WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Improved Error-Handling

This commit is contained in:
katagia 2003-06-15 19:28:15 +00:00
parent e4b5049df9
commit 27929526e9
3 changed files with 196 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

181
lam/lib/account.inc
View File

@ -165,17 +165,20 @@ function checkglobal($values, $type, $values_old=false) { // This functions chec
$return->general_homedir = str_replace('$group', $values->general_group, $values->general_homedir);
if ($values->general_username != '')
$return->general_homedir = str_replace('$user', $values->general_username, $values->general_homedir);
if ( !ereg('^[/][a-z]([a-z]|[0-9]|[.]|[-]|[_])*([/][a-z]([a-z]|[0-9]|[.]|[-]|[_])*)*$', $return->general_homedir ))
return _('Homedirectory contents invalid characters.');
if ($return->general_homedir != $values->general_homedir) $errors[] = array('INFO', _('Homedir'), _('Replaced $user or $group in homedir.'));
if ( !ereg('^[/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*([/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*)*$', $return->general_homedir ))
$errors[] = array('ERROR', _('Homedir'), _('Homedirectory contents invalid characters.'));
// Check if givenname is valid
if ( !ereg('^([a-z]|[A-Z])+$', $values->general_givenname)) return _('Givenname contents invalid characters');
if ( !ereg('^([a-z]|[A-Z])+$', $values->general_givenname)) $errors[] = array('ERROR', _('Givenname'), _('Givenname contents invalid characters'));
// Check if surname is valid
if ( !ereg('^([a-z]|[A-Z])+$', $values->general_surname)) return _('Surname contents invalid characters');
if ( ($values->general_gecos=='') || ($values->general_gecos==' '))
if ( !ereg('^([a-z]|[A-Z])+$', $values->general_surname)) $errors[] = array('ERROR', _('Surname'), _('Surname contents invalid characters'));
if ( ($values->general_gecos=='') || ($values->general_gecos==' ')) {
$return->general_gecos = $values->general_givenname . " " . $values->general_surname ;
$errors[] = array('INFO', _('Gecos'), _('Inserted sur- and givenname in gecos-field.'));
}
// Check if Username contents only valid characters
if ( !ereg('^([a-z]|[0-9]|[.]|[-]|[_])*$', $values->general_username))
return _('Username contents invalid characters. Valid characters are: a-z, 0-9 and .-_ !');
$errors[] = array('ERROR', _('Username'), _('Username contents invalid characters. Valid characters are: a-z, 0-9 and .-_ !'));
// Check if user already exists
$return->general_username = $values->general_username;
// Create automatic useraccount with number if original user allready exists
@ -198,12 +201,16 @@ function checkglobal($values, $type, $values_old=false) { // This functions chec
$return->general_username = $firstchars . (intval($lastchars)+1);
}
}
if ($values->general_username != $return->general_username) $errors[] = array('WARN', _('Username'), _('Username allready in use. Selected next free username.'));
break;
case 'group' :
// Check if Groupname contents only valid characters
if ( !ereg('^([a-z]|[0-9]|[.]|[-]|[_])*$', $values->general_username))
return _('Groupname contents invalid characters. Valid characters are: a-z, 0-9 and .-_ !');
if ($values->general_gecos=='') $return->general_gecos = $values->general_username ;
$errors[] = array('ERROR', _('Groupname'), _('Groupname contents invalid characters. Valid characters are: a-z, 0-9 and .-_ !'));
if ($values->general_gecos=='') {
$return->general_gecos = $values->general_username ;
$errors[] = array('INFO', _('Gecos'), _('Inserted groupname in gecos-field.'));
}
// Check if user already exists
$return->general_username = $values->general_username;
// Create automatic groupaccount with number if original user allready exists
@ -226,19 +233,25 @@ function checkglobal($values, $type, $values_old=false) { // This functions chec
$return->general_username = $firstchars . (intval($lastchars)+1);
}
}
if ($values->general_username != $return->general_username) $errors[] = array('WARN', _('Groupname'), _('Groupname allready in use. Selected next free groupname.'));
break;
case 'host' :
if ( substr($values->general_username, strlen($values->general_username)-1, strlen($values->general_username)) != '$' )
if ( substr($values->general_username, strlen($values->general_username)-1, strlen($values->general_username)) != '$' ) {
