LDAPAccountManager/lam/templates/config/confmain.php

716 lines
30 KiB
PHP
Raw Normal View History

<?php
2017-03-06 18:12:02 +00:00
namespace LAM\CONFIG;
2017-02-11 17:16:08 +00:00
use \LAM\LIB\TWO_FACTOR\TwoFactorProviderService;
2017-03-06 18:12:02 +00:00
use \LAMConfig;
use \htmlTable;
use \htmlAccordion;
use \htmlSpacer;
use \DateTimeZone;
use \htmlStatusMessage;
use \htmlOutputText;
use \htmlInputCheckbox;
use \htmlHelpLink;
use \htmlElement;
use \htmlSubTitle;
use \htmlButton;
2017-11-21 19:02:36 +00:00
use \htmlResponsiveRow;
use \htmlResponsiveInputField;
use \htmlResponsiveSelect;
use \htmlResponsiveInputCheckbox;
use \htmlResponsiveInputTextarea;
use \htmlGroup;
2003-02-25 21:28:17 +00:00
/*
2009-10-27 18:47:12 +00:00
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
2018-12-31 09:51:44 +00:00
Copyright (C) 2003 - 2018 Roland Gruber
2003-02-25 21:28:17 +00:00
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
2003-05-09 16:22:46 +00:00
2003-02-25 21:28:17 +00:00
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
2003-05-09 16:22:46 +00:00
2003-02-25 21:28:17 +00:00
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
2004-06-02 12:48:54 +00:00
*/
2003-05-09 16:22:46 +00:00
2004-06-02 12:48:54 +00:00
/**
* Main page of configuration
*
* @package configuration
* @author Roland Gruber
2007-02-22 17:16:14 +00:00
* @author Thomas Manninger
2003-02-25 21:28:17 +00:00
*/
2004-06-02 12:48:54 +00:00
/** Access to config functions */
2018-12-23 16:52:56 +00:00
include_once(__DIR__ . "/../../lib/config.inc");
/** access to module settings */
2018-12-23 16:52:56 +00:00
include_once(__DIR__ . "/../../lib/modules.inc");
2012-05-26 20:05:56 +00:00
/** access to tools */
2018-12-23 16:52:56 +00:00
include_once(__DIR__ . "/../../lib/tools.inc");
2017-02-11 17:16:08 +00:00
/** 2-factor */
2018-12-23 16:52:56 +00:00
include_once __DIR__ . '/../../lib/2factor.inc';
2017-11-11 15:39:53 +00:00
/** common functions */
2018-12-23 16:52:56 +00:00
include_once __DIR__ . '/../../lib/configPages.inc';
2003-03-23 18:38:47 +00:00
// start session
2009-07-08 18:03:28 +00:00
if (strtolower(session_module_name()) == 'files') {
session_save_path("../../sess");
}
2018-03-10 17:48:11 +00:00
lam_start_session();
2003-07-06 17:54:11 +00:00
setlanguage();
// get password
2004-09-19 08:30:42 +00:00
if (isset($_POST['passwd'])) $passwd = $_POST['passwd'];
2003-05-02 16:52:19 +00:00
2003-02-25 21:28:17 +00:00
// check if password was entered
2003-03-08 10:10:19 +00:00
// if not: load login page
2011-12-10 09:08:27 +00:00
if (!isset($passwd) && !(isset($_SESSION['conf_isAuthenticated']) && isset($_SESSION['conf_config']))) {
2017-11-04 09:49:28 +00:00
$_SESSION['conf_message'] = new htmlStatusMessage('ERROR', _("No password was entered!"));
2004-06-02 12:48:54 +00:00
/** go back to login if password is empty */
2010-02-06 11:50:26 +00:00
metaRefresh('conflogin.php');
2003-02-25 21:28:17 +00:00
exit;
}
if (!isset($_SESSION['conf_config']) && isset($_POST['filename'])) {
2006-09-24 14:19:50 +00:00
$_SESSION['conf_config'] = new LAMConfig($_POST['filename']);
}
$conf = &$_SESSION['conf_config'];
2004-02-01 12:33:21 +00:00
2003-02-25 21:28:17 +00:00
// check if password is valid
2003-03-08 10:10:19 +00:00
// if not: load login page
2008-04-24 18:50:02 +00:00
if ((!isset($_SESSION['conf_isAuthenticated']) || !($_SESSION['conf_isAuthenticated'] === $conf->getName())) && !$conf->check_Passwd($passwd)) {
$sessionKeys = array_keys($_SESSION);
for ($i = 0; $i < sizeof($sessionKeys); $i++) {
if (substr($sessionKeys[$i], 0, 5) == "conf_") unset($_SESSION[$sessionKeys[$i]]);
}
2017-11-04 09:49:28 +00:00
$_SESSION['conf_message'] = new htmlStatusMessage('ERROR', _("The password is invalid! Please try again."));
2004-06-02 12:48:54 +00:00
/** go back to login if password is invalid */
2010-02-06 11:50:26 +00:00
metaRefresh('conflogin.php');
2003-02-25 21:28:17 +00:00
exit;
}
2007-12-29 18:59:09 +00:00
$_SESSION['conf_isAuthenticated'] = $conf->getName();
2003-02-25 21:28:17 +00:00
2009-07-12 13:40:32 +00:00
// check if user canceled editing
if (isset($_POST['cancelSettings'])) {
metaRefresh("../login.php");
exit;
2006-01-01 16:30:05 +00:00
}
2009-07-12 13:40:32 +00:00
$errorsToDisplay = array();
2011-12-10 09:08:27 +00:00
if (isset($_SESSION['conf_messages']) && is_array($_SESSION['conf_messages'])) {
$errorsToDisplay = array_merge($errorsToDisplay, $_SESSION['conf_messages']);
unset($_SESSION['conf_messages']);
}
2009-07-12 13:40:32 +00:00
// check if button was pressed and if we have to save the settings or go to another tab
if (isset($_POST['saveSettings']) || isset($_POST['editmodules'])
|| isset($_POST['edittypes']) || isset($_POST['generalSettingsButton'])
2015-06-09 19:02:24 +00:00
|| isset($_POST['moduleSettings']) || isset($_POST['jobs'])) {
2009-07-12 13:40:32 +00:00
$errorsToDisplay = checkInput();
if (sizeof($errorsToDisplay) == 0) {
