checked useredit.php, groupedit.php and delete.php

Now I only need to check mass*.php
This commit is contained in:
katagia 2003-10-21 15:36:12 +00:00
parent 3f1a646797
commit d8aeeb9886
4 changed files with 260 additions and 236 deletions

View File

@ -210,7 +210,7 @@ function getquotas($type,$user='+') {
/* scriptServer is the IP to remote-host to which lam should connect via ssh /* scriptServer is the IP to remote-host to which lam should connect via ssh
* scriptPath is Path to lamdaemon.pl on remote system * scriptPath is Path to lamdaemon.pl on remote system
*/ */
exec(("perl ".$_SESSION['lampath']."lib/lamdaemon.pl ".$_SESSION['config']->scriptServer ." ".$_SESSION['config']->scriptPath." ".$towrite), $vals, $status); exec("perl ".$_SESSION['lampath']."lib/lamdaemon.pl ".$_SESSION['config']->scriptServer ." ".$_SESSION['config']->scriptPath." ".$towrite, $vals, $status);
/* $vals is a string which contains a two dimensional array. /* $vals is a string which contains a two dimensional array.
* We have to recreate it with explode * We have to recreate it with explode
* *
@ -702,6 +702,8 @@ function loaduser($dn) {
$return->general_dn = ldap_get_dn($_SESSION['ldap']->server(), $entry); $return->general_dn = ldap_get_dn($_SESSION['ldap']->server(), $entry);
$attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry); $attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
// Set user samba flag
$account_new->smb_flagsW = 0;
/* Write attributes into $return. /* Write attributes into $return.
* Some values don't have to be set. These are only loaded if they are set * Some values don't have to be set. These are only loaded if they are set
*/ */
@ -1668,8 +1670,9 @@ function createhost($values) {
if ($_SESSION['config']->is_samba3()) { if ($_SESSION['config']->is_samba3()) {
// Add all attributes as samba3 objectclass // Add all attributes as samba3 objectclass
$attr['objectClass'][3] = 'sambaSamAccount'; $attr['objectClass'][3] = 'sambaSamAccount';
$attr['sambaNTPassword'] = 'NO PASSWORD*****'; // "Standard" password for new hosts
$attr['sambaLMPassword'] = 'NO PASSWORD*****'; $attr['sambaNTPassword'] = '0CB6948805F797BF2A82807973B89537';
$attr['sambaLMPassword'] = '01FC5A6BE7BC6929AAD3B435B51404EE';
$attr['sambaPwdLastSet'] = time(); // sambaAccount_may $attr['sambaPwdLastSet'] = time(); // sambaAccount_may
$attr['sambaSID'] = $values->smb_domain->SID . "-" . (2 * $values->general_uidNumber + $values->smb_domain->RIDbase); // sambaAccount_may $attr['sambaSID'] = $values->smb_domain->SID . "-" . (2 * $values->general_uidNumber + $values->smb_domain->RIDbase); // sambaAccount_may
$attr['sambaPrimaryGroupSID'] = $values->smb_domain->SID . "-" . (2 * getgid($values->general_group) + $values->smb_domain->RIDbase +1); // sambaAccount_req $attr['sambaPrimaryGroupSID'] = $values->smb_domain->SID . "-" . (2 * getgid($values->general_group) + $values->smb_domain->RIDbase +1); // sambaAccount_req
@ -1682,8 +1685,9 @@ function createhost($values) {
else { else {
// Add all attributes as samba2.2 objectclass // Add all attributes as samba2.2 objectclass
$attr['objectClass'][3] = 'sambaAccount'; $attr['objectClass'][3] = 'sambaAccount';
$attr['ntPassword'] = 'NO PASSWORD*****'; // "Standard" password for new hosts
$attr['lmPassword'] = 'NO PASSWORD*****'; $attr['ntPassword'] = '0CB6948805F797BF2A82807973B89537';
$attr['lmPassword'] = '01FC5A6BE7BC6929AAD3B435B51404EE';
$attr['pwdLastSet'] = time(); // sambaAccount_may $attr['pwdLastSet'] = time(); // sambaAccount_may
$attr['rid'] = (2 * $values->general_uidNumber + 1000); // sambaAccount_may $attr['rid'] = (2 * $values->general_uidNumber + 1000); // sambaAccount_may
$attr['primaryGroupID'] = (2 * getgid($values->general_group) + 1001); // sambaAccount_req $attr['primaryGroupID'] = (2 * getgid($values->general_group) + 1001); // sambaAccount_req
@ -1823,8 +1827,9 @@ function modifyhost($values,$values_old) {
} }
// Reset password // Reset password
if ($values->smb_password_no) { if ($values->smb_password_no) {
$attr['sambaNTPassword'] = 'NO PASSWORD*****'; // "Standard" password for new hosts
$attr['sambaLMPassword'] = 'NO PASSWORD*****'; $attr['sambaNTPassword'] = '0CB6948805F797BF2A82807973B89537';
$attr['sambaLMPassword'] = '01FC5A6BE7BC6929AAD3B435B51404EE';
$attr['sambaPwdLastSet'] = time(); // sambaAccount_may $attr['sambaPwdLastSet'] = time(); // sambaAccount_may
$attr['userPassword'] = ''; $attr['userPassword'] = '';
$attr['shadowLastChange'] = getdays(); $attr['shadowLastChange'] = getdays();
@ -1886,8 +1891,9 @@ function modifyhost($values,$values_old) {
if (isset($attr_old['sambaSID'][0])) $attr_rem['sambaSID'] = $attr_old['sambaSID'][0]; if (isset($attr_old['sambaSID'][0])) $attr_rem['sambaSID'] = $attr_old['sambaSID'][0];
} }
if ($values->smb_password_no) { if ($values->smb_password_no) {
$attr['ntPassword'] = 'NO PASSWORD*****'; // "Standard" password for new hosts
$attr['lmPassword'] = 'NO PASSWORD*****'; $attr['ntPassword'] = '0CB6948805F797BF2A82807973B89537';
$attr['lmPassword'] = '01FC5A6BE7BC6929AAD3B435B51404EE';
$attr['pwdLastSet'] = time(); // sambaAccount_may $attr['pwdLastSet'] = time(); // sambaAccount_may
$attr['userPassword'] = ''; $attr['userPassword'] = '';
$attr['shadowLastChange'] = getdays(); $attr['shadowLastChange'] = getdays();

View File

@ -37,8 +37,8 @@ session_save_path('../../sess');
// Set correct language, codepages, .... // Set correct language, codepages, ....
setlanguage(); setlanguage();
/* hostaccount.php is using dynamic session varialenames so /* groupedit.php is using dynamic session varialenames so
* we can run several copies of hostaccount.php at the same * we can run several copies of groupedit.php at the same
* time * time
* $varkey is the dynamic part of the variable name * $varkey is the dynamic part of the variable name
*/ */
@ -56,7 +56,6 @@ $ldap_intern =& $_SESSION['ldap'];
$config_intern =& $_SESSION['config']; $config_intern =& $_SESSION['config'];
$header_intern =& $_SESSION['header']; $header_intern =& $_SESSION['header'];
$userDN_intern =& $_SESSION['userDN']; $userDN_intern =& $_SESSION['userDN'];
// Register Post-Variables as reference
// $_GET is only valid if groupedit.php was called from grouplist.php // $_GET is only valid if groupedit.php was called from grouplist.php
if (isset($_GET['DN']) && $_GET['DN']!='') { if (isset($_GET['DN']) && $_GET['DN']!='') {
@ -129,7 +128,6 @@ switch ($_POST['select']) {
* general = startpage, general account paramters * general = startpage, general account paramters
* samba = page with all samba-related parameters e.g. smbpassword * samba = page with all samba-related parameters e.g. smbpassword
* quota = page with all quota-related parameters e.g. hard file quota * quota = page with all quota-related parameters e.g. hard file quota
* personal = page with all personal-related parametergs, e.g. phone number
* final = last page shown before account is created/modified * final = last page shown before account is created/modified
* finish = page shown after account has been created/modified * finish = page shown after account has been created/modified
*/ */
@ -142,11 +140,11 @@ switch ($_POST['select']) {
$account_new->unix_memberUid = array_flip($account_new->unix_memberUid); $account_new->unix_memberUid = array_flip($account_new->unix_memberUid);
array_unique($account_new->unix_memberUid); array_unique($account_new->unix_memberUid);
$account_new->unix_memberUid = array_flip($account_new->unix_memberUid); $account_new->unix_memberUid = array_flip($account_new->unix_memberUid);
// sort user // sort users
sort($account_new->unix_memberUid); sort($account_new->unix_memberUid);
break; break;
} }
if (isset($_POST['members']) && isset($_POST['remove'])) { // remove users fromlist if (isset($_POST['members']) && isset($_POST['remove'])) { // remove users from list
$account_new->unix_memberUid = array_delete($_POST['members'], $account_new->unix_memberUid); $account_new->unix_memberUid = array_delete($_POST['members'], $account_new->unix_memberUid);
break; break;
} }
@ -155,15 +153,14 @@ switch ($_POST['select']) {
$select_local = 'groupmembers'; $select_local = 'groupmembers';
break; break;
case 'general': case 'general':
// Write all general attributes into $account_new if no profile should be loaded
if (!$_POST['load']) { if (!$_POST['load']) {
// Write all general attributes into $account_new if no profile should be loaded
$account_new->general_dn = $_POST['f_general_suffix']; $account_new->general_dn = $_POST['f_general_suffix'];
$account_new->general_username = $_POST['f_general_username']; $account_new->general_username = $_POST['f_general_username'];
$account_new->general_uidNumber = $_POST['f_general_uidNumber']; $account_new->general_uidNumber = $_POST['f_general_uidNumber'];
$account_new->general_gecos = $_POST['f_general_gecos']; $account_new->general_gecos = $_POST['f_general_gecos'];
// Check if values are OK and set automatic values. if not error-variable will be set // Check if values are OK and set automatic values. if not error-variable will be set
// Check if Groupname contains only valid characters // Check if Groupname contains only valid characters
if ( !ereg('^([a-z]|[0-9]|[.]|[-]|[_])*$', $account_new->general_username)) if ( !ereg('^([a-z]|[0-9]|[.]|[-]|[_])*$', $account_new->general_username))
$errors[] = array('ERROR', _('Groupname'), _('Groupname contains invalid characters. Valid characters are: a-z, 0-9 and .-_ !')); $errors[] = array('ERROR', _('Groupname'), _('Groupname contains invalid characters. Valid characters are: a-z, 0-9 and .-_ !'));
@ -369,10 +366,10 @@ do { // X-Or, only one if() can be true
} }
// Go back to listgroups.php // Go back to listgroups.php
if ($_POST['backmain']) { if ($_POST['backmain']) {
metaRefresh("../lists/listgroups.php");
if (isset($_SESSION['account_'.$varkey.'_account_new'])) unset($_SESSION['account_'.$varkey.'_account_new']); if (isset($_SESSION['account_'.$varkey.'_account_new'])) unset($_SESSION['account_'.$varkey.'_account_new']);
if (isset($_SESSION['account_'.$varkey.'_account_old'])) unset($_SESSION['account_'.$varkey.'_account_old']); if (isset($_SESSION['account_'.$varkey.'_account_old'])) unset($_SESSION['account_'.$varkey.'_account_old']);
if (isset($_SESSION['account_'.$varkey.'_final_changegids'])) unset($_SESSION['account_'.$varkey.'_final_changegids']); if (isset($_SESSION['account_'.$varkey.'_final_changegids'])) unset($_SESSION['account_'.$varkey.'_final_changegids']);
metaRefresh("../lists/listgroups.php");
die; die;
break; break;
} }

