type = 'user'; $account_old = $account_new; $account_new->unix_password=''; $account_new->smb_password=''; $account_new->smb_flagsW = 0; $account_new->general_dn = substr($account_new->general_dn, strpos($account_new->general_dn, ',')+1); $final_changegids = ''; } else if (count($_POST)==0) { // Startcondition. useredit.php was called from outside $account_new = loadUserProfile('default'); $account_new ->type = 'user'; $account_new->smb_flagsW = 0; // load quotas from profile and check if they are valid if ($config_intern->scriptServer) { $values = getquotas('user'); if (isset($account_new->quota[0])) { // check quotas from profile $i=0; // check quota settings while (isset($account_new->quota[$i])) { $found = (-1); for ($j=0; $jquota); $j++) if ($values->quota[$j][0]==$account_new->quota[$i][0]) $found = $j; if ($found==-1) unset($account_new->quota[$i]); else { $account_new->quota[$i][1] = $values->quota[$found][1]; $account_new->quota[$i][5] = $values->quota[$found][5]; $account_new->quota[$i][4] = $values->quota[$found][4]; $account_new->quota[$i][8] = $values->quota[$found][8]; $i++; } } $account_new->quota = array_values($account_new->quota); } else { // No quotas saved in profile if (is_object($values)) { while (list($key, $val) = each($values)) // Set only defined values if (isset($val)) $account_new->$key = $val; } } } if (isset($_SESSION['account_'.$varkey.'_account_old'])) { unset($account_old); unset($_SESSION['account_'.$varkey.'_account_old']); } } switch ($_POST['select']) { // Select which part of page should be loaded and check values // general = startpage, general account paramters // unix = page with all shadow-options and password // samba = page with all samba-related parameters e.g. smbpassword // quota = page with all quota-related parameters e.g. hard file quota // personal = page with all personal-related parametergs, e.g. phone number // final = last page shown before account is created/modified // if account is modified commands might be ran are shown // finish = page shown after account has been created/modified case 'groups': do { // X-Or, only one if() can be true if (isset($_POST['allgroups']) && isset($_POST['add'])) { // Add users to list // Add new user $account_new->general_groupadd = @array_merge($account_new->general_groupadd, $_POST['allgroups']); // remove doubles $account_new->general_groupadd = @array_flip($account_new->general_groupadd); array_unique($account_new->general_groupadd); $account_new->general_groupadd = @array_flip($account_new->general_groupadd); // sort user sort($account_new->general_groupadd); break; } if (isset($_POST['selectedgroups']) && isset($_POST['remove'])) { // remove users fromlist $account_new->general_groupadd = array_delete($_POST['selectedgroups'], $account_new->general_groupadd); break; } } while(0); $select_local = 'groups'; break; case 'workstations': do { // X-Or, only one if() can be true if (isset($_POST['hosts']) && isset($_POST['add'])) { // Add users to list $temp = str_replace(' ', '', $account_new->smb_smbuserworkstations); $workstations = explode (',', $temp); for ($i=0; $ismb_smbuserworkstations = $workstations[0]; for ($i=1; $ismb_smbuserworkstations = $account_new->smb_smbuserworkstations . ", " . $workstations[$i]; } // display groupmembers page break; } if (isset($_POST['members']) && isset($_POST['remove'])) { // remove users fromlist $temp = str_replace(' ', '', $account_new->smb_smbuserworkstations); $workstations = explode (',', $temp); for ($i=0; $ismb_smbuserworkstations = $workstations[0]; for ($i=1; $ismb_smbuserworkstations = $account_new->smb_smbuserworkstations . ", " . $workstations[$i]; } break; } } while(0); $select_local = 'workstations'; break; case 'general': // Write all general values into $account_new if no profile should be loaded if (!$_POST['load']) { $account_new->general_dn = $_POST['f_general_suffix']; $account_new->general_username = $_POST['f_general_username']; $account_new->general_surname = $_POST['f_general_surname']; $account_new->general_givenname = $_POST['f_general_givenname']; $account_new->general_uidNumber = $_POST['f_general_uidNumber']; $account_new->general_group = $_POST['f_general_group']; $account_new->general_homedir = $_POST['f_general_homedir']; $account_new->general_shell = $_POST['f_general_shell']; $account_new->general_gecos = $_POST['f_general_gecos']; // Check if Homedir is valid $account_new->general_homedir = str_replace('$group', $account_new->general_group, $account_new->general_homedir); if ($account_new->general_username != '') $account_new->general_homedir = str_replace('$user', $account_new->general_username, $account_new->general_homedir); if ($account_new->general_homedir != $_POST['f_general_homedir']) $errors[] = array('INFO', _('Home directory'), _('Replaced $user or $group in homedir.')); if ( !ereg('^[/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*([/]([a-z]|[A-Z])([a-z]|[A-Z]|[0-9]|[.]