parent
5a6962ba40
commit
2304216169
|
@ -44,7 +44,6 @@ class cache {
|
||||||
* syntax of $attributes is array( scope1 => array ( attributes ), scope2 => array ( attributes ), ...)
|
* syntax of $attributes is array( scope1 => array ( attributes ), scope2 => array ( attributes ), ...)
|
||||||
*/
|
*/
|
||||||
function add_cache($attributes) {
|
function add_cache($attributes) {
|
||||||
$this->refresh_cache();
|
|
||||||
// Check input variable
|
// Check input variable
|
||||||
$allowed_types = array ( 'user', 'group', 'host', '*' );
|
$allowed_types = array ( 'user', 'group', 'host', '*' );
|
||||||
if (!is_array($attributes)) trigger_error(_('Argument of add_cache must be : array ( scope => array(attribute1(string), attribute2(string), ..), scope => ... ).'), E_USER_ERROR);
|
if (!is_array($attributes)) trigger_error(_('Argument of add_cache must be : array ( scope => array(attribute1(string), attribute2(string), ..), scope => ... ).'), E_USER_ERROR);
|
||||||
|
@ -64,6 +63,8 @@ class cache {
|
||||||
if (!@in_array($attributes[$scope][$i] ,$this->attributes[$scope])) $this->attributes[$scope][] = $attributes[$scope][$i];
|
if (!@in_array($attributes[$scope][$i] ,$this->attributes[$scope])) $this->attributes[$scope][] = $attributes[$scope][$i];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
// Rebuild cache
|
||||||
|
$this->refresh_cache(true);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* This function returns an array ( dn1 => array(uidnumber1), dn2 => array(uidnumber2), ... )
|
/* This function returns an array ( dn1 => array(uidnumber1), dn2 => array(uidnumber2), ... )
|
||||||
|
@ -80,10 +81,39 @@ class cache {
|
||||||
}
|
}
|
||||||
// Return error if objectClass isn't found
|
// Return error if objectClass isn't found
|
||||||
if ($line==-1) trigger_error (sprintf(_("objectClass %s required but not defined in ldap."), $objectClass), E_USER_WARNING);
|
if ($line==-1) trigger_error (sprintf(_("objectClass %s required but not defined in ldap."), $objectClass), E_USER_WARNING);
|
||||||
|
|
||||||
|
// Create list of all allowed attributes
|
||||||
|
for ($i=0; $i<count($this->ldap->objectClasses); $i++ ) {
|
||||||
|
if (strpos($this->ldap->objectClasses[$i], 'MUST (')) {
|
||||||
|
$string_withtail = substr($this->ldap->objectClasses[$i], strpos($this->ldap->objectClasses[$i], 'MUST (')+6);
|
||||||
|
// Now we have a string with all must-attributes
|
||||||
|
$string = substr($string_withtail, 0, strpos($string_withtail, ')'));
|
||||||
|
$string = trim($string);
|
||||||
|
$allowed_attributes = array_merge($allowed_attributes, explode(" $ ", $string));
|
||||||
|
}
|
||||||
|
// create array with may-attributes
|
||||||
|
// Get startposition in string
|
||||||
|
if (strpos($this->ldap->objectClasses[$i], 'MAY (')) {
|
||||||
|
$string_withtail = substr($this->ldap->objectClasses[$i], strpos($this->ldap->objectClasses[$i], 'MAY (')+5);
|
||||||
|
// Now we have a string with all must-attributes
|
||||||
|
$string = substr($string_withtail, 0, strpos($string_withtail, ')'));
|
||||||
|
$string = trim($string);
|
||||||
|
$allowed_attributes = array_merge($allowed_attributes, explode(" $ ", $string));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$allowed_attributes = array_unique($allowed_attributes);
|
||||||
|
if (!in_array($attribute, $allowed_attributes)) trigger_error(_('Attribute not defined in LDAP.'), E_USER_WARNING);
|
||||||
|
|
||||||
// Everything seems to be OK, start processing data
|
// Everything seems to be OK, start processing data
|
||||||
$this->refresh_cache();
|
$this->refresh_cache();
|
||||||
if ($singlescope == '*') $scopes = $allowed_types;
|
if ($singlescope == '*') $scopes = $allowed_types;
|
||||||
else $scopes = array ( $singlescope );
|
else $scopes = array ( $singlescope );
|
||||||
|
// Add cache entry dynamic
|
||||||
|
foreach ($scopes as $scope) {
|
||||||
|
if (!@in_array($attribute ,$this->attributes[$scope])) $add[$scope][] = $attribute;
|
||||||
|
}
|
||||||
|
if (count($add)!=0) $this->add_cache($add);
|
||||||
|
|
||||||
foreach ($scopes as $scope) {
|
foreach ($scopes as $scope) {
|
||||||
if (isset($this->ldapcache[$scope])) {
|
if (isset($this->ldapcache[$scope])) {
|
||||||
$DNs = array_keys($this->ldapcache[$scope]);
|
$DNs = array_keys($this->ldapcache[$scope]);
|
||||||
|
@ -132,11 +162,17 @@ class cache {
|
||||||
}
|
}
|
||||||
$allowed_attributes = array_unique($allowed_attributes);
|
$allowed_attributes = array_unique($allowed_attributes);
|
||||||
if (!in_array($attribute, $allowed_attributes)) trigger_error(_('Attribute not defined in LDAP.'), E_USER_WARNING);
|
if (!in_array($attribute, $allowed_attributes)) trigger_error(_('Attribute not defined in LDAP.'), E_USER_WARNING);
|
||||||
|
|
||||||
// Everything seems to be OK, start processing data
|
// Everything seems to be OK, start processing data
|
||||||
$this->refresh_cache();
|
$this->refresh_cache();
|
||||||
if ($singlescope == '*') $scopes = $allowed_types;
|
if ($singlescope == '*') $scopes = $allowed_types;
|
||||||
else $scopes = array ( $singlescope );
|
else $scopes = array ( $singlescope );
|
||||||
//print_r($this->ldapcache);
|
// Add cache entry dynamic
|
||||||
|
foreach ($scopes as $scope) {
|
||||||
|
if (!@in_array($attribute ,$this->attributes[$scope])) $add[$scope][] = $attribute;
|
||||||
|
}
|
||||||
|
if (count($add)!=0) $this->add_cache($add);
|
||||||
|
|
||||||
foreach ($scopes as $scope) {
|
foreach ($scopes as $scope) {
|
||||||
if (isset($this->ldapcache[$scope])) {
|
if (isset($this->ldapcache[$scope])) {
|
||||||
$DNs = array_keys($this->ldapcache[$scope]);
|
$DNs = array_keys($this->ldapcache[$scope]);
|
||||||
|
@ -157,8 +193,8 @@ class cache {
|
||||||
|
|
||||||
/* This functions refreshs the cache
|
/* This functions refreshs the cache
|
||||||
*/
|
*/
|
||||||
function refresh_cache() {
|
function refresh_cache($rebuild=false) {
|
||||||
if ($time + $this->config->get_cacheTimeoutSec() < time()) {
|
if ($time + $this->config->get_cacheTimeoutSec() < time() || $rebuild) {
|
||||||
// unset old cache
|
// unset old cache
|
||||||
unset ($this->ldapcache);
|
unset ($this->ldapcache);
|
||||||
$scopes = array_keys($this->attributes);
|
$scopes = array_keys($this->attributes);
|
||||||
|
@ -813,7 +849,8 @@ class accountContainer {
|
||||||
// Add objects
|
// Add objects
|
||||||
foreach ($attr['objectClass'] as $objectClass) $this->add_objectClass($objectClass);
|
foreach ($attr['objectClass'] as $objectClass) $this->add_objectClass($objectClass);
|
||||||
// load attributes
|
// load attributes
|
||||||
foreach ($attr['objectClass'] as $objectClass) if (isset($this->module[$objectClass])) $this->module[$objectClass]->load_attributes($attr);
|
foreach ($attr['objectClass'] as $objectClass)
|
||||||
|
if (isset($this->module[$objectClass])) $this->module[$objectClass]->load_attributes($attr);
|
||||||
// sortm modules and make all active because all required attributes should be set
|
// sortm modules and make all active because all required attributes should be set
|
||||||
$module = array_keys ($this->module);
|
$module = array_keys ($this->module);
|
||||||
$modulelist = array();
|
$modulelist = array();
|
||||||
|
|
|
@ -0,0 +1,166 @@
|
||||||
|
<?php
|
||||||
|
/*
|
||||||
|
$Id$
|
||||||
|
|
||||||
|
This code is part of LDAP Account Manager (http://www.sourceforge.net/projects/lam)
|
||||||
|
Copyright (C) 2003 Tilo Lutz
|
||||||
|
|
||||||
|
This program is free software; you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation; either version 2 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program; if not, write to the Free Software
|
||||||
|
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||||
|
*/
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Variables in basearray which are no objects:
|
||||||
|
* type: Type of account. Can be user, group, host
|
||||||
|
* attributes: List of all attributes, how to get them and are theiy required or optional
|
||||||
|
* dn: current DN without uid= or cn=
|
||||||
|
* dn_orig: old DN if account was loaded with uid= or cn=
|
||||||
|
|
||||||
|
* External functions which are used
|
||||||
|
* account.inc:
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
/* This class contains all account LDAP attributes
|
||||||
|
* and funtioncs required to deal with account
|
||||||
|
* account can only be created when it should be added
|
||||||
|
* to an array.
|
||||||
|
* basearray is the same array account should be added
|
||||||
|
* to. If basearray is not given the constructor tries to
|
||||||
|
* create an array with account and all other required
|
||||||
|
* objects.
|
||||||
|
* Example: $user[] = new account($user);
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
class account {
|
||||||
|
// Constructor
|
||||||
|
function account($base) {
|
||||||
|
/* Return an error if posixAccount should be created without
|
||||||
|
* base container
|
||||||
|
*/
|
||||||
|
if (!$base) trigger_error(_('Please create a base object with $var = new accountContainer();'), E_USER_ERROR);
|
||||||
|
if (!is_string($base)) trigger_error(_('Please create a new module object with $accountContainer->add_objectClass(\'account\');'), E_USER_ERROR);
|
||||||
|
$this->base = $base;
|
||||||
|
// account is only a valid objectClass for users
|
||||||
|
if ($_SESSION[$this->base]->get_type() != 'host') trigger_error(_('account can only be used for hosts.'), E_USER_WARNING);
|
||||||
|
// Add Array with all attributes and type
|
||||||
|
$this->attributes = $_SESSION[$this->base]->get_module_attributes('account');
|
||||||
|
$_SESSION[$this->base]->add_attributes ('account');
|
||||||
|
$this->orig = $this->attributes ;
|
||||||
|
$this->attributes['objectClass'][0] = 'account';
|
||||||
|
// unset userPassword because we handle it separat.