View File

@ -90,8 +90,8 @@ switch ($_POST['select']) {
* final = page which will be displayed if changes were made * final = page which will be displayed if changes were made
*/ */
case 'general': case 'general':
// Write all general values into $account_new if no profile should be loaded
if (!$_POST['load']) { if (!$_POST['load']) {
// Write all general values into $account_new if no profile should be loaded
$account_new->general_dn = $_POST['f_general_suffix']; $account_new->general_dn = $_POST['f_general_suffix'];
$account_new->general_username = $_POST['f_general_username']; $account_new->general_username = $_POST['f_general_username'];
$account_new->general_uidNumber = $_POST['f_general_uidNumber']; $account_new->general_uidNumber = $_POST['f_general_uidNumber'];
@ -272,9 +272,9 @@ do { // X-Or, only one if() can be true
} }
// Go back to listhosts.php // Go back to listhosts.php
if ($_POST['backmain']) { if ($_POST['backmain']) {
metaRefresh("../lists/listhosts.php");
if (isset($_SESSION['account_'.$varkey.'_account_new'])) unset($_SESSION['account_'.$varkey.'_account_new']); if (isset($_SESSION['account_'.$varkey.'_account_new'])) unset($_SESSION['account_'.$varkey.'_account_new']);
if (isset($_SESSION['account_'.$varkey.'_account_old'])) unset($_SESSION['account_'.$varkey.'_account_old']); if (isset($_SESSION['account_'.$varkey.'_account_old'])) unset($_SESSION['account_'.$varkey.'_account_old']);
metaRefresh("../lists/listhosts.php");
die; die;
break; break;
} }

View File

@ -23,6 +23,7 @@ $Id$
LDAP Account Manager displays table for creating or modifying accounts in LDAP LDAP Account Manager displays table for creating or modifying accounts in LDAP
*/ */
// include all needed files
include_once('../../lib/account.inc'); // File with all account-funtions include_once('../../lib/account.inc'); // File with all account-funtions
include_once('../../lib/config.inc'); // File with configure-functions include_once('../../lib/config.inc'); // File with configure-functions
include_once('../../lib/profiles.inc'); // functions to load and save profiles include_once('../../lib/profiles.inc'); // functions to load and save profiles
@ -30,10 +31,17 @@ include_once('../../lib/status.inc'); // Return error-message
include_once('../../lib/pdf.inc'); // Return a pdf-file include_once('../../lib/pdf.inc'); // Return a pdf-file
include_once('../../lib/ldap.inc'); // LDAP-functions include_once('../../lib/ldap.inc'); // LDAP-functions
// Start session
session_save_path('../../sess'); session_save_path('../../sess');
@session_start(); @session_start();
// Set correct language, codepages, ....
setlanguage(); setlanguage();
/* groupedit.php is using dynamic session varialenames so
* we can run several copies of groupedit.php at the same
* time
* $varkey is the dynamic part of the variable name
*/
if (!isset($_POST['varkey'])) $varkey = session_id().time(); if (!isset($_POST['varkey'])) $varkey = session_id().time();
else $varkey = $_POST['varkey']; else $varkey = $_POST['varkey'];
@ -45,51 +53,56 @@ if (!isset($_SESSION['account_'.$varkey.'_shelllist'])) $_SESSION['account_'.$va
// Register Session-Variables with references so we don't net to change to complete code if names changes // Register Session-Variables with references so we don't net to change to complete code if names changes
$account_new =& $_SESSION['account_'.$varkey.'_account_new']; $account_new =& $_SESSION['account_'.$varkey.'_account_new'];
$shelllist =& $_SESSION['account_'.$varkey.'_shelllist']; $shelllist =& $_SESSION['account_'.$varkey.'_shelllist'];
$final_changegids =& $_SESSION['account_'.$varkey.'_final_changegids'];
if (is_object($_SESSION['account_'.$varkey.'_account_old'])) $account_old =& $_SESSION['account_'.$varkey.'_account_old']; if (is_object($_SESSION['account_'.$varkey.'_account_old'])) $account_old =& $_SESSION['account_'.$varkey.'_account_old'];
$ldap_intern =& $_SESSION['ldap']; $ldap_intern =& $_SESSION['ldap'];
$config_intern =& $_SESSION['config']; $config_intern =& $_SESSION['config'];
$header_intern =& $_SESSION['header']; $header_intern =& $_SESSION['header'];
$hostDN_intern =& $_SESSION['hostDN']; $hostDN_intern =& $_SESSION['hostDN'];
$groupDN_intern =& $_SESSION['groupDN']; $groupDN_intern =& $_SESSION['groupDN'];
// $_GET is only valid if useredit.php was called from userlist.php
if (isset($_GET['DN']) && $_GET['DN']!='') { if (isset($_GET['DN']) && $_GET['DN']!='') {
// useredit.php should edit an existing account
// reset variables
if (isset($_SESSION['account_'.$varkey.'_account_old'])) { if (isset($_SESSION['account_'.$varkey.'_account_old'])) {
unset($account_old); unset($account_old);
unset($_SESSION['account_'.$varkey.'_account_old']); unset($_SESSION['account_'.$varkey.'_account_old']);
} }
$_SESSION['account_'.$varkey.'_account_old'] = new account(); $_SESSION['account_'.$varkey.'_account_old'] = new account();
$account_old =& $_SESSION['account_'.$varkey.'_account_old']; $account_old =& $_SESSION['account_'.$varkey.'_account_old'];
// get "real" DN from variable
$DN = str_replace("\'", '',$_GET['DN']); $DN = str_replace("\'", '',$_GET['DN']);
// Load existing group
$account_new = loaduser($DN); $account_new = loaduser($DN);
$account_new ->type = 'user'; $account_new ->type = 'user';
$account_old = $account_new; $account_old = $account_new;
$account_new->unix_password=''; $account_new->unix_password='';
$account_new->smb_password=''; $account_new->smb_password='';
$account_new->smb_flagsW = 0;
$account_new->general_dn = substr($account_new->general_dn, strpos($account_new->general_dn, ',')+1); $account_new->general_dn = substr($account_new->general_dn, strpos($account_new->general_dn, ',')+1);
$final_changegids = ''; // Display general-page
$select_local = 'general';
} }
// Startcondition. useredit.php was called from outside to create a new group
else if (count($_POST)==0) { // Startcondition. useredit.php was called from outside else if (count($_POST)==0) {
// Create new account object with settings from default profile
$account_new = loadUserProfile('default'); $account_new = loadUserProfile('default');
$account_new ->type = 'user'; $account_new ->type = 'user';
$account_new->smb_flagsW = 0;
// load quotas from profile and check if they are valid
if ($config_intern->scriptServer) { if ($config_intern->scriptServer) {
// load quotas and check if quotas from profile are valid
$values = getquotas('user'); $values = getquotas('user');
if (isset($account_new->quota[0])) { // check quotas from profile if (isset($account_new->quota[0])) {
// check quotas from profile
$i=0; $i=0;
// check quota settings // check quota settings, loop for every partition with quotas
while (isset($account_new->quota[$i])) { while (isset($account_new->quota[$i])) {
// search if quotas from profile fit to a real quota
$found = (-1); $found = (-1);
for ($j=0; $j<count($values->quota); $j++) for ($j=0; $j<count($values->quota); $j++)
if ($values->quota[$j][0]==$account_new->quota[$i][0]) $found = $j; if ($values->quota[$j][0]==$account_new->quota[$i][0]) $found = $j;
// unset quota from profile if quotas (mointpoint) doesn't exists anymore
if ($found==-1) unset($account_new->quota[$i]); if ($found==-1) unset($account_new->quota[$i]);
else { else {
// Set missing part in quota-array
$account_new->quota[$i][1] = $values->quota[$found][1]; $account_new->quota[$i][1] = $values->quota[$found][1];
$account_new->quota[$i][5] = $values->quota[$found][5]; $account_new->quota[$i][5] = $values->quota[$found][5];
$account_new->quota[$i][4] = $values->quota[$found][4]; $account_new->quota[$i][4] = $values->quota[$found][4];
@ -97,83 +110,87 @@ if (isset($_GET['DN']) && $_GET['DN']!='') {
$i++; $i++;
} }
} }
// Beautify array, repair index
$account_new->quota = array_values($account_new->quota); $account_new->quota = array_values($account_new->quota);
} }
else { // No quotas saved in profile else { // No quotas saved in profile
// Display quotas for new users (Quota set to 0)
if (is_object($values)) { if (is_object($values)) {
while (list($key, $val) = each($values)) // Set only defined values while (list($key, $val) = each($values)) // Set only defined values
if (isset($val)) $account_new->$key = $val; if (isset($val)) $account_new->$key = $val;
} }
} }
} }
if (isset($_SESSION['account_'.$varkey.'_account_old'])) { // Display general-page
unset($account_old); $select_local = 'general';
unset($_SESSION['account_'.$varkey.'_account_old']);
}
} }
switch ($_POST['select']) { // Select which part of page should be loaded and check values switch ($_POST['select']) {
// general = startpage, general account paramters /* Select which part of page should be loaded and check values
// unix = page with all shadow-options and password * groups = page with all groups to which user is additional member
// samba = page with all samba-related parameters e.g. smbpassword * workstations = page with all workstations the user is allowed to login
// quota = page with all quota-related parameters e.g. hard file quota * general = startpage, general account paramters
// personal = page with all personal-related parametergs, e.g. phone number * samba = page with all samba-related parameters e.g. smbpassword
// final = last page shown before account is created/modified * quota = page with all quota-related parameters e.g. hard file quota
// if account is modified commands might be ran are shown * personal = page with all personal-related parametergs, e.g. phone number
// finish = page shown after account has been created/modified * final = last page shown before account is created/modified
* finish = page shown after account has been created/modified
*/
case 'groups': case 'groups':
do { // X-Or, only one if() can be true do { // X-Or, only one if() can be true
if (isset($_POST['allgroups']) && isset($_POST['add'])) { // Add users to list if (isset($_POST['allgroups']) && isset($_POST['add'])) { // Add groups to list
// Add new user // Add new group
$account_new->general_groupadd = @array_merge($account_new->general_groupadd, $_POST['allgroups']); $account_new->general_groupadd = @array_merge($account_new->general_groupadd, $_POST['allgroups']);
// remove doubles // remove doubles
$account_new->general_groupadd = @array_flip($account_new->general_groupadd); $account_new->general_groupadd = @array_flip($account_new->general_groupadd);
array_unique($account_new->general_groupadd); array_unique($account_new->general_groupadd);
$account_new->general_groupadd = @array_flip($account_new->general_groupadd); $account_new->general_groupadd = @array_flip($account_new->general_groupadd);
