diff --git a/lam/lib/account.inc b/lam/lib/account.inc index c70a1171..a6af1688 100644 --- a/lam/lib/account.inc +++ b/lam/lib/account.inc @@ -28,9 +28,10 @@ $Id$ */ class cache { function cache() { - $this->config = &$_SESSION['config']; - $this->ldap = &$_SESSION['ldap']; + $this->config =& $_SESSION['config']; + $this->ldap =& $_SESSION['ldap']; $this->time = 0; + $this->attributes = array(); } var $ldapcache; // This variable contains the cache @@ -43,6 +44,7 @@ class cache { * syntax of $attributes is array( scope1 => array ( attributes ), scope2 => array ( attributes ), ...) */ function add_cache($attributes) { + $this->refresh_cache(); // Check input variable $allowed_types = array ( 'user', 'group', 'host', '*' ); if (!is_array($attributes)) trigger_error(_('Argument of add_cache must be : array ( scope => array(attribute1(string), attribute2(string), ..), scope => ... ).'), E_USER_ERROR); @@ -68,6 +70,7 @@ class cache { * */ function get_cache($attribute, $objectClass, $singlescope) { + $this->refresh_cache(); // Check input variables $allowed_types = array ( 'user', 'group', 'host', '*' ); if (!in_array($singlescope, $allowed_types)) trigger_error(sprintf(_('Invalid scope. Valid scopes are %s.'), implode(" ", $allowed_types)), E_USER_ERROR); @@ -82,14 +85,16 @@ class cache { if ($singlescope == '*') $scopes = $allowed_types; else $scopes = array ( $singlescope ); foreach ($scopes as $scope) { - $DNs = array_keys($this->ldapcache[$scope]); - foreach ($DNs as $dn) { - if (isset($this->ldapcache[$scope][$dn][$attribute]) && in_array($objectClass, $this->ldapcache[$scope][$dn]['objectClass'])) { - // return string if only attribute exists only once - if (count($this->ldapcache[$scope][$dn][$attribute])==1) $return[$dn][] = $this->ldapcache[$scope][$dn][$attribute][0]; - else { - // else return array with all attributes - $return[$dn] = $this->ldapcache[$scope][$dn][$attribute]; + if (isset($this->ldapcache[$scope])) { + $DNs = array_keys($this->ldapcache[$scope]); + foreach ($DNs as $dn) { + if (isset($this->ldapcache[$scope][$dn][$attribute]) && in_array($objectClass, $this->ldapcache[$scope][$dn]['objectClass'])) { + // return string if only attribute exists only once + if (count($this->ldapcache[$scope][$dn][$attribute])==1) $return[$dn][] = $this->ldapcache[$scope][$dn][$attribute][0]; + else { + // else return array with all attributes + $return[$dn] = $this->ldapcache[$scope][$dn][$attribute]; + } } } } @@ -102,6 +107,7 @@ class cache { * $scope is the scope where to search */ function in_cache($value, $attribute, $singlescope) { + $this->refresh_cache(); // Check input variables $allowed_types = array ( 'user', 'group', 'host', '*' ); if (!in_array($singlescope, $allowed_types)) trigger_error(sprintf(_('Invalid scope. Valid scopes are %s.'), implode(" ", $allowed_types)), E_USER_ERROR); @@ -130,12 +136,17 @@ class cache { $this->refresh_cache(); if ($singlescope == '*') $scopes = $allowed_types; else $scopes = array ( $singlescope ); + //print_r($this->ldapcache); foreach ($scopes as $scope) { - $DNs = array_keys($this->ldapcache[$scope]); - foreach ($DNs as $dn) { - if (in_array($value, $this->ldapcache[$scope][$dn][$attribute])) { - // Return value if value was found - return $dn; + if (isset($this->ldapcache[$scope])) { + $DNs = array_keys($this->ldapcache[$scope]); + foreach ($DNs as $dn) { + if (is_array($this->ldapcache[$scope][$dn][$attribute])) { + if (in_array($value, $this->ldapcache[$scope][$dn][$attribute])) { + // Return value if value was found + return $dn; + } + } } } } @@ -210,19 +221,19 @@ class main { var $current_page; // This variable os set to the pagename of a subpage if it should be displayed var $subpage; - // reference to base-array so we can read other classes in basearray + // name of accountContainer so we can read other classes in accuontArray var $base; - // Localized part of HTML-Header - var $header; + // Alias Name. This name is shown in the menu instead of main + var $alias; - function main() { + function main($base) { $this->current_page = 0; $this->subpage = ''; /* Create a reference to basearray so we can read all other modules * php will avaois recousrion itself */ - $this->base = &$baseobject; - $this->header = &$_SESSION['header']; + $this->base = $base; + $this->alias = _('main'); } /* This function returns a list with all required modules @@ -231,24 +242,249 @@ class main { return array(); } - /* This function will process transmitted data - * and decides which page show next. - */ - function main_continue() { - // Which data should be processed? - if ($this->subpage=='') $this->subpage='attributes'; - $function = '$result = $this->base->module[$this->base->order[$this->current_page]]->process_'.$this->subpage.'($_POST);'; - eval ($function); - if (is_string($return)) $this->subpage = $return; - if (is_int($return)) { - for ($i=0; $ibase->order); $i++ ) { - if ($_POST['form_main_'.$this->base->order[$i]]) $this->current_page = $i; + function display_html_attributes($post) { + $function = '$profilelist = get'.ucfirst($_SESSION[$this->base]->type).'Profiles();'; + eval($function); + $modules = $_SESSION[$this->base]->check_attributes(); + if (count($modules)!=0) { + $disabled = 'disabled'; + for ($i=0; $ibase]->module[$modules[$i]]->alias)); + } + else $disabled = ''; + + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + + // Show fieldset with list of all user profiles + if (count($profilelist)!=0) { + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + } + + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + + echo "\n"; + echo "\n"; + echo "\n"; + + echo "
" . _('Suffix') . "" . _('Help') . "
" . _("Load profile") . "\n"; + echo "" . _('Help') . "
" . _("Save profile") . "\n"; + echo "" . _('Help') . "
base]->dn_orig!='') echo _('Modify Account'); + else echo _('Create Account'); + echo "\" $disabled >
\n"; + return 0; + } + + + /* This page will be shown if an account + * has been saved + */ + function display_html_finish($post) { + // Show success message + if ($_SESSION[$this->base]->dn_orig=='') $kind = _('created'); + else $kind = _('modified'); + $text = sprintf(_('%s has been %s.'), ucfirst($_SESSION[$this->base]->type), $kind); + StatusMessage('INFO', _('LDAP operation successful.'), $text); + + // Show rest of page + echo "\n"; + echo "\n"; + if ($_SESSION[$this->base]->dn_orig=='') { + echo "\n"; + } + echo "\n"; + echo "\n"; + echo "\n"; + echo "
base]->type); + echo "\">base]->type); + echo "\">
\n"; + return 0; + } + + /* Write variables into object and do some regexp checks + */ + function proccess_finish($post) { + if ($post['form_main_createagain']) { + // Reset objects + $modules = array_keys($_SESSION[$this->base]->module); + foreach ($modules as $module) + if ($module!='main') unset($_SESSION[$this->base]->module[$module]); + // Reset accountContainer + $_SESSION[$this->base]->dn = ''; + $_SESSION[$this->base]->dn_orig = ''; + $_SESSION[$this->base]->attributes = array(); + $_SESSION[$this->base]->order = array(); + $this->current_page = 0; + $this->subpage = ''; + // Add all required objects etc. + $_SESSION[$this->base]->new_account(); + return 0; + } + if ($post['form_main_backmain']) { + // Return to *-list + // *** fixme unset accountContainer in session + metaRefresh("../lists/list".$_SESSION[$this->base]->type."s.php"); + exit; + } + if ($post['form_main_outputpdf']) { + // Create / display PDf-file + $function = 'create'.ucfirst($_SESSION[$this->base]->type).'PDF(array($_SESSION[$this->base]));'; + eval($function); + exit; + } + } + + /* Write variables into object and do some regexp checks + */ + function proccess_attributes($post) { + // change dn + if ($post['form_main_suffix']!='') $_SESSION[$this->base]->dn = $post['form_main_suffix']; + // load profile + if ($post['form_main_selectLoadProfile'] && $post['form_main_loadProfile']) { + // *** fixme load*Profile must return array in the same way ldap_get_attributes does. + $function = '$newattributes = load'.ucfirst($scope).'Profile($post[\'form_main_selectLoadProfile\']);'; + eval($function); + // pass newattributes to each module + $modules = array_keys($_SESSION[$this->base]->module); + foreach ($modules as $module) $_SESSION[$this->base]->module[$module]->load_attributes($newattributes); + return 0; + } + // save account + if ($post['form_main_create']) { + $success = $_SESSION[$this->base]->save_account(); + if (is_array($success)) return array($success); + // return name of subpage + return 'finish'; + } + // save profile + if ($post['form_main_saveProfile']) { + if ($post['form_main_selectSaveProfile']=='') $errors[] = array('ERROR', _('Save profile'), _('No profilename given.')); + else { + $function = 'save'.ucfirst($scope).'Profile();'; + eval($function); + if ($function) $errors[] = array('INFO', _('Save profile'), _('New profile created.')); + else $errors[] = array('ERROR', _('Save profile'), _('Wrong profilename given.')); + } + if (is_array($errors)) return $errors; + else return 0; + } + return 0; + } + + // Dummy functions to make module compatible + function load_attributes($attr) { + return 0; + } + + // Dummy functions to make module compatible + function save_attributes() { + return array(); + } + + // Dummy functions to make module compatible + function get_attributes() { + return array(); + } + + + } + + +class accountContainer { + // Constructor + function accountContainer($type, $base) { + /* Set the type of account. Valid + * types are: user, group, host + */ + // Check input variable + if (!is_string($type)) trigger_error(_('Argument of accountContainer must be string.'), E_USER_ERROR); + if (!is_string($base)) trigger_error(_('Argument of accountContainer must be string.'), E_USER_ERROR); + // *** fixme use global variable to determine allowed types + $allowed_types = array ( 'user', 'group', 'host' ); + if (!in_array($type, $allowed_types)) trigger_error(_('Account type not recognized.'), E_USER_ERROR); + $this->type = $type; + $this->base = $base; + // Name of variables in session + $this->ldap = 'ldap'; + $this->config = 'config'; + $this->cache = 'cache'; + $this->header2 = 'header'; + $this->module['main'] = new main($this->base); + return 0; + } + + /* Array of all used attributes + * Syntax is attribute => array ( objectClass => MUST or MAY, ...) + */ + var $attributes; + /* This variale stores the type + * of account. Current unix, group, host are supported + */ + var $type; + var $ldap; // This is a reference to the ldap class in session + var $config; // This is a reference to the config class in session + // Localized part of HTML-Header + var $header2; + var $module; // This is an array with all module objects + // DN of the account + var $dn; + var $dn_orig; + // this are stores the module order + var $order; + // name of accountContainer so we can read other classes in accuontArray + var $base; + + /* Get the type of account. Valid + * types are: user, group, host + */ + function get_type() { + return $this->type; + } + + /* This function asks $this->module['main'] + * what to do next + */ + function continue_main($post) { + if ($this->module['main']->subpage=='') $this->module['main']->subpage='attributes'; + $function = '$result = $this->module[$this->order[$this->module[\'main\']->current_page]]->proccess_'.$this->module['main']->subpage.'($post);'; + eval ($function); + if (is_string($result)) $this->module['main']->subpage = $result; + if (is_int($result)) { + for ($i=0; $iorder); $i++ ) { + if ($post['form_main_'.$this->order[$i]]) $this->module['main']->current_page = $i; + } + $this->module['main']->subpage='attributes'; } // Write HTML-Code - echo $this->header; + echo $_SESSION[$this->header2]; echo ""; echo _("Create new Account"); echo "\n"; @@ -266,17 +502,17 @@ class main { echo _('Please select page:'); echo "\n"; // Loop for module - for ($i=0; $ibase->order); $i++ ) { - if ($this->base->order[$i]==$this->base->order[$this->current_page]) { + for ($i=0; $iorder); $i++ ) { + if ($this->order[$i]==$this->order[$this->module['main']->current_page]) { // print disabled button - echo "base->order[$i]."\" type=\"submit\" value=\""; - echo $this->base->module[$this->base->order[$i]]->alias; - echo " disabled\">\n
