diff --git a/lam/lib/account.inc b/lam/lib/account.inc index 649a4842..edf9fc5e 100644 --- a/lam/lib/account.inc +++ b/lam/lib/account.inc @@ -424,17 +424,17 @@ function get_preg($argument, $regexp) { // First we check "positive" cases $pregexpr = ''; switch ($regexp) { - case "password": // fixme where do i get an exact regexp? + case 'password': // fixme where do i get an exact regexp? $pregexpr = '/^([[:alnum:]\\ \\|\\#\\*\\,\\.\\;\\:\\_\\+\\!\\%\\&\\/\\?\\{\\(\\)\\}-])*$/'; break; - case "groupname": // first character must be a letter. All letters, numbers, space and ._- are allowed characters - case "username": // first character must be a letter. All letters, numbers, space and ._- are allowed characters + case 'groupname': // first character must be a letter. All letters, numbers, space and ._- are allowed characters + case 'username': // first character must be a letter. All letters, numbers, space and ._- are allowed characters $pregexpr = '/^[[:alpha:]]([[:alnum:]\\.\\ \\_-])*$/'; break; - case "hostname": // first character must be letter, last must be $. Only normal letters, numbers and ._- are allowed + case 'hostname': // first character must be letter, last must be $. Only normal letters, numbers and ._- are allowed $pregexpr = '/^[a-zA-Z]([a-zA-Z0-9\\.\\_-])*\\$$/'; break; - case "realname": // Allow all letters, space and .-_ + case 'realname': // Allow all letters, space and .-_ $pregexpr = '/^[[:alpha:]]([[:alpha:]\\.\\ \\_-])*$/'; break; case "telephone": // Allow numbers, space, brackets, /-+. @@ -452,7 +452,7 @@ function get_preg($argument, $regexp) { case "employeeType": // Allow all letters, numbers, space and .-_ $pregexpr = '/^([[:alnum:]\\.\\ \\_-])*$/'; break; - case "homedir": // Homapath, /path/...... + case "homeDirectory": // Homapath, /path/...... $pregexpr = '/^[/]([[:alnum:]\\.\\ \\_-)+([/]([[:alnum:]\\.\\ \\_-)+)*$/'; break; case "digit": // Normal number @@ -468,7 +468,10 @@ function get_preg($argument, $regexp) { $pregexpr = '/^(([a-zA-Z0-9\\.\\_-])+(,[a-zA-Z0-9\\.\\_-])*)*$/'; break; case "domainname": // Windows Domainname - $pregexpr = '/^([a-z0-9\\_-])+$/'; + $pregexpr = '/^([a-z0-9\\.\\_-])+$/'; + break; + case "unixhost": // Unix hosts + $pregexpr = '/^([a-z0-9\\.\\_-])*$/'; break; case 'digit2': // Same as digit but also -1 $pregexpr = '/^(([-][1])|([:digit:]*))$/'; @@ -480,7 +483,15 @@ function get_preg($argument, $regexp) { // Now we check "negative" cases, characters which are not allowed $pregexpr = ''; switch ($regexp) { - case "dummy": $pregexpr = '/^([a-z])*$/'; break; + case "!lower": + $pregexpr = '/[[:lower:]]/'; + break; + case "!upper": + $pregexpr = '/[[:upper:]]/'; + break; + case "!digit": + $pregexpr = '/[[:digit:]]/'; + break; } if ($pregexpr!='') if (!preg_match($pregexpr, $argument)) return true; diff --git a/lam/lib/baseModule.inc b/lam/lib/baseModule.inc index 568cc015..eaad1d35 100644 --- a/lam/lib/baseModule.inc +++ b/lam/lib/baseModule.inc @@ -90,6 +90,7 @@ class baseModule { } $objectClassName = substr($_SESSION['ldap']->objectClasses[$line], 6+strpos($_SESSION['ldap']->objectClasses[$line], "NAME '"), strlen(get_class($this)) ); $this->attributes['objectClass'][0] = $objectClassName; + $this->load_Messages(); } diff --git a/lam/lib/modules/account.inc b/lam/lib/modules/account.inc index 6b39316c..ec6b5def 100644 --- a/lam/lib/modules/account.inc +++ b/lam/lib/modules/account.inc @@ -20,23 +20,6 @@ $Id$ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -/* -* Variables in basearray which are no objects: -* type: Type of account. Can be user, group, host, domain -* attributes: List of all attributes, how to get them and are theiy required or optional -* dn: current DN without uid= or cn= -* dn_orig: old DN if account was loaded with uid= or cn= -*/ - - -/* This class contains all account LDAP attributes -* and funtioncs required to deal with account -* account can only be created when it should be added -* to an array. -* $base is the name of account_container in session -* -*/ - class account extends baseModule { /** @@ -65,15 +48,6 @@ class account extends baseModule { parent::init($base); } - // Variables - // This variable contains all account attributes - var $attributes; - /* If an account was loaded all attributes are kept in this array - * to compare it with new changed attributes - */ - var $orig; - - /* This function returns true if all required attributes from other * modules are set. This is required to prevent undefined states */ @@ -110,26 +84,7 @@ class account extends baseModule { * $attr is an array as it's retured from ldap_get_attributes */ function load_attributes($attr) { - // Load attributes which are displayed - // unset count entries - unset ($attr['count']); - $attributes = array_keys($attr); - foreach ($attributes as $attribute) unset ($attr[$attribute]['count']); - // unset double entries - for ($i=0; $iattributes[$attribute])) { - // decode as unicode - $this->attributes[$attribute] = $attr[$attribute]; - for ($i=0; $iattributes[$attribute]); $i++) { - $this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]); - $this->orig[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]); - } - } - } - // Add objectClass to orig because we don't want to add objectClass if it's already set - $this->orig['objectClass'][0] = 'account'; + $this->load_ldap_attributes($attr); return 0; } diff --git a/lam/lib/modules/inetOrgPerson.inc b/lam/lib/modules/inetOrgPerson.inc index 27d0fd34..04f81775 100644 --- a/lam/lib/modules/inetOrgPerson.inc +++ b/lam/lib/modules/inetOrgPerson.inc @@ -41,23 +41,27 @@ class inetOrgPerson extends baseModule { * Creates a new inetOrgPerson object. */ function inetOrgPerson($scope) { - // error messages for input checks - $this->messages['host'] = array('ERROR', _('Unix workstations'), _('Unix workstations is invalid.')); - $this->messages['givenName'] = array('ERROR', _('Given name'), _('Given name contains invalid characters')); - $this->messages['surname'] = array('ERROR', _('Surname'), _('Surname contains invalid characters')); - $this->messages['telephoneNumber'] = array('ERROR', _('Telephone number'), _('Please enter a valid telephone number!')); - $this->messages['mobileTelephone'] = array('ERROR', _('Mobile number'), _('Please enter a valid mobile number!')); - $this->messages['facsimileNumber'] = array('ERROR', _('Fax number'), _('Please enter a valid fax number!')); - $this->messages['email'] = array('ERROR', _('eMail address'), _('Please enter a valid eMail address!')); - $this->messages['street'] = array('ERROR', _('Street'), _('Please enter a valid street name!')); - $this->messages['postalAddress'] = array('ERROR', _('Postal address'), _('Please enter a valid postal address!')); - $this->messages['postalCode'] = array('ERROR', _('Postal code'), _('Please enter a valid postal code!')); - $this->messages['title'] = array('ERROR', _('Title'), _('Please enter a valid title!')); - $this->messages['employeeType'] = array('ERROR', _('Employee type'), _('Please enter a valid employee type!')); - // call parent constructor - parent::baseModule($scope); + // call parent constructor + parent::baseModule($scope); } + /** this functin fills the error message array with messages + **/ + function load_Messages() { + $this->messages['host'][0] = array('ERROR', _('Unix workstations'), _('Unix workstations is invalid.')); + $this->messages['givenName'][0] = array('ERROR', _('Given name'), _('Given name contains invalid characters')); + $this->messages['surname'][0] = array('ERROR', _('Surname'), _('Surname contains invalid characters')); + $this->messages['telephoneNumber'][0] = array('ERROR', _('Telephone number'), _('Please enter a valid telephone number!')); + $this->messages['mobileTelephone'][0] = array('ERROR', _('Mobile number'), _('Please enter a valid mobile number!')); + $this->messages['facsimileNumber'][0] = array('ERROR', _('Fax number'), _('Please enter a valid fax number!')); + $this->messages['email'][0] = array('ERROR', _('eMail address'), _('Please enter a valid eMail address!')); + $this->messages['street'][0] = array('ERROR', _('Street'), _('Please enter a valid street name!')); + $this->messages['postalAddress'][0] = array('ERROR', _('Postal address'), _('Please enter a valid postal address!')); + $this->messages['postalCode'][0] = array('ERROR', _('Postal code'), _('Please enter a valid postal code!')); + $this->messages['title'][0] = array('ERROR', _('Title'), _('Please enter a valid title!')); + $this->messages['employeeType'][0] = array('ERROR', _('Employee type'), _('Please enter a valid employee type!')); + } + /** * Returns meta data that is interpreted by parent class * @@ -83,10 +87,10 @@ class inetOrgPerson extends baseModule { 2 => array('kind' => 'help', 'value' => 'TODO')) ); // profile checks - $return['profile_checks']['inetOrgPerson_title'] = array('type' => 'regex_i', 'regex' => $this->regex_title, - 'error_message' => $this->messages['title']); + $return['profile_checks']['inetOrgPerson_title'] = array('type' => 'regex_i', 'regex' => 'title', + 'error_message' => $this->messages['title'][0]); $return['profile_checks']['inetOrgPerson_employeeType'] = array('type' => 'regex_i', - 'regex' => $this->regex_employeeType, 'error_message' => $this->messages['employeeType']); + 'regex' => 'employeeType', 'error_message' => $this->messages['employeeType'][0]); // available PDF fields $return['PDF_fields'] = array( 'description', 'host', @@ -128,37 +132,6 @@ class inetOrgPerson extends baseModule { parent::init($base); } - // Variables - /** This variable contains all inetOrgPerson attributes */ - var $attributes; - /** - * If an account was loaded all attributes are kept in this array - * to compare it with new changed attributes. - */ - var $orig; - - /** regular expression for host name */ - var $regex_host = '^([a-z0-9\\.-])+(([,])+([ ])*([a-z0-9\\.-])+)*$'; - /** regular expression for first/last name */ - var $regex_name = '^([a-z ��])+$'; - /** regular expression for telephone numbers */ - var $regex_telephoneNumber = '^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$'; - /** regular expression for e-mail */ - var $regex_email = '^(([0-9a-z\\._-])+[@]([0-9a-z-])+([.]([0-9a-z-])+)*)*$'; - /** regular expression for street names */ - var $regex_street = '^([0-9a-z \\.��])*$'; - /** regular expression for postal address */ - var $regex_postalAddress = '^([0-9a-z \\.��])*$'; - /** regular expression for postal codes */ - var $regex_postalCode = '^([0-9a-z])*$'; - /** regular expression for job titles */ - var $regex_title = '^([0-9a-z \\.��])*$'; - /** regular expression for employee types */ - var $regex_employeeType = '^([0-9a-z \\.