inetOrgPerson and posixAccount version should be near finish.
Design may be improved. A small part of module-handling should work now.
This commit is contained in:
parent
480cfccf88
commit
e9cdb7d16a
|
@ -202,6 +202,100 @@ class cache {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Main-Module. Contains basic module functions have to be loaded first
|
||||||
|
* It also chooses which page to show.
|
||||||
|
*/
|
||||||
|
class main {
|
||||||
|
// This variable stores the number of the current displayed page
|
||||||
|
var $current_page;
|
||||||
|
// This variable os set to the pagename of a subpage if it should be displayed
|
||||||
|
var $subpage;
|
||||||
|
// reference to base-array so we can read other classes in basearray
|
||||||
|
var $base;
|
||||||
|
// Localized part of HTML-Header
|
||||||
|
var $header;
|
||||||
|
|
||||||
|
function main() {
|
||||||
|
$this->current_page = 0;
|
||||||
|
$this->subpage = '';
|
||||||
|
/* Create a reference to basearray so we can read all other modules
|
||||||
|
* php will avaois recousrion itself
|
||||||
|
*/
|
||||||
|
$this->base = &$baseobject;
|
||||||
|
$this->header = &$_SESSION['header'];
|
||||||
|
}
|
||||||
|
|
||||||
|
/* This function returns a list with all required modules
|
||||||
|
*/
|
||||||
|
function dependencies() {
|
||||||
|
return array();
|
||||||
|
}
|
||||||
|
|
||||||
|
/* This function will process transmitted data
|
||||||
|
* and decides which page show next.
|
||||||
|
*/
|
||||||
|
function main_continue() {
|
||||||
|
// Which data should be processed?
|
||||||
|
if ($this->subpage=='') $this->subpage='attributes';
|
||||||
|
$function = '$result = $this->base->module[$this->base->order[$this->current_page]]->process_'.$this->subpage.'($_POST);';
|
||||||
|
eval ($function);
|
||||||
|
if (is_string($return)) $this->subpage = $return;
|
||||||
|
if (is_int($return)) {
|
||||||
|
for ($i=0; $i<count($this->base->order); $i++ ) {
|
||||||
|
if ($_POST['form_main_'.$this->base->order[$i]]) $this->current_page = $i;
|
||||||
|
}
|
||||||
|
$this->subpage='attributes';
|
||||||
|
}
|
||||||
|
|
||||||
|
// Write HTML-Code
|
||||||
|
echo $this->header;
|
||||||
|
echo "<title>";
|
||||||
|
echo _("Create new Account");
|
||||||
|
echo "</title>\n";
|
||||||
|
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../../style/layout.css\">\n";
|
||||||
|
echo "</head><body>\n";
|
||||||
|
echo "<form action=\"useredit.php\" method=\"post\">\n";
|
||||||
|
// Display errir-messages
|
||||||
|
if (is_array($result))
|
||||||
|
for ($i=0; $i<sizeof($result); $i++) StatusMessage($result[$i][0], $result[$i][1], $result[$i][2]);
|
||||||
|
|
||||||
|
// Create left module-menu
|
||||||
|
echo "<table border=0 width=\"100%\">\n<tr><td valign=\"top\" width=\"15%\" >";
|
||||||
|
echo "<table><tr>";
|
||||||
|
echo "<td><fieldset class=\"useredit-dark\"><legend class=\"useredit-bright\"><b>";
|
||||||
|
echo _('Please select page:');
|
||||||
|
echo "</b></legend>\n";
|
||||||
|
// Loop for module
|
||||||
|
for ($i=0; $i<count($this->base->order); $i++ ) {
|
||||||
|
if ($this->base->order[$i]==$this->base->order[$this->current_page]) {
|
||||||
|
// print disabled button
|
||||||
|
echo "<input name=\"form_main_".$this->base->order[$i]."\" type=\"submit\" value=\"";
|
||||||
|
echo $this->base->module[$this->base->order[$i]]->alias;
|
||||||
|
echo " disabled\">\n<br>";
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
// print normal button
|
||||||
|
echo "<input name=\"form_main_".$this->base->order[$i]."\" type=\"submit\" value=\"";
|
||||||
|
echo $this->base->module[$this->base->order[$i]]->alias;
|
||||||
|
echo "\">\n<br>";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// *** Fixme add reset-button
|
||||||
|
echo "</fieldset></td></tr>\n";
|
||||||
|
echo "</table></td>\n<td>";
|
||||||
|
// display html-code from mdule
|
||||||
|
$function = '$result = $this->base->module[$this->base->order[$this->current_page]]->display_html_'.$this->subpage.'($_POST);';
|
||||||
|
eval ($function);
|
||||||
|
// Display rest of html-page
|
||||||
|
echo "</td></tr></table>\n";
|
||||||
|
echo "</form>\n";
|
||||||
|
echo "</body>\n";
|
||||||
|
echo "</html>\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
class accountContainer {
|
class accountContainer {
|
||||||
|
@ -218,6 +312,8 @@ class accountContainer {
|
||||||
$this->type = $type;
|
$this->type = $type;
|
||||||
$this->lampath = &$_SESSION['lampath'];
|
$this->lampath = &$_SESSION['lampath'];
|
||||||
$this->ldap = &$_SESSION['ldap'];
|
$this->ldap = &$_SESSION['ldap'];
|
||||||
|
$this->cache = &$_SESSION['cache'];
|
||||||
|
$this->module['main'] = new main($this);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -232,6 +328,11 @@ class accountContainer {
|
||||||
var $lampath; // reference to lampath from Session
|
var $lampath; // reference to lampath from Session
|
||||||
var $ldap; // This is a reference to the ldap class in session
|
var $ldap; // This is a reference to the ldap class in session
|
||||||
var $module; // This is an array with all module objects
|
var $module; // This is an array with all module objects
|
||||||
|
// DN of the account
|
||||||
|
var $dn;
|
||||||
|
var $dn_orig;
|
||||||
|
// this are stores the module order
|
||||||
|
var $order;
|
||||||
|
|
||||||
/* Get the type of account. Valid
|
/* Get the type of account. Valid
|
||||||
* types are: user, group, host
|
* types are: user, group, host
|
||||||
|
@ -240,6 +341,14 @@ class accountContainer {
|
||||||
return $this->type;
|
return $this->type;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* This function asks $this->module['main']
|
||||||
|
* what to do next
|
||||||
|
*/
|
||||||
|
function continue_main() {
|
||||||
|
$this->module['main']->main_continue();
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
/* Add attributes to variable. Syntax is array( attribute = array ( objectClass1 => MUST|MAX, objectClass2 => MUST|MAY ), ... )
|
/* Add attributes to variable. Syntax is array( attribute = array ( objectClass1 => MUST|MAX, objectClass2 => MUST|MAY ), ... )
|
||||||
*/
|
*/
|
||||||
function add_attributes($objectClass) {
|
function add_attributes($objectClass) {
|
||||||
|
@ -351,14 +460,88 @@ class accountContainer {
|
||||||
if ($line==-1) trigger_error (_("objectClass $objectClass required but not defined in ldap."), E_USER_WARNING);
|
if ($line==-1) trigger_error (_("objectClass $objectClass required but not defined in ldap."), E_USER_WARNING);
|
||||||
else {
|
else {
|
||||||
// Add module if it exists
|
// Add module if it exists
|
||||||
if (filetype($this->lampath."/lib/modules/".$objectClass.".inc") == 'file') {
|
if (file_exists($this->lampath."/lib/modules/".$objectClass.".inc") == 'file') {
|
||||||
include_once ($this->lampath."/lib/modules/".$objectClass.".inc");
|
include_once ($this->lampath."/lib/modules/".$objectClass.".inc");
|
||||||
$this->module[$objectClass] = new $objectClass($this);
|
$this->module[$objectClass] = new $objectClass($this);
|
||||||
}
|
}
|
||||||
|
else trigger_error (_("objectClass $objectClass required but no module found."), E_USER_WARNING);
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* This function will load an account.
|
||||||
|
* $dn is the dn of the account which should be loaded
|
||||||
|
*/
|
||||||
|
function load_account($dn) {
|
||||||
|
$search = substr($dn, 0, strpos($dn, ','));
|
||||||
|
$result = ldap_search($this->ldap->server(), $dn, $search);
|
||||||
|
$entry = ldap_first_entry($this->ldap->server(), $result);
|
||||||
|
$this->dn = substr($dn, strpos($dn, ',')+1);
|
||||||
|
$this->dn_orig = $dn;
|
||||||
|
$attr = ldap_get_attributes($_SESSION['ldap']->server(), $entry);
|
||||||
|
if (isset($attr['objectClass']['count'])) unset($attr['objectClass']['count']);
|
||||||
|
// Add objects
|
||||||
|
foreach ($attr['objectClass'] as $objectClass) $this->add_objectClass($objectClass);
|
||||||
|
// load attributes
|
||||||
|
foreach ($attr['objectClass'] as $objectClass) if (isset($this->module[$objectClass])) $this->module[$objectClass]->load_attributes($attr);
|
||||||
|
// sortm modules and make all active because all required attributes should be set
|
||||||
|
$module = array_keys ($this->module);
|
||||||
|
$modulelist = array();
|
||||||
|
// *** fixme add modules from config which should be used but not yet in loaded account
|
||||||
|
|
||||||
|
// loop until all modules are in order.
