WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

improved support for config of modules

This commit is contained in:
katagia 2003-12-30 15:36:30 +00:00
parent 4182ec2948
commit ff1ceeac80
12 changed files with 1321 additions and 1616 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
lam/lib/account.inc
View File

@ -381,13 +381,13 @@ class accountContainer {
if ($this->order[$i]==$this->order[$this->module['main']->current_page] || !$this->module[$this->order[$i]]->module_ready() ) {
// print disabled button
echo "<input name=\"form_main_".$this->order[$i]."\" type=\"submit\" value=\"";
echo $this->module[$this->order[$i]]->alias;
echo $this->module[$this->order[$i]]->get_alias();
echo "\" disabled>\n<br>";
}
else {
// print normal button
echo "<input name=\"form_main_".$this->order[$i]."\" type=\"submit\" value=\"";
echo $this->module[$this->order[$i]]->alias;
echo $this->module[$this->order[$i]]->get_alias();
echo "\">\n<br>";
}
}
@ -395,7 +395,7 @@ class accountContainer {
echo "</fieldset></td></tr>\n";
echo "</table></td>\n<td>";
echo "<td><fieldset class=\"".$this->type."edit-dark\"><legend class=\"".$this->type."edit-bright\"><b>";
echo $this->module[$this->order[$this->module['main']->current_page]]->alias;
echo $this->module[$this->order[$this->module['main']->current_page]]->get_alias();
echo "</b></legend>\n";
// display html-code from mdule
$function = '$result = $this->module[$this->order[$this->module[\'main\']->current_page]]->display_html_'.$this->module['main']->subpage.'($post);';
@ -706,10 +706,10 @@ class accountContainer {
while ( (count($module) != count($modulelist)) && ($remain!=0) ) {
$remain--;
foreach ($module as $moduleitem) {
$required = $this->module[$moduleitem]->dependencies();
$required = $this->module[$moduleitem]->get_dependencies($this->type);
$everything_found = true;
if (is_array($required)) {
foreach ($required as $requireditem)
if (is_array($required['require'])) {
foreach ($required['require'] as $requireditem)
if (!in_array($reuquireditem, $modulelist)) $everthing_found = false;
}
if ($everything_found && !in_array($moduleitem, $order) ) $order[] = $moduleitem;
@ -736,10 +736,10 @@ class accountContainer {
while ( (count($module) != count($modulelist)) && ($remain!=0) ) {
$remain--;
foreach ($module as $moduleitem) {
$required = $this->module[$moduleitem]->dependencies();
$required = $this->module[$moduleitem]->get_dependencies($this->type);
$everything_found = true;
if (is_array($required)) {
foreach ($required as $requireditem)
if (is_array($required['require'])) {
foreach ($required['require'] as $requireditem)
if (!in_array($reuquireditem, $modulelist)) $everthing_found = false;
}
if ($everything_found && !in_array($moduleitem, $order) ) $order[] = $moduleitem;
@ -906,7 +906,7 @@ class accountContainer {
}
}
/*
// This class keeps all needed values for any account
class account {
// Type : user | group | host
@ -955,7 +955,7 @@ class account {
* mountpoint, used blocks, soft block limit, hard block limit, grace block period, used inodes,
* soft inode limit, hard inode limit, grace inode period
*/
// Personal Settings
/* // Personal Settings
var $personal_title; // string title of user
var $personal_mail; // string mailaddress of user
var $personal_telephoneNumber; // string telephonenumber of user
@ -966,7 +966,7 @@ class account {
var $personal_postalAddress; // string postal Address of user
var $personal_employeeType; // string employe type of user
}
*/
/* Return a list of all shells listed in ../config/shells

46
lam/lib/modules/account.inc
View File

@ -52,13 +52,9 @@ class account {
$this->orig = $this->attributes ;
// Add objectClass to attributes
$this->attributes['objectClass'][0] = 'account';
// Set aliasname
$this->alias = _('account');
}
// Variables
// Alias Name. This name is shown in the menu instead of 'account'
var $alias;
// name of account_container in session so we can read other classes in account_container
var $base;
// This variable contains all account attributes
@ -68,10 +64,15 @@ class account {
*/
var $orig;
function get_alias() {
return _('account');
}
/* This function returns a list with all required modules
*/
function dependencies() {
return array('main');
function get_dependencies($scope) {
if ($scope=='host') return array('require' => array('main'), 'conflict' => array('inetOrgPerson', 'posixGroup', 'sambaDomain') );
return -1;
}
/* This function returns true if all required attributes from other
@ -81,7 +82,6 @@ class account {
return true;
}
/* This function returns a list of all html-pages in module
* This is usefull for mass upload and pdf-files
* because lam can walk trough all pages itself and do some
@ -91,13 +91,12 @@ class account {
return array('attributes');
}
/* Write variables into object and do some regexp checks
/* This function returns all ldap attributes
* which are part of account and returns
* also their values.
*/
function proccess_attributes($post) {
// Load attributes
$this->attributes['description'][0] = $post['form_account_description'];
return 0;
function get_attributes() {
return $this->attributes;
}
/* This function loads all attributes into the object
@ -141,12 +140,17 @@ class account {
return $return;
}
/* This function returns all ldap attributes
* which are part of account and returns
* also their values.
function delete_attributes($post) {
$return = array();
return $return;
}
/* Write variables into object and do some regexp checks
*/
function get_attributes() {
return $this->attributes;
function proccess_attributes($post) {
// Load attributes
$this->attributes['description'][0] = $post['description'];
return 0;
}
/* This function will create the html-page
@ -157,13 +161,17 @@ class account {
echo "<table border=0 width=\"100%\">\n<tr>\n";
echo "<tr>\n";
echo "<td>" . _('Description') . "</td>\n";
echo "<td><input name=\"form_account_description\" type=\"text\" size=\"30\" maxlength=\"255\" value=\"".$this->attributes['description'][0]."\"></td>\n";
echo "<td><input name=\"description\" type=\"text\" size=\"30\" maxlength=\"255\" value=\"".$this->attributes['description'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=404\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "</table>\n";
return 0;
}
function display_html_delete($post) {
return 0;
}
}
?>

144
lam/lib/modules/inetOrgPerson.inc
View File

@ -51,13 +51,9 @@ class inetOrgPerson {
$this->orig = $this->attributes ;
// Add objectClass to attributes
$this->attributes['objectClass'][0] = 'inetOrgPerson';
// Set aliasname
$this->alias = _('inetOrgPerson');
}
// Variables
// Alias Name. This name is shown in the menu instead of posixAccount
var $alias;
// name of account_container in session so we can read other classes in account_container
var $base;
// This variable contains all inetOrgPerson attributes
@ -67,11 +63,15 @@ class inetOrgPerson {
*/
var $orig;
function get_alias() {
return _('inetOrgPerson');
}
/* This function returns a list with all required modules
*/
function dependencies() {
return array('main');
function get_dependencies($scope) {
if ($scope=='user') return array('require' => array('main'), 'conflict' => array('account', 'posixGroup', 'sambaDomain') );
return -1;
}
/* This function returns true if all required attributes from other
@ -90,50 +90,12 @@ class inetOrgPerson {
return array('attributes');
}
/* Write variables into object and do some regexp checks
/* This function returns all ldap attributes
* which are part of inetOrgPerson and returns
* also their values.
*/
function proccess_attributes($post) {
// Load attributes
$this->attributes['description'][0] = $post['form_inetOrgPerson_description'];
$this->attributes['sn'][0] = $post['form_inetOrgPerson_sn'];
$this->attributes['givenName'][0] = $post['form_inetOrgPerson_givenName'];
$this->attributes['title'][0] = $post['form_inetOrgPerson_title'];
$this->attributes['mail'][0] = $post['form_inetOrgPerson_mail'];
$this->attributes['telephoneNumber'][0] = $post['form_inetOrgPerson_telephoneNumber'];
$this->attributes['mobileTelephoneNumber'][0] = $post['form_inetOrgPerson_mobileTelephoneNumber'];
$this->attributes['facsimileTelephoneNumber'][0] = $post['form_inetOrgPerson_facsimileTelephoneNumber'];
$this->attributes['street'][0] = $post['form_inetOrgPerson_street'];
$this->attributes['postalCode'][0] = $post['form_inetOrgPerson_postalCode'];
$this->attributes['postalAddress'][0] = $post['form_inetOrgPerson_postalAddress'];
$this->attributes['employeeType'][0] = $post['form_inetOrgPerson_employeeType'];
// handle host-attribute in on epice because it's not set by default
if (isset($this->attributes['host'])) {
$host = $post['form_inetOrgPerson_host'];
if ((!$host=='') && !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-])+(([,])+([ ])*([a-z]|[A-Z]|[0-9]|[.]|[-])+)*$', $host))
$errors[] = array('ERROR', _('Unix workstations'), _('Unix workstations is invalid.'), 'host');
$hosts = explode(" ", $host);
$this->attributes['host'] = array();
foreach ($hosts as $host)
if ($host!="") $this->attributes['host'][] = $host;
}
// Do some regex-checks and return error if attributes are set to wrong values
if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $this->attributes['givenName'][0])) $errors[] = array('ERROR', _('Given name'), _('Given name contains invalid characters'), 'givenname');
if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $this->attributes['sn'][0])) $errors[] = array('ERROR', _('Surname'), _('Surname contains invalid characters'), 'sn');
if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['telephoneNumber'][0])) $errors[] = array('ERROR', _('Telephone number'), _('Please enter a valid telephone number!'), 'telephoneNumber');
if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['mobileTelephoneNumber'][0])) $errors[] = array('ERROR', _('Mobile number'), _('Please enter a valid mobile number!'), 'mobileTelephoneNumber');
if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['facsimileTelephoneNumber'][0])) $errors[] = array('ERROR', _('Fax number'), _('Please enter a valid fax number!'), 'facsimileTelephoneNumber');
if ( !ereg('^(([0-9]|[A-Z]|[a-z]|[.]|[-]|[_])+[@]([0-9]|[A-Z]|[a-z]|[-])+([.]([0-9]|[A-Z]|[a-z]|[-])+)*)*$', $this->attributes['mail'][0])) $errors[] = array('ERROR', _('eMail address'), _('Please enter a valid eMail address!'), 'mail');
if ( !ereg('^([0-9]|[A-Z]|[a-z]|[-]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['street'][0])) $errors[] = array('ERROR', _('Street'), _('Please enter a valid street name!'), 'street');
if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['postalAddress'][0])) $errors[] = array('ERROR', _('Postal address'), _('Please enter a valid postal address!'), 'postalAdress');
if ( !ereg('^([0-9]|[A-Z]|[a-z]|[-]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['title'][0])) $errors[] = array('ERROR', _('Title'), _('Please enter a valid title!'), 'title');
if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['employeeType'][0])) $errors[] = array('ERROR', _('Employee type'), _('Please enter a valid employee type!'), 'employeeType');
if ( !ereg('^([0-9]|[A-Z]|[a-z])*$', $this->attributes['personal_postalCode'][0])) $errors[] = array('ERROR', _('Postal code'), _('Please enter a valid postal code!'), 'personal_postalCode');
// Return error-messages
if (is_array($errors)) return $errors;
return 0;
function get_attributes() {
return $this->attributes;
}
/* This function loads all attributes into the object
@ -182,13 +144,55 @@ class inetOrgPerson {
// Return attributes
return $return;
}
/* This function returns all ldap attributes
* which are part of inetOrgPerson and returns
* also their values.
/* Write variables into object and do some regexp checks
*/
function get_attributes() {
return $this->attributes;
function delete_attributes($post) {
$return = array();
return $return;
}
function proccess_attributes($post) {
// Load attributes
$this->attributes['description'][0] = $post['description'];
$this->attributes['sn'][0] = $post['sn'];
$this->attributes['givenName'][0] = $post['givenName'];
$this->attributes['title'][0] = $post['title'];
$this->attributes['mail'][0] = $post['mail'];
$this->attributes['telephoneNumber'][0] = $post['telephoneNumber'];
$this->attributes['mobileTelephoneNumber'][0] = $post['mobileTelephoneNumber'];
$this->attributes['facsimileTelephoneNumber'][0] = $post['facsimileTelephoneNumber'];
$this->attributes['street'][0] = $post['street'];
$this->attributes['postalCode'][0] = $post['postalCode'];
$this->attributes['postalAddress'][0] = $post['postalAddress'];
$this->attributes['employeeType'][0] = $post['employeeType'];
// handle host-attribute in on epice because it's not set by default
if (isset($this->attributes['host'])) {
$host = $post['host'];
if ((!$host=='') && !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-])+(([,])+([ ])*([a-z]|[A-Z]|[0-9]|[.]|[-])+)*$', $host))
$errors[] = array('ERROR', _('Unix workstations'), _('Unix workstations is invalid.'), 'host');
$hosts = explode(" ", $host);
$this->attributes['host'] = array();
foreach ($hosts as $host)
if ($host!="") $this->attributes['host'][] = $host;
}
// Do some regex-checks and return error if attributes are set to wrong values
if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $this->attributes['givenName'][0])) $errors[] = array('ERROR', _('Given name'), _('Given name contains invalid characters'), 'givenName');
if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $this->attributes['sn'][0])) $errors[] = array('ERROR', _('Surname'), _('Surname contains invalid characters'), 'sn');
if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['telephoneNumber'][0])) $errors[] = array('ERROR', _('Telephone number'), _('Please enter a valid telephone number!'), 'telephoneNumber');
if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['mobileTelephoneNumber'][0])) $errors[] = array('ERROR', _('Mobile number'), _('Please enter a valid mobile number!'), 'mobileTelephoneNumber');
if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/]|[-])*$', $this->attributes['facsimileTelephoneNumber'][0])) $errors[] = array('ERROR', _('Fax number'), _('Please enter a valid fax number!'), 'facsimileTelephoneNumber');
if ( !ereg('^(([0-9]|[A-Z]|[a-z]|[.]|[-]|[_])+[@]([0-9]|[A-Z]|[a-z]|[-])+([.]([0-9]|[A-Z]|[a-z]|[-])+)*)*$', $this->attributes['mail'][0])) $errors[] = array('ERROR', _('eMail address'), _('Please enter a valid eMail address!'), 'mail');
if ( !ereg('^([0-9]|[A-Z]|[a-z]|[-]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['street'][0])) $errors[] = array('ERROR', _('Street'), _('Please enter a valid street name!'), 'street');
if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['postalAddress'][0])) $errors[] = array('ERROR', _('Postal address'), _('Please enter a valid postal address!'), 'postalAdress');
if ( !ereg('^([0-9]|[A-Z]|[a-z]|[-]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['title'][0])) $errors[] = array('ERROR', _('Title'), _('Please enter a valid title!'), 'title');
if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $this->attributes['employeeType'][0])) $errors[] = array('ERROR', _('Employee type'), _('Please enter a valid employee type!'), 'employeeType');
if ( !ereg('^([0-9]|[A-Z]|[a-z])*$', $this->attributes['personal_postalCode'][0])) $errors[] = array('ERROR', _('Postal code'), _('Please enter a valid postal code!'), 'personal_postalCode');
// Return error-messages
if (is_array($errors)) return $errors;
return 0;
}
/* This function will create the html-page
@ -196,17 +200,16 @@ class inetOrgPerson {
* It will output a complete html-table
*/
function display_html_attributes($post) {
echo "<table border=0 width=\"100%\">\n";
echo "<tr>\n";
echo "<td>" . _('Description') . "</td>\n";
echo "<td><input name=\"form_inetOrgPerson_description\" type=\"text\" size=\"30\" maxlength=\"255\" value=\"".$this->attributes['description'][0]."\"></td>\n";
echo "<td><input name=\"description\" type=\"text\" size=\"30\" maxlength=\"255\" value=\"".$this->attributes['description'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=404\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
if (isset($this->attributes['host'])) {
echo "<tr>\n";
echo "<td>" . _('Unix workstations') . "</td>\n";
echo "<td><input name=\"form_inetOrgPerson_host\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"";
echo "<td><input name=\"host\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"";
if (is_array($this->attributes['host']))
foreach ($this->attributes['host'] as $host) echo $host." ";
echo "\"></td>\n";
@ -215,63 +218,66 @@ class inetOrgPerson {
}
echo "<tr>\n";
echo "<td>" . _('Title') . "</td>\n";
echo "<td><input name=\"form_inetOrgPerson_title\" type=\"text\" size=\"10\" maxlength=\"10\" value=\"".$this->attributes['title'][0]."\"></td>\n";
echo "<td><input name=\"title\" type=\"text\" size=\"10\" maxlength=\"10\" value=\"".$this->attributes['title'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=448\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('First name') . "*</td>\n" ;
echo "<td><input name=\"form_inetOrgPerson_givenName\" type=\"text\" size=\"20\" maxlength=\"20\" value=\"".$this->attributes['givenName'][0]."\"></td>\n";
echo "<td><input name=\"givenName\" type=\"text\" size=\"20\" maxlength=\"20\" value=\"".$this->attributes['givenName'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=425\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Last name') . "*</td>\n";
echo "<td><input name=\"form_inetOrgPerson_sn\" type=\"text\" size=\"20\" maxlength=\"50\" value=\"".$this->attributes['sn'][0]."\"></td>\n";
echo "<td><input name=\"sn\" type=\"text\" size=\"20\" maxlength=\"50\" value=\"".$this->attributes['sn'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=424\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Employee type') . "</td>\n";
echo "<td><input name=\"form_inetOrgPerson_employeeType\" type=\"text\" size=\"30\" maxlength=\"30\" value=\"".$this->attributes['employeeType'][0]."\"></td>\n";
echo "<td><input name=\"employeeType\" type=\"text\" size=\"30\" maxlength=\"30\" value=\"".$this->attributes['employeeType'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=449\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Street') . "</td>\n";
echo "<td><input name=\"form_inetOrgPerson_street\" type=\"text\" size=\"30\" maxlength=\"50\" value=\"".$this->attributes['street'][0]."\"></td>\n";
echo "<td><input name=\"street\" type=\"text\" size=\"30\" maxlength=\"50\" value=\"".$this->attributes['street'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=450\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Postal code') . "</td>\n";
echo "<td><input name=\"form_inetOrgPerson_postalCode\" type=\"text\" size=\"5\" maxlength=\"5\" value=\"".$this->attributes['postalCode'][0]."\"></td>\n";
echo "<td><input name=\"postalCode\" type=\"text\" size=\"5\" maxlength=\"5\" value=\"".$this->attributes['postalCode'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=451\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Postal address') . "</td>\n";
echo "<td><input name=\"form_inetOrgPerson_postalAddress\" type=\"text\" size=\"30\" maxlength=\"80\" value=\"".$this->attributes['postalAddress'][0]."\"></td>\n";
echo "<td><input name=\"postalAddress\" type=\"text\" size=\"30\" maxlength=\"80\" value=\"".$this->attributes['postalAddress'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=452\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Telephone number') . "</td>\n";
echo "<td><input name=\"form_inetOrgPerson_telephoneNumber\" type=\"text\" size=\"30\" maxlength=\"30\" value=\"".$this->attributes['telephoneNumber'][0]."\"></td>\n";
echo "<td><input name=\"telephoneNumber\" type=\"text\" size=\"30\" maxlength=\"30\" value=\"".$this->attributes['telephoneNumber'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=453\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Mobile number') . "</td>\n";
echo "<td><input name=\"form_inetOrgPerson_mobileTelephoneNumber\" type=\"text\" size=\"30\" maxlength=\"30\" value=\"".$this->attributes['mobileTelephoneNumber'][0]."\"></td>\n";
echo "<td><input name=\"mobileTelephoneNumber\" type=\"text\" size=\"30\" maxlength=\"30\" value=\"".$this->attributes['mobileTelephoneNumber'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=454\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Fax number') . "</td>\n";
echo "<td><input name=\"form_inetOrgPerson_facsimileTelephoneNumber\" type=\"text\" size=\"30\" maxlength=\"30\" value=\"".$this->attributes['facsimileTelephoneNumber'][0]."\"></td>\n";
echo "<td><input name=\"facsimileTelephoneNumber\" type=\"text\" size=\"30\" maxlength=\"30\" value=\"".$this->attributes['facsimileTelephoneNumber'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=455\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('eMail address') . "</td>\n";
echo "<td><input name=\"form_inetOrgPerson_mail\" type=\"text\" size=\"30\" maxlength=\"80\" value=\"".$this->attributes['mail'][0]."\"></td>\n";
echo "<td><input name=\"mail\" type=\"text\" size=\"30\" maxlength=\"80\" value=\"".$this->attributes['mail'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=456\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "</table>\n";
return 0;
}
function display_html_delete($post) {
return 0;
}
}
?>

