dependencies) of all user module dependencies // dependencies contains an array with two sub arrays: depends, conflicts // the elements of depends are either module names or an array of module names (OR-case) // the elements of conflicts are module names function getModulesDependencies($scope) { // scope = suer, group, host, .... // get module names. $dir = opendir('../../lib/modules'); while ($entry = readdir($dir)) if (is_file('../../lib/modules/'.$entry)) { $entry = substr($entry, 0, strpos($entry, '.')); $eval = '$module = '.$entry."::get_dependencies(".$scope.");"; eval ($eval); if ($module != -1) $return[$entry] = $module; } return $return; } // checks if there are missing dependencies between modules // $selected is an array of selected module names // $deps is an array of module dependencies // returns false if no misssing dependency was found // returns an array of array(selected module, depending module) if missing dependencies were found function check_module_depends($selected, $deps) { $ret = array(); for ($m = 0; $m < sizeof($selected); $m++) { // check selected modules for ($i = 0; $i < sizeof($deps[$selected[$m]]['depends']); $i++) { // check dependencies of module // check if we have OR-combined modules if (is_array($deps[$selected[$m]]['depends'][$i])) { // one of the elements is needed $found = false; $depends = $deps[$selected[$m]]['depends'][$i]; for ($d = 0; $d < sizeof($depends); $d++) { if (in_array($depends[$d], $selected)) { $found = true; break; } } if (! $found) { // missing dependency, add to return value $ret[] = array($selected[$m], implode(" || ", $depends)); } } else { // single dependency if (! in_array($deps[$selected[$m]]['depends'][$i], $selected)) { // missing dependency, add to return value $ret[] = array($selected[$m], $deps[$selected[$m]]['depends'][$i]); } } } } if (sizeof($ret) > 0) return $ret; else return false; } // checks if there are conflicts between modules // $selected is an array of selected module names // $deps is an array of module dependencies // returns false if no conflict was found // returns an array of array(selected module, conflicting module) if conflicts were found function check_module_conflicts($selected, $deps) { $ret = array(); for ($m = 0; $m < sizeof($selected); $m++) { for ($i = 0; $i < sizeof($deps[$selected[$m]]['conflicts']); $i++) { if (in_array($deps[$selected[$m]]['conflicts'][$i], $selected)) { $ret[] = array($selected[$m], $deps[$selected[$m]]['conflicts'][$i]); } } } if (sizeof($ret) > 0) return $ret; else return false; } // returns an array with all available user module names function getAvailableModules($scope) { // scope = suer, group, host, .... // get module names. $dir = opendir('../../lib/modules'); while ($entry = readdir($dir)) if (is_file('../../lib/modules/'.$entry)) { $entry = substr($entry, 0, strpos($entry, '.')); $eval = '$module = '.$entry."::get_dependencies(".$scope.");"; eval ($eval); if ($module != -1) $return[] = getModuleAlias($entry, $scope); } return $return; } function getProfileOptions($scope, $post=false) { // type = user, group, host, ... if (!isset($_SESSION['profile_account'])) { // create new object $_SESSION['profile_account'] = new accountContainer($scope, 'profile_account'); $_SESSION['profile_account']->new_account(); } return $_SESSION['profile_account']->display_profile($post); } function checkProfileOptions($scope, $post) { // type = user, group, host, ... if (!isset($_SESSION['profile_account'])) { // create new object $_SESSION['profile_account'] = new accountContainer($scope, 'profile_account'); $_SESSION['profile_account']->new_account(); } return $_SESSION['profile_account']->process_profile($post); } class accountContainer { // Constructor function accountContainer($type, $base) { /* Set the type of account. Valid * types are: user, group, host */ // Check input variable if (!is_string($type)) trigger_error(_('Argument of