checked useredit.php, groupedit.php and delete.php
Now I only need to check mass*.php
This commit is contained in:
parent
3f1a646797
commit
d8aeeb9886
|
@ -210,7 +210,7 @@ function getquotas($type,$user='+') {
|
|||
/* scriptServer is the IP to remote-host to which lam should connect via ssh
|
||||
* scriptPath is Path to lamdaemon.pl on remote system
|
||||
*/
|
||||
exec(("perl ".$_SESSION['lampath']."lib/lamdaemon.pl ".$_SESSION['config']->scriptServer ." ".$_SESSION['config']->scriptPath." ".$towrite), $vals, $status);
|
||||
exec("perl ".$_SESSION['lampath']."lib/lamdaemon.pl ".$_SESSION['config']->scriptServer ." ".$_SESSION['config']->scriptPath." ".$towrite, $vals, $status);
|
||||
/* $vals is a string which contains a two dimensional array.
|
||||
* We have to recreate it with explode
|
||||
*
|
||||
|
@ -702,6 +702,8 @@ function loaduser($dn) {
|
|||
$return->general_dn = ldap_get_dn($_SESSION['ldap']->server(), $entry);
|
||||
$attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
|
||||
|
||||
// Set user samba flag
|
||||
$account_new->smb_flagsW = 0;
|
||||
/* Write attributes into $return.
|
||||
* Some values don't have to be set. These are only loaded if they are set
|
||||
*/
|
||||
|
@ -1668,8 +1670,9 @@ function createhost($values) {
|
|||
if ($_SESSION['config']->is_samba3()) {
|
||||
// Add all attributes as samba3 objectclass
|
||||
$attr['objectClass'][3] = 'sambaSamAccount';
|
||||
$attr['sambaNTPassword'] = 'NO PASSWORD*****';
|
||||
$attr['sambaLMPassword'] = 'NO PASSWORD*****';
|
||||
// "Standard" password for new hosts
|
||||
$attr['sambaNTPassword'] = '0CB6948805F797BF2A82807973B89537';
|
||||
$attr['sambaLMPassword'] = '01FC5A6BE7BC6929AAD3B435B51404EE';
|
||||
$attr['sambaPwdLastSet'] = time(); // sambaAccount_may
|
||||
$attr['sambaSID'] = $values->smb_domain->SID . "-" . (2 * $values->general_uidNumber + $values->smb_domain->RIDbase); // sambaAccount_may
|
||||
$attr['sambaPrimaryGroupSID'] = $values->smb_domain->SID . "-" . (2 * getgid($values->general_group) + $values->smb_domain->RIDbase +1); // sambaAccount_req
|
||||
|
@ -1682,8 +1685,9 @@ function createhost($values) {
|
|||
else {
|
||||
// Add all attributes as samba2.2 objectclass
|
||||
$attr['objectClass'][3] = 'sambaAccount';
|
||||
$attr['ntPassword'] = 'NO PASSWORD*****';
|
||||
$attr['lmPassword'] = 'NO PASSWORD*****';
|
||||
// "Standard" password for new hosts
|
||||
$attr['ntPassword'] = '0CB6948805F797BF2A82807973B89537';
|
||||
$attr['lmPassword'] = '01FC5A6BE7BC6929AAD3B435B51404EE';
|
||||
$attr['pwdLastSet'] = time(); // sambaAccount_may
|
||||
$attr['rid'] = (2 * $values->general_uidNumber + 1000); // sambaAccount_may
|
||||
$attr['primaryGroupID'] = (2 * getgid($values->general_group) + 1001); // sambaAccount_req
|
||||
|
@ -1823,8 +1827,9 @@ function modifyhost($values,$values_old) {
|
|||
}
|
||||
// Reset password
|
||||
if ($values->smb_password_no) {
|
||||
$attr['sambaNTPassword'] = 'NO PASSWORD*****';
|
||||
$attr['sambaLMPassword'] = 'NO PASSWORD*****';
|
||||
// "Standard" password for new hosts
|
||||
$attr['sambaNTPassword'] = '0CB6948805F797BF2A82807973B89537';
|
||||
$attr['sambaLMPassword'] = '01FC5A6BE7BC6929AAD3B435B51404EE';
|
||||
$attr['sambaPwdLastSet'] = time(); // sambaAccount_may
|
||||
$attr['userPassword'] = '';
|
||||
$attr['shadowLastChange'] = getdays();
|
||||
|
@ -1886,8 +1891,9 @@ function modifyhost($values,$values_old) {
|
|||
if (isset($attr_old['sambaSID'][0])) $attr_rem['sambaSID'] = $attr_old['sambaSID'][0];
|
||||
}
|
||||
if ($values->smb_password_no) {
|
||||
$attr['ntPassword'] = 'NO PASSWORD*****';
|
||||
$attr['lmPassword'] = 'NO PASSWORD*****';
|
||||
// "Standard" password for new hosts
|
||||
$attr['ntPassword'] = '0CB6948805F797BF2A82807973B89537';
|
||||
$attr['lmPassword'] = '01FC5A6BE7BC6929AAD3B435B51404EE';
|
||||
$attr['pwdLastSet'] = time(); // sambaAccount_may
|
||||
$attr['userPassword'] = '';
|
||||
$attr['shadowLastChange'] = getdays();
|
||||
|
|
|
@ -37,8 +37,8 @@ session_save_path('../../sess');
|
|||
// Set correct language, codepages, ....
|
||||
setlanguage();
|
||||
|
||||
/* hostaccount.php is using dynamic session varialenames so
|
||||
* we can run several copies of hostaccount.php at the same
|
||||
/* groupedit.php is using dynamic session varialenames so
|
||||
* we can run several copies of groupedit.php at the same
|
||||
* time
|
||||
* $varkey is the dynamic part of the variable name
|
||||
*/
|
||||
|
@ -56,7 +56,6 @@ $ldap_intern =& $_SESSION['ldap'];
|
|||
$config_intern =& $_SESSION['config'];
|
||||
$header_intern =& $_SESSION['header'];
|
||||
$userDN_intern =& $_SESSION['userDN'];
|
||||
// Register Post-Variables as reference
|
||||
|
||||
// $_GET is only valid if groupedit.php was called from grouplist.php
|
||||
if (isset($_GET['DN']) && $_GET['DN']!='') {
|
||||
|
@ -129,7 +128,6 @@ switch ($_POST['select']) {
|
|||
* general = startpage, general account paramters
|
||||
* samba = page with all samba-related parameters e.g. smbpassword
|
||||
* quota = page with all quota-related parameters e.g. hard file quota
|
||||
* personal = page with all personal-related parametergs, e.g. phone number
|
||||
* final = last page shown before account is created/modified
|
||||
* finish = page shown after account has been created/modified
|
||||
*/
|
||||
|
@ -142,11 +140,11 @@ switch ($_POST['select']) {
|
|||
$account_new->unix_memberUid = array_flip($account_new->unix_memberUid);
|
||||
array_unique($account_new->unix_memberUid);
|
||||
$account_new->unix_memberUid = array_flip($account_new->unix_memberUid);
|
||||
// sort user
|
||||
// sort users
|
||||
sort($account_new->unix_memberUid);
|
||||
break;
|
||||
}
|
||||
if (isset($_POST['members']) && isset($_POST['remove'])) { // remove users fromlist
|
||||
if (isset($_POST['members']) && isset($_POST['remove'])) { // remove users from list
|
||||
$account_new->unix_memberUid = array_delete($_POST['members'], $account_new->unix_memberUid);
|
||||
break;
|
||||
}
|
||||
|
@ -155,15 +153,14 @@ switch ($_POST['select']) {
|
|||
$select_local = 'groupmembers';
|
||||
break;
|
||||
case 'general':
|
||||
// Write all general attributes into $account_new if no profile should be loaded
|
||||
if (!$_POST['load']) {
|
||||
// Write all general attributes into $account_new if no profile should be loaded
|
||||
$account_new->general_dn = $_POST['f_general_suffix'];
|
||||
$account_new->general_username = $_POST['f_general_username'];
|
||||
$account_new->general_uidNumber = $_POST['f_general_uidNumber'];
|
||||
$account_new->general_gecos = $_POST['f_general_gecos'];
|
||||
|
||||
// Check if values are OK and set automatic values. if not error-variable will be set
|
||||
|
||||
// Check if Groupname contains only valid characters
|
||||
if ( !ereg('^([a-z]|[0-9]|[.]|[-]|[_])*$', $account_new->general_username))
|
||||
$errors[] = array('ERROR', _('Groupname'), _('Groupname contains invalid characters. Valid characters are: a-z, 0-9 and .-_ !'));
|
||||
|
@ -369,10 +366,10 @@ do { // X-Or, only one if() can be true