194
lam/lib/modules/main.inc
View File

@ -52,32 +52,45 @@ class main {
$this->subpage = '';
// Get local copy of name of account_container in session
$this->base = $base;
// Set aliasname
$this->alias = _('main');
}
// Variables
// This variable stores the number of the current displayed page
var $current_page;
// This variable os set to the pagename of a subpage if it should be displayed
var $subpage;
// name of accountContainer so we can read other classes in accuontArray
var $base;
// Alias Name. This name is shown in the menu instead of main
var $alias;
function get_alias() {
return _('main');
}
/* This function returns a list with all required modules
*/
function dependencies() {
return array();
function get_dependencies($scope) {
return array('require' => array(), 'conflict' => array() );
}
function module_ready() {
return true;
}
/* This function returns a list of all html-pages in module
* This is usefull for mass upload and pdf-files
* because lam can walk trough all pages itself and do some
* error checkings
*/
function pages() {
return array('attributes', 'finish');
}
// Dummy functions to make module compatible
function get_attributes() {
return array();
}
// Dummy functions to make module compatible
function load_attributes($attr) {
return 0;
@ -88,9 +101,79 @@ class main {
return array();
}
// Dummy functions to make module compatible
function get_attributes() {
return array();
function delete_attributes($post) {
$return = array();
return $return;
}
/* Write variables into object and do some regexp checks
*/
function proccess_attributes($post) {
// change dn
if ($post['suffix']!='') $_SESSION[$this->base]->dn = $post['suffix'];
// load profile
if ($post['selectLoadProfile'] && $post['loadProfile']) {
// *** fixme load*Profile must return array in the same way ldap_get_attributes does.
$function = '$newattributes = load'.ucfirst($scope).'Profile($post[\'selectLoadProfile\']);';
eval($function);
// pass newattributes to each module
$modules = array_keys($_SESSION[$this->base]->module);
foreach ($modules as $module) $_SESSION[$this->base]->module[$module]->load_attributes($newattributes);
return 0;
}
// save account
if ($post['create']) {
$success = $_SESSION[$this->base]->save_account();
if (is_array($success)) return array($success);
// return name of subpage
return 'finish';
}
// save profile
if ($post['saveProfile']) {
if ($post['selectSaveProfile']=='') $errors[] = array('ERROR', _('Save profile'), _('No profilename given.'));
else {
$function = 'save'.ucfirst($scope).'Profile();';
eval($function);
if ($function) $errors[] = array('INFO', _('Save profile'), _('New profile created.'));
else $errors[] = array('ERROR', _('Save profile'), _('Wrong profilename given.'));
}
if (is_array($errors)) return $errors;
else return 0;
}
return 0;
}
/* Write variables into object and do some regexp checks
*/
function proccess_finish($post) {
if ($post['createagain']) {
// Reset objects
$modules = array_keys($_SESSION[$this->base]->module);
foreach ($modules as $module)
if ($module!='main') unset($_SESSION[$this->base]->module[$module]);
// Reset accountContainer
$_SESSION[$this->base]->dn = '';
$_SESSION[$this->base]->dn_orig = '';
$_SESSION[$this->base]->attributes = array();
$_SESSION[$this->base]->order = array();
$this->current_page = 0;
$this->subpage = '';
// Add all required objects etc.
$_SESSION[$this->base]->new_account();
return 0;
}
if ($post['backmain']) {
// Return to *-list
// *** fixme unset accountContainer in session
metaRefresh("../lists/list".$_SESSION[$this->base]->type."s.php");
exit;
}
if ($post['outputpdf']) {
// Create / display PDf-file
$function = 'create'.ucfirst($_SESSION[$this->base]->type).'PDF(array($_SESSION[$this->base]));';
eval($function);
exit;
}
}
function display_html_attributes($post) {
@ -108,7 +191,7 @@ class main {
echo "<table border=0 width=\"100%\">\n";
echo "<tr>\n";
echo "<td>" . _('Suffix') . "</td>\n";
echo "<td><select name=\"form_main_suffix\">";
echo "<td><select name=\"suffix\">";
// loop through all suffixes
$function = '$suffix = $_SESSION[$_SESSION[$this->base]->config]->get_'.ucfirst($_SESSION[$this->base]->type).'Suffix();';
eval($function);
@ -127,22 +210,22 @@ class main {
if (count($profilelist)!=0) {
echo "<tr>\n";
echo "<td>" . _("Load profile") . "</td>\n";
echo "<td><select name=\"form_main_selectLoadProfile\">";
echo "<td><select name=\"selectLoadProfile\">";
foreach ($profilelist as $profile) echo "<option>$profile</option>\n";
echo "</select>\n";
echo "<input name=\"form_main_loadProfile\" type=\"submit\" value=\"" . _('Load Profile') . "\"></td>\n";
echo "<input name=\"loadProfile\" type=\"submit\" value=\"" . _('Load Profile') . "\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=421\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
}
echo "<tr>\n";
echo "<td>" . _("Save profile") . "</td>\n";
echo "<td><input name=\"form_main_selectSaveProfile\" type=\"text\" size=\"30\" maxlength=\"50\">\n";
echo "<input name=\"form_main_saveProfile\" type=\"submit\" value=\"" . _('Save profile') . "\" $disabled ></td>\n";
echo "<td><input name=\"selectSaveProfile\" type=\"text\" size=\"30\" maxlength=\"50\">\n";
echo "<input name=\"saveProfile\" type=\"submit\" value=\"" . _('Save profile') . "\" $disabled ></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=457\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td><input name=\"form_main_create\" type=\"submit\" value=\"";
echo "<td><input name=\"create\" type=\"submit\" value=\"";
if ($_SESSION[$this->base]->dn_orig!='') echo _('Modify Account');
else echo _('Create Account');
echo "\" $disabled ></td>\n";
@ -151,6 +234,9 @@ class main {
return 0;
}
function display_html_delete($post) {
return 0;
}
/* This page will be shown if an account
* has been saved
@ -166,12 +252,12 @@ class main {
echo "<table border=0 width=\"100%\">\n";
echo "<tr>\n";
if ($_SESSION[$this->base]->dn_orig=='') {
echo "<td><input name=\"form_main_createagain\" type=\"submit\" value=\"";
echo "<td><input name=\"createagain\" type=\"submit\" value=\"";
echo sprintf(_('Create another %s'), $_SESSION[$this->base]->type);
echo "\"></td>\n";
}
echo "<td><input name=\"form_main_outputpdf\" type=\"submit\" value=\"" . _('Create PDF file') . "\"></td>\n";
echo "<td><input name=\"form_main_backmain\" type=\"submit\" value=\"";
echo "<td><input name=\"outputpdf\" type=\"submit\" value=\"" . _('Create PDF file') . "\"></td>\n";
echo "<td><input name=\"backmain\" type=\"submit\" value=\"";
echo sprintf (_('Back to %s list'), $_SESSION[$this->base]->type);
echo "\"></td>\n";
echo "</tr>\n";
@ -179,76 +265,6 @@ class main {
return 0;
}
/* Write variables into object and do some regexp checks
*/
function proccess_finish($post) {
if ($post['form_main_createagain']) {
// Reset objects
$modules = array_keys($_SESSION[$this->base]->module);
foreach ($modules as $module)
if ($module!='main') unset($_SESSION[$this->base]->module[$module]);
// Reset accountContainer
$_SESSION[$this->base]->dn = '';
$_SESSION[$this->base]->dn_orig = '';
$_SESSION[$this->base]->attributes = array();
$_SESSION[$this->base]->order = array();
$this->current_page = 0;
$this->subpage = '';
// Add all required objects etc.
$_SESSION[$this->base]->new_account();
return 0;
}
if ($post['form_main_backmain']) {
// Return to *-list
// *** fixme unset accountContainer in session
metaRefresh("../lists/list".$_SESSION[$this->base]->type."s.php");
exit;
}
if ($post['form_main_outputpdf']) {
// Create / display PDf-file
$function = 'create'.ucfirst($_SESSION[$this->base]->type).'PDF(array($_SESSION[$this->base]));';
eval($function);
exit;
}
}
/* Write variables into object and do some regexp checks
*/
function proccess_attributes($post) {
// change dn
if ($post['form_main_suffix']!='') $_SESSION[$this->base]->dn = $post['form_main_suffix'];
// load profile
if ($post['form_main_selectLoadProfile'] && $post['form_main_loadProfile']) {
// *** fixme load*Profile must return array in the same way ldap_get_attributes does.
$function = '$newattributes = load'.ucfirst($scope).'Profile($post[\'form_main_selectLoadProfile\']);';
eval($function);
// pass newattributes to each module
$modules = array_keys($_SESSION[$this->base]->module);
foreach ($modules as $module) $_SESSION[$this->base]->module[$module]->load_attributes($newattributes);
return 0;
}
// save account
if ($post['form_main_create']) {
$success = $_SESSION[$this->base]->save_account();
if (is_array($success)) return array($success);
// return name of subpage
return 'finish';
}
// save profile
if ($post['form_main_saveProfile']) {
if ($post['form_main_selectSaveProfile']=='') $errors[] = array('ERROR', _('Save profile'), _('No profilename given.'));
else {
$function = 'save'.ucfirst($scope).'Profile();';
eval($function);
if ($function) $errors[] = array('INFO', _('Save profile'), _('New profile created.'));
else $errors[] = array('ERROR', _('Save profile'), _('Wrong profilename given.'));
}
if (is_array($errors)) return $errors;
else return 0;
}
return 0;
}
}
?>

502
lam/lib/modules/posixAccount.inc
View File

@ -89,8 +89,6 @@ class posixAccount {
}
// Variables
// Alias Name. This name is shown in the menu instead of posixAccount
var $alias;
// name of accountContainer so we can read other classes in accuontArray
var $base;
// Use a unix password?
@ -142,12 +140,15 @@ class posixAccount {
}
}
function get_alias() {
return _('posixAccount');
}
/* This function returns a list with all required modules
*/
function dependencies() {
if ($_SESSION[$this->base]->type=='user') return array('inetOrgPerson');
if ($_SESSION[$this->base]->type=='host') return array('account');
// return error if unsupported type is used
function get_dependencies($scope) {
if ($scope=='host') return array('require' => array('account'), 'conflict' => array() );
if ($scope=='user') return array('require' => array('inetOrgPerson'), 'conflict' => array() );
return -1;
}
@ -155,207 +156,25 @@ class posixAccount {
return true;
}
/* Write variables into object and do some regexp checks
/* This function returns a list of all html-pages in module
* This is usefull for mass upload and pdf-files
* because lam can walk trough all pages itself and do some
* error checkings
*/
function proccess_attributes($post) {
if ($this->orig['uid'][0]!='' && $post['form_posixAccount_uid']!=$this->attributes['uid'][0])
$errors[] = array('INFO', _('UID'), _('UID has changed. Do you want to change home directory?'));
if ($this->orig['gidNumber'][0]!='' && $_SESSION[$_SESSION[$this->base]->cache]->getgid($post['form_posixAccount_gidNumber'])!=$this->attributes['gidNumber'][0])
$errors[] = array('INFO', _('GID number'), sprintf(_('GID number has changed. To keep file ownership you have to run the following command as root: \'find / -gid %s -uid %s -exec chgrp %s {} \;\''), $this->orig['gidNumber'][0], $this->orig['uidNumber'][0], $_SESSION[$_SESSION[$this->base]->cache]->getgid($post['form_posixAccount_gidNumber'])));
if ($this->orig['uidNumber'][0]!='' && $post['form_posixAccount_uidNumber']!=$this->attributes['uidNumber'][0])
$errors[] = array('INFO', _('UID number'), sprintf(_('UID number has changed. To keep file ownership you have to run the following command as root: \'find / -uid %s -exec chown %s {} \;\''), $this->orig['uidNumber'][0], $this->attributes['uidNumber'][0]));
if (isset($post['form_posixAccount_homeDirectory']) && $this->orig['homeDirectory'][0]!='' && $post['form_posixAccount_homeDirectory']!=$this->attributes['homeDirectory'][0])
$errors[] = array('INFO', _('Home directory'), sprintf(_('Home directory changed. To keep home directory you have to run the following command as root: \'mv %s %s\''), $this->orig['homeDirectory'][0], $this->attributes['homeDirectory'][0]));
// Load attributes
$this->attributes['uid'][0] = $post['form_posixAccount_uid'];
$this->attributes['cn'][0] = $this->attributes['uid'][0];
$this->attributes['uidNumber'][0] = $post['form_posixAccount_uidNumber'];
$this->attributes['gidNumber'][0] = $_SESSION[$_SESSION[$this->base]->cache]->getgid($post['form_posixAccount_gidNumber']);
$this->attributes['homeDirectory'][0] = $post['form_posixAccount_homeDirectory'];
$this->attributes['loginShell'][0] = $post['form_posixAccount_loginShell'];
$this->attributes['gecos'][0] = $post['form_posixAccount_gecos'];
if ($post['form_posixAccount_createhomedir']) $this->createhomedir = true;
else $this->createhomedir = false;
if ($post['form_posixAccount_userPassword_no']) $this->userPassword_no=true;
else $this->userPassword_no=false;
if ($post['form_posixAccount_userPassword_lock']) $this->userPassword_lock=true;
else $this->userPassword_lock=false;
if (isset($post['form_posixAccount_userPassword'])) {
if ($post['form_posixAccount_userPassword'] != $post['form_posixAccount_userPassword2']) {
$errors[] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'));
unset ($post['form_posixAccount_userPassword2']);
}
else $this->userPassword($post['form_posixAccount_userPassword']);
}
if ($post['form_posixAccount_genpass']) $this->userPassword(genpasswd());
// Check if UID is valid. If none value was entered, the next useable value will be inserted
// load min and may uidNumber
if ($_SESSION[$this->base]->type=='user') {
$minID = intval($_SESSION[$_SESSION[$this->base]->config]->get_minUID());
$maxID = intval($_SESSION[$_SESSION[$this->base]->config]->get_maxUID());
}
if ($_SESSION[$this->base]->type=='host') {
$minID = intval($_SESSION[$_SESSION[$this->base]->config]->get_minMachine());
$maxID = intval($_SESSION[$_SESSION[$this->base]->config]->get_maxMachine());
}
$dn_uids = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('uidNumber', 'posixAccount', '*');
// get_cache will return an array ( dn1 => array(uidnumber1), dn2 => array(uidnumber2), ... )
foreach ($dn_uids as $uid) $uids[] = $uid[0];
if(is_array($uids)) sort ($uids, SORT_NUMERIC);
if ($this->attributes['uidNumber'][0]=='') {
// No id-number given
if ($this->orig['uidNumber'][0]=='') {
// new account -> we have to find a free id-number
if (count($uids)!=0) {
// There are some uids
// Store highest id-number
$id = $uids[count($uids)-1];
// Return minimum allowed id-number if all found id-numbers are too low
if ($id < $minID) $this->attributes['uidNumber'][0] = $minID;
// Return higesht used id-number + 1 if it's still in valid range
if ($id < $maxID) $this->attributes['uidNumber'][0] = $id+1;
/* If this function is still running we have to fid a free id-number between
* the used id-numbers
*/
$i = intval($minID);
while (in_array($i, $uids)) $i++;
if ($i>$maxID)
$errors[] = array('ERROR', _('ID-Number'), _('No free ID-Number!'));
else {
$this->attributes['uidNumber'][0] = $i;
$errors[] = array('WARN', _('ID-Number'), _('It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.'));
}
}
else $this->attributes['uidNumber'][0] = $minID;
// return minimum allowed id-number if no id-numbers are found
}
else $this->attributes['uidNumber'][0] = $this->orig['uidNumber'][0];
// old account -> return id-number which has been used
}
else {
// Check manual ID
// id-number is out of valid range
if ( ($this->attributes['uidNumber'][0]!=$post['form_posixAccount_uidNumber']) && ($this->attributes['uidNumber'][0] < $minID || $this->attributes['uidNumber'][0] > $maxID)) $errors[] = array('ERROR', _('ID-Number'), sprintf(_('Please enter a value between %s and %s!'), $minID, $maxID));
// $uids is allways an array but not if no entries were found
if (is_array($uids)) {
// id-number is in use and account is a new account
if ((in_array($this->attributes['uidNumber'][0], $uids)) && $this->orig['uidNumber'][0]=='') $errors[] = array('ERROR', _('ID-Number'), _('ID is already in use'));
// id-number is in use, account is existing account and id-number is not used by itself
if ((in_array($this->attributes['uidNumber'][0], $uids)) && $this->orig['uidNumber'][0]!='' && ($this->orig['uidNumber'][0] != $this->attributes['uidNumber'][0]) ) {
$errors[] = array('ERROR', _('ID-Number'), _('ID is already in use'));
$this->attributes['uidNumber'][0] = $this->orig['uidNumber'][0];
}
}
}
if ($_SESSION[$this->base]->type=='user') {
if (($this->attributes['uid'][0] != $post['form_posixAccount_uid']) && ereg('[A-Z]$', $post['form_posixAccount_uid']))
$errors[] = array('WARN', _('Username'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.'));
// Check if Homedir is valid
$this->attributes['homeDirectory'][0] = str_replace('$group', $_SESSION[$_SESSION[$this->base]->cache]->getgrnam($this->attributes['gidNumber'][0]), $this->attributes['homeDirectory'][0]);
if ($this->attributes['uid'][0] != '')
$this->attributes['homeDirectory'][0] = str_replace('$user', $this->attributes['uid'][0], $this->attributes['homeDirectory'][0]);
if ($this->attributes['homeDirectory'][0] != $post['form_posixAccount_homeDirectory']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.'));
if ( !ereg('^[/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*([/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*)*$', $this->attributes['homeDirectory'][0] ))
$errors[] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.'));
// Check if Username contains only valid characters
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+$', $this->attributes['uid'][0]))
$errors[] = array('ERROR', _('Username'), _('Username contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'));
}
if ($_SESSION[$this->base]->type=='host') {
if (($this->attributes['uid'][0] != $post['form_account_uid']) && ereg('[A-Z]$', $post['form_account_uid']))
$errors[] = array('WARN', _('Hostname'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.'));
// Check if Username contains only valid characters
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+[$]$', $this->attributes['uid'][0]))
$errors[] = array('ERROR', _('Hostname'), _('Hostname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ ! Hostname must end with $ !'));
}
// Create automatic useraccount with number if original user already exists
// Reset name to original name if new name is in use
// Set username back to original name if new username is in use
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['uid'][0],'uid', '*')!=false && ($this->orig['uid'][0]!='')) {
$this->attributes['uid'][0] = $this->orig['uid'][0];
}
// Change uid to a new uid until a free uid is found
else while ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['uid'][0], 'uid', '*')) {
if ($_SESSION[$this->base]->type=='host') $this->attributes['uid'][0] = substr($this->attributes['uid'][0], 0, -1);
// get last character of username
$lastchar = substr($this->attributes['uid'][0], strlen($this->attributes['uid'][0])-1, 1);
// Last character is no number
if ( !ereg('^([0-9])+$', $lastchar))
/* Last character is no number. Therefore we only have to
* add "2" to it.
*/
if ($_SESSION[$this->base]->type=='host') $this->attributes['uid'][0] = $this->attributes['uid'][0] . '2$';
else $this->attributes['uid'][0] = $this->attributes['uid'][0] . '2';
else {
/* Last character is a number -> we have to increase the number until we've
* found a groupname with trailing number which is not in use.
*
* $i will show us were we have to split groupname so we get a part
* with the groupname and a part with the trailing number
*/
$i=strlen($this->attributes['uid'][0])-1;
$mark = false;
// Set $i to the last character which is a number in $account_new->general_username
while (!$mark) {
if (ereg('^([0-9])+$',substr($this->attributes['uid'][0], $i, strlen($this->attributes['uid'][0])-$i))) $i--;
else $mark=true;
}
// increase last number with one
$firstchars = substr($this->attributes['uid'][0], 0, $i+1);
$lastchars = substr($this->attributes['uid'][0], $i+1, strlen($this->attributes['uid'][0])-$i);
// Put username together
if ($_SESSION[$this->base]->type=='host') $this->attributes['uid'][0] = $firstchars . (intval($lastchars)+1)."$";
else $this->attributes['uid'][0] = $firstchars . (intval($lastchars)+1);
}
}
// Show warning if lam has changed username
if ($_SESSION[$this->base]->type=='user')
if ($this->attributes['uid'][0] != $post['form_posixAccount_uid']) {
$errors[] = array('WARN', _('Username'), _('Username in use. Selected next free username.'));
}
if ($_SESSION[$this->base]->type=='host')
if ($this->attributes['uid'][0] != $post['form_posixAccount_uid']) {
$errors[] = array('WARN', _('Hostname'), _('Hostname in use. Selected next free hostname.'));
}
if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $this->userPassword()))
$errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
// Return error-messages
if (is_array($errors)) return $errors;
// Go to additional group page when no error did ocour and button was pressed
if ($post['form_posixAccount_addgroup']) return 'group';
return 0;
function pages() {
return array('attributes', 'groups');
}
/* Write variables into object and do some regexp checks
/* This function returns all ldap attributes
* which are part of posixAccount and returns
* also their values.
*/
function proccess_group($post) {
do { // X-Or, only one if() can be true
if (isset($post['form_posixAccount_addgroups']) && isset($post['form_posixAccount_addgroups_button'])) { // Add groups to list
// Add new group
$this->groups = @array_merge($this->groups, $post['form_posixAccount_addgroups']);
// sort groups
sort($this->groups);
break;
}
if (isset($post['form_posixAccount_removegroups']) && isset($post['form_posixAccount_removegroups_button'])) { // remove groups from list
$this->groups = array_delete($post['form_posixAccount_removegroups'], $this->groups);
break;
}
} while(0);
if (isset($post['form_posixAccount_addgroups_button']) || isset($post['form_posixAccount_removegroups_button'])) return 'group';
if ($post['form_posixAccount_toattributes']) return 'attributes';
return 0;
function get_attributes() {
$return = $this->attributes;
$return['userPassword'] = $this->userPassword();
return $return;
}
/* This function loads all attributes into the object
* $attr is an array as it's retured from ldap_get_attributes
*/
@ -391,8 +210,6 @@ class posixAccount {
return 0;
}
/* This function returns an array with 3 entries:
* array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... )
* DN is the DN to change. It may be possible to change several DNs,
@ -469,12 +286,12 @@ class posixAccount {
$DNs = array_keys($dn_cns);
foreach ($DNs as $DN) {
if (is_array($add))
if (in_array($dn_cns[$DN][0], $add)) $return[$DN]['add']['memberUid'] = $this->attributes['uid'];
if (in_array($dn_cns[$DN][0], $add)) $return[$DN]['add']['memberUid'] = $this->attributes['uid'][0];
if (is_array($remove))
if (in_array($dn_cns[$DN][0], $remove)) $return[$DN]['remove']['memberUid'] = $this->attributes['uid'];
if (in_array($dn_cns[$DN][0], $remove)) $return[$DN]['remove']['memberUid'] = $this->attributes['uid'][0];
}
// primary group mut also be removed if it has changed after setting additional groups
if (in_array($_SESSION[$_SESSION[$this->base]->cache]->getgrnam($this->attributes['gidNumber']), $this->groups_orig)) $return[$DN]['remove']['memberUid'] = $this->attributes['uid'];
if (in_array($_SESSION[$_SESSION[$this->base]->cache]->getgrnam($this->attributes['gidNumber'][0]), $this->groups_orig)) $return[$DN]['remove']['memberUid'] = $this->attributes['uid'];
}
else {
// Add user to every group
@ -482,7 +299,7 @@ class posixAccount {
// get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... )
$DNs = array_keys($dn_cns);
foreach ($DNs as $DN) {
if (in_array($dn_cns[$DN][0], $this->groups)) $return[$DN]['add']['memberUid'] = $this->attributes['uid'];
if (in_array($dn_cns[$DN][0], $this->groups)) $return[$DN]['add']['memberUid'] = $this->attributes['uid'][0];
}
}
}
@ -493,7 +310,7 @@ class posixAccount {
// get_cache will return an array ( dn1 => array(cn1), dn2 => array(cn2), ... )
$DNs = array_keys($dn_cns);
foreach ($DNs as $DN) {
if (in_array($dn_cns[$DN][0], $this->orig['groups'])) $return[$DN]['remove']['memberUid'] = $this->attributes['uid'];
if (in_array($dn_cns[$DN][0], $this->orig['groups'])) $return[$DN]['remove']['memberUid'] = $this->attributes['uid'][0];
}
}
}
@ -503,20 +320,214 @@ class posixAccount {
return $return;
}
function delete_attributes() {
function delete_attributes($post) {
$return = array();
// remove memberUids if set
$groups = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('memberUid', 'posixGroup', 'group');
$DNs = array_keys($groups);
for ($i=0; $i<count($DNs); $i++) {
if (in_array($this->attributes['uid'][0], $groups[$DNs[$i]])) $return[$DNs[$i]]['remove']['memberUid'] = $this->attributes['uid'][0];
}
if ($post['deletehomedir']) $return[$_SESSION[$this->base]->dn]['lamdaemon']['command'][] = $this->attributes['uid'][0] . " home rem";
return $return;
}
/* This function returns all ldap attributes
* which are part of posixAccount and returns
* also their values.
/* Write variables into object and do some regexp checks
*/
function get_attributes() {
$return = $this->attributes;
$return['userPassword'] = $this->userPassword();
return $return;
function proccess_attributes($post) {
if ($this->orig['uid'][0]!='' && $post['uid']!=$this->attributes['uid'][0])
$errors[] = array('INFO', _('UID'), _('UID has changed. Do you want to change home directory?'), 'uid');
if ($this->orig['gidNumber'][0]!='' && $_SESSION[$_SESSION[$this->base]->cache]->getgid($post['gidNumber'])!=$this->attributes['gidNumber'][0])
$errors[] = array('INFO', _('GID number'), sprintf(_('GID number has changed. To keep file ownership you have to run the following command as root: \'find / -gid %s -uid %s -exec chgrp %s {} \;\''), $this->orig['gidNumber'][0], $this->orig['uidNumber'][0], $_SESSION[$_SESSION[$this->base]->cache]->getgid($post['gidNumber'])), 'gidNumber');
if ($this->orig['uidNumber'][0]!='' && $post['uidNumber']!=$this->attributes['uidNumber'][0])
$errors[] = array('INFO', _('UID number'), sprintf(_('UID number has changed. To keep file ownership you have to run the following command as root: \'find / -uid %s -exec chown %s {} \;\''), $this->orig['uidNumber'][0], $this->attributes['uidNumber'][0]), 'uidNumber');
if (isset($post['homeDirectory']) && $this->orig['homeDirectory'][0]!='' && $post['homeDirectory']!=$this->attributes['homeDirectory'][0])
$errors[] = array('INFO', _('Home directory'), sprintf(_('Home directory changed. To keep home directory you have to run the following command as root: \'mv %s %s\''), $this->orig['homeDirectory'][0], $this->attributes['homeDirectory'][0]), 'homeDirectory');
// Load attributes
$this->attributes['uid'][0] = $post['uid'];
$this->attributes['cn'][0] = $this->attributes['uid'][0];
$this->attributes['uidNumber'][0] = $post['uidNumber'];
$this->attributes['gidNumber'][0] = $_SESSION[$_SESSION[$this->base]->cache]->getgid($post['gidNumber']);
$this->attributes['homeDirectory'][0] = $post['homeDirectory'];
$this->attributes['loginShell'][0] = $post['loginShell'];
$this->attributes['gecos'][0] = $post['gecos'];
if ($post['createhomedir']) $this->createhomedir = true;
else $this->createhomedir = false;
if ($post['userPassword_no']) $this->userPassword_no=true;
else $this->userPassword_no=false;
if ($post['userPassword_lock']) $this->userPassword_lock=true;
else $this->userPassword_lock=false;
if (isset($post['userPassword'])) {
if ($post['userPassword'] != $post['userPassword2']) {
$errors[] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'), 'userPassword');
unset ($post['userPassword2']);
}
else $this->userPassword($post['userPassword']);
}
if ($post['genpass']) $this->userPassword(genpasswd());
// Check if UID is valid. If none value was entered, the next useable value will be inserted
// load min and may uidNumber
if ($_SESSION[$this->base]->type=='user') {
$minID = intval($_SESSION[$_SESSION[$this->base]->config]->get_minUID());
$maxID = intval($_SESSION[$_SESSION[$this->base]->config]->get_maxUID());
}
if ($_SESSION[$this->base]->type=='host') {
$minID = intval($_SESSION[$_SESSION[$this->base]->config]->get_minMachine());
$maxID = intval($_SESSION[$_SESSION[$this->base]->config]->get_maxMachine());
}
$dn_uids = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('uidNumber', 'posixAccount', '*');
// get_cache will return an array ( dn1 => array(uidnumber1), dn2 => array(uidnumber2), ... )
foreach ($dn_uids as $uid) $uids[] = $uid[0];
if(is_array($uids)) sort ($uids, SORT_NUMERIC);
if ($this->attributes['uidNumber'][0]=='') {
// No id-number given
if ($this->orig['uidNumber'][0]=='') {
// new account -> we have to find a free id-number
if (count($uids)!=0) {
// There are some uids
// Store highest id-number
$id = $uids[count($uids)-1];
// Return minimum allowed id-number if all found id-numbers are too low
if ($id < $minID) $this->attributes['uidNumber'][0] = $minID;
// Return higesht used id-number + 1 if it's still in valid range
if ($id < $maxID) $this->attributes['uidNumber'][0] = $id+1;
/* If this function is still running we have to fid a free id-number between
* the used id-numbers
*/
$i = intval($minID);
while (in_array($i, $uids)) $i++;
if ($i>$maxID)
$errors[] = array('ERROR', _('ID-Number'), _('No free ID-Number!'), 'uidNumber');
else {
$this->attributes['uidNumber'][0] = $i;
$errors[] = array('WARN', _('ID-Number'), _('It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.'), 'uidNumber');
}
}
else $this->attributes['uidNumber'][0] = $minID;
// return minimum allowed id-number if no id-numbers are found
}
else $this->attributes['uidNumber'][0] = $this->orig['uidNumber'][0];
// old account -> return id-number which has been used
}
else {
// Check manual ID
// id-number is out of valid range
if ( ($this->attributes['uidNumber'][0]!=$post['uidNumber']) && ($this->attributes['uidNumber'][0] < $minID || $this->attributes['uidNumber'][0] > $maxID)) $errors[] = array('ERROR', _('ID-Number'), sprintf(_('Please enter a value between %s and %s!'), $minID, $maxID), 'uidNumber');
// $uids is allways an array but not if no entries were found
if (is_array($uids)) {
// id-number is in use and account is a new account
if ((in_array($this->attributes['uidNumber'][0], $uids)) && $this->orig['uidNumber'][0]=='') $errors[] = array('ERROR', _('ID-Number'), _('ID is already in use'), 'uidNumber');
// id-number is in use, account is existing account and id-number is not used by itself
if ((in_array($this->attributes['uidNumber'][0], $uids)) && $this->orig['uidNumber'][0]!='' && ($this->orig['uidNumber'][0] != $this->attributes['uidNumber'][0]) ) {
$errors[] = array('ERROR', _('ID-Number'), _('ID is already in use'), 'uidNumber');
$this->attributes['uidNumber'][0] = $this->orig['uidNumber'][0];
}
}
}
if ($_SESSION[$this->base]->type=='user') {
if (($this->attributes['uid'][0] != $post['uid']) && ereg('[A-Z]$', $post['uid']))
$errors[] = array('WARN', _('Username'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.'), 'uid');
// Check if Homedir is valid
$this->attributes['homeDirectory'][0] = str_replace('$group', $_SESSION[$_SESSION[$this->base]->cache]->getgrnam($this->attributes['gidNumber'][0]), $this->attributes['homeDirectory'][0]);
if ($this->attributes['uid'][0] != '')
$this->attributes['homeDirectory'][0] = str_replace('$user', $this->attributes['uid'][0], $this->attributes['homeDirectory'][0]);
if ($this->attributes['homeDirectory'][0] != $post['homeDirectory']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.'));
if ( !ereg('^[/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*([/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*)*$', $this->attributes['homeDirectory'][0] ))
$errors[] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.'), 'homeDirectory');
// Check if Username contains only valid characters
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+$', $this->attributes['uid'][0]))
$errors[] = array('ERROR', _('Username'), _('Username contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'), 'uid');
}
if ($_SESSION[$this->base]->type=='host') {
if (($this->attributes['uid'][0] != $post['form_account_uid']) && ereg('[A-Z]$', $post['form_account_uid']))
$errors[] = array('WARN', _('Hostname'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.'), 'uid');
// Check if Username contains only valid characters
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+[$]$', $this->attributes['uid'][0]))
$errors[] = array('ERROR', _('Hostname'), _('Hostname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ ! Hostname must end with $ !'), 'uid');
}
// Create automatic useraccount with number if original user already exists
// Reset name to original name if new name is in use
// Set username back to original name if new username is in use
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['uid'][0],'uid', '*')!=false && ($this->orig['uid'][0]!='')) {
$this->attributes['uid'][0] = $this->orig['uid'][0];
}
// Change uid to a new uid until a free uid is found
else while ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['uid'][0], 'uid', '*')) {
if ($_SESSION[$this->base]->type=='host') $this->attributes['uid'][0] = substr($this->attributes['uid'][0], 0, -1);
// get last character of username
$lastchar = substr($this->attributes['uid'][0], strlen($this->attributes['uid'][0])-1, 1);
// Last character is no number
if ( !ereg('^([0-9])+$', $lastchar))
/* Last character is no number. Therefore we only have to
* add "2" to it.
*/
if ($_SESSION[$this->base]->type=='host') $this->attributes['uid'][0] = $this->attributes['uid'][0] . '2$';
else $this->attributes['uid'][0] = $this->attributes['uid'][0] . '2';
else {
/* Last character is a number -> we have to increase the number until we've
* found a groupname with trailing number which is not in use.
*
* $i will show us were we have to split groupname so we get a part
* with the groupname and a part with the trailing number
*/
$i=strlen($this->attributes['uid'][0])-1;
$mark = false;
// Set $i to the last character which is a number in $account_new->general_username
while (!$mark) {
if (ereg('^([0-9])+$',substr($this->attributes['uid'][0], $i, strlen($this->attributes['uid'][0])-$i))) $i--;
else $mark=true;
}
// increase last number with one
$firstchars = substr($this->attributes['uid'][0], 0, $i+1);
$lastchars = substr($this->attributes['uid'][0], $i+1, strlen($this->attributes['uid'][0])-$i);
// Put username together
if ($_SESSION[$this->base]->type=='host') $this->attributes['uid'][0] = $firstchars . (intval($lastchars)+1)."$";
else $this->attributes['uid'][0] = $firstchars . (intval($lastchars)+1);
}
}
// Show warning if lam has changed username
if ($_SESSION[$this->base]->type=='user')
if ($this->attributes['uid'][0] != $post['uid']) {
$errors[] = array('WARN', _('Username'), _('Username in use. Selected next free username.'), 'uid');
}
if ($_SESSION[$this->base]->type=='host')
if ($this->attributes['uid'][0] != $post['uid']) {
$errors[] = array('WARN', _('Hostname'), _('Hostname in use. Selected next free hostname.'), 'uid');
}
if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $this->userPassword()))
$errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'), 'userPassword');
// Return error-messages
if (is_array($errors)) return $errors;
// Go to additional group page when no error did ocour and button was pressed
if ($post['addgroup']) return 'group';
return 0;
}
/* Write variables into object and do some regexp checks
*/
function proccess_group($post) {
do { // X-Or, only one if() can be true
if (isset($post['addgroups']) && isset($post['addgroups_button'])) { // Add groups to list
// Add new group
$this->groups = @array_merge($this->groups, $post['addgroups']);
// sort groups
sort($this->groups);
break;
}
if (isset($post['removegroups']) && isset($post['removegroups_button'])) { // remove groups from list
$this->groups = array_delete($post['removegroups'], $this->groups);
break;
}
} while(0);
if (isset($post['addgroups_button']) || isset($post['removegroups_button'])) return 'group';
if ($post['toattributes']) return 'attributes';
return 0;
}
/* This function will create the html-page
@ -524,6 +535,9 @@ class posixAccount {
* It will output a complete html-table
*/
function display_html_attributes($post) {
print_r($this->attributes);
print "<br>";
print_r($this->attributes);
$groups = $_SESSION[$_SESSION[$this->base]->cache]->findgroups(); // list of all groupnames
$shelllist = getshells(); // list of all valid shells
if ($this->attributes['userPassword'][0] != $this->orig['userPassword'][0]) $password=$this->userPassword();
@ -531,22 +545,22 @@ class posixAccount {
echo "<table border=0 width=\"100%\">\n";
echo "<tr>\n";
echo '<td>' . _('Username') . "*</td>\n";
echo "<td><input name=\"form_posixAccount_uid\" type=\"text\" size=\"20\" maxlength=\"20\" value=\"".$this->attributes['uid'][0]."\"></td>\n";
echo "<td><input name=\"uid\" type=\"text\" size=\"20\" maxlength=\"20\" value=\"".$this->attributes['uid'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=400\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('UID number') ."</td>\n";
echo "<td><input name=\"form_posixAccount_uidNumber\" type=\"text\" size=\"6\" maxlength=\"6\" value=\"".$this->attributes['uidNumber'][0]."\"></td>\n";
echo "<td><input name=\"uidNumber\" type=\"text\" size=\"6\" maxlength=\"6\" value=\"".$this->attributes['uidNumber'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=401\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Gecos') . "</td>\n";
echo "<td><input name=\"form_posixAccount_gecos\" type=\"text\" size=\"30\" maxlength=\"255\" value=\"".$this->attributes['gecos'][0]."\"></td>\n";
echo "<td><input name=\"gecos\" type=\"text\" size=\"30\" maxlength=\"255\" value=\"".$this->attributes['gecos'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=404\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Primary group') . "*</td>\n";
echo "<td><select name=\"form_posixAccount_gidNumber\">";
echo "<td><select name=\"gidNumber\">";
// loop trough existing groups
foreach ($groups as $group)
if ($_SESSION[$_SESSION[$this->base]->cache]->getgrnam($this->attributes['gidNumber'][0]) == $group) echo "<option selected> $group </option>\n";
@ -557,45 +571,45 @@ class posixAccount {
if ($_SESSION[$this->base]->type=='user') {
echo "<tr>\n";
echo "<td>" . _('Additional groups') . "</td>\n";
echo "<td><input name=\"form_posixAccount_addgroup\" type=\"submit\" value=\"" . _('Edit groups') . "\"></td>\n";
echo "<td><input name=\"addgroup\" type=\"submit\" value=\"" . _('Edit groups') . "\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=402\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Home directory') . "*</td>\n";
echo "<td><input name=\"form_posixAccount_homeDirectory\" type=\"text\" size=\"30\" maxlength=\"255\" value=\"".$this->attributes['homeDirectory'][0]."\"></td>\n";
echo "<td><input name=\"homeDirectory\" type=\"text\" size=\"30\" maxlength=\"255\" value=\"".$this->attributes['homeDirectory'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=403\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
if ($this->orig['homeDirectory']=='' && isset($_SESSION[$_SESSION[$this->base]->config]->scriptPath)) {
echo "<tr>\n";
echo "<td>" . _('Create home directory') . "*</td>\n";
echo "<td><input name=\"form_posixAccount_createhomedir\" type=\"checkbox\"";
echo "<td><input name=\"createhomedir\" type=\"checkbox\"";
if ($this->createhomedir) echo " checked ";
echo "></td>\n";
echo "<tr>\n";
}
echo "<tr>\n";
echo "<td>" . _('Password') . "</td>\n";
echo "<td><input name=\"form_posixAccount_userPassword\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"$password\"></td>\n";
echo "<td><input name=\"form_posixAccount_genpass\" type=\"submit\" value=\"" . _('Generate password') . "\"></td>\n";
echo "<td><input name=\"userPassword\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"$password\"></td>\n";
echo "<td><input name=\"genpass\" type=\"submit\" value=\"" . _('Generate password') . "\"></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Repeat password') . "</td>\n";
echo "<td><input name=\"form_posixAccount_userPassword2\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"";
if ($post['form_posixAccount_userPassword2']!='') echo $post['form_posixAccount_userPassword2'];
echo "<td><input name=\"userPassword2\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"";
if ($post['userPassword2']!='') echo $post['userPassword2'];
else echo $password;
echo "\"></td>\n";
echo "<td></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Use no password') . "</td>\n";
echo "<td><input name=\"form_posixAccount_userPassword_no\" type=\"checkbox\"";
echo "<td><input name=\"userPassword_no\" type=\"checkbox\"";
if ($this->userPassword_no) echo " checked ";
echo "></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=426\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Lock password') . "</td>\n";
echo "<td><input name=\"form_posixAccount_userPassword_lock\" type=\"checkbox\"";
echo "<td><input name=\"userPassword_lock\" type=\"checkbox\"";
if ($this->userPassword_lock) echo " checked ";
echo "></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=426\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
@ -603,7 +617,7 @@ class posixAccount {
if (count($shelllist)!=0) {
echo "<tr>\n";
echo "<td>" . _('Login shell') . "*</td>\n";
echo "<td><select name=\"form_posixAccount_loginShell\">";
echo "<td><select name=\"loginShell\">";
// loop through shells
foreach ($shelllist as $shell)
if ($this->attributes['loginShell'][0]==trim($shell)) echo "<option selected> $shell </option>\n";
@ -617,6 +631,16 @@ class posixAccount {
return 0;
}
function display_html_delete($post) {
if ($_SESSION[$this->base]->type=='user' && isset($_SESSION[$_SESSION[$this->base]->config]->scriptPath)) {
echo "<tr>\n";
echo "<td>" . _('Delete home directory') . "*</td>\n";
echo "<td><input name=\"deletehomedir\" type=\"checkbox\"></td>\n";
echo "<tr>\n";
}
return 0;
}
function display_html_group($post) {
// load list with all groups
$dn_groups = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('gidNumber', 'posixGroup', 'group');
@ -640,22 +664,22 @@ class posixAccount {
echo "<legend class=\"".$_SESSION[$this->base]->type."edit-bright\">" . _("Selected groups") . "</legend>\n";
// Show all groups the user is additional member of
if (count($this->groups)!=0) {
echo "<select name=\"form_posixAccount_removegroups[]\" class=\"".$_SESSION[$this->base]->type."edit-bright\" size=15 multiple>\n";
echo "<select name=\"removegroups[]\" class=\"".$_SESSION[$this->base]->type."edit-bright\" size=15 multiple>\n";
for ($i=0; $i<count($this->groups); $i++)
echo "<option>" . $this->groups[$i] . "</option>\n";
echo "</select>\n";
}
echo "</fieldset></td>\n";
echo "<td align=\"center\" width=\"10%\"><input type=\"submit\" name=\"form_posixAccount_addgroups_button\" value=\"<=\">";
echo "<td align=\"center\" width=\"10%\"><input type=\"submit\" name=\"addgroups_button\" value=\"<=\">";
echo " ";
echo "<input type=\"submit\" name=\"form_posixAccount_removegroups_button\" value=\"=>\"><br><br>";
echo "<input type=\"submit\" name=\"removegroups_button\" value=\"=>\"><br><br>";
echo "<a href=\""."../help.php?HelpNumber=402\" target=\"lamhelp\">"._('Help')."</a></td>\n";
echo "<td valign=\"top\">\n";
echo "<fieldset class=\"".$_SESSION[$this->base]->type."edit-bright\">";
echo "<legend class=\"".$_SESSION[$this->base]->type."edit-bright\">" . _('Available groups') . "</legend>\n";
// show all groups expect these the user is member of
if (count($groups)!=0) {
echo "<select name=\"form_posixAccount_addgroups[]\" size=15 multiple class=\"".$_SESSION[$this->base]->type."edit-bright\">\n";
echo "<select name=\"addgroups[]\" size=15 multiple class=\"".$_SESSION[$this->base]->type."edit-bright\">\n";
for ($i=0; $i<count($groups); $i++)
echo "<option> $groups[$i] </option>\n";
echo "</select>\n";
@ -663,7 +687,7 @@ class posixAccount {
echo "</fieldset></td>\n";
echo "</tr>\n";
echo "</table>\n";
echo "<input name=\"form_posixAccount_toattributes\" type=\"submit\" value=\""; echo _('Back'); echo "\">\n";
echo "<input name=\"toattributes\" type=\"submit\" value=\""; echo _('Back'); echo "\">\n";
echo "</fieldset>\n";
echo "</td></tr></table>\n";
return 0;
@ -672,6 +696,4 @@ class posixAccount {
}
?>

