diff --git a/lam/lib/account.inc b/lam/lib/account.inc index 63aa710a..830aef17 100644 --- a/lam/lib/account.inc +++ b/lam/lib/account.inc @@ -236,7 +236,18 @@ class cache { */ function update_cache($dn, $mode, $attributes=false) { $allowed_modes = array ( 'add', 'remove', 'modify', 'delete_dn' ); - $allowed_types = array ( 'user', 'group', 'host', 'domain', '*' ); + $allowed_types = array ( 'user', 'group', 'host', '*' ); + for ($i=0; $i"; + // *** fixme, where is get_DomainSuffix + If ($scope != '*') eval($function); + else $suffix = ''; + if (substr($suffix, $dn)) $singlescope = $allowed_types[$i]; + } + } if (!in_array($singlescope, $allowed_types)) trigger_error(sprintf(_('Invalid scope. Valid scopes are %s.'), implode(" ", $allowed_types)), E_USER_ERROR); if (!in_array($mode, $allowed_modes)) trigger_error(sprintf(_('Invalid mode. Valid modes are %s.'), implode(" ", $allowed_modes)), E_USER_ERROR); // Everything seems to be OK, start processing data diff --git a/lam/lib/modules/account.inc b/lam/lib/modules/account.inc index 21a3aaa9..7d844335 100644 --- a/lam/lib/modules/account.inc +++ b/lam/lib/modules/account.inc @@ -90,6 +90,18 @@ class account { return array('attributes'); } + /* + */ + function get_help($id) { + switch ($id) { + case "description": + return array ("ext" => "FALSE", "Headline" => _("Description"), + "Text" => _("Host Description.")); + break; + } + return false; + } + /* This function returns all ldap attributes * which are part of account and returns * also their values. @@ -161,7 +173,7 @@ class account { echo "\n"; echo "" . _('Description') . "\n"; echo "attributes['description'][0]."\">\n"; - echo "" . _('Help') . "\n"; + echo "" . _('Help') . "\n"; echo "\n"; echo "\n"; return 0; diff --git a/lam/lib/modules/posixAccount.inc b/lam/lib/modules/posixAccount.inc index de26c4c1..339b3a11 100644 --- a/lam/lib/modules/posixAccount.inc +++ b/lam/lib/modules/posixAccount.inc @@ -118,17 +118,13 @@ class posixAccount { function userPassword($newpassword=false) { if (is_string($newpassword)) { // Write new password - if ($newpassword!='') { - $this->attributes['userPassword'][0] = base64_encode($_SESSION['ldap']->encrypt($newpassword)); - } - else $this->attributes['userPassword'][0] = ''; + $this->attributes['userPassword'][0] = base64_encode($_SESSION[$_SESSION[$this->base]->ldap]->encrypt($newpassword)); return 0; } else { if ($this->attributes['userPassword'][0]!='') { // Read existing password if set - $password = $_SESSION['ldap']->decrypt(base64_decode($this->attributes['userPassword'][0])); - return $password; + return $_SESSION[$_SESSION[$this->base]->ldap]->decrypt(base64_decode($this->attributes['userPassword'][0])); } else return ''; } @@ -161,7 +157,7 @@ class posixAccount { function profile_attributes() { // array of attribtues wich are unique and not allowed to store in profile - array unique_attributes ( 'user' => array ('cn', 'rid', 'uid', 'uidNumber', 'userPassword') ); + //array unique_attributes ( 'user' => array ('cn', 'rid', 'uid', 'uidNumber', 'userPassword') ); } /* This function returns all ldap attributes diff --git a/lam/lib/modules/posixGroup.inc b/lam/lib/modules/posixGroup.inc index 409cc622..c0056f52 100644 --- a/lam/lib/modules/posixGroup.inc +++ b/lam/lib/modules/posixGroup.inc @@ -107,17 +107,13 @@ class posixGroup { function userPassword($newpassword=false) { if (is_string($newpassword)) { // Write new password - if ($newpassword!='') { - $this->attributes['userPassword'][0] = base64_encode($_SESSION['ldap']->encrypt($newpassword)); - } - else $this->attributes['userPassword'][0] = ''; + $this->attributes['userPassword'][0] = base64_encode($_SESSION[$_SESSION[$this->base]->ldap]->encrypt($newpassword)); return 0; } else { if ($this->attributes['userPassword'][0]!='') { // Read existing password if set - $password = $_SESSION['ldap']->decrypt(base64_decode($this->attributes['userPassword'][0])); - return $password; + return $_SESSION[$_SESSION[$this->base]->ldap]->decrypt(base64_decode($this->attributes['userPassword'][0])); } else return ''; } diff --git a/lam/lib/modules/sambaAccount.inc b/lam/lib/modules/sambaAccount.inc index c3b93d8f..94a7fecb 100644 --- a/lam/lib/modules/sambaAccount.inc +++ b/lam/lib/modules/sambaAccount.inc @@ -109,15 +109,14 @@ class sambaAccount { function lmPassword($newpassword=false) { if (is_string($newpassword)) { // Write new password - $this->attributes['lmPassword'][0] = base64_encode($_SESSION['ldap']->encrypt($newpassword)); + $this->attributes['lmPassword'][0] = base64_encode($_SESSION[$_SESSION[$this->base]->ldap]->encrypt($newpassword)); return 0; } else { if ($this->useunixpwd) return $_SESSION[$this->base]->module['posixAccount']->userPassword(); if ($this->attributes['lmPassword'][0]!='') { // Read existing password if set - $password = $_SESSION['ldap']->decrypt(base64_decode($this->attributes['lmPassword'][0])); - return $password; + return $_SESSION[$_SESSION[$this->base]->ldap]->decrypt(base64_decode($this->attributes['lmPassword'][0])); } else return ''; } diff --git a/lam/lib/modules/sambaSamAccount.inc b/lam/lib/modules/sambaSamAccount.inc index 9095408a..cbec2c36 100644 --- a/lam/lib/modules/sambaSamAccount.inc +++ b/lam/lib/modules/sambaSamAccount.inc @@ -109,15 +109,14 @@ class sambaSamAccount { function sambaLMPassword($newpassword=false) { if (is_string($newpassword)) { // Write new password - $this->attributes['sambaLMPassword'][0] = base64_encode($_SESSION['ldap']->encrypt($newpassword)); + $this->attributes['sambaLMPassword'][0] = base64_encode($_SESSION[$_SESSION[$this->base]->ldap]->encrypt($newpassword)); return 0; } else { if ($this->useunixpwd) return $_SESSION[$this->base]->module['posixAccount']->userPassword(); if ($this->attributes['sambaLMPassword'][0]!='') { // Read existing password if set - $password = $_SESSION['ldap']->decrypt(base64_decode($this->attributes['sambaLMPassword'][0])); - return $password; + return $_SESSION[$_SESSION[$this->base]->ldap]->decrypt(base64_decode($this->attributes['sambaLMPassword'][0])); } else return ''; } diff --git a/lam/templates/account/groupedit.php b/lam/templates/account/groupedit.php index 8a48bd3e..98ad174a 100644 --- a/lam/templates/account/groupedit.php +++ b/lam/templates/account/groupedit.php @@ -31,6 +31,17 @@ include_once('../../lib/status.inc'); // Return error-message include_once('../../lib/pdf.inc'); // Return a pdf-file include_once('../../lib/ldap.inc'); // LDAP-functions +/* We have to include all modules +* before start session +* *** fixme I would prefer loading them dynamic but +* i don't know how to to this +*/ +$dir = opendir('../../lib/modules'); +while ($entry = readdir($dir)) + if (is_file('../../lib/modules/'.$entry)) include_once ('../../lib/modules/'.$entry); + + + // Start session session_save_path('../../sess'); @session_start(); @@ -38,828 +49,25 @@ session_save_path('../../sess'); // Redirect to startpage if user is not loged in if (!isset($_SESSION['loggedIn'])) { metaRefresh("../login.php"); - die; + exit; } // Set correct language, codepages, .... setlanguage(); -/* groupedit.php is using dynamic session varialenames so -* we can run several copies of groupedit.php at the same -* time -* $varkey is the dynamic part of the variable name -*/ -if (!isset($_POST['varkey'])) $varkey = session_id().time(); - else $varkey = $_POST['varkey']; - -if (!isset($_SESSION['account_'.$varkey.'_account_new'])) $_SESSION['account_'.$varkey.'_account_new'] = new account(); -if (!isset($_SESSION['account_'.$varkey.'_final_changegids'])) $_SESSION['account_'.$varkey.'_final_changegids'] = ''; - -// Register Session-Variables with references so we don't net to change to complete code if names changes -$account_new =& $_SESSION['account_'.$varkey.'_account_new']; -$final_changegids =& $_SESSION['account_'.$varkey.'_final_changegids']; -if (is_object($_SESSION['account_'.$varkey.'_account_old'])) $account_old =& $_SESSION['account_'.$varkey.'_account_old']; -$ldap_intern =& $_SESSION['ldap']; -$config_intern =& $_SESSION['config']; -$header_intern =& $_SESSION['header']; -$userDN_intern =& $_SESSION['userDN']; - -// $_GET is only valid if groupedit.php was called from grouplist.php -if (isset($_GET['DN']) && $_GET['DN']!='') { - // groupedit.php should edit an existing account - // reset variables - if (isset($_SESSION['account_'.$varkey.'_account_old'])) { - unset($account_old); - unset($_SESSION['account_'.$varkey.'_account_old']); - } - $_SESSION['account_'.$varkey.'_account_old'] = new account(); - $account_old =& $_SESSION['account_'.$varkey.'_account_old']; - // get "real" DN from variable - $DN = str_replace("\'", '',$_GET['DN']); - // Load existing group - $account_new = loadgroup($DN); - // Get a copy of original host - $account_old = $account_new; - // Store only DN without cn=$name - $account_new->general_dn = substr($account_new->general_dn, strpos($account_new->general_dn, ',')+1); - $final_changegids = ''; - // Display general-page - $select_local = 'general'; +if (!isset($_SESSION['cache'])) { + $_SESSION['cache'] = new cache(); + } +if ($_GET['DN']) { + //load account + $DN = str_replace("\'", '', $_GET['DN']); + $_SESSION['account'] = new accountContainer('group', 'account'); + $_SESSION['account']->load_account($DN); } -// Startcondition. groupedit.php was called from outside to create a new group else if (count($_POST)==0) { - // Create new account object with settings from default profile - $account_new = loadGroupProfile('default'); - $account_new ->type = 'group'; - if ($config_intern->scriptServer) { - // load quotas and check if quotas from profile are valid - $quotas = getquotas(array($account_new)); - for ($i=0; $iquota); $i++) $profile_quotas[] = $account_new->quota[$i][0]; - for ($i=0; $iquota); $i++) { - $real_quotas[] = $quotas[0]->quota[$i][0]; - if (is_array($profile_quotas)) { - if (!in_array($quotas[0]->quota[$i][0], $profile_quotas)) $account_new->quota[]=$quotas[0]->quota[$i]; - } - else $account_new->quota[]=$quotas[0]->quota[$i]; - } - $j=0; - // delete not existing quotas - while (isset($account_new->quota[$j][0])) { - // remove invalid quotas - if (!in_array($account_new->quota[$j][0], $real_quotas)) unset($account_new->quota[$j]); - else $j++; - } - // Beautify array, repair index - if (is_array($account_new->quota)) $account_new->quota = array_values($account_new->quota); - // Set used blocks - for ($i=0; $iquota); $i++) { - $account_new->quota[$i][1] = 0; - $account_new->quota[$i][5] = 0; - } - } - // Display general-page - $select_local = 'general'; + $_SESSION['account'] = new accountContainer('group', 'account'); + $_SESSION['account']->new_account(); } +$_SESSION['account']->continue_main($_POST); -switch ($_POST['select']) { - /* Select which part of page should be loaded and check values - * groupmembers = page with all users which are additional members of group - * general = startpage, general account paramters - * samba = page with all samba-related parameters e.g. smbpassword - * quota = page with all quota-related parameters e.g. hard file quota - * final = last page shown before account is created/modified - * finish = page shown after account has been created/modified - */ - case 'groupmembers': - do { // X-Or, only one if() can be true - if (isset($_POST['users']) && isset($_POST['add'])) { // Add users to list - // Add new user - $account_new->unix_memberUid = array_merge($account_new->unix_memberUid, $_POST['users']); - // remove doubles - $account_new->unix_memberUid = array_flip($account_new->unix_memberUid); - array_unique($account_new->unix_memberUid); - $account_new->unix_memberUid = array_flip($account_new->unix_memberUid); - // sort users - sort($account_new->unix_memberUid); - break; - } - if (isset($_POST['members']) && isset($_POST['remove'])) { // remove users from list - $account_new->unix_memberUid = array_delete($_POST['members'], $account_new->unix_memberUid); - break; - } - } while(0); - // display groupmembers page - $select_local = 'groupmembers'; - break; - case 'general': - if (!$_POST['load']) { - if (($account_new->general_username != $_POST['f_general_username']) && ereg('[A-Z]$', $_POST['f_general_username'])) - $errors[] = array('WARN', _('Groupname'), _('You are using a capital letters. This can cause problems because not all programs are case-sensitive.')); - // Write all general attributes into $account_new if no profile should be loaded - $account_new->general_dn = $_POST['f_general_suffix']; - $account_new->general_username = $_POST['f_general_username']; - $account_new->general_uidNumber = $_POST['f_general_uidNumber']; - $account_new->general_gecos = $_POST['f_general_gecos']; - - // Check if values are OK and set automatic values. if not error-variable will be set - // Check if Groupname contains only valid characters - if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*$', $account_new->general_username)) - $errors[] = array('ERROR', _('Groupname'), _('Groupname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !')); - if ($account_new->general_gecos=='') { - $account_new->general_gecos = $account_new->general_username ; - $errors[] = array('INFO', _('Gecos'), _('Inserted groupname in gecos-field.')); - } - // Create automatic groupaccount with number if original group already exists - // Reset name to original name if new name is in use - if (ldapexists($account_new, $account_old) && is_object($account_old)) - $account_new->general_username = $account_old->general_username; - while ($temp = ldapexists($account_new, $account_old)) { - // get last character of username - $lastchar = substr($account_new->general_username, strlen($account_new->general_username)-1, 1); - // Last character is no number - if ( !ereg('^([0-9])+$', $lastchar)) - /* Last character is no number. Therefore we only have to - * add "2" to it. - */ - $account_new->general_username = $account_new->general_username . '2'; - else { - /* Last character is a number -> we have to increase the number until we've - * found a groupname with trailing number which is not in use. - * - * $i will show us were we have to split groupname so we get a part - * with the groupname and a part with the trailing number - */ - $i=strlen($account_new->general_username)-1; - $mark = false; - // Set $i to the last character which is a number in $account_new->general_username - while (!