|
|||
}
|
||||
// Go back to listgroups.php
|
||||
if ($_POST['backmain']) {
|
||||
metaRefresh("../lists/listgroups.php");
|
||||
if (isset($_SESSION['account_'.$varkey.'_account_new'])) unset($_SESSION['account_'.$varkey.'_account_new']);
|
||||
if (isset($_SESSION['account_'.$varkey.'_account_old'])) unset($_SESSION['account_'.$varkey.'_account_old']);
|
||||
if (isset($_SESSION['account_'.$varkey.'_final_changegids'])) unset($_SESSION['account_'.$varkey.'_final_changegids']);
|
||||
metaRefresh("../lists/listgroups.php");
|
||||
die;
|
||||
break;
|
||||
}
|
||||
|
|
|
@ -90,8 +90,8 @@ switch ($_POST['select']) {
|
|||
* final = page which will be displayed if changes were made
|
||||
*/
|
||||
case 'general':
|
||||
// Write all general values into $account_new if no profile should be loaded
|
||||
if (!$_POST['load']) {
|
||||
// Write all general values into $account_new if no profile should be loaded
|
||||
$account_new->general_dn = $_POST['f_general_suffix'];
|
||||
$account_new->general_username = $_POST['f_general_username'];
|
||||
$account_new->general_uidNumber = $_POST['f_general_uidNumber'];
|
||||
|
@ -272,9 +272,9 @@ do { // X-Or, only one if() can be true
|
|||
}
|
||||
// Go back to listhosts.php
|
||||
if ($_POST['backmain']) {
|
||||
metaRefresh("../lists/listhosts.php");
|
||||
if (isset($_SESSION['account_'.$varkey.'_account_new'])) unset($_SESSION['account_'.$varkey.'_account_new']);
|
||||
if (isset($_SESSION['account_'.$varkey.'_account_old'])) unset($_SESSION['account_'.$varkey.'_account_old']);
|
||||
metaRefresh("../lists/listhosts.php");
|
||||
die;
|
||||
break;
|
||||
}
|
||||
|
|
|
@ -23,6 +23,7 @@ $Id$
|
|||
LDAP Account Manager displays table for creating or modifying accounts in LDAP
|
||||
*/
|
||||
|
||||
// include all needed files
|
||||
include_once('../../lib/account.inc'); // File with all account-funtions
|
||||
include_once('../../lib/config.inc'); // File with configure-functions
|
||||
include_once('../../lib/profiles.inc'); // functions to load and save profiles
|
||||
|
@ -30,10 +31,17 @@ include_once('../../lib/status.inc'); // Return error-message
|
|||
include_once('../../lib/pdf.inc'); // Return a pdf-file
|
||||
include_once('../../lib/ldap.inc'); // LDAP-functions
|
||||
|
||||
// Start session
|
||||
session_save_path('../../sess');
|
||||
@session_start();
|
||||
// Set correct language, codepages, ....
|
||||
setlanguage();
|
||||
|
||||
/* groupedit.php is using dynamic session varialenames so
|
||||
* we can run several copies of groupedit.php at the same
|
||||
* time
|
||||
* $varkey is the dynamic part of the variable name
|
||||
*/
|
||||
if (!isset($_POST['varkey'])) $varkey = session_id().time();
|
||||
else $varkey = $_POST['varkey'];
|
||||
|
||||
|
@ -45,51 +53,56 @@ if (!isset($_SESSION['account_'.$varkey.'_shelllist'])) $_SESSION['account_'.$va
|
|||
// Register Session-Variables with references so we don't net to change to complete code if names changes
|
||||
$account_new =& $_SESSION['account_'.$varkey.'_account_new'];
|
||||
$shelllist =& $_SESSION['account_'.$varkey.'_shelllist'];
|
||||
$final_changegids =& $_SESSION['account_'.$varkey.'_final_changegids'];
|
||||
if (is_object($_SESSION['account_'.$varkey.'_account_old'])) $account_old =& $_SESSION['account_'.$varkey.'_account_old'];
|
||||
|
||||
$ldap_intern =& $_SESSION['ldap'];
|
||||
$config_intern =& $_SESSION['config'];
|
||||
$header_intern =& $_SESSION['header'];
|
||||
$hostDN_intern =& $_SESSION['hostDN'];
|
||||
$groupDN_intern =& $_SESSION['groupDN'];
|
||||
|
||||
|
||||
|
||||
// $_GET is only valid if useredit.php was called from userlist.php
|
||||
if (isset($_GET['DN']) && $_GET['DN']!='') {
|
||||
// useredit.php should edit an existing account
|
||||
// reset variables
|
||||
if (isset($_SESSION['account_'.$varkey.'_account_old'])) {
|
||||
unset($account_old);
|
||||
unset($_SESSION['account_'.$varkey.'_account_old']);
|
||||
}
|
||||
$_SESSION['account_'.$varkey.'_account_old'] = new account();
|
||||
$account_old =& $_SESSION['account_'.$varkey.'_account_old'];
|
||||
// get "real" DN from variable
|
||||
$DN = str_replace("\'", '',$_GET['DN']);
|
||||
// Load existing group
|
||||
$account_new = loaduser($DN);
|
||||
$account_new ->type = 'user';
|
||||
$account_old = $account_new;
|
||||
$account_new->unix_password='';
|
||||
$account_new->smb_password='';
|
||||
$account_new->smb_flagsW = 0;
|
||||
$account_new->general_dn = substr($account_new->general_dn, strpos($account_new->general_dn, ',')+1);
|
||||
$final_changegids = '';
|
||||
// Display general-page
|
||||
$select_local = 'general';
|
||||
}
|
||||
|
||||
else if (count($_POST)==0) { // Startcondition. useredit.php was called from outside
|
||||
// Startcondition. useredit.php was called from outside to create a new group
|
||||
else if (count($_POST)==0) {
|
||||
// Create new account object with settings from default profile
|
||||
$account_new = loadUserProfile('default');
|
||||
$account_new ->type = 'user';
|
||||
$account_new->smb_flagsW = 0;
|
||||
// load quotas from profile and check if they are valid
|
||||
if ($config_intern->scriptServer) {
|
||||
// load quotas and check if quotas from profile are valid
|
||||
$values = getquotas('user');
|
||||
if (isset($account_new->quota[0])) { // check quotas from profile
|
||||
if (isset($account_new->quota[0])) {
|
||||
// check quotas from profile
|
||||
$i=0;
|
||||
// check quota settings
|
||||
// check quota settings, loop for every partition with quotas
|
||||
while (isset($account_new->quota[$i])) {
|
||||
// search if quotas from profile fit to a real quota
|
||||
$found = (-1);
|
||||
for ($j=0; $j<count($values->quota); $j++)
|
||||
if ($values->quota[$j][0]==$account_new->quota[$i][0]) $found = $j;
|
||||
// unset quota from profile if quotas (mointpoint) doesn't exists anymore
|
||||
if ($found==-1) unset($account_new->quota[$i]);
|
||||
else {
|
||||
// Set missing part in quota-array
|
||||
$account_new->quota[$i][1] = $values->quota[$found][1];
|
||||
$account_new->quota[$i][5] = $values->quota[$found][5];
|
||||
$account_new->quota[$i][4] = $values->quota[$found][4];
|
||||
|
@ -97,83 +110,87 @@ if (isset($_GET['DN']) && $_GET['DN']!='') {
|
|||
$i++;
|
||||
}
|
||||
}
|
||||
// Beautify array, repair index
|
||||
$account_new->quota = array_values($account_new->quota);
|
||||
}
|
||||
else { // No quotas saved in profile
|
||||
// Display quotas for new users (Quota set to 0)
|
||||
if (is_object($values)) {
|
||||
while (list($key, $val) = each($values)) // Set only defined values
|
||||
if (isset($val)) $account_new->$key = $val;
|
||||
}
|
||||
}
|
||||
}
|
||||
if (isset($_SESSION['account_'.$varkey.'_account_old'])) {
|
||||
unset($account_old);
|
||||
unset($_SESSION['account_'.$varkey.'_account_old']);
|
||||
}
|
||||
// Display general-page
|
||||
$select_local = 'general';
|
||||
}
|
||||
|
||||
|
||||
switch ($_POST['select']) { // Select which part of page should be loaded and check values
|
||||