|
||||||
|
$this->alias = _('account');
|
||||||
|
}
|
||||||
|
|
||||||
|
// Variables
|
||||||
|
// Alias Name. This name is shown in the menu instead of posixAccount
|
||||||
|
var $alias;
|
||||||
|
// reference to base-array so we can read other classes in basearray
|
||||||
|
var $base;
|
||||||
|
// This variable contains all account attributes
|
||||||
|
var $attributes;
|
||||||
|
/* If an account was loaded all attributes are kept in this array
|
||||||
|
* to compare it with new changed attributes
|
||||||
|
*/
|
||||||
|
var $orig;
|
||||||
|
|
||||||
|
/* This function returns a list with all required modules
|
||||||
|
*/
|
||||||
|
function dependencies() {
|
||||||
|
return array('main');
|
||||||
|
}
|
||||||
|
|
||||||
|
function module_ready() {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Write variables into object and do some regexp checks
|
||||||
|
*/
|
||||||
|
function proccess_attributes($post) {
|
||||||
|
// Load attributes
|
||||||
|
$this->attributes['description'][0] = $post['form_account_description'];
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* This function loads all attributes into the object
|
||||||
|
* $attr is an array as it's retured from ldap_get_attributes
|
||||||
|
*/
|
||||||
|
function load_attributes($attr) {
|
||||||
|
// Load attributes which are displayed
|
||||||
|
// unset count entries
|
||||||
|
unset ($attr['count']);
|
||||||
|
$attributes = array_keys($attr);
|
||||||
|
foreach ($attributes as $attribute) unset ($attr[$attribute]['count']);
|
||||||
|
// unset double entries
|
||||||
|
for ($i=0; $i<count($attr); $i++)
|
||||||
|
if (isset($attr[$i])) unset($attr[$i]);
|
||||||
|
foreach ($attributes as $attribute) {
|
||||||
|
if (isset($this->orig[$attribute])) {
|
||||||
|
$this->orig[$attribute] = $attr[$attribute];
|
||||||
|
// decode as unicode
|
||||||
|
for ($i=0; $i<count($this->orig[$attribute]); $i++) $this->orig[$attribute][$i] = utf8_decode ($this->orig[$attribute][$i]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// Values are kept as copy so we can compare old attributes with new attributes
|
||||||
|
$this->orig['objectClass'][0] = 'account';
|
||||||
|
$this->attributes = $this->orig;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
/* This function returns an array with 3 entries:
|
||||||
|
* array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... )
|
||||||
|
* DN is the DN to change. It may be possible to change several DNs,
|
||||||
|
* e.g. create a new user and add him to some groups via attribute memberUid
|
||||||
|
* add are attributes which have to be added to ldap entry
|
||||||
|
* remove are attributes which have to be removed from ldap entry
|
||||||
|
*/
|
||||||
|
function save_attributes() {
|
||||||
|
$return = $_SESSION[$this->base]->save_module_attributes($this->attributes, $this->orig);
|
||||||
|
|
||||||
|
return $return;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* This function returns all ldap attributes
|
||||||
|
* which are part of account and returns
|
||||||
|
* also their values.
|
||||||
|
*/
|
||||||
|
function get_attributes() {
|
||||||
|
return $this->attributes;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* This function will create the html-page
|
||||||
|
* to show a page with all attributes.
|
||||||
|
* It will output a complete html-table
|
||||||
|
*/
|
||||||
|
function display_html_attributes($post) {
|
||||||
|
echo "<table border=0 width=\"100%\">\n<tr>\n";
|
||||||
|
echo "<tr>\n";
|
||||||
|
echo "<td>" . _('Description') . "</td>\n";
|
||||||
|
echo "<td><input name=\"form_account_description\" type=\"text\" size=\"30\" maxlength=\"255\" value=\"".$this->attributes['description'][0]."\"></td>\n";
|
||||||
|
echo "<td><a href=\"../help.php?HelpNumber=404\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
||||||
|
echo "</tr>\n";
|
||||||
|
echo "</table>\n";
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
?>
|
|
@ -60,10 +60,7 @@ class inetOrgPerson {
|
||||||
$_SESSION[$this->base]->add_attributes ('inetOrgPerson');
|
$_SESSION[$this->base]->add_attributes ('inetOrgPerson');
|
||||||
$this->orig = $this->attributes ;
|
$this->orig = $this->attributes ;
|
||||||
$this->attributes['objectClass'][0] = 'inetOrgPerson';
|
$this->attributes['objectClass'][0] = 'inetOrgPerson';
|
||||||
// unset userPassword because we handle it separat.
|
|
||||||
$this->alias = _('inetOrgPerson');
|
$this->alias = _('inetOrgPerson');
|
||||||
// Add attributes which should be cached
|
|
||||||
$_SESSION[$_SESSION[$this->base]->cache]->add_cache(array ('user' => array('uid'), 'host' => array('uid')));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Variables
|
// Variables
|
||||||
|
@ -71,10 +68,6 @@ class inetOrgPerson {
|
||||||
var $alias;
|
var $alias;
|
||||||
// reference to base-array so we can read other classes in basearray
|
// reference to base-array so we can read other classes in basearray
|
||||||
var $base;
|
var $base;
|
||||||
// Use a unix password?
|
|
||||||
var $userPassword_no;
|
|
||||||
// Lock account?
|
|
||||||
var $userPassword_lock;
|
|
||||||
// This variable contains all inetOrgPerson attributes
|
// This variable contains all inetOrgPerson attributes
|
||||||
var $attributes;
|
var $attributes;
|
||||||
/* If an account was loaded all attributes are kept in this array
|
/* If an account was loaded all attributes are kept in this array
|
||||||
|
@ -82,33 +75,6 @@ class inetOrgPerson {
|
||||||
*/
|
*/
|
||||||
var $orig;
|
var $orig;
|
||||||
|
|
||||||
/* $attribute['userPassword'] can't accessed directly because it's enrcypted
|
|
||||||
* To read / write password function userPassword is needed
|
|
||||||
* This function will return the unencrypted password when
|
|
||||||
* called without a variable
|
|
||||||
* If it's called with a new password, the
|
|
||||||
* new password will be stored encrypted
|
|
||||||
*/
|
|
||||||
function userPassword($newpassword=false) {
|
|
||||||
if (is_string($newpassword)) {
|
|
||||||
// Write new password
|
|
||||||
$iv = base64_decode($_COOKIE["IV"]);
|
|
||||||
$key = base64_decode($_COOKIE["Key"]);
|
|
||||||
$this->attributes['userPassword'][0] = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $newpassword, MCRYPT_MODE_ECB, $iv));
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
if ($this->attributes['userPassword'][0]!='') {
|
|
||||||
// Read existing password if set
|
|
||||||
$iv = base64_decode($_COOKIE["IV"]);
|
|
||||||
$key = base64_decode($_COOKIE["Key"]);
|
|
||||||
$password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($this->attributes['userPassword'][0]), MCRYPT_MODE_ECB, $iv);
|
|
||||||
$password = str_replace(chr(00), '', $password);
|
|
||||||
return $password;
|
|
||||||
}
|
|
||||||
else return '';
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/* This function returns a list with all required modules
|
/* This function returns a list with all required modules
|
||||||
*/
|
*/
|
||||||
|
@ -124,10 +90,6 @@ class inetOrgPerson {
|
||||||
*/
|
*/
|
||||||
function proccess_attributes($post) {
|
function proccess_attributes($post) {
|
||||||
// Load attributes
|
// Load attributes
|
||||||
if (($this->attributes['uid'][0] != $post['form_inetOrgPerson_uid']) && ereg('[A-Z]$', $post['form_inetOrgPerson_uid']))
|
|
||||||
$errors[] = array('WARN', _('Username'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.'));
|
|
||||||
$this->attributes['uid'][0] = $post['form_inetOrgPerson_uid'];
|
|
||||||
$this->attributes['cn'][0] = $this->attributes['uid'][0];
|
|
||||||
$this->attributes['description'][0] = $post['form_inetOrgPerson_description'];
|
$this->attributes['description'][0] = $post['form_inetOrgPerson_description'];
|
||||||
$this->attributes['sn'][0] = $post['form_inetOrgPerson_sn'];
|
$this->attributes['sn'][0] = $post['form_inetOrgPerson_sn'];
|
||||||
$this->attributes['givenName'][0] = $post['form_inetOrgPerson_givenName'];
|
$this->attributes['givenName'][0] = $post['form_inetOrgPerson_givenName'];
|
||||||
|
@ -151,67 +113,10 @@ class inetOrgPerson {
|
||||||
if ($host!="") $this->attributes['host'][] = $host;
|
if ($host!="") $this->attributes['host'][] = $host;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($post['form_inetOrgPerson_userPassword_no']) $this->userPassword_no=true;
|
|
||||||
else $this->userPassword_no=false;
|
|
||||||
if ($post['form_inetOrgPerson_userPassword_lock']) $this->userPassword_lock=true;
|
|
||||||
else $this->userPassword_lock=false;
|
|
||||||
if (isset($post['form_inetOrgPerson_userPassword'])) {
|
|
||||||
if ($post['form_inetOrgPerson_userPassword'] != $post['form_inetOrgPerson_userPassword2']) {
|
|
||||||
$errors[] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'));
|
|
||||||
unset ($post['form_inetOrgPerson_userPassword2']);
|
|
||||||
}
|
|
||||||
else $this->userPassword($post['form_inetOrgPerson_userPassword']);
|
|
||||||
}
|
|
||||||
if ($post['form_inetOrgPerson_genpass']) $this->userPassword(genpasswd());
|
|
||||||
|
|
||||||
// Check if givenname is valid
|
// Check if givenname is valid
|
||||||
if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $this->attributes['givenName'][0])) $errors[] = array('ERROR', _('Given name'), _('Given name contains invalid characters'));
|
if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $this->attributes['givenName'][0])) $errors[] = array('ERROR', _('Given name'), _('Given name contains invalid characters'));
|
||||||
// Check if surname is valid
|
// Check if surname is valid
|
||||||
if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $this->attributes['sn'][0])) $errors[] = array('ERROR', _('Surname'), _('Surname contains invalid characters'));
|
if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $this->attributes['sn'][0])) $errors[] = array('ERROR', _('Surname'), _('Surname contains invalid characters'));
|
||||||
// Check if Username contains only valid characters
|
|
||||||
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+$', $this->attributes['uid'][0]))
|
|
||||||
$errors[] = array('ERROR', _('Username'), _('Username contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'));
|
|
||||||
// Create automatic useraccount with number if original user already exists
|
|
||||||
// Reset name to original name if new name is in use
|
|
||||||
// Set username back to original name if new username is in use
|
|
||||||
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['uid'][0],'uid', '*')!=false && ($this->orig['uid'][0]!='')) {
|
|
||||||
$this->attributes['uid'][0] = $this->orig['uid'][0];
|
|
||||||
}
|
|
||||||
// Change uid to a new uid until a free uid is found
|
|
||||||
else while ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['uid'][0], 'uid', '*')) {
|
|
||||||
// get last character of username
|
|
||||||
$lastchar = substr($this->attributes['uid'][0], strlen($this->attributes['uid'][0])-1, 1);
|
|
||||||
// Last character is no number
|
|
||||||
if ( !ereg('^([0-9])+$', $lastchar))
|
|
||||||
/* Last character is no number. Therefore we only have to
|
|
||||||
* add "2" to it.
|
|
||||||
*/
|
|
||||||
$this->attributes['uid'][0] = $this->attributes['uid'][0] . '2';
|
|
||||||
else {
|
|
||||||
/* Last character is a number -> we have to increase the number until we've
|
|
||||||
* found a groupname with trailing number which is not in use.
