Added "Umlaut" handling for attributes which don''t allow them.
Added $this->attribute to ldap class. This variable contains a list of all attributes and their syntax
This commit is contained in:
katagia
parent
7a4ce78548
commit
f4e4f2b3df
|
|
@ -59,16 +59,6 @@ function getshells() {
|
|||
* fixme ***
|
||||
* In order to map all non-ascii characters this function should be changed
|
||||
*/
|
||||
function replace_umlaut($text) {
|
||||
$aTranslate = array("<EFBFBD>"=>"ae", "<EFBFBD>"=>"Ae",
|
||||
"<EFBFBD>"=>"oe", "<EFBFBD>"=>"Oe",
|
||||
"<EFBFBD>"=>"ue", "<EFBFBD>"=>"Ue",
|
||||
"<EFBFBD>"=>"ss"
|
||||
);
|
||||
return strtr($text, $aTranslate);
|
||||
}
|
||||
|
||||
|
||||
/* This function will return all values from $array without values of $values
|
||||
* $values, $array and $return are arrays
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -63,6 +63,9 @@ class baseModule {
|
|||
/** contains all error messages of a module */
|
||||
var $messages;
|
||||
|
||||
/** contains syntax of all */
|
||||
var $syntax;
|
||||
|
||||
/**
|
||||
* Creates a new base module class
|
||||
*
|
||||
|
|
@ -507,6 +510,47 @@ class baseModule {
|
|||
}
|
||||
}
|
||||
|
||||
function input_check() {
|
||||
/* We have to some string checks now. Not every ldap attributes allow utf8
|
||||
* strings. Therefore we do a syntax check here and change utf8 strings to ascci
|
||||
* strings. Only "7bit" ascci is allowed
|
||||
* We check als the max length as defined in ldap.
|
||||
*/
|
||||
// Do a check for every ldap attribute
|
||||
$attributes = array_keys($this->attributes);
|
||||
for ($i=0; $i<count($attributes); $i++) {
|
||||
if ($_SESSION['ldap']->attributes[$attributes[$i]]['SYNTAX']=='1.3.6.1.4.1.1466.115.121.1.36') {
|
||||
// found numeric attribute
|
||||
for ($j=0; $j<count($this->attributes[$attributes[$i]]); $j++)
|
||||
if ($this->attributes[$attributes[$i]][$j]!=intval($this->attributes[$attributes[$i]][$j])) {
|
||||
$this->attributes[$attributes[$i]][$j] = intval($this->attributes[$attributes[$i]][$j]);
|
||||
$messages[$attributes[$i]] = array('WARN', _($attributes[$i]), _('Changed value %s because only numeric values are allowed.'));
|
||||
}
|
||||
}
|
||||
else if ($_SESSION['ldap']->attributes[$attributes[$i]]['SYNTAX']=='1.3.6.1.4.1.1466.115.121.1.26' ||
|
||||
$_SESSION['ldap']->attributes[$attributes[$i]]['SYNTAX']=='1.3.6.1.4.1.1466.115.121.1.44' ||
|
||||
$_SESSION['ldap']->attributes[$attributes[$i]]['SYNTAX']=='1.3.6.1.4.1.1466.115.121.1.11') {
|
||||
// found "7bit" ascii attribute
|
||||
// convert utf8 in us-ascii
|
||||
$convert = array ( 'ä' => 'ae', 'Ä' => 'Ae', 'ö' => 'Oe', 'ü' => 'ue', 'Ü' => 'ue',
|
||||
'ß' => 'ss', 'é' => 'e', 'è' => 'e', 'ô' => 'o'
|
||||
);
|
||||
$index = array_keys($convert);
|
||||
for ($j=0; $j<count($this->attributes[$attributes[$i]]); $j++)
|
||||
for ($k=0; $k<count($index); $k++) {
|
||||
$temp = str_replace($index[$k], $convert[$index[$k]], $this->attributes[$attributes[$i]][$j]);
|
||||
if ($temp!=$this->attributes[$attributes[$i]][$j]) {
|
||||
$this->attributes[$attributes[$i]][$j] = $temp;
|
||||
$messages[$attributes[$i]][] = array('WARN', _($attributes[$i]), _('Changed value s because only US-ASCII allowed.')); //, array($attributes[$i]));
|
||||
}
|
||||
}
|
||||
}
|
||||
// TODO length check
|
||||
}
|
||||
if (count($messages)!=0) return $messages;
|
||||
else return 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* This function executes one post upload action.
|
||||
*
|
||||
|
|
|
|||
|
|
@ -294,6 +294,7 @@ class cache {
|
|||
$dn_groups = $_SESSION['cache']->get_cache('gidNumber', 'posixGroup', 'group');
|
||||
$DNs = array_keys($dn_groups);
|
||||
foreach ($DNs as $DN) {
|
||||
// TODO doesn't work when groupname is part of DN
|
||||
if (strpos($DN, $groupname))
|
||||
return $dn_groups[$DN][0];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -64,6 +64,8 @@ class Ldap{
|
|||
|
||||
/** Array with all objectClass strings from the LDAP server */
|
||||
var $objectClasses;
|
||||
/** Array with all attribute strings from the LDAP server */
|
||||
var $attributes;
|
||||
|
||||
// Capabilities of the LDAP server
|
||||
/** Host attribute in inetOrgPerson */
|
||||
|
|
@ -182,11 +184,82 @@ class Ldap{
|
|||
if ($info) {
|
||||
$this->objectClasses = $info[0]['objectclasses'];
|
||||
array_shift($this->objectClasses);
|
||||
return;
|
||||
}
|
||||
}
|
||||
// if search failed save empty result
|
||||
$this->objectClasses = array();
|
||||
else $this->objectClasses = array();
|
||||
|
||||
// read from default cn
|
||||
$sr = @ldap_read($this->server, 'cn=subschema', '(objectClass=*)', array('attributetypes'));
|
||||
// if default was not correct check different cn
|
||||
if (!$sr) $sr = @ldap_read($this->server, 'cn=schema', '(objectClass=*)', array('attributetypes'));
|
||||
if ($sr) {
|
||||
// get search result and save it
|
||||
$info = @ldap_get_entries($this->server,$sr);
|
||||
if ($info) {
|
||||
$attributes = $info[0]['attributetypes'];
|
||||
array_shift($attributes);
|
||||
}
|
||||
}
|
||||
// build Attribute list
|
||||
for ($i=0; $i<count($attributes); $i++) {
|
||||
// TODO: is it save to use while in lower code?