|
||||||
|
// We don't want to loop forever
|
||||||
|
$remain = count($module) * count($module);
|
||||||
|
while ( (count($module) != count($modulelist)) && ($remain!=0) ) {
|
||||||
|
$remain--;
|
||||||
|
foreach ($module as $moduleitem) {
|
||||||
|
$required = $this->module[$moduleitem]->dependencies;
|
||||||
|
$everything_found = true;
|
||||||
|
if (is_array($required))
|
||||||
|
foreach ($required as $requireditem)
|
||||||
|
if (!in_array($reuquireditem, $modulelist)) $everthing_found = false;
|
||||||
|
if ($everything_found) $modulelist[] = $moduleitem;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// Write Module-Order in variable
|
||||||
|
$this->order = $modulelist;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* This function will prepare the object
|
||||||
|
* for a new account
|
||||||
|
*/
|
||||||
|
function new_account() {
|
||||||
|
$modulelist = array();
|
||||||
|
// *** fixme add modules from config which should be used but not yet in loaded account
|
||||||
|
$module = array_keys ($this->module);
|
||||||
|
|
||||||
|
// loop until all modules are in order.
|
||||||
|
// We don't want to loop forever
|
||||||
|
$remain = count($module) * count($module);
|
||||||
|
while ( (count($module) != count($modulelist)) && ($remain!=0) ) {
|
||||||
|
$remain--;
|
||||||
|
foreach ($module as $moduleitem) {
|
||||||
|
$required = $this->module[$moduleitem]->dependencies;
|
||||||
|
$everything_found = true;
|
||||||
|
if (is_array($required))
|
||||||
|
foreach ($required as $requireditem)
|
||||||
|
if (!in_array($reuquireditem, $modulelist)) $everthing_found = false;
|
||||||
|
if ($everything_found) $modulelist[] = $moduleitem;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// Write Module-Order in variable
|
||||||
|
$this->order = $modulelist;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* This function will load an account.
|
||||||
|
* $dn is the dn of the account which should be loaded
|
||||||
|
*/
|
||||||
|
function save_account() {
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -46,23 +46,21 @@ $Id$
|
||||||
|
|
||||||
class inetOrgPerson {
|
class inetOrgPerson {
|
||||||
// Constructor
|
// Constructor
|
||||||
function inetOrgPerson(&$basearray) {
|
function inetOrgPerson(&$baseobject) {
|
||||||
/* Return an error if posixAccount should be created without
|
/* Return an error if posixAccount should be created without
|
||||||
* base container
|
* base container
|
||||||
*/
|
*/
|
||||||
if (!$basearray) trigger_error(_('Please create a new object with $array[] = new posixAccount($array);'), E_USER_ERROR);
|
if (!$baseobject) trigger_error(_('Please create a base object with $var = new accountContainer();'), E_USER_ERROR);
|
||||||
// Check if $basearray is an array
|
// Check if $baseobject is an array
|
||||||
if (!is_object($basearray)) trigger_error(_('Please create a new module object with $accountContainer->add_objectClass(\'inetOrgPerson\');'), E_USER_ERROR);
|
if (!is_object($baseobject)) trigger_error(_('Please create a new module object with $accountContainer->add_objectClass(\'inetOrgPerson\');'), E_USER_ERROR);
|
||||||
// posixAccount is only a valid objectClass for user and host
|
// posixAccount is only a valid objectClass for user and host
|
||||||
if ($basearray->get_type() != 'user') trigger_error(_('inetOrgPerson can only be used for users.'), E_USER_WARNING);
|
if ($baseobject->get_type() != 'user') trigger_error(_('inetOrgPerson can only be used for users.'), E_USER_WARNING);
|
||||||
/* Create a reference to basearray so we can read all other modules
|
/* Create a reference to basearray so we can read all other modules
|
||||||
* php will avaois recousrion itself
|
* php will avaois recousrion itself
|
||||||
*/
|
*/
|
||||||
$this->base = &$basearray;
|
$this->base = &$baseobject;
|
||||||
// Add attributes which should be cached
|
// Add attributes which should be cached
|
||||||
$_SESSION['cache']->add_cache(array ('user' => array('cn', 'uid'), 'host' => array('cn', 'uid') ));
|
//$_SESSION['cache']->add_cache(array ('user' => array('cn', 'uid'), 'host' => array('cn', 'uid') ));
|
||||||
// Add Array with all attributes and type
|
|
||||||
$basearray->add_attributes ('inetOrgPerson');
|
|
||||||
|
|
||||||
// Add account type to object
|
// Add account type to object
|
||||||
$line=-1;
|
$line=-1;
|
||||||
|
@ -70,7 +68,9 @@ class inetOrgPerson {
|
||||||
if (strpos($this->base->ldap->objectClasses[$i], "NAME 'inetOrgPerson'")) $line = $i;
|
if (strpos($this->base->ldap->objectClasses[$i], "NAME 'inetOrgPerson'")) $line = $i;
|
||||||
}
|
}
|
||||||
// Return error if objectClass isn't found
|
// Return error if objectClass isn't found
|
||||||
if ($line==-1) trigger_error (_("objectClass objectClass required but not defined in ldap."), E_USER_WARNING);
|
if ($line==-1) trigger_error (sprintf(_("ObjectClass %s required but not defined in ldap."), 'inetOrgPerson'), E_USER_WARNING);
|
||||||
|
// Add Array with all attributes and type
|
||||||
|
$baseobject->add_attributes ('inetOrgPerson');
|
||||||
// create array with must-attributes
|
// create array with must-attributes
|
||||||
// Get startposition in string
|
// Get startposition in string
|
||||||
if (strpos($this->base->ldap->objectClasses[$line], 'MUST (')) {
|
if (strpos($this->base->ldap->objectClasses[$line], 'MUST (')) {
|
||||||
|
@ -104,6 +104,7 @@ class inetOrgPerson {
|
||||||
if (strpos($this->base->ldap->objectClasses[$i], "NAME '$subclass'")) $line = $i;
|
if (strpos($this->base->ldap->objectClasses[$i], "NAME '$subclass'")) $line = $i;
|
||||||
}
|
}
|
||||||
// Return error if objectClass isn't found
|
// Return error if objectClass isn't found
|
||||||
|
// *** fixme, fix error message
|
||||||
if ($line==-1) trigger_error (_("objectClass objectClass required but not defined in ldap."), E_USER_WARNING);
|
if ($line==-1) trigger_error (_("objectClass objectClass required but not defined in ldap."), E_USER_WARNING);
|
||||||
|
|
||||||
// create array with must-attributes
|
// create array with must-attributes
|
||||||
|
@ -182,8 +183,7 @@ class inetOrgPerson {
|
||||||
/* This function returns a list with all required modules
|
/* This function returns a list with all required modules
|
||||||
*/
|
*/
|
||||||
function dependencies() {
|
function dependencies() {
|
||||||
// return error if unsupported type is used
|
return array('main');
|
||||||
return array();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Write variables into object and do some regexp checks
|
/* Write variables into object and do some regexp checks
|
||||||
|
@ -207,9 +207,9 @@ class inetOrgPerson {
|
||||||
$this->attributes['postalAddress'] = $_POST['form_inetOrgPerson_postalAddress'];
|
$this->attributes['postalAddress'] = $_POST['form_inetOrgPerson_postalAddress'];
|
||||||
$this->attributes['employeeType'] = $_POST['form_inetOrgPerson_employeeType'];
|
$this->attributes['employeeType'] = $_POST['form_inetOrgPerson_employeeType'];
|
||||||
|
|
||||||
if ($_POST['form_inetOrgPerson_userPassword_no']; $this->userPassword_no=true;
|
if ($_POST['form_inetOrgPerson_userPassword_no']) $this->userPassword_no=true;
|
||||||
else $this->userPassword_no=false;
|
else $this->userPassword_no=false;
|
||||||
if ($_POST['form_inetOrgPerson_userPassword_lock']; $this->userPassword_lock=true;
|
if ($_POST['form_inetOrgPerson_userPassword_lock']) $this->userPassword_lock=true;
|
||||||
else $this->userPassword_lock=false;
|
else $this->userPassword_lock=false;
|
||||||
if (isset($_POST['form_inetOrgPerson_userPassword'])) {
|
if (isset($_POST['form_inetOrgPerson_userPassword'])) {
|
||||||
if ($_POST['form_inetOrgPerson_userPassword'] != $_POST['form_inetOrgPerson_userPassword2']) {
|
if ($_POST['form_inetOrgPerson_userPassword'] != $_POST['form_inetOrgPerson_userPassword2']) {
|
||||||
|
@ -230,9 +230,9 @@ class inetOrgPerson {
|
||||||
// Create automatic useraccount with number if original user already exists
|
// Create automatic useraccount with number if original user already exists
|
||||||
// Reset name to original name if new name is in use
|
// Reset name to original name if new name is in use
|
||||||
// Set username back to original name if new username is in use
|
// Set username back to original name if new username is in use
|
||||||
if (incache($this->attributes['uid'],'uid', '*')!=$this->orig['uid'] && ($this->orig['uid']!='')) $this->attributes['uid'] = $this->orig['uid'];
|
if ($this->base->cache->in_cache($this->attributes['uid'],'uid', '*')!=$this->orig['uid'] && ($this->orig['uid']!='')) $this->attributes['uid'] = $this->orig['uid'];