// sort user // sort groups
sort($account_new->general_groupadd); sort($account_new->general_groupadd);
break; break;
} }
if (isset($_POST['selectedgroups']) && isset($_POST['remove'])) { // remove users fromlist if (isset($_POST['selectedgroups']) && isset($_POST['remove'])) { // remove groups from list
$account_new->general_groupadd = array_delete($_POST['selectedgroups'], $account_new->general_groupadd); $account_new->general_groupadd = array_delete($_POST['selectedgroups'], $account_new->general_groupadd);
break; break;
} }
} while(0); } while(0);
// display group page
$select_local = 'groups'; $select_local = 'groups';
break; break;
case 'workstations': case 'workstations':
do { // X-Or, only one if() can be true do { // X-Or, only one if() can be true
if (isset($_POST['hosts']) && isset($_POST['add'])) { // Add users to list if (isset($_POST['hosts']) && isset($_POST['add'])) { // Add workstations to list
$temp = str_replace(' ', '', $account_new->smb_smbuserworkstations); $temp = str_replace(' ', '', $account_new->smb_smbuserworkstations);
$workstations = explode (',', $temp); $workstations = explode (',', $temp);
for ($i=0; $i<count($workstations); $i++) for ($i=0; $i<count($workstations); $i++)
if ($workstations[$i]=='') unset($workstations[$i]); if ($workstations[$i]=='') unset($workstations[$i]);
$workstations = array_values($workstations); $workstations = array_values($workstations);
// Add new hosts // Add new // Add workstations
$workstations = array_merge($workstations, $_POST['hosts']); $workstations = array_merge($workstations, $_POST['hosts']);
// remove doubles // remove doubles
$workstations = array_flip($workstations); $workstations = array_flip($workstations);
array_unique($workstations); array_unique($workstations);
$workstations = array_flip($workstations); $workstations = array_flip($workstations);
// sort user // sort workstations
sort($workstations); sort($workstations);
// Recreate workstation string
$account_new->smb_smbuserworkstations = $workstations[0]; $account_new->smb_smbuserworkstations = $workstations[0];
for ($i=1; $i<count($workstations); $i++) { for ($i=1; $i<count($workstations); $i++) {
$account_new->smb_smbuserworkstations = $account_new->smb_smbuserworkstations . ", " . $workstations[$i]; $account_new->smb_smbuserworkstations = $account_new->smb_smbuserworkstations . ", " . $workstations[$i];
} }
// display groupmembers page
break; break;
} }
if (isset($_POST['members']) && isset($_POST['remove'])) { // remove users fromlist if (isset($_POST['members']) && isset($_POST['remove'])) { // remove // Add workstations from list
// Put all workstations in array
$temp = str_replace(' ', '', $account_new->smb_smbuserworkstations); $temp = str_replace(' ', '', $account_new->smb_smbuserworkstations);
$workstations = explode (',', $temp); $workstations = explode (',', $temp);
for ($i=0; $i<count($workstations); $i++) for ($i=0; $i<count($workstations); $i++)
if ($workstations[$i]=='') unset($workstations[$i]); if ($workstations[$i]=='') unset($workstations[$i]);
$workstations = array_values($workstations); $workstations = array_values($workstations);
// Remove unwanted workstations from array
$workstations = array_delete($_POST['members'], $workstations); $workstations = array_delete($_POST['members'], $workstations);
// Recreate workstation string
$account_new->smb_smbuserworkstations = $workstations[0]; $account_new->smb_smbuserworkstations = $workstations[0];
for ($i=1; $i<count($workstations); $i++) { for ($i=1; $i<count($workstations); $i++) {
$account_new->smb_smbuserworkstations = $account_new->smb_smbuserworkstations . ", " . $workstations[$i]; $account_new->smb_smbuserworkstations = $account_new->smb_smbuserworkstations . ", " . $workstations[$i];
@ -181,13 +198,12 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
break; break;
} }
} while(0); } while(0);
// display workstations page
$select_local = 'workstations'; $select_local = 'workstations';
break; break;
case 'general': case 'general':
// Write all general values into $account_new if no profile should be loaded
if (!$_POST['load']) { if (!$_POST['load']) {
// Write all general values into $account_new if no profile should be loaded
$account_new->general_dn = $_POST['f_general_suffix']; $account_new->general_dn = $_POST['f_general_suffix'];
$account_new->general_username = $_POST['f_general_username']; $account_new->general_username = $_POST['f_general_username'];
$account_new->general_surname = $_POST['f_general_surname']; $account_new->general_surname = $_POST['f_general_surname'];
@ -197,14 +213,6 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
$account_new->general_homedir = $_POST['f_general_homedir']; $account_new->general_homedir = $_POST['f_general_homedir'];
$account_new->general_shell = $_POST['f_general_shell']; $account_new->general_shell = $_POST['f_general_shell'];
$account_new->general_gecos = $_POST['f_general_gecos']; $account_new->general_gecos = $_POST['f_general_gecos'];
// Check if Homedir is valid
$account_new->general_homedir = str_replace('$group', $account_new->general_group, $account_new->general_homedir);
if ($account_new->general_username != '')
$account_new->general_homedir = str_replace('$user', $account_new->general_username, $account_new->general_homedir);
if ($account_new->general_homedir != $_POST['f_general_homedir']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.'));
if ( !ereg('^[/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*([/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*)*$', $account_new->general_homedir ))
$errors[] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.'));
// Check if givenname is valid // Check if givenname is valid
if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $account_new->general_givenname)) $errors[] = array('ERROR', _('Given name'), _('Given name contains invalid characters')); if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $account_new->general_givenname)) $errors[] = array('ERROR', _('Given name'), _('Given name contains invalid characters'));
// Check if surname is valid // Check if surname is valid
@ -234,10 +242,20 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
$lastchar = substr($account_new->general_username, strlen($account_new->general_username)-1, 1); $lastchar = substr($account_new->general_username, strlen($account_new->general_username)-1, 1);
// Last character is no number // Last character is no number
if ( !ereg('^([0-9])+$', $lastchar)) if ( !ereg('^([0-9])+$', $lastchar))
/* Last character is no number. Therefore we only have to
* add "2" to it.
*/
$account_new->general_username = $account_new->general_username . '2'; $account_new->general_username = $account_new->general_username . '2';
else { else {
/* Last character is a number -> we have to increase the number until we've
* found a groupname with trailing number which is not in use.
*
* $i will show us were we have to split groupname so we get a part
* with the groupname and a part with the trailing number
*/
$i=strlen($account_new->general_username)-1; $i=strlen($account_new->general_username)-1;
$mark = false; $mark = false;
// Set $i to the last character which is a number in $account_new->general_username
while (!$mark) { while (!$mark) {
if (ereg('^([0-9])+$',substr($account_new->general_username, $i, strlen($account_new->general_username)-$i))) $i--; if (ereg('^([0-9])+$',substr($account_new->general_username, $i, strlen($account_new->general_username)-$i))) $i--;
else $mark=true; else $mark=true;
@ -245,23 +263,29 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
// increase last number with one // increase last number with one
$firstchars = substr($account_new->general_username, 0, $i+1); $firstchars = substr($account_new->general_username, 0, $i+1);
$lastchars = substr($account_new->general_username, $i+1, strlen($account_new->general_username)-$i); $lastchars = substr($account_new->general_username, $i+1, strlen($account_new->general_username)-$i);
// Put username together
$account_new->general_username = $firstchars . (intval($lastchars)+1); $account_new->general_username = $firstchars . (intval($lastchars)+1);
} }
} }
// Show warning if lam has changed username
if ($account_new->general_username != $_POST['f_general_username']) $errors[] = array('WARN', _('Username'), _('Username in use. Selected next free username.')); if ($account_new->general_username != $_POST['f_general_username']) $errors[] = array('WARN', _('Username'), _('Username in use. Selected next free username.'));
// Check if Homedir is valid
$account_new->general_homedir = str_replace('$group', $account_new->general_group, $account_new->general_homedir);
if ($account_new->general_username != '')
$account_new->general_homedir = str_replace('$user', $account_new->general_username, $account_new->general_homedir);
if ($account_new->general_homedir != $_POST['f_general_homedir']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.'));
if ( !ereg('^[/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*([/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*)*$', $account_new->general_homedir ))
$errors[] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.'));
// Check if UID is valid. If none value was entered, the next useable value will be inserted // Check if UID is valid. If none value was entered, the next useable value will be inserted
$temp = explode(':', checkid($account_new, $account_old)); $temp = explode(':', checkid($account_new, $account_old));
$account_new->general_uidNumber = $temp[0]; $account_new->general_uidNumber = $temp[0];
// true if checkid has returned an error // true if checkid has returned an error
if ($temp[1]!='') $errors[] = explode(';',$temp[1]); if ($temp[1]!='') $errors[] = explode(';',$temp[1]);
// Check if Name-length is OK. minLength=3, maxLength=20 // Check if Name-length is OK. minLength=3, maxLength=20
if ( !ereg('.{3,20}', $account_new->general_username)) $errors[] = array('ERROR', _('Name'), _('Name must contain between 3 and 20 characters.')); if ( !ereg('.{3,20}', $account_new->general_username)) $errors[] = array('ERROR', _('Name'), _('Name must contain between 3 and 20 characters.'));
// Check if Name starts with letter // Check if Name starts with letter
if ( !ereg('^([a-z]|[A-Z]).*$', $account_new->general_username)) if ( !ereg('^([a-z]|[A-Z]).*$', $account_new->general_username))
$errors[] = array('ERROR', _('Name'), _('Name contains invalid characters. First character must be a letter')); $errors[] = array('ERROR', _('Name'), _('Name contains invalid characters. First character must be a letter'));