|[-]|[_])*)*$', $account_new->general_homedir )) $errors[] = array('ERROR', _('Home directory'), _('Homedirectory contains invalid characters.')); // Check if givenname is valid if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $account_new->general_givenname)) $errors[] = array('ERROR', _('Given name'), _('Given name contains invalid characters')); // Check if surname is valid if ( !ereg('^([a-z]|[A-Z]|[-]|[ ]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+$', $account_new->general_surname)) $errors[] = array('ERROR', _('Surname'), _('Surname contains invalid characters')); if ( ($account_new->general_gecos=='') || ($account_new->general_gecos==' ')) { $account_new->general_gecos = $account_new->general_givenname . " " . $account_new->general_surname ; $errors[] = array('INFO', _('Gecos'), _('Inserted sur- and given name in gecos-field.')); } if ($account_new->general_group=='') $errors[] = array('ERROR', _('Primary group'), _('No primary group defined!')); // Check if Username contains only valid characters if ( !ereg('^([a-z]|[0-9]|[.]|[-]|[_])*$', $account_new->general_username)) $errors[] = array('ERROR', _('Username'), _('Username contains invalid characters. Valid characters are: a-z, 0-9 and .-_ !')); // Check if user already exists if (isset($account_new->general_groupadd) && in_array($account_new->general_group, $account_new->general_groupadd)) { for ($i=0; $igeneral_groupadd); $i++ ) if ($account_new->general_groupadd[$i] == $account_new->general_group) { unset ($account_new->general_groupadd[$i]); $account_new->general_groupadd = array_values($account_new->general_groupadd); } } // Create automatic useraccount with number if original user already exists // Reset name to original name if new name is in use if (ldapexists($account_new, $account_old) && is_object($account_old)) $account_new->general_username = $account_old->general_username; while ($temp = ldapexists($account_new, $account_old)) { // get last character of username $lastchar = substr($account_new->general_username, strlen($account_new->general_username)-1, 1); // Last character is no number if ( !ereg('^([0-9])+$', $lastchar)) $account_new->general_username = $account_new->general_username . '2'; else { $i=strlen($account_new->general_username)-1; $mark = false; while (!$mark) { if (ereg('^([0-9])+$',substr($account_new->general_username, $i, strlen($account_new->general_username)-$i))) $i--; else $mark=true; } // increase last number with one $firstchars = substr($account_new->general_username, 0, $i+1); $lastchars = substr($account_new->general_username, $i+1, strlen($account_new->general_username)-$i); $account_new->general_username = $firstchars . (intval($lastchars)+1); } } if ($account_new->general_username != $_POST['f_general_username']) $errors[] = array('WARN', _('Username'), _('Username in use. Selected next free username.')); // Check if UID is valid. If none value was entered, the next useable value will be inserted $account_new->general_uidNumber = checkid($account_new, $account_old); if (is_string($account_new->general_uidNumber)) { // true if checkid has returned an error $errors[] = array('ERROR', _('ID-Number'), $account_new->general_uidNumber); if (isset($account_old)) $account_new->general_uidNumber = $account_old->general_uidNumber; else unset($account_new->general_uidNumber); } // Check if Name-length is OK. minLength=3, maxLength=20 if ( !ereg('.{3,20}', $account_new->general_username)) $errors[] = array('ERROR', _('Name'), _('Name must contain between 3 and 20 characters.')); // Check if Name starts with letter if ( !ereg('^([a-z]|[A-Z]).*$', $account_new->general_username)) $errors[] = array('ERROR', _('Name'), _('Name contains invalid characters. First character must be a letter')); } break; case 'unix': // Write all general values into $account_new if (isset($_POST['f_unix_password'])) { // Encraypt password $iv = base64_decode($_COOKIE["IV"]); $key = base64_decode($_COOKIE["Key"]); $account_new->unix_password = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $_POST['f_unix_password'], MCRYPT_MODE_ECB, $iv)); } else $account_new->unix_password = ''; if ($_POST['f_unix_password_no']) $account_new->unix_password_no = true; else $account_new->unix_password_no = false; $account_new->unix_pwdwarn = $_POST['f_unix_pwdwarn']; $account_new->unix_pwdallowlogin = $_POST['f_unix_pwdallowlogin']; $account_new->unix_pwdmaxage = $_POST['f_unix_pwdmaxage']; $account_new->unix_pwdminage = $_POST['f_unix_pwdminage']; $account_new->unix_host = $_POST['f_unix_host']; $account_new->unix_pwdexpire = mktime(10, 0, 0, $_POST['f_unix_pwdexpire_mon'], $_POST['f_unix_pwdexpire_day'], $_POST['f_unix_pwdexpire_yea']); if ($_POST['f_unix_deactivated']) $account_new->unix_deactivated = $_POST['f_unix_deactivated']; else $account_new->unix_deactivated = false; if ($_POST['genpass']) { // Generate a random password if generate-button was pressed $iv = base64_decode($_COOKIE["IV"]); $key = base64_decode($_COOKIE["Key"]); $account_new->unix_password = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, genpasswd(), MCRYPT_MODE_ECB, $iv)); // Keep unix-page acitve $select_local = 'unix'; } // Check if values are OK and set automatic values. if not error-variable will be set else { // account.inc if ($account_new->unix_password != '') { $iv = base64_decode($_COOKIE["IV"]); $key = base64_decode($_COOKIE["Key"]); $password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($account_new->unix_password), MCRYPT_MODE_ECB, $iv); $password = str_replace(chr(00), '', $password); } if (!ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $password)) $errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !')); if ( !ereg('^([0-9])*$', $account_new->unix_pwdminage)) $errors[] = array('ERROR', _('Password minage'), _('Password minage must be are natural number.')); if ( $account_new->unix_pwdminage > $account_new->unix_pwdmaxage ) $errors[] = array('ERROR', _('Password maxage'), _('Password maxage must bigger as Password Minage.')); if ( !ereg('^([0-9]*)$', $account_new->unix_pwdmaxage)) $errors[] = array('ERROR', _('Password maxage'), _('Password maxage must be are natural number.')); if ( !ereg('^(([-][1])|([0-9]*))$', $account_new->unix_pwdallowlogin)) $errors[] = array('ERROR', _('Password Expire'), _('Password expire must be are natural number or -1.')); if ( !ereg('^([0-9]*)$', $account_new->unix_pwdwarn)) $errors[] = array('ERROR', _('Password warn'), _('Password warn must be are natural number.')); if ((!$account_new->unix_host=='') && !ereg('^([a-z]|[A-Z]|[0-9]|[.]|[-])+(([,])+([ ])*([a-z]|[A-Z]|[0-9]|[.]|[-])+)*$', $account_new->unix_host)) $errors[] = array('ERROR', _('Unix workstations'), _('Unix workstations is invalid.')); } break; case 'samba': // Write all general values into $account_new $account_new->smb_pwdcanchange = mktime($_POST['f_smb_pwdcanchange_s'], $_POST['f_smb_pwdcanchange_m'], $_POST['f_smb_pwdcanchange_h'], $_POST['f_smb_pwdcanchange_mon'], $_POST['f_smb_pwdcanchange_day'], $_POST['f_smb_pwdcanchange_yea']); $account_new->smb_pwdmustchange = mktime($_POST['f_smb_pwdmustchange_s'], $_POST['f_smb_pwdmustchange_m'], $_POST['f_smb_pwdmustchange_h'], $_POST['f_smb_pwdmustchange_mon'], $_POST['f_smb_pwdmustchange_day'], $_POST['f_smb_pwdmustchange_yea']); if ($_POST['f_smb_password_no']) $account_new->smb_password_no = true; else $account_new->smb_password_no = false; if ($_POST['f_smb_useunixpwd']) $account_new->smb_useunixpwd = true; else $account_new->smb_useunixpwd = false; $account_new->smb_homedrive = $_POST['f_smb_homedrive']; $account_new->smb_scriptPath = $_POST['f_smb_scriptpath']; $account_new->smb_smbhome = stripslashes($_POST['f_smb_smbhome']); $account_new->smb_profilePath = stripslashes($_POST['f_smb_profilePath']); $account_new->smb_displayName = $_POST['f_smb_displayName']; if ($_POST['f_smb_flagsW']) $account_new->smb_flagsW = true; else $account_new->smb_flagsW = false; if ($_POST['f_smb_flagsD']) $account_new->smb_flagsD = true; else $account_new->smb_flagsD = false; if ($_POST['f_smb_flagsX']) $account_new->smb_flagsX = true; else $account_new->smb_flagsX = false; if ($config_intern->is_samba3()) { $samba3domains = $ldap_intern->search_domains($config_intern->get_domainSuffix()); for ($i=0; $iname) { $account_new->smb_domain = $samba3domains[$i]; } } else { if (isset($_POST['f_smb_domain'])) $account_new->smb_domain = $_POST['f_smb_domain']; else $account_new->smb_domain = ''; } if ($config_intern->is_samba3()) switch ($_POST['f_smb_mapgroup']) { case '*'._('Domain Guests'): $account_new->smb_mapgroup = $account_new->smb_domain->SID . "-" . '514'; break; case '*'._('Domain Users'): $account_new->smb_mapgroup = $account_new->smb_domain->SID . "-" . '513'; break; case '*'._('Domain Admins'): $account_new->smb_mapgroup = $account_new->smb_domain->SID . "-" . '512'; break; case $account_new->general_group: $account_new->smb_mapgroup = $account_new->smb_domain->SID . "-". (2 * getgid($account_new->general_group) + $account_new->smb_domain->RIDbase +1); break; } else switch ($_POST['f_smb_mapgroup']) { case '*'._('Domain Guests'): $account_new->smb_mapgroup = '514'; break; case '*'._('Domain Users'): $account_new->smb_mapgroup = '513'; break; case '*'._('Domain Admins'): $account_new->smb_mapgroup = '512'; break; case $account_new->general_group: $account_new->smb_mapgroup = (2 * getgid($account_new->general_group) + 1001); break; } $smb_password = $_POST['f_smb_password']; // Decrypt unix-password if needed password $iv = base64_decode($_COOKIE["IV"]); $key = base64_decode($_COOKIE["Key"]); if ( ($account_new->smb_useunixpwd && !$account_old) || ($account_new->smb_useunixpwd && $account_new->unix_password!='') ) { $smb_password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($account_new->unix_password), MCRYPT_MODE_ECB, $iv); $smb_password = str_replace(chr(00), '', $smb_password); } // Check values $account_new->smb_scriptPath = str_replace('$user', $account_new->general_username, $account_new->smb_scriptPath); $account_new->smb_scriptPath = str_replace('$group', $account_new->general_group, $account_new->smb_scriptPath); if ($account_new->smb_scriptPath != $_POST['f_smb_scriptpath']) $errors[] = array('INFO', _('Script path'), _('Inserted user- or groupname in scriptpath.')); $account_new->smb_profilePath = str_replace('$user', $account_new->general_username, $account_new->smb_profilePath); $account_new->smb_profilePath = str_replace('$group', $account_new->general_group, $account_new->smb_profilePath); if ($account_new->smb_profilePath != stripslashes($_POST['f_smb_profilePath'])) $errors[] = array('INFO', _('Profile path'), _('Inserted user- or groupname in profilepath.')); $account_new->smb_smbhome = str_replace('$user', $account_new->general_username, $account_new->smb_smbhome); $account_new->smb_smbhome = str_replace('$group', $account_new->general_group, $account_new->smb_smbhome); if ($account_new->smb_smbhome != stripslashes($_POST['f_smb_smbhome'])) $errors[] = array('INFO', _('Home path'), _('Inserted user- or groupname in HomePath.')); if ( (!