// go to final page
if (isset($_POST['saveSettings'])) {
metaRefresh("confsave.php");
exit;
}
// go to modules page
elseif (isset($_POST['editmodules'])) {
metaRefresh("confmodules.php");
exit;
}
// go to types page
elseif (isset($_POST['edittypes'])) {
metaRefresh("conftypes.php");
exit;
}
// go to module settings page
elseif (isset($_POST['moduleSettings'])) {
metaRefresh("moduleSettings.php");
exit;
}
2015-06-09 19:02:24 +00:00
// go to jobs page
elseif (isset($_POST['jobs'])) {
metaRefresh("jobs.php");
exit;
}
2004-02-01 12:33:21 +00:00
}
}
2006-01-01 16:30:05 +00:00
2004-08-14 13:21:40 +00:00
// index for tab order
$tabindex = 1;
2003-07-29 11:52:26 +00:00
echo $_SESSION['header'];
2017-11-21 19:02:36 +00:00
printHeaderContents(_("LDAP Account Manager Configuration"), '../..');
2018-12-23 10:01:29 +00:00
echo "<body class=\"admin\">\n";
2010-01-01 17:39:38 +00:00
// include all JavaScript files
2017-11-21 19:02:36 +00:00
printJsIncludes('../..');
2017-11-11 15:39:53 +00:00
printConfigurationPageHeaderBar($conf);
2003-05-09 16:22:46 +00:00
if (!$conf->isWritable()) {
2011-12-10 09:08:27 +00:00
StatusMessage('WARN', _('The config file is not writable.'), _('Your changes cannot be saved until you make the file writable for the webserver user.'));
echo "<br>";
}
// display error messages
2009-07-12 13:40:32 +00:00
if (sizeof($errorsToDisplay) > 0) {
for ($i = 0; $i < sizeof($errorsToDisplay); $i++) {
call_user_func_array('StatusMessage', $errorsToDisplay[$i]);
}
echo "<br>";
}
2003-05-09 16:22:46 +00:00
// display formular
2018-12-23 10:01:29 +00:00
echo "<form enctype=\"multipart/form-data\" action=\"confmain.php\" method=\"post\" autocomplete=\"off\">\n";
2017-11-11 15:39:53 +00:00
printConfigurationPageTabs(ConfigurationPageTab::GENERAL);
2010-08-28 09:34:00 +00:00
?>
2017-05-10 17:23:28 +00:00
<input type="text" name="hiddenPreventAutocomplete" autocomplete="false" class="hidden" value="">
<input type="password" name="hiddenPreventAutocompletePwd1" autocomplete="false" class="hidden" value="">
<input type="password" name="hiddenPreventAutocompletePwd2" autocomplete="false" class="hidden" value="">
2010-08-28 09:34:00 +00:00
<?php
2017-11-21 19:02:36 +00:00
$row = new htmlResponsiveRow();
2003-05-09 16:22:46 +00:00
2017-11-25 10:39:34 +00:00
$serverSettings = new htmlSubTitle(_("Server settings"), '../../graphics/profiles.png', null, true);
2017-11-21 19:02:36 +00:00
$row->add($serverSettings, 12);
2011-01-01 19:46:44 +00:00
// server URL
2017-11-21 19:02:36 +00:00
$urlInput = new htmlResponsiveInputField(_("Server address"), 'serverurl', $conf->get_ServerURL(), '201');
2011-01-01 19:46:44 +00:00
$urlInput->setRequired(true);
2017-11-21 19:02:36 +00:00
$row->add($urlInput, 12);
2011-01-01 19:46:44 +00:00
// use TLS
$tlsOptions = array(_("yes") => 'yes', _("no") => 'no');
2017-11-21 19:02:36 +00:00
$tlsSelect = new htmlResponsiveSelect('useTLS', $tlsOptions, array($conf->getUseTLS()), _("Activate TLS"), '201');
2011-01-01 19:46:44 +00:00
$tlsSelect->setHasDescriptiveElements(true);
2017-11-21 19:02:36 +00:00
$row->add($tlsSelect, 12);
2005-02-27 12:40:06 +00:00
// tree suffix
2017-11-21 19:02:36 +00:00
$row->add(new htmlResponsiveInputField(_("Tree suffix"), 'sufftree', $conf->get_Suffix('tree'), '203'), 12);
// LDAP search limit
$searchLimitOptions = array(
2011-01-01 19:46:44 +00:00
'-' => 0, 100 => 100, 500 => 500,
1000 => 1000, 5000 => 5000, 10000 => 10000,
50000 => 50000, 100000 => 100000);
2017-11-21 19:02:36 +00:00
$limitSelect = new htmlResponsiveSelect('searchLimit', $searchLimitOptions, array($conf->get_searchLimit()), _("LDAP search limit"), '222');
2011-01-01 19:46:44 +00:00
$limitSelect->setHasDescriptiveElements(true);
2017-11-21 19:02:36 +00:00
$row->add($limitSelect, 12);
2007-12-30 12:32:48 +00:00
// access level is only visible in Pro version
if (isLAMProVersion()) {
2011-01-01 19:46:44 +00:00
$accessOptions = array(
_('Write access') => LAMConfig::ACCESS_ALL,
_('Change passwords') => LAMConfig::ACCESS_PASSWORD_CHANGE,
2012-05-25 18:22:03 +00:00
_('Read-only') => LAMConfig::ACCESS_READ_ONLY
2011-01-01 19:46:44 +00:00
);
2017-11-21 19:02:36 +00:00
$accessSelect = new htmlResponsiveSelect('accessLevel', $accessOptions, array($conf->getAccessLevel()), _("Access level"), '215');
2011-01-01 19:46:44 +00:00
$accessSelect->setHasDescriptiveElements(true);
2017-11-21 19:02:36 +00:00
$row->add($accessSelect, 12);
2007-12-30 12:32:48 +00:00
}
// advanced options
2017-11-21 19:02:36 +00:00
$advancedOptionsContent = new htmlResponsiveRow();
// display name
2017-11-21 19:02:36 +00:00
$advancedOptionsContent->add(new htmlResponsiveInputField(_('Display name'), 'serverDisplayName', $conf->getServerDisplayName(), '268'), 12);
// referrals
$followReferrals = ($conf->getFollowReferrals() === 'true');
2017-11-21 19:02:36 +00:00
$advancedOptionsContent->add(new htmlResponsiveInputCheckbox('followReferrals', $followReferrals , _('Follow referrals'), '205'), 12);