$return->general_username = $values->general_username . '$';
$errors[] = array('WARN', _('Hostname'), _('Added $ to hostname.'));
}
// Check if Hostname contents only valid characters
if ( !ereg('^([a-z]|[0-9]|[.]|[-]|[$])*$', $values->general_username))
return _('Hostname contents invalid characters. Valid characters are: a-z, 0-9 and .-_ !');
$errors[] = array('ERROR', _('Hostname'), _('Hostname contents invalid characters. Valid characters are: a-z, 0-9 and .-_ !'));
// Check if Hostname already exists
$return->general_homedir = '/dev/null';
$return->general_shell = '/bin/false';
// Check if user already exists
$return->general_username = $values->general_username;
if ($values->general_gecos=='') $return->general_gecos = $values->general_username;
if ($values->general_gecos=='') {
$return->general_gecos = $values->general_username;
$errors[] = array('INFO', _('Gecos'), _('Inserted hostname in gecos-field.'));
}
// Create automatic groupaccount with number if original user allready exists
while ($temp = ldapexists($return, $type, $values_old)) {
// get last character of username
@ -259,58 +272,78 @@ function checkglobal($values, $type, $values_old=false) { // This functions chec
$return->general_username = $firstchars . (intval($lastchars)+1). '$';
}
}
if ($values->general_username != $return->general_username) $errors[] = array('WARN', _('Hostname'), _('Hostname allready in use. Selected next free hostname.'));
break;
}
// Check if UID is valid. If none value was entered, the next useable value will be inserted
$return->general_uidNumber = checkid($values, $type, $values_old);
if (is_string($return->general_uidNumber)) return $return->general_uidNumber;
if (is_string($return->general_uidNumber)) // true if checkid has returned an error
$errors[] = array('ERROR', _('ID-Number'), $return->general_uidNumber);
// Check if Name-length is OK. minLength=3, maxLength=20
if ( !ereg('.{3,20}', $values->general_username)) return _('Name must content between 3 and 20 characters.');
if ( !ereg('.{3,20}', $values->general_username)) $errors[] = array('ERROR', _('Name'), _('Name must content between 3 and 20 characters.'));
// Check if Name starts with letter
if ( !ereg('^[a-z].*$', $values->general_username))
return _('Name contents invalid characters. First character must be a letter');
return $return;
$errors[] = array('ERROR', _('Name'), _('Name contents invalid characters. First character must be a letter'));
// Return values and errors
if (!$errors) return array($return, '');
else return array($return, $errors);
}
function checkunix($values, $type) { // This function checks all unix account paramters
$key = $_COOKIE['Key'];
$iv = $_COOKIE['IV'];
$values->unix_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, base64_decode($key),
base64_decode($values->unix_password), MRYPT_MODE_ECB,
base64_decode($iv));
$values->unix_password = str_replace(chr(00), '', $values->unix_password);
if ($type=='user' && !ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $values->unix_password))
return _('Password contents invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !');
if ( !ereg('^([0-9]*)$', $values->unix_pwdminage)) return _('Password Minage must be are natural number.');
if ( $values->unix_pwdminage > $values->unix_pwdmaxage ) return _('Password Maxage must bigger as Password Minage.');
if ( !ereg('^([1-9]+)([0-9]*)$', $values->unix_pwdmaxage)) return _('Password Maxage must be are natural number.');
if ($values->unix_pwdminage=='') return _('No value for Password Minage.');
$errors[] = array('ERROR', _('Password'), _('Password contents invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
if ( !ereg('^([0-9]*)$', $values->unix_pwdminage)) $errors[] = array('ERROR', _('Password Minage'), _('Password Minage must be are natural number.'));
if ( $values->unix_pwdminage > $values->unix_pwdmaxage ) $errors[] = array('ERROR', _('Password Maxage'), _('Password Maxage must bigger as Password Minage.'));
if ( !ereg('^([1-9]+)([0-9]*)$', $values->unix_pwdmaxage)) $errors[] = array('ERROR', _('Password Maxage'), _('Password Maxage must be are natural number.'));
if ($values->unix_pwdminage=='') $errors[] = array('ERROR', _('Password Minage'), _('No value for Password Minage.'));
if ( !ereg('^(([-][1])|([0-9]*))$', $values->unix_pwdallowlogin))
return _('Password Expire must be are natural number or -1.');