396
lam/lib/modules/posixGroup.inc
View File

@ -77,13 +77,10 @@ class posixGroup {
$this->attributes[$attribute] =& $_SESSION[$this->base]->module[$module[$i]]->attributes[$attribute];
}
$this->orig = $this->attributes ;
$this->attributes['objectClass'][0] = 'posixGroup';
$this->changegids=false;
}
// Variables
// Alias Name. This name is shown in the menu instead of posixGroup
var $alias;
// name of accountContainer so we can read other classes in accuontArray
var $base;
// Use a unix password?
@ -131,181 +128,40 @@ class posixGroup {
}
}
function get_alias() {
return _('posixGroup');
}
/* This function returns a list with all required modules
*/
function dependencies() {
return array('main');
function get_dependencies($scope) {
if ($scope=='group') return array('require' => array('main'), 'conflict' => array('inetOrgPerson', 'account', 'sambaDomain') );
return -1;
}
function module_ready() {
return true;
}
/* Write variables into object and do some regexp checks
/* This function returns a list of all html-pages in module
* This is usefull for mass upload and pdf-files
* because lam can walk trough all pages itself and do some
* error checkings
*/
function proccess_attributes($post) {
if ($this->orig['gidNumber'][0]!='' && $post['form_posixGroup_gidNumber']!=$this->attributes['gidNumber'][0])
$errors[] = array('INFO', _('GID number'), _('GID number has changed. Please select checkbox to change GID number of users and hosts.'));
// Load attributes
$this->attributes['cn'][0] = $post['form_posixGroup_cn'];
$this->attributes['gidNumber'][0] = $post['form_posixGroup_gidNumber'];
$this->attributes['description'][0] = $post['form_posixGroup_description'];
if ($post['form_posixGroup_userPassword_no']) $this->userPassword_no=true;
else $this->userPassword_no=false;
if ($post['form_posixGroup_userPassword_lock']) $this->userPassword_lock=true;
else $this->userPassword_lock=false;
if ($post['form_posixGroup_changegids']) $this->changegids=true;
else $this->changegids=false;
if (isset($post['form_posixGroup_userPassword'])) {
if ($post['form_posixGroup_userPassword'] != $post['form_posixGroup_userPassword2']) {
$errors[] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'));
unset ($post['form_posixGroup_userPassword2']);
}
else $this->userPassword($post['form_posixGroup_userPassword']);
}
if ($post['form_posixGroup_genpass']) $this->userPassword(genpasswd());
// Check if UID is valid. If none value was entered, the next useable value will be inserted
// load min and may uidNumber
$minID = intval($_SESSION[$_SESSION[$this->base]->config]->get_minGID());
$maxID = intval($_SESSION[$_SESSION[$this->base]->config]->get_maxGID());
$dn_gids = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('gidNumber', 'posixGroup', '*');
// get_cache will return an array ( dn1 => array(uidnumber1), dn2 => array(uidnumber2), ... )
foreach ($dn_gids as $gid) $gids[] = $gid[0];
if(is_array($gids)) sort ($gids, SORT_NUMERIC);
if ($this->attributes['gidNumber'][0]=='') {
// No id-number given
if ($this->orig['gidNumber'][0]=='') {
// new account -> we have to find a free id-number
if (count($gids)!=0) {
// There are some uids
// Store highest id-number
$id = $gids[count($gids)-1];
// Return minimum allowed id-number if all found id-numbers are too low
if ($id < $minID) $this->attributes['gidNumber'][0] = $minID;
// Return higesht used id-number + 1 if it's still in valid range
if ($id < $maxID) $this->attributes['gidNumber'][0] = $id+1;
/* If this function is still running we have to fid a free id-number between
* the used id-numbers
*/
$i = intval($minID);
while (in_array($i, $gids)) $i++;
if ($i>$maxID)
$errors[] = array('ERROR', _('ID-Number'), _('No free ID-Number!'));
else {
$this->attributes['gidNumber'][0] = $i;
$errors[] = array('WARN', _('ID-Number'), _('It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.'));
}
}
else $this->attributes['gidNumber'][0] = $minID;
// return minimum allowed id-number if no id-numbers are found
}
else $this->attributes['gidNumber'][0] = $this->orig['gidNumber'][0];
// old account -> return id-number which has been used
}
else {
// Check manual ID
// id-number is out of valid range
if ( ($this->attributes['gidNumber'][0]!=$post['form_posixGroup_gidNumber']) && ($this->attributes['gidNumber'][0] < $minID || $this->attributes['gidNumber'][0] > $maxID)) $errors[] = array('ERROR', _('ID-Number'), sprintf(_('Please enter a value between %s and %s!'), $minID, $maxID));
// $uids is allways an array but not if no entries were found
if (is_array($gids)) {
// id-number is in use and account is a new account
if ((in_array($this->attributes['gidNumber'][0], $gids)) && $this->orig['gidNumber'][0]=='') $errors[] = array('ERROR', _('ID-Number'), _('ID is already in use'));
// id-number is in use, account is existing account and id-number is not used by itself
if ((in_array($this->attributes['gidNumber'][0], $gids)) && $this->orig['gidNumber'][0]!='' && ($this->orig['gidNumber'][0] != $this->attributes['gidNumber'][0]) ) {
$errors[] = array('ERROR', _('ID-Number'), _('ID is already in use'));
$this->attributes['gidNumber'][0] = $this->orig['gidNumber'][0];
}
}
}
if (($this->attributes['cn'][0] != $post['form_posixGroup_cn']) && ereg('[A-Z]$', $post['form_posixGroup_cn']))
$errors[] = array('WARN', _('Groupname'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.'));
// Check if Username contains only valid characters
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+$', $this->attributes['cn'][0]))
$errors[] = array('ERROR', _('Groupname'), _('Groupname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'));
// Create automatic useraccount with number if original user already exists
// Reset name to original name if new name is in use
// Set username back to original name if new username is in use
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['cn'][0],'cn', '*')!=false && ($this->orig['cn'][0]!='')) {
$this->attributes['cn'][0] = $this->orig['cn'][0];
}
// Change uid to a new uid until a free uid is found
else while ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['cn'][0], 'cn', '*')) {
// get last character of username
$lastchar = substr($this->attributes['cn'][0], strlen($this->attributes['cn'][0])-1, 1);
// Last character is no number
if ( !ereg('^([0-9])+$', $lastchar))
/* Last character is no number. Therefore we only have to
* add "2" to it.
*/
$this->attributes['cn'][0] = $this->attributes['cn'][0] . '2';
else {
/* Last character is a number -> we have to increase the number until we've
* found a groupname with trailing number which is not in use.
*
* $i will show us were we have to split groupname so we get a part
* with the groupname and a part with the trailing number
*/
$i=strlen($this->attributes['cn'][0])-1;
$mark = false;
// Set $i to the last character which is a number in $account_new->general_username
while (!$mark) {
if (ereg('^([0-9])+$',substr($this->attributes['cn'][0], $i, strlen($this->attributes['cn'][0])-$i))) $i--;
else $mark=true;
}
// increase last number with one
$firstchars = substr($this->attributes['cn'][0], 0, $i+1);
$lastchars = substr($this->attributes['cn'][0], $i+1, strlen($this->attributes['cn'][0])-$i);
// Put username together
$this->attributes['cn'][0] = $firstchars . (intval($lastchars)+1);
}
}
// Show warning if lam has changed username
if ($this->attributes['cn'][0] != $post['form_posixGroup_cn']) {
$errors[] = array('WARN', _('Groupname'), _('Groupname in use. Selected next free groupname.'));
}
if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $this->userPassword()))
$errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
// Return error-messages
if (is_array($errors)) return $errors;
// Go to additional group page when no error did ocour and button was pressed
if ($post['form_posixGroup_adduser']) return 'user';
return 0;
function pages() {
return array('attributes', 'user');
}
/* Write variables into object and do some regexp checks
/* This function returns all ldap attributes
* which are part of posixGroup and returns
* also their values.
*/
function proccess_user($post) {
do { // X-Or, only one if() can be true
if (isset($post['form_posixGroup_addusers']) && isset($post['form_posixGroup_addusers_button'])) { // Add groups to list
// Add new user
$this->attributes['memberUid'] = @array_merge($this->attributes['memberUid'], $post['form_posixGroup_addusers']);
// remove doubles
$this->attributes['memberUid'] = @array_flip($this->attributes['memberUid']);
array_unique($this->attributes['memberUid']);
$this->attributes['memberUid'] = @array_flip($this->attributes['memberUid']);
// sort groups
sort($this->attributes['memberUid']);
break;
}
if (isset($post['form_posixGroup_removeusers']) && isset($post['form_posixGroup_removeusers_button'])) { // remove groups from list
$this->attributes['memberUid'] = array_delete($post['form_posixGroup_removeusers'], $this->attributes['memberUid']);
break;
}
} while(0);
if (isset($post['form_posixGroup_adduser_button']) || isset($post['form_posixGroup_removeuser_button'])) return 'user';
if ($post['form_posixGroup_toattributes']) return 'attributes';
return 0;
function get_attributes() {
$return = $this->attributes;
$return['userPassword'] = $this->userPassword();
return $return;
}
/* This function loads all attributes into the object
* $attr is an array as it's retured from ldap_get_attributes
*/
@ -328,12 +184,9 @@ class posixGroup {
// Values are kept as copy so we can compare old attributes with new attributes
$this->attributes['objectClass'][0] = 'posixGroup';
$this->orig = $this->attributes;
return 0;
}
/* This function returns an array with 3 entries:
* array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... )
* DN is the DN to change. It may be possible to change several DNs,
@ -441,17 +294,174 @@ class posixGroup {
return $return;
}
/* This function returns all ldap attributes
* which are part of posixGroup and returns
* also their values.
*/
function get_attributes() {
$return = $this->attributes;
$return['userPassword'] = $this->userPassword();
function delete_attributes($post) {
$return = array();
return $return;
}
/* Write variables into object and do some regexp checks
*/
function proccess_attributes($post) {
if ($this->orig['gidNumber'][0]!='' && $post['gidNumber']!=$this->attributes['gidNumber'][0])
$errors[] = array('INFO', _('GID number'), _('GID number has changed. Please select checkbox to change GID number of users and hosts.'), 'gidNumber');
// Load attributes
$this->attributes['cn'][0] = $post['cn'];
$this->attributes['gidNumber'][0] = $post['gidNumber'];
$this->attributes['description'][0] = $post['description'];
if ($post['userPassword_no']) $this->userPassword_no=true;
else $this->userPassword_no=false;
if ($post['userPassword_lock']) $this->userPassword_lock=true;
else $this->userPassword_lock=false;
if ($post['changegids']) $this->changegids=true;
else $this->changegids=false;
if (isset($post['userPassword'])) {
if ($post['userPassword'] != $post['userPassword2']) {
$errors[] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'), 'userPassword');
unset ($post['userPassword2']);
}
else $this->userPassword($post['userPassword']);
}
if ($post['genpass']) $this->userPassword(genpasswd());
// Check if UID is valid. If none value was entered, the next useable value will be inserted
// load min and may uidNumber
$minID = intval($_SESSION[$_SESSION[$this->base]->config]->get_minGID());
$maxID = intval($_SESSION[$_SESSION[$this->base]->config]->get_maxGID());
$dn_gids = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('gidNumber', 'posixGroup', '*');
// get_cache will return an array ( dn1 => array(uidnumber1), dn2 => array(uidnumber2), ... )
foreach ($dn_gids as $gid) $gids[] = $gid[0];
if(is_array($gids)) sort ($gids, SORT_NUMERIC);
if ($this->attributes['gidNumber'][0]=='') {
// No id-number given
if ($this->orig['gidNumber'][0]=='') {
// new account -> we have to find a free id-number
if (count($gids)!=0) {
// There are some uids
// Store highest id-number
$id = $gids[count($gids)-1];
// Return minimum allowed id-number if all found id-numbers are too low
if ($id < $minID) $this->attributes['gidNumber'][0] = $minID;
// Return higesht used id-number + 1 if it's still in valid range
if ($id < $maxID) $this->attributes['gidNumber'][0] = $id+1;
/* If this function is still running we have to fid a free id-number between
* the used id-numbers
*/
$i = intval($minID);
while (in_array($i, $gids)) $i++;
if ($i>$maxID)
$errors[] = array('ERROR', _('ID-Number'), _('No free ID-Number!'), 'gidNumber');
else {
$this->attributes['gidNumber'][0] = $i;
$errors[] = array('WARN', _('ID-Number'), _('It is possible that this ID-number is reused. This can cause several problems because files with old permissions might still exist. To avoid this warning set maxUID to a higher value.'), 'gidNumber');
}
}
else $this->attributes['gidNumber'][0] = $minID;
// return minimum allowed id-number if no id-numbers are found
}
else $this->attributes['gidNumber'][0] = $this->orig['gidNumber'][0];
// old account -> return id-number which has been used
}
else {
// Check manual ID
// id-number is out of valid range
if ( ($this->attributes['gidNumber'][0]!=$post['gidNumber']) && ($this->attributes['gidNumber'][0] < $minID || $this->attributes['gidNumber'][0] > $maxID)) $errors[] = array('ERROR', _('ID-Number'), sprintf(_('Please enter a value between %s and %s!'), $minID, $maxID), 'gidNumber');
// $uids is allways an array but not if no entries were found
if (is_array($gids)) {
// id-number is in use and account is a new account
if ((in_array($this->attributes['gidNumber'][0], $gids)) && $this->orig['gidNumber'][0]=='') $errors[] = array('ERROR', _('ID-Number'), _('ID is already in use'), 'gidNumber');
// id-number is in use, account is existing account and id-number is not used by itself
if ((in_array($this->attributes['gidNumber'][0], $gids)) && $this->orig['gidNumber'][0]!='' && ($this->orig['gidNumber'][0] != $this->attributes['gidNumber'][0]) ) {
$errors[] = array('ERROR', _('ID-Number'), _('ID is already in use'), 'gidNumber');
$this->attributes['gidNumber'][0] = $this->orig['gidNumber'][0];
}
}
}
if (($this->attributes['cn'][0] != $post['cn']) && ereg('[A-Z]$', $post['cn']))
$errors[] = array('WARN', _('Groupname'), _('You are using a capital letters. This can cause problems because windows isn\'t case-sensitive.'), 'cn');
// Check if Username contains only valid characters
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])+$', $this->attributes['cn'][0]))
$errors[] = array('ERROR', _('Groupname'), _('Groupname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'), 'cn');
// Create automatic useraccount with number if original user already exists
// Reset name to original name if new name is in use
// Set username back to original name if new username is in use
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['cn'][0],'cn', '*')!=false && ($this->orig['cn'][0]!='')) {
$this->attributes['cn'][0] = $this->orig['cn'][0];
}
// Change uid to a new uid until a free uid is found
else while ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($this->attributes['cn'][0], 'cn', '*')) {
// get last character of username
$lastchar = substr($this->attributes['cn'][0], strlen($this->attributes['cn'][0])-1, 1);
// Last character is no number
if ( !ereg('^([0-9])+$', $lastchar))
/* Last character is no number. Therefore we only have to
* add "2" to it.
*/
$this->attributes['cn'][0] = $this->attributes['cn'][0] . '2';
else {
/* Last character is a number -> we have to increase the number until we've
* found a groupname with trailing number which is not in use.
*
* $i will show us were we have to split groupname so we get a part
* with the groupname and a part with the trailing number
*/
$i=strlen($this->attributes['cn'][0])-1;
$mark = false;
// Set $i to the last character which is a number in $account_new->general_username
while (!$mark) {
if (ereg('^([0-9])+$',substr($this->attributes['cn'][0], $i, strlen($this->attributes['cn'][0])-$i))) $i--;
else $mark=true;
}
// increase last number with one
$firstchars = substr($this->attributes['cn'][0], 0, $i+1);
$lastchars = substr($this->attributes['cn'][0], $i+1, strlen($this->attributes['cn'][0])-$i);
// Put username together
$this->attributes['cn'][0] = $firstchars . (intval($lastchars)+1);
}
}
// Show warning if lam has changed username
if ($this->attributes['cn'][0] != $post['cn']) {
$errors[] = array('WARN', _('Groupname'), _('Groupname in use. Selected next free groupname.'), 'cn');
}
if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $this->userPassword()))
$errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'), 'userPassword');
// Return error-messages
if (is_array($errors)) return $errors;
// Go to additional group page when no error did ocour and button was pressed
if ($post['adduser']) return 'user';
return 0;
}
/* Write variables into object and do some regexp checks
*/
function proccess_user($post) {
do { // X-Or, only one if() can be true
if (isset($post['addusers']) && isset($post['addusers_button'])) { // Add groups to list
// Add new user
$this->attributes['memberUid'] = @array_merge($this->attributes['memberUid'], $post['addusers']);
// remove doubles
$this->attributes['memberUid'] = @array_flip($this->attributes['memberUid']);
array_unique($this->attributes['memberUid']);
$this->attributes['memberUid'] = @array_flip($this->attributes['memberUid']);
// sort groups
sort($this->attributes['memberUid']);
break;
}
if (isset($post['removeusers']) && isset($post['removeusers_button'])) { // remove groups from list
$this->attributes['memberUid'] = array_delete($post['removeusers'], $this->attributes['memberUid']);
break;
}
} while(0);
if (isset($post['adduser_button']) || isset($post['removeuser_button'])) return 'user';
if ($post['toattributes']) return 'attributes';
return 0;
}
/* This function will create the html-page
* to show a page with all attributes.
* It will output a complete html-table
@ -462,47 +472,47 @@ class posixGroup {
echo "<table border=0 width=\"100%\">\n";
echo "<tr>\n";
echo '<td>' . _('Groupname') . "*</td>\n";
echo "<td><input name=\"form_posixGroup_cn\" type=\"text\" size=\"20\" maxlength=\"20\" value=\"".$this->attributes['cn'][0]."\"></td>\n";
echo "<td><input name=\"cn\" type=\"text\" size=\"20\" maxlength=\"20\" value=\"".$this->attributes['cn'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=400\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('GID number') ."</td>\n";
echo "<td><input name=\"form_posixGroup_gidNumber\" type=\"text\" size=\"6\" maxlength=\"6\" value=\"".$this->attributes['gidNumber'][0]."\"></td>\n";
echo "<td><input name=\"gidNumber\" type=\"text\" size=\"6\" maxlength=\"6\" value=\"".$this->attributes['gidNumber'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=401\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Description') . "</td>\n";
echo "<td><input name=\"form_posixGroup_description\" type=\"text\" size=\"30\" maxlength=\"255\" value=\"".$this->attributes['description'][0]."\"></td>\n";
echo "<td><input name=\"description\" type=\"text\" size=\"30\" maxlength=\"255\" value=\"".$this->attributes['description'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=404\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Group members') . "</td>\n";
echo "<td><input name=\"form_posixGroup_adduser\" type=\"submit\" value=\"" . _('Edit groups') . "\"></td>\n";
echo "<td><input name=\"adduser\" type=\"submit\" value=\"" . _('Edit groups') . "\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=402\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Password') . "</td>\n";
echo "<td><input name=\"form_posixGroup_userPassword\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"$password\"></td>\n";
echo "<td><input name=\"form_posixGroup_genpass\" type=\"submit\" value=\"" . _('Generate password') . "\"></td>\n";
echo "<td><input name=\"userPassword\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"$password\"></td>\n";
echo "<td><input name=\"genpass\" type=\"submit\" value=\"" . _('Generate password') . "\"></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Repeat password') . "</td>\n";
echo "<td><input name=\"form_posixGroup_userPassword2\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"";
if ($post['form_posixGroup_userPassword2']!='') echo $post['form_posixGroup_userPassword2'];
echo "<td><input name=\"userPassword2\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"";
if ($post['userPassword2']!='') echo $post['userPassword2'];
else echo $password;
echo "\"></td>\n";
echo "<td></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Use no password') . "</td>\n";
echo "<td><input name=\"form_posixGroup_userPassword_no\" type=\"checkbox\"";
echo "<td><input name=\"userPassword_no\" type=\"checkbox\"";
if ($this->userPassword_no) echo " checked ";
echo "></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=426\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Lock password') . "</td>\n";
echo "<td><input name=\"form_posixGroup_userPassword_lock\" type=\"checkbox\"";
echo "<td><input name=\"userPassword_lock\" type=\"checkbox\"";
if ($this->userPassword_lock) echo " checked ";
echo "></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=426\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
@ -510,7 +520,7 @@ class posixGroup {
if ($this->attributes['gidNumber'][0]!=$this->orig['gidNumber'][0] && $this->orig['gidNumber'][0]!='') {
echo "<tr>\n";
echo "<td>" . _('Change GID number of users and hosts') . "</td>\n";
echo "<td><input name=\"form_posixGroup_changegids\" type=\"checkbox\"";
echo "<td><input name=\"changegids\" type=\"checkbox\"";
if ($this->changegids) echo " checked ";
echo "></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=XXX\" target=\"lamhelp\">" . _('Help-XX') . "</a></td>\n";
@ -520,6 +530,10 @@ class posixGroup {
return 0;
}
function display_html_delete($post) {
return 0;
}
function display_html_user($post) {
// load list with all groups
$dn_users = $_SESSION[$_SESSION[$this->base]->cache]->get_cache('uid', 'posixAccount', 'user');
@ -553,22 +567,22 @@ class posixGroup {
echo "<legend class=\"".$_SESSION[$this->base]->type."edit-bright\">" . _("Selected users") . "</legend>\n";
// Show all groups the user is additional member of
if (count($this->attributes['memberUid'])!=0) {
echo "<select name=\"form_posixGroup_removeusers[]\" class=\"".$_SESSION[$this->base]->type."edit-bright\" size=15 multiple>\n";
echo "<select name=\"removeusers[]\" class=\"".$_SESSION[$this->base]->type."edit-bright\" size=15 multiple>\n";
foreach ($this->attributes['memberUid'] as $member)
if ($member!='') echo "<option>$member</option>\n";
echo "</select>\n";
}
echo "</fieldset></td>\n";
echo "<td align=\"center\" width=\"10%\"><input type=\"submit\" name=\"form_posixGroup_addusers_button\" value=\"<=\">";
echo "<td align=\"center\" width=\"10%\"><input type=\"submit\" name=\"addusers_button\" value=\"<=\">";
echo " ";
echo "<input type=\"submit\" name=\"form_posixGroup_removeusers_button\" value=\"=>\"><br><br>";
echo "<input type=\"submit\" name=\"removeusers_button\" value=\"=>\"><br><br>";
echo "<a href=\""."../help.php?HelpNumber=402\" target=\"lamhelp\">"._('Help')."</a></td>\n";
echo "<td valign=\"top\">\n";
echo "<fieldset class=\"".$_SESSION[$this->base]->type."edit-bright\">";
echo "<legend class=\"".$_SESSION[$this->base]->type."edit-bright\">" . _('Available users') . "</legend>\n";
// show all groups expect these the user is member of
if (count($users)!=0) {
echo "<select name=\"form_posixGroup_addusers[]\" size=15 multiple class=\"".$_SESSION[$this->base]->type."edit-bright\">\n";
echo "<select name=\"addusers[]\" size=15 multiple class=\"".$_SESSION[$this->base]->type."edit-bright\">\n";
for ($i=0; $i<count($users); $i++)
if ($users[$i]!='') echo "<option> $users[$i] </option>\n";
echo "</select>\n";
@ -576,7 +590,7 @@ class posixGroup {
echo "</fieldset></td>\n";
echo "</tr>\n";
echo "</table>\n";
echo "<input name=\"form_posixGroup_toattributes\" type=\"submit\" value=\""; echo _('Back'); echo "\">\n";
echo "<input name=\"toattributes\" type=\"submit\" value=\""; echo _('Back'); echo "\">\n";
echo "</fieldset>\n";
echo "</td></tr></table>\n";
return 0;

115
lam/lib/modules/quota.inc
View File

@ -28,14 +28,12 @@ class quota {
if (!$base) trigger_error(_('Please create a base object with $var = new accountContainer();'), E_USER_ERROR);
if (!is_string($base)) trigger_error(_('Please create a new module object with $accountContainer->add_objectClass(\'quota\');'), E_USER_ERROR);
// quota is only a valid objectClass for user and host
if (!($_SESSION[$this->base]->get_type() == 'user') && !($_SESSION[$this->base]->get_type() == 'group')) trigger_error(_('quota can only be used for users or hosts.'), E_USER_WARNING);
if (!($_SESSION[$this->base]->get_type() == 'user') && !($_SESSION[$this->base]->get_type() == 'group')) trigger_error(_('quota can only be used for users or groups.'), E_USER_WARNING);
/* Check if ldap conatiner is in array and set type
* users are using inetOrgPerson-, hosts account-container
*/
if (!isset($_SESSION[$this->base]->module['posixAccount']) && $_SESSION[$this->base]->type=='user') $_SESSION[$this->base]->add_objectClass('posixAccount');
if (!isset($_SESSION[$this->base]->module['posixGroup']) && $_SESSION[$this->base]->type=='group') $_SESSION[$this->base]->add_objectClass('posixGroup');
$this->alias = _('quota');
// Get basic quotas for new account
$output_array = $_SESSION[$this->base]->lamdaemon(array("+ quota get " . $_SESSION[$this->base]->type));
// process quotas
@ -64,19 +62,20 @@ class quota {
}
// Variables
// Alias Name. This name is shown in the menu instead of quota
var $alias;
// name of accountContainer so we can read other classes in accuontArray
var $base;
var $quota;
function get_alias() {
return _('quota');
}
/* This function returns a list with all required modules
*/
function dependencies() {
if ($_SESSION[$this->base]->type=='user') return array('posixAccount');
if ($_SESSION[$this->base]->type=='group') return array('posixGroup');
// return error if unsupported type is used
function get_dependencies($scope) {
if ($scope=='group') return array('require' => array('posixGroup'), 'conflict' => array() );
if ($scope=='user') return array('require' => array('posixAccount'), 'conflict' => array() );
return -1;
}
@ -87,39 +86,22 @@ class quota {
return true;
}
/* Write variables into object and do some regexp checks
/* This function returns a list of all html-pages in module
* This is usefull for mass upload and pdf-files
* because lam can walk trough all pages itself and do some
* error checkings
*/
function proccess_attributes($post) {
// Write all general values into $account_new
$i=0;
// loop for every mointpoint with quotas
while ($this->quota[$i][0]) {
$this->quota[$i][2] = $post['form_quota_' . $i . '_2'];
$this->quota[$i][3] = $post['form_quota_' . $i . '_3'];
$this->quota[$i][6] = $post['form_quota_' . $i . '_6'];
$this->quota[$i][7] = $post['form_quota_' . $i . '_7'];
// Check if values are OK and set automatic values. if not error-variable will be set
if (!ereg('^([0-9])*$', $this->quota[$i][2]))
$errors[] = array('ERROR', _('Block soft quota'), _('Block soft quota contains invalid characters. Only natural numbers are allowed'));
if (!ereg('^([0-9])*$', $this->quota[$i][3]))
$errors[] = array('ERROR', _('Block hard quota'), _('Block hard quota contains invalid characters. Only natural numbers are allowed'));
if (!ereg('^([0-9])*$', $this->quota[$i][6]))
$errors[] = array('ERROR', _('Inode soft quota'), _('Inode soft quota contains invalid characters. Only natural numbers are allowed'));
if (!ereg('^([0-9])*$', $this->quota[$i][7]))
$errors[] = array('ERROR', _('Inode hard quota'), _('Inode hard quota contains invalid characters. Only natural numbers are allowed'));
if (intval($this->quota[$i][2]) > intval($this->quota[$i][3]))
$errors[] = array('ERROR', _('Block quota'), _('Block soft quota must be smaller than block hard quota'));
if (intval($this->quota[$i][6]) > intval($this->quota[$i][7]))
$errors[] = array('ERROR', _('Inode quota'), _('Inode soft quota must be smaller than inode hard quota'));
$i++;
}
// Return error-messages
if (is_array($errors)) return $errors;
// Go to additional group page when no error did ocour and button was pressed
return 0;
function pages() {
return array('attributes');
}
/* This function returns all ldap attributes
* which are part of quota and returns
* also their values.
*/
function get_attributes() {
return $this->quota;
}
/* This function loads all attributes into the object
* $attr is an array as it's retured from ldap_get_attributes
@ -156,8 +138,6 @@ class quota {
return 0;
}
/* This function returns an array with 3 entries:
* array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... )
* DN is the DN to change. It may be possible to change several DNs,
@ -191,7 +171,7 @@ class quota {
return $return;
}
function delete_attributes() {
function delete_attributes($post) {
$i=0;
while ($this->quota[$i][0]) {
$quotastring = $quotastring . $this->quota[$i][0] . ',0,0,0,0:';
@ -203,13 +183,37 @@ class quota {
return $return;
}
/* This function returns all ldap attributes
* which are part of quota and returns
* also their values.
/* Write variables into object and do some regexp checks
*/
function get_attributes() {
return $this->quota;
function proccess_attributes($post) {
// Write all general values into $account_new
$i=0;
// loop for every mointpoint with quotas
while ($this->quota[$i][0]) {
$this->quota[$i][2] = $post[$i . '_2'];
$this->quota[$i][3] = $post[$i . '_3'];
$this->quota[$i][6] = $post[$i . '_6'];
$this->quota[$i][7] = $post[$i . '_7'];
// Check if values are OK and set automatic values. if not error-variable will be set
if (!ereg('^([0-9])*$', $this->quota[$i][2]))
$errors[] = array('ERROR', _('Block soft quota'), _('Block soft quota contains invalid characters. Only natural numbers are allowed'));
if (!ereg('^([0-9])*$', $this->quota[$i][3]))
$errors[] = array('ERROR', _('Block hard quota'), _('Block hard quota contains invalid characters. Only natural numbers are allowed'));
if (!ereg('^([0-9])*$', $this->quota[$i][6]))
$errors[] = array('ERROR', _('Inode soft quota'), _('Inode soft quota contains invalid characters. Only natural numbers are allowed'));
if (!ereg('^([0-9])*$', $this->quota[$i][7]))
$errors[] = array('ERROR', _('Inode hard quota'), _('Inode hard quota contains invalid characters. Only natural numbers are allowed'));
if (intval($this->quota[$i][2]) > intval($this->quota[$i][3]))
$errors[] = array('ERROR', _('Block quota'), _('Block soft quota must be smaller than block hard quota'));
if (intval($this->quota[$i][6]) > intval($this->quota[$i][7]))
$errors[] = array('ERROR', _('Inode quota'), _('Inode soft quota must be smaller than inode hard quota'));
$i++;
}
// Return error-messages
if (is_array($errors)) return $errors;
// Go to additional group page when no error did ocour and button was pressed
return 0;
}
/* This function will create the html-page
@ -247,25 +251,20 @@ class quota {
echo "<tr>\n";
echo "<td>" . $this->quota[$i][0] . "</td>\n";
echo "<td>" . $this->quota[$i][1] . "</td>\n"; // used blocks
echo "<td><input name=\"form_quota_" . $i . "_2\" type=\"text\" size=\"12\" maxlength=\"20\" value=\"" . $this->quota[$i][2] . "\"></td>\n"; // blocks soft limit
echo "<td><input name=\"form_quota_" . $i . "_3\" type=\"text\" size=\"12\" maxlength=\"20\" value=\"" . $this->quota[$i][3] . "\"></td>\n"; // blocks hard limit
echo "<td><input name=\"" . $i . "_2\" type=\"text\" size=\"12\" maxlength=\"20\" value=\"" . $this->quota[$i][2] . "\"></td>\n"; // blocks soft limit
echo "<td><input name=\"" . $i . "_3\" type=\"text\" size=\"12\" maxlength=\"20\" value=\"" . $this->quota[$i][3] . "\"></td>\n"; // blocks hard limit
echo "<td>" . $this->quota[$i][4] . "</td>\n"; // block grace period
echo "<td>" . $this->quota[$i][5] . "</td>\n"; // used inodes
echo "<td><input name=\"form_quota_" . $i . "_6\" type=\"text\" size=\"12\" maxlength=\"20\" value=\"" . $this->quota[$i][6] . "\"></td>\n"; // inodes soft limit
echo "<td><input name=\"form_quota_" . $i . "_7\" type=\"text\" size=\"12\" maxlength=\"20\" value=\"" . $this->quota[$i][7] . "\"></td>\n"; // inodes hard limit
echo "<td><input name=\"" . $i . "_6\" type=\"text\" size=\"12\" maxlength=\"20\" value=\"" . $this->quota[$i][6] . "\"></td>\n"; // inodes soft limit
echo "<td><input name=\"" . $i . "_7\" type=\"text\" size=\"12\" maxlength=\"20\" value=\"" . $this->quota[$i][7] . "\"></td>\n"; // inodes hard limit
echo "<td>" . $this->quota[$i][8] . "</td>\n";
echo "</tr>\n"; // inodes grace period
$i++;
}
echo "</table>\n";
return 0;
}
}
?>
?>

