2004-03-09 14:29:47 +00:00
|
|
|
<?php
|
|
|
|
/*
|
|
|
|
$Id$
|
|
|
|
|
2009-10-27 18:47:12 +00:00
|
|
|
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
2016-12-25 17:46:41 +00:00
|
|
|
Copyright (C) 2003 - 2016 Roland Gruber
|
2004-03-09 14:29:47 +00:00
|
|
|
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
|
|
it under the terms of the GNU General Public License as published by
|
|
|
|
the Free Software Foundation; either version 2 of the License, or
|
|
|
|
(at your option) any later version.
|
|
|
|
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
|
|
along with this program; if not, write to the Free Software
|
|
|
|
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
|
|
|
2004-06-10 22:13:39 +00:00
|
|
|
*/
|
2004-03-09 14:29:47 +00:00
|
|
|
|
2004-06-10 22:13:39 +00:00
|
|
|
/**
|
|
|
|
* Manages creating/changing of profiles.
|
|
|
|
*
|
2004-10-09 11:04:20 +00:00
|
|
|
* @package profiles
|
2004-06-10 22:13:39 +00:00
|
|
|
* @author Roland Gruber
|
2004-03-09 14:29:47 +00:00
|
|
|
*/
|
|
|
|
|
2006-03-26 17:51:25 +00:00
|
|
|
/** security functions */
|
|
|
|
include_once("../../lib/security.inc");
|
2004-06-10 22:13:39 +00:00
|
|
|
/** helper functions for profiles */
|
2004-03-09 14:29:47 +00:00
|
|
|
include_once("../../lib/profiles.inc");
|
2004-06-10 22:13:39 +00:00
|
|
|
/** access to LDAP server */
|
2004-03-09 14:29:47 +00:00
|
|
|
include_once("../../lib/ldap.inc");
|
2004-06-10 22:13:39 +00:00
|
|
|
/** access to configuration options */
|
2004-03-09 14:29:47 +00:00
|
|
|
include_once("../../lib/config.inc");
|
2004-06-10 22:13:39 +00:00
|
|
|
/** access to account modules */
|
2004-03-09 14:29:47 +00:00
|
|
|
include_once("../../lib/modules.inc");
|
2005-07-12 15:52:15 +00:00
|
|
|
/** Used to display status messages */
|
|
|
|
include_once("../../lib/status.inc");
|
2004-03-09 14:29:47 +00:00
|
|
|
|
|
|
|
// start session
|
2006-03-26 17:51:25 +00:00
|
|
|
startSecureSession();
|
2004-03-09 14:29:47 +00:00
|
|
|
|
2007-12-30 13:15:39 +00:00
|
|
|
// die if no write access
|
|
|
|
if (!checkIfWriteAccessIsAllowed()) die();
|
|
|
|
|
2012-08-13 17:43:48 +00:00
|
|
|
checkIfToolIsActive('toolProfileEditor');
|
|
|
|
|
2004-03-09 14:29:47 +00:00
|
|
|
setlanguage();
|
|
|
|
|
2015-05-15 19:16:46 +00:00
|
|
|
if (!empty($_POST)) {
|
|
|
|
validateSecurityToken();
|
|
|
|
}
|
|
|
|
|
2004-03-09 14:29:47 +00:00
|
|
|
// check if user is logged in, if not go to login
|
|
|
|
if (!$_SESSION['ldap'] || !$_SESSION['ldap']->server()) {
|
|
|
|
metaRefresh("../login.php");
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
2005-07-12 15:52:15 +00:00
|
|
|
// copy type and profile name from POST to GET
|
2016-12-25 17:46:41 +00:00
|
|
|
if (isset($_POST['profname'])) {
|
|
|
|
$_GET['edit'] = $_POST['profname'];
|
|
|
|
}
|
|
|
|
if (isset($_POST['accounttype'])) {
|
|
|
|
$_GET['type'] = $_POST['accounttype'];
|
|
|
|
}
|
2005-07-12 15:52:15 +00:00
|
|
|
|
2016-12-25 17:46:41 +00:00
|
|
|
$typeManager = new LAM\TYPES\TypeManager();
|
|
|
|
$type = $typeManager->getConfiguredType($_GET['type']);
|
|
|
|
if ($type->isHidden() || !checkIfWriteAccessIsAllowed($_GET['type'])) {
|
2013-01-01 20:46:28 +00:00
|
|
|
logNewMessage(LOG_ERR, 'User tried to access hidden account type profile: ' . $_GET['type']);
|
|
|
|
die();
|
|
|
|
}
|
|
|
|
|
2005-07-12 15:52:15 +00:00
|
|
|
// abort button was pressed
|
