
* @ return boolean true if file is writable
*/
public function isWritable () {
return is_writeable ( $this -> getPath ());
}
2015-07-26 07:59:24 +00:00
2007-10-26 17:51:56 +00:00
/**
* Returns the path to the config file .
*
* @ return string path on filesystem
*/
2010-05-28 13:45:34 +00:00
public function getPath () {
2007-10-26 17:51:56 +00:00
return substr ( __FILE__ , 0 , strlen ( __FILE__ ) - 15 ) . " /config/ " . $this -> file . " .conf " ;
}
2003-03-30 19:51:47 +00:00
2003-08-18 15:21:27 +00:00
// functions to read/write preferences
2003-05-09 16:22:46 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Returns the server address as string
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ return string server address
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function get_ServerURL () {
2003-08-18 15:21:27 +00:00
return $this -> ServerURL ;
}
2003-04-18 15:50:01 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Sets the server address
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ param string $value new server address
* @ return boolean true if $value has correct format
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function set_ServerURL ( $value ) {
2003-07-30 21:23:48 +00:00
if ( is_string ( $value )) $this -> ServerURL = $value ;
else return false ;
return true ;
}
2015-07-26 07:59:24 +00:00
2016-01-03 10:56:57 +00:00
/**
* Returns the server display name . Defaults to server URL if empty display name .
*
* @ return string server display name
*/
public function getServerDisplayNameGUI () {
if ( empty ( $this -> serverDisplayName )) {
return $this -> ServerURL ;
}
return $this -> serverDisplayName ;
}
/**
* Returns the server display name .
*
* @ return string server display name
*/
public function getServerDisplayName () {
return $this -> serverDisplayName ;
}
/**
* Sets the server display name
*
* @ param string $value new server display name
* @ return boolean true if $value has correct format
*/
public function setServerDisplayName ( $value ) {
if ( is_string ( $value )) $this -> serverDisplayName = $value ;
else return false ;
return true ;
}
2009-05-03 17:31:39 +00:00
/**
* Returns if TLS is activated .
2015-07-26 07:59:24 +00:00
*
2009-05-03 17:31:39 +00:00
* @ return String yes or no
*/
public function getUseTLS () {
return $this -> useTLS ;
}
2015-07-26 07:59:24 +00:00
2009-05-03 17:31:39 +00:00
/**
* Sets if TLS is activated .
2015-07-26 07:59:24 +00:00
*
2014-01-12 10:18:35 +00:00
* @ param String $useTLS yes or no
2009-05-03 17:31:39 +00:00
* @ return boolean true if $useTLS has correct format
*/
public function setUseTLS ( $useTLS ) {
if (( $useTLS == " yes " ) || ( $useTLS == " no " )) {
$this -> useTLS = $useTLS ;
return true ;
}
return false ;
}
2014-01-12 10:18:35 +00:00
/**
* Returns if referrals should be followed .
2015-07-26 07:59:24 +00:00
*
2014-01-12 10:18:35 +00:00
* @ return String true or false
*/
public function getFollowReferrals () {
return $this -> followReferrals ;
}
2015-07-26 07:59:24 +00:00
2014-01-12 10:18:35 +00:00
/**
* Sets if referrals should be followed .
2015-07-26 07:59:24 +00:00
*
2014-01-12 10:18:35 +00:00
* @ param String $followReferrals true or false
*/
public function setFollowReferrals ( $followReferrals ) {
$this -> followReferrals = $followReferrals ;
}
2003-05-09 16:22:46 +00:00
2014-11-29 17:40:39 +00:00
/**
* Returns if paged results should be used .
2015-07-26 07:59:24 +00:00
*
2014-11-29 17:40:39 +00:00
* @ return String true or false
*/
public function getPagedResults () {
return $this -> pagedResults ;
}
2015-07-26 07:59:24 +00:00
2014-11-29 17:40:39 +00:00
/**
* Sets if paged results should be used .
2015-07-26 07:59:24 +00:00
*
2014-11-29 17:40:39 +00:00
* @ param String $pagedResults true or false
*/
public function setPagedResults ( $pagedResults ) {
$this -> pagedResults = $pagedResults ;
}
2017-12-31 11:37:50 +00:00
/**
* Returns if referential integrity overlay is in place .
*
* @ return String true or false
*/
public function getReferentialIntegrityOverlay () {
return $this -> referentialIntegrityOverlay ;
}
/**
* Sets if referential integrity overlay is in place .
*
* @ param String $referentialIntegrityOverlay true or false
*/
public function setReferentialIntegrityOverlay ( $referentialIntegrityOverlay ) {
$this -> referentialIntegrityOverlay = $referentialIntegrityOverlay ;
}
/**
* Returns if referential integrity overlay is in place .
*
* @ return bool overlay in place
*/
public function isReferentialIntegrityOverlayActive () {
return $this -> referentialIntegrityOverlay === 'true' ;
}
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Returns an array of string with all admin names
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ return array the admin names
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function get_Admins () {
2003-09-21 20:10:52 +00:00
return explode ( " ; " , $this -> Admins );
2003-05-06 23:52:00 +00:00
}
2003-05-14 13:45:52 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Returns all admin users seperated by semicolons
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ return string the admin string
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function get_Adminstring () {
2003-09-21 20:10:52 +00:00
return $this -> Admins ;
2003-07-30 21:23:48 +00:00
}
2003-05-14 13:45:52 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Sets the admin string
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ param string $value new admin string that contains all admin users seperated by semicolons
* @ return boolean true if $value has correct format
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function set_Adminstring ( $value ) {
2003-07-30 21:23:48 +00:00
if ( is_string ( $value ) &&
2009-08-13 18:57:26 +00:00
preg_match ( " /^[^;]+(;[^;]+)* $ / " , $value )) {
2003-09-21 20:10:52 +00:00
$this -> Admins = $value ;
2003-07-30 21:23:48 +00:00
}
else return false ;
return true ;
}
2003-05-14 13:45:52 +00:00
2004-05-30 12:16:01 +00:00
/**
2007-11-08 19:19:50 +00:00
* Checks if the given password matches .
*
* @ param String $password
* @ return boolean true , if matches
*/
public function check_Passwd ( $password ) {
if ( substr ( $this -> Passwd , 0 , 6 ) == " { SSHA} " ) {
// check hashed password
$value = substr ( $this -> Passwd , 6 );
$parts = explode ( " " , $value );
$salt = base64_decode ( $parts [ 1 ]);
return ( $this -> hashPassword ( $password , $salt ) === $this -> Passwd );
}
else {
// old nonhashed password
return ( $password === $this -> Passwd );
}
2003-07-30 21:23:48 +00:00
}
2003-05-14 13:45:52 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Sets the preferences wizard password
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ param string $value new password
* @ return boolean true if $value has correct format
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function set_Passwd ( $value ) {
2007-11-08 19:19:50 +00:00
if ( is_string ( $value )) {
2013-07-21 11:34:31 +00:00
$rand = getRandomNumber ();
2007-11-08 19:19:50 +00:00
$salt0 = substr ( pack ( " h* " , md5 ( $rand )), 0 , 8 );
$salt = substr ( pack ( " H* " , sha1 ( $salt0 . $value )), 0 , 4 );
$this -> Passwd = $this -> hashPassword ( $value , $salt );
return true ;
}
else {
2015-07-26 07:59:24 +00:00
return false ;
2007-11-08 19:19:50 +00:00
}
}
/**
* Returns the hashed password .