424
lam/lib/modules/sambaAccount.inc
View File

@ -70,7 +70,6 @@ class sambaAccount {
// Add Array with all attributes and type
$this->attributes = $_SESSION[$this->base]->get_module_attributes('sambaAccount');
$_SESSION[$this->base]->add_attributes ('sambaAccount');
$this->alias = _('sambaAccount');
// Make references to attributes which already esists in ldap
$newattributes = array_keys($this->attributes);
$module = array_keys($_SESSION[$this->base]->module);
@ -87,11 +86,8 @@ class sambaAccount {
}
// Variables
// Alias Name. This name is shown in the menu instead of sambaAccount
var $alias;
// name of accountContainer so we can read other classes in accuontArray
var $base;
// This variable contains all inetOrgPerson attributes
var $attributes;
/* If an account was loaded all attributes are kept in this array
@ -103,19 +99,6 @@ class sambaAccount {
// Array of well known rids
var $rids;
/* This function returns a list with all required modules
*/
function dependencies() {
return array('posixAccount');
}
function module_ready() {
if ($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]=='') return false;
if ($_SESSION[$this->base]->module['posixAccount']->attributes['uidNumber'][0]=='') return false;
if ($this->attributes['uid'][0]=='') return false;
return true;
}
/* $attribute['lmPassword'] and ntPassword can't accessed directly because it's enrcypted
* To read / write password function userPassword is needed
* This function will return the unencrypted password when
@ -145,152 +128,41 @@ class sambaAccount {
}
}
/* Write variables into object and do some regexp checks
*/
function proccess_attributes($post) {
$this->attributes['domain'][0] = $post['form_sambaAccount_domain'];
// Start character
$flag = "[";
if ($post['form_sambaAccount_acctFlagsD']) $flag .= "D";
if ($post['form_sambaAccount_acctFlagsX']) $flag .= "X";
if ($post['form_sambaAccount_acctFlagsN']) $flag .= "N";
if ($post['form_sambaAccount_acctFlagsS']) $flag .= "S";
if ($post['form_sambaAccount_acctFlagsH']) $flag .= "H";
if ($post['form_sambaAccount_acctFlagsW']) $flag .= "W";
if ($post['form_sambaAccount_acctFlagsU']) $flag .= "U";
// Expand string to fixed length
$flag = str_pad($flag, 12);
// End character
$flag = $flag. "]";
$this->attributes['acctFlags'][0] = $flag;
if ($_SESSION[$this->base]->type=='host') {
$this->attributes['primaryGroupID'][0] = $this->rids[_('Domain Computers')];
if ($post['form_sambaAccount_ResetSambaPassword']) {
// *** fixme. What is the default password?
$this->lmPassword('');
$_SESSION[$this->base]->module['posixAccount']->userPassword('');
}
}
// Check values
if ($_SESSION[$this->base]->type=='user') {
$this->attributes['pwdCanChange'][0] = mktime($post['form_sambaAccount_pwdCanChange_h'], $post['form_sambaAccount_pwdCanChange_m'], $post['form_sambaAccount_pwdCanChange_s'],
$post['form_sambaAccount_pwdCanChange_mon'], $post['form_sambaAccount_pwdCanChange_day'], $post['form_sambaAccount_pwdCanChange_yea']);
$this->attributes['pwdMustChange'][0] = mktime($post['form_sambaAccount_pwdMustChange_h'], $post['form_sambaAccount_pwdMustChange_m'], $post['form_sambaAccount_pwdMustChange_s'],
$post['form_sambaAccount_pwdMustChange_mon'], $post['form_sambaAccount_pwdMustChange_day'], $post['form_sambaAccount_pwdMustChange_yea']);
$this->attributes['smbHome'][0] = stripslashes($post['form_sambaAccount_smbHome']);
$this->attributes['homeDrive'][0] = $post['form_sambaAccount_homeDrive'];
$this->attributes['scriptPath'][0] = stripslashes($post['form_sambaAccount_scriptPath']);
$this->attributes['profilePath'][0] = stripslashes($post['form_sambaAccount_profilePath']);
$rids = array_keys($this->rids);
$wrid = false;
for ($i=0; $i<count($rids); $i++) {
if ($post['form_sambaAccount_primaryGroupID'] == $rids[$i]) {
$wrid = true;
$this->attributes['primaryGroupID'][0] = $this->rids[$rids[$i]];
}
}
if (!$wrid) $this->attributes['primaryGroupID'][0] = ($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]*2)+1001;
if (isset($post['form_sambaAccount_lmPassword'])) {
if ($post['form_sambaAccount_lmPassword'] != $post['form_sambaAccount_lmPassword2']) {
$errors[] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'));
unset ($post['form_sambaAccount_lmPassword2']);
}
else $this->lmPassword($post['form_sambaAccount_lmPassword']);
}
if ($post['form_sambaAccount_useunixpwd']) $this->useunixpwd = true;
else $this->useunixpwd = false;
if ($post['form_sambaAccount_rid']== _('Administrator')) {
$this->attributes['rid'][0] = "500";
// Do a check if an administrator already exists
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache("500", 'rid', 'user')!=$_SESSION[$this->base]->dn_orig)
$errors[] = array('ERROR', _('Special user'), _('There can be only one administrator per domain.'));
}
if ($post['form_sambaAccount_rid']== _('Guest')) {
$this->attributes['rid'][0] = "501";
// Do a check if an administrator already exists
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache("501", 'rid', 'user')!=$_SESSION[$this->base]->dn_orig)
$errors[] = array('ERROR', _('Special user'), _('There can be only one guest per domain.'));
}
$this->attributes['smbHome'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['smbHome'][0]);
$this->attributes['smbHome'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['smbHome'][0]);
if ($this->attributes['smbHome'][0] != stripslashes($post['form_sambaAccount_smbHome'])) $errors[] = array('INFO', _('Home path'), _('Inserted user- or groupname in HomePath.'));
$this->attributes['scriptPath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['scriptPath'][0]);
$this->attributes['scriptPath'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['scriptPath'][0]);
if ($this->attributes['scriptPath'][0] != stripslashes($post['form_sambaAccount_scriptPath'])) $errors[] = array('INFO', _('Script path'), _('Inserted user- or groupname in scriptpath.'));
$this->attributes['profilePath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['profilePath'][0]);
$this->attributes['profilePath'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['profilePath'][0]);
if ($this->attributes['profiletPath'][0] != stripslashes($post['form_sambaAccount_profilePath'])) $errors[] = array('INFO', _('Profile path'), _('Inserted user- or groupname in profilepath.'));
if ( (!$this->attributes['smbHome'][0]=='') && (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+)+$', $this->attributes['smbHome'][0])))
$errors[] = array('ERROR', _('Home path'), _('Home path is invalid.'));
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$',
$this->lmPassword())) $errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
if ( (!$this->attributes['scriptPath'][0]=='') && (!ereg('^([/])*([a-z]|[0-9]|[.]|[-]|[_]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+([a-z]|[0-9]|[.]|[-]|[_]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])*'.
'([/]([a-z]|[0-9]|[.]|[-]|[_]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+([a-z]|[0-9]|[.]|[-]|[_]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])*)*(([.][b][a][t])|([.][c][m][d]))$', $this->attributes['scriptPath'][0])))
$errors[] = array('ERROR', _('Script path'), _('Script path is invalid!'));
if ( (!$this->attributes['profilePath'][0]=='') && (!ereg('^[/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*([/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*)*$', $this->attributes['profilePath'][0]))
&& (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+)+$', $this->attributes['profilePath'][0])))
$errors[] = array('ERROR', _('Profile path'), _('Profile path is invalid!'));
}
if ((!$this->attributes['domain'][0]=='') && !ereg('^([a-z]|[A-Z]|[0-9]|[-])+$', $this->attributes['domain'][0]))
$errors[] = array('ERROR', _('Domain name'), _('Domain name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and -.'));
if (is_array($errors)) return $errors;
if ($post['form_sambaAccount_userWorkstations']) return 'userWorkstations';
return 0;
function get_alias() {
return _('sambaAccount');
}
/* Write variables into object and do some regexp checks
/* This function returns a list with all required modules
*/
function proccess_userWorkstations($post) {
// Load attributes
do { // X-Or, only one if() can be true
if (isset($post['form_sambaAccount_availableUserWorkstations']) && isset($post['form_sambaAccount_userWorkstations_add'])) { // Add workstations to list
$temp = str_replace(' ', '', $this->attributes['userWorkstations'][0]);
$workstations = explode (',', $temp);
for ($i=0; $i<count($workstations); $i++)
if ($workstations[$i]=='') unset($workstations[$i]);
$workstations = array_values($workstations);
// Add new // Add workstations
$workstations = array_merge($workstations, $post['form_sambaAccount_availableUserWorkstations']);
// remove doubles
$workstations = array_flip($workstations);
array_unique($workstations);
$workstations = array_flip($workstations);
// sort workstations
sort($workstations);
// Recreate workstation string
$this->attributes['userWorkstations'][0] = $workstations[0];
for ($i=1; $i<count($workstations); $i++) {
$this->attributes['userWorkstations'][0] = $this->attributes['userWorkstations'][0] . "," . $workstations[$i];
}
break;
}
if (isset($post['form_sambaAccount_userWorkstations']) && isset($post['form_sambaAccount_userWorkstations_remove'])) { // remove // Add workstations from list
// Put all workstations in array
$temp = str_replace(' ', '', $this->attributes['userWorkstations'][0]);
$workstations = explode (',', $temp);
for ($i=0; $i<count($workstations); $i++)
if ($workstations[$i]=='') unset($workstations[$i]);
$workstations = array_values($workstations);
// Remove unwanted workstations from array
$workstations = array_delete($post['form_sambaAccount_userWorkstations'], $workstations);
// Recreate workstation string
$this->attributes['userWorkstations'][0] = $workstations[0];
for ($i=1; $i<count($workstations); $i++) {
$this->attributes['userWorkstations'][0] = $this->attributes['userWorkstations'][0] . "," . $workstations[$i];
}
break;
}
} while(0);
if ($post['form_sambaAccount_attributes']) return 'attributes';
return 0;
function get_dependencies($scope) {
if ($scope=='host') return array('require' => array('account'), 'conflict' => array() );
if ($scope=='user') return array('require' => array('inetOrgPerson'), 'conflict' => array() );
return -1;
}
function module_ready() {
if ($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]=='') return false;
if ($_SESSION[$this->base]->module['posixAccount']->attributes['uidNumber'][0]=='') return false;
if ($this->attributes['uid'][0]=='') return false;
return true;
}
/* This function returns a list of all html-pages in module
* This is usefull for mass upload and pdf-files
* because lam can walk trough all pages itself and do some
* error checkings
*/
function pages() {
return array('attributes', 'userWorkstations');
}
/* This function returns all ldap attributes
* which are part of sambaAccount and returns
* also their values.
*/
function get_attributes() {
$return['lmPassword'] = $this->lmPassword();
return $this->attributes;
}
/* This function loads all attributes into the object
@ -319,7 +191,6 @@ class sambaAccount {
return 0;
}
/* This function returns an array with 3 entries:
* array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... )
* DN is the DN to change. It may be possible to change several DNs,
@ -365,13 +236,155 @@ class sambaAccount {
return $return;
}
function delete_attributes($post) {
$return = array();
return $return;
}
/* This function returns all ldap attributes
* which are part of sambaAccount and returns
* also their values.
/* Write variables into object and do some regexp checks
*/
function get_attributes() {
return $this->attributes;
function proccess_attributes($post) {
$this->attributes['domain'][0] = $post['domain'];
// Start character
$flag = "[";
if ($post['acctFlagsD']) $flag .= "D";
if ($post['acctFlagsX']) $flag .= "X";
if ($post['acctFlagsN']) $flag .= "N";
if ($post['acctFlagsS']) $flag .= "S";
if ($post['acctFlagsH']) $flag .= "H";
if ($post['acctFlagsW']) $flag .= "W";
if ($post['acctFlagsU']) $flag .= "U";
// Expand string to fixed length
$flag = str_pad($flag, 12);
// End character
$flag = $flag. "]";
$this->attributes['acctFlags'][0] = $flag;
if ($_SESSION[$this->base]->type=='host') {
$this->attributes['primaryGroupID'][0] = $this->rids[_('Domain Computers')];
if ($post['ResetSambaPassword']) {
// *** fixme. What is the default password?
$this->lmPassword('');
$_SESSION[$this->base]->module['posixAccount']->userPassword('');
}
}
// Check values
if ($_SESSION[$this->base]->type=='user') {
$this->attributes['pwdCanChange'][0] = mktime($post['pwdCanChange_h'], $post['pwdCanChange_m'], $post['pwdCanChange_s'],
$post['pwdCanChange_mon'], $post['pwdCanChange_day'], $post['pwdCanChange_yea']);
$this->attributes['pwdMustChange'][0] = mktime($post['pwdMustChange_h'], $post['pwdMustChange_m'], $post['pwdMustChange_s'],
$post['pwdMustChange_mon'], $post['pwdMustChange_day'], $post['pwdMustChange_yea']);
$this->attributes['smbHome'][0] = stripslashes($post['smbHome']);
$this->attributes['homeDrive'][0] = $post['homeDrive'];
$this->attributes['scriptPath'][0] = stripslashes($post['scriptPath']);
$this->attributes['profilePath'][0] = stripslashes($post['profilePath']);
$rids = array_keys($this->rids);
$wrid = false;
for ($i=0; $i<count($rids); $i++) {
if ($post['primaryGroupID'] == $rids[$i]) {
$wrid = true;
$this->attributes['primaryGroupID'][0] = $this->rids[$rids[$i]];
}
}
if (!$wrid) $this->attributes['primaryGroupID'][0] = ($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]*2)+1001;
if (isset($post['lmPassword'])) {
if ($post['lmPassword'] != $post['lmPassword2']) {
$errors[] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'), 'lmPassword');
unset ($post['lmPassword2']);
}
else $this->lmPassword($post['lmPassword']);
}
if ($post['useunixpwd']) $this->useunixpwd = true;
else $this->useunixpwd = false;
if ($post['rid']== _('Administrator')) {
$this->attributes['rid'][0] = "500";
// Do a check if an administrator already exists
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache("500", 'rid', 'user')!=$_SESSION[$this->base]->dn_orig)
$errors[] = array('ERROR', _('Special user'), _('There can be only one administrator per domain.'), 'rid');
}
if ($post['rid']== _('Guest')) {
$this->attributes['rid'][0] = "501";
// Do a check if an administrator already exists
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache("501", 'rid', 'user')!=$_SESSION[$this->base]->dn_orig)
$errors[] = array('ERROR', _('Special user'), _('There can be only one guest per domain.'), 'rid');
}
$this->attributes['smbHome'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['smbHome'][0]);
$this->attributes['smbHome'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['smbHome'][0]);
if ($this->attributes['smbHome'][0] != stripslashes($post['smbHome'])) $errors[] = array('INFO', _('Home path'), _('Inserted user- or groupname in HomePath.'), 'smbHome');
$this->attributes['scriptPath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['scriptPath'][0]);
$this->attributes['scriptPath'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['scriptPath'][0]);
if ($this->attributes['scriptPath'][0] != stripslashes($post['scriptPath'])) $errors[] = array('INFO', _('Script path'), _('Inserted user- or groupname in scriptpath.'), 'scriptPath');
$this->attributes['profilePath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['profilePath'][0]);
$this->attributes['profilePath'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['profilePath'][0]);
if ($this->attributes['profiletPath'][0] != stripslashes($post['profilePath'])) $errors[] = array('INFO', _('Profile path'), _('Inserted user- or groupname in profilepath.'), 'profilePath');
if ( (!$this->attributes['smbHome'][0]=='') && (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+)+$', $this->attributes['smbHome'][0])))
$errors[] = array('ERROR', _('Home path'), _('Home path is invalid.'), 'smbHome');
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$',
$this->lmPassword())) $errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'), 'lmPassword');
if ( (!$this->attributes['scriptPath'][0]=='') && (!ereg('^([/])*([a-z]|[0-9]|[.]|[-]|[_]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+([a-z]|[0-9]|[.]|[-]|[_]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])*'.
'([/]([a-z]|[0-9]|[.]|[-]|[_]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+([a-z]|[0-9]|[.]|[-]|[_]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])*)*(([.][b][a][t])|([.][c][m][d]))$', $this->attributes['scriptPath'][0])))
$errors[] = array('ERROR', _('Script path'), _('Script path is invalid!'), 'scriptPath');
if ( (!$this->attributes['profilePath'][0]=='') && (!ereg('^[/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*([/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*)*$', $this->attributes['profilePath'][0]))
&& (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+)+$', $this->attributes['profilePath'][0])))
$errors[] = array('ERROR', _('Profile path'), _('Profile path is invalid!'), 'profilePath');
}
if ((!$this->attributes['domain'][0]=='') && !ereg('^([a-z]|[A-Z]|[0-9]|[-])+$', $this->attributes['domain'][0]))
$errors[] = array('ERROR', _('Domain name'), _('Domain name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and -.'), 'domain');
if (is_array($errors)) return $errors;
if ($post['userWorkstations']) return 'userWorkstations';
return 0;
}
/* Write variables into object and do some regexp checks
*/
function proccess_userWorkstations($post) {
// Load attributes
do { // X-Or, only one if() can be true
if (isset($post['availableUserWorkstations']) && isset($post['userWorkstations_add'])) { // Add workstations to list
$temp = str_replace(' ', '', $this->attributes['userWorkstations'][0]);
$workstations = explode (',', $temp);
for ($i=0; $i<count($workstations); $i++)
if ($workstations[$i]=='') unset($workstations[$i]);
$workstations = array_values($workstations);
// Add new // Add workstations
$workstations = array_merge($workstations, $post['availableUserWorkstations']);
// remove doubles
$workstations = array_flip($workstations);
array_unique($workstations);
$workstations = array_flip($workstations);
// sort workstations
sort($workstations);
// Recreate workstation string
$this->attributes['userWorkstations'][0] = $workstations[0];
for ($i=1; $i<count($workstations); $i++) {
$this->attributes['userWorkstations'][0] = $this->attributes['userWorkstations'][0] . "," . $workstations[$i];
}
break;
}
if (isset($post['userWorkstations']) && isset($post['userWorkstations_remove'])) { // remove // Add workstations from list
// Put all workstations in array
$temp = str_replace(' ', '', $this->attributes['userWorkstations'][0]);
$workstations = explode (',', $temp);
for ($i=0; $i<count($workstations); $i++)
if ($workstations[$i]=='') unset($workstations[$i]);
$workstations = array_values($workstations);
// Remove unwanted workstations from array
$workstations = array_delete($post['userWorkstations'], $workstations);
// Recreate workstation string
$this->attributes['userWorkstations'][0] = $workstations[0];
for ($i=1; $i<count($workstations); $i++) {
$this->attributes['userWorkstations'][0] = $this->attributes['userWorkstations'][0] . "," . $workstations[$i];
}
break;
}
} while(0);
if ($post['attributes']) return 'attributes';
return 0;
}
/* This function will create the html-page
@ -382,22 +395,22 @@ class sambaAccount {
if ($_SESSION[$this->base]->type=='user') {
$canchangedate = getdate($this->attributes['pwdCanChange'][0]);
$mustchangedate = getdate($this->attributes['pwdMustChange'][0]);
echo '<input name="form_sambaAccount_pwdCanChange_h" type="hidden" value="'.$canchangedate['hours'].'">'.
'<input name="form_sambaAccount_pwdCanChange_m" type="hidden" value="'.$canchangedate['minutes'].'">'.
'<input name="form_sambaAccount_pwdCanChange_s" type="hidden" value="'.$canchangedate['seconds'].'">'.
'<input name="form_sambaAccount_pwdMustChange_h" type="hidden" value="'.$mustchangedate['hours'].'">'.
'<input name="form_sambaAccount_pwdMustChange_m" type="hidden" value="'.$mustchangedate['minutes'].'">'.
'<input name="form_sambaAccount_pwdMustChange_s" type="hidden" value="'.$mustchangedate['seconds'].'">'.
'<input name="form_sambaAccount_acctFlagsU" type="hidden" value="true">';
echo '<input name="pwdCanChange_h" type="hidden" value="'.$canchangedate['hours'].'">'.
'<input name="pwdCanChange_m" type="hidden" value="'.$canchangedate['minutes'].'">'.
'<input name="pwdCanChange_s" type="hidden" value="'.$canchangedate['seconds'].'">'.
'<input name="pwdMustChange_h" type="hidden" value="'.$mustchangedate['hours'].'">'.
'<input name="pwdMustChange_m" type="hidden" value="'.$mustchangedate['minutes'].'">'.
'<input name="pwdMustChange_s" type="hidden" value="'.$mustchangedate['seconds'].'">'.
'<input name="acctFlagsU" type="hidden" value="true">';
echo "<table border=0 width=\"100%\">\n<tr>\n";
echo "<tr>\n";
echo "<td>" . _('Samba password') . "</td>\n";
echo "<td><input name=\"form_sambaAccount_lmPassword\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"" . $this->lmPassword() . "\"></td>\n";
echo "<td><input name=\"lmPassword\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"" . $this->lmPassword() . "\"></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Repeat password') . "</td>\n";
echo "<td><input name=\"form_sambaAccount_lmPassword2\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"";
if ($post['form_sambaAccount_lmPassword2']!='') echo $post['form_sambaAccount_lmPassword2'];
echo "<td><input name=\"lmPassword2\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"";
if ($post['lmPassword2']!='') echo $post['lmPassword2'];
else echo $this->lmPassword();
echo "\"></td>\n";
echo "<td></td>\n";
@ -405,7 +418,7 @@ class sambaAccount {
if ($_SESSION[$this->base]->module['posixAccount']->orig['userPassword'][0] != $_SESSION[$this->base]->module['posixAccount']->attributes['userPassword'][0]) {
echo "<tr>\n";
echo "<td>" . _('Use unix password') . "</td>\n";
echo "<td><input name=\"form_sambaAccount_useunixpwd\" type=\"checkbox\"";
echo "<td><input name=\"useunixpwd\" type=\"checkbox\"";
if ($this->useunixpwd) echo " checked ";
echo "></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=428\" target=\"lamhelp\">" . _('Help') . "</a></td>";
@ -413,31 +426,31 @@ class sambaAccount {
}
echo "<tr>\n";
echo "<td>" . _('Use no password') . "</td>\n";
echo "<td><input name=\"form_sambaAccount_acctFlagsN\" type=\"checkbox\"";
echo "<td><input name=\"acctFlagsN\" type=\"checkbox\"";
if (strpos($this->attributes['acctFlags'][0], "N")) echo " checked ";
echo "></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=426\" target=\"lamhelp\">" . _('Help' ) ."</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Password does not expire') . "</td>\n";
echo "<td><input name=\"form_sambaAccount_acctFlagsX\" type=\"checkbox\"";
echo "<td><input name=\"acctFlagsX\" type=\"checkbox\"";
if (strpos($this->attributes['acctFlags'][0], "X")) echo " checked ";
echo "></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=429\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('User can change password') . "</td>\n";
echo "<td><select name=\"form_sambaAccount_pwdCanChange_day\">";
echo "<td><select name=\"pwdCanChange_day\">";
for ( $i=1; $i<=31; $i++ ) {
if ($canchangedate['mday']==$i) echo "<option selected>$i</option>";
else echo "<option>$i</option>";
}
echo "</select><select name=\"form_sambaAccount_pwdCanChange_mon\">";
echo "</select><select name=\"pwdCanChange_mon\">";
for ( $i=1; $i<=12; $i++ ) {
if ($canchangedate['mon'] == $i) echo "<option selected>$i</option>";
else echo "<option>$i</option>";
}
echo "</select><select name=\"form_sambaAccount_pwdCanChange_yea\">";
echo "</select><select name=\"pwdCanChange_yea\">";
for ( $i=2003; $i<=2030; $i++ ) {
if ($canchangedate['year']==$i) echo "<option selected>$i</option>";
else echo "<option>$i</option>";
@ -447,17 +460,17 @@ class sambaAccount {
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('User must change password') . "</td>\n";
echo "<td><select name=\"form_sambaAccount_pwdMustChange_day\">";
echo "<td><select name=\"pwdMustChange_day\">";
for ( $i=1; $i<=31; $i++ ) {
if ($mustchangedate['mday']==$i) echo "<option selected>$i</option>";
else echo "<option>$i</option>";
}
echo "</select><select name=\"form_sambaAccount_pwdMustChange_mon\">";
echo "</select><select name=\"pwdMustChange_mon\">";
for ( $i=1; $i<=12; $i++ ) {
if ($mustchangedate['mon'] == $i) echo "<option selected>$i</option>";
else echo "<option>$i</option>";
}
echo "</select><select name=\"form_sambaAccount_pwdMustChange_yea\">";
echo "</select><select name=\"pwdMustChange_yea\">";
for ( $i=2030; $i>=2003; $i-- ) {
if ($mustchangedate['year']==$i) echo "<option selected>$i</option>";
else echo "<option>$i</option>";
@ -467,14 +480,14 @@ class sambaAccount {
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Account is deactivated') . "</td>\n";
echo "<td><input name=\"form_sambaAccount_acctFlagsD\" type=\"checkbox\"";
echo "<td><input name=\"acctFlagsD\" type=\"checkbox\"";
if (strpos($this->attributes['acctFlags'][0], "D")) echo " checked ";
echo "></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=432\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Home drive') . "</td>\n";
echo "<td><select name=\"form_sambaAccount_homeDrive\">";
echo "<td><select name=\"homeDrive\">";
for ($i=90; $i>67; $i--)
if ($this->attributes['homeDrive'][0]== chr($i).':') echo "<option selected>".chr($i).":</option>";
else echo "<option>".chr($i).":</option>";
@ -483,27 +496,27 @@ class sambaAccount {
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Home path') . "</td>\n";
echo "<td><input name=\"form_sambaAccount_smbHome\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"" . $this->attributes['smbHome'][0] . "\"></td>\n";
echo "<td><input name=\"smbHome\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"" . $this->attributes['smbHome'][0] . "\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=437\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Profile path') . "</td>\n";
echo "<td><input name=\"form_sambaAccount_profilePath\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"" . $this->attributes['profilePath'][0] . "\"></td>\n";
echo "<td><input name=\"profilePath\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"" . $this->attributes['profilePath'][0] . "\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=435\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Script path') . "</td>\n";
echo "<td><input name=\"form_sambaAccount_scriptPath\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"" . $this->attributes['scriptPath'][0] . "\"></td>\n";
echo "<td><input name=\"scriptPath\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"" . $this->attributes['scriptPath'][0] . "\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=434\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Samba workstations') . "</td>\n";
echo "<td><input name=\"form_sambaAccount_userWorkstations\" type=\"submit\" value=\"" . _('Edit workstations') . "\"></td>\n";
echo "<td><input name=\"userWorkstations\" type=\"submit\" value=\"" . _('Edit workstations') . "\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=436\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Windows group') . "</td>\n";
echo "<td><select name=\"form_sambaAccount_primaryGroupID\">";
echo "<td><select name=\"primaryGroupID\">";
// Display if group SID should be mapped to a well kown SID
$names = array_keys($this->rids);
$wrid=false;
@ -521,7 +534,7 @@ class sambaAccount {
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Special user') . "</td>\n";
echo "<td><select name=\"form_sambaAccount_rid\">";
echo "<td><select name=\"rid\">";
// Display if group SID should be mapped to a well kown SID
$wrid=false;
if ($this->attributes['rid'][0]=="500") {
@ -541,21 +554,21 @@ class sambaAccount {
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Domain') . "</td>\n";
echo "<td><input name=\"form_sambaAccount_domain\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"" . $this->attributes['domain'][0] . "\"></td>\n";
echo "<td><input name=\"domain\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"" . $this->attributes['domain'][0] . "\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=438\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "</table>\n";
}
if ($_SESSION[$this->base]->type=='host') {
echo '<input name="form_sambaAccount_acctFlagsW" type="hidden" value="true">';
echo '<input name="acctFlagsW" type="hidden" value="true">';
echo "<table border=0 width=\"100%\">\n<tr>\n";
echo "<tr>\n";
echo "<td>" . _('Reset password') . "</td>\n";
echo "<td><input name=\"form_sambaAccount_ResetSambaPassword\" type=\"submit\" value=\"" . _('Reset password') . "\"></td>\n";
echo "<td><input name=\"ResetSambaPassword\" type=\"submit\" value=\"" . _('Reset password') . "\"></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Domain') . "</td>\n";
echo "<td><input name=\"form_sambaAccount_domain\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"" . $this->attributes['domain'][0] . "\"></td>\n";
echo "<td><input name=\"domain\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"" . $this->attributes['domain'][0] . "\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=438\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "</table>\n";
@ -563,6 +576,10 @@ class sambaAccount {
return 0;
}
function display_html_delete($post) {
return 0;
}
/* This function will create the html-page
* to show a page with all attributes.
* It will output a complete html-table
@ -585,15 +602,15 @@ class sambaAccount {
echo "</legend>\n";
// display all workstations the user is allowed to login
if (count($userWorkstations)!=0) {
echo "<select name=\"form_sambaAccount_userWorkstations[]\" class=\"".$_SESSION[$this->base]->type."edit-bright\" size=15 multiple>\n";
echo "<select name=\"userWorkstations[]\" class=\"".$_SESSION[$this->base]->type."edit-bright\" size=15 multiple>\n";
for ($i=0; $i<count($userWorkstations); $i++)
if ($userWorkstations[$i]!='') echo "<option>".$userWorkstations[$i]."</option>\n";
echo "</select>\n";
}
echo "</fieldset></td>\n";
echo "<td align=\"center\" width=\"10%\"><input type=\"submit\" name=\"form_sambaAccount_userWorkstations_add\" value=\"<=\">";
echo "<td align=\"center\" width=\"10%\"><input type=\"submit\" name=\"userWorkstations_add\" value=\"<=\">";
echo " ";
echo "<input type=\"submit\" name=\"form_sambaAccount_userWorkstations_remove\" value=\"=>\"><br><br>";
echo "<input type=\"submit\" name=\"userWorkstations_remove\" value=\"=>\"><br><br>";
echo "<a href=\""."../help.php?HelpNumber=436\" target=\"lamhelp\">"._('Help')."</a></td>\n";
echo "<td valign=\"top\">";
echo "<fieldset class=\"".$_SESSION[$this->base]->type."edit-bright\"><legend class=\"".$_SESSION[$this->base]->type."edit-bright\">";
@ -601,23 +618,20 @@ class sambaAccount {
echo "</legend>\n";
// Display all workstations without these the user is allowed to login
if (count($availableUserWorkstations)!=0) {
echo "<select name=\"form_sambaAccount_availableUserWorkstations[]\" size=15 multiple class=\"".$_SESSION[$this->base]->type."edit-bright\">\n";
echo "<select name=\"availableUserWorkstations[]\" size=15 multiple class=\"".$_SESSION[$this->base]->type."edit-bright\">\n";
foreach ($availableUserWorkstations as $temp) echo "<option>$temp</option>\n";
echo "</select>\n";
}
echo "</fieldset></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td><input name=\"form_sambaAccount_attributes\" type=\"submit\" value=\"" . _('Back') . "\"></td>\n";
echo "<td><input name=\"attributes\" type=\"submit\" value=\"" . _('Back') . "\"></td>\n";
echo "<td></td>\n";
echo "<td></td>\n";
echo "</tr>\n";
echo "</table>\n";
}
}
?>

