2006-04-16 12:49:12 +00:00
< ? php
/*
$Id $
2009-10-27 18:47:12 +00:00
This code is part of LDAP Account Manager ( http :// www . ldap - account - manager . org / )
2012-01-14 13:24:03 +00:00
Copyright ( C ) 2003 - 2012 Roland Gruber
2006-04-16 12:49:12 +00:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 2 of the License , or
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program ; if not , write to the Free Software
Foundation , Inc . , 59 Temple Place , Suite 330 , Boston , MA 02111 - 1307 USA
*/
2006-09-24 14:19:50 +00:00
2006-04-16 12:49:12 +00:00
/**
* Manages the main configuration options .
*
* @ package configuration
* @ author Roland Gruber
*/
/** Access to config functions */
include_once ( '../../lib/config.inc' );
/** Used to print status messages */
include_once ( '../../lib/status.inc' );
// start session
2009-07-08 18:03:28 +00:00
if ( strtolower ( session_module_name ()) == 'files' ) {
session_save_path ( " ../../sess " );
}
2006-04-16 12:49:12 +00:00
@ session_start ();
setlanguage ();
2006-09-24 14:19:50 +00:00
$cfg = new LAMCfgMain ();
2006-04-16 12:49:12 +00:00
// check if user is logged in
2007-11-07 21:02:13 +00:00
if ( ! isset ( $_SESSION [ " mainconf_password " ]) || ( ! $cfg -> checkPassword ( $_SESSION [ " mainconf_password " ]))) {
2006-04-16 12:49:12 +00:00
require ( 'mainlogin.php' );
exit ();
}
2010-05-28 08:48:57 +00:00
if ( isset ( $_POST [ 'cancel' ])) {
// back to login
metaRefresh ( '../login.php' );
exit ();
2010-01-01 17:39:38 +00:00
}
2006-04-16 12:49:12 +00:00
2010-05-28 08:48:57 +00:00
$errors = array ();
2006-04-16 12:49:12 +00:00
// check if submit button was pressed
2008-04-24 18:50:02 +00:00
if ( isset ( $_POST [ 'submit' ])) {
2006-04-23 16:33:25 +00:00
// remove double slashes if magic quotes are on
if ( get_magic_quotes_gpc () == 1 ) {
$postKeys = array_keys ( $_POST );
for ( $i = 0 ; $i < sizeof ( $postKeys ); $i ++ ) {
if ( is_string ( $_POST [ $postKeys [ $i ]])) $_POST [ $postKeys [ $i ]] = stripslashes ( $_POST [ $postKeys [ $i ]]);
}
}
2006-04-16 12:49:12 +00:00
// set master password
if ( isset ( $_POST [ 'masterpassword' ]) && ( $_POST [ 'masterpassword' ] != " " )) {
if ( $_POST [ 'masterpassword' ] && $_POST [ 'masterpassword2' ] && ( $_POST [ 'masterpassword' ] == $_POST [ 'masterpassword2' ])) {
2007-11-07 21:02:13 +00:00
$cfg -> setPassword ( $_POST [ 'masterpassword' ]);
2006-04-16 12:49:12 +00:00
$msg = _ ( " New master password set successfully. " );
unset ( $_SESSION [ " mainconf_password " ]);
}
2006-04-18 10:57:16 +00:00
else $errors [] = _ ( " Master passwords are different or empty! " );
2006-04-16 12:49:12 +00:00
}
2006-04-18 10:57:16 +00:00
// set session timeout
$cfg -> sessionTimeout = $_POST [ 'sessionTimeout' ];
2006-04-25 11:25:07 +00:00
// set allowed hosts
if ( isset ( $_POST [ 'allowedHosts' ])) {
$allowedHosts = $_POST [ 'allowedHosts' ];
$allowedHostsList = explode ( " \n " , $allowedHosts );
for ( $i = 0 ; $i < sizeof ( $allowedHostsList ); $i ++ ) {
$allowedHostsList [ $i ] = trim ( $allowedHostsList [ $i ]);
// ignore empty lines
if ( $allowedHostsList [ $i ] == " " ) {
unset ( $allowedHostsList [ $i ]);
continue ;
}
// check each line
2012-03-13 21:02:37 +00:00