"; + echo "order[$i]."\" type=\"submit\" value=\""; + echo $this->module[$this->order[$i]]->alias; + echo "\" disabled>\n
"; } else { // print normal button - echo "base->order[$i]."\" type=\"submit\" value=\""; - echo $this->base->module[$this->base->order[$i]]->alias; + echo "order[$i]."\" type=\"submit\" value=\""; + echo $this->module[$this->order[$i]]->alias; echo "\">\n
"; } } @@ -284,68 +520,13 @@ class main { echo "\n"; echo "\n"; // display html-code from mdule - $function = '$result = $this->base->module[$this->base->order[$this->current_page]]->display_html_'.$this->subpage.'($_POST);'; + $function = '$result = $this->module[$this->order[$this->module[\'main\']->current_page]]->display_html_'.$this->module['main']->subpage.'($post);'; eval ($function); // Display rest of html-page echo "\n"; echo "\n"; echo "\n"; echo "\n"; - } - - - - } - - -class accountContainer { - // Constructor - function accountContainer($type) { - /* Set the type of account. Valid - * types are: user, group, host - */ - // Check input variable - if (!is_string($type)) trigger_error(_('Argument of accountContainer must be string.'), E_USER_ERROR); - // *** fixme use global variable to determine allowed types - $allowed_types = array ( 'user', 'group', 'host' ); - if (!in_array($type, $allowed_types)) trigger_error(_('Account type not recognized.'), E_USER_ERROR); - $this->type = $type; - $this->lampath = &$_SESSION['lampath']; - $this->ldap = &$_SESSION['ldap']; - $this->cache = &$_SESSION['cache']; - $this->module['main'] = new main($this); - return 0; - } - - /* Array of all used attributes - * Syntax is attribute => array ( objectClass => MUST or MAY, ...) - */ - var $attributes; - /* This variale stores the type - * of account. Current unix, group, host are supported - */ - var $type; - var $lampath; // reference to lampath from Session - var $ldap; // This is a reference to the ldap class in session - var $module; // This is an array with all module objects - // DN of the account - var $dn; - var $dn_orig; - // this are stores the module order - var $order; - - /* Get the type of account. Valid - * types are: user, group, host - */ - function get_type() { - return $this->type; - } - - /* This function asks $this->module['main'] - * what to do next - */ - function continue_main() { - $this->module['main']->main_continue(); return 0; } @@ -354,15 +535,15 @@ class accountContainer { function add_attributes($objectClass) { // loop through every existing objectlass and select current objectClass $line=-1; - for ($i=0; $ildap->objectClasses) || $i==-1; $i++) { - if (strpos($this->ldap->objectClasses[$i], "NAME '$objectClass'")) $line = $i; + for ($i=0; $ildap]->objectClasses) || $i==-1; $i++) { + if (strpos($_SESSION[$this->ldap]->objectClasses[$i], "NAME '$objectClass'")) $line = $i; } // Return error if objectClass isn't found if ($line==-1) trigger_error (sprintf(_("objectClass %s required but not defined in ldap."), $objectClass), E_USER_WARNING); // create array with must-attributes // Get startposition in string - if (strpos($this->ldap->objectClasses[$line], 'MUST (')) { - $string_withtail = substr($this->ldap->objectClasses[$line], strpos($this->ldap->objectClasses[$line], 'MUST (')+6); + if (strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MUST (')) { + $string_withtail = substr($_SESSION[$this->ldap]->objectClasses[$line], strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MUST (')+6); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -375,8 +556,8 @@ class accountContainer { } // create array with may-attributes // Get startposition in string - if (strpos($this->ldap->objectClasses[$line], 'MAY (')) { - $string_withtail = substr($this->ldap->objectClasses[$line], strpos($this->ldap->objectClasses[$line], 'MAY (')+5); + if (strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MAY (')) { + $string_withtail = substr($_SESSION[$this->ldap]->objectClasses[$line], strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MAY (')+5); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -389,24 +570,25 @@ class accountContainer { } // Get attributes of subclasses - while (strpos($this->ldap->objectClasses[$line], "SUP ")) { - $string_withtail = substr($this->ldap->objectClasses[$line], strpos($this->ldap->objectClasses[$line], 'SUP ')+4); + while (strpos($_SESSION[$this->ldap]->objectClasses[$line], "SUP ")) { + $string_withtail = substr($_SESSION[$this->ldap]->objectClasses[$line], strpos($_SESSION[$this->ldap]->objectClasses[$line], 'SUP ')+4); $subclass = substr($string_withtail, 0, strpos($string_withtail, ' ')); // Add account type to object - for ($i=0; $ildap->objectClasses) || $i==-1; $i++) { - if (strpos($this->ldap->objectClasses[$i], "NAME '$subclass'")) $line = $i; + for ($i=0; $ildap]->objectClasses) || $i==-1; $i++) { + if (strpos($_SESSION[$this->ldap]->objectClasses[$i], "NAME '$subclass'")) $line = $i; } // Return error if objectClass isn't found if ($line==-1) trigger_error (sprintf(_("objectClass %s required but not defined in ldap."), $objectClass), E_USER_WARNING); + // create array with must-attributes // Get startposition in string - if (strpos($this->ldap->objectClasses[$line], 'MUST (')) { - $string_withtail = substr($this->ldap->objectClasses[$line], strpos($this->ldap->objectClasses[$line], 'MUST (')+6); + if (strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MUST (')) { + $string_withtail = substr($_SESSION[$this->ldap]->objectClasses[$line], strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MUST (')+6); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); - $may = explode(" $ ", $string); + $must = explode(" $ ", $string); // Ad must foreach ($must as $attribute) { if (!isset($this->attributes[$attribute])) $this->attributes[$attribute][$objectClass] = 'MUST'; @@ -415,14 +597,14 @@ class accountContainer { } // create array with may-attributes // Get startposition in string - if (strpos($this->ldap->objectClasses[$line], 'MAY (')) { - $string_withtail = substr($this->ldap->objectClasses[$line], strpos($this->ldap->objectClasses[$line], 'MAY (')+5); + if (strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MAY (')) { + $string_withtail = substr($_SESSION[$this->ldap]->objectClasses[$line], strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MAY (')+5); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); - $must = explode(" $ ", $string); + $may = explode(" $ ", $string); // Ad may - foreach ($must as $attribute) { + foreach ($may as $attribute) { if (!isset($this->attributes[$attribute])) $this->attributes[$attribute][$objectClass] = 'MAY'; else $this->attributes[$attribute][$objectClass] = 'MAY'; } @@ -449,6 +631,28 @@ class accountContainer { return 0; } + /* This function checks if all MUST-attribtues are set. + * If not it will return an array with all modules + * which have to be set first + */ + function check_attributes() { + $return = array(); + // get named list of attributes + $attributes = array_keys($this->attributes); + for ($i=0; $iattributes[$attributes[$i]]); + for ($j=0; $jattributes[$attributes[$i]][$singleattribute[$j]]=='MUST') { + // Check if attribute is set + if ($this->module[$singleattribute[$j]]->attributes[$attributes[$i]]=='') + if (!in_array($singleattribute[$j], $return)) $return[] = $singleattribute[$j]; + } + } + } + return $return; + } + /* This function adds an objectClass class (module) to accountContainer */ function add_objectClass($objectClass) { @@ -460,9 +664,8 @@ class accountContainer { if ($line==-1) trigger_error (_("objectClass $objectClass required but not defined in ldap."), E_USER_WARNING); else { // Add module if it exists - if (file_exists($this->lampath."/lib/modules/".$objectClass.".inc") == 'file') { - include_once ($this->lampath."/lib/modules/".$objectClass.".inc"); - $this->module[$objectClass] = new $objectClass($this); + if (class_exists($objectClass)) { + $this->module[$objectClass] = new $objectClass($this->base); } else trigger_error (_("objectClass $objectClass required but no module found."), E_USER_WARNING); } @@ -474,8 +677,8 @@ class accountContainer { */ function load_account($dn) { $search = substr($dn, 0, strpos($dn, ',')); - $result = ldap_search($this->ldap->server(), $dn, $search); - $entry = ldap_first_entry($this->ldap->server(), $result); + $result = ldap_search($_SESSION[$this->ldap]->server(), $dn, $search); + $entry = ldap_first_entry($_SESSION[$this->ldap]->server(), $result); $this->dn = substr($dn, strpos($dn, ',')+1); $this->dn_orig = $dn; $attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry); @@ -492,19 +695,21 @@ class accountContainer { // loop until all modules are in order. // We don't want to loop forever $remain = count($module) * count($module); + $order = array(); while ( (count($module) != count($modulelist)) && ($remain!