accountContainer must be string.'), E_USER_ERROR); if (!is_string($base)) trigger_error(_('Argument of accountContainer must be string.'), E_USER_ERROR); // *** fixme use global variable to determine allowed types $allowed_types = array ( 'user', 'group', 'host', 'domain' ); if (!in_array($type, $allowed_types)) trigger_error(_('Account type not recognized.'), E_USER_ERROR); $this->type = $type; $this->base = $base; // Name of variables in session $this->ldap = 'ldap'; $this->config = 'config'; $this->cache = 'cache'; $this->header2 = 'header'; $this->module['main'] = new main($this->base); return 0; } /* Array of all used attributes * Syntax is attribute => array ( objectClass => MUST or MAY, ...) */ var $attributes; /* This variale stores the type * of account. Current unix, group, host are supported */ var $scope; var $ldap; // This is a reference to the ldap class in session var $config; // This is a reference to the config class in session // Localized part of HTML-Header var $header2; var $module; // This is an array with all module objects // DN of the account var $dn; var $dn_orig; // this are stores the module order var $order; // name of accountContainer so we can read other classes in accuontArray var $base; /* Get the type of account. Valid * types are: user, group, host */ function get_type() { return $this->type; } /* This function asks $this->module['main'] * what to do next */ function continue_main($post) { if ($this->module['main']->subpage=='') $this->module['main']->subpage='attributes'; if ($post['form_main_reset']) { $this->load_account($this->dn_orig); } else { $function = '$result = $this->module[$this->order[$this->module[\'main\']->current_page]]->proccess_'.$this->module['main']->subpage.'($post);'; eval ($function); } if (is_string($result)) $this->module['main']->subpage = $result; if (is_int($result)) for ($i=0; $iorder); $i++ ) if ($post['form_main_'.$this->order[$i]]) { $this->module['main']->current_page = $i; $this->module['main']->subpage='attributes'; } // Write HTML-Code echo $_SESSION[$this->header2]; echo ""; if ($this->dn_orig!='') echo _("Modify Account"); else echo _("Create new Account"); echo "\n"; echo "\n"; echo "\n"; echo "
\n"; // Display errir-messages if (is_array($result)) foreach ($result as $result2) if (is_array($result2)) for ($i=0; $i\n"; echo ""; echo "\n"; echo "
type."edit-dark\">type."edit-bright\">"; echo _('Please select page:'); echo "\n"; // Loop for module for ($i=0; $iorder); $i++ ) { if ($this->order[$i]==$this->order[$this->module['main']->current_page] || !$this->module[$this->order[$i]]->module_ready() ) { // print disabled button echo "order[$i]."\" type=\"submit\" value=\""; echo $this->module[$this->order[$i]]->get_alias(); echo "\" disabled>\n
"; } else { // print normal button echo "order[$i]."\" type=\"submit\" value=\""; echo $this->module[$this->order[$i]]->get_alias(); echo "\">\n
"; } } if ($this->dn_orig!='') echo "
\n"; echo "
\n"; echo "
type."edit-dark\">type."edit-bright\">"; echo $this->module[$this->order[$this->module['main']->current_page]]->get_alias(); echo "\n"; // display html-code from mdule $function = '$result = $this->module[$this->order[$this->module[\'main\']->current_page]]->display_html_'.$this->module['main']->subpage.'($post);'; eval ($function); $this->parse_html($this->order[$this->module['main']->current_page], $result); // Display rest of html-page echo "
\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; return 0; } function parse_html($module, $input) { if (is_array($input)) { echo "\n"; for ($i=0; $i\n"; for ($j=0; $j\n"; echo $input[$i][$j]['text'] . "\n"; break; case 'input': echo "\n"; $output = "\n"; echo "
\n"; if ($input[$i][$j]['legend']!='') echo "" . $input[$i][$j]['legend'] . "\n"; $this->parse_html($module, $input[$i][$j]['value']); echo "