$mark) { - if (ereg('^([0-9])+$',substr($account_new->general_username, $i, strlen($account_new->general_username)-$i))) $i--; - else $mark=true; - } - // increase last number with one - $firstchars = substr($account_new->general_username, 0, $i+1); - $lastchars = substr($account_new->general_username, $i+1, strlen($account_new->general_username)-$i); - // Put groupname together - $account_new->general_username = $firstchars . (intval($lastchars)+1); - } - } - // Show warning if lam has changed groupname - if ($account_new->general_username != $_POST['f_general_username']) $errors[] = array('WARN', _('Groupname'), _('Groupname already in use. Selected next free groupname.')); - // Check if UID is valid. If none value was entered, the next useable value will be inserted - $temp = explode(':', checkid($account_new, $account_old)); - $account_new->general_uidNumber = $temp[0]; - // true if checkid has returned an error - if ($temp[1]!='') $errors[] = explode(';',$temp[1]); - // Check if Name-length is OK. minLength=3, maxLength=20 - if ( !ereg('.{3,20}', $account_new->general_username)) $errors[] = array('ERROR', _('Name'), _('Name must contain between 3 and 20 characters.')); - // Check if Name starts with letter - if ( !ereg('^([a-z]|[A-Z]).*$', $account_new->general_username)) - $errors[] = array('ERROR', _('Name'), _('Name contains invalid characters. First character must be a letter.')); - } - break; - case 'samba': - // Write all samba attributes into $account_new - // Get all domains - $samba3domains = $ldap_intern->search_domains($config_intern->get_domainSuffix()); - // Search the corrct domain in array - unset($account_new->smb_domain); - $i = 0; - while (!is_object($account_new->smb_domain) && isset($samba3domains[$i])) { - if ($_POST['f_smb_domain'] == $samba3domains[$i]->name) - $account_new->smb_domain = $samba3domains[$i]; - else $i++; - } - $account_new->smb_displayName = $_POST['f_smb_displayName']; - // Check if group SID should be mapped to a well known SID - switch ($_POST['f_smb_mapgroup']) { - case '*'._('Domain Guests'): $account_new->smb_mapgroup = $account_new->smb_domain->SID . "-" . '514'; break; - case '*'._('Domain Users'): $account_new->smb_mapgroup = $account_new->smb_domain->SID . "-" . '513'; break; - case '*'._('Domain Admins'): $account_new->smb_mapgroup = $account_new->smb_domain->SID . "-" . '512'; break; - case $account_new->general_username: - $account_new->smb_mapgroup = $account_new->smb_domain->SID . "-". - (2 * $account_new->general_uidNumber + $account_new->smb_domain->RIDbase +1); - break; - } - // Check if values are OK and set automatic values. if not error-variable will be set - if (($account_new->smb_displayName=='') && isset($account_new->general_gecos)) { - $account_new->smb_displayName = $account_new->general_gecos; - $errors[] = array('INFO', _('Display name'), _('Inserted gecos-field as display name.')); - } - break; - case 'quota': - // Write all general values into $account_new - $i=0; - // loop for every mointpoint with quotas - while ($account_new->quota[$i][0]) { - $account_new->quota[$i][2] = $_POST['f_quota_'.$i.'_2']; - $account_new->quota[$i][3] = $_POST['f_quota_'.$i.'_3']; - $account_new->quota[$i][6] = $_POST['f_quota_'.$i.'_6']; - $account_new->quota[$i][7] = $_POST['f_quota_'.$i.'_7']; - // Check if values are OK and set automatic values. if not error-variable will be set - if (!ereg('^([0-9])*$', $account_new->quota[$i][2])) - $errors[] = array('ERROR', _('Block soft quota'), _('Block soft quota contains invalid characters. Only natural numbers are allowed')); - if (!ereg('^([0-9])*$', $account_new->quota[$i][3])) - $errors[] = array('ERROR', _('Block hard quota'), _('Block hard quota contains invalid characters. Only natural numbers are allowed')); - if (!ereg('^([0-9])*$', $account_new->quota[$i][6])) - $errors[] = array('ERROR', _('Inode soft quota'), _('Inode soft quota contains invalid characters. Only natural numbers are allowed')); - if (!ereg('^([0-9])*$', $account_new->quota[$i][7])) - $errors[] = array('ERROR', _('Inode hard quota'), _('Inode hard quota contains invalid characters. Only natural numbers are allowed')); - $i++; - } - break; - case 'final': - // Ask if we should change gidNumber of every user which is member of the group - if ($_POST['f_final_changegids']) $final_changegids = $_POST['f_final_changegids'] ; - break; - case 'finish': - // Check if pdf-file should be created - if ($_POST['outputpdf']) { - // Load quotas if not yet done because they are needed for the pdf-file - if ($config_intern->scriptServer && !isset($account_new->quota[0])) { // load quotas - $quotas = getquotas(array($account_old)); - $account_new->quota = $quotas[0]->quota; - } - // Create / display PDf-file - createGroupPDF(array($account_new)); - // Stop script - die; - } - break; - } - - -do { // X-Or, only one if() can be true - if ($_POST['next_members']) { - // Go from groupmembers to next page if no error did ocour - if (!is_array($errors)) $select_local='groupmembers'; - else $select_local=$_POST['select']; - break; - } - if ($_POST['next_general']) { - // Go from general to next page if no error did ocour - if (!is_array($errors)) $select_local='general'; - else $select_local=$_POST['select']; - break; - } - if ($_POST['next_samba']) { - // Go from samba to next page if no error did ocour - if (!is_array($errors)) $select_local='samba'; - else $select_local=$_POST['select']; - break; - } - if ($_POST['next_quota']) { - // Go from quota to next page if no error did ocour - if (!is_array($errors)) $select_local='quota'; - else $select_local=$_POST['select']; - break; - } - if ($_POST['next_final']) { - // Check if objectclasses are OK - if (is_array($errors)) $stay=true; - else $stay = false; - if ($config_intern->is_samba3() && !isset($account_new->smb_domain)) { - // Samba page not viewed; can not create group because if missing options - $errors[] = array("ERROR", _("Samba Options not set!"), _("Please check settings on samba page.")); - $stay = true; - } - if (isset($account_old->general_objectClass)) { - if (($config_intern->is_samba3()) && (!in_array('sambaGroupMapping', $account_old->general_objectClass))) - $errors[] = array('WARN', _('ObjectClass sambaGroupMapping not found.'), _('Have to add objectClass sambaGroupMapping.')); - if (!in_array('posixGroup', $account_old->general_objectClass)) - $errors[] = array('WARN', _('ObjectClass posixGroup not found.'), _('Have to add objectClass posixGroup.')); - } - // Show info if gidNumber has changed - if (($account_old) && ($account_new->general_uidNumber != $account_old->general_uidNumber)) - $errors[] = array('INFO', _('GID-number has changed. You have to run the following command as root in order to change existing file-permissions:'), - 'find / -gid ' . $account_old->general_uidNumber . ' -exec chgrp ' . $account_new->general_uidNumber . ' {} \;'); - // Go from final to next page if no error did ocour - if (!$stay) $select_local='final'; - else $select_local=$_POST['select']; - break; - } - // Reset account to original settings if undo-button was pressed - if ($_POST['next_reset']) { - $account_new = $account_old; - $account_new->general_dn = substr($account_new->general_dn, strpos($account_new->general_dn, ',')+1); - $select_local = $_POST['select']; - break; - } - // Create-Button was pressed - if ( $_POST['create'] ) { - // Create or modify an account - if ($account_old) $result = modifygroup($account_new,$account_old); - else $result = creategroup($account_new); // account.inc - if ( $result==4 || $result==5 ) $select_local = 'final'; - else $select_local = 'finish'; - break; - } - // Load Profile and reset all attributes to settings in profile - if ($_POST['createagain']) { - $select_local='general'; - unset ($_SESSION['account_'.$varkey.'_account_new']); - unset($account_new); - $_SESSION['account_'.$varkey.'_account_new'] = loadGroupProfile('default'); - $account_new =& $_SESSION['account_'.$varkey.'_account_new']; - $account_new ->type = 'group'; - break; - } - // Go back to listgroups.php - if ($_POST['backmain']) { - if (isset($_SESSION['account_'.$varkey.'_account_new'])) unset($_SESSION['account_'.$varkey.'_account_new']); - if (isset($_SESSION['account_'.$varkey.'_account_old'])) unset($_SESSION['account_'.$varkey.'_account_old']); - if (isset($_SESSION['account_'.$varkey.'_final_changegids'])) unset($_SESSION['account_'.$varkey.'_final_changegids']); - metaRefresh("../lists/listgroups.php"); - die; - break; - } - // Load Profile and reset all attributes to settings in profile - if ($_POST['load']) { - $account_new->general_dn = $_POST['f_general_suffix']; - $account_new->general_username = $_POST['f_general_username']; - $account_new->general_uidNumber = $_POST['f_general_uidNumber']; - $account_new->general_gecos = $_POST['f_general_gecos']; - // load profile - if ($_POST['f_general_selectprofile']!='') $values = loadGroupProfile($_POST['f_general_selectprofile']); - if (is_object($values)) { - while (list($key, $val) = each($values)) // Set only defined values - if (isset($val)) $account_new->$key = $val; - } - if ($config_intern->scriptServer) { - // load quotas and check if quotas from profile are valid - $quotas = getquotas(array($account_new)); - for ($i=0; $iquota); $i++) $profile_quotas[] = $account_new->quota[$i][0]; - for ($i=0; $iquota); $i++) { - $real_quotas[] = $quotas[0]->quota[$i][0]; - if (is_array($profile_quotas)) { - if (!in_array($quotas[0]->quota[$i][0], $profile_quotas)) $account_new->quota[]=$quotas[0]->quota[$i]; - } - else $account_new->quota[]=$quotas[0]->quota[$i]; - } - $j=0; - // delete not existing quotas - while (isset($account_new->quota[$j][0])) { - // remove invalid quotas - if (!in_array($account_new->quota[$j][0], $real_quotas)) unset($account_new->quota[$j]); - else $j++; - } - // Beautify array, repair index - if (is_array($account_new->quota)) $account_new->quota = array_values($account_new->quota); - // Set used blocks - if (isset($account_old)) { - for ($i=0; $iquota); $i++) - for ($j=0; $jquota); $j++) - if ($quotas[0]->quota[$j][0] == $account_new->quota[$i][0]) { - $account_new->quota[$i][1] = $quotas[0]->quota[$i][1]; - $account_new->quota[$i][4] = $quotas[0]->quota[$i][4]; - $account_new->quota[$i][5] = $quotas[0]->quota[$i][5]; - $account_new->quota[$i][8] = $quotas[0]->quota[$i][8]; - } - } - else for ($i=0; $iquota); $i++) { - $account_new->quota[$i][1] = 0; - $account_new->quota[$i][5] = 0; - } - } - // select general page after group has been loaded - $select_local='general'; - break; - } - // Save Profile - if ($_POST['save']) { - // save profile - if ($_POST['f_finish_safeProfile']=='') - $errors[] = array('ERROR', _('Save profile'), _('No profilename given.')); - else { - if (saveGroupProfile($account_new, $_POST['f_finish_safeProfile'])) - $errors[] = array('INFO', _('Save profile'), _('New profile created.')); - else $errors[] = array('ERROR', _('Save profile'), _('Wrong profilename given.')); - } - // select last page displayed before user is created - $select_local='final'; - break; - } - if ($_POST['groupmembers']) { - $select_local='groupmembers'; - break; - } - } while(0); - -// Write HTML-Header -echo $header_intern; -echo ""; -echo _("Create new Account"); -echo "\n". - "\n". - "\n". - "\n". - "\n". - "
\n". - "\n"; - -// Display errir-messages -if (is_array($errors)) - for ($i=0; $iunix_memberUid, $users); - /* Now we have to remove all users from list who are primary member of group - * At the moment lam is doing an extra ldap-search. In future this should be done - * via cache-array **** fixme - */ - // Do a ldap-search - if (isset($account_old->general_uidNumber)) - $result = ldap_search($_SESSION['ldap']->server(), $_SESSION['config']->get_UserSuffix(), "(&(objectClass=PosixAccount)(gidNumber=$account_old->general_uidNumber))", array('cn')); - else $result = ldap_search($_SESSION['ldap']->server(), $_SESSION['config']->get_UserSuffix(), "(&(objectClass=PosixAccount)(gidNumber=$account_new->general_uidNumber))", array('cn')); - $entry = ldap_first_entry($_SESSION['ldap']->server(), $result); - // loop for every user which is primary member of group - while ($entry) { - $attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry); - if (isset($attr['cn'][0])) { - // Remove user from user list - $users = @array_flip($users); - unset ($users[$attr['cn'][0]]); - $users = @array_flip($users); - } - // Go to next entry - $entry = ldap_next_entry($_SESSION['ldap']->server(), $entry); - } - - echo "\n"; - echo "\n\n\n
"; - echo "
"; - echo _('Please select page:'); - echo "\n"; - echo "\n
"; - echo "\n
"; - // samba 2.2 doesn't have any settings for groups - if ($config_intern->is_samba3()) { - echo "\n
"; - } - echo "scriptPath)) echo " disabled "; - echo "value=\""; echo _('Quota'); echo "\">\n
"; - echo ""; - if (isset($account_old)) { - echo "