if ($values->unix_pwdmaxage=='') return _('No value for Password Maxage.');
if ( !ereg('^([1-9]+)([0-9]*)$', $values->unix_pwdwarn)) return _('Password Warn must be are natural number.');
if ($values->unix_pwdallowlogin=='') return _('No value for Password Expire.');
if ($values->unix_pwdwarn=='') return _('No value for Password Warn.');
return 0;
$errors[] = array('ERROR', _('Password Expire'), _('Password Expire must be are natural number or -1.'));
if ($values->unix_pwdmaxage=='') $errors[] = array('ERROR', _('Password Maxage'), _('No value for Password Maxage.'));
if ( !ereg('^([1-9]+)([0-9]*)$', $values->unix_pwdwarn)) $errors[] = array('ERROR', _('Password Warn'), _('Password Warn must be are natural number.'));
if ($values->unix_pwdallowlogin=='') $errors[] = array('ERROR', _('Password Expire'), _('No value for Password Expire.'));
if ($values->unix_pwdwarn=='') $errors[] = array('ERROR', _('Password Warn'), _('No value for Password Warn.'));
return $errors;
}
function checksamba($values, $type) { // This function checks all samba account paramters
$values->smb_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, base64_decode($_COOKIE['Key']),
base64_decode($values->smb_password), MRYPT_MODE_ECB,
base64_decode($_COOKIE['IV']));
$values->smb_password = str_replace(chr(00), '', $values->smb_password);
$return = new account();
if ($values->smb_useunixpwd) $return->smb_password = $values->unix_password;
switch ($type) {
case 'user' :
$return->smb_scriptPath = str_replace('$user', $values->general_username, $values->smb_scriptPath);
$return->smb_scriptPath = str_replace('$group', $values->general_group, $values->smb_scriptPath);
if ($values->smb_scriptPath != $return->smb_scriptPath) $errors[] = array('INFO', _('Scriptpath'), _('Inserted username in scriptpath.'));
$return->smb_scriptPath = str_replace('$group', $values->general_group, $return->smb_scriptPath);
if ($values->smb_scriptPath != $return->smb_scriptPath) $errors[] = array('INFO', _('Scriptpath'), _('Inserted groupname in scriptpath.'));
$return->smb_profilePath = str_replace('$user', $values->general_username, $values->smb_profilePath);
if ($values->smb_profilePath != $return->smb_profilePath) $errors[] = array('INFO', _('Profilepath'), _('Inserted username in profilepath.'));
$return->smb_profilePath = str_replace('$group', $return->general_group, $return->smb_profilePath);
if ($values->smb_profilePath != $return->smb_profilePath) $errors[] = array('INFO', _('Profilepath'), _('Inserted groupname in profilepath.'));
$return->smb_smbHome = str_replace('$user', $values->general_username, $values->smb_smbHome);
if ($values->smb_smbHome != $return->smb_smbHome) $errors[] = array('INFO', _('smbHome'), _('Inserted username in smbhome.'));
$return->smb_smbHome = str_replace('$group', $return->general_group, $return->smb_smbHome);
if ($values->smb_smbHome != $return->smb_smbHome) $errors[] = array('INFO', _('smbHome'), _('Inserted groupname in smbhome.'));
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$',
$values->smb_password)) return _('Password contents invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !');
$values->smb_password)) $errors[] = array('ERROR', _('Password'), _('Password contents invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
if ( (!$return->smb_scriptPath=='') && (!ereg('^([/])*[a-z]([a-z]|[0-9]|[.]|[-]|[_])*([/][a-z]([a-z]|[0-9]|[.]|[-]|[_])*)*$', $return->smb_scriptPath)))
return _('Scriptpath is invalid');
$errors[] = array('ERROR', _('Scriptpath'), _('Scriptpath is invalid'));
if ( (!$return->smb_profilePath=='') && (!ereg('^[/][a-z]([a-z]|[0-9]|[.]|[-]|[_])*([/][a-z]([a-z]|[0-9]|[.]|[-]|[_])*)*$', $return->smb_profilePath))
&& (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-])+)+$', $return->smb_profilePath)))
return _('ProfilePath is invalid.');
$errors[] = array('ERROR', _('Profilepath'), _('ProfilePath is invalid.'));
if ( (!$return->smb_smbHome=='') && !ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-])+)+$', $return->smb_smbhome))
return _('smbHome is invalid.');
$errors[] = array('ERROR', _('smbHome'), _('smbHome is invalid.'));
if ((!$values->smb_smbuserworkstations=='') && !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-])+(([,])+([a-z]|[A-Z]|[0-9]|[.]|[-])+)*$', $values->smb_smbuserworkstations))
return _('User Workstations is invalid.');