*
* @ param String $password password
* @ param String $salt salt
* @ return String hash value
*/
private function hashPassword ( $password , $salt ) {
2017-10-10 16:55:43 +00:00
return " { SSHA} " . base64_encode ( hex2bin ( sha1 ( $password . $salt ))) . " " . base64_encode ( $salt );
2003-07-30 21:23:48 +00:00
}
2003-05-14 13:45:52 +00:00
2005-02-27 12:40:06 +00:00
/**
* Returns the LDAP suffix for the given account type
*
2017-03-21 17:47:05 +00:00
* @ param string $typeId account type
2005-02-27 12:40:06 +00:00
* @ return string the LDAP suffix
*/
2017-03-21 17:47:05 +00:00
public function get_Suffix ( $typeId ) {
if ( $typeId == " tree " ) {
2006-01-01 16:30:05 +00:00
return $this -> treesuffix ;
}
else {
2017-03-21 17:47:05 +00:00
return $this -> typeSettings [ 'suffix_' . $typeId ];
2005-02-27 12:40:06 +00:00
}
}
/**
* Sets the LDAP suffix where accounts are saved
*
* @ param string $scope account type
* @ param string $value new LDAP suffix
* @ return boolean true if $value has correct format
*/
2007-10-26 17:51:56 +00:00
public function set_Suffix ( $scope , $value ) {
2005-02-27 12:40:06 +00:00
if ( ! $value ) $value = " " ;
elseif ( ! is_string ( $value )) {
return false ;
}
2006-01-01 16:30:05 +00:00
if ( $scope == " tree " ) {
$this -> treesuffix = $value ;
}
else {
$this -> typeSettings [ 'suffix_' . $scope ] = $value ;
2005-02-27 12:40:06 +00:00
}
return true ;
}
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Returns the list of attributes to show in user list
2004-05-30 12:16:01 +00:00
*
2005-04-14 17:42:15 +00:00
* @ param string $scope account type
2004-09-26 08:46:56 +00:00
* @ return string the attribute list
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function get_listAttributes ( $scope ) {
2006-01-01 16:30:05 +00:00
return $this -> typeSettings [ 'attr_' . $scope ];
2003-05-14 13:45:52 +00:00
}
2003-03-30 19:51:47 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Sets the list of attributes to show in user list
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ param string $value new attribute string
2005-04-14 17:42:15 +00:00
* @ param string $scope account type
2004-09-26 08:46:56 +00:00
* @ return boolean true if $value has correct format
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function set_listAttributes ( $value , $scope ) {
2009-08-13 18:57:26 +00:00
if ( is_string ( $value ) && preg_match ( " /^((#[^:;]+)|([^:;]*:[^:;]+))(;((#[^:;]+)|([^:;]*:[^:;]+)))* $ / " , $value )) {
2006-01-01 16:30:05 +00:00
$this -> typeSettings [ 'attr_' . $scope ] = $value ;
2005-04-14 17:42:15 +00:00
return true ;
}
else {
return false ;
2003-07-30 21:23:48 +00:00
}
2003-05-14 13:45:52 +00:00
}
2003-03-30 19:51:47 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Returns the default language string
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ return string default language
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function get_defaultLanguage () {
2003-07-30 21:23:48 +00:00
return $this -> defaultLanguage ;
}
2003-05-12 17:52:54 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Sets the default language string
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ param string $value new default language
* @ return boolean true if $value has correct format
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function set_defaultLanguage ( $value ) {
2003-07-30 21:23:48 +00:00
if ( is_string ( $value )) $this -> defaultLanguage = $value ;
else return false ;
return true ;
}
2003-05-12 17:52:54 +00:00
2015-06-08 18:33:38 +00:00
/**
* Returns the time zone name .
*
* @ return string time zone
*/
public function getTimeZone () {
return ( $this -> timeZone == null ) ? 'Europe/London' : $this -> timeZone ;
}
/**
* Sets the time zone name .
*
* @ param string $value new time zone
* @ return boolean true if $value has correct format
*/
public function setTimeZone ( $value ) {
if ( is_string ( $value )) {
$this -> timeZone = $value ;
return true ;
}
return false ;
}
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Returns the path to the external script
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ return string script path
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function get_scriptPath () {
2003-07-30 21:23:48 +00:00
return $this -> scriptPath ;
}
2003-05-12 17:52:54 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Sets the path to the external script
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ param string $value new script path
* @ return boolean true if $value has correct format
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function set_scriptPath ( $value ) {
2003-07-30 21:23:48 +00:00
if ( ! $value ) $this -> scriptPath = " " ; // optional parameter
2009-08-13 18:57:26 +00:00
elseif ( is_string ( $value ) && preg_match ( " /^ \\ /([a-z0-9_-])+( \\ /([a-z0-9_ \\ .-])+)+ $ /i " , $value )) $this -> scriptPath = $value ;
2003-07-30 21:23:48 +00:00
else return false ;
return true ;
}
2015-07-26 07:59:24 +00:00
2004-05-30 12:16:01 +00:00
/**
2007-02-22 17:16:14 +00:00
* Returns the servers of the external script as a Array
2004-05-30 12:16:01 +00:00
*
2007-02-22 17:16:14 +00:00
* @ return string script servers
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function get_scriptServers () {
2007-02-25 14:15:08 +00:00
return $this -> scriptServer ;
2003-05-14 13:45:52 +00:00
}
2015-07-26 07:59:24 +00:00
2004-05-30 12:16:01 +00:00
/**
2007-02-22 17:16:14 +00:00
* Sets the servers of the external script
2004-05-30 12:16:01 +00:00
*
2007-02-22 17:16:14 +00:00
* @ param string $value new script servers
2004-09-26 08:46:56 +00:00
* @ return boolean true if $value has correct format
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function set_scriptServers ( $value ) {
2007-02-22 17:16:14 +00:00
if ( ! $value ) {
2007-02-25 14:15:08 +00:00
$this -> scriptServer = " " ; // optional parameter
2007-02-22 17:16:14 +00:00
return true ;
}
// Explode the value to an array
$array_string = explode ( " ; " , $value );
if ( count ( $array_string ) > 0 ) {
// Check all IPs in the exploded Array
$valid_ips = array ();
foreach ( $array_string as $arr_value ) {
// Explode name and IP, if a name exists
2009-08-13 18:57:26 +00:00
if ( preg_match ( " /:/ " , $arr_value )) {
2007-02-22 17:16:14 +00:00
$arr_value_explode = explode ( " : " , $arr_value );
$ip = $arr_value_explode [ 1 ];
$servername = $arr_value_explode [ 0 ];
}
else {
$ip = $arr_value ;
$servername = " " ;
}
2010-10-17 13:36:24 +00:00
if ( isset ( $ip ) && is_string ( $ip ) && preg_match ( " /^[a-z0-9-]+( \\ .[a-z0-9-]+)*(,[0-9]+)? $ /i " , $ip )) {
2007-02-22 17:16:14 +00:00
// Check if the IP has a server name
if ( ! empty ( $servername )) {
$valid_ips [] = $servername . " : " . $ip ;
}
else {
$valid_ips [] = $ip ;
}
}
2010-10-17 13:36:24 +00:00
else {
// wrong format
return false ;
}
2007-02-22 17:16:14 +00:00
}
// Check that the array is not empty
if ( $array_string > 0 ) {
2007-02-25 14:15:08 +00:00
$this -> scriptServer = implode ( " ; " , $valid_ips );
2007-02-22 17:16:14 +00:00
return true ;
}
else {
// The array is empty, there was no valid IP
return false ;
}
}
else {
return false ;
}
}
2015-07-26 07:59:24 +00:00
2007-02-22 17:16:14 +00:00
/**
* Returns the chmod value for new home directories .
2015-07-26 07:59:24 +00:00
*
2007-02-22 17:16:14 +00:00
* @ return string rights
*/
2007-10-26 17:51:56 +00:00
public function get_scriptRights () {
2007-02-22 17:16:14 +00:00
if ( ! isset ( $this -> scriptRights )) return '755' ;
return $this -> scriptRights ;
}
/**
* Sets the rights for the home directory .
*
* @ param string $chmod the rights
* @ return boolean true if values has correct format
*/
2007-10-26 17:51:56 +00:00
public function set_scriptRights ( $chmod ) {
2007-02-22 17:16:14 +00:00
// check if the chmod is correct:
if ( $chmod > 0 && $chmod <= 777 ) {
$this -> scriptRights = $chmod ;
return true ;
}
else {
return false ;
2003-07-30 21:23:48 +00:00
}
}
2003-05-28 15:37:48 +00:00
2016-08-08 20:01:36 +00:00
/**
* Returns the path to lamdamon SSH key .
*
* @ return string key path
*/
public function getScriptSSHKey () {
return $this -> scriptSSHKey ;
}
/**
* Sets the path to lamdamon SSH key .
*
* @ param string $value key path
*/
public function setScriptSSHKey ( $value ) {
$this -> scriptSSHKey = $value ;
}
/**
* Returns the password for the lamdamon SSH key .
*
* @ return string password
*/
public function getScriptSSHKeyPassword () {
2018-05-16 17:23:26 +00:00
return deobfuscateText ( $this -> scriptSSHKeyPassword );
2016-08-08 20:01:36 +00:00
}
/**
* Sets the password for the lamdamon SSH key .
*
* @ param string $value password
*/
public function setScriptSSHKeyPassword ( $value ) {
2018-05-16 17:23:26 +00:00
$this -> scriptSSHKeyPassword = obfuscateText ( $value );
2016-08-08 20:01:36 +00:00
}
/**
* Returns the lamdaemon user name .
*
* @ return string user name
*/
public function getScriptUserName () {
return $this -> scriptUserName ;
}
/**
* Sets the lamdaemon user name .
*
* @ param string $value user name
*/
public function setScriptUserName ( $value ) {
$this -> scriptUserName = $value ;
}
2004-05-31 14:04:00 +00:00
/**
* Returns the LDAP cache timeout in minutes
*
2004-09-26 08:46:56 +00:00
* @ return integer cache time
2004-05-31 14:04:00 +00:00
*/
2007-10-26 17:51:56 +00:00
public function get_cacheTimeout () {
2003-10-11 12:17:28 +00:00
if ( isset ( $this -> cachetimeout )) return $this -> cachetimeout ;
2003-10-04 12:34:19 +00:00
else return 5 ;
2003-08-18 15:21:27 +00:00
}
2004-05-31 14:04:00 +00:00
/**
* Returns the LDAP cache timeout in seconds
*
2004-09-26 08:46:56 +00:00
* @ return integer cache time
2004-05-31 14:04:00 +00:00
*/
2007-10-26 17:51:56 +00:00
public function get_cacheTimeoutSec () {
2003-09-19 19:29:02 +00:00
return $this -> cachetimeout * 60 ;
2003-08-18 16:38:41 +00:00
}
2004-05-31 14:04:00 +00:00
/**
* Sets the LDAP cache timeout in minutes ( 0 , 1 , 2 , 5 , 10 , 15 )
*
2004-09-26 08:46:56 +00:00
* @ param integer $value new cache timeout
* @ return boolean true if $value has correct format
2004-05-31 14:04:00 +00:00
*/
2007-10-26 17:51:56 +00:00
public function set_cacheTimeout ( $value ) {
2003-08-18 15:21:27 +00:00
if ( is_numeric ( $value ) && ( $value > - 1 )) {
2003-09-19 19:29:02 +00:00
$this -> cachetimeout = $value ;
2003-08-18 15:21:27 +00:00
}
else return false ;
return true ;
}
2003-03-30 19:51:47 +00:00
2010-02-06 18:30:21 +00:00
/**
* Returns the LDAP search limit .
