checkPassword($_SESSION["mainconf_password"]))) { require('mainlogin.php'); exit(); } if (isset($_POST['cancel'])) { // back to login metaRefresh('../login.php'); exit(); } $errors = array(); // check if submit button was pressed if (isset($_POST['submit'])) { // remove double slashes if magic quotes are on if (get_magic_quotes_gpc() == 1) { $postKeys = array_keys($_POST); for ($i = 0; $i < sizeof($postKeys); $i++) { if (is_string($_POST[$postKeys[$i]])) $_POST[$postKeys[$i]] = stripslashes($_POST[$postKeys[$i]]); } } // set master password if (isset($_POST['masterpassword']) && ($_POST['masterpassword'] != "")) { if ($_POST['masterpassword'] && $_POST['masterpassword2'] && ($_POST['masterpassword'] == $_POST['masterpassword2'])) { $cfg->setPassword($_POST['masterpassword']); $msg = _("New master password set successfully."); unset($_SESSION["mainconf_password"]); } else $errors[] = _("Master passwords are different or empty!"); } // set session timeout $cfg->sessionTimeout = $_POST['sessionTimeout']; // set allowed hosts if (isset($_POST['allowedHosts'])) { $allowedHosts = $_POST['allowedHosts']; $allowedHostsList = explode("\n", $allowedHosts); for ($i = 0; $i < sizeof($allowedHostsList); $i++) { $allowedHostsList[$i] = trim($allowedHostsList[$i]); // ignore empty lines if ($allowedHostsList[$i] == "") { unset($allowedHostsList[$i]); continue; } // check each line $ipRegex = '/^[0-9a-f\\.:\\*]+$/i'; if (!preg_match($ipRegex, $allowedHostsList[$i]) || (strlen($allowedHostsList[$i]) > 15)) { $errors[] = sprintf(_("The IP address %s is invalid!"), htmlspecialchars(str_replace('%', '%%', $allowedHostsList[$i]))); } } $allowedHosts = implode(",", $allowedHostsList); } else $allowedHosts = ""; $cfg->allowedHosts = $allowedHosts; // set log level $cfg->logLevel = $_POST['logLevel']; // set log destination if ($_POST['logDestination'] == "none") $cfg->logDestination = "NONE"; elseif ($_POST['logDestination'] == "syslog") $cfg->logDestination = "SYSLOG"; else { if (isset($_POST['logFile']) && ($_POST['logFile'] != "") && preg_match("/^[a-z0-9\\/\\\\:\\._-]+$/i", $_POST['logFile'])) { $cfg->logDestination = $_POST['logFile']; } else $errors[] = _("The log file is empty or contains invalid characters! Valid characters are: a-z, A-Z, 0-9, /, \\, ., :, _ and -."); } // password policies $cfg->passwordMinLength = $_POST['passwordMinLength']; $cfg->passwordMinLower = $_POST['passwordMinLower']; $cfg->passwordMinUpper = $_POST['passwordMinUpper']; $cfg->passwordMinNumeric = $_POST['passwordMinNumeric']; $cfg->passwordMinSymbol = $_POST['passwordMinSymbol']; $cfg->passwordMinClasses = $_POST['passwordMinClasses']; // save settings $cfg->save(); if (sizeof($errors) == 0) { metaRefresh('../login.php?confMainSavedOk=1'); exit(); } } echo $_SESSION['header']; ?>
LDAP Account Manager |