// general = startpage, general account paramters
|
||||
// unix = page with all shadow-options and password
|
||||
// samba = page with all samba-related parameters e.g. smbpassword
|
||||
// quota = page with all quota-related parameters e.g. hard file quota
|
||||
// personal = page with all personal-related parametergs, e.g. phone number
|
||||
// final = last page shown before account is created/modified
|
||||
// if account is modified commands might be ran are shown
|
||||
// finish = page shown after account has been created/modified
|
||||
|
||||
switch ($_POST['select']) {
|
||||
/* Select which part of page should be loaded and check values
|
||||
* groups = page with all groups to which user is additional member
|
||||
* workstations = page with all workstations the user is allowed to login
|
||||
* general = startpage, general account paramters
|
||||
* samba = page with all samba-related parameters e.g. smbpassword
|
||||
* quota = page with all quota-related parameters e.g. hard file quota
|
||||
* personal = page with all personal-related parametergs, e.g. phone number
|
||||
* final = last page shown before account is created/modified
|
||||
* finish = page shown after account has been created/modified
|
||||
*/
|
||||
case 'groups':
|
||||
do { // X-Or, only one if() can be true
|
||||
if (isset($_POST['allgroups']) && isset($_POST['add'])) { // Add users to list
|
||||
// Add new user
|
||||
if (isset($_POST['allgroups']) && isset($_POST['add'])) { // Add groups to list
|
||||
// Add new group
|
||||
$account_new->general_groupadd = @array_merge($account_new->general_groupadd, $_POST['allgroups']);
|
||||
// remove doubles
|
||||
$account_new->general_groupadd = @array_flip($account_new->general_groupadd);
|
||||
array_unique($account_new->general_groupadd);
|
||||
$account_new->general_groupadd = @array_flip($account_new->general_groupadd);
|
||||
// sort user
|
||||
// sort groups
|
||||
sort($account_new->general_groupadd);
|
||||
break;
|
||||
}
|
||||
if (isset($_POST['selectedgroups']) && isset($_POST['remove'])) { // remove users fromlist
|
||||
if (isset($_POST['selectedgroups']) && isset($_POST['remove'])) { // remove groups from list
|
||||
$account_new->general_groupadd = array_delete($_POST['selectedgroups'], $account_new->general_groupadd);
|
||||
break;
|
||||
}
|
||||
} while(0);
|
||||
// display group page
|
||||
$select_local = 'groups';
|
||||
break;
|
||||
|
||||
case 'workstations':
|
||||
do { // X-Or, only one if() can be true
|
||||
if (isset($_POST['hosts']) && isset($_POST['add'])) { // Add users to list
|
||||
if (isset($_POST['hosts']) && isset($_POST['add'])) { // Add workstations to list
|
||||
$temp = str_replace(' ', '', $account_new->smb_smbuserworkstations);
|
||||
$workstations = explode (',', $temp);
|
||||
for ($i=0; $i<count($workstations); $i++)
|
||||
if ($workstations[$i]=='') unset($workstations[$i]);
|
||||
$workstations = array_values($workstations);
|
||||
// Add new hosts
|
||||
// Add new // Add workstations
|
||||
$workstations = array_merge($workstations, $_POST['hosts']);
|
||||
// remove doubles
|
||||
$workstations = array_flip($workstations);
|
||||
array_unique($workstations);
|
||||
$workstations = array_flip($workstations);
|
||||
// sort user
|
||||
// sort workstations
|
||||
sort($workstations);
|
||||
// Recreate workstation string
|
||||
$account_new->smb_smbuserworkstations = $workstations[0];
|
||||
for ($i=1; $i<count($workstations); $i++) {
|
||||
$account_new->smb_smbuserworkstations = $account_new->smb_smbuserworkstations . ", " . $workstations[$i];
|
||||
}
|
||||
// display groupmembers page
|
||||
break;
|
||||
}
|
||||
if (isset($_POST['members']) && isset($_POST['remove'])) { // remove users fromlist
|
||||
if (isset($_POST['members']) && isset($_POST['remove'])) { // remove // Add workstations from list
|
||||
// Put all workstations in array
|
||||
$temp = str_replace(' ', '', $account_new->smb_smbuserworkstations);
|
||||
$workstations = explode (',', $temp);
|
||||
for ($i=0; $i<count($workstations); $i++)
|
||||
if ($workstations[$i]=='') unset($workstations[$i]);
|
||||
$workstations = array_values($workstations);
|
||||
// Remove unwanted workstations from array
|
||||
$workstations = array_delete($_POST['members'], $workstations);
|
||||
// Recreate workstation string
|
||||
$account_new->smb_smbuserworkstations = $workstations[0];
|
||||
for ($i=1; $i<count($workstations); $i++) {
|
||||
$account_new->smb_smbuserworkstations = $account_new->smb_smbuserworkstations . ", " . $workstations[$i];
|
||||
|
@ -181,13 +198,12 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
|
|||
break;
|
||||
}
|
||||
} while(0);
|
||||
// display workstations page
|
||||
$select_local = 'workstations';
|
||||
break;
|
||||
|
||||
|
||||
case 'general':
|
||||
// Write all general values into $account_new if no profile should be loaded
|
||||
if (!$_POST['load']) {
|
||||
// Write all general values into $account_new if no profile should be loaded
|
||||
$account_new->general_dn = $_POST['f_general_suffix'];
|
||||
$account_new->general_username = $_POST['f_general_username'];
|
||||
$account_new->general_surname = $_POST['f_general_surname'];
|
||||
|
@ -197,14 +213,6 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
|
|||
$account_new->general_homedir = $_POST['f_general_homedir'];
|
||||
$account_new->general_shell = $_POST['f_general_shell'];
|
||||
$account_new->general_gecos = $_POST['f_general_gecos'];
|
||||
|
||||
// Check if Homedir is valid
|
||||
$account_new->general_homedir = str_replace('$group', $account_new->general_group, $account_new->general_homedir);
|
||||
if ($account_new->general_username != '')
|
||||
$account_new->general_homedir = str_replace('$user', $account_new->general_username, $account_new->general_homedir);
|
||||
if ($account_new->general_homedir != $_POST['f_general_homedir']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.'));
|
||||
if ( !ereg('^[/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*([/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*)*$', $account_new->general_homedir ))
|
||||
$errors[] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.'));
|
||||
// Check if givenname is valid
|
||||
if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $account_new->general_givenname)) $errors[] = array('ERROR', _('Given name'), _('Given name contains invalid characters'));
|
||||
// Check if surname is valid
|
||||
|
@ -234,10 +242,20 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
|
|||
$lastchar = substr($account_new->general_username, strlen($account_new->general_username)-1, 1);
|
||||
// Last character is no number
|
||||
if ( !ereg('^([0-9])+$', $lastchar))
|
||||
/* Last character is no number. Therefore we only have to
|
||||
* add "2" to it.
|
||||
*/
|
||||
$account_new->general_username = $account_new->general_username . '2';
|
||||
else {
|
||||
/* Last character is a number -> we have to increase the number until we've
|
||||
* found a groupname with trailing number which is not in use.
