checkPassword($_SESSION["mainconf_password"]))) { require('mainlogin.php'); exit(); } if (isset($_POST['cancel'])) { // back to login metaRefresh('../login.php'); exit(); } $errors = array(); // check if submit button was pressed if (isset($_POST['submit'])) { // remove double slashes if magic quotes are on if (get_magic_quotes_gpc() == 1) { $postKeys = array_keys($_POST); for ($i = 0; $i < sizeof($postKeys); $i++) { if (is_string($_POST[$postKeys[$i]])) $_POST[$postKeys[$i]] = stripslashes($_POST[$postKeys[$i]]); } } // set master password if (isset($_POST['masterpassword']) && ($_POST['masterpassword'] != "")) { if ($_POST['masterpassword'] && $_POST['masterpassword2'] && ($_POST['masterpassword'] == $_POST['masterpassword2'])) { $cfg->setPassword($_POST['masterpassword']); $msg = _("New master password set successfully."); unset($_SESSION["mainconf_password"]); } else $errors[] = _("Master passwords are different or empty!"); } // set session timeout $cfg->sessionTimeout = $_POST['sessionTimeout']; // set allowed hosts if (isset($_POST['allowedHosts'])) { $allowedHosts = $_POST['allowedHosts']; $allowedHostsList = explode("\n", $allowedHosts); for ($i = 0; $i < sizeof($allowedHostsList); $i++) { $allowedHostsList[$i] = trim($allowedHostsList[$i]); // ignore empty lines if ($allowedHostsList[$i] == "") { unset($allowedHostsList[$i]); continue; } // check each line $ipRegex = '/^[0-9a-f\\.:\\*]+$/i'; if (!preg_match($ipRegex, $allowedHostsList[$i]) || (strlen($allowedHostsList[$i]) > 15)) { $errors[] = sprintf(_("The IP address %s is invalid!"), htmlspecialchars(str_replace('%', '%%', $allowedHostsList[$i]))); } } $allowedHosts = implode(",", $allowedHostsList); } else $allowedHosts = ""; $cfg->allowedHosts = $allowedHosts; // set log level $cfg->logLevel = $_POST['logLevel']; // set log destination if ($_POST['logDestination'] == "none") $cfg->logDestination = "NONE"; elseif ($_POST['logDestination'] == "syslog") $cfg->logDestination = "SYSLOG"; else { if (isset($_POST['logFile']) && ($_POST['logFile'] != "") && preg_match("/^[a-z0-9\\/\\\\:\\._-]+$/i", $_POST['logFile'])) { $cfg->logDestination = $_POST['logFile']; } else $errors[] = _("The log file is empty or contains invalid characters! Valid characters are: a-z, A-Z, 0-9, /, \\, ., :, _ and -."); } // password policies $cfg->passwordMinLength = $_POST['passwordMinLength']; $cfg->passwordMinLower = $_POST['passwordMinLower']; $cfg->passwordMinUpper = $_POST['passwordMinUpper']; $cfg->passwordMinNumeric = $_POST['passwordMinNumeric']; $cfg->passwordMinSymbol = $_POST['passwordMinSymbol']; $cfg->passwordMinClasses = $_POST['passwordMinClasses']; // save settings $cfg->save(); if (sizeof($errors) == 0) { metaRefresh('../login.php?confMainSavedOk=1'); exit(); } } echo $_SESSION['header']; ?> read(); while ($cssEntry !== false) { if (substr($cssEntry, strlen($cssEntry) - 4, 4) == '.css') { $cssFiles[] = $cssEntry; } $cssEntry = $cssDir->read(); } sort($cssFiles); foreach ($cssFiles as $cssEntry) { echo "\n"; } ?>

LDAP Account Manager

read()) { if (substr($jsEntry, strlen($jsEntry) - 3, 3) != '.js') continue; $jsFiles[] = $jsEntry; } sort($jsFiles); foreach ($jsFiles as $jsEntry) { echo "\n"; } $container = new htmlTable(); // print messages for ($i = 0; $i < sizeof($errors); $i++) { $container->addElement(new htmlStatusMessage("ERROR", $errors[$i]), true); } // check if config file is writable if (!