refactoring

lam/lib/2factor.inc

@@ -560,12 +560,10 @@ class WebauthnProvider extends BaseProvider {
 		$row->add($loginButton, 12);
 		$errorMessage = new htmlStatusMessage('ERROR', '', _('This service requires a browser with "WebAuthn" support.'));
 		$row->add(new htmlDiv(null, $errorMessage, array('hidden webauthn-error')), 12);
-		if ($this->config->twoFactorAuthenticationOptional === true) {
+		if (($this->config->twoFactorAuthenticationOptional === true) && !$hasTokens) {
-			if (!$hasTokens) {
+			$skipButton = new htmlButton('skip_webauthn', _('Skip'));
-				$skipButton = new htmlButton('skip_webauthn', _('Skip'));
+			$skipButton->setCSSClasses(array('fullwidth'));
-				$skipButton->setCSSClasses(array('fullwidth'));
+			$row->add($skipButton, 12);
-				$row->add($skipButton, 12);
-			}
 		}
 		$errorMessageDiv = new htmlDiv('generic-webauthn-error', new htmlOutputText(''));
 		$errorMessageDiv->addDataAttribute('button', _('Ok'));

lam/lib/checkEnvironment.inc

@@ -110,11 +110,12 @@ if (ini_get("session.auto_start") == "1") {
 }
 // check memory limit
 $memLimit = ini_get('memory_limit');
-if (isset($memLimit) && ($memLimit != '') && (substr(strtoupper($memLimit), strlen($memLimit) - 1) == 'M')) {
+if (isset($memLimit)
-	if (intval(substr($memLimit, 0, strlen($memLimit) - 1)) < 128) {
+	&& ($memLimit != '')
-		$criticalErrors[] = array("ERROR", "Please increase the \"memory_limit\" parameter in your php.ini to at least \"128M\".",
+	&& (substr(strtoupper($memLimit), strlen($memLimit) - 1) == 'M')
-			"Your current memory limit is $memLimit.");
+	&& (intval(substr($memLimit, 0, strlen($memLimit) - 1)) < 128)) {
-	}
+	$criticalErrors[] = array("ERROR", "Please increase the \"memory_limit\" parameter in your php.ini to at least \"128M\".",
+		"Your current memory limit is $memLimit.");
 }
 // check PCRE regex system
 if (!@preg_match('/^\p{L}+$/u', "abc")) {

lam/lib/ldap.inc

@@ -2,7 +2,7 @@
 /*
 
   This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
-  Copyright (C) 2003 - 2019  Roland Gruber
+  Copyright (C) 2003 - 2020  Roland Gruber
 
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
@@ -144,10 +144,10 @@ class Ldap{
 		$file = @readdir($dir);
 		while ($file) {
 			$path = $tmpDir . $file;
-			if ((substr($file, 0, 1) != '.') && !is_dir($path)) {
+			if ((substr($file, 0, 1) != '.')
-				if ($time - filemtime($path) > 900) {
+				&& !is_dir($path)
-					@unlink($path);
+				&& ($time - filemtime($path) > 900)) {
-				}
+				@unlink($path);
 			}
 			$file = @readdir($dir);
 		}

lam/lib/modules.inc

@@ -1779,10 +1779,8 @@ class accountContainer {
 		// pass profile to each module
 		$modules = array_keys($this->module);
 		foreach ($modules as $module) $this->module[$module]->load_profile($profile);
-		if (isset($profile['ldap_rdn'][0])) {
+		if (isset($profile['ldap_rdn'][0]) && in_array($profile['ldap_rdn'][0], getRDNAttributes($this->type->getId()))) {
-			if (in_array($profile['ldap_rdn'][0], getRDNAttributes($this->type->getId()))) {
+			$this->rdn = $profile['ldap_rdn'][0];
-				$this->rdn = $profile['ldap_rdn'][0];
-			}
 		}
 		if (isset($profile['ldap_suffix'][0]) && ($profile['ldap_suffix'][0] != '-')) {
 			$this->dnSuffix = $profile['ldap_suffix'][0];

lam/lib/modules/authorizedServiceObject.inc

@@ -3,7 +3,7 @@
 
   This code is not yet part of LDAP Account Manager (http://www.ldap-account-manager.org/)
   Copyright (C) 2011         J de Jong
-  				2012 - 2019  Roland Gruber
+  				2012 - 2020  Roland Gruber
 