} }
break; break;
case 'unix': case 'unix':
@ -292,26 +316,25 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
// Keep unix-page acitve // Keep unix-page acitve
$select_local = 'unix'; $select_local = 'unix';
} }
// Check if values are OK and set automatic values. if not error-variable will be set // Check if values are OK and set automatic values. if not error-variable will be set
else { // account.inc else { // account.inc
if ($account_new->unix_password != '') { if ($account_new->unix_password != '') {
$iv = base64_decode($_COOKIE["IV"]); $iv = base64_decode($_COOKIE["IV"]);
$key = base64_decode($_COOKIE["Key"]); $key = base64_decode($_COOKIE["Key"]);
$password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($account_new->unix_password), MCRYPT_MODE_ECB, $iv); $password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($account_new->unix_password), MCRYPT_MODE_ECB, $iv);
$password = str_replace(chr(00), '', $password); $password = str_replace(chr(00), '', $password);
}
if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $password))
$errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
if ( !ereg('^([0-9])*$', $account_new->unix_pwdminage)) $errors[] = array('ERROR', _('Password minage'), _('Password minage must be are natural number.'));
if ( $account_new->unix_pwdminage > $account_new->unix_pwdmaxage ) $errors[] = array('ERROR', _('Password maxage'), _('Password maxage must bigger as Password Minage.'));
if ( !ereg('^([0-9]*)$', $account_new->unix_pwdmaxage)) $errors[] = array('ERROR', _('Password maxage'), _('Password maxage must be are natural number.'));
if ( !ereg('^(([-][1])|([0-9]*))$', $account_new->unix_pwdallowlogin))
$errors[] = array('ERROR', _('Password Expire'), _('Password expire must be are natural number or -1.'));
if ( !ereg('^([0-9]*)$', $account_new->unix_pwdwarn)) $errors[] = array('ERROR', _('Password warn'), _('Password warn must be are natural number.'));
if ((!$account_new->unix_host=='') && !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-])+(([,])+([ ])*([a-z]|[A-Z]|[0-9]|[.]|[-])+)*$', $account_new->unix_host))
$errors[] = array('ERROR', _('Unix workstations'), _('Unix workstations is invalid.'));
} }
if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $password))
$errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
if ( !ereg('^([0-9])*$', $account_new->unix_pwdminage)) $errors[] = array('ERROR', _('Password minage'), _('Password minage must be are natural number.'));
if ( $account_new->unix_pwdminage > $account_new->unix_pwdmaxage ) $errors[] = array('ERROR', _('Password maxage'), _('Password maxage must bigger as Password Minage.'));
if ( !ereg('^([0-9]*)$', $account_new->unix_pwdmaxage)) $errors[] = array('ERROR', _('Password maxage'), _('Password maxage must be are natural number.'));
if ( !ereg('^(([-][1])|([0-9]*))$', $account_new->unix_pwdallowlogin))
$errors[] = array('ERROR', _('Password Expire'), _('Password expire must be are natural number or -1.'));
if ( !ereg('^([0-9]*)$', $account_new->unix_pwdwarn)) $errors[] = array('ERROR', _('Password warn'), _('Password warn must be are natural number.'));
if ((!$account_new->unix_host=='') && !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-])+(([,])+([ ])*([a-z]|[A-Z]|[0-9]|[.]|[-])+)*$', $account_new->unix_host))
$errors[] = array('ERROR', _('Unix workstations'), _('Unix workstations is invalid.'));
}
break; break;
case 'samba': case 'samba':
// Write all general values into $account_new // Write all general values into $account_new
@ -328,26 +351,19 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
$account_new->smb_smbhome = stripslashes($_POST['f_smb_smbhome']); $account_new->smb_smbhome = stripslashes($_POST['f_smb_smbhome']);
$account_new->smb_profilePath = stripslashes($_POST['f_smb_profilePath']); $account_new->smb_profilePath = stripslashes($_POST['f_smb_profilePath']);
$account_new->smb_displayName = $_POST['f_smb_displayName']; $account_new->smb_displayName = $_POST['f_smb_displayName'];
if ($_POST['f_smb_flagsW']) $account_new->smb_flagsW = true;
else $account_new->smb_flagsW = false;
if ($_POST['f_smb_flagsD']) $account_new->smb_flagsD = true; if ($_POST['f_smb_flagsD']) $account_new->smb_flagsD = true;
else $account_new->smb_flagsD = false; else $account_new->smb_flagsD = false;
if ($_POST['f_smb_flagsX']) $account_new->smb_flagsX = true; if ($_POST['f_smb_flagsX']) $account_new->smb_flagsX = true;
else $account_new->smb_flagsX = false; else $account_new->smb_flagsX = false;
if ($config_intern->is_samba3()) { if ($config_intern->is_samba3()) {
// samba 3 uses object with SID and domainname
$samba3domains = $ldap_intern->search_domains($config_intern->get_domainSuffix()); $samba3domains = $ldap_intern->search_domains($config_intern->get_domainSuffix());
for ($i=0; $i<sizeof($samba3domains); $i++) for ($i=0; $i<sizeof($samba3domains); $i++)
if ($_POST['f_smb_domain'] == $samba3domains[$i]->name) { if ($_POST['f_smb_domain'] == $samba3domains[$i]->name) {
$account_new->smb_domain = $samba3domains[$i]; $account_new->smb_domain = $samba3domains[$i];
} }
} // Check if user is member of a well known windows group
else {
if (isset($_POST['f_smb_domain'])) $account_new->smb_domain = $_POST['f_smb_domain'];
else $account_new->smb_domain = '';
}
if ($config_intern->is_samba3())
switch ($_POST['f_smb_mapgroup']) { switch ($_POST['f_smb_mapgroup']) {
case '*'._('Domain Guests'): $account_new->smb_mapgroup = $account_new->smb_domain->SID . "-" . '514'; break; case '*'._('Domain Guests'): $account_new->smb_mapgroup = $account_new->smb_domain->SID . "-" . '514'; break;
case '*'._('Domain Users'): $account_new->smb_mapgroup = $account_new->smb_domain->SID . "-" . '513'; break; case '*'._('Domain Users'): $account_new->smb_mapgroup = $account_new->smb_domain->SID . "-" . '513'; break;
@ -357,7 +373,12 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
(2 * getgid($account_new->general_group) + $account_new->smb_domain->RIDbase +1); (2 * getgid($account_new->general_group) + $account_new->smb_domain->RIDbase +1);
break; break;
} }
else }
else {
// samba 2.2 only uses a string as domainname
if (isset($_POST['f_smb_domain'])) $account_new->smb_domain = $_POST['f_smb_domain'];
else $account_new->smb_domain = '';
// Check if user is member of a well known windows group
switch ($_POST['f_smb_mapgroup']) { switch ($_POST['f_smb_mapgroup']) {
case '*'._('Domain Guests'): $account_new->smb_mapgroup = '514'; break; case '*'._('Domain Guests'): $account_new->smb_mapgroup = '514'; break;
case '*'._('Domain Users'): $account_new->smb_mapgroup = '513'; break; case '*'._('Domain Users'): $account_new->smb_mapgroup = '513'; break;
@ -366,30 +387,27 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
$account_new->smb_mapgroup = (2 * getgid($account_new->general_group) + 1001); $account_new->smb_mapgroup = (2 * getgid($account_new->general_group) + 1001);
break; break;
} }
}
// Set samba password
$smb_password = $_POST['f_smb_password']; $smb_password = $_POST['f_smb_password'];
// Decrypt unix-password if needed password // Decrypt unix-password if needed password
$iv = base64_decode($_COOKIE["IV"]); $iv = base64_decode($_COOKIE["IV"]);
$key = base64_decode($_COOKIE["Key"]); $key = base64_decode($_COOKIE["Key"]);
if ( ($account_new->smb_useunixpwd && !$account_old) || ($account_new->smb_useunixpwd && $account_new->unix_password!='') ) { if ( ($account_new->smb_useunixpwd && !$account_old) || ($account_new->smb_useunixpwd && $account_new->unix_password!='') ) {
$smb_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($account_new->unix_password), MCRYPT_MODE_ECB, $iv); // Set Samba-Password to unix-password if option is set
$smb_password = str_replace(chr(00), '', $smb_password); $unix_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($account_new->unix_password), MCRYPT_MODE_ECB, $iv);
$smb_password = str_replace(chr(00), '', $unix_password);
} }
// Check values // Check values
$account_new->smb_scriptPath = str_replace('$user', $account_new->general_username, $account_new->smb_scriptPath); $account_new->smb_scriptPath = str_replace('$user', $account_new->general_username, $account_new->smb_scriptPath);
$account_new->smb_scriptPath = str_replace('$group', $account_new->general_group, $account_new->smb_scriptPath); $account_new->smb_scriptPath = str_replace('$group', $account_new->general_group, $account_new->smb_scriptPath);
if ($account_new->smb_scriptPath != $_POST['f_smb_scriptpath']) $errors[] = array('INFO', _('Script path'), _('Inserted user- or groupname in scriptpath.')); if ($account_new->smb_scriptPath != $_POST['f_smb_scriptpath']) $errors[] = array('INFO', _('Script path'), _('Inserted user- or groupname in scriptpath.'));
$account_new->smb_profilePath = str_replace('$user', $account_new->general_username, $account_new->smb_profilePath); $account_new->smb_profilePath = str_replace('$user', $account_new->general_username, $account_new->smb_profilePath);
$account_new->smb_profilePath = str_replace('$group', $account_new->general_group, $account_new->smb_profilePath); $account_new->smb_profilePath = str_replace('$group', $account_new->general_group, $account_new->smb_profilePath);
if ($account_new->smb_profilePath != stripslashes($_POST['f_smb_profilePath'])) $errors[] = array('INFO', _('Profile path'), _('Inserted user- or groupname in profilepath.')); if ($account_new->smb_profilePath != stripslashes($_POST['f_smb_profilePath'])) $errors[] = array('INFO', _('Profile path'), _('Inserted user- or groupname in profilepath.'));
$account_new->smb_smbhome = str_replace('$user', $account_new->general_username, $account_new->smb_smbhome); $account_new->smb_smbhome = str_replace('$user', $account_new->general_username, $account_new->smb_smbhome);
$account_new->smb_smbhome = str_replace('$group', $account_new->general_group, $account_new->smb_smbhome); $account_new->smb_smbhome = str_replace('$group', $account_new->general_group, $account_new->smb_smbhome);
if ($account_new->smb_smbhome != stripslashes($_POST['f_smb_smbhome'])) $errors[] = array('INFO', _('Home path'), _('Inserted user- or groupname in HomePath.')); if ($account_new->smb_smbhome != stripslashes($_POST['f_smb_smbhome'])) $errors[] = array('INFO', _('Home path'), _('Inserted user- or groupname in HomePath.'));
if ( (!$account_new->smb_smbhome=='') && (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+)+$', $account_new->smb_smbhome))) if ( (!$account_new->smb_smbhome=='') && (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+)+$', $account_new->smb_smbhome)))