$cfg->isWritable()) { $container->addElement(new htmlStatusMessage('WARN', 'The config file is not writable.', 'Your changes cannot be saved until you make the file writable for the webserver user.'), true); } $container->addElement(new htmlSpacer(null, '20px'), true); // security settings $securityTable = new htmlTable(); $options = array(5, 10, 20, 30, 60, 90, 120, 240); $securityTable->addElement(new htmlTableExtendedSelect('sessionTimeout', $options, array($cfg->sessionTimeout), _("Session timeout"), '238'), true); $securityTable->addElement(new htmlTableExtendedInputTextarea('allowedHosts', implode("\n", explode(",", $cfg->allowedHosts)), '30', '7', _("Allowed hosts"), '241'), true); $securityField = new htmlFieldset($securityTable, _("Security settings")); $container->addElement($securityField, true); $container->addElement(new htmlSpacer(null, '10px'), true); // password policy $policyTable = new htmlTable(); $options20 = array(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20); $options4 = array(0, 1, 2, 3, 4); $policyTable->addElement(new htmlTableExtendedSelect('passwordMinLength', $options20, array($cfg->passwordMinLength), _('Minimum password length'), '242'), true); $policyTable->addElement(new htmlTableExtendedSelect('passwordMinLower', $options20, array($cfg->passwordMinLower), _('Minimum lowercase characters'), '242'), true); $policyTable->addElement(new htmlTableExtendedSelect('passwordMinUpper', $options20, array($cfg->passwordMinUpper), _('Minimum uppercase characters'), '242'), true); $policyTable->addElement(new htmlTableExtendedSelect('passwordMinNumeric', $options20, array($cfg->passwordMinNumeric), _('Minimum numeric characters'), '242'), true); $policyTable->addElement(new htmlTableExtendedSelect('passwordMinSymbol', $options20, array($cfg->passwordMinSymbol), _('Minimum symbolic characters'), '242'), true); $policyTable->addElement(new htmlTableExtendedSelect('passwordMinClasses', $options4, array($cfg->passwordMinClasses), _('Minimum character classes'), '242'), true); $policyField = new htmlFieldset($policyTable, _("Password policy")); $container->addElement($policyField, true); $container->addElement(new htmlSpacer(null, '10px'), true); // logging $loggingTable = new htmlTable(); $levelOptions = array(_("Debug") => LOG_DEBUG, _("Notice") => LOG_NOTICE, _("Warning") => LOG_WARNING, _("Error") => LOG_ERR); $levelSelect = new htmlTableExtendedSelect('logLevel', $levelOptions, array($cfg->logLevel), _("Log level"), '239'); $levelSelect->setHasDescriptiveElements(true); $loggingTable->addElement($levelSelect, true); $destinationOptions = array(_("No logging") => "none", _("System logging") => "syslog", _("File") => 'file'); $destinationSelected = 'file'; $destinationPath = $cfg->logDestination; if ($cfg->logDestination == 'NONE') { $destinationSelected = 'none'; $destinationPath = ''; } elseif ($cfg->logDestination == 'SYSLOG') { $destinationSelected = 'syslog'; $destinationPath = ''; } $loggingTable->addElement(new htmlTableExtendedRadio(_("Log destination"), 'logDestination', $destinationOptions, $destinationSelected, '240'), true); $loggingTable->addElement(new htmlOutputText('')); $loggingTable->addElement(new htmlInputField('logFile', $destinationPath), true); $loggingField = new htmlFieldset($loggingTable, _("Logging")); $container->addElement($loggingField, true); $container->addElement(new htmlSpacer(null, '10px'), true); // change master password $passwordTable = new htmlTable(); $pwd1 = new htmlTableExtendedInputField(_("New master password"), 'masterpassword', '', '235'); $pwd1->setIsPassword(true); $passwordTable->addElement($pwd1, true); $pwd2 = new htmlTableExtendedInputField(_("Reenter password"), 'masterpassword2', ''); $pwd2->setIsPassword(true); $passwordTable->addElement($pwd2, true); $passwordField = new htmlFieldset($passwordTable, _("Change master password")); $container->addElement($passwordField, true); $container->addElement(new htmlSpacer(null, '20px'), true); // buttons if ($cfg->isWritable()) { $buttonTable = new htmlTable(); $buttonTable->addElement(new htmlButton('submit', _("Ok"))); $buttonTable->addElement(new htmlButton('cancel', _("Cancel"))); $container->addElement($buttonTable); } $tabindex = 1; parseHtml(null, $container, array(), false, $tabindex, 'user'); ?>