=0) ) { $remain--; foreach ($module as $moduleitem) { - $required = $this->module[$moduleitem]->dependencies; + $required = $this->module[$moduleitem]->dependencies(); $everything_found = true; - if (is_array($required)) + if (is_array($required)) { foreach ($required as $requireditem) if (!in_array($reuquireditem, $modulelist)) $everthing_found = false; - if ($everything_found) $modulelist[] = $moduleitem; + } + if ($everything_found && !in_array($moduleitem, $order) ) $order[] = $moduleitem; } } // Write Module-Order in variable - $this->order = $modulelist; + $this->order = $order; return 0; } @@ -512,34 +717,131 @@ class accountContainer { * for a new account */ function new_account() { - $modulelist = array(); + $modulelist = array('posixAccount', 'shadowAccount'); // *** fixme add modules from config which should be used but not yet in loaded account - $module = array_keys ($this->module); + foreach ($modulelist as $objectClass) $this->add_objectClass($objectClass); + $module = array_keys ($this->module); // loop until all modules are in order. // We don't want to loop forever $remain = count($module) * count($module); + $order = array(); while ( (count($module) != count($modulelist)) && ($remain!=0) ) { $remain--; foreach ($module as $moduleitem) { - $required = $this->module[$moduleitem]->dependencies; + $required = $this->module[$moduleitem]->dependencies(); $everything_found = true; - if (is_array($required)) + if (is_array($required)) { foreach ($required as $requireditem) if (!in_array($reuquireditem, $modulelist)) $everthing_found = false; - if ($everything_found) $modulelist[] = $moduleitem; + } + if ($everything_found && !in_array($moduleitem, $order) ) $order[] = $moduleitem; } } // Write Module-Order in variable - $this->order = $modulelist; + $this->order = $order; + // *** fixme load*Profile must return array in the same way ldap_get_attributes does. + $function = '$newattributes = load'.ucfirst($this->type).'Profile(\'default\');'; + eval($function); + // pass newattributes to each module + //foreach ($module as $module2) + // $this->module[$module2]->load_attributes($newattributes); return 0; } /* This function will load an account. - * $dn is the dn of the account which should be loaded */ function save_account() { + $module = array_keys ($this->module); + $attributes = array(); + // load attributes + foreach ($module as $singlemodule) { + // load changes + $temp = $this->module[$singlemodule]->save_attributes(); + // merge changes + $DNs = array_keys($temp); + $attributes = array_merge_recursive($temp, $attributes); + for ($i=0; $itype=='group') $search = 'cn'; + else $search = 'uid'; + $added = false; + foreach ($attributes as $DN) { + if (isset($DN['modify'][$search][0]) && !$added) { + $attributes[$search.'='.$DN['modify'][$search][0].','.$this->dn] = $attributes[$this->dn]; + unset ($attributes[$this->dn]); + $this->dn = $search.'='.$DN['modify'][$search][0].','.$this->dn; + $added = true; + } + if (isset($DN['add'][$search][0]) && !$added) { + $attributes[$search.'='.$DN['add'][$search][0].','.$this->dn] = $attributes[$this->dn]; + unset ($attributes[$this->dn]); + $this->dn = $search.'='.$DN['add'][$search][0].','.$this->dn; + $added = true; + } + if (isset($DN['notchanged'][$search][0]) && !$added) { + $attributes[$search.'='.$DN['notchanged'][$search][0].','.$this->dn] = $attributes[$this->dn]; + unset ($attributes[$this->dn]); + $this->dn = $search.'='.$DN['notchanged'][$search][0].','.$this->dn; + $added = true; + } + } + // Add old dn if dn hasn't changed + if (!$added) { + $attributes[$this->dn_orig] = $attributes[$this->dn]; + unset ($attributes[$this->dn]); + $this->dn = $this->dn_orig; + } + // Add new DN + if ($this->dn != $this->dn_orig) { + // move existing DN + if ($this->dn_orig!='') { + // merge attributes together + $attr = array_merge_recursive($attributes[$this->dn]['add'], $attributes[$this->dn]['notchanged'], $attributes[$this->dn]['modify']); + $success = @ldap_add($_SESSION[$this->ldap]->server(), $this->dn, $attr); + if ($success) { + $success = @ldap_delete($_SESSION[$this->ldap]->server(), $this->dn_orig); + if (!$success) return array('ERROR', 'LDAP', sprintf(_('Was unable to delete dn: %s.'), $this->dn_orig)); + } + if (!$success) return array('ERROR', 'LDAP', sprintf(_('Was unable to create dn: %s. This is possible a bug. Please check your ldap logs and send a bug report if it is a possible bug.'), $this->dn)); + } + // create complete new dn + else { + $attr = array_merge_recursive($attributes[$this->dn]['add'], $attributes[$this->dn]['notchanged'], $attributes[$this->dn]['modify']); + $success = @ldap_add($_SESSION[$this->ldap]->server(), $this->dn, $attributes[$this->dn]['add']); + if (!$success) return array('ERROR', 'LDAP', sprintf(_('Was unable to create dn: %s. This is possible a bug. Please check your ldap logs and send a bug report if it is a possible bug.'), $this->dn)); + } + unset($attributes[$this->dn]); + } + $DNs = array_keys($attributes); + for ($i=0; $ildap]->server(), $DNs[$i], $attributes[$DNs[$i]]['modify']); + if (!$success) return array('ERROR', 'LDAP', sprintf(_('Was unable to modify attribtues from dn: %s. This is possible a bug. Please check your ldap logs and send a bug report if it is a possible bug.'), $DNs[$i])); + } + // add attributes + if (isset($attributes[$DNs[$i]]['add'])) { + $success = @ldap_mod_add($_SESSION[$this->ldap]->server(), $DNs[$i], $attributes[$DNs[$i]]['add']); + if (!$success) return array('ERROR', 'LDAP', sprintf(_('Was unable to add attribtues to dn: %s. This is possible a bug. Please check your ldap logs and send a bug report if it is a possible bug.'), $DNs[$i])); + } + // removce attributes + if (isset($attributes[$DNs[$i]]['remove'])) { + $success = @ldap_mod_del($_SESSION[$this->ldap]->server(), $DNs[$i], $attributes[$DNs[$i]]['remove']); + if (!$success) return array('ERROR', 'LDAP', sprintf(_('Was unable to remove attribtues from dn: %s. This is possible a bug. Please check your ldap logs and send a bug report if it is a possible bug.'), $DNs[$i])); + } + } + // *** fixme Add lamdaemon.pl + return 0; } } @@ -629,7 +931,7 @@ function getshells() { /* This function will replace umlates with ascci-chars -* fixme +* fixme *** * In order to map all non-ascii characters this function should be changed */ function replace_umlaut($text) { @@ -2933,7 +3235,7 @@ function modifygroup($values,$values_old, $uselamdaemon=true) { for ($i=0; $iadd_objectClass(\'inetOrgPerson\');'), E_USER_ERROR); + if (!$base) trigger_error(_('Please create a base object with $var = new accountContainer();'), E_USER_ERROR); + if (!is_string($base)) trigger_error(_('Please create a new module object with $accountContainer->add_objectClass(\'inetOrgPerson\');'), E_USER_ERROR); + $this->base = $base; // posixAccount is only a valid objectClass for user and host - if ($baseobject->get_type() != 'user') trigger_error(_('inetOrgPerson can only be used for users.'), E_USER_WARNING); - /* Create a reference to basearray so we can read all other modules - * php will avaois recousrion itself - */ - $this->base = &$baseobject; - // Add attributes which should be cached - //$_SESSION['cache']->add_cache(array ('user' => array('cn', 'uid'), 'host' => array('cn', 'uid') )); + if ($_SESSION[$this->base]->get_type() != 'user') trigger_error(_('inetOrgPerson can only be used for users.'), E_USER_WARNING); // Add account type to object $line=-1; - for ($i=0; $ibase->ldap->objectClasses) || $i==-1; $i++) { - if (strpos($this->base->ldap->objectClasses[$i], "NAME 'inetOrgPerson'")) $line = $i; + for ($i=0; $ibase]->ldap]->objectClasses) || $i==-1; $i++) { + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$i], "NAME 'inetOrgPerson'")) $line = $i; } // Return error if objectClass isn't found if ($line==-1) trigger_error (sprintf(_("ObjectClass %s required but not defined in ldap."), 'inetOrgPerson'), E_USER_WARNING); // Add Array with all attributes and type - $baseobject->add_attributes ('inetOrgPerson'); + $_SESSION[$this->base]->add_attributes ('inetOrgPerson'); // create array with must-attributes // Get startposition in string - if (strpos($this->base->ldap->objectClasses[$line], 'MUST (')) { - $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MUST (')+6); + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')+6); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -85,8 +79,8 @@ class inetOrgPerson { } // create array with may-attributes // Get startposition in string - if (strpos($this->base->ldap->objectClasses[$line], 'MAY (')) { - $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MAY (')+5); + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')+5); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -96,12 +90,12 @@ class inetOrgPerson { } } // Get attributes of subclasses - while (strpos($this->base->ldap->objectClasses[$line], "SUP ")) { - $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'SUP ')+4); + while (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], "SUP ")) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'SUP ')+4); $subclass = substr($string_withtail, 0, strpos($string_withtail, ' ')); // Add account type to object - for ($i=0; $ibase->ldap->objectClasses) || $i==-1; $i++) { - if (strpos($this->base->ldap->objectClasses[$i], "NAME '$subclass'")) $line = $i; + for ($i=0; $ibase]->ldap]->objectClasses) || $i==-1; $i++) { + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$i], "NAME '$subclass'")) $line = $i; } // Return error if objectClass isn't found // *** fixme, fix error message @@ -109,8 +103,8 @@ class inetOrgPerson { // create array with must-attributes // Get startposition in string - if (strpos($this->base->ldap->objectClasses[$line], 'MUST (')) { - $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MUST (')+6); + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')+6); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -121,8 +115,8 @@ class inetOrgPerson { } // create array with may-attributes // Get startposition in string - if (strpos($this->base->ldap->objectClasses[$line], 'MAY (')) { - $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MAY (')+5); + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')+5); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -133,7 +127,12 @@ class inetOrgPerson { } } $this->orig = $this->attributes ; + $this->attributes['objectClass'][0] = 'inetOrgPerson'; + if (isset($this->attributes['userPassword'])) unset($this->attributes['userPassword']); $this->alias = _('inetOrgPerson'); + // Add attributes which should be cached + $_SESSION[$_SESSION[$this->base]->cache]->add_cache(array ('user' => array('uid'), 'host' => array('uid'))); + } // Variables @@ -160,24 +159,21 @@ class inetOrgPerson { * new password will be stored encrypted */ function userPassword($newpassword=false) { - // Read existing password if set - if (!