2003-02-17 18:21:44 +00:00
< ? php
2003-02-21 22:01:01 +00:00
/*
$Id $
2009-10-27 18:47:12 +00:00
This code is part of LDAP Account Manager ( http :// www . ldap - account - manager . org / )
2014-01-12 19:58:15 +00:00
Copyright ( C ) 2003 - 2014 Roland Gruber
2003-02-21 22:01:01 +00:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation ; either version 2 of the License , or
( at your option ) any later version .
2003-03-30 19:51:47 +00:00
2003-02-21 22:01:01 +00:00
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
2003-05-14 13:45:52 +00:00
2003-02-21 22:01:01 +00:00
You should have received a copy of the GNU General Public License
along with this program ; if not , write to the Free Software
Foundation , Inc . , 59 Temple Place , Suite 330 , Boston , MA 02111 - 1307 USA
2003-05-14 13:45:52 +00:00
2004-05-31 14:04:00 +00:00
*/
2003-03-15 11:42:08 +00:00
2004-05-31 14:04:00 +00:00
/**
* This file includes functions to manage the configuration files .
*
* @ package configuration
* @ author Roland Gruber
2007-02-22 17:16:14 +00:00
* @ author Thomas Manninger
2003-02-21 22:01:01 +00:00
*/
2004-05-31 14:04:00 +00:00
/** Used to print messages. */
2003-05-14 13:45:52 +00:00
include_once ( " status.inc " );
2004-05-31 14:04:00 +00:00
/** Used to get module information. */
2004-02-01 12:33:21 +00:00
include_once ( " modules.inc " );
2006-01-01 16:30:05 +00:00
/** Used to get type information. */
include_once ( " types.inc " );
2003-05-14 13:45:52 +00:00
2013-08-10 12:43:01 +00:00
/**
* Sets the environment variables for custom SSL CA certificates .
*/
function setSSLCaCert () {
// set SSL certificate if set
if ( isset ( $_SESSION [ 'cfgMain' ])) {
$sslCaPath = $_SESSION [ 'cfgMain' ] -> getSSLCaCertPath ();
if ( $sslCaPath != null ) {
putenv ( 'LDAPTLS_CACERT=' . $sslCaPath );
putenv ( 'TLS_CACERT=' . $sslCaPath );
}
}
}
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Sets language settings for automatic translation
2004-05-30 12:16:01 +00:00
*/
2003-05-06 15:17:09 +00:00
function setlanguage () {
2014-02-02 12:36:12 +00:00
$code = 'en_GB.utf8' ;
$encoding = 'UTF-8' ;
2004-10-07 09:48:31 +00:00
if ( ! isset ( $_SESSION [ 'language' ])) {
2014-02-02 12:36:12 +00:00
$_SESSION [ 'language' ] = " en_GB.utf8 " ;
2003-05-06 15:17:09 +00:00
}
2014-02-02 12:36:12 +00:00
$possibleLanguages = getLanguages ();
foreach ( $possibleLanguages as $lang ) {
if ( $lang -> code == $_SESSION [ 'language' ]) {
$code = $lang -> code ;
$encoding = $lang -> encoding ;
break ;
}
}
putenv ( " LANG= " . $code ); // e.g. LANG=de_DE
setlocale ( LC_ALL , $code ); // set LC_ALL
2013-11-29 19:47:29 +00:00
// workaround for buggy PHP with Turkish
2014-02-02 12:36:12 +00:00
if (( $code == 'tr_TR.utf8' ) && ( version_compare ( phpversion (), '5.5' ) < 0 )) {
2013-11-29 19:47:29 +00:00
setlocale ( LC_CTYPE , 'en_GB' );
}
2004-10-07 09:48:31 +00:00
$locdir = substr ( __FILE__ , 0 , strlen ( __FILE__ ) - 15 ) . " /locale " ; // set path to translations
bindtextdomain ( " messages " , $locdir );
2014-02-02 12:36:12 +00:00
bind_textdomain_codeset ( " messages " , $encoding );
2004-10-07 09:48:31 +00:00
textdomain ( " messages " );
2014-02-02 12:36:12 +00:00
header ( " Content-type: text/html; charset= " . $encoding , true );
2003-05-06 15:17:09 +00:00
}
2003-02-21 22:01:01 +00:00
2007-02-22 17:16:14 +00:00
/**
2007-11-03 13:22:12 +00:00
* Checks whether a specific flag in the rights string is set .
2007-02-22 17:16:14 +00:00
*
2007-11-03 13:17:39 +00:00
* @ param $right read , write or execute
* @ param $target owner , group or other
* @ param $chmod the chmod rights
2007-02-22 17:16:14 +00:00
*
* @ return true , if the chmod $right for $target were set
*/
function checkChmod ( $right , $target , $chmod ) {
$right_arr = array ( " read " , " write " , " execute " );
$target_arr = array ( " owner " , " group " , " other " );
// Check, if $right and $target has right parameters
if ( ! in_array ( $right , $right_arr ) ||! in_array ( $target , $target_arr )) {
return false ;
}
$chmod_num = - 1 ;
// owner:
if ( $target == " owner " ) $chmod_num = 0 ;
if ( $target == " group " ) $chmod_num = 1 ;
if ( $target == " other " ) $chmod_num = 2 ;
// Cut the number from the chmod:
$chmod_num = $chmod { $chmod_num };
// Now check, if the chmod_num can be right with the $right
// What numbers allow "read"
$read = array ( 4 , 5 , 6 , 7 );
// What numbers allow "write"
$write = array ( 2 , 3 , 6 , 7 );
// What numbers allow "execute"
$execute = array ( 1 , 3 , 5 , 7 );
if (( $right == " read " ) && in_array ( $chmod_num , $read )) return true ;
elseif (( $right == " write " ) && in_array ( $chmod_num , $write )) return true ;
elseif (( $right == " execute " ) && in_array ( $chmod_num , $execute )) return true ;
else return false ;
}
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Returns an array of string with all available configuration profiles ( without . conf )
*
* @ return array profile names
2004-05-30 12:16:01 +00:00
*/
2003-07-06 10:24:41 +00:00
function getConfigProfiles () {
$dir = dir ( substr ( __FILE__ , 0 , strlen ( __FILE__ ) - 15 ) . " /config " );
$ret = array ();
$pos = 0 ;
while ( $entry = $dir -> read ()){
$ext = substr ( $entry , strlen ( $entry ) - 5 , 5 );
$name = substr ( $entry , 0 , strlen ( $entry ) - 5 );
2003-10-11 12:17:28 +00:00
// check if extension is right, add to profile list
2003-07-06 10:24:41 +00:00
if ( $ext == " .conf " ) {
$ret [ $pos ] = $name ;
$pos ++ ;
}
}
sort ( $ret );
return $ret ;
}
2003-02-17 18:21:44 +00:00
2012-10-28 14:37:54 +00:00
/**
* Deletes the given server profile .
*
* @ param String $name profile name
* @ return String null if success or error message if failed
*/
function deleteConfigProfile ( $name ) {
if ( ! preg_match ( " /^[a-z0-9_-]+ $ /i " , $name )) {
return _ ( " Unable to delete profile! " );
}
$dir = substr ( __FILE__ , 0 , strlen ( __FILE__ ) - 15 ) . " /config/ " ;
// delete account profiles and PDF structures
$subDirs = array ( $dir . 'pdf/' . $name . '/logos' , $dir . 'pdf/' . $name , $dir . 'profiles/' . $name );
for ( $i = 0 ; $i < sizeof ( $subDirs ); $i ++ ) {
if ( is_dir ( $subDirs [ $i ])) {
$dirHandle = @ opendir ( $subDirs [ $i ]);
while ( false !== ( $path = readdir ( $dirHandle ))) {
if ( $path != '.' && $path != '..' ) {
if ( !@ unlink ( $subDirs [ $i ] . '/' . $path )) {
logNewMessage ( LOG_ERR , 'Unable to delete ' . $subDirs [ $i ] . '/' . $path );
return _ ( " Unable to delete profile! " );
}
}
}
@ closedir ( $dirHandle );
if ( !@ rmdir ( $subDirs [ $i ])) {
logNewMessage ( LOG_ERR , 'Unable to delete ' . $subDirs [ $i ]);
return _ ( " Unable to delete profile! " );
}
}
}
// delete config file
$confFile = $dir . $_POST [ 'delfilename' ] . " .conf " ;
if ( !@ unlink ( $confFile )) {
logNewMessage ( LOG_ERR , 'Unable to delete ' . $confFile );
return _ ( " Unable to delete profile! " );
}
}
2005-04-07 13:12:38 +00:00
/**
* Returns the version number of this LAM installation .
* Format : < major version >.< minor version >.< patch level >
* < br > Major / minor version are always numbers , patch level may contain letters for inofficial releases only ( e . g . 0.5 . alpha1 ) .
*
* @ return string version number
*/
function LAMVersion () {
$file = substr ( __FILE__ , 0 , strlen ( __FILE__ ) - 15 ) . " /VERSION " ;
if ( is_readable ( $file )) {
$handle = fopen ( $file , " r " );
if ( ! feof ( $handle )) {
return trim ( fgets ( $handle , 20 ));
}
}
// file was not readable
return '0.0.unknown' ;
}
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Prints a meta refresh page
2004-05-30 12:16:01 +00:00
*
2004-05-31 14:04:00 +00:00
* @ param string $page the URL of the target page
2004-05-30 12:16:01 +00:00
*/
2003-08-28 12:41:47 +00:00
function metaRefresh ( $page ) {
2010-09-13 20:05:58 +00:00
if ( isset ( $_SESSION [ 'header' ])) {
echo $_SESSION [ 'header' ];
}
else {
echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">' ;
echo " <html><head> \n " ;
}
2003-08-28 12:41:47 +00:00
echo " <meta http-equiv= \" refresh \" content= \" 0; URL= " . $page . " \" > \n " ;
2003-11-29 12:54:00 +00:00
echo " <title></title> \n " ;
2003-08-28 12:41:47 +00:00
echo " </head> \n " ;
echo " <body> \n " ;
// print link if refresh does not work
echo " <p> \n " ;
echo " <a href= \" " . $page . " \" > " . _ ( " Click here if you are not directed to the next page. " ) . " </a> \n " ;
echo " </p> \n " ;
echo " </body> \n " ;
echo " </html> \n " ;
}
2013-01-01 20:46:28 +00:00
/**
* Checks if the given account type is hidden .
*
* @ param String $type account type ( e . g . user )
* @ return boolean is hidden
*/
function isAccountTypeHidden ( $type ) {
$typeSettings = $_SESSION [ 'config' ] -> get_typeSettings ();
return isset ( $typeSettings [ 'hidden_' . $type ]) && ( $typeSettings [ 'hidden_' . $type ] == true );
}
2003-07-06 10:24:41 +00:00
2014-02-02 12:36:12 +00:00
/**
* Returns a list of all supported languages .