|
||||||
// Change uid to a new uid until a free uid is found
|
// Change uid to a new uid until a free uid is found
|
||||||
while (incache($this->attributes['uid'], 'uid', '*')) {
|
while ($this->base->cache->in_cache($this->attributes['uid'], 'uid', '*')) {
|
||||||
// get last character of username
|
// get last character of username
|
||||||
$lastchar = substr($this->attributes['uid'], strlen($this->attributes['uid'])-1, 1);
|
$lastchar = substr($this->attributes['uid'], strlen($this->attributes['uid'])-1, 1);
|
||||||
// Last character is no number
|
// Last character is no number
|
||||||
|
@ -296,8 +296,8 @@ class inetOrgPerson {
|
||||||
foreach ($attributes as $attribute) {
|
foreach ($attributes as $attribute) {
|
||||||
if (isset($this->attributes[$attribute])) {
|
if (isset($this->attributes[$attribute])) {
|
||||||
// decode as unicode
|
// decode as unicode
|
||||||
for ($i=0; $i<count($this->attributes[$attribute]); $i++) $this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
|
|
||||||
$this->attributes[$attribute] = $attr[$attribute];
|
$this->attributes[$attribute] = $attr[$attribute];
|
||||||
|
for ($i=0; $i<count($this->attributes[$attribute]); $i++) $this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
// Values are kept as copy so we can compare old attributes with new attributes
|
// Values are kept as copy so we can compare old attributes with new attributes
|
||||||
|
@ -323,17 +323,16 @@ class inetOrgPerson {
|
||||||
// Get list of all "easy" attributes
|
// Get list of all "easy" attributes
|
||||||
$attr_names = array_keys($attributes);
|
$attr_names = array_keys($attributes);
|
||||||
foreach ($attr_names as $attr_name) {
|
foreach ($attr_names as $attr_name) {
|
||||||
// *** fixme, encode as unicode
|
|
||||||
if (count($this->attributes[$attr_name])!=0 && count($this->orig[$attr_name])==0) $return[$this->base['dn']]['add'][$attr_name] = $this->attributes[$attr_name];
|
if (count($this->attributes[$attr_name])!=0 && count($this->orig[$attr_name])==0) $return[$this->base['dn']]['add'][$attr_name] = $this->attributes[$attr_name];
|
||||||
if (count($this->attributes[$attr_name])!=0 && count($this->orig[$attr_name])!=0) {
|
if (count($this->attributes[$attr_name])!=0 && count($this->orig[$attr_name])!=0) {
|
||||||
// We have to check every single attribute
|
// We have to check every single attribute
|
||||||
// Get attributes which should be added
|
// Get attributes which should be added
|
||||||
$attributes = ldap_delete($this->orig[$attr_name], $this->attributes[$attr_name]);
|
$attributes = array_delete($this->orig[$attr_name], $this->attributes[$attr_name]);
|
||||||
// Encode as unicode
|
// Encode as unicode
|
||||||
for ($i=0; $i<count($attributes); $i++) $attributes[$i] = utf8_encode ($attributes[$i]);
|
for ($i=0; $i<count($attributes); $i++) $attributes[$i] = utf8_encode ($attributes[$i]);
|
||||||
if (count($attributes)!=0) $return[$this->base['dn']]['add'][$attr_name] = $attributes;
|
if (count($attributes)!=0) $return[$this->base['dn']]['add'][$attr_name] = $attributes;
|
||||||
// Get attributes which should be removed
|
// Get attributes which should be removed
|
||||||
$attributes = ldap_delete($this->attributes[$attr_name], $this->orig[$attr_name]);
|
$attributes = array_delete($this->attributes[$attr_name], $this->orig[$attr_name]);
|
||||||
// Encode as unicode
|
// Encode as unicode
|
||||||
for ($i=0; $i<count($attributes); $i++) $attributes[$i] = utf8_encode ($attributes[$i]);
|
for ($i=0; $i<count($attributes); $i++) $attributes[$i] = utf8_encode ($attributes[$i]);
|
||||||
if (count($attributes)!=0) $return[$this->base['dn']]['remove'][$attr_name] = $attributes;
|
if (count($attributes)!=0) $return[$this->base['dn']]['remove'][$attr_name] = $attributes;
|
||||||
|
@ -373,6 +372,7 @@ class inetOrgPerson {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
return $return;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* This function returns all ldap attributes
|
/* This function returns all ldap attributes
|
||||||
|
|
|
@ -33,15 +33,10 @@ $Id$
|
||||||
* dn_orig: old DN if account was loaded with uid= or cn=
|
* dn_orig: old DN if account was loaded with uid= or cn=
|
||||||
|
|
||||||
* External functions which are used
|
* External functions which are used
|
||||||
* account.inc: findgroups, incache, getcache, array_delete, getshells
|
* account.inc: findgroups, incache, get_cache, array_delete, getshells
|
||||||
* ldap.inc: pwd_is_enabled, pwd_hash
|
* ldap.inc: pwd_is_enabled, pwd_hash
|
||||||
*/
|
*/
|
||||||
|
|
||||||
// *** fixme, start session if not yet done
|
|
||||||
// *** fixme set language if not yet done
|
|
||||||
include_once('../ldap.inc');
|
|
||||||
include_once('../account.inc');
|
|
||||||
|
|
||||||
/* This class contains all posixAccount LDAP attributes
|
/* This class contains all posixAccount LDAP attributes
|
||||||
* and funtioncs required to deal with posixAccount
|
* and funtioncs required to deal with posixAccount
|
||||||
* posixAccount can only be created when it should be added
|
* posixAccount can only be created when it should be added
|
||||||
|
@ -59,112 +54,130 @@ include_once('../account.inc');
|
||||||
*/
|
*/
|
||||||
class posixAccount {
|
class posixAccount {
|
||||||
// Constructor
|
// Constructor
|
||||||
function posixAccount(&$basearray=false) {
|
function posixAccount(&$baseobject) {
|
||||||
/* Return an error if posixAccount should be created without
|
/* Return an error if posixAccount should be created without
|
||||||
* base container
|
* base container
|
||||||
*/
|
*/
|
||||||
if (!$basearray) die _('Please create a new object with $array[] = new posixAccount($array);');
|
if (!$baseobject) trigger_error(_('Please create a base object with $var = new accountContainer();'), E_USER_ERROR);
|
||||||
// Check if $basearray is an array
|
// Check if $baseobject is an array
|
||||||
if (!is_array($basearray)) die _('Please create a new object with $array[] = new posixAccount($array);');
|
if (!is_object($baseobject)) trigger_error(_('Please create a new module object with $accountContainer->add_objectClass(\'posixAccount\');'), E_USER_ERROR);
|
||||||
// posixAccount is only a valid objectClass for user and host
|
// posixAccount is only a valid objectClass for user and host
|
||||||
if !($basearray['type'] == 'host' || $basearray['type'] == 'user') die _('posixAccount can only be used for users and hosts.');
|
if (!($baseobject->get_type() == 'user' || $baseobject->get_type() != 'host')) trigger_error(_('posixAccount can only be used for users or hosts.'), E_USER_WARNING);
|
||||||
/* Create a reference to basearray so we can read all other modules
|
/* Create a reference to basearray so we can read all other modules
|
||||||
* php will avaois recousrion itself
|
* php will avaois recousrion itself
|
||||||
*/
|
*/
|
||||||
$this->base = &$basearray;
|
$this->base = &$baseobject;
|
||||||
/* Check if ldap conatiner is in array and set type
|
/* Check if ldap conatiner is in array and set type
|
||||||
* users are using inetOrgPerson-, hosts account-container
|
* users are using inetOrgPerson-, hosts account-container
|
||||||
*/
|
*/
|
||||||
foreach ($basearray as $singleobject) {
|
if (!isset($this->base->module['inetOrgPerson']) && $this->base->type=='user') $this->base->add_objectClass('inetOrgPerson');
|
||||||
if (is_a($singleobject, 'account') && $basearray['type'] == 'host') $found = true;
|
if (!isset($this->base->module['account']) && $this->base->type=='host') $this->base->add_objectClass('account');
|
||||||
if (is_a($singleobject, 'inetOrgPerson') && $basearray['type'] == 'user') $found = true;
|
// Add account type to object
|
||||||
|
$line=-1;
|
||||||
|
for ($i=0; $i<count($this->base->ldap->objectClasses) || $i==-1; $i++) {
|
||||||
|
if (strpos($this->base->ldap->objectClasses[$i], "NAME 'posixAccount'")) $line = $i;
|
||||||
}
|
}
|
||||||
// Add needed objectClasses if not yet in array
|
// Return error if objectClass isn't found
|
||||||
if (!$found) {
|
if ($line==-1) trigger_error (sprintf(_("ObjectClass %s required but not defined in ldap."), 'posixAccount'), E_USER_WARNING);
|
||||||
if ($basearray['type']=='user') {
|
// Add Array with all attributes and type
|
||||||
if (class_exists('inetOrgPerson')) $basearray[] = new inetOrgPerson($basearray);
|
$baseobject->add_attributes ('posixAccount');
|
||||||
else die _('Objectclass inetOrgPerson not found.');
|
// create array with must-attributes
|
||||||
}
|