|
|
||||||
*
|
|
||||||
* $i will show us were we have to split groupname so we get a part
|
|
||||||
* with the groupname and a part with the trailing number
|
|
||||||
*/
|
|
||||||
$i=strlen($this->attributes['uid'][0])-1;
|
|
||||||
$mark = false;
|
|
||||||
// Set $i to the last character which is a number in $account_new->general_username
|
|
||||||
while (!$mark) {
|
|
||||||
if (ereg('^([0-9])+$',substr($this->attributes['uid'][0], $i, strlen($this->attributes['uid'][0])-$i))) $i--;
|
|
||||||
else $mark=true;
|
|
||||||
}
|
|
||||||
// increase last number with one
|
|
||||||
$firstchars = substr($this->attributes['uid'][0], 0, $i+1);
|
|
||||||
$lastchars = substr($this->attributes['uid'][0], $i+1, strlen($this->attributes['uid'][0])-$i);
|
|
||||||
// Put username together
|
|
||||||
$this->attributes['uid'][0] = $firstchars . (intval($lastchars)+1);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// Show warning if lam has changed username
|
|
||||||
if ($this->attributes['uid'][0] != $post['form_inetOrgPerson_uid']) $errors[] = array('WARN', _('Username'), _('Username in use. Selected next free username.'));
|
|
||||||
if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $this->userPassword()))
|
|
||||||
$errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
|
|
||||||
|
|
||||||
if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['telephoneNumber'][0])) $errors[] = array('ERROR', _('Telephone number'), _('Please enter a valid telephone number!'));
|
if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['telephoneNumber'][0])) $errors[] = array('ERROR', _('Telephone number'), _('Please enter a valid telephone number!'));
|
||||||
if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['mobileTelephoneNumber'][0])) $errors[] = array('ERROR', _('Mobile number'), _('Please enter a valid mobile number!'));
|
if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['mobileTelephoneNumber'][0])) $errors[] = array('ERROR', _('Mobile number'), _('Please enter a valid mobile number!'));
|
||||||
|
@ -249,7 +154,6 @@ class inetOrgPerson {
|
||||||
// Values are kept as copy so we can compare old attributes with new attributes
|
// Values are kept as copy so we can compare old attributes with new attributes
|
||||||
$this->orig['objectClass'][0] = 'inetOrgPerson';
|
$this->orig['objectClass'][0] = 'inetOrgPerson';
|
||||||
$this->attributes = $this->orig;
|
$this->attributes = $this->orig;
|
||||||
$this->userPassword(''); // Remove old password so it won't displayed as hash
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -266,36 +170,6 @@ class inetOrgPerson {
|
||||||
$return = $_SESSION[$this->base]->save_module_attributes($this->attributes, $this->orig);
|
$return = $_SESSION[$this->base]->save_module_attributes($this->attributes, $this->orig);
|
||||||
if (isset($return[$_SESSION[$this->base]->dn]['modify']['userPassword']))
|
if (isset($return[$_SESSION[$this->base]->dn]['modify']['userPassword']))
|
||||||
unset($return[$_SESSION[$this->base]->dn]['modify']['userPassword']);
|
unset($return[$_SESSION[$this->base]->dn]['modify']['userPassword']);
|
||||||
// Set unix password
|
|
||||||
if (count($this->orig['userPassword'])==0) {
|
|
||||||
// New user or no old password set
|
|
||||||
if ($this->userPassword_no) {
|
|
||||||
$return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash ('', !$this->userPassword_lock);
|
|
||||||
}
|
|
||||||
else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_hash ($this->userPassword(), !$this->userPassword_lock));
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
if ($this->userPassword()!='' || $this->userPassword_no) {
|
|
||||||
// Write new password
|
|
||||||
if ($this->userPassword_no) $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash ('', !$this->userPassword_lock);
|
|
||||||
else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_hash ($this->userPassword(), !$this->userPassword_lock));
|
|
||||||
}
|
|
||||||
else { // No new password but old password
|
|
||||||
// (un)lock password
|
|
||||||
if ($this->userPassword_lock == pwd_is_enabled($this->orig['userPassword'][0])) {
|
|
||||||
// Split old password hash in {CRYPT} and password-hash
|
|
||||||
$i = 0;
|
|
||||||
while ($this->orig['userPassword'][0]{$i} != '}') $i++;
|
|
||||||
$passwd = substr($this->orig['userPassword'][0], $i+1 );
|
|
||||||
$crypt = substr($this->orig['userPassword'][0], 0, $i+1 );
|
|
||||||
// remove trailing ! from password hash
|
|
||||||
if ($passwd{0} == '!') $passwd = substr($passwd, 1);
|
|
||||||
// Write new password
|
|
||||||
if ($this->userPassword_lock) $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode("$crypt!$passwd");
|
|
||||||
else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode("$crypt$passwd");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return $return;
|
return $return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -304,9 +178,7 @@ class inetOrgPerson {
|
||||||
* also their values.
|
* also their values.
|
||||||
*/
|
*/
|
||||||
function get_attributes() {
|
function get_attributes() {
|
||||||
$return = $this->attributes;
|
return $this->attributes;
|
||||||
$return['userPassword'] = $this->userPassword();
|
|
||||||
return $return;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* This function will create the html-page
|
/* This function will create the html-page
|
||||||
|
@ -315,43 +187,12 @@ class inetOrgPerson {
|
||||||
*/
|
*/
|
||||||
function display_html_attributes($post) {
|
function display_html_attributes($post) {
|
||||||
|
|
||||||
echo "<table border=0 width=\"100%\">\n<tr>\n";
|
echo "<table border=0 width=\"100%\">\n";
|
||||||
echo '<td>' . _('Username') . "*</td>\n";
|
|
||||||
echo "<td><input name=\"form_inetOrgPerson_uid\" type=\"text\" size=\"20\" maxlength=\"20\" value=\"".$this->attributes['uid'][0]."\"></td>\n";
|
|
||||||
echo "<td><a href=\"../help.php?HelpNumber=400\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
|
||||||
echo "</tr>\n";
|
|
||||||
echo "<tr>\n";
|
echo "<tr>\n";
|
||||||
echo "<td>" . _('Description') . "</td>\n";
|
echo "<td>" . _('Description') . "</td>\n";
|
||||||
echo "<td><input name=\"form_inetOrgPerson_description\" type=\"text\" size=\"30\" maxlength=\"255\" value=\"".$this->attributes['description'][0]."\"></td>\n";
|
echo "<td><input name=\"form_inetOrgPerson_description\" type=\"text\" size=\"30\" maxlength=\"255\" value=\"".$this->attributes['description'][0]."\"></td>\n";
|
||||||
echo "<td><a href=\"../help.php?HelpNumber=404\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
echo "<td><a href=\"../help.php?HelpNumber=404\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
||||||
echo "</tr>\n";
|
echo "</tr>\n";
|
||||||
echo "<tr>\n";
|
|
||||||
echo "<td>" . _('Password') . "</td>\n";
|
|
||||||
echo "<td><input name=\"form_inetOrgPerson_userPassword\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"".$this->userPassword()."\"></td>\n";
|
|
||||||
echo "<td><input name=\"form_inetOrgPerson_genpass\" type=\"submit\" value=\"" . _('Generate password') . "\"></td>\n";
|
|
||||||
echo "</tr>\n";
|
|
||||||
echo "<tr>\n";
|
|
||||||
echo "<td>" . _('Repeat password') . "</td>\n";
|
|
||||||
echo "<td><input name=\"form_inetOrgPerson_userPassword2\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"";
|
|
||||||
if ($post['form_inetOrgPerson_userPassword2']!='') echo $post['form_posixAccount_userPassword2'];
|
|
||||||
else echo $this->userPassword();
|
|
||||||
echo "\"></td>\n";
|
|
||||||
echo "<td></td>\n";
|
|
||||||
echo "</tr>\n";
|
|
||||||
echo "<tr>\n";
|
|
||||||
echo "<td>" . _('Use no password') . "</td>\n";
|
|
||||||
echo "<td><input name=\"form_inetOrgPerson_userPassword_no\" type=\"checkbox\"";
|
|
||||||
if ($this->userPassword_no) echo " checked ";
|
|
||||||
echo "></td>\n";
|
|
||||||
echo "<td><a href=\"../help.php?HelpNumber=426\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
|
||||||
echo "</tr>\n";
|
|
||||||
echo "<tr>\n";
|
|
||||||
echo "<td>" . _('Lock password') . "</td>\n";
|
|
||||||
echo "<td><input name=\"form_inetOrgPerson_userPassword_lock\" type=\"checkbox\"";
|
|
||||||
if ($this->userPassword_lock) echo " checked ";
|
|
||||||
echo "></td>\n";
|
|
||||||
echo "<td><a href=\"../help.php?HelpNumber=426\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
|
||||||
echo "</tr>\n";
|
|
||||||
if (isset($this->attributes['host'])) {
|
if (isset($this->attributes['host'])) {
|
||||||
echo "<tr>\n";
|
echo "<tr>\n";
|
||||||
echo "<td>" . _('Unix workstations') . "</td>\n";
|
echo "<td>" . _('Unix workstations') . "</td>\n";
|
||||||
|
|
|
@ -62,7 +62,7 @@ class posixAccount {
|
||||||
if (!is_string($base)) trigger_error(_('Please create a new module object with $accountContainer->add_objectClass(\'posixAccount\');'), E_USER_ERROR);
|
if (!is_string($base)) trigger_error(_('Please create a new module object with $accountContainer->add_objectClass(\'posixAccount\');'), E_USER_ERROR);
|
||||||
$this->base = $base;
|
$this->base = $base;
|
||||||
// posixAccount is only a valid objectClass for user and host
|
// posixAccount is only a valid objectClass for user and host
|
||||||
if (!($_SESSION[$this->base]->get_type() == 'user') && !($_SESSION[$this->base]->get_type() != 'host')) trigger_error(_('posixAccount can only be used for users or hosts.'), E_USER_WARNING);
|
if (!($_SESSION[$this->base]->get_type() == 'user') && !($_SESSION[$this->base]->get_type() == 'host')) trigger_error(_('posixAccount can only be used for users or hosts.'), E_USER_WARNING);
|
||||||
/* Check if ldap conatiner is in array and set type
|
/* Check if ldap conatiner is in array and set type
|
||||||
* users are using inetOrgPerson-, hosts account-container
|
* users are using inetOrgPerson-, hosts account-container
|
||||||
*/
|
*/
|
||||||
|
@ -73,10 +73,6 @@ class posixAccount {
|
||||||
$_SESSION[$this->base]->add_attributes ('posixAccount');
|
$_SESSION[$this->base]->add_attributes ('posixAccount');
|
||||||
|
|
||||||
$this->alias = _('posixAccount');
|
$this->alias = _('posixAccount');
|
||||||
// Add attributes which should be cached
|
|
||||||
$_SESSION[$_SESSION[$this->base]->cache]->add_cache(array ('user' => array('cn', 'uid', 'uidNumber'), 'host' => array('cn', 'uid', 'uidNumber'), 'group' => array('cn', 'memberUid')));
|
|
||||||
/* Check if at least one group does exist in ldap
|
|
||||||
*/
|
|
||||||
$groups = findgroups(); // list of all groupnames
|
$groups = findgroups(); // list of all groupnames
|
||||||
if (count($groups)==0) trigger_error(_('No groups found in ldap.'), E_USER_WARNING);
|
if (count($groups)==0) trigger_error(_('No groups found in ldap.'), E_USER_WARNING);
|
||||||
|
|
||||||
|
@ -98,6 +94,10 @@ class posixAccount {
|
||||||
var $alias;
|
var $alias;
|
||||||
// name of accountContainer so we can read other classes in accuontArray
|
// name of accountContainer so we can read other classes in accuontArray
|
||||||
var $base;
|
var $base;
|
||||||
|
// Use a unix password?