*
* @ return integer search limit
*/
public function get_searchLimit () {
return $this -> searchLimit ;
}
/**
* Sets the LDAP search limit .
*
* @ param integer $value new search limit
* @ return boolean true if $value has correct format
*/
public function set_searchLimit ( $value ) {
if ( is_numeric ( $value ) && ( $value > - 1 )) {
$this -> searchLimit = $value ;
}
else return false ;
return true ;
}
2004-05-31 14:04:00 +00:00
/**
2004-10-17 09:36:36 +00:00
* Returns an array of all selected account modules
2004-05-31 14:04:00 +00:00
*
2004-10-17 09:36:36 +00:00
* @ param string $scope account type
2004-09-26 08:46:56 +00:00
* @ return array user modules
2004-05-31 14:04:00 +00:00
*/
2007-10-26 17:51:56 +00:00
public function get_AccountModules ( $scope ) {
2006-01-01 16:30:05 +00:00
if ( isset ( $this -> typeSettings [ " modules_ " . $scope ])) {
2013-02-12 19:40:21 +00:00
$modulesTmp = explode ( " , " , $this -> typeSettings [ " modules_ " . $scope ]);
$modules = array ();
foreach ( $modulesTmp as $mod ) {
if ( trim ( $mod ) != '' ) {
$modules [] = $mod ;
}
2015-07-26 07:59:24 +00:00
}
2013-02-12 19:40:21 +00:00
return $modules ;
2006-01-01 16:30:05 +00:00
}
else {
return array ();
2004-02-01 12:33:21 +00:00
}
2004-01-30 17:06:28 +00:00
}
2004-05-31 14:04:00 +00:00
/**
2004-10-17 09:36:36 +00:00
* Sets the selected account modules
2004-05-31 14:04:00 +00:00
*
2004-09-26 08:46:56 +00:00
* @ param array $modules array with module names ( not aliases ! )
2004-10-17 09:36:36 +00:00
* @ param string $scope account type
2004-09-26 08:46:56 +00:00
* @ return boolean true if $modules has correct format
2004-05-31 14:04:00 +00:00
*/
2007-10-26 17:51:56 +00:00
public function set_AccountModules ( $modules , $scope ) {
2004-01-30 17:06:28 +00:00
if ( ! is_array ( $modules )) return false ;
// check module names
2004-10-17 09:36:36 +00:00
$available = getAvailableModules ( $scope );
2004-02-01 12:33:21 +00:00
for ( $i = 0 ; $i < sizeof ( $modules ); $i ++ ) {
if ( ! in_array ( $modules [ $i ], $available )) return false ;
}
2004-10-02 17:16:39 +00:00
// check depends/conflicts
2004-10-17 09:36:36 +00:00
if ( check_module_conflicts ( $modules , getModulesDependencies ( $scope )) != false ) return false ;
if ( check_module_depends ( $modules , getModulesDependencies ( $scope )) != false ) return false ;
2006-01-01 16:30:05 +00:00
$this -> typeSettings [ " modules_ " . $scope ] = implode ( " , " , $modules );
2004-02-01 12:33:21 +00:00
return true ;
2004-01-30 17:06:28 +00:00
}
2004-07-18 10:18:25 +00:00
/**
* Sets the settings for the account modules .
*
* @ param array $settings list of module setting array ( name => value )
2004-09-26 08:46:56 +00:00
* @ return boolean true if $settings has correct format
2004-07-18 10:18:25 +00:00
*/
2007-10-26 17:51:56 +00:00
public function set_moduleSettings ( $settings ) {
2004-07-18 10:18:25 +00:00
if ( ! is_array ( $settings )) return false ;
$this -> moduleSettings = $settings ;
return true ;
}
/**
* Returns a list of saved module settings
*
* @ return array list of settings : array ( name => value )
*/
2007-10-26 17:51:56 +00:00
public function get_moduleSettings () {
2004-07-18 10:18:25 +00:00
return $this -> moduleSettings ;
}
2006-01-01 16:30:05 +00:00
/**
* Returns a list of active account types .
*
* @ return array list of types
*/
2007-10-26 17:51:56 +00:00
public function get_ActiveTypes () {
2006-02-03 15:36:39 +00:00
if (( $this -> activeTypes == '' ) || ! isset ( $this -> activeTypes )) return array ();
else return explode ( " , " , $this -> activeTypes );
2006-01-01 16:30:05 +00:00
}
2006-09-24 14:19:50 +00:00
2006-01-01 16:30:05 +00:00
/**
* Sets the list of active types .
*
* @ param array list of types
*/
2007-10-26 17:51:56 +00:00
public function set_ActiveTypes ( $types ) {
2006-01-01 16:30:05 +00:00
$this -> activeTypes = implode ( " , " , $types );
}
/**
* Sets the settings for the account types .
*
* @ param array $settings list of type setting array ( name => value )
* @ return boolean true if $settings has correct format
*/
2007-10-26 17:51:56 +00:00
public function set_typeSettings ( $settings ) {
2006-01-01 16:30:05 +00:00
if ( ! is_array ( $settings )) return false ;
$this -> typeSettings = $settings ;
return true ;
}
/**
* Returns a list of saved type settings
*
* @ return array list of settings : array ( name => value )
*/
2007-10-26 17:51:56 +00:00
public function get_typeSettings () {
2006-01-01 16:30:05 +00:00
return $this -> typeSettings ;
}
2012-05-26 20:05:56 +00:00
/**
* Returns the tool settings .
2015-07-26 07:59:24 +00:00
*
2012-05-26 20:05:56 +00:00
* @ return array $toolSettings tool settings
*/
public function getToolSettings () {
return $this -> toolSettings ;
}
/**
* Sets the tool settings .
2015-07-26 07:59:24 +00:00
*
2012-05-26 20:05:56 +00:00
* @ param array $toolSettings tool settings
* @ return boolean true if ok
*/
public function setToolSettings ( $toolSettings ) {
if ( ! is_array ( $toolSettings )) return false ;
$this -> toolSettings = $toolSettings ;
return true ;
}
2007-12-30 12:32:48 +00:00
/**
* Returns the access level for this profile .
*
* @ return int level
*/
public function getAccessLevel () {
return $this -> accessLevel ;
}
2015-07-26 07:59:24 +00:00
2007-12-30 12:32:48 +00:00
/**
* Sets the access level for this profile .
*
* @ param int $level level
*/
public function setAccessLevel ( $level ) {
$this -> accessLevel = $level ;
}
2015-07-26 07:59:24 +00:00
2009-03-07 16:22:30 +00:00
/**
* Returns the login method .
2015-07-26 07:59:24 +00:00
*
2009-03-07 16:22:30 +00:00
* @ return String login method
* @ see LAMconfig :: LOGIN_LIST
* @ see LAMconfig :: LOGIN_SEARCH
*/
public function getLoginMethod () {
return $this -> loginMethod ;
}
2015-07-26 07:59:24 +00:00
2009-03-07 16:22:30 +00:00
/**
* Sets the login method .
2015-07-26 07:59:24 +00:00
*
2009-03-07 16:22:30 +00:00
* @ param String $loginMethod
*/
public function setLoginMethod ( $loginMethod ) {
$this -> loginMethod = $loginMethod ;
}
2015-07-26 07:59:24 +00:00
2009-03-07 16:22:30 +00:00
/**
* Returns the login search filter .
2015-07-26 07:59:24 +00:00
*
2009-03-07 16:22:30 +00:00
* @ return String search filter
*/
public function getLoginSearchFilter () {
return $this -> loginSearchFilter ;
}
2015-07-26 07:59:24 +00:00
2009-03-07 16:22:30 +00:00
/**
* Sets the login search filter .
2015-07-26 07:59:24 +00:00
*
2009-03-07 16:22:30 +00:00
* @ param String $loginSearchFilter search filter
*/
public function setLoginSearchFilter ( $loginSearchFilter ) {
$this -> loginSearchFilter = $loginSearchFilter ;
}
2015-07-26 07:59:24 +00:00
2009-03-07 16:22:30 +00:00
/**
* Returns the login search suffix .
2015-07-26 07:59:24 +00:00
*
2009-03-07 16:22:30 +00:00
* @ return String suffix
*/
public function getLoginSearchSuffix () {
return $this -> loginSearchSuffix ;
}
2015-07-26 07:59:24 +00:00
2009-03-07 16:22:30 +00:00
/**
* Sets the login search suffix .