*
* @ return array languages
*/
function getLanguages () {
$languages = array ();
// loading available languages from language.conf file
$languagefile = dirname ( __FILE__ ) . " /../config/language " ;
if ( is_file ( $languagefile ) == true ) {
$file = fopen ( $languagefile , " r " );
while ( ! feof ( $file )) {
$line = fgets ( $file , 1024 );
if ( $line == " " || $line == " \n " || $line [ 0 ] == " # " ) continue ; // ignore comment and empty lines
$value = explode ( " : " , $line );
$languages [] = new LAMLanguage ( $value [ 0 ], $value [ 1 ], $value [ 2 ]);
}
fclose ( $file );
}
return $languages ;
}
/**
* Represents a supported language .
*
* @ package configuration
*/
class LAMLanguage {
/** language code (e.g. en_GB.utf8) */
public $code ;
/** character encoding (e.g. UTF-8) */
public $encoding ;
/** description for GUI */
public $description ;
/**
* Constructor
*
* @ param String $code language code ( e . g . en_GB . utf8 )
* @ param String $encoding character encoding ( e . g . UTF - 8 )
* @ param String $description description for GUI
*/
public function __construct ( $code , $encoding , $description ) {
$this -> code = $code ;
$this -> encoding = $encoding ;
$this -> description = $description ;
}
}
2004-05-30 12:16:01 +00:00
/**
* This class manages . conf files .
2004-05-31 14:04:00 +00:00
*
* @ package configuration
2003-07-06 10:24:41 +00:00
*/
2006-09-24 14:19:50 +00:00
class LAMConfig {
2007-12-30 12:32:48 +00:00
2009-03-07 16:22:30 +00:00
/* access levels */
2007-12-30 12:32:48 +00:00
const ACCESS_ALL = 100 ;
const ACCESS_PASSWORD_CHANGE = 20 ;
const ACCESS_READ_ONLY = 0 ;
2009-03-07 16:22:30 +00:00
2010-05-28 13:45:34 +00:00
/* return codes for saving configuration file */
const SAVE_OK = 0 ;
const SAVE_FAIL = 1 ;
2009-03-07 16:22:30 +00:00
/* login method: predefined list or LDAP search */
const LOGIN_LIST = 'list' ;
const LOGIN_SEARCH = 'search' ;
2010-08-29 16:02:51 +00:00
/** line separator */
const LINE_SEPARATOR = '+::+' ;
2013-08-10 12:43:01 +00:00
2004-05-31 14:04:00 +00:00
/** Server address (e.g. ldap://127.0.0.1:389) */
2007-12-29 18:59:09 +00:00
private $ServerURL ;
2009-05-03 17:31:39 +00:00
/** enables/disables TLS encryption */
private $useTLS ;
2013-08-10 12:43:01 +00:00
2014-01-12 10:18:35 +00:00
/** automatically follow referrals */
private $followReferrals = 'false' ;
2004-05-31 14:04:00 +00:00
/** Array of string: users with admin rights */
2007-12-29 18:59:09 +00:00
private $Admins ;
2003-05-14 13:45:52 +00:00
2004-05-31 14:04:00 +00:00
/** Password to edit preferences */
2007-11-07 21:02:13 +00:00
private $Passwd ;
2003-02-17 18:21:44 +00:00
2005-02-27 12:40:06 +00:00
/** LDAP suffix for tree view */
2007-12-29 18:59:09 +00:00
private $treesuffix ;
2005-02-27 12:40:06 +00:00
2004-05-31 14:04:00 +00:00
/** Default language */
2007-12-29 18:59:09 +00:00
private $defaultLanguage ;
2003-05-09 16:22:46 +00:00
2004-07-18 10:18:25 +00:00
/** module settings */
2007-12-29 18:59:09 +00:00
private $moduleSettings = array ();
2004-07-18 10:18:25 +00:00
2006-01-01 16:30:05 +00:00
/** type settings */
2007-12-29 18:59:09 +00:00
private $typeSettings = array ();
2012-05-26 20:05:56 +00:00
/** tool settings */
private $toolSettings = array ();
2006-01-01 16:30:05 +00:00
2004-05-30 12:16:01 +00:00
/**
* Path to external lamdaemon script on server where it is executed
2004-05-31 14:04:00 +00:00
*
* This is used for managing quota and home directories .
2004-05-30 12:16:01 +00:00
* optional setting , may not be defined
*/
2007-12-29 18:59:09 +00:00
private $scriptPath ;
2003-05-12 17:52:54 +00:00
2004-05-30 12:16:01 +00:00
/**
2007-02-22 17:16:14 +00:00
* The rights for the home directory
*/
2007-12-29 18:59:09 +00:00
private $scriptRights = '750' ;
2007-02-22 17:16:14 +00:00
/**
* Servers where lamdaemon script is executed
2004-05-31 14:04:00 +00:00
*
* This is used for managing quota and home directories .
2004-05-30 12:16:01 +00:00
* optional setting , may not be defined
*/
2007-12-29 18:59:09 +00:00
private $scriptServer ;
2003-05-28 15:37:48 +00:00
2004-05-30 12:16:01 +00:00
/** LDAP cache timeout */
2007-12-29 18:59:09 +00:00
private $cachetimeout ;
2010-02-06 18:30:21 +00:00
/** LDAP search limit */
private $searchLimit = 0 ;
2003-08-18 15:21:27 +00:00
2006-01-01 16:30:05 +00:00
/** Active account types */
2007-12-29 18:59:09 +00:00
private $activeTypes = " user,group,host,smbDomain " ;
2004-01-30 17:06:28 +00:00
2004-05-31 14:04:00 +00:00
/** Name of configuration file */
2007-12-29 18:59:09 +00:00
private $file ;
2007-12-30 12:32:48 +00:00
2009-03-07 16:22:30 +00:00
/** access level */
private $accessLevel = LAMconfig :: ACCESS_ALL ;
/** login method */
private $loginMethod = LAMconfig :: LOGIN_LIST ;
/** search suffix for login */
private $loginSearchSuffix = 'dc=yourdomain,dc=org' ;
/** search filter for login */
private $loginSearchFilter = 'uid=%USER%' ;
2010-08-29 16:02:51 +00:00
2011-12-03 19:02:28 +00:00
/** bind user for login search */
private $loginSearchDN = '' ;
/** bind password for login search */
private $loginSearchPassword = '' ;
2011-08-23 19:05:05 +00:00
/** specifies if HTTP authentication should be used */
private $httpAuthentication = 'false' ;
2010-08-29 16:02:51 +00:00
/** email address for sender of password reset mails */
private $lamProMailFrom = '' ;
2011-08-15 12:33:04 +00:00
/** reply-to email address for password reset mails */
private $lamProMailReplyTo = '' ;
2010-08-29 16:02:51 +00:00
/** subject for password reset mails */
private $lamProMailSubject = '' ;
2011-05-22 15:02:14 +00:00
/** treat password reset mail body as HTML */
private $lamProMailIsHTML = 'false' ;
2014-02-10 19:16:37 +00:00
/** allow sending mails to an alternative address */
private $lamProMailAllowAlternateAddress = 'true' ;
2010-08-29 16:02:51 +00:00
/** mail body for password reset mails */
private $lamProMailText = '' ;
2003-07-06 10:24:41 +00:00
2004-05-31 14:04:00 +00:00
/** List of all settings in config file */
2014-01-12 10:18:35 +00:00
private $settings = array ( " ServerURL " , " useTLS " , " followReferrals " , " Passwd " , " Admins " , " treesuffix " ,
2007-02-25 14:15:08 +00:00
" defaultLanguage " , " scriptPath " , " scriptServer " , " scriptRights " , " cachetimeout " ,
2012-05-26 20:05:56 +00:00
" modules " , " activeTypes " , " types " , " tools " , " accessLevel " , 'loginMethod' , 'loginSearchSuffix' ,
2011-08-15 12:33:04 +00:00
'loginSearchFilter' , 'searchLimit' , 'lamProMailFrom' , 'lamProMailReplyTo' , 'lamProMailSubject' ,
2014-02-10 19:16:37 +00:00
'lamProMailText' , 'lamProMailIsHTML' , 'lamProMailAllowAlternateAddress' , 'httpAuthentication' , 'loginSearchDN' ,
'loginSearchPassword' );
2003-09-21 20:10:52 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Loads preferences from config file
2004-05-30 12:16:01 +00:00
*
2012-03-13 21:02:37 +00:00
* @ param String $file file name without " .conf " ( e . g . lam )
2004-05-30 12:16:01 +00:00
*/
2012-03-13 21:02:37 +00:00
function __construct ( $file ) {
if ( empty ( $file ) || ! preg_match ( " /^[a-z0-9_-]+ $ /i " , $file )) {
2012-03-13 21:34:13 +00:00
logNewMessage ( LOG_ERR , 'Invalid config file name: ' . $file );
2012-03-13 21:02:37 +00:00
die ();
}
2003-10-11 12:17:28 +00:00
// load first profile if none is given
2003-09-21 20:10:52 +00:00
if ( ! is_string ( $file )) {
$profiles = getConfigProfiles ();
$file = $profiles [ 0 ];
}
$this -> file = $file ;
$this -> reload ();
2003-07-06 10:24:41 +00:00
}
2003-05-14 13:45:52 +00:00
2004-07-18 10:18:25 +00:00
/**
* Reloads preferences from config file
*
* @ return boolean true if file was readable
*/
2007-10-26 17:51:56 +00:00
private function reload () {
$conffile = $this -> getPath ();
2003-09-15 16:24:44 +00:00
if ( is_file ( $conffile ) == True ) {
2004-07-18 10:18:25 +00:00