$errors[] = array('ERROR', _('User Workstations'), _('User Workstations is invalid.'));
$return->smb_flagsW = 0;
break;
case 'host' :
@ -319,11 +352,13 @@ function checksamba($values, $type) { // This function checks all samba account
break;
}
if ((!$values->smb_domain=='') && !ereg('^([a-z]|[A-Z]|[0-9]|[-])+$', $values->smb_domain))
return _('Domain Name contents invalid characters. Valid characters are: a-z, A-Z, 0-9 and -.');
$errors[] = array('ERROR', _('Domain Name'), _('Domain Name contents invalid characters. Valid characters are: a-z, A-Z, 0-9 and -.'));
if ($values->smb_useunixpwd) $return->smb_useunixpwd = 1; else $return->smb_useunixpwd = 0;
if ($values->smb_pwdcanchange) $return->smb_pwdcanchange = 1; else $return->smb_pwdcanchange = 0;
if ($values->smb_pwdmustchange) $return->smb_pwdmustchange = 1; else $return->smb_pwdmustchange = 0;
return $return;
// Return values and errors
if (!$errors) return array($return, '');
else return array($return, $errors);
}
function checkquota($values) { // This function checks all quota paramters
@ -332,30 +367,34 @@ function checkquota($values) { // This function checks all quota paramters
while ($values->quota[$i][0]) {
if (!$values->quota[$i][2]) $return->quota[$i][2] = 0;
else if (!ereg('^([0-9])*$', $values->quota[$i][2]))
return _('Block soft quota contains invalid characters. Only natural numbers are allowed');
$errors[] = array('ERROR', _('Block soft quota'), _('Block soft quota contains invalid characters. Only natural numbers are allowed'));
if (!$values->quota[$i][3]) $return->quota[$i][3] = 0;
else if (!ereg('^([0-9])*$', $values->quota[$i][3]))
return _('Block hard quota contains invalid characters. Only natural numbers are allowed');
$errors[] = array('ERROR', _('Block hard quota'), _('Block hard quota contains invalid characters. Only natural numbers are allowed'));
if (!$values->quota[$i][6]) $return->quota[$i][6] = 0;
else if (!ereg('^([0-9])*$', $values->quota[$i][6]))
return _('Inode soft quota contains invalid characters. Only natural numbers are allowed');
$errors[] = array('ERROR', _('Inode soft quota'), _('Inode soft quota contains invalid characters. Only natural numbers are allowed'));
if (!$values->quota[$i][7]) $return->quota[$i][7] = 0;
else if (!ereg('^([0-9])*$', $values->quota[$i][7]))
return _('Inode hard quota contains invalid characters. Only natural numbers are allowed');
$errors[] = array('ERROR', _('Inode hard quota'), _('Inode hard quota contains invalid characters. Only natural numbers are allowed'));
$return->quota[$i][2] = $values->quota[$i][2];
$return->quota[$i][3] = $values->quota[$i][3];
$return->quota[$i][6] = $values->quota[$i][6];
$return->quota[$i][7] = $values->quota[$i][7];
$i++;
}
return $return;
// Return values and errors
if (!$errors) return array($return, '');
else return array($return, $errors);
}
function checkpersonal($values) {
$return = new account();
$return = $values;
return $return;
// Return values and errors
if (!$errors) return array($return, '');
else return array($return, $errors);
}
function genpasswd() { // This function will return a password with max. 8 characters
@ -760,6 +799,15 @@ function createuser($values) { // Will create the LDAP-Account
$date = mktime(10,0,0, $values->unix_pwdexpire_mon, $values->unix_pwdexpire_day, $values->unix_pwdexpire_yea) / 86400 ;
settype($date, 'integer');
$values->general_dn = 'uid=' . $values->general_username . ',' . $_SESSION['config']->get_UserSuffix();
// decrypt password
$values->unix_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, base64_decode($_COOKIE['Key']),
base64_decode($values->unix_password), MRYPT_MODE_ECB,
base64_decode($_COOKIE['IV']));
$values->unix_password = str_replace(chr(00), '', $values->unix_password);
$values->smb_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, base64_decode($_COOKIE['Key']),
base64_decode($values->smb_password), MRYPT_MODE_ECB,
base64_decode($_COOKIE['IV']));
$values->smb_password = str_replace(chr(00), '', $values->smb_password);
// All Values need for an user-account
// General Objectclasses
@ -846,6 +894,16 @@ function modifyuser($values,$values_old) { // Will modify the LDAP-Account
// 3 == Account has been modified
// 5 == Error while modifying Account
// Value stored in shadowExpire, days since 1.1.1970
// decrypt password