|
|
|
// back to profile editor
|
2006-01-25 18:31:19 +00:00
|
|
|
if (isset($_POST['abort'])) {
|
2005-07-12 15:52:15 +00:00
|
|
|
metaRefresh("profilemain.php");
|
|
|
|
exit;
|
|
|
|
}
|
2004-03-14 15:34:53 +00:00
|
|
|
|
2010-05-26 17:30:55 +00:00
|
|
|
$errors = array();
|
2004-03-09 14:29:47 +00:00
|
|
|
|
2005-07-12 15:52:15 +00:00
|
|
|
// save button was presed
|
2006-01-25 18:31:19 +00:00
|
|
|
if (isset($_POST['save'])) {
|
2005-07-12 15:52:15 +00:00
|
|
|
// create option array to check and save
|
|
|
|
$options = array();
|
|
|
|
$opt_keys = array_keys($_SESSION['profile_types']);
|
|
|
|
foreach ($opt_keys as $element) {
|
|
|
|
// text fields
|
|
|
|
if ($_SESSION['profile_types'][$element] == "text") {
|
|
|
|
$options[$element] = array($_POST[$element]);
|
|
|
|
}
|
|
|
|
// checkboxes
|
|
|
|
elseif ($_SESSION['profile_types'][$element] == "checkbox") {
|
2006-01-25 18:31:19 +00:00
|
|
|
if (isset($_POST[$element]) && ($_POST[$element] == "on")) $options[$element] = array('true');
|
2005-07-12 15:52:15 +00:00
|
|
|
else $options[$element] = array('false');
|
|
|
|
}
|
|
|
|
// dropdownbox
|
|
|
|
elseif ($_SESSION['profile_types'][$element] == "select") {
|
|
|
|
$options[$element] = array($_POST[$element]);
|
|
|
|
}
|
|
|
|
// multiselect
|
|
|
|
elseif ($_SESSION['profile_types'][$element] == "multiselect") {
|
2006-01-25 18:31:19 +00:00
|
|
|
if (isset($_POST[$element])) $options[$element] = $_POST[$element]; // value is already an array
|
|
|
|
else $options[$element] = array();
|
2005-07-12 15:52:15 +00:00
|
|
|
}
|
2012-08-26 14:09:22 +00:00
|
|
|
// textareas
|
|
|
|
if ($_SESSION['profile_types'][$element] == "textarea") {
|
|
|
|
$options[$element] = explode("\r\n", $_POST[$element]);
|
|
|
|
}
|
2005-07-12 15:52:15 +00:00
|
|
|
}
|
2016-12-25 17:46:41 +00:00
|
|
|
|
2005-07-12 15:52:15 +00:00
|
|
|
// remove double slashes if magic quotes are on
|
|
|
|
if (get_magic_quotes_gpc() == 1) {
|
|
|
|
foreach ($opt_keys as $element) {
|
2006-01-25 18:31:19 +00:00
|
|
|
if (isset($options[$element][0]) && is_string($options[$element][0])) $options[$element][0] = stripslashes($options[$element][0]);
|
2005-07-12 15:52:15 +00:00
|
|
|
}
|
|
|
|
}
|
2016-12-25 17:46:41 +00:00
|
|
|
|
2005-07-12 15:52:15 +00:00
|
|
|
// check options
|
|
|
|
$errors = checkProfileOptions($_POST['accounttype'], $options);
|
2010-05-26 17:30:55 +00:00
|
|
|
if (sizeof($errors) == 0) { // input data is valid, save profile
|
2005-07-12 15:52:15 +00:00
|
|
|
// save profile
|
|
|
|
if (saveAccountProfile($options, $_POST['profname'], $_POST['accounttype'])) {
|
2010-05-26 17:30:55 +00:00
|
|
|
metaRefresh('profilemain.php?savedSuccessfully=' . $_POST['profname']);
|
2005-07-12 15:52:15 +00:00
|
|
|
exit();
|
|
|
|
}
|
2010-05-26 17:30:55 +00:00
|
|
|
else {
|
|
|
|
$errors[] = array("ERROR", _("Unable to save profile!"), $_POST['profname']);
|
|
|
|
}
|
2005-07-12 15:52:15 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2010-05-26 17:30:55 +00:00
|
|
|
// print header
|
|
|
|
include '../main_header.php';
|
|
|
|
|
|
|
|
// print error messages if any
|
|
|
|
if (sizeof($errors) > 0) {
|
2010-12-19 13:51:39 +00:00
|
|
|
echo "<br>\n";
|
2010-05-26 17:30:55 +00:00
|
|
|
for ($i = 0; $i < sizeof($errors); $i++) {
|
|
|
|
call_user_func_array('StatusMessage', $errors[$i]);
|
|
|
|
}
|
|
|
|
}
|
2016-12-25 17:46:41 +00:00
|
|
|
|