$account_new->smb_smbhome=='') && (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+)+$', $account_new->smb_smbhome))) $errors[] = array('ERROR', _('Home path'), _('Home path is invalid.')); if ( !ereg('^([a-z]|[A-Z]|[0-9]|[\|]|[\#]|[\*]|[\,]|[\.]|[\;]|[\:]|[\_]|[\-]|[\+]|[\!]|[\%]|[\&]|[\/]|[\?]|[\{]|[\[]|[\(]|[\)]|[\]]|[\}])*$', $smb_password)) $errors[] = array('ERROR', _('Password'), _('Password contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and #*,.;:_-+!$%&/|?{[()]}= !')); if ( (!$account_new->smb_scriptPath=='') && (!ereg('^([/])*([a-z]|[0-9]|[.]|[-]|[_]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+([a-z]|[0-9]|[.]|[-]|[_]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])*'. '([/]([a-z]|[0-9]|[.]|[-]|[_]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])+([a-z]|[0-9]|[.]|[-]|[_]|[%]|[ä]|[Ä]|[ö]|[Ö]|[ü]|[Ü]|[ß])*)*(([.][b][a][t])|([.][c][m][d]))$', $account_new->smb_scriptPath))) $errors[] = array('ERROR', _('Script path'), _('Script path is invalid!')); if ( (!$account_new->smb_profilePath=='') && (!ereg('^[/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*([/][a-z]([a-z]|[0-9]|[.]|[-]|[_]|[%])*)*$', $account_new->smb_profilePath)) && (!ereg('^[\][\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+([\]([a-z]|[A-Z]|[0-9]|[.]|[-]|[%])+)+$', $account_new->smb_profilePath))) $errors[] = array('ERROR', _('Profile path'), _('Profile path is invalid!')); if ((!$account_new->smb_domain=='') && (!is_object($account_new->smb_domain)) && !ereg('^([a-z]|[A-Z]|[0-9]|[-])+$', $account_new->smb_domain)) $errors[] = array('ERROR', _('Domain name'), _('Domain name contains invalid characters. Valid characters are: a-z, A-Z, 0-9 and -.')); if ($account_new->smb_useunixpwd) $account_new->smb_useunixpwd = 1; else $account_new->smb_useunixpwd = 0; if (($account_new->smb_displayName=='') && isset($account_new->general_gecos)) { $account_new->smb_displayName = $account_new->general_gecos; $errors[] = array('INFO', _('Display name'), _('Inserted gecos-field as display name.')); } if ($smb_password!='') { // Encrypt password $account_new->smb_password = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $smb_password, MCRYPT_MODE_ECB, $iv)); } else $account_new->smb_password = ''; break; case 'quota': // Write all general values into $account_new $i=0; while ($account_new->quota[$i][0]) { $account_new->quota[$i][2] = $_POST['f_quota_'.$i.'_2']; $account_new->quota[$i][3] = $_POST['f_quota_'.$i.'_3']; $account_new->quota[$i][6] = $_POST['f_quota_'.$i.'_6']; $account_new->quota[$i][7] = $_POST['f_quota_'.$i.'_7']; // Check if values are OK and set automatic values. if not error-variable will be set if (!ereg('^([0-9])*$', $account_new->quota[$i][2])) $errors[] = array('ERROR', _('Block soft quota'), _('Block soft quota contains invalid characters. Only natural numbers are allowed')); if (!ereg('^([0-9])*$', $account_new->quota[$i][3])) $errors[] = array('ERROR', _('Block hard quota'), _('Block hard quota contains invalid characters. Only natural numbers are allowed')); if (!ereg('^([0-9])*$', $account_new->quota[$i][6])) $errors[] = array('ERROR', _('Inode soft quota'), _('Inode soft quota contains invalid characters. Only natural numbers are allowed')); if (!ereg('^([0-9])*$', $account_new->quota[$i][7])) $errors[] = array('ERROR', _('Inode hard quota'), _('Inode hard quota contains invalid characters. Only natural numbers are allowed')); $i++; } break; case 'personal': // Write all general values into $account_new $account_new->personal_title = $_POST['f_personal_title']; $account_new->personal_mail = $_POST['f_personal_mail']; $account_new->personal_telephoneNumber = $_POST['f_personal_telephoneNumber']; $account_new->personal_mobileTelephoneNumber = $_POST['f_personal_mobileTelephoneNumber']; $account_new->personal_facsimileTelephoneNumber = $_POST['f_personal_facsimileTelephoneNumber']; $account_new->personal_street = $_POST['f_personal_street']; $account_new->personal_postalCode = $_POST['f_personal_postalCode']; $account_new->personal_postalAddress = $_POST['f_personal_postalAddress']; $account_new->personal_employeeType = $_POST['f_personal_employeeType']; // Check if values are OK and set automatic values. if not error-variable will be set if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/])*$', $account_new->personal_telephoneNumber)) $errors[] = array('ERROR', _('Telephone number'), _('Please enter a valid telephone number!')); if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/])*$', $account_new->personal_mobileTelephoneNumber)) $errors[] = array('ERROR', _('Mobile number'), _('Please enter a valid mobile number!')); if ( !ereg('^(\+)*([0-9]|[ ]|[.]|[(]|[)]|[/])*$', $account_new->personal_facsimileTelephoneNumber)) $errors[] = array('ERROR', _('Fax number'), _('Please enter a valid fax number!')); if ( !ereg('^(([0-9]|[A-Z]|[a-z]|[.]|[-]|[_])+[@]([0-9]|[A-Z]|[a-z]|[-])+([.]