"; - echo _("Reset all changes."); - echo "
"; - echo "\n"; - } - echo "
"; - echo "
". _('Additional group members') . "\n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n\n
"; - echo _('Group members'); - echo ""; - // display all users which are additional members of group - if (count($account_new->unix_memberUid)!=0) { - echo "\n"; - } - echo "
"; - echo " "; - echo "\">

"; - echo ""._('Help')."
"; - echo _('Available users'); - echo "\n"; - // Display all users which are not member of group in any way - if ((count($users)!=0) && is_array($users)) { - echo "\n"; - } - echo "
\n
\n
\n"; - break; - case 'general': - // General Account Settings - // load list of profiles - $profilelist = getGroupProfiles(); - // Show page info - echo "\n"; - echo "\n\n
"; - echo "
"; - echo _('Please select page:'); - echo "\n"; - echo "\n
"; - echo "\n
"; - // samba 2.2 doesn't have any settings for groups - if ($config_intern->is_samba3()) { - echo "\n
"; - } - echo "scriptPath)) echo " disabled "; - echo "value=\""; echo _('Quota'); echo "\">\n
"; - echo ""; - if (isset($account_old)) { - echo "

"; - echo _("Reset all changes."); - echo "
"; - echo "\n"; - } - echo "
"; - echo "\n\n\n
"; - echo "
"; - echo _("General properties"); - echo "\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n". - "\n\n\n\n\n\n\n
"; - echo _("Groupname")."*"; - echo "". - "general_username."\">". - ""._('Help')."
"; - echo _('GID number'); - echo "general_uidNumber."\">". - ""._('Help'). - "
"; - echo _('Description'); - echo "general_gecos."\">"._('Help')."
"; - echo _('Suffix'); echo ""._('Help'). - "
"; - echo _('Values with * are required'); - echo "
\n
"; - // Show fieldset with list of all group profiles - if (count($profilelist)!=0) { - echo "
"; - echo _("Load profile"); - echo "\n\n\n\n\n
"; - echo "\n". - ""; - echo _('Help')."
\n
\n"; - } - echo "
\n
\n"; - break; - case 'samba': - // Samba Settings - // samba 2.2 doesn't have any settings for groups - $samba3domains = $ldap_intern->search_domains($config_intern->get_domainSuffix()); - echo "\n"; - echo "\n\n\n
"; - echo "
"; - echo _('Please select page:'); - echo "\n"; - echo "\n
"; - echo "\n
"; - echo "\n
"; - echo "scriptPath)) echo " disabled "; - echo "value=\""; echo _('Quota'); echo "\">\n
"; - echo ""; - if (isset($account_old)) { - echo "

"; - echo _("Reset all changes."); - echo "
"; - echo "\n"; - } - echo "
"; - echo "
"._('Samba properties')."\n"; - echo "\n\n\n\n\n\n\n'."\n".'\n\n"; - echo "
"; - echo _("Display name"); - echo "". - "smb_displayName."\">". - ""._('Help')."
"; - echo _('Windows groupname'); - echo "". - ''._('Help').''. - '
'; - echo _('Domain'); - echo ''; - // select which domain name should be displayed - if (count($samba3domains)!=0) { - echo ''; - } - echo ""._('Help')."
\n
\n
\n"; - break; - case 'quota': - // Quota Settings - // Load quotas if not yet done - if ($config_intern->scriptServer && !isset($account_new->quota[0]) ) { // load quotas - $quotas = getquotas(array($account_new)); - $account_new->quota = $quotas[0]->quota; - } - echo "\n"; - echo "\n\n\n
"; - echo "
"; - echo _('Please select page:'); - echo "\n"; - echo "\n
"; - echo "\n
"; - // samba 2.2 doesn't have any settings for groups - if ($config_intern->is_samba3()) { - echo "\n
"; - } - echo "\n
"; - echo ""; - if (isset($account_old)) { - echo "

"; - echo _("Reset all changes."); - echo "
"; - echo "\n"; - } - echo "
"; - echo ''; - echo "
"._('Quota properties')."\n"; - echo "'."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n"; - echo ''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n"; - $i=0; - // loop for every mointpoint with enabled quotas - while ($account_new->quota[$i][0]) { - echo ''; // used blocks - echo ''; // blocks soft limit - echo ''; // blocks hard limit - echo ''; // block grace period - echo ''; // used inodes - echo ''; // inodes soft limit - echo ''; // inodes hard limit - echo ''; // inodes grace period - $i++; - } - echo "
"; - echo _('Mountpoint'); echo ''; echo _('Used blocks'); echo ''; - echo _('Soft block limit'); echo ''; echo _('Hard block limit'); echo ''; echo _('Grace block period'); - echo ''; echo _('Used inodes'); echo ''; echo _('Soft inode limit'); echo ''; - echo _('Hard inode limit'); echo ''; echo _('Grace inode period'); echo '
'._('Help').''._('Help').''. - ''._('Help').''._('Help').''. - ''._('Help').''._('Help').''. - ''._('Help').''._('Help').''. - ''._('Help').'
'.$account_new->quota[$i][0].''.$account_new->quota[$i][1].''.$account_new->quota[$i][4].''.$account_new->quota[$i][5].''.$account_new->quota[$i][8].'
\n
\n
\n"; - break; - case 'final': - // Final Settings - $disabled = ""; - if ($config_intern->is_samba3() && !isset($account_new->smb_domain)) - // Samba page not viewed; can not create group because if missing options - $disabled = "disabled"; - - echo ''; - echo "\n"; - echo "\n\n
"; - echo "
"; - echo _('Please select page:'); - echo "\n"; - echo "\n
"; - echo "\n
"; - if ($config_intern->is_samba3()) { - echo "\n
"; - } - echo "scriptPath)) echo " disabled "; - echo "value=\""; echo _('Quota'); echo "\">\n
"; - echo ""; - if (isset($account_old)) { - echo "