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
@@ -230,10 +230,10 @@ class authorizedServiceObject extends baseModule {
 		// profile mappings in meta data
 		parent::load_profile($profile);
 		// add extension
-		if (isset($profile['authorizedServiceObject_addExt'][0]) && ($profile['authorizedServiceObject_addExt'][0] == "true")) {
+		if (isset($profile['authorizedServiceObject_addExt'][0])
-			if (!in_array('authorizedServiceObject', $this->attributes['objectClass'])) {
+			&& ($profile['authorizedServiceObject_addExt'][0] == "true")
-				$this->attributes['objectClass'][] = 'authorizedServiceObject';
+			&& !in_array('authorizedServiceObject', $this->attributes['objectClass'])) {
-			}
+			$this->attributes['objectClass'][] = 'authorizedServiceObject';
 		}
 		// add ASs
 		if (isset ($profile['authorizedServiceObject_services'][0]) && ($profile['authorizedServiceObject_services'][0] != "")) {

lam/lib/modules/ddns.inc

@@ -281,10 +281,8 @@ class ddns extends baseModule {
 		$this->setIgnoreClientUpdates(($client_insert == 'on'));
 
 		$this->setUpdateKey($key_path);
-		if (!empty($key_path)) {
+		if (!empty($key_path) && (str_replace("\"","",$_POST['key_path']) != $key_path)) {
-			if (str_replace("\"","",$_POST['key_path']) != $key_path) {
+			$errors[] = $this->messages['key_path'][1];
-				$errors[] = $this->messages['key_path'][1];
-			}
 		}
 
 		return $errors;
@@ -301,10 +299,8 @@ class ddns extends baseModule {
 		$zone_reverse = trim($_POST['zone_reverse']);
 
 		// ip correct???
-		if (!empty($ip)) {
+		if (!empty($ip) && !check_ip($ip)) {
-			if (!check_ip($ip)) {
+			$errors[] = $this->messages['ip'][0];
-				$errors[] = $this->messages['ip'][0];
-			}
 		}
 
 		for ($i = 0; $i < sizeof($this->attributes['dhcpStatements']); $i++) {

lam/lib/modules/dhcp_settings.inc

@@ -370,10 +370,10 @@ By default, the nodes are configured as H-Nodes which fits for small networks. I
 	*/
 	public function save_attributes() {
 		// remove dhcpSubnet object class if only the DHCP settings were changed
-		if ($this->isRootNode()) {
+		if ($this->isRootNode()
-			if (!in_array_ignore_case("dhcpSubnet", $this->orig['objectClass']) && in_array_ignore_case("dhcpSubnet", $this->attributes['objectClass'])) {
+			&& !in_array_ignore_case("dhcpSubnet", $this->orig['objectClass'])
-				$this->attributes['objectClass'] = array_delete(array("dhcpSubnet"), $this->attributes['objectClass']);
+			&& in_array_ignore_case("dhcpSubnet", $this->attributes['objectClass'])) {
-			}
+			$this->attributes['objectClass'] = array_delete(array("dhcpSubnet"), $this->attributes['objectClass']);
 		}
 		return parent::save_attributes();
 	}
@@ -386,10 +386,10 @@ By default, the nodes are configured as H-Nodes which fits for small networks. I
 	*/
 	public function process_attributes() {
 		// check if DHCP main settings and valid DHCP entry
-		if ($this->isRootNode()) {
+		if ($this->isRootNode()
-			if (!in_array_ignore_case('dhcpService', $this->attributes['objectClass']) && !in_array_ignore_case('dhcpServer', $this->attributes['objectClass'])) {
+			&& !in_array_ignore_case('dhcpService', $this->attributes['objectClass'])
-				return array();
+			&& !in_array_ignore_case('dhcpServer', $this->attributes['objectClass'])) {
-			}
+			return array();
 		}
 		$errors = array();
 
