From 5782108a0fbce1688c81bdbfdb5a2004dbd2f68d Mon Sep 17 00:00:00 2001 From: katagia Date: Fri, 19 Dec 2003 12:45:23 +0000 Subject: [PATCH] Removed little bug when moving groups to another dn. It has worked but an error has shown. Improved new module design. It's now possible to create and modify users if they're only using inetOrgPerson and posixAccount. --- lam/lib/account.inc | 568 +++++++++++++++++++------ lam/lib/modules/inetOrgPerson.inc | 270 ++++++------ lam/lib/modules/posixAccount.inc | 226 +++++----- lam/lib/modules/shadowAccount.inc | 348 +++++++++++++++ lam/templates/account/useredit.php | 5 - lam/templates/account/useredit.php.new | 73 ++++ 6 files changed, 1125 insertions(+), 365 deletions(-) create mode 100644 lam/lib/modules/shadowAccount.inc create mode 100644 lam/templates/account/useredit.php.new diff --git a/lam/lib/account.inc b/lam/lib/account.inc index c70a1171..a6af1688 100644 --- a/lam/lib/account.inc +++ b/lam/lib/account.inc @@ -28,9 +28,10 @@ $Id$ */ class cache { function cache() { - $this->config = &$_SESSION['config']; - $this->ldap = &$_SESSION['ldap']; + $this->config =& $_SESSION['config']; + $this->ldap =& $_SESSION['ldap']; $this->time = 0; + $this->attributes = array(); } var $ldapcache; // This variable contains the cache @@ -43,6 +44,7 @@ class cache { * syntax of $attributes is array( scope1 => array ( attributes ), scope2 => array ( attributes ), ...) */ function add_cache($attributes) { + $this->refresh_cache(); // Check input variable $allowed_types = array ( 'user', 'group', 'host', '*' ); if (!is_array($attributes)) trigger_error(_('Argument of add_cache must be : array ( scope => array(attribute1(string), attribute2(string), ..), scope => ... ).'), E_USER_ERROR); @@ -68,6 +70,7 @@ class cache { * */ function get_cache($attribute, $objectClass, $singlescope) { + $this->refresh_cache(); // Check input variables $allowed_types = array ( 'user', 'group', 'host', '*' ); if (!in_array($singlescope, $allowed_types)) trigger_error(sprintf(_('Invalid scope. Valid scopes are %s.'), implode(" ", $allowed_types)), E_USER_ERROR); @@ -82,14 +85,16 @@ class cache { if ($singlescope == '*') $scopes = $allowed_types; else $scopes = array ( $singlescope ); foreach ($scopes as $scope) { - $DNs = array_keys($this->ldapcache[$scope]); - foreach ($DNs as $dn) { - if (isset($this->ldapcache[$scope][$dn][$attribute]) && in_array($objectClass, $this->ldapcache[$scope][$dn]['objectClass'])) { - // return string if only attribute exists only once - if (count($this->ldapcache[$scope][$dn][$attribute])==1) $return[$dn][] = $this->ldapcache[$scope][$dn][$attribute][0]; - else { - // else return array with all attributes - $return[$dn] = $this->ldapcache[$scope][$dn][$attribute]; + if (isset($this->ldapcache[$scope])) { + $DNs = array_keys($this->ldapcache[$scope]); + foreach ($DNs as $dn) { + if (isset($this->ldapcache[$scope][$dn][$attribute]) && in_array($objectClass, $this->ldapcache[$scope][$dn]['objectClass'])) { + // return string if only attribute exists only once + if (count($this->ldapcache[$scope][$dn][$attribute])==1) $return[$dn][] = $this->ldapcache[$scope][$dn][$attribute][0]; + else { + // else return array with all attributes + $return[$dn] = $this->ldapcache[$scope][$dn][$attribute]; + } } } } @@ -102,6 +107,7 @@ class cache { * $scope is the scope where to search */ function in_cache($value, $attribute, $singlescope) { + $this->refresh_cache(); // Check input variables $allowed_types = array ( 'user', 'group', 'host', '*' ); if (!in_array($singlescope, $allowed_types)) trigger_error(sprintf(_('Invalid scope. Valid scopes are %s.'), implode(" ", $allowed_types)), E_USER_ERROR); @@ -130,12 +136,17 @@ class cache { $this->refresh_cache(); if ($singlescope == '*') $scopes = $allowed_types; else $scopes = array ( $singlescope ); + //print_r($this->ldapcache); foreach ($scopes as $scope) { - $DNs = array_keys($this->ldapcache[$scope]); - foreach ($DNs as $dn) { - if (in_array($value, $this->ldapcache[$scope][$dn][$attribute])) { - // Return value if value was found - return $dn; + if (isset($this->ldapcache[$scope])) { + $DNs = array_keys($this->ldapcache[$scope]); + foreach ($DNs as $dn) { + if (is_array($this->ldapcache[$scope][$dn][$attribute])) { + if (in_array($value, $this->ldapcache[$scope][$dn][$attribute])) { + // Return value if value was found + return $dn; + } + } } } } @@ -210,19 +221,19 @@ class main { var $current_page; // This variable os set to the pagename of a subpage if it should be displayed var $subpage; - // reference to base-array so we can read other classes in basearray + // name of accountContainer so we can read other classes in accuontArray var $base; - // Localized part of HTML-Header - var $header; + // Alias Name. This name is shown in the menu instead of main + var $alias; - function main() { + function main($base) { $this->current_page = 0; $this->subpage = ''; /* Create a reference to basearray so we can read all other modules * php will avaois recousrion itself */ - $this->base = &$baseobject; - $this->header = &$_SESSION['header']; + $this->base = $base; + $this->alias = _('main'); } /* This function returns a list with all required modules @@ -231,24 +242,249 @@ class main { return array(); } - /* This function will process transmitted data - * and decides which page show next. - */ - function main_continue() { - // Which data should be processed? - if ($this->subpage=='') $this->subpage='attributes'; - $function = '$result = $this->base->module[$this->base->order[$this->current_page]]->process_'.$this->subpage.'($_POST);'; - eval ($function); - if (is_string($return)) $this->subpage = $return; - if (is_int($return)) { - for ($i=0; $ibase->order); $i++ ) { - if ($_POST['form_main_'.$this->base->order[$i]]) $this->current_page = $i; + function display_html_attributes($post) { + $function = '$profilelist = get'.ucfirst($_SESSION[$this->base]->type).'Profiles();'; + eval($function); + $modules = $_SESSION[$this->base]->check_attributes(); + if (count($modules)!=0) { + $disabled = 'disabled'; + for ($i=0; $ibase]->module[$modules[$i]]->alias)); + } + else $disabled = ''; + + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + + // Show fieldset with list of all user profiles + if (count($profilelist)!=0) { + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + } + + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + + echo "\n"; + echo "\n"; + echo "\n"; + + echo "
" . _('Suffix') . "" . _('Help') . "
" . _("Load profile") . "\n"; + echo "" . _('Help') . "
" . _("Save profile") . "\n"; + echo "" . _('Help') . "
base]->dn_orig!='') echo _('Modify Account'); + else echo _('Create Account'); + echo "\" $disabled >
\n"; + return 0; + } + + + /* This page will be shown if an account + * has been saved + */ + function display_html_finish($post) { + // Show success message + if ($_SESSION[$this->base]->dn_orig=='') $kind = _('created'); + else $kind = _('modified'); + $text = sprintf(_('%s has been %s.'), ucfirst($_SESSION[$this->base]->type), $kind); + StatusMessage('INFO', _('LDAP operation successful.'), $text); + + // Show rest of page + echo "\n"; + echo "\n"; + if ($_SESSION[$this->base]->dn_orig=='') { + echo "\n"; + } + echo "\n"; + echo "\n"; + echo "\n"; + echo "
base]->type); + echo "\">base]->type); + echo "\">
\n"; + return 0; + } + + /* Write variables into object and do some regexp checks + */ + function proccess_finish($post) { + if ($post['form_main_createagain']) { + // Reset objects + $modules = array_keys($_SESSION[$this->base]->module); + foreach ($modules as $module) + if ($module!='main') unset($_SESSION[$this->base]->module[$module]); + // Reset accountContainer + $_SESSION[$this->base]->dn = ''; + $_SESSION[$this->base]->dn_orig = ''; + $_SESSION[$this->base]->attributes = array(); + $_SESSION[$this->base]->order = array(); + $this->current_page = 0; + $this->subpage = ''; + // Add all required objects etc. + $_SESSION[$this->base]->new_account(); + return 0; + } + if ($post['form_main_backmain']) { + // Return to *-list + // *** fixme unset accountContainer in session + metaRefresh("../lists/list".$_SESSION[$this->base]->type."s.php"); + exit; + } + if ($post['form_main_outputpdf']) { + // Create / display PDf-file + $function = 'create'.ucfirst($_SESSION[$this->base]->type).'PDF(array($_SESSION[$this->base]));'; + eval($function); + exit; + } + } + + /* Write variables into object and do some regexp checks + */ + function proccess_attributes($post) { + // change dn + if ($post['form_main_suffix']!='') $_SESSION[$this->base]->dn = $post['form_main_suffix']; + // load profile + if ($post['form_main_selectLoadProfile'] && $post['form_main_loadProfile']) { + // *** fixme load*Profile must return array in the same way ldap_get_attributes does. + $function = '$newattributes = load'.ucfirst($scope).'Profile($post[\'form_main_selectLoadProfile\']);'; + eval($function); + // pass newattributes to each module + $modules = array_keys($_SESSION[$this->base]->module); + foreach ($modules as $module) $_SESSION[$this->base]->module[$module]->load_attributes($newattributes); + return 0; + } + // save account + if ($post['form_main_create']) { + $success = $_SESSION[$this->base]->save_account(); + if (is_array($success)) return array($success); + // return name of subpage + return 'finish'; + } + // save profile + if ($post['form_main_saveProfile']) { + if ($post['form_main_selectSaveProfile']=='') $errors[] = array('ERROR', _('Save profile'), _('No profilename given.')); + else { + $function = 'save'.ucfirst($scope).'Profile();'; + eval($function); + if ($function) $errors[] = array('INFO', _('Save profile'), _('New profile created.')); + else $errors[] = array('ERROR', _('Save profile'), _('Wrong profilename given.')); + } + if (is_array($errors)) return $errors; + else return 0; + } + return 0; + } + + // Dummy functions to make module compatible + function load_attributes($attr) { + return 0; + } + + // Dummy functions to make module compatible + function save_attributes() { + return array(); + } + + // Dummy functions to make module compatible + function get_attributes() { + return array(); + } + + + } + + +class accountContainer { + // Constructor + function accountContainer($type, $base) { + /* Set the type of account. Valid + * types are: user, group, host + */ + // Check input variable + if (!is_string($type)) trigger_error(_('Argument of accountContainer must be string.'), E_USER_ERROR); + if (!is_string($base)) trigger_error(_('Argument of accountContainer must be string.'), E_USER_ERROR); + // *** fixme use global variable to determine allowed types + $allowed_types = array ( 'user', 'group', 'host' ); + if (!in_array($type, $allowed_types)) trigger_error(_('Account type not recognized.'), E_USER_ERROR); + $this->type = $type; + $this->base = $base; + // Name of variables in session + $this->ldap = 'ldap'; + $this->config = 'config'; + $this->cache = 'cache'; + $this->header2 = 'header'; + $this->module['main'] = new main($this->base); + return 0; + } + + /* Array of all used attributes + * Syntax is attribute => array ( objectClass => MUST or MAY, ...) + */ + var $attributes; + /* This variale stores the type + * of account. Current unix, group, host are supported + */ + var $type; + var $ldap; // This is a reference to the ldap class in session + var $config; // This is a reference to the config class in session + // Localized part of HTML-Header + var $header2; + var $module; // This is an array with all module objects + // DN of the account + var $dn; + var $dn_orig; + // this are stores the module order + var $order; + // name of accountContainer so we can read other classes in accuontArray + var $base; + + /* Get the type of account. Valid + * types are: user, group, host + */ + function get_type() { + return $this->type; + } + + /* This function asks $this->module['main'] + * what to do next + */ + function continue_main($post) { + if ($this->module['main']->subpage=='') $this->module['main']->subpage='attributes'; + $function = '$result = $this->module[$this->order[$this->module[\'main\']->current_page]]->proccess_'.