|
||||||
|
var $userPassword_no;
|
||||||
|
// Lock account?
|
||||||
|
var $userPassword_lock;
|
||||||
|
|
||||||
// This variable contains all inetOrgPerson attributes
|
// This variable contains all inetOrgPerson attributes
|
||||||
var $attributes;
|
var $attributes;
|
||||||
|
@ -112,6 +112,37 @@ class posixAccount {
|
||||||
var $groups_orig;
|
var $groups_orig;
|
||||||
var $createhomedir;
|
var $createhomedir;
|
||||||
|
|
||||||
|
/* $attribute['userPassword'] can't accessed directly because it's enrcypted
|
||||||
|
* To read / write password function userPassword is needed
|
||||||
|
* This function will return the unencrypted password when
|
||||||
|
* called without a variable
|
||||||
|
* If it's called with a new password, the
|
||||||
|
* new password will be stored encrypted
|
||||||
|
*/
|
||||||
|
function userPassword($newpassword=false) {
|
||||||
|
if (is_string($newpassword)) {
|
||||||
|
// Write new password
|
||||||
|
if ($newpassword!='') {
|
||||||
|
$iv = base64_decode($_COOKIE["IV"]);
|
||||||
|
$key = base64_decode($_COOKIE["Key"]);
|
||||||
|
$this->attributes['userPassword'][0] = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $newpassword, MCRYPT_MODE_ECB, $iv));
|
||||||
|
}
|
||||||
|
else $this->attributes['userPassword'][0] = '';
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
if ($this->attributes['userPassword'][0]!='') {
|
||||||
|
// Read existing password if set
|
||||||
|
$iv = base64_decode($_COOKIE["IV"]);
|
||||||
|
$key = base64_decode($_COOKIE["Key"]);
|
||||||
|
$password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($this->attributes['userPassword'][0]), MCRYPT_MODE_ECB, $iv);
|
||||||
|
$password = str_replace(chr(00), '', $password);
|
||||||
|
return $password;
|
||||||
|
}
|
||||||
|
else return '';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/* This function returns a list with all required modules
|
/* This function returns a list with all required modules
|
||||||
*/
|
*/
|
||||||
function dependencies() {
|
function dependencies() {
|
||||||
|
@ -129,6 +160,8 @@ class posixAccount {
|
||||||
*/
|
*/
|
||||||
function proccess_attributes($post) {
|
function proccess_attributes($post) {
|
||||||
// Load attributes
|
// Load attributes
|
||||||
|
$this->attributes['uid'][0] = $post['form_posixAccount_uid'];
|
||||||
|
$this->attributes['cn'][0] = $this->attributes['uid'][0];
|
||||||
$this->attributes['uidNumber'][0] = $post['form_posixAccount_uidNumber'];
|
$this->attributes['uidNumber'][0] = $post['form_posixAccount_uidNumber'];
|
||||||
$this->attributes['gidNumber'][0] = getgrnam($post['form_posixAccount_gidNumber']);
|
$this->attributes['gidNumber'][0] = getgrnam($post['form_posixAccount_gidNumber']);
|
||||||
$this->attributes['homeDirectory'][0] = $post['form_posixAccount_homeDirectory'];
|
$this->attributes['homeDirectory'][0] = $post['form_posixAccount_homeDirectory'];
|
||||||
|
@ -136,14 +169,27 @@ class posixAccount {
|
||||||
$this->attributes['gecos'][0] = $post['form_posixAccount_gecos'];
|
$this->attributes['gecos'][0] = $post['form_posixAccount_gecos'];
|
||||||
if ($post['form_posixAccount_createhomedir']) $this->createhomedir = true;
|
if ($post['form_posixAccount_createhomedir']) $this->createhomedir = true;
|
||||||
else $this->createhomedir = false;
|
else $this->createhomedir = false;
|
||||||
|
if ($post['form_posixAccount_userPassword_no']) $this->userPassword_no=true;
|
||||||
|
else $this->userPassword_no=false;
|
||||||
|
if ($post['form_posixAccount_userPassword_lock']) $this->userPassword_lock=true;
|
||||||
|
else $this->userPassword_lock=false;
|
||||||
|
if (isset($post['form_posixAccount_userPassword'])) {
|
||||||
|
if ($post['form_posixAccount_userPassword'] != $post['form_posixAccount_userPassword2']) {
|
||||||
|
$errors[] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'));
|
||||||
|
unset ($post['form_posixAccount_userPassword2']);
|
||||||
|
}
|
||||||
|
else $this->userPassword($post['form_posixAccount_userPassword']);
|
||||||
|
}
|
||||||
|
if ($post['form_posixAccount_genpass']) $this->userPassword(genpasswd());
|
||||||
|
|
||||||
|
|
||||||
// Check if UID is valid. If none value was entered, the next useable value will be inserted
|
// Check if UID is valid. If none value was entered, the next useable value will be inserted
|
||||||
// load min and may uidNumber
|
// load min and may uidNumber
|
||||||
if ($_SESSION[$this->base]['type']=='user') {
|
if ($_SESSION[$this->base]->type=='user') {
|
||||||
$minID = intval($_SESSION[$_SESSION[$this->base]->config]->get_minUID());
|
$minID = intval($_SESSION[$_SESSION[$this->base]->config]->get_minUID());
|
||||||
$maxID = intval($_SESSION[$_SESSION[$this->base]->config]->get_maxUID());
|
$maxID = intval($_SESSION[$_SESSION[$this->base]->config]->get_maxUID());
|
||||||
}
|
}
|
||||||
else {
|
if ($_SESSION[$this->base]->type=='host') {
|
||||||
$minID = intval($_SESSION[$_SESSION[$this->base]->config]->get_minMachine());
|
$minID = intval($_SESSION[$_SESSION[$this->base]->config]->get_minMachine());
|
||||||
$maxID = intval($_SESSION[$_SESSION[$this->base]->config]->get_maxMachine());
|
$maxID = intval($_SESSION[$_SESSION[$this->base]->config]->get_maxMachine());
|
||||||
}
|
}
|
||||||
|
@ -197,6 +243,9 @@ class posixAccount {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($_SESSION[$this->base]->type=='user') {
|
||||||
|
if (($this->attributes['uid'][0] != $post['form_posixAccount_uid']) && ereg('[A-Z]$', $post['form_posixAccount_uid']))
|
||||||
|
$errors[] = array('WARN', _('Username'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.'));
|
||||||
// Check if Homedir is valid
|
// Check if Homedir is valid
|
||||||
$this->attributes['homeDirectory'][0] = str_replace('$group', getgrnam($this->attributes['gidNumber'][0]), $this->attributes['homeDirectory'][0]);
|
$this->attributes['homeDirectory'][0] = str_replace('$group', getgrnam($this->attributes['gidNumber'][0]), $this->attributes['homeDirectory'][0]);
|
||||||
if ($this->attributes['uid'][0] != '')
|
if ($this->attributes['uid'][0] != '')
|
||||||
|
@ -204,6 +253,72 @@ class posixAccount {
|
||||||
if ($this->attributes['homeDirectory'][0] != $post['form_posixAccount_homeDirectory']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.'));
|
if ($this->attributes['homeDirectory'][0] != $post['form_posixAccount_homeDirectory']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.'));
|
||||||
if ( !ereg('^[/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*([/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*)*$', $this->attributes['homeDirectory'][0] ))
|
if ( !ereg('^[/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*([/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*)*$', $this->attributes['homeDirectory'][0] ))
|
||||||
$errors[] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.'));
|
$errors[] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.'));
|
||||||
|
// Check if Username contains only valid characters
|
||||||
|
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+$', $this->attributes['uid'][0]))
|
||||||
|
$errors[] = array('ERROR', _('Username'), _('Username contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'));
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($_SESSION[$this->base]->type=='host') {
|
||||||
|
if (($this->attributes['uid'][0] != $post['form_account_uid']) && ereg('[A-Z]$', $post['form_account_uid']))
|
||||||
|
$errors[] = array('WARN', _('Hostname'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.'));
|
||||||
|
// Check if Username contains only valid characters
|
||||||
|
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+[$]$', $this->attributes['uid'][0]))
|
||||||
|
$errors[] = array('ERROR', _('Hostname'), _('Hostname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ ! Hostname must end with $ !'));
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create automatic useraccount with number if original user already exists
|
||||||
|
// Reset name to original name if new name is in use
|
||||||
|
// Set username back to original name if new username is in use
|
||||||
|
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['uid'][0],'uid', '*')!=false && ($this->orig['uid'][0]!='')) {
|
||||||
|
$this->attributes['uid'][0] = $this->orig['uid'][0];
|
||||||
|
}
|
||||||
|
// Change uid to a new uid until a free uid is found
|
||||||
|
else while ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['uid'][0], 'uid', '*')) {
|
||||||
|
if ($_SESSION[$this->base]->type=='host') $this->attributes['uid'][0] = substr($this->attributes['uid'][0], 0, -1);
|
||||||
|
// get last character of username
|
||||||
|
$lastchar = substr($this->attributes['uid'][0], strlen($this->attributes['uid'][0])-1, 1);
|
||||||
|
// Last character is no number
|
||||||
|
if ( !ereg('^([0-9])+$', $lastchar))
|
||||||
|
/* Last character is no number. Therefore we only have to
|
||||||
|
* add "2" to it.
|
||||||
|
*/
|
||||||
|
if ($_SESSION[$this->base]->type=='host') $this->attributes['uid'][0] = $this->attributes['uid'][0] . '2$';
|
||||||
|
else $this->attributes['uid'][0] = $this->attributes['uid'][0] . '2';
|
||||||
|
else {
|
||||||
|
/* Last character is a number -> we have to increase the number until we've
|
||||||
|
* found a groupname with trailing number which is not in use.