2014-11-29 17:40:39 +00:00
// paged results
$pagedResults = ($conf->getPagedResults() === 'true');
2017-11-21 19:02:36 +00:00
$advancedOptionsContent->add(new htmlResponsiveInputCheckbox('pagedResults', $pagedResults , _('Paged results'), '266'), 12);
2017-12-31 11:53:30 +00:00
// referential integrity overlay
$referentialIntegrity = ($conf->isReferentialIntegrityOverlayActive());
$advancedOptionsContent->add(new htmlResponsiveInputCheckbox('referentialIntegrityOverlay', $referentialIntegrity , _('Referential integrity overlay'), '269'), 12);
// build advanced options box
$advancedOptions = new htmlAccordion('advancedOptions_server', array(_('Advanced options') => $advancedOptionsContent), false);
$advancedOptions->colspan = 15;
2017-11-21 19:02:36 +00:00
$row->add($advancedOptions, 12);
2017-11-21 19:02:36 +00:00
$row->addVerticalSpacer('2rem');
2003-05-09 16:22:46 +00:00
// language
2017-11-25 10:39:34 +00:00
$row->add(new htmlSubTitle(_("Language settings"), '../../graphics/language.png', null, true), 12);
2003-05-09 16:22:46 +00:00
// read available languages
2014-02-02 12:36:12 +00:00
$possibleLanguages = getLanguages();
$defaultLanguage = array('en_GB.utf8');
if(!empty($possibleLanguages)) {
foreach ($possibleLanguages as $lang) {
$languages[$lang->description] = $lang->code;
if (strpos($conf->get_defaultLanguage(), $lang->code) === 0) {
$defaultLanguage = array($lang->code);
}
2003-05-09 16:22:46 +00:00
}
2017-11-21 19:02:36 +00:00
$languageSelect = new htmlResponsiveSelect('lang', $languages, $defaultLanguage, _("Default language"), '209');
2011-01-01 19:46:44 +00:00
$languageSelect->setHasDescriptiveElements(true);
2017-11-21 19:02:36 +00:00
$row->add($languageSelect, 12);
2003-05-09 16:22:46 +00:00
}
2011-01-01 19:46:44 +00:00
else {
2017-11-21 19:02:36 +00:00
$row->add(new htmlStatusMessage('ERROR', "Unable to load available languages. Setting English as default language."), 12);
2003-05-09 16:22:46 +00:00
}
$timezones = array();
$timezones = array_merge($timezones, DateTimeZone::listIdentifiers(DateTimeZone::AFRICA));
$timezones = array_merge($timezones, DateTimeZone::listIdentifiers(DateTimeZone::AMERICA));
$timezones = array_merge($timezones, DateTimeZone::listIdentifiers(DateTimeZone::ANTARCTICA));
$timezones = array_merge($timezones, DateTimeZone::listIdentifiers(DateTimeZone::ARCTIC));
$timezones = array_merge($timezones, DateTimeZone::listIdentifiers(DateTimeZone::ASIA));
$timezones = array_merge($timezones, DateTimeZone::listIdentifiers(DateTimeZone::ATLANTIC));
$timezones = array_merge($timezones, DateTimeZone::listIdentifiers(DateTimeZone::AUSTRALIA));
$timezones = array_merge($timezones, DateTimeZone::listIdentifiers(DateTimeZone::EUROPE));
$timezones = array_merge($timezones, DateTimeZone::listIdentifiers(DateTimeZone::INDIAN));
$timezones = array_merge($timezones, DateTimeZone::listIdentifiers(DateTimeZone::PACIFIC));
2015-11-07 09:14:48 +00:00
$timezones = array_merge($timezones, DateTimeZone::listIdentifiers(DateTimeZone::UTC));
2017-11-21 19:02:36 +00:00
$row->add(new htmlResponsiveSelect('timeZone', $timezones, array($conf->getTimeZone()), _('Time zone'), '213'), 12);
2017-11-21 19:02:36 +00:00
$row->addVerticalSpacer('2rem');
2003-05-09 16:22:46 +00:00
2010-02-20 17:26:10 +00:00
// lamdaemon settings
2017-11-25 10:39:34 +00:00
$row->add(new htmlSubTitle(_("Lamdaemon settings"), '../../graphics/lamdaemon.png', null, true), 12);
2017-11-21 19:02:36 +00:00
$row->add(new htmlResponsiveInputField(_("Server list"), 'scriptservers', $conf->get_scriptServers(), '218'), 12);
$row->add(new htmlResponsiveInputField(_("Path to external script"), 'scriptpath', $conf->get_scriptPath(), '210'), 12);
2017-11-21 19:02:36 +00:00
$row->add(new htmlResponsiveInputField(_('User name'), 'scriptuser', $conf->getScriptUserName(), '284'), 12);
$row->add(new htmlResponsiveInputField(_('SSH key file'), 'scriptkey', $conf->getScriptSSHKey(), '285'), 12);
$sshKeyPassword = new htmlResponsiveInputField(_('SSH key password'), 'scriptkeypassword', $conf->getScriptSSHKeyPassword(), '286');
$sshKeyPassword->setIsPassword(true);
2017-11-21 19:02:36 +00:00
$row->add($sshKeyPassword, 12);
$row->addVerticalSpacer('0.5rem');
$lamdaemonRightsLabel = new htmlGroup();
$lamdaemonRightsLabel->addElement(new htmlOutputText(_("Rights for the home directory")));
$lamdaemonRightsLabel->addElement(new htmlSpacer('0.2rem', null));
$lamdaemonRightsLabel->addElement(new htmlHelpLink('219'));
$row->addLabel($lamdaemonRightsLabel, 12, 6);
2007-02-22 17:16:14 +00:00
$chmod = $conf->get_scriptRights();
2011-01-01 19:46:44 +00:00
$rightsTable = new htmlTable();
2017-11-21 19:02:36 +00:00
$rightsTable->setCSSClasses(array('padding5'));
2011-01-01 19:46:44 +00:00
$rightsTable->addElement(new htmlOutputText(''));
$rightsTable->addElement(new htmlOutputText(_("Read")));
$rightsTable->addElement(new htmlOutputText(_("Write")));