|
||||
*
|
||||
* $i will show us were we have to split groupname so we get a part
|
||||
* with the groupname and a part with the trailing number
|
||||
*/
|
||||
$i=strlen($account_new->general_username)-1;
|
||||
$mark = false;
|
||||
// Set $i to the last character which is a number in $account_new->general_username
|
||||
while (!$mark) {
|
||||
if (ereg('^([0-9])+$',substr($account_new->general_username, $i, strlen($account_new->general_username)-$i))) $i--;
|
||||
else $mark=true;
|
||||
|
@ -245,23 +263,29 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
|
|||
// increase last number with one
|
||||
$firstchars = substr($account_new->general_username, 0, $i+1);
|
||||
$lastchars = substr($account_new->general_username, $i+1, strlen($account_new->general_username)-$i);
|
||||
// Put username together
|
||||
$account_new->general_username = $firstchars . (intval($lastchars)+1);
|
||||
}
|
||||
}
|
||||
// Show warning if lam has changed username
|
||||
if ($account_new->general_username != $_POST['f_general_username']) $errors[] = array('WARN', _('Username'), _('Username in use. Selected next free username.'));
|
||||
|
||||
// Check if Homedir is valid
|
||||
$account_new->general_homedir = str_replace('$group', $account_new->general_group, $account_new->general_homedir);
|
||||
if ($account_new->general_username != '')
|
||||
$account_new->general_homedir = str_replace('$user', $account_new->general_username, $account_new->general_homedir);
|
||||
if ($account_new->general_homedir != $_POST['f_general_homedir']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.'));
|
||||
if ( !ereg('^[/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*([/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*)*$', $account_new->general_homedir ))
|
||||
$errors[] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.'));
|
||||
// Check if UID is valid. If none value was entered, the next useable value will be inserted
|
||||
$temp = explode(':', checkid($account_new, $account_old));
|
||||
$account_new->general_uidNumber = $temp[0];
|
||||
// true if checkid has returned an error
|
||||
if ($temp[1]!='') $errors[] = explode(';',$temp[1]);
|
||||
|
||||
// Check if Name-length is OK. minLength=3, maxLength=20
|
||||
if ( !ereg('.{3,20}', $account_new->general_username)) $errors[] = array('ERROR', _('Name'), _('Name must contain between 3 and 20 characters.'));
|
||||
// Check if Name starts with letter
|
||||
if ( !ereg('^([a-z]|[A-Z]).*$', $account_new->general_username))
|
||||
$errors[] = array('ERROR', _('Name'), _('Name contains invalid characters. First character must be a letter'));
|
||||
|
||||
}
|
||||
break;
|
||||
case 'unix':
|
||||
|
@ -311,7 +335,6 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
|
|||
if ((!$account_new->unix_host=='') && !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-])+(([,])+([ ])*([a-z]|[A-Z]|[0-9]|[.]|[-])+)*$', $account_new->unix_host))
|
||||
$errors[] = array('ERROR', _('Unix workstations'), _('Unix workstations is invalid.'));
|
||||
}
|
||||
|
||||
break;
|
||||
case 'samba':
|
||||
// Write all general values into $account_new
|
||||
|
@ -328,26 +351,19 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
|
|||
$account_new->smb_smbhome = stripslashes($_POST['f_smb_smbhome']);
|
||||
$account_new->smb_profilePath = stripslashes($_POST['f_smb_profilePath']);
|
||||
$account_new->smb_displayName = $_POST['f_smb_displayName'];
|
||||
if ($_POST['f_smb_flagsW']) $account_new->smb_flagsW = true;
|
||||
else $account_new->smb_flagsW = false;
|
||||
if ($_POST['f_smb_flagsD']) $account_new->smb_flagsD = true;
|
||||
else $account_new->smb_flagsD = false;
|
||||
if ($_POST['f_smb_flagsX']) $account_new->smb_flagsX = true;
|
||||
else $account_new->smb_flagsX = false;
|
||||
|
||||
if ($config_intern->is_samba3()) {
|
||||
// samba 3 uses object with SID and domainname
|
||||
$samba3domains = $ldap_intern->search_domains($config_intern->get_domainSuffix());
|
||||
for ($i=0; $i<sizeof($samba3domains); $i++)
|
||||
if ($_POST['f_smb_domain'] == $samba3domains[$i]->name) {
|
||||
$account_new->smb_domain = $samba3domains[$i];
|
||||
}
|
||||
}
|
||||
else {
|
||||
if (isset($_POST['f_smb_domain'])) $account_new->smb_domain = $_POST['f_smb_domain'];
|
||||
else $account_new->smb_domain = '';
|
||||
}
|
||||
|
||||
if ($config_intern->is_samba3())
|
||||
// Check if user is member of a well known windows group
|
||||
switch ($_POST['f_smb_mapgroup']) {
|
||||
case '*'._('Domain Guests'): $account_new->smb_mapgroup = $account_new->smb_domain->SID . "-" . '514'; break;
|
||||
case '*'._('Domain Users'): $account_new->smb_mapgroup = $account_new->smb_domain->SID . "-" . '513'; break;
|
||||
|
@ -357,7 +373,12 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
|
|||
(2 * getgid($account_new->general_group) + $account_new->smb_domain->RIDbase +1);
|
||||
break;
|
||||
}
|
||||
else
|
||||
}
|
||||
else {
|
||||
// samba 2.2 only uses a string as domainname
|
||||
if (isset($_POST['f_smb_domain'])) $account_new->smb_domain = $_POST['f_smb_domain'];
|
||||
else $account_new->smb_domain = '';
|
||||
// Check if user is member of a well known windows group
|
||||
switch ($_POST['f_smb_mapgroup']) {
|
||||
case '*'._('Domain Guests'): $account_new->smb_mapgroup = '514'; break;
|
||||
case '*'._('Domain Users'): $account_new->smb_mapgroup = '513'; break;
|
||||
|
@ -366,30 +387,27 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
|
|||
$account_new->smb_mapgroup = (2 * getgid($account_new->general_group) + 1001);
|
||||
break;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
// Set samba password
|
||||
$smb_password = $_POST['f_smb_password'];
|
||||
|
||||
// Decrypt unix-password if needed password
|
||||
$iv = base64_decode($_COOKIE["IV"]);
|
||||
$key = base64_decode($_COOKIE["Key"]);
|
||||
if ( ($account_new->smb_useunixpwd && !$account_old) || ($account_new->smb_useunixpwd && $account_new->unix_password!='') ) {
|
||||
$smb_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($account_new->unix_password), MCRYPT_MODE_ECB, $iv);
|
||||
$smb_password = str_replace(chr(00), '', $smb_password);
|
||||
// Set Samba-Password to unix-password if option is set
|
||||
$unix_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($account_new->unix_password), MCRYPT_MODE_ECB, $iv);
|
||||
$smb_password = str_replace(chr(00), '', $unix_password);
|
||||
}
|
||||
// Check values
|
||||
$account_new->smb_scriptPath = str_replace('$user', $account_new->general_username, $account_new->smb_scriptPath);
|
||||
$account_new->smb_scriptPath = str_replace('$group', $account_new->general_group, $account_new->smb_scriptPath);
|
||||
if ($account_new->smb_scriptPath != $_POST['f_smb_scriptpath']) $errors[] = array('INFO', _('Script path'), _('Inserted user- or groupname in scriptpath.'));
|
||||
|
||||
$account_new->smb_profilePath = str_replace('$user', $account_new->general_username, $account_new->smb_profilePath);
|
||||
$account_new->smb_profilePath = str_replace('$group', $account_new->general_group, $account_new->smb_profilePath);
|
||||
if ($account_new->smb_profilePath != stripslashes($_POST['f_smb_profilePath'])) $errors[] = array('INFO', _('Profile path'), _('Inserted user- or groupname in profilepath.'));
|
||||
|
||||
$account_new->smb_smbhome = str_replace('$user', $account_new->general_username, $account_new->smb_smbhome);
|
||||
$account_new->smb_smbhome = str_replace('$group', $account_new->general_group, $account_new->smb_smbhome);
|
||||
if ($account_new->smb_smbhome != stripslashes($_POST['f_smb_smbhome'])) $errors[] = array('INFO', _('Home path'), _('Inserted user- or groupname in HomePath.'));
|
||||
|
||||
if ( (!$account_new->smb_smbhome=='') && (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+)+$', $account_new->smb_smbhome)))
|
||||
$errors[] = array('ERROR', _('Home path'), _('Home path is invalid.'));
|
||||
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$',
|
||||
|
@ -403,12 +421,10 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