$ipRegex = '/^[0-9a-f\\.:\\*]+$/i' ;
2009-08-14 18:06:15 +00:00
if ( ! preg_match ( $ipRegex , $allowedHostsList [ $i ]) || ( strlen ( $allowedHostsList [ $i ]) > 15 )) {
2012-03-13 21:02:37 +00:00
$errors [] = sprintf ( _ ( " The IP address %s is invalid! " ), htmlspecialchars ( str_replace ( '%' , '%%' , $allowedHostsList [ $i ])));
2006-04-25 11:25:07 +00:00
}
}
$allowedHosts = implode ( " , " , $allowedHostsList );
}
else $allowedHosts = " " ;
$cfg -> allowedHosts = $allowedHosts ;
2006-04-23 16:33:25 +00:00
// set log level
$cfg -> logLevel = $_POST [ 'logLevel' ];
// set log destination
if ( $_POST [ 'logDestination' ] == " none " ) $cfg -> logDestination = " NONE " ;
elseif ( $_POST [ 'logDestination' ] == " syslog " ) $cfg -> logDestination = " SYSLOG " ;
else {
2009-10-28 16:05:25 +00:00
if ( isset ( $_POST [ 'logFile' ]) && ( $_POST [ 'logFile' ] != " " ) && preg_match ( " /^[a-z0-9 \\ / \\ \\ : \\ ._-]+ $ /i " , $_POST [ 'logFile' ])) {
2006-04-23 16:33:25 +00:00
$cfg -> logDestination = $_POST [ 'logFile' ];
}
else $errors [] = _ ( " The log file is empty or contains invalid characters! Valid characters are: a-z, A-Z, 0-9, /, \\ , ., :, _ and -. " );
}
2008-02-10 13:19:05 +00:00
// password policies
$cfg -> passwordMinLength = $_POST [ 'passwordMinLength' ];
$cfg -> passwordMinLower = $_POST [ 'passwordMinLower' ];
$cfg -> passwordMinUpper = $_POST [ 'passwordMinUpper' ];
$cfg -> passwordMinNumeric = $_POST [ 'passwordMinNumeric' ];
$cfg -> passwordMinSymbol = $_POST [ 'passwordMinSymbol' ];
$cfg -> passwordMinClasses = $_POST [ 'passwordMinClasses' ];
2006-04-18 10:57:16 +00:00
// save settings
$cfg -> save ();
2010-05-28 08:48:57 +00:00
if ( sizeof ( $errors ) == 0 ) {
metaRefresh ( '../login.php?confMainSavedOk=1' );
2006-04-18 10:57:16 +00:00
exit ();
2006-04-16 12:49:12 +00:00
}
}
2009-11-06 19:15:56 +00:00
2010-05-28 08:48:57 +00:00
echo $_SESSION [ 'header' ];
?>
< title >
< ? php
echo _ ( " Edit general settings " );
?>
</ title >
2010-08-31 18:05:17 +00:00
< ? php
// include all CSS files
$cssDirName = dirname ( __FILE__ ) . '/../../style' ;
$cssDir = dir ( $cssDirName );
2012-11-02 17:45:35 +00:00
$cssFiles = array ();
$cssEntry = $cssDir -> read ();
while ( $cssEntry !== false ) {
if ( substr ( $cssEntry , strlen ( $cssEntry ) - 4 , 4 ) == '.css' ) {
$cssFiles [] = $cssEntry ;
}
$cssEntry = $cssDir -> read ();
}
sort ( $cssFiles );
foreach ( $cssFiles as $cssEntry ) {
2010-08-31 18:05:17 +00:00
echo " <link rel= \" stylesheet \" type= \" text/css \" href= \" ../../style/ " . $cssEntry . " \" > \n " ;
}
?>
2010-05-28 08:48:57 +00:00
< link rel = " shortcut icon " type = " image/x-icon " href = " ../../graphics/favicon.ico " >
</ head >
< body >
2010-08-31 18:05:17 +00:00
< table border = 0 width = " 100% " class = " lamHeader ui-corner-all " >
2010-07-30 16:08:20 +00:00
< tr >
< td align = " left " height = " 30 " >
< a class = " lamHeader " href = " http://www.ldap-account-manager.org/ " target = " new_window " >& nbsp ; < img src = " ../../graphics/logo32.png " width = 24 height = 24 class = " align-middle " alt = " LDAP Account Manager " >& nbsp ; & nbsp ; LDAP Account Manager </ a >
</ td >
< td align = " right " height = 20 >