$rightsTable->addElement(new htmlOutputText(_("Execute")), true);
$rightsTable->addElement(new htmlOutputText(_("Owner")));
$rightsTable->addElement(new htmlInputCheckbox('chmod_owr', checkChmod("read","owner", $chmod)));
$rightsTable->addElement(new htmlInputCheckbox('chmod_oww', checkChmod("write","owner", $chmod)));
$rightsTable->addElement(new htmlInputCheckbox('chmod_owe', checkChmod("execute","owner", $chmod)), true);
$rightsTable->addElement(new htmlOutputText(_("Group")));
$rightsTable->addElement(new htmlInputCheckbox('chmod_grr', checkChmod("read","group", $chmod)));
$rightsTable->addElement(new htmlInputCheckbox('chmod_grw', checkChmod("write","group", $chmod)));
$rightsTable->addElement(new htmlInputCheckbox('chmod_gre', checkChmod("execute","group", $chmod)), true);
$rightsTable->addElement(new htmlOutputText(_("Other")));
$rightsTable->addElement(new htmlInputCheckbox('chmod_otr', checkChmod("read","other", $chmod)));
$rightsTable->addElement(new htmlInputCheckbox('chmod_otw', checkChmod("write","other", $chmod)));
$rightsTable->addElement(new htmlInputCheckbox('chmod_ote', checkChmod("execute","other", $chmod)), true);
2017-11-21 19:02:36 +00:00
$row->addField($rightsTable, 12, 6);
2011-01-01 19:46:44 +00:00
2017-11-21 19:02:36 +00:00
$row->addVerticalSpacer('2rem');
2011-01-01 19:46:44 +00:00
2010-08-29 16:02:51 +00:00
// LAM Pro settings
if (isLAMProVersion()) {
2016-02-26 19:49:57 +00:00
// password reset page
2017-11-25 10:39:34 +00:00
$row->add(new htmlSubTitle(_("Password reset page settings"), '../../graphics/keyBig.png', null, true), 12);
2016-02-26 19:49:57 +00:00
$pwdResetAllowSpecific = true;
if ($conf->getPwdResetAllowSpecificPassword() == 'false') {
$pwdResetAllowSpecific = false;
}
2017-11-21 19:02:36 +00:00
$row->add(new htmlResponsiveInputCheckbox('pwdResetAllowSpecificPassword', $pwdResetAllowSpecific , _('Allow setting specific passwords'), '280'), 12);
2016-02-26 19:49:57 +00:00
$pwdResetAllowScreenPassword = true;
if ($conf->getPwdResetAllowScreenPassword() == 'false') {
$pwdResetAllowScreenPassword = false;
}
2017-11-21 19:02:36 +00:00
$row->add(new htmlResponsiveInputCheckbox('pwdResetAllowScreenPassword', $pwdResetAllowScreenPassword , _('Allow to display password on screen'), '281'), 12);
$pwdResetForcePasswordChange = true;
if ($conf->getPwdResetForcePasswordChange() == 'false') {
$pwdResetForcePasswordChange = false;
}
$row->add(new htmlResponsiveInputCheckbox('pwdResetForcePasswordChange', $pwdResetForcePasswordChange , _('Force password change by default'), '283'), 12);
2016-02-26 19:49:57 +00:00
$pwdResetDefaultPasswordOutputOptions = array(
_('Display on screen') => LAMConfig::PWDRESET_DEFAULT_SCREEN,
_('Send via mail') => LAMConfig::PWDRESET_DEFAULT_MAIL,
_('Both') => LAMConfig::PWDRESET_DEFAULT_BOTH
);
2017-11-21 19:02:36 +00:00
$pwdResetDefaultPasswordOutputSelect = new htmlResponsiveSelect('pwdResetDefaultPasswordOutput', $pwdResetDefaultPasswordOutputOptions, array($conf->getPwdResetDefaultPasswordOutput()), _("Default password output"), '282');
2016-02-26 19:49:57 +00:00
$pwdResetDefaultPasswordOutputSelect->setHasDescriptiveElements(true);
2017-11-21 19:02:36 +00:00
$row->add($pwdResetDefaultPasswordOutputSelect, 12);
2016-02-26 19:49:57 +00:00
2017-11-21 19:02:36 +00:00
$row->addVerticalSpacer('2rem');
2016-02-26 19:49:57 +00:00
// mail settings
2017-11-25 10:39:34 +00:00
$row->add(new htmlSubTitle(_("Password mail settings"), '../../graphics/mailBig.png', null, true), 12);
2015-11-07 09:14:48 +00:00
2017-11-21 19:02:36 +00:00
$pwdMailFrom = new htmlResponsiveInputField(_('From address'), 'pwdResetMail_from', $conf->getLamProMailFrom(), '550');
$row->add($pwdMailFrom, 12);
2015-11-07 09:14:48 +00:00
2017-11-21 19:02:36 +00:00
$pwdMailReplyTo = new htmlResponsiveInputField(_('Reply-to address'), 'pwdResetMail_replyTo', $conf->getLamProMailReplyTo(), '554');
$row->add($pwdMailReplyTo, 12);
2015-11-07 09:14:48 +00:00
2017-11-21 19:02:36 +00:00
$pwdMailSubject = new htmlResponsiveInputField(_('Subject'), 'pwdResetMail_subject', $conf->getLamProMailSubject(), '551');
$row->add($pwdMailSubject, 12);
2015-11-07 09:14:48 +00:00
$pwdMailIsHTML = false;
if ($conf->getLamProMailIsHTML() == 'true') {
$pwdMailIsHTML = true;
}
2017-11-21 19:02:36 +00:00
$row->add(new htmlResponsiveInputCheckbox('pwdResetMail_isHTML',$pwdMailIsHTML , _('HTML format'), '553'), 12);
2015-11-07 09:14:48 +00:00
2014-02-10 19:16:37 +00:00
$pwdMailAllowAlternate = true;
if ($conf->getLamProMailAllowAlternateAddress() == 'false') {
$pwdMailAllowAlternate = false;
}
2017-11-21 19:02:36 +00:00
$row->add(new htmlResponsiveInputCheckbox('pwdResetMail_allowAlternate',$pwdMailAllowAlternate , _('Allow alternate address'), '555'), 12);
2015-11-07 09:14:48 +00:00
2017-11-21 19:02:36 +00:00
$pwdMailBody = new htmlResponsiveInputTextarea('pwdResetMail_body', $conf->getLamProMailText(), 50, 4, _('Text'), '552');