// Get startposition in string
|
||||||
if ($basearray['type']=='host') {
|
if (strpos($this->base->ldap->objectClasses[$line], 'MUST (')) {
|
||||||
if (class_exists('account')) $basearray[] = new account($basearray);
|
$string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MUST (')+6);
|
||||||
else die _('Objectclass account not found.');
|
// Now we have a string with all must-attributes
|
||||||
|
$string = substr($string_withtail, 0, strpos($string_withtail, ')'));
|
||||||
|
$string = trim($string);
|
||||||
|
// Ad must
|
||||||
|
foreach (explode(" $ ", $string) as $attribute) {
|
||||||
|
$this->attributes[$attribute] = '';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
// create array with may-attributes
|
||||||
|
// Get startposition in string
|
||||||
|
if (strpos($this->base->ldap->objectClasses[$line], 'MAY (')) {
|
||||||
|
$string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MAY (')+5);
|
||||||
|
// Now we have a string with all must-attributes
|
||||||
|
$string = substr($string_withtail, 0, strpos($string_withtail, ')'));
|
||||||
|
$string = trim($string);
|
||||||
|
// Ad may
|
||||||
|
foreach (explode(" $ ", $string) as $attribute) {
|
||||||
|
$this->attributes[$attribute] = '';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// Get attributes of subclasses
|
||||||
|
while (strpos($this->base->ldap->objectClasses[$line], "SUP ")) {
|
||||||
|
$string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'SUP ')+4);
|
||||||
|
$subclass = substr($string_withtail, 0, strpos($string_withtail, ' '));
|
||||||
|
// Add account type to object
|
||||||
|
for ($i=0; $i<count($this->base->ldap->objectClasses) || $i==-1; $i++) {
|
||||||
|
if (strpos($this->base->ldap->objectClasses[$i], "NAME '$subclass'")) $line = $i;
|
||||||
|
}
|
||||||
|
// Return error if objectClass isn't found
|
||||||
|
// *** fixme, fix error message
|
||||||
|
if ($line==-1) trigger_error (_("objectClass objectClass required but not defined in ldap."), E_USER_WARNING);
|
||||||
|
|
||||||
|
// create array with must-attributes
|
||||||
|
// Get startposition in string
|
||||||
|
if (strpos($this->base->ldap->objectClasses[$line], 'MUST (')) {
|
||||||
|
$string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MUST (')+6);
|
||||||
|
// Now we have a string with all must-attributes
|
||||||
|
$string = substr($string_withtail, 0, strpos($string_withtail, ')'));
|
||||||
|
$string = trim($string);
|
||||||
|
// Ad must
|
||||||
|
foreach (explode(" $ ", $string) as $attribute) {
|
||||||
|
$this->attributes[$attribute] = '';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// create array with may-attributes
|
||||||
|
// Get startposition in string
|
||||||
|
if (strpos($this->base->ldap->objectClasses[$line], 'MAY (')) {
|
||||||
|
$string_withtail = substr($this->base->ldap->objectClasses[$line], strpos($this->base->ldap->objectClasses[$line], 'MAY (')+5);
|
||||||
|
// Now we have a string with all must-attributes
|
||||||
|
$string = substr($string_withtail, 0, strpos($string_withtail, ')'));
|
||||||
|
$string = trim($string);
|
||||||
|
// Ad may
|
||||||
|
foreach (explode(" $ ", $string) as $attribute) {
|
||||||
|
$this->attributes[$attribute] = '';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$this->alias = _('posixAccount');
|
||||||
|
// Add attributes which should be cached
|
||||||
|
$_SESSION['cache']->add_cache(array ('user' => array('cn', 'uid', 'uidNumber'), 'host' => array('cn', 'uid', 'uidNumber'), 'group' => array('cn', 'memberUid')));
|
||||||
/* Check if at least one group does exist in ldap
|
/* Check if at least one group does exist in ldap
|
||||||
*/
|
*/
|
||||||
$groups = findgroups(); // list of all groupnames
|
$groups = findgroups(); // list of all groupnames
|
||||||
if (count($groups)==0) die _('Please create a group first.');
|
if (count($groups)==0) trigger_error(_('No groups found in ldap.'), E_USER_WARNING);
|
||||||
/* This array contains all attributes which have to be cached for performance
|
|
||||||
* reasons.
|
// Make references to attributes which already esists in ldap
|
||||||
*/
|
$newattributes = array_keys($this->attributes);
|
||||||
$_SESSION['cacheAttributes'] = array_merge ($_SESSION['cacheAttributes'], array ('user' => array('cn', 'uid', 'uidNumber'), 'host' => array('cn', 'uid', 'uidNumber') ) );
|
$module = array_keys($this->base->module);
|
||||||
// unique array
|
// fixme *** do we have to unset module posixAccuont itself
|
||||||
$_SESSION['cacheAttributes'] = array_unique ($_SESSION['cacheAttributes']);
|
for ($i=0; $i<count($module); $i++) {
|
||||||
// Array with all attributes and type
|
foreach ($newattributes as $attribute)
|
||||||
$basearray['attributes'] = array_merge ($basearray['attributes'], array ( 0 => array('cn', 'string', 'must'), 1 => array('uid', 'string', 'must'), 2 => array('uidNumber', 'string', 'must'), 3 => array('gidNumber', 'string', 'must'),
|
if (isset($this->base->module[$module[$i]]->attributes[$attribute])) $this->attributes[$attribute] = &$this->base->module[$module[$i]]->attributes[$attribute];
|
||||||
4 => array('homeDirectory', 'string', 'must'), 5 => array('loginShell', 'string', 'may'), 6 => array('gecos', 'string', 'may'), 7 => array('description', 'string', 'may'),
|
}
|
||||||
8 => array('userPassword', 'function', 'may'), 9 => array('userPassword_no', 'boolean', 'may'), 10 => array('userPassword_lock', 'boolean', 'may') ));
|
$this->orig = $this->attributes ;
|
||||||
// unique array
|
|
||||||
$basearray['attributes'] = array_unique($basearray['attributes']);
|
|
||||||
// Add account type to object
|
|
||||||
$orig = array( 'uid' => '', 'uidNumber' => '', 'gidNumber' => '', 'homeDirectory' => '', 'loginShell' => '', 'gecos' => '',
|
|
||||||
'description' => '', 'enc_userPassword' => '', 'groups' => array() );
|
|
||||||
$this->alias = _('posixAccount');
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Variables
|
// Variables
|
||||||
// Alias Name. This name is shown in the menu instead of posixAccount
|
// Alias Name. This name is shown in the menu instead of posixAccount
|
||||||
var $alias;
|
var $alias;
|
||||||
// original name is userPassword. This variable is used to store the encrypted password
|
|
||||||
var $enc_userPassword;
|
|
||||||
// reference to base-array so we can read other classes in basearray
|
// reference to base-array so we can read other classes in basearray
|
||||||
var $base;
|
var $base;
|
||||||
// Use a unix password?
|
|
||||||
var $userPassword_no;
|
|
||||||
// Lock account?
|
|
||||||
var $userPassword_lock;
|
|
||||||
// Array with all groups the user should also be member of
|
|
||||||
var $groups;
|
|
||||||
// LDAP attributes
|
|
||||||
// These attributes have to be set in ldap
|
|
||||||
var $uid;
|
|
||||||
var $uidNumber;
|
|
||||||
var $gidNumber;
|
|
||||||
var $homeDirectory;
|
|
||||||
// These attributes doesn't have to be set in ldap
|
|
||||||
var $loginShell;
|
|
||||||
var $gecos;
|
|
||||||
var $description;
|
|
||||||
/* This function will return the unencrypted password when
|
|
||||||
* called without a variable
|
|
||||||
* If it's called with a new password, the
|
|
||||||
* new password will be stored encrypted
|
|
||||||
*/
|
|
||||||
function userPassword($newpassword='') {
|
|
||||||
// Read existing password if set
|
|
||||||
if ($newpassword='') {
|
|
||||||
if ($this->enc_userPassword != '') {
|
|
||||||
$iv = base64_decode($_COOKIE["IV"]);
|
|
||||||
$key = base64_decode($_COOKIE["Key"]);
|
|
||||||
$password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($this->enc_userPassword), MCRYPT_MODE_ECB, $iv);
|
|
||||||
$password = str_replace(chr(00), '', $password);
|
|
||||||
return $password;
|
|
||||||
}
|
|
||||||
else return '';
|
|
||||||
}
|
|
||||||
// Write new password
|
|
||||||
else {
|
|
||||||
$iv = base64_decode($_COOKIE["IV"]);
|
|
||||||
$key = base64_decode($_COOKIE["Key"]);
|
|
||||||
$this->enc_userPassword = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $newpassword, MCRYPT_MODE_ECB, $iv));
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
// This variable contains all inetOrgPerson attributes
|
||||||
|
var $attributes;
|
||||||
/* If an account was loaded all attributes are kept in this array
|
/* If an account was loaded all attributes are kept in this array
|
||||||
* to compare it with new changed attributes
|
* to compare it with new changed attributes
|
||||||
*/
|
*/
|
||||||
var $orig;
|
var $orig;
|
||||||
|
/* These two variables keep an array of groups the
|
||||||
|
* user is also member of.