$newpassword) { - if ($this->attributes['userPassword'][0]!='') { - $iv = base64_decode($_COOKIE["IV"]); - $key = base64_decode($_COOKIE["Key"]); - $password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($this->attributes['userPassword'][0]), MCRYPT_MODE_ECB, $iv); - $password = str_replace(chr(00), '', $password); - return $password; - } - else return ''; - } - // Write new password - else { + if (is_string($newpassword)) { + // Write new password $iv = base64_decode($_COOKIE["IV"]); $key = base64_decode($_COOKIE["Key"]); $this->attributes['userPassword'][0] = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $newpassword, MCRYPT_MODE_ECB, $iv)); return 0; } + else { + // Read existing password if set + $iv = base64_decode($_COOKIE["IV"]); + $key = base64_decode($_COOKIE["Key"]); + $password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($this->attributes['userPassword'][0]), MCRYPT_MODE_ECB, $iv); + $password = str_replace(chr(00), '', $password); + return $password; + } } /* This function returns a list with all required modules @@ -188,59 +184,61 @@ class inetOrgPerson { /* Write variables into object and do some regexp checks */ - function proccess_attributes() { + function proccess_attributes($post) { // Load attributes - if (($this->attributes['uid'] != $_POST['form_inetOrgPerson_uid']) && ereg('[A-Z]$', $_POST['form_inetOrgPerson_uid'])) + if (($this->attributes['uid'][0] != $post['form_inetOrgPerson_uid']) && ereg('[A-Z]$', $post['form_inetOrgPerson_uid'])) $errors[] = array('WARN', _('Username'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.')); - $this->attributes['uid'] = $_POST['form_inetOrgPerson_uid']; - $this->attributes['cn'] &= $this->attributes['uid']; - $this->attributes['description'] = $_POST['form_inetOrgPerson_description']; - $this->attributes['sn'] = $_POST['form_inetOrgPerson_sn']; - $this->attributes['givenName'] = $_POST['form_inetOrgPerson_givenName']; - $this->attributes['title'] = $_POST['form_inetOrgPerson_title']; - $this->attributes['mail'] = $_POST['form_inetOrgPerson_mail']; - $this->attributes['telephoneNumber'] = $_POST['form_inetOrgPerson_telephoneNumber']; - $this->attributes['mobileTelephoneNumber'] = $_POST['form_inetOrgPerson_mobileTelephoneNumber']; - $this->attributes['facsimileTelephoneNumber'] = $_POST['form_inetOrgPerson_facsimileTelephoneNumber']; - $this->attributes['street'] = $_POST['form_inetOrgPerson_street']; - $this->attributes['postalCode'] = $_POST['form_inetOrgPerson_postalCode']; - $this->attributes['postalAddress'] = $_POST['form_inetOrgPerson_postalAddress']; - $this->attributes['employeeType'] = $_POST['form_inetOrgPerson_employeeType']; + $this->attributes['uid'][0] = $post['form_inetOrgPerson_uid']; + $this->attributes['cn'][0] &= $this->attributes['uid'][0]; + $this->attributes['description'][0] = $post['form_inetOrgPerson_description']; + $this->attributes['sn'][0] = $post['form_inetOrgPerson_sn']; + $this->attributes['givenName'][0] = $post['form_inetOrgPerson_givenName']; + $this->attributes['title'][0] = $post['form_inetOrgPerson_title']; + $this->attributes['mail'][0] = $post['form_inetOrgPerson_mail']; + $this->attributes['telephoneNumber'][0] = $post['form_inetOrgPerson_telephoneNumber']; + $this->attributes['mobileTelephoneNumber'][0] = $post['form_inetOrgPerson_mobileTelephoneNumber']; + $this->attributes['facsimileTelephoneNumber'][0] = $post['form_inetOrgPerson_facsimileTelephoneNumber']; + $this->attributes['street'][0] = $post['form_inetOrgPerson_street']; + $this->attributes['postalCode'][0] = $post['form_inetOrgPerson_postalCode']; + $this->attributes['postalAddress'][0] = $post['form_inetOrgPerson_postalAddress']; + $this->attributes['employeeType'][0] = $post['form_inetOrgPerson_employeeType']; - if ($_POST['form_inetOrgPerson_userPassword_no']) $this->userPassword_no=true; + if ($post['form_inetOrgPerson_userPassword_no']) $this->userPassword_no=true; else $this->userPassword_no=false; - if ($_POST['form_inetOrgPerson_userPassword_lock']) $this->userPassword_lock=true; + if ($post['form_inetOrgPerson_userPassword_lock']) $this->userPassword_lock=true; else $this->userPassword_lock=false; - if (isset($_POST['form_inetOrgPerson_userPassword'])) { - if ($_POST['form_inetOrgPerson_userPassword'] != $_POST['form_inetOrgPerson_userPassword2']) { + if (isset($post['form_inetOrgPerson_userPassword'])) { + if ($post['form_inetOrgPerson_userPassword'] != $post['form_inetOrgPerson_userPassword2']) { $errors[] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.')); - unset ($_POST['form_inetOrgPerson_userPassword2']); + unset ($post['form_inetOrgPerson_userPassword2']); } - else $this->userPassword($_POST['form_inetOrgPerson_userPassword']); + else $this->userPassword($post['form_inetOrgPerson_userPassword']); } - if ($_POST['form_inetOrgPerson_genpass']) $this->userPassword(genpasswd()); + if ($post['form_inetOrgPerson_genpass']) $this->userPassword(genpasswd()); // Check if givenname is valid - if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $this->attributes['givenName'])) $errors[] = array('ERROR', _('Given name'), _('Given name contains invalid characters')); + if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $this->attributes['givenName'][0])) $errors[] = array('ERROR', _('Given name'), _('Given name contains invalid characters')); // Check if surname is valid - if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $this->attributes['sn'])) $errors[] = array('ERROR', _('Surname'), _('Surname contains invalid characters')); + if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $this->attributes['sn'][0])) $errors[] = array('ERROR', _('Surname'), _('Surname contains invalid characters')); // Check if Username contains only valid characters - if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*$', $this->attributes['uid'])) + if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+$', $this->attributes['uid'][0])) $errors[] = array('ERROR', _('Username'), _('Username contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !')); // Create automatic useraccount with number if original user already exists // Reset name to original name if new name is in use // Set username back to original name if new username is in use - if ($this->base->cache->in_cache($this->attributes['uid'],'uid', '*')!=$this->orig['uid'] && ($this->orig['uid']!='')) $this->attributes['uid'] = $this->orig['uid']; + if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['uid'][0],'uid', '*')!=false && ($this->orig['uid'][0]!='')) { + $this->attributes['uid'][0] = $this->orig['uid'][0]; + } // Change uid to a new uid until a free uid is found - while ($this->base->cache->in_cache($this->attributes['uid'], 'uid', '*')) { + else while ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['uid'][0], 'uid', '*')) { // get last character of username - $lastchar = substr($this->attributes['uid'], strlen($this->attributes['uid'])-1, 1); + $lastchar = substr($this->attributes['uid'][0], strlen($this->attributes['uid'][0])-1, 1); // Last character is no number if ( !ereg('^([0-9])+$', $lastchar)) /* Last character is no number. Therefore we only have to * add "2" to it. */ - $this->attributes['uid'] = $this->attributes['uid'] . '2'; + $this->attributes['uid'][0] = $this->attributes['uid'][0] . '2'; else { /* Last character is a number -> we have to increase the number until we've * found a groupname with trailing number which is not in use. @@ -248,34 +246,34 @@ class inetOrgPerson { * $i will show us were we have to split groupname so we get a part * with the groupname and a part with the trailing number */ - $i=strlen($this->attributes['uid'])-1; + $i=strlen($this->attributes['uid'][0])-1; $mark = false; // Set $i to the last character which is a number in $account_new->general_username - while (!$mark) { - if (ereg('^([0-9])+$',substr($this->attributes['uid'], $i, strlen($this->attributes['uid'])-$i))) $i--; + while (!$mark) { + if (ereg('^([0-9])+$',substr($this->attributes['uid'][0], $i, strlen($this->attributes['uid'][0])-$i))) $i--; else $mark=true; } // increase last number with one - $firstchars = substr($this->attributes['uid'], 0, $i+1); - $lastchars = substr($this->attributes['uid'], $i+1, strlen($this->attributes['uid'])-$i); + $firstchars = substr($this->attributes['uid'][0], 0, $i+1); + $lastchars = substr($this->attributes['uid'][0], $i+1, strlen($this->attributes['uid'][0])-$i); // Put username together - $this->attributes['uid'] = $firstchars . (intval($lastchars)+1); + $this->attributes['uid'][0] = $firstchars . (intval($lastchars)+1); } } // Show warning if lam has changed username - if ($this->attributes['uid'] != $_POST['form_inetOrgPerson_uid']) $errors[] = array('WARN', _('Username'), _('Username in use. Selected next free username.')); + if ($this->attributes['uid'][0] != $post['form_inetOrgPerson_uid']) $errors[] = array('WARN', _('Username'), _('Username in use. Selected next free username.')); if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $this->userPassword())) $errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !')); - if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['telephoneNumber'])) $errors[] = array('ERROR', _('Telephone number'), _('Please enter a valid telephone number!')); - if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['mobileTelephoneNumber'])) $errors[] = array('ERROR', _('Mobile number'), _('Please enter a valid mobile number!')); - if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['facsimileTelephoneNumber'])) $errors[] = array('ERROR', _('Fax number'), _('Please enter a valid fax number!')); - if ( !ereg('^(([0-9]|[A-Z]|[a-z]|[.]|[-]|[_])+[@]([0-9]|[A-Z]|[a-z]|[-])+([.]([0-9]|[A-Z]|[a-z]|[-])+)*)*$', $this->attributes['mail'])) $errors[] = array('ERROR', _('eMail address'), _('Please enter a valid eMail address!')); - if ( !ereg('^([0-9]|[A-Z]|[a-z]|[-]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['street'])) $errors[] = array('ERROR', _('Street'), _('Please enter a valid street name!')); - if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['postalAddress'])) $errors[] = array('ERROR', _('Postal address'), _('Please enter a valid postal address!')); - if ( !ereg('^([0-9]|[A-Z]|[a-z]|[-]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['title'])) $errors[] = array('ERROR', _('Title'), _('Please enter a valid title!')); - if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['employeeType'])) $errors[] = array('ERROR', _('Employee type'), _('Please enter a valid employee type!')); - if ( !ereg('^([0-9]|[A-Z]|[a-z])*$', $this->attributes['personal_postalCode'])) $errors[] = array('ERROR', _('Postal code'), _('Please enter a valid postal code!')); + if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['telephoneNumber'][0])) $errors[] = array('ERROR', _('Telephone number'), _('Please enter a valid telephone number!')); + if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['mobileTelephoneNumber'][0])) $errors[] = array('ERROR', _('Mobile number'), _('Please enter a valid mobile number!')); + if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['facsimileTelephoneNumber'][0])) $errors[] = array('ERROR', _('Fax number'), _('Please enter a valid fax number!')); + if ( !ereg('^(([0-9]|[A-Z]|[a-z]|[.]