$file = @ fopen ( $conffile , " r " );
if ( ! $file ) return false ; // abort if file is not readable
2003-09-15 16:24:44 +00:00
while ( ! feof ( $file )) {
2012-11-30 19:17:55 +00:00
$line = fgets ( $file , 100000 );
2003-10-11 12:17:28 +00:00
$line = trim ( $line ); // remove spaces at the beginning and end
if (( $line == " " ) || ( $line [ 0 ] == " # " )) continue ; // ignore comments and empty lines
2003-09-15 16:24:44 +00:00
// search keywords
2003-09-21 20:10:52 +00:00
for ( $i = 0 ; $i < sizeof ( $this -> settings ); $i ++ ) {
$keyword = $this -> settings [ $i ];
$keylen = strlen ( $keyword );
if ( strtolower ( substr ( $line , 0 , $keylen + 2 )) == strtolower ( $keyword . " : " )) {
2004-07-18 10:18:25 +00:00
// module settings
if ( strtolower ( substr ( $line , 0 , $keylen + 2 )) == " modules: " ) {
$option = substr ( $line , $keylen + 2 , strlen ( $line ) - $keylen - 2 );
$pos = strpos ( $option , " : " );
2010-08-29 16:02:51 +00:00
$this -> moduleSettings [ substr ( $option , 0 , $pos )] = explode ( LAMConfig :: LINE_SEPARATOR , substr ( $option , $pos + 2 ));
2006-01-01 16:30:05 +00:00
}
// type settings
elseif ( strtolower ( substr ( $line , 0 , $keylen + 2 )) == " types: " ) {
$option = substr ( $line , $keylen + 2 , strlen ( $line ) - $keylen - 2 );
$pos = strpos ( $option , " : " );
$this -> typeSettings [ substr ( $option , 0 , $pos )] = substr ( $option , $pos + 2 );
2004-07-18 10:18:25 +00:00
}
2012-05-26 20:05:56 +00:00
// tool settings
elseif ( strtolower ( substr ( $line , 0 , $keylen + 2 )) == " tools: " ) {
$option = substr ( $line , $keylen + 2 , strlen ( $line ) - $keylen - 2 );
$pos = strpos ( $option , " : " );
$this -> toolSettings [ substr ( $option , 0 , $pos )] = substr ( $option , $pos + 2 );
}
2004-07-18 10:18:25 +00:00
// general settings
else {
$this -> $keyword = substr ( $line , $keylen + 2 , strlen ( $line ) - $keylen - 2 );
}
2003-09-21 20:10:52 +00:00
break ;
}
2006-02-03 15:36:39 +00:00
elseif ( strtolower ( $line ) == strtolower ( $keyword . " : " )) {
// set empty options
$this -> $keyword = '' ;
}
2003-09-15 16:24:44 +00:00
}
}
fclose ( $file );
}
2012-03-11 19:29:06 +00:00
// check types
$allTypes = getTypes ();
$activeTypes = $this -> get_ActiveTypes ();
for ( $i = 0 ; $i < sizeof ( $activeTypes ); $i ++ ) {
if ( ! in_array ( $activeTypes [ $i ], $allTypes )) {
unset ( $activeTypes [ $i ]);
}
}
$activeTypes = array_values ( $activeTypes );
$this -> set_ActiveTypes ( $activeTypes );
2004-10-14 18:59:26 +00:00
// check modules
2006-01-01 16:30:05 +00:00
$scopes = $this -> get_ActiveTypes ();
2004-10-14 18:59:26 +00:00
for ( $s = 0 ; $s < sizeof ( $scopes ); $s ++ ) {
$scope = $scopes [ $s ];
2006-01-24 14:23:42 +00:00
$moduleVar = " modules_ " . $scope ;
2011-03-22 17:40:40 +00:00
if ( isset ( $this -> typeSettings [ $moduleVar ])){
$modules = explode ( " , " , $this -> typeSettings [ $moduleVar ]);
$available = getAvailableModules ( $scope );
// only return available modules
$ret = array ();
for ( $i = 0 ; $i < sizeof ( $modules ); $i ++ ) {
if ( in_array ( $modules [ $i ], $available )) $ret [] = $modules [ $i ];
}
2012-04-06 08:39:24 +00:00
$this -> typeSettings [ $moduleVar ] = implode ( " , " , $ret );
2004-10-14 18:59:26 +00:00
}
}
2004-07-18 10:18:25 +00:00
return true ;
2003-09-15 16:24:44 +00:00
}
2003-05-14 13:45:52 +00:00
2004-05-31 14:04:00 +00:00
/** Saves preferences to config file */
2007-10-26 17:51:56 +00:00
public function save () {
$conffile = $this -> getPath ();
2003-08-18 15:21:27 +00:00
if ( is_file ( $conffile ) == True ) {
$file = fopen ( $conffile , " r " );
$file_array = array ();
// read config file
while ( ! feof ( $file )) {
array_push ( $file_array , fgets ( $file , 1024 ));
}
fclose ( $file );
// generate new configuration file
2003-09-21 20:10:52 +00:00
$saved = array (); // includes all settings which have been saved
2004-07-18 10:18:25 +00:00
$mod_saved = array (); // includes all module settings which have been saved
2003-08-18 15:21:27 +00:00
for ( $i = 0 ; $i < sizeof ( $file_array ); $i ++ ) {
2003-09-21 20:10:52 +00:00
$line = trim ( $file_array [ $i ]);
2003-10-11 12:17:28 +00:00
if (( $line == " " ) || ( $line [ 0 ] == " # " )) continue ; // ignore comments and empty lines
2003-08-18 15:21:27 +00:00
// search for keywords
2003-09-21 20:10:52 +00:00
for ( $k = 0 ; $k < sizeof ( $this -> settings ); $k ++ ) {
$keyword = $this -> settings [ $k ];
$keylen = strlen ( $keyword );
2003-09-30 18:42:14 +00:00
if ( strtolower ( substr ( $line , 0 , $keylen + 1 )) == strtolower ( $keyword . " : " )) {
2004-07-18 10:18:25 +00:00
// module settings
if ( strtolower ( substr ( $line , 0 , $keylen + 2 )) == " modules: " ) {
$option = substr ( $line , $keylen + 2 , strlen ( $line ) - $keylen - 2 );
$pos = strpos ( $option , " : " );
$name = substr ( $option , 0 , $pos );
2004-07-26 15:15:30 +00:00
if ( ! isset ( $this -> moduleSettings [ $name ])) continue ;
2010-08-29 16:02:51 +00:00
$file_array [ $i ] = " modules: " . $name . " : " . implode ( LAMConfig :: LINE_SEPARATOR , $this -> moduleSettings [ $name ]) . " \n " ;
2004-07-18 10:18:25 +00:00
$mod_saved [] = $name ; // mark keyword as saved
}
2006-01-01 16:30:05 +00:00
// type settings
elseif ( strtolower ( substr ( $line , 0 , $keylen + 2 )) == " types: " ) {
$option = substr ( $line , $keylen + 2 , strlen ( $line ) - $keylen - 2 );
$pos = strpos ( $option , " : " );
$name = substr ( $option , 0 , $pos );
if ( ! isset ( $this -> typeSettings [ $name ])) continue ;
$file_array [ $i ] = " types: " . $name . " : " . $this -> typeSettings [ $name ] . " \n " ;
$mod_saved [] = $name ; // mark keyword as saved
}
2012-05-26 20:05:56 +00:00
// tool settings
elseif ( strtolower ( substr ( $line , 0 , $keylen + 2 )) == " tools: " ) {
$option = substr ( $line , $keylen + 2 , strlen ( $line ) - $keylen - 2 );
$pos = strpos ( $option , " : " );
$name = substr ( $option , 0 , $pos );
if ( ! isset ( $this -> toolSettings [ $name ])) continue ;
$file_array [ $i ] = " tools: " . $name . " : " . $this -> toolSettings [ $name ] . " \n " ;
$mod_saved [] = $name ; // mark keyword as saved
}
2004-07-18 10:18:25 +00:00
// general settings
else {
$file_array [ $i ] = $keyword . " : " . $this -> $keyword . " \n " ;
$saved [] = $keyword ; // mark keyword as saved
}
2003-09-21 20:10:52 +00:00
break ;
}
2003-08-18 15:21:27 +00:00
}
}
// check if we have to add new entries (e.g. if user upgraded LAM and has an old config file)
2003-09-21 20:10:52 +00:00
if ( ! in_array ( " ServerURL " , $saved )) array_push ( $file_array , " \n \n # server address (e.g. ldap://localhost:389 or ldaps://localhost:636) \n " . " serverURL: " . $this -> ServerURL . " \n " );
2009-05-03 17:31:39 +00:00
if ( ! in_array ( " useTLS " , $saved )) array_push ( $file_array , " \n \n # enable TLS encryption \n " . " useTLS: " . $this -> useTLS . " \n " );
2014-01-12 10:18:35 +00:00
if ( ! in_array ( " followReferrals " , $saved )) array_push ( $file_array , " \n \n # follow referrals \n " . " followReferrals: " . $this -> followReferrals . " \n " );
2003-09-21 20:10:52 +00:00
if ( ! in_array ( " Passwd " , $saved )) array_push ( $file_array , " \n \n # password to change these preferences via webfrontend \n " . " passwd: " . $this -> Passwd . " \n " );
if ( ! in_array ( " Admins " , $saved )) array_push ( $file_array , " \n \n # list of users who are allowed to use LDAP Account Manager \n " .
2003-08-18 15:21:27 +00:00
" # names have to be seperated by semicolons \n " .
2003-09-21 20:10:52 +00:00
" # e.g. admins: cn=admin,dc=yourdomain,dc=org;cn=root,dc=yourdomain,dc=org \n " . " admins: " . $this -> Admins . " \n " );
2005-02-27 12:40:06 +00:00
if ( ! in_array ( " treesuffix " , $saved )) array_push ( $file_array , " \n \n # suffix of tree view \n " .