$errors[] = array('ERROR', _('Home path'), _('Home path is invalid.')); $errors[] = array('ERROR', _('Home path'), _('Home path is invalid.'));
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', if ( !ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$',
@ -403,12 +421,10 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
if ((!$account_new->smb_domain=='') && (!is_object($account_new->smb_domain)) && !ereg('^([a-z]|[A-Z]|[0-9]|[-])+$', $account_new->smb_domain)) if ((!$account_new->smb_domain=='') && (!is_object($account_new->smb_domain)) && !ereg('^([a-z]|[A-Z]|[0-9]|[-])+$', $account_new->smb_domain))
$errors[] = array('ERROR', _('Domain name'), _('Domain name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and -.')); $errors[] = array('ERROR', _('Domain name'), _('Domain name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and -.'));
if ($account_new->smb_useunixpwd) $account_new->smb_useunixpwd = 1; else $account_new->smb_useunixpwd = 0; if ($account_new->smb_useunixpwd) $account_new->smb_useunixpwd = 1; else $account_new->smb_useunixpwd = 0;
if (($account_new->smb_displayName=='') && isset($account_new->general_gecos)) { if (($account_new->smb_displayName=='') && isset($account_new->general_gecos)) {
$account_new->smb_displayName = $account_new->general_gecos; $account_new->smb_displayName = $account_new->general_gecos;
$errors[] = array('INFO', _('Display name'), _('Inserted gecos-field as display name.')); $errors[] = array('INFO', _('Display name'), _('Inserted gecos-field as display name.'));
} }
if ($smb_password!='') { if ($smb_password!='') {
// Encrypt password // Encrypt password
$account_new->smb_password = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $smb_password, $account_new->smb_password = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $smb_password,
@ -419,6 +435,7 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
case 'quota': case 'quota':
// Write all general values into $account_new // Write all general values into $account_new
$i=0; $i=0;
// loop for every mointpoint with quotas
while ($account_new->quota[$i][0]) { while ($account_new->quota[$i][0]) {
$account_new->quota[$i][2] = $_POST['f_quota_'.$i.'_2']; $account_new->quota[$i][2] = $_POST['f_quota_'.$i.'_2'];
$account_new->quota[$i][3] = $_POST['f_quota_'.$i.'_3']; $account_new->quota[$i][3] = $_POST['f_quota_'.$i.'_3'];
@ -436,7 +453,6 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
$i++; $i++;
} }
break; break;
case 'personal': case 'personal':
// Write all general values into $account_new // Write all general values into $account_new
$account_new->personal_title = $_POST['f_personal_title']; $account_new->personal_title = $_POST['f_personal_title'];
@ -459,16 +475,13 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $account_new->personal_employeeType)) $errors[] = array('ERROR', _('Employee type'), _('Please enter a valid employee type!')); if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $account_new->personal_employeeType)) $errors[] = array('ERROR', _('Employee type'), _('Please enter a valid employee type!'));
if ( !ereg('^([0-9]|[A-Z]|[a-z])*$', $account_new->personal_postalCode)) $errors[] = array('ERROR', _('Postal code'), _('Please enter a valid postal code!')); if ( !ereg('^([0-9]|[A-Z]|[a-z])*$', $account_new->personal_postalCode)) $errors[] = array('ERROR', _('Postal code'), _('Please enter a valid postal code!'));
break; break;
case 'final': case 'final':
// Write all general values into $account_new // Write all general values into $account_new
if ($_POST['f_final_changegids']) $final_changegids = $_POST['f_final_changegids'] ;
// Check which part Site should be displayed next
break; break;
case 'finish': case 'finish':
// Check if pdf-file should be created // Check if pdf-file should be created
if ($_POST['outputpdf']) { if ($_POST['outputpdf']) {
// Quota Settings // Load quotas if not yet done because they are needed for the pdf-file
if ($config_intern->scriptServer && !isset($account_new->quota[0])) { // load quotas if ($config_intern->scriptServer && !isset($account_new->quota[0])) { // load quotas
$values = getquotas('user', $account_old->general_username); $values = getquotas('user', $account_old->general_username);
if (is_object($values)) { if (is_object($values)) {
@ -480,7 +493,9 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
if (isset($val)) $account_old->$key = $val; if (isset($val)) $account_old->$key = $val;
} }
} }
createUserPDF(array($account_new)); // Create / display PDf-file
createUSerPDF(array($account_new));
// Stop script
die; die;
} }
break; break;
@ -490,50 +505,96 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
do { // X-Or, only one if() can be true do { // X-Or, only one if() can be true
if ($_POST['next_general']) { if ($_POST['next_general']) {
// Go from general to next page if no error did ocour
if (!is_array($errors)) $select_local='general'; if (!is_array($errors)) $select_local='general';
else $select_local=$_POST['select']; else $select_local=$_POST['select'];
break; break;
} }
if ($_POST['next_unix']) { if ($_POST['next_unix']) {
// Go from unix to next page if no error did ocour
if (!is_array($errors)) $select_local='unix'; if (!is_array($errors)) $select_local='unix';
else $select_local=$_POST['select']; else $select_local=$_POST['select'];
break; break;
} }
if ($_POST['next_samba']) { if ($_POST['next_samba']) {
// Go from samba to next page if no error did ocour
if (!is_array($errors)) $select_local='samba'; if (!is_array($errors)) $select_local='samba';
else $select_local=$_POST['select']; else $select_local=$_POST['select'];
break; break;
} }
if ($_POST['next_quota']) { if ($_POST['next_quota']) {
// Go from quota to next page if no error did ocour
if (!is_array($errors)) $select_local='quota'; if (!is_array($errors)) $select_local='quota';
else $select_local=$_POST['select']; else $select_local=$_POST['select'];
break; break;
} }
if ($_POST['next_personal']) { if ($_POST['next_personal']) {
// Go from personal to next page if no error did ocour
if (!is_array($errors)) $select_local='personal'; if (!is_array($errors)) $select_local='personal';
else $select_local=$_POST['select']; else $select_local=$_POST['select'];
break; break;
} }
if ($_POST['next_final']) { if ($_POST['next_final']) {
// Go from final to next page if no error did ocour
if (($account_old) && ($account_new->general_uidNumber != $account_old->general_uidNumber))
$errors[] = array('INFO', _('UID-number has changed. You have to run the following command as root in order to change existing file-permissions:'),
'find / -gid ' . $account_old->general_uidNumber . ' -exec chown ' . $account_new->general_uidNumber . ' {} \;');
if (($account_old) && ($account_new->general_group != $account_old->general_group))
$errors[] = array('INFO', _('Primary group has changed. You have to run the following command as root in order to change existing file-permissions:'),
'find / -uid ' . $account_new->general_uidNumber . ' -gid ' . getgid($account_old->general_group) .' -exec chown ' . $account_new->general_uidNumber . ':'.getgid($account_new->general_group). ' {} \;');
if (($account_old) && ($account_new->general_homedir != $account_old->general_homedir))
$errors[] = array('INFO', _('Home Directory has changed. You have to run the following command as root in order to change the existing homedirectory:'),
'mv ' . $account_old->general_homedir . ' ' . $account_new->general_homedir);
if ($config_intern->is_samba3() && !isset($account_new->smb_domain))
// Samba page not viewed; can not create user because if missing options
$errors[] = array("ERROR", _("Samba Options not set!"), _("Please check settings on samba page."));
else {
$found = false;
if (strstr($account_new->smb_scriptPath, '$group')) $found = true;
if (strstr($account_new->smb_scriptPath, '$user')) $found = true;
if (strstr($account_new->smb_profilePath, '$group')) $found = true;
if (strstr($account_new->smb_profilePath, '$user')) $found = true;
if (strstr($account_new->smb_smbhome, '$group')) $found = true;
if (strstr($account_new->smb_smbhome, '$user')) $found = true;
if ($found)
// Samba page not viewed; can not create group because if missing options
$errors[] = array("ERROR", _("Samba Options not set!"), _("Please check settings on samba page."));
}
if (isset($account_old->general_objectClass)) {
if (!in_array('posixAccount', $account_old->general_objectClass))
$errors[] = array('WARN', _('ObjectClass posixAccount not found.'), _('Have to add objectClass posixAccount.'));
if (!in_array('shadowAccount', $account_old->general_objectClass))
$errors[] = array('WARN', _('ObjectClass shadowAccount.'), _('Have to add objectClass shadowAccount.'));
if ($config_intern->is_samba3()) {
if (!in_array('sambaSamAccount', $account_old->general_objectClass))
$errors[] = array('WARN', _('ObjectClass sambaSamAccount not found.'), _('Have to add objectClass sambaSamAccount. USer with sambaAccount will be updated.'));
}
else {
if (!in_array('sambaAccount', $account_old->general_objectClass))
$errors[] = array('WARN', _('ObjectClass sambaAccount not found.'), _('Have to add objectClass sambaAccount. User with sambaSamAccount will be set back to sambaAccount.'));
}
}
if (!is_array($errors)) $select_local='final'; if (!is_array($errors)) $select_local='final';
else $select_local=$_POST['select']; else $select_local=$_POST['select'];
break; break;
} }
if ($_POST['next_workstations']) { if ($_POST['next_workstations']) {
// Go from workstations to next page if no error did ocour
if (!is_array($errors)) $select_local='workstations'; if (!is_array($errors)) $select_local='workstations';
else $select_local=$_POST['select']; else $select_local=$_POST['select'];
break; break;
} }
if ($_POST['next_groups']) { if ($_POST['next_groups']) {
// Go from groups to next page if no error did ocour
if (!is_array($errors)) $select_local='groups'; if (!is_array($errors)) $select_local='groups';
else $select_local=$_POST['select']; else $select_local=$_POST['select'];
break; break;
} }
// Reset account to original settings if undo-button was pressed
if ($_POST['next_reset']) { if ($_POST['next_reset']) {
$account_new = $account_old; $account_new = $account_old;
$account_new->unix_password=''; $account_new->unix_password='';
$account_new->smb_password=''; $account_new->smb_password='';
$account_new->smb_flagsW = 0;