\n"; break; case 'select': if (!is_array($input[$i][$j]['options'])) $input[$i][$j]['options'] = array ( $input[$i][$j]['options'] ); if (!is_array($input[$i][$j]['options_selected'])) $input[$i][$j]['options_selected'] = array ( $input[$i][$j]['options_selected'] ); echo "\n"; echo "\n"; break; case 'table': echo "\n"; $this->parse_html($module, $input[$i][$j]['value']); echo "\n"; break; case 'help': echo "\n"; echo "" . _('Help') . "\n"; break; case 'message': echo "\n"; StatusMessage($input[$i][$j]['type'], $input[$i][$j]['headline'], $input[$i][$j]['text']); echo "\n"; break; default: echo "
\n"; break; } } echo "\n"; } } echo "
Unrecognized type: " . $input[$i][$j]['kind'] . "
\n"; } /* Add attributes to variable. Syntax is array( attribute = array ( objectClass1 => MUST|MAX, objectClass2 => MUST|MAY ), ... ) */ function add_attributes($objectClass) { // loop through every existing objectlass and select current objectClass $line=-1; for ($i=0; $ildap]->objectClasses) || $i==-1; $i++) { if (strpos($_SESSION[$this->ldap]->objectClasses[$i], "NAME '$objectClass'")) $line = $i; } // Return error if objectClass isn't found if ($line==-1) trigger_error (sprintf(_("objectClass %s required but not defined in ldap."), $objectClass), E_USER_WARNING); // create array with must-attributes // Get startposition in string if (strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MUST (')) { $string_withtail = substr($_SESSION[$this->ldap]->objectClasses[$line], strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MUST (')+6); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); $must = explode(" $ ", $string); // Ad must foreach ($must as $attribute) { if (!isset($this->attributes[$attribute])) $this->attributes[$attribute][$objectClass] = 'MUST'; else $this->attributes[$attribute][$objectClass] = 'MUST'; } } // create array with may-attributes // Get startposition in string if (strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MAY (')) { $string_withtail = substr($_SESSION[$this->ldap]->objectClasses[$line], strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MAY (')+5); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); $may = explode(" $ ", $string); // Ad may foreach ($may as $attribute) { if (!isset($this->attributes[$attribute])) $this->attributes[$attribute][$objectClass] = 'MAY'; else $this->attributes[$attribute][$objectClass] = 'MAY'; } } // Get attributes of subclasses while (strpos($_SESSION[$this->ldap]->objectClasses[$line], "SUP ")) { $string_withtail = substr($_SESSION[$this->ldap]->objectClasses[$line], strpos($_SESSION[$this->ldap]->objectClasses[$line], 'SUP ')+4); $subclass = substr($string_withtail, 0, strpos($string_withtail, ' ')); // Add account type to object for ($i=0; $ildap]->objectClasses) || $i==-1; $i++) { if (strpos($_SESSION[$this->ldap]->objectClasses[$i], "NAME '$subclass'")) $line = $i; } // Return error if objectClass isn't found if ($line==-1) trigger_error (sprintf(_("objectClass %s required but not defined in ldap."), $objectClass), E_USER_WARNING); // create array with must-attributes // Get startposition in string if (strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MUST (')) { $string_withtail = substr($_SESSION[$this->ldap]->objectClasses[$line], strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MUST (')+6); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); $must = explode(" $ ", $string); // Ad must foreach ($must as $attribute) { if (!isset($this->attributes[$attribute])) $this->attributes[$attribute][$objectClass] = 'MUST'; else $this->attributes[$attribute][$objectClass] = 'MUST'; } } // create array with may-attributes // Get startposition in string if (strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MAY (')) { $string_withtail = substr($_SESSION[$this->ldap]->objectClasses[$line], strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MAY (')+5); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); $may = explode(" $ ", $string); // Ad may foreach ($may as $attribute) { if (!isset($this->attributes[$attribute])) $this->attributes[$attribute][$objectClass] = 'MAY'; else $this->attributes[$attribute][$objectClass] = 'MAY'; } } } } /* This function return ldap attributes * Syntax is get_attributes($value, $scope) * $scope = 'objectClass', $value = objectClass return value are all attributes of objectClass * $scope = 'attribute', $value = attribute returns alle objectClasses which are using the attribute */ function get_attributes($value, $scope) { if ($scope=='attribute' && isset($this->attributes[$value])) return $this->attributes[$value]; if ($scope=='objectClass') { $keys = array_keys($this->attributes); foreach ($keys as $attribute) { if (isset($this->attributes[$attribute][$value])) $return[$attribute] = $this->attributes[$attribute][$value]; } return $return; } return 0; } /* This function return ldap attributes which are uses by $objectClass * Syntax is get_attributes($objectClass) * Return is an array with all allowed attributes */ function get_module_attributes($objectClass) { // Add account type to object $line=-1; for ($i=0; $ildap]->objectClasses) || $i==-1; $i++) { if (strpos($_SESSION[$this->ldap]->objectClasses[$i], "NAME '$objectClass'")) $line = $i; } // Return error if objectClass isn't found if ($line==-1) trigger_error (sprintf(_("ObjectClass %s required but not defined in ldap."), $objectClass), E_USER_WARNING); if (strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MUST (')) { $string_withtail = substr($_SESSION[$this->ldap]->objectClasses[$line], strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MUST (')+6); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); // Ad must foreach (explode(" $ ", $string) as $attribute) { $return[$attribute] = ''; } } // create array with may-attributes // Get startposition in string if (strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MAY (')) { $string_withtail = substr($_SESSION[$this->ldap]->objectClasses[$line], strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MAY (')+5); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); // Ad may foreach (explode(" $ ", $string) as $attribute) { $return[$attribute] = ''; } } // Get attributes of subclasses while (strpos($_SESSION[$this->ldap]->objectClasses[$line], "SUP ")) { $string_withtail = substr($_SESSION[$this->ldap]->objectClasses[$line], strpos($_SESSION[$this->ldap]->objectClasses[$line], 'SUP ')+4); $subclass = substr($string_withtail, 0, strpos($string_withtail, ' ')); // Add account type to object for ($i=0; $ildap]->objectClasses) || $i==-1; $i++) { if (strpos($_SESSION[$this->ldap]->objectClasses[$i], "NAME '$subclass'")) $line = $i; } // Return error if objectClass isn't found if ($line==-1) trigger_error (sprintf(_("ObjectClass %s required but not defined in ldap."), $subclass), E_USER_WARNING); // create array with must-attributes // Get startposition in string if (strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MUST (')) { $string_withtail = substr($_SESSION[$this->ldap]->objectClasses[$line], strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MUST (')+6); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); // Ad must foreach (explode(" $ ", $string) as $attribute) { $return[$attribute] = ''; } } // create array with may-attributes // Get startposition in string if (strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MAY (')) { $string_withtail = substr($_SESSION[$this->ldap]->objectClasses[$line], strpos($_SESSION[$this->ldap]->objectClasses[$line], 'MAY (')+5); // Now we have a string with all must-attributes $string = substr($string_withtail, 0, strpos($string_withtail, ')')); $string = trim($string); // Ad may foreach (explode(" $ ", $string) as $attribute) { $return[$attribute] = ''; } } } $this->add_attributes($objectClass); return $return; } /* This function return ldap attributes which are uses by $objectClass * Syntax is get_attributes($attributes, $orig) * Return is an array as needed for $this->saveAccount() */ function save_module_attributes($attributes, $orig) { // Get list of all "easy" attributes $attr_names = array_keys($attributes); // Get attributes which should be added for ($i=0; $idn]['add'] = $toadd; if (count($torem)!