��])*$'; - - /** list of possible error messages */ - var $messages = array(); - /* This function returns true if all required attributes from other * modules are set. This is required to prevent undefined states */ @@ -197,26 +170,7 @@ class inetOrgPerson extends baseModule { * $attr is an array as it's retured from ldap_get_attributes */ function load_attributes($attr) { - // Load attributes which are displayed - // unset count entries - unset ($attr['count']); - $attributes = array_keys($attr); - foreach ($attributes as $attribute) unset ($attr[$attribute]['count']); - // unset double entries - for ($i=0; $iattributes[$attribute])) { - // decode as unicode - $this->attributes[$attribute] = $attr[$attribute]; - for ($i=0; $iattributes[$attribute]); $i++) { - $this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]); - $this->orig[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]); - } - } - } - // Add objectClass to orig because we don't want to add objectClass if it's already set - $this->orig['objectClass'][0] = 'inetOrgPerson'; + $this->load_ldap_attributes($attr); return 0; } @@ -265,8 +219,8 @@ class inetOrgPerson extends baseModule { // handle host-attribute in on epice because it's not set by default if (isset($this->attributes['host'])) { $host = $post['host']; - if ((!$host=='') && !eregi($this->regex_host, $host)) - $errors['host'][] = $this->messages['host']; + if (!get_preg($host,'unixhost')) + $errors['host'][] = $this->messages['host'][0]; $hosts = explode(" ", $host); $this->attributes['host'] = array(); foreach ($hosts as $host) @@ -275,18 +229,18 @@ class inetOrgPerson extends baseModule { // Do some regex-checks and return error if attributes are set to wrong values if (!$profile) { - if ( !eregi($this->regex_name, $this->attributes['givenName'][0])) $errors['givenName'][] = $this->messages['givenName']; - if ( !eregi($this->regex_name, $this->attributes['sn'][0])) $errors['sn'][] = $this->messages['surname']; - if ( !ereg($this->regex_telephoneNumber, $this->attributes['telephoneNumber'][0])) $errors['telephoneNumber'][] = $this->messages['telephoneNumber']; - if ( !ereg($this->regex_telephoneNumber, $this->attributes['mobileTelephoneNumber'][0])) $errors['mobileTelephoneNumber'][] = $this->messages['mobileTelephone']; - if ( !ereg($this->regex_telephoneNumber, $this->attributes['facsimileTelephoneNumber'][0])) $errors['facsimileTelephoneNumber'][] = $this->messages['facsimileNumber']; - if ( !eregi($this->regex_email, $this->attributes['mail'][0])) $errors['mail'][] = $this->messages['email']; - if ( !eregi($this->regex_street, $this->attributes['street'][0])) $errors['street'][] = $this->messages['street']; - if ( !eregi($this->regex_postalAddress, $this->attributes['postalAddress'][0])) $errors['postalAdress'][] = $this->messages['postalAddress']; - if ( !eregi($this->regex_postalCode, $this->attributes['personal_postalCode'][0])) $errors['personal_postalCode'][] = $this->messages['postalCode']; + if ( !get_preg($this->attributes['givenName'][0], 'realname')) $errors['givenName'][] = $this->messages['givenName'][0]; + if ( !get_preg($this->attributes['sn'][0], 'realname')) $errors['sn'][] = $this->messages['surname'][0]; + if ( !get_preg($this->attributes['telephoneNumber'][0], 'telephone')) $errors['telephoneNumber'][] = $this->messages['telephoneNumber'][0]; + if ( !get_preg($this->attributes['mobileTelephoneNumber'][0], 'telephone')) $errors['mobileTelephoneNumber'][] = $this->messages['mobileTelephone'][0]; + if ( !get_preg($this->attributes['facsimileTelephoneNumber'][0], 'telephone')) $errors['facsimileTelephoneNumber'][] = $this->messages['facsimileNumber'][0]; + if ( !get_preg($this->attributes['mail'][0], 'email')) $errors['mail'][] = $this->messages['email'][0]; + if ( !get_preg($this->attributes['street'][0], 'street')) $errors['street'][] = $this->messages['street'][0]; + if ( !get_preg($this->attributes['postalAddress'][0], 'postalAddress')) $errors['postalAdress'][] = $this->messages['postalAddress'][0]; + if ( !get_preg($this->attributes['personal_postalCode'][0], 'postalCode')) $errors['personal_postalCode'][] = $this->messages['postalCode'][0]; } - if ( !eregi($this->regex_title, $this->attributes['title'][0])) $errors['title'][] = $this->messages['title']; - if ( !eregi($this->regex_employeeType, $this->attributes['employeeType'][0])) $errors['employeeType'][] = $this->messages['employeeType']; + if ( !get_preg($this->attributes['title'][0], 'title')) $errors['title'][] = $this->messages['title'][0]; + if ( !get_preg($this->attributes['employeeType'][0], 'employeeType')) $errors['employeeType'][] = $this->messages['employeeType'][0]; // Return error-messages if (is_array($errors)) return $errors; return 0; diff --git a/lam/lib/modules/posixAccount.inc b/lam/lib/modules/posixAccount.inc index 21257bee..c3c48eca 100644 --- a/lam/lib/modules/posixAccount.inc +++ b/lam/lib/modules/posixAccount.inc @@ -20,57 +20,46 @@ $Id$ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -/* Session variables which are used: -* $_SESSION['cacheAttributes']: This variable contains a list of attributes and their scope which should be cached -* -* Coockie variables which are used: -* $_COOKIE["IV"], $_COOKIE["Key"]: Needed to en/decrypt passwords. -* -* Variables in basearray which are no objects: -* type: Type of account. Can be user, group, host -* attributes: List of all attributes, how to get them and are theiy required or optional -* dn: current DN without uid= or cn= -* dn_orig: old DN if account was loaded with uid= or cn= - -* External functions which are used -* account.inc: findgroups, incache, get_cache, array_delete, getshells -* ldap.inc: pwd_is_enabled, pwd_hash -*/ - -/* This class contains all posixAccount LDAP attributes -* and funtioncs required to deal with posixAccount -* posixAccount can only be created when it should be added -* to an array. -* basearray is the same array posixAccount should be added -* to. If basearray is not given the constructor tries to -* create an array with posixAccount and all other required -* objects. -* Example: $user[] = new posixAccount($user); -* -* In container array the following things have to exist: -* account or inetOrgPerson object -* type: 'user' or 'host' -* 'attributes': this is a list of arrays with all ldap attributes wich are allowed for this account -*/ class posixAccount extends baseModule { /** * Creates a new posixAccount object. */ function posixAccount($scope) { - // error messages for input checks - $this->messages['homedir'] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.')); - $this->messages['minUID'] = array('ERROR', _('Users') . ':  ' . _('Minimum UID number'), _("Minimum UID number is invalid!")); - $this->messages['maxUID'] = array('ERROR', _('Users') . ':  ' . _('Maximum UID number'), _("Maximum UID number is invalid!")); - $this->messages['minMachine'] = array('ERROR', _('Hosts') . ':  ' . _('Minimum UID number'), _("Minimum UID number is invalid!")); - $this->messages['maxMachine'] = array('ERROR', _('Hosts') . ':  ' . _('Maximum UID number'), _("Maximum UID number is invalid!")); - $this->messages['cmp_UID'] = array('ERROR', _('Users') . ':  ' . _('Maximum UID number'), _("Maximum UID number must be greater than minimum UID number!")); - $this->messages['cmp_Machine'] = array('ERROR', _('Hosts') . ':  ' . _('Maximum UID number'), _("Maximum UID number must be greater than minimum UID number!")); - $this->messages['cmp_both'] = array('ERROR', _('UID ranges'), _("The UID ranges for users and hosts overlap! This is a problem because LAM uses the highest UID in use + 1. Please set the minimum UID to equal values or use independent ranges.")); // call parent constructor parent::baseModule($scope); } + /** this functin fills the error message array with messages + **/ + function load_Messages() { + // error messages for input checks + $this->messages['minUID'][0] = array('ERROR', _('Users') . ':  ' . _('Minimum UID number'), _("Minimum UID number is invalid!")); + $this->messages['maxUID'][0] = array('ERROR', _('Users') . ':  ' . _('Maximum UID number'), _("Maximum UID number is invalid!")); + $this->messages['minMachine'][0] = array('ERROR', _('Hosts') . ':  ' . _('Minimum UID number'), _("Minimum UID number is invalid!")); + $this->messages['maxMachine'][0] = array('ERROR', _('Hosts') . ':  ' . _('Maximum UID number'), _("Maximum UID number is invalid!")); + $this->messages['cmp_UID'][0] = array('ERROR', _('Users') . ':  ' . _('Maximum UID number'), _("Maximum UID number must be greater than minimum UID number!")); + $this->messages['cmp_Machine'][0] = array('ERROR', _('Hosts') . ':  ' . _('Maximum UID number'), _("Maximum UID number must be greater than minimum UID number!")); + $this->messages['cmp_both'][0] = array('ERROR', _('UID ranges'), _("The UID ranges for users and hosts overlap! This is a problem because LAM uses the highest UID in use + 1. Please set the minimum UID to equal values or use independent ranges.")); + $this->messages['homeDirectory'][0] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.')); + $this->messages['homeDirectory'][1] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.')); + $this->messages['homeDirectory'][2] = array('INFO', _('Home directory'), sprintf(_('Home directory changed. To keep home directory you have to run the following command as root: \'mv %s %s\''), $this->orig['homeDirectory'][0], $this->attributes['homeDirectory'][0])); + $this->messages['gidNumber'][0] = array('INFO', _('GID number'), sprintf(_('GID number has changed. To keep file ownership you have to run the following command as root: \'find / -gid %s -uid %s -exec chgrp %s {} \;\''), $this->orig['gidNumber'][0], $this->orig['uidNumber'][0], $_SESSION['cache']->getgid($this->attribtues['gidNumber'][0]))); + $this->messages['uidNumber'][0] = array('INFO', _('UID number'), sprintf(_('UID number has changed. To keep file ownership you have to run the following command as root: \'find / -uid %s -exec chown %s {} \;\''), $this->orig['uidNumber'][0], $this->attributes['uidNumber'][0])); + $this->messages['uidNumber'][1] = array('ERROR', _('ID-Number'), _('No free ID-Number!')); + $this->messages['uidNumber'][2] = array('WARN', _('ID-Number'), _('It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.')); + $this->messages['uidNumber'][3] = array('ERROR', _('ID-Number'), _('ID is already in use')); + $this->messages['userPassword'][0] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.')); + $this->messages['userPassword'][1] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !')); + $this->messages['uid'][0] = array('INFO', _('UID'), _('UID has changed. Do you want to change home directory?')); + $this->messages['uid'][1] = array('WARN', _('Username'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.')); + $this->messages['uid'][2] = array('ERROR', _('Username'), _('Username contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !')); + $this->messages['uid'][3] = array('WARN', _('Hostname'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.')); + $this->messages['uid'][4] = array('ERROR', _('Hostname'), _('Hostname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ ! Hostname must end with $ !')); + $this->messages['uid'][5] = array('WARN', _('Username'), _('Username in use. Selected next free username.')); + $this->messages['uid'][6] = array('WARN', _('Hostname'), _('Hostname in use. Selected next free hostname.')); + } + /** * Returns meta data that is interpreted by parent class * @@ -96,8 +85,8 @@ class posixAccount extends baseModule { // alias name $return["alias"] = _("Unix"); // profile