" # e.g. dc=yourdomain,dc=org \n " . " treesuffix: " . $this -> treesuffix . " \n " );
2003-09-30 18:42:14 +00:00
if ( ! in_array ( " defaultLanguage " , $saved )) array_push ( $file_array , " \n \n # default language (a line from config/language) \n " . " defaultLanguage: " . $this -> defaultLanguage . " \n " );
if ( ! in_array ( " scriptPath " , $saved )) array_push ( $file_array , " \n \n # Path to external Script \n " . " scriptPath: " . $this -> scriptPath . " \n " );
2007-02-25 14:15:08 +00:00
if ( ! in_array ( " scriptServer " , $saved )) array_push ( $file_array , " \n \n # Servers of external script \n " . " scriptServer: " . $this -> scriptServer . " \n " );
2007-02-22 17:16:14 +00:00
if ( ! in_array ( " scriptRights " , $saved )) array_push ( $file_array , " \n \n # Access rights for home directories \n " . " scriptRights: " . $this -> scriptRights . " \n " );
2003-09-30 18:42:14 +00:00
if ( ! in_array ( " cachetimeout " , $saved )) array_push ( $file_array , " \n \n # Number of minutes LAM caches LDAP searches. \n " . " cacheTimeout: " . $this -> cachetimeout . " \n " );
2010-02-06 18:30:21 +00:00
if ( ! in_array ( " searchLimit " , $saved )) array_push ( $file_array , " \n \n # LDAP search limit. \n " . " searchLimit: " . $this -> searchLimit . " \n " );
2006-01-01 16:30:05 +00:00
if ( ! in_array ( " activeTypes " , $saved )) array_push ( $file_array , " \n \n # List of active account types. \n " . " activeTypes: " . $this -> activeTypes . " \n " );
2007-12-30 12:32:48 +00:00
if ( ! in_array ( " accessLevel " , $saved )) array_push ( $file_array , " \n \n # Access level for this profile. \n " . " accessLevel: " . $this -> accessLevel . " \n " );
2009-03-07 16:22:30 +00:00
if ( ! in_array ( " loginMethod " , $saved )) array_push ( $file_array , " \n \n # Login method. \n " . " loginMethod: " . $this -> loginMethod . " \n " );
if ( ! in_array ( " loginSearchSuffix " , $saved )) array_push ( $file_array , " \n \n # Search suffix for LAM login. \n " . " loginSearchSuffix: " . $this -> loginSearchSuffix . " \n " );
if ( ! in_array ( " loginSearchFilter " , $saved )) array_push ( $file_array , " \n \n # Search filter for LAM login. \n " . " loginSearchFilter: " . $this -> loginSearchFilter . " \n " );
2011-12-03 19:02:28 +00:00
if ( ! in_array ( " loginSearchDN " , $saved )) array_push ( $file_array , " \n \n # Bind DN for login search. \n " . " loginSearchDN: " . $this -> loginSearchDN . " \n " );
if ( ! in_array ( " loginSearchPassword " , $saved )) array_push ( $file_array , " \n \n # Bind password for login search. \n " . " loginSearchPassword: " . $this -> loginSearchPassword . " \n " );
2011-08-23 19:05:05 +00:00
if ( ! in_array ( " httpAuthentication " , $saved )) array_push ( $file_array , " \n \n # HTTP authentication for LAM login. \n " . " httpAuthentication: " . $this -> httpAuthentication . " \n " );
2010-08-29 16:02:51 +00:00
if ( ! in_array ( " lamProMailFrom " , $saved )) array_push ( $file_array , " \n \n # Password mail from \n " . " lamProMailFrom: " . $this -> lamProMailFrom . " \n " );
2011-08-15 12:33:04 +00:00
if ( ! in_array ( " lamProMailReplyTo " , $saved )) array_push ( $file_array , " \n \n # Password mail reply-to \n " . " lamProMailReplyTo: " . $this -> lamProMailReplyTo . " \n " );
2010-08-29 16:02:51 +00:00
if ( ! in_array ( " lamProMailSubject " , $saved )) array_push ( $file_array , " \n \n # Password mail subject \n " . " lamProMailSubject: " . $this -> lamProMailSubject . " \n " );
2011-05-22 15:02:14 +00:00
if ( ! in_array ( " lamProMailIsHTML " , $saved )) array_push ( $file_array , " \n \n # Password mail is HTML \n " . " lamProMailIsHTML: " . $this -> lamProMailIsHTML . " \n " );
2014-02-10 19:16:37 +00:00
if ( ! in_array ( " lamProMailAllowAlternateAddress " , $saved )) array_push ( $file_array , " \n \n # Allow alternate address \n " . " lamProMailAllowAlternateAddress: " . $this -> lamProMailAllowAlternateAddress . " \n " );
2010-08-29 16:02:51 +00:00
if ( ! in_array ( " lamProMailText " , $saved )) array_push ( $file_array , " \n \n # Password mail text \n " . " lamProMailText: " . $this -> lamProMailText . " \n " );
2004-07-18 10:18:25 +00:00
// check if all module settings were added
$m_settings = array_keys ( $this -> moduleSettings );
for ( $i = 0 ; $i < sizeof ( $m_settings ); $i ++ ) {
if ( ! in_array ( $m_settings [ $i ], $mod_saved )) {
2010-08-29 16:02:51 +00:00
array_push ( $file_array , " modules: " . $m_settings [ $i ] . " : " . implode ( LAMConfig :: LINE_SEPARATOR , $this -> moduleSettings [ $m_settings [ $i ]]) . " \n " );
2004-07-18 10:18:25 +00:00
}
}
2006-01-01 16:30:05 +00:00
// check if all type settings were added
$t_settings = array_keys ( $this -> typeSettings );
for ( $i = 0 ; $i < sizeof ( $t_settings ); $i ++ ) {
if ( ! in_array ( $t_settings [ $i ], $mod_saved )) {
array_push ( $file_array , " types: " . $t_settings [ $i ] . " : " . $this -> typeSettings [ $t_settings [ $i ]] . " \n " );
}
}
2012-05-26 20:05:56 +00:00
// check if all tool settings were added
$tool_settings = array_keys ( $this -> toolSettings );
for ( $i = 0 ; $i < sizeof ( $tool_settings ); $i ++ ) {
if ( ! in_array ( $tool_settings [ $i ], $mod_saved )) {
array_push ( $file_array , " tools: " . $tool_settings [ $i ] . " : " . $this -> toolSettings [ $tool_settings [ $i ]] . " \n " );
}
}
2009-11-06 19:15:56 +00:00
$file = @ fopen ( $conffile , " w " );
2013-08-10 12:43:01 +00:00
$saveResult = LAMConfig :: SAVE_OK ;
2003-08-18 15:21:27 +00:00
if ( $file ) {
for ( $i = 0 ; $i < sizeof ( $file_array ); $i ++ ) fputs ( $file , $file_array [ $i ]);
fclose ( $file );
2013-08-10 12:43:01 +00:00
@ chmod ( $conffile , 0600 );
2003-08-18 15:21:27 +00:00
}
else {
2013-08-10 12:43:01 +00:00
$saveResult = LAMConfig :: SAVE_FAIL ;
2003-08-18 15:21:27 +00:00
}
2013-08-10 12:43:01 +00:00
return $saveResult ;
2003-06-24 15:50:38 +00:00
}
}
2007-10-26 17:51:56 +00:00
2007-12-29 18:59:09 +00:00
/**
* Returns the name of the config file
*
* @ return String name
*/
public function getName () {
return $this -> file ;
}
2007-10-26 17:51:56 +00:00
/**
* Returns if the file can be written on the filesystem .
*
* @ return boolean true if file is writable
*/
public function isWritable () {
return is_writeable ( $this -> getPath ());
}
/**
* Returns the path to the config file .
*
* @ return string path on filesystem
*/
2010-05-28 13:45:34 +00:00
public function getPath () {
2007-10-26 17:51:56 +00:00
return substr ( __FILE__ , 0 , strlen ( __FILE__ ) - 15 ) . " /config/ " . $this -> file . " .conf " ;
}
2003-03-30 19:51:47 +00:00
2003-08-18 15:21:27 +00:00
// functions to read/write preferences
2003-05-09 16:22:46 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Returns the server address as string
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ return string server address
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function get_ServerURL () {
2003-08-18 15:21:27 +00:00
return $this -> ServerURL ;
}
2003-04-18 15:50:01 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Sets the server address
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ param string $value new server address
* @ return boolean true if $value has correct format
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function set_ServerURL ( $value ) {
2003-07-30 21:23:48 +00:00
if ( is_string ( $value )) $this -> ServerURL = $value ;
else return false ;
return true ;
}
2009-05-03 17:31:39 +00:00
/**
* Returns if TLS is activated .
*
* @ return String yes or no
*/
public function getUseTLS () {
return $this -> useTLS ;
}
/**
* Sets if TLS is activated .
*
2014-01-12 10:18:35 +00:00
* @ param String $useTLS yes or no
2009-05-03 17:31:39 +00:00
* @ return boolean true if $useTLS has correct format
*/
public function setUseTLS ( $useTLS ) {
if (( $useTLS == " yes " ) || ( $useTLS == " no " )) {
$this -> useTLS = $useTLS ;
return true ;
}
return false ;
}
2014-01-12 10:18:35 +00:00
/**
* Returns if referrals should be followed .
*
* @ return String true or false
*/
public function getFollowReferrals () {
return $this -> followReferrals ;
}
/**
* Sets if referrals should be followed .
*
* @ param String $followReferrals true or false
*/
public function setFollowReferrals ( $followReferrals ) {
$this -> followReferrals = $followReferrals ;
}
2003-05-09 16:22:46 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Returns an array of string with all admin names
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ return array the admin names
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function get_Admins () {
2003-09-21 20:10:52 +00:00
return explode ( " ; " , $this -> Admins );
2003-05-06 23:52:00 +00:00
}
2003-05-14 13:45:52 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Returns all admin users seperated by semicolons
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ return string the admin string
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function get_Adminstring () {
2003-09-21 20:10:52 +00:00
return $this -> Admins ;
2003-07-30 21:23:48 +00:00
}
2003-05-14 13:45:52 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Sets the admin string
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ param string $value new admin string that contains all admin users seperated by semicolons
* @ return boolean true if $value has correct format
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function set_Adminstring ( $value ) {
2003-07-30 21:23:48 +00:00
if ( is_string ( $value ) &&
2009-08-13 18:57:26 +00:00
preg_match ( " /^[^;]+(;[^;]+)* $ / " , $value )) {
2003-09-21 20:10:52 +00:00
$this -> Admins = $value ;
2003-07-30 21:23:48 +00:00
}
else return false ;
return true ;
}
2003-05-14 13:45:52 +00:00
2004-05-30 12:16:01 +00:00
/**
2007-11-08 19:19:50 +00:00
* Checks if the given password matches .
*
* @ param String $password
* @ return boolean true , if matches
*/
public function check_Passwd ( $password ) {
if ( substr ( $this -> Passwd , 0 , 6 ) == " { SSHA} " ) {
// check hashed password
$value = substr ( $this -> Passwd , 6 );
$parts = explode ( " " , $value );
$salt = base64_decode ( $parts [ 1 ]);
return ( $this -> hashPassword ( $password , $salt ) === $this -> Passwd );
}
else {
// old nonhashed password
return ( $password === $this -> Passwd );
}
2003-07-30 21:23:48 +00:00
}
2003-05-14 13:45:52 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Sets the preferences wizard password
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ param string $value new password
* @ return boolean true if $value has correct format
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function set_Passwd ( $value ) {
2007-11-08 19:19:50 +00:00
if ( is_string ( $value )) {
mt_srand (( microtime () * 1000000 ));
2013-07-21 11:34:31 +00:00
$rand = getRandomNumber ();
2007-11-08 19:19:50 +00:00
$salt0 = substr ( pack ( " h* " , md5 ( $rand )), 0 , 8 );
$salt = substr ( pack ( " H* " , sha1 ( $salt0 . $value )), 0 , 4 );
$this -> Passwd = $this -> hashPassword ( $value , $salt );
return true ;
}
else {
return false ;
}
}
/**
* Returns the hashed password .