$account_new->general_dn = substr($account_new->general_dn, strpos($account_new->general_dn, ',')+1); $account_new->general_dn = substr($account_new->general_dn, strpos($account_new->general_dn, ',')+1);
$select_local = $_POST['select']; $select_local = $_POST['select'];
break; break;
@ -542,19 +603,22 @@ do { // X-Or, only one if() can be true
// Create or modify an account // Create or modify an account
if ($account_old) $result = modifyuser($account_new,$account_old); if ($account_old) $result = modifyuser($account_new,$account_old);
else $result = createuser($account_new); // account.inc else $result = createuser($account_new); // account.inc
if ( $result==1 || $result==3 ) $select_local = 'finish'; if ( $result==4 || $result==5 ) $select_local = 'final';
else $select_local = 'final'; else $select_local = 'finish';
break; break;
} }
// Load Profile and reset all attributes to settings in profile
if ($_POST['createagain']) { if ($_POST['createagain']) {
$select_local='general'; $select_local='general';
unset ($_SESSION['account_'.$varkey.'_account_new']);
unset($account_new); unset($account_new);
$account_new = loadUserProfile('default'); $_SESSION['account_'.$varkey.'_account_new'] = loadUserProfile('default');
$account_new =& $_SESSION['account_'.$varkey.'_account_new'];
$account_new ->type = 'user'; $account_new ->type = 'user';
break; break;
} }
// Load Profile and reset all attributes to settings in profile
if ($_POST['load']) { if ($_POST['load']) {
// load profile
$account_new->general_dn = $_POST['f_general_suffix']; $account_new->general_dn = $_POST['f_general_suffix'];
$account_new->general_username = $_POST['f_general_username']; $account_new->general_username = $_POST['f_general_username'];
$account_new->general_surname = $_POST['f_general_surname']; $account_new->general_surname = $_POST['f_general_surname'];
@ -578,27 +642,28 @@ do { // X-Or, only one if() can be true
$account_new->smb_scriptPath = str_replace('$group', $account_new->general_group, $account_new->smb_scriptPath); $account_new->smb_scriptPath = str_replace('$group', $account_new->general_group, $account_new->smb_scriptPath);
if ($account_new->general_username != '') if ($account_new->general_username != '')
$account_new->smb_scriptPath = str_replace('$user', $account_new->general_username, $account_new->smb_scriptPath); $account_new->smb_scriptPath = str_replace('$user', $account_new->general_username, $account_new->smb_scriptPath);
$account_new->smb_profilePath = str_replace('$group', $account_new->general_group, $account_new->smb_profilePath); $account_new->smb_profilePath = str_replace('$group', $account_new->general_group, $account_new->smb_profilePath);
if ($account_new->general_username != '') if ($account_new->general_username != '')
$account_new->smb_profilePath = str_replace('$user', $account_new->general_username, $account_new->smb_profilePath); $account_new->smb_profilePath = str_replace('$user', $account_new->general_username, $account_new->smb_profilePath);
$account_new->smb_smbhome = str_replace('$group', $account_new->general_group, $account_new->smb_smbhome); $account_new->smb_smbhome = str_replace('$group', $account_new->general_group, $account_new->smb_smbhome);
if ($account_new->general_username != '') if ($account_new->general_username != '')
$account_new->smb_smbhome = str_replace('$user', $account_new->general_username, $account_new->smb_smbhome); $account_new->smb_smbhome = str_replace('$user', $account_new->general_username, $account_new->smb_smbhome);
if ($config_intern->scriptServer) { if ($config_intern->scriptServer) {
// load quotas from profile and check if they are valid // load quotas and check if quotas from profile are valid
$values = getquotas('user', $account_old->general_username); $values = getquotas('user');
if (isset($account_new->quota[0])) { // check quotas from profile if (isset($account_new->quota[0])) {
// check quotas from profile
$i=0; $i=0;
// check quota settings // check quota settings, loop for every partition with quotas
while (isset($account_new->quota[$i])) { while (isset($account_new->quota[$i])) {
// search if quotas from profile fit to a real quota
$found = (-1); $found = (-1);
for ($j=0; $j<count($values->quota); $j++) for ($j=0; $j<count($values->quota); $j++)
if ($values->quota[$j][0]==$account_new->quota[$i][0]) $found = $j; if ($values->quota[$j][0]==$account_new->quota[$i][0]) $found = $j;
// unset quota from profile if quotas (mointpoint) doesn't exists anymore
if ($found==-1) unset($account_new->quota[$i]); if ($found==-1) unset($account_new->quota[$i]);
else { else {
// Set missing part in quota-array
$account_new->quota[$i][1] = $values->quota[$found][1]; $account_new->quota[$i][1] = $values->quota[$found][1];
$account_new->quota[$i][5] = $values->quota[$found][5]; $account_new->quota[$i][5] = $values->quota[$found][5];
$account_new->quota[$i][4] = $values->quota[$found][4]; $account_new->quota[$i][4] = $values->quota[$found][4];
@ -606,27 +671,35 @@ do { // X-Or, only one if() can be true
$i++; $i++;
} }
} }
// Beautify array, repair index
$account_new->quota = array_values($account_new->quota); $account_new->quota = array_values($account_new->quota);
} }
else { // No quotas saved in profile else { // No quotas saved in profile
// Display quotas for new users (Quota set to 0)
if (is_object($values)) { if (is_object($values)) {
while (list($key, $val) = each($values)) // Set only defined values while (list($key, $val) = each($values)) // Set only defined values
if (isset($val)) $account_new->$key = $val; if (isset($val)) $account_new->$key = $val;
} }
} }
$account_old->quota = $values->quota;
} }
// select general page after group has been loaded // select general page after group has been loaded
$select_local='general'; $select_local='general';
break; break;
} }
// Save Profile
if ($_POST['save']) { if ($_POST['save']) {
// save profile // save profile
saveUserProfile($account_new, $_POST['f_finish_safeProfile']); if ($_POST['f_finish_safeProfile']=='')
$errors[] = array('ERROR', _('Save profile'), _('No profilename given.'));
else {
saveUSerProfile($account_new, $_POST['f_finish_safeProfile']);
$errors[] = array('INFO', _('Save profile'), _('New profile created.'));
}
// select last page displayed before user is created // select last page displayed before user is created
$select_local='final'; $select_local='final';
break; break;
} }
// Go back to listgroups.php
if ($_POST['backmain']) { if ($_POST['backmain']) {
if (isset($_SESSION['account_'.$varkey.'_account_new'])) unset($_SESSION['account_'.$varkey.'_account_new']); if (isset($_SESSION['account_'.$varkey.'_account_new'])) unset($_SESSION['account_'.$varkey.'_account_new']);
if (isset($_SESSION['account_'.$varkey.'_account_old'])) unset($_SESSION['account_'.$varkey.'_account_old']); if (isset($_SESSION['account_'.$varkey.'_account_old'])) unset($_SESSION['account_'.$varkey.'_account_old']);
@ -636,7 +709,6 @@ do { // X-Or, only one if() can be true
die; die;
break; break;
} }
if (!$select_local) $select_local='general';
} while(0); } while(0);
@ -652,31 +724,38 @@ echo "</title>\n".
"<form action=\"useredit.php\" method=\"post\">\n". "<form action=\"useredit.php\" method=\"post\">\n".
"<input name=\"varkey\" type=\"hidden\" value=\"".$varkey."\">\n"; "<input name=\"varkey\" type=\"hidden\" value=\"".$varkey."\">\n";
// Display errir-messages
if (is_array($errors)) if (is_array($errors))
for ($i=0; $i<sizeof($errors); $i++) StatusMessage($errors[$i][0], $errors[$i][1], $errors[$i][2]); for ($i=0; $i<sizeof($errors); $i++) StatusMessage($errors[$i][0], $errors[$i][1], $errors[$i][2]);
// print_r($account_new); // print_r($account_new);
// print_r($_POST);
switch ($select_local) { // Select which part of page will be loaded
// general = startpage, general account paramters
// unix = page with all shadow-options and password
// samba = page with all samba-related parameters e.g. smbpassword
// quota = page with all quota-related parameters e.g. hard file quota
// personal = page with all personal-related parametergs, e.g. phone number
// final = last page shown before account is created/modified
// if account is modified commands might be ran are shown
// finish = page shown after account has been created/modified
switch ($select_local) {
/* Select which part of page should be loaded and check values
* groups = page with all groups to which user is additional member
* workstations = page with all workstations the user is allowed to login
* general = startpage, general account paramters
* samba = page with all samba-related parameters e.g. smbpassword
* quota = page with all quota-related parameters e.g. hard file quota
* personal = page with all personal-related parametergs, e.g. phone number
* final = last page shown before account is created/modified
* finish = page shown after account has been created/modified
*/
case 'workstations': case 'workstations':
// Validate cache-array
ldapreload('host'); ldapreload('host');
// Get copy of cache-array
$temp2 = $hostDN_intern; $temp2 = $hostDN_intern;
// unset timestamp stored in $temp2[0]
unset($temp2[0]); unset($temp2[0]);
// Remove $ from workstations
foreach ($temp2 as $temp) $hosts[] = str_replace("$", '',$temp['cn']); foreach ($temp2 as $temp) $hosts[] = str_replace("$", '',$temp['cn']);
// sort workstations
sort($hosts, SORT_STRING); sort($hosts, SORT_STRING);
// get workstation array // get workstation array
$temp = str_replace(' ', '', $account_new->smb_smbuserworkstations); $temp = str_replace(' ', '', $account_new->smb_smbuserworkstations);
$workstations = explode (',', $temp); $workstations = explode (',', $temp);
// Remove workstations to which the user is allowed to login from array
$hosts = array_delete($workstations, $hosts); $hosts = array_delete($workstations, $hosts);
echo '<input name="select" type="hidden" value="workstations">'; echo '<input name="select" type="hidden" value="workstations">';
echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >"; echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";
@ -706,6 +785,7 @@ switch ($select_local) { // Select which part of page will be loaded
echo "<fieldset class=\"useredit-bright\"><legend class=\"useredit-bright\">"; echo "<fieldset class=\"useredit-bright\"><legend class=\"useredit-bright\">";
echo _("Allowed workstations"); echo _("Allowed workstations");
echo "</legend>\n"; echo "</legend>\n";
// display all workstations the user is allowed to login
if (count($workstations)!=0) { if (count($workstations)!=0) {
echo "<select name=\"members[]\" class=\"useredit-bright\" size=15 multiple>\n"; echo "<select name=\"members[]\" class=\"useredit-bright\" size=15 multiple>\n";