checks - $return['profile_checks']['posixAccount_homeDirectory'] = array('type' => 'regex_i', 'regex' => $this->regex_homedir, - 'error_message' => $this->messages['homedir']); + $return['profile_checks']['posixAccount_homeDirectory'] = array('type' => 'regex_i', 'regex' => 'homeDirectory', + 'error_message' => $this->messages['homeDirectory'][0]); // configuration options $return['config_options']['user'] = array( array( @@ -172,7 +161,6 @@ class posixAccount extends baseModule { parent::init($base); $groups = $_SESSION['cache']->findgroups(); // list of all groupnames if (count($groups)==0) trigger_error(_('No groups found in ldap.'), E_USER_WARNING); - $this->createhomedir=false; } @@ -181,13 +169,6 @@ class posixAccount extends baseModule { var $userPassword_no; // Lock account? var $userPassword_lock; - - // This variable contains all inetOrgPerson attributes - var $attributes; - /* If an account was loaded all attributes are kept in this array - * to compare it with new changed attributes - */ - var $orig; /* These two variables keep an array of groups the * user is also member of. */ @@ -195,12 +176,6 @@ class posixAccount extends baseModule { var $groups_orig; var $createhomedir; - /** regular expression for home directory */ - var $regex_homedir = '^[/]([a-z])([a-z0-9\\._-])*([/]([a-z\\$])([a-z0-9\\._-])*)*$'; - - /** list of possible error messages */ - var $messages = array(); - /* $attribute['userPassword'] can't accessed directly because it's enrcypted * To read / write password function userPassword is needed * This function will return the unencrypted password when @@ -263,26 +238,7 @@ class posixAccount extends baseModule { * $attr is an array as it's retured from ldap_get_attributes */ function load_attributes($attr) { - // Load attributes which are displayed - // unset count entries - unset ($attr['count']); - $attributes = array_keys($attr); - foreach ($attributes as $attribute) unset ($attr[$attribute]['count']); - // unset double entries - for ($i=0; $iattributes[$attribute])) { - // decode as unicode - $this->attributes[$attribute] = $attr[$attribute]; - for ($i=0; $iattributes[$attribute]); $i++) { - $this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]); - $this->orig[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]); - } - } - } - // Values are kept as copy so we can compare old attributes with new attributes - $this->attributes['objectClass'][0] = 'posixAccount'; + $this->load_ldap_attributes($attr); // get all additional groupmemberships $dn_groups = $_SESSION['cache']->get_cache('memberUid', 'posixGroup', 'group'); @@ -418,13 +374,19 @@ class posixAccount extends baseModule { */ function proccess_attributes($post, $profile=false) { if ($this->orig['uid'][0]!='' && $post['uid']!=$this->attributes['uid'][0]) - $errors['uid'][] = array('INFO', _('UID'), _('UID has changed. Do you want to change home directory?')); - if ($this->orig['gidNumber'][0]!='' && $_SESSION['cache']->getgid($post['gidNumber'])!=$this->attributes['gidNumber'][0]) - $errors['gidNumber'][] = array('INFO', _('GID number'), sprintf(_('GID number has changed. To keep file ownership you have to run the following command as root: \'find / -gid %s -uid %s -exec chgrp %s {} \;\''), $this->orig['gidNumber'][0], $this->orig['uidNumber'][0], $_SESSION['cache']->getgid($post['gidNumber']))); - if ($this->orig['uidNumber'][0]!='' && $post['uidNumber']!=$this->attributes['uidNumber'][0]) - $errors['uidNumber'][] = array('INFO', _('UID number'), sprintf(_('UID number has changed. To keep file ownership you have to run the following command as root: \'find / -uid %s -exec chown %s {} \;\''), $this->orig['uidNumber'][0], $this->attributes['uidNumber'][0])); - if (isset($post['homeDirectory']) && $this->orig['homeDirectory'][0]!='' && $post['homeDirectory']!=$this->attributes['homeDirectory'][0]) - $errors['homeDirectory'][] = array('INFO', _('Home directory'), sprintf(_('Home directory changed. To keep home directory you have to run the following command as root: \'mv %s %s\''), $this->orig['homeDirectory'][0], $this->attributes['homeDirectory'][0])); + $errors['uid'][] = $this->messages['uid'][0]; + if ($this->orig['gidNumber'][0]!='' && $_SESSION['cache']->getgid($post['gidNumber'])!=$this->attributes['gidNumber'][0]) { + $this->load_errorMessage(); + $errors['gidNumber'][] = $this->messages['gidNumber'][0]; + } + if ($this->orig['uidNumber'][0]!='' && $post['uidNumber']!=$this->attributes['uidNumber'][0]) { + $this->load_errorMessage(); + $errors['uidNumber'][] = $this->messages['uidNumber'][0]; + } + if (isset($post['homeDirectory']) && $this->orig['homeDirectory'][0]!='' && $post['homeDirectory']!=$this->attributes['homeDirectory'][0]) { + $this->load_errorMessage(); + $errors['homeDirectory'][] = $this->messages['homeDirectory'][2]; + } // Load attributes $this->attributes['uid'][0] = $post['uid']; @@ -441,14 +403,20 @@ class posixAccount extends baseModule { if ($post['userPassword_lock']) $this->userPassword_lock=true; else $this->userPassword_lock=false; if (!$profile) { - if ($post['genpass']) $this->userPassword(genpasswd()); - else if (isset($post['userPassword'])) { - if ($post['userPassword'] != $post['userPassword2']) { - $errors['userPassword'][] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.')); - unset ($post['userPassword2']); + if ($post['genpass']) { + $this->userPassword(genpasswd()); + $post['userPassword2'] = ''; + } + else { + if (isset($post['userPassword'])) { + if ($post['userPassword'] != $post['userPassword2']) { + $errors['userPassword'][] = $this->messages['userPassword'][0]; } else $this->userPassword($post['userPassword']); + if (!get_preg($this->userPassword(), 'password')) + $errors['userPassword'][] = $this->messages['userPassword'][1]; } + } // Check if UID is valid. If none value was entered, the next useable value will be inserted // load min and may uidNumber @@ -482,10 +450,10 @@ class posixAccount extends baseModule { $i = intval($minID); while (in_array($i, $uids)) $i++; if ($i>$maxID) - $errors['uidNumber'][] = array('ERROR', _('ID-Number'), _('No free ID-Number!')); + $errors['uidNumber'][] = $this->messages['uidNumber'][1]; else { $this->attributes['uidNumber'][0] = $i; - $errors['uidNumber'][] = array('WARN', _('ID-Number'), _('It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.')); + $errors['uidNumber'][] = $this->messages['uidNumber'][2]; } } else $this->attributes['uidNumber'][0] = $minID; @@ -504,15 +472,15 @@ class posixAccount extends baseModule { if ((in_array($this->attributes['uidNumber'][0], $uids)) && $this->orig['uidNumber'][0]=='') $errors['uidNumber'][] = array('ERROR', _('ID-Number'), _('ID is already in use')); // id-number is in use, account is existing account and id-number is not used by itself if ((in_array($this->attributes['uidNumber'][0], $uids)) && $this->orig['uidNumber'][0]!='' && ($this->orig['uidNumber'][0] != $this->attributes['uidNumber'][0]) ) { - $errors['uidNumber'][] = array('ERROR', _('ID-Number'), _('ID is already in use')); + $errors['uidNumber'][] = $this->messages['uidNumber'][3]; $this->attributes['uidNumber'][0] = $this->orig['uidNumber'][0]; } } } } if ($_SESSION[$this->base]->type=='user') { - if (($this->attributes['uid'][0] != $post['uid']) && ereg('[A-Z]$', $post['uid']) && !$profile) - $errors['uid'][] = array('WARN', _('Username'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.')); + if (($this->attributes['uid'][0] != $post['uid']) && !get_preg($post['uid'], '!upper') && !$profile) + $errors['uid'][] = $this->messages['uid'][1]; // Check if Homedir is valid if (!$profile) { $this->attributes['homeDirectory'][0] = str_replace('$group', $_SESSION['cache']->getgrnam($this->attributes['gidNumber'][0]), $this->attributes['homeDirectory'][0]); @@ -520,19 +488,19 @@ class posixAccount extends baseModule { $this->attributes['homeDirectory'][0] = str_replace('$user', $this->attributes['uid'][0], $this->attributes['homeDirectory'][0]); if ($this->attributes['homeDirectory'][0] != $post['homeDirectory']) $errors['homeDirecotry'][] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.')); } - if ( !eregi($this->regex_homedir, $this->attributes['homeDirectory'][0] )) - $errors['homeDirecotry'][] = $this->messages['homedir']; + if ( !get_preg($this->attributes['homeDirectory'][0], 'homeDirectory' )) + $errors['homeDirecotry'][] = $this->messages['homeDirectory'][0]; // Check if Username contains only valid characters - if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+$', $this->attributes['uid'][0]) && !$profile) - $errors['uid'][] = array('ERROR', _('Username'), _('Username contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !')); + if ( !get_preg($this->attributes['uid'][0], 'username') && !$profile) + $errors['uid'][] = $this->messages['uid'][2]; } if ($_SESSION[$this->base]->type=='host' && !$profile) { - if (($this->attributes['uid'][0] != $post['form_account_uid']) && ereg('[A-Z]$', $post['form_account_uid'])) - $errors['uid'][] = array('WARN', _('Hostname'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.')); - // Check if Username contains only valid characters - if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+[$]$', $this->attributes['uid'][0])) - $errors['uid'][] = array('ERROR', _('Hostname'), _('Hostname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ ! Hostname must end with $ !')); + if (($this->attributes['uid'][0] != $post['uid']) && !get_preg($post['uid'], '!upper')) + $errors['uid'][] = $this->messages['uid'][3]; + // Check if Hostname contains only valid characters + if ( !get_preg($this->attributes['uid'][0], 'hostname')) + $errors['uid'][] = $this->messages['uid'][4]; } // Create automatic useraccount with number if original user already exists @@ -579,15 +547,15 @@ class posixAccount extends baseModule { // Show warning if lam has changed username if ($_SESSION[$this->base]->type=='user') if ($this->attributes['uid'][0] != $post['uid']) { - $errors['uid'][] = array('WARN', _('Username'), _('Username in use. Selected next free username.')); + $errors['uid'][] = $this->messages['uid'][5]; } if ($_SESSION[$this->base]->type=='host') if ($this->attributes['uid'][0] != $post['uid']) { - $errors['uid'][] = array('WARN', _('Hostname'), _('Hostname in use. Selected next free hostname.')); + $errors['uid'][] = $this->messages['uid'][6]; + } + if (!get_preg($this->userPassword(), 'password')) + $errors['userPassword'][] = $this->messages['userPassword'][1]; } - if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $this->userPassword())) - $errors['userPassword'][] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !')); - } // Return error-messages if (is_array($errors)) return $errors; // Go to additional group page when no error did ocour and button was pressed @@ -626,7 +594,7 @@ class posixAccount extends baseModule { if (!$profile) { if ($this->attributes['userPassword'][0] != $this->orig['userPassword'][0]) $password=$this->userPassword(); - else $password=''; + else if ($this->attributes['userPassword'][0] != '') $password=$post['userPassword']; $return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _("Username").'