2015-07-26 07:59:24 +00:00
*
2009-03-07 16:22:30 +00:00
* @ param String $loginSearchSuffix suffix
*/
public function setLoginSearchSuffix ( $loginSearchSuffix ) {
$this -> loginSearchSuffix = $loginSearchSuffix ;
}
2015-07-26 07:59:24 +00:00
2011-12-03 19:02:28 +00:00
/**
* Sets the DN for the login search bind user .
2015-07-26 07:59:24 +00:00
*
2011-12-03 19:02:28 +00:00
* @ param String $loginSearchDN DN
* @ return boolean true if DN is valid
*/
public function setLoginSearchDN ( $loginSearchDN ) {
$this -> loginSearchDN = $loginSearchDN ;
if (( $loginSearchDN == '' ) || get_preg ( $loginSearchDN , 'dn' )) {
return true ;
}
return false ;
}
/**
* Returns the DN for the login search bind user .
2015-07-26 07:59:24 +00:00
*
2011-12-03 19:02:28 +00:00
* @ return String DN
*/
public function getLoginSearchDN () {
return $this -> loginSearchDN ;
}
/**
* Sets the password for the login search bind user .
2015-07-26 07:59:24 +00:00
*
2011-12-03 19:02:28 +00:00
* @ param String $loginSearchPassword password
*/
public function setLoginSearchPassword ( $loginSearchPassword ) {
2018-05-16 17:23:26 +00:00
$this -> loginSearchPassword = obfuscateText ( $loginSearchPassword );
2011-12-03 19:02:28 +00:00
}
/**
* Returns the password for the login search bind user .
2015-07-26 07:59:24 +00:00
*
2011-12-03 19:02:28 +00:00
* @ return String password
*/
public function getLoginSearchPassword () {
2018-05-16 17:23:26 +00:00
return deobfuscateText ( $this -> loginSearchPassword );
2011-12-03 19:02:28 +00:00
}
/**
* Returns if HTTP authentication should be used .
2015-07-26 07:59:24 +00:00
*
2011-12-03 19:02:28 +00:00
* @ return String $httpAuthentication use HTTP authentication ( 'true' or 'false' )
*/
public function getHttpAuthentication () {
return $this -> httpAuthentication ;
}
/**
* Specifies if HTTP authentication should be used .
2015-07-26 07:59:24 +00:00
*
2011-12-03 19:02:28 +00:00
* @ param String $httpAuthentication use HTTP authentication ( 'true' or 'false' )
*/
public function setHttpAuthentication ( $httpAuthentication ) {
$this -> httpAuthentication = $httpAuthentication ;
}
2010-08-29 16:02:51 +00:00
/**
* Returns the sender address for password reset mails .
2015-07-26 07:59:24 +00:00
*
2010-08-29 16:02:51 +00:00
* @ return String mail address
*/
public function getLamProMailFrom () {
return $this -> lamProMailFrom ;
}
2015-07-26 07:59:24 +00:00
2010-08-29 16:02:51 +00:00
/**
* Sets the sender address for password reset mails .
2015-07-26 07:59:24 +00:00
*
2010-08-29 16:02:51 +00:00
* @ param String $lamProMailFrom mail address
* @ return boolean true if address is valid
*/
public function setLamProMailFrom ( $lamProMailFrom ) {
$this -> lamProMailFrom = $lamProMailFrom ;
2011-05-17 16:02:31 +00:00
if (( $lamProMailFrom != '' ) && ! get_preg ( $lamProMailFrom , 'email' ) && ! get_preg ( $lamProMailFrom , 'emailWithName' )) {
2010-08-29 16:02:51 +00:00
return false ;
}
return true ;
}
2015-07-26 07:59:24 +00:00
2011-08-15 12:33:04 +00:00
/**
* Returns the reply - to address for password reset mails .
2015-07-26 07:59:24 +00:00
*
2011-08-15 12:33:04 +00:00
* @ return String mail address
*/
public function getLamProMailReplyTo () {
return $this -> lamProMailReplyTo ;
}
/**
* Sets the reply - to address for password reset mails .
2015-07-26 07:59:24 +00:00
*
2011-08-15 12:33:04 +00:00
* @ param String $lamProMailReplyTo mail address
* @ return boolean true if address is valid
*/
public function setLamProMailReplyTo ( $lamProMailReplyTo ) {
$this -> lamProMailReplyTo = $lamProMailReplyTo ;
if (( $lamProMailReplyTo != '' ) && ! get_preg ( $lamProMailReplyTo , 'email' ) && ! get_preg ( $lamProMailReplyTo , 'emailWithName' )) {
return false ;
}
return true ;
}
2010-08-29 16:02:51 +00:00
/**
* Returns the subject for password reset mails .
2015-07-26 07:59:24 +00:00
*
2010-08-29 16:02:51 +00:00
* @ return String subject
*/
public function getLamProMailSubject () {
return $this -> lamProMailSubject ;
}
2015-07-26 07:59:24 +00:00
2010-08-29 16:02:51 +00:00
/**
* Sets the subject for password reset mails .
2015-07-26 07:59:24 +00:00
*
2010-08-29 16:02:51 +00:00
* @ param String $lamProMailSubject subject
*/
public function setLamProMailSubject ( $lamProMailSubject ) {
$this -> lamProMailSubject = $lamProMailSubject ;
}
2011-05-22 15:02:14 +00:00
/**
* Returns if the password reset mail content should be treated as HTML .
2015-07-26 07:59:24 +00:00
*
2011-05-22 15:02:14 +00:00
* @ return boolean HTML or text
*/
public function getLamProMailIsHTML () {
return $this -> lamProMailIsHTML ;
}
/**
* Sets if the password reset mail content should be treated as HTML .
2015-07-26 07:59:24 +00:00
*
2014-02-10 19:16:37 +00:00
* @ param boolean $lamProMailIsHTML true if HTML
2011-05-22 15:02:14 +00:00
*/
public function setLamProMailIsHTML ( $lamProMailIsHTML ) {
$this -> lamProMailIsHTML = $lamProMailIsHTML ;
}
2015-07-26 07:59:24 +00:00
2014-02-10 19:16:37 +00:00
/**
* Returns if sending to an alternate address is allowed .
2015-07-26 07:59:24 +00:00
*
2014-02-10 19:16:37 +00:00
* @ return boolean alternate address allowed
*/
public function getLamProMailAllowAlternateAddress () {
return $this -> lamProMailAllowAlternateAddress ;
}
/**
* Sets if sending to an alternate address is allowed .
2015-07-26 07:59:24 +00:00
*
2014-02-10 19:16:37 +00:00
* @ param boolean $lamProMailAllowAlternateAddress alternate address allowed
*/
public function setLamProMailAllowAlternateAddress ( $lamProMailAllowAlternateAddress ) {
$this -> lamProMailAllowAlternateAddress = $lamProMailAllowAlternateAddress ;
}
2015-07-26 07:59:24 +00:00
2010-08-29 16:02:51 +00:00
/**
* Returns the mail body for password reset mails .
2015-07-26 07:59:24 +00:00
*
2010-08-29 16:02:51 +00:00
* @ return String body
*/
public function getLamProMailText () {
return implode ( " \r \n " , explode ( LAMConfig :: LINE_SEPARATOR , $this -> lamProMailText ));
}
2015-07-26 07:59:24 +00:00
2010-08-29 16:02:51 +00:00
/**
* Sets the mail body for password reset mails .
2015-07-26 07:59:24 +00:00
*
2010-08-29 16:02:51 +00:00
* @ param String $lamProMailText body
*/
public function setLamProMailText ( $lamProMailText ) {
$this -> lamProMailText = implode ( LAMConfig :: LINE_SEPARATOR , explode ( " \r \n " , $lamProMailText ));
}
2015-07-26 07:59:24 +00:00
2015-06-12 18:28:25 +00:00
/**
* Returns the bind user for jobs .
2015-07-26 07:59:24 +00:00
*
2015-06-12 18:28:25 +00:00
* @ return String $jobsBindUser bind user
*/
public function getJobsBindUser () {
return $this -> jobsBindUser ;
}
/**
* Sets the bind user for jobs .
2015-07-26 07:59:24 +00:00
*
2015-06-12 18:28:25 +00:00
* @ param String $jobsBindUser bind user
*/
public function setJobsBindUser ( $jobsBindUser ) {
$this -> jobsBindUser = $jobsBindUser ;
}
/**
* Returns the bind password for jobs .
2015-07-26 07:59:24 +00:00
*
2015-06-12 18:28:25 +00:00
* @ return String $jobsBindPassword password
*/
public function getJobsBindPassword () {
return $this -> jobsBindPassword ;
}
/**
* Sets the bind password for jobs .
2015-07-26 07:59:24 +00:00
*
2015-06-12 18:28:25 +00:00
* @ param String $jobsBindPassword password
*/
public function setJobsBindPassword ( $jobsBindPassword ) {
$this -> jobsBindPassword = $jobsBindPassword ;
}
/**
* Returns the database type for jobs .
2015-07-26 07:59:24 +00:00
*
2015-06-12 18:28:25 +00:00
* @ return String $jobsDatabase database type
*/
public function getJobsDatabase () {
2015-08-26 16:57:22 +00:00
if ( empty ( $this -> jobsDatabase )) {
return 'SQLite' ;
}
2015-06-12 18:28:25 +00:00
return $this -> jobsDatabase ;
}
/**
* Sets the database type for jobs .