$row->add($pwdMailBody, 12);
2015-11-07 09:14:48 +00:00
2017-11-21 19:02:36 +00:00
$row->addVerticalSpacer('2rem');
2010-08-29 16:02:51 +00:00
}
2012-05-26 20:05:56 +00:00
// tool settings
2017-11-25 10:39:34 +00:00
$row->add(new htmlSubTitle(_("Tool settings"), '../../graphics/bigTools.png',null, true), 12);
2012-05-26 20:05:56 +00:00
$toolSettings = $conf->getToolSettings();
2017-11-21 19:11:59 +00:00
$row->add(new htmlOutputText(_('Hidden tools')), 12);
$row->addVerticalSpacer('0.5rem');
2012-05-26 20:05:56 +00:00
$tools = getTools();
for ($i = 0; $i < sizeof($tools); $i++) {
$tool = new $tools[$i]();
if ($tool->isHideable()) {
$tools[$i] = $tool;
}
else {
unset($tools[$i]);
$i--;
$tools = array_values($tools);
}
}
2017-11-21 19:11:59 +00:00
$toolSettingsContent = new htmlResponsiveRow();
2017-11-25 10:39:34 +00:00
$toolsSize = sizeof($tools);
for ($r = 0; $r < $toolsSize; $r++) {
2017-11-21 19:11:59 +00:00
$tool = $tools[$r];
$toolClass = get_class($tool);
$toolName = substr($toolClass, strrpos($toolClass, '\\') + 1);
$selected = false;
if (isset($toolSettings['tool_hide_' . $toolName]) && ($toolSettings['tool_hide_' . $toolName] === 'true')) {
$selected = true;
2012-05-26 20:05:56 +00:00
}
2017-11-25 10:39:34 +00:00
$toolSettingsContent->add(new htmlResponsiveInputCheckbox('tool_hide_' . $toolName, $selected, $tool->getName(), null, false), 12, 4);
}
for ($i = $toolsSize % 3; $i < 3; $i++) {
$toolSettingsContent->add(new htmlOutputText(''), 0, 4);
2012-05-26 20:05:56 +00:00
}
2017-11-21 19:11:59 +00:00
$row->add($toolSettingsContent, 12);
2017-11-21 19:02:36 +00:00
$row->addVerticalSpacer('2rem');
2012-05-26 20:05:56 +00:00
2003-06-24 15:50:38 +00:00
// security setings
2017-11-25 10:39:34 +00:00
$row->add(new htmlSubTitle(_("Security settings"), '../../graphics/security.png', null, true), 12);
2009-03-07 16:22:30 +00:00
// login method
2011-01-02 13:57:46 +00:00
$loginOptions = array(
_('Fixed list') => LAMConfig::LOGIN_LIST,
_('LDAP search') => LAMConfig::LOGIN_SEARCH
);
2017-11-21 19:02:36 +00:00
$loginSelect = new htmlResponsiveSelect('loginMethod', $loginOptions, array($conf->getLoginMethod()), _("Login method"), '220');
2011-01-02 13:57:46 +00:00
$loginSelect->setHasDescriptiveElements(true);
$loginSelect->setTableRowsToHide(array(
LAMConfig::LOGIN_LIST => array('loginSearchSuffix', 'loginSearchFilter', 'loginSearchDN', 'loginSearchPassword', 'httpAuthentication'),
LAMConfig::LOGIN_SEARCH => array('admins')
));
$loginSelect->setTableRowsToShow(array(
LAMConfig::LOGIN_LIST => array('admins'),
LAMConfig::LOGIN_SEARCH => array('loginSearchSuffix', 'loginSearchFilter', 'loginSearchDN', 'loginSearchPassword', 'httpAuthentication')
));
2017-11-21 19:02:36 +00:00
$row->add($loginSelect, 12);
2003-05-15 18:21:44 +00:00
// admin list
2007-01-04 20:05:12 +00:00
$adminText = implode("\n", explode(";", $conf->get_Adminstring()));
2017-11-21 19:02:36 +00:00
$adminTextInput = new htmlResponsiveInputTextarea('admins', $adminText, '50', '3', _("List of valid users"), '207');
2011-01-02 13:57:46 +00:00
$adminTextInput->setRequired(true);
2017-11-21 19:02:36 +00:00
$row->add($adminTextInput, 12);
2011-01-02 13:57:46 +00:00
// search suffix
2017-11-21 19:02:36 +00:00
$searchSuffixInput = new htmlResponsiveInputField(_("LDAP suffix"), 'loginSearchSuffix', $conf->getLoginSearchSuffix(), '221');
2011-01-02 13:57:46 +00:00
$searchSuffixInput->setRequired(true);
2017-11-21 19:02:36 +00:00
$row->add($searchSuffixInput, 12);
2009-03-07 16:22:30 +00:00
// login search filter
2017-11-21 19:02:36 +00:00
$searchFilterInput = new htmlResponsiveInputField(_("LDAP filter"), 'loginSearchFilter', $conf->getLoginSearchFilter(), '221');
2011-01-02 13:57:46 +00:00
$searchFilterInput->setRequired(true);
2017-11-21 19:02:36 +00:00
$row->add($searchFilterInput, 12);
2011-12-03 19:02:28 +00:00
// login search bind user
2017-11-21 19:02:36 +00:00
$row->add(new htmlResponsiveInputField(_("Bind user"), 'loginSearchDN', $conf->getLoginSearchDN(), '224'), 12);
2011-12-03 19:02:28 +00:00
// login search bind password
2017-11-21 19:02:36 +00:00
$searchPasswordInput = new htmlResponsiveInputField(_("Bind password"), 'loginSearchPassword', $conf->getLoginSearchPassword(), '224');
2011-12-03 19:02:28 +00:00
$searchPasswordInput->setIsPassword(true);
2017-11-21 19:02:36 +00:00
$row->add($searchPasswordInput, 12);
2011-08-23 19:05:05 +00:00
// HTTP authentication
2017-11-21 19:02:36 +00:00
$row->add(new htmlResponsiveInputCheckbox('httpAuthentication', ($conf->getHttpAuthentication() == 'true'), _('HTTP authentication'), '223', true), 12);
$row->addVerticalSpacer('1rem');
2017-02-11 17:16:08 +00:00
// 2factor authentication
if (extension_loaded('curl')) {
2017-11-21 19:02:36 +00:00
$row->add(new htmlSubTitle(_("2-factor authentication"), '../../graphics/lock.png'), 12);
2017-02-11 17:16:08 +00:00
$twoFactorOptions = array(