*' ), 1 => array ( 'kind' => 'input', 'name' => 'uid', 'type' => 'text', 'size' => '20', 'maxlength' => '20', 'value' => $this->attributes['uid'][0]), 2 => array ('kind' => 'help', 'value' => 'uid')); @@ -792,15 +760,15 @@ class posixAccount extends baseModule { if (in_array('user', $scopes)) { // min/maxUID are required, check if they are numeric if (!isset($options['posixAccount_minUID'][0]) || !ereg('^[0-9]+$', $options['posixAccount_minUID'][0])) { - $return[] = $this->messages['minUID']; + $return[] = $this->messages['minUID'][0]; } if (!isset($options['posixAccount_maxUID'][0]) || !ereg('^[0-9]+$', $options['posixAccount_maxUID'][0])) { - $return[] = $this->messages['maxUID']; + $return[] = $this->messages['maxUID'][0]; } // minUID < maxUID if (isset($options['posixAccount_minUID'][0]) && isset($options['posixAccount_maxUID'][0])) { if ($options['posixAccount_minUID'][0] > $options['posixAccount_maxUID'][0]) { - $return[] = $this->messages['cmp_UID']; + $return[] = $this->messages['cmp_UID'][0]; } } } @@ -808,15 +776,15 @@ class posixAccount extends baseModule { if (in_array('host', $scopes)) { // min/maxUID are required, check if they are numeric if (!isset($options['posixAccount_minMachine'][0]) || !ereg('^[0-9]+$', $options['posixAccount_minMachine'][0])) { - $return[] = $this->messages['minMachine']; + $return[] = $this->messages['minMachine'][0]; } if (!isset($options['posixAccount_maxMachine'][0]) || !ereg('^[0-9]+$', $options['posixAccount_maxMachine'][0])) { - $return[] = $this->messages['maxMachine']; + $return[] = $this->messages['maxMachine'][0]; } // minUID < maxUID if (isset($options['posixAccount_minMachine'][0]) && isset($options['posixAccount_maxMachine'][0])) { if ($options['posixAccount_minMachine'][0] > $options['posixAccount_maxMachine'][0]) { - $return[] = $this->messages['cmp_Machine']; + $return[] = $this->messages['cmp_Machine'][0]; } } } @@ -826,11 +794,11 @@ class posixAccount extends baseModule { isset($options['posixAccount_minMachine'][0]) && isset($options['posixAccount_maxMachine'][0])) { if (($options['posixAccount_minMachine'][0] > $options['posixAccount_minUID'][0]) && ($options['posixAccount_minMachine'][0] < $options['posixAccount_maxUID'][0])) { - $return[] = $this->messages['cmp_both']; + $return[] = $this->messages['cmp_both'][0]; } if (($options['posixAccount_minUID'][0] > $options['posixAccount_minMachine'][0]) && ($options['posixAccount_minUID'][0] < $options['posixAccount_maxMachine'][0])) { - $return[] = $this->messages['cmp_both']; + $return[] = $this->messages['cmp_both'][0]; } } } diff --git a/lam/lib/modules/posixGroup.inc b/lam/lib/modules/posixGroup.inc index 4b397af6..65df7274 100644 --- a/lam/lib/modules/posixGroup.inc +++ b/lam/lib/modules/posixGroup.inc @@ -37,8 +37,6 @@ class posixGroup extends baseModule { * @param string $scope account type */ function posixGroup($scope) { - // load error messages - $this->load_errorMessages(); // call parent constructor parent::baseModule($scope); } @@ -254,23 +252,42 @@ class posixGroup extends baseModule { ) ); // configuration checks - $return['config_checks']['group']['posixGroup_minGID'] = array( - 'type' => 'regex', - 'regex' => '^[0-9]+$', - 'required' => true, - 'required_message' => $this->errormessages['gidNumber'][5], - 'error_message' => $this->errormessages['gidNumber'][5]); - $return['config_checks']['group']['posixGroup_maxGID'] = array( - 'type' => 'regex', - 'regex' => '^[0-9]+$', - 'required' => true, - 'required_message' => $this->errormessages['gidNumber'][6], - 'error_message' => $this->errormessages['gidNumber'][6]); - $return['config_checks']['group']['cmpGID'] = array( - 'type' => 'int_greater', - 'cmp_name1' => 'posixGroup_maxGID', - 'cmp_name2' => 'posixGroup_minGID', - 'error_message' => $this->errormessages['gidNumber'][7]); + $return['config_checks']['group']['posixGroup_minGID'] = array + + 'type' => 'regex' + + 'regex' => 'digit' + + 'required' => true + + 'required_message' => $this->errormessages['gidNumber'][5] + + 'error_message' => $this->errormessages['gidNumber'][5]) + + $return['config_checks']['group']['posixGroup_maxGID'] = array + + 'type' => 'regex' + + 'regex' => 'digit' + + 'required' => true + + 'required_message' => $this->errormessages['gidNumber'][6] + + 'error_message' => $this->errormessages['gidNumber'][6]) + + $return['config_checks']['group']['cmpGID'] = array + + 'type' => 'int_greater' + + 'cmp_name1' => 'posixGroup_maxGID' + + 'cmp_name2' => 'posixGroup_minGID' + + 'error_message' => $this->errormessages['gidNumber'][7]) + + + // available PDF fields $return['PDF_fields'] = array( 'cn', 'gidNumber', @@ -390,19 +407,19 @@ class posixGroup extends baseModule { /** this functin fills the error message array with messages **/ - function load_errorMessages() { - $this->errormessages['userPassword'][0] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.')); - $this->errormessages['userPassword'][1] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !')); - $this->errormessages['gidNumber'][0] = array('INFO', _('GID number'), _('GID number has changed. Please select checkbox to change GID number of users and hosts.')); - $this->errormessages['gidNumber'][2] = array('WARN', _('ID-Number'), _('It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.')); - $this->errormessages['gidNumber'][3] = array('ERROR', _('ID-Number'), _('No free ID-Number!')); - $this->errormessages['gidNumber'][4] = array('ERROR', _('ID-Number'), _('ID is already in use')); - $this->errormessages['gidNumber'][5] = array('ERROR', _('Minimum GID number'), _('Minimum GID number is invalid or empty!')); - $this->errormessages['gidNumber'][6] = array('ERROR', _('Maximum GID number'), _('Maximum GID number is invalid or empty!')); - $this->errormessages['gidNumber'][7] = array('ERROR', _('Maximum GID number'), _('Maximum GID number must be greater than minimum GID number!')); - $this->errormessages['cn'][0] = array('WARN', _('Groupname'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.')); - $this->errormessages['cn'][1] = array('WARN', _('Groupname'), _('Groupname in use. Selected next free groupname.')); - $this->errormessages['cn'][2] = array('ERROR', _('Groupname'), _('Groupname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !')); + function load_Messages() { + $this->messages['minGID'][0] = array('ERROR', _('Minimum GID number'), _('Minimum GID number is invalid or empty!')); + $this->messages['maxGID'][0] = array('ERROR', _('Maximum GID number'), _('Maximum GID number is invalid or empty!')); + $this->messages['cmpGID'][0] = array('ERROR', _('Maximum GID number'), _('Maximum GID number must be greater than minimum GID number!')); + $this->messages['userPassword'][0] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.')); + $this->messages['userPassword'][1] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !')); + $this->messages['gidNumber'][0] = array('INFO', _('GID number'), _('GID number has changed. Please select checkbox to change GID number of users and hosts.')); + $this->messages['gidNumber'][2] = array('WARN', _('ID-Number'), _('It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.')); + $this->messages['gidNumber'][3] = array('ERROR', _('ID-Number'), _('No free ID-Number!')); + $this->messages['gidNumber'][4] = array('ERROR', _('ID-Number'), _('ID is already in use')); + $this->messages['cn'][0] = array('WARN', _('Groupname'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.')); + $this->messages['cn'][1] = array('WARN', _('Groupname'), _('Groupname in use. Selected next free groupname.')); + $this->messages['cn'][2] = array('ERROR', _('Groupname'), _('Groupname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !')); } @@ -451,11 +468,11 @@ class posixGroup extends baseModule { else { if (isset($post['userPassword'])) { if ($post['userPassword'] != $post['userPassword2']) { - $errors['userPassword'][] = $this->errormessages['userPassword'][0]; + $errors['userPassword'][] = $this->messages['userPassword'][0]; } else $this->userPassword($post['userPassword']); if (!get_preg($this->userPassword(), 'password')) - $errors['userPassword'][] = $this->errormessages['userPassword'][1]; + $errors['userPassword'][] = $this->messages['userPassword'][1]; } } if ($this->attributes['gidNumber'][0]!=$post['gidNumber'] || ($this->errors['gidNumber'][0]='ERROR')) { @@ -488,10 +505,10 @@ class posixGroup extends baseModule { $i = intval($minID); while (in_array($i, $gids)) $i++; if ($i>$maxID) - $errors['gidNumber'][] = $this->errormessages['gidNumber'][3]; + $errors['gidNumber'][] = $this->messages['gidNumber'][3]; else { $this->attributes['gidNumber'][0] = $i; - $errors['gidNumber'][] = $this->errormessages['gidNumber'][2]; + $errors['gidNumber'][] = $this->messages['gidNumber'][2]; } } else $this->attributes['gidNumber'][0] = $minID; @@ -510,7 +527,7 @@ class posixGroup extends baseModule { if ((in_array($this->attributes['gidNumber'][0], $gids)) && $this->orig['gidNumber'][0]=='') $errors['gidNumber'][] = array('ERROR', _('ID-Number'), _('ID is already in use')); // id-number is in use, account is existing account and id-number is not used by itself if ((in_array($this->attributes['gidNumber'][0], $gids)) && $this->orig['gidNumber'][0]!='' && ($this->orig['gidNumber'][0] != $this->attributes['gidNumber'][0]) ) { - $errors['gidNumber'][] = $this->errormessages['gidNumber'][4]; + $errors['gidNumber'][] = $this->messages['gidNumber'][4]; $this->attributes['gidNumber'][0] = $this->orig['gidNumber'][0]; } } @@ -519,10 +536,10 @@ class posixGroup extends baseModule { if ($this->attributes['cn'][0]!=$post['cn'] || ($this->errors['cn'][0]='ERROR')) { $this->attributes['cn'][0] = $post['cn']; if (($this->attributes['cn'][0] != $post['cn']) && ereg('[A-Z]$', $post['cn'])) - $errors['cn'][] = $this->errormessages['cn'][0]; + $errors['cn'][] = $this->messages['cn'][0]; // Check if Groupname contains only valid characters if ( !get_preg($this->attributes['cn'][0],'groupname')) - $errors['cn'][] = $this->errormessages['cn'][2]; + $errors['cn'][] = $this->messages['cn'][2]; // Create automatic useraccount with number if original user already exists // Reset name to original name if new name is in use // Set username back to original name if new username is in use @@ -562,11 +579,11 @@ class posixGroup extends baseModule { } // Show warning if lam has changed username if ($this->attributes['cn'][0] != $post['cn']) { - $errors['cn'][] = $this->errormessages['cn'][0]; + $errors['cn'][] = $this->messages['cn'][0]; } // show info when gidnumber has changed if (($this->orig['gidNumber'][0]!=$this->attributes['gidNumber'][0]) && $this->orig['gidNumber'][0]!='' && $post['gidNumber']!