*
* @ param String $password password
* @ param String $salt salt
* @ return String hash value
*/
private function hashPassword ( $password , $salt ) {
2012-01-11 18:54:35 +00:00
return " { SSHA} " . base64_encode ( convertHex2bin ( sha1 ( $password . $salt ))) . " " . base64_encode ( $salt );
2003-07-30 21:23:48 +00:00
}
2003-05-14 13:45:52 +00:00
2005-02-27 12:40:06 +00:00
/**
* Returns the LDAP suffix for the given account type
*
* @ param string $scope account type
* @ return string the LDAP suffix
*/
2007-10-26 17:51:56 +00:00
public function get_Suffix ( $scope ) {
2006-01-01 16:30:05 +00:00
if ( $scope == " tree " ) {
return $this -> treesuffix ;
}
else {
return $this -> typeSettings [ 'suffix_' . $scope ];
2005-02-27 12:40:06 +00:00
}
}
/**
* Sets the LDAP suffix where accounts are saved
*
* @ param string $scope account type
* @ param string $value new LDAP suffix
* @ return boolean true if $value has correct format
*/
2007-10-26 17:51:56 +00:00
public function set_Suffix ( $scope , $value ) {
2005-02-27 12:40:06 +00:00
if ( ! $value ) $value = " " ;
elseif ( ! is_string ( $value )) {
return false ;
}
2006-01-01 16:30:05 +00:00
if ( $scope == " tree " ) {
$this -> treesuffix = $value ;
}
else {
$this -> typeSettings [ 'suffix_' . $scope ] = $value ;
2005-02-27 12:40:06 +00:00
}
return true ;
}
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Returns the list of attributes to show in user list
2004-05-30 12:16:01 +00:00
*
2005-04-14 17:42:15 +00:00
* @ param string $scope account type
2004-09-26 08:46:56 +00:00
* @ return string the attribute list
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function get_listAttributes ( $scope ) {
2006-01-01 16:30:05 +00:00
return $this -> typeSettings [ 'attr_' . $scope ];
2003-05-14 13:45:52 +00:00
}
2003-03-30 19:51:47 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Sets the list of attributes to show in user list
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ param string $value new attribute string
2005-04-14 17:42:15 +00:00
* @ param string $scope account type
2004-09-26 08:46:56 +00:00
* @ return boolean true if $value has correct format
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function set_listAttributes ( $value , $scope ) {
2009-08-13 18:57:26 +00:00
if ( is_string ( $value ) && preg_match ( " /^((#[^:;]+)|([^:;]*:[^:;]+))(;((#[^:;]+)|([^:;]*:[^:;]+)))* $ / " , $value )) {
2006-01-01 16:30:05 +00:00
$this -> typeSettings [ 'attr_' . $scope ] = $value ;
2005-04-14 17:42:15 +00:00
return true ;
}
else {
return false ;
2003-07-30 21:23:48 +00:00
}
2003-05-14 13:45:52 +00:00
}
2003-03-30 19:51:47 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Returns the default language string
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ return string default language
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function get_defaultLanguage () {
2003-07-30 21:23:48 +00:00
return $this -> defaultLanguage ;
}
2003-05-12 17:52:54 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Sets the default language string
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ param string $value new default language
* @ return boolean true if $value has correct format
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function set_defaultLanguage ( $value ) {
2003-07-30 21:23:48 +00:00
if ( is_string ( $value )) $this -> defaultLanguage = $value ;
else return false ;
return true ;
}
2003-05-12 17:52:54 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Returns the path to the external script
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ return string script path
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function get_scriptPath () {
2003-07-30 21:23:48 +00:00
return $this -> scriptPath ;
}
2003-05-12 17:52:54 +00:00
2004-05-30 12:16:01 +00:00
/**
2004-05-31 14:04:00 +00:00
* Sets the path to the external script
2004-05-30 12:16:01 +00:00
*
2004-09-26 08:46:56 +00:00
* @ param string $value new script path
* @ return boolean true if $value has correct format
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function set_scriptPath ( $value ) {
2003-07-30 21:23:48 +00:00
if ( ! $value ) $this -> scriptPath = " " ; // optional parameter
2009-08-13 18:57:26 +00:00
elseif ( is_string ( $value ) && preg_match ( " /^ \\ /([a-z0-9_-])+( \\ /([a-z0-9_ \\ .-])+)+ $ /i " , $value )) $this -> scriptPath = $value ;
2003-07-30 21:23:48 +00:00
else return false ;
return true ;
}
2007-02-22 17:16:14 +00:00
2004-05-30 12:16:01 +00:00
/**
2007-02-22 17:16:14 +00:00
* Returns the servers of the external script as a Array
2004-05-30 12:16:01 +00:00
*
2007-02-22 17:16:14 +00:00
* @ return string script servers
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function get_scriptServers () {
2007-02-25 14:15:08 +00:00
return $this -> scriptServer ;
2003-05-14 13:45:52 +00:00
}
2007-02-22 17:16:14 +00:00
2004-05-30 12:16:01 +00:00
/**
2007-02-22 17:16:14 +00:00
* Sets the servers of the external script
2004-05-30 12:16:01 +00:00
*
2007-02-22 17:16:14 +00:00
* @ param string $value new script servers
2004-09-26 08:46:56 +00:00
* @ return boolean true if $value has correct format
2004-05-30 12:16:01 +00:00
*/
2007-10-26 17:51:56 +00:00
public function set_scriptServers ( $value ) {
2007-02-22 17:16:14 +00:00
if ( ! $value ) {
2007-02-25 14:15:08 +00:00
$this -> scriptServer = " " ; // optional parameter
2007-02-22 17:16:14 +00:00
return true ;
}
// Explode the value to an array
$array_string = explode ( " ; " , $value );
if ( count ( $array_string ) > 0 ) {
// Check all IPs in the exploded Array
$valid_ips = array ();
foreach ( $array_string as $arr_value ) {
// Explode name and IP, if a name exists
2009-08-13 18:57:26 +00:00
if ( preg_match ( " /:/ " , $arr_value )) {
2007-02-22 17:16:14 +00:00
$arr_value_explode = explode ( " : " , $arr_value );
$ip = $arr_value_explode [ 1 ];
$servername = $arr_value_explode [ 0 ];
}
else {
$ip = $arr_value ;
$servername = " " ;
}
2010-10-17 13:36:24 +00:00
if ( isset ( $ip ) && is_string ( $ip ) && preg_match ( " /^[a-z0-9-]+( \\ .[a-z0-9-]+)*(,[0-9]+)? $ /i " , $ip )) {
2007-02-22 17:16:14 +00:00
// Check if the IP has a server name
if ( ! empty ( $servername )) {
$valid_ips [] = $servername . " : " . $ip ;
}
else {
$valid_ips [] = $ip ;
}
}
2010-10-17 13:36:24 +00:00
else {
// wrong format
return false ;
}
2007-02-22 17:16:14 +00:00
}
// Check that the array is not empty
if ( $array_string > 0 ) {
2007-02-25 14:15:08 +00:00
$this -> scriptServer = implode ( " ; " , $valid_ips );
2007-02-22 17:16:14 +00:00
return true ;
}
else {
// The array is empty, there was no valid IP
return false ;
}
}
else {
return false ;
}
}
/**
* Returns the chmod value for new home directories .
*
* @ return string rights
*/
2007-10-26 17:51:56 +00:00
public function get_scriptRights () {
2007-02-22 17:16:14 +00:00
if ( ! isset ( $this -> scriptRights )) return '755' ;
return $this -> scriptRights ;
}
/**
* Sets the rights for the home directory .
*
* @ param string $chmod the rights
* @ return boolean true if values has correct format
*/
2007-10-26 17:51:56 +00:00
public function set_scriptRights ( $chmod ) {
2007-02-22 17:16:14 +00:00
// check if the chmod is correct:
if ( $chmod > 0 && $chmod <= 777 ) {
$this -> scriptRights = $chmod ;
return true ;
}
else {
return false ;
2003-07-30 21:23:48 +00:00
}
}
2003-05-28 15:37:48 +00:00
2004-05-31 14:04:00 +00:00
/**
* Returns the LDAP cache timeout in minutes
*
2004-09-26 08:46:56 +00:00
* @ return integer cache time
2004-05-31 14:04:00 +00:00
*/
2007-10-26 17:51:56 +00:00
public function get_cacheTimeout () {
2003-10-11 12:17:28 +00:00
if ( isset ( $this -> cachetimeout )) return $this -> cachetimeout ;
2003-10-04 12:34:19 +00:00
else return 5 ;
2003-08-18 15:21:27 +00:00
}
2004-05-31 14:04:00 +00:00
/**
* Returns the LDAP cache timeout in seconds
*
2004-09-26 08:46:56 +00:00
* @ return integer cache time
2004-05-31 14:04:00 +00:00
*/
2007-10-26 17:51:56 +00:00
public function get_cacheTimeoutSec () {
2003-09-19 19:29:02 +00:00
return $this -> cachetimeout * 60 ;
2003-08-18 16:38:41 +00:00
}
2004-05-31 14:04:00 +00:00
/**
* Sets the LDAP cache timeout in minutes ( 0 , 1 , 2 , 5 , 10 , 15 )
*
2004-09-26 08:46:56 +00:00
* @ param integer $value new cache timeout
* @ return boolean true if $value has correct format
2004-05-31 14:04:00 +00:00
*/
2007-10-26 17:51:56 +00:00
public function set_cacheTimeout ( $value ) {
2003-08-18 15:21:27 +00:00
if ( is_numeric ( $value ) && ( $value > - 1 )) {
2003-09-19 19:29:02 +00:00
$this -> cachetimeout = $value ;
2003-08-18 15:21:27 +00:00
}
else return false ;
return true ;
}
2003-03-30 19:51:47 +00:00
2010-02-06 18:30:21 +00:00
/**
* Returns the LDAP search limit .
*
* @ return integer search limit
*/
public function get_searchLimit () {
return $this -> searchLimit ;
}
/**
* Sets the LDAP search limit .