=0) $return[$this->dn]['remove'] = $torem; if (count($tomodify)!=0) $return[$this->dn]['modify'] = $tomodify; if (count($notchanged)!=0) $return[$this->dn]['notchanged'] = $notchanged; return $return; } /* This function checks if all MUST-attribtues are set. * If not it will return an array with all modules * which have to be set first */ function check_attributes() { $return = array(); if (is_array($this->attributes)) { // get named list of attributes $attributes = array_keys($this->attributes); for ($i=0; $iattributes[$attributes[$i]]); for ($j=0; $jattributes[$attributes[$i]][$singleattribute[$j]]=='MUST') { // Check if attribute is set if ($this->module[$singleattribute[$j]]->attributes[$attributes[$i]]=='') { if (!in_array($singleattribute[$j], $return)) $return[] = $singleattribute[$j]; } } } } return $return; } } /* This function will load an account. * $dn is the dn of the account which should be loaded */ function load_account($dn) { $function = '$modules = $_SESSION[$this->config]->get_'.ucfirst($this->type).'Modules();'; eval ($function); $search = substr($dn, 0, strpos($dn, ',')); $result = ldap_search($_SESSION[$this->ldap]->server(), $dn, $search); $entry = ldap_first_entry($_SESSION[$this->ldap]->server(), $result); $this->dn = substr($dn, strpos($dn, ',')+1); $this->dn_orig = $dn; $attr = ldap_get_attributes($_SESSION[$this->ldap]->server(), $entry); foreach ($modules as $module) { if (!isset($this->module[$module])) $this->module[$module] = new $module($this->base); $this->module[$module]->load_attributes($attr); } // sortm modules and make all active because all required attributes should be set $module = array_keys ($this->module); $modulelist = array(); // loop until all modules are in order. // We don't want to loop forever $remain = count($module) * count($module); $order = array(); while ( (count($module) != count($modulelist)) && ($remain!=0) ) { $remain--; foreach ($module as $moduleitem) { $required = $this->module[$moduleitem]->get_dependencies($this->type); $everything_found = true; if (is_array($required['require'])) { foreach ($required['require'] as $requireditem) if (!in_array($reuquireditem, $modulelist)) $everthing_found = false; } if ($everything_found && !in_array($moduleitem, $order) ) $order[] = $moduleitem; } } // Write Module-Order in variable $this->order = $order; return 0; } function display_profile($post) { $return = array(); $post = array(); $module = array_keys ($this->module); foreach ($module as $singlemodule) { // get list of display functions. $list = $this->module[$singlemodule]->pages(); foreach ($list as $item) { $function = 'display_html_' . $item; $page = $this->module[$singlemodule]->$function($post,true); //eval($function); foreach ( $page as $item ) $return[$singlemodule][] = $item; //$return = array_merge($return, $page); } } return $return; } function proccess_profile($post) { $return = array(); $module = array_keys ($this->module); foreach ($module as $singlemodule) { // get list of display functions. $list = $this->module[$singlemodule]->pages(); foreach ($list as $item) { $function = 'display_html_' . $item; $page = $this->module[$singlemodule]->$function($post,true); //eval($function); $return = array_merge($return, $page); } } return $return; } /* This function will prepare the object * for a new account */ function new_account() { $function = '$modules = $_SESSION[$this->config]->get_'.ucfirst($this->type).'Modules();'; eval ($function); foreach ($modules as $module) $this->module[$module] = new $module($this->base); $module = array_keys ($this->module); $modulelist = array(); // loop until all modules are in order. // We don't want to loop forever $remain = count($module) * count($module); $order = array(); while ( (count($module) != count($modulelist)) && ($remain!