2005-07-12 15:52:15 +00:00
|
|
|
// empty list of attribute types
|
|
|
|
$_SESSION['profile_types'] = array();
|
|
|
|
|
2004-03-09 14:29:47 +00:00
|
|
|
// get module options
|
2016-12-25 17:46:41 +00:00
|
|
|
$options = getProfileOptions($type->getId());
|
2004-03-09 14:29:47 +00:00
|
|
|
|
2005-07-12 15:52:15 +00:00
|
|
|
// load old profile or POST values if needed
|
2004-03-15 16:34:16 +00:00
|
|
|
$old_options = array();
|
2005-07-12 15:52:15 +00:00
|
|
|
if (isset($_POST['save'])) {
|
|
|
|
$postKeys = array_keys($_POST);
|
|
|
|
for ($i = 0; $i < sizeof($postKeys); $i++) {
|
|
|
|
if (!is_array($_POST[$postKeys[$i]])) {
|
2005-10-23 09:26:18 +00:00
|
|
|
if (get_magic_quotes_gpc() == 1) {
|
|
|
|
$old_options[$postKeys[$i]] = array(stripslashes($_POST[$postKeys[$i]]));
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
$old_options[$postKeys[$i]] = array($_POST[$postKeys[$i]]);
|
|
|
|
}
|
2005-07-12 15:52:15 +00:00
|
|
|
}
|
|
|
|
else {
|
|
|
|
$old_options[$postKeys[$i]] = $_POST[$postKeys[$i]];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
elseif (isset($_GET['edit'])) {
|
2016-12-25 17:46:41 +00:00
|
|
|
$old_options = loadAccountProfile($_GET['edit'], $type->getId());
|
2004-03-09 14:29:47 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// display formular
|
2016-12-25 17:46:41 +00:00
|
|
|
echo "<form action=\"profilepage.php?type=" . $type->getId() . "\" method=\"post\">\n";
|
2015-05-15 19:16:46 +00:00
|
|
|
echo '<input type="hidden" name="' . getSecurityTokenName() . '" value="' . getSecurityTokenValue() . '">';
|
2004-03-09 14:29:47 +00:00
|
|
|
|
2010-09-25 16:39:07 +00:00
|
|
|
$profName = '';
|
|
|
|
if (isset($_GET['edit'])) {
|
|
|
|
$profName = $_GET['edit'];
|
|
|
|
}
|
|
|
|
|
2010-12-19 13:51:39 +00:00
|
|
|
$tabindex = 1;
|
2010-09-25 16:39:07 +00:00
|
|
|
|
2010-12-19 13:51:39 +00:00
|
|
|
$container = new htmlTable();
|
|
|
|
$container->addElement(new htmlTitle(_("Profile editor")), true);
|
2010-09-25 16:39:07 +00:00
|
|
|
|
2010-12-19 13:51:39 +00:00
|
|
|
// general options
|
|
|
|
$dnContent = new htmlTable();
|
|
|
|
$dnContent->addElement(new htmlTableExtendedInputField(_("Profile name") . '*', 'profname', $profName, '360'), true);
|
|
|
|
$dnContent->addElement(new htmlSpacer(null, '10px'), true);
|
2004-06-27 18:07:43 +00:00
|
|
|
// suffix box
|
|
|
|
// get root suffix
|
2016-12-25 17:46:41 +00:00
|
|
|
$rootsuffix = $type->getSuffix();
|
2004-06-27 18:07:43 +00:00
|
|
|
// get subsuffixes
|
2011-05-14 13:51:08 +00:00
|
|
|
$suffixes = array('-' => '-');
|
2016-12-25 17:46:41 +00:00
|
|
|
$typeObj = $type->getBaseType();
|
2011-04-25 18:01:11 +00:00
|
|
|
$possibleSuffixes = $typeObj->getSuffixList();
|
|
|
|
foreach ($possibleSuffixes as $suffix) {
|
2010-12-19 13:51:39 +00:00
|
|
|
$suffixes[getAbstractDN($suffix)] = $suffix;
|
2004-06-27 18:07:43 +00:00
|
|
|
}
|
2010-12-19 13:51:39 +00:00
|
|
|
$selectedSuffix = array();
|
|
|
|
if (isset($old_options['ldap_suffix'][0])) {
|
|
|
|
$selectedSuffix[] = $old_options['ldap_suffix'][0];
|
|
|
|
}
|
|
|
|
$suffixSelect = new htmlTableExtendedSelect('ldap_suffix', $suffixes, $selectedSuffix, _("LDAP suffix"), '361');
|
|
|
|
$suffixSelect->setHasDescriptiveElements(true);
|
|
|
|
$suffixSelect->setSortElements(false);
|
|
|
|
$suffixSelect->setRightToLeftTextDirection(true);
|
|
|
|
$dnContent->addElement($suffixSelect, true);