"; - echo _("Reset all changes."); - echo "
"; - echo "\n"; - } - echo "
"; - echo "\n\n\n
"; - echo "
"; - echo _("Save profile"); - echo "\n\n\n\n\n
"; - echo ''; - echo "'._('Help'); - echo "
\n
\n
\n"; - echo "
"; - if ($account_old) echo _('Modify'); - else echo _('Create'); - echo "\n"; - echo ""; - // Ask if gidNumbers of primary group members should be changed - if (($account_old) && ($account_new->general_uidNumber != $account_old->general_uidNumber)) { - echo ''."\n"; - } - echo "
'; - echo ''; - echo _('Change GID-Number of all users in group to new value'); - echo '
'."\n"; - echo "
\n
\n
"; - break; - - case 'finish': - // Final Settings - echo ''; - echo "
"._('Note')."\n"; - echo ""; - echo ''."\n".''."\n".''."\n".'
'; - echo _('Group').' '; - echo $account_new->general_username; - if ($account_old) echo ' '._('has been modified').'.'; - else echo ' '._('has been created').'.'; - echo '
'; - if (!$account_old) - { echo' '; } - echo ''. - ''. - ''. - ''. - '
'; ?> diff --git a/lam/templates/account/useredit.php b/lam/templates/account/useredit.php index f9812f58..d5143c05 100644 --- a/lam/templates/account/useredit.php +++ b/lam/templates/account/useredit.php @@ -31,6 +31,15 @@ include_once('../../lib/status.inc'); // Return error-message include_once('../../lib/pdf.inc'); // Return a pdf-file include_once('../../lib/ldap.inc'); // LDAP-functions +/* We have to include all modules +* before start session +* *** fixme I would prefer loading them dynamic but +* i don't know how to to this +*/ +$dir = opendir('../../lib/modules'); +while ($entry = readdir($dir)) + if (is_file('../../lib/modules/'.$entry)) include_once ('../../lib/modules/'.$entry); + // Start session session_save_path('../../sess'); @session_start(); @@ -38,1544 +47,25 @@ session_save_path('../../sess'); // Redirect to startpage if user is not loged in if (!isset($_SESSION['loggedIn'])) { metaRefresh("../login.php"); - die; + exit; } // Set correct language, codepages, .... setlanguage(); -/* groupedit.php is using dynamic session varialenames so -* we can run several copies of groupedit.php at the same -* time -* $varkey is the dynamic part of the variable name -*/ -if (!isset($_POST['varkey'])) $varkey = session_id().time(); - else $varkey = $_POST['varkey']; - -// Register Session Vars -if (!isset($_SESSION['account_'.$varkey.'_account_new'])) $_SESSION['account_'.$varkey.'_account_new'] = new account(); -if (!isset($_SESSION['account_'.$varkey.'_final_changegids'])) $_SESSION['account_'.$varkey.'_final_changegids'] = ''; -if (!isset($_SESSION['account_'.$varkey.'_shelllist'])) $_SESSION['account_'.$varkey.'_shelllist'] = getshells(); - -// Register Session-Variables with references so we don't net to change to complete code if names changes -$account_new =& $_SESSION['account_'.$varkey.'_account_new']; -$shelllist =& $_SESSION['account_'.$varkey.'_shelllist']; -if (is_object($_SESSION['account_'.$varkey.'_account_old'])) $account_old =& $_SESSION['account_'.$varkey.'_account_old']; -$ldap_intern =& $_SESSION['ldap']; -$config_intern =& $_SESSION['config']; -$header_intern =& $_SESSION['header']; -$hostDN_intern =& $_SESSION['hostDN']; -$groupDN_intern =& $_SESSION['groupDN']; - -// $_GET is only valid if useredit.php was called from userlist.php -if (isset($_GET['DN']) && $_GET['DN']!='') { - // useredit.php should edit an existing account - // reset variables - if (isset($_SESSION['account_'.$varkey.'_account_old'])) { - unset($account_old); - unset($_SESSION['account_'.$varkey.'_account_old']); - } - $_SESSION['account_'.$varkey.'_account_old'] = new account(); - $account_old =& $_SESSION['account_'.$varkey.'_account_old']; - // get "real" DN from variable - $DN = str_replace("\'", '',$_GET['DN']); - // Load existing group - $account_new = loaduser($DN); - $account_old = $account_new; - $account_new->unix_password=''; - $account_new->smb_password=''; - $account_new->general_dn = substr($account_new->general_dn, strpos($account_new->general_dn, ',')+1); - // Display general-page - $select_local = 'general'; +if (!isset($_SESSION['cache'])) { + $_SESSION['cache'] = new cache(); } -// Startcondition. useredit.php was called from outside to create a new user - else if (count($_POST)==0) { - // Create new account object with settings from default profile - // Check if there are valid groups. Can not create user with no primary group - $groups = findgroups(); - if (count($groups)==0) { - // Write HTML-Header - echo $header_intern; - echo ""; - echo _("Create new Account"); - echo "\n". - "\n". - "\n". - "\n". - "\n"; - // Display errir-messages - StatusMessage("ERROR", _("Can not create any users."),_("Please create a group first.")); - echo ""._("Back to userlist")."\n"; - echo ""; - die; - } - $account_new = loadUserProfile('default'); - $account_new ->type = 'user'; - if ($config_intern->scriptServer) { - // load quotas and check if quotas from profile are valid - $quotas = getquotas($account_new); - for ($i=0; $iquota); $i++) $profile_quotas[] = $account_new->quota[$i][0]; - for ($i=0; $iquota); $i++) { - $real_quotas[] = $quotas->quota[$i][0]; - if (is_array($profile_quotas)) { - if (!in_array($quotas->quota[$i][0], $profile_quotas)) $account_new->quota[]=$quotas->quota[$i]; - } - else $account_new->quota[]=$quotas->quota[$i]; - } - $j=0; - // delete not existing quotas - while (isset($account_new->quota[$j][0])) { - // remove invalid quotas - if (!in_array($account_new->quota[$j][0], $real_quotas)) unset($account_new->quota[$j]); - else $j++; - } - // Beautify array, repair index - if (is_array($account_new->quota)) $account_new->quota = array_values($account_new->quota); - // Set used blocks - for ($i=0; $iquota); $i++) { - $account_new->quota[$i][1] = 0; - $account_new->quota[$i][5] = 0; - } - } - // Display general-page - $select_local = 'general'; +if ($_GET['DN']) { + //load account + $DN = str_replace("\'", '', $_GET['DN']); + $_SESSION['account'] = new accountContainer('user', 'account'); + $_SESSION['account']->load_account($DN); } - - -switch ($_POST['select']) { - /* Select which part of page should be loaded and check values - * groups = page with all groups to which user is additional member - * workstations = page with all workstations the user is allowed to login - * general = startpage, general account paramters - * samba = page with all samba-related parameters e.g. smbpassword - * quota = page with all quota-related parameters e.g. hard file quota - * personal = page with all personal-related parametergs, e.g. phone number - * final = last page shown before account is created/modified - * finish = page shown after account has been created/modified - */ - case 'groups': - do { // X-Or, only one if() can be true - if (isset($_POST['allgroups']) && isset($_POST['add'])) { // Add groups to list - // Add new group - $account_new->general_groupadd = @array_merge($account_new->general_groupadd, $_POST['allgroups']); - // remove doubles - $account_new->general_groupadd = @array_flip($account_new->general_groupadd); - array_unique($account_new->general_groupadd); - $account_new->general_groupadd = @array_flip($account_new->general_groupadd); - // sort groups - sort($account_new->general_groupadd); - break; - } - if (isset($_POST['selectedgroups']) && isset($_POST['remove'])) { // remove groups from list - $account_new->general_groupadd = array_delete($_POST['selectedgroups'], $account_new->general_groupadd); - break; - } - } while(0); - // display group page - $select_local = 'groups'; - break; - case 'workstations': - do { // X-Or, only one if() can be true - if (isset($_POST['hosts']) && isset($_POST['add'])) { // Add workstations to list - $temp = str_replace(' ', '', $account_new->smb_smbuserworkstations); - $workstations = explode (',', $temp); - for ($i=0; $ismb_smbuserworkstations = $workstations[0]; - for ($i=1; $ismb_smbuserworkstations = $account_new->smb_smbuserworkstations . "," . $workstations[$i]; - } - break; - } - if (isset($_POST['members']) && isset($_POST['remove'])) { // remove // Add workstations from list - // Put all workstations in array - $temp = str_replace(' ', '', $account_new->smb_smbuserworkstations); - $workstations = explode (',', $temp); - for ($i=0; $ismb_smbuserworkstations = $workstations[0]; - for ($i=1; $ismb_smbuserworkstations = $account_new->smb_smbuserworkstations . "," . $workstations[$i]; - } - break; - } - } while(0); - // display workstations page - $select_local = 'workstations'; - break; - case 'general': - if (!$_POST['load']) { - if (($account_new->general_username != $_POST['f_general_username']) && ereg('[A-Z]$', $_POST['f_general_username'])) - $errors[] = array('WARN', _('Username'), _('You are using a capital letters. This can cause problems because not all programs are case-sensitive.')); - // Write all general values into $account_new if no profile should be loaded - $account_new->general_dn = $_POST['f_general_suffix']; - $account_new->general_username = $_POST['f_general_username']; - $account_new->general_surname = $_POST['f_general_surname']; - $account_new->general_givenname = $_POST['f_general_givenname']; - $account_new->general_uidNumber = $_POST['f_general_uidNumber']; - $account_new->general_group = $_POST['f_general_group']; - $account_new->general_homedir = $_POST['f_general_homedir']; - $account_new->general_shell = $_POST['f_general_shell']; - $account_new->general_gecos = $_POST['f_general_gecos']; - // Check if givenname is valid - if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $account_new->general_givenname)) $errors[] = array('ERROR', _('Given name'), _('Given name contains invalid characters')); - // Check if surname is valid - if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $account_new->general_surname)) $errors[] = array('ERROR', _('Surname'), _('Surname contains invalid characters')); - if ( ($account_new->general_gecos=='') || ($account_new->general_gecos==' ')) { - $account_new->general_gecos = $account_new->general_givenname . " " . $account_new->general_surname ; - $errors[] = array('INFO', _('Gecos'), _('Inserted sur- and given name in gecos-field.')); - } - if ($account_new->general_group=='') $errors[] = array('ERROR', _('Primary group'), _('No primary group defined!')); - // Check if Username contains only valid characters - if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*$', $account_new->general_username)) - $errors[] = array('ERROR', _('Username'), _('Username contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !')); - // Check if user already exists - // Remove primary group from additional groups if set. - if (isset($account_new->general_groupadd) && in_array($account_new->general_group, $account_new->general_groupadd)) { - for ($i=0; $igeneral_groupadd); $i++ ) - if ($account_new->general_groupadd[$i] == $account_new->general_group) { - unset ($account_new->general_groupadd[$i]); - $account_new->general_groupadd = array_values($account_new->general_groupadd); - } - } - // Create automatic useraccount with number if original user already exists - // Reset name to original name if new name is in use - if (ldapexists($account_new, $account_old) && is_object($account_old)) - $account_new->general_username = $account_old->general_username; - while ($temp = ldapexists($account_new, $account_old)) { - // get last character of username - $lastchar = substr($account_new->general_username, strlen($account_new->general_username)-1, 1); - // Last character is no number - if ( !ereg('^([0-9])+$', $lastchar)) - /* Last character is no number. Therefore we only have to - * add "2" to it. - */ - $account_new->general_username = $account_new->general_username . '2'; - else { - /* Last character is a number -> we have to increase the number until we've - * found a groupname with trailing number which is not in use. - * - * $i will show us were we have to split groupname so we get a part - * with the groupname and a part with the trailing number - */ - $i=strlen($account_new->general_username)-1; - $mark = false; - // Set $i to the last character which is a number in $account_new->general_username - while (!$mark) { - if (ereg('^([0-9])+$',substr($account_new->general_username, $i, strlen($account_new->general_username)-$i))) $i--; - else $mark=true; - } - // increase last number with one - $firstchars = substr($account_new->general_username, 0, $i+1); - $lastchars = substr($account_new->general_username, $i+1, strlen($account_new->general_username)-$i); - // Put username together - $account_new->general_username = $firstchars . (intval($lastchars)+1); - } - } - // Show warning if lam has changed username - if ($account_new->general_username != $_POST['f_general_username']) $errors[] = array('WARN', _('Username'), _('Username in use. Selected next free username.')); - // Check if Homedir is valid - $account_new->general_homedir = str_replace('$group', $account_new->general_group, $account_new->general_homedir); - if ($account_new->general_username != '') - $account_new->general_homedir = str_replace('$user', $account_new->general_username, $account_new->general_homedir); - if ($account_new->general_homedir != $_POST['f_general_homedir']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.')); - if ( !ereg('^[/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*([/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*)*$', $account_new->general_homedir )) - $errors[] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.')); - // Check if UID is valid. If none value was entered, the next useable value will be inserted - $temp = explode(':', checkid($account_new, $account_old)); - $account_new->general_uidNumber = $temp[0]; - // true if checkid has returned an error - if ($temp[1]!