=$this->attributes['gidNumber'][0]) - $errors['gidNumber'][] = $this->errormessages['gidNumber'][0]; + $errors['gidNumber'][] = $this->messages['gidNumber'][0]; } } // Return error-messages diff --git a/lam/lib/modules/quota.inc b/lam/lib/modules/quota.inc index 3d12449b..7cfcb985 100644 --- a/lam/lib/modules/quota.inc +++ b/lam/lib/modules/quota.inc @@ -27,17 +27,22 @@ class quota extends baseModule { * Creates a new quota object. */ function quota($scope) { - // error messages for input checks - $this->messages['softblock'] = array('ERROR', _('Block soft quota'), _('Block soft quota contains invalid characters. Only natural numbers are allowed')); - $this->messages['hardblock'] = array('ERROR', _('Block hard quota'), _('Block hard quota contains invalid characters. Only natural numbers are allowed')); - $this->messages['softinode'] = array('ERROR', _('Inode soft quota'), _('Inode soft quota contains invalid characters. Only natural numbers are allowed')); - $this->messages['hardinode'] = array('ERROR', _('Inode hard quota'), _('Inode hard quota contains invalid characters. Only natural numbers are allowed')); - $this->messages['block_cmp'] = array('ERROR', _('Block quota'), _('Block soft quota must be smaller than block hard quota')); - $this->messages['inode_cmp'] = array('ERROR', _('Inode quota'), _('Inode soft quota must be smaller than inode hard quota')); // call parent constructor parent::baseModule($scope); } + /** this functin fills the error message array with messages + **/ + function load_Messages() { + // error messages for input checks + $this->messages['softblock'][0] = array('ERROR', _('Block soft quota'), _('Block soft quota contains invalid characters. Only natural numbers are allowed')); + $this->messages['hardblock'][0] = array('ERROR', _('Block hard quota'), _('Block hard quota contains invalid characters. Only natural numbers are allowed')); + $this->messages['softinode'][0] = array('ERROR', _('Inode soft quota'), _('Inode soft quota contains invalid characters. Only natural numbers are allowed')); + $this->messages['hardinode'][0] = array('ERROR', _('Inode hard quota'), _('Inode hard quota contains invalid characters. Only natural numbers are allowed')); + $this->messages['block_cmp'][0] = array('ERROR', _('Block quota'), _('Block soft quota must be smaller than block hard quota')); + $this->messages['inode_cmp'][0] = array('ERROR', _('Inode quota'), _('Inode soft quota must be smaller than inode hard quota')); + } + /** * Returns meta data that is interpreted by parent class * @@ -94,16 +99,8 @@ class quota extends baseModule { } // Variables - var $quota; - /** regular expression for quota values */ - var $regex_quota = '^[0-9]*$'; - - /** list of possible error messages */ - var $messages = array(); - - function module_ready() { if (!isset($_SESSION['config']->scriptPath)) return $false; if ($_SESSION[$this->base]->type=='user' && $_SESSION[$this->base]->module['posixAccount']->attributes['uid'][0]=='') return false; @@ -240,18 +237,18 @@ class quota extends baseModule { $this->quota[$i][6] = $post[$i . '_6']; $this->quota[$i][7] = $post[$i . '_7']; // Check if values are OK and set automatic values. if not error-variable will be set - if (!ereg($this->regex_quota, $this->quota[$i][2])) - $errors[$this->quota[$i][2]][] = $this->messages['softblock']; - if (!ereg($this->regex_quota, $this->quota[$i][3])) - $errors[$this->quota[$i][3]][] = $this->messages['hardblock']; - if (!ereg($this->regex_quota, $this->quota[$i][6])) - $errors[$this->quota[$i][6]][] = $this->messages['softinode']; - if (!ereg($this->regex_quota, $this->quota[$i][7])) - $errors[$this->quota[$i][7]][] = $this->messages['hardinode']; + if (!get_preg($this->quota[$i][2], 'digit')) + $errors[$this->quota[$i][2]][] = $this->messages['softblock'][0]; + if (!get_preg($this->quota[$i][3], 'digit')) + $errors[$this->quota[$i][3]][] = $this->messages['hardblock'][0]; + if (!get_preg($this->quota[$i][6], 'digit')) + $errors[$this->quota[$i][6]][] = $this->messages['softinode'][0]; + if (!get_preg($this->quota[$i][7], 'digit')) + $errors[$this->quota[$i][7]][] = $this->messages['hardinode'][0]; if (intval($this->quota[$i][2]) > intval($this->quota[$i][3])) - $errors[$this->quota[$i][2]][] = $this->messages['block_cmp']; + $errors[$this->quota[$i][2]][] = $this->messages['block_cmp'][0]; if (intval($this->quota[$i][6]) > intval($this->quota[$i][7])) - $errors[$this->quota[$i][6]][] = $this->messages['inode_cmp']; + $errors[$this->quota[$i][6]][] = $this->messages['inode_cmp'][0]; $i++; } @@ -360,12 +357,12 @@ class quota extends baseModule { $return = array(); $i = 0; while (isset($options["quota_softblock_$i"])) { - if (!ereg($this->regex_quota, $options["quota_softblock_$i"][0])) $return[] = $this->messages['softblock']; - if (!ereg($this->regex_quota, $options["quota_hardblock_$i"][0])) $return[] = $this->messages['hardblock']; - if (!ereg($this->regex_quota, $options["quota_softinode_$i"][0])) $return[] = $this->messages['softinode']; - if (!ereg($this->regex_quota, $options["quota_hardinode_$i"][0])) $return[] = $this->messages['hardinode']; - if (intval($options["quota_softblock_$i"][0]) > $options["quota_hardblock_$i"][0]) $return[] = $this->messages['block_cmp']; - if (intval($options["quota_softinode_$i"][0]) > $options["quota_hardinode_$i"][0]) $return[] = $this->messages['inode_cmp']; + if (!get_preg($options["quota_softblock_$i"][0], 'digit')) $return[] = $this->messages['softblock'][0]; + if (!get_preg($options["quota_hardblock_$i"][0], 'digit')) $return[] = $this->messages['hardblock'][0]; + if (!get_preg($options["quota_softinode_$i"][0], 'digit')) $return[] = $this->messages['softinode'][0]; + if (!get_preg($options["quota_hardinode_$i"][0], 'digit')) $return[] = $this->messages['hardinode'][0]; + if (intval($options["quota_softblock_$i"][0]) > $options["quota_hardblock_$i"][0]) $return[] = $this->messages['block_cmp'][0]; + if (intval($options["quota_softinode_$i"][0]) > $options["quota_hardinode_$i"][0]) $return[] = $this->messages['inode_cmp'][0]; $i++; } return $return; diff --git a/lam/lib/modules/sambaAccount.inc b/lam/lib/modules/sambaAccount.inc index c351069f..25ef53e7 100644 --- a/lam/lib/modules/sambaAccount.inc +++ b/lam/lib/modules/sambaAccount.inc @@ -20,38 +20,6 @@ $Id$ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -/* Session variables which are used: -* $_SESSION['cacheAttributes']: This variable contains a list of attributes and their scope which should be cached -* -* Coockie variables which are used: -* $_COOKIE["IV"], $_COOKIE["Key"]: Needed to en/decrypt passwords. -* -* Variables in basearray which are no objects: -* type: Type of account. Can be user, group, host -* attributes: List of all attributes, how to get them and are theiy required or optional -* dn: current DN without uid= or cn= -* dn_orig: old DN if account was loaded with uid= or cn= - -* External functions which are used -* account.inc: findgroups, incache, get_cache, array_delete, getshells -* ldap.inc: pwd_is_enabled, pwd_hash -*/ - -/* This class contains all sambaAccount LDAP attributes -* and funtioncs required to deal with sambaAccount -* sambaAccount can only be created when it should be added -* to an array. -* basearray is the same array sambaAccount should be added -* to. If basearray is not given the constructor tries to -* create an array with sambaAccount and all other required -* objects. -* Example: $user[] = new sambaAccount($user); -* -* In container array the following things have to exist: -* account or inetOrgPerson object -* type: 'user' or 'host' -* 'attributes': this is a list of arrays with all ldap attributes wich are allowed for this account -*/ class sambaAccount extends baseModule { /** @@ -60,16 +28,29 @@ class sambaAccount extends baseModule { * @param string $scope account type (user, group, host) */ function sambaAccount($scope) { - // error messages for input checks - $this->messages['homedir'] = array('ERROR', _('Home path'), _('Home path is invalid.')); - $this->messages['profilePath'] = array('ERROR', _('Profile path'), _('Profile path is invalid!')); - $this->messages['logonScript'] = array('ERROR', _('Script path'), _('Script path is invalid!')); - $this->messages['workstations'] = array('ERROR', _('Samba workstations'), _('Please enter a comma separated list of host names!')); - $this->messages['domain'] = array('ERROR', _('Domain name'), _('Domain name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and -.')); // call parent constructor parent::baseModule($scope); } + /** this functin fills the error message array with messages + **/ + function load_Messages() { + // error messages for input checks + $this->messages['homePath'][0] = array('ERROR', _('Home path'), _('Home path is invalid.')); + $this->messages['homePath'][1] = array('INFO', _('Home path'), _('Inserted user- or groupname in HomePath.')); + $this->messages['profilePath'][0] = array('ERROR', _('Profile path'), _('Profile path is invalid!')); + $this->messages['profilePath'][1] = array('INFO', _('Profile path'), _('Inserted user- or groupname in profilepath.')); + $this->messages['logonScript'][0] = array('ERROR', _('Script path'), _('Script path is invalid!')); + $this->messages['logonScript'][1] = array('INFO', _('Script path'), _('Inserted user- or groupname in scriptpath.')); + $this->messages['workstations'][0] = array('ERROR', _('Samba workstations'), _('Please enter a comma separated list of host names!')); + $this->messages['domain'][0] = array('ERROR', _('Domain name'), _('Domain name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and -.')); + $this->messages['lmPassword'][0] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.')); + $this->messages['lmPassword'][1] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !')); + $this->messages['rid'][0] = array('ERROR', _('Special user'), _('There can be only one administrator per domain.')); + $this->messages['rid'][1] = array('ERROR', _('Special user'), _('There can be only one guest per domain.')); + + } + /** * Returns meta data that is interpreted by parent class * @@ -155,16 +136,16 @@ class sambaAccount extends baseModule { 2 => array('kind' => 'help', 'value' => 'TODO') ); // profile checks - $return['profile_checks']['sambaAccount_smbhome'] = array('type' => 'regex_i', 'regex' => $this->regex_homedir, - 'error_message' => $this->messages['homedir']); - $return['profile_checks']['sambaAccount_profilePath'] = array('type' => 'regex_i', 'regex' => $this->regex_profilePath, - 'error_message' => $this->messages['profilePath']); - $return['profile_checks']['sambaAccount_scriptPath'] = array('type' => 'regex_i', 'regex' => $this->regex_logonScript, - 'error_message' => $this->messages['logonScript']); - $return['profile_checks']['sambaAccount_userWorkstations'] = array('type' => 'regex_i', 'regex' => $this->regex_workstations, - 'error_message' => $this->messages['workstations']); - $return['profile_checks']['sambaAccount_domain'] = array('type' => 'regex_i', 'regex' => $this->regex_domain, - 'error_message' => $this->messages['domain']); + $return['profile_checks']['sambaAccount_smbhome'] = array('type' => 'regex_i', 'regex' => 'UNC', + 'error_message' => $this->messages['homePath'][0]); + $return['profile_checks']['sambaAccount_profilePath'] = array('type' => 'regex_i', 'regex' => 'UNC', + 'error_message' => $this->messages['profilePath'][0]); + $return['profile_checks']['sambaAccount_scriptPath'] = array('type' => 'regex_i', 'regex' => 'logonScript', + 'error_message' => $this->messages['logonScript'][0]); + $return['profile_checks']['sambaAccount_userWorkstations'] = array('type' => 'regex_i', 'regex' => 'unixhost', + 'error_message' => $this->messages['workstations'][0]); + $return['profile_checks']['sambaAccount_domain'] = array('type' => 'regex_i', 'regex' => 'domainname', + 'error_message' => $this->messages['domain'][0]); // available PDF fields $return['PDF_fields'] = array( 'displayName', 'uid', @@ -189,31 +170,11 @@ class sambaAccount extends baseModule { } // Variables - // This variable contains all inetOrgPerson attributes - var $attributes; - /* If an account was loaded all attributes are kept in this array - * to compare it with new changed attributes - */ - var $orig; // use unix password as samba password? var $useunixpwd; // Array of well known rids var $rids; - /** regular expression for home directory */ - var $regex_homedir = '^[\][\]([a-z0-9\\.