|
|
|
|
// RDNs
|
2016-12-25 17:46:41 +00:00
|
|
|
$rdns = getRDNAttributes($type->getId());
|
2010-12-19 13:51:39 +00:00
|
|
|
$selectedRDN = array();
|
|
|
|
if (isset($old_options['ldap_rdn'][0])) {
|
|
|
|
$selectedRDN[] = $old_options['ldap_rdn'][0];
|
|
|
|
}
|
|
|
|
$dnContent->addElement(new htmlTableExtendedSelect('ldap_rdn', $rdns, $selectedRDN, _("RDN identifier"), '301'), true);
|
2005-05-21 14:35:14 +00:00
|
|
|
|
2010-12-19 13:51:39 +00:00
|
|
|
$container->addElement(new htmlFieldset($dnContent, _("General settings"), '../../graphics/logo32.png'), true);
|
|
|
|
$container->addElement(new htmlSpacer(null, '15px'), true);
|
|
|
|
|
2016-12-25 17:46:41 +00:00
|
|
|
$_SESSION['profile_types'] = parseHtml(null, $container, $old_options, false, $tabindex, $type->getScope());
|
2004-06-27 18:07:43 +00:00
|
|
|
|
2004-03-09 14:29:47 +00:00
|
|
|
// display module options
|
|
|
|
$modules = array_keys($options);
|
|
|
|
for ($m = 0; $m < sizeof($modules); $m++) {
|
|
|
|
// ignore modules without options
|
|
|
|
if (sizeof($options[$modules[$m]]) < 1) continue;
|
2016-12-25 17:46:41 +00:00
|
|
|
$module = new $modules[$m]($type->getId());
|
2010-12-19 13:51:39 +00:00
|
|
|
$icon = $module->getIcon();
|
2013-09-29 08:08:56 +00:00
|
|
|
if (($icon != null) && !(strpos($icon, 'http') === 0) && !(strpos($icon, '/') === 0)) {
|
2010-12-19 13:51:39 +00:00
|
|
|
$icon = '../../graphics/' . $icon;
|
2007-11-19 18:52:50 +00:00
|
|
|
}
|
2010-12-19 13:51:39 +00:00
|
|
|
$container = new htmlTable();
|
2016-12-25 17:46:41 +00:00
|
|
|
$container->addElement(new htmlFieldset($options[$modules[$m]], getModuleAlias($modules[$m], $type->getScope()), $icon), true);
|
2010-12-19 13:51:39 +00:00
|
|
|
$container->addElement(new htmlSpacer(null, '15px'), true);
|
2016-12-25 17:46:41 +00:00
|
|
|
$_SESSION['profile_types'] = array_merge($_SESSION['profile_types'], parseHtml($modules[$m], $container, $old_options, false, $tabindex, $type->getScope()));
|
2004-03-09 14:29:47 +00:00
|
|
|
}
|
|
|
|
|
2010-12-19 13:51:39 +00:00
|
|
|
// profile name and submit/abort buttons
|
|
|
|
$buttonTable = new htmlTable();
|
|
|
|
$saveButton = new htmlButton('save', _('Save'));
|
|
|
|
$saveButton->setIconClass('saveButton');
|
|
|
|
$buttonTable->addElement($saveButton);
|
|
|
|
$cancelButton = new htmlButton('abort', _('Cancel'));
|
|
|
|
$cancelButton->setIconClass('cancelButton');
|
|
|
|
$buttonTable->addElement($cancelButton);
|
2016-12-25 17:46:41 +00:00
|
|
|
$buttonTable->addElement(new htmlHiddenInput('accounttype', $type->getId()));
|
2010-12-19 13:51:39 +00:00
|
|
|
|
2016-12-25 17:46:41 +00:00
|
|
|
$_SESSION['profile_types'] = array_merge($_SESSION['profile_types'], parseHtml(null, $buttonTable, $old_options, false, $tabindex, $type->getScope()));
|
2010-12-19 13:51:39 +00:00
|
|
|
|
|
|
|
?>
|
|
|
|
<script type="text/javascript">
|
|
|
|
jQuery(document).ready(function() {
|
|
|
|
var maxWidth = 0;
|
|
|
|
jQuery('fieldset').each(function() {
|
|
|
|
if (jQuery(this).width() > maxWidth) {
|
|
|
|
maxWidth = jQuery(this).width();
|
|
|
|
};
|
|
|
|
});
|
|
|
|
jQuery('fieldset').each(function() {
|
|
|
|
jQuery(this).css({'width': maxWidth});
|
|
|
|
});
|
|
|
|
});
|
|
|
|
</script>
|
|
|
|
<?php
|
2010-08-21 09:43:52 +00:00
|
|
|
echo ("</form>\n");
|
|
|
|
include '../main_footer.php';
|
2004-03-09 14:29:47 +00:00
|
|
|
|
|
|
|
?>
|