_('None') => TwoFactorProviderService::TWO_FACTOR_NONE,
2017-03-07 18:02:52 +00:00
'privacyIDEA' => TwoFactorProviderService::TWO_FACTOR_PRIVACYIDEA,
2018-12-31 09:51:44 +00:00
'YubiKey' => TwoFactorProviderService::TWO_FACTOR_YUBICO,
2017-02-11 17:16:08 +00:00
);
2017-11-21 19:02:36 +00:00
$twoFactorSelect = new htmlResponsiveSelect('twoFactor', $twoFactorOptions, array($conf->getTwoFactorAuthentication()), _('Provider'), '514');
2017-02-11 17:16:08 +00:00
$twoFactorSelect->setHasDescriptiveElements(true);
$twoFactorSelect->setTableRowsToHide(array(
2018-12-31 09:51:44 +00:00
TwoFactorProviderService::TWO_FACTOR_NONE => array('twoFactorURL', 'twoFactorInsecure', 'twoFactorLabel',
2019-08-11 07:39:47 +00:00
'twoFactorOptional', 'twoFactorCaption', 'twoFactorClientId', 'twoFactorSecretKey', 'twoFactorAttribute'),
TwoFactorProviderService::TWO_FACTOR_PRIVACYIDEA => array('twoFactorClientId', 'twoFactorSecretKey'),
TwoFactorProviderService::TWO_FACTOR_YUBICO => array('twoFactorAttribute'),
2017-02-11 17:16:08 +00:00
));
$twoFactorSelect->setTableRowsToShow(array(
2018-12-31 09:51:44 +00:00
TwoFactorProviderService::TWO_FACTOR_PRIVACYIDEA => array('twoFactorURL', 'twoFactorInsecure', 'twoFactorLabel',
2019-08-11 07:39:47 +00:00
'twoFactorOptional', 'twoFactorCaption', 'twoFactorAttribute'),
2018-12-31 09:51:44 +00:00
TwoFactorProviderService::TWO_FACTOR_YUBICO => array('twoFactorURL', 'twoFactorInsecure', 'twoFactorLabel',
'twoFactorOptional', 'twoFactorCaption', 'twoFactorClientId', 'twoFactorSecretKey'),
2017-02-11 17:16:08 +00:00
));
2017-11-21 19:02:36 +00:00
$row->add($twoFactorSelect, 12);
2019-08-11 07:39:47 +00:00
$twoFactorAttribute = new htmlResponsiveInputField(_("User name attribute"), 'twoFactorAttribute', $conf->getTwoFactorAuthenticationAttribute(), '528');
$row->add($twoFactorAttribute, 12);
2017-11-21 19:02:36 +00:00
$twoFactorUrl = new htmlResponsiveInputField(_("Base URL"), 'twoFactorURL', $conf->getTwoFactorAuthenticationURL(), '515');
2017-02-11 17:16:08 +00:00
$twoFactorUrl->setRequired(true);
2017-11-21 19:02:36 +00:00
$row->add($twoFactorUrl, 12);
2018-12-31 09:51:44 +00:00
$twoFactorClientId = new htmlResponsiveInputField(_("Client id"), 'twoFactorClientId', $conf->getTwoFactorAuthenticationClientId(), '524');
$row->add($twoFactorClientId, 12);
$twoFactorSecretKey = new htmlResponsiveInputField(_("Secret key"), 'twoFactorSecretKey', $conf->getTwoFactorAuthenticationSecretKey(), '525');
$row->add($twoFactorSecretKey, 12);
2017-11-21 19:02:36 +00:00
$twoFactorLabel = new htmlResponsiveInputField(_("Label"), 'twoFactorLabel', $conf->getTwoFactorAuthenticationLabel(), '517');
$row->add($twoFactorLabel, 12);
$row->add(new htmlResponsiveInputCheckbox('twoFactorOptional', $conf->getTwoFactorAuthenticationOptional(), _('Optional'), '519'), 12);
$row->add(new htmlResponsiveInputCheckbox('twoFactorInsecure', $conf->getTwoFactorAuthenticationInsecure(), _('Disable certificate check'), '516'), 12);
$twoFactorCaption = new htmlResponsiveInputTextarea('twoFactorCaption', $conf->getTwoFactorAuthenticationCaption(), '80', '4', _("Caption"));
2017-02-11 17:16:08 +00:00
$twoFactorCaption->setIsRichEdit(true);
$twoFactorCaption->alignment = htmlElement::ALIGN_TOP;
2017-11-21 19:02:36 +00:00
$row->add($twoFactorCaption, 12);
2017-02-11 17:16:08 +00:00
}
2011-01-02 13:57:46 +00:00
// new password
2017-11-25 10:39:34 +00:00
$row->add(new htmlSubTitle(_("Profile password"), '../../graphics/keyBig.png', null, true), 12);
2017-11-21 19:02:36 +00:00
$password1 = new htmlResponsiveInputField(_("New password"), 'passwd1', null, '212');
2011-01-02 13:57:46 +00:00
$password1->setIsPassword(true);
2017-11-21 19:02:36 +00:00
$password2 = new htmlResponsiveInputField(_("Reenter password"), 'passwd2');
2011-01-02 13:57:46 +00:00
$password2->setIsPassword(true);
$password2->setSameValueFieldID('passwd1');
2017-11-21 19:02:36 +00:00
$row->add($password1, 12);
$row->add($password2, 12);
$row->addVerticalSpacer('2rem');
2003-05-15 18:21:44 +00:00
2017-11-21 19:02:36 +00:00
parseHtml(null, $row, array(), false, $tabindex, 'user');
2003-07-25 15:41:51 +00:00
2011-01-08 19:44:08 +00:00
echo "</div></div>";
$buttonContainer = new htmlTable();
$buttonContainer->addElement(new htmlSpacer(null, '10px'), true);
$saveButton = new htmlButton('saveSettings', _('Save'));
$saveButton->setIconClass('saveButton');
$buttonContainer->addElement($saveButton);
$cancelButton = new htmlButton('cancelSettings', _('Cancel'));
$cancelButton->setIconClass('cancelButton');
$buttonContainer->addElement($cancelButton, true);
$buttonContainer->addElement(new htmlSpacer(null, '10px'), true);
parseHtml(null, $buttonContainer, array(), false, $tabindex, 'user');
2017-02-11 17:16:08 +00:00
?>
</form>
<script type="text/javascript" src="../lib/extra/ckeditor/ckeditor.js"></script>
</body>
</html>
<?php
/**
2009-07-12 13:40:32 +00:00
* Checks user input and saves the entered settings.