$values->unix_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, base64_decode($_COOKIE['Key']),
base64_decode($values->unix_password), MRYPT_MODE_ECB,
base64_decode($_COOKIE['IV']));
$values->unix_password = str_replace(chr(00), '', $values->unix_password);
$values->smb_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, base64_decode($_COOKIE['Key']),
base64_decode($values->smb_password), MRYPT_MODE_ECB,
base64_decode($_COOKIE['IV']));
$values->smb_password = str_replace(chr(00), '', $values->smb_password);
$date = mktime(10,0,0, $values->unix_pwdexpire_mon, $values->unix_pwdexpire_day, $values->unix_pwdexpire_yea) / 86400 ;
settype($date, 'integer');
$values->general_dn = 'uid=' . $values->general_username . ',' . $_SESSION['config']->get_UserSuffix();
@ -1026,6 +1084,16 @@ function createhost($values) { // Will create the LDAP-Account
settype($date, 'integer');
$values->general_dn = 'uid=' . $values->general_username . ',' . $_SESSION['config']->get_HostSuffix();
// decrypt password
$values->unix_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, base64_decode($_COOKIE['Key']),
base64_decode($values->unix_password), MRYPT_MODE_ECB,
base64_decode($_COOKIE['IV']));
$values->unix_password = str_replace(chr(00), '', $values->unix_password);
$values->smb_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, base64_decode($_COOKIE['Key']),
base64_decode($values->smb_password), MRYPT_MODE_ECB,
base64_decode($_COOKIE['IV']));
$values->smb_password = str_replace(chr(00), '', $values->smb_password);
// All Values need for an host-account
// General Objectclasses
$attr['objectClass'][0] = 'posixAccount';
@ -1092,6 +1160,17 @@ function modifyhost($values,$values_old) { // Will modify the LDAP-Account
// Value stored in shadowExpire, days since 1.1.1970
$date = mktime(10,0,0, $values->unix_pwdexpire_mon, $values->unix_pwdexpire_day, $values->unix_pwdexpire_yea) / 86400 ;
settype($date, 'integer');
// decrypt password
$values->unix_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, base64_decode($_COOKIE['Key']),
base64_decode($values->unix_password), MRYPT_MODE_ECB,
base64_decode($_COOKIE['IV']));
$values->unix_password = str_replace(chr(00), '', $values->unix_password);
$values->smb_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, base64_decode($_COOKIE['Key']),
base64_decode($values->smb_password), MRYPT_MODE_ECB,
base64_decode($_COOKIE['IV']));
$values->smb_password = str_replace(chr(00), '', $values->smb_password);
$values->general_dn = 'uid=' . $values->general_username . ',' . $_SESSION['config']->get_HostSuffix();
if ($values->general_username != $values_old->general_username) {
$attr['cn'] = $values->general_username; // posixAccount_req shadowAccount_req sambaAccount_may
@ -1216,6 +1295,17 @@ function creategroup($values) { // Will create the LDAP-Group
// 4 == Error while creating Group
// 5 == Error while modifying Group
$values->general_dn = 'cn=' . $values->general_username . ',' . $_SESSION['config']->get_GroupSuffix();
// decrypt password
$values->unix_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, base64_decode($_COOKIE['Key']),
base64_decode($values->unix_password), MRYPT_MODE_ECB,
base64_decode($_COOKIE['IV']));
$values->unix_password = str_replace(chr(00), '', $values->unix_password);
$values->smb_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, base64_decode($_COOKIE['Key']),
base64_decode($values->smb_password), MRYPT_MODE_ECB,
base64_decode($_COOKIE['IV']));
$values->smb_password = str_replace(chr(00), '', $values->smb_password);
$attr['objectClass'] = 'posixGroup';
$attr['cn'] = $values->general_username;
$attr['gidNumber'] = $values->general_uidNumber;
@ -1232,6 +1322,17 @@ function modifygroup($values,$values_old) { // Will modify the LDAP-Group
// 3 == Group has been modified
// 5 == Error while modifying Group
$values->general_dn = 'cn=' . $values->general_username . ',' . $_SESSION['config']->get_GroupSuffix();
// decrypt password
$values->unix_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, base64_decode($_COOKIE['Key']),
base64_decode($values->unix_password), MRYPT_MODE_ECB,
base64_decode($_COOKIE['IV']));
$values->unix_password = str_replace(chr(00), '', $values->unix_password);
$values->smb_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, base64_decode($_COOKIE['Key']),
base64_decode($values->smb_password), MRYPT_MODE_ECB,