=0) ) { $remain--; foreach ($module as $moduleitem) { $required = $this->module[$moduleitem]->get_dependencies($this->type); $everything_found = true; if (is_array($required['require'])) { foreach ($required['require'] as $requireditem) if (!in_array($reuquireditem, $modulelist)) $everthing_found = false; } if ($everything_found && !in_array($moduleitem, $order) ) $order[] = $moduleitem; } } // Write Module-Order in variable $this->order = $order; // *** fixme load*Profile must return array in the same way ldap_get_attributes does. $function = '$newattributes = load'.ucfirst($this->type).'Profile(\'default\');'; //eval($function); return 0; } /* This function will load an account. */ function save_account() { $module = array_keys ($this->module); $attributes = array(); // load attributes foreach ($module as $singlemodule) { // load changes $temp = $this->module[$singlemodule]->save_attributes(); // merge changes $DNs = array_keys($temp); // *** fixme don't include references $attributes = array_merge_recursive($temp, $attributes); for ($i=0; $itype=='group') $search = 'cn'; else $search = 'uid'; $added = false; print_r($attributes); foreach ($attributes as $DN) { if (isset($DN['modify'][$search][0]) && !$added) { $attributes[$search.'='.$DN['modify'][$search][0].','.$this->dn] = $attributes[$this->dn]; unset ($attributes[$this->dn]); $this->dn = $search.'='.$DN['modify'][$search][0].','.$this->dn; $added = true; } if (isset($DN['add'][$search][0]) && !$added) { $attributes[$search.'='.$DN['add'][$search][0].','.$this->dn] = $attributes[$this->dn]; unset ($attributes[$this->dn]); $this->dn = $search.'='.$DN['add'][$search][0].','.$this->dn; $added = true; } if (isset($DN['notchanged'][$search][0]) && !$added) { $attributes[$search.'='.$DN['notchanged'][$search][0].','.$this->dn] = $attributes[$this->dn]; unset ($attributes[$this->dn]); $this->dn = $search.'='.$DN['notchanged'][$search][0].','.$this->dn; $added = true; } } // Add old dn if dn hasn't changed if (!$added) { $attributes[$this->dn_orig] = $attributes[$this->dn]; unset ($attributes[$this->dn]); $this->dn = $this->dn_orig; } // Set to true if an real error has happened $stopprocessing = false; // Add new DN if (isset($attributes[$DNs[$i]]['errors'])) { foreach ($attributes[$DNs[$i]]['errors'] as $singleerror) { $errors[] = $singleerror; if ($singleerror[0] = 'ERROR') $stopprocessing = true; } } // fixme *** ad update_cache after every ldap-change if (!$stopprocessing) { if ($this->dn != $this->dn_orig) { // move existing DN if ($this->dn_orig!='') { // merge attributes together $attr = array_merge_recursive($attributes[$this->dn]['add'], $attributes[$this->dn]['notchanged'], $attributes[$this->dn]['modify']); $success = @ldap_add($_SESSION[$this->ldap]->server(), $this->dn, $attr); if ($success) { $_SESSION[$this->cache]->update_cache($this->$dn, 'add', $attr); $success = @ldap_delete($_SESSION[$this->ldap]->server(), $this->dn_orig); if (!$success) { $errors[] = array('ERROR', 'LDAP', sprintf(_('Was unable to delete dn: %s.'), $this->dn_orig)); $stopprocessing = true; } if ($success) $_SESSION[$this->cache]->update_cache($this->$dn, 'delete_dn'); } if (!$success) { $errors[] = array('ERROR', 'LDAP', sprintf(_('Was unable to create dn: %s. This is possible a bug. Please check your ldap logs and send a bug report if it is a possible bug.'), $this->dn)); $stopprocessing = true; } } // create complete new dn else { $attr = array_merge_recursive($attributes[$this->dn]['add'], $attributes[$this->dn]['notchanged'], $attributes[$this->dn]['modify']); $success = @ldap_add($_SESSION[$this->ldap]->server(), $this->dn, $attributes[$this->dn]['add']); if (!