*
* @ param integer $value new search limit
* @ return boolean true if $value has correct format
*/
public function set_searchLimit ( $value ) {
if ( is_numeric ( $value ) && ( $value > - 1 )) {
$this -> searchLimit = $value ;
}
else return false ;
return true ;
}
2004-05-31 14:04:00 +00:00
/**
2004-10-17 09:36:36 +00:00
* Returns an array of all selected account modules
2004-05-31 14:04:00 +00:00
*
2004-10-17 09:36:36 +00:00
* @ param string $scope account type
2004-09-26 08:46:56 +00:00
* @ return array user modules
2004-05-31 14:04:00 +00:00
*/
2007-10-26 17:51:56 +00:00
public function get_AccountModules ( $scope ) {
2006-01-01 16:30:05 +00:00
if ( isset ( $this -> typeSettings [ " modules_ " . $scope ])) {
2013-02-12 19:40:21 +00:00
$modulesTmp = explode ( " , " , $this -> typeSettings [ " modules_ " . $scope ]);
$modules = array ();
foreach ( $modulesTmp as $mod ) {
if ( trim ( $mod ) != '' ) {
$modules [] = $mod ;
}
}
return $modules ;
2006-01-01 16:30:05 +00:00
}
else {
return array ();
2004-02-01 12:33:21 +00:00
}
2004-01-30 17:06:28 +00:00
}
2004-05-31 14:04:00 +00:00
/**
2004-10-17 09:36:36 +00:00
* Sets the selected account modules
2004-05-31 14:04:00 +00:00
*
2004-09-26 08:46:56 +00:00
* @ param array $modules array with module names ( not aliases ! )
2004-10-17 09:36:36 +00:00
* @ param string $scope account type
2004-09-26 08:46:56 +00:00
* @ return boolean true if $modules has correct format
2004-05-31 14:04:00 +00:00
*/
2007-10-26 17:51:56 +00:00
public function set_AccountModules ( $modules , $scope ) {
2004-01-30 17:06:28 +00:00
if ( ! is_array ( $modules )) return false ;
// check module names
2004-10-17 09:36:36 +00:00
$available = getAvailableModules ( $scope );
2004-02-01 12:33:21 +00:00
for ( $i = 0 ; $i < sizeof ( $modules ); $i ++ ) {
if ( ! in_array ( $modules [ $i ], $available )) return false ;
}
2004-10-02 17:16:39 +00:00
// check depends/conflicts
2004-10-17 09:36:36 +00:00
if ( check_module_conflicts ( $modules , getModulesDependencies ( $scope )) != false ) return false ;
if ( check_module_depends ( $modules , getModulesDependencies ( $scope )) != false ) return false ;
2006-01-01 16:30:05 +00:00
$this -> typeSettings [ " modules_ " . $scope ] = implode ( " , " , $modules );
2004-02-01 12:33:21 +00:00
return true ;
2004-01-30 17:06:28 +00:00
}
2004-07-18 10:18:25 +00:00
/**
* Sets the settings for the account modules .
*
* @ param array $settings list of module setting array ( name => value )
2004-09-26 08:46:56 +00:00
* @ return boolean true if $settings has correct format
2004-07-18 10:18:25 +00:00
*/
2007-10-26 17:51:56 +00:00
public function set_moduleSettings ( $settings ) {
2004-07-18 10:18:25 +00:00
if ( ! is_array ( $settings )) return false ;
$this -> moduleSettings = $settings ;
return true ;
}
/**
* Returns a list of saved module settings
*
* @ return array list of settings : array ( name => value )
*/
2007-10-26 17:51:56 +00:00
public function get_moduleSettings () {
2004-07-18 10:18:25 +00:00
return $this -> moduleSettings ;
}
2006-01-01 16:30:05 +00:00
/**
* Returns a list of active account types .
*
* @ return array list of types
*/
2007-10-26 17:51:56 +00:00
public function get_ActiveTypes () {
2006-02-03 15:36:39 +00:00
if (( $this -> activeTypes == '' ) || ! isset ( $this -> activeTypes )) return array ();
else return explode ( " , " , $this -> activeTypes );
2006-01-01 16:30:05 +00:00
}
2006-09-24 14:19:50 +00:00
2006-01-01 16:30:05 +00:00
/**
* Sets the list of active types .
*
* @ param array list of types
*/
2007-10-26 17:51:56 +00:00
public function set_ActiveTypes ( $types ) {
2006-01-01 16:30:05 +00:00
$this -> activeTypes = implode ( " , " , $types );
}
/**
* Sets the settings for the account types .
*
* @ param array $settings list of type setting array ( name => value )
* @ return boolean true if $settings has correct format
*/
2007-10-26 17:51:56 +00:00
public function set_typeSettings ( $settings ) {
2006-01-01 16:30:05 +00:00
if ( ! is_array ( $settings )) return false ;
$this -> typeSettings = $settings ;
return true ;
}
/**
* Returns a list of saved type settings
*
* @ return array list of settings : array ( name => value )
*/
2007-10-26 17:51:56 +00:00
public function get_typeSettings () {
2006-01-01 16:30:05 +00:00
return $this -> typeSettings ;
}
2012-05-26 20:05:56 +00:00
/**
* Returns the tool settings .
*
* @ return array $toolSettings tool settings
*/
public function getToolSettings () {
return $this -> toolSettings ;
}
/**
* Sets the tool settings .
*
* @ param array $toolSettings tool settings
* @ return boolean true if ok
*/
public function setToolSettings ( $toolSettings ) {
if ( ! is_array ( $toolSettings )) return false ;
$this -> toolSettings = $toolSettings ;
return true ;
}
2007-12-30 12:32:48 +00:00
/**
* Returns the access level for this profile .
*
* @ return int level
*/
public function getAccessLevel () {
return $this -> accessLevel ;
}
/**
* Sets the access level for this profile .
*
* @ param int $level level
*/
public function setAccessLevel ( $level ) {
$this -> accessLevel = $level ;
}
2009-03-07 16:22:30 +00:00
/**
* Returns the login method .
*
* @ return String login method
* @ see LAMconfig :: LOGIN_LIST
* @ see LAMconfig :: LOGIN_SEARCH
*/
public function getLoginMethod () {
return $this -> loginMethod ;
}
/**
* Sets the login method .
*
* @ param String $loginMethod
*/
public function setLoginMethod ( $loginMethod ) {
$this -> loginMethod = $loginMethod ;
}
/**
* Returns the login search filter .
*
* @ return String search filter
*/
public function getLoginSearchFilter () {
return $this -> loginSearchFilter ;
}
/**
* Sets the login search filter .
*
* @ param String $loginSearchFilter search filter
*/
public function setLoginSearchFilter ( $loginSearchFilter ) {
$this -> loginSearchFilter = $loginSearchFilter ;
}
/**
* Returns the login search suffix .
*
* @ return String suffix
*/
public function getLoginSearchSuffix () {
return $this -> loginSearchSuffix ;
}
/**
* Sets the login search suffix .
*
* @ param String $loginSearchSuffix suffix
*/
public function setLoginSearchSuffix ( $loginSearchSuffix ) {
$this -> loginSearchSuffix = $loginSearchSuffix ;
}
2010-08-29 16:02:51 +00:00
2011-12-03 19:02:28 +00:00
/**
* Sets the DN for the login search bind user .
*
* @ param String $loginSearchDN DN
* @ return boolean true if DN is valid
*/
public function setLoginSearchDN ( $loginSearchDN ) {
$this -> loginSearchDN = $loginSearchDN ;
if (( $loginSearchDN == '' ) || get_preg ( $loginSearchDN , 'dn' )) {
return true ;
}
return false ;
}
/**
* Returns the DN for the login search bind user .
*
* @ return String DN
*/
public function getLoginSearchDN () {
return $this -> loginSearchDN ;
}
/**
* Sets the password for the login search bind user .
*
* @ param String $loginSearchPassword password
*/
public function setLoginSearchPassword ( $loginSearchPassword ) {
$this -> loginSearchPassword = $loginSearchPassword ;
}
/**
* Returns the password for the login search bind user .
*
* @ return String password
*/
public function getLoginSearchPassword () {
return $this -> loginSearchPassword ;
}
/**
* Returns if HTTP authentication should be used .
*
* @ return String $httpAuthentication use HTTP authentication ( 'true' or 'false' )
*/
public function getHttpAuthentication () {
return $this -> httpAuthentication ;
}
/**
* Specifies if HTTP authentication should be used .
*
* @ param String $httpAuthentication use HTTP authentication ( 'true' or 'false' )
*/
public function setHttpAuthentication ( $httpAuthentication ) {
$this -> httpAuthentication = $httpAuthentication ;
}
2010-08-29 16:02:51 +00:00
/**
* Returns the sender address for password reset mails .
*
* @ return String mail address
*/
public function getLamProMailFrom () {
return $this -> lamProMailFrom ;
}
/**
* Sets the sender address for password reset mails .
*
* @ param String $lamProMailFrom mail address
* @ return boolean true if address is valid
*/
public function setLamProMailFrom ( $lamProMailFrom ) {
$this -> lamProMailFrom = $lamProMailFrom ;
2011-05-17 16:02:31 +00:00
if (( $lamProMailFrom != '' ) && ! get_preg ( $lamProMailFrom , 'email' ) && ! get_preg ( $lamProMailFrom , 'emailWithName' )) {
2010-08-29 16:02:51 +00:00
return false ;
}
return true ;
}
2011-08-15 12:33:04 +00:00
/**
* Returns the reply - to address for password reset mails .
*
* @ return String mail address
*/
public function getLamProMailReplyTo () {
return $this -> lamProMailReplyTo ;
}
/**
* Sets the reply - to address for password reset mails .
*
* @ param String $lamProMailReplyTo mail address
* @ return boolean true if address is valid
*/
public function setLamProMailReplyTo ( $lamProMailReplyTo ) {
$this -> lamProMailReplyTo = $lamProMailReplyTo ;
if (( $lamProMailReplyTo != '' ) && ! get_preg ( $lamProMailReplyTo , 'email' ) && ! get_preg ( $lamProMailReplyTo , 'emailWithName' )) {
return false ;
}
return true ;
}
2010-08-29 16:02:51 +00:00
/**
* Returns the subject for password reset mails .
*
* @ return String subject
*/
public function getLamProMailSubject () {
return $this -> lamProMailSubject ;
}
/**
* Sets the subject for password reset mails .
*
* @ param String $lamProMailSubject subject
*/
public function setLamProMailSubject ( $lamProMailSubject ) {
$this -> lamProMailSubject = $lamProMailSubject ;
}
2011-05-22 15:02:14 +00:00
/**
* Returns if the password reset mail content should be treated as HTML .
*
* @ return boolean HTML or text
*/
public function getLamProMailIsHTML () {
return $this -> lamProMailIsHTML ;
}
/**
* Sets if the password reset mail content should be treated as HTML .
*
2014-02-10 19:16:37 +00:00
* @ param boolean $lamProMailIsHTML true if HTML
2011-05-22 15:02:14 +00:00
*/
public function setLamProMailIsHTML ( $lamProMailIsHTML ) {
$this -> lamProMailIsHTML = $lamProMailIsHTML ;
}
2010-08-29 16:02:51 +00:00
2014-02-10 19:16:37 +00:00
/**
* Returns if sending to an alternate address is allowed .
*
* @ return boolean alternate address allowed
*/
public function getLamProMailAllowAlternateAddress () {
return $this -> lamProMailAllowAlternateAddress ;
}
/**
* Sets if sending to an alternate address is allowed .
*
* @ param boolean $lamProMailAllowAlternateAddress alternate address allowed
*/
public function setLamProMailAllowAlternateAddress ( $lamProMailAllowAlternateAddress ) {
$this -> lamProMailAllowAlternateAddress = $lamProMailAllowAlternateAddress ;
}
2010-08-29 16:02:51 +00:00
/**
* Returns the mail body for password reset mails .