108
lam/lib/modules/sambaGroupMapping.inc
View File

@ -76,14 +76,11 @@ class sambaGroupMapping {
if (isset($_SESSION[$this->base]->module[$module[$i]]->attributes[$attribute])) $this->attributes[$attribute] =& $_SESSION[$this->base]->module[$module[$i]]->attributes[$attribute];
}
$this->orig = $this->attributes ;
$this->attributes['objectClass'][0] = 'sambaGroupMapping';
$this->rids = array ( _('Domain Admins') => 512, _('Domain Users') => 513, _('Domain Guests') => 514, _('Domain Computers') => 515, _('Domain Controllers') => 516,
_('Domain Certificate Admins') => 517, _('Domain Schema Admins') => 518, _('Domain Enterprise Admins') => 519, _('Domain Policy Admins') => 520 );
}
// Variables
// Alias Name. This name is shown in the menu instead of sambaGroupMapping
var $alias;
// name of accountContainer so we can read other classes in accuontArray
var $base;
@ -96,10 +93,15 @@ class sambaGroupMapping {
// Array of well known rids
var $rids;
function get_alias() {
return _('sambaGroupMapping');
}
/* This function returns a list with all required modules
*/
function dependencies() {
return array('posixGroup');
function get_dependencies($scope) {
if ($scope=='group') return array('require' => array('posixGroup'), 'conflict' => array() );
return -1;
}
function module_ready() {
@ -107,42 +109,22 @@ class sambaGroupMapping {
return true;
}
/* Write variables into object and do some regexp checks
/* This function returns a list of all html-pages in module
* This is usefull for mass upload and pdf-files
* because lam can walk trough all pages itself and do some
* error checkings
*/
function proccess_attributes($post) {
// Get Domain SID from name
$sambaDomains = $_SESSION[$_SESSION[$this->base]->ldap]->search_domains($_SESSION[$_SESSION[$this->base]->config]->get_domainSuffix());
for ($i=0; $i<count($sambaDomains); $i++ )
if ($post['form_sambaGroupMapping_sambaDomainName'] == $sambaDomains[$i]->name) {
$SID = $sambaDomains[$i]->SID;
$RIDbase = $sambaDomain[$i]->RIDbase;
}
// Load attributes
$this->attributes['displayName'][0] = $post['form_sambaGroupMapping_displayName'];
$this->attributes['sambaGroupType'][0] = 2;
$rids = array_keys($this->rids);
$wrid = false;
for ($i=0; $i<count($rids); $i++) {
if ($post['form_sambaGroupMapping_sambaSID'] == $rids[$i]) {
$wrid = true;
// Get Domain SID
$this->attributes['sambaSID'][0] = $SID."-".$this->rids[$rids[$i]];
// Do a check if special grou pis unique
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($SID."-".$this->rids[$rids[$i]], 'sambaSID', 'group'))
$errors[] = array('ERROR', _('Special Group'),sprintf( _('There can be only one group %s.'), $rids[$i]));
}
}
if (!$wrid) $this->attributes['sambaSID'][0] = $SID."-".($_SESSION[$this->base]->module['posixGroup']->attributes['gidNumber'][0]*2)+$RIDbase+1;
// Return error-messages
if (is_array($errors)) return $errors;
return 0;
function pages() {
return array('attributes');
}
/* This function returns all ldap attributes
* which are part of sambaGroupMapping and returns
* also their values.
*/
function get_attributes() {
return $this->attributes;
}
/* This function loads all attributes into the object
* $attr is an array as it's retured from ldap_get_attributes
@ -169,8 +151,6 @@ class sambaGroupMapping {
return 0;
}
/* This function returns an array with 3 entries:
* array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... )
* DN is the DN to change. It may be possible to change several DNs,
@ -199,13 +179,42 @@ class sambaGroupMapping {
return $return;
}
function delete_attributes($post) {
$return = array();
return $return;
}
/* This function returns all ldap attributes
* which are part of sambaGroupMapping and returns
* also their values.
/* Write variables into object and do some regexp checks
*/
function get_attributes() {
return $this->attributes;
function proccess_attributes($post) {
// Get Domain SID from name
$sambaDomains = $_SESSION[$_SESSION[$this->base]->ldap]->search_domains($_SESSION[$_SESSION[$this->base]->config]->get_domainSuffix());
for ($i=0; $i<count($sambaDomains); $i++ )
if ($post['sambaDomainName'] == $sambaDomains[$i]->name) {
$SID = $sambaDomains[$i]->SID;
$RIDbase = $sambaDomain[$i]->RIDbase;
}
// Load attributes
$this->attributes['displayName'][0] = $post['displayName'];
$this->attributes['sambaGroupType'][0] = 2;
$rids = array_keys($this->rids);
$wrid = false;
for ($i=0; $i<count($rids); $i++) {
if ($post['sambaSID'] == $rids[$i]) {
$wrid = true;
// Get Domain SID
$this->attributes['sambaSID'][0] = $SID."-".$this->rids[$rids[$i]];
// Do a check if special grou pis unique
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($SID."-".$this->rids[$rids[$i]], 'sambaSID', 'group'))
$errors[] = array('ERROR', _('Special Group'),sprintf( _('There can be only one group %s.'), $rids[$i]), 'sambaSID');
}
}
if (!$wrid) $this->attributes['sambaSID'][0] = $SID."-".($_SESSION[$this->base]->module['posixGroup']->attributes['gidNumber'][0]*2)+$RIDbase+1;
// Return error-messages
if (is_array($errors)) return $errors;
return 0;
}
/* This function will create the html-page
@ -228,12 +237,12 @@ class sambaGroupMapping {
echo "<table border=0 width=\"100%\">\n";
echo "<tr>\n";
echo "<td>" . _("Display name") . "</td>\n";
echo "<td><input name=\"form_sambaGroupMapping_displayName\" type=\"text\" size=\"30\" maxlength=\"50\" value=\"".$this->attributes['displayName'][0]."\"></td>\n";
echo "<td><input name=\"displayName\" type=\"text\" size=\"30\" maxlength=\"50\" value=\"".$this->attributes['displayName'][0]."\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=420\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Special group') . "</td>\n";
echo "<td><select name=\"form_sambaGroupMapping_sambaSID\">";
echo "<td><select name=\"sambaSID\">";
// Display if group SID should be mapped to a well kown SID
$names = array_keys($this->rids);
$wrid=false;
@ -251,7 +260,7 @@ class sambaGroupMapping {
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Domain') . "</td>\n";
echo "<td><select name=\"form_sambaGroupMapping_sambaDomainName\">";
echo "<td><select name=\"sambaDomainName\">";
foreach ($sambaDomainNames as $domain) {
if ($sel_domain==$domain) echo "<option selected>$domain</option>";
else echo "<option>$domain</option>";
@ -263,6 +272,9 @@ class sambaGroupMapping {
return 0;
}
function display_html_delete($post) {
return 0;
}
}