|[-]|[_])+[@]([0-9]|[A-Z]|[a-z]|[-])+([.]([0-9]|[A-Z]|[a-z]|[-])+)*)*$', $this->attributes['mail'][0])) $errors[] = array('ERROR', _('eMail address'), _('Please enter a valid eMail address!')); + if ( !ereg('^([0-9]|[A-Z]|[a-z]|[-]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['street'][0])) $errors[] = array('ERROR', _('Street'), _('Please enter a valid street name!')); + if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['postalAddress'][0])) $errors[] = array('ERROR', _('Postal address'), _('Please enter a valid postal address!')); + if ( !ereg('^([0-9]|[A-Z]|[a-z]|[-]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['title'][0])) $errors[] = array('ERROR', _('Title'), _('Please enter a valid title!')); + if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['employeeType'][0])) $errors[] = array('ERROR', _('Employee type'), _('Please enter a valid employee type!')); + if ( !ereg('^([0-9]|[A-Z]|[a-z])*$', $this->attributes['personal_postalCode'][0])) $errors[] = array('ERROR', _('Postal code'), _('Please enter a valid postal code!')); // Return error-messages if (is_array($errors)) return $errors; return 0; @@ -294,14 +292,15 @@ class inetOrgPerson { for ($i=0; $iattributes[$attribute])) { + if (isset($this->orig[$attribute])) { + $this->orig[$attribute] = $attr[$attribute]; // decode as unicode - $this->attributes[$attribute] = $attr[$attribute]; - for ($i=0; $iattributes[$attribute]); $i++) $this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]); + for ($i=0; $iorig[$attribute]); $i++) $this->orig[$attribute][$i] = utf8_decode ($this->orig[$attribute][$i]); } } // Values are kept as copy so we can compare old attributes with new attributes - $this->orig = $this->attributes; + $this->orig['objectClass'][0] = 'inetOrgPerson'; + $this->attributes = $this->orig; $this->userPassword(''); // Remove old password so it won't displayed as hash return 0; } @@ -316,59 +315,80 @@ class inetOrgPerson { * remove are attributes which have to be removed from ldap entry */ function save_attributes() { - // Get list off all attributes - $attributes = $this->orig; - // Remove attributes which are not as easy to set - unset ($attributes['userPassword']); // Get list of all "easy" attributes - $attr_names = array_keys($attributes); - foreach ($attr_names as $attr_name) { - if (count($this->attributes[$attr_name])!=0 && count($this->orig[$attr_name])==0) $return[$this->base['dn']]['add'][$attr_name] = $this->attributes[$attr_name]; - if (count($this->attributes[$attr_name])!=0 && count($this->orig[$attr_name])!=0) { - // We have to check every single attribute - // Get attributes which should be added - $attributes = array_delete($this->orig[$attr_name], $this->attributes[$attr_name]); - // Encode as unicode - for ($i=0; $ibase['dn']]['add'][$attr_name] = $attributes; - // Get attributes which should be removed - $attributes = array_delete($this->attributes[$attr_name], $this->orig[$attr_name]); - // Encode as unicode - for ($i=0; $ibase['dn']]['remove'][$attr_name] = $attributes; + $attr_names = array_keys($this->attributes); + // Get attributes which should be added + for ($i=0; $iorig[$attr_names[$i]]); $j++) { + if (is_array($this->attributes[$attr_names[$i]])) { + if (!in_array($this->orig[$attr_names[$i]][$j], $this->attributes[$attr_names[$i]])) + if ($this->orig[$attr_names[$i]][$j]!='') $torem[$attr_names[$i]][] =utf8_encode($this->orig[$attr_names[$i]][$j]); + } + else if ($this->orig[$attr_names[$i]][$j]!='') $torem[$attr_names[$i]][] = utf8_encode($this->orig[$attr_names[$i]][$j]); + } + for ($j=0; $jattributes[$attr_names[$i]]); $j++) { + if (is_array($this->orig[$attr_names[$i]])) { + if (!in_array($this->attributes[$attr_names[$i]][$j], $this->orig[$attr_names[$i]])) + if ($this->attributes[$attr_names[$i]][$j]!='') $toadd[$attr_names[$i]][] = utf8_encode($this->attributes[$attr_names[$i]][$j]); + } + else if ($this->attributes[$attr_names[$i]][$j]!='') $toadd[$attr_names[$i]][] = utf8_encode($this->attributes[$attr_names[$i]][$j]); + } + for ($j=0; $jattributes[$attr_names[$i]]); $j++) { + if (is_array($this->orig[$attr_names[$i]]) && is_array($this->attributes[$attr_names[$i]])) { + if (($this->attributes[$attr_names[$i]][$j]==$this->orig[$attr_names[$i]][$j]) && $this->attributes[$attr_names[$i]][$j]!='') + $notchanged[$attr_names[$i]][] = utf8_encode($this->attributes[$attr_names[$i]][$j]); + } } - if (count($this->attributes[$attr_name])==0 && count($this->orig[$attr_name])!=0) $return[$this->base['dn']]['remove'][$attr_name] = $this->orig[$attr_name]; } + // create modify wuth add and remove + if (is_array($toadd)) { + $attributes = array_keys($toadd); + for ($i=0; $ibase]->dn]['add'] = $toadd; + if (count($torem)!=0) $return[$_SESSION[$this->base]->dn]['remove'] = $torem; + if (count($tomodify)!=0) $return[$_SESSION[$this->base]->dn]['modify'] = $tomodify; + if (count($notchanged)!=0) $return[$_SESSION[$this->base]->dn]['notchanged'] = $notchanged; // Set unix password if (count($this->orig['userPassword'])==0) { // New user or no old password set if ($this->userPassword_no) { - $return[$this->base['dn']]['add']['userPassword'][0] = pwd_hash ('', !$this->userPassword_lock); + $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash ('', !$this->userPassword_lock); } - else $return[$this->base['dn']]['add']['userPassword'][0] = utf8_encode(pwd_hash ($this->userPassword(), !$this->userPassword_lock)); + else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_hash ($this->userPassword(), !$this->userPassword_lock)); } else { if ($this->userPassword()!='' || $this->userPassword_no) { // Write new password - $return[$this->base['dn']]['remove']['userPassword'] = utf8_encode($this->orig['userPassword']); - if ($this->userPassword_no) $return[$this->base['dn']]['modify']['userPassword'][0] = pwd_hash ('', !$this->userPassword_lock); - else $return[$this->base['dn']]['modify']['userPassword'][0] = utf8_encode(pwd_hash ($this->userPassword(), !$this->userPassword_lock)); + if ($this->userPassword_no) $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash ('', !$this->userPassword_lock); + else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_hash ($this->userPassword(), !$this->userPassword_lock)); } else { // No new password but old password // (un)lock password - if ($this->userPassword_lock == pwd_is_enabled($this->orig['userPassword'])) { + if ($this->userPassword_lock == pwd_is_enabled($this->orig['userPassword'][0])) { // Split old password hash in {CRYPT} and password-hash $i = 0; - while ($this->orig['userPassword']{$i} != '}') $i++; - $passwd = substr($this->orig['userPassword'], $i+1 ); - $crypt = substr($this->orig['userPassword'], 0, $i+1 ); + while ($this->orig['userPassword'][0]{$i} != '}') $i++; + $passwd = substr($this->orig['userPassword'][0], $i+1 ); + $crypt = substr($this->orig['userPassword'][0], 0, $i+1 ); // remove trailing ! from password hash if ($passwd{0} == '!') $passwd = substr($passwd, 1); // Write new password - $return[$this->base['dn']]['remove']['userPassword'] = utf8_encode($this->orig['userPassword']); - if ($this->userPassword_lock) $return[$this->base['dn']]['modify']['userPassword'][0] = utf8_encode("$crypt!$passwd"); - else $return[$this->base['dn']]['modify']['userPassword'][0] = utf8_encode("$crypt$passwd"); + if ($this->userPassword_lock) $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode("$crypt!$passwd"); + else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode("$crypt$passwd"); } } } @@ -389,7 +409,7 @@ class inetOrgPerson { * to show a page with all attributes. * It will output a complete html-table */ - function display_html_attributes() { + function display_html_attributes($post) { echo "\n\n"; echo '\n"; @@ -409,7 +429,7 @@ class inetOrgPerson { echo "\n"; echo "\n"; echo "\n"; echo "\n"; @@ -423,8 +443,8 @@ class inetOrgPerson { echo "\n"; echo "\n"; echo "\n"; - echo "\n"; echo "\n"; echo "\n"; diff --git a/lam/lib/modules/posixAccount.inc b/lam/lib/modules/posixAccount.inc index 8f56c8ff..ca251d07 100644 --- a/lam/lib/modules/posixAccount.inc +++ b/lam/lib/modules/posixAccount.inc @@ -54,37 +54,33 @@ $Id$ */ class posixAccount { // Constructor - function posixAccount(&$baseobject) { + function posixAccount($base) { /* Return an error if posixAccount should be created without * base container */ - if (!$baseobject) trigger_error(_('Please create a base object with $var = new accountContainer();'), E_USER_ERROR); - // Check if $baseobject is an array - if (!is_object($baseobject)) trigger_error(_('Please create a new module object with $accountContainer->add_objectClass(\'posixAccount\');'), E_USER_ERROR); + if (!$base) trigger_error(_('Please create a base object with $var = new accountContainer();'), E_USER_ERROR); + if (!is_string($base)) trigger_error(_('Please create a new module object with $accountContainer->add_objectClass(\'posixAccount\');'), E_USER_ERROR); + $this->base = $base; // posixAccount is only a valid objectClass for user and host - if (!($baseobject->get_type() == 'user' || $baseobject->get_type() != 'host')) trigger_error(_('posixAccount can only be used for users or hosts.'), E_USER_WARNING); - /* Create a reference to basearray so we can read all other modules - * php will avaois recousrion itself - */ - $this->base = &$baseobject; + if (!