*
* @ return String body
*/
public function getLamProMailText () {
return implode ( " \r \n " , explode ( LAMConfig :: LINE_SEPARATOR , $this -> lamProMailText ));
}
/**
* Sets the mail body for password reset mails .
*
* @ param String $lamProMailText body
*/
public function setLamProMailText ( $lamProMailText ) {
$this -> lamProMailText = implode ( LAMConfig :: LINE_SEPARATOR , explode ( " \r \n " , $lamProMailText ));
}
2013-08-10 12:43:01 +00:00
2003-02-17 21:38:54 +00:00
}
2003-03-05 16:05:23 +00:00
2004-01-30 17:06:28 +00:00
2004-05-31 14:04:00 +00:00
/**
* This class manages config . cfg .
*
* @ package configuration
2003-07-06 10:24:41 +00:00
*/
2006-09-24 14:19:50 +00:00
class LAMCfgMain {
2003-07-06 10:24:41 +00:00
2013-10-18 17:43:09 +00:00
/** PHP error reporting setting as E_ALL & ~E_NOTICE */
const ERROR_REPORTING_DEFAULT = 'default' ;
/** PHP error reporting setting from php.ini */
const ERROR_REPORTING_SYSTEM = 'system' ;
2004-05-31 14:04:00 +00:00
/** Default profile */
2007-10-26 17:51:56 +00:00
public $default ;
2003-07-06 10:24:41 +00:00
2004-05-31 14:04:00 +00:00
/** Password to change config.cfg */
2007-11-07 21:02:13 +00:00
private $password ;
2006-09-24 14:19:50 +00:00
2006-04-18 10:57:16 +00:00
/** Time of inactivity before session times out (minutes) */
2007-10-26 17:51:56 +00:00
public $sessionTimeout ;
2006-09-24 14:19:50 +00:00
2006-04-23 16:33:25 +00:00
/** log level */
2007-10-26 17:51:56 +00:00
public $logLevel ;
2006-09-24 14:19:50 +00:00
2006-04-23 16:33:25 +00:00
/** log destination ("SYSLOG":syslog, "/...":file, "NONE":none) */
2007-10-26 17:51:56 +00:00
public $logDestination ;
2006-09-24 14:19:50 +00:00
2006-04-25 11:25:07 +00:00
/** list of hosts which may access LAM */
2007-10-26 17:51:56 +00:00
public $allowedHosts ;
2008-02-10 13:19:05 +00:00
2014-01-12 19:58:15 +00:00
/** list of hosts which may access LAM Pro self service */
public $allowedHostsSelfService ;
2014-01-12 11:08:43 +00:00
/** session encryption */
public $encryptSession ;
2008-02-10 13:19:05 +00:00
/** minimum length for passwords */
public $passwordMinLength = 0 ;
/** minimum uppercase characters */
public $passwordMinUpper = 0 ;
/** minimum lowercase characters */
public $passwordMinLower = 0 ;
/** minimum numeric characters */
public $passwordMinNumeric = 0 ;
/** minimum symbol characters */
public $passwordMinSymbol = 0 ;
/** minimum character classes (upper, lower, numeric, symbols) */
public $passwordMinClasses = 0 ;
2009-11-06 19:15:56 +00:00
2012-07-15 12:05:47 +00:00
/** path to config file */
2009-11-06 19:15:56 +00:00
private $conffile ;
2006-09-24 14:19:50 +00:00
2013-08-10 12:43:01 +00:00
/** uploaded SSL certificate that is stored to disk on save() */
private $uploadedSSLCaCert = null ;
/** SSL certificate should be deleted on save() */
private $delSSLCaCert = false ;
2013-10-16 16:48:59 +00:00
/** EOL for emails (default/unix) */
public $mailEOL = 'default' ;
2013-10-18 17:43:09 +00:00
/** error reporting */
public $errorReporting = self :: ERROR_REPORTING_DEFAULT ;
2013-08-10 12:43:01 +00:00
2006-04-23 16:33:25 +00:00
/** list of data fields to save in config file */
2007-10-26 17:51:56 +00:00
private $settings = array ( " password " , " default " , " sessionTimeout " ,
2008-02-10 13:19:05 +00:00
" logLevel " , " logDestination " , " allowedHosts " , " passwordMinLength " ,
" passwordMinUpper " , " passwordMinLower " , " passwordMinNumeric " ,
2014-01-12 11:08:43 +00:00
" passwordMinClasses " , " passwordMinSymbol " , " mailEOL " , 'errorReporting' ,
2014-01-12 19:58:15 +00:00
'encryptSession' , 'allowedHostsSelfService' );
2006-09-24 14:19:50 +00:00
2004-05-31 14:04:00 +00:00
/**
* Loads preferences from config file
*/
2007-12-28 16:08:56 +00:00
function __construct () {
2009-11-06 19:15:56 +00:00
$this -> conffile = substr ( __FILE__ , 0 , strlen ( __FILE__ ) - 15 ) . " /config/config.cfg " ;
2006-04-23 16:33:25 +00:00
// set default values
2006-04-18 10:57:16 +00:00
$this -> sessionTimeout = 30 ;
2006-04-23 16:33:25 +00:00
$this -> logLevel = LOG_NOTICE ;
$this -> logDestination = " SYSLOG " ;
2006-04-25 11:25:07 +00:00
$this -> allowedHosts = " " ;
2014-01-12 19:58:15 +00:00
$this -> allowedHostsSelfService = '' ;
2014-01-12 11:08:43 +00:00
$this -> encryptSession = 'true' ;
2003-07-06 10:24:41 +00:00
$this -> reload ();
}
2004-05-31 14:04:00 +00:00
/**
* Reloads preferences from config file config . cfg
2004-07-18 10:18:25 +00:00
*
* @ return boolean true if file was readable
2004-05-31 14:04:00 +00:00
*/
2007-10-26 17:51:56 +00:00
private function reload () {
2009-11-06 19:15:56 +00:00
if ( is_file ( $this -> conffile ) == True ) {
$file = @ fopen ( $this -> conffile , " r " );
2004-07-18 10:18:25 +00:00
if ( ! $file ) return false ; // abort if file is not readable
2003-07-06 10:24:41 +00:00
while ( ! feof ( $file )) {
$line = fgets ( $file , 1024 );
2003-10-11 12:17:28 +00:00
$line = trim ( $line ); // remove spaces at the beginning and end
if (( $line == " " ) || ( $line [ 0 ] == " # " )) continue ; // ignore comments
2003-07-06 10:24:41 +00:00
// search keywords
2006-04-23 16:33:25 +00:00
for ( $i = 0 ; $i < sizeof ( $this -> settings ); $i ++ ) {
$keyword = $this -> settings [ $i ];
$keylen = strlen ( $keyword );
if ( strtolower ( substr ( $line , 0 , $keylen + 2 )) == strtolower ( $keyword . " : " )) {
$this -> $keyword = substr ( $line , $keylen + 2 , strlen ( $line ) - $keylen - 2 );
break ;
}
2003-07-06 10:24:41 +00:00
}
}
fclose ( $file );
}
2004-07-18 10:18:25 +00:00
return true ;
2003-07-06 10:24:41 +00:00
}
2004-05-31 14:04:00 +00:00
/**
* Saves preferences to config file config . cfg
*/
2007-10-26 17:51:56 +00:00
public function save () {
2009-11-06 19:15:56 +00:00
if ( is_file ( $this -> conffile ) == True ) {
$file = fopen ( $this -> conffile , " r " );
2003-07-06 10:24:41 +00:00
$file_array = array ();
// read config file
while ( ! feof ( $file )) {
array_push ( $file_array , fgets ( $file , 1024 ));
}
fclose ( $file );
// generate new configuration file
2006-04-23 16:33:25 +00:00
$saved = array ();
2003-07-06 10:24:41 +00:00
for ( $i = 0 ; $i < sizeof ( $file_array ); $i ++ ) {
2006-04-23 16:33:25 +00:00
$line = trim ( $file_array [ $i ]);
if (( $line == " " ) || ( $line [ 0 ] == " # " )) continue ; // ignore comments and empty lines
// search keywords
for ( $k = 0 ; $k < sizeof ( $this -> settings ); $k ++ ) {
$keyword = $this -> settings [ $k ];
$keylen = strlen ( $keyword );
if ( strtolower ( substr ( $line , 0 , $keylen + 1 )) == strtolower ( $keyword . " : " )) {
$file_array [ $i ] = $keyword . " : " . $this -> $keyword . " \n " ;
$saved [] = $keyword ; // mark keyword as saved
break ;
}
2006-04-18 10:57:16 +00:00
}
2003-07-06 10:24:41 +00:00
}
}
// check if we have to add new entries (e.g. if user upgraded LAM and has an old config file)
2006-04-23 16:33:25 +00:00
if ( ! in_array ( " password " , $saved )) array_push ( $file_array , " \n \n # password to add/delete/rename configuration profiles \n " . " password: " . $this -> password );
if ( ! in_array ( " default " , $saved )) array_push ( $file_array , " \n \n # default profile, without \" .conf \" \n " . " default: " . $this -> default );
if ( ! in_array ( " sessionTimeout " , $saved )) array_push ( $file_array , " \n \n # session timeout in minutes \n " . " sessionTimeout: " . $this -> sessionTimeout );
if ( ! in_array ( " logLevel " , $saved )) array_push ( $file_array , " \n \n # log level \n " . " logLevel: " . $this -> logLevel );
if ( ! in_array ( " logDestination " , $saved )) array_push ( $file_array , " \n \n # log destination \n " . " logDestination: " . $this -> logDestination );
2006-04-25 11:25:07 +00:00
if ( ! in_array ( " allowedHosts " , $saved )) array_push ( $file_array , " \n \n # list of hosts which may access LAM \n " . " allowedHosts: " . $this -> allowedHosts );
2014-01-12 19:58:15 +00:00
if ( ! in_array ( " allowedHostsSelfService " , $saved )) array_push ( $file_array , " \n \n # list of hosts which may access LAM Pro self service \n " . " allowedHostsSelfService: " . $this -> allowedHostsSelfService );
2014-01-12 11:08:43 +00:00
if ( ! in_array ( " encryptSession " , $saved )) array_push ( $file_array , " \n \n # encrypt session data \n " . " encryptSession: " . $this -> encryptSession );
2008-02-10 13:19:05 +00:00
if ( ! in_array ( " passwordMinLength " , $saved )) array_push ( $file_array , " \n \n # Password: minimum password length \n " . " passwordMinLength: " . $this -> passwordMinLength );
if ( ! in_array ( " passwordMinUpper " , $saved )) array_push ( $file_array , " \n \n # Password: minimum uppercase characters \n " . " passwordMinUpper: " . $this -> passwordMinUpper );
if ( ! in_array ( " passwordMinLower " , $saved )) array_push ( $file_array , " \n \n # Password: minimum lowercase characters \n " . " passwordMinLower: " . $this -> passwordMinLower );
if ( ! in_array ( " passwordMinNumeric " , $saved )) array_push ( $file_array , " \n \n # Password: minimum numeric characters \n " . " passwordMinNumeric: " . $this -> passwordMinNumeric );
if ( ! in_array ( " passwordMinSymbol " , $saved )) array_push ( $file_array , " \n \n # Password: minimum symbolic characters \n " . " passwordMinSymbol: " . $this -> passwordMinSymbol );
if ( ! in_array ( " passwordMinClasses " , $saved )) array_push ( $file_array , " \n \n # Password: minimum character classes (0-4) \n " . " passwordMinClasses: " . $this -> passwordMinClasses );
2013-10-16 16:48:59 +00:00
if ( ! in_array ( " mailEOL " , $saved )) array_push ( $file_array , " \n \n # Email format (default/unix) \n " . " mailEOL: " . $this -> mailEOL );
2013-10-18 17:43:09 +00:00
if ( ! in_array ( " errorReporting " , $saved )) array_push ( $file_array , " \n \n # PHP error reporting (default/system) \n " . " errorReporting: " . $this -> errorReporting );
2009-11-06 19:15:56 +00:00
$file = @ fopen ( $this -> conffile , " w " );
2003-07-06 10:24:41 +00:00
if ( $file ) {
for ( $i = 0 ; $i < sizeof ( $file_array ); $i ++ ) fputs ( $file , $file_array [ $i ]);
fclose ( $file );
}
else {
2009-11-06 19:15:56 +00:00
StatusMessage ( " ERROR " , " " , _ ( " Cannot open config file! " ) . " ( " . $this -> conffile . " ) " );
2003-07-06 10:24:41 +00:00
}
2013-08-10 12:43:01 +00:00
// store SSL certificate
if ( $this -> uploadedSSLCaCert != null ) {
$sslPath = $this -> getInternalSSLCaCertFileName ();
$file = @ fopen ( $sslPath , " w " );
if ( $file ) {
fputs ( $file , $this -> uploadedSSLCaCert );
fclose ( $file );
@ chmod ( $sslPath , 0600 );
}
else {
StatusMessage ( " ERROR " , _ ( " Cannot write certificate file. Please check the permissions of config/serverCerts.pem. " ));
}
}
// delete SSL certificate
if ( $this -> delSSLCaCert === true ) {
$sslPath = $this -> getInternalSSLCaCertFileName ();
$result = @ unlink ( $sslPath );
if ( ! $result ) {
StatusMessage ( " ERROR " , _ ( " Cannot write certificate file. Please check the permissions of config/serverCerts.pem. " ));
}
}
2003-07-06 10:24:41 +00:00
}
2007-11-07 21:02:13 +00:00
/**
* Sets a new config password .