433
lam/lib/modules/sambaSamAccount.inc
View File

@ -70,7 +70,6 @@ class sambaSamAccount {
// Add Array with all attributes and type
$this->attributes = $_SESSION[$this->base]->get_module_attributes('sambaSamAccount');
$_SESSION[$this->base]->add_attributes ('sambaSamAccount');
$this->alias = _('sambaSamAccount');
// Make references to attributes which already esists in ldap
$newattributes = array_keys($this->attributes);
$module = array_keys($_SESSION[$this->base]->module);
@ -87,11 +86,8 @@ class sambaSamAccount {
}
// Variables
// Alias Name. This name is shown in the menu instead of sambaSamAccount
var $alias;
// name of accountContainer so we can read other classes in accuontArray
var $base;
// This variable contains all inetOrgPerson attributes
var $attributes;
/* If an account was loaded all attributes are kept in this array
@ -103,19 +99,6 @@ class sambaSamAccount {
// Array of well known rids
var $rids;
/* This function returns a list with all required modules
*/
function dependencies() {
return array('posixAccount');
}
function module_ready() {
if ($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]=='') return false;
if ($_SESSION[$this->base]->module['posixAccount']->attributes['uidNumber'][0]=='') return false;
if ($this->attributes['uid'][0]=='') return false;
return true;
}
/* $attribute['sambaLMPassword'] and sambaNTPassword can't accessed directly because it's enrcypted
* To read / write password function userPassword is needed
* This function will return the unencrypted password when
@ -145,157 +128,42 @@ class sambaSamAccount {
}
}
/* Write variables into object and do some regexp checks
*/
function proccess_attributes($post) {
// Load attributes
$this->attributes['sambaDomainName'][0] = $post['form_sambaSamAccount_sambaDomainName'];
// Get Domain SID from name
$sambaDomains = $_SESSION[$_SESSION[$this->base]->ldap]->search_domains($_SESSION[$_SESSION[$this->base]->config]->get_domainSuffix());
for ($i=0; $i<count($sambaDomains); $i++ )
if ($this->attributes['sambaDomainName'][0] == $sambaDomains[$i]->name) {
$SID = $sambaDomains[$i]->SID;
}
$flag = "[";
if ($post['form_sambaSamAccount_sambaAcctFlagsD']) $flag .= "D";
if ($post['form_sambaSamAccount_sambaAcctFlagsX']) $flag .= "X";
if ($post['form_sambaSamAccount_sambaAcctFlagsN']) $flag .= "N";
if ($post['form_sambaSamAccount_sambaAcctFlagsS']) $flag .= "S";
if ($post['form_sambaSamAccount_sambaAcctFlagsH']) $flag .= "H";
if ($post['form_sambaSamAccount_sambaAcctFlagsW']) $flag .= "W";
if ($post['form_sambaSamAccount_sambaAcctFlagsU']) $flag .= "U";
// Expand string to fixed length
$flag = str_pad($flag, 12);
// End character
$flag = $flag. "]";
$this->attributes['sambaAcctFlags'][0] = $flag;
if ($_SESSION[$this->base]->type=='host') {
$this->attributes['sambaPrimaryGroupSID'][0] = $SID."-".$this->rids[_('Domain Computers')];
if ($post['form_sambaSamAccount_ResetSambaPassword']) {
// *** fixme. What is the default password?
$this->sambaLMPassword('');
$_SESSION[$this->base]->module['posixAccount']->userPassword('');
}
}
if ($_SESSION[$this->base]->type=='user') {
$this->attributes['sambaPwdCanChange'][0] = mktime($post['form_sambaSamAccount_sambaPwdCanChange_h'], $post['form_sambaSamAccount_sambaPwdCanChange_m'], $post['form_sambaSamAccount_sambaPwdCanChange_s'],
$post['form_sambaSamAccount_sambaPwdCanChange_mon'], $post['form_sambaSamAccount_sambaPwdCanChange_day'], $post['form_sambaSamAccount_sambaPwdCanChange_yea']);
$this->attributes['sambaPwdMustChange'][0] = mktime($post['form_sambaSamAccount_sambaPwdMustChange_h'], $post['form_sambaSamAccount_sambaPwdMustChange_m'], $post['form_sambaSamAccount_sambaPwdMustChange_s'],
$post['form_sambaSamAccount_sambaPwdMustChange_mon'], $post['form_sambaSamAccount_sambaPwdMustChange_day'], $post['form_sambaSamAccount_sambaPwdMustChange_yea']);
$this->attributes['sambaHomePath'][0] = stripslashes($post['form_sambaSamAccount_sambaHomePath']);
$this->attributes['sambaHomeDrive'][0] = $post['form_sambaSamAccount_sambaHomeDrive'];
$this->attributes['sambaLogonScript'][0] = stripslashes($post['form_sambaSamAccount_sambaLogonScript']);
$this->attributes['sambaProfilePath'][0] = stripslashes($post['form_sambaSamAccount_sambaProfilePath']);
$rids = array_keys($this->rids);
$wrid = false;
for ($i=0; $i<count($rids); $i++) {
if ($post['form_sambaSamAccount_sambaPrimaryGroupSID'] == $rids[$i]) {
$wrid = true;
// Get Domain SID
$this->attributes['sambaPrimaryGroupSID'][0] = $SID."-".$this->rids[$rids[$i]];
}
}
if (!$wrid) $this->attributes['sambaPrimaryGroupSID'][0] = $SID."-".($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]*2)+$RIDbase+1;
if (isset($post['form_sambaSamAccount_sambaLMPassword'])) {
if ($post['form_sambaSamAccount_sambaLMPassword'] != $post['form_sambaSamAccount_sambaLMPassword2']) {
$errors[] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'));
unset ($post['form_sambaSamAccount_sambaLMPassword2']);
}
else $this->sambaLMPassword($post['form_sambaSamAccount_sambaLMPassword']);
}
if ($post['form_sambaSamAccount_useunixpwd']) $this->useunixpwd = true;
else $this->useunixpwd = false;
if ($post['form_sambaSamAccount_sambaSID']== _('Administrator')) {
$this->attributes['sambaSID'][0] = $SID."-500";
// Do a check if an administrator already exists
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($SID."-500", 'sambaSID', 'user')!=$_SESSION[$this->base]->dn_orig)
$errors[] = array('ERROR', _('Special user'), _('There can be only one administrator per domain.'));
}
if ($post['form_sambaSamAccount_sambaSID']== _('Guest')) {
$this->attributes['sambaSID'][0] = $SID."-501";
// Do a check if an administrator already exists
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($SID."-501", 'sambaSID', 'user')!=$_SESSION[$this->base]->dn_orig)
$errors[] = array('ERROR', _('Special user'), _('There can be only one guest per domain.'));
}
// Check values
$this->attributes['sambaHomePath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['sambaHomePath'][0]);
$this->attributes['sambaHomePath'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['sambaHomePath'][0]);
if ($this->attributes['sambaHomePath'][0] != stripslashes($post['form_sambaSamAccount_sambaHomePath'])) $errors[] = array('INFO', _('Home path'), _('Inserted user- or groupname in HomePath.'));
$this->attributes['sambaLogonScript'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['sambaLogonScript'][0]);
$this->attributes['sambaLogonScript'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['sambaLogonScript'][0]);
if ($this->attributes['sambaLogonScript'][0] != stripslashes($post['form_sambaSamAccount_sambaLogonScript'])) $errors[] = array('INFO', _('Logon script'), _('Inserted user- or groupname in logon script.'));
$this->attributes['sambaProfilePath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['sambaProfilePath'][0]);
$this->attributes['sambaProfilePath'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['sambaProfilePath'][0]);
if ($this->attributes['sambaProfiletPath'][0] != stripslashes($post['form_sambaSamAccount_sambaProfilePath'])) $errors[] = array('INFO', _('Profile path'), _('Inserted user- or groupname in profilepath.'));
if ( (!$this->attributes['sambaHomePath'][0]=='') && (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])+)+$', $this->attributes['sambaHomePath'][0])))
$errors[] = array('ERROR', _('Home path'), _('Home path is invalid.'));
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$',
$this->sambaLMPassword())) $errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'));
if ( (!$this->attributes['sambaLogonScript'][0]=='') && (!ereg('^([/])*([a-z]|[0-9]|[.]|[-]|[_]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])+([a-z]|[0-9]|[.]|[-]|[_]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])*'.
'([/]([a-z]|[0-9]|[.]|[-]|[_]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])+([a-z]|[0-9]|[.]|[-]|[_]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])*)*(([.][b][a][t])|([.][c][m][d]))$', $this->attributes['sambaLogonScript'][0])))
$errors[] = array('ERROR', _('Script path'), _('Script path is invalid!'));
if ( (!$this->attributes['sambaProfilePath'][0]=='') && (!ereg('^[/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*([/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*)*$', $this->attributes['sambaProfilePath'][0]))
&& (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+)+$', $this->attributes['sambaProfilePath'][0])))
$errors[] = array('ERROR', _('Profile path'), _('Profile path is invalid!'));
}
if (is_array($errors)) return $errors;
if ($post['form_sambaSamAccount_sambaUserWorkstations']) return 'sambaUserWorkstations';
return 0;
function get_alias() {
return _('sambaSamAccount');
}
/* Write variables into object and do some regexp checks
/* This function returns a list with all required modules
*/
function proccess_sambaUserWorkstations($post) {
// Load attributes
do { // X-Or, only one if() can be true
if (isset($post['form_sambaSamAccount_availableSambaUserWorkstations']) && isset($post['form_sambaSamAccount_sambaUserWorkstations_add'])) { // Add workstations to list
$temp = str_replace(' ', '', $this->attributes['sambaUserWorkstations'][0]);
$workstations = explode (',', $temp);
for ($i=0; $i<count($workstations); $i++)
if ($workstations[$i]=='') unset($workstations[$i]);
$workstations = array_values($workstations);
// Add new // Add workstations
$workstations = array_merge($workstations, $post['form_sambaSamAccount_availableSambaUserWorkstations']);
// remove doubles
$workstations = array_flip($workstations);
array_unique($workstations);
$workstations = array_flip($workstations);
// sort workstations
sort($workstations);
// Recreate workstation string
$this->attributes['sambaUserWorkstations'][0] = $workstations[0];
for ($i=1; $i<count($workstations); $i++) {
$this->attributes['sambaUserWorkstations'][0] = $this->attributes['sambaUserWorkstations'][0] . "," . $workstations[$i];
}
break;
}
if (isset($post['form_sambaSamAccount_sambaUserWorkstations']) && isset($post['form_sambaSamAccount_sambaUserWorkstations_remove'])) { // remove // Add workstations from list
// Put all workstations in array
$temp = str_replace(' ', '', $this->attributes['sambaUserWorkstations'][0]);
$workstations = explode (',', $temp);
for ($i=0; $i<count($workstations); $i++)
if ($workstations[$i]=='') unset($workstations[$i]);
$workstations = array_values($workstations);
// Remove unwanted workstations from array
$workstations = array_delete($post['form_sambaSamAccount_sambaUserWorkstations'], $workstations);
// Recreate workstation string
$this->attributes['sambaUserWorkstations'][0] = $workstations[0];
for ($i=1; $i<count($workstations); $i++) {
$this->attributes['sambaUserWorkstations'][0] = $this->attributes['sambaUserWorkstations'][0] . "," . $workstations[$i];
}
break;
}
} while(0);
if ($post['form_sambaSamAccount_attributes']) return 'attributes';
return 0;
function get_dependencies($scope) {
if ($scope=='host') return array('require' => array('posixAccount'), 'conflict' => array() );
if ($scope=='user') return array('require' => array('posixAccount'), 'conflict' => array() );
return -1;
}
function module_ready() {
if ($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]=='') return false;
if ($_SESSION[$this->base]->module['posixAccount']->attributes['uidNumber'][0]=='') return false;
if ($this->attributes['uid'][0]=='') return false;
return true;
}
/* This function returns a list of all html-pages in module
* This is usefull for mass upload and pdf-files
* because lam can walk trough all pages itself and do some
* error checkings
*/
function pages() {
return array('attributes', 'sambaUserWorkstations');
}
/* This function returns all ldap attributes
* which are part of posixAccount and returns
* also their values.
*/
function get_attributes() {
$return = $this->attributes;
$return['sambaLMPassword'] = $this->sambaLMPassword();
return $return;
}
/* This function loads all attributes into the object
@ -324,7 +192,6 @@ class sambaSamAccount {
return 0;
}
/* This function returns an array with 3 entries:
* array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... )
* DN is the DN to change. It may be possible to change several DNs,
@ -375,13 +242,159 @@ class sambaSamAccount {
return $return;
}
function delete_attributes($post) {
$return = array();
return $return;
}
/* This function returns all ldap attributes
* which are part of sambaSamAccount and returns
* also their values.
/* Write variables into object and do some regexp checks
*/
function get_attributes() {
return $this->attributes;
function proccess_attributes($post) {
// Load attributes
$this->attributes['sambaDomainName'][0] = $post['sambaDomainName'];
// Get Domain SID from name
$sambaDomains = $_SESSION[$_SESSION[$this->base]->ldap]->search_domains($_SESSION[$_SESSION[$this->base]->config]->get_domainSuffix());
for ($i=0; $i<count($sambaDomains); $i++ )
if ($this->attributes['sambaDomainName'][0] == $sambaDomains[$i]->name) {
$SID = $sambaDomains[$i]->SID;
}
$flag = "[";
if ($post['sambaAcctFlagsD']) $flag .= "D";
if ($post['sambaAcctFlagsX']) $flag .= "X";
if ($post['sambaAcctFlagsN']) $flag .= "N";
if ($post['sambaAcctFlagsS']) $flag .= "S";
if ($post['sambaAcctFlagsH']) $flag .= "H";
if ($post['sambaAcctFlagsW']) $flag .= "W";
if ($post['sambaAcctFlagsU']) $flag .= "U";
// Expand string to fixed length
$flag = str_pad($flag, 12);
// End character
$flag = $flag. "]";
$this->attributes['sambaAcctFlags'][0] = $flag;
if ($_SESSION[$this->base]->type=='host') {
$this->attributes['sambaPrimaryGroupSID'][0] = $SID."-".$this->rids[_('Domain Computers')];
if ($post['ResetSambaPassword']) {
// *** fixme. What is the default password?
$this->sambaLMPassword('');
$_SESSION[$this->base]->module['posixAccount']->userPassword('');
}
}
if ($_SESSION[$this->base]->type=='user') {
$this->attributes['sambaPwdCanChange'][0] = mktime($post['sambaPwdCanChange_h'], $post['sambaPwdCanChange_m'], $post['sambaPwdCanChange_s'],
$post['sambaPwdCanChange_mon'], $post['sambaPwdCanChange_day'], $post['sambaPwdCanChange_yea']);
$this->attributes['sambaPwdMustChange'][0] = mktime($post['sambaPwdMustChange_h'], $post['sambaPwdMustChange_m'], $post['sambaPwdMustChange_s'],
$post['sambaPwdMustChange_mon'], $post['sambaPwdMustChange_day'], $post['sambaPwdMustChange_yea']);
$this->attributes['sambaHomePath'][0] = stripslashes($post['sambaHomePath']);
$this->attributes['sambaHomeDrive'][0] = $post['sambaHomeDrive'];
$this->attributes['sambaLogonScript'][0] = stripslashes($post['sambaLogonScript']);
$this->attributes['sambaProfilePath'][0] = stripslashes($post['sambaProfilePath']);
$rids = array_keys($this->rids);
$wrid = false;
for ($i=0; $i<count($rids); $i++) {
if ($post['sambaPrimaryGroupSID'] == $rids[$i]) {
$wrid = true;
// Get Domain SID
$this->attributes['sambaPrimaryGroupSID'][0] = $SID."-".$this->rids[$rids[$i]];
}
}
if (!$wrid) $this->attributes['sambaPrimaryGroupSID'][0] = $SID."-".($_SESSION[$this->base]->module['posixAccount']->attributes['gidNumber'][0]*2)+$RIDbase+1;
if (isset($post['sambaLMPassword'])) {
if ($post['sambaLMPassword'] != $post['sambaLMPassword2']) {
$errors[] = array('ERROR', _('Password'), _('Please enter the same password in both password-fields.'), 'sambaLMPassword');
unset ($post['sambaLMPassword2']);
}
else $this->sambaLMPassword($post['sambaLMPassword']);
}
if ($post['useunixpwd']) $this->useunixpwd = true;
else $this->useunixpwd = false;
if ($post['sambaSID']== _('Administrator')) {
$this->attributes['sambaSID'][0] = $SID."-500";
// Do a check if an administrator already exists
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($SID."-500", 'sambaSID', 'user')!=$_SESSION[$this->base]->dn_orig)
$errors[] = array('ERROR', _('Special user'), _('There can be only one administrator per domain.'), 'sambaSID');
}
if ($post['sambaSID']== _('Guest')) {
$this->attributes['sambaSID'][0] = $SID."-501";
// Do a check if an administrator already exists
if ($_SESSION[$_SESSION[$this->base]->cache]->in_cache($SID."-501", 'sambaSID', 'user')!=$_SESSION[$this->base]->dn_orig)
$errors[] = array('ERROR', _('Special user'), _('There can be only one guest per domain.'), 'sambaSID');
}
// Check values
$this->attributes['sambaHomePath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['sambaHomePath'][0]);
$this->attributes['sambaHomePath'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['sambaHomePath'][0]);
if ($this->attributes['sambaHomePath'][0] != stripslashes($post['sambaHomePath'])) $errors[] = array('INFO', _('Home path'), _('Inserted user- or groupname in HomePath.'), 'sambaHomePath');
$this->attributes['sambaLogonScript'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['sambaLogonScript'][0]);
$this->attributes['sambaLogonScript'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['sambaLogonScript'][0]);
if ($this->attributes['sambaLogonScript'][0] != stripslashes($post['sambaLogonScript'])) $errors[] = array('INFO', _('Logon script'), _('Inserted user- or groupname in logon script.'), 'sambaLogonScript');
$this->attributes['sambaProfilePath'][0] = str_replace('$user', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['uid'][0], $this->attributes['sambaProfilePath'][0]);
$this->attributes['sambaProfilePath'][0] = str_replace('$group', $_SESSION[$this->base]->module['inetOrgPerson']->attributes['gid'][0], $this->attributes['sambaProfilePath'][0]);
if ($this->attributes['sambaProfiletPath'][0] != stripslashes($post['sambaProfilePath'])) $errors[] = array('INFO', _('Profile path'), _('Inserted user- or groupname in profilepath.'), 'sambaProfilePath');
if ( (!$this->attributes['sambaHomePath'][0]=='') && (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])+)+$', $this->attributes['sambaHomePath'][0])))
$errors[] = array('ERROR', _('Home path'), _('Home path is invalid.'), 'sambaHomePath');
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$',
$this->sambaLMPassword())) $errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !'), 'sambaLMPassword');
if ( (!$this->attributes['sambaLogonScript'][0]=='') && (!ereg('^([/])*([a-z]|[0-9]|[.]|[-]|[_]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])+([a-z]|[0-9]|[.]|[-]|[_]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])*'.
'([/]([a-z]|[0-9]|[.]|[-]|[_]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])+([a-z]|[0-9]|[.]|[-]|[_]|[%]|[?]|[?]|[?]|[?]|[?]|[?]|[?])*)*(([.][b][a][t])|([.][c][m][d]))$', $this->attributes['sambaLogonScript'][0])))
$errors[] = array('ERROR', _('Script path'), _('Script path is invalid!'), 'sambaScriptPath');
if ( (!$this->attributes['sambaProfilePath'][0]=='') && (!ereg('^[/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*([/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*)*$', $this->attributes['sambaProfilePath'][0]))
&& (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+)+$', $this->attributes['sambaProfilePath'][0])))
$errors[] = array('ERROR', _('Profile path'), _('Profile path is invalid!'), 'sambaProfilePath');
}
if (is_array($errors)) return $errors;
if ($post['sambaUserWorkstations']) return 'sambaUserWorkstations';
return 0;
}
/* Write variables into object and do some regexp checks
*/
function proccess_sambaUserWorkstations($post) {
// Load attributes
do { // X-Or, only one if() can be true
if (isset($post['availableSambaUserWorkstations']) && isset($post['sambaUserWorkstations_add'])) { // Add workstations to list
$temp = str_replace(' ', '', $this->attributes['sambaUserWorkstations'][0]);
$workstations = explode (',', $temp);
for ($i=0; $i<count($workstations); $i++)
if ($workstations[$i]=='') unset($workstations[$i]);
$workstations = array_values($workstations);
// Add new // Add workstations
$workstations = array_merge($workstations, $post['availableSambaUserWorkstations']);
// remove doubles
$workstations = array_flip($workstations);
array_unique($workstations);
$workstations = array_flip($workstations);
// sort workstations
sort($workstations);
// Recreate workstation string
$this->attributes['sambaUserWorkstations'][0] = $workstations[0];
for ($i=1; $i<count($workstations); $i++) {
$this->attributes['sambaUserWorkstations'][0] = $this->attributes['sambaUserWorkstations'][0] . "," . $workstations[$i];
}
break;
}
if (isset($post['sambaUserWorkstations']) && isset($post['sambaUserWorkstations_remove'])) { // remove // Add workstations from list
// Put all workstations in array
$temp = str_replace(' ', '', $this->attributes['sambaUserWorkstations'][0]);
$workstations = explode (',', $temp);
for ($i=0; $i<count($workstations); $i++)
if ($workstations[$i]=='') unset($workstations[$i]);
$workstations = array_values($workstations);
// Remove unwanted workstations from array
$workstations = array_delete($post['sambaUserWorkstations'], $workstations);
// Recreate workstation string
$this->attributes['sambaUserWorkstations'][0] = $workstations[0];
for ($i=1; $i<count($workstations); $i++) {
$this->attributes['sambaUserWorkstations'][0] = $this->attributes['sambaUserWorkstations'][0] . "," . $workstations[$i];
}
break;
}
} while(0);
if ($post['attributes']) return 'attributes';
return 0;
}
/* This function will create the html-page
@ -399,22 +412,22 @@ class sambaSamAccount {
if ($_SESSION[$this->base]->type=='user') {
$canchangedate = getdate($this->attributes['sambaPwdCanChange'][0]);
$mustchangedate = getdate($this->attributes['sambaPwdMustChange'][0]);
echo '<input name="form_sambaSamAccount_sambaPwdCanChange_h" type="hidden" value="'.$canchangedate['hours'].'">'.
'<input name="form_sambaSamAccount_sambaPwdCanChange_m" type="hidden" value="'.$canchangedate['minutes'].'">'.
'<input name="form_sambaSamAccount_sambaPwdCanChange_s" type="hidden" value="'.$canchangedate['seconds'].'">'.
'<input name="form_sambaSamAccount_sambaPwdMustChange_h" type="hidden" value="'.$mustchangedate['hours'].'">'.
'<input name="form_sambaSamAccount_sambaPwdMustChange_m" type="hidden" value="'.$mustchangedate['minutes'].'">'.
'<input name="form_sambaSamAccount_sambaPwdMustChange_s" type="hidden" value="'.$mustchangedate['seconds'].'">'.
'<input name="form_sambaSamAccount_sambaAcctFlagsU" type="hidden" value="true">';
echo '<input name="sambaPwdCanChange_h" type="hidden" value="'.$canchangedate['hours'].'">'.
'<input name="sambaPwdCanChange_m" type="hidden" value="'.$canchangedate['minutes'].'">'.
'<input name="sambaPwdCanChange_s" type="hidden" value="'.$canchangedate['seconds'].'">'.
'<input name="sambaPwdMustChange_h" type="hidden" value="'.$mustchangedate['hours'].'">'.
'<input name="sambaPwdMustChange_m" type="hidden" value="'.$mustchangedate['minutes'].'">'.
'<input name="sambaPwdMustChange_s" type="hidden" value="'.$mustchangedate['seconds'].'">'.
'<input name="sambaAcctFlagsU" type="hidden" value="true">';
echo "<table border=0 width=\"100%\">\n<tr>\n";
echo "<tr>\n";
echo "<td>" . _('Samba password') . "</td>\n";
echo "<td><input name=\"form_sambaSamAccount_sambaLMPassword\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"" . $this->sambaLMPassword() . "\"></td>\n";
echo "<td><input name=\"sambaLMPassword\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"" . $this->sambaLMPassword() . "\"></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Repeat password') . "</td>\n";
echo "<td><input name=\"form_sambaSamAccount_sambaLMPassword2\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"";
if ($post['form_sambaSamAccount_sambaLMPassword2']!='') echo $post['form_sambaSamAccount_sambaLMPassword2'];
echo "<td><input name=\"sambaLMPassword2\" type=\"password\" size=\"20\" maxlength=\"20\" value=\"";
if ($post['sambaLMPassword2']!='') echo $post['sambaLMPassword2'];
else echo $this->sambaLMPassword();
echo "\"></td>\n";
echo "<td></td>\n";
@ -430,31 +443,31 @@ class sambaSamAccount {
}
echo "<tr>\n";
echo "<td>" . _('Use no password') . "</td>\n";
echo "<td><input name=\"form_sambaSamAccount_sambaAcctFlagsN\" type=\"checkbox\"";
echo "<td><input name=\"sambaAcctFlagsN\" type=\"checkbox\"";
if (strpos($this->attributes['sambaAcctFlags'][0], "N")) echo " checked ";
echo "></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=426\" target=\"lamhelp\">" . _('Help' ) ."</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Password does not expire') . "</td>\n";
echo "<td><input name=\"form_sambaSamAccount_sambaAcctFlagsX\" type=\"checkbox\"";
echo "<td><input name=\"sambaAcctFlagsX\" type=\"checkbox\"";
if (strpos($this->attributes['sambaAcctFlags'][0], "X")) echo " checked ";
echo "></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=429\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('User can change password') . "</td>\n";
echo "<td><select name=\"form_sambaSamAccount_sambaPwdCanChange_day\">";
echo "<td><select name=\"sambaPwdCanChange_day\">";
for ( $i=1; $i<=31; $i++ ) {
if ($canchangedate['mday']==$i) echo "<option selected>$i</option>";
else echo "<option>$i</option>";
}
echo "</select><select name=\"form_sambaSamAccount_sambaPwdCanChange_mon\">";
echo "</select><select name=\"sambaPwdCanChange_mon\">";
for ( $i=1; $i<=12; $i++ ) {
if ($canchangedate['mon'] == $i) echo "<option selected>$i</option>";
else echo "<option>$i</option>";
}
echo "</select><select name=\"form_sambaSamAccount_sambaPwdCanChange_yea\">";
echo "</select><select name=\"sambaPwdCanChange_yea\">";
for ( $i=2003; $i<=2030; $i++ ) {
if ($canchangedate['year']==$i) echo "<option selected>$i</option>";
else echo "<option>$i</option>";
@ -464,17 +477,17 @@ class sambaSamAccount {
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('User must change password') . "</td>\n";
echo "<td><select name=\"form_sambaSamAccount_sambaPwdMustChange_day\">";
echo "<td><select name=\"sambaPwdMustChange_day\">";
for ( $i=1; $i<=31; $i++ ) {
if ($mustchangedate['mday']==$i) echo "<option selected>$i</option>";
else echo "<option>$i</option>";
}
echo "</select><select name=\"form_sambaSamAccount_sambaPwdMustChange_mon\">";
echo "</select><select name=\"sambaPwdMustChange_mon\">";
for ( $i=1; $i<=12; $i++ ) {
if ($mustchangedate['mon'] == $i) echo "<option selected>$i</option>";
else echo "<option>$i</option>";
}
echo "</select><select name=\"form_sambaSamAccount_sambaPwdMustChange_yea\">";
echo "</select><select name=\"sambaPwdMustChange_yea\">";
for ( $i=2030; $i>=2003; $i-- ) {
if ($mustchangedate['year']==$i) echo "<option selected>$i</option>";
else echo "<option>$i</option>";
@ -484,14 +497,14 @@ class sambaSamAccount {
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Account is deactivated') . "</td>\n";
echo "<td><input name=\"form_sambaSamAccount_sambaAcctFlagsD\" type=\"checkbox\"";
echo "<td><input name=\"sambaAcctFlagsD\" type=\"checkbox\"";
if (strpos($this->attributes['sambaAcctFlags'][0], "D")) echo " checked ";
echo "></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=432\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Home drive') . "</td>\n";
echo "<td><select name=\"form_sambaSamAccount_sambaHomeDrive\">";
echo "<td><select name=\"sambaHomeDrive\">";
for ($i=90; $i>67; $i--)
if ($this->attributes['sambaHomeDrive'][0]== chr($i).':') echo "<option selected>".chr($i).":</option>";
else echo "<option>".chr($i).":</option>";
@ -500,27 +513,27 @@ class sambaSamAccount {
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Home path') . "</td>\n";
echo "<td><input name=\"form_sambaSamAccount_sambaHomePath\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"" . $this->attributes['sambaHomePath'][0] . "\"></td>\n";
echo "<td><input name=\"sambaHomePath\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"" . $this->attributes['sambaHomePath'][0] . "\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=437\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Profile path') . "</td>\n";
echo "<td><input name=\"form_sambaSamAccount_sambaProfilePath\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"" . $this->attributes['sambaProfilePath'][0] . "\"></td>\n";
echo "<td><input name=\"sambaProfilePath\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"" . $this->attributes['sambaProfilePath'][0] . "\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=435\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Logon script') . "</td>\n";
echo "<td><input name=\"form_sambaSamAccount_sambaLogonScript\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"" . $this->attributes['sambaLogonScript'][0] . "\"></td>\n";
echo "<td><input name=\"sambaLogonScript\" type=\"text\" size=\"20\" maxlength=\"80\" value=\"" . $this->attributes['sambaLogonScript'][0] . "\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=434\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Samba workstations') . "</td>\n";
echo "<td><input name=\"form_sambaSamAccount_sambaUserWorkstations\" type=\"submit\" value=\"" . _('Edit workstations') . "\"></td>\n";
echo "<td><input name=\"sambaUserWorkstations\" type=\"submit\" value=\"" . _('Edit workstations') . "\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=436\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Windows group') . "</td>\n";
echo "<td><select name=\"form_sambaSamAccount_sambaPrimaryGroupSID\">";
echo "<td><select name=\"sambaPrimaryGroupSID\">";
// Display if group SID should be mapped to a well kown SID
$names = array_keys($this->rids);
$wrid=false;
@ -538,7 +551,7 @@ class sambaSamAccount {
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Special user') . "</td>\n";
echo "<td><select name=\"form_sambaSamAccount_sambaSID\">";
echo "<td><select name=\"sambaSID\">";
// Display if group SID should be mapped to a well kown SID
$wrid=false;
if ($this->attributes['sambaSID'][0]==$SID."-500") {
@ -558,7 +571,7 @@ class sambaSamAccount {
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Domain') . "</td>\n";
echo "<td><select name=\"form_sambaSamAccount_sambaDomainName\">";
echo "<td><select name=\"sambaDomainName\">";
foreach ($sambaDomainNames as $domain) {
if ($this->attributes['sambaDomainName'][0]==$domain) echo "<option selected>$domain</option>";
else "<option>$domain</option>";
@ -569,15 +582,15 @@ class sambaSamAccount {
echo "</table>\n";
}
if ($_SESSION[$this->base]->type=='host') {
echo '<input name="form_sambaSamAccount_sambaAcctFlagsW" type="hidden" value="true">';
echo '<input name="sambaAcctFlagsW" type="hidden" value="true">';
echo "<table border=0 width=\"100%\">\n<tr>\n";
echo "<tr>\n";
echo "<td>" . _('Reset password') . "</td>\n";
echo "<td><input name=\"form_sambaSamAccount_ResetSambaPassword\" type=\"submit\" value=\"" . _('Reset password') . "\"></td>\n";
echo "<td><input name=\"ResetSambaPassword\" type=\"submit\" value=\"" . _('Reset password') . "\"></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Domain') . "</td>\n";
echo "<td><select name=\"form_sambaSamAccount_sambaDomainName\">";
echo "<td><select name=\"sambaDomainName\">";
foreach ($sambaDomainNames as $domain) {
if ($this->attributes['sambaDomainName'][0]==$domain) echo "<option selected>$domain</option>";
else "<option>$domain</option>";
@ -590,6 +603,10 @@ class sambaSamAccount {
return 0;
}
function display_html_delete($post) {
return 0;
}
/* This function will create the html-page
* to show a page with all attributes.
* It will output a complete html-table
@ -612,15 +629,15 @@ class sambaSamAccount {
echo "</legend>\n";
// display all workstations the user is allowed to login
if (count($userWorkstations)!=0) {
echo "<select name=\"form_sambaSamAccount_sambaUserWorkstations[]\" class=\"".$_SESSION[$this->base]->type."edit-bright\" size=15 multiple>\n";
echo "<select name=\"sambaUserWorkstations[]\" class=\"".$_SESSION[$this->base]->type."edit-bright\" size=15 multiple>\n";
for ($i=0; $i<count($userWorkstations); $i++)
if ($userWorkstations[$i]!='') echo "<option>".$userWorkstations[$i]."</option>\n";
echo "</select>\n";
}
echo "</fieldset></td>\n";
echo "<td align=\"center\" width=\"10%\"><input type=\"submit\" name=\"form_sambaSamAccount_sambaUserWorkstations_add\" value=\"<=\">";
echo "<td align=\"center\" width=\"10%\"><input type=\"submit\" name=\"sambaUserWorkstations_add\" value=\"<=\">";
echo " ";
echo "<input type=\"submit\" name=\"form_sambaSamAccount_sambaUserWorkstations_remove\" value=\"=>\"><br><br>";
echo "<input type=\"submit\" name=\"sambaUserWorkstations_remove\" value=\"=>\"><br><br>";
echo "<a href=\""."../help.php?HelpNumber=436\" target=\"lamhelp\">"._('Help')."</a></td>\n";
echo "<td valign=\"top\">";
echo "<fieldset class=\"".$_SESSION[$this->base]->type."edit-bright\"><legend class=\"".$_SESSION[$this->base]->type."edit-bright\">";
@ -628,24 +645,20 @@ class sambaSamAccount {
echo "</legend>\n";
// Display all workstations without these the user is allowed to login
if (count($availableUserWorkstations)!=0) {
echo "<select name=\"form_sambaSamAccount_availableSambaUserWorkstations[]\" size=15 multiple class=\"".$_SESSION[$this->base]->type."edit-bright\">\n";
echo "<select name=\"availableSambaUserWorkstations[]\" size=15 multiple class=\"".$_SESSION[$this->base]->type."edit-bright\">\n";
foreach ($availableUserWorkstations as $temp) echo "<option>$temp</option>\n";
echo "</select>\n";
}
echo "</fieldset></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td><input name=\"form_sambaSamAccount_attributes\" type=\"submit\" value=\"" . _('Back') . "\"></td>\n";
echo "<td><input name=\"attributes\" type=\"submit\" value=\"" . _('Back') . "\"></td>\n";
echo "<td></td>\n";
echo "<td></td>\n";
echo "</tr>\n";
echo "</table>\n";
}
}
?>

93
lam/lib/modules/shadowAccount.inc
View File

@ -66,7 +66,6 @@ class shadowAccount {
// Add Array with all attributes and type
$this->attributes = $_SESSION[$this->base]->get_module_attributes('shadowAccount');
$_SESSION[$this->base]->add_attributes ('shadowAccount');
$this->alias = _('shadowAccount');
// Make references to attributes which already esists in ldap
$newattributes = array_keys($this->attributes);
$module = array_keys($_SESSION[$this->base]->module);
@ -79,11 +78,8 @@ class shadowAccount {
}
// Variables
// Alias Name. This name is shown in the menu instead of shadowAccount
var $alias;
// name of accountContainer so we can read other classes in accuontArray
var $base;
// This variable contains all inetOrgPerson attributes
var $attributes;
/* If an account was loaded all attributes are kept in this array
@ -91,38 +87,37 @@ class shadowAccount {
*/
var $orig;
function get_alias() {
return _('shadowAccount');
}
/* This function returns a list with all required modules
*/
function dependencies() {
return array('posixAccount');
function get_dependencies($scope) {
if ($scope=='user') return array('require' => array('inetOrgPerson'), 'conflict' => array() );
return -1;
}
function module_ready() {
return true;
}
/* Write variables into object and do some regexp checks
/* This function returns a list of all html-pages in module
* This is usefull for mass upload and pdf-files
* because lam can walk trough all pages itself and do some
* error checkings
*/
function proccess_attributes($post) {
// Load attributes
$this->attributes['shadowMin'][0] = $post['form_shadowAccount_shadowMin'];
$this->attributes['shadowMax'][0] = $post['form_shadowAccount_shadowMax'];
$this->attributes['shadowWarning'][0] = $post['form_shadowAccount_shadowWarning'];
$this->attributes['shadowInactive'][0] = $post['form_shadowAccount_shadowInactive'];
$this->attributes['shadowExpire'][0] = intval(mktime(10, 0, 0, $post['form_shadowAccount_shadowExpire_mon'],
$post['form_shadowAccount_shadowExpire_day'], $post['form_shadowAccount_shadowExpire_yea'])/3600/24);
if ( !ereg('^([0-9])*$', $this->attributes['shadowMin'][0])) $errors[] = array('ERROR', _('Password minage'), _('Password minage must be are natural number.'));
if ( $this->attributes['shadowMin'][0] > $this->attributes['shadowMax'][0] ) $errors[] = array('ERROR', _('Password maxage'), _('Password maxage must bigger as Password Minage.'));
if ( !ereg('^([0-9]*)$', $this->attributes['shadowMax'][0])) $errors[] = array('ERROR', _('Password maxage'), _('Password maxage must be are natural number.'));
if ( !ereg('^(([-][1])|([0-9]*))$', $this->attributes['shadowInactive'][0]))
$errors[] = array('ERROR', _('Password Expire'), _('Password expire must be are natural number or -1.'));
if ( !ereg('^([0-9]*)$', $this->attributes['shadowWarning'][0])) $errors[] = array('ERROR', _('Password warn'), _('Password warn must be are natural number.'));
if (is_array($errors)) return $errors;
return 0;
function pages() {
return array('attributes');
}
/* This function returns all ldap attributes
* which are part of shadowAccount and returns
* also their values.
*/
function get_attributes() {
return $this->attributes;
}
/* This function loads all attributes into the object
* $attr is an array as it's retured from ldap_get_attributes
@ -148,7 +143,6 @@ class shadowAccount {
$this->orig = $this->attributes;
}
/* This function returns an array with 3 entries:
* array( DN1 ('add' => array($attr), 'remove' => array($attr), 'modify' => array($attr)), DN2 .... )
* DN is the DN to change. It may be possible to change several DNs,
@ -163,17 +157,33 @@ class shadowAccount {
// Set shadowLastchange manual.
if (($_SESSION[$this->base]->module['posixAccount']->orig['userPassword'][0] != $_SESSION[$this->base]->module['posixAccount']->attributes['userPassword'][0] && $_SESSION[$this->base]->module['posixAccount']->userPassword()!='') || $_SESSION[$this->base]->module['posixAccount']->userPassword_no)
$return[$_SESSION[$this->base]->dn]['modify']['shadowLastChange'] = array(intval(time()/3600/24));
return $return;
}
function delete_attributes($post) {
$return = array();
return $return;
}
/* This function returns all ldap attributes
* which are part of shadowAccount and returns
* also their values.
/* Write variables into object and do some regexp checks
*/
function get_attributes() {
return $this->attributes;
function proccess_attributes($post) {
// Load attributes
$this->attributes['shadowMin'][0] = $post['shadowMin'];
$this->attributes['shadowMax'][0] = $post['shadowMax'];
$this->attributes['shadowWarning'][0] = $post['shadowWarning'];
$this->attributes['shadowInactive'][0] = $post['shadowInactive'];
$this->attributes['shadowExpire'][0] = intval(mktime(10, 0, 0, $post['shadowExpire_mon'],
$post['shadowExpire_day'], $post['shadowExpire_yea'])/3600/24);
if ( !ereg('^([0-9])*$', $this->attributes['shadowMin'][0])) $errors[] = array('ERROR', _('Password minage'), _('Password minage must be are natural number.'), 'shadowMin');
if ( $this->attributes['shadowMin'][0] > $this->attributes['shadowMax'][0] ) $errors[] = array('ERROR', _('Password maxage'), _('Password maxage must bigger as Password Minage.'), 'shadowMin');
if ( !ereg('^([0-9]*)$', $this->attributes['shadowMax'][0])) $errors[] = array('ERROR', _('Password maxage'), _('Password maxage must be are natural number.'), 'shadowMax');
if ( !ereg('^(([-][1])|([0-9]*))$', $this->attributes['shadowInactive'][0]))
$errors[] = array('ERROR', _('Password Expire'), _('Password expire must be are natural number or -1.'), 'shadowInactive');
if ( !ereg('^([0-9]*)$', $this->attributes['shadowWarning'][0])) $errors[] = array('ERROR', _('Password warn'), _('Password warn must be are natural number.'), 'shadowWarning');
if (is_array($errors)) return $errors;
return 0;
}
/* This function will create the html-page
@ -185,37 +195,37 @@ class shadowAccount {
$date = getdate ($this->attributes['shadowExpire'][0]*3600*24);
echo "<table border=0 width=\"100%\">\n<tr>\n";
echo "<td>" . _('Password warn') . "</td>\n";
echo "<td><input name=\"form_shadowAccount_shadowWarning\" type=\"text\" size=\"4\" maxlength=\"4\" value=\"" . $this->attributes['shadowWarning'][0] . "\"></td>\n";
echo "<td><input name=\"shadowWarning\" type=\"text\" size=\"4\" maxlength=\"4\" value=\"" . $this->attributes['shadowWarning'][0] . "\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=414\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Password Expire') . "</td>\n";
echo "<td><input name=\"form_shadowAccount_shadowInactive\" type=\"text\" size=\"4\" maxlength=\"4\" value=\"" . $this->attributes['shadowInactive'][0] . "\"></td>\n";
echo "<td><input name=\"shadowInactive\" type=\"text\" size=\"4\" maxlength=\"4\" value=\"" . $this->attributes['shadowInactive'][0] . "\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=415\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Maximum password age') . "</td>\n";
echo "<td><input name=\"form_shadowAccount_shadowMax\" type=\"text\" size=\"5\" maxlength=\"5\" value=\"" . $this->attributes['shadowMax'][0] . "\"></td>\n";
echo "<td><input name=\"shadowMax\" type=\"text\" size=\"5\" maxlength=\"5\" value=\"" . $this->attributes['shadowMax'][0] . "\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=416\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Minimum password age') . "</td>\n";
echo "<td><input name=\"form_shadowAccount_shadowMin\" type=\"text\" size=\"4\" maxlength=\"4\" value=\"" . $this->attributes['shadowMin'][0] . "\"></td>\n";
echo "<td><input name=\"shadowMin\" type=\"text\" size=\"4\" maxlength=\"4\" value=\"" . $this->attributes['shadowMin'][0] . "\"></td>\n";
echo "<td><a href=\"../help.php?HelpNumber=417\" target=\"lamhelp\">" . _('Help') . "</a></td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td>" . _('Expire date') . "</td>\n";
echo "<td><select name=\"form_shadowAccount_shadowExpire_day\">";
echo "<td><select name=\"shadowExpire_day\">";
for ( $i=1; $i<=31; $i++ ) {
if ($date['mday']==$i) echo "<option selected>$i</option>";
else echo "<option>$i</option>";
}
echo "</select>\n<select name=\"form_shadowAccount_shadowExpire_mon\">";
echo "</select>\n<select name=\"shadowExpire_mon\">";
for ( $i=1; $i<=12; $i++ ) {
if ($date['mon'] == $i) echo "<option selected>$i</option>";
else echo "<option>$i</option>";
}
echo "</select>\n<select name=\"form_shadowAccount_shadowExpire_yea\">";
echo "</select>\n<select name=\"shadowExpire_yea\">";
for ( $i=2030; $i>=2003; $i-- ) {
if ($date['year']==$i) echo "<option selected>$i</option>";
else echo "<option>$i</option>";
@ -227,9 +237,10 @@ class shadowAccount {
return 0;
}
function display_html_delete($post) {
return 0;
}
}
?>