|
|||
if ((!$account_new->smb_domain=='') && (!is_object($account_new->smb_domain)) && !ereg('^([a-z]|[A-Z]|[0-9]|[-])+$', $account_new->smb_domain))
|
||||
$errors[] = array('ERROR', _('Domain name'), _('Domain name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and -.'));
|
||||
if ($account_new->smb_useunixpwd) $account_new->smb_useunixpwd = 1; else $account_new->smb_useunixpwd = 0;
|
||||
|
||||
if (($account_new->smb_displayName=='') && isset($account_new->general_gecos)) {
|
||||
$account_new->smb_displayName = $account_new->general_gecos;
|
||||
$errors[] = array('INFO', _('Display name'), _('Inserted gecos-field as display name.'));
|
||||
}
|
||||
|
||||
if ($smb_password!='') {
|
||||
// Encrypt password
|
||||
$account_new->smb_password = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $smb_password,
|
||||
|
@ -419,6 +435,7 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
|
|||
case 'quota':
|
||||
// Write all general values into $account_new
|
||||
$i=0;
|
||||
// loop for every mointpoint with quotas
|
||||
while ($account_new->quota[$i][0]) {
|
||||
$account_new->quota[$i][2] = $_POST['f_quota_'.$i.'_2'];
|
||||
$account_new->quota[$i][3] = $_POST['f_quota_'.$i.'_3'];
|
||||
|
@ -436,7 +453,6 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
|
|||
$i++;
|
||||
}
|
||||
break;
|
||||
|
||||
case 'personal':
|
||||
// Write all general values into $account_new
|
||||
$account_new->personal_title = $_POST['f_personal_title'];
|
||||
|
@ -459,16 +475,13 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
|
|||
if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $account_new->personal_employeeType)) $errors[] = array('ERROR', _('Employee type'), _('Please enter a valid employee type!'));
|
||||
if ( !ereg('^([0-9]|[A-Z]|[a-z])*$', $account_new->personal_postalCode)) $errors[] = array('ERROR', _('Postal code'), _('Please enter a valid postal code!'));
|
||||
break;
|
||||
|
||||
case 'final':
|
||||
// Write all general values into $account_new
|
||||
if ($_POST['f_final_changegids']) $final_changegids = $_POST['f_final_changegids'] ;
|
||||
// Check which part Site should be displayed next
|
||||
break;
|
||||
case 'finish':
|
||||
// Check if pdf-file should be created
|
||||
if ($_POST['outputpdf']) {
|
||||
// Quota Settings
|
||||
// Load quotas if not yet done because they are needed for the pdf-file
|
||||
if ($config_intern->scriptServer && !isset($account_new->quota[0])) { // load quotas
|
||||
$values = getquotas('user', $account_old->general_username);
|
||||
if (is_object($values)) {
|
||||
|
@ -480,7 +493,9 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
|
|||
if (isset($val)) $account_old->$key = $val;
|
||||
}
|
||||
}
|
||||
createUserPDF(array($account_new));
|
||||
// Create / display PDf-file
|
||||
createUSerPDF(array($account_new));
|
||||
// Stop script
|
||||
die;
|
||||
}
|
||||
break;
|
||||
|
@ -490,50 +505,96 @@ switch ($_POST['select']) { // Select which part of page should be loaded and ch
|
|||
|
||||
do { // X-Or, only one if() can be true
|
||||
if ($_POST['next_general']) {
|
||||
// Go from general to next page if no error did ocour
|
||||
if (!is_array($errors)) $select_local='general';
|
||||
else $select_local=$_POST['select'];
|
||||
break;
|
||||
}
|
||||
if ($_POST['next_unix']) {
|
||||
// Go from unix to next page if no error did ocour
|
||||
if (!is_array($errors)) $select_local='unix';
|
||||
else $select_local=$_POST['select'];
|
||||
break;
|
||||
}
|
||||
if ($_POST['next_samba']) {
|
||||
// Go from samba to next page if no error did ocour
|
||||
if (!is_array($errors)) $select_local='samba';
|
||||
else $select_local=$_POST['select'];
|
||||
break;
|
||||
}
|
||||
if ($_POST['next_quota']) {
|
||||
// Go from quota to next page if no error did ocour
|
||||
if (!is_array($errors)) $select_local='quota';
|
||||
else $select_local=$_POST['select'];
|
||||
break;
|
||||
}
|
||||
if ($_POST['next_personal']) {
|
||||
// Go from personal to next page if no error did ocour
|
||||
if (!is_array($errors)) $select_local='personal';
|
||||
else $select_local=$_POST['select'];
|
||||
break;
|
||||
}
|
||||
if ($_POST['next_final']) {
|
||||
// Go from final to next page if no error did ocour
|
||||
if (($account_old) && ($account_new->general_uidNumber != $account_old->general_uidNumber))
|
||||
$errors[] = array('INFO', _('UID-number has changed. You have to run the following command as root in order to change existing file-permissions:'),
|
||||
'find / -gid ' . $account_old->general_uidNumber . ' -exec chown ' . $account_new->general_uidNumber . ' {} \;');
|
||||
if (($account_old) && ($account_new->general_group != $account_old->general_group))
|
||||
$errors[] = array('INFO', _('Primary group has changed. You have to run the following command as root in order to change existing file-permissions:'),
|
||||
'find / -uid ' . $account_new->general_uidNumber . ' -gid ' . getgid($account_old->general_group) .' -exec chown ' . $account_new->general_uidNumber . ':'.getgid($account_new->general_group). ' {} \;');
|
||||
if (($account_old) && ($account_new->general_homedir != $account_old->general_homedir))
|
||||
$errors[] = array('INFO', _('Home Directory has changed. You have to run the following command as root in order to change the existing homedirectory:'),
|
||||
'mv ' . $account_old->general_homedir . ' ' . $account_new->general_homedir);
|
||||
if ($config_intern->is_samba3() && !isset($account_new->smb_domain))
|
||||
// Samba page not viewed; can not create user because if missing options
|
||||
$errors[] = array("ERROR", _("Samba Options not set!"), _("Please check settings on samba page."));
|
||||
else {
|
||||
$found = false;
|
||||
if (strstr($account_new->smb_scriptPath, '$group')) $found = true;
|
||||
if (strstr($account_new->smb_scriptPath, '$user')) $found = true;
|
||||
if (strstr($account_new->smb_profilePath, '$group')) $found = true;
|
||||
if (strstr($account_new->smb_profilePath, '$user')) $found = true;
|
||||
if (strstr($account_new->smb_smbhome, '$group')) $found = true;
|
||||
if (strstr($account_new->smb_smbhome, '$user')) $found = true;
|
||||
if ($found)
|
||||
// Samba page not viewed; can not create group because if missing options
|
||||
$errors[] = array("ERROR", _("Samba Options not set!"), _("Please check settings on samba page."));
|
||||
}
|
||||
if (isset($account_old->general_objectClass)) {
|
||||
if (!in_array('posixAccount', $account_old->general_objectClass))
|
||||
$errors[] = array('WARN', _('ObjectClass posixAccount not found.'), _('Have to add objectClass posixAccount.'));
|
||||
if (!in_array('shadowAccount', $account_old->general_objectClass))
|
||||
$errors[] = array('WARN', _('ObjectClass shadowAccount.'), _('Have to add objectClass shadowAccount.'));
|
||||
if ($config_intern->is_samba3()) {
|
||||
if (!in_array('sambaSamAccount', $account_old->general_objectClass))
|
||||
$errors[] = array('WARN', _('ObjectClass sambaSamAccount not found.'), _('Have to add objectClass sambaSamAccount. USer with sambaAccount will be updated.'));
|
||||
}
|
||||
else {
|
||||
if (!in_array('sambaAccount', $account_old->general_objectClass))
|
||||
$errors[] = array('WARN', _('ObjectClass sambaAccount not found.'), _('Have to add objectClass sambaAccount. User with sambaSamAccount will be set back to sambaAccount.'));
|
||||
}
|
||||
}
|
||||
if (!is_array($errors)) $select_local='final';
|
||||
else $select_local=$_POST['select'];
|
||||
break;
|
||||
}
|
||||
if ($_POST['next_workstations']) {
|
||||
// Go from workstations to next page if no error did ocour
|
||||
if (!is_array($errors)) $select_local='workstations';
|
||||
else $select_local=$_POST['select'];
|
||||
break;
|
||||
}
|
||||
if ($_POST['next_groups']) {
|
||||
// Go from groups to next page if no error did ocour
|
||||
if (!is_array($errors)) $select_local='groups';
|
||||
else $select_local=$_POST['select'];
|
||||
break;
|
||||
}
|
||||
