WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

renamed get_ereg in get_preg function. Made get_preg work with non standard letters. 

Fix password handling in posixGroup

function get_preg should wor fine now
This commit is contained in:
katagia 2004-09-24 16:32:46 +00:00
parent 21c929f642
commit 187f537a08
3 changed files with 76 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
lam/lib/account.inc
View File

@ -420,39 +420,70 @@ class samba3domain {
* It's much easier to handle them here than in every module
* because many of them are used several times.
**/
function get_ereg($argument, $regexp) {
function get_preg($argument, $regexp) {
// First we check "positive" cases
$eregexpr = '';
$pregexpr = '';
switch ($regexp) {
case "password": $eregexpr = '^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$'; break;
case "username": $eregexpr = '^([a-z]|[A-Z]|[0-9]|[.]|[ ]|[-]|[_])+$'; break;
case "hostname": $eregexpr = '^([a-z0-9\\.-])+(([,])+([ ])*([a-z0-9\\.-])+)*$'; break;
case "realname": $eregexpr = ''; break;
case "telephone": $eregexpr = '^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$'; break;
case "email": $eregexpr = '^(([0-9a-z\\._-])+[@]([0-9a-z-])+([.]([0-9a-z-])+)*)*$'; break;
case "street": $eregexpr = '^([0-9a-z])*$'; break; // ereg broken
case "postalAddress": $eregexpr = '^([0-9a-z])*$'; break; // ereg broken
case "postalCode": $eregexpr = '^([0-9a-z])*$'; break;
case "title": $eregexpr = '^([0-9a-z])*$'; break; // ereg broken
case "employeeType": $eregexpr = '^([0-9a-z])*$'; break; // ereg broken
case "homedir": $eregexpr = '^[/]([a-z])([a-z0-9\\._-])*([/]([a-z\\$])([a-z0-9\\._-])*)*$'; break;
case "naturalnumber": $eregexpr = '^[0-9]+$'; break;
case "UNC": $eregexpr = '^([\][\]([a-zA-Z0-9\\.%-])+([\]([a-z0-9\\.%-])+)+)|([/][a-z]([a-z0-9\\._%-])*([/][a-z]([a-z0-9\\._%-])*)*)$'; break;
case "logonscript": $eregexpr = '^([/])*([a-z0-9])+([/]([a-z0-9])+)*((\\.bat)|(\\.cmd))$'; break; // ereg broken
case "workstations": $eregexpr = '^([a-z0-9\\._-])+(,[a-z0-9\\._-])*$'; break;
case "domainname": $eregexpr = '^([a-z0-9_-])+$'; break;
case 'homepath': $eregexpr = '[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])+)+$'; break;
case 'naturalnumber2': $eregexpr = '^(([-][1])|([0-9]*))$'; break;
case "password": // fixme where do i get an exact regexp?
$pregexpr = '/^([[:alnum:]\\ \\|\\#\\*\\,\\.\\;\\:\\_\\+\\!\\%\\&\\/\\?\\{\\(\\)\\}-])*$/';
break;
case "groupname": // first character must be a letter. All letters, numbers, space and ._- are allowed characters
case "username": // first character must be a letter. All letters, numbers, space and ._- are allowed characters
$pregexpr = '/^[[:alpha:]]([[:alnum:]\\.\\ \\_-])*$/';
break;
case "hostname": // first character must be letter, last must be $. Only normal letters, numbers and ._- are allowed
$pregexpr = '/^[a-zA-Z]([a-zA-Z0-9\\.\\_-])*\\$$/';
break;
case "realname": // Allow all letters, space and .-_
$pregexpr = '/^[[:alpha:]]([[:alpha:]\\.\\ \\_-])*$/';
break;
case "telephone": // Allow numbers, space, brackets, /-+.
$pregexpr = '/^(\\+)*([0-9\\.\\ \\(\\)\\/-])*$/';
break;
case "email":
$pregexpr = '^(([0-9a-z\\._-])+[@]([0-9a-z-])+([.]([0-9a-z-])+)*)*$';
break;
case "street": // Allow all letters, numbers, space and .-_
$pregexpr = '/^([[:alnum:]\\.\\ \\_-])*$/';
break;
case "postalAddress": // Allow all letters, numbers, space and .-_
case "postalCode": // Allow all letters, numbers, space and .-_
case "title": // Allow all letters, numbers, space and .-_
case "employeeType": // Allow all letters, numbers, space and .-_
$pregexpr = '/^([[:alnum:]\\.\\ \\_-])*$/';
break;
case "homedir": // Homapath, /path/......
$pregexpr = '/^[/]([[:alnum:]\\.\\ \\_-)+([/]([[:alnum:]\\.\\ \\_-)+)*$/';
break;
case "digit": // Normal number
$pregexpr = '/^[[:digit:]]*$/';
break;
case "UNC": // UNC Path, e.g. \\server\share\folder\...
$pregexpr = '/^([\][\]([a-zA-Z0-9\\.-])+([\]([[:alnum:]\\.\\ \\_-])+)+)*$/';
break;
case "logonscript": // path to login-script. normal unix file
$pregexpr = '/^(([/])*([[:alnum:]\\.\\ \\_-])+([/]([[:alnum:]\\.\\ \\_-])+)*((\\.bat)|(\\.cmd)))*$/';
break;
case "workstations": // comma separated list with windows-hosts
$pregexpr = '/^(([a-zA-Z0-9\\.\\_-])+(,[a-zA-Z0-9\\.\\_-])*)*$/';
break;
case "domainname": // Windows Domainname
$pregexpr = '/^([a-z0-9\\_-])+$/';
break;
case 'digit2': // Same as digit but also -1
$pregexpr = '/^(([-][1])|([:digit:]*))$/';
break;
}
if ($eregexpr!='')
if (ereg($eregexpr, $argument)) return true;
if ($pregexpr!='')
if (preg_match($pregexpr, $argument)) return true;
// Now we check "negative" cases, characters which are not allowed
$eregexpr = '';
$pregexpr = '';
switch ($regexp) {
case "password": $eregexpr = '^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$'; break;
case "dummy": $pregexpr = '/^([a-z])*$/'; break;
}
if ($eregexpr!='')
if (!ereg($eregexpr, $argument)) return true;
if ($pregexpr!='')
if (!preg_match($pregexpr, $argument)) return true;
return false;
}