2015-07-26 07:59:24 +00:00
*
2015-06-12 18:28:25 +00:00
* @ param String $jobsDatabase database type
*/
public function setJobsDatabase ( $jobsDatabase ) {
$this -> jobsDatabase = $jobsDatabase ;
}
2015-07-26 07:59:24 +00:00
/**
* Returns the host .
*
* @ return String host
*/
public function getJobsDBHost () {
return $this -> jobsDBHost ;
}
/**
* Sets the host .
*
* @ param String $jobsDBHost host
*/
public function setJobsDBHost ( $jobsDBHost ) {
$this -> jobsDBHost = $jobsDBHost ;
}
/**
* Returns the port .
*
* @ return String port
*/
public function getJobsDBPort () {
return $this -> jobsDBPort ;
}
/**
* Sets the port .
*
* @ param int $jobsDBPort port
*/
public function setJobsDBPort ( $jobsDBPort ) {
$this -> jobsDBPort = $jobsDBPort ;
}
/**
* Returns the DB user .
*
* @ return String user name
*/
public function getJobsDBUser () {
return $this -> jobsDBUser ;
}
/**
* Sets the DB user .
*
* @ param String $jobsDBUser user name
*/
public function setJobsDBUser ( $jobsDBUser ) {
$this -> jobsDBUser = $jobsDBUser ;
}
/**
* Returns the DB password .
*
* @ return String password
*/
public function getJobsDBPassword () {
return $this -> jobsDBPassword ;
}
/**
* Sets the DB password .
*
* @ param String $jobsDBPassword password
*/
public function setJobsDBPassword ( $jobsDBPassword ) {
$this -> jobsDBPassword = $jobsDBPassword ;
}
/**
* Returns the database name .
*
* @ return String DB name
*/
public function getJobsDBName () {
return $this -> jobsDBName ;
}
/**
* Sets the database name
*
* @ param String $jobsDBName DB name
*/
public function setJobsDBName ( $jobsDBName ) {
$this -> jobsDBName = $jobsDBName ;
}
2015-06-16 18:59:56 +00:00
/**
* Sets the settings for the jobs .
*
* @ param array $settings list of job settings array ( name => value )
* @ return boolean true if $settings has correct format
*/
public function setJobSettings ( $settings ) {
if ( ! is_array ( $settings )) {
return false ;
}
$this -> jobSettings = $settings ;
return true ;
}
/**
* Returns a list of saved job settings .
*
* @ return array list of settings : array ( name => value )
*/
public function getJobSettings () {
return $this -> jobSettings ;
}
2015-07-26 07:59:24 +00:00
2015-06-16 18:59:56 +00:00
/**
* Returns the job token .
2015-07-26 07:59:24 +00:00
*
2015-06-16 18:59:56 +00:00
* @ return String job token
*/
public function getJobToken () {
if ( empty ( $this -> jobToken )) {
$this -> jobToken = getRandomNumber ();
}
return $this -> jobToken ;
}
2016-02-26 19:49:57 +00:00
/**
* Returns if setting a specific password is allowed on password reset page .
*
* @ return String 'true' or 'false'
*/
public function getPwdResetAllowSpecificPassword () {
return $this -> pwdResetAllowSpecificPassword ;
}
/**
* Sets if setting a specific password is allowed on password reset page .
*
* @ param String $pwdResetAllowSpecificPassword 'true' or 'false'
*/
public function setPwdResetAllowSpecificPassword ( $pwdResetAllowSpecificPassword ) {
$this -> pwdResetAllowSpecificPassword = $pwdResetAllowSpecificPassword ;
}
/**
* Returns if displaying password on screen is allowed on password reset page .
*
* @ return String 'true' or 'false'
*/
public function getPwdResetAllowScreenPassword () {
return $this -> pwdResetAllowScreenPassword ;
}
/**
* Sets if displaying password on screen is allowed on password reset page .
*
* @ param String $pwdResetAllowScreenPassword 'true' or 'false'
*/
public function setPwdResetAllowScreenPassword ( $pwdResetAllowScreenPassword ) {
$this -> pwdResetAllowScreenPassword = $pwdResetAllowScreenPassword ;
}
/**
* Returns if force password change is set by default on password reset page .
*
* @ return String 'true' or 'false'
*/
public function getPwdResetForcePasswordChange () {
return $this -> pwdResetForcePasswordChange ;
}
/**
* Sets if force password change is set by default on password reset page .
*
* @ param String $pwdResetForcePasswordChange 'true' or 'false'
*/
public function setPwdResetForcePasswordChange ( $pwdResetForcePasswordChange ) {
$this -> pwdResetForcePasswordChange = $pwdResetForcePasswordChange ;
}
/**
* Returns default password output method on password reset page .
*
* @ return integer LAMConfig :: PWDRESET_DEFAULT_SCREEN / PWDRESET_DEFAULT_MAIL / PWDRESET_DEFAULT_BOTH
*/
public function getPwdResetDefaultPasswordOutput () {
return $this -> pwdResetDefaultPasswordOutput ;
}
/**
* Sets default password output method on password reset page .
*
* @ param integer $pwdResetDefaultPasswordOutput LAMConfig :: PWDRESET_DEFAULT_SCREEN / PWDRESET_DEFAULT_MAIL / PWDRESET_DEFAULT_BOTH
*/
public function setPwdResetDefaultPasswordOutput ( $pwdResetDefaultPasswordOutput ) {
$this -> pwdResetDefaultPasswordOutput = $pwdResetDefaultPasswordOutput ;
}
2017-02-11 17:16:08 +00:00
/**
* Returns the authentication type .
*
* @ return string $twoFactorAuthentication authentication type
*/
public function getTwoFactorAuthentication () {
2017-02-11 18:39:05 +00:00
if ( empty ( $this -> twoFactorAuthentication )) {
return TwoFactorProviderService :: TWO_FACTOR_NONE ;
}
2017-02-11 17:16:08 +00:00
return $this -> twoFactorAuthentication ;
}
/**
* Sets the authentication type .
*
* @ param string $twoFactorAuthentication authentication type
*/
public function setTwoFactorAuthentication ( $twoFactorAuthentication ) {
$this -> twoFactorAuthentication = $twoFactorAuthentication ;
}
/**
* Returns the authentication URL .
*
2018-12-31 09:51:44 +00:00
* @ return string authentication URL
2017-02-11 17:16:08 +00:00
*/
public function getTwoFactorAuthenticationURL () {
return $this -> twoFactorAuthenticationURL ;
}
/**
* Sets the authentication URL .
*
* @ param string $twoFactorAuthenticationURL authentication URL
*/
public function setTwoFactorAuthenticationURL ( $twoFactorAuthenticationURL ) {
$this -> twoFactorAuthenticationURL = $twoFactorAuthenticationURL ;
}
2018-12-31 09:51:44 +00:00
/**
* Sets the client id .
*
* @ param string $clientId client id
*/
public function setTwoFactorAuthenticationClientId ( $clientId ) {
$this -> twoFactorAuthenticationClientId = $clientId ;
}
/**
* Returns the client id .
*
* @ return string client id
*/
public function getTwoFactorAuthenticationClientId () {
return $this -> twoFactorAuthenticationClientId ;
}
/**
* Sets the secret key .
*
* @ param string $secretKey secret key
*/
public function setTwoFactorAuthenticationSecretKey ( $secretKey ) {
$this -> twoFactorAuthenticationSecretKey = $secretKey ;
}
/**
* Returns the secret key .
*
* @ return string secret key
*/
public function getTwoFactorAuthenticationSecretKey () {
return $this -> twoFactorAuthenticationSecretKey ;
}
2017-02-11 17:16:08 +00:00
/**
* Returns if SSL certificate verification is turned off .
*
2018-12-31 09:51:44 +00:00
* @ return bool SSL certificate verification is turned off
2017-02-11 17:16:08 +00:00
*/
public function getTwoFactorAuthenticationInsecure () {
return $this -> twoFactorAuthenticationInsecure ;
}
/**
* Sets if SSL certificate verification is turned off .
*
* @ param boolean $twoFactorAuthenticationInsecure SSL certificate verification is turned off
*/
public function setTwoFactorAuthenticationInsecure ( $twoFactorAuthenticationInsecure ) {
$this -> twoFactorAuthenticationInsecure = $twoFactorAuthenticationInsecure ;
}
/**
* Returns the authentication label .
*
2018-12-31 09:51:44 +00:00
* @ return string authentication label
2017-02-11 17:16:08 +00:00
*/
public function getTwoFactorAuthenticationLabel () {
return $this -> twoFactorAuthenticationLabel ;
}
/**
* Sets the authentication label .
*
* @ param string $twoFactorAuthenticationLabel authentication label
*/
public function setTwoFactorAuthenticationLabel ( $twoFactorAuthenticationLabel ) {
$this -> twoFactorAuthenticationLabel = $twoFactorAuthenticationLabel ;
}
/**
* Returns if 2 nd factor is optional .
*
2018-12-31 09:51:44 +00:00
* @ return bool 2 nd factor is optional
2017-02-11 17:16:08 +00:00
*/
public function getTwoFactorAuthenticationOptional () {
return $this -> twoFactorAuthenticationOptional ;
}
/**
* Sets if 2 nd factor is optional .