$this->module['main']->subpage.'($post);'; + eval ($function); + if (is_string($result)) $this->module['main']->subpage = $result; + if (is_int($result)) { + for ($i=0; $iorder); $i++ ) { + if ($post['form_main_'.$this->order[$i]]) $this->module['main']->current_page = $i; + } + $this->module['main']->subpage='attributes'; } // Write HTML-Code - echo $this->header; + echo $_SESSION[$this->header2]; echo ""; echo _("Create new Account"); echo "\n"; @@ -266,17 +502,17 @@ class main { echo _('Please select page:'); echo "\n"; // Loop for module - for ($i=0; $ibase->order); $i++ ) { - if ($this->base->order[$i]==$this->base->order[$this->current_page]) { + for ($i=0; $iorder); $i++ ) { + if ($this->order[$i]==$this->order[$this->module['main']->current_page]) { // print disabled button - echo "base->order[$i]."\" type=\"submit\" value=\""; - echo $this->base->module[$this->base->order[$i]]->alias; - echo " disabled\">\n
"; + echo "order[$i]."\" type=\"submit\" value=\""; + echo $this->module[$this->order[$i]]->alias; + echo "\" disabled>\n
"; } else { // print normal button - echo "base->order[$i]."\" type=\"submit\" value=\""; - echo $this->base->module[$this->base->order[$i]]->alias; + echo "order[$i]."\" type=\"submit\" value=\""; + echo $this->module[$this->order[$i]]->alias; echo "\">\n
"; } } @@ -284,68 +520,13 @@ class main { echo "\n"; echo "\n"; // display html-code from mdule - $function = '$result = $this->base->module[$this->base->order[$this->current_page]]->display_html_'.$this->subpage.'($_POST);'; + $function = '$result = $this->module[$this->order[$this->module[\'main\']->current_page]]->display_html_'.$this->module['main']->subpage.'($post);'; eval ($function); // Display rest of html-page echo "\n"; echo "\n"; echo "\n"; echo "\n"; - } - - - - } - - -class accountContainer { - // Constructor - function accountContainer($type) { - /* Set the type of account. Valid - * types are: user, group, host - */ - // Check input variable - if (!is_string($type)) trigger_error(_('Argument of accountContainer must be string.'), E_USER_ERROR); - // *** fixme use global variable to determine allowed types - $allowed_types = array ( 'user', 'group', 'host' ); - if (!in_array($type, $allowed_types)) trigger_error(_('Account type not recognized.'), E_USER_ERROR); - $this->type = $type; - $this->lampath = &$_SESSION['lampath']; - $this->ldap = &$_SESSION['ldap']; - $this->cache = &$_SESSION['cache']; - $this->module['main'] = new main($this); - return 0; - } - - /* Array of all used attributes - * Syntax is attribute => array ( objectClass => MUST or MAY, ...) - */ - var $attributes; - /* This variale stores the type - * of account. Current unix, group, host are supported - */ - var $type; - var $lampath; // reference to lampath from Session - var $ldap; // This is a reference to the ldap class in session - var $module; // This is an array with all module objects - // DN of the account - var $dn; - var $dn_orig; - // this are stores the module order - var $order; - - /* Get the type of account. Valid - * types are: user, group, host - */ - function get_type() { - return $this->type; - } - - /* This function asks $this->module['main'] - * what to do next - */ - function continue_main() { - $this->module['main']->main_continue(); return 0; } @@ -354,15 +535,15 @@ class accountContainer { function add_attributes($objectClass) { // loop through every existing objectlass and select current objectClass $line=-1; - for ($i=0; $ildap->objectClasses) || $i==-1; $i++) { - if (strpos($this->ldap->objectClasses[$i], "NAME '$objectClass'")) $line = $i; + for ($i=0; $ildap]->objectClasses) || $i==-1; $i++) { + if (strpos($_SESSION[$this->ldap]->objectClasses[$i], "NAME '$objectClass'")) $line = $i; } // Return error if objectClass isn't found if ($line==-1) trigger_error (sprintf(_("objectClass %s required but not defined in ldap."), $objectClass), E_USER_WARNING); // create array with must-attributes // Get startposition in string - if (strpos($this->ldap->objectClasses[$line], 'MUST (')) { - $string_withtail = substr($this->ldap->objectClasses[$line], strpos($this->ldap->objectClasses[$line], 'MUST (')+6); + if (strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MUST (')) { + $string_withtail = substr($_SESSION[$this->ldap]->objectClasses[$line], strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MUST (')+6); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -375,8 +556,8 @@ class accountContainer { } // create array with may-attributes // Get startposition in string - if (strpos($this->ldap->objectClasses[$line], 'MAY (')) { - $string_withtail = substr($this->ldap->objectClasses[$line], strpos($this->ldap->objectClasses[$line], 'MAY (')+5); + if (strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MAY (')) { + $string_withtail = substr($_SESSION[$this->ldap]->objectClasses[$line], strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MAY (')+5); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -389,24 +570,25 @@ class accountContainer { } // Get attributes of subclasses - while (strpos($this->ldap->objectClasses[$line], "SUP ")) { - $string_withtail = substr($this->ldap->objectClasses[$line], strpos($this->ldap->objectClasses[$line], 'SUP ')+4); + while (strpos($_SESSION[$this->ldap]->objectClasses[$line], "SUP ")) { + $string_withtail = substr($_SESSION[$this->ldap]->objectClasses[$line], strpos($_SESSION[$this->ldap]->objectClasses[$line], 'SUP ')+4); $subclass = substr($string_withtail, 0, strpos($string_withtail, ' ')); // Add account type to object - for ($i=0; $ildap->objectClasses) || $i==-1; $i++) { - if (strpos($this->ldap->objectClasses[$i], "NAME '$subclass'")) $line = $i; + for ($i=0; $ildap]->objectClasses) || $i==-1; $i++) { + if (strpos($_SESSION[$this->ldap]->objectClasses[$i], "NAME '$subclass'")) $line = $i; } // Return error if objectClass isn't found if ($line==-1) trigger_error (sprintf(_("objectClass %s required but not defined in ldap."), $objectClass), E_USER_WARNING); + // create array with must-attributes // Get startposition in string - if (strpos($this->ldap->objectClasses[$line], 'MUST (')) { - $string_withtail = substr($this->ldap->objectClasses[$line], strpos($this->ldap->objectClasses[$line], 'MUST (')+6); + if (strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MUST (')) { + $string_withtail = substr($_SESSION[$this->ldap]->objectClasses[$line], strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MUST (')+6); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); - $may = explode(" $ ", $string); + $must = explode(" $ ", $string); // Ad must foreach ($must as $attribute) { if (!isset($this->attributes[$attribute])) $this->attributes[$attribute][$objectClass] = 'MUST'; @@ -415,14 +597,14 @@ class accountContainer { } // create array with may-attributes // Get startposition in string - if (strpos($this->ldap->objectClasses[$line], 'MAY (')) { - $string_withtail = substr($this->ldap->objectClasses[$line], strpos($this->ldap->objectClasses[$line], 'MAY (')+5); + if (strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MAY (')) { + $string_withtail = substr($_SESSION[$this->ldap]->objectClasses[$line], strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MAY (')+5); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); - $must = explode(" $ ", $string); + $may = explode(" $ ", $string); // Ad may - foreach ($must as $attribute) { + foreach ($may as $attribute) { if (!isset($this->attributes[$attribute])) $this->attributes[$attribute][$objectClass] = 'MAY'; else $this->attributes[$attribute][$objectClass] = 'MAY'; } @@ -449,6 +631,28 @@ class accountContainer { return 0; } + /* This function checks if all MUST-attribtues are set. + * If not it will return an array with all modules + * which have to be set first + */ + function check_attributes() { + $return = array(); + // get named list of attributes + $attributes = array_keys($this->attributes); + for ($i=0; $iattributes[$attributes[$i]]); + for ($j=0; $jattributes[$attributes[$i]][$singleattribute[$j]]=='MUST') { + // Check if attribute is set + if ($this->module[$singleattribute[$j]]->attributes[$attributes[$i]]=='') + if (!in_array($singleattribute[$j], $return)) $return[] = $singleattribute[$j]; + } + } + } + return $return; + } + /* This function adds an objectClass class (module) to accountContainer */ function add_objectClass($objectClass) { @@ -460,9 +664,8 @@ class accountContainer { if ($line==-1) trigger_error (_("objectClass $objectClass required but not defined in ldap."), E_USER_WARNING); else { // Add module if it exists - if (file_exists($this->lampath."/lib/modules/".$objectClass.".inc") == 'file') { - include_once ($this->lampath."/lib/modules/".$objectClass.".inc"); - $this->module[$objectClass] = new $objectClass($this); + if (class_exists($objectClass)) { + $this->module[$objectClass] = new $objectClass($this->base); } else trigger_error (_("objectClass $objectClass required but no module found."), E_USER_WARNING); } @@ -474,8 +677,8 @@ class accountContainer { */ function load_account($dn) { $search = substr($dn, 0, strpos($dn, ',')); - $result = ldap_search($this->ldap->server(), $dn, $search); - $entry = ldap_first_entry($this->ldap->server(), $result); + $result = ldap_search($_SESSION[$this->ldap]->server(), $dn, $search); + $entry = ldap_first_entry($_SESSION[$this->ldap]->server(), $result); $this->dn = substr($dn, strpos($dn, ',')+1); $this->dn_orig = $dn; $attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry); @@ -492,19 +695,21 @@ class accountContainer { // loop until all modules are in order. // We don't want to loop forever $remain = count($module) * count($module); + $order = array(); while ( (count($module) != count($modulelist)) && ($remain!