base64_decode($_COOKIE['IV']));
$values->smb_password = str_replace(chr(00), '', $values->smb_password);
if ($values->general_username != $values_old->general_username) $attr['cn'] = $values->general_username;
if ($values->general_uidNumber != $values_old->general_uidNumber) $attr['gidNumber'] = $values->general_uidNumber;
if ($values->general_gecos != $values_old->general_gecos) $attr['description'] = $values->general_gecos;

62
lam/templates/account.php
View File

@ -30,7 +30,6 @@ include_once('../lib/profiles.inc'); // functions to load and save profiles
include_once('../lib/status.inc'); // Return error-message
include_once('../lib/pdf.inc'); // Return a pdf-file
$error = "0";
initvars($_GET['type'], $_GET['DN']); // Initialize all needed vars
switch ($_POST['select']) { // Select which part of page should be loaded and check values
@ -62,15 +61,14 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
if ($_POST['f_general_gecos']) $_SESSION['account']->general_gecos = $_POST['f_general_gecos'];
else $_SESSION['account']->general_gecos = "";
// Check if values are OK and set automatic values. if not error-variable will be set
if ($_SESSION['account_old']) $values = checkglobal($_SESSION['account'], $_SESSION['type2'], $_SESSION['account_old']); // account.inc
else $values = checkglobal($_SESSION['account'], $_SESSION['type2']); // account.inc
if ($_SESSION['account_old']) list($values, $errors) = checkglobal($_SESSION['account'], $_SESSION['type2'], $_SESSION['account_old']); // account.inc
else list($values, $errors) = checkglobal($_SESSION['account'], $_SESSION['type2']); // account.inc
if (is_object($values)) {
while (list($key, $val) = each($values)) // Set only defined values
if ($val) $_SESSION['account']->$key = $val;
}
else $error = $values;
// Check which part Site should be displayed next
if ($_POST['next'] && ($error=="0"))
if ($_POST['next'] && ($errors==''))
switch ($_SESSION['type2']) {
case 'user': $select_local = 'unix'; break;
case 'group': $select_local = 'quota'; break;
@ -80,8 +78,13 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
break;
case 'unix':
// Write all general values into $_SESSION['account']
if ($_POST['f_unix_password']) $_SESSION['account']->unix_password = $_POST['f_unix_password'];
else $_SESSION['account']->unix_password = '';
if ($_POST['f_unix_password']) {
// Encraypt password
$iv = base64_decode($_COOKIE["IV"]);
$key = base64_decode($_COOKIE["Key"]);
$_SESSION['account']->unix_password = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $_POST['f_unix_password'], MCRYPT_MODE_ECB, $iv));
}
else $_SESSION['account']->unix_password = '';
if ($_POST['f_unix_password_no']) $_SESSION['account']->unix_password_no = true;
else $_SESSION['account']->unix_password_no = false;
if ($_POST['f_unix_pwdwarn']) $_SESSION['account']->unix_pwdwarn = $_POST['f_unix_pwdwarn'];
@ -104,7 +107,7 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
$select_local = 'unix';
}
// Check if values are OK and set automatic values. if not error-variable will be set
else $error = checkunix($_SESSION['account'], $_SESSION['type2']); // account.inc
else $errors = checkunix($_SESSION['account'], $_SESSION['type2']); // account.inc
// Check which part Site should be displayd
// Reset password if reset button was pressed. Button only vissible if account should be modified
if ($_POST['respass']) {
@ -113,13 +116,16 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
}
// Check which part Site should be displayed next
if ($_POST['back']) $select_local = 'general';
else if (($_POST['next']) && ($error=="0")) $select_local = 'samba';
else if (($_POST['next']) && ($errors=='')) $select_local = 'samba';
else $select_local = 'unix';
break;
case 'samba':
// Write all general values into $_SESSION['account']
if ($_POST['f_smb_password']) $_SESSION['account']->smb_password = $_POST['f_smb_password'];
else $_SESSION['account']->smb_password = "";
if ($_POST['f_smb_password'])
// Encrypt password
$_SESSION['account']->smb_password = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, base64_decode($_COOKIE['Key']), $_POST['f_smb_password'],
MCRYPT_MODE_ECB, base64_decode($_COOKIE['IV'])));
else $_SESSION['account']->smb_password = "";
if ($_POST['f_smb_password_no']) $_SESSION['account']->smb_password_no = true;
else $_SESSION['account']->smb_password_no = false;