|
||||||
|
*
|
||||||
|
* $i will show us were we have to split groupname so we get a part
|
||||||
|
* with the groupname and a part with the trailing number
|
||||||
|
*/
|
||||||
|
$i=strlen($this->attributes['uid'][0])-1;
|
||||||
|
$mark = false;
|
||||||
|
// Set $i to the last character which is a number in $account_new->general_username
|
||||||
|
while (!$mark) {
|
||||||
|
if (ereg('^([0-9])+$',substr($this->attributes['uid'][0], $i, strlen($this->attributes['uid'][0])-$i))) $i--;
|
||||||
|
else $mark=true;
|
||||||
|
}
|
||||||
|
// increase last number with one
|
||||||
|
$firstchars = substr($this->attributes['uid'][0], 0, $i+1);
|
||||||
|
$lastchars = substr($this->attributes['uid'][0], $i+1, strlen($this->attributes['uid'][0])-$i);
|
||||||
|
// Put username together
|
||||||
|
if ($_SESSION[$this->base]->type=='host') $this->attributes['uid'][0] = $firstchars . (intval($lastchars)+1)."$";
|
||||||
|
else $this->attributes['uid'][0] = $firstchars . (intval($lastchars)+1);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Show warning if lam has changed username
|
||||||
|
if ($_SESSION[$this->base]->type=='user')
|
||||||
|
if ($this->attributes['uid'][0] != $post['form_posixAccount_uid']) {
|
||||||
|
$errors[] = array('WARN', _('Username'), _('Username in use. Selected next free username.'));
|
||||||
|
}
|
||||||
|
if ($_SESSION[$this->base]->type=='host')
|
||||||
|
if ($this->attributes['uid'][0] != $post['form_posixAccount_uid']) {
|
||||||
|
$errors[] = array('WARN', _('Hostname'), _('Hostname in use. Selected next free hostname.'));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $this->userPassword()))
|
||||||
|
$errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
|
||||||
// Return error-messages
|
// Return error-messages
|
||||||
if (is_array($errors)) return $errors;
|
if (is_array($errors)) return $errors;
|
||||||
// Go to additional group page when no error did ocour and button was pressed
|
// Go to additional group page when no error did ocour and button was pressed
|
||||||
|
@ -259,6 +374,7 @@ class posixAccount {
|
||||||
// Values are kept as copy so we can compare old attributes with new attributes
|
// Values are kept as copy so we can compare old attributes with new attributes
|
||||||
$this->attributes['objectClass'][0] = 'posixAccount';
|
$this->attributes['objectClass'][0] = 'posixAccount';
|
||||||
$this->orig = $this->attributes;
|
$this->orig = $this->attributes;
|
||||||
|
|
||||||
// get all additional groupmemberships
|
// get all additional groupmemberships
|
||||||
$dn_groups = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('memberUid', 'posixGroup', 'group');
|
$dn_groups = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('memberUid', 'posixGroup', 'group');
|
||||||
$DNs = array_keys($dn_groups);
|
$DNs = array_keys($dn_groups);
|
||||||
|
@ -283,6 +399,39 @@ class posixAccount {
|
||||||
function save_attributes() {
|
function save_attributes() {
|
||||||
$return = $_SESSION[$this->base]->save_module_attributes($this->attributes, $this->orig);
|
$return = $_SESSION[$this->base]->save_module_attributes($this->attributes, $this->orig);
|
||||||
|
|
||||||
|
if (isset($return[$_SESSION[$this->base]->dn]['modify']['userPassword']))
|
||||||
|
unset($return[$_SESSION[$this->base]->dn]['modify']['userPassword']);
|
||||||
|
// Set unix password
|
||||||
|
if (count($this->orig['userPassword'])==0) {
|
||||||
|
// New user or no old password set
|
||||||
|
if ($this->userPassword_no) {
|
||||||
|
$return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash ('', !$this->userPassword_lock);
|
||||||
|
}
|
||||||
|
else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_hash ($this->userPassword(), !$this->userPassword_lock));
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
if (($this->attributes['userPassword'][0] != $this->orig['userPassword'][0] && $this->userPassword()!='' ) || $this->userPassword_no) {
|
||||||
|
// Write new password
|
||||||
|
if ($this->userPassword_no) $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash ('', !$this->userPassword_lock);
|
||||||
|
else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_hash ($this->userPassword(), !$this->userPassword_lock));
|
||||||
|
}
|
||||||
|
else { // No new password but old password
|
||||||
|
// (un)lock password
|
||||||
|
if ($this->userPassword_lock == pwd_is_enabled($this->orig['userPassword'][0])) {
|
||||||
|
// Split old password hash in {CRYPT} and password-hash
|
||||||
|
$i = 0;
|
||||||
|
while ($this->orig['userPassword'][0]{$i} != '}') $i++;
|
||||||
|
$passwd = substr($this->orig['userPassword'][0], $i+1 );
|
||||||
|
$crypt = substr($this->orig['userPassword'][0], 0, $i+1 );
|
||||||
|
// remove trailing ! from password hash
|
||||||
|
if ($passwd{0} == '!') $passwd = substr($passwd, 1);
|
||||||
|
// Write new password
|
||||||
|
if ($this->userPassword_lock) $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode("$crypt!$passwd");
|
||||||
|
else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode("$crypt$passwd");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Remove primary group from additional groups
|
// Remove primary group from additional groups
|
||||||
for ($i=0; $i<count($this->groups); $i++) {
|
for ($i=0; $i<count($this->groups); $i++) {
|
||||||
if ($this->groups[$i]==getgrnam($this->attributes['gidNumber'])) unset($this->groups[$i]);
|
if ($this->groups[$i]==getgrnam($this->attributes['gidNumber'])) unset($this->groups[$i]);
|
||||||
|
@ -336,7 +485,9 @@ class posixAccount {
|
||||||
* also their values.
|
* also their values.
|
||||||
*/
|
*/
|
||||||
function get_attributes() {
|
function get_attributes() {
|
||||||
return $this->attributes;
|
$return = $this->attributes;
|
||||||
|
$return['userPassword'] = $this->userPassword();
|
||||||
|
return $return;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* This function will create the html-page
|
/* This function will create the html-page
|
||||||
|
@ -346,12 +497,25 @@ class posixAccount {
|
||||||
function display_html_attributes($post) {
|
function display_html_attributes($post) {
|
||||||
$groups = findgroups(); // list of all groupnames
|
$groups = findgroups(); // list of all groupnames
|
||||||
$shelllist = getshells(); // list of all valid shells
|
$shelllist = getshells(); // list of all valid shells
|
||||||
echo "<table border=0 width=\"100%\">\n<tr>\n";
|
if ($this->attributes['userPassword'][0] != $this->orig['userPassword'][0]) $password=$this->userPassword();
|
||||||
|
else $password='';
|
||||||
|
echo "<table border=0 width=\"100%\">\n";
|
||||||
|
echo "<tr>\n";
|
||||||
|
echo '<td>' . _('Username') . "*</td>\n";
|
||||||
|
echo "<td><input name=\"form_posixAccount_uid\" type=\"text\" size=\"20\" maxlength=\"20\" value=\"".$this->attributes['uid'][0]."\"></td>\n";
|
||||||
|
echo "<td><a href=\"../help.php?HelpNumber=400\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
||||||
|
echo "</tr>\n";
|
||||||
|
echo "<tr>\n";
|
||||||
echo "<td>" . _('UID number') ."</td>\n";
|
echo "<td>" . _('UID number') ."</td>\n";
|
||||||
echo "<td><input name=\"form_posixAccount_uidNumber\" type=\"text\" size=\"6\" maxlength=\"6\" value=\"".$this->attributes['uidNumber'][0]."\"></td>\n";
|
echo "<td><input name=\"form_posixAccount_uidNumber\" type=\"text\" size=\"6\" maxlength=\"6\" value=\"".$this->attributes['uidNumber'][0]."\"></td>\n";
|
||||||
echo "<td><a href=\"../help.php?HelpNumber=401\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
echo "<td><a href=\"../help.php?HelpNumber=401\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
||||||
echo "</tr>\n";
|
echo "</tr>\n";
|
||||||
echo "<tr>\n";
|
echo "<tr>\n";
|
||||||
|
echo "<td>" . _('Gecos') . "</td>\n";
|
||||||
|
echo "<td><input name=\"form_posixAccount_gecos\" type=\"text\" size=\"30\" maxlength=\"255\" value=\"".$this->attributes['gecos'][0]."\"></td>\n";
|
||||||
|
echo "<td><a href=\"../help.php?HelpNumber=404\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
||||||
|
echo "</tr>\n";
|
||||||
|
echo "<tr>\n";
|
||||||
echo "<td>" . _('Primary group') . "*</td>\n";
|
echo "<td>" . _('Primary group') . "*</td>\n";
|
||||||
echo "<td><select name=\"form_posixAccount_group\">";
|
echo "<td><select name=\"form_posixAccount_group\">";
|
||||||
// loop trough existing groups
|
// loop trough existing groups
|
||||||
|
@ -380,13 +544,33 @@ class posixAccount {
|
||||||
echo "></td>\n";
|
echo "></td>\n";
|
||||||
echo "<tr>\n";
|
echo "<tr>\n";
|
||||||
}
|
}
|
||||||
}
|
|
||||||
echo "<tr>\n";
|
echo "<tr>\n";
|
||||||
echo "<td>" . _('Gecos') . "</td>\n";
|
echo "<td>" . _('Password') . "</td>\n";
|
||||||
echo "<td><input name=\"form_posixAccount_gecos\" type=\"text\" size=\"30\" maxlength=\"255\" value=\"".$this->attributes['gecos'][0]."\"></td>\n";
|
echo "<td><input name=\"form_posixAccount_userPassword\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"$password\"></td>\n";
|
||||||
echo "<td><a href=\"../help.php?HelpNumber=404\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
echo "<td><input name=\"form_posixAccount_genpass\" type=\"submit\" value=\"" . _('Generate password') . "\"></td>\n";
|
||||||
|
echo "</tr>\n";
|
||||||
|
echo "<tr>\n";
|
||||||
|
echo "<td>" . _('Repeat password') . "</td>\n";
|
||||||
|
echo "<td><input name=\"form_posixAccount_userPassword2\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"";
|
||||||
|
if ($post['form_posixAccount_userPassword2']!='') echo $post['form_posixAccount_userPassword2'];
|
||||||
|
else echo $password;
|
||||||
|
echo "\"></td>\n";
|
||||||
|
echo "<td></td>\n";
|
||||||
|
echo "</tr>\n";
|
||||||
|
echo "<tr>\n";
|
||||||
|
echo "<td>" . _('Use no password') . "</td>\n";
|
||||||
|
echo "<td><input name=\"form_posixAccount_userPassword_no\" type=\"checkbox\"";
|
||||||
|
if ($this->userPassword_no) echo " checked ";
|
||||||
|
echo "></td>\n";
|
||||||
|
echo "<td><a href=\"../help.php?HelpNumber=426\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
||||||
|
echo "</tr>\n";
|
||||||
|
echo "<tr>\n";
|
||||||
|
echo "<td>" . _('Lock password') . "</td>\n";
|
||||||
|
echo "<td><input name=\"form_posixAccount_userPassword_lock\" type=\"checkbox\"";
|
||||||
|
if ($this->userPassword_lock) echo " checked ";
|
||||||
|
echo "></td>\n";
|
||||||
|
echo "<td><a href=\"../help.php?HelpNumber=426\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
||||||
echo "</tr>\n";
|
echo "</tr>\n";
|
||||||
if ($_SESSION[$this->base]->type=='user') {
|
|
||||||
if (count($shelllist)!=0) {
|
if (count($shelllist)!=0) {
|
||||||
echo "<tr>\n";
|
echo "<tr>\n";
|
||||||
echo "<td>" . _('Login shell') . "*</td>\n";
|
echo "<td>" . _('Login shell') . "*</td>\n";
|
||||||
|
|
|
@ -133,7 +133,7 @@ class sambaAccount {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
if ($this->useunixpwd) return $_SESSION[$this->base]->module['inetOrgPerson']->userPassword();
|
if ($this->useunixpwd) return $_SESSION[$this->base]->module['posixAccount']->userPassword();
|
||||||
if ($this->attributes['lmPassword'][0]!='') {
|
if ($this->attributes['lmPassword'][0]!='') {
|
||||||
// Read existing password if set
|
// Read existing password if set
|
||||||
$iv = base64_decode($_COOKIE["IV"]);
|
$iv = base64_decode($_COOKIE["IV"]);
|
||||||
|
@ -151,7 +151,32 @@ class sambaAccount {
|
||||||
/* Write variables into object and do some regexp checks
|
/* Write variables into object and do some regexp checks
|
||||||
*/
|
*/
|
||||||
function proccess_attributes($post) {
|
function proccess_attributes($post) {
|
||||||
// Load attributes
|
$this->attributes['domain'][0] = $post['form_sambaAccount_domain'];
|
||||||
|
// Start character
|
||||||
|
$flag = "[";
|
||||||
|
if ($post['form_sambaAccount_acctFlagsD']) $flag .= "D";
|
||||||
|
if ($post['form_sambaAccount_acctFlagsX']) $flag .= "X";
|
||||||
|
if ($post['form_sambaAccount_acctFlagsN']) $flag .= "N";
|
||||||
|
if ($post['form_sambaAccount_acctFlagsS']) $flag .= "S";
|
||||||
|
if ($post['form_sambaAccount_acctFlagsH']) $flag .= "H";
|
||||||
|
if ($post['form_sambaAccount_acctFlagsW']) $flag .= "W";
|
||||||
|
if ($post['form_sambaAccount_acctFlagsU']) $flag .= "U";
|
||||||
|
// Expand string to fixed length
|
||||||
|
$flag = str_pad($flag, 12);
|
||||||
|
// End character
|
||||||
|
$flag = $flag. "]";
|
||||||
|
$this->attributes['acctFlags'][0] = $flag;
|
||||||
|
|
||||||
|
if ($_SESSION[$this->base]->type=='host') {
|
||||||
|
$this->attributes['primaryGroupID'][0] = $this->rids[_('Domain Computers')];
|
||||||
|
if ($post['form_sambaAccount_ResetSambaPassword']) {
|
||||||
|
// *** fixme. What is the default password?