($_SESSION[$this->base]->get_type() == 'user' || $_SESSION[$this->base]->get_type() != 'host')) trigger_error(_('posixAccount can only be used for users or hosts.'), E_USER_WARNING); /* Check if ldap conatiner is in array and set type * users are using inetOrgPerson-, hosts account-container */ - if (!isset($this->base->module['inetOrgPerson']) && $this->base->type=='user') $this->base->add_objectClass('inetOrgPerson'); - if (!isset($this->base->module['account']) && $this->base->type=='host') $this->base->add_objectClass('account'); + if (!isset($_SESSION[$this->base]->module['inetOrgPerson']) && $_SESSION[$this->base]->type=='user') $_SESSION[$this->base]->add_objectClass('inetOrgPerson'); + if (!isset($_SESSION[$this->base]->module['account']) && $_SESSION[$this->base]->type=='host') $_SESSION[$this->base]->add_objectClass('account'); // Add account type to object $line=-1; - for ($i=0; $ibase->ldap->objectClasses) || $i==-1; $i++) { - if (strpos($this->base->ldap->objectClasses[$i], "NAME 'posixAccount'")) $line = $i; + for ($i=0; $ibase]->ldap]->objectClasses) || $i==-1; $i++) { + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$i], "NAME 'posixAccount'")) $line = $i; } // Return error if objectClass isn't found if ($line==-1) trigger_error (sprintf(_("ObjectClass %s required but not defined in ldap."), 'posixAccount'), E_USER_WARNING); // Add Array with all attributes and type - $baseobject->add_attributes ('posixAccount'); + $_SESSION[$this->base]->add_attributes ('posixAccount'); // create array with must-attributes // Get startposition in string - if (strpos($this->base->ldap->objectClasses[$line], 'MUST (')) { - $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MUST (')+6); + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')+6); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -95,8 +91,8 @@ class posixAccount { } // create array with may-attributes // Get startposition in string - if (strpos($this->base->ldap->objectClasses[$line], 'MAY (')) { - $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MAY (')+5); + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')+5); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -106,12 +102,12 @@ class posixAccount { } } // Get attributes of subclasses - while (strpos($this->base->ldap->objectClasses[$line], "SUP ")) { - $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'SUP ')+4); + while (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], "SUP ")) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'SUP ')+4); $subclass = substr($string_withtail, 0, strpos($string_withtail, ' ')); // Add account type to object - for ($i=0; $ibase->ldap->objectClasses) || $i==-1; $i++) { - if (strpos($this->base->ldap->objectClasses[$i], "NAME '$subclass'")) $line = $i; + for ($i=0; $ibase]->ldap]->objectClasses) || $i==-1; $i++) { + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$i], "NAME '$subclass'")) $line = $i; } // Return error if objectClass isn't found // *** fixme, fix error message @@ -119,8 +115,8 @@ class posixAccount { // create array with must-attributes // Get startposition in string - if (strpos($this->base->ldap->objectClasses[$line], 'MUST (')) { - $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MUST (')+6); + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')+6); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -131,8 +127,8 @@ class posixAccount { } // create array with may-attributes // Get startposition in string - if (strpos($this->base->ldap->objectClasses[$line], 'MAY (')) { - $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MAY (')+5); + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')+5); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -144,7 +140,7 @@ class posixAccount { } $this->alias = _('posixAccount'); // Add attributes which should be cached - $_SESSION['cache']->add_cache(array ('user' => array('cn', 'uid', 'uidNumber'), 'host' => array('cn', 'uid', 'uidNumber'), 'group' => array('cn', 'memberUid'))); + $_SESSION[$_SESSION[$this->base]->cache]->add_cache(array ('user' => array('cn', 'uid', 'uidNumber'), 'host' => array('cn', 'uid', 'uidNumber'), 'group' => array('cn', 'memberUid'))); /* Check if at least one group does exist in ldap */ $groups = findgroups(); // list of all groupnames @@ -152,19 +148,20 @@ class posixAccount { // Make references to attributes which already esists in ldap $newattributes = array_keys($this->attributes); - $module = array_keys($this->base->module); + $module = array_keys($_SESSION[$this->base]->module); // fixme *** do we have to unset module posixAccuont itself for ($i=0; $ibase->module[$module[$i]]->attributes[$attribute])) $this->attributes[$attribute] = &$this->base->module[$module[$i]]->attributes[$attribute]; + if (isset($_SESSION[$this->base]->module[$module[$i]]->attributes[$attribute])) $this->attributes[$attribute] =& $_SESSION[$this->base]->module[$module[$i]]->attributes[$attribute]; } $this->orig = $this->attributes ; + $this->attributes['objectClass'][0] = 'posixAccount'; } // Variables // Alias Name. This name is shown in the menu instead of posixAccount var $alias; - // reference to base-array so we can read other classes in basearray + // name of accountContainer so we can read other classes in accuontArray var $base; // This variable contains all inetOrgPerson attributes @@ -182,48 +179,48 @@ class posixAccount { /* This function returns a list with all required modules */ function dependencies() { - if ($this->base['type']=='user') return array('inetOrgPerson'); - if ($this->base['type']=='host') return array('account'); + if ($_SESSION[$this->base]->type=='user') return array('inetOrgPerson'); + if ($_SESSION[$this->base]->type=='host') return array('account'); // return error if unsupported type is used return -1; } /* Write variables into object and do some regexp checks */ - function proccess_attributes() { + function proccess_attributes($post) { // Load attributes - $this->attributes['uidNumber'] = $_POST['form_posixAccount_uidNumber']; - $this->attributes['gidNumber'] = getgrnam($_POST['form_posixAccount_gidNumber']); - $this->attributes['homeDirectory'] = $_POST['form_posixAccount_homeDirectory']; - $this->attributes['loginShell'] = $_POST['form_posixAccount_loginShell']; - $this->attributes['gecos'] = $_POST['form_posixAccount_gecos']; + $this->attributes['uidNumber'][0] = $post['form_posixAccount_uidNumber']; + $this->attributes['gidNumber'][0] = getgrnam($post['form_posixAccount_gidNumber']); + $this->attributes['homeDirectory'][0] = $post['form_posixAccount_homeDirectory']; + $this->attributes['loginShell'][0] = $post['form_posixAccount_loginShell']; + $this->attributes['gecos'][0] = $post['form_posixAccount_gecos']; // Check if UID is valid. If none value was entered, the next useable value will be inserted // load min and may uidNumber - if ($this->base['type']=='user') { - $minID = intval($_SESSION['config']->get_minUID()); - $maxID = intval($_SESSION['config']->get_maxUID()); + if ($_SESSION[$this->base]['type']=='user') { + $minID = intval($_SESSION[$_SESSION[$this->base]->config]->get_minUID()); + $maxID = intval($_SESSION[$_SESSION[$this->base]->config]->get_maxUID()); } else { - $minID = intval($_SESSION['config']->get_minMachine()); - $maxID = intval($_SESSION['config']->get_maxMachine()); + $minID = intval($_SESSION[$_SESSION[$this->base]->config]->get_minMachine()); + $maxID = intval($_SESSION[$_SESSION[$this->base]->config]->get_maxMachine()); } - $dn_uids = $this->base->cache->get_cache('uidNumber', 'posixAccount', '*'); + $dn_uids = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('uidNumber', 'posixAccount', '*'); // get_cache will return an array ( dn1 => array(uidnumber1), dn2 => array(uidnumber2), ... ) foreach ($dn_uids as $uid) $uids[] = $uid[0]; if(is_array($uids)) sort ($uids, SORT_NUMERIC); - if ($this->attributes['uidNumber']=='') { + if ($this->attributes['uidNumber'][0]=='') { // No id-number given - if ($this->orig['uidNumber']=='') { + if ($this->orig['uidNumber'][0]=='') { // new account -> we have to find a free id-number if (count($uids)!=0) { // There are some uids // Store highest id-number $id = $uids[count($uids)-1]; // Return minimum allowed id-number if all found id-numbers are too low - if ($id < $minID) $this->attributes['uidNumber'] = $minID; + if ($id < $minID) $this->attributes['uidNumber'][0] = $minID; // Return higesht used id-number + 1 if it's still in valid range - if ($id < $maxID) $this->attributes['uidNumber'] = $id+1; + if ($id < $maxID) $this->attributes['uidNumber'][0] = $id+1; /* If this function is still running we have to fid a free id-number between * the used id-numbers */ @@ -232,53 +229,53 @@ class posixAccount { if ($i>$maxID) $errors[] = array('ERROR', _('ID-Number'), _('No free ID-Number!')); else { - $this->attributes['uidNumber'] = $i; + $this->attributes['uidNumber'][0] = $i; $errors[] = array('WARN', _('ID-Number'), _('It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.')); } } - else $this->attributes['uidNumber'] = $minID; + else $this->attributes['uidNumber'][0] = $minID; // return minimum allowed id-number if no id-numbers are found } - else $this->attributes['uidNumber'] = $this->orig['uidNumber']; + else $this->attributes['uidNumber'][0] = $this->orig['uidNumber'][0]; // old account -> return id-number which has been used } else { // Check manual ID // id-number is out of valid range - if ( $this->attributes['uidNumber'] < $minID || $this->attributes['uidNumber'] > $maxID) $errors[] = array('ERROR', _('ID-Number'), sprintf(_('Please enter a value between %s and %s!'), $minID, $maxID)); + if ( ($this->attributes['uidNumber'][0]!=$post['form_posixAccount_uidNumber']) && ($this->attributes['uidNumber'][0] < $minID || $this->attributes['uidNumber'][0] > $maxID)) $errors[] = array('ERROR', _('ID-Number'), sprintf(_('Please enter a value between %s and %s!'), $minID, $maxID)); // $uids is allways an array but not if no entries were found if (is_array($uids)) { // id-number is in use and account is a new account - if ((in_array($this->attributes['uidNumber'], $uids)) && $this->orig['uidNumber']=='') $errors[] = array('ERROR', _('ID-Number'), _('ID is already in use')); + if ((in_array($this->attributes['uidNumber'][0], $uids)) && $this->orig['uidNumber'][0]=='') $errors[] = array('ERROR', _('ID-Number'), _('ID is already in use')); // id-number is in use, account is existing account and id-number is not used by itself - if ((in_array($this->attributes['uidNumber'], $uids)) && $this->orig['uidNumber']!='' && ($this->orig['uidNumber'] != $this->attributes['uidNumber']) ) { + if ((in_array($this->attributes['uidNumber'][0], $uids)) && $this->orig['uidNumber'][0]!