|
||||||
|
*/
|
||||||
|
var $groups;
|
||||||
|
var $groups_orig;
|
||||||
|
|
||||||
/* This function returns a list with all required modules
|
/* This function returns a list with all required modules
|
||||||
*/
|
*/
|
||||||
|
@ -179,75 +192,11 @@ class posixAccount {
|
||||||
*/
|
*/
|
||||||
function proccess_attributes() {
|
function proccess_attributes() {
|
||||||
// Load attributes
|
// Load attributes
|
||||||
$this->uid = $_POST['form_posixAccount_uid'];
|
$this->attributes['uidNumber'] = $_POST['form_posixAccount_uidNumber'];
|
||||||
if ($this->base['type']=='user') $this->uid &= $this->base['inetOrgPerson']->cn;
|
$this->attributes['gidNumber'] = getgrnam($_POST['form_posixAccount_gidNumber']);
|
||||||
if ($this->base['type']=='host') $this->uid &= $this->base['account']->cn;
|
$this->attributes['homeDirectory'] = $_POST['form_posixAccount_homeDirectory'];
|
||||||
$this->uidNumber = $_POST['form_posixAccount_uidNumber'];
|
$this->attributes['loginShell'] = $_POST['form_posixAccount_loginShell'];
|
||||||
$this->gidNumber = getgrnam($_POST['form_posixAccount_gidNumber']);
|
$this->attributes['gecos'] = $_POST['form_posixAccount_gecos'];
|
||||||
$this->homeDirectory = $_POST['form_posixAccount_homeDirectory'];
|
|
||||||
$this->loginShell = $_POST['form_posixAccount_loginShell'];
|
|
||||||
$this->gecos = $_POST['form_posixAccount_gecos'];
|
|
||||||
$this->description = $_POST['form_posixAccount_description'];
|
|
||||||
if ($_POST['form_posixAccount_userPassword_no']; $this->userPassword_no=true;
|
|
||||||
else $this->userPassword_no=false;
|
|
||||||
if ($_POST['form_posixAccount_userPassword_lock']; $this->userPassword_lock=true;
|
|
||||||
else $this->userPassword_lock=false;
|
|
||||||
if (isset($_POST['form_posixAccount_userPassword'])) {
|
|
||||||
if ($_POST['form_posixAccount_userPassword'] != $_POST['form_posixAccount_userPassword2']) {
|
|
||||||
$errors[] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'));
|
|
||||||
unset ($_POST['form_posixAccount_userPassword2']);
|
|
||||||
}
|
|
||||||
else $this->userPassword($_POST['form_posixAccount_userPassword']);
|
|
||||||
}
|
|
||||||
if ($_POST['form_posixAccount_genpass']) $this->userPassword(genpasswd());
|
|
||||||
|
|
||||||
// Check if Username contains only valid characters
|
|
||||||
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*$', $this->uid))
|
|
||||||
$errors[] = array('ERROR', _('Username'), _('Username contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'));
|
|
||||||
|
|
||||||
// Create automatic useraccount with number if original user already exists
|
|
||||||
// Reset name to original name if new name is in use
|
|
||||||
// *** fixme make incache modularized. Incache will return the found attribute
|
|
||||||
// Set username back to original name if new username is in use
|
|
||||||
if (incache($this->uid,'uid', '*')!=$this->orig['uid'] && ($this->orig['uid']!='')) $this->uid = $this->orig['uid'];
|
|
||||||
// Change uid to a new uid until a free uid is found
|
|
||||||
while (incache($this->uid, 'uid', '*')) {
|
|
||||||
// Remove "$" at end of hostname if type is host
|
|
||||||
if ($this->base['type']=='host') $this->uid = substr($this->uid, 0, $this->uid-1);
|
|
||||||
// get last character of username
|
|
||||||
$lastchar = substr($this->uid, strlen($this->uid)-1, 1);
|
|
||||||
// Last character is no number
|
|
||||||
if ( !ereg('^([0-9])+$', $lastchar))
|
|
||||||
/* Last character is no number. Therefore we only have to
|
|
||||||
* add "2" to it.
|
|
||||||
*/
|
|
||||||
if ($this->base['type']=='host') $this->uid = $this->uid . '2$';
|
|
||||||
else $this->uid = $this->uid . '2';
|
|
||||||
else {
|
|
||||||
/* Last character is a number -> we have to increase the number until we've
|
|
||||||
* found a groupname with trailing number which is not in use.
|
|
||||||
*
|
|
||||||
* $i will show us were we have to split groupname so we get a part
|
|
||||||
* with the groupname and a part with the trailing number
|
|
||||||
*/
|
|
||||||
$i=strlen($this->uid)-1;
|
|
||||||
$mark = false;
|
|
||||||
// Set $i to the last character which is a number in $account_new->general_username
|
|
||||||
while (!$mark) {
|
|
||||||
if (ereg('^([0-9])+$',substr($this->uid, $i, strlen($this->uid)-$i))) $i--;
|
|
||||||
else $mark=true;
|
|
||||||
}
|
|
||||||
// increase last number with one
|
|
||||||
$firstchars = substr($this->uid, 0, $i+1);
|
|
||||||
$lastchars = substr($this->uid, $i+1, strlen($this->uid)-$i);
|
|
||||||
// Put username together
|
|
||||||
$this->uid = $firstchars . (intval($lastchars)+1);
|
|
||||||
// Add $ name if type is host
|
|
||||||
if ($this->base['type']=='host') $this->uid .= '$';
|
|
||||||
}
|
|
||||||
}
|
|
||||||
// Show warning if lam has changed username
|
|
||||||
if ($this->uid != $_POST['form_posixAccount_uid']) $errors[] = array('WARN', _('Username'), _('Username in use. Selected next free username.'));
|
|
||||||
|
|
||||||
// Check if UID is valid. If none value was entered, the next useable value will be inserted
|
// Check if UID is valid. If none value was entered, the next useable value will be inserted
|
||||||
// load min and may uidNumber
|
// load min and may uidNumber
|
||||||
|
@ -259,12 +208,11 @@ class posixAccount {
|
||||||
$minID = intval($_SESSION['config']->get_minMachine());
|
$minID = intval($_SESSION['config']->get_minMachine());
|
||||||
$maxID = intval($_SESSION['config']->get_maxMachine());
|
$maxID = intval($_SESSION['config']->get_maxMachine());
|
||||||
}
|
}
|
||||||
// *** fixme create getcache function
|
$dn_uids = $this->base->cache->get_cache('uidNumber', 'posixAccount', '*');
|
||||||
$dn_uids = getcache('uidNumber', 'posixAccount', '*');
|
// get_cache will return an array ( dn1 => array(uidnumber1), dn2 => array(uidnumber2), ... )
|
||||||
// getcache will return an array ( dn1 => array(uidnumber1), dn2 => array(uidnumber2), ... )
|
|
||||||
foreach ($dn_uids as $uid) $uids[] = $uid[0];
|
foreach ($dn_uids as $uid) $uids[] = $uid[0];
|
||||||
if(is_array($uids)) sort ($uids, SORT_NUMERIC);
|
if(is_array($uids)) sort ($uids, SORT_NUMERIC);
|
||||||
if ($this->uidNumber=='') {
|
if ($this->attributes['uidNumber']=='') {
|
||||||
// No id-number given
|
// No id-number given
|
||||||
if ($this->orig['uidNumber']=='') {
|
if ($this->orig['uidNumber']=='') {
|
||||||
// new account -> we have to find a free id-number
|
// new account -> we have to find a free id-number
|
||||||
|
@ -273,58 +221,50 @@ class posixAccount {
|
||||||
// Store highest id-number
|
// Store highest id-number
|
||||||
$id = $uids[count($uids)-1];
|
$id = $uids[count($uids)-1];
|
||||||
// Return minimum allowed id-number if all found id-numbers are too low
|
// Return minimum allowed id-number if all found id-numbers are too low
|
||||||
if ($id < $minID) $this->uidNumber = $minID;
|
if ($id < $minID) $this->attributes['uidNumber'] = $minID;
|
||||||
// Return higesht used id-number + 1 if it's still in valid range
|
// Return higesht used id-number + 1 if it's still in valid range
|
||||||
if ($id < $maxID) $this->uidNumber = $id+1;
|
if ($id < $maxID) $this->attributes['uidNumber'] = $id+1;
|
||||||
/* If this function is still running we have to fid a free id-number between
|
/* If this function is still running we have to fid a free id-number between
|
||||||
* the used id-numbers
|
* the used id-numbers
|
||||||
*/
|
*/
|
||||||
$i = intval($minID);
|
$i = intval($minID);
|
||||||
while (in_array($i, $uids)) $i++;
|
while (in_array($i, $uids)) $i++;
|
||||||
if ($i>$maxID)
|
if ($i>$maxID)
|
||||||
$errors[] = array('ERROR', _('ID-Number'), _('No free ID-Number!')))));
|
$errors[] = array('ERROR', _('ID-Number'), _('No free ID-Number!'));
|
||||||
else {
|
else {
|
||||||
$this->uidNumber = $i;
|
$this->attributes['uidNumber'] = $i;
|
||||||
$errors[] = array('WARN', _('ID-Number'), _('It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.'));
|
$errors[] = array('WARN', _('ID-Number'), _('It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.'));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else $this->uidNumber = $minID;
|
else $this->attributes['uidNumber'] = $minID;
|
||||||
// return minimum allowed id-number if no id-numbers are found
|
// return minimum allowed id-number if no id-numbers are found
|
||||||
}
|
}
|
||||||
else $this->uidNumber = $this->orig['uidNumber'];
|
else $this->attributes['uidNumber'] = $this->orig['uidNumber'];
|
||||||
// old account -> return id-number which has been used
|
// old account -> return id-number which has been used
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