%-])+([\]([a-z0-9\\.%��\$-])+)+$'; - /** regular expression for profile path */ - var $regex_profilePath = '^([\][\]([a-zA-Z0-9\\.%-])+([\]([a-z0-9\\.%-])+)+)|([/][a-z]([a-z0-9\\._%-])*([/][a-z]([a-z0-9\\._%-])*)*)$'; - /** regular expression for logon script */ - var $regex_logonScript = '^([/])*([a-z0-9\\._%��])+([/]([a-z0-9\\._%��])+)*((\\.bat)|(\\.cmd))$'; - /** regular expression for allowed workstations */ - var $regex_workstations = '^([a-z0-9\\._-])+(,[a-z0-9\\._-])*$'; - /** regular expression for domain name */ - var $regex_domain = '^([a-z0-9_-])+$'; - - /** list of possible error messages */ - var $messages = array(); - /* $attribute['lmPassword'] and ntPassword can't accessed directly because it's enrcypted * To read / write password function userPassword is needed * This function will return the unencrypted password when @@ -287,26 +248,7 @@ class sambaAccount extends baseModule { * $attr is an array as it's retured from ldap_get_attributes */ function load_attributes($attr) { - // Load attributes which are displayed - // unset count entries - unset ($attr['count']); - $attributes = array_keys($attr); - foreach ($attributes as $attribute) unset ($attr[$attribute]['count']); - // unset double entries - for ($i=0; $iattributes[$attribute])) { - // decode as unicode - $this->attributes[$attribute] = $attr[$attribute]; - for ($i=0; $iattributes[$attribute]); $i++) { - $this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]); - $this->orig[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]); - } - } - } - // Values are kept as copy so we can compare old attributes with new attributes - $this->attributes['objectClass'][0] = 'sambaAccount'; + $this->load_ldap_attributes($attr); return 0; } @@ -410,7 +352,7 @@ class sambaAccount extends baseModule { if (isset($post['lmPassword'])) { if ($post['lmPassword'] != $post['lmPassword2']) { - $errors['lmPassword'][] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.')); + $errors['lmPassword'][] = $this->messages['lmPassword'][0]; unset ($post['lmPassword2']); } else $this->lmPassword($post['lmPassword']); @@ -419,31 +361,30 @@ class sambaAccount extends baseModule { $this->attributes['rid'][0] = "500"; // Do a check if an administrator already exists if ($_SESSION['cache']->in_cache("500", 'rid', 'user')!=$_SESSION[$this->base]->dn_orig) - $errors['rid'][] = array('ERROR', _('Special user'), _('There can be only one administrator per domain.')); + $errors['rid'][] = $this->messages['rid'][0]; } if ($post['rid']== _('Guest')) { $this->attributes['rid'][0] = "501"; // Do a check if an administrator already exists if ($_SESSION['cache']->in_cache("501", 'rid', 'user')!=$_SESSION[$this->base]->dn_orig) - $errors['rid'][] = array('ERROR', _('Special user'), _('There can be only one guest per domain.')); + $errors['rid'][] = $this->messages['rid'][1]; } $this->attributes['smbHome'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['smbHome'][0]); $this->attributes['smbHome'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['smbHome'][0]); - if ($this->attributes['smbHome'][0] != stripslashes($post['smbHome'])) $errors['smbHome'][] = array('INFO', _('Home path'), _('Inserted user- or groupname in HomePath.')); + if ($this->attributes['smbHome'][0] != stripslashes($post['smbHome'])) $errors['smbHome'][] = $this->messages['homePath'][1]; $this->attributes['scriptPath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['scriptPath'][0]); $this->attributes['scriptPath'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['scriptPath'][0]); - if ($this->attributes['scriptPath'][0] != stripslashes($post['scriptPath'])) $errors['scriptPath'][] = array('INFO', _('Script path'), _('Inserted user- or groupname in scriptpath.')); + if ($this->attributes['scriptPath'][0] != stripslashes($post['scriptPath'])) $errors['scriptPath'][] = $this->messages['logonScript'][1]; $this->attributes['profilePath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['profilePath'][0]); $this->attributes['profilePath'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['profilePath'][0]); - if ($this->attributes['profiletPath'][0] != stripslashes($post['profilePath'])) $errors['profilePath'][] = array('INFO', _('Profile path'), _('Inserted user- or groupname in profilepath.')); - if ( !ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', - $this->lmPassword())) $errors['lmPassword'][] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !')); - if ( (!$this->attributes['smbHome'][0]=='') && (!eregi($this->regex_homedir, $this->attributes['smbHome'][0]))) - $errors['smbHome'][] = $this->messages['homedir']; - if ( (!$this->attributes['scriptPath'][0]=='') && (!eregi($this->regex_logonScript, $this->attributes['scriptPath'][0]))) - $errors['scriptPath'][] = $this->messages['logonScript']; - if ( (!$this->attributes['profilePath'][0]=='') && (!eregi($this->regex_profilePath, $this->attributes['profilePath'][0]))) - $errors['profilePath'][] = $this->messages['profilePath']; + if ($this->attributes['profiletPath'][0] != stripslashes($post['profilePath'])) $errors['profilePath'][] = $this->messages['profilePath'][1]; + if ( !get_preg($this->lmPassword(), 'passord')) $errors['lmPassword'][] = $this->messages['lmPassword'][1]; + if ( (!$this->attributes['smbHome'][0]=='') && (!get_preg($this->attributes['smbHome'][0], 'UNC'))) + $errors['smbHome'][] = $this->messages['homedir'][0]; + if ( (!$this->attributes['scriptPath'][0]=='') && (!get_preg($this->attributes['scriptPath'][0], 'logonscript'))) + $errors['scriptPath'][] = $this->messages['logonScript'][0]; + if ( (!$this->attributes['profilePath'][0]=='') && (!get_preg($this->attributes['profilePath'][0], 'UNC'))) + $errors['profilePath'][] = $this->messages['profilePath'][0]; } else { $smbHome = str_replace('$user', 'user', $this->attributes['smbHome'][0]); @@ -452,22 +393,21 @@ class sambaAccount extends baseModule { $scriptPath = str_replace('$group', 'group', $scriptPath); $profilePath = str_replace('$user', 'user', $this->attributes['profilePath'][0]); $profilePath = str_replace('$group', 'group', $profilePath); - if ( (!$smbHome=='') && (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%]|[�|[�|[�|[�|[]|[�|[�)+)+$', $smbHome))) - $errors['smbHome'][] = array('ERROR', _('Home path'), _('Home path is invalid.')); - if ( (!$scriptPath=='') && (!ereg('^([/])*([a-z]|[0-9]|[.]|[-]|[_]|[%]|[�|[�|[�|[�|[]|[�|[�)+([a-z]|[0-9]|[.]|[-]|[_]|[%]|[�|[�|[�|[�|[]|[�|[�)*'. - '([/]([a-z]|[0-9]|[.]|[-]|[_]|[%]|[�|[�|[�|[�|[]|[�|[�)+([a-z]|[0-9]|[.]|[-]|[_]|[%]|[�|[�|[�|[�|[]|[�|[�)*)*(([.][b][a][t])|([.][c][m][d]))$', $scriptPath))) - $errors['scriptPath'][] = array('ERROR', _('Script path'), _('Script path is invalid!')); - if ( (!$profilePath=='') && (!ereg('^[/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*([/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*)*$', $profilePath)) - && (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+)+$', $profilePath))) - $errors['profilePath'][] = array('ERROR', _('Profile path'), _('Profile path is invalid!')); + if ( (!$smbHome=='') && (!get_preg($smbHome, 'UNC'))) + $errors['smbHome'][] = $this->messages['homePath'][0]; + if ( (!$scriptPath=='') && (!get_preg($scriptPath, 'logonscript'))) + $errors['scriptPath'][] = $this->messages['logonScript'][0]; + if ( (!$profilePath=='') && (!get_preg('^[/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*([/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*)*$', $profilePath)) + && (!get_preg($profilePath, 'UNC'))) + $errors['profilePath'][] = $this->messages['profilePath'][0]; } if ($post['useunixpwd']) $this->useunixpwd = true; else $this->useunixpwd = false; } - if ((!$this->attributes['domain'][0]=='') && !eregi($this->regex_domain, $this->attributes['domain'][0])) - $errors['domain'][] = $this->messages['domain']; + if ((!$this->attributes['domain'][0]=='') && !get_preg($this->attributes['domain'][0], 'domainname')) + $errors['domain'][] = $this->messages['domain'][0]; if (is_array($errors)) return $errors; if ($post['userWorkstations']) return 'userWorkstations'; @@ -541,7 +481,7 @@ class sambaAccount extends baseModule { if (!$profile) { if ($this->attributes['lmPassword'][0] != $this->orig['lmPassword'][0]) $password=$this->lmPassword(); - else $password=''; + else if ($this->attributes['lmPassword'][0] != '') $password=$post['lmPassword']; $return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Samba password') ), 1 => array ( 'kind' => 'input', 'name' => 'lmPassword', 'type' => 'password', 'size' => '20', 'maxlength' => '255', 'value' => $password)); if ($post['lmPassword2']!='') $password2 = $post['lmPassword2']; diff --git a/lam/lib/modules/sambaGroupMapping.inc b/lam/lib/modules/sambaGroupMapping.inc index 3609d3a6..f2387930 100644 --- a/lam/lib/modules/sambaGroupMapping.inc +++ b/lam/lib/modules/sambaGroupMapping.inc @@ -229,8 +229,8 @@ class sambaGroupMapping extends baseModule { /** this functin fills the error message array with messages **/ - function load_errorMessages() { - $this->errormessages['sambaSID'][0] = array('ERROR', _('Special Group'),sprintf( _('There can be only one group %s.'), $rids[$i]), 'sambaSID'); + function load_Messages() { + $this->messages['sambaSID'][0] = array('ERROR', _('Special Group'),sprintf( _('There can be only one group %s.'), $rids[$i]), 'sambaSID'); } @@ -290,7 +290,7 @@ class sambaGroupMapping extends baseModule { $this->attributes['sambaSID'][0] = $SID."-".$this->rids[$rids[$i]]; // Do a check if special grou pis unique if ($_SESSION['cache']->in_cache($SID."-".$this->rids[$rids[$i]], 'sambaSID', 'group')) - $errors[] = $this->errormessages['sambaSID'][0]; + $errors[] = $this->messages['sambaSID'][0]; } } if (!