='') $errors[] = explode(';',$temp[1]); - // Check if Name-length is OK. minLength=3, maxLength=20 - if ( !ereg('.{3,20}', $account_new->general_username)) $errors[] = array('ERROR', _('Name'), _('Name must contain between 3 and 20 characters.')); - // Check if Name starts with letter - if ( !ereg('^([a-z]|[A-Z]).*$', $account_new->general_username)) - $errors[] = array('ERROR', _('Name'), _('Name contains invalid characters. First character must be a letter.')); - } - break; - case 'unix': - // Write all general values into $account_new - if (isset($_POST['f_unix_password'])) { - // Encraypt password - if ($_POST['f_unix_password'] != $_POST['f_unix_password2']) { - $errors[] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.')); - unset ($_POST['f_unix_password2']); - } - else $account_new->unix_password = base64_encode($_SESSION['ldap']->encrypt($_POST['f_unix_password'])); - } - else $account_new->unix_password = ''; - if ($_POST['f_unix_password_no']) $account_new->unix_password_no = true; - else $account_new->unix_password_no = false; - $account_new->unix_pwdwarn = $_POST['f_unix_pwdwarn']; - $account_new->unix_pwdallowlogin = $_POST['f_unix_pwdallowlogin']; - $account_new->unix_pwdmaxage = $_POST['f_unix_pwdmaxage']; - $account_new->unix_pwdminage = $_POST['f_unix_pwdminage']; - $account_new->unix_host = $_POST['f_unix_host']; - $account_new->unix_pwdexpire = mktime(10, 0, 0, $_POST['f_unix_pwdexpire_mon'], - $_POST['f_unix_pwdexpire_day'], $_POST['f_unix_pwdexpire_yea']); - if ($_POST['f_unix_deactivated']) $account_new->unix_deactivated = $_POST['f_unix_deactivated']; - else $account_new->unix_deactivated = false; - if ($_POST['genpass']) { - // Generate a random password if generate-button was pressed - $account_new->unix_password = base64_encode($_SESSION['ldap']->encrypt(genpasswd())); - unset ($_POST['f_unix_password2']); - // Keep unix-page acitve - $select_local = 'unix'; - } - // Check if values are OK and set automatic values. if not error-variable will be set - else { // account.inc - if ($account_new->unix_password != '') { - $password = $_SESSION['ldap']->decrypt(base64_decode($account_new->unix_password)); - } - if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $password)) - $errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !')); - if ( !ereg('^([0-9])*$', $account_new->unix_pwdminage)) $errors[] = array('ERROR', _('Password minage'), _('Password minage must be are natural number.')); - if ( $account_new->unix_pwdminage > $account_new->unix_pwdmaxage ) $errors[] = array('ERROR', _('Password maxage'), _('Password maxage must bigger as Password Minage.')); - if ( !ereg('^([0-9]*)$', $account_new->unix_pwdmaxage)) $errors[] = array('ERROR', _('Password maxage'), _('Password maxage must be are natural number.')); - if ( !ereg('^(([-][1])|([0-9]*))$', $account_new->unix_pwdallowlogin)) - $errors[] = array('ERROR', _('Password Expire'), _('Password expire must be are natural number or -1.')); - if ( !ereg('^([0-9]*)$', $account_new->unix_pwdwarn)) $errors[] = array('ERROR', _('Password warn'), _('Password warn must be are natural number.')); - if ((!$account_new->unix_host=='') && !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-])+(([,])+([ ])*([a-z]|[A-Z]|[0-9]|[.]|[-])+)*$', $account_new->unix_host)) - $errors[] = array('ERROR', _('Unix workstations'), _('Unix workstations is invalid.')); - } - break; - case 'samba': - // Write all general values into $account_new - $account_new->smb_pwdcanchange = mktime($_POST['f_smb_pwdcanchange_s'], $_POST['f_smb_pwdcanchange_m'], $_POST['f_smb_pwdcanchange_h'], - $_POST['f_smb_pwdcanchange_mon'], $_POST['f_smb_pwdcanchange_day'], $_POST['f_smb_pwdcanchange_yea']); - $account_new->smb_pwdmustchange = mktime($_POST['f_smb_pwdmustchange_s'], $_POST['f_smb_pwdmustchange_m'], $_POST['f_smb_pwdmustchange_h'], - $_POST['f_smb_pwdmustchange_mon'], $_POST['f_smb_pwdmustchange_day'], $_POST['f_smb_pwdmustchange_yea']); - if ($_POST['f_smb_flagsN']) $account_new->smb_flags['N'] = true; - else $account_new->smb_flags['N'] = false; - if ($_POST['f_smb_useunixpwd']) $account_new->smb_useunixpwd = true; - else $account_new->smb_useunixpwd = false; - $account_new->smb_homedrive = $_POST['f_smb_homedrive']; - $account_new->smb_scriptPath = $_POST['f_smb_scriptpath']; - $account_new->smb_smbhome = stripslashes($_POST['f_smb_smbhome']); - $account_new->smb_profilePath = stripslashes($_POST['f_smb_profilePath']); - $account_new->smb_displayName = $_POST['f_smb_displayName']; - if ($_POST['f_smb_flagsD']) $account_new->smb_flags['D'] = true; - else $account_new->smb_flags['D'] = false; - if ($_POST['f_smb_flagsX']) $account_new->smb_flags['X'] = true; - else $account_new->smb_flags['X'] = false; - - if ($config_intern->is_samba3()) { - // samba 3 uses object with SID and domainname - $samba3domains = $ldap_intern->search_domains($config_intern->get_domainSuffix()); - for ($i=0; $iname) { - $account_new->smb_domain = $samba3domains[$i]; - } - // Check if user is member of a well known windows group - switch ($_POST['f_smb_mapgroup']) { - case '*'._('Domain Guests'): $account_new->smb_mapgroup = $account_new->smb_domain->SID . "-" . '514'; break; - case '*'._('Domain Users'): $account_new->smb_mapgroup = $account_new->smb_domain->SID . "-" . '513'; break; - case '*'._('Domain Admins'): $account_new->smb_mapgroup = $account_new->smb_domain->SID . "-" . '512'; break; - case $account_new->general_group: - $account_new->smb_mapgroup = $account_new->smb_domain->SID . "-". - (2 * getgid($account_new->general_group) + $account_new->smb_domain->RIDbase +1); - break; - } - } - else { - // samba 2.2 only uses a string as domainname - if (isset($_POST['f_smb_domain'])) $account_new->smb_domain = $_POST['f_smb_domain']; - else $account_new->smb_domain = ''; - // Check if user is member of a well known windows group - switch ($_POST['f_smb_mapgroup']) { - case '*'._('Domain Guests'): $account_new->smb_mapgroup = '514'; break; - case '*'._('Domain Users'): $account_new->smb_mapgroup = '513'; break; - case '*'._('Domain Admins'): $account_new->smb_mapgroup = '512'; break; - case $account_new->general_group: - $account_new->smb_mapgroup = (2 * getgid($account_new->general_group) + 1001); - break; - } - } - // Set Samba password - if (isset($_POST['f_smb_password']) && !$account_new->smb_useunixpwd) { - // Encraypt password - if ($_POST['f_smb_password'] != $_POST['f_smb_password2']) { - $errors[] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.')); - unset ($_POST['f_smb_password2']); - } - else $account_new->smb_password = base64_encode($_SESSION['ldap']->encrypt($_POST['f_smb_password'])); - } - else $account_new->smb_password = ''; - if ( (($account_new->smb_useunixpwd && !$account_old) || ($account_new->smb_useunixpwd && $account_new->unix_password!='')) && isset($account_new->unix_password) ) { - // Set Samba-Password to unix-password if option is set - $unix_password = $_SESSION['ldap']->decrypt(base64_decode($account_new->unix_password)); - $account_new->smb_password = base64_encode($_SESSION['ldap']->encrypt($smb_password)); - } - // Check values - $account_new->smb_scriptPath = str_replace('$user', $account_new->general_username, $account_new->smb_scriptPath); - $account_new->smb_scriptPath = str_replace('$group', $account_new->general_group, $account_new->smb_scriptPath); - if ($account_new->smb_scriptPath != $_POST['f_smb_scriptpath']) $errors[] = array('INFO', _('Script path'), _('Inserted user- or groupname in scriptpath.')); - $account_new->smb_profilePath = str_replace('$user', $account_new->general_username, $account_new->smb_profilePath); - $account_new->smb_profilePath = str_replace('$group', $account_new->general_group, $account_new->smb_profilePath); - if ($account_new->smb_profilePath != stripslashes($_POST['f_smb_profilePath'])) $errors[] = array('INFO', _('Profile path'), _('Inserted user- or groupname in profilepath.')); - $account_new->smb_smbhome = str_replace('$user', $account_new->general_username, $account_new->smb_smbhome); - $account_new->smb_smbhome = str_replace('$group', $account_new->general_group, $account_new->smb_smbhome); - if ($account_new->smb_smbhome != stripslashes($_POST['f_smb_smbhome'])) $errors[] = array('INFO', _('Home path'), _('Inserted user- or groupname in HomePath.')); - if ( (!$account_new->smb_smbhome=='') && (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+)+$', $account_new->smb_smbhome))) - $errors[] = array('ERROR', _('Home path'), _('Home path is invalid.')); - if ( !ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', - $smb_password)) $errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !')); - if ( (!$account_new->smb_scriptPath=='') && (!ereg('^([/])*([a-z]|[0-9]|[.]|[-]|[_]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+([a-z]|[0-9]|[.]|[-]|[_]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])*'. - '([/]([a-z]|[0-9]|[.]|[-]|[_]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+([a-z]|[0-9]|[.]|[-]|[_]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])*)*(([.][b][a][t])|([.][c][m][d]))$', $account_new->smb_scriptPath))) - $errors[] = array('ERROR', _('Script path'), _('Script path is invalid!')); - if ( (!$account_new->smb_profilePath=='') && (!ereg('^[/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*([/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*)*$', $account_new->smb_profilePath)) - && (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+)+$', $account_new->smb_profilePath))) - $errors[] = array('ERROR', _('Profile path'), _('Profile path is invalid!')); - if ((!$account_new->smb_domain=='') && (!is_object($account_new->smb_domain)) && !ereg('^([a-z]|[A-Z]|[0-9]|[-])+$', $account_new->smb_domain)) - $errors[] = array('ERROR', _('Domain name'), _('Domain name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and -.')); - if ($account_new->smb_useunixpwd) $account_new->smb_useunixpwd = 1; else $account_new->smb_useunixpwd = 0; - if (($account_new->smb_displayName=='') && isset($account_new->general_gecos)) { - $account_new->smb_displayName = $account_new->general_gecos; - $errors[] = array('INFO', _('Display name'), _('Inserted gecos-field as display name.')); - } - break; - case 'quota': - // Write all general values into $account_new - $i=0; - // loop for every mointpoint with quotas - while ($account_new->quota[$i][0]) { - $account_new->quota[$i][2] = $_POST['f_quota_'.$i.'_2']; - $account_new->quota[$i][3] = $_POST['f_quota_'.$i.'_3']; - $account_new->quota[$i][6] = $_POST['f_quota_'.$i.'_6']; - $account_new->quota[$i][7] = $_POST['f_quota_'.$i.'_7']; - // Check if values are OK and set automatic values. if not error-variable will be set - if (!ereg('^([0-9])*$', $account_new->quota[$i][2])) - $errors[] = array('ERROR', _('Block soft quota'), _('Block soft quota contains invalid characters. Only natural numbers are allowed')); - if (!ereg('^([0-9])*$', $account_new->quota[$i][3])) - $errors[] = array('ERROR', _('Block hard quota'), _('Block hard quota contains invalid characters. Only natural numbers are allowed')); - if (!ereg('^([0-9])*$', $account_new->quota[$i][6])) - $errors[] = array('ERROR', _('Inode soft quota'), _('Inode soft quota contains invalid characters. Only natural numbers are allowed')); - if (!ereg('^([0-9])*$', $account_new->quota[$i][7])) - $errors[] = array('ERROR', _('Inode hard quota'), _('Inode hard quota contains invalid characters. Only natural numbers are allowed')); - $i++; - } - break; - case 'personal': - // Write all general values into $account_new - $account_new->personal_title = $_POST['f_personal_title']; - $account_new->personal_mail = $_POST['f_personal_mail']; - $account_new->personal_telephoneNumber = $_POST['f_personal_telephoneNumber']; - $account_new->personal_mobileTelephoneNumber = $_POST['f_personal_mobileTelephoneNumber']; - $account_new->personal_facsimileTelephoneNumber = $_POST['f_personal_facsimileTelephoneNumber']; - $account_new->personal_street = $_POST['f_personal_street']; - $account_new->personal_postalCode = $_POST['f_personal_postalCode']; - $account_new->personal_postalAddress = $_POST['f_personal_postalAddress']; - $account_new->personal_employeeType = $_POST['f_personal_employeeType']; - // Check if values are OK and set automatic values. if not error-variable will be set - if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $account_new->personal_telephoneNumber)) $errors[] = array('ERROR', _('Telephone number'), _('Please enter a valid telephone number!')); - if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $account_new->personal_mobileTelephoneNumber)) $errors[] = array('ERROR', _('Mobile number'), _('Please enter a valid mobile number!')); - if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $account_new->personal_facsimileTelephoneNumber)) $errors[] = array('ERROR', _('Fax number'), _('Please enter a valid fax number!')); - if ( !ereg('^(([0-9]|[A-Z]|[a-z]|[.]|[-]|[_])+[@]([0-9]|[A-Z]|[a-z]|[-])+([.]([0-9]|[A-Z]|[a-z]|[-])+)*)*$', $account_new->personal_mail)) $errors[] = array('ERROR', _('eMail address'), _('Please enter a valid eMail address!')); - if ( !ereg('^([0-9]|[A-Z]|[a-z]|[-]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $account_new->personal_street)) $errors[] = array('ERROR', _('Street'), _('Please enter a valid street name!')); - if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $account_new->personal_postalAddress)) $errors[] = array('ERROR', _('Postal address'), _('Please enter a valid postal address!')); - if ( !ereg('^([0-9]|[A-Z]|[a-z]|[-]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $account_new->personal_title)) $errors[] = array('ERROR', _('Title'), _('Please enter a valid title!')); - if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $account_new->personal_employeeType)) $errors[] = array('ERROR', _('Employee type'), _('Please enter a valid employee type!')); - if ( !ereg('^([0-9]|[A-Z]|[a-z])*$', $account_new->personal_postalCode)) $errors[] = array('ERROR', _('Postal code'), _('Please enter a valid postal code!')); - break; - case 'final': - // Write all general values into $account_new - break; - case 'finish': - // Check if pdf-file should be created - if ($_POST['outputpdf']) { - // Load quotas if not yet done because they are needed for the pdf-file - if ($config_intern->scriptServer && !isset($account_new->quota[0])) { // load quotas - $temp = getquotas($account_old); - $account_new->quota = $temp->quota; - unset($temp); - } - // Create / display PDf-file - createUserPDF(array($account_new)); - die; - } - break; +else if (count($_POST)==0) { + $_SESSION['account'] = new accountContainer('user', 'account'); + $_SESSION['account']->new_account(); } +$_SESSION['account']->continue_main($_POST); - - -do { // X-Or, only one if() can be true - if ($_POST['next_general']) { - // Go from general to next page if no error did ocour - if (!is_array($errors)) $select_local='general'; - else $select_local=$_POST['select']; - break; - } - if ($_POST['next_unix']) { - // Go from unix to next page if no error did ocour - if (!is_array($errors)) $select_local='unix'; - else $select_local=$_POST['select']; - break; - } - if ($_POST['next_samba']) { - // Go from samba to next page if no error did ocour - if (!is_array($errors)) $select_local='samba'; - else $select_local=$_POST['select']; - break; - } - if ($_POST['next_quota']) { - // Go from quota to next page if no error did ocour - if (!is_array($errors)) $select_local='quota'; - else $select_local=$_POST['select']; - break; - } - if ($_POST['next_personal']) { - // Go from personal to next page if no error did ocour - if (!is_array($errors)) $select_local='personal'; - else $select_local=$_POST['select']; - break; - } - if ($_POST['next_final']) { - // Go from final to next page if no error did ocour - if (is_array($errors)) $stay=true; - else $stay = false; - if (($account_old) && ($account_new->general_uidNumber != $account_old->general_uidNumber)) - $errors[] = array('INFO', _('UID-number has changed. You have to run the following command as root in order to change existing file-permissions:'), - 'find / -gid ' . $account_old->general_uidNumber . ' -exec chown ' . $account_new->general_uidNumber . ' {} \;'); - if (($account_old) && ($account_new->general_group != $account_old->general_group)) - $errors[] = array('INFO', _('Primary group has changed. You have to run the following command as root in order to change existing file-permissions:'), - 'find / -uid ' . $account_new->general_uidNumber . ' -gid ' . getgid($account_old->general_group) .' -exec chown ' . $account_new->general_uidNumber . ':'.getgid($account_new->general_group). ' {} \;'); - if (($account_old) && ($account_new->general_homedir != $account_old->general_homedir)) - $errors[] = array('INFO', _('Home Directory has changed. You have to run the following command as root in order to change the existing homedirectory:'), - 'mv ' . $account_old->general_homedir . ' ' . $account_new->general_homedir); - if ($config_intern->is_samba3() && !isset($account_new->smb_domain)) { - // Samba page not viewed; can not create user because if missing options - $errors[] = array("ERROR", _("Samba Options not set!"), _("Please check settings on samba page.")); - $stay = true; - } - if (!$config_intern->is_samba3()) { - $found = false; - if (strstr($account_new->smb_scriptPath, '$group')) $found = true; - if (strstr($account_new->smb_scriptPath, '$user')) $found = true; - if (strstr($account_new->smb_profilePath, '$group')) $found = true; - if (strstr($account_new->smb_profilePath, '$user')) $found = true; - if (strstr($account_new->smb_smbhome, '$group')) $found = true; - if (strstr($account_new->smb_smbhome, '$user')) $found = true; - if ($found) { - // Samba page not viewed; can not create group because if missing options - $stay = true; - $errors[] = array("ERROR", _("Samba Options not set!"), _("Please check settings on samba page.")); - } - } - if (isset($account_old->general_objectClass)) { - if (!in_array('posixAccount', $account_old->general_objectClass)) - $errors[] = array('WARN', _('ObjectClass posixAccount not found.'), _('Have to add objectClass posixAccount.')); - if (!in_array('shadowAccount', $account_old->general_objectClass)) - $errors[] = array('WARN', _('ObjectClass shadowAccount not found.'), _('Have to add objectClass shadowAccount.')); - if ($config_intern->is_samba3()) { - if (!in_array('sambaSamAccount', $account_old->general_objectClass)) - $errors[] = array('WARN', _('ObjectClass sambaSamAccount not found.'), _('Have to add objectClass sambaSamAccount. USer with sambaAccount will be updated.')); - } - else { - if (!in_array('sambaAccount', $account_old->general_objectClass)) - $errors[] = array('WARN', _('ObjectClass sambaAccount not found.'), _('Have to add objectClass sambaAccount. User with sambaSamAccount will be set back to sambaAccount.')); - } - } - if (!$stay) $select_local='final'; - else $select_local=$_POST['select']; - break; - } - if ($_POST['next_workstations']) { - // Go from workstations to next page if no error did ocour - if (!is_array($errors)) $select_local='workstations'; - else $select_local=$_POST['select']; - break; - } - if ($_POST['next_groups']) { - // Go from groups to next page if no error did ocour - if (!is_array($errors)) $select_local='groups'; - else $select_local=$_POST['select']; - break; - } - // Reset account to original settings if undo-button was pressed - if ($_POST['next_reset']) { - $account_new = $account_old; - $account_new->unix_password=''; - $account_new->smb_password=''; - $account_new->general_dn = substr($account_new->general_dn, strpos($account_new->general_dn, ',')+1); - $select_local = $_POST['select']; - break; - } - if ( $_POST['create'] ) { // Create-Button was pressed - // Create or modify an account - if ($account_old) $result = modifyuser($account_new,$account_old); - else $result = createuser($account_new); // account.inc - if ( $result==4 || $result==5 ) $select_local = 'final'; - else $select_local = 'finish'; - break; - } - // Load Profile and reset all attributes to settings in profile - if ($_POST['createagain']) { - $select_local='general'; - unset ($_SESSION['account_'.$varkey.'_account_new']); - unset($account_new); - $_SESSION['account_'.$varkey.'_account_new'] = loadUserProfile('default'); - $account_new =& $_SESSION['account_'.$varkey.'_account_new']; - $account_new ->type = 'user'; - break; - } - // Load Profile and reset all attributes to settings in profile - if ($_POST['load']) { - $account_new->general_dn = $_POST['f_general_suffix']; - $account_new->general_username = $_POST['f_general_username']; - $account_new->general_surname = $_POST['f_general_surname']; - $account_new->general_givenname = $_POST['f_general_givenname']; - $account_new->general_uidNumber = $_POST['f_general_uidNumber']; - $account_new->general_group = $_POST['f_general_group']; - if (isset($_POST['f_general_groupadd'])) $account_new->general_groupadd = $_POST['f_general_groupadd']; - else $account_new->general_groupadd = array(''); - $account_new->general_homedir = $_POST['f_general_homedir']; - $account_new->general_shell = $_POST['f_general_shell']; - $account_new->general_gecos = $_POST['f_general_gecos']; - if ($_POST['f_general_selectprofile']!='') $values = loadUserProfile($_POST['f_general_selectprofile']); - if (is_object($values)) { - while (list($key, $val) = each($values)) // Set only defined values - if (isset($val)) $account_new->$key = $val; - } - // insert autoreplace values - $account_new->general_homedir = str_replace('$group', $account_new->general_group, $account_new->general_homedir); - if ($account_new->general_username != '') - $account_new->general_homedir = str_replace('$user', $account_new->general_username, $account_new->general_homedir); - $account_new->smb_scriptPath = str_replace('$group', $account_new->general_group, $account_new->smb_scriptPath); - if ($account_new->general_username != '') - $account_new->smb_scriptPath = str_replace('$user', $account_new->general_username, $account_new->smb_scriptPath); - $account_new->smb_profilePath = str_replace('$group', $account_new->general_group, $account_new->smb_profilePath); - if ($account_new->general_username != '') - $account_new->smb_profilePath = str_replace('$user', $account_new->general_username, $account_new->smb_profilePath); - $account_new->smb_smbhome = str_replace('$group', $account_new->general_group, $account_new->smb_smbhome); - if ($account_new->general_username != '') - $account_new->smb_smbhome = str_replace('$user', $account_new->general_username, $account_new->smb_smbhome); - if ($config_intern->scriptServer) { - // load quotas and check if quotas from profile are valid - if (isset($account_old)) $quotas = getquotas($account_old); - else $quotas = getquotas($account_new); - for ($i=0; $iquota); $i++) $profile_quotas[] = $account_new->quota[$i][0]; - for ($i=0; $iquota); $i++) { - $real_quotas[] = $quotas->quota[$i][0]; - if (is_array($profile_quotas)) { - if (!in_array($quotas->quota[$i][0], $profile_quotas)) $account_new->quota[]=$quotas->quota[$i]; - } - else $account_new->quota[]=$quotas->quota[$i]; - } - $j=0; - // delete not existing quotas - while (isset($account_new->quota[$j][0])) { - // remove invalid quotas - if (!in_array($account_new->quota[$j][0], $real_quotas)) unset($account_new->quota[$j]); - else $j++; - } - // Beautify array, repair index - if (is_array($account_new->quota)) $account_new->quota = array_values($account_new->quota); - // Set used blocks - if (isset($account_old)) { - for ($i=0; $iquota); $i++) - for ($j=0; $jquota); $j++) - if ($quotas->quota[$j][0] == $account_new->quota[$i][0]) { - $account_new->quota[$i][1] = $quotas->quota[$i][1]; - $account_new->quota[$i][4] = $quotas->quota[$i][4]; - $account_new->quota[$i][5] = $quotas->quota[$i][5]; - $account_new->quota[$i][8] = $quotas->quota[$i][8]; - } - } - else for ($i=0; $iquota); $i++) { - $account_new->quota[$i][1] = 0; - $account_new->quota[$i][5] = 0; - } - } - // select general page after group has been loaded - $select_local='general'; - break; - } - // Save Profile - if ($_POST['save']) { - // save profile - if ($_POST['f_finish_safeProfile']=='') - $errors[] = array('ERROR', _('Save profile'), _('No profilename given.')); - else { - if (saveUserProfile($account_new, $_POST['f_finish_safeProfile'])) - $errors[] = array('INFO', _('Save profile'), _('New profile created.')); - else $errors[] = array('ERROR', _('Save profile'), _('Wrong profilename given.')); - } - // select last page displayed before user is created - $select_local='final'; - break; - } - // Go back to listgroups.php - if ($_POST['backmain']) { - if (isset($_SESSION['account_'.$varkey.'_account_new'])) unset($_SESSION['account_'.$varkey.'_account_new']); - if (isset($_SESSION['account_'.$varkey.'_account_old'])) unset($_SESSION['account_'.$varkey.'_account_old']); - if (isset($_SESSION['account_'.$varkey.'_final_changegids'])) unset($_SESSION['account_'.$varkey.'_final_changegids']); - if (isset($_SESSION['account_'.$varkey.'_shelllist'])) unset($_SESSION['account_'.$varkey.'_shelllist']); - metaRefresh("../lists/listusers.php"); - die; - break; - } - } while(0); - -// Write HTML-Header -echo $header_intern; -echo ""; -echo _("Create new Account"); -echo "\n". - "\n". -// "\n". -// "\n". - "\n". - "\n". - "\n"; - -// Display errir-messages -if (is_array($errors)) - for ($i=0; $ismb_smbuserworkstations); - $workstations = explode (',', $temp); - // Remove workstations to which the user is allowed to login from array - $hosts = array_delete($workstations, $hosts); - echo ''; - echo "\n\n\n
"; - echo "
"; - echo _('Please select page:'); - echo "\n"; - echo "\n
"; - echo "\n
"; - echo "\n
"; - echo "scriptPath)) echo " disabled "; - echo "value=\""; echo _('Quota'); echo "\">\n
"; - echo "\n
"; - echo ""; - if (isset($account_old)) { - echo "