if ($_POST['f_smb_useunixpwd']) $_SESSION['account']->smb_useunixpwd = $_POST['f_smb_useunixpwd'];
@ -146,16 +152,15 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
if ($_POST['f_smb_flagsX']) $_SESSION['account']->smb_flagsX = $_POST['f_smb_flagsX'];
else $_SESSION['account']->smb_flagsX = false;
// Check if values are OK and set automatic values. if not error-variable will be set
$values = checksamba($_SESSION['account'], $_SESSION['type2']); // account.inc
list($values, $errors) = checksamba($_SESSION['account'], $_SESSION['type2']); // account.inc
if (is_object($values)) {
while (list($key, $val) = each($values)) // Set only defined values
if ($val) $_SESSION['account']->$key = $val;
}
else $error = $values;
// Check which part Site should be displayed next
if ($_POST['back']) $select_local = 'unix';
else if ($_POST['next'])
if ($error=="0")
if($errors=='')
switch ($_SESSION['type2']) {
case 'user': $select_local = 'quota'; break;
case 'host': $select_local = 'final'; break;
@ -173,12 +178,11 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
$i++;
}
// Check if values are OK and set automatic values. if not error-variable will be set
$values = checkquota($_SESSION['account'], $_SESSION['type2']); // account.inc
list($values, $errors) = checkquota($_SESSION['account'], $_SESSION['type2']); // account.inc
if (is_object($values)) {
while (list($key, $val) = each($values)) // Set only defined values
if ($val) $_SESSION['account']->$key = $val;
}
else $error = $values;
// Check which part Site should be displayed next
if ($_POST['back'])
switch ($_SESSION['type2']) {
@ -186,7 +190,7 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
case 'group': $select_local = 'general'; break;
}
else if ($_POST['next'])
if ($error=="0")
if ($errors=='')
switch ($_SESSION['type2']) {
case 'user': $select_local = 'personal'; break;
case 'group': $select_local = 'final'; break;
@ -214,16 +218,15 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
if ($_POST['f_personal_employeeType']) $_SESSION['account']->personal_employeeType = $_POST['f_personal_employeeType'];
else $_SESSION['account']->personal_employeeType = "";
// Check if values are OK and set automatic values. if not error-variable will be set
$values = checkpersonal($_SESSION['account'], $_SESSION['type2']); // account.inc
list($values, $errors) = checkpersonal($_SESSION['account'], $_SESSION['type2']); // account.inc
if (is_object($values)) {
while (list($key, $val) = each($values)) // Set only defined values
if ($val) $_SESSION['account']->$key = $val;
}
else $error = $values;
// Check which part Site should be displayed next
if ($_POST['back']) $select_local = 'quota';
else if ($_POST['next'])
if ($error=="0") $select_local = 'final';
if ($errors=='') $select_local = 'final';
else $select_local = 'personal';
break;
case 'final':
@ -297,7 +300,7 @@ if ($select_local != 'pdf') {
<link rel=\"stylesheet\" type=\"text/css\" href=\"../style/layout.css\">\n
<meta http-equiv=\"pragma\" content=\"no-cache\">\n
<meta http-equiv=\"cache-control\" content=\"no-cache\">\n
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=ISO-8859-1\">";
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=ISO-8859-15\">";
}
switch ($select_local) {
@ -362,8 +365,9 @@ switch ($select_local) {
if ($select_local != 'pdf') {
echo "</head><body>\n";
echo "<form action=\"account.php\" method=\"post\">\n";
if ($error != "0") StatusMessage("ERROR", _("Invalid Value!"), $error);
echo "<table class=\"account\" width=\"100%\">\n";
if (is_array($errors))
for ($i=0; $i<sizeof($errors); $i++) StatusMessage($errors[$i][0], $errors[$i][1], $errors[$i][2]);
}
@ -550,6 +554,11 @@ switch ($select_local) { // Select which part of page will be loaded
break;
case 'unix':
// Unix Password Settings
// decrypt password
$password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, base64_decode($_COOKIE['Key']),
base64_decode($_SESSION['account']->unix_password), MRYPT_MODE_ECB,
base64_decode($_COOKIE['IV']));
$password = str_replace(chr(00), '', $password);
echo '<tr><td><input name="select" type="hidden" value="unix">';
echo _('Unix Properties');
echo '</td></tr>'."\n".'';
@ -558,7 +567,7 @@ switch ($select_local) { // Select which part of page will be loaded
echo '<tr><td>';
echo _('Password');
echo '</td>'."\n".'<td>