([0-9]|[A-Z]|[a-z]|[-])+)*)*$', $account_new->personal_mail)) $errors[] = array('ERROR', _('eMail address'), _('Please enter a valid eMail address!')); if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $account_new->personal_street)) $errors[] = array('ERROR', _('Street'), _('Please enter a valid street name!')); if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $account_new->personal_postalAddress)) $errors[] = array('ERROR', _('Postal address'), _('Please enter a valid postal address!')); if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $account_new->personal_title)) $errors[] = array('ERROR', _('Title'), _('Please enter a valid title!')); if ( !ereg('^([0-9]|[A-Z]|[a-z]|[ ]|[.]|[Ä]|[ä]|[Ö]|[ö]|[Ü]|[ü]|[ß])*$', $account_new->personal_employeeType)) $errors[] = array('ERROR', _('Employee type'), _('Please enter a valid employee type!')); if ( !ereg('^([0-9]|[A-Z]|[a-z])*$', $account_new->personal_postalCode)) $errors[] = array('ERROR', _('Postal code'), _('Please enter a valid postal code!')); break; case 'final': // Write all general values into $account_new if ($_POST['f_final_changegids']) $final_changegids = $_POST['f_final_changegids'] ; // Check which part Site should be displayed next break; case 'finish': // Check if pdf-file should be created if ($_POST['outputpdf']) { // Quota Settings if ($config_intern->scriptServer && !isset($account_new->quota[0])) { // load quotas $values = getquotas('user', $account_old->general_username); if (is_object($values)) { while (list($key, $val) = each($values)) // Set only defined values if (isset($val)) $account_new->$key = $val; } if (is_object($values) && isset($account_old)) { while (list($key, $val) = each($values)) // Set only defined values if (isset($val)) $account_old->$key = $val; } } createUserPDF(array($account_new)); die; } break; } do { // X-Or, only one if() can be true if ($_POST['next_general']) { if (!is_array($errors)) $select_local='general'; else $select_local=$_POST['select']; break; } if ($_POST['next_unix']) { if (!is_array($errors)) $select_local='unix'; else $select_local=$_POST['select']; break; } if ($_POST['next_samba']) { if (!is_array($errors)) $select_local='samba'; else $select_local=$_POST['select']; break; } if ($_POST['next_quota']) { if (!is_array($errors)) $select_local='quota'; else $select_local=$_POST['select']; break; } if ($_POST['next_personal']) { if (!is_array($errors)) $select_local='personal'; else $select_local=$_POST['select']; break; } if ($_POST['next_final']) { if (!is_array($errors)) $select_local='final'; else $select_local=$_POST['select']; break; } if ($_POST['next_workstations']) { if (!is_array($errors)) $select_local='workstations'; else $select_local=$_POST['select']; break; } if ($_POST['next_groups']) { if (!is_array($errors)) $select_local='groups'; else $select_local=$_POST['select']; break; } if ($_POST['next_reset']) { $account_new = $account_old; $account_new->unix_password=''; $account_new->smb_password=''; $account_new->smb_flagsW = 0; $account_new->general_dn = substr($account_new->general_dn, strpos($account_new->general_dn, ',')+1); $select_local = $_POST['select']; break; } if ( $_POST['create'] ) { // Create-Button was pressed // Create or modify an account if ($account_old) $result = modifyuser($account_new,$account_old); else $result = createuser($account_new); // account.inc if ( $result==1 || $result==3 ) $select_local = 'finish'; else $select_local = 'final'; break; } if ($_POST['createagain']) { $select_local='general'; unset($account_new); $account_new = loadUserProfile('default'); $account_new ->type = 'user'; break; } if ($_POST['load']) { // load profile $account_new->general_dn = $_POST['f_general_suffix']; $account_new->general_username = $_POST['f_general_username']; $account_new->general_surname = $_POST['f_general_surname']; $account_new->general_givenname = $_POST['f_general_givenname']; $account_new->general_uidNumber = $_POST['f_general_uidNumber']; $account_new->general_group = $_POST['f_general_group']; if (isset($_POST['f_general_groupadd'])) $account_new->general_groupadd = $_POST['f_general_groupadd']; else $account_new->general_groupadd = array(''); $account_new->general_homedir = $_POST['f_general_homedir']; $account_new->general_shell = $_POST['f_general_shell']; $account_new->general_gecos = $_POST['f_general_gecos']; if ($_POST['f_general_selectprofile']!='') $values = loadUserProfile($_POST['f_general_selectprofile']); if (is_object($values)) { while (list($key, $val) = each($values)) // Set only defined values if (isset($val)) $account_new->$key = $val; } // insert autoreplace values $account_new->general_homedir = str_replace('$group', $account_new->general_group, $account_new->general_homedir); if ($account_new->general_username != '') $account_new->general_homedir = str_replace('$user', $account_new->general_username, $account_new->general_homedir); $account_new->smb_scriptPath = str_replace('$group', $account_new->general_group, $account_new->smb_scriptPath); if ($account_new->general_username != '') $account_new->smb_scriptPath = str_replace('$user', $account_new->general_username, $account_new->smb_scriptPath); $account_new->smb_profilePath = str_replace('$group', $account_new->general_group, $account_new->smb_profilePath); if ($account_new->general_username != '') $account_new->smb_profilePath = str_replace('$user', $account_new->general_username, $account_new->smb_profilePath); $account_new->smb_smbhome = str_replace('$group', $account_new->general_group, $account_new->smb_smbhome); if ($account_new->general_username != '') $account_new->smb_smbhome = str_replace('$user', $account_new->general_username, $account_new->smb_smbhome); if ($config_intern->scriptServer) { // load quotas from profile and check if they are valid $values = getquotas('user', $account_old->general_username); if (isset($account_new->quota[0])) { // check quotas from profile $i=0; // check quota settings while (isset($account_new->quota[$i])) { $found = (-1); for ($j=0; $jquota); $j++) if ($values->quota[$j][0]==$account_new->quota[$i][0]) $found = $j; if ($found==-1) unset($account_new->quota[$i]); else { $account_new->quota[$i][1] = $values->quota[$found][1]; $account_new->quota[$i][5] = $values->quota[$found][5]; $account_new->quota[$i][4] = $values->quota[$found][4]; $account_new->quota[$i][8] = $values->quota[$found][8]; $i++; } } $account_new->quota = array_values($account_new->quota); } else { // No quotas saved in profile if (is_object($values)) { while (list($key, $val) = each($values)) // Set only defined values if (isset($val)) $account_new->$key = $val; } } $account_old->quota = $values->quota; } // select general page after group has been loaded $select_local='general'; break; } if ($_POST['save']) { // save profile saveUserProfile($account_new, $_POST['f_finish_safeProfile']); // select last page displayed before user is created $select_local='final'; break; } if ($_POST['backmain']) { if (isset($_SESSION['account_'.$varkey.'_account_new'])) unset($_SESSION['account_'.$varkey.'_account_new']); if (isset($_SESSION['account_'.$varkey.'_account_old'])) unset($_SESSION['account_'.$varkey.'_account_old']); if (isset($_SESSION['account_'.$varkey.'_final_changegids'])) unset($_SESSION['account_'.$varkey.'_final_changegids']); if (isset($_SESSION['account_'.$varkey.'_shelllist'])) unset($_SESSION['account_'.$varkey.'_shelllist']); metaRefresh("../lists/listusers.php"); die; break; } if (!$select_local) $select_local='general'; } while(0); // Write HTML-Header echo $header_intern; echo ""; echo _("Create new Account"); echo "\n". "\n". "\n". "\n". "\n". "
\n". "\n"; if (is_array($errors)) for ($i=0; $ismb_smbuserworkstations); $workstations = explode (',', $temp); $hosts = array_delete($workstations, $hosts); echo ''; echo "\n\n\n
"; echo "
"; echo _('Please select page:'); echo "\n"; echo "\n
"; echo "\n
"; echo "\n
"; echo "scriptPath)) echo " disabled "; echo "value=\""; echo _('Quota'); echo "\">\n
"; echo "\n
"; echo ""; if (isset($account_old)) { echo "

"; echo _("Reset all changes."); echo "
"; echo "\n"; } echo "
"; echo "\n\n
"; echo "
"; echo _("Select workstations"); echo "\n\n\n\n"; echo "\n"; echo "\n\n
"; echo "
"; echo _("Allowed workstations"); echo "\n"; if (count($workstations)!=0) { echo "\n"; } echo "
"; echo " "; echo "\">

"; echo ""._('Help')."
"; echo _('Available workstations'); echo "\n"; if (count($hosts)!=0) { echo "\n"; } echo "
\n"; echo "\n"; echo "
\n
\n"; break; case 'groups': ldapreload('group'); $temp2 = $groupDN_intern; unset($temp2[0]); foreach ($temp2 as $temp) $groups[] = $temp['cn']; sort($groups, SORT_STRING); $groups = array_delete($account_new->general_groupadd, $groups); $groups = array_flip($groups); unset ($groups[$account_new->general_group]); $groups = array_flip($groups); echo ''; echo "\n\n\n
"; echo "
"; echo _('Please select page:'); echo "\n"; echo "\n
"; echo "\n
"; echo "\n
"; echo "scriptPath)) echo " disabled "; echo "value=\""; echo _('Quota'); echo "\">\n
"; echo "\n
"; echo ""; if (isset($account_old)) { echo "

"; echo _("Reset all changes."); echo "
"; echo "\n"; } echo "
"; echo "\n\n
"; echo "
"; echo _("Additional groups"); echo "\n\n\n\n"; echo "\n"; echo "\n\n
"; echo "
"; echo _("Selected groups"); echo "\n"; if (count($account_new->general_groupadd)!=0) { echo "\n"; } echo "
"; echo " "; echo "\">

"; echo ""._('Help')."
"; echo _('Available groups'); echo "\n"; if (count($groups)!=0) { echo "\n"; } echo "
\n"; echo "\n"; echo "
\n
\n"; break; case 'general': // General Account Settings // load list of all groups $groups = findgroups(); $profilelist = getUserProfiles(); // Show page info // Show page info echo ''; echo "\n\n
"; echo "
"; echo _('Please select page:'); echo "\n"; echo "\n
"; echo "\n
"; echo "\n
"; echo "scriptPath)) echo " disabled "; echo "value=\""; echo _('Quota'); echo "\">\n
"; echo "\n
"; echo ""; if (isset($account_old)) { echo "

"; echo _("Reset all changes."); echo "
"; echo "\n"; } echo "
"; echo "\n\n\n
"; echo "
"; echo _("General properties"); echo "\n\n\n\n'."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".'\n\n
"; echo _('Username').'*'; echo "". ''. ''. ''._('Help').''. '
'; echo _('UID number'); echo ''. ''. ''. ''._('Help').''. '
'; echo _('Given name').'*'; echo ''. ''. ''. ''._('Help').''. '
'; echo _('Surname').'*'; echo ''. ''. ''. ''._('Help').''. '
'; echo _('Primary group').'*'; echo ''. ''._('Help').''. '
'; echo _('Additional groups'); echo ''. ''. ''._('Help').''. '
'; echo _('Home directory').'*'; echo ''. ''. ''._('Help').''. '
'; echo _('Gecos'); echo ''. ''. ''._('Help').''. '
'; echo _('Login shell').'*'; echo ''. ''._('Help').''. '
'; echo _('Suffix'); echo ''._('Help'). "
"; echo _('Values with * are required'); echo "
\n
"; if (count($profilelist)!=0) { echo "
"; echo _("Load profile"); echo "\n\n\n\n\n
"; echo "\n". ""; echo _('Help')."