// Check manual ID
|
// Check manual ID
|
||||||
// id-number is out of valid range
|
// id-number is out of valid range
|
||||||
if ( $this->uidNumber < $minID || $this->uidNumber > $maxID) $errors[] = array('ERROR', _('ID-Number'), sprintf(_('Please enter a value between %s and %s!'), $minID, $maxID));
|
if ( $this->attributes['uidNumber'] < $minID || $this->attributes['uidNumber'] > $maxID) $errors[] = array('ERROR', _('ID-Number'), sprintf(_('Please enter a value between %s and %s!'), $minID, $maxID));
|
||||||
// $uids is allways an array but not if no entries were found
|
// $uids is allways an array but not if no entries were found
|
||||||
if (is_array($uids)) {
|
if (is_array($uids)) {
|
||||||
// id-number is in use and account is a new account
|
// id-number is in use and account is a new account
|
||||||
if ((in_array($this->uidNumber, $uids)) && $this->orig['uidNumber']=='') $errors[] = array('ERROR', _('ID-Number'), _('ID is already in use'));
|
if ((in_array($this->attributes['uidNumber'], $uids)) && $this->orig['uidNumber']=='') $errors[] = array('ERROR', _('ID-Number'), _('ID is already in use'));
|
||||||
// id-number is in use, account is existing account and id-number is not used by itself
|
// id-number is in use, account is existing account and id-number is not used by itself
|
||||||
if ((in_array($this->uidNumber, $uids)) && $this->orig['uidNumber']!='' && ($this->orig['uidNumber'] != $this->uidNumber) ) {
|
if ((in_array($this->attributes['uidNumber'], $uids)) && $this->orig['uidNumber']!='' && ($this->orig['uidNumber'] != $this->attributes['uidNumber']) ) {
|
||||||
$errors[] = array('ERROR', _('ID-Number'), _('ID is already in use'));
|
$errors[] = array('ERROR', _('ID-Number'), _('ID is already in use'));
|
||||||
$this->uidNumber = $this->orig['uidNumber'];
|
$this->attributes['uidNumber'] = $this->orig['uidNumber'];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if Homedir is valid
|
// Check if Homedir is valid
|
||||||
$this->homeDirectory = str_replace('$group', getgrnam($this->gidNumber), $this->homeDirectory);
|
$this->attributes['homeDirectory'] = str_replace('$group', getgrnam($this->attributes['gidNumber']), $this->attributes['homeDirectory']);
|
||||||
if ($this->uid != '')
|
if ($this->attributes['uid'] != '')
|
||||||
$this->homeDirectory = str_replace('$user', $this->uid, $this->homeDirectory);
|
$this->attributes['homeDirectory'] = str_replace('$user', $this->attributes['uid'], $this->attributes['homeDirectory']);
|
||||||
if ($this->homeDirectory != $_POST['form_posixAccount_homeDirectory']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.'));
|
if ($this->attributes['homeDirectory'] != $_POST['form_posixAccount_homeDirectory']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.'));
|
||||||
if ( !ereg('^[/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*([/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*)*$', $this->homeDirectory ))
|
if ( !ereg('^[/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*([/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*)*$', $this->attributes['homeDirectory'] ))
|
||||||
$errors[] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.'));
|
$errors[] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.'));
|
||||||
// Check if Name-length is OK. minLength=3, maxLength=20
|
|
||||||
if ( !ereg('.{3,20}', $this->uid)) $errors[] = array('ERROR', _('Name'), _('Name must contain between 3 and 20 characters.'));
|
|
||||||
// Check if Name starts with letter
|
|
||||||
if ( !ereg('^([a-z]|[A-Z]).*$', $this->uid))
|
|
||||||
$errors[] = array('ERROR', _('Name'), _('Name contains invalid characters. First character must be a letter'));
|
|
||||||
// Check if password is OK
|
|
||||||
if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $this->userPassword()))
|
|
||||||
$errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
|
|
||||||
// Return error-messages
|
// Return error-messages
|
||||||
if (is_array($errors)) return $errors;
|
if (is_array($errors)) return $errors;
|
||||||
// Go to additional group page when no error did ocour and button was pressed
|
// Go to additional group page when no error did ocour and button was pressed
|
||||||
|
@ -338,7 +278,7 @@ class posixAccount {
|
||||||
do { // X-Or, only one if() can be true
|
do { // X-Or, only one if() can be true
|
||||||
if (isset($_POST['form_posixAccount_addgroups']) && isset($_POST['form_posixAccount_addgroups_button'])) { // Add groups to list
|
if (isset($_POST['form_posixAccount_addgroups']) && isset($_POST['form_posixAccount_addgroups_button'])) { // Add groups to list
|
||||||
// Add new group
|
// Add new group
|
||||||
$this->groups = @array_merge($this->groups, $_POST['allgroups']);
|
$this->groups = @array_merge($this->groups, $_POST['form_posixAccount_addgroups']);
|
||||||
// remove doubles
|
// remove doubles
|
||||||
$this->groups = @array_flip($this->groups);
|
$this->groups = @array_flip($this->groups);
|
||||||
array_unique($this->groups);
|
array_unique($this->groups);
|
||||||
|
@ -353,7 +293,7 @@ class posixAccount {
|
||||||
}
|
}
|
||||||
} while(0);
|
} while(0);
|
||||||
if (isset($_POST['form_posixAccount_addgroups_button']) || isset($_POST['form_posixAccount_removegroups_button'])) return 'group';
|
if (isset($_POST['form_posixAccount_addgroups_button']) || isset($_POST['form_posixAccount_removegroups_button'])) return 'group';
|
||||||
if ($_POST['form_posixAccount_toattributes'] return 'attributes';
|
if ($_POST['form_posixAccount_toattributes']) return 'attributes';
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -363,41 +303,30 @@ class posixAccount {
|
||||||
*/
|
*/
|
||||||
function load_attributes($attr) {
|
function load_attributes($attr) {
|
||||||
// Load attributes which are displayed
|
// Load attributes which are displayed
|
||||||
|
// unset count entries
|
||||||
|
unset ($attr['count']);
|
||||||
|
$attributes = array_keys($attr);
|
||||||
|
foreach ($attributes as $attribute) unset ($attr[$attribute]['count']);
|
||||||
|
// unset double entries
|
||||||
|
for ($i=0; $i<count($attr); $i++)
|
||||||
|
if (isset($attr[$i])) unset($attr[$i]);
|
||||||
|
foreach ($attributes as $attribute) {
|
||||||
|
if (isset($this->attributes[$attribute])) {
|
||||||
|
// decode as unicode
|
||||||
|
$this->attributes[$attribute] = $attr[$attribute];
|
||||||
|
for ($i=0; $i<count($this->attributes[$attribute]); $i++) $this->attributes[$attribute][$i] = utf8_decode ($this->attributes[$attribute][$i]);
|
||||||
|
}
|
||||||
|
}
|
||||||
// Values are kept as copy so we can compare old attributes with new attributes
|
// Values are kept as copy so we can compare old attributes with new attributes
|
||||||
$this->cn = $attr['cn'][0];
|
$this->orig = $this->attributes;
|
||||||
$this->orig['cn'] = $attr['cn'][0];
|
|
||||||
$this->uid = $attr['uid'][0];
|
|
||||||
$this->orig['uid'] = $attr['uid'][0];
|
|
||||||
$this->uidNumber = $attr['uidNumber'][0];
|
|
||||||
$this->orig['uidNumber'] = $attr['uidNumber'][0];
|
|
||||||
$this->gidNumber = $attr['gidNumber'][0];
|
|
||||||
$this->orig['gidNumber'] = $attr['gidNumber'][0];
|
|
||||||
$this->homeDirectory = $attr['homeDirectory'][0];
|
|
||||||
$this->orig['homeDirectory'] = $attr['homeDirectory'][0];
|
|
||||||
if (isset($attr['loginShell'][0])) {
|
|
||||||
$this->loginShell = $attr['loginShell'][0];
|
|
||||||
$this->orig['loginShell'] = $attr['loginShell'][0];
|
|
||||||
}
|
|
||||||
if (isset($attr['gecos'][0])) {
|
|
||||||
$this->gecos = $attr['gecos'][0];
|
|
||||||
$this->orig['gecos'] = $attr['gecos'][0];
|
|
||||||
}
|
|
||||||
if (isset($attr['description'][0])) {
|
|
||||||
$this->gecos = $attr['description'][0];
|
|
||||||
$this->orig['description'] = $attr['description'][0];
|
|
||||||
}
|
|
||||||
if (isset($attr['userPassword'][0])) {
|
|
||||||
$this->orig['enc_userPassword'] = $attr['userPassword'][0];
|
|
||||||
}
|
|
||||||
$this->userPassword_lock=!pwd_is_enabled($attr['userPassword'][0]);
|
|
||||||
// get all additional groupmemberships
|
// get all additional groupmemberships
|
||||||
$dn_groups = getcache('memberUid', 'posixGroup', 'group');
|
$dn_groups = $this->base->cache->get_cache('memberUid', 'posixGroup', 'group');
|
||||||
$DNs = array_keys($dn_groups);
|
$DNs = array_keys($dn_groups);
|
||||||
foreach ($DNs as $DN) {
|
foreach ($DNs as $DN) {
|
||||||
if (in_array($attr['uid'], $dn_groups[$DN]))
|
if (in_array($attr['uid'], $dn_groups[$DN]))
|
||||||
$this->groups[] = substr($DN, 3, strpos($DN, ',')-1);
|
$this->groups[] = substr($DN, 3, strpos($DN, ',')-1);
|
||||||
}
|
}
|
||||||