=0) ) { $remain--; foreach ($module as $moduleitem) { - $required = $this->module[$moduleitem]->dependencies; + $required = $this->module[$moduleitem]->dependencies(); $everything_found = true; - if (is_array($required)) + if (is_array($required)) { foreach ($required as $requireditem) if (!in_array($reuquireditem, $modulelist)) $everthing_found = false; - if ($everything_found) $modulelist[] = $moduleitem; + } + if ($everything_found && !in_array($moduleitem, $order) ) $order[] = $moduleitem; } } // Write Module-Order in variable - $this->order = $modulelist; + $this->order = $order; return 0; } @@ -512,34 +717,131 @@ class accountContainer { * for a new account */ function new_account() { - $modulelist = array(); + $modulelist = array('posixAccount', 'shadowAccount'); // *** fixme add modules from config which should be used but not yet in loaded account - $module = array_keys ($this->module); + foreach ($modulelist as $objectClass) $this->add_objectClass($objectClass); + $module = array_keys ($this->module); // loop until all modules are in order. // We don't want to loop forever $remain = count($module) * count($module); + $order = array(); while ( (count($module) != count($modulelist)) && ($remain!=0) ) { $remain--; foreach ($module as $moduleitem) { - $required = $this->module[$moduleitem]->dependencies; + $required = $this->module[$moduleitem]->dependencies(); $everything_found = true; - if (is_array($required)) + if (is_array($required)) { foreach ($required as $requireditem) if (!in_array($reuquireditem, $modulelist)) $everthing_found = false; - if ($everything_found) $modulelist[] = $moduleitem; + } + if ($everything_found && !in_array($moduleitem, $order) ) $order[] = $moduleitem; } } // Write Module-Order in variable - $this->order = $modulelist; + $this->order = $order; + // *** fixme load*Profile must return array in the same way ldap_get_attributes does. + $function = '$newattributes = load'.ucfirst($this->type).'Profile(\'default\');'; + eval($function); + // pass newattributes to each module + //foreach ($module as $module2) + // $this->module[$module2]->load_attributes($newattributes); return 0; } /* This function will load an account. - * $dn is the dn of the account which should be loaded */ function save_account() { + $module = array_keys ($this->module); + $attributes = array(); + // load attributes + foreach ($module as $singlemodule) { + // load changes + $temp = $this->module[$singlemodule]->save_attributes(); + // merge changes + $DNs = array_keys($temp); + $attributes = array_merge_recursive($temp, $attributes); + for ($i=0; $itype=='group') $search = 'cn'; + else $search = 'uid'; + $added = false; + foreach ($attributes as $DN) { + if (isset($DN['modify'][$search][0]) && !$added) { + $attributes[$search.'='.$DN['modify'][$search][0].','.$this->dn] = $attributes[$this->dn]; + unset ($attributes[$this->dn]); + $this->dn = $search.'='.$DN['modify'][$search][0].','.$this->dn; + $added = true; + } + if (isset($DN['add'][$search][0]) && !$added) { + $attributes[$search.'='.$DN['add'][$search][0].','.$this->dn] = $attributes[$this->dn]; + unset ($attributes[$this->dn]); + $this->dn = $search.'='.$DN['add'][$search][0].','.$this->dn; + $added = true; + } + if (isset($DN['notchanged'][$search][0]) && !$added) { + $attributes[$search.'='.$DN['notchanged'][$search][0].','.$this->dn] = $attributes[$this->dn]; + unset ($attributes[$this->dn]); + $this->dn = $search.'='.$DN['notchanged'][$search][0].','.$this->dn; + $added = true; + } + } + // Add old dn if dn hasn't changed + if (!$added) { + $attributes[$this->dn_orig] = $attributes[$this->dn]; + unset ($attributes[$this->dn]); + $this->dn = $this->dn_orig; + } + // Add new DN + if ($this->dn != $this->dn_orig) { + // move existing DN + if ($this->dn_orig!='') { + // merge attributes together + $attr = array_merge_recursive($attributes[$this->dn]['add'], $attributes[$this->dn]['notchanged'], $attributes[$this->dn]['modify']); + $success = @ldap_add($_SESSION[$this->ldap]->server(), $this->dn, $attr); + if ($success) { + $success = @ldap_delete($_SESSION[$this->ldap]->server(), $this->dn_orig); + if (!$success) return array('ERROR', 'LDAP', sprintf(_('Was unable to delete dn: %s.'), $this->dn_orig)); + } + if (!$success) return array('ERROR', 'LDAP', sprintf(_('Was unable to create dn: %s. This is possible a bug. Please check your ldap logs and send a bug report if it is a possible bug.'), $this->dn)); + } + // create complete new dn + else { + $attr = array_merge_recursive($attributes[$this->dn]['add'], $attributes[$this->dn]['notchanged'], $attributes[$this->dn]['modify']); + $success = @ldap_add($_SESSION[$this->ldap]->server(), $this->dn, $attributes[$this->dn]['add']); + if (!$success) return array('ERROR', 'LDAP', sprintf(_('Was unable to create dn: %s. This is possible a bug. Please check your ldap logs and send a bug report if it is a possible bug.'), $this->dn)); + } + unset($attributes[$this->dn]); + } + $DNs = array_keys($attributes); + for ($i=0; $ildap]->server(), $DNs[$i], $attributes[$DNs[$i]]['modify']); + if (!$success) return array('ERROR', 'LDAP', sprintf(_('Was unable to modify attribtues from dn: %s. This is possible a bug. Please check your ldap logs and send a bug report if it is a possible bug.'), $DNs[$i])); + } + // add attributes + if (isset($attributes[$DNs[$i]]['add'])) { + $success = @ldap_mod_add($_SESSION[$this->ldap]->server(), $DNs[$i], $attributes[$DNs[$i]]['add']); + if (!$success) return array('ERROR', 'LDAP', sprintf(_('Was unable to add attribtues to dn: %s. This is possible a bug. Please check your ldap logs and send a bug report if it is a possible bug.'), $DNs[$i])); + } + // removce attributes + if (isset($attributes[$DNs[$i]]['remove'])) { + $success = @ldap_mod_del($_SESSION[$this->ldap]->server(), $DNs[$i], $attributes[$DNs[$i]]['remove']); + if (!$success) return array('ERROR', 'LDAP', sprintf(_('Was unable to remove attribtues from dn: %s. This is possible a bug. Please check your ldap logs and send a bug report if it is a possible bug.'), $DNs[$i])); + } + } + // *** fixme Add lamdaemon.pl + return 0; } } @@ -629,7 +931,7 @@ function getshells() { /* This function will replace umlates with ascci-chars -* fixme +* fixme *** * In order to map all non-ascii characters this function should be changed */ function replace_umlaut($text) { @@ -2933,7 +3235,7 @@ function modifygroup($values,$values_old, $uselamdaemon=true) { for ($i=0; $iadd_objectClass(\'inetOrgPerson\');'), E_USER_ERROR); + if (!$base) trigger_error(_('Please create a base object with $var = new accountContainer();'), E_USER_ERROR); + if (!is_string($base)) trigger_error(_('Please create a new module object with $accountContainer->add_objectClass(\'inetOrgPerson\');'), E_USER_ERROR); + $this->base = $base; // posixAccount is only a valid objectClass for user and host - if ($baseobject->get_type() != 'user') trigger_error(_('inetOrgPerson can only be used for users.'), E_USER_WARNING); - /* Create a reference to basearray so we can read all other modules - * php will avaois recousrion itself - */ - $this->base = &$baseobject; - // Add attributes which should be cached - //$_SESSION['cache']->add_cache(array ('user' => array('cn', 'uid'), 'host' => array('cn', 'uid') )); + if ($_SESSION[$this->base]->get_type() != 'user') trigger_error(_('inetOrgPerson can only be used for users.'), E_USER_WARNING); // Add account type to object $line=-1; - for ($i=0; $ibase->ldap->objectClasses) || $i==-1; $i++) { - if (strpos($this->base->ldap->objectClasses[$i], "NAME 'inetOrgPerson'")) $line = $i; + for ($i=0; $ibase]->ldap]->objectClasses) || $i==-1; $i++) { + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$i], "NAME 'inetOrgPerson'")) $line = $i; } // Return error if objectClass isn't found if ($line==-1) trigger_error (sprintf(_("ObjectClass %s required but not defined in ldap."), 'inetOrgPerson'), E_USER_WARNING); // Add Array with all attributes and type - $baseobject->add_attributes ('inetOrgPerson'); + $_SESSION[$this->base]->add_attributes ('inetOrgPerson'); // create array with must-attributes // Get startposition in string - if (strpos($this->base->ldap->objectClasses[$line], 'MUST (')) { - $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MUST (')+6); + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')+6); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -85,8 +79,8 @@ class inetOrgPerson { } // create array with may-attributes // Get startposition in string - if (strpos($this->base->ldap->objectClasses[$line], 'MAY (')) { - $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MAY (')+5); + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')+5); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -96,12 +90,12 @@ class inetOrgPerson { } } // Get attributes of subclasses - while (strpos($this->base->ldap->objectClasses[$line], "SUP ")) { - $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'SUP ')+4); + while (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], "SUP ")) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'SUP ')+4); $subclass = substr($string_withtail, 0, strpos($string_withtail, ' ')); // Add account type to object - for ($i=0; $ibase->ldap->objectClasses) || $i==-1; $i++) { - if (strpos($this->base->ldap->objectClasses[$i], "NAME '$subclass'")) $line = $i; + for ($i=0; $ibase]->ldap]->objectClasses) || $i==-1; $i++) { + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$i], "NAME '$subclass'")) $line = $i; } // Return error if objectClass isn't found // *** fixme, fix error message @@ -109,8 +103,8 @@ class inetOrgPerson { // create array with must-attributes // Get startposition in string - if (strpos($this->base->ldap->objectClasses[$line], 'MUST (')) { - $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MUST (')+6); + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')+6); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -121,8 +115,8 @@ class inetOrgPerson { } // create array with may-attributes // Get startposition in string - if (strpos($this->base->ldap->objectClasses[$line], 'MAY (')) { - $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MAY (')+5); + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')+5); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -133,7 +127,12 @@ class inetOrgPerson { } } $this->orig = $this->attributes ; + $this->attributes['objectClass'][0] = 'inetOrgPerson'; + if (isset($this->attributes['userPassword'])) unset($this->attributes['userPassword']); $this->alias = _('inetOrgPerson'); + // Add attributes which should be cached + $_SESSION[$_SESSION[$this->base]->cache]->add_cache(array ('user' => array('uid'), 'host' => array('uid'))); + } // Variables @@ -160,24 +159,21 @@ class inetOrgPerson { * new password will be stored encrypted */ function userPassword($newpassword=false) { - // Read existing password if set - if (!