='' && ($this->orig['uidNumber'][0] != $this->attributes['uidNumber'][0]) ) { $errors[] = array('ERROR', _('ID-Number'), _('ID is already in use')); - $this->attributes['uidNumber'] = $this->orig['uidNumber']; + $this->attributes['uidNumber'][0] = $this->orig['uidNumber'][0]; } } } // Check if Homedir is valid - $this->attributes['homeDirectory'] = str_replace('$group', getgrnam($this->attributes['gidNumber']), $this->attributes['homeDirectory']); - if ($this->attributes['uid'] != '') - $this->attributes['homeDirectory'] = str_replace('$user', $this->attributes['uid'], $this->attributes['homeDirectory']); - if ($this->attributes['homeDirectory'] != $_POST['form_posixAccount_homeDirectory']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.')); - if ( !ereg('^[/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*([/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*)*$', $this->attributes['homeDirectory'] )) + $this->attributes['homeDirectory'][0] = str_replace('$group', getgrnam($this->attributes['gidNumber'][0]), $this->attributes['homeDirectory'][0]); + if ($this->attributes['uid'][0] != '') + $this->attributes['homeDirectory'][0] = str_replace('$user', $this->attributes['uid'][0], $this->attributes['homeDirectory'][0]); + if ($this->attributes['homeDirectory'][0] != $post['form_posixAccount_homeDirectory']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.')); + if ( !ereg('^[/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*([/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*)*$', $this->attributes['homeDirectory'][0] )) $errors[] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.')); // Return error-messages if (is_array($errors)) return $errors; // Go to additional group page when no error did ocour and button was pressed - if ($_POST['form_posixAccount_addgroup']) return 'group'; + if ($post['form_posixAccount_addgroup']) return 'group'; return 0; } /* Write variables into object and do some regexp checks */ - function process_groups() { + function proccess_group($post) { do { // X-Or, only one if() can be true - if (isset($_POST['form_posixAccount_addgroups']) && isset($_POST['form_posixAccount_addgroups_button'])) { // Add groups to list + if (isset($post['form_posixAccount_addgroups']) && isset($post['form_posixAccount_addgroups_button'])) { // Add groups to list // Add new group - $this->groups = @array_merge($this->groups, $_POST['form_posixAccount_addgroups']); + $this->groups = @array_merge($this->groups, $post['form_posixAccount_addgroups']); // remove doubles $this->groups = @array_flip($this->groups); array_unique($this->groups); @@ -287,13 +284,13 @@ class posixAccount { sort($this->groups); break; } - if (isset($_POST['form_posixAccount_removegroups']) && isset($_POST['form_posixAccount_removegroups_button'])) { // remove groups from list - $this->groups = array_delete($_POST['form_posixAccount_removegroups'], $this->groups); + if (isset($post['form_posixAccount_removegroups']) && isset($post['form_posixAccount_removegroups_button'])) { // remove groups from list + $this->groups = array_delete($post['form_posixAccount_removegroups'], $this->groups); break; } } while(0); - if (isset($_POST['form_posixAccount_addgroups_button']) || isset($_POST['form_posixAccount_removegroups_button'])) return 'group'; - if ($_POST['form_posixAccount_toattributes']) return 'attributes'; + if (isset($post['form_posixAccount_addgroups_button']) || isset($post['form_posixAccount_removegroups_button'])) return 'group'; + if ($post['form_posixAccount_toattributes']) return 'attributes'; return 0; } @@ -319,8 +316,9 @@ class posixAccount { } // Values are kept as copy so we can compare old attributes with new attributes $this->orig = $this->attributes; + $this->attributes['objectClass'][0] = 'posixAccount'; // get all additional groupmemberships - $dn_groups = $this->base->cache->get_cache('memberUid', 'posixGroup', 'group'); + $dn_groups = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('memberUid', 'posixGroup', 'group'); $DNs = array_keys($dn_groups); foreach ($DNs as $DN) { if (in_array($attr['uid'], $dn_groups[$DN])) @@ -341,27 +339,52 @@ class posixAccount { * modify are attributes which have to been modified in ldap entry */ function save_attributes() { - // Get list off all attributes - $attributes = $this->orig; // Get list of all "easy" attributes - $attr_names = array_keys($attributes); - foreach ($attr_names as $attr_name) { - if (count($this->attributes[$attr_name])!=0 && count($this->orig[$attr_name])==0) $return[$this->base['dn']]['add'][$attr_name] = $this->attributes[$attr_name]; - if (count($this->attributes[$attr_name])!=0 && count($this->orig[$attr_name])!=0) { - // We have to check every single attribute - // Get attributes which should be added - $attributes = array_delete($this->orig[$attr_name], $this->attributes[$attr_name]); - // Encode as unicode - for ($i=0; $ibase['dn']]['add'][$attr_name] = $attributes; - // Get attributes which should be removed - $attributes = array_delete($this->attributes[$attr_name], $this->orig[$attr_name]); - // Encode as unicode - for ($i=0; $ibase['dn']]['remove'][$attr_name] = $attributes; + $attr_names = array_keys($this->attributes); + // Get attributes which should be added + for ($i=0; $iorig[$attr_names[$i]]); $j++) { + if (is_array($this->attributes[$attr_names[$i]])) { + if (!in_array($this->orig[$attr_names[$i]][$j], $this->attributes[$attr_names[$i]])) + if ($this->orig[$attr_names[$i]][$j]!='') $torem[$attr_names[$i]][] =utf8_encode($this->orig[$attr_names[$i]][$j]); + } + else if ($this->orig[$attr_names[$i]][$j]!='') $torem[$attr_names[$i]][] = utf8_encode($this->orig[$attr_names[$i]][$j]); + } + for ($j=0; $jattributes[$attr_names[$i]]); $j++) { + if (is_array($this->orig[$attr_names[$i]])) { + if (!in_array($this->attributes[$attr_names[$i]][$j], $this->orig[$attr_names[$i]])) + if ($this->attributes[$attr_names[$i]][$j]!='') $toadd[$attr_names[$i]][] = utf8_encode($this->attributes[$attr_names[$i]][$j]); + } + else if ($this->attributes[$attr_names[$i]][$j]!='') $toadd[$attr_names[$i]][] = utf8_encode($this->attributes[$attr_names[$i]][$j]); + } + for ($j=0; $jattributes[$attr_names[$i]]); $j++) { + if (is_array($this->orig[$attr_names[$i]]) && is_array($this->attributes[$attr_names[$i]])) { + if (($this->attributes[$attr_names[$i]][$j]==$this->orig[$attr_names[$i]][$j]) && $this->attributes[$attr_names[$i]][$j]!='') + $notchanged[$attr_names[$i]][] = utf8_encode($this->attributes[$attr_names[$i]][$j]); + } } - if (count($this->attributes[$attr_name])==0 && count($this->orig[$attr_name])!=0) $return[$this->base['dn']]['remove'][$attr_name] = $this->orig[$attr_name]; } + // create modify wuth add and remove + if (is_array($toadd)) { + $attributes = array_keys($toadd); + for ($i=0; $ibase]->dn]['add'] = $toadd; + if (count($torem)!=0) $return[$_SESSION[$this->base]->dn]['remove'] = $torem; + if (count($tomodify)!=0) $return[$_SESSION[$this->base]->dn]['modify'] = $tomodify; + if (count($notchanged)!=0) $return[$_SESSION[$this->base]->dn]['notchanged'] = $notchanged; // Remove primary group from additional groups for ($i=0; $igroups); $i++) { @@ -375,7 +398,7 @@ class posixAccount { //There are some old groups. $add = array_delete($this->groups_orig, $this->groups); $remove = array_delete($this->groups, $this->groups_orig); - $dn_cns = $this->base->cache->get_cache('cn', 'posixGroup', 'group'); + $dn_cns = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('cn', 'posixGroup', 'group'); // get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... ) $DNs = array_keys($dn_cns); foreach ($DNs as $DN) { @@ -387,7 +410,7 @@ class posixAccount { } else { // Add user to every group - $dn_cns = $this->base->cache->get_cache('cn', 'posixGroup', 'group'); + $dn_cns = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('cn', 'posixGroup', 'group'); // get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... ) $DNs = array_keys($dn_cns); foreach ($DNs as $DN) { @@ -398,7 +421,7 @@ class posixAccount { else { if (is_array($this->groups_orig)) { //There are some old groups which have to be removed - $dn_cns = $this->base->cache->get_cache('cn', 'posixGroup', 'group'); + $dn_cns = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('cn', 'posixGroup', 'group'); // get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... ) $DNs = array_keys($dn_cns); foreach ($DNs as $DN) { @@ -422,13 +445,12 @@ class posixAccount { * to show a page with all attributes. * It will output a complete html-table */ - function display_html_attributes() { + function display_html_attributes($post) { $groups = findgroups(); // list of all groupnames $shelllist = getshells(); // list of all valid shells - echo "
' . _('Username') . "*
" . _('Repeat password') . "userPassword(); echo "\">
" . _('Lock password') . "userPassword_no) echo " checked "; + echo "userPassword_lock) echo " checked "; echo ">" . _('Help') . "
\n\n"; - echo "\n"; - echo "\n"; + echo "\n"; + echo "\n"; echo "\n"; echo "\n"; echo "\n"; @@ -436,12 +458,12 @@ class posixAccount { echo "\n"; echo "\n"; echo "\n"; - if ($this->base['type']=='user') { + if ($_SESSION[$this->base]->type=='user') { echo "\n"; echo "\n"; echo "\n"; @@ -449,23 +471,23 @@ class posixAccount { echo "\n"; echo "\n"; echo "\n"; - echo "\n"; + echo "\n"; echo "\n"; echo "\n"; } echo "\n"; echo "\n"; - echo "\n"; + echo "\n"; echo "\n"; echo "\n"; - if ($this->base['type']=='user') { + if ($_SESSION[$this->base]->type=='user') { if (count($shelllist)!=0) { echo "\n"; echo "\n"; echo "\n"; echo "\n"; @@ -476,9 +498,9 @@ class posixAccount { return 0; } - function display_html_group() { + function display_html_group($post) { // load list with all groups - $dn_groups = $this->base->cache->get_cache('uidNumber', 'posixGroup', 'group'); + $dn_groups = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('uidNumber', 'posixGroup', 'group'); foreach ($dn_groups as $group) $groups[] = $group[0]; // sort groups sort($groups, SORT_STRING); diff --git a/lam/lib/modules/shadowAccount.inc b/lam/lib/modules/shadowAccount.inc new file mode 100644 index 00000000..fadbcf1b --- /dev/null +++ b/lam/lib/modules/shadowAccount.inc @@ -0,0 +1,348 @@ +add_objectClass(\'shadowAccount\');'), E_USER_ERROR); + $this->base = $base; + // shadowAccount is only a valid objectClass for user and host + if (!