"; - echo _("Reset all changes."); - echo "
"; - echo "\n"; - } - echo "
"; - echo "\n\n
"; - echo "
"; - echo _("Select workstations"); - echo "\n\n\n\n"; - echo "\n"; - echo "\n\n
"; - echo "
"; - echo _("Allowed workstations"); - echo "\n"; - // display all workstations the user is allowed to login - if (count($workstations)!=0) { - echo "\n"; - } - echo "
"; - echo " "; - echo "\">

"; - echo ""._('Help')."
"; - echo _('Available workstations'); - echo "\n"; - // Display all workstations without these the user is allowed to login - if (count($hosts)!=0) { - echo "\n"; - } - echo "
\n"; - echo "\n"; - echo "
\n
\n"; - break; - case 'groups': - // Validate cache-array - ldapreload('group'); - // Get copy of cache-array - $temp2 = $groupDN_intern; - // unset timestamp stored in $temp2[0] - unset($temp2[0]); - // load list with all groups - foreach ($temp2 as $temp) $groups[] = $temp['cn']; - // sort groups - sort($groups, SORT_STRING); - // remove groups the user is member of from grouplist - $groups = array_delete($account_new->general_groupadd, $groups); - // Remove primary group from grouplist - $groups = array_flip($groups); - if (isset($groups[$account_new->general_group])) unset ($groups[$account_new->general_group]); - $groups = array_flip($groups); - echo ''; - echo "\n\n\n
"; - echo "
"; - echo _('Please select page:'); - echo "\n"; - echo "\n
"; - echo "\n
"; - echo "\n
"; - echo "scriptPath)) echo " disabled "; - echo "value=\""; echo _('Quota'); echo "\">\n
"; - echo "\n
"; - echo ""; - if (isset($account_old)) { - echo "