< a href = " ../login.php " >< IMG alt = " configuration " src = " ../../graphics/undo.png " >& nbsp ; < ? php echo _ ( " Back to login " ) ?> </a>
</ td >
</ tr >
</ table >
< br >
2010-11-18 19:29:44 +00:00
<!-- form for adding / renaming / deleting profiles -->
< form action = " mainmanage.php " method = " post " >
2010-05-28 08:48:57 +00:00
< ? php
// include all JavaScript files
$jsDirName = dirname ( __FILE__ ) . '/../lib' ;
$jsDir = dir ( $jsDirName );
2010-08-28 12:27:06 +00:00
$jsFiles = array ();
2010-05-28 08:48:57 +00:00
while ( $jsEntry = $jsDir -> read ()) {
if ( substr ( $jsEntry , strlen ( $jsEntry ) - 3 , 3 ) != '.js' ) continue ;
2010-08-28 12:27:06 +00:00
$jsFiles [] = $jsEntry ;
}
sort ( $jsFiles );
foreach ( $jsFiles as $jsEntry ) {
2010-05-28 08:48:57 +00:00
echo " <script type= \" text/javascript \" src= \" ../lib/ " . $jsEntry . " \" ></script> \n " ;
}
2010-11-18 19:29:44 +00:00
$container = new htmlTable ();
2010-05-28 08:48:57 +00:00
// print messages
for ( $i = 0 ; $i < sizeof ( $errors ); $i ++ ) {
2010-11-18 19:29:44 +00:00
$container -> addElement ( new htmlStatusMessage ( " ERROR " , $errors [ $i ]), true );
2010-05-28 08:48:57 +00:00
}
2009-11-06 19:15:56 +00:00
// check if config file is writable
if ( ! $cfg -> isWritable ()) {
2010-11-18 19:29:44 +00:00
$container -> addElement ( new htmlStatusMessage ( 'WARN' , 'The config file is not writable.' , 'Your changes cannot be saved until you make the file writable for the webserver user.' ), true );
2009-11-06 19:15:56 +00:00
}
2010-11-18 19:29:44 +00:00
$container -> addElement ( new htmlSpacer ( null , '20px' ), true );
2006-04-16 12:49:12 +00:00
2010-11-18 19:29:44 +00:00
// security settings
$securityTable = new htmlTable ();
$options = array ( 5 , 10 , 20 , 30 , 60 );
$securityTable -> addElement ( new htmlTableExtendedSelect ( 'sessionTimeout' , $options , array ( $cfg -> sessionTimeout ), _ ( " Session timeout " ), '238' ), true );
$securityTable -> addElement ( new htmlTableExtendedInputTextarea ( 'allowedHosts' , implode ( " \n " , explode ( " , " , $cfg -> allowedHosts )), '30' , '7' , _ ( " Allowed hosts " ), '241' ), true );
$securityField = new htmlFieldset ( $securityTable , _ ( " Security settings " ));
$container -> addElement ( $securityField , true );
$container -> addElement ( new htmlSpacer ( null , '10px' ), true );
2006-04-16 12:49:12 +00:00
2010-11-18 19:29:44 +00:00
// password policy
$policyTable = new htmlTable ();
$options20 = array ( 0 , 1 , 2 , 3 , 4 , 5 , 6 , 7 , 8 , 9 , 10 , 11 , 12 , 13 , 14 , 15 , 16 , 17 , 18 , 19 , 20 );
$options4 = array ( 0 , 1 , 2 , 3 , 4 );
$policyTable -> addElement ( new htmlTableExtendedSelect ( 'passwordMinLength' , $options20 , array ( $cfg -> passwordMinLength ), _ ( 'Minimum password length' ), '242' ), true );
$policyTable -> addElement ( new htmlTableExtendedSelect ( 'passwordMinLower' , $options20 , array ( $cfg -> passwordMinLower ), _ ( 'Minimum lowercase characters' ), '242' ), true );
$policyTable -> addElement ( new htmlTableExtendedSelect ( 'passwordMinUpper' , $options20 , array ( $cfg -> passwordMinUpper ), _ ( 'Minimum uppercase characters' ), '242' ), true );