458
lam/templates/account/hostedit.php
View File

@ -31,453 +31,43 @@ include_once('../../lib/status.inc'); // Return error-message
include_once('../../lib/pdf.inc'); // Return a pdf-file
include_once('../../lib/ldap.inc'); // LDAP-functions
/* We have to include all modules
* before start session
* *** fixme I would prefer loading them dynamic but
* i don't know how to to this
*/
$dir = opendir('../../lib/modules');
while ($entry = readdir($dir))
if (is_file('../../lib/modules/'.$entry)) include_once ('../../lib/modules/'.$entry);
// Start session
session_save_path('../../sess');
@session_start();
// Redirect to startpage if user is not loged in
if (!isset($_SESSION['loggedIn'])) {
metaRefresh("login.php");
die;
metaRefresh("../login.php");
exit;
}
// Set correct language, codepages, ....
setlanguage();
/* hostedit.php is using dynamic session varialenames so
* we can run several copies of hostedit.php at the same
* time
* $varkey is the dynamic part of the variable name
*/
if (!isset($_POST['varkey'])) $varkey = session_id().time();
else $varkey = $_POST['varkey'];
if (!isset($_SESSION['account_'.$varkey.'_account_new'])) $_SESSION['account_'.$varkey.'_account_new'] = new account();
// Register Session-Variables with references so we don't net to change to complete code if names changes
$account_new =& $_SESSION['account_'.$varkey.'_account_new'];
if (is_object($_SESSION['account_'.$varkey.'_account_old'])) $account_old =& $_SESSION['account_'.$varkey.'_account_old'];
$ldap_intern =& $_SESSION['ldap'];
$config_intern =& $_SESSION['config'];
$header_intern =& $_SESSION['header'];
// $_GET is only valid if hostedit.php was called from hostlist.php
if (isset($_GET['DN']) && $_GET['DN']!='') {
// hostedit.php should edit an existing account
// reset variables
if (isset($_SESSION['account_'.$varkey.'_account_old'])) {
unset($account_old);
unset($_SESSION['account_'.$varkey.'_account_old']);
}
$_SESSION['account_'.$varkey.'_account_old'] = new account();
$account_old =& $_SESSION['account_'.$varkey.'_account_old'];
// get "real" DN from variable
$DN = str_replace("\'", '',$_GET['DN']);
// Load existing host
$account_new = loadhost($DN);
// Get a copy of original host
$account_old = $account_new;
// Store only DN without uid=$name
$account_new->general_dn = substr($account_new->general_dn, strpos($account_new->general_dn, ',')+1);
if (!isset($_SESSION['cache'])) {
$_SESSION['cache'] = new cache();
}
if ($_GET['DN']) {
//load account
$DN = str_replace("\'", '', $_GET['DN']);
$_SESSION['account'] = new accountContainer('host', 'account');
$_SESSION['account']->load_account($DN);
}
// Startcondition. hostedit.php was called from outside to create a new host
else if (count($_POST)==0) {
// Create new account object with settings from default profile
// Check if there are valid groups. Can not create user with no primary group
$groups = findgroups();
if (count($groups)==0) {
// Write HTML-Header
echo $header_intern;
echo "<title>";
echo _("Create new Account");
echo "</title>\n".
"<link rel=\"stylesheet\" type=\"text/css\" href=\"../../style/layout.css\">\n".
"<meta http-equiv=\"pragma\" content=\"no-cache\">\n".
"<meta http-equiv=\"cache-control\" content=\"no-cache\">\n".
"</head><body>\n";
// Display errir-messages
StatusMessage("ERROR", _("Can not create any hosts."),_("Please create a group first."));
echo "<a href=../lists/listhosts.php>"._("Back to hostlist")."</a>\n";
echo "</body></html>";
die;
}
$account_new = loadHostProfile('default');
$account_new ->type = 'host';
$account_new->smb_flags['W'] = 1;
$account_new->smb_flags['X'] = 1;
$account_new->general_homedir = '/dev/null';
$account_new->general_shell = '/bin/false';
$_SESSION['account'] = new accountContainer('host', 'account');
$_SESSION['account']->new_account();
}
$_SESSION['account']->continue_main($_POST);
switch ($_POST['select']) {
/* Select which page should be displayed. For hosts we have
* only have general and finish
* general = page with all settings for hosts
* final = page which will be displayed if changes were made
*/
case 'general':
if (!$_POST['load']) {
if (($account_new->general_username != $_POST['f_general_username']) && ereg('[A-Z]$', $_POST['f_general_username']))
$errors[] = array('WARN', _('Hostname'), _('You are using a capital letters. This can cause problems because not all programs are case-sensitive.'));
// Write all general values into $account_new if no profile should be loaded
$account_new->general_dn = $_POST['f_general_suffix'];
$account_new->general_username = $_POST['f_general_username'];
$account_new->general_uidNumber = $_POST['f_general_uidNumber'];
$account_new->general_group = $_POST['f_general_group'];
$account_new->general_gecos = $_POST['f_general_gecos'];
// Check if values are OK and set automatic values. if not error-variable will be set
// Add $ to end of hostname if hostname doesn't end with "$"
if ( substr($account_new->general_username, strlen($account_new->general_username)-1, strlen($account_new->general_username)) != '$' ) {
$account_new->general_username = $account_new->general_username . '$';
$errors[] = array('WARN', _('Host name'), _('Added $ to hostname.'));
}
// Get copy of hostname so we can check if changes were made
$tempname = $account_new->general_username;
// Check if Hostname contains only valid characters
if ( !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-]|[$])*$', $account_new->general_username))
$errors[] = array('ERROR', _('Host name'), _('Hostname contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and .-_ !'));
// Create automatic Hostname with number if original host already exists
// Reset name to original name if new name is in use
if (ldapexists($account_new, $account_old) && is_object($account_old))
$account_new->general_username = $account_old->general_username;
while ($temp = ldapexists($account_new, $account_old)) {
// Remove "$" at end of hostname
$account_new->general_username = substr($account_new->general_username, 0, $account_new->general_username-1);
// get last character of username
$lastchar = substr($account_new->general_username, strlen($account_new->general_username)-1, 1);
if ( !ereg('^([0-9])+$', $lastchar)) {
/* Last character is no number. Therefore we only have to
* add "2" to it.
*/
$account_new->general_username = $account_new->general_username . '2$';
}
else {
/* Last character is a number -> we have to increase the number until we've
* found a hostname with trailing number which is not in use.
*
* $i will show us were we have to split hostname so we get a part
* with the hostname and a part with the trailing number
*/
$i=strlen($account_new->general_username)-3;
$mark = false;
// Set $i to the last character which is a number in $account_new->general_username
while (!$mark) {
if (ereg('^([0-9])+$',substr($account_new->general_username, $i, strlen($account_new->general_username)-1))) $i--;
else $mark=true;
}
// increase last number with one
$firstchars = substr($account_new->general_username, 0, $i+2);
$lastchars = substr($account_new->general_username, $i+2, strlen($account_new->general_username)-$i);
// Put hostname together
$account_new->general_username = $firstchars . (intval($lastchars)+1). '$';
}
}
// Show warning if lam has changed hostname
if ($account_new->general_username != $tempname)
$errors[] = array('WARN', _('Host name'), _('Hostname already in use. Selected next free hostname.'));
// Check if Name-length is OK. minLength=3, maxLength=20
if ( !ereg('.{3,20}', $account_new->general_username)) $errors[] = array('ERROR', _('Name'), _('Name must contain between 3 and 20 characters.'));
// Check if Name starts with letter
if ( !ereg('^([a-z]|[A-Z]).*$', $account_new->general_username))
$errors[] = array('ERROR', _('Name'), _('Name contains invalid characters. First character must be a letter.'));
// Set gecos-field to hostname if it's empty
if ($account_new->general_gecos=='') {
$account_new->general_gecos = $account_new->general_username;
$errors[] = array('INFO', _('Gecos'), _('Inserted hostname in gecos-field.'));
}
// Check if UID is valid. If none value was entered, the next useable value will be inserted
$temp = explode(':', checkid($account_new, $account_old));
$account_new->general_uidNumber = $temp[0];
// true if checkid has returned an error
if ($temp[1]!='') $errors[] = explode(';',$temp[1]);
// Set Samba-Domain
if ($config_intern->is_samba3()) {
// Samba 3 used a samba3domain object
// Get all domains
$samba3domains = $ldap_intern->search_domains($config_intern->get_domainSuffix());
// Search the corrct domain in array
unset($account_new->smb_domain);
$i = 0;
while (!is_object($account_new->smb_domain) && isset($samba3domains[$i])) {
if ($_POST['f_smb_domain'] == $samba3domains[$i]->name)
$account_new->smb_domain = $samba3domains[$i];
else $i++;
}
}
// Samba 2.2 uses only a string as domainname
else {
$account_new->smb_domain = $_POST['f_smb_domain'];
// Check if Domain-name is OK
if ((!$account_new->smb_domain=='') && !ereg('^([a-z]|[A-Z]|[0-9]|[-])+$', $account_new->smb_domain))
$errors[] = array('ERROR', _('Domain name'), _('Domain name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and -.'));
}
// Reset password if reset button was pressed. Button only vissible if account should be modified
if ($_POST['respass']) {
$account_new->unix_password_no=true;
$account_new->smb_flags['N']=true;
}
}
// Check Objectclasses. Display Warning if objectclasses don'T fot
if (isset($account_old->general_objectClass)) {
if (!in_array('posixAccount', $account_old->general_objectClass)) $errors[] = array('WARN', _('ObjectClass posixAccount not found.'), _('Have to add objectClass posixAccount.'));
if (!in_array('shadowAccount', $account_old->general_objectClass)) $errors[] = array('WARN', _('ObjectClass shadowAccount not found.'), _('Have to add objectClass shadowAccount.'));
if ($config_intern->is_samba3()) {
if (!in_array('sambaSamAccount', $account_old->general_objectClass)) $errors[] = array('WARN', _('ObjectClass sambaSamAccount not found.'), _('Have to add objectClass sambaSamAccount. Host with sambaAccount will be updated.'));
}
else if (!in_array('sambaAccount', $account_old->general_objectClass)) $errors[] = array('WARN', _('ObjectClass sambaAccount not found.'), _('Have to add objectClass sambaAccount. Host with sambaSamAccount will be set back to sambaAccount.'));
}
break;
case 'finish':
// Check if pdf-file should be created
if ($_POST['outputpdf']) {
createHostPDF(array($account_new));
die;
}
break;
}
do { // X-Or, only one if() can be true
// Reset account to original settings if undo-button was pressed
if ($_POST['next_reset']) {
$account_new = $account_old;
$account_new->general_dn = substr($account_new->general_dn, strpos($account_new->general_dn, ',')+1);
break;
}
// Create-Button was pressed
if ( $_POST['create'] && !isset($errors)) {
// Create or modify an account
if ($account_old) $result = modifyhost($account_new,$account_old);
else $result = createhost($account_new); // account.inc
if ($result==5 || $result==4) $select_local = 'general';
else $select_local = 'finish';
}
// Back to main-page
if ($_POST['createagain']) {
$select_local='general';
unset ($_SESSION['account_'.$varkey.'_account_new']);
unset($account_new);
$_SESSION['account_'.$varkey.'_account_new'] = loadHostProfile('default');
$account_new =& $_SESSION['account_'.$varkey.'_account_new'];
$account_new ->type = 'host';
break;
}
// Load Profile and reset all attributes to settings in profile
if ($_POST['load']) {
$account_new->general_dn = $_POST['f_general_suffix'];
$account_new->general_username = $_POST['f_general_username'];
$account_new->general_uidNumber = $_POST['f_general_uidNumber'];
$account_new->general_group = $_POST['f_general_group'];
$account_new->general_gecos = $_POST['f_general_gecos'];
// load profile
if ($_POST['f_general_selectprofile']!='') $values = loadHostProfile($_POST['f_general_selectprofile']);
if (is_object($values)) {
while (list($key, $val) = each($values)) // Set only defined values
if (isset($val)) $account_new->$key = $val;
}
$errors[] = array('INFO', _('Load profile'), _('Profile loaded.'));
break;
}
// Save Profile
if ($_POST['save']) {
// save profile
if ($_POST['f_finish_safeProfile']=='')
$errors[] = array('ERROR', _('Save profile'), _('No profilename given.'));
else {
if (saveHostProfile($account_new, $_POST['f_finish_safeProfile']))
$errors[] = array('INFO', _('Save profile'), _('New profile created.'));
else $errors[] = array('ERROR', _('Save profile'), _('Wrong profilename given.'));
}
break;
}
// Go back to listhosts.php
if ($_POST['backmain']) {
if (isset($_SESSION['account_'.$varkey.'_account_new'])) unset($_SESSION['account_'.$varkey.'_account_new']);
if (isset($_SESSION['account_'.$varkey.'_account_old'])) unset($_SESSION['account_'.$varkey.'_account_old']);
metaRefresh("../lists/listhosts.php");
die;
break;
}
} while(0);
// Display main page if nothing else was selected
if (!isset($select_local)) $select_local = 'general';
// Write HTML-Header
echo $header_intern;
echo "<title>";
echo _("Create new Account");
echo "</title>\n".
"<link rel=\"stylesheet\" type=\"text/css\" href=\"../../style/layout.css\">\n".
"<meta http-equiv=\"pragma\" content=\"no-cache\">\n".
"<meta http-equiv=\"cache-control\" content=\"no-cache\">\n".
"</head><body>\n".
"<form action=\"hostedit.php\" method=\"post\">\n".
"<input name=\"varkey\" type=\"hidden\" value=\"".$varkey."\">\n";
// Display errir-messages
if (is_array($errors))
for ($i=0; $i<sizeof($errors); $i++) StatusMessage($errors[$i][0], $errors[$i][1], $errors[$i][2]);
// print_r($account_new);
/* Select which part of page will be loaded
* Because hosts have very less settings all are
* on a single page. Only success-message is on a
* different page
*/
switch ($select_local) {
// general = startpage, all account paramters
// finish = page shown after account has been created/modified
case 'general':
// General Account Settings
// load list of all groups
$groups = findgroups();
// load list of profiles
$profilelist = getHostProfiles();
// Get List of all domains
if ($config_intern->is_samba3()) $samba3domains = $ldap_intern->search_domains($config_intern->get_domainSuffix());
// Why this ?? fixme
if ($account_new->smb_flags['N']) echo '<input name="f_smb_flagsN" type="hidden" value="1">';
// Show page info
echo '<input name="select" type="hidden" value="general">';
// Show fieldset with list of all host profiles
if (count($profilelist)!=0) {
echo "<fieldset class=\"hostedit-dark\"><legend class=\"hostedit-bright\"><b>";
echo _("Load profile");
echo "</b></legend>\n<table border=0 width=\"100%\">\n<tr>\n<td width=\"50%\">";
echo "<select name=\"f_general_selectprofile\" >";
foreach ($profilelist as $profile) echo " <option>$profile</option>\n";
echo "</select>\n".
"<input name=\"load\" type=\"submit\" value=\""; echo _('Load Profile');
echo "\"></td><td width=\"30%\"></td><td width=\"20\"><a href=\"../help.php?HelpNumber=421\" target=\"lamhelp\">";
echo _('Help')."</a></td>\n</tr>\n</table>\n</fieldset>\n";
}
// Show Fieldset with all host settings
echo "<fieldset class=\"hostedit-bright\"><legend class=\"hostedit-bright\"><b>";
echo _("General properties");
echo "</b></legend>\n<table border=0 width=\"100%\">\n<tr>\n<td width=\"50%\">";
echo _('Host name').'*';
echo "</td>\n<td width=\"30%\">".
'<input name="f_general_username" type="text" size="20" maxlength="20" value="' . $account_new->general_username . '">'.
"</td><td width=\"20%\">".
'<a href="../help.php?HelpNumber=410" target="lamhelp">'._('Help').'</a>'.
"</td></tr>\n<tr><td>";
echo _('UID number');
echo "</td>\n<td>".
'<input name="f_general_uidNumber" type="text" size="6" maxlength="6" value="' . $account_new->general_uidNumber . '">'.
"</td>\n<td>".
'<a href="../help.php?HelpNumber=411" target="lamhelp">'._('Help').'</a>'.
"</td></tr>\n<tr><td>";
echo _('Primary group').'*';
echo "</td>\n<td><select name=\"f_general_group\">";
foreach ($groups as $group) {
if ($account_new->general_group == $group) echo '<option selected>' . $group. '</option>';
else echo '<option>' . $group. '</option>';
}
echo '</select></td><td>'.
'<a href="../help.php?HelpNumber=412" target="lamhelp">'._('Help').'</a>'.
"</td></tr>\n<tr><td>";
echo _('Gecos');
echo '</td><td><input name="f_general_gecos" type="text" size="30" value="' . $account_new->general_gecos . '">'.
"</td>\n<td>".
'<a href="../help.php?HelpNumber=413" target="lamhelp">'._('Help').'</a>'.
'</td></tr><tr><td>';
echo _('Password');
echo '</td><td>';
if (isset($account_old)) {
echo '<input name="respass" type="submit" value="';
echo _('Reset password'); echo '">';
}
echo "</td></tr>\n<tr><td>";
echo _('Domain');
if ($config_intern->is_samba3()) {
// Get Domain-name from domainlist when using samba 3
echo '</td><td><select name="f_smb_domain">';
for ($i=0; $i<sizeof($samba3domains); $i++) {
if ($account_new->smb_domain->name) {
if ($account_new->smb_domain->name == $samba3domains[$i]->name)
echo '<option selected>' . $samba3domains[$i]->name. '</option>';
else echo '<option>' . $samba3domains[$i]->name. '</option>';
}
else echo '<option>' . $samba3domains[$i]->name. '</option>';
}
echo '</select>';
}
else {
// Display a textfield for samba 2.2
echo '</td>'."\n".'<td><input name="f_smb_domain" type="text" size="20" maxlength="80" value="' . $account_new->smb_domain . '">';
}
echo '</td>'."\n".'<td><a href="../help.php?HelpNumber=460" target="lamhelp">'._('Help').'</a></td></tr>'."\n<tr><td>";
// Display all allowed host suffixes
echo _('Suffix'); echo '</td><td><select name="f_general_suffix">';
foreach ($ldap_intern->search_units($config_intern->get_HostSuffix()) as $suffix) {
if ($account_new->general_dn) {
if ($account_new->general_dn == $suffix)
echo '<option selected>' . $suffix. '</option>';
else echo '<option>' . $suffix. '</option>';
}
else echo '<option>' . $suffix. '</option>';
}
echo '</select></td><td><a href="../help.php?HelpNumber=463" target="lamhelp">'._('Help').'</a>'.
"</td>\n</tr>\n</table>";
echo _('Values with * are required');
echo "</fieldset>\n";
// Show fieldset where to save a new profile
echo "<fieldset class=\"hostedit-dark\"><legend class=\"hostedit-bright\"><b>";
echo _("Save profile");
echo "</b></legend>\n<table border=0 width=\"100%\">\n<tr>\n<td width=\"50%\">";
echo '<input name="f_finish_safeProfile" type="text" size="30" maxlength="50">';
echo '<input name="save" type="submit" value="';
echo _('Save profile');
echo '"></td><td width="30%"></td><td width="20%"><a href="../help.php?HelpNumber=457" target="lamhelp">'._('Help');
echo "</a></td>\n</tr>\n</table>\n</fieldset>";
// Show fieldset with modify, undo and back-button
echo "<fieldset class=\"hostedit-bright\"><legend class=\"hostedit-bright\"><b>";
if ($account_old) echo _('Modify');
else echo _('Create');
echo "</b></legend>\n";
echo "<table border=0 width=\"100%\"><tr><td width=\"50%\">";
// display undo-button when editiing a host
if (isset($account_old)) {
echo "<input name=\"next_reset\" type=\"submit\" value=\""; echo _('Undo changes');
echo "\">\n";
}
echo "</td>\n<td width=\"30%\">";
echo '<input name="create" type="submit" value="';
if ($account_old) echo _('Modify Account');
else echo _('Create Account');
echo "\">\n</td><td width=\"20%\">";
echo "</td></tr></table></fieldset>\n";
break;
case 'finish':
// Final Settings
echo '<input name="select" type="hidden" value="finish">';
echo "<fieldset class=\"hostedit-bright\"><legend class=\"hostedit-bright\"><b>"._('Note')."</b></legend>\n";
echo "<table border=0 width=\"100%\"><tr><td>";
echo '<tr><td>';
echo _('Host');
echo ' '.$account_new->general_username.' ';
if ($account_old) echo ' '._('has been modified').'.';
else echo ' '._('has been created').'.';
echo '</td></tr>'."\n".'<tr><td>';
if (!$account_old)
{ echo '<input name="createagain" type="submit" value="'; echo _('Create another host'); echo '">'; }
echo '</td>'."\n".'<td>'.
'<input name="outputpdf" type="submit" value="'; echo _('Create PDF file'); echo '">'.
'</td>'."\n".'<td>'.
'<input name="backmain" type="submit" value="'; echo _('Back to host list'); echo '">'.
'</td></tr></table></fieldset'."\n";
break;
}
// Print end of HTML-Page
echo '</form></body></html>';
?>