6
lam/lib/modules.inc
View File

@ -508,8 +508,6 @@ class accountContainer {
$this->load_account($this->dn_orig);
}
else {
//$function = '$result = $this->module[$this->order[$this->module[\'main\']->current_page]]->proccess_'.$this->module['main']->subpage.'($post);';
//eval ($function);
if ($this->current_page==0) {
if ($this->subpage=='attributes') {
$result = 0;
@ -580,7 +578,7 @@ class accountContainer {
}
}
}
else $result = call_user_func(array(&$this->module[$this->order[$this->current_page]], 'proccess_'.$this->subpage), $post);
else $result = call_user_func(array(&$this->module[$this->order[$this->current_page]], 'proccess_'.$this->subpage), &$post);
}
if (is_string($result)) $this->subpage = $result;
if (is_int($result)) {
@ -731,7 +729,7 @@ class accountContainer {
}
}
}
else $return = call_user_func(array($this->module[$this->order[$this->current_page]], 'display_html_'.$this->subpage), $post);
else $return = call_user_func(array($this->module[$this->order[$this->current_page]], 'display_html_'.$this->subpage), &$post);
$this->parse_html($this->order[$this->current_page], $return);
// Display rest of html-page
echo "</fieldset>\n";

27
lam/lib/modules/posixGroup.inc
View File

@ -106,7 +106,7 @@ class posixGroup extends baseModule {
*/
function display_html_attributes($post) {
if ($this->attributes['userPassword'][0] != $this->orig['userPassword'][0]) $password=$this->userPassword();
else $password='';
else if ($this->attributes['userPassword'][0] != '') $password=$post['userPassword'];
if (!$profile) {
$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _("Groupname").'*' ),
1 => array ( 'kind' => 'input', 'name' => 'cn', 'type' => 'text', 'size' => '20', 'maxlength' => '20', 'value' => $this->attributes['cn'][0]),
@ -126,6 +126,7 @@ class posixGroup extends baseModule {
1 => array ( 'kind' => 'input', 'name' => 'userPassword', 'type' => 'password', 'size' => '20', 'maxlength' => '255', 'value' => $password),
2 => array ( 'kind' => 'input', 'name' => 'genpass', 'type' => 'submit', 'value' => _('Generate password')));
if ($post['userPassword2']!='') $password2 = $post['userPassword2'];
else $password2 = $password;
$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Repeat password') ),
1 => array ( 'kind' => 'input', 'name' => 'userPassword2', 'type' => 'password', 'size' => '20', 'maxlength' => '255', 'value' => $password2),
2 => array ('kind' => 'help', 'value' => 'userPassword'));
@ -400,16 +401,20 @@ class posixGroup extends baseModule {
If (!$profile) {
if ($post['changegids']) $this->changegids=true;
else $this->changegids=false;
if (isset($post['userPassword'])) {
if ($post['userPassword'] != $post['userPassword2']) {
$errors['userPassword'][] = $this->errormessages['userPassword'][0];
unset ($post['userPassword2']);
if ($post['genpass']) {
$this->userPassword(genpasswd());
$post['userPassword2'] = '';
}
else {
if (isset($post['userPassword'])) {
if ($post['userPassword'] != $post['userPassword2']) {
$errors['userPassword'][] = $this->errormessages['userPassword'][0];
}
else $this->userPassword($post['userPassword']);
if (!get_preg($this->userPassword(), 'password'))
$errors['userPassword'][] = $this->errormessages['userPassword'][1];
}
}
else $this->userPassword($post['userPassword']);
if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $this->userPassword()))
$errors['userPassword'][] = $this->errormessages['userPassword'][1];
}
if ($post['genpass']) $this->userPassword(genpasswd());
if ($this->attributes['gidNumber'][0]!=$post['gidNumber'] || ($this->errors['gidNumber'][0]='ERROR')) {
// Check if GID is valid. If none value was entered, the next useable value will be inserted
// load min and may uidNumber
@ -473,7 +478,7 @@ class posixGroup extends baseModule {
if (($this->attributes['cn'][0] != $post['cn']) && ereg('[A-Z]$', $post['cn']))
$errors['cn'][] = $this->errormessages['cn'][0];
// Check if Groupname contains only valid characters
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[ ]|[-]|[_])+$', $this->attributes['cn'][0]))
if ( !get_preg($this->attributes['cn'][0],'groupname'))
$errors['cn'][] = $this->errormessages['cn'][2];
// Create automatic useraccount with number if original user already exists
// Reset name to original name if new name is in use