($_SESSION[$this->base]->get_type() == 'user')) trigger_error(_('shadowAccount can only be used for users.'), E_USER_WARNING); + /* Check if ldap conatiner is in array and set type + * users are using inetOrgPerson-, hosts account-container + */ + if (!isset($_SESSION[$this->base]->module['inetOrgPerson'])) $_SESSION[$this->base]->add_objectClass('inetOrgPerson'); + // Add account type to object + $line=-1; + for ($i=0; $ibase]->ldap]->objectClasses) || $i==-1; $i++) { + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$i], "NAME 'shadowAccount'")) $line = $i; + } + // Return error if objectClass isn't found + if ($line==-1) trigger_error (sprintf(_("ObjectClass %s required but not defined in ldap."), 'shadowAccount'), E_USER_WARNING); + // Add Array with all attributes and type + $_SESSION[$this->base]->add_attributes ('shadowAccount'); + // create array with must-attributes + // Get startposition in string + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')+6); + // Now we have a string with all must-attributes + $string = substr($string_withtail, 0, strpos($string_withtail, ')')); + $string = trim($string); + // Ad must + foreach (explode(" $ ", $string) as $attribute) { + $this->attributes[$attribute] = ''; + } + } + // create array with may-attributes + // Get startposition in string + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')+5); + // Now we have a string with all must-attributes + $string = substr($string_withtail, 0, strpos($string_withtail, ')')); + $string = trim($string); + // Ad may + foreach (explode(" $ ", $string) as $attribute) { + $this->attributes[$attribute] = ''; + } + } + // Get attributes of subclasses + while (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], "SUP ")) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'SUP ')+4); + $subclass = substr($string_withtail, 0, strpos($string_withtail, ' ')); + // Add account type to object + for ($i=0; $ibase]->ldap]->objectClasses) || $i==-1; $i++) { + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$i], "NAME '$subclass'")) $line = $i; + } + // Return error if objectClass isn't found + // *** fixme, fix error message + if ($line==-1) trigger_error (_("objectClass objectClass required but not defined in ldap."), E_USER_WARNING); + + // create array with must-attributes + // Get startposition in string + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')+6); + // Now we have a string with all must-attributes + $string = substr($string_withtail, 0, strpos($string_withtail, ')')); + $string = trim($string); + // Ad must + foreach (explode(" $ ", $string) as $attribute) { + $this->attributes[$attribute] = ''; + } + } + // create array with may-attributes + // Get startposition in string + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')+5); + // Now we have a string with all must-attributes + $string = substr($string_withtail, 0, strpos($string_withtail, ')')); + $string = trim($string); + // Ad may + foreach (explode(" $ ", $string) as $attribute) { + $this->attributes[$attribute] = ''; + } + } + } + $this->alias = _('shadowAccount'); + // Make references to attributes which already esists in ldap + $newattributes = array_keys($this->attributes); + $module = array_keys($_SESSION[$this->base]->module); + // fixme *** do we have to unset module shadowAccount itself + for ($i=0; $ibase]->module[$module[$i]]->attributes[$attribute])) $this->attributes[$attribute] =& $_SESSION[$this->base]->module[$module[$i]]->attributes[$attribute]; + } + $this->orig = $this->attributes ; + $this->attributes['objectClass'][0] = 'shadowAccount'; + } + + // Variables + // Alias Name. This name is shown in the menu instead of shadowAccount + var $alias; + // name of accountContainer so we can read other classes in accuontArray + var $base; + + // This variable contains all inetOrgPerson attributes + var $attributes; + /* If an account was loaded all attributes are kept in this array + * to compare it with new changed attributes + */ + var $orig; + + /* This function returns a list with all required modules + */ + function dependencies() { + return array('inetOrgPerson'); + } + + /* Write variables into object and do some regexp checks + */ + function proccess_attributes($post) { + // Load attributes + $this->attributes['shadowMin'][0] = $post['form_shadowAccount_shadowMin']; + $this->attributes['shadowMax'][0] = $post['form_shadowAccount_shadowMax']; + $this->attributes['shadowWarning'][0] = $post['form_shadowAccount_shadowWarning']; + $this->attributes['shadowInactive'][0] = $post['form_shadowAccount_shadowInactive']; + $this->attributes['shadowWarning'][0] = mtime(10, 0, 0, $post['form_shadowAccount_shadowExpire_mon'], + $post['form_shadowAccount_shadowExpire_day'], $post['form_shadowAccount_shadowExpire_yea']); + + if ( !ereg('^([0-9])*$', $this->attributes['shadowMin'][0])) $errors[] = array('ERROR', _('Password minage'), _('Password minage must be are natural number.')); + if ( $this->attributes['shadowMin'][0] > $this->attributes['shadowMax'][0] ) $errors[] = array('ERROR', _('Password maxage'), _('Password maxage must bigger as Password Minage.')); + if ( !ereg('^([0-9]*)$', $this->attributes['shadowMax'][0])) $errors[] = array('ERROR', _('Password maxage'), _('Password maxage must be are natural number.')); + if ( !ereg('^(([-][1])|([0-9]*))$', $this->attributes['shadowInactive'][0])) + $errors[] = array('ERROR', _('Password Expire'), _('Password expire must be are natural number or -1.')); + if ( !ereg('^([0-9]*)$', $this->attributes['shadowWarning'][0])) $errors[] = array('ERROR', _('Password warn'), _('Password warn must be are natural number.')); + + if (is_array($errors)) return $errors; + return 0; + } + + + /* This function loads all attributes into the object + * $attr is an array as it's retured from ldap_get_attributes + */ + function load_attributes($attr) { + // Load attributes which are displayed + // unset count entries + unset ($attr['count']); + $attributes = array_keys($attr); + foreach ($attributes as $attribute) unset ($attr[$attribute]['count']); + // unset double entries + for ($i=0; $iattributes[$attribute])) { + // decode as unicode + $this->attributes[$attribute] = $attr[$attribute]; + for ($i=0; $iattributes[$attribute]); $i++) $this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]); + } + } + // Values are kept as copy so we can compare old attributes with new attributes + $this->orig = $this->attributes; + $this->attributes['objectClass'][0] = 'shadowAccount'; + } + + + /* This function returns an array with 3 entries: + * array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... ) + * DN is the DN to change. It may be possible to change several DNs, + * e.g. create a new user and add him to some groups via attribute memberUid + * add are attributes which have to be added to ldap entry + * remove are attributes which have to be removed from ldap entry + * modify are attributes which have to been modified in ldap entry + */ + function save_attributes() { + // Get list of all "easy" attributes + $attr_names = array_keys($this->attributes); + // Get attributes which should be added + for ($i=0; $iorig[$attr_names[$i]]); $j++) { + if (is_array($this->attributes[$attr_names[$i]])) { + if (!in_array($this->orig[$attr_names[$i]][$j], $this->attributes[$attr_names[$i]])) + if ($this->orig[$attr_names[$i]][$j]!='') $torem[$attr_names[$i]][] =utf8_encode($this->orig[$attr_names[$i]][$j]); + } + else if ($this->orig[$attr_names[$i]][$j]!='') $torem[$attr_names[$i]][] = utf8_encode($this->orig[$attr_names[$i]][$j]); + } + for ($j=0; $jattributes[$attr_names[$i]]); $j++) { + if (is_array($this->orig[$attr_names[$i]])) { + if (!in_array($this->attributes[$attr_names[$i]][$j], $this->orig[$attr_names[$i]])) + if ($this->attributes[$attr_names[$i]][$j]!='') $toadd[$attr_names[$i]][] = utf8_encode($this->attributes[$attr_names[$i]][$j]); + } + else if ($this->attributes[$attr_names[$i]][$j]!='') $toadd[$attr_names[$i]][] = utf8_encode($this->attributes[$attr_names[$i]][$j]); + } + for ($j=0; $jattributes[$attr_names[$i]]); $j++) { + if (is_array($this->orig[$attr_names[$i]]) && is_array($this->attributes[$attr_names[$i]])) { + if (($this->attributes[$attr_names[$i]][$j]==$this->orig[$attr_names[$i]][$j]) && $this->attributes[$attr_names[$i]][$j]!='') + $notchanged[$attr_names[$i]][] = utf8_encode($this->attributes[$attr_names[$i]][$j]); + } + } + } + // create modify wuth add and remove + if (is_array($toadd)) { + $attributes = array_keys($toadd); + for ($i=0; $ibase]->dn]['add'] = $toadd; + if (count($torem)!=0) $return[$_SESSION[$this->base]->dn]['remove'] = $torem; + if (count($tomodify)!=0) $return[$_SESSION[$this->base]->dn]['modify'] = $tomodify; + if (count($notchanged)!=0) $return[$_SESSION[$this->base]->dn]['notchanged'] = $notchanged; + + // Set shadowLastchange manual. + if ($_SESSION[$this->base]->module['inetOrgPerson']->userPassword()!='' || $_SESSION[$this->base]->module['inetOrgPerson']->userPassword_no) + $return[$_SESSION[$this->base]->dn]['modify']['shadowLastChange'] = array(time()/3600/24); + + return $return; + } + + + /* This function returns all ldap attributes + * which are part of shadowAccount and returns + * also their values. + */ + function get_attributes() { + return $this->attributes; + } + + /* This function will create the html-page + * to show a page with all attributes. + * It will output a complete html-table + */ + function display_html_attributes($post) { + // Use dd-mm-yyyy format of date because it's easier to read for humans + $date = getdate ($this->attributes['shadowExpire'][0]*3600*24); + echo "
" . _('UID number') . "attributes['uidNumber']."\">" . _('UID number') ."attributes['uidNumber'][0]."\">" . _('Help') . "
" . _('Help') . "
" . _('Additional groups') . "
" . _('Home directory') . "*attributes['homeDirectory']."\">attributes['homeDirectory'][0]."\">" . _('Help') . "
" . _('Gecos') . "attributes['gecos']."\">attributes['gecos'][0]."\">" . _('Help') . "
" . _('Login shell') . "*" . _('Help') . "
\n\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "
" . _('Password warn') . "attributes['shadowWarning'][0] . "\">" . _('Help') . "
" . _('Password Expire') . "attributes['shadowInactive'][0] . "\">" . _('Help') . "
" . _('Maximum password age') . "attributes['shadowMax'][0] . "\">" . _('Help') . "
" . _('Minimum password age') . "attributes['shadowMin'][0] . "\">" . _('Help') . "
" . _('Expire date') . "\n\n" . _('Help') . "
\n"; + return 0; + } + + + } + + + +?> diff --git a/lam/templates/account/useredit.php b/lam/templates/account/useredit.php index 493cdd5d..67bbb88d 100644 --- a/lam/templates/account/useredit.php +++ b/lam/templates/account/useredit.php @@ -758,11 +758,6 @@ if (is_array($errors)) // print_r($account_new); //print_r($account_old); -//$_SESSION['cache'] = new cache(); -//$temp = new accountContainer('user'); -//$temp->add_objectClass('posixAccount'); -//$temp->load_account('uid=julia,ou=people,dc=my-domain,dc=com'); -//print_r($temp->module['posixAccount']->attributes); switch ($select_local) { /* Select which part of page should be loaded and check values diff --git a/lam/templates/account/useredit.php.new b/lam/templates/account/useredit.php.new new file mode 100644 index 00000000..c246079d --- /dev/null +++ b/lam/templates/account/useredit.php.new @@ -0,0 +1,73 @@ +load_account($DN); + } +else if (count($_POST)==0) { + $_SESSION['account'] = new accountContainer('user', 'account'); + $_SESSION['account']->new_account(); + } +$_SESSION['account']->continue_main($_POST); + +?>