*
* @ param boolean $twoFactorAuthenticationOptional 2 nd factor is optional
*/
public function setTwoFactorAuthenticationOptional ( $twoFactorAuthenticationOptional ) {
$this -> twoFactorAuthenticationOptional = $twoFactorAuthenticationOptional ;
}
/**
* Returns the caption HTML .
*
2018-12-31 09:51:44 +00:00
* @ return string caption HTML
2017-02-11 17:16:08 +00:00
*/
public function getTwoFactorAuthenticationCaption () {
return $this -> twoFactorAuthenticationCaption ;
}
/**
* Sets the caption HTML .
*
* @ param string $twoFactorAuthenticationCaption caption HTML
*/
public function setTwoFactorAuthenticationCaption ( $twoFactorAuthenticationCaption ) {
$this -> twoFactorAuthenticationCaption = $twoFactorAuthenticationCaption ;
}
2016-02-26 19:49:57 +00:00
2019-08-11 07:39:47 +00:00
/**
* Returns the user attribute .
*
* @ return string user attribute
*/
public function getTwoFactorAuthenticationAttribute () {
if ( empty ( $this -> twoFactorAuthenticationAttribute )) {
return 'uid' ;
}
return $this -> twoFactorAuthenticationAttribute ;
}
/**
* Sets the user attribute .
*
* @ param string $twoFactorAuthenticationAttribute user attribute
*/
public function setTwoFactorAuthenticationAttribute ( $twoFactorAuthenticationAttribute ) {
$this -> twoFactorAuthenticationAttribute = $twoFactorAuthenticationAttribute ;
}
2003-02-17 21:38:54 +00:00
}
2003-03-05 16:05:23 +00:00
2004-01-30 17:06:28 +00:00
2004-05-31 14:04:00 +00:00
/**
* This class manages config . cfg .
*
* @ package configuration
2003-07-06 10:24:41 +00:00
*/
2006-09-24 14:19:50 +00:00
class LAMCfgMain {
2003-07-06 10:24:41 +00:00
2013-10-18 17:43:09 +00:00
/** PHP error reporting setting as E_ALL & ~E_NOTICE */
const ERROR_REPORTING_DEFAULT = 'default' ;
/** PHP error reporting setting from php.ini */
const ERROR_REPORTING_SYSTEM = 'system' ;
2014-04-21 10:52:46 +00:00
/** PHP error reporting setting as E_ALL | E_STRICT */
const ERROR_REPORTING_ALL = 'all' ;
2015-07-26 07:59:24 +00:00
2004-05-31 14:04:00 +00:00
/** Default profile */
2007-10-26 17:51:56 +00:00
public $default ;
2003-07-06 10:24:41 +00:00
2004-05-31 14:04:00 +00:00
/** Password to change config.cfg */
2007-11-07 21:02:13 +00:00
private $password ;
2006-09-24 14:19:50 +00:00
2006-04-18 10:57:16 +00:00
/** Time of inactivity before session times out (minutes) */
2007-10-26 17:51:56 +00:00
public $sessionTimeout ;
2006-09-24 14:19:50 +00:00
2006-04-23 16:33:25 +00:00
/** log level */
2007-10-26 17:51:56 +00:00
public $logLevel ;
2006-09-24 14:19:50 +00:00
2019-02-23 18:44:10 +00:00
/** log destination ("SYSLOG":syslog, "/...":file, "NONE":none, "REMOTE":server:port) */
2007-10-26 17:51:56 +00:00
public $logDestination ;
2006-09-24 14:19:50 +00:00
2006-04-25 11:25:07 +00:00
/** list of hosts which may access LAM */
2007-10-26 17:51:56 +00:00
public $allowedHosts ;
2015-07-26 07:59:24 +00:00
2014-01-12 19:58:15 +00:00
/** list of hosts which may access LAM Pro self service */
public $allowedHostsSelfService ;
2015-07-26 07:59:24 +00:00
2014-01-12 11:08:43 +00:00
/** session encryption */
public $encryptSession ;
2015-07-26 07:59:24 +00:00
2008-02-10 13:19:05 +00:00
/** minimum length for passwords */
public $passwordMinLength = 0 ;
2015-07-26 07:59:24 +00:00
2008-02-10 13:19:05 +00:00
/** minimum uppercase characters */
public $passwordMinUpper = 0 ;
/** minimum lowercase characters */
public $passwordMinLower = 0 ;
/** minimum numeric characters */
public $passwordMinNumeric = 0 ;
/** minimum symbol characters */
public $passwordMinSymbol = 0 ;
/** minimum character classes (upper, lower, numeric, symbols) */
public $passwordMinClasses = 0 ;
2015-07-26 07:59:24 +00:00
2014-04-05 18:42:46 +00:00
/** number of password rules that must match (-1 = all) */
public $checkedRulesCount = - 1 ;
2015-07-26 07:59:24 +00:00
2014-04-05 18:42:46 +00:00
/** password may contain the user name */
public $passwordMustNotContainUser = 'false' ;
2015-07-26 07:59:24 +00:00
2014-04-05 18:42:46 +00:00
/** password may contain more than 2 characters of user/first/last name */
public $passwordMustNotContain3Chars = 'false' ;
2015-07-26 07:59:24 +00:00
2018-04-10 19:32:26 +00:00
/** external URL for password checking (e.g. https://domain.com/url/{SHA1}) */
public $externalPwdCheckUrl = null ;
2012-07-15 12:05:47 +00:00
/** path to config file */
2009-11-06 19:15:56 +00:00
private $conffile ;
2006-09-24 14:19:50 +00:00
2013-08-10 12:43:01 +00:00
/** uploaded SSL certificate that is stored to disk on save() */
private $uploadedSSLCaCert = null ;
2015-07-26 07:59:24 +00:00
2013-08-10 12:43:01 +00:00
/** SSL certificate should be deleted on save() */
private $delSSLCaCert = false ;
2015-07-26 07:59:24 +00:00
2013-10-16 16:48:59 +00:00
/** EOL for emails (default/unix) */
public $mailEOL = 'default' ;
2015-07-26 07:59:24 +00:00
2013-10-18 17:43:09 +00:00
/** error reporting */
public $errorReporting = self :: ERROR_REPORTING_DEFAULT ;
2013-08-10 12:43:01 +00:00
2016-08-21 09:16:44 +00:00
/** license data */
private $license = '' ;
2006-04-23 16:33:25 +00:00
/** list of data fields to save in config file */
2007-10-26 17:51:56 +00:00
private $settings = array ( " password " , " default " , " sessionTimeout " ,
2008-02-10 13:19:05 +00:00
" logLevel " , " logDestination " , " allowedHosts " , " passwordMinLength " ,
" passwordMinUpper " , " passwordMinLower " , " passwordMinNumeric " ,
2014-04-05 18:42:46 +00:00
" passwordMinClasses " , " passwordMinSymbol " , 'checkedRulesCount' ,
'passwordMustNotContainUser' , 'passwordMustNotContain3Chars' ,
2018-04-10 19:32:26 +00:00
'externalPwdCheckUrl' ,
2016-08-21 09:16:44 +00:00
" mailEOL " , 'errorReporting' , 'encryptSession' , 'allowedHostsSelfService' ,
'license'
);
2006-09-24 14:19:50 +00:00
2004-05-31 14:04:00 +00:00
/**
* Loads preferences from config file
*/
2007-12-28 16:08:56 +00:00
function __construct () {
2009-11-06 19:15:56 +00:00
$this -> conffile = substr ( __FILE__ , 0 , strlen ( __FILE__ ) - 15 ) . " /config/config.cfg " ;
2006-04-23 16:33:25 +00:00
// set default values
2006-04-18 10:57:16 +00:00
$this -> sessionTimeout = 30 ;
2006-04-23 16:33:25 +00:00
$this -> logLevel = LOG_NOTICE ;
$this -> logDestination = " SYSLOG " ;
2006-04-25 11:25:07 +00:00
$this -> allowedHosts = " " ;
2014-01-12 19:58:15 +00:00
$this -> allowedHostsSelfService = '' ;
2014-01-12 11:08:43 +00:00
$this -> encryptSession = 'true' ;
2003-07-06 10:24:41 +00:00
$this -> reload ();
}
2004-05-31 14:04:00 +00:00
/**
* Reloads preferences from config file config . cfg
2004-07-18 10:18:25 +00:00
*
* @ return boolean true if file was readable
2004-05-31 14:04:00 +00:00
*/
2007-10-26 17:51:56 +00:00
private function reload () {
2009-11-06 19:15:56 +00:00
if ( is_file ( $this -> conffile ) == True ) {
$file = @ fopen ( $this -> conffile , " r " );
2004-07-18 10:18:25 +00:00
if ( ! $file ) return false ; // abort if file is not readable
2003-07-06 10:24:41 +00:00
while ( ! feof ( $file )) {
$line = fgets ( $file , 1024 );
2003-10-11 12:17:28 +00:00
$line = trim ( $line ); // remove spaces at the beginning and end
if (( $line == " " ) || ( $line [ 0 ] == " # " )) continue ; // ignore comments
2003-07-06 10:24:41 +00:00
// search keywords
2006-04-23 16:33:25 +00:00
for ( $i = 0 ; $i < sizeof ( $this -> settings ); $i ++ ) {
$keyword = $this -> settings [ $i ];
$keylen = strlen ( $keyword );
if ( strtolower ( substr ( $line , 0 , $keylen + 2 )) == strtolower ( $keyword . " : " )) {
$this -> $keyword = substr ( $line , $keylen + 2 , strlen ( $line ) - $keylen - 2 );
break ;
}
2003-07-06 10:24:41 +00:00
}
}
fclose ( $file );
}
2004-07-18 10:18:25 +00:00
return true ;