// Reset account to original settings if undo-button was pressed
|
||||
if ($_POST['next_reset']) {
|
||||
$account_new = $account_old;
|
||||
$account_new->unix_password='';
|
||||
$account_new->smb_password='';
|
||||
$account_new->smb_flagsW = 0;
|
||||
$account_new->general_dn = substr($account_new->general_dn, strpos($account_new->general_dn, ',')+1);
|
||||
$select_local = $_POST['select'];
|
||||
break;
|
||||
|
@ -542,19 +603,22 @@ do { // X-Or, only one if() can be true
|
|||
// Create or modify an account
|
||||
if ($account_old) $result = modifyuser($account_new,$account_old);
|
||||
else $result = createuser($account_new); // account.inc
|
||||
if ( $result==1 || $result==3 ) $select_local = 'finish';
|
||||
else $select_local = 'final';
|
||||
if ( $result==4 || $result==5 ) $select_local = 'final';
|
||||
else $select_local = 'finish';
|
||||
break;
|
||||
}
|
||||
// Load Profile and reset all attributes to settings in profile
|
||||
if ($_POST['createagain']) {
|
||||
$select_local='general';
|
||||
unset ($_SESSION['account_'.$varkey.'_account_new']);
|
||||
unset($account_new);
|
||||
$account_new = loadUserProfile('default');
|
||||
$_SESSION['account_'.$varkey.'_account_new'] = loadUserProfile('default');
|
||||
$account_new =& $_SESSION['account_'.$varkey.'_account_new'];
|
||||
$account_new ->type = 'user';
|
||||
break;
|
||||
}
|
||||
// Load Profile and reset all attributes to settings in profile
|
||||
if ($_POST['load']) {
|
||||
// load profile
|
||||
$account_new->general_dn = $_POST['f_general_suffix'];
|
||||
$account_new->general_username = $_POST['f_general_username'];
|
||||
$account_new->general_surname = $_POST['f_general_surname'];
|
||||
|
@ -578,27 +642,28 @@ do { // X-Or, only one if() can be true
|
|||
$account_new->smb_scriptPath = str_replace('$group', $account_new->general_group, $account_new->smb_scriptPath);
|
||||
if ($account_new->general_username != '')
|
||||
$account_new->smb_scriptPath = str_replace('$user', $account_new->general_username, $account_new->smb_scriptPath);
|
||||
|
||||
$account_new->smb_profilePath = str_replace('$group', $account_new->general_group, $account_new->smb_profilePath);
|
||||
if ($account_new->general_username != '')
|
||||
$account_new->smb_profilePath = str_replace('$user', $account_new->general_username, $account_new->smb_profilePath);
|
||||
|
||||
$account_new->smb_smbhome = str_replace('$group', $account_new->general_group, $account_new->smb_smbhome);
|
||||
if ($account_new->general_username != '')
|
||||
$account_new->smb_smbhome = str_replace('$user', $account_new->general_username, $account_new->smb_smbhome);
|
||||
|
||||
if ($config_intern->scriptServer) {
|
||||
// load quotas from profile and check if they are valid
|
||||
$values = getquotas('user', $account_old->general_username);
|
||||
if (isset($account_new->quota[0])) { // check quotas from profile
|
||||
// load quotas and check if quotas from profile are valid
|
||||
$values = getquotas('user');
|
||||
if (isset($account_new->quota[0])) {
|
||||
// check quotas from profile
|
||||
$i=0;
|
||||
// check quota settings
|
||||
// check quota settings, loop for every partition with quotas
|
||||
while (isset($account_new->quota[$i])) {
|
||||
// search if quotas from profile fit to a real quota
|
||||
$found = (-1);
|
||||
for ($j=0; $j<count($values->quota); $j++)
|
||||
if ($values->quota[$j][0]==$account_new->quota[$i][0]) $found = $j;
|
||||
// unset quota from profile if quotas (mointpoint) doesn't exists anymore
|
||||
if ($found==-1) unset($account_new->quota[$i]);
|
||||
else {
|
||||
// Set missing part in quota-array
|
||||
$account_new->quota[$i][1] = $values->quota[$found][1];
|
||||
$account_new->quota[$i][5] = $values->quota[$found][5];
|
||||
$account_new->quota[$i][4] = $values->quota[$found][4];
|
||||
|
@ -606,27 +671,35 @@ do { // X-Or, only one if() can be true
|
|||
$i++;
|
||||
}
|
||||
}
|
||||
// Beautify array, repair index
|
||||
$account_new->quota = array_values($account_new->quota);
|
||||
}
|
||||
else { // No quotas saved in profile
|
||||
// Display quotas for new users (Quota set to 0)
|
||||
if (is_object($values)) {
|
||||
while (list($key, $val) = each($values)) // Set only defined values
|
||||
if (isset($val)) $account_new->$key = $val;
|
||||
}
|
||||
}
|
||||
$account_old->quota = $values->quota;
|
||||
}
|
||||
// select general page after group has been loaded
|
||||
$select_local='general';
|
||||
break;
|
||||
}
|
||||
// Save Profile
|
||||
if ($_POST['save']) {
|
||||
// save profile
|
||||
saveUserProfile($account_new, $_POST['f_finish_safeProfile']);
|
||||
if ($_POST['f_finish_safeProfile']=='')
|
||||
$errors[] = array('ERROR', _('Save profile'), _('No profilename given.'));
|
||||
else {
|
||||
saveUSerProfile($account_new, $_POST['f_finish_safeProfile']);
|
||||
$errors[] = array('INFO', _('Save profile'), _('New profile created.'));
|
||||
}
|
||||
// select last page displayed before user is created
|
||||
$select_local='final';
|
||||
break;
|
||||
}
|
||||
// Go back to listgroups.php
|
||||
if ($_POST['backmain']) {
|
||||
if (isset($_SESSION['account_'.$varkey.'_account_new'])) unset($_SESSION['account_'.$varkey.'_account_new']);
|
||||
if (isset($_SESSION['account_'.$varkey.'_account_old'])) unset($_SESSION['account_'.$varkey.'_account_old']);
|
||||
|
@ -636,7 +709,6 @@ do { // X-Or, only one if() can be true
|
|||
die;
|
||||
break;
|
||||
}
|
||||
if (!$select_local) $select_local='general';
|
||||
} while(0);
|
||||
|
||||
|
||||
|
@ -652,31 +724,38 @@ echo "</title>\n".
|
|||
"<form action=\"useredit.php\" method=\"post\">\n".
|
||||
"<input name=\"varkey\" type=\"hidden\" value=\"".$varkey."\">\n";
|
||||
|
||||
// Display errir-messages
|
||||
if (is_array($errors))
|
||||
for ($i=0; $i<sizeof($errors); $i++) StatusMessage($errors[$i][0], $errors[$i][1], $errors[$i][2]);
|
||||
|
||||
// print_r($account_new);
|
||||
// print_r($_POST);
|
||||
|
||||
switch ($select_local) { // Select which part of page will be loaded
|
||||
// general = startpage, general account paramters
|
||||
// unix = page with all shadow-options and password
|
||||
// samba = page with all samba-related parameters e.g. smbpassword
|
||||
// quota = page with all quota-related parameters e.g. hard file quota
|
||||
// personal = page with all personal-related parametergs, e.g. phone number
|
||||
// final = last page shown before account is created/modified
|
||||
// if account is modified commands might be ran are shown
|
||||
// finish = page shown after account has been created/modified
|
||||
|
||||
switch ($select_local) {
|
||||
/* Select which part of page should be loaded and check values
|
||||
* groups = page with all groups to which user is additional member
|
||||
* workstations = page with all workstations the user is allowed to login
|
||||
* general = startpage, general account paramters
|
||||
* samba = page with all samba-related parameters e.g. smbpassword
|
||||
* quota = page with all quota-related parameters e.g. hard file quota
|
||||
* personal = page with all personal-related parametergs, e.g. phone number
|
||||
* final = last page shown before account is created/modified
|
||||
* finish = page shown after account has been created/modified
|
||||
*/
|
||||
case 'workstations':
|
||||
// Validate cache-array
|
||||
ldapreload('host');
|
||||
// Get copy of cache-array
|
||||
$temp2 = $hostDN_intern;
|
||||
// unset timestamp stored in $temp2[0]
|
||||
unset($temp2[0]);
|
||||
// Remove $ from workstations
|
||||
foreach ($temp2 as $temp) $hosts[] = str_replace("$", '',$temp['cn']);
|
||||
// sort workstations
|
||||
sort($hosts, SORT_STRING);
|
||||
// get workstation array
|
||||
$temp = str_replace(' ', '', $account_new->smb_smbuserworkstations);
|
||||
$workstations = explode (',', $temp);
|
||||
// Remove workstations to which the user is allowed to login from array
|
||||
$hosts = array_delete($workstations, $hosts);
|
||||
echo '<input name="select" type="hidden" value="workstations">';