$wrid) $this->attributes['sambaSID'][0] = $SID . "-" . ($_SESSION[$this->base]->module['posixGroup']->attributes['gidNumber'][0]*2+$RIDbase+1); diff --git a/lam/lib/modules/sambaSamAccount.inc b/lam/lib/modules/sambaSamAccount.inc index 19a51fd9..ab0df2c9 100644 --- a/lam/lib/modules/sambaSamAccount.inc +++ b/lam/lib/modules/sambaSamAccount.inc @@ -20,38 +20,6 @@ $Id$ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -/* Session variables which are used: -* $_SESSION['cacheAttributes']: This variable contains a list of attributes and their scope which should be cached -* -* Coockie variables which are used: -* $_COOKIE["IV"], $_COOKIE["Key"]: Needed to en/decrypt passwords. -* -* Variables in basearray which are no objects: -* type: Type of account. Can be user, group, host -* attributes: List of all attributes, how to get them and are theiy required or optional -* dn: current DN without uid= or cn= -* dn_orig: old DN if account was loaded with uid= or cn= - -* External functions which are used -* account.inc: findgroups, incache, get_cache, array_delete, getshells -* ldap.inc: pwd_is_enabled, pwd_hash -*/ - -/* This class contains all sambaSamAccount LDAP attributes -* and funtioncs required to deal with sambaSamAccount -* sambaSamAccount can only be created when it should be added -* to an array. -* basearray is the same array sambaSamAccount should be added -* to. If basearray is not given the constructor tries to -* create an array with sambaSamAccount and all other required -* objects. -* Example: $user[] = new sambaSamAccount($user); -* -* In container array the following things have to exist: -* account or inetOrgPerson object -* type: 'user' or 'host' -* 'attributes': this is a list of arrays with all ldap attributes wich are allowed for this account -*/ class sambaSamAccount extends baseModule { /** @@ -60,15 +28,27 @@ class sambaSamAccount extends baseModule { * @param string $scope account type (user, group, host) */ function sambaSamAccount($scope) { - // error messages for input checks - $this->messages['homedir'] = array('ERROR', _('Home path'), _('Home path is invalid.')); - $this->messages['profilePath'] = array('ERROR', _('Profile path'), _('Profile path is invalid!')); - $this->messages['logonScript'] = array('ERROR', _('Script path'), _('Script path is invalid!')); - $this->messages['workstations'] = array('ERROR', _('Samba workstations'), _('Please enter a comma separated list of host names!')); // call parent constructor parent::baseModule($scope); } + /** this functin fills the error message array with messages + **/ + function load_Messages() { + // error messages for input checks + $this->messages['homePath'][0] = array('ERROR', _('Home path'), _('Home path is invalid.')); + $this->messages['homePath'][1] = array('INFO', _('Home path'), _('Inserted user- or groupname in HomePath.')); + $this->messages['profilePath'][0] = array('ERROR', _('Profile path'), _('Profile path is invalid!')); + $this->messages['profilePath'][1] = array('INFO', _('Profile path'), _('Inserted user- or groupname in profilepath.')); + $this->messages['logonScript'][0] = array('ERROR', _('Script path'), _('Script path is invalid!')); + $this->messages['logonScript'][1] = array('INFO', _('Script path'), _('Inserted user- or groupname in scriptpath.')); + $this->messages['workstations'][0] = array('ERROR', _('Samba workstations'), _('Please enter a comma separated list of host names!')); + $this->messages['sambaLMPassword'][0] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'), 'sambaLMPassword'); + $this->messages['sambaLMPassword'][1] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !')); + $this->messages['rid'][0] = array('ERROR', _('Special user'), _('There can be only one administrator per domain.')); + $this->messages['rid'][1] = array('ERROR', _('Special user'), _('There can be only one guest per domain.')); + } + /** * Returns meta data that is interpreted by parent class * @@ -89,14 +69,14 @@ class sambaSamAccount extends baseModule { // module dependencies $return['dependencies'] = array('depends' => array('posixAccount'), 'conflicts' => array()); // profile checks - $return['profile_checks']['sambaSamAccount_smbhome'] = array('type' => 'regex_i', 'regex' => $this->regex_homedir, - 'error_message' => $this->messages['homedir']); - $return['profile_checks']['sambaSamAccount_profilePath'] = array('type' => 'regex_i', 'regex' => $this->regex_profilePath, - 'error_message' => $this->messages['profilePath']); - $return['profile_checks']['sambaSamAccount_logonScript'] = array('type' => 'regex_i', 'regex' => $this->regex_logonScript, - 'error_message' => $this->messages['logonScript']); - $return['profile_checks']['sambaSamAccount_userWorkstations'] = array('type' => 'regex_i', 'regex' => $this->regex_workstations, - 'error_message' => $this->messages['workstations']); + $return['profile_checks']['sambaSamAccount_smbhome'] = array('type' => 'regex_i', 'regex' => 'UNC', + 'error_message' => $this->messages['homePath'][0]); + $return['profile_checks']['sambaSamAccount_profilePath'] = array('type' => 'regex_i', 'regex' => 'UNC', + 'error_message' => $this->messages['profilePath'][0]); + $return['profile_checks']['sambaSamAccount_logonScript'] = array('type' => 'regex_i', 'regex' => 'logonscript', + 'error_message' => $this->messages['logonScript'][0]); + $return['profile_checks']['sambaSamAccount_userWorkstations'] = array('type' => 'regex_i', 'regex' => 'unixhost', + 'error_message' => $this->messages['workstations'][0]); // available PDF fields $return['PDF_fields'] = array( 'displayName', 'uid', @@ -122,30 +102,12 @@ class sambaSamAccount extends baseModule { } // Variables - // This variable contains all inetOrgPerson attributes - var $attributes; - /* If an account was loaded all attributes are kept in this array - * to compare it with new changed attributes - */ - var $orig; // use unix password as samba password? var $useunixpwd; // Array of well known rids var $rids; - /** regular expression for home directory */ - var $regex_homedir = '^[\][\]([a-z0-9\\.%-])+([\]([a-z0-9\\.%��\$-])+)+$'; - /** regular expression for profile path */ - var $regex_profilePath = '^([\][\]([a-zA-Z0-9\\.%-])+([\]([a-z0-9\\.%-])+)+)|([/][a-z]([a-z0-9\\._%-])*([/][a-z]([a-z0-9\\._%-])*)*)$'; - /** regular expression for logon script */ - var $regex_logonScript = '^([/])*([a-z0-9\\._%��])+([/]([a-z0-9\\._%��])+)*((\\.bat)|(\\.cmd))$'; - /** regular expression for allowed workstations */ - var $regex_workstations = '^([a-z0-9\\._-])+(,[a-z0-9\\._-])*$'; - - /** list of possible error messages */ - var $messages = array(); - /* $attribute['sambaLMPassword'] and sambaNTPassword can't accessed directly because it's enrcypted * To read / write password function userPassword is needed * This function will return the unencrypted password when @@ -220,26 +182,7 @@ class sambaSamAccount extends baseModule { * $attr is an array as it's retured from ldap_get_attributes */ function load_attributes($attr) { - // Load attributes which are displayed - // unset count entries - unset ($attr['count']); - $attributes = array_keys($attr); - foreach ($attributes as $attribute) unset ($attr[$attribute]['count']); - // unset double entries - for ($i=0; $iattributes[$attribute])) { - // decode as unicode - $this->attributes[$attribute] = $attr[$attribute]; - for ($i=0; $iattributes[$attribute]); $i++) { - $this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]); - $this->orig[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]); - } - } - } - // Values are kept as copy so we can compare old attributes with new attributes - $this->attributes['objectClass'][0] = 'sambaSamAccount'; + $this->load_ldap_attributes($attr); return 0; } @@ -354,7 +297,7 @@ class sambaSamAccount extends baseModule { if (isset($post['sambaLMPassword']) && !$profile) { if ($post['sambaLMPassword'] != $post['sambaLMPassword2']) { - $errors[] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'), 'sambaLMPassword'); + $errors[] = $this->messages['sambaLMPassword'][0]; unset ($post['sambaLMPassword2']); } else $this->sambaLMPassword($post['sambaLMPassword']); @@ -367,13 +310,13 @@ class sambaSamAccount extends baseModule { $this->attributes['sambaSID'][0] = $SID."-500"; // Do a check if an administrator already exists if ($_SESSION['cache']->in_cache($SID."-500", 'sambaSID', 'user')!=$_SESSION[$this->base]->dn_orig) - $errors['sambaSID'][] = array('ERROR', _('Special user'), _('There can be only one administrator per domain.')); + $errors['sambaSID'][] = $this->messages['rid'][0]; } if ($post['sambaSID']== _('Guest')) { $this->attributes['sambaSID'][0] = $SID."-501"; // Do a check if an administrator already exists if ($_SESSION['cache']->in_cache($SID."-501", 'sambaSID', 'user')!=$_SESSION[$this->base]->dn_orig) - $errors['sambaSID'][] = array('ERROR', _('Special user'), _('There can be only one guest per domain.')); + $errors['sambaSID'][] = $this->messages['rid'][1]; } // Check values $this->attributes['sambaHomePath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['sambaHomePath'][0]); @@ -385,14 +328,13 @@ class sambaSamAccount extends baseModule { $this->attributes['sambaProfilePath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['sambaProfilePath'][0]); $this->attributes['sambaProfilePath'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['sambaProfilePath'][0]); if ($this->attributes['sambaProfiletPath'][0] != stripslashes($post['sambaProfilePath'])) $errors['sambaProfilePath'][] = array('INFO', _('Profile path'), _('Inserted user- or groupname in profilepath.')); - if ( (!$this->attributes['sambaHomePath'][0]=='') && (!ereg($this->regex_homedir, $this->attributes['sambaHomePath'][0]))) - $errors['sambaHomePath'][] = $this->messages['homedir']; - if ( !ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', - $this->sambaLMPassword())) $errors['sambaLMPassword'][] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !')); - if ( (!$this->attributes['sambaLogonScript'][0]=='') && (!ereg($this->regex_logonScript, $this->attributes['sambaLogonScript'][0]))) - $errors['sambaScriptPath'][] = $this->messages['logonScript']; - if (!($this->attributes['sambaProfilePath'][0] == '') && !ereg($this->regex_profilePath, $this->attributes['sambaProfilePath'][0])) - $errors['sambaProfilePath'][] = $this->messages['profilePath']; + if ( (!$this->attributes['sambaHomePath'][0]=='') && (!get_preg($this->attributes['sambaHomePath'][0], 'UNC'))) + $errors['sambaHomePath'][] = $this->messages['homePath'][0]; + if ( !get_preg($this->sambaLMPassword(), 'password')) $errors['sambaLMPassword'][] = $this->messages['sambaLMPassword'][1]; + if ( (!$this->attributes['sambaLogonScript'][0]=='') && (!get_preg($this->attributes['sambaLogonScript'][0], 'logonscript'))) + $errors['sambaScriptPath'][] = $this->messages['logonScript'][0]; + if (!($this->attributes['sambaProfilePath'][0] == '') && !get_preg($this->attributes['sambaProfilePath'][0], 'UNC')) + $errors['sambaProfilePath'][] = $this->messages['profilePath'][0]; } else { $sambaHomePath = str_replace('$user', 'user', $this->attributes['sambaHomePath'][0]); @@ -401,16 +343,14 @@ class sambaSamAccount extends baseModule { $sambaLogonScript = str_replace('$group', 'group', $sambaLogonScript); $sambaProfilePath = str_replace('$user', 'user', $this->attributes['sambaProfilePath'][0]); $sambaProfilePath = str_replace('$group', 'group', $sambaProfilePath); - if ( (!$this->attributes['sambaHomePath'][0]=='') && (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])+)+$', $this->attributes['sambaHomePath'][0]))) - $errors[] = array('ERROR', _('Home path'), _('Home path is invalid.'), 'sambaHomePath'); - if ( !ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', - $this->sambaLMPassword())) $errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'), 'sambaLMPassword'); - if ( (!$this->attributes['sambaLogonScript'][0]=='') && (!ereg('^([/])*([a-z]|[0-9]|[.]|[-]|[_]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])+([a-z]|[0-9]|[.]|[-]|[_]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])*'. - '([/]([a-z]|[0-9]|[.]|[-]|[_]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])+([a-z]|[0-9]|[.]|[-]|[_]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])*)*(([.][b][a][t])|([.][c][m][d]))$', $this->attributes['sambaLogonScript'][0]))) - $errors[] = array('ERROR', _('Script path'), _('Script path is invalid!'), 'sambaScriptPath'); - if ( (!$this->attributes['sambaProfilePath'][0]=='') && (!ereg('^[/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*([/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*)*$', $this->attributes['sambaProfilePath'][0])) - && (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+)+$', $this->attributes['sambaProfilePath'][0]))) - $errors[] = array('ERROR', _('Profile path'), _('Profile path is invalid!'), 'sambaProfilePath'); + if ( (!$this->attributes['sambaHomePath'][0]=='') && (!get_preg($this->attributes['sambaHomePath'][0], 'UNC'))) + $errors[] = $this->messages['homePath'][0]; + if ( !get_preg($this->sambaLMPassword(), 'UNC')) $errors[] = $this->messages['sambaLMPassword'][1]; + if ( (!$this->attributes['sambaLogonScript'][0]=='') && (!get_preg($this->attributes['sambaLogonScript'][0], 'logonscript'))) + $errors[] = $this->messages['logonScript'][0]; + if ( (!$this->attributes['sambaProfilePath'][0]=='') && (!get_preg($this->attributes['sambaProfilePath'][0], 'UNC')) + && (!get_preg($this->attributes['sambaProfilePath'][0], 'UNC'))) + $errors[] = $this->messages['profilePath'][0]; } } if (is_array($errors)) return $errors; @@ -491,8 +431,8 @@ class sambaSamAccount extends baseModule { 5 => array ( 'kind' => 'input', 'name' => 'sambaPwdMustChange_s', 'type' => 'hidden', 'value' => $mustchangedate['seconds']), 6 => array ( 'kind' => 'input', 'name' => 'sambaAcctFlagsU', 'type' => 'hidden', 'value' => 'true')); if (!$profile) { - if ($this->attributes['lmPassword'][0] != $this->orig['lmPassword'][0]) $password=$this->sambaLMPassword(); - else $password=''; + if ($this->attributes['sambaLMPassword'][0] != $this->orig['sambaLMPassword'][0]) $password=$this->sambaLMPassword(); + else if ($this->attributes['sambaLMPassword'][0] != '') $password=$post['sambaLMPassword']; $return[] = array ( 0 => array ( 'kind' => 'text', 'text' => _('Samba password') ), 1 => array ( 'kind' => 'input', 'name' => 'sambaLMPassword', 'type' => 'password', 'size' => '20', 'maxlength' => '255', 'value' => $password)); if ($post['sambaLMPassword2']!='') $password2 = $post['sambaLMPassword2']; diff --git a/lam/lib/modules/shadowAccount.inc b/lam/lib/modules/shadowAccount.inc index e528346f..43b94411 100644 --- a/lam/lib/modules/shadowAccount.inc +++ b/lam/lib/modules/shadowAccount.inc @@ -20,38 +20,6 @@ $Id$ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -/* Session variables which are used: -* $_SESSION['cacheAttributes']: This variable contains a list of attributes and their scope which should be cached -* -* Coockie variables which are used: -* $_COOKIE["IV"], $_COOKIE["Key"]: Needed to en/decrypt passwords. -* -* Variables in basearray which are no objects: -* type: Type of account. Can be user, group, host -* attributes: List of all attributes, how to get them and are theiy required or optional -* dn: current DN without uid= or cn= -* dn_orig: old DN if account was loaded with uid= or cn= - -* External functions which are used -* account.inc: findgroups, incache, get_cache, array_delete, getshells -* ldap.inc: pwd_is_enabled, pwd_hash -*/ - -/* This class contains all shadowAccount LDAP attributes -* and funtioncs required to deal with shadowAccount -* shadowAccount can only be created when it should be added -* to an array. -* basearray is the same array shadowAccount should be added -* to. If basearray is not given the constructor tries to -* create an array with shadowAccount and all other required -* objects. -* Example: $user[] = new shadowAccount($user); -* -* In container array the following things have to exist: -* account or inetOrgPerson object -* type: 'user' or 'host' -* 'attributes': this is a list of arrays with all ldap attributes wich are allowed for this account -*/ class shadowAccount extends baseModule { /** @@ -60,16 +28,21 @@ class shadowAccount extends baseModule { * @param string $scope account type (user, group, host) */ function shadowAccount($scope) { - // error messages for input checks - $this->messages['shadowMin'] = array('ERROR', _('Password minage'), _('Password minage must be are natural number.')); - $this->messages['shadowMax'] = array('ERROR', _('Password maxage'), _('Password maxage must be are natural number.')); - $this->messages['inactive'] = array('ERROR', _('Password Expire'), _('Password expire must be are natural number or -1.')); - $this->messages['shadowWarning'] = array('ERROR', _('Password warn'), _('Password warn must be are natural number.')); - $this->messages['shadow_cmp'] = array('ERROR', _('Password maxage'), _('Password maxage must bigger as Password Minage.')); // call parent constructor parent::baseModule($scope); } + /** this functin fills the error message array with messages + **/ + function load_Messages() { + // error messages for input checks + $this->messages['shadowMin'][0] = array('ERROR', _('Password minage'), _('Password minage must be are natural number.')); + $this->messages['shadowMax'][0] = array('ERROR', _('Password maxage'), _('Password maxage must be are natural number.')); + $this->messages['inactive'][0] = array('ERROR', _('Password Expire'), _('Password expire must be are natural number or -1.')); + $this->messages['shadowWarning'][0] = array('ERROR', _('Password warn'), _('Password warn must be are natural number.')); + $this->messages['shadow_cmp'][0] = array('ERROR', _('Password maxage'), _('Password maxage must bigger as Password Minage.')); + } + /** * Returns meta data that is interpreted by parent class * @@ -125,16 +98,16 @@ class shadowAccount extends baseModule { 2 => array('kind' => 'help', 'value' => 'TODO')) ); // profile checks - $return['profile_checks']['shadowAccount_shadowMin'] = array('type' => 'regex', 'regex' => $this->regex_number, - 'error_message' => $this->messages['shadowMin']); - $return['profile_checks']['shadowAccount_shadowMax'] = array('type' => 'regex', 'regex' => $this->regex_number, - 'error_message' => $this->messages['shadowMax']); + $return['profile_checks']['shadowAccount_shadowMin'] = array('type' => 'regex', 'regex' => 'digit', + 'error_message' => $this->messages['shadowMin'][0]); + $return['profile_checks']['shadowAccount_shadowMax'] = array('type' => 'regex', 'regex' => 'digit', + 'error_message' => $this->messages['shadowMax'][0]); $return['profile_checks']['shadowAccount_cmp'] = array('type' => 'int_greater', 'cmp_name1' => 'shadowAccount_shadowMax', - 'cmp_name2' => 'shadowAccount_shadowMin', 'error_message' => $this->messages['shadow_cmp']); - $return['profile_checks']['shadowAccount_shadowInactive'] = array('type' => 'regex', 'regex' => $this->regex_inactive, - 'error_message' => $this->messages['inactive']); - $return['profile_checks']['shadowAccount_shadowWarning'] = array('type' => 'regex', 'regex' => $this->regex_number, - 'error_message' => $this->messages['shadowWarning']); + 'cmp_name2' => 'shadowAccount_shadowMin', 'error_message' => $this->messages['shadow_cmp'][0]); + $return['profile_checks']['shadowAccount_shadowInactive'] = array('type' => 'regex', 'regex' => 'digit2', + 'error_message' => $this->messages['inactive'][0]); + $return['profile_checks']['shadowAccount_shadowWarning'] = array('type' => 'regex', 'regex' => 'digit', + 'error_message' => $this->messages['shadowWarning'][0]); // available PDF fields $return['PDF_fields'] = array( 'shadowLastChange', 'shadowWarning', @@ -158,21 +131,6 @@ class shadowAccount extends baseModule { parent::init($base); } - // Variables - // This variable contains all inetOrgPerson attributes - var $attributes; - /* If an account was loaded all attributes are kept in this array - * to compare it with new changed attributes - */ - var $orig; - - /** regular expression for numeric values */ - var $regex_number = '^([0-9])*$'; - /** regular expression for shasowInactive */ - var $regex_inactive = '^(([-][1])|([0-9]*))$'; - - /** list of possible error messages */ - var $messages = array(); function module_ready() { return true; @@ -207,26 +165,8 @@ class shadowAccount extends baseModule { * $attr is an array as it's retured from ldap_get_attributes */ function load_attributes($attr) { - // Load attributes which are displayed - // unset count entries - unset ($attr['count']); - $attributes = array_keys($attr); - foreach ($attributes as $attribute) unset ($attr[$attribute]['count']); - // unset double entries - for ($i=0; $iattributes[$attribute])) { - // decode as unicode - $this->attributes[$attribute] = $attr[$attribute]; - for ($i=0; $iattributes[$attribute]); $i++) { - $this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]); - $this->orig[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]); - } - } - } - // Values are kept as copy so we can compare old attributes with new attributes - $this->attributes['objectClass'][0] = 'shadowAccount'; + $this->load_ldap_attributes($attr); + return 0; } /* This function returns an array with 3 entries: @@ -261,11 +201,11 @@ class shadowAccount extends baseModule { $this->attributes['shadowExpire'][0] = intval(mktime(10, 0, 0, $post['shadowExpire_mon'], $post['shadowExpire_day'], $post['shadowExpire_yea'])/3600/24); - if ( !ereg($this->regex_number, $this->attributes['shadowMin'][0])) $errors['shadowMin'][] = $this->messages['shadowMin']; - if ( !ereg($this->regex_number, $this->attributes['shadowMax'][0])) $errors['shadowMax'][] = $this->messages['shadowMax']; - if ( $this->attributes['shadowMin'][0] > $this->attributes['shadowMax'][0]) $errors['shadowMin'][] = $this->messages['shadow_cmp']; - if ( !ereg($this->regex_inactive, $this->attributes['shadowInactive'][0])) $errors['shadowInactive'][] = $this->messages['inactive']; - if ( !ereg($this->regex_number, $this->attributes['shadowWarning'][0])) $errors['shadowWarning'][] = $this->messages['shadowWarning']; + if ( !get_preg($this->attributes['shadowMin'][0], 'digit')) $errors['shadowMin'][] = $this->messages['shadowMin'][0]; + if ( !get_preg($this->attributes['shadowMax'][0], 'digit')) $errors['shadowMax'][] = $this->messages['shadowMax'][0]; + if ( $this->attributes['shadowMin'][0] > $this->attributes['shadowMax'][0]) $errors['shadowMin'][] = $this->messages['shadow_cmp'][0]; + if ( !get_preg($this->attributes['shadowInactive'][0], 'digit2')) $errors['shadowInactive'][] = $this->messages['inactive'][0]; + if ( !get_preg($this->attributes['shadowWarning'][0], 'digit')) $errors['shadowWarning'][] = $this->messages['shadowWarning'][0]; if (is_array($errors)) return $errors; return 0; }