|
||||||
|
$this->lmPassword('');
|
||||||
|
$_SESSION[$this->base]->module['posixAccount']->userPassword('');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check values
|
||||||
if ($_SESSION[$this->base]->type=='user') {
|
if ($_SESSION[$this->base]->type=='user') {
|
||||||
$this->attributes['pwdCanChange'][0] = mktime($post['form_sambaAccount_pwdCanChange_h'], $post['form_sambaAccount_pwdCanChange_m'], $post['form_sambaAccount_pwdCanChange_s'],
|
$this->attributes['pwdCanChange'][0] = mktime($post['form_sambaAccount_pwdCanChange_h'], $post['form_sambaAccount_pwdCanChange_m'], $post['form_sambaAccount_pwdCanChange_s'],
|
||||||
$post['form_sambaAccount_pwdCanChange_mon'], $post['form_sambaAccount_pwdCanChange_day'], $post['form_sambaAccount_pwdCanChange_yea']);
|
$post['form_sambaAccount_pwdCanChange_mon'], $post['form_sambaAccount_pwdCanChange_day'], $post['form_sambaAccount_pwdCanChange_yea']);
|
||||||
|
@ -180,26 +205,19 @@ class sambaAccount {
|
||||||
}
|
}
|
||||||
if ($post['form_sambaAccount_useunixpwd']) $this->useunixpwd = true;
|
if ($post['form_sambaAccount_useunixpwd']) $this->useunixpwd = true;
|
||||||
else $this->useunixpwd = false;
|
else $this->useunixpwd = false;
|
||||||
|
|
||||||
|
if ($post['form_sambaAccount_rid']== _('Administrator')) {
|
||||||
|
$this->attributes['rid'][0] = "500";
|
||||||
|
// Do a check if an administrator already exists
|
||||||
|
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache("500", 'rid', 'user'))
|
||||||
|
$errors[] = array('ERROR', _('Special user'), _('There can be only one administrator per domain.'));
|
||||||
|
}
|
||||||
|
if ($post['form_sambaAccount_rid']== _('Guest')) {
|
||||||
|
$this->attributes['rid'][0] = "501";
|
||||||
|
// Do a check if an administrator already exists
|
||||||
|
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache("501", 'rid', 'user'))
|
||||||
|
$errors[] = array('ERROR', _('Special user'), _('There can be only one guest per domain.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->attributes['domain'][0] = $post['form_sambaAccount_domain'];
|
|
||||||
// Start character
|
|
||||||
$flag = "[";
|
|
||||||
if ($post['form_sambaAccount_acctFlagsD']) $flag .= "D";
|
|
||||||
if ($post['form_sambaAccount_acctFlagsX']) $flag .= "X";
|
|
||||||
if ($post['form_sambaAccount_acctFlagsN']) $flag .= "N";
|
|
||||||
if ($post['form_sambaAccount_acctFlagsS']) $flag .= "S";
|
|
||||||
if ($post['form_sambaAccount_acctFlagsH']) $flag .= "H";
|
|
||||||
if ($post['form_sambaAccount_acctFlagsW']) $flag .= "W";
|
|
||||||
if ($post['form_sambaAccount_acctFlagsU']) $flag .= "U";
|
|
||||||
// Expand string to fixed length
|
|
||||||
$flag = str_pad($flag, 12);
|
|
||||||
// End character
|
|
||||||
$flag = $flag. "]";
|
|
||||||
$this->attributes['acctFlags'][0] = $flag;
|
|
||||||
|
|
||||||
// Check values
|
|
||||||
if ($_SESSION[$this->base]->type=='user') {
|
|
||||||
$this->attributes['smbHome'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['smbHome'][0]);
|
$this->attributes['smbHome'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['smbHome'][0]);
|
||||||
$this->attributes['smbHome'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['smbHome'][0]);
|
$this->attributes['smbHome'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['smbHome'][0]);
|
||||||
if ($this->attributes['smbHome'][0] != stripslashes($post['form_sambaAccount_smbHome'])) $errors[] = array('INFO', _('Home path'), _('Inserted user- or groupname in HomePath.'));
|
if ($this->attributes['smbHome'][0] != stripslashes($post['form_sambaAccount_smbHome'])) $errors[] = array('INFO', _('Home path'), _('Inserted user- or groupname in HomePath.'));
|
||||||
|
@ -312,6 +330,17 @@ class sambaAccount {
|
||||||
* modify are attributes which have to been modified in ldap entry
|
* modify are attributes which have to been modified in ldap entry
|
||||||
*/
|
*/
|
||||||
function save_attributes() {
|
function save_attributes() {
|
||||||
|
/* Create sambaSID. Can't create it while loading attributes because
|
||||||
|
* it's psssible uidNumber has changed
|
||||||
|
*/
|
||||||
|
$special = false;
|
||||||
|
if ($this->attributes['rid'][0] == "500") $special = true;
|
||||||
|
if ($this->attributes['rid'][0] == "501") $special = true;
|
||||||
|
if ($this->attributes['rid'][0] == "515") $special = true;
|
||||||
|
if (!$special) $this->attributes['rid'][0] == $_SESSION[$this->base]->module['posixAccount']->attributes['uidNumber'][0]*2+1000;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
$return = $_SESSION[$this->base]->save_module_attributes($this->attributes, $this->orig);
|
$return = $_SESSION[$this->base]->save_module_attributes($this->attributes, $this->orig);
|
||||||
// Set password
|
// Set password
|
||||||
if (isset($return[$_SESSION[$this->base]->dn]['modify']['lmPassword']))
|
if (isset($return[$_SESSION[$this->base]->dn]['modify']['lmPassword']))
|
||||||
|
@ -368,6 +397,7 @@ class sambaAccount {
|
||||||
echo "\"></td>\n";
|
echo "\"></td>\n";
|
||||||
echo "<td></td>\n";
|
echo "<td></td>\n";
|
||||||
echo "</tr>\n";
|
echo "</tr>\n";
|
||||||
|
if ($_SESSION[$this->base]->module['posixAccount']->orig['userPassword'][0] != $_SESSION[$this->base]->module['posixAccount']->attributes['userPassword'][0]) {
|
||||||
echo "<tr>\n";
|
echo "<tr>\n";
|
||||||
echo "<td>" . _('Use unix password') . "</td>\n";
|
echo "<td>" . _('Use unix password') . "</td>\n";
|
||||||
echo "<td><input name=\"form_sambaAccount_useunixpwd\" type=\"checkbox\"";
|
echo "<td><input name=\"form_sambaAccount_useunixpwd\" type=\"checkbox\"";
|
||||||
|
@ -375,6 +405,7 @@ class sambaAccount {
|
||||||
echo "></td>\n";
|
echo "></td>\n";
|
||||||
echo "<td><a href=\"../help.php?HelpNumber=428\" target=\"lamhelp\">" . _('Help') . "</a></td>";
|
echo "<td><a href=\"../help.php?HelpNumber=428\" target=\"lamhelp\">" . _('Help') . "</a></td>";
|
||||||
echo "</tr>\n";
|
echo "</tr>\n";
|
||||||
|
}
|
||||||
echo "<tr>\n";
|
echo "<tr>\n";
|
||||||
echo "<td>" . _('Use no password') . "</td>\n";
|
echo "<td>" . _('Use no password') . "</td>\n";
|
||||||
echo "<td><input name=\"form_sambaAccount_acctFlagsN\" type=\"checkbox\"";
|
echo "<td><input name=\"form_sambaAccount_acctFlagsN\" type=\"checkbox\"";
|
||||||
|
@ -484,14 +515,45 @@ class sambaAccount {
|
||||||
echo "<td><a href=\"../help.php?HelpNumber=464\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
echo "<td><a href=\"../help.php?HelpNumber=464\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
||||||
echo "</tr>\n";
|
echo "</tr>\n";
|
||||||
echo "<tr>\n";
|
echo "<tr>\n";
|
||||||
|
echo "<td>" . _('Special user') . "</td>\n";
|
||||||
|
echo "<td><select name=\"form_sambaAccount_rid\">";
|
||||||
|
// Display if group SID should be mapped to a well kown SID
|
||||||
|
$wrid=false;
|
||||||
|
if ($this->attributes['rid'][0]=="500") {
|
||||||
|
echo "<option selected>" . _('Administrator') . "</option>";
|
||||||
|
$wrid=true;
|
||||||
|
}
|
||||||
|
else echo "<option>" . _('Administrator') . "</option>";
|
||||||
|
if ($this->attributes['rid'][0]=="501") {
|
||||||
|
echo "<option selected>" . _('Guest') . "</option>";
|
||||||
|
$wrid=true;
|
||||||
|
}
|
||||||
|
else echo "<option>" . _('Guest') . "</option>";
|
||||||
|
if ($wrid) echo "<option>" . _('Ordinary user') . "</option>";
|
||||||
|
else echo "<option selected>" . _('Ordinary user') . "</option>";
|
||||||
|
echo "</select></td>\n";
|
||||||
|
echo "<td><a href=\"../help.php?HelpNumber=XXX\" target=\"lamhelp\">" . _('Help-XX') . "</a></td>\n";
|
||||||
|
echo "</tr>\n";
|
||||||
|
echo "<tr>\n";
|
||||||
echo "<td>" . _('Domain') . "</td>\n";
|
echo "<td>" . _('Domain') . "</td>\n";
|
||||||
echo "<td><input name=\"form_sambaAccount_domain\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"" . $this->attributes['domain'][0] . "\"></td>\n";
|
echo "<td><input name=\"form_sambaAccount_domain\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"" . $this->attributes['domain'][0] . "\"></td>\n";
|
||||||
echo "<td><a href=\"../help.php?HelpNumber=438\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
echo "<td><a href=\"../help.php?HelpNumber=438\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
||||||
echo "</tr>\n";
|
echo "</tr>\n";
|
||||||
echo "</table>\n";
|
echo "</table>\n";
|
||||||
}
|
}
|
||||||
else {
|
if ($_SESSION[$this->base]->type=='host') {
|
||||||
|
echo '<input name="form_sambaAccount_acctFlagsW" type="hidden" value="true">';
|
||||||
|
echo "<table border=0 width=\"100%\">\n<tr>\n";
|
||||||
|
echo "<tr>\n";
|
||||||
|
echo "<td>" . _('Reset password') . "</td>\n";
|
||||||
|
echo "<td><input name=\"form_sambaAccount_ResetSambaPassword\" type=\"submit\" value=\"" . _('Reset password') . "\"></td>\n";
|
||||||
|
echo "</tr>\n";
|
||||||
|
echo "<tr>\n";
|
||||||
|
echo "<td>" . _('Domain') . "</td>\n";
|
||||||
|
echo "<td><input name=\"form_sambaAccount_domain\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"" . $this->attributes['domain'][0] . "\"></td>\n";
|
||||||
|
echo "<td><a href=\"../help.php?HelpNumber=438\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
||||||
|
echo "</tr>\n";
|
||||||
|
echo "</table>\n";
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
|
@ -133,7 +133,7 @@ class sambaSamAccount {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
if ($this->useunixpwd) return $_SESSION[$this->base]->module['inetOrgPerson']->userPassword();
|
if ($this->useunixpwd) return $_SESSION[$this->base]->module['posixAccount']->userPassword();
|
||||||
if ($this->attributes['sambaLMPassword'][0]!='') {
|
if ($this->attributes['sambaLMPassword'][0]!='') {
|
||||||
// Read existing password if set
|
// Read existing password if set
|
||||||
$iv = base64_decode($_COOKIE["IV"]);
|
$iv = base64_decode($_COOKIE["IV"]);
|
||||||
|
@ -158,7 +158,6 @@ class sambaSamAccount {
|
||||||
for ($i=0; $i<count($sambaDomains); $i++ )
|
for ($i=0; $i<count($sambaDomains); $i++ )
|
||||||
if ($this->attributes['sambaDomainName'][0] == $sambaDomains[$i]->name) {
|
if ($this->attributes['sambaDomainName'][0] == $sambaDomains[$i]->name) {
|
||||||
$SID = $sambaDomains[$i]->SID;
|
$SID = $sambaDomains[$i]->SID;
|
||||||
$RIDbase = $sambaDomain[$i]->RIDbase;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$flag = "[";
|
$flag = "[";
|
||||||
|
@ -175,6 +174,15 @@ class sambaSamAccount {
|
||||||
$flag = $flag. "]";
|
$flag = $flag. "]";
|
||||||
$this->attributes['sambaAcctFlags'][0] = $flag;
|
$this->attributes['sambaAcctFlags'][0] = $flag;
|
||||||
|
|
||||||
|
if ($_SESSION[$this->base]->type=='host') {
|
||||||
|
$this->attributes['sambaPrimaryGroupSID'][0] = $SID."-".$this->rids[_('Domain Computers')];
|
||||||
|
if ($post['form_sambaSamAccount_ResetSambaPassword']) {
|
||||||
|
// *** fixme. What is the default password?