|
||||
echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";
|
||||
|
@ -706,6 +785,7 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
echo "<fieldset class=\"useredit-bright\"><legend class=\"useredit-bright\">";
|
||||
echo _("Allowed workstations");
|
||||
echo "</legend>\n";
|
||||
// display all workstations the user is allowed to login
|
||||
if (count($workstations)!=0) {
|
||||
echo "<select name=\"members[]\" class=\"useredit-bright\" size=15 multiple>\n";
|
||||
for ($i=0; $i<count($workstations); $i++)
|
||||
|
@ -720,6 +800,7 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
echo "<td valign=\"top\"><fieldset class=\"useredit-bright\"><legend class=\"useredit-bright\">";
|
||||
echo _('Available workstations');
|
||||
echo "</legend>\n";
|
||||
// Display all workstations without these the user is allowed to login
|
||||
if (count($hosts)!=0) {
|
||||
echo "<select name=\"hosts[]\" size=15 multiple class=\"useredit-bright\">\n";
|
||||
foreach ($hosts as $temp) echo " <option>$temp</option>\n";
|
||||
|
@ -729,18 +810,23 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
echo "<input name=\"next_samba\" type=\"submit\" value=\""; echo _('Back'); echo "\">\n";
|
||||
echo "</fieldset></td></tr></table>\n</td></tr>\n</table>\n";
|
||||
break;
|
||||
|
||||
case 'groups':
|
||||
// Validate cache-array
|
||||
ldapreload('group');
|
||||
// Get copy of cache-array
|
||||
$temp2 = $groupDN_intern;
|
||||
// unset timestamp stored in $temp2[0]
|
||||
unset($temp2[0]);
|
||||
// load list with all groups
|
||||
foreach ($temp2 as $temp) $groups[] = $temp['cn'];
|
||||
// sort groups
|
||||
sort($groups, SORT_STRING);
|
||||
// remove groups the user is member of from grouplist
|
||||
$groups = array_delete($account_new->general_groupadd, $groups);
|
||||
// Remove primary group from grouplist
|
||||
$groups = array_flip($groups);
|
||||
unset ($groups[$account_new->general_group]);
|
||||
if (isset($groups[$account_new->general_group])) unset ($groups[$account_new->general_group]);
|
||||
$groups = array_flip($groups);
|
||||
|
||||
echo '<input name="select" type="hidden" value="groups">';
|
||||
echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";
|
||||
echo "<table><tr><td><fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>";
|
||||
|
@ -769,6 +855,7 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
echo "<fieldset class=\"useredit-bright\"><legend class=\"useredit-bright\">";
|
||||
echo _("Selected groups");
|
||||
echo "</legend>\n";
|
||||
// Show all groups the user is additional member of
|
||||
if (count($account_new->general_groupadd)!=0) {
|
||||
echo "<select name=\"selectedgroups[]\" class=\"useredit-bright\" size=15 multiple>\n";
|
||||
for ($i=0; $i<count($account_new->general_groupadd); $i++)
|
||||
|
@ -783,6 +870,7 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
echo "<td valign=\"top\"><fieldset class=\"useredit-bright\"><legend class=\"useredit-bright\">";
|
||||
echo _('Available groups');
|
||||
echo "</legend>\n";
|
||||
// show all groups expect these the user is member of
|
||||
if (count($groups)!=0) {
|
||||
echo "<select name=\"allgroups[]\" size=15 multiple class=\"useredit-bright\">\n";
|
||||
foreach ($groups as $temp) {
|
||||
|
@ -795,15 +883,12 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
echo "<input name=\"next_general\" type=\"submit\" value=\""; echo _('Back'); echo "\">\n";
|
||||
echo "</fieldset></td></tr></table>\n</td></tr>\n</table>\n";
|
||||
break;
|
||||
|
||||
|
||||
case 'general':
|
||||
// General Account Settings
|
||||
// load list of all groups
|
||||
$groups = findgroups();
|
||||
// load list of profiles
|
||||
$profilelist = getUserProfiles();
|
||||
// Show page info
|
||||
// Show page info
|
||||
echo '<input name="select" type="hidden" value="general">';
|
||||
echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";
|
||||
echo "<table><tr><td><fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>";
|
||||
|
@ -889,6 +974,7 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
'<a href="../help.php?HelpNumber=405" target="lamhelp">'._('Help').'</a>'.
|
||||
'</td></tr>'."\n".'<tr><td>';
|
||||
echo _('Suffix'); echo '</td><td><select name="f_general_suffix">';
|
||||
// loop through all user suffixes
|
||||
foreach ($ldap_intern->search_units($config_intern->get_UserSuffix()) as $suffix) {
|
||||
if ($account_new->general_dn) {
|
||||
if ($account_new->general_dn == $suffix)
|
||||
|
@ -901,6 +987,7 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
"</a></td>\n</tr>\n</table>";
|
||||
echo _('Values with * are required');
|
||||
echo "</fieldset>\n</td></tr><tr><td>";
|
||||
// Show fieldset with list of all user profiles
|
||||
if (count($profilelist)!=0) {
|
||||
echo "<fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>";
|
||||
echo _("Load profile");
|
||||
|
@ -913,7 +1000,6 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
echo _('Help')."</a></td>\n</tr>\n</table>\n</fieldset>\n";
|
||||
}
|
||||
echo "</td></tr>\n</table>\n</td></tr></table>\n";
|
||||
|
||||
break;
|
||||
case 'unix':
|
||||
// Unix Password Settings
|
||||
|
@ -925,6 +1011,7 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
$password = str_replace(chr(00), '', $password);
|
||||
}
|
||||
else $password='';
|
||||
// Use dd-mm-yyyy format of date because it's easier to read for humans
|
||||
$date = getdate ($account_new->unix_pwdexpire);
|
||||
echo "<input name=\"select\" type=\"hidden\" value=\"unix\">\n";
|
||||
echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";
|
||||
|
@ -1005,16 +1092,19 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
if ($account_new->unix_deactivated) echo ' checked ';
|
||||
echo '></td>'."\n".'<td>'.
|
||||
'<a href="../help.php?HelpNumber=427" target="lamhelp">'._('Help').'</a>'.
|
||||
'</td></tr>'."\n".'<tr><td>';
|
||||
'</td></tr>'."\n";
|
||||
// show only hosts if schema does allow hosts
|
||||
if ($_SESSION['ldap']->support_unix_hosts) {
|
||||
echo '<tr><td>';
|
||||
echo _('Unix workstations');
|
||||
echo '</td>'."\n".'<td><input name="f_unix_host" type="text" size="20" maxlength="80" value="' . $account_new->unix_host . '">'.
|
||||
'</td>'."\n".'<td>'.
|
||||
'<a href="../help.php?HelpNumber=466" target="lamhelp">'._('Help').
|
||||
"</a></td>\n</tr>\n</table>";
|
||||
"</a></td>\n</tr>\n";
|
||||
}
|
||||
echo "</table>\n";
|
||||
echo _('Values with * are required');
|
||||
echo "</fieldset>\n</td></tr></table></td></tr>\n</table>\n";
|
||||
|
||||
|
||||
break;
|
||||
case 'samba':
|
||||
// Samba Settings
|
||||
|
@ -1027,10 +1117,11 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
}
|
||||
else $password = "";
|
||||
if ($config_intern->is_samba3()) $samba3domains = $ldap_intern->search_domains($config_intern->get_domainSuffix());
|
||||
// Use dd-mm-yyyy format of date because it's easier to read for humans
|
||||
$canchangedate = getdate($account_new->smb_pwdcanchange);
|
||||
$mustchangedate = getdate($account_new->smb_pwdmustchange);
|
||||
|
||||
echo '<input name="select" type="hidden" value="samba">';
|
||||
// Save all values smaller than "day" so we don't loose them
|
||||
echo '<input name="f_smb_pwdcanchange_h" type="hidden" value="'.$canchangedate['hours'].'">'.
|
||||
'<input name="f_smb_pwdcanchange_m" type="hidden" value="'.$canchangedate['minutes'].'">'.
|
||||
'<input name="f_smb_pwdcanchange_s" type="hidden" value="'.$canchangedate['seconds'].'">'.
|
||||
|
@ -1132,7 +1223,7 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
'</td></tr>'."\n".'<tr><td>';
|
||||
echo _('Home drive');
|
||||
echo '</td>'."\n".'<td><select name="f_smb_homedrive" >';
|
||||
for ($i=68; $i<91; $i++)
|
||||
for ($i=90; $i>67; $i--)
|
||||
if ($account_new->smb_homedrive== chr($i).':') echo '<option selected> '.chr($i).':</option>'; else echo '<option> '.chr($i).':</option>';
|
||||
echo '</select></td>'."\n".'<td>'.
|
||||
'<a href="../help.php?HelpNumber=433" target="lamhelp">'._('Help').'</a>'.