*
* @ param String $password new password
*/
public function setPassword ( $password ) {
mt_srand (( microtime () * 1000000 ));
2013-07-21 11:34:31 +00:00
$rand = getRandomNumber ();
2007-11-07 21:02:13 +00:00
$salt0 = substr ( pack ( " h* " , md5 ( $rand )), 0 , 8 );
$salt = substr ( pack ( " H* " , sha1 ( $salt0 . $password )), 0 , 4 );
$this -> password = $this -> hashPassword ( $password , $salt );
}
/**
* Checks if the given password matches .
*
* @ param String $password password
* @ return boolean true , if password matches
*/
public function checkPassword ( $password ) {
if ( substr ( $this -> password , 0 , 6 ) == " { SSHA} " ) {
// check hashed password
$value = substr ( $this -> password , 6 );
$parts = explode ( " " , $value );
$salt = base64_decode ( $parts [ 1 ]);
return ( $this -> hashPassword ( $password , $salt ) === $this -> password );
}
else {
// old nonhashed password
return ( $password === $this -> password );
}
}
/**
* Returns the hashed password .
*
* @ param String $password password
* @ param String $salt salt
* @ return String hash value
*/
private function hashPassword ( $password , $salt ) {
2012-01-11 18:54:35 +00:00
return " { SSHA} " . base64_encode ( convertHex2bin ( sha1 ( $password . $salt ))) . " " . base64_encode ( $salt );
2007-11-07 21:02:13 +00:00
}
2007-12-30 12:32:48 +00:00
2009-11-06 19:15:56 +00:00
/**
* Returns if the configuration file is writable .
*
* @ return boolean writable
*/
public function isWritable () {
return is_writeable ( $this -> conffile );
}
2013-01-12 11:28:43 +00:00
/**
* Returns if the configuration file is existing .
*
* @ return boolean exists
*/
public function isConfigFileExisting () {
return file_exists ( $this -> conffile );
}
2013-08-10 12:43:01 +00:00
/**
* Returns the path to the SSL CA certificate file that overrides the system certificates .
*
* @ return String path to certificate file or null if certificate is not overridden
*/
public function getSSLCaCertPath () {
$path = $this -> getInternalSSLCaCertFileName ();
if ( file_exists ( $path )) {
return $path ;
}
return null ;
}
/**
* Returns the file name that will be used internally to store the CA file .
*
* @ return String file name
*/
private function getInternalSSLCaCertFileName () {
return dirname ( __FILE__ ) . '/../config/serverCerts.pem' ;
}
/**
* Uploads a new SSL CA cert .
*
* @ param String $cert file content in DER / PEM format
* @ return mixed TRUE if format is correct , error message if file is not accepted
*/
public function uploadSSLCaCert ( $cert ) {
2013-12-26 11:35:49 +00:00
if ( strpos ( $cert , '-----BEGIN CERTIFICATE-----' ) === false ) {
2013-08-10 12:43:01 +00:00
$pem = @ chunk_split ( @ base64_encode ( $cert ), 64 , " \n " );
$cert = " -----BEGIN CERTIFICATE----- \n " . $pem . " -----END CERTIFICATE----- \n " ;
}
2013-12-26 11:35:49 +00:00
else {
// remove any junk before first "-----BEGIN CERTIFICATE-----"
$pos = strpos ( $cert , '-----BEGIN CERTIFICATE-----' );
$cert = substr ( $cert , $pos );
}
2013-08-10 12:43:01 +00:00
$pemData = @ openssl_x509_parse ( $cert );
if ( $pemData === false ) {
return _ ( 'Please provide a file in DER or PEM format.' );
}
$existingCerts = $this -> getSSLCaCertificateContent ();
if ( ! empty ( $existingCerts )) {
// merge with existing certificates
$existingList = $this -> splitSSLCaCertificateContent ( $existingCerts );
$newList = $this -> splitSSLCaCertificateContent ( $cert );
$this -> uploadedSSLCaCert = implode ( " \n " , array_unique ( array_merge ( $existingList , $newList )));
}
else {
$this -> uploadedSSLCaCert = $cert ;
}
$this -> delSSLCaCert = false ;
return true ;
}
/**
* Returns the name of a temporary file in tmp that contains the SSL certificate .
* The file contains either the stored data in serverCerts or the uploaded data .
*
* @ return String file name or null if no certificate was set
*/
public function getSSLCaCertTempFileName () {
if ( $this -> delSSLCaCert ) {
return null ;
}
// get certificate data
$content = $this -> getSSLCaCertificateContent ();
if ( $content == null ) {
return null ;
}
// write to temp file
$fileName = time () . getRandomNumber () . '.pem' ;
$path = dirname ( __FILE__ ) . '/../tmp/' . $fileName ;
$handle = @ fopen ( $path , " wb " );
@ chmod ( $path , 0600 );
if ( $handle ) {
$content = fputs ( $handle , $content );
fclose ( $handle );
}
else {
return null ;
}
return $fileName ;
}
/**
* Marks a single or all SSL CA certificate files for deletion .
* The changes take effect on save () .
*
* @ param int $index certificate index , null deletes all certificates ( default : null )
*/
public function deleteSSLCaCert ( $index = null ) {
if ( $index == null ) {
// delete all
$this -> delSSLCaCert = true ;
return ;
}
$content = $this -> getSSLCaCertificateContent ();
$list = $this -> splitSSLCaCertificateContent ( $content );
unset ( $list [ $index ]);
if ( sizeof ( $list ) < 1 ) {
$this -> delSSLCaCert = true ;
$this -> uploadedSSLCaCert = null ;
}
else {
$this -> uploadedSSLCaCert = implode ( " \n " , $list );
}
}
/**
* Returns a list of all CA certificates .
*
* @ return array list of certificates as output of openssl_x509_parse ()
*/
public function getSSLCaCertificates () {
if ( $this -> delSSLCaCert ) {
return array ();
}
$content = $this -> getSSLCaCertificateContent ();
if ( empty ( $content )) {
return array ();
}
$list = $this -> splitSSLCaCertificateContent ( $content );
for ( $i = 0 ; $i < sizeof ( $list ); $i ++ ) {
$list [ $i ] = @ openssl_x509_parse ( $list [ $i ]);
}
return $list ;
}
/**
* Returns the content of the certificate file or uploaded data .
*
* @ return String null or certificate content
*/
private function getSSLCaCertificateContent () {
$content = null ;
if ( $this -> delSSLCaCert ) {
return null ;
}
if ( $this -> uploadedSSLCaCert != null ) {
$content = $this -> uploadedSSLCaCert ;
}
elseif ( $this -> getSSLCaCertPath () != null ) {
$path = $this -> getSSLCaCertPath ();
$handle = @ fopen ( $path , " r " );
if ( $handle ) {
$content = fread ( $handle , 10000000 );
fclose ( $handle );
}
}
return $content ;
}
/**
* Splits the certificate content into single PEM data chunks .
*
* @ param String $content PEM file content
* @ return array one element for each certificate chunk
*/
private function splitSSLCaCertificateContent ( $content ) {
if ( empty ( $content )) {
return array ();
}
$content = str_replace ( " \n \n " , " \n " , $content );
if ( empty ( $content )) {
return array ();
}
if ( ! ( strpos ( $content , '-----BEGIN CERTIFICATE-----' ) === 0 )) {
return array ();
}
$lines = explode ( " \n " , $content );
$list = array ();
$pos = - 1 ;
foreach ( $lines as $line ) {
if ( strpos ( $line , '-----BEGIN CERTIFICATE-----' ) === 0 ) {
$pos ++ ;
}
if ( ! isset ( $list [ $pos ])) {
$list [ $pos ] = '' ;
}
$list [ $pos ] .= $line . " \n " ;
}
return $list ;
}
2013-10-16 16:48:59 +00:00
2003-07-06 10:24:41 +00:00
}
2003-03-05 18:38:19 +00:00
?>