<input name="f_unix_password" type="text" size="20" maxlength="20" value="' . $_SESSION['account']->unix_password . '">
<input name="f_unix_password" type="text" size="20" maxlength="20" value="' . $password . '">
</td>'."\n".'<td>
<input name="genpass" type="submit" value="';
echo _('Generate Password'); echo '">
@ -687,13 +696,18 @@ switch ($select_local) { // Select which part of page will be loaded
case 'samba':
// Samba Settings
echo '<tr><td><input name="select" type="hidden" value="samba">'; echo _('Samba Properties'); echo '</td></tr>'."\n";
// decrypt password
$password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, base64_decode($_COOKIE['Key']),
base64_decode($_SESSION['account']->smb_password), MRYPT_MODE_ECB,
base64_decode($_COOKIE['IV']));
$password = str_replace(chr(00), '', $password);
switch ( $_SESSION['type2'] ) {
case 'user':
// Set Account is samba-workstation to false
$_SESSION['account']->smb_flagsW = 0;
echo '<tr><td>';
echo _('Samba Password');
echo '</td>'."\n".'<td><input name="f_smb_password" type="text" size="20" maxlength="20" value="' . $_SESSION['account']->smb_password . '">
echo '</td>'."\n".'<td><input name="f_smb_password" type="text" size="20" maxlength="20" value="' . $password . '">
</td>'."\n".'<td><input name="f_smb_useunixpwd" type="checkbox"';
if ($_SESSION['account']->smb_useunixpwd) echo ' checked ';
echo '>';

31
lam/templates/masscreate.php
View File

@ -56,7 +56,7 @@ if ($select!='pdf') {
<link rel="stylesheet" type="text/css" href="../style/layout.css">
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">';
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-15">';
}
switch ($select) {
@ -115,7 +115,6 @@ switch ($select) {
case 'list':
if (!is_array($accounts)) $accounts = array();
$handle = fopen($_FILES['userfile']['tmp_name'], 'r');
$error=false;
$groups = array();
echo '<tr><td>';
echo _('Confirm List');
@ -137,38 +136,42 @@ switch ($select) {
if ($line_array[12]) $_SESSION['accounts'][$row]->personal_employeeType = $line_array[12];
$_SESSION['accounts'][$row]->unix_password=genpasswd();
$_SESSION['accounts'][$row]->smb_password=genpasswd();
$values = checkglobal($_SESSION['accounts'][$row], 'user'); // account.inc
list($values, $errors) = checkglobal($_SESSION['accounts'][$row], 'user'); // account.inc
if (is_object($values)) {
while (list($key, $val) = each($values)) // Set only defined values
if ($val) $_SESSION['accounts'][$row]->$key = $val;
$_SESSION['accounts'][$row]->general_uidNumber="";
}
else $error = $values;
if (!$error) {
$values = checkpersonal($_SESSION['accounts'][$row], 'user'); // account.inc
if ($errors=='') {
list($values, $errors) = checkpersonal($_SESSION['accounts'][$row], 'user'); // account.inc
if (is_object($values)) {
while (list($key, $val) = each($values)) // Set only defined values
if ($val) $_SESSION['accounts'][$row]->$key = $val;
}
else $error = $values;
}
if (!$error) {
$values = checksamba($_SESSION['accounts'][$row], 'user'); // account.inc
if ($errors=='') {
list($values, $errors) = checksamba($_SESSION['accounts'][$row], 'user'); // account.inc
if (is_object($values)) {
while (list($key, $val) = each($values)) // Set only defined values
if ($val) $_SESSION['accounts'][$row]->$key = $val;
}
else $error = $values;
$values = checkquota($_SESSION['accounts'][$row], 'user'); // account.inc
}
if (!$error) {
if ($errors=='') {
list($values, $errors) = checkquota($_SESSION['accounts'][$row], 'user'); // account.inc
if (is_object($values)) {
while (list($key, $val) = each($values)) // Set only defined values
if ($val) $_SESSION['accounts'][$row]->$key = $val;
}
else $error = $values;
}
if ($error) StatusMessage('ERROR', _('Invalid Value in row ').$row.'!', $error);
if ($errors=='') {
list($values, $errors) = checkpersonal($_SESSION['accounts'][$row], 'user'); // account.inc
if (is_object($values)) {
while (list($key, $val) = each($values)) // Set only defined values
if ($val) $_SESSION['accounts'][$row]->$key = $val;
}
}
if (is_array($errors))
for ($i=0; $i<sizeof($errors); $i++) StatusMessage($errors[$i][0], _('Invalid Value in row ').$row.'!', $errors[$i][2]);
if ((getgid($_SESSION['accounts'][$row]->general_group)==-1) && (!in_array($_SESSION['accounts'][$row]->general_group, $groups))) $groups[] = $_SESSION['accounts'][$row]->general_group;
}
for ($i=0; $i<sizeof($groups); $i++)