|
||||
|
@ -1159,6 +1250,7 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
'</td></tr>'."\n".'<tr><td>';
|
||||
echo _('Windows groupname');
|
||||
echo '</td>'."\n".'<td><select name="f_smb_mapgroup" >';
|
||||
// Display if group SID should be mapped to a well kown SID
|
||||
if ($config_intern->samba3=='yes') {
|
||||
if ( $account_new->smb_mapgroup == $account_new->smb_domain->SID . "-".
|
||||
(2 * getgid($account_new->general_group) + $values->smb_domain->RIDbase+1)) {
|
||||
|
@ -1240,7 +1332,9 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
'<a href="../help.php?HelpNumber=464" target="lamhelp">'._('Help').'</a>'.
|
||||
'</td></tr>'."\n".'<tr><td>';
|
||||
echo _('Domain');
|
||||
// select which domain name should be displayed
|
||||
if ($config_intern->is_samba3()) {
|
||||
// samba 3 uses object to store SID and name of domain
|
||||
echo '</td><td><select name="f_smb_domain">';
|
||||
for ($i=0; $i<sizeof($samba3domains); $i++) {
|
||||
if ($account_new->smb_domain->name) {
|
||||
|
@ -1253,6 +1347,7 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
echo '</select>';
|
||||
}
|
||||
else {
|
||||
// Samba 2.2 just uses a string as domain name
|
||||
echo '</td>'."\n".'<td><input name="f_smb_domain" type="text" size="20" maxlength="80" value="' . $account_new->smb_domain . '">';
|
||||
}
|
||||
echo '</td>'."\n".'<td><a href="../help.php?HelpNumber=438" target="lamhelp">'._('Help').'</a></td></tr>'."\n";
|
||||
|
@ -1260,6 +1355,7 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
break;
|
||||
case 'quota':
|
||||
// Quota Settings
|
||||
// Load quotas if not yet done
|
||||
if ($config_intern->scriptServer && !isset($account_new->quota[0])) { // load quotas
|
||||
$values = getquotas('user', $account_old->general_username);
|
||||
if (is_object($values)) {
|
||||
|
@ -1303,6 +1399,7 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
'<a href="../help.php?HelpNumber=445" target="lamhelp">'._('Help').'</a></td>'."\n".'<td><a href="../help.php?HelpNumber=446" target="lamhelp">'._('Help').'</a></td>'."\n".'<td>'.
|
||||
'<a href="../help.php?HelpNumber=447" target="lamhelp">'._('Help').'</a></td></tr>'."\n";
|
||||
$i=0;
|
||||
// loop for every mointpoint with enabled quotas
|
||||
while ($account_new->quota[$i][0]) {
|
||||
echo '<tr><td>'.$account_new->quota[$i][0].'</td><td>'.$account_new->quota[$i][1].'</td>'; // used blocks
|
||||
echo '<td><input name="f_quota_'.$i.'_2" type="text" size="12" maxlength="20" value="'.$account_new->quota[$i][2].'"></td>'; // blocks soft limit
|
||||
|
@ -1316,7 +1413,6 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
}
|
||||
echo "</table>\n</fieldset>\n</td></tr></table></td></tr>\n</table>\n";
|
||||
break;
|
||||
|
||||
case 'personal':
|
||||
// Personal Settings
|
||||
echo "<input name=\"select\" type=\"hidden\" value=\"personal\">\n";
|
||||
|
@ -1399,12 +1495,6 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
break;
|
||||
case 'final':
|
||||
// Final Settings
|
||||
$disabled = "";
|
||||
if ($config_intern->is_samba3()) {
|
||||
if (!isset($account_new->smb_domain)) { // Samba page nit viewd; can not create group because if missing options
|
||||
$disabled = "disabled";
|
||||
}
|
||||
}
|
||||
echo '<input name="select" type="hidden" value="final">';
|
||||
echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";
|
||||
echo "<table><tr><td><fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>";
|
||||
|
@ -1440,76 +1530,7 @@ switch ($select_local) { // Select which part of page will be loaded
|
|||
else echo _('Create');
|
||||
echo "</b></legend>\n";
|
||||
echo "<table border=0 width=\"100%\">";
|
||||
if (($account_old) && ($account_new->general_uidNumber != $account_old->general_uidNumber)) {
|
||||
echo '<tr>';
|
||||
StatusMessage ('INFO', _('UID-number has changed. You have to run the following command as root in order to change existing file-permissions:'),
|
||||
'find / -gid ' . $account_old->general_uidNumber . ' -exec chown ' . $account_new->general_uidNumber . ' {} \;');
|
||||
echo '</tr>'."\n";
|
||||
}
|
||||
if (($account_old) && ($account_new->general_group != $account_old->general_group)) {
|
||||
echo '<tr>';
|
||||
StatusMessage ('INFO', _('Primary group has changed. You have to run the following command as root in order to change existing file-permissions:'),
|
||||
'find / -uid ' . $account_new->general_uidNumber . ' -gid ' . getgid($account_old->general_group) .' -exec chown ' . $account_new->general_uidNumber . ':'.getgid($account_new->general_group). ' {} \;');
|
||||
echo '</tr>'."\n";
|
||||
}
|
||||
if (($account_old) && ($account_new->general_homedir != $account_old->general_homedir)) {
|
||||
echo '<tr>';
|
||||
StatusMessage ('INFO', _('Home Directory has changed. You have to run the following command as root in order to change the existing homedirectory:'),
|
||||
'mv ' . $account_old->general_homedir . ' ' . $account_new->general_homedir);
|
||||
echo '</tr>'."\n";
|
||||
}
|
||||
|
||||
if ($disabled=='disabled') { // Samba page nit viewd; can not create group because if missing options
|
||||
echo "<tr>";
|
||||
StatusMessage("ERROR", _("Samba Options not set!"), _("Please check settings on samba page."));
|
||||
echo "</tr>";
|
||||
}
|
||||
|
||||
else {
|
||||
$found = false;
|
||||
if (strstr($account_new->smb_scriptPath, '$group')) $found = true;
|
||||
if (strstr($account_new->smb_scriptPath, '$user')) $found = true;
|
||||
if (strstr($account_new->smb_profilePath, '$group')) $found = true;
|
||||
if (strstr($account_new->smb_profilePath, '$user')) $found = true;
|
||||
if (strstr($account_new->smb_smbhome, '$group')) $found = true;
|
||||
if (strstr($account_new->smb_smbhome, '$user')) $found = true;
|
||||
if ($found) { // Samba page nit viewd; can not create group because if missing options
|
||||
$disabled = "disabled";
|
||||
echo "<tr>";
|
||||
StatusMessage("ERROR", _("Samba Options not set!"), _("Please check settings on samba page."));
|
||||
echo "</tr>";
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($account_old->general_objectClass)) {
|
||||
if (!in_array('posixAccount', $account_old->general_objectClass)) {
|
||||
echo '<tr>';
|
||||
StatusMessage('WARN', _('ObjectClass posixAccount not found.'), _('Have to add objectClass posixAccount.'));
|
||||
echo "</tr>\n";
|
||||
}
|
||||
if (!in_array('shadowAccount', $account_old->general_objectClass)) {
|
||||
echo '<tr>';
|
||||
StatusMessage('WARN', _('ObjectClass shadowAccount.'), _('Have to add objectClass shadowAccount.'));
|
||||
echo "</tr>\n";
|
||||
}
|
||||
if ($config_intern->is_samba3()) {
|
||||
if (!in_array('sambaSamAccount', $account_old->general_objectClass)) {
|
||||
echo '<tr>';
|
||||
StatusMessage('WARN', _('ObjectClass sambaSamAccount not found.'), _('Have to add objectClass sambaSamAccount. USer with sambaAccount will be updated.'));
|
||||
echo "</tr>\n";
|
||||
}}
|
||||
else
|
||||
if (!in_array('sambaAccount', $account_old->general_objectClass)) {
|
||||
echo '<tr>';
|
||||
StatusMessage('WARN', _('ObjectClass sambaAccount not found.'), _('Have to add objectClass sambaAccount. User with sambaSamAccount will be set back to sambaAccount.'));
|
||||
echo "</tr>\n";
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
echo "<tr><td><input name=\"create\" $disabled type=\"submit\" value=\"";
|
||||
echo "<tr><td><input name=\"create\" type=\"submit\" value=\"";
|
||||
if ($account_old) echo _('Modify Account');
|
||||
else echo _('Create Account');
|
||||
echo '">'."\n";
|
||||
|
|
Loading…
Reference in New Issue