$success) { $errors[] = array('ERROR', 'LDAP', sprintf(_('Was unable to create dn: %s. This is possible a bug. Please check your ldap logs and send a bug report if it is a possible bug.'), $this->dn)); $stopprocessing = true; } else $_SESSION[$this->cache]->update_cache($this->$dn, 'add', $attributes[$this->dn]['add']); } unset($attributes[$this->dn]); } } $DNs = array_keys($attributes); for ($i=0; $ildap]->server(), $DNs[$i], $attributes[$DNs[$i]]['modify']); if (!$success) { $errors[] = array('ERROR', 'LDAP', sprintf(_('Was unable to modify attribtues from dn: %s. This is possible a bug. Please check your ldap logs and send a bug report if it is a possible bug.'), $DNs[$i])); $stopprocessing = true; } else $_SESSION[$this->cache]->update_cache($this->$dn, 'modify', $attributes[$this->dn]['modify']); } // add attributes if (isset($attributes[$DNs[$i]]['add']) && !$stopprocessing) { $success = @ldap_mod_add($_SESSION[$this->ldap]->server(), $DNs[$i], $attributes[$DNs[$i]]['add']); if (!$success) { $errors[] = array('ERROR', 'LDAP', sprintf(_('Was unable to add attribtues to dn: %s. This is possible a bug. Please check your ldap logs and send a bug report if it is a possible bug.'), $DNs[$i])); $stopprocessing = true; } else $_SESSION[$this->cache]->update_cache($this->$dn, 'add', $attributes[$this->dn]['add']); } // removce attributes if (isset($attributes[$DNs[$i]]['remove']) && !$stopprocessing) { $success = @ldap_mod_del($_SESSION[$this->ldap]->server(), $DNs[$i], $attributes[$DNs[$i]]['remove']); if (!$success) { $errors[] = array('ERROR', 'LDAP', sprintf(_('Was unable to remove attribtues from dn: %s. This is possible a bug. Please check your ldap logs and send a bug report if it is a possible bug.'), $DNs[$i])); $stopprocessing = true; } else $_SESSION[$this->cache]->update_cache($this->$dn, 'remove', $attributes[$this->dn]['remove']); } } } if (!$stopprocessing) { foreach ($attributes as $DN) { if (is_array($DN['lamdaemon']['command'])) $result = $this->lamdaemon($DN['lamdaemon']['command']); // Error somewhere in lamdaemon foreach ($result as $singleresult) { if (is_array($singleresult)) { if ($singleresult[0] = 'ERROR') $stopprocessing = true; $temparray[0] = $singleresult[0]; $temparray[1] = _($singleresult[1]); $temparray[2] = _($singleresult[2]); $errors[] = $temparray; } } } } if (count($errors)!=0) return $errors; return 0; } function lamdaemon($commands) { // get username and password of the current lam-admin $ldap_q = $_SESSION[$this->ldap]->decrypt_login(); /* $towrite has the following syntax: * admin-username, admin-password, owner of homedir, 'home', operation='add' * use escapeshellarg to make exec() shell-safe */ $towrite = escapeshellarg($_SESSION[$this->config]->scriptServer)." ".escapeshellarg($_SESSION[$this->config]->scriptPath)." ". escapeshellarg($ldap_q[0]).' '.escapeshellarg($ldap_q[1]); $userstring = implode ("\n", $commands); if (function_exists(proc_open)) { // New Code, requires PHP 4.3 $descriptorspec = array( 0 => array("pipe", "r"), // stdin 1 => array("pipe", "w"), // stout 2 => array("file", "/dev/null", "a") // sterr ); $process = proc_open(escapeshellarg($_SESSION['lampath']."lib/lamdaemon.pl")." ".$towrite, $descriptorspec, $pipes); if (is_resource($process)) { /* perl-script is running * $pipes[0] is writeable handle to child stdin * $pipes[1] is readable handle to child stdout * any error is send to /dev/null */ // Write to stdin fwrite($pipes[0], $userstring); } fclose($pipes[0]); while (!feof($pipes[1])) { $output = fgets($pipes[1], 1024); if ($output!='') $output_array[] = $output; } fclose($pipes[1]); proc_close($process); } else { // PHP 4.3> $command = escapeshellarg($_SESSION['lampath']."lib/lamdaemon.pl")." ".$towrite; $pipe = popen("echo \"$userstring\"|$command" , 'r'); while(!feof($pipe)) { //$output .= fread($pipe, 1024); $output = fgets($pipe, 1024); if ($output!='') $output_array[] = $output; } pclose($pipe); } return $output_array; } } ?>