|
||||||
|
$this->sambaLMPassword('');
|
||||||
|
$_SESSION[$this->base]->module['posixAccount']->userPassword('');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if ($_SESSION[$this->base]->type=='user') {
|
if ($_SESSION[$this->base]->type=='user') {
|
||||||
$this->attributes['sambaPwdCanChange'][0] = mktime($post['form_sambaSamAccount_sambaPwdCanChange_h'], $post['form_sambaSamAccount_sambaPwdCanChange_m'], $post['form_sambaSamAccount_sambaPwdCanChange_s'],
|
$this->attributes['sambaPwdCanChange'][0] = mktime($post['form_sambaSamAccount_sambaPwdCanChange_h'], $post['form_sambaSamAccount_sambaPwdCanChange_m'], $post['form_sambaSamAccount_sambaPwdCanChange_s'],
|
||||||
$post['form_sambaSamAccount_sambaPwdCanChange_mon'], $post['form_sambaSamAccount_sambaPwdCanChange_day'], $post['form_sambaSamAccount_sambaPwdCanChange_yea']);
|
$post['form_sambaSamAccount_sambaPwdCanChange_mon'], $post['form_sambaSamAccount_sambaPwdCanChange_day'], $post['form_sambaSamAccount_sambaPwdCanChange_yea']);
|
||||||
|
@ -204,11 +212,20 @@ class sambaSamAccount {
|
||||||
}
|
}
|
||||||
if ($post['form_sambaSamAccount_useunixpwd']) $this->useunixpwd = true;
|
if ($post['form_sambaSamAccount_useunixpwd']) $this->useunixpwd = true;
|
||||||
else $this->useunixpwd = false;
|
else $this->useunixpwd = false;
|
||||||
|
|
||||||
|
if ($post['form_sambaSamAccount_sambaSID']== _('Administrator')) {
|
||||||
|
$this->attributes['sambaSID'][0] = $SID."-500";
|
||||||
|
// Do a check if an administrator already exists
|
||||||
|
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($SID."-500", 'sambaSID', 'user'))
|
||||||
|
$errors[] = array('ERROR', _('Special user'), _('There can be only one administrator per domain.'));
|
||||||
|
}
|
||||||
|
if ($post['form_sambaSamAccount_sambaSID']== _('Guest')) {
|
||||||
|
$this->attributes['sambaSID'][0] = $SID."-501";
|
||||||
|
// Do a check if an administrator already exists
|
||||||
|
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($SID."-501", 'sambaSID', 'user'))
|
||||||
|
$errors[] = array('ERROR', _('Special user'), _('There can be only one guest per domain.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
// Check values
|
// Check values
|
||||||
if ($_SESSION[$this->base]->type=='user') {
|
|
||||||
$this->attributes['sambaHomePath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['sambaHomePath'][0]);
|
$this->attributes['sambaHomePath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['sambaHomePath'][0]);
|
||||||
$this->attributes['sambaHomePath'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['sambaHomePath'][0]);
|
$this->attributes['sambaHomePath'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['sambaHomePath'][0]);
|
||||||
if ($this->attributes['sambaHomePath'][0] != stripslashes($post['form_sambaSamAccount_sambaHomePath'])) $errors[] = array('INFO', _('Home path'), _('Inserted user- or groupname in HomePath.'));
|
if ($this->attributes['sambaHomePath'][0] != stripslashes($post['form_sambaSamAccount_sambaHomePath'])) $errors[] = array('INFO', _('Home path'), _('Inserted user- or groupname in HomePath.'));
|
||||||
|
@ -230,10 +247,6 @@ class sambaSamAccount {
|
||||||
$errors[] = array('ERROR', _('Profile path'), _('Profile path is invalid!'));
|
$errors[] = array('ERROR', _('Profile path'), _('Profile path is invalid!'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((!$this->attributes['sambaDomainName'][0]=='') && !ereg('^([a-z]|[A-Z]|[0-9]|[-])+$', $this->attributes['sambaDomainName'][0]))
|
|
||||||
$errors[] = array('ERROR', _('Domain name'), _('Domain name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and -.'));
|
|
||||||
|
|
||||||
|
|
||||||
if (is_array($errors)) return $errors;
|
if (is_array($errors)) return $errors;
|
||||||
if ($post['form_sambaSamAccount_sambaUserWorkstations']) return 'sambaUserWorkstations';
|
if ($post['form_sambaSamAccount_sambaUserWorkstations']) return 'sambaUserWorkstations';
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -322,6 +335,21 @@ class sambaSamAccount {
|
||||||
* modify are attributes which have to been modified in ldap entry
|
* modify are attributes which have to been modified in ldap entry
|
||||||
*/
|
*/
|
||||||
function save_attributes() {
|
function save_attributes() {
|
||||||
|
/* Create sambaSID. Can't create it while loading attributes because
|
||||||
|
* it's psssible uidNumber has changed
|
||||||
|
*/
|
||||||
|
// Get Domain SID from name
|
||||||
|
$sambaDomains = $_SESSION[$_SESSION[$this->base]->ldap]->search_domains($_SESSION[$_SESSION[$this->base]->config]->get_domainSuffix());
|
||||||
|
for ($i=0; $i<count($sambaDomains); $i++ )
|
||||||
|
if ($this->attributes['sambaDomainName'][0] == $sambaDomains[$i]->name) {
|
||||||
|
$SID = $sambaDomains[$i]->SID;
|
||||||
|
$RIDbase = $sambaDomain[$i]->RIDbase;
|
||||||
|
}
|
||||||
|
$special = false;
|
||||||
|
if ($this->attributes['sambaSID'][0] == $SID."-500") $special = true;
|
||||||
|
if ($this->attributes['sambaSID'][0] == $SID."-501") $special = true;
|
||||||
|
if (!$special) $this->attributes['sambaSID'][0] == $SID."-".($_SESSION[$this->base]->module['posixAccount']->attributes['uidNumber'][0]*2+$RIDbase);
|
||||||
|
|
||||||
$return = $_SESSION[$this->base]->save_module_attributes($this->attributes, $this->orig);
|
$return = $_SESSION[$this->base]->save_module_attributes($this->attributes, $this->orig);
|
||||||
// Set password
|
// Set password
|
||||||
if (isset($return[$_SESSION[$this->base]->dn]['modify']['sambaLMPassword']))
|
if (isset($return[$_SESSION[$this->base]->dn]['modify']['sambaLMPassword']))
|
||||||
|
@ -355,9 +383,6 @@ class sambaSamAccount {
|
||||||
* It will output a complete html-table
|
* It will output a complete html-table
|
||||||
*/
|
*/
|
||||||
function display_html_attributes($post) {
|
function display_html_attributes($post) {
|
||||||
if ($_SESSION[$this->base]->type=='user') {
|
|
||||||
$canchangedate = getdate($this->attributes['sambaPwdCanChange'][0]);
|
|
||||||
$mustchangedate = getdate($this->attributes['sambaPwdMustChange'][0]);
|
|
||||||
// Get Domain SID from name
|
// Get Domain SID from name
|
||||||
$sambaDomains = $_SESSION[$_SESSION[$this->base]->ldap]->search_domains($_SESSION[$_SESSION[$this->base]->config]->get_domainSuffix());
|
$sambaDomains = $_SESSION[$_SESSION[$this->base]->ldap]->search_domains($_SESSION[$_SESSION[$this->base]->config]->get_domainSuffix());
|
||||||
for ($i=0; $i<count($sambaDomains); $i++ ) {
|
for ($i=0; $i<count($sambaDomains); $i++ ) {
|
||||||
|
@ -365,6 +390,9 @@ class sambaSamAccount {
|
||||||
if ($this->attributes['sambaDomainName'][0] == $sambaDomains[$i]->name)
|
if ($this->attributes['sambaDomainName'][0] == $sambaDomains[$i]->name)
|
||||||
$SID = $sambaDomains[$i]->SID;
|
$SID = $sambaDomains[$i]->SID;
|
||||||
}
|
}
|
||||||
|
if ($_SESSION[$this->base]->type=='user') {
|
||||||
|
$canchangedate = getdate($this->attributes['sambaPwdCanChange'][0]);
|
||||||
|
$mustchangedate = getdate($this->attributes['sambaPwdMustChange'][0]);
|
||||||
echo '<input name="form_sambaSamAccount_sambaPwdCanChange_h" type="hidden" value="'.$canchangedate['hours'].'">'.