@@ -420,10 +420,8 @@ By default, the nodes are configured as H-Nodes which fits for small networks. I
 
 		// Check domainname:
 		if (!empty($_POST['domainname'])) $_POST['domainname'] = trim($_POST['domainname']);
-		if (!empty($_POST['domainname'])) {
+		if (!empty($_POST['domainname']) && !preg_match("/^[A-Za-z0-9\\._-]*$/", $_POST['domainname'])) {
-			if (!preg_match("/^[A-Za-z0-9\\._-]*$/", $_POST['domainname'])) {
+		    $errors[] = $this->messages['domainname'][2];
-			    $errors[] = $this->messages['domainname'][2];
-			}
 		}
 		$this->setDHCPOption('domain-name', '"' . $_POST['domainname'] . '"');
 
@@ -562,11 +560,11 @@ By default, the nodes are configured as H-Nodes which fits for small networks. I
 	public function display_html_attributes() {
 		$return = new htmlResponsiveRow();
 		// check if DHCP main settings and valid DHCP entry
-		if ($this->isRootNode()) {
+		if ($this->isRootNode()
-			if (!in_array_ignore_case('dhcpService', $this->attributes['objectClass']) && !in_array_ignore_case('dhcpServer', $this->attributes['objectClass'])) {
+			&& !in_array_ignore_case('dhcpService', $this->attributes['objectClass'])
-				$return->add(new htmlStatusMessage('ERROR', _('Please set your LDAP suffix to an LDAP entry with object class "dhcpService" or "dhcpServer".')), 12);
+			&& !in_array_ignore_case('dhcpServer', $this->attributes['objectClass'])) {
-				return $return;
+			$return->add(new htmlStatusMessage('ERROR', _('Please set your LDAP suffix to an LDAP entry with object class "dhcpService" or "dhcpServer".')), 12);
-			}
+			return $return;
 		}
 		// Subnet name
 		if (!$this->isRootNode()) {

lam/lib/modules/eduPerson.inc

@@ -2,7 +2,7 @@
 /*
 
   This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
-  Copyright (C) 2009 - 2019  Roland Gruber
+  Copyright (C) 2009 - 2020  Roland Gruber
 
   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
@@ -398,10 +398,8 @@ class eduPerson extends baseModule {
 		$this->attributes['eduPersonScopedAffiliation'] = array_values(array_unique($this->attributes['eduPersonScopedAffiliation']));
 		// principal name
 		$this->attributes['eduPersonPrincipalName'][0] = $_POST['eduPersonPrincipalName'];
-		if ($_POST['eduPersonPrincipalName'] != '') {
+		if (($_POST['eduPersonPrincipalName'] != '') && !preg_match('/^[0-9a-z_\\.@-]+$/i', $_POST['eduPersonPrincipalName'])) {
-			if (!preg_match('/^[0-9a-z_\\.@-]+$/i', $_POST['eduPersonPrincipalName'])) {
+			$errors[] = $this->messages['eduPersonPrincipalName'][0];
-				$errors[] = $this->messages['eduPersonPrincipalName'][0];
-			}
 		}
 		// affiliations
 		$this->attributes['eduPersonAffiliation'] = array();
@@ -422,17 +420,13 @@ class eduPerson extends baseModule {
 		$this->processMultiValueInputTextField('eduPersonEntitlement', $errors);
 		// org DN
 		$this->attributes['eduPersonOrgDN'][0] = $_POST['eduPersonOrgDN'];
-		if ($_POST['eduPersonOrgDN'] != '') {
+		if (($_POST['eduPersonOrgDN'] != '') && !get_preg($_POST['eduPersonOrgDN'], 'dn')) {
-			if (!get_preg($_POST['eduPersonOrgDN'], 'dn')) {
+			$errors[] = $this->messages['eduPersonOrgDN'][0];
-				$errors[] = $this->messages['eduPersonOrgDN'][0];
-			}
 		}
 		// primary OU
 		$this->attributes['eduPersonPrimaryOrgUnitDN'][0] = $_POST['eduPersonPrimaryOrgUnitDN'];
-		if ($_POST['eduPersonPrimaryOrgUnitDN'] != '') {
+		if (($_POST['eduPersonPrimaryOrgUnitDN'] != '') && !get_preg($_POST['eduPersonPrimaryOrgUnitDN'], 'dn')) {
-			if (!get_preg($_POST['eduPersonPrimaryOrgUnitDN'], 'dn')) {
+			$errors[] = $this->messages['eduPersonPrimaryOrgUnitDN'][0];
-				$errors[] = $this->messages['eduPersonPrimaryOrgUnitDN'][0];
-			}
 		}
 		// OUs
 		$this->processMultiValueInputTextField('eduPersonOrgUnitDN', $errors, 'dn');
@@ -449,10 +443,10 @@ class eduPerson extends baseModule {
 	function load_profile($profile) {
 		parent::load_profile($profile);
 		// add extension
-		if (isset($profile['eduPerson_addExt'][0]) && ($profile['eduPerson_addExt'][0] == "true")) {
+		if (isset($profile['eduPerson_addExt'][0])
-			if (!in_array('eduPerson', $this->attributes['objectClass'])) {
+			&& ($profile['eduPerson_addExt'][0] == "true")
-				$this->attributes['objectClass'][] = 'eduPerson';
+			&& !in_array('eduPerson', $this->attributes['objectClass'])) {
-			}
+			$this->attributes['objectClass'][] = 'eduPerson';
 		}
 	}
 