for ($i=0; $i<count($workstations); $i++) for ($i=0; $i<count($workstations); $i++)
@ -720,6 +800,7 @@ switch ($select_local) { // Select which part of page will be loaded
echo "<td valign=\"top\"><fieldset class=\"useredit-bright\"><legend class=\"useredit-bright\">"; echo "<td valign=\"top\"><fieldset class=\"useredit-bright\"><legend class=\"useredit-bright\">";
echo _('Available workstations'); echo _('Available workstations');
echo "</legend>\n"; echo "</legend>\n";
// Display all workstations without these the user is allowed to login
if (count($hosts)!=0) { if (count($hosts)!=0) {
echo "<select name=\"hosts[]\" size=15 multiple class=\"useredit-bright\">\n"; echo "<select name=\"hosts[]\" size=15 multiple class=\"useredit-bright\">\n";
foreach ($hosts as $temp) echo " <option>$temp</option>\n"; foreach ($hosts as $temp) echo " <option>$temp</option>\n";
@ -729,18 +810,23 @@ switch ($select_local) { // Select which part of page will be loaded
echo "<input name=\"next_samba\" type=\"submit\" value=\""; echo _('Back'); echo "\">\n"; echo "<input name=\"next_samba\" type=\"submit\" value=\""; echo _('Back'); echo "\">\n";
echo "</fieldset></td></tr></table>\n</td></tr>\n</table>\n"; echo "</fieldset></td></tr></table>\n</td></tr>\n</table>\n";
break; break;
case 'groups': case 'groups':
// Validate cache-array
ldapreload('group'); ldapreload('group');
// Get copy of cache-array
$temp2 = $groupDN_intern; $temp2 = $groupDN_intern;
// unset timestamp stored in $temp2[0]
unset($temp2[0]); unset($temp2[0]);
// load list with all groups
foreach ($temp2 as $temp) $groups[] = $temp['cn']; foreach ($temp2 as $temp) $groups[] = $temp['cn'];
// sort groups
sort($groups, SORT_STRING); sort($groups, SORT_STRING);
// remove groups the user is member of from grouplist
$groups = array_delete($account_new->general_groupadd, $groups); $groups = array_delete($account_new->general_groupadd, $groups);
// Remove primary group from grouplist
$groups = array_flip($groups); $groups = array_flip($groups);
unset ($groups[$account_new->general_group]); if (isset($groups[$account_new->general_group])) unset ($groups[$account_new->general_group]);
$groups = array_flip($groups); $groups = array_flip($groups);
echo '<input name="select" type="hidden" value="groups">'; echo '<input name="select" type="hidden" value="groups">';
echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >"; echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";
echo "<table><tr><td><fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>"; echo "<table><tr><td><fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>";
@ -769,6 +855,7 @@ switch ($select_local) { // Select which part of page will be loaded
echo "<fieldset class=\"useredit-bright\"><legend class=\"useredit-bright\">"; echo "<fieldset class=\"useredit-bright\"><legend class=\"useredit-bright\">";
echo _("Selected groups"); echo _("Selected groups");
echo "</legend>\n"; echo "</legend>\n";
// Show all groups the user is additional member of
if (count($account_new->general_groupadd)!=0) { if (count($account_new->general_groupadd)!=0) {
echo "<select name=\"selectedgroups[]\" class=\"useredit-bright\" size=15 multiple>\n"; echo "<select name=\"selectedgroups[]\" class=\"useredit-bright\" size=15 multiple>\n";
for ($i=0; $i<count($account_new->general_groupadd); $i++) for ($i=0; $i<count($account_new->general_groupadd); $i++)
@ -783,6 +870,7 @@ switch ($select_local) { // Select which part of page will be loaded
echo "<td valign=\"top\"><fieldset class=\"useredit-bright\"><legend class=\"useredit-bright\">"; echo "<td valign=\"top\"><fieldset class=\"useredit-bright\"><legend class=\"useredit-bright\">";
echo _('Available groups'); echo _('Available groups');
echo "</legend>\n"; echo "</legend>\n";
// show all groups expect these the user is member of
if (count($groups)!=0) { if (count($groups)!=0) {
echo "<select name=\"allgroups[]\" size=15 multiple class=\"useredit-bright\">\n"; echo "<select name=\"allgroups[]\" size=15 multiple class=\"useredit-bright\">\n";
foreach ($groups as $temp) { foreach ($groups as $temp) {
@ -795,15 +883,12 @@ switch ($select_local) { // Select which part of page will be loaded
echo "<input name=\"next_general\" type=\"submit\" value=\""; echo _('Back'); echo "\">\n"; echo "<input name=\"next_general\" type=\"submit\" value=\""; echo _('Back'); echo "\">\n";
echo "</fieldset></td></tr></table>\n</td></tr>\n</table>\n"; echo "</fieldset></td></tr></table>\n</td></tr>\n</table>\n";
break; break;
case 'general': case 'general':
// General Account Settings // General Account Settings
// load list of all groups // load list of all groups
$groups = findgroups(); $groups = findgroups();
// load list of profiles
$profilelist = getUserProfiles(); $profilelist = getUserProfiles();
// Show page info
// Show page info
echo '<input name="select" type="hidden" value="general">'; echo '<input name="select" type="hidden" value="general">';
echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >"; echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";
echo "<table><tr><td><fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>"; echo "<table><tr><td><fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>";
@ -889,6 +974,7 @@ switch ($select_local) { // Select which part of page will be loaded
'<a href="../help.php?HelpNumber=405" target="lamhelp">'._('Help').'</a>'. '<a href="../help.php?HelpNumber=405" target="lamhelp">'._('Help').'</a>'.
'</td></tr>'."\n".'<tr><td>'; '</td></tr>'."\n".'<tr><td>';
echo _('Suffix'); echo '</td><td><select name="f_general_suffix">'; echo _('Suffix'); echo '</td><td><select name="f_general_suffix">';
// loop through all user suffixes
foreach ($ldap_intern->search_units($config_intern->get_UserSuffix()) as $suffix) { foreach ($ldap_intern->search_units($config_intern->get_UserSuffix()) as $suffix) {
if ($account_new->general_dn) { if ($account_new->general_dn) {
if ($account_new->general_dn == $suffix) if ($account_new->general_dn == $suffix)
@ -901,6 +987,7 @@ switch ($select_local) { // Select which part of page will be loaded
"</a></td>\n</tr>\n</table>"; "</a></td>\n</tr>\n</table>";
echo _('Values with * are required'); echo _('Values with * are required');
echo "</fieldset>\n</td></tr><tr><td>"; echo "</fieldset>\n</td></tr><tr><td>";
// Show fieldset with list of all user profiles
if (count($profilelist)!=0) { if (count($profilelist)!=0) {
echo "<fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>"; echo "<fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>";
echo _("Load profile"); echo _("Load profile");
@ -913,7 +1000,6 @@ switch ($select_local) { // Select which part of page will be loaded
echo _('Help')."</a></td>\n</tr>\n</table>\n</fieldset>\n"; echo _('Help')."</a></td>\n</tr>\n</table>\n</fieldset>\n";
} }
echo "</td></tr>\n</table>\n</td></tr></table>\n"; echo "</td></tr>\n</table>\n</td></tr></table>\n";
break; break;
case 'unix': case 'unix':
// Unix Password Settings // Unix Password Settings
@ -925,6 +1011,7 @@ switch ($select_local) { // Select which part of page will be loaded
$password = str_replace(chr(00), '', $password); $password = str_replace(chr(00), '', $password);
} }
else $password=''; else $password='';
// Use dd-mm-yyyy format of date because it's easier to read for humans
$date = getdate ($account_new->unix_pwdexpire); $date = getdate ($account_new->unix_pwdexpire);
echo "<input name=\"select\" type=\"hidden\" value=\"unix\">\n"; echo "<input name=\"select\" type=\"hidden\" value=\"unix\">\n";
echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >"; echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";
@ -1005,16 +1092,19 @@ switch ($select_local) { // Select which part of page will be loaded
if ($account_new->unix_deactivated) echo ' checked '; if ($account_new->unix_deactivated) echo ' checked ';
echo '></td>'."\n".'<td>'. echo '></td>'."\n".'<td>'.
'<a href="../help.php?HelpNumber=427" target="lamhelp">'._('Help').'</a>'. '<a href="../help.php?HelpNumber=427" target="lamhelp">'._('Help').'</a>'.
'</td></tr>'."\n".'<tr><td>'; '</td></tr>'."\n";
echo _('Unix workstations'); // show only hosts if schema does allow hosts
echo '</td>'."\n".'<td><input name="f_unix_host" type="text" size="20" maxlength="80" value="' . $account_new->unix_host . '">'. if ($_SESSION['ldap']->support_unix_hosts) {
'</td>'."\n".'<td>'. echo '<tr><td>';
'<a href="../help.php?HelpNumber=466" target="lamhelp">'._('Help'). echo _('Unix workstations');
"</a></td>\n</tr>\n</table>"; echo '</td>'."\n".'<td><input name="f_unix_host" type="text" size="20" maxlength="80" value="' . $account_new->unix_host . '">'.
'</td>'."\n".'<td>'.
'<a href="../help.php?HelpNumber=466" target="lamhelp">'._('Help').
"</a></td>\n</tr>\n";
}
echo "</table>\n";
echo _('Values with * are required'); echo _('Values with * are required');
echo "</fieldset>\n</td></tr></table></td></tr>\n</table>\n"; echo "</fieldset>\n</td></tr></table></td></tr>\n</table>\n";
break; break;
case 'samba': case 'samba':
// Samba Settings // Samba Settings
@ -1027,10 +1117,11 @@ switch ($select_local) { // Select which part of page will be loaded
} }
else $password = ""; else $password = "";
if ($config_intern->is_samba3()) $samba3domains = $ldap_intern->search_domains($config_intern->get_domainSuffix()); if ($config_intern->is_samba3()) $samba3domains = $ldap_intern->search_domains($config_intern->get_domainSuffix());
// Use dd-mm-yyyy format of date because it's easier to read for humans
$canchangedate = getdate($account_new->smb_pwdcanchange); $canchangedate = getdate($account_new->smb_pwdcanchange);
$mustchangedate = getdate($account_new->smb_pwdmustchange); $mustchangedate = getdate($account_new->smb_pwdmustchange);
echo '<input name="select" type="hidden" value="samba">'; echo '<input name="select" type="hidden" value="samba">';
// Save all values smaller than "day" so we don't loose them
echo '<input name="f_smb_pwdcanchange_h" type="hidden" value="'.$canchangedate['hours'].'">'. echo '<input name="f_smb_pwdcanchange_h" type="hidden" value="'.$canchangedate['hours'].'">'.
'<input name="f_smb_pwdcanchange_m" type="hidden" value="'.$canchangedate['minutes'].'">'. '<input name="f_smb_pwdcanchange_m" type="hidden" value="'.$canchangedate['minutes'].'">'.
'<input name="f_smb_pwdcanchange_s" type="hidden" value="'.$canchangedate['seconds'].'">'. '<input name="f_smb_pwdcanchange_s" type="hidden" value="'.$canchangedate['seconds'].'">'.