\n
\n"; } echo "
\n
\n"; break; case 'unix': // Unix Password Settings // decrypt password if ($account_new->unix_password != '') { $iv = base64_decode($_COOKIE["IV"]); $key = base64_decode($_COOKIE["Key"]); $password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($account_new->unix_password), MCRYPT_MODE_ECB, $iv); $password = str_replace(chr(00), '', $password); } else $password=''; $date = getdate ($account_new->unix_pwdexpire); echo "\n"; echo "\n\n\n
"; echo "
"; echo _('Please select page:'); echo "\n"; echo "\n
"; echo "\n
"; echo "\n
"; echo "scriptPath)) echo " disabled "; echo "value=\""; echo _('Quota'); echo "\">\n
"; echo "\n
"; echo ""; if (isset($account_old)) { echo "

"; echo _("Reset all changes."); echo "
"; echo "\n"; } echo "
"; echo "
"._('Unix properties')."\n"; echo "'."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".'\n\n
"; echo _('Password'); echo ''. ''. ''. '
'; echo _('Use no password'); echo 'unix_password_no) echo ' checked '; echo '>'. ''._('Help').''. '
'; echo _('Password warn'); echo ''. ''. ''._('Help').''. '
'; echo _('Password expire'); echo ''. ''. ''._('Help').''. '
'; echo _('Maximum password age'); echo ''. ''. ''._('Help').''. '
'; echo _('Minimum password age'); echo ''. ''. ''._('Help').''. '
'; echo _('Expire date'); echo ''. ''._('Help').''. '
'; echo _('Account deactivated'); echo 'unix_deactivated) echo ' checked '; echo '>'. ''._('Help').''. '
'; echo _('Unix workstations'); echo ''. ''. ''._('Help'). "
"; echo _('Values with * are required'); echo "
\n
\n"; break; case 'samba': // Samba Settings // decrypt password if ($account_new->smb_password != '') { $iv = base64_decode($_COOKIE["IV"]); $key = base64_decode($_COOKIE["Key"]); $password = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($account_new->smb_password), MCRYPT_MODE_ECB, $iv); $password = str_replace(chr(00), '', $password); } else $password = ""; if ($config_intern->is_samba3()) $samba3domains = $ldap_intern->search_domains($config_intern->get_domainSuffix()); $canchangedate = getdate($account_new->smb_pwdcanchange); $mustchangedate = getdate($account_new->smb_pwdmustchange); echo ''; echo ''. ''. ''. ''. ''. ''; echo "\n\n\n
"; echo "
"; echo _('Please select page:'); echo "\n"; echo "\n
"; echo "\n
"; echo "\n
"; echo "scriptPath)) echo " disabled "; echo "value=\""; echo _('Quota'); echo "\">\n
"; echo "\n
"; echo ""; if (isset($account_old)) { echo "

"; echo _("Reset all changes."); echo "
"; echo "\n"; } echo "
"; echo "\n\n
"; echo "
"; echo _("Samba properties"); echo "\n\n\n\n\n\n\n\n'."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n"; echo "
"; echo _("Display name"); echo "". "smb_displayName."\">". ""._('Help')."
"; echo _('Samba password'); echo ''. '
'; echo _('Use unix password'); echo 'smb_useunixpwd) echo ' checked '; echo '>'. ''._('Help').''; echo '
'; echo _('Use no password'); echo 'smb_password_no) echo ' checked '; echo '>'. ''._('Help').''. '
'; echo _('Password does not expire'); echo 'smb_flagsX) echo ' checked '; echo '>'. ''._('Help').''. '
'; echo _('User can change password'); echo ''; echo ''._('Help').''. '
'; echo _('User must change password'); echo ''; echo ''._('Help').''. '
'; echo _('Account is deactivated'); echo 'smb_flagsD) echo ' checked '; echo '>'. ''._('Help').''. '
'; echo _('Home drive'); echo ''. ''._('Help').''. '
'; echo _('Home path'); echo ''. ''. ''._('Help').''. '
'; echo _('Profile path'); echo ''. ''. ''._('Help').''. '
'; echo _('Script path'); echo ''. ''. ''._('Help').''. '
'; echo _('Samba workstations'); echo ''. ''. ''._('Help').''. '
'; echo _('Windows groupname'); echo ''. ''._('Help').''. '
'; echo _('Domain'); if ($config_intern->is_samba3()) { echo ''; } else { echo ''; } echo ''._('Help').'
\n
\n
\n"; break; case 'quota': // Quota Settings if ($config_intern->scriptServer && !isset($account_new->quota[0])) { // load quotas $values = getquotas('user', $account_old->general_username); if (is_object($values)) { while (list($key, $val) = each($values)) // Set only defined values if (isset($val)) $account_new->$key = $val; } if (is_object($values) && isset($account_old)) { while (list($key, $val) = each($values)) // Set only defined values if (isset($val)) $account_old->$key = $val; } } echo "\n"; echo "\n\n\n
"; echo "
"; echo _('Please select page:'); echo "\n"; echo "\n
"; echo "\n
"; echo "\n
"; echo "\n
"; echo "\n
"; echo ""; if (isset($account_old)) { echo "

"; echo _("Reset all changes."); echo "
"; echo "\n"; } echo "
"; echo "
"._('Quota properties')."\n"; echo "'."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n"; echo ''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n"; $i=0; while ($account_new->quota[$i][0]) { echo ''; // used blocks echo ''; // blocks soft limit echo ''; // blocks hard limit echo ''; // block grace period echo ''; // used inodes echo ''; // inodes soft limit echo ''; // inodes hard limit echo ''; // inodes grace period $i++; } echo "
"; echo _('Mountpoint'); echo ''; echo _('Used blocks'); echo ''; echo _('Soft block limit'); echo ''; echo _('Hard block limit'); echo ''; echo _('Grace block period'); echo ''; echo _('Used inodes'); echo ''; echo _('Soft inode limit'); echo ''; echo _('Hard inode limit'); echo ''; echo _('Grace inode period'); echo '
'._('Help').''._('Help').''. ''._('Help').''._('Help').''. ''._('Help').''._('Help').''. ''._('Help').''._('Help').''. ''._('Help').'
'.$account_new->quota[$i][0].''.$account_new->quota[$i][1].''.$account_new->quota[$i][4].''.$account_new->quota[$i][5].''.$account_new->quota[$i][8].'