$this->orig['groups'] = $this->groups;
|
$this->groups_orig = $this->groups;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -412,114 +341,81 @@ class posixAccount {
|
||||||
* modify are attributes which have to been modified in ldap entry
|
* modify are attributes which have to been modified in ldap entry
|
||||||
*/
|
*/
|
||||||
function save_attributes() {
|
function save_attributes() {
|
||||||
/* Exmaples
|
|
||||||
* Add new attribute
|
|
||||||
* if ($this->cn!='' && $this->orig['cn']=='') $return[$this->base['dn']]['add']['cn'] = $this->cn;
|
|
||||||
* Modify existing attribute
|
|
||||||
* if ($this->cn!='' && $this->orig['cn']!='') $return[$this->base['dn']]['modify']['cn'] = $this->cn;
|
|
||||||
* Remove existing attribute
|
|
||||||
* if ($this->cn=='' && $this->orig['cn']!='') $return[$this->base['dn']]['remove']['cn'] = $this->cn;
|
|
||||||
*/
|
|
||||||
|
|
||||||
// Get list off all attributes
|
// Get list off all attributes
|
||||||
$attributes = $this->orig;
|
$attributes = $this->orig;
|
||||||
// Remove attributes which are not as easy to set
|
|
||||||
unset ($attributes['enc_userPassword']);
|
|
||||||
unset ($attributes['groups']);
|
|
||||||
// Get list of all "easy" attributes
|
// Get list of all "easy" attributes
|
||||||
$attr_names = array_keys($attributes);
|
$attr_names = array_keys($attributes);
|
||||||
foreach ($attr_names as $attr_name) {
|
foreach ($attr_names as $attr_name) {
|
||||||
if ($this->$attr_name!='' && $this->orig[$attr_name]=='') $return[$this->base['dn']]['add'][$attr_name] = $this->cn;
|
if (count($this->attributes[$attr_name])!=0 && count($this->orig[$attr_name])==0) $return[$this->base['dn']]['add'][$attr_name] = $this->attributes[$attr_name];
|
||||||
if ($this->$attr_name!='' && $this->orig[$attr_name]!='') $return[$this->base['dn']]['modify'][$attr_name] = $this->cn;
|
if (count($this->attributes[$attr_name])!=0 && count($this->orig[$attr_name])!=0) {
|
||||||
if ($this->$attr_name=='' && $this->orig[$attr_name]!='') $return[$this->base['dn']]['remove'][$attr_name] = $this->cn;
|
// We have to check every single attribute
|
||||||
|
// Get attributes which should be added
|
||||||
|
$attributes = array_delete($this->orig[$attr_name], $this->attributes[$attr_name]);
|
||||||
|
// Encode as unicode
|
||||||
|
for ($i=0; $i<count($attributes); $i++) $attributes[$i] = utf8_encode ($attributes[$i]);
|
||||||
|
if (count($attributes)!=0) $return[$this->base['dn']]['add'][$attr_name] = $attributes;
|
||||||
|
// Get attributes which should be removed
|
||||||
|
$attributes = array_delete($this->attributes[$attr_name], $this->orig[$attr_name]);
|
||||||
|
// Encode as unicode
|
||||||
|
for ($i=0; $i<count($attributes); $i++) $attributes[$i] = utf8_encode ($attributes[$i]);
|
||||||
|
if (count($attributes)!=0) $return[$this->base['dn']]['remove'][$attr_name] = $attributes;
|
||||||
|
}
|
||||||
|
if (count($this->attributes[$attr_name])==0 && count($this->orig[$attr_name])!=0) $return[$this->base['dn']]['remove'][$attr_name] = $this->orig[$attr_name];
|
||||||
}
|
}
|
||||||
|
|
||||||
// Set unix password
|
// Remove primary group from additional groups
|
||||||
if ($this->orig['enc_userPassword']=='') {
|
for ($i=0; $i<count($this->groups); $i++) {
|
||||||
// New user or no old password set
|
if ($this->groups[$i]==getgrnam($this->attributes['gidNumber'])) unset($this->groups[$i]);
|
||||||
if ($this->userPassword_no) $return[$this->base['dn']]['modify']['userPassword'] = pwd_hash ('', !$this->userPassword_lock);
|
|
||||||
else $return[$this->base['dn']]['modify']['userPassword'] = pwd_hash ($this->userPassword(), !$this->userPassword_lock);
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
if ($this->userPassword()!='' || $this->userPassword_no) {
|
|
||||||
// Write new password
|
|
||||||
if ($this->userPassword_no) $return[$this->base['dn']]['modify']['userPassword'] = pwd_hash ('', !$this->userPassword_lock);
|
|
||||||
else $return[$this->base['dn']]['modify']['userPassword'] = pwd_hash ($this->userPassword(), !$this->userPassword_lock);
|
|
||||||
}
|
|
||||||
else { // No new password but old password
|
|
||||||
// (un)lock password
|
|
||||||
if ($this->userPassword_lock == pwd_is_enabled($this->orig['enc_userPassword'])) {
|
|
||||||
// Split old password hash in {CRYPT} and password-hash
|
|
||||||
$i = 0;
|
|
||||||
while ($this->orig['enc_userPassword']{$i} != '}') $i++;
|
|
||||||
$passwd = substr($this->orig['enc_userPassword'], $i+1 );
|
|
||||||
$crypt = substr($this->orig['enc_userPassword'], 0, $i+1 );
|
|
||||||
// remove trailing ! from password hash
|
|
||||||
if ($passwd{0} == '!') $passwd = substr($passwd, 1);
|
|
||||||
// Write new password
|
|
||||||
if ($this->userPassword_lock) $return[$this->base['dn']]['modify']['userPassword'] = "$crypt!$passwd";
|
|
||||||
else $return[$this->base['dn']]['modify']['userPassword'] = "$crypt$passwd";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Set additional group memberships
|
// Set additional group memberships
|
||||||
if (is_array($this->groups)) {
|
if (is_array($this->groups)) {
|
||||||
// There are some additional groups defined
|
// There are some additional groups defined
|
||||||
if (is_array($this->orig['groups']) {
|
if (is_array($this->groups_orig)) {
|
||||||
//There are some old groups.
|
//There are some old groups.
|
||||||
$add = array_delete($this->orig['groups'], $this->groups);
|
$add = array_delete($this->groups_orig, $this->groups);
|
||||||
$remove = array_delete($this->groups, $this->orig['groups']);
|
$remove = array_delete($this->groups, $this->groups_orig);
|
||||||
$dn_cns = getcache('cn', 'posixGroup', 'group');
|
$dn_cns = $this->base->cache->get_cache('cn', 'posixGroup', 'group');
|
||||||
// getcache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... )
|
// get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... )
|
||||||
$DNs = array_keys($dn_cns);
|
$DNs = array_keys($dn_cns);
|
||||||
foreach ($DNs as $DN) {
|
foreach ($DNs as $DN) {
|
||||||
if (in_array($dn_cns[$DN], $add)) $return[$DN]]['add']['memberUid'] = $this->uid;
|
if (in_array($dn_cns[$DN], $add)) $return[$DN]['add']['memberUid'] = $this->attributes['uid'];
|
||||||
if (in_array($dn_cns[$DN], $remove)) $return[$DN]]['remove']['memberUid'] = $this->uid;
|
if (in_array($dn_cns[$DN], $remove)) $return[$DN]['remove']['memberUid'] = $this->attributes['uid'];
|
||||||
}
|
}
|
||||||
|
// primary group mut also be removed if it has changed after setting additional groups
|
||||||
|
if (in_array(getgrnam($this->attributes['gidNumber']), $this->groups_orig)) $return[$DN]['remove']['memberUid'] = $this->attributes['uid'];
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
// Add user to every group
|
// Add user to every group
|
||||||
$dn_cns = getcache('cn', 'posixGroup', 'group');
|
$dn_cns = $this->base->cache->get_cache('cn', 'posixGroup', 'group');
|
||||||
// getcache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... )
|
// get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... )
|
||||||
$DNs = array_keys($dn_cns);
|
$DNs = array_keys($dn_cns);
|
||||||
foreach ($DNs as $DN) {
|
foreach ($DNs as $DN) {
|
||||||
if (in_array($dn_cns[$DN], $this->groups)) $return[$DN]]['add']['memberUid'] = $this->uid;
|
if (in_array($dn_cns[$DN], $this->groups)) $return[$DN]['add']['memberUid'] = $this->attributes['uid'];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
if (is_array($this->orig['groups'])) {
|
if (is_array($this->groups_orig)) {
|
||||||
//There are some old groups which have to be removed
|
//There are some old groups which have to be removed
|
||||||
$dn_cns = getcache('cn', 'posixGroup', 'group');
|
$dn_cns = $this->base->cache->get_cache('cn', 'posixGroup', 'group');
|
||||||
// getcache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... )
|
// get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... )
|
||||||
$DNs = array_keys($dn_cns);
|
$DNs = array_keys($dn_cns);
|
||||||
foreach ($DNs as $DN) {
|
foreach ($DNs as $DN) {
|
||||||
if (in_array($dn_cns[$DN], $this->orig['groups'])) $return[$DN]]['remove']['memberUid'] = $this->uid;
|
if (in_array($dn_cns[$DN], $this->orig['groups'])) $return[$DN]['remove']['memberUid'] = $this->attributes['uid'];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
return $return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* This function returns all ldap attributes
|
/* This function returns all ldap attributes
|
||||||
* which are part of posixAccount and returns
|
* which are part of posixAccount and returns
|
||||||
* also their values.
|
* also their values.