@ -1132,7 +1223,7 @@ switch ($select_local) { // Select which part of page will be loaded
'</td></tr>'."\n".'<tr><td>'; '</td></tr>'."\n".'<tr><td>';
echo _('Home drive'); echo _('Home drive');
echo '</td>'."\n".'<td><select name="f_smb_homedrive" >'; echo '</td>'."\n".'<td><select name="f_smb_homedrive" >';
for ($i=68; $i<91; $i++) for ($i=90; $i>67; $i--)
if ($account_new->smb_homedrive== chr($i).':') echo '<option selected> '.chr($i).':</option>'; else echo '<option> '.chr($i).':</option>'; if ($account_new->smb_homedrive== chr($i).':') echo '<option selected> '.chr($i).':</option>'; else echo '<option> '.chr($i).':</option>';
echo '</select></td>'."\n".'<td>'. echo '</select></td>'."\n".'<td>'.
'<a href="../help.php?HelpNumber=433" target="lamhelp">'._('Help').'</a>'. '<a href="../help.php?HelpNumber=433" target="lamhelp">'._('Help').'</a>'.
@ -1159,6 +1250,7 @@ switch ($select_local) { // Select which part of page will be loaded
'</td></tr>'."\n".'<tr><td>'; '</td></tr>'."\n".'<tr><td>';
echo _('Windows groupname'); echo _('Windows groupname');
echo '</td>'."\n".'<td><select name="f_smb_mapgroup" >'; echo '</td>'."\n".'<td><select name="f_smb_mapgroup" >';
// Display if group SID should be mapped to a well kown SID
if ($config_intern->samba3=='yes') { if ($config_intern->samba3=='yes') {
if ( $account_new->smb_mapgroup == $account_new->smb_domain->SID . "-". if ( $account_new->smb_mapgroup == $account_new->smb_domain->SID . "-".
(2 * getgid($account_new->general_group) + $values->smb_domain->RIDbase+1)) { (2 * getgid($account_new->general_group) + $values->smb_domain->RIDbase+1)) {
@ -1240,7 +1332,9 @@ switch ($select_local) { // Select which part of page will be loaded
'<a href="../help.php?HelpNumber=464" target="lamhelp">'._('Help').'</a>'. '<a href="../help.php?HelpNumber=464" target="lamhelp">'._('Help').'</a>'.
'</td></tr>'."\n".'<tr><td>'; '</td></tr>'."\n".'<tr><td>';
echo _('Domain'); echo _('Domain');
// select which domain name should be displayed
if ($config_intern->is_samba3()) { if ($config_intern->is_samba3()) {
// samba 3 uses object to store SID and name of domain
echo '</td><td><select name="f_smb_domain">'; echo '</td><td><select name="f_smb_domain">';
for ($i=0; $i<sizeof($samba3domains); $i++) { for ($i=0; $i<sizeof($samba3domains); $i++) {
if ($account_new->smb_domain->name) { if ($account_new->smb_domain->name) {
@ -1253,6 +1347,7 @@ switch ($select_local) { // Select which part of page will be loaded
echo '</select>'; echo '</select>';
} }
else { else {
// Samba 2.2 just uses a string as domain name
echo '</td>'."\n".'<td><input name="f_smb_domain" type="text" size="20" maxlength="80" value="' . $account_new->smb_domain . '">'; echo '</td>'."\n".'<td><input name="f_smb_domain" type="text" size="20" maxlength="80" value="' . $account_new->smb_domain . '">';
} }
echo '</td>'."\n".'<td><a href="../help.php?HelpNumber=438" target="lamhelp">'._('Help').'</a></td></tr>'."\n"; echo '</td>'."\n".'<td><a href="../help.php?HelpNumber=438" target="lamhelp">'._('Help').'</a></td></tr>'."\n";
@ -1260,6 +1355,7 @@ switch ($select_local) { // Select which part of page will be loaded
break; break;
case 'quota': case 'quota':
// Quota Settings // Quota Settings
// Load quotas if not yet done
if ($config_intern->scriptServer && !isset($account_new->quota[0])) { // load quotas if ($config_intern->scriptServer && !isset($account_new->quota[0])) { // load quotas
$values = getquotas('user', $account_old->general_username); $values = getquotas('user', $account_old->general_username);
if (is_object($values)) { if (is_object($values)) {
@ -1303,6 +1399,7 @@ switch ($select_local) { // Select which part of page will be loaded
'<a href="../help.php?HelpNumber=445" target="lamhelp">'._('Help').'</a></td>'."\n".'<td><a href="../help.php?HelpNumber=446" target="lamhelp">'._('Help').'</a></td>'."\n".'<td>'. '<a href="../help.php?HelpNumber=445" target="lamhelp">'._('Help').'</a></td>'."\n".'<td><a href="../help.php?HelpNumber=446" target="lamhelp">'._('Help').'</a></td>'."\n".'<td>'.
'<a href="../help.php?HelpNumber=447" target="lamhelp">'._('Help').'</a></td></tr>'."\n"; '<a href="../help.php?HelpNumber=447" target="lamhelp">'._('Help').'</a></td></tr>'."\n";
$i=0; $i=0;
// loop for every mointpoint with enabled quotas
while ($account_new->quota[$i][0]) { while ($account_new->quota[$i][0]) {
echo '<tr><td>'.$account_new->quota[$i][0].'</td><td>'.$account_new->quota[$i][1].'</td>'; // used blocks echo '<tr><td>'.$account_new->quota[$i][0].'</td><td>'.$account_new->quota[$i][1].'</td>'; // used blocks
echo '<td><input name="f_quota_'.$i.'_2" type="text" size="12" maxlength="20" value="'.$account_new->quota[$i][2].'"></td>'; // blocks soft limit echo '<td><input name="f_quota_'.$i.'_2" type="text" size="12" maxlength="20" value="'.$account_new->quota[$i][2].'"></td>'; // blocks soft limit
@ -1316,7 +1413,6 @@ switch ($select_local) { // Select which part of page will be loaded
} }
echo "</table>\n</fieldset>\n</td></tr></table></td></tr>\n</table>\n"; echo "</table>\n</fieldset>\n</td></tr></table></td></tr>\n</table>\n";
break; break;
case 'personal': case 'personal':
// Personal Settings // Personal Settings
echo "<input name=\"select\" type=\"hidden\" value=\"personal\">\n"; echo "<input name=\"select\" type=\"hidden\" value=\"personal\">\n";
@ -1399,12 +1495,6 @@ switch ($select_local) { // Select which part of page will be loaded
break; break;
case 'final': case 'final':
// Final Settings // Final Settings
$disabled = "";
if ($config_intern->is_samba3()) {
if (!isset($account_new->smb_domain)) { // Samba page nit viewd; can not create group because if missing options
$disabled = "disabled";
}
}
echo '<input name="select" type="hidden" value="final">'; echo '<input name="select" type="hidden" value="final">';
echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >"; echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";
echo "<table><tr><td><fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>"; echo "<table><tr><td><fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>";
@ -1440,76 +1530,7 @@ switch ($select_local) { // Select which part of page will be loaded
else echo _('Create'); else echo _('Create');
echo "</b></legend>\n"; echo "</b></legend>\n";
echo "<table border=0 width=\"100%\">"; echo "<table border=0 width=\"100%\">";
if (($account_old) && ($account_new->general_uidNumber != $account_old->general_uidNumber)) { echo "<tr><td><input name=\"create\" type=\"submit\" value=\"";
echo '<tr>';
StatusMessage ('INFO', _('UID-number has changed. You have to run the following command as root in order to change existing file-permissions:'),
'find / -gid ' . $account_old->general_uidNumber . ' -exec chown ' . $account_new->general_uidNumber . ' {} \;');
echo '</tr>'."\n";
}
if (($account_old) && ($account_new->general_group != $account_old->general_group)) {
echo '<tr>';
StatusMessage ('INFO', _('Primary group has changed. You have to run the following command as root in order to change existing file-permissions:'),
'find / -uid ' . $account_new->general_uidNumber . ' -gid ' . getgid($account_old->general_group) .' -exec chown ' . $account_new->general_uidNumber . ':'.getgid($account_new->general_group). ' {} \;');
echo '</tr>'."\n";
}
if (($account_old) && ($account_new->general_homedir != $account_old->general_homedir)) {
echo '<tr>';
StatusMessage ('INFO', _('Home Directory has changed. You have to run the following command as root in order to change the existing homedirectory:'),
'mv ' . $account_old->general_homedir . ' ' . $account_new->general_homedir);
echo '</tr>'."\n";
}
if ($disabled=='disabled') { // Samba page nit viewd; can not create group because if missing options
echo "<tr>";
StatusMessage("ERROR", _("Samba Options not set!"), _("Please check settings on samba page."));
echo "</tr>";
}
else {
$found = false;
if (strstr($account_new->smb_scriptPath, '$group')) $found = true;
if (strstr($account_new->smb_scriptPath, '$user')) $found = true;
if (strstr($account_new->smb_profilePath, '$group')) $found = true;
if (strstr($account_new->smb_profilePath, '$user')) $found = true;
if (strstr($account_new->smb_smbhome, '$group')) $found = true;
if (strstr($account_new->smb_smbhome, '$user')) $found = true;
if ($found) { // Samba page nit viewd; can not create group because if missing options
$disabled = "disabled";
echo "<tr>";
StatusMessage("ERROR", _("Samba Options not set!"), _("Please check settings on samba page."));
echo "</tr>";
}
}
if (isset($account_old->general_objectClass)) {
if (!in_array('posixAccount', $account_old->general_objectClass)) {
echo '<tr>';
StatusMessage('WARN', _('ObjectClass posixAccount not found.'), _('Have to add objectClass posixAccount.'));
echo "</tr>\n";
}
if (!in_array('shadowAccount', $account_old->general_objectClass)) {
echo '<tr>';
StatusMessage('WARN', _('ObjectClass shadowAccount.'), _('Have to add objectClass shadowAccount.'));
echo "</tr>\n";
}
if ($config_intern->is_samba3()) {
if (!in_array('sambaSamAccount', $account_old->general_objectClass)) {
echo '<tr>';
StatusMessage('WARN', _('ObjectClass sambaSamAccount not found.'), _('Have to add objectClass sambaSamAccount. USer with sambaAccount will be updated.'));
echo "</tr>\n";
}}
else
if (!in_array('sambaAccount', $account_old->general_objectClass)) {
echo '<tr>';
StatusMessage('WARN', _('ObjectClass sambaAccount not found.'), _('Have to add objectClass sambaAccount. User with sambaSamAccount will be set back to sambaAccount.'));
echo "</tr>\n";
}
}
echo "<tr><td><input name=\"create\" $disabled type=\"submit\" value=\"";
if ($account_old) echo _('Modify Account'); if ($account_old) echo _('Modify Account');
else echo _('Create Account'); else echo _('Create Account');
echo '">'."\n"; echo '">'."\n";