2003-07-06 10:24:41 +00:00
}
2004-05-31 14:04:00 +00:00
/**
* Saves preferences to config file config . cfg
*/
2007-10-26 17:51:56 +00:00
public function save () {
2009-11-06 19:15:56 +00:00
if ( is_file ( $this -> conffile ) == True ) {
$file = fopen ( $this -> conffile , " r " );
2003-07-06 10:24:41 +00:00
$file_array = array ();
// read config file
while ( ! feof ( $file )) {
array_push ( $file_array , fgets ( $file , 1024 ));
}
fclose ( $file );
// generate new configuration file
2006-04-23 16:33:25 +00:00
$saved = array ();
2003-07-06 10:24:41 +00:00
for ( $i = 0 ; $i < sizeof ( $file_array ); $i ++ ) {
2006-04-23 16:33:25 +00:00
$line = trim ( $file_array [ $i ]);
if (( $line == " " ) || ( $line [ 0 ] == " # " )) continue ; // ignore comments and empty lines
// search keywords
for ( $k = 0 ; $k < sizeof ( $this -> settings ); $k ++ ) {
$keyword = $this -> settings [ $k ];
$keylen = strlen ( $keyword );
if ( strtolower ( substr ( $line , 0 , $keylen + 1 )) == strtolower ( $keyword . " : " )) {
$file_array [ $i ] = $keyword . " : " . $this -> $keyword . " \n " ;
$saved [] = $keyword ; // mark keyword as saved
break ;
}
2006-04-18 10:57:16 +00:00
}
2003-07-06 10:24:41 +00:00
}
}
// check if we have to add new entries (e.g. if user upgraded LAM and has an old config file)
2006-04-23 16:33:25 +00:00
if ( ! in_array ( " password " , $saved )) array_push ( $file_array , " \n \n # password to add/delete/rename configuration profiles \n " . " password: " . $this -> password );
if ( ! in_array ( " default " , $saved )) array_push ( $file_array , " \n \n # default profile, without \" .conf \" \n " . " default: " . $this -> default );
if ( ! in_array ( " sessionTimeout " , $saved )) array_push ( $file_array , " \n \n # session timeout in minutes \n " . " sessionTimeout: " . $this -> sessionTimeout );
if ( ! in_array ( " logLevel " , $saved )) array_push ( $file_array , " \n \n # log level \n " . " logLevel: " . $this -> logLevel );
if ( ! in_array ( " logDestination " , $saved )) array_push ( $file_array , " \n \n # log destination \n " . " logDestination: " . $this -> logDestination );
2006-04-25 11:25:07 +00:00
if ( ! in_array ( " allowedHosts " , $saved )) array_push ( $file_array , " \n \n # list of hosts which may access LAM \n " . " allowedHosts: " . $this -> allowedHosts );
2014-01-12 19:58:15 +00:00
if ( ! in_array ( " allowedHostsSelfService " , $saved )) array_push ( $file_array , " \n \n # list of hosts which may access LAM Pro self service \n " . " allowedHostsSelfService: " . $this -> allowedHostsSelfService );
2014-01-12 11:08:43 +00:00
if ( ! in_array ( " encryptSession " , $saved )) array_push ( $file_array , " \n \n # encrypt session data \n " . " encryptSession: " . $this -> encryptSession );
2008-02-10 13:19:05 +00:00
if ( ! in_array ( " passwordMinLength " , $saved )) array_push ( $file_array , " \n \n # Password: minimum password length \n " . " passwordMinLength: " . $this -> passwordMinLength );
if ( ! in_array ( " passwordMinUpper " , $saved )) array_push ( $file_array , " \n \n # Password: minimum uppercase characters \n " . " passwordMinUpper: " . $this -> passwordMinUpper );
if ( ! in_array ( " passwordMinLower " , $saved )) array_push ( $file_array , " \n \n # Password: minimum lowercase characters \n " . " passwordMinLower: " . $this -> passwordMinLower );
if ( ! in_array ( " passwordMinNumeric " , $saved )) array_push ( $file_array , " \n \n # Password: minimum numeric characters \n " . " passwordMinNumeric: " . $this -> passwordMinNumeric );
if ( ! in_array ( " passwordMinSymbol " , $saved )) array_push ( $file_array , " \n \n # Password: minimum symbolic characters \n " . " passwordMinSymbol: " . $this -> passwordMinSymbol );
if ( ! in_array ( " passwordMinClasses " , $saved )) array_push ( $file_array , " \n \n # Password: minimum character classes (0-4) \n " . " passwordMinClasses: " . $this -> passwordMinClasses );
2014-04-05 18:42:46 +00:00
if ( ! in_array ( " checkedRulesCount " , $saved )) array_push ( $file_array , " \n \n # Password: checked rules \n " . " checkedRulesCount: " . $this -> checkedRulesCount );
if ( ! in_array ( " passwordMustNotContain3Chars " , $saved )) array_push ( $file_array , " \n \n # Password: must not contain part of user name \n " . " passwordMustNotContain3Chars: " . $this -> passwordMustNotContain3Chars );
if ( ! in_array ( " passwordMustNotContainUser " , $saved )) array_push ( $file_array , " \n \n # Password: must not contain user name \n " . " passwordMustNotContainUser: " . $this -> passwordMustNotContainUser );
2018-04-10 19:32:26 +00:00
if ( ! in_array ( " externalPwdCheckUrl " , $saved )) array_push ( $file_array , " \n \n " . " externalPwdCheckUrl: " . $this -> externalPwdCheckUrl );
2013-10-16 16:48:59 +00:00
if ( ! in_array ( " mailEOL " , $saved )) array_push ( $file_array , " \n \n # Email format (default/unix) \n " . " mailEOL: " . $this -> mailEOL );
2013-10-18 17:43:09 +00:00
if ( ! in_array ( " errorReporting " , $saved )) array_push ( $file_array , " \n \n # PHP error reporting (default/system) \n " . " errorReporting: " . $this -> errorReporting );
2016-08-21 09:16:44 +00:00
if ( ! in_array ( " license " , $saved )) array_push ( $file_array , " \n \n # License \n " . " license: " . $this -> license );
2009-11-06 19:15:56 +00:00
$file = @ fopen ( $this -> conffile , " w " );
2003-07-06 10:24:41 +00:00
if ( $file ) {
for ( $i = 0 ; $i < sizeof ( $file_array ); $i ++ ) fputs ( $file , $file_array [ $i ]);
fclose ( $file );
}
else {
2009-11-06 19:15:56 +00:00
StatusMessage ( " ERROR " , " " , _ ( " Cannot open config file! " ) . " ( " . $this -> conffile . " ) " );
2003-07-06 10:24:41 +00:00
}
2013-08-10 12:43:01 +00:00
// store SSL certificate
if ( $this -> uploadedSSLCaCert != null ) {
$sslPath = $this -> getInternalSSLCaCertFileName ();
$file = @ fopen ( $sslPath , " w " );
if ( $file ) {
fputs ( $file , $this -> uploadedSSLCaCert );
fclose ( $file );
@ chmod ( $sslPath , 0600 );
}
else {
StatusMessage ( " ERROR " , _ ( " Cannot write certificate file. Please check the permissions of config/serverCerts.pem. " ));
}
}
// delete SSL certificate
if ( $this -> delSSLCaCert === true ) {
$sslPath = $this -> getInternalSSLCaCertFileName ();
$result = @ unlink ( $sslPath );
if ( ! $result ) {
StatusMessage ( " ERROR " , _ ( " Cannot write certificate file. Please check the permissions of config/serverCerts.pem. " ));
}
}
2003-07-06 10:24:41 +00:00
}
2015-07-26 07:59:24 +00:00
2007-11-07 21:02:13 +00:00
/**
* Sets a new config password .
*
* @ param String $password new password
*/
public function setPassword ( $password ) {
2013-07-21 11:34:31 +00:00
$rand = getRandomNumber ();
2007-11-07 21:02:13 +00:00
$salt0 = substr ( pack ( " h* " , md5 ( $rand )), 0 , 8 );
$salt = substr ( pack ( " H* " , sha1 ( $salt0 . $password )), 0 , 4 );
2015-07-26 07:59:24 +00:00
$this -> password = $this -> hashPassword ( $password , $salt );
2007-11-07 21:02:13 +00:00
}
2015-07-26 07:59:24 +00:00
2007-11-07 21:02:13 +00:00
/**
* Checks if the given password matches .
*
* @ param String $password password
* @ return boolean true , if password matches
*/
public function checkPassword ( $password ) {
if ( substr ( $this -> password , 0 , 6 ) == " { SSHA} " ) {
// check hashed password
$value = substr ( $this -> password , 6 );
$parts = explode ( " " , $value );
$salt = base64_decode ( $parts [ 1 ]);
return ( $this -> hashPassword ( $password , $salt ) === $this -> password );
}
else {
// old nonhashed password
return ( $password === $this -> password );
}
}
2015-07-26 07:59:24 +00:00
2007-11-07 21:02:13 +00:00
/**
* Returns the hashed password .