*
2009-07-12 13:40:32 +00:00
* @return array list of errors
*/
2009-07-12 13:40:32 +00:00
function checkInput() {
$conf = &$_SESSION['conf_config'];
$types = $conf->get_ActiveTypes();
2006-09-24 14:19:50 +00:00
// check new preferences
$errors = array();
if (!$conf->set_ServerURL($_POST['serverurl'])) {
2006-07-10 19:27:54 +00:00
$errors[] = array("ERROR", _("Server address is invalid!"));
}
$conf->setServerDisplayName($_POST['serverDisplayName']);
2009-05-03 18:23:36 +00:00
$conf->setUseTLS($_POST['useTLS']);
if ((strpos($_POST['serverurl'], 'ldaps://') !== false) && ($_POST['useTLS'] == 'yes')) {
$errors[] = array("ERROR", _('You cannot use SSL and TLS encryption at the same time. Please use either "ldaps://" or TLS.'));
}
if (isset($_POST['followReferrals']) && ($_POST['followReferrals'] == 'on')) {
$conf->setFollowReferrals('true');
}
else {
$conf->setFollowReferrals('false');
}
2014-11-29 17:40:39 +00:00
if (isset($_POST['pagedResults']) && ($_POST['pagedResults'] == 'on')) {
$conf->setPagedResults('true');
}
else {
$conf->setPagedResults('false');
}
2017-12-31 11:53:30 +00:00
if (isset($_POST['referentialIntegrityOverlay']) && ($_POST['referentialIntegrityOverlay'] == 'on')) {
$conf->setReferentialIntegrityOverlay('true');
}
else {
$conf->setReferentialIntegrityOverlay('false');
}
2010-11-20 19:23:29 +00:00
/* if (!$conf->set_cacheTimeout($_POST['cachetimeout'])) {
$errors[] = array("ERROR", _("Cache timeout is invalid!"));
2010-11-20 19:23:29 +00:00
}*/
$conf->set_searchLimit($_POST['searchLimit']);
2007-12-30 12:32:48 +00:00
if (isLAMProVersion()) {
$conf->setAccessLevel($_POST['accessLevel']);
2016-02-26 19:49:57 +00:00
if (isset($_POST['pwdResetAllowSpecificPassword']) && ($_POST['pwdResetAllowSpecificPassword'] == 'on')) {
$conf->setPwdResetAllowSpecificPassword('true');
}
else {
$conf->setPwdResetAllowSpecificPassword('false');
}
if (isset($_POST['pwdResetAllowScreenPassword']) && ($_POST['pwdResetAllowScreenPassword'] == 'on')) {
$conf->setPwdResetAllowScreenPassword('true');
}
else {
$conf->setPwdResetAllowScreenPassword('false');
}
if (isset($_POST['pwdResetForcePasswordChange']) && ($_POST['pwdResetForcePasswordChange'] == 'on')) {
$conf->setPwdResetForcePasswordChange('true');
}
else {
$conf->setPwdResetForcePasswordChange('false');
}
$conf->setPwdResetDefaultPasswordOutput($_POST['pwdResetDefaultPasswordOutput']);
2010-08-29 16:02:51 +00:00
if (!$conf->setLamProMailFrom($_POST['pwdResetMail_from'])) {
2012-03-13 21:02:37 +00:00
$errors[] = array("ERROR", _("From address for password mails is invalid."), htmlspecialchars($_POST['pwdResetMail_from']));
2010-08-29 16:02:51 +00:00
}
2011-08-15 12:33:04 +00:00
if (!$conf->setLamProMailReplyTo($_POST['pwdResetMail_replyTo'])) {
2012-03-13 21:02:37 +00:00
$errors[] = array("ERROR", _("Reply-to address for password mails is invalid."), htmlspecialchars($_POST['pwdResetMail_replyTo']));
2011-08-15 12:33:04 +00:00
}
2010-08-29 16:02:51 +00:00
$conf->setLamProMailSubject($_POST['pwdResetMail_subject']);
if (isset($_POST['pwdResetMail_isHTML']) && ($_POST['pwdResetMail_isHTML'] == 'on')) {
$conf->setLamProMailIsHTML('true');
}
else {
$conf->setLamProMailIsHTML('false');
}
2014-02-10 19:16:37 +00:00
if (isset($_POST['pwdResetMail_allowAlternate']) && ($_POST['pwdResetMail_allowAlternate'] == 'on')) {
$conf->setLamProMailAllowAlternateAddress('true');
}
else {
$conf->setLamProMailAllowAlternateAddress('false');
}
2010-08-29 16:02:51 +00:00
$conf->setLamProMailText($_POST['pwdResetMail_body']);
2007-12-30 12:32:48 +00:00
}
2007-01-04 20:05:12 +00:00
$adminText = $_POST['admins'];
$adminText = explode("\n", $adminText);
$adminTextNew = array();
for ($i = 0; $i < sizeof($adminText); $i++) {
if (trim($adminText[$i]) == "") continue;
$adminTextNew[] = trim($adminText[$i]);
}
2009-03-07 16:22:30 +00:00
$conf->setLoginMethod($_POST['loginMethod']);
$conf->setLoginSearchFilter($_POST['loginSearchFilter']);
$conf->setLoginSearchSuffix($_POST['loginSearchSuffix']);
2011-12-03 19:02:28 +00:00
$conf->setLoginSearchPassword($_POST['loginSearchPassword']);
2013-07-21 10:35:54 +00:00
$conf->setLoginSearchDN($_POST['loginSearchDN']);