"; - echo _("Reset all changes."); - echo "
"; - echo "\n"; - } - echo "
"; - echo "\n\n
"; - echo "
"; - echo _("Additional groups"); - echo "\n\n\n\n"; - echo "\n"; - echo "\n\n
"; - echo "
"; - echo _("Selected groups"); - echo "\n"; - // Show all groups the user is additional member of - if (count($account_new->general_groupadd)!=0) { - echo "\n"; - } - echo "
"; - echo " "; - echo "\">

"; - echo ""._('Help')."
"; - echo _('Available groups'); - echo "\n"; - // show all groups expect these the user is member of - if (count($groups)!=0) { - echo "\n"; - } - echo "
\n"; - echo "\n"; - echo "
\n
\n"; - break; - case 'general': - // General Account Settings - // load list of all groups - $groups = findgroups(); - // load list of profiles - $profilelist = getUserProfiles(); - echo ''; - echo "\n\n
"; - echo "
"; - echo _('Please select page:'); - echo "\n"; - echo "\n
"; - echo "\n
"; - echo "\n
"; - echo "scriptPath)) echo " disabled "; - echo "value=\""; echo _('Quota'); echo "\">\n
"; - echo "\n
"; - echo ""; - if (isset($account_old)) { - echo "

"; - echo _("Reset all changes."); - echo "
"; - echo "\n"; - } - echo "
"; - echo "\n\n\n
"; - echo "
"; - echo _("General properties"); - echo "\n\n\n\n'."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".'\n\n
"; - echo _('Username').'*'; - echo "". - ''. - ''. - ''._('Help').''. - '
'; - echo _('UID number'); - echo ''. - ''. - ''. - ''._('Help').''. - '
'; - echo _('First name').'*'; - echo ''. - ''. - ''. - ''._('Help').''. - '
'; - echo _('Last name').'*'; - echo ''. - ''. - ''. - ''._('Help').''. - '
'; - echo _('Primary group').'*'; - echo ''. - ''._('Help').''. - '
'; - - echo _('Additional groups'); - echo ''. - ''. - ''._('Help').''. - '
'; - echo _('Home directory').'*'; - echo ''. - ''. - ''._('Help').''. - '
'; - echo _('Gecos'); - echo ''. - ''. - ''._('Help').''. - '
'; - echo _('Login shell').'*'; - echo ''. - ''._('Help').''. - '
'; - echo _('Suffix'); echo ''._('Help'). - "
"; - echo _('Values with * are required'); - echo "
\n
"; - // Show fieldset with list of all user profiles - if (count($profilelist)!=0) { - echo "
"; - echo _("Load profile"); - echo "\n\n\n\n\n
"; - echo "\n". - ""; - echo _('Help')."
\n
\n"; - } - echo "
\n
\n"; - break; - case 'unix': - // Unix Password Settings - // decrypt password - if ($account_new->unix_password != '') { - $password = $_SESSION['ldap']->decrypt(base64_decode($account_new->unix_password)); - } - else $password=''; - // Use dd-mm-yyyy format of date because it's easier to read for humans - $date = getdate ($account_new->unix_pwdexpire); - echo "\n"; - echo "\n\n\n
"; - echo "
"; - echo _('Please select page:'); - echo "\n"; - echo "\n
"; - echo "\n
"; - echo "\n
"; - echo "scriptPath)) echo " disabled "; - echo "value=\""; echo _('Quota'); echo "\">\n
"; - echo "\n
"; - echo ""; - if (isset($account_old)) { - echo "

"; - echo _("Reset all changes."); - echo "
"; - echo "\n"; - } - echo "
"; - echo "
"._('Unix properties')."\n"; - echo "'."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n"; - // show only hosts if schema does allow hosts - if ($_SESSION['ldap']->supports_unix_hosts) { - echo ''."\n".''."\n".'\n\n"; - } - echo "
"; - echo _('Password'); - echo ''. - ''. - ''. - '
'; - echo _('Repeat password'); - echo ''. - '
'; - echo _('Use no password'); - echo 'unix_password_no) echo ' checked '; - echo '>'. - ''._('Help').''. - '
'; - echo _('Password warn'); - echo ''. - ''. - ''._('Help').''. - '
'; - echo _('Password expire'); - echo ''. - ''. - ''._('Help').''. - '
'; - echo _('Maximum password age'); - echo ''. - ''. - ''._('Help').''. - '
'; - echo _('Minimum password age'); - echo ''. - ''. - ''._('Help').''. - '
'; - echo _('Expire date'); - echo ''. - ''._('Help').''. - '
'; - echo _('Account deactivated'); - echo 'unix_deactivated) echo ' checked '; - echo '>'. - ''._('Help').''. - '
'; - echo _('Unix workstations'); - echo ''. - ''. - ''._('Help'). - "
\n"; - echo _('Values with * are required'); - echo "
\n
\n"; - break; - case 'samba': - // Samba Settings - // decrypt password - if ($account_new->smb_password != '') { - $password = $_SESSION['ldap']->decrypt(base64_decode($account_new->smb_password)); - } - else $password = ""; - if ($config_intern->is_samba3()) $samba3domains = $ldap_intern->search_domains($config_intern->get_domainSuffix()); - // Use dd-mm-yyyy format of date because it's easier to read for humans - $canchangedate = getdate($account_new->smb_pwdcanchange); - $mustchangedate = getdate($account_new->smb_pwdmustchange); - echo ''; - // Save all values smaller than "day" so we don't loose them - echo ''. - ''. - ''. - ''. - ''. - ''; - echo "\n\n\n
"; - echo "
"; - echo _('Please select page:'); - echo "\n"; - echo "\n
"; - echo "\n
"; - echo "\n
"; - echo "scriptPath)) echo " disabled "; - echo "value=\""; echo _('Quota'); echo "\">\n
"; - echo "\n
"; - echo ""; - if (isset($account_old)) { - echo "

"; - echo _("Reset all changes."); - echo "
"; - echo "\n"; - } - echo "
"; - echo "\n\n
"; - echo "
"; - echo _("Samba properties"); - echo "\n\n\n\n\n\n\n\n'."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n"; - echo "
"; - echo _("Display name"); - echo "". - "smb_displayName."\">". - ""._('Help')."
"; - echo _('Samba password'); - echo ''. - '
'; - echo _('Repeat password'); - echo ''. - '
'; - echo _('Use unix password'); - echo 'smb_useunixpwd) echo ' checked '; - echo '>'. - ''._('Help').''; - echo '
'; - echo _('Use no password'); - echo 'smb_flags['N']) echo ' checked '; - echo '>'. - ''._('Help').''. - '
'; - echo _('Password does not expire'); - echo 'smb_flags['X']) echo ' checked '; - echo '>'. - ''._('Help').''. - '
'; - echo _('User can change password'); - echo ''; - echo ''._('Help').''. - '
'; - echo _('User must change password'); - echo ''; - echo ''._('Help').''. - '
'; - echo _('Account is deactivated'); - echo 'smb_flags['D']) echo ' checked '; - echo '>'. - ''._('Help').''. - '
'; - echo _('Home drive'); - echo ''. - ''._('Help').''. - '
'; - echo _('Home path'); - echo ''. - ''. - ''._('Help').''. - '
'; - echo _('Profile path'); - echo ''. - ''. - ''._('Help').''. - '
'; - echo _('Script path'); - echo ''. - ''. - ''._('Help').''. - '
'; - echo _('Samba workstations'); - echo ''. - ''. - ''._('Help').''. - '
'; - echo _('Windows groupname'); - echo ''. - ''._('Help').''. - '
'; - echo _('Domain'); - // select which domain name should be displayed - if ($config_intern->is_samba3()) { - // samba 3 uses object to store SID and name of domain - echo ''; - } - else { - // Samba 2.2 just uses a string as domain name - echo ''; - } - echo ''._('Help').'
\n
\n
\n"; - break; - case 'quota': - // Quota Settings - // Load quotas if not yet done - if (($config_intern->scriptServer) && !isset($account_new->quota[0])) { // load quotas - $temp = getquotas($account_old); - $account_new->quota = $temp->quota; - unset ($temp); - } - echo "\n"; - echo "\n\n\n
"; - echo "
"; - echo _('Please select page:'); - echo "\n"; - echo "\n
"; - echo "\n
"; - echo "\n
"; - echo "\n
"; - echo "\n
"; - echo ""; - if (isset($account_old)) { - echo "

"; - echo _("Reset all changes."); - echo "
"; - echo "\n"; - } - echo "
"; - echo "
"._('Quota properties')."\n"; - echo "'."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n"; - echo ''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n"; - $i=0; - // loop for every mointpoint with enabled quotas - while ($account_new->quota[$i][0]) { - echo ''; // used blocks - echo ''; // blocks soft limit - echo ''; // blocks hard limit - echo ''; // block grace period - echo ''; // used inodes - echo ''; // inodes soft limit - echo ''; // inodes hard limit - echo ''; // inodes grace period - $i++; - } - echo "
"; - echo _('Mountpoint'); echo ''; echo _('Used blocks'); echo ''; - echo _('Soft block limit'); echo ''; echo _('Hard block limit'); echo ''; echo _('Grace block period'); - echo ''; echo _('Used inodes'); echo ''; echo _('Soft inode limit'); echo ''; - echo _('Hard inode limit'); echo ''; echo _('Grace inode period'); echo '
'._('Help').''._('Help').''. - ''._('Help').''._('Help').''. - ''._('Help').''._('Help').''. - ''._('Help').''._('Help').''. - ''._('Help').'
'.$account_new->quota[$i][0].''.$account_new->quota[$i][1].''.$account_new->quota[$i][4].''.$account_new->quota[$i][5].''.$account_new->quota[$i][8].'
\n
\n
\n"; - break; - case 'personal': - // Personal Settings - echo "\n"; - echo "\n\n\n
"; - echo "
"; - echo _('Please select page:'); - echo "\n"; - echo "\n
"; - echo "\n
"; - echo "\n
"; - echo "scriptPath)) echo " disabled "; - echo "value=\""; echo _('Quota'); echo "\">\n
"; - echo "\n
"; - echo ""; - if (isset($account_old)) { - echo "

"; - echo _("Reset all changes."); - echo "
"; - echo "\n"; - } - echo "
"; - echo "
"._('Personal properties')."\n"; - echo "'."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n"; - echo "
"; - echo _('Title'); - echo ''. - ' '; - echo $account_new->general_givenname . ' ' . $account_new->general_surname . ''. - ''._('Help').''. - '
'; - echo _('Employee type'); - echo ''. - ''. - ''. - ''._('Help').''. - '
'; - echo _('Street'); - echo ''. - ''. - ''. - ''._('Help').''. - '
'; - echo _('Postal code'); - echo ''. - ''. - ''. - ''._('Help').''. - '
'; - echo _('Postal address'); - echo ''. - ''. - ''. - ''._('Help').''. - '
'; - echo _('Telephone number'); - echo ''. - ''. - ''. - ''._('Help').''. - '
'; - echo _('Mobile number'); - echo ''. - ''. - ''. - ''._('Help').''. - '
'; - echo _('Fax number'); - echo ''. - ''. - ''. - ''._('Help').''. - '
'; - echo _('eMail address'); - echo ''. - ''. - ''. - ''._('Help').'
\n
\n
\n"; - break; - case 'final': - // Final Settings - echo ''; - echo "\n\n
"; - echo "
"; - echo _('Please select page:'); - echo "\n"; - echo "\n
"; - echo "\n
"; - echo "\n
"; - echo "scriptPath)) echo " disabled "; - echo "value=\""; echo _('Quota'); echo "\">\n
"; - echo "\n
"; - echo ""; - if (isset($account_old)) { - echo "

"; - echo _("Reset all changes."); - echo "
"; - echo "\n"; - } - echo "
"; - echo "\n\n
"; - echo "\n
"; - echo _("Save profile"); - echo "\n\n\n\n\n
"; - echo ''; - echo "'._('Help'); - echo "
\n
\n
\n"; - echo "
"; - if ($account_old) echo _('Modify'); - else echo _('Create'); - echo "\n"; - echo ""; - echo "
'."\n"; - echo "
\n
\n
"; - break; - case 'finish': - // Final Settings - echo ''; - echo "
"._('Note')."\n"; - echo "'."\n".''."\n".''."\n".'
"; - echo '
'; - echo _('User '); - echo $account_new->general_username; - if ($account_old) echo ' '._('has been modified').'.'; - else echo ' '._('has been created').'.'; - echo '
'; - if (!$account_old) - { echo ''; } - echo ''. - ''. - ''. - ''. - '
'; ?>