|
||||
// find oid of attribute
|
||||
$start = 0;
|
||||
while (!get_preg($attributes[$i][$start], 'digit')) $start++;
|
||||
$end = $start;
|
||||
while ($attributes[$i][$end+1] != ' ') $end++; // find limiter
|
||||
$values['oid'] = substr($attributes[$i], $start, $end-$start);
|
||||
// find DESC of attribute
|
||||
$start = strpos($attributes[$i], 'DESC');
|
||||
if ($start) {
|
||||
$start = $start + 6;
|
||||
$end = $start;
|
||||
while ($attributes[$i][$end]!='\'') $end++; // find limiter
|
||||
$values['DESC'] = substr($attributes[$i], $start, $end-$start);
|
||||
}
|
||||
// find SYNTAX of attribute
|
||||
$start = strpos($attributes[$i], 'SYNTAX');
|
||||
if ($start) {
|
||||
$start = $start + 7;
|
||||
$end = $start;
|
||||
while ($attributes[$i][$end]!='{' && $attributes[$i][$end]!=' ') $end++; // find limiter
|
||||
$values['SYNTAX'] = substr($attributes[$i], $start, $end-$start);
|
||||
}
|
||||
// find length of attribute
|
||||
$start = strpos($attributes[$i], 'SYNTAX');
|
||||
if ($start) {
|
||||
$start = $start + 8;
|
||||
while ($attributes[$i][$start]!='{' && $attributes[$i][$start]!=' ') $start++; // find limiter
|
||||
if ($attributes[$i][$start]=='{') {
|
||||
$end = $start;
|
||||
while ($attributes[$i][$end]!='}') $end++; // find limiter
|
||||
$values['LENGTH'] = substr($attributes[$i], $start, $end-$start);
|
||||
}
|
||||
}
|
||||
$start = strpos($attributes[$i], "NAME") + 6;
|
||||
if ($attributes[$i][$start-1]=='(') {
|
||||
// found multiple possible names
|
||||
$start = $start +2;
|
||||
$count = 1;
|
||||
// repeat until all names are found
|
||||
while ($attributes[$i][$start-1]!=')') {
|
||||
// search for end
|
||||
$end = $start;
|
||||
while ($attributes[$i][$end]!='\'') $end++; // find limiter
|
||||
$count++;
|
||||
$name = substr($attributes[$i], $start, $end-$start);
|
||||
$this->attributes[$name] = $values;
|
||||
$start = $end + 3;
|
||||
}
|
||||
}
|
||||
else {
|
||||
$end = $start;
|
||||
while ($attributes[$i][$end]!='\'') $end++;
|
||||
$name = substr($attributes[$i], $start, $end-$start);
|
||||
$this->attributes[$name] = $values;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/** Updates the capabilities values (var $supports_*) */
|
||||
|
|
@ -214,7 +287,7 @@ class Ldap{
|
|||
$this->close();
|
||||
// define which attributes to save
|
||||
return array("conf", "username", "password", "ldapUserAttributes", "ldapGroupAttributes",
|
||||
"ldapHostAttributes", "objectClasses", "supports_unix_hosts", "supports_samba2_schema",
|
||||
"ldapHostAttributes", "objectClasses", "attributes", "supports_unix_hosts", "supports_samba2_schema",
|
||||
"supports_samba3_schema", "rand");
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1326,6 +1326,11 @@ class accountContainer {
|
|||
}
|
||||
}
|
||||
}
|
||||
/* We have to some string checks now. Not every ldap attributes allow utf8
|
||||
* strings. Therefore we do a syntax check here and change utf8 strings to ascci
|
||||
* strings. Only "7bit" ascci is allowed
|
||||
*/
|
||||
// TODO how do we interact with the user and show him what has been changed
|
||||
// Complete dn with uid or cn=
|
||||
if ($this->type=='group') $search = 'cn';
|
||||
else $search = 'uid';
|
||||
|
|
|
|||
|
|
@ -753,6 +753,10 @@ class posixAccount extends baseModule {
|
|||
if (!get_preg($this->userPassword(), 'password'))
|
||||
$triggered_messages['userPassword'][] = $this->messages['userPassword'][1];
|
||||
}
|
||||
|
||||
$temp = $this->input_check();
|
||||
// TODO is this really OK?
|
||||
if (is_array($temp)) $triggered_messages = array_merge_recursive($triggered_messages, $temp);
|
||||
// Return error-messages
|
||||
if (count($triggered_messages)!=0) {
|
||||
$this->triggered_messages = $triggered_messages;
|
||||
|
|
@ -844,6 +848,7 @@ class posixAccount extends baseModule {
|
|||
array ($this->attributes['loginShell'][0])),
|
||||
2 => array ('kind' => 'help', 'value' => 'loginShell'));
|
||||
}
|
||||
return $return;
|
||||
}
|
||||
|
||||
function display_html_delete($post) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue