renamed get_ereg in get_preg function. Made get_preg work with non standard letters.

Fix password handling in posixGroup

function get_preg should wor fine now

lam/lib/account.inc

@@ -420,39 +420,70 @@ class samba3domain {
 * It's much easier to handle them here than in every module
 * because many of them are used several times.
 **/
-function get_ereg($argument, $regexp) {
+function get_preg($argument, $regexp) {
 	// First we check "positive" cases
-	$eregexpr = '';
+	$pregexpr = '';
 	switch ($regexp) {
-		case "password":      $eregexpr = '^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$'; break;
+		case "password":	// fixme where do i get an exact regexp?
-		case "username":      $eregexpr = '^([a-z]|[A-Z]|[0-9]|[.]|[ ]|[-]|[_])+$'; break;
+					$pregexpr = '/^([[:alnum:]\\ \\|\\#\\*\\,\\.\\;\\:\\_\\+\\!\\%\\&\\/\\?\\{\\(\\)\\}-])*$/';
-		case "hostname":      $eregexpr = '^([a-z0-9\\.-])+(([,])+([ ])*([a-z0-9\\.-])+)*$'; break;
+					break;
-		case "realname":      $eregexpr = ''; break;
+		case "groupname":	// first character must be a letter. All letters, numbers, space and ._- are allowed characters
-		case "telephone":     $eregexpr = '^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$'; break;
+		case "username":	// first character must be a letter. All letters, numbers, space and ._- are allowed characters
-		case "email":         $eregexpr = '^(([0-9a-z\\._-])+[@]([0-9a-z-])+([.]([0-9a-z-])+)*)*$'; break;
+					$pregexpr = '/^[[:alpha:]]([[:alnum:]\\.\\ \\_-])*$/';
-		case "street":        $eregexpr = '^([0-9a-z])*$'; break; // ereg broken
+					break;
-		case "postalAddress": $eregexpr = '^([0-9a-z])*$'; break; // ereg broken
+		case "hostname":	// first character must be letter, last must be $. Only normal letters, numbers and ._- are allowed
-		case "postalCode":    $eregexpr = '^([0-9a-z])*$'; break;
+					$pregexpr = '/^[a-zA-Z]([a-zA-Z0-9\\.\\_-])*\\$$/';
-		case "title":         $eregexpr = '^([0-9a-z])*$'; break; // ereg broken
+					break;
-		case "employeeType":  $eregexpr = '^([0-9a-z])*$'; break; // ereg broken
+		case "realname":	// Allow all letters, space and  .-_
-		case "homedir":       $eregexpr = '^[/]([a-z])([a-z0-9\\._-])*([/]([a-z\\$])([a-z0-9\\._-])*)*$'; break;
+					$pregexpr = '/^[[:alpha:]]([[:alpha:]\\.\\ \\_-])*$/';
-		case "naturalnumber": $eregexpr = '^[0-9]+$'; break;
+					break;
-		case "UNC":           $eregexpr = '^([\][\]([a-zA-Z0-9\\.%-])+([\]([a-z0-9\\.%-])+)+)|([/][a-z]([a-z0-9\\._%-])*([/][a-z]([a-z0-9\\._%-])*)*)$'; break;
+		case "telephone":	// Allow numbers, space, brackets, /-+.
-		case "logonscript":   $eregexpr = '^([/])*([a-z0-9])+([/]([a-z0-9])+)*((\\.bat)|(\\.cmd))$'; break;  // ereg broken
+					$pregexpr = '/^(\\+)*([0-9\\.\\ \\(\\)\\/-])*$/';
-		case "workstations":  $eregexpr = '^([a-z0-9\\._-])+(,[a-z0-9\\._-])*$'; break;
+					break;
-		case "domainname":    $eregexpr = '^([a-z0-9_-])+$'; break;
+		case "email":
-		case 'homepath':      $eregexpr = '[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])+)+$'; break;
+					$pregexpr = '^(([0-9a-z\\._-])+[@]([0-9a-z-])+([.]([0-9a-z-])+)*)*$';
-		case 'naturalnumber2': $eregexpr = '^(([-][1])|([0-9]*))$'; break;
+					break;
+		case "street":		// Allow all letters, numbers, space and .-_
+					$pregexpr = '/^([[:alnum:]\\.\\ \\_-])*$/';
+					break;
+		case "postalAddress":	// Allow all letters, numbers, space and .-_
+		case "postalCode":		// Allow all letters, numbers, space and .-_
+		case "title":			// Allow all letters, numbers, space and .-_
+		case "employeeType":	// Allow all letters, numbers, space and .-_
+					$pregexpr = '/^([[:alnum:]\\.\\ \\_-])*$/';
+					break;
+		case "homedir":		// Homapath, /path/......
+					$pregexpr = '/^[/]([[:alnum:]\\.\\ \\_-)+([/]([[:alnum:]\\.\\ \\_-)+)*$/';
+					break;
+		case "digit":		// Normal number
+					$pregexpr = '/^[[:digit:]]*$/';
+					break;
+		case "UNC":			// UNC Path, e.g. \\server\share\folder\...
+					$pregexpr = '/^([\][\]([a-zA-Z0-9\\.-])+([\]([[:alnum:]\\.\\ \\_-])+)+)*$/';
+					break;
+		case "logonscript":	// path to login-script. normal unix file
+					$pregexpr = '/^(([/])*([[:alnum:]\\.\\ \\_-])+([/]([[:alnum:]\\.\\ \\_-])+)*((\\.bat)|(\\.cmd)))*$/';
+					break;
+		case "workstations":	// comma separated list with windows-hosts
+					$pregexpr = '/^(([a-zA-Z0-9\\.\\_-])+(,[a-zA-Z0-9\\.\\_-])*)*$/';
+					break;
+		case "domainname":		// Windows Domainname
+					$pregexpr = '/^([a-z0-9\\_-])+$/';
+					break;
+		case 'digit2':			// Same as digit but also -1
+					$pregexpr = '/^(([-][1])|([:digit:]*))$/';
+					break;
 	}
-	if ($eregexpr!='')
+	if ($pregexpr!='')
-		if (ereg($eregexpr, $argument)) return true;
+			if (preg_match($pregexpr, $argument)) return true;
+	
 	// Now we check "negative" cases, characters which are not allowed
-	$eregexpr = '';
+	$pregexpr = '';
 	switch ($regexp) {
-		case "password":      $eregexpr = '^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$'; break;
+		case "dummy":      $pregexpr = '/^([a-z])*$/'; break;
 	}
-	if ($eregexpr!='')
+	if ($pregexpr!='')
-		if (!ereg($eregexpr, $argument)) return true;
+			if (!preg_match($pregexpr, $argument)) return true;
 	return false;
 }
 

lam/lib/modules.inc

@@ -508,8 +508,6 @@ class accountContainer {
 			$this->load_account($this->dn_orig);
 			}
 		else {
-			//$function = '$result = $this->module[$this->order[$this->module[\'main\']->current_page]]->proccess_'.$this->module['main']->subpage.'($post);';
-			//eval ($function);
 			if ($this->current_page==0) {
 				if ($this->subpage=='attributes') {
 					$result = 0;
@@ -580,7 +578,7 @@ class accountContainer {
 						}
 					}
 				}
-				else $result = call_user_func(array(&$this->module[$this->order[$this->current_page]], 'proccess_'.$this->subpage), $post);
+				else $result = call_user_func(array(&$this->module[$this->order[$this->current_page]], 'proccess_'.$this->subpage), &$post);
 			}
 		if (is_string($result)) $this->subpage = $result;
 		if (is_int($result)) {
@@ -731,7 +729,7 @@ class accountContainer {
 					}
 				}
 			}
-		else $return = call_user_func(array($this->module[$this->order[$this->current_page]], 'display_html_'.$this->subpage), $post);
+		else $return = call_user_func(array($this->module[$this->order[$this->current_page]], 'display_html_'.$this->subpage), &$post);
 		$this->parse_html($this->order[$this->current_page], $return);
 		// Display rest of html-page
 		echo "</fieldset>\n";

lam/lib/modules/posixGroup.inc

@@ -106,7 +106,7 @@ class posixGroup extends baseModule {
 	*/
 	function display_html_attributes($post) {
 		if ($this->attributes['userPassword'][0] != $this->orig['userPassword'][0]) $password=$this->userPassword();
-		else $password='';
+		else if ($this->attributes['userPassword'][0] != '') $password=$post['userPassword'];
 		if (!$profile) {
 			$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _("Groupname").'*' ),
 			1 => array ( 'kind' => 'input', 'name' => 'cn', 'type' => 'text', 'size' => '20', 'maxlength' => '20', 'value' => $this->attributes['cn'][0]),
@@ -126,6 +126,7 @@ class posixGroup extends baseModule {
 			1 => array ( 'kind' => 'input', 'name' => 'userPassword', 'type' => 'password', 'size' => '20', 'maxlength' => '255', 'value' => $password),
 			2 => array ( 'kind' => 'input', 'name' => 'genpass', 'type' => 'submit', 'value' => _('Generate password')));
 			if ($post['userPassword2']!='') $password2 = $post['userPassword2'];
+			 else $password2 = $password;
 			$return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Repeat password') ),
 			1 => array ( 'kind' => 'input', 'name' => 'userPassword2', 'type' => 'password', 'size' => '20', 'maxlength' => '255', 'value' => $password2),
 			2 => array ('kind' => 'help', 'value' => 'userPassword'));
@@ -400,16 +401,20 @@ class posixGroup extends baseModule {
 		If (!$profile) {
 			if ($post['changegids']) $this->changegids=true;
 			else $this->changegids=false;
+			if ($post['genpass']) {
+					$this->userPassword(genpasswd());
+					$post['userPassword2'] = '';
+				}
+				else {
 					if (isset($post['userPassword'])) {
 						if ($post['userPassword'] != $post['userPassword2']) {
 							$errors['userPassword'][] = $this->errormessages['userPassword'][0];
-					unset ($post['userPassword2']);
 						}
 						else $this->userPassword($post['userPassword']);
-				if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $this->userPassword()))
+						if (!get_preg($this->userPassword(), 'password'))
 							$errors['userPassword'][] = $this->errormessages['userPassword'][1];
 					}
-			if ($post['genpass']) $this->userPassword(genpasswd());
+				}
 			if ($this->attributes['gidNumber'][0]!=$post['gidNumber'] || ($this->errors['gidNumber'][0]='ERROR')) {
 				// Check if GID is valid. If none value was entered, the next useable value will be inserted
 				// load min and may uidNumber
@@ -473,7 +478,7 @@ class posixGroup extends baseModule {
 				if (($this->attributes['cn'][0] != $post['cn']) &&  ereg('[A-Z]$', $post['cn']))
 				$errors['cn'][] = $this->errormessages['cn'][0];
 				// Check if Groupname contains only valid characters
-				if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[ ]|[-]|[_])+$', $this->attributes['cn'][0]))
+				if ( !get_preg($this->attributes['cn'][0],'groupname'))
 				$errors['cn'][] = $this->errormessages['cn'][2];
 				// Create automatic useraccount with number if original user already exists
 				// Reset name to original name if new name is in use