$newpassword) { - if ($this->attributes['userPassword'][0]!='') { - $iv = base64_decode($_COOKIE["IV"]); - $key = base64_decode($_COOKIE["Key"]); - $password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($this->attributes['userPassword'][0]), MCRYPT_MODE_ECB, $iv); - $password = str_replace(chr(00), '', $password); - return $password; - } - else return ''; - } - // Write new password - else { + if (is_string($newpassword)) { + // Write new password $iv = base64_decode($_COOKIE["IV"]); $key = base64_decode($_COOKIE["Key"]); $this->attributes['userPassword'][0] = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $newpassword, MCRYPT_MODE_ECB, $iv)); return 0; } + else { + // Read existing password if set + $iv = base64_decode($_COOKIE["IV"]); + $key = base64_decode($_COOKIE["Key"]); + $password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($this->attributes['userPassword'][0]), MCRYPT_MODE_ECB, $iv); + $password = str_replace(chr(00), '', $password); + return $password; + } } /* This function returns a list with all required modules @@ -188,59 +184,61 @@ class inetOrgPerson { /* Write variables into object and do some regexp checks */ - function proccess_attributes() { + function proccess_attributes($post) { // Load attributes - if (($this->attributes['uid'] != $_POST['form_inetOrgPerson_uid']) && ereg('[A-Z]$', $_POST['form_inetOrgPerson_uid'])) + if (($this->attributes['uid'][0] != $post['form_inetOrgPerson_uid']) && ereg('[A-Z]$', $post['form_inetOrgPerson_uid'])) $errors[] = array('WARN', _('Username'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.')); - $this->attributes['uid'] = $_POST['form_inetOrgPerson_uid']; - $this->attributes['cn'] &= $this->attributes['uid']; - $this->attributes['description'] = $_POST['form_inetOrgPerson_description']; - $this->attributes['sn'] = $_POST['form_inetOrgPerson_sn']; - $this->attributes['givenName'] = $_POST['form_inetOrgPerson_givenName']; - $this->attributes['title'] = $_POST['form_inetOrgPerson_title']; - $this->attributes['mail'] = $_POST['form_inetOrgPerson_mail']; - $this->attributes['telephoneNumber'] = $_POST['form_inetOrgPerson_telephoneNumber']; - $this->attributes['mobileTelephoneNumber'] = $_POST['form_inetOrgPerson_mobileTelephoneNumber']; - $this->attributes['facsimileTelephoneNumber'] = $_POST['form_inetOrgPerson_facsimileTelephoneNumber']; - $this->attributes['street'] = $_POST['form_inetOrgPerson_street']; - $this->attributes['postalCode'] = $_POST['form_inetOrgPerson_postalCode']; - $this->attributes['postalAddress'] = $_POST['form_inetOrgPerson_postalAddress']; - $this->attributes['employeeType'] = $_POST['form_inetOrgPerson_employeeType']; + $this->attributes['uid'][0] = $post['form_inetOrgPerson_uid']; + $this->attributes['cn'][0] &= $this->attributes['uid'][0]; + $this->attributes['description'][0] = $post['form_inetOrgPerson_description']; + $this->attributes['sn'][0] = $post['form_inetOrgPerson_sn']; + $this->attributes['givenName'][0] = $post['form_inetOrgPerson_givenName']; + $this->attributes['title'][0] = $post['form_inetOrgPerson_title']; + $this->attributes['mail'][0] = $post['form_inetOrgPerson_mail']; + $this->attributes['telephoneNumber'][0] = $post['form_inetOrgPerson_telephoneNumber']; + $this->attributes['mobileTelephoneNumber'][0] = $post['form_inetOrgPerson_mobileTelephoneNumber']; + $this->attributes['facsimileTelephoneNumber'][0] = $post['form_inetOrgPerson_facsimileTelephoneNumber']; + $this->attributes['street'][0] = $post['form_inetOrgPerson_street']; + $this->attributes['postalCode'][0] = $post['form_inetOrgPerson_postalCode']; + $this->attributes['postalAddress'][0] = $post['form_inetOrgPerson_postalAddress']; + $this->attributes['employeeType'][0] = $post['form_inetOrgPerson_employeeType']; - if ($_POST['form_inetOrgPerson_userPassword_no']) $this->userPassword_no=true; + if ($post['form_inetOrgPerson_userPassword_no']) $this->userPassword_no=true; else $this->userPassword_no=false; - if ($_POST['form_inetOrgPerson_userPassword_lock']) $this->userPassword_lock=true; + if ($post['form_inetOrgPerson_userPassword_lock']) $this->userPassword_lock=true; else $this->userPassword_lock=false; - if (isset($_POST['form_inetOrgPerson_userPassword'])) { - if ($_POST['form_inetOrgPerson_userPassword'] != $_POST['form_inetOrgPerson_userPassword2']) { + if (isset($post['form_inetOrgPerson_userPassword'])) { + if ($post['form_inetOrgPerson_userPassword'] != $post['form_inetOrgPerson_userPassword2']) { $errors[] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.')); - unset ($_POST['form_inetOrgPerson_userPassword2']); + unset ($post['form_inetOrgPerson_userPassword2']); } - else $this->userPassword($_POST['form_inetOrgPerson_userPassword']); + else $this->userPassword($post['form_inetOrgPerson_userPassword']); } - if ($_POST['form_inetOrgPerson_genpass']) $this->userPassword(genpasswd()); + if ($post['form_inetOrgPerson_genpass']) $this->userPassword(genpasswd()); // Check if givenname is valid - if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $this->attributes['givenName'])) $errors[] = array('ERROR', _('Given name'), _('Given name contains invalid characters')); + if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $this->attributes['givenName'][0])) $errors[] = array('ERROR', _('Given name'), _('Given name contains invalid characters')); // Check if surname is valid - if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $this->attributes['sn'])) $errors[] = array('ERROR', _('Surname'), _('Surname contains invalid characters')); + if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $this->attributes['sn'][0])) $errors[] = array('ERROR', _('Surname'), _('Surname contains invalid characters')); // Check if Username contains only valid characters - if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*$', $this->attributes['uid'])) + if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+$', $this->attributes['uid'][0])) $errors[] = array('ERROR', _('Username'), _('Username contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !')); // Create automatic useraccount with number if original user already exists // Reset name to original name if new name is in use // Set username back to original name if new username is in use - if ($this->base->cache->in_cache($this->attributes['uid'],'uid', '*')!=$this->orig['uid'] && ($this->orig['uid']!='')) $this->attributes['uid'] = $this->orig['uid']; + if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['uid'][0],'uid', '*')!=false && ($this->orig['uid'][0]!='')) { + $this->attributes['uid'][0] = $this->orig['uid'][0]; + } // Change uid to a new uid until a free uid is found - while ($this->base->cache->in_cache($this->attributes['uid'], 'uid', '*')) { + else while ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['uid'][0], 'uid', '*')) { // get last character of username - $lastchar = substr($this->attributes['uid'], strlen($this->attributes['uid'])-1, 1); + $lastchar = substr($this->attributes['uid'][0], strlen($this->attributes['uid'][0])-1, 1); // Last character is no number if ( !ereg('^([0-9])+$', $lastchar)) /* Last character is no number. Therefore we only have to * add "2" to it. */ - $this->attributes['uid'] = $this->attributes['uid'] . '2'; + $this->attributes['uid'][0] = $this->attributes['uid'][0] . '2'; else { /* Last character is a number -> we have to increase the number until we've * found a groupname with trailing number which is not in use. @@ -248,34 +246,34 @@ class inetOrgPerson { * $i will show us were we have to split groupname so we get a part * with the groupname and a part with the trailing number */ - $i=strlen($this->attributes['uid'])-1; + $i=strlen($this->attributes['uid'][0])-1; $mark = false; // Set $i to the last character which is a number in $account_new->general_username - while (!$mark) { - if (ereg('^([0-9])+$',substr($this->attributes['uid'], $i, strlen($this->attributes['uid'])-$i))) $i--; + while (!$mark) { + if (ereg('^([0-9])+$',substr($this->attributes['uid'][0], $i, strlen($this->attributes['uid'][0])-$i))) $i--; else $mark=true; } // increase last number with one - $firstchars = substr($this->attributes['uid'], 0, $i+1); - $lastchars = substr($this->attributes['uid'], $i+1, strlen($this->attributes['uid'])-$i); + $firstchars = substr($this->attributes['uid'][0], 0, $i+1); + $lastchars = substr($this->attributes['uid'][0], $i+1, strlen($this->attributes['uid'][0])-$i); // Put username together - $this->attributes['uid'] = $firstchars . (intval($lastchars)+1); + $this->attributes['uid'][0] = $firstchars . (intval($lastchars)+1); } } // Show warning if lam has changed username - if ($this->attributes['uid'] != $_POST['form_inetOrgPerson_uid']) $errors[] = array('WARN', _('Username'), _('Username in use. Selected next free username.')); + if ($this->attributes['uid'][0] != $post['form_inetOrgPerson_uid']) $errors[] = array('WARN', _('Username'), _('Username in use. Selected next free username.')); if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $this->userPassword())) $errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !')); - if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['telephoneNumber'])) $errors[] = array('ERROR', _('Telephone number'), _('Please enter a valid telephone number!')); - if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['mobileTelephoneNumber'])) $errors[] = array('ERROR', _('Mobile number'), _('Please enter a valid mobile number!')); - if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['facsimileTelephoneNumber'])) $errors[] = array('ERROR', _('Fax number'), _('Please enter a valid fax number!')); - if ( !ereg('^(([0-9]|[A-Z]|[a-z]|[.]|[-]|[_])+[@]([0-9]|[A-Z]|[a-z]|[-])+([.]([0-9]|[A-Z]|[a-z]|[-])+)*)*$', $this->attributes['mail'])) $errors[] = array('ERROR', _('eMail address'), _('Please enter a valid eMail address!')); - if ( !ereg('^([0-9]|[A-Z]|[a-z]|[-]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['street'])) $errors[] = array('ERROR', _('Street'), _('Please enter a valid street name!')); - if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['postalAddress'])) $errors[] = array('ERROR', _('Postal address'), _('Please enter a valid postal address!')); - if ( !ereg('^([0-9]|[A-Z]|[a-z]|[-]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['title'])) $errors[] = array('ERROR', _('Title'), _('Please enter a valid title!')); - if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['employeeType'])) $errors[] = array('ERROR', _('Employee type'), _('Please enter a valid employee type!')); - if ( !ereg('^([0-9]|[A-Z]|[a-z])*$', $this->attributes['personal_postalCode'])) $errors[] = array('ERROR', _('Postal code'), _('Please enter a valid postal code!')); + if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['telephoneNumber'][0])) $errors[] = array('ERROR', _('Telephone number'), _('Please enter a valid telephone number!')); + if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['mobileTelephoneNumber'][0])) $errors[] = array('ERROR', _('Mobile number'), _('Please enter a valid mobile number!')); + if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['facsimileTelephoneNumber'][0])) $errors[] = array('ERROR', _('Fax number'), _('Please enter a valid fax number!')); + if ( !ereg('^(([0-9]|[A-Z]|[a-z]|[.]|[-]|[_])+[@]([0-9]|[A-Z]|[a-z]|[-])+([.]([0-9]|[A-Z]|[a-z]|[-])+)*)*$', $this->attributes['mail'][0])) $errors[] = array('ERROR', _('eMail address'), _('Please enter a valid eMail address!')); + if ( !ereg('^([0-9]|[A-Z]|[a-z]|[-]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['street'][0])) $errors[] = array('ERROR', _('Street'), _('Please enter a valid street name!')); + if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['postalAddress'][0])) $errors[] = array('ERROR', _('Postal address'), _('Please enter a valid postal address!')); + if ( !ereg('^([0-9]|[A-Z]|[a-z]|[-]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['title'][0])) $errors[] = array('ERROR', _('Title'), _('Please enter a valid title!')); + if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['employeeType'][0])) $errors[] = array('ERROR', _('Employee type'), _('Please enter a valid employee type!')); + if ( !ereg('^([0-9]|[A-Z]|[a-z])*$', $this->attributes['personal_postalCode'][0])) $errors[] = array('ERROR', _('Postal code'), _('Please enter a valid postal code!')); // Return error-messages if (is_array($errors)) return $errors; return 0; @@ -294,14 +292,15 @@ class inetOrgPerson { for ($i=0; $iattributes[$attribute])) { + if (isset($this->orig[$attribute])) { + $this->orig[$attribute] = $attr[$attribute]; // decode as unicode - $this->attributes[$attribute] = $attr[$attribute]; - for ($i=0; $iattributes[$attribute]); $i++) $this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]); + for ($i=0; $iorig[$attribute]); $i++) $this->orig[$attribute][$i] = utf8_decode ($this->orig[$attribute][$i]); } } // Values are kept as copy so we can compare old attributes with new attributes - $this->orig = $this->attributes; + $this->orig['objectClass'][0] = 'inetOrgPerson'; + $this->attributes = $this->orig; $this->userPassword(''); // Remove old password so it won't displayed as hash return 0; } @@ -316,59 +315,80 @@ class inetOrgPerson { * remove are attributes which have to be removed from ldap entry */ function save_attributes() { - // Get list off all attributes - $attributes = $this->orig; - // Remove attributes which are not as easy to set - unset ($attributes['userPassword']); // Get list of all "easy" attributes - $attr_names = array_keys($attributes); - foreach ($attr_names as $attr_name) { - if (count($this->attributes[$attr_name])!=0 && count($this->orig[$attr_name])==0) $return[$this->base['dn']]['add'][$attr_name] = $this->attributes[$attr_name]; - if (count($this->attributes[$attr_name])!=0 && count($this->orig[$attr_name])!=0) { - // We have to check every single attribute - // Get attributes which should be added - $attributes = array_delete($this->orig[$attr_name], $this->attributes[$attr_name]); - // Encode as unicode - for ($i=0; $ibase['dn']]['add'][$attr_name] = $attributes; - // Get attributes which should be removed - $attributes = array_delete($this->attributes[$attr_name], $this->orig[$attr_name]); - // Encode as unicode - for ($i=0; $ibase['dn']]['remove'][$attr_name] = $attributes; + $attr_names = array_keys($this->attributes); + // Get attributes which should be added + for ($i=0; $iorig[$attr_names[$i]]); $j++) { + if (is_array($this->attributes[$attr_names[$i]])) { + if (!in_array($this->orig[$attr_names[$i]][$j], $this->attributes[$attr_names[$i]])) + if ($this->orig[$attr_names[$i]][$j]!='') $torem[$attr_names[$i]][] =utf8_encode($this->orig[$attr_names[$i]][$j]); + } + else if ($this->orig[$attr_names[$i]][$j]!='') $torem[$attr_names[$i]][] = utf8_encode($this->orig[$attr_names[$i]][$j]); + } + for ($j=0; $jattributes[$attr_names[$i]]); $j++) { + if (is_array($this->orig[$attr_names[$i]])) { + if (!in_array($this->attributes[$attr_names[$i]][$j], $this->orig[$attr_names[$i]])) + if ($this->attributes[$attr_names[$i]][$j]!='') $toadd[$attr_names[$i]][] = utf8_encode($this->attributes[$attr_names[$i]][$j]); + } + else if ($this->attributes[$attr_names[$i]][$j]!='') $toadd[$attr_names[$i]][] = utf8_encode($this->attributes[$attr_names[$i]][$j]); + } + for ($j=0; $jattributes[$attr_names[$i]]); $j++) { + if (is_array($this->orig[$attr_names[$i]]) && is_array($this->attributes[$attr_names[$i]])) { + if (($this->attributes[$attr_names[$i]][$j]==$this->orig[$attr_names[$i]][$j]) && $this->attributes[$attr_names[$i]][$j]!='') + $notchanged[$attr_names[$i]][] = utf8_encode($this->attributes[$attr_names[$i]][$j]); + } } - if (count($this->attributes[$attr_name])==0 && count($this->orig[$attr_name])!=0) $return[$this->base['dn']]['remove'][$attr_name] = $this->orig[$attr_name]; } + // create modify wuth add and remove + if (is_array($toadd)) { + $attributes = array_keys($toadd); + for ($i=0; $ibase]->dn]['add'] = $toadd; + if (count($torem)!=0) $return[$_SESSION[$this->base]->dn]['remove'] = $torem; + if (count($tomodify)!=0) $return[$_SESSION[$this->base]->dn]['modify'] = $tomodify; + if (count($notchanged)!=0) $return[$_SESSION[$this->base]->dn]['notchanged'] = $notchanged; // Set unix password if (count($this->orig['userPassword'])==0) { // New user or no old password set if ($this->userPassword_no) { - $return[$this->base['dn']]['add']['userPassword'][0] = pwd_hash ('', !$this->userPassword_lock); + $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash ('', !$this->userPassword_lock); } - else $return[$this->base['dn']]['add']['userPassword'][0] = utf8_encode(pwd_hash ($this->userPassword(), !$this->userPassword_lock)); + else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_hash ($this->userPassword(), !$this->userPassword_lock)); } else { if ($this->userPassword()!='' || $this->userPassword_no) { // Write new password - $return[$this->base['dn']]['remove']['userPassword'] = utf8_encode($this->orig['userPassword']); - if ($this->userPassword_no) $return[$this->base['dn']]['modify']['userPassword'][0] = pwd_hash ('', !$this->userPassword_lock); - else $return[$this->base['dn']]['modify']['userPassword'][0] = utf8_encode(pwd_hash ($this->userPassword(), !$this->userPassword_lock)); + if ($this->userPassword_no) $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = pwd_hash ('', !$this->userPassword_lock); + else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode(pwd_hash ($this->userPassword(), !$this->userPassword_lock)); } else { // No new password but old password // (un)lock password - if ($this->userPassword_lock == pwd_is_enabled($this->orig['userPassword'])) { + if ($this->userPassword_lock == pwd_is_enabled($this->orig['userPassword'][0])) { // Split old password hash in {CRYPT} and password-hash $i = 0; - while ($this->orig['userPassword']{$i} != '}') $i++; - $passwd = substr($this->orig['userPassword'], $i+1 ); - $crypt = substr($this->orig['userPassword'], 0, $i+1 ); + while ($this->orig['userPassword'][0]{$i} != '}') $i++; + $passwd = substr($this->orig['userPassword'][0], $i+1 ); + $crypt = substr($this->orig['userPassword'][0], 0, $i+1 ); // remove trailing ! from password hash if ($passwd{0} == '!') $passwd = substr($passwd, 1); // Write new password - $return[$this->base['dn']]['remove']['userPassword'] = utf8_encode($this->orig['userPassword']); - if ($this->userPassword_lock) $return[$this->base['dn']]['modify']['userPassword'][0] = utf8_encode("$crypt!$passwd"); - else $return[$this->base['dn']]['modify']['userPassword'][0] = utf8_encode("$crypt$passwd"); + if ($this->userPassword_lock) $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode("$crypt!$passwd"); + else $return[$_SESSION[$this->base]->dn]['modify']['userPassword'][0] = utf8_encode("$crypt$passwd"); } } } @@ -389,7 +409,7 @@ class inetOrgPerson { * to show a page with all attributes. * It will output a complete html-table */ - function display_html_attributes() { + function display_html_attributes($post) { echo "\n\n"; echo '\n"; @@ -409,7 +429,7 @@ class inetOrgPerson { echo "\n"; echo "\n"; echo "\n"; echo "\n"; @@ -423,8 +443,8 @@ class inetOrgPerson { echo "\n"; echo "\n"; echo "\n"; - echo "\n"; echo "\n"; echo "\n"; diff --git a/lam/lib/modules/posixAccount.inc b/lam/lib/modules/posixAccount.inc index 8f56c8ff..ca251d07 100644 --- a/lam/lib/modules/posixAccount.inc +++ b/lam/lib/modules/posixAccount.inc @@ -54,37 +54,33 @@ $Id$ */ class posixAccount { // Constructor - function posixAccount(&$baseobject) { + function posixAccount($base) { /* Return an error if posixAccount should be created without * base container */ - if (!$baseobject) trigger_error(_('Please create a base object with $var = new accountContainer();'), E_USER_ERROR); - // Check if $baseobject is an array - if (!is_object($baseobject)) trigger_error(_('Please create a new module object with $accountContainer->add_objectClass(\'posixAccount\');'), E_USER_ERROR); + if (!$base) trigger_error(_('Please create a base object with $var = new accountContainer();'), E_USER_ERROR); + if (!is_string($base)) trigger_error(_('Please create a new module object with $accountContainer->add_objectClass(\'posixAccount\');'), E_USER_ERROR); + $this->base = $base; // posixAccount is only a valid objectClass for user and host - if (!($baseobject->get_type() == 'user' || $baseobject->get_type() != 'host')) trigger_error(_('posixAccount can only be used for users or hosts.'), E_USER_WARNING); - /* Create a reference to basearray so we can read all other modules - * php will avaois recousrion itself - */ - $this->base = &$baseobject; + if (!($_SESSION[$this->base]->get_type() == 'user' || $_SESSION[$this->base]->get_type() != 'host')) trigger_error(_('posixAccount can only be used for users or hosts.'), E_USER_WARNING); /* Check if ldap conatiner is in array and set type * users are using inetOrgPerson-, hosts account-container */ - if (!isset($this->base->module['inetOrgPerson']) && $this->base->type=='user') $this->base->add_objectClass('inetOrgPerson'); - if (!isset($this->base->module['account']) && $this->base->type=='host') $this->base->add_objectClass('account'); + if (!isset($_SESSION[$this->base]->module['inetOrgPerson']) && $_SESSION[$this->base]->type=='user') $_SESSION[$this->base]->add_objectClass('inetOrgPerson'); + if (!isset($_SESSION[$this->base]->module['account']) && $_SESSION[$this->base]->type=='host') $_SESSION[$this->base]->add_objectClass('account'); // Add account type to object $line=-1; - for ($i=0; $ibase->ldap->objectClasses) || $i==-1; $i++) { - if (strpos($this->base->ldap->objectClasses[$i], "NAME 'posixAccount'")) $line = $i; + for ($i=0; $ibase]->ldap]->objectClasses) || $i==-1; $i++) { + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$i], "NAME 'posixAccount'")) $line = $i; } // Return error if objectClass isn't found if ($line==-1) trigger_error (sprintf(_("ObjectClass %s required but not defined in ldap."), 'posixAccount'), E_USER_WARNING); // Add Array with all attributes and type - $baseobject->add_attributes ('posixAccount'); + $_SESSION[$this->base]->add_attributes ('posixAccount'); // create array with must-attributes // Get startposition in string - if (strpos($this->base->ldap->objectClasses[$line], 'MUST (')) { - $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MUST (')+6); + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')+6); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -95,8 +91,8 @@ class posixAccount { } // create array with may-attributes // Get startposition in string - if (strpos($this->base->ldap->objectClasses[$line], 'MAY (')) { - $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MAY (')+5); + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')+5); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -106,12 +102,12 @@ class posixAccount { } } // Get attributes of subclasses - while (strpos($this->base->ldap->objectClasses[$line], "SUP ")) { - $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'SUP ')+4); + while (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], "SUP ")) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'SUP ')+4); $subclass = substr($string_withtail, 0, strpos($string_withtail, ' ')); // Add account type to object - for ($i=0; $ibase->ldap->objectClasses) || $i==-1; $i++) { - if (strpos($this->base->ldap->objectClasses[$i], "NAME '$subclass'")) $line = $i; + for ($i=0; $ibase]->ldap]->objectClasses) || $i==-1; $i++) { + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$i], "NAME '$subclass'")) $line = $i; } // Return error if objectClass isn't found // *** fixme, fix error message @@ -119,8 +115,8 @@ class posixAccount { // create array with must-attributes // Get startposition in string - if (strpos($this->base->ldap->objectClasses[$line], 'MUST (')) { - $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MUST (')+6); + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')+6); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -131,8 +127,8 @@ class posixAccount { } // create array with may-attributes // Get startposition in string - if (strpos($this->base->ldap->objectClasses[$line], 'MAY (')) { - $string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MAY (')+5); + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')+5); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); @@ -144,7 +140,7 @@ class posixAccount { } $this->alias = _('posixAccount'); // Add attributes which should be cached - $_SESSION['cache']->add_cache(array ('user' => array('cn', 'uid', 'uidNumber'), 'host' => array('cn', 'uid', 'uidNumber'), 'group' => array('cn', 'memberUid'))); + $_SESSION[$_SESSION[$this->base]->cache]->add_cache(array ('user' => array('cn', 'uid', 'uidNumber'), 'host' => array('cn', 'uid', 'uidNumber'), 'group' => array('cn', 'memberUid'))); /* Check if at least one group does exist in ldap */ $groups = findgroups(); // list of all groupnames @@ -152,19 +148,20 @@ class posixAccount { // Make references to attributes which already esists in ldap $newattributes = array_keys($this->attributes); - $module = array_keys($this->base->module); + $module = array_keys($_SESSION[$this->base]->module); // fixme *** do we have to unset module posixAccuont itself for ($i=0; $ibase->module[$module[$i]]->attributes[$attribute])) $this->attributes[$attribute] = &$this->base->module[$module[$i]]->attributes[$attribute]; + if (isset($_SESSION[$this->base]->module[$module[$i]]->attributes[$attribute])) $this->attributes[$attribute] =& $_SESSION[$this->base]->module[$module[$i]]->attributes[$attribute]; } $this->orig = $this->attributes ; + $this->attributes['objectClass'][0] = 'posixAccount'; } // Variables // Alias Name. This name is shown in the menu instead of posixAccount var $alias; - // reference to base-array so we can read other classes in basearray + // name of accountContainer so we can read other classes in accuontArray var $base; // This variable contains all inetOrgPerson attributes @@ -182,48 +179,48 @@ class posixAccount { /* This function returns a list with all required modules */ function dependencies() { - if ($this->base['type']=='user') return array('inetOrgPerson'); - if ($this->base['type']=='host') return array('account'); + if ($_SESSION[$this->base]->type=='user') return array('inetOrgPerson'); + if ($_SESSION[$this->base]->type=='host') return array('account'); // return error if unsupported type is used return -1; } /* Write variables into object and do some regexp checks */ - function proccess_attributes() { + function proccess_attributes($post) { // Load attributes - $this->attributes['uidNumber'] = $_POST['form_posixAccount_uidNumber']; - $this->attributes['gidNumber'] = getgrnam($_POST['form_posixAccount_gidNumber']); - $this->attributes['homeDirectory'] = $_POST['form_posixAccount_homeDirectory']; - $this->attributes['loginShell'] = $_POST['form_posixAccount_loginShell']; - $this->attributes['gecos'] = $_POST['form_posixAccount_gecos']; + $this->attributes['uidNumber'][0] = $post['form_posixAccount_uidNumber']; + $this->attributes['gidNumber'][0] = getgrnam($post['form_posixAccount_gidNumber']); + $this->attributes['homeDirectory'][0] = $post['form_posixAccount_homeDirectory']; + $this->attributes['loginShell'][0] = $post['form_posixAccount_loginShell']; + $this->attributes['gecos'][0] = $post['form_posixAccount_gecos']; // Check if UID is valid. If none value was entered, the next useable value will be inserted // load min and may uidNumber - if ($this->base['type']=='user') { - $minID = intval($_SESSION['config']->get_minUID()); - $maxID = intval($_SESSION['config']->get_maxUID()); + if ($_SESSION[$this->base]['type']=='user') { + $minID = intval($_SESSION[$_SESSION[$this->base]->config]->get_minUID()); + $maxID = intval($_SESSION[$_SESSION[$this->base]->config]->get_maxUID()); } else { - $minID = intval($_SESSION['config']->get_minMachine()); - $maxID = intval($_SESSION['config']->get_maxMachine()); + $minID = intval($_SESSION[$_SESSION[$this->base]->config]->get_minMachine()); + $maxID = intval($_SESSION[$_SESSION[$this->base]->config]->get_maxMachine()); } - $dn_uids = $this->base->cache->get_cache('uidNumber', 'posixAccount', '*'); + $dn_uids = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('uidNumber', 'posixAccount', '*'); // get_cache will return an array ( dn1 => array(uidnumber1), dn2 => array(uidnumber2), ... ) foreach ($dn_uids as $uid) $uids[] = $uid[0]; if(is_array($uids)) sort ($uids, SORT_NUMERIC); - if ($this->attributes['uidNumber']=='') { + if ($this->attributes['uidNumber'][0]=='') { // No id-number given - if ($this->orig['uidNumber']=='') { + if ($this->orig['uidNumber'][0]=='') { // new account -> we have to find a free id-number if (count($uids)!=0) { // There are some uids // Store highest id-number $id = $uids[count($uids)-1]; // Return minimum allowed id-number if all found id-numbers are too low - if ($id < $minID) $this->attributes['uidNumber'] = $minID; + if ($id < $minID) $this->attributes['uidNumber'][0] = $minID; // Return higesht used id-number + 1 if it's still in valid range - if ($id < $maxID) $this->attributes['uidNumber'] = $id+1; + if ($id < $maxID) $this->attributes['uidNumber'][0] = $id+1; /* If this function is still running we have to fid a free id-number between * the used id-numbers */ @@ -232,53 +229,53 @@ class posixAccount { if ($i>$maxID) $errors[] = array('ERROR', _('ID-Number'), _('No free ID-Number!')); else { - $this->attributes['uidNumber'] = $i; + $this->attributes['uidNumber'][0] = $i; $errors[] = array('WARN', _('ID-Number'), _('It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.')); } } - else $this->attributes['uidNumber'] = $minID; + else $this->attributes['uidNumber'][0] = $minID; // return minimum allowed id-number if no id-numbers are found } - else $this->attributes['uidNumber'] = $this->orig['uidNumber']; + else $this->attributes['uidNumber'][0] = $this->orig['uidNumber'][0]; // old account -> return id-number which has been used } else { // Check manual ID // id-number is out of valid range - if ( $this->attributes['uidNumber'] < $minID || $this->attributes['uidNumber'] > $maxID) $errors[] = array('ERROR', _('ID-Number'), sprintf(_('Please enter a value between %s and %s!'), $minID, $maxID)); + if ( ($this->attributes['uidNumber'][0]!=$post['form_posixAccount_uidNumber']) && ($this->attributes['uidNumber'][0] < $minID || $this->attributes['uidNumber'][0] > $maxID)) $errors[] = array('ERROR', _('ID-Number'), sprintf(_('Please enter a value between %s and %s!'), $minID, $maxID)); // $uids is allways an array but not if no entries were found if (is_array($uids)) { // id-number is in use and account is a new account - if ((in_array($this->attributes['uidNumber'], $uids)) && $this->orig['uidNumber']=='') $errors[] = array('ERROR', _('ID-Number'), _('ID is already in use')); + if ((in_array($this->attributes['uidNumber'][0], $uids)) && $this->orig['uidNumber'][0]=='') $errors[] = array('ERROR', _('ID-Number'), _('ID is already in use')); // id-number is in use, account is existing account and id-number is not used by itself - if ((in_array($this->attributes['uidNumber'], $uids)) && $this->orig['uidNumber']!='' && ($this->orig['uidNumber'] != $this->attributes['uidNumber']) ) { + if ((in_array($this->attributes['uidNumber'][0], $uids)) && $this->orig['uidNumber'][0]!