2015-11-07 09:14:48 +00:00
if ($_POST['loginMethod'] == LAMConfig::LOGIN_SEARCH) { // check only if search method
2013-07-21 10:35:54 +00:00
if (!$conf->setLoginSearchDN($_POST['loginSearchDN'])) {
$errors[] = array("ERROR", _("Please enter a valid bind user."));
}
}
2011-08-23 19:05:05 +00:00
if (isset($_POST['httpAuthentication']) && ($_POST['httpAuthentication'] == 'on')) {
$conf->setHttpAuthentication('true');
}
else {
$conf->setHttpAuthentication('false');
}
2007-01-04 20:05:12 +00:00
if (!$conf->set_Adminstring(implode(";", $adminTextNew))) {
$errors[] = array("ERROR", _("List of admin users is empty or invalid!"));
}
if (!$conf->set_Suffix("tree", $_POST['sufftree'])) {
$errors[] = array("ERROR", _("TreeSuffix is invalid!"));
}
if (!$conf->set_defaultLanguage($_POST['lang'])) {
$errors[] = array("ERROR", _("Language is not defined!"));
}
$conf->setTimeZone($_POST['timeZone']);
if (!$conf->set_scriptpath($_POST['scriptpath'])) {
$errors[] = array("ERROR", _("Script path is invalid!"));
}
2007-02-22 17:16:14 +00:00
if (!$conf->set_scriptservers($_POST['scriptservers'])) {
$errors[] = array("ERROR", _("Script server is invalid!"));
}
2007-02-22 17:16:14 +00:00
$chmodOwner = 0;
$chmodGroup = 0;
$chmodOther = 0;
2007-10-05 18:09:49 +00:00
if (isset($_POST['chmod_owr']) && ($_POST['chmod_owr'] == 'on')) $chmodOwner += 4;
if (isset($_POST['chmod_oww']) && ($_POST['chmod_oww'] == 'on')) $chmodOwner += 2;
if (isset($_POST['chmod_owe']) && ($_POST['chmod_owe'] == 'on')) $chmodOwner += 1;
if (isset($_POST['chmod_grr']) && ($_POST['chmod_grr'] == 'on')) $chmodGroup += 4;
if (isset($_POST['chmod_grw']) && ($_POST['chmod_grw'] == 'on')) $chmodGroup += 2;
if (isset($_POST['chmod_gre']) && ($_POST['chmod_gre'] == 'on')) $chmodGroup += 1;
if (isset($_POST['chmod_otr']) && ($_POST['chmod_otr'] == 'on')) $chmodOther += 4;
if (isset($_POST['chmod_otw']) && ($_POST['chmod_otw'] == 'on')) $chmodOther += 2;
if (isset($_POST['chmod_ote']) && ($_POST['chmod_ote'] == 'on')) $chmodOther += 1;
2007-02-22 17:16:14 +00:00
$chmod = $chmodOwner . $chmodGroup . $chmodOther;
if (!$conf->set_scriptrights($chmod)) {
2007-03-05 17:05:38 +00:00
$errors[] = array("ERROR", _("Script rights are invalid!"));
2007-02-22 17:16:14 +00:00
}
$conf->setScriptUserName($_POST['scriptuser']);
$conf->setScriptSSHKey($_POST['scriptkey']);
$conf->setScriptSSHKeyPassword($_POST['scriptkeypassword']);
2012-05-26 20:05:56 +00:00
// tool settings
$tools = getTools();
$toolSettings = array();
for ($i = 0; $i < sizeof($tools); $i++) {
2017-07-16 18:48:46 +00:00
$toolClass = $tools[$i];
$toolName = substr($toolClass, strrpos($toolClass, '\\') + 1);
$toolConfigID = 'tool_hide_' . $toolName;
2012-05-26 20:05:56 +00:00
if ((isset($_POST[$toolConfigID])) && ($_POST[$toolConfigID] == 'on')) {
$toolSettings[$toolConfigID] = 'true';
}
else {
$toolSettings[$toolConfigID] = 'false';
}
}
2015-11-07 09:14:48 +00:00
$conf->setToolSettings($toolSettings);
2017-02-11 17:16:08 +00:00
// 2-factor
if (extension_loaded('curl')) {
$conf->setTwoFactorAuthentication($_POST['twoFactor']);
$conf->setTwoFactorAuthenticationURL($_POST['twoFactorURL']);
2018-12-31 09:51:44 +00:00
$conf->setTwoFactorAuthenticationClientId($_POST['twoFactorClientId']);
$conf->setTwoFactorAuthenticationSecretKey($_POST['twoFactorSecretKey']);
2017-02-11 17:16:08 +00:00
$conf->setTwoFactorAuthenticationInsecure(isset($_POST['twoFactorInsecure']) && ($_POST['twoFactorInsecure'] == 'on'));
$conf->setTwoFactorAuthenticationLabel($_POST['twoFactorLabel']);
$conf->setTwoFactorAuthenticationOptional(isset($_POST['twoFactorOptional']) && ($_POST['twoFactorOptional'] == 'on'));
$conf->setTwoFactorAuthenticationCaption(str_replace(array("\r", "\n"), array('', ''), $_POST['twoFactorCaption']));
}
// check if password was changed
if (isset($_POST['passwd1']) && ($_POST['passwd1'] != '')) {
if ($_POST['passwd1'] != $_POST['passwd2']) {
$errors[] = array("ERROR", _("Passwords are different!"));
}
else {
// set new password
$conf->set_Passwd($_POST['passwd1']);
}
}
2009-07-12 13:40:32 +00:00
return $errors;
}
2003-02-25 21:28:17 +00:00
?>