|
echo '<input name="form_sambaSamAccount_sambaPwdCanChange_h" type="hidden" value="'.$canchangedate['hours'].'">'.
|
||||||
'<input name="form_sambaSamAccount_sambaPwdCanChange_m" type="hidden" value="'.$canchangedate['minutes'].'">'.
|
'<input name="form_sambaSamAccount_sambaPwdCanChange_m" type="hidden" value="'.$canchangedate['minutes'].'">'.
|
||||||
'<input name="form_sambaSamAccount_sambaPwdCanChange_s" type="hidden" value="'.$canchangedate['seconds'].'">'.
|
'<input name="form_sambaSamAccount_sambaPwdCanChange_s" type="hidden" value="'.$canchangedate['seconds'].'">'.
|
||||||
|
@ -385,13 +413,15 @@ class sambaSamAccount {
|
||||||
echo "\"></td>\n";
|
echo "\"></td>\n";
|
||||||
echo "<td></td>\n";
|
echo "<td></td>\n";
|
||||||
echo "</tr>\n";
|
echo "</tr>\n";
|
||||||
|
if ($_SESSION[$this->base]->module['posixAccount']->orig['userPassword'][0] != $_SESSION[$this->base]->module['posixAccount']->attributes['userPassword'][0]) {
|
||||||
echo "<tr>\n";
|
echo "<tr>\n";
|
||||||
echo "<td>" . _('Use unix password') . "</td>\n";
|
echo "<td>" . _('Use unix password') . "</td>\n";
|
||||||
echo "<td><input name=\"form_sambaSamAccount_useunixpwd\" type=\"checkbox\"";
|
echo "<td><input name=\"form_sambaAccount_useunixpwd\" type=\"checkbox\"";
|
||||||
if ($this->useunixpwd) echo " checked ";
|
if ($this->useunixpwd) echo " checked ";
|
||||||
echo "></td>\n";
|
echo "></td>\n";
|
||||||
echo "<td><a href=\"../help.php?HelpNumber=428\" target=\"lamhelp\">" . _('Help') . "</a></td>";
|
echo "<td><a href=\"../help.php?HelpNumber=428\" target=\"lamhelp\">" . _('Help') . "</a></td>";
|
||||||
echo "</tr>\n";
|
echo "</tr>\n";
|
||||||
|
}
|
||||||
echo "<tr>\n";
|
echo "<tr>\n";
|
||||||
echo "<td>" . _('Use no password') . "</td>\n";
|
echo "<td>" . _('Use no password') . "</td>\n";
|
||||||
echo "<td><input name=\"form_sambaSamAccount_sambaAcctFlagsN\" type=\"checkbox\"";
|
echo "<td><input name=\"form_sambaSamAccount_sambaAcctFlagsN\" type=\"checkbox\"";
|
||||||
|
@ -501,6 +531,26 @@ class sambaSamAccount {
|
||||||
echo "<td><a href=\"../help.php?HelpNumber=464\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
echo "<td><a href=\"../help.php?HelpNumber=464\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
||||||
echo "</tr>\n";
|
echo "</tr>\n";
|
||||||
echo "<tr>\n";
|
echo "<tr>\n";
|
||||||
|
echo "<td>" . _('Special user') . "</td>\n";
|
||||||
|
echo "<td><select name=\"form_sambaSamAccount_sambaSID\">";
|
||||||
|
// Display if group SID should be mapped to a well kown SID
|
||||||
|
$wrid=false;
|
||||||
|
if ($this->attributes['sambaSID'][0]==$SID."-500") {
|
||||||
|
echo "<option selected>" . _('Administrator') . "</option>";
|
||||||
|
$wrid=true;
|
||||||
|
}
|
||||||
|
else echo "<option>" . _('Administrator') . "</option>";
|
||||||
|
if ($this->attributes['sambaSID'][0]==$SID."-501") {
|
||||||
|
echo "<option selected>" . _('Guest') . "</option>";
|
||||||
|
$wrid=true;
|
||||||
|
}
|
||||||
|
else echo "<option>" . _('Guest') . "</option>";
|
||||||
|
if ($wrid) echo "<option>" . _('Ordinary user') . "</option>";
|
||||||
|
else echo "<option selected>" . _('Ordinary user') . "</option>";
|
||||||
|
echo "</select></td>\n";
|
||||||
|
echo "<td><a href=\"../help.php?HelpNumber=XXX\" target=\"lamhelp\">" . _('Help-XX') . "</a></td>\n";
|
||||||
|
echo "</tr>\n";
|
||||||
|
echo "<tr>\n";
|
||||||
echo "<td>" . _('Domain') . "</td>\n";
|
echo "<td>" . _('Domain') . "</td>\n";
|
||||||
echo "<td><select name=\"form_sambaSamAccount_sambaDomainName\">";
|
echo "<td><select name=\"form_sambaSamAccount_sambaDomainName\">";
|
||||||
foreach ($sambaDomainNames as $domain) {
|
foreach ($sambaDomainNames as $domain) {
|
||||||
|
@ -512,8 +562,24 @@ class sambaSamAccount {
|
||||||
echo "</tr>\n";
|
echo "</tr>\n";
|
||||||
echo "</table>\n";
|
echo "</table>\n";
|
||||||
}
|
}
|
||||||
else {
|
if ($_SESSION[$this->base]->type=='host') {
|
||||||
|
echo '<input name="form_sambaSamAccount_sambaAcctFlagsW" type="hidden" value="true">';
|
||||||
|
echo "<table border=0 width=\"100%\">\n<tr>\n";
|
||||||
|
echo "<tr>\n";
|
||||||
|
echo "<td>" . _('Reset password') . "</td>\n";
|
||||||
|
echo "<td><input name=\"form_sambaSamAccount_ResetSambaPassword\" type=\"submit\" value=\"" . _('Reset password') . "\"></td>\n";
|
||||||
|
echo "</tr>\n";
|
||||||
|
echo "<tr>\n";
|
||||||
|
echo "<td>" . _('Domain') . "</td>\n";
|
||||||
|
echo "<td><select name=\"form_sambaSamAccount_sambaDomainName\">";
|
||||||
|
foreach ($sambaDomainNames as $domain) {
|
||||||
|
if ($this->attributes['sambaDomainName'][0]==$domain) echo "<option selected>$domain</option>";
|
||||||
|
else "<option>$domain</option>";
|
||||||
|
}
|
||||||
|
echo "</select></td>\n";
|
||||||
|
echo "<td><a href=\"../help.php?HelpNumber=438\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
||||||
|
echo "</tr>\n";
|
||||||
|
echo "</table>\n";
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -575,4 +641,5 @@ class sambaSamAccount {
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -95,7 +95,7 @@ class shadowAccount {
|
||||||
/* This function returns a list with all required modules
|
/* This function returns a list with all required modules
|
||||||
*/
|
*/
|
||||||
function dependencies() {
|
function dependencies() {
|
||||||
return array('inetOrgPerson');
|
return array('posixAccount');
|
||||||
}
|
}
|
||||||
|
|
||||||
function module_ready() {
|
function module_ready() {
|
||||||
|
@ -162,7 +162,7 @@ class shadowAccount {
|
||||||
$return = $_SESSION[$this->base]->save_module_attributes($this->attributes, $this->orig);
|
$return = $_SESSION[$this->base]->save_module_attributes($this->attributes, $this->orig);
|
||||||
|
|
||||||
// Set shadowLastchange manual.
|
// Set shadowLastchange manual.
|
||||||
if ($_SESSION[$this->base]->module['inetOrgPerson']->userPassword()!='' || $_SESSION[$this->base]->module['inetOrgPerson']->userPassword_no)
|
if (($_SESSION[$this->base]->module['posixAccount']->orig['userPassword'][0] != $_SESSION[$this->base]->module['posixAccount']->attributes['userPassword'][0] && $_SESSION[$this->base]->module['posixAccount']->userPassword()!='') || $_SESSION[$this->base]->module['posixAccount']->userPassword_no)
|
||||||
$return[$_SESSION[$this->base]->dn]['modify']['shadowLastChange'] = array(intval(time()/3600/24));
|
$return[$_SESSION[$this->base]->dn]['modify']['shadowLastChange'] = array(intval(time()/3600/24));
|
||||||
|
|
||||||
return $return;
|
return $return;
|
||||||
|
|
|
@ -0,0 +1,73 @@
|
||||||
|
<?php
|
||||||
|
/*
|
||||||
|
$Id$
|
||||||
|
|
||||||
|
This code is part of LDAP Account Manager (http://www.sourceforge.net/projects/lam)
|
||||||
|
Copyright (C) 2003 Tilo Lutz
|
||||||
|
|
||||||
|
This program is free software; you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation; either version 2 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License
|
||||||
|
along with this program; if not, write to the Free Software
|
||||||
|
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||||
|
|
||||||
|
|
||||||
|
LDAP Account Manager displays table for creating or modifying accounts in LDAP
|
||||||
|
*/
|
||||||
|
|
||||||
|
// include all needed files
|
||||||
|
include_once('../../lib/account.inc'); // File with all account-funtions
|
||||||
|
include_once('../../lib/config.inc'); // File with configure-functions
|
||||||
|
include_once('../../lib/profiles.inc'); // functions to load and save profiles
|
||||||
|
include_once('../../lib/status.inc'); // Return error-message
|
||||||
|
include_once('../../lib/pdf.inc'); // Return a pdf-file
|
||||||
|
include_once('../../lib/ldap.inc'); // LDAP-functions
|
||||||
|
|
||||||
|
/* We have to include all modules
|
||||||
|
* before start session
|
||||||
|
* *** fixme I would prefer loading them dynamic but
|
||||||
|
* i don't know how to to this
|
||||||
|
*/
|
||||||
|
$dir = opendir('../../lib/modules');
|
||||||
|
while ($entry = readdir($dir))
|
||||||
|
if (is_file('../../lib/modules/'.$entry)) include_once ('../../lib/modules/'.$entry);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
// Start session
|
||||||
|
session_save_path('../../sess');
|
||||||
|
@session_start();
|
||||||
|
|
||||||
|
// Redirect to startpage if user is not loged in
|
||||||
|
if (!isset($_SESSION['loggedIn'])) {
|
||||||
|
metaRefresh("../login.php");
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Set correct language, codepages, ....
|
||||||
|
setlanguage();
|
||||||
|
|
||||||
|
if (!isset($_SESSION['cache'])) {
|
||||||
|
$_SESSION['cache'] = new cache();
|
||||||
|
}
|
||||||
|
if ($_GET['DN']) {
|
||||||
|
//load account
|
||||||
|
$DN = str_replace("\'", '', $_GET['DN']);
|
||||||
|
$_SESSION['account'] = new accountContainer('host', 'account');
|
||||||
|
$_SESSION['account']->load_account($DN);
|
||||||
|
}
|
||||||
|
else if (count($_POST)==0) {
|
||||||
|
$_SESSION['account'] = new accountContainer('host', 'account');
|
||||||
|
$_SESSION['account']->new_account();
|
||||||
|
}
|
||||||
|
$_SESSION['account']->continue_main($_POST);
|
||||||
|
|
||||||
|
?>
|
Loading…
Reference in New Issue