|
||||||
*/
|
*/
|
||||||
function get_attributes() {
|
function get_attributes() {
|
||||||
if ($userPassword_no) $return['userPassword'] = '';
|
return $this->attributes;
|
||||||
else $return['userPassword'] = $this->userPassword();
|
|
||||||
$return['cn'] = $this->cn;
|
|
||||||
$return['uid'] = $this->uid;
|
|
||||||
$return['uidNumber'] = $this->uidNumber;
|
|
||||||
$return['gidNumber'] = $this->gidNumber;
|
|
||||||
$return['homeDirectory'] = $this->homeDirectory;
|
|
||||||
$return['loginShell'] = $this->loginShell;
|
|
||||||
$return['gecos'] = $this->gecos;
|
|
||||||
$return['description'] = $this->description;
|
|
||||||
// Not really ldap attributes but return values may be required
|
|
||||||
$return['groups'] = $this->groups;
|
|
||||||
if ($userPassword_lock) $return['userPasswordLocked'] = true;
|
|
||||||
else $return['userPasswordLocked'] = false;
|
|
||||||
return $return;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* This function will create the html-page
|
/* This function will create the html-page
|
||||||
|
@ -531,13 +427,8 @@ class posixAccount {
|
||||||
$shelllist = getshells(); // list of all valid shells
|
$shelllist = getshells(); // list of all valid shells
|
||||||
|
|
||||||
echo "<table border=0 width=\"100%\">\n<tr>\n";
|
echo "<table border=0 width=\"100%\">\n<tr>\n";
|
||||||
echo '<td>' . _('Username') . "*</td>\n";
|
|
||||||
echo "<td><input name=\"form_posixAccount_uid\" type=\"text\" size=\"20\" maxlength=\"20\" value=\"$this->uid\"></td>\n";
|
|
||||||
echo "<td><a href=\"../help.php?HelpNumber=400\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
|
||||||
echo "</tr>\n";
|
|
||||||
echo "<tr>\n";
|
|
||||||
echo "<td>" . _('UID number') . "</td>\n";
|
echo "<td>" . _('UID number') . "</td>\n";
|
||||||
echo "<td><input name=\"form_posixAccout_uidNumber\" type=\"text\" size=\"6\" maxlength=\"6\" value=\"$this->uidNumber\"></td>\n";
|
echo "<td><input name=\"form_posixAccout_uidNumber\" type=\"text\" size=\"6\" maxlength=\"6\" value=\"".$this->attributes['uidNumber']."\"></td>\n";
|
||||||
echo "<td><a href=\"../help.php?HelpNumber=401\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
echo "<td><a href=\"../help.php?HelpNumber=401\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
||||||
echo "</tr>\n";
|
echo "</tr>\n";
|
||||||
echo "<tr>\n";
|
echo "<tr>\n";
|
||||||
|
@ -545,7 +436,7 @@ class posixAccount {
|
||||||
echo "<td><select name=\"form_posixAccount_group\">";
|
echo "<td><select name=\"form_posixAccount_group\">";
|
||||||
// loop trough existing groups
|
// loop trough existing groups
|
||||||
foreach ($groups as $group)
|
foreach ($groups as $group)
|
||||||
if (getgrnam($this->gidNumber) == $group) echo "<option selected> $group </option>\n";
|
if (getgrnam($this->attributes['gidNumber']) == $group) echo "<option selected> $group </option>\n";
|
||||||
else echo "<option> $group </option>\n";
|
else echo "<option> $group </option>\n";
|
||||||
echo "</select></td>\n";
|
echo "</select></td>\n";
|
||||||
echo "<td><a href=\"../help.php?HelpNumber=406\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
echo "<td><a href=\"../help.php?HelpNumber=406\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
||||||
|
@ -558,18 +449,13 @@ class posixAccount {
|
||||||
echo "</tr>\n";
|
echo "</tr>\n";
|
||||||
echo "<tr>\n";
|
echo "<tr>\n";
|
||||||
echo "<td>" . _('Home directory') . "*</td>\n";
|
echo "<td>" . _('Home directory') . "*</td>\n";
|
||||||
echo "<td><input name=\"form_posixAccount_homeDirectory\" type=\"text\" size=\"30\" maxlength=\"255\" value=\"$this->homeDirectory\"></td>\n";
|
echo "<td><input name=\"form_posixAccount_homeDirectory\" type=\"text\" size=\"30\" maxlength=\"255\" value=\"".$this->attributes['homeDirectory']."\"></td>\n";
|
||||||
echo "<td><a href=\"../help.php?HelpNumber=403\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
echo "<td><a href=\"../help.php?HelpNumber=403\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
||||||
echo "</tr>\n";
|
echo "</tr>\n";
|
||||||
}
|
}
|
||||||
echo "<tr>\n";
|
echo "<tr>\n";
|
||||||
echo "<td>" . _('Gecos') . "</td>\n";
|
echo "<td>" . _('Gecos') . "</td>\n";
|
||||||
echo "<td><input name=\"form_posixAccount_gecos\" type=\"text\" size=\"30\" maxlength=\"255\" value=\"$this->gecos\"></td>\n";
|
echo "<td><input name=\"form_posixAccount_gecos\" type=\"text\" size=\"30\" maxlength=\"255\" value=\"".$this->attributes['gecos']."\"></td>\n";
|
||||||
echo "<td><a href=\"../help.php?HelpNumber=404\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
|
||||||
echo "</tr>\n";
|
|
||||||
echo "<tr>\n";
|
|
||||||
echo "<td>" . _('Description') . "</td>\n";
|
|
||||||
echo "<td><input name=\"form_posixAccount_description\" type=\"text\" size=\"30\" maxlength=\"255\" value=\"$this->description\"></td>\n";
|
|
||||||
echo "<td><a href=\"../help.php?HelpNumber=404\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
echo "<td><a href=\"../help.php?HelpNumber=404\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
||||||
echo "</tr>\n";
|
echo "</tr>\n";
|
||||||
if ($this->base['type']=='user') {
|
if ($this->base['type']=='user') {
|
||||||
|
@ -579,32 +465,12 @@ class posixAccount {
|
||||||
echo "<td><select name=\"form_posixAccount_loginShell\">";
|
echo "<td><select name=\"form_posixAccount_loginShell\">";
|
||||||
// loop through shells
|
// loop through shells
|
||||||
foreach ($shelllist as $shell)
|
foreach ($shelllist as $shell)
|
||||||
if ($this->loginShell==trim($shell)) echo "<option selected> $shell </option>\n";
|
if ($this->attributes['loginShell']==trim($shell)) echo "<option selected> $shell </option>\n";
|
||||||
else echo "<option> $shell </option>\n";
|
else echo "<option> $shell </option>\n";
|
||||||
echo "</select></td>\n";
|
echo "</select></td>\n";
|
||||||
echo "<td><a href=\"../help.php?HelpNumber=405\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
echo "<td><a href=\"../help.php?HelpNumber=405\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
||||||
echo "</tr>\n";
|
echo "</tr>\n";
|
||||||
}
|
}
|
||||||
echo "<tr>\n";
|
|
||||||
echo "<td>" . _('Password') . "</td>\n";
|
|
||||||
echo "<td><input name=\"form_posixAccount_userPassword\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"$this->userPassword()\"></td>\n";
|
|
||||||
echo "<td><input name=\"form_posixAccount_genpass\" type=\"submit\" value=\"" . _('Generate password') . "\"></td>\n";
|
|
||||||
echo "</tr>\n";
|
|
||||||
echo "<tr>\n";
|
|
||||||
echo "<td>" . _('Repeat password') . "</td>\n";
|
|
||||||
echo "<td><input name=\"form_posixAccount_userPassword2\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"";
|
|
||||||
if (isset($_POST['form_posixAccount_userPassword2'])) echo $_POST['form_posixAccount_userPassword2'];
|
|
||||||
else echo $this->userPassword();
|
|
||||||
echo "\"></td>\n";
|
|
||||||
echo "<td></td>\n";
|
|
||||||
echo "</tr>\n";
|
|
||||||
echo "<tr>\n";
|
|
||||||
echo "<td>" . _('Use no password') . "</td>\n";
|
|
||||||
echo "<td><input name=\"form_posixAccount_userPassword_no\" type=\"checkbox\"";
|
|
||||||
if ($this->userPassword_no) echo " checked ";
|
|
||||||
echo "></td>\n";
|
|
||||||
echo "<td><a href=\"../help.php?HelpNumber=426\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
|
|
||||||
echo "</tr>\n";
|
|
||||||
}
|
}
|
||||||
echo "</table>\n";
|
echo "</table>\n";
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -612,16 +478,15 @@ class posixAccount {
|
||||||
|
|
||||||
function display_html_group() {
|
function display_html_group() {
|
||||||
// load list with all groups
|
// load list with all groups
|
||||||
$dn_groups = getcache('uidNumber', 'posixGroup', 'group');
|
$dn_groups = $this->base->cache->get_cache('uidNumber', 'posixGroup', 'group');
|
||||||
foreach ($dn_groups as $group) $groups[] = $group[0];
|
foreach ($dn_groups as $group) $groups[] = $group[0];
|
||||||
// sort groups
|
// sort groups
|
||||||
sort($groups, SORT_STRING);
|
sort($groups, SORT_STRING);
|
||||||
// remove groups the user is member of from grouplist
|
// remove groups the user is member of from grouplist
|
||||||
$groups = array_delete($this->groups, $groups);
|
$groups = array_delete($this->groups, $groups);
|
||||||
// *** fixme primary group mut also be removed if it has changed after setting additional groups
|
|
||||||
// Remove primary group from grouplist
|
// Remove primary group from grouplist
|
||||||
$groups = array_flip($groups);
|
$groups = array_flip($groups);
|
||||||
if (isset($groups[getgrnam($this->gidNumber)])) unset ($groups[getgrnam($this->gidNumber)]);
|
if (isset($groups[getgrnam($this->attributes['gidNumber'])])) unset ($groups[getgrnam($this->attributes['gidNumber'])]);
|
||||||
$groups = array_flip($groups);
|
$groups = array_flip($groups);
|
||||||
|
|
||||||
echo "<table border=0 width=\"100%\">\n<tr>\n";
|
echo "<table border=0 width=\"100%\">\n<tr>\n";
|
||||||
|
|
|
@ -758,6 +758,11 @@ if (is_array($errors))
|
||||||
|
|
||||||
// print_r($account_new);
|
// print_r($account_new);
|
||||||
//print_r($account_old);
|
//print_r($account_old);
|
||||||
|
//$_SESSION['cache'] = new cache();
|
||||||
|
//$temp = new accountContainer('user');
|
||||||
|
//$temp->add_objectClass('posixAccount');
|
||||||
|
//$temp->load_account('uid=julia,ou=people,dc=my-domain,dc=com');
|
||||||
|
//print_r($temp->module['posixAccount']->attributes);
|
||||||
|
|
||||||
switch ($select_local) {
|
switch ($select_local) {
|
||||||
/* Select which part of page should be loaded and check values
|
/* Select which part of page should be loaded and check values
|
||||||
|
|
Loading…
Reference in New Issue