lam/lib/modules/freeRadius.inc

@@ -711,14 +711,14 @@ class freeRadius extends baseModule {
 	function check_profileOptions($options, $typeId) {
 		$messages = parent::check_profileOptions($options, $typeId);
 		// group names
-		if (!$this->isBooleanConfigOptionSet('freeRadius_hideRadiusGroupName')) {
+		if (!$this->isBooleanConfigOptionSet('freeRadius_hideRadiusGroupName')
-			if (isset($options['freeRadius_radiusGroupName'][0]) && ($options['freeRadius_radiusGroupName'][0] != '')) {
+			&& isset($options['freeRadius_radiusGroupName'][0])
-				$list = preg_split('/;[ ]*/', $options['freeRadius_radiusGroupName'][0]);
+			&& ($options['freeRadius_radiusGroupName'][0] != '')) {
-				for ($i = 0; $i < sizeof($list); $i++) {
+			$list = preg_split('/;[ ]*/', $options['freeRadius_radiusGroupName'][0]);
-					if (!get_preg($list[$i], 'groupname')) {
+			for ($i = 0; $i < sizeof($list); $i++) {
-						$messages[] = $this->messages['radiusGroupName'][0];
+				if (!get_preg($list[$i], 'groupname')) {
-						break;
+					$messages[] = $this->messages['radiusGroupName'][0];
-					}
+					break;
 				}
 			}
 		}
@@ -733,11 +733,11 @@ class freeRadius extends baseModule {
 	function load_profile($profile) {
 		// profile mappings in meta data
 		parent::load_profile($profile);
-		if (!$this->isBooleanConfigOptionSet('freeRadius_hideRadiusGroupName')) {
+		// group names
-			// group names
+		if (!$this->isBooleanConfigOptionSet('freeRadius_hideRadiusGroupName')
-			if (isset($profile['freeRadius_radiusGroupName'][0]) && $profile['freeRadius_radiusGroupName'][0] != '') {
+			&& isset($profile['freeRadius_radiusGroupName'][0])
-				$this->attributes['radiusGroupName'] = preg_split('/;[ ]*/', $profile['freeRadius_radiusGroupName'][0]);
+			&& ($profile['freeRadius_radiusGroupName'][0] != '')) {
-			}
+			$this->attributes['radiusGroupName'] = preg_split('/;[ ]*/', $profile['freeRadius_radiusGroupName'][0]);
 		}
 	}