\n
\n
\n"; break; case 'personal': // Personal Settings echo "\n"; echo "\n\n\n
"; echo "
"; echo _('Please select page:'); echo "\n"; echo "\n
"; echo "\n
"; echo "\n
"; echo "scriptPath)) echo " disabled "; echo "value=\""; echo _('Quota'); echo "\">\n
"; echo "\n
"; echo ""; if (isset($account_old)) { echo "

"; echo _("Reset all changes."); echo "
"; echo "\n"; } echo "
"; echo "
"._('Personal properties')."\n"; echo "'."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n".''."\n"; echo "
"; echo _('Title'); echo ''. ' '; echo $account_new->general_surname . ' ' . $account_new->general_givenname . ''. ''._('Help').''. '
'; echo _('Employee type'); echo ''. ''. ''. ''._('Help').''. '
'; echo _('Street'); echo ''. ''. ''. ''._('Help').''. '
'; echo _('Postal code'); echo ''. ''. ''. ''._('Help').''. '
'; echo _('Postal address'); echo ''. ''. ''. ''._('Help').''. '
'; echo _('Telephone number'); echo ''. ''. ''. ''._('Help').''. '
'; echo _('Mobile number'); echo ''. ''. ''. ''._('Help').''. '
'; echo _('Fax number'); echo ''. ''. ''. ''._('Help').''. '
'; echo _('eMail address'); echo ''. ''. ''. ''._('Help').'
\n
\n
\n"; break; case 'final': // Final Settings $disabled = ""; if ($config_intern->is_samba3()) { if (!isset($account_new->smb_domain)) { // Samba page nit viewd; can not create group because if missing options $disabled = "disabled"; } } echo ''; echo "\n\n
"; echo "
"; echo _('Please select page:'); echo "\n"; echo "\n
"; echo "\n
"; echo "\n
"; echo "scriptPath)) echo " disabled "; echo "value=\""; echo _('Quota'); echo "\">\n
"; echo "\n
"; echo ""; if (isset($account_old)) { echo "

"; echo _("Reset all changes."); echo "
"; echo "\n"; } echo "
"; echo "\n\n
"; echo "\n
"; echo _("Save profile"); echo "\n\n\n\n\n
"; echo ''; echo "'._('Help'); echo "
\n
\n
\n"; echo "
"; if ($account_old) echo _('Modify'); else echo _('Create'); echo "\n"; echo ""; if (($account_old) && ($account_new->general_uidNumber != $account_old->general_uidNumber)) { echo ''; StatusMessage ('INFO', _('UID-number has changed. You have to run the following command as root in order to change existing file-permissions:'), 'find / -gid ' . $account_old->general_uidNumber . ' -exec chown ' . $account_new->general_uidNumber . ' {} \;'); echo ''."\n"; } if (($account_old) && ($account_new->general_group != $account_old->general_group)) { echo ''; StatusMessage ('INFO', _('Primary group has changed. You have to run the following command as root in order to change existing file-permissions:'), 'find / -uid ' . $account_new->general_uidNumber . ' -gid ' . getgid($account_old->general_group) .' -exec chown ' . $account_new->general_uidNumber . ':'.getgid($account_new->general_group). ' {} \;'); echo ''."\n"; } if (($account_old) && ($account_new->general_homedir != $account_old->general_homedir)) { echo ''; StatusMessage ('INFO', _('Home Directory has changed. You have to run the following command as root in order to change the existing homedirectory:'), 'mv ' . $account_old->general_homedir . ' ' . $account_new->general_homedir); echo ''."\n"; } if ($disabled=='disabled') { // Samba page nit viewd; can not create group because if missing options echo ""; StatusMessage("ERROR", _("Samba Options not set!"), _("Please check settings on samba page.")); echo ""; } else { $found = false; if (strstr($account_new->smb_scriptPath, '$group')) $found = true; if (strstr($account_new->smb_scriptPath, '$user')) $found = true; if (strstr($account_new->smb_profilePath, '$group')) $found = true; if (strstr($account_new->smb_profilePath, '$user')) $found = true; if (strstr($account_new->smb_smbhome, '$group')) $found = true; if (strstr($account_new->smb_smbhome, '$user')) $found = true; if ($found) { // Samba page nit viewd; can not create group because if missing options $disabled = "disabled"; echo ""; StatusMessage("ERROR", _("Samba Options not set!"), _("Please check settings on samba page.")); echo ""; } } if (isset($account_old->general_objectClass)) { if (!in_array('posixAccount', $account_old->general_objectClass)) { echo ''; StatusMessage('WARN', _('ObjectClass posixAccount not found.'), _('Have to add objectClass posixAccount.')); echo "\n"; } if (!in_array('shadowAccount', $account_old->general_objectClass)) { echo ''; StatusMessage('WARN', _('ObjectClass shadowAccount.'), _('Have to add objectClass shadowAccount.')); echo "\n"; } if ($config_intern->is_samba3()) { if (!in_array('sambaSamAccount', $account_old->general_objectClass)) { echo ''; StatusMessage('WARN', _('ObjectClass sambaSamAccount not found.'), _('Have to add objectClass sambaSamAccount. USer with sambaAccount will be updated.')); echo "\n"; }} else if (!in_array('sambaAccount', $account_old->general_objectClass)) { echo ''; StatusMessage('WARN', _('ObjectClass sambaAccount not found.'), _('Have to add objectClass sambaAccount. User with sambaSamAccount will be set back to sambaAccount.')); echo "\n"; } } echo "
'."\n"; echo "
\n
\n
"; break; case 'finish': // Final Settings echo ''; echo "
"._('Success')."\n"; echo "'."\n".''."\n".''."\n".'
"; echo '
'; echo _('User '); echo $account_new->general_username; if ($account_old) echo ' '._('has been modified').'.'; else echo ' '._('has been created').'.'; echo '
'; if (!$account_old) { echo ''; } echo ''. ''. ''. ''. '
'; ?>