*
* @ param String $password password
* @ param String $salt salt
* @ return String hash value
*/
private function hashPassword ( $password , $salt ) {
2017-10-10 16:55:43 +00:00
return " { SSHA} " . base64_encode ( hex2bin ( sha1 ( $password . $salt ))) . " " . base64_encode ( $salt );
2007-11-07 21:02:13 +00:00
}
2015-07-26 07:59:24 +00:00
2009-11-06 19:15:56 +00:00
/**
* Returns if the configuration file is writable .
*
* @ return boolean writable
*/
public function isWritable () {
return is_writeable ( $this -> conffile );
}
2015-07-26 07:59:24 +00:00
2013-01-12 11:28:43 +00:00
/**
* Returns if the configuration file is existing .
*
* @ return boolean exists
*/
public function isConfigFileExisting () {
return file_exists ( $this -> conffile );
}
2015-07-26 07:59:24 +00:00
2016-11-01 07:55:34 +00:00
/**
* Tries to copy the config file from sample config .
*
* @ return boolean copied
*/
public function installSampleConfig () {
$samplePath = dirname ( dirname ( __FILE__ )) . '/config/config.cfg.sample' ;
return file_exists ( $samplePath ) && copy ( $samplePath , $this -> conffile );
}
2013-08-10 12:43:01 +00:00
/**
* Returns the path to the SSL CA certificate file that overrides the system certificates .
2015-07-26 07:59:24 +00:00
*
2013-08-10 12:43:01 +00:00
* @ return String path to certificate file or null if certificate is not overridden
*/
public function getSSLCaCertPath () {
$path = $this -> getInternalSSLCaCertFileName ();
if ( file_exists ( $path )) {
return $path ;
}
return null ;
}
2015-07-26 07:59:24 +00:00
2013-08-10 12:43:01 +00:00
/**
* Returns the file name that will be used internally to store the CA file .
2015-07-26 07:59:24 +00:00
*
2013-08-10 12:43:01 +00:00
* @ return String file name
*/
private function getInternalSSLCaCertFileName () {
return dirname ( __FILE__ ) . '/../config/serverCerts.pem' ;
}
2015-07-26 07:59:24 +00:00
2013-08-10 12:43:01 +00:00
/**
* Uploads a new SSL CA cert .
2015-07-26 07:59:24 +00:00
*
2013-08-10 12:43:01 +00:00
* @ param String $cert file content in DER / PEM format
* @ return mixed TRUE if format is correct , error message if file is not accepted
*/
public function uploadSSLCaCert ( $cert ) {
2013-12-26 11:35:49 +00:00
if ( strpos ( $cert , '-----BEGIN CERTIFICATE-----' ) === false ) {
2013-08-10 12:43:01 +00:00
$pem = @ chunk_split ( @ base64_encode ( $cert ), 64 , " \n " );
$cert = " -----BEGIN CERTIFICATE----- \n " . $pem . " -----END CERTIFICATE----- \n " ;
}
2013-12-26 11:35:49 +00:00
else {
// remove any junk before first "-----BEGIN CERTIFICATE-----"
$pos = strpos ( $cert , '-----BEGIN CERTIFICATE-----' );
$cert = substr ( $cert , $pos );
}
2013-08-10 12:43:01 +00:00
$pemData = @ openssl_x509_parse ( $cert );
if ( $pemData === false ) {
return _ ( 'Please provide a file in DER or PEM format.' );
}
$existingCerts = $this -> getSSLCaCertificateContent ();
if ( ! empty ( $existingCerts )) {
// merge with existing certificates
$existingList = $this -> splitSSLCaCertificateContent ( $existingCerts );
$newList = $this -> splitSSLCaCertificateContent ( $cert );
$this -> uploadedSSLCaCert = implode ( " \n " , array_unique ( array_merge ( $existingList , $newList )));
}
else {
$this -> uploadedSSLCaCert = $cert ;
}
$this -> delSSLCaCert = false ;
return true ;
}
2015-07-26 07:59:24 +00:00
2013-08-10 12:43:01 +00:00
/**
* Returns the name of a temporary file in tmp that contains the SSL certificate .
* The file contains either the stored data in serverCerts or the uploaded data .
2015-07-26 07:59:24 +00:00
*
2013-08-10 12:43:01 +00:00
* @ return String file name or null if no certificate was set
*/
public function getSSLCaCertTempFileName () {
if ( $this -> delSSLCaCert ) {
return null ;
}
// get certificate data
$content = $this -> getSSLCaCertificateContent ();
if ( $content == null ) {
return null ;
}
// write to temp file
$fileName = time () . getRandomNumber () . '.pem' ;
$path = dirname ( __FILE__ ) . '/../tmp/' . $fileName ;
$handle = @ fopen ( $path , " wb " );
@ chmod ( $path , 0600 );
if ( $handle ) {
$content = fputs ( $handle , $content );
fclose ( $handle );
}
else {
return null ;
}
return $fileName ;
}
2015-07-26 07:59:24 +00:00
2013-08-10 12:43:01 +00:00
/**
* Marks a single or all SSL CA certificate files for deletion .
* The changes take effect on save () .
2015-07-26 07:59:24 +00:00
*
2013-08-10 12:43:01 +00:00
* @ param int $index certificate index , null deletes all certificates ( default : null )
*/
public function deleteSSLCaCert ( $index = null ) {
if ( $index == null ) {
// delete all
$this -> delSSLCaCert = true ;
return ;
}
$content = $this -> getSSLCaCertificateContent ();
$list = $this -> splitSSLCaCertificateContent ( $content );
unset ( $list [ $index ]);
if ( sizeof ( $list ) < 1 ) {
$this -> delSSLCaCert = true ;
$this -> uploadedSSLCaCert = null ;
}
else {
$this -> uploadedSSLCaCert = implode ( " \n " , $list );
}
}
2015-07-26 07:59:24 +00:00
2013-08-10 12:43:01 +00:00
/**
* Returns a list of all CA certificates .
2015-07-26 07:59:24 +00:00
*
2013-08-10 12:43:01 +00:00
* @ return array list of certificates as output of openssl_x509_parse ()
*/
public function getSSLCaCertificates () {
if ( $this -> delSSLCaCert ) {
return array ();
}
$content = $this -> getSSLCaCertificateContent ();
if ( empty ( $content )) {
return array ();
}
$list = $this -> splitSSLCaCertificateContent ( $content );
for ( $i = 0 ; $i < sizeof ( $list ); $i ++ ) {
$list [ $i ] = @ openssl_x509_parse ( $list [ $i ]);
}
return $list ;
}
/**
* Returns the content of the certificate file or uploaded data .
2015-07-26 07:59:24 +00:00
*
2013-08-10 12:43:01 +00:00
* @ return String null or certificate content
*/
private function getSSLCaCertificateContent () {
$content = null ;
if ( $this -> delSSLCaCert ) {
return null ;
}
if ( $this -> uploadedSSLCaCert != null ) {
$content = $this -> uploadedSSLCaCert ;
}
elseif ( $this -> getSSLCaCertPath () != null ) {
$path = $this -> getSSLCaCertPath ();
$handle = @ fopen ( $path , " r " );
if ( $handle ) {
$content = fread ( $handle , 10000000 );
fclose ( $handle );
}
}
return $content ;
}
2015-07-26 07:59:24 +00:00
2013-08-10 12:43:01 +00:00
/**
* Splits the certificate content into single PEM data chunks .
2015-07-26 07:59:24 +00:00
*
2013-08-10 12:43:01 +00:00
* @ param String $content PEM file content
* @ return array one element for each certificate chunk
*/
private function splitSSLCaCertificateContent ( $content ) {
if ( empty ( $content )) {
return array ();
}
$content = str_replace ( " \n \n " , " \n " , $content );
if ( empty ( $content )) {
return array ();
}
if ( ! ( strpos ( $content , '-----BEGIN CERTIFICATE-----' ) === 0 )) {
return array ();
}
$lines = explode ( " \n " , $content );
$list = array ();
$pos = - 1 ;
foreach ( $lines as $line ) {
if ( strpos ( $line , '-----BEGIN CERTIFICATE-----' ) === 0 ) {
$pos ++ ;
}
if ( ! isset ( $list [ $pos ])) {
$list [ $pos ] = '' ;
}
$list [ $pos ] .= $line . " \n " ;
}
return $list ;
}
2015-07-26 07:59:24 +00:00
2016-08-21 09:16:44 +00:00
/**
* Returns the license key as multiple lines .
*
* @ return String license
*/
public function getLicenseLines () {
return explode ( LAMConfig :: LINE_SEPARATOR , $this -> license );
}
/**
* Sets the license key as multiple lines .
*
* @ param String $license license
*/
public function setLicenseLines ( $licenseLines ) {
$this -> license = implode ( LAMConfig :: LINE_SEPARATOR , $licenseLines );
}
2003-07-06 10:24:41 +00:00
}
2003-03-05 18:38:19 +00:00
?>