='' && ($this->orig['uidNumber'][0] != $this->attributes['uidNumber'][0]) ) { $errors[] = array('ERROR', _('ID-Number'), _('ID is already in use')); - $this->attributes['uidNumber'] = $this->orig['uidNumber']; + $this->attributes['uidNumber'][0] = $this->orig['uidNumber'][0]; } } } // Check if Homedir is valid - $this->attributes['homeDirectory'] = str_replace('$group', getgrnam($this->attributes['gidNumber']), $this->attributes['homeDirectory']); - if ($this->attributes['uid'] != '') - $this->attributes['homeDirectory'] = str_replace('$user', $this->attributes['uid'], $this->attributes['homeDirectory']); - if ($this->attributes['homeDirectory'] != $_POST['form_posixAccount_homeDirectory']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.')); - if ( !ereg('^[/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*([/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*)*$', $this->attributes['homeDirectory'] )) + $this->attributes['homeDirectory'][0] = str_replace('$group', getgrnam($this->attributes['gidNumber'][0]), $this->attributes['homeDirectory'][0]); + if ($this->attributes['uid'][0] != '') + $this->attributes['homeDirectory'][0] = str_replace('$user', $this->attributes['uid'][0], $this->attributes['homeDirectory'][0]); + if ($this->attributes['homeDirectory'][0] != $post['form_posixAccount_homeDirectory']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.')); + if ( !ereg('^[/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*([/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*)*$', $this->attributes['homeDirectory'][0] )) $errors[] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.')); // Return error-messages if (is_array($errors)) return $errors; // Go to additional group page when no error did ocour and button was pressed - if ($_POST['form_posixAccount_addgroup']) return 'group'; + if ($post['form_posixAccount_addgroup']) return 'group'; return 0; } /* Write variables into object and do some regexp checks */ - function process_groups() { + function proccess_group($post) { do { // X-Or, only one if() can be true - if (isset($_POST['form_posixAccount_addgroups']) && isset($_POST['form_posixAccount_addgroups_button'])) { // Add groups to list + if (isset($post['form_posixAccount_addgroups']) && isset($post['form_posixAccount_addgroups_button'])) { // Add groups to list // Add new group - $this->groups = @array_merge($this->groups, $_POST['form_posixAccount_addgroups']); + $this->groups = @array_merge($this->groups, $post['form_posixAccount_addgroups']); // remove doubles $this->groups = @array_flip($this->groups); array_unique($this->groups); @@ -287,13 +284,13 @@ class posixAccount { sort($this->groups); break; } - if (isset($_POST['form_posixAccount_removegroups']) && isset($_POST['form_posixAccount_removegroups_button'])) { // remove groups from list - $this->groups = array_delete($_POST['form_posixAccount_removegroups'], $this->groups); + if (isset($post['form_posixAccount_removegroups']) && isset($post['form_posixAccount_removegroups_button'])) { // remove groups from list + $this->groups = array_delete($post['form_posixAccount_removegroups'], $this->groups); break; } } while(0); - if (isset($_POST['form_posixAccount_addgroups_button']) || isset($_POST['form_posixAccount_removegroups_button'])) return 'group'; - if ($_POST['form_posixAccount_toattributes']) return 'attributes'; + if (isset($post['form_posixAccount_addgroups_button']) || isset($post['form_posixAccount_removegroups_button'])) return 'group'; + if ($post['form_posixAccount_toattributes']) return 'attributes'; return 0; } @@ -319,8 +316,9 @@ class posixAccount { } // Values are kept as copy so we can compare old attributes with new attributes $this->orig = $this->attributes; + $this->attributes['objectClass'][0] = 'posixAccount'; // get all additional groupmemberships - $dn_groups = $this->base->cache->get_cache('memberUid', 'posixGroup', 'group'); + $dn_groups = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('memberUid', 'posixGroup', 'group'); $DNs = array_keys($dn_groups); foreach ($DNs as $DN) { if (in_array($attr['uid'], $dn_groups[$DN])) @@ -341,27 +339,52 @@ class posixAccount { * modify are attributes which have to been modified in ldap entry */ function save_attributes() { - // Get list off all attributes - $attributes = $this->orig; // Get list of all "easy" attributes - $attr_names = array_keys($attributes); - foreach ($attr_names as $attr_name) { - if (count($this->attributes[$attr_name])!=0 && count($this->orig[$attr_name])==0) $return[$this->base['dn']]['add'][$attr_name] = $this->attributes[$attr_name]; - if (count($this->attributes[$attr_name])!=0 && count($this->orig[$attr_name])!=0) { - // We have to check every single attribute - // Get attributes which should be added - $attributes = array_delete($this->orig[$attr_name], $this->attributes[$attr_name]); - // Encode as unicode - for ($i=0; $ibase['dn']]['add'][$attr_name] = $attributes; - // Get attributes which should be removed - $attributes = array_delete($this->attributes[$attr_name], $this->orig[$attr_name]); - // Encode as unicode - for ($i=0; $ibase['dn']]['remove'][$attr_name] = $attributes; + $attr_names = array_keys($this->attributes); + // Get attributes which should be added + for ($i=0; $iorig[$attr_names[$i]]); $j++) { + if (is_array($this->attributes[$attr_names[$i]])) { + if (!in_array($this->orig[$attr_names[$i]][$j], $this->attributes[$attr_names[$i]])) + if ($this->orig[$attr_names[$i]][$j]!='') $torem[$attr_names[$i]][] =utf8_encode($this->orig[$attr_names[$i]][$j]); + } + else if ($this->orig[$attr_names[$i]][$j]!='') $torem[$attr_names[$i]][] = utf8_encode($this->orig[$attr_names[$i]][$j]); + } + for ($j=0; $jattributes[$attr_names[$i]]); $j++) { + if (is_array($this->orig[$attr_names[$i]])) { + if (!in_array($this->attributes[$attr_names[$i]][$j], $this->orig[$attr_names[$i]])) + if ($this->attributes[$attr_names[$i]][$j]!='') $toadd[$attr_names[$i]][] = utf8_encode($this->attributes[$attr_names[$i]][$j]); + } + else if ($this->attributes[$attr_names[$i]][$j]!='') $toadd[$attr_names[$i]][] = utf8_encode($this->attributes[$attr_names[$i]][$j]); + } + for ($j=0; $jattributes[$attr_names[$i]]); $j++) { + if (is_array($this->orig[$attr_names[$i]]) && is_array($this->attributes[$attr_names[$i]])) { + if (($this->attributes[$attr_names[$i]][$j]==$this->orig[$attr_names[$i]][$j]) && $this->attributes[$attr_names[$i]][$j]!='') + $notchanged[$attr_names[$i]][] = utf8_encode($this->attributes[$attr_names[$i]][$j]); + } } - if (count($this->attributes[$attr_name])==0 && count($this->orig[$attr_name])!=0) $return[$this->base['dn']]['remove'][$attr_name] = $this->orig[$attr_name]; } + // create modify wuth add and remove + if (is_array($toadd)) { + $attributes = array_keys($toadd); + for ($i=0; $ibase]->dn]['add'] = $toadd; + if (count($torem)!=0) $return[$_SESSION[$this->base]->dn]['remove'] = $torem; + if (count($tomodify)!=0) $return[$_SESSION[$this->base]->dn]['modify'] = $tomodify; + if (count($notchanged)!=0) $return[$_SESSION[$this->base]->dn]['notchanged'] = $notchanged; // Remove primary group from additional groups for ($i=0; $igroups); $i++) { @@ -375,7 +398,7 @@ class posixAccount { //There are some old groups. $add = array_delete($this->groups_orig, $this->groups); $remove = array_delete($this->groups, $this->groups_orig); - $dn_cns = $this->base->cache->get_cache('cn', 'posixGroup', 'group'); + $dn_cns = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('cn', 'posixGroup', 'group'); // get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... ) $DNs = array_keys($dn_cns); foreach ($DNs as $DN) { @@ -387,7 +410,7 @@ class posixAccount { } else { // Add user to every group - $dn_cns = $this->base->cache->get_cache('cn', 'posixGroup', 'group'); + $dn_cns = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('cn', 'posixGroup', 'group'); // get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... ) $DNs = array_keys($dn_cns); foreach ($DNs as $DN) { @@ -398,7 +421,7 @@ class posixAccount { else { if (is_array($this->groups_orig)) { //There are some old groups which have to be removed - $dn_cns = $this->base->cache->get_cache('cn', 'posixGroup', 'group'); + $dn_cns = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('cn', 'posixGroup', 'group'); // get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... ) $DNs = array_keys($dn_cns); foreach ($DNs as $DN) { @@ -422,13 +445,12 @@ class posixAccount { * to show a page with all attributes. * It will output a complete html-table */ - function display_html_attributes() { + function display_html_attributes($post) { $groups = findgroups(); // list of all groupnames $shelllist = getshells(); // list of all valid shells - echo "
' . _('Username') . "*
" . _('Repeat password') . "userPassword(); echo "\">
" . _('Lock password') . "userPassword_no) echo " checked "; + echo "userPassword_lock) echo " checked "; echo ">" . _('Help') . "
\n\n"; - echo "\n"; - echo "\n"; + echo "\n"; + echo "\n"; echo "\n"; echo "\n"; echo "\n"; @@ -436,12 +458,12 @@ class posixAccount { echo "\n"; echo "\n"; echo "\n"; - if ($this->base['type']=='user') { + if ($_SESSION[$this->base]->type=='user') { echo "\n"; echo "\n"; echo "\n"; @@ -449,23 +471,23 @@ class posixAccount { echo "\n"; echo "\n"; echo "\n"; - echo "\n"; + echo "\n"; echo "\n"; echo "\n"; } echo "\n"; echo "\n"; - echo "\n"; + echo "\n"; echo "\n"; echo "\n"; - if ($this->base['type']=='user') { + if ($_SESSION[$this->base]->type=='user') { if (count($shelllist)!=0) { echo "\n"; echo "\n"; echo "\n"; echo "\n"; @@ -476,9 +498,9 @@ class posixAccount { return 0; } - function display_html_group() { + function display_html_group($post) { // load list with all groups - $dn_groups = $this->base->cache->get_cache('uidNumber', 'posixGroup', 'group'); + $dn_groups = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('uidNumber', 'posixGroup', 'group'); foreach ($dn_groups as $group) $groups[] = $group[0]; // sort groups sort($groups, SORT_STRING); diff --git a/lam/lib/modules/shadowAccount.inc b/lam/lib/modules/shadowAccount.inc new file mode 100644 index 00000000..fadbcf1b --- /dev/null +++ b/lam/lib/modules/shadowAccount.inc @@ -0,0 +1,348 @@ +add_objectClass(\'shadowAccount\');'), E_USER_ERROR); + $this->base = $base; + // shadowAccount is only a valid objectClass for user and host + if (!($_SESSION[$this->base]->get_type() == 'user')) trigger_error(_('shadowAccount can only be used for users.'), E_USER_WARNING); + /* Check if ldap conatiner is in array and set type + * users are using inetOrgPerson-, hosts account-container + */ + if (!isset($_SESSION[$this->base]->module['inetOrgPerson'])) $_SESSION[$this->base]->add_objectClass('inetOrgPerson'); + // Add account type to object + $line=-1; + for ($i=0; $ibase]->ldap]->objectClasses) || $i==-1; $i++) { + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$i], "NAME 'shadowAccount'")) $line = $i; + } + // Return error if objectClass isn't found + if ($line==-1) trigger_error (sprintf(_("ObjectClass %s required but not defined in ldap."), 'shadowAccount'), E_USER_WARNING); + // Add Array with all attributes and type + $_SESSION[$this->base]->add_attributes ('shadowAccount'); + // create array with must-attributes + // Get startposition in string + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')+6); + // Now we have a string with all must-attributes + $string = substr($string_withtail, 0, strpos($string_withtail, ')')); + $string = trim($string); + // Ad must + foreach (explode(" $ ", $string) as $attribute) { + $this->attributes[$attribute] = ''; + } + } + // create array with may-attributes + // Get startposition in string + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')+5); + // Now we have a string with all must-attributes + $string = substr($string_withtail, 0, strpos($string_withtail, ')')); + $string = trim($string); + // Ad may + foreach (explode(" $ ", $string) as $attribute) { + $this->attributes[$attribute] = ''; + } + } + // Get attributes of subclasses + while (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], "SUP ")) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'SUP ')+4); + $subclass = substr($string_withtail, 0, strpos($string_withtail, ' ')); + // Add account type to object + for ($i=0; $ibase]->ldap]->objectClasses) || $i==-1; $i++) { + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$i], "NAME '$subclass'")) $line = $i; + } + // Return error if objectClass isn't found + // *** fixme, fix error message + if ($line==-1) trigger_error (_("objectClass objectClass required but not defined in ldap."), E_USER_WARNING); + + // create array with must-attributes + // Get startposition in string + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MUST (')+6); + // Now we have a string with all must-attributes + $string = substr($string_withtail, 0, strpos($string_withtail, ')')); + $string = trim($string); + // Ad must + foreach (explode(" $ ", $string) as $attribute) { + $this->attributes[$attribute] = ''; + } + } + // create array with may-attributes + // Get startposition in string + if (strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')) { + $string_withtail = substr($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], strpos($_SESSION[$_SESSION[$this->base]->ldap]->objectClasses[$line], 'MAY (')+5); + // Now we have a string with all must-attributes + $string = substr($string_withtail, 0, strpos($string_withtail, ')')); + $string = trim($string); + // Ad may + foreach (explode(" $ ", $string) as $attribute) { + $this->attributes[$attribute] = ''; + } + } + } + $this->alias = _('shadowAccount'); + // Make references to attributes which already esists in ldap + $newattributes = array_keys($this->attributes); + $module = array_keys($_SESSION[$this->base]->module); + // fixme *** do we have to unset module shadowAccount itself + for ($i=0; $ibase]->module[$module[$i]]->attributes[$attribute])) $this->attributes[$attribute] =& $_SESSION[$this->base]->module[$module[$i]]->attributes[$attribute]; + } + $this->orig = $this->attributes ; + $this->attributes['objectClass'][0] = 'shadowAccount'; + } + + // Variables + // Alias Name. This name is shown in the menu instead of shadowAccount + var $alias; + // name of accountContainer so we can read other classes in accuontArray + var $base; + + // This variable contains all inetOrgPerson attributes + var $attributes; + /* If an account was loaded all attributes are kept in this array + * to compare it with new changed attributes + */ + var $orig; + + /* This function returns a list with all required modules + */ + function dependencies() { + return array('inetOrgPerson'); + } + + /* Write variables into object and do some regexp checks + */ + function proccess_attributes($post) { + // Load attributes + $this->attributes['shadowMin'][0] = $post['form_shadowAccount_shadowMin']; + $this->attributes['shadowMax'][0] = $post['form_shadowAccount_shadowMax']; + $this->attributes['shadowWarning'][0] = $post['form_shadowAccount_shadowWarning']; + $this->attributes['shadowInactive'][0] = $post['form_shadowAccount_shadowInactive']; + $this->attributes['shadowWarning'][0] = mtime(10, 0, 0, $post['form_shadowAccount_shadowExpire_mon'], + $post['form_shadowAccount_shadowExpire_day'], $post['form_shadowAccount_shadowExpire_yea']); + + if ( !ereg('^([0-9])*$', $this->attributes['shadowMin'][0])) $errors[] = array('ERROR', _('Password minage'), _('Password minage must be are natural number.')); + if ( $this->attributes['shadowMin'][0] > $this->attributes['shadowMax'][0] ) $errors[] = array('ERROR', _('Password maxage'), _('Password maxage must bigger as Password Minage.')); + if ( !ereg('^([0-9]*)$', $this->attributes['shadowMax'][0])) $errors[] = array('ERROR', _('Password maxage'), _('Password maxage must be are natural number.')); + if ( !ereg('^(([-][1])|([0-9]*))$', $this->attributes['shadowInactive'][0])) + $errors[] = array('ERROR', _('Password Expire'), _('Password expire must be are natural number or -1.')); + if ( !ereg('^([0-9]*)$', $this->attributes['shadowWarning'][0])) $errors[] = array('ERROR', _('Password warn'), _('Password warn must be are natural number.')); + + if (is_array($errors)) return $errors; + return 0; + } + + + /* This function loads all attributes into the object + * $attr is an array as it's retured from ldap_get_attributes + */ + function load_attributes($attr) { + // Load attributes which are displayed + // unset count entries + unset ($attr['count']); + $attributes = array_keys($attr); + foreach ($attributes as $attribute) unset ($attr[$attribute]['count']); + // unset double entries + for ($i=0; $iattributes[$attribute])) { + // decode as unicode + $this->attributes[$attribute] = $attr[$attribute]; + for ($i=0; $iattributes[$attribute]); $i++) $this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]); + } + } + // Values are kept as copy so we can compare old attributes with new attributes + $this->orig = $this->attributes; + $this->attributes['objectClass'][0] = 'shadowAccount'; + } + + + /* This function returns an array with 3 entries: + * array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... ) + * DN is the DN to change. It may be possible to change several DNs, + * e.g. create a new user and add him to some groups via attribute memberUid + * add are attributes which have to be added to ldap entry + * remove are attributes which have to be removed from ldap entry + * modify are attributes which have to been modified in ldap entry + */ + function save_attributes() { + // Get list of all "easy" attributes + $attr_names = array_keys($this->attributes); + // Get attributes which should be added + for ($i=0; $iorig[$attr_names[$i]]); $j++) { + if (is_array($this->attributes[$attr_names[$i]])) { + if (!in_array($this->orig[$attr_names[$i]][$j], $this->attributes[$attr_names[$i]])) + if ($this->orig[$attr_names[$i]][$j]!='') $torem[$attr_names[$i]][] =utf8_encode($this->orig[$attr_names[$i]][$j]); + } + else if ($this->orig[$attr_names[$i]][$j]!='') $torem[$attr_names[$i]][] = utf8_encode($this->orig[$attr_names[$i]][$j]); + } + for ($j=0; $jattributes[$attr_names[$i]]); $j++) { + if (is_array($this->orig[$attr_names[$i]])) { + if (!in_array($this->attributes[$attr_names[$i]][$j], $this->orig[$attr_names[$i]])) + if ($this->attributes[$attr_names[$i]][$j]!='') $toadd[$attr_names[$i]][] = utf8_encode($this->attributes[$attr_names[$i]][$j]); + } + else if ($this->attributes[$attr_names[$i]][$j]!='') $toadd[$attr_names[$i]][] = utf8_encode($this->attributes[$attr_names[$i]][$j]); + } + for ($j=0; $jattributes[$attr_names[$i]]); $j++) { + if (is_array($this->orig[$attr_names[$i]]) && is_array($this->attributes[$attr_names[$i]])) { + if (($this->attributes[$attr_names[$i]][$j]==$this->orig[$attr_names[$i]][$j]) && $this->attributes[$attr_names[$i]][$j]!='') + $notchanged[$attr_names[$i]][] = utf8_encode($this->attributes[$attr_names[$i]][$j]); + } + } + } + // create modify wuth add and remove + if (is_array($toadd)) { + $attributes = array_keys($toadd); + for ($i=0; $ibase]->dn]['add'] = $toadd; + if (count($torem)!=0) $return[$_SESSION[$this->base]->dn]['remove'] = $torem; + if (count($tomodify)!=0) $return[$_SESSION[$this->base]->dn]['modify'] = $tomodify; + if (count($notchanged)!=0) $return[$_SESSION[$this->base]->dn]['notchanged'] = $notchanged; + + // Set shadowLastchange manual. + if ($_SESSION[$this->base]->module['inetOrgPerson']->userPassword()!='' || $_SESSION[$this->base]->module['inetOrgPerson']->userPassword_no) + $return[$_SESSION[$this->base]->dn]['modify']['shadowLastChange'] = array(time()/3600/24); + + return $return; + } + + + /* This function returns all ldap attributes + * which are part of shadowAccount and returns + * also their values. + */ + function get_attributes() { + return $this->attributes; + } + + /* This function will create the html-page + * to show a page with all attributes. + * It will output a complete html-table + */ + function display_html_attributes($post) { + // Use dd-mm-yyyy format of date because it's easier to read for humans + $date = getdate ($this->attributes['shadowExpire'][0]*3600*24); + echo "
" . _('UID number') . "attributes['uidNumber']."\">" . _('UID number') ."attributes['uidNumber'][0]."\">" . _('Help') . "
" . _('Help') . "
" . _('Additional groups') . "
" . _('Home directory') . "*attributes['homeDirectory']."\">attributes['homeDirectory'][0]."\">" . _('Help') . "
" . _('Gecos') . "attributes['gecos']."\">attributes['gecos'][0]."\">" . _('Help') . "
" . _('Login shell') . "*" . _('Help') . "
\n\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "
" . _('Password warn') . "attributes['shadowWarning'][0] . "\">" . _('Help') . "
" . _('Password Expire') . "attributes['shadowInactive'][0] . "\">" . _('Help') . "
" . _('Maximum password age') . "attributes['shadowMax'][0] . "\">" . _('Help') . "
" . _('Minimum password age') . "attributes['shadowMin'][0] . "\">" . _('Help') . "
" . _('Expire date') . "\n\n" . _('Help') . "
\n"; + return 0; + } + + + } + + + +?> diff --git a/lam/templates/account/useredit.php b/lam/templates/account/useredit.php index 493cdd5d..67bbb88d 100644 --- a/lam/templates/account/useredit.php +++ b/lam/templates/account/useredit.php @@ -758,11 +758,6 @@ if (is_array($errors)) // print_r($account_new); //print_r($account_old); -//$_SESSION['cache'] = new cache(); -//$temp = new accountContainer('user'); -//$temp->add_objectClass('posixAccount'); -//$temp->load_account('uid=julia,ou=people,dc=my-domain,dc=com'); -//print_r($temp->module['posixAccount']->attributes); switch ($select_local) { /* Select which part of page should be loaded and check values diff --git a/lam/templates/account/useredit.php.new b/lam/templates/account/useredit.php.new new file mode 100644 index 00000000..c246079d --- /dev/null +++ b/lam/templates/account/useredit.php.new @@ -0,0 +1,73 @@ +load_account($DN); + } +else if (count($_POST)==0) { + $_SESSION['account'] = new accountContainer('user', 'account'); + $_SESSION['account']->new_account(); + } +$_SESSION['account']->continue_main($_POST); + +?>