$policyTable -> addElement ( new htmlTableExtendedSelect ( 'passwordMinNumeric' , $options20 , array ( $cfg -> passwordMinNumeric ), _ ( 'Minimum numeric characters' ), '242' ), true );
$policyTable -> addElement ( new htmlTableExtendedSelect ( 'passwordMinSymbol' , $options20 , array ( $cfg -> passwordMinSymbol ), _ ( 'Minimum symbolic characters' ), '242' ), true );
$policyTable -> addElement ( new htmlTableExtendedSelect ( 'passwordMinClasses' , $options4 , array ( $cfg -> passwordMinClasses ), _ ( 'Minimum character classes' ), '242' ), true );
$policyField = new htmlFieldset ( $policyTable , _ ( " Password policy " ));
$container -> addElement ( $policyField , true );
$container -> addElement ( new htmlSpacer ( null , '10px' ), true );
// logging
$loggingTable = new htmlTable ();
$levelOptions = array ( _ ( " Debug " ) => LOG_DEBUG , _ ( " Notice " ) => LOG_NOTICE , _ ( " Warning " ) => LOG_WARNING , _ ( " Error " ) => LOG_ERR );
$levelSelect = new htmlTableExtendedSelect ( 'logLevel' , $levelOptions , array ( $cfg -> logLevel ), _ ( " Log level " ), '239' );
$levelSelect -> setHasDescriptiveElements ( true );
$loggingTable -> addElement ( $levelSelect , true );
$destinationOptions = array ( _ ( " No logging " ) => " none " , _ ( " System logging " ) => " syslog " , _ ( " File " ) => 'file' );
$destinationSelected = 'file' ;
$destinationPath = $cfg -> logDestination ;
if ( $cfg -> logDestination == 'NONE' ) {
$destinationSelected = 'none' ;
$destinationPath = '' ;
}
elseif ( $cfg -> logDestination == 'SYSLOG' ) {
$destinationSelected = 'syslog' ;
$destinationPath = '' ;
}
$loggingTable -> addElement ( new htmlTableExtendedRadio ( _ ( " Log destination " ), 'logDestination' , $destinationOptions , $destinationSelected , '240' ), true );
$loggingTable -> addElement ( new htmlOutputText ( '' ));
$loggingTable -> addElement ( new htmlInputField ( 'logFile' , $destinationPath ), true );
$loggingField = new htmlFieldset ( $loggingTable , _ ( " Logging " ));
$container -> addElement ( $loggingField , true );
$container -> addElement ( new htmlSpacer ( null , '10px' ), true );
// change master password
$passwordTable = new htmlTable ();
$pwd1 = new htmlTableExtendedInputField ( _ ( " New master password " ), 'masterpassword' , '' , '235' );
$pwd1 -> setIsPassword ( true );
$passwordTable -> addElement ( $pwd1 , true );
2012-01-14 13:24:03 +00:00
$pwd2 = new htmlTableExtendedInputField ( _ ( " Reenter password " ), 'masterpassword2' , '' );
2010-11-18 19:29:44 +00:00
$pwd2 -> setIsPassword ( true );
$passwordTable -> addElement ( $pwd2 , true );
$passwordField = new htmlFieldset ( $passwordTable , _ ( " Change master password " ));
$container -> addElement ( $passwordField , true );
$container -> addElement ( new htmlSpacer ( null , '20px' ), true );
// buttons
if ( $cfg -> isWritable ()) {
$buttonTable = new htmlTable ();
$buttonTable -> addElement ( new htmlButton ( 'submit' , _ ( " Ok " )));
$buttonTable -> addElement ( new htmlButton ( 'cancel' , _ ( " Cancel " )));
$container -> addElement ( $buttonTable );
}
$tabindex = 1 ;
parseHtml ( null , $container , array (), false , $tabindex , 'user' );
?>
2006-09-24 14:19:50 +00:00
2006-04-16 12:49:12 +00:00
</ form >
< p >< br ></ p >
</ body >
</ html >