1 <?php
3 function minimum_version($vercheck)
4 {
5 $minver = (int)str_replace('.', '', $vercheck);
6 $curver = (int)str_replace('.', '', phpversion());
8 if($curver >= $minver){
9 return (true);
10 }
12 return (false);
13 }
16 function check_schema_version($description, $version)
17 {
18 $desc= preg_replace("/^.* DESC\s+\(*\s*'([^']+)'\s*\)*.*$/", '\\1', $description);
20 return preg_match("/\(v$version\)/", $desc);
21 }
23 function view_schema_check($table)
24 {
25 $message="<table class=\"check\">";
26 foreach ($table as $key => $msg){
27 $message.= "<tr><td class=\"check\">$msg";
28 if(strstr($msg,"enabled")) {
29 $message.="</td><td style='text-align:center' ><img src=images/true.png alt='true' /></td></tr>";
30 }
31 else
32 {
33 $message.="</td><td style='text-align:center' ><img src=images/button_cancel.png alt='false' /></td></tr>";}
34 }
35 $message.="</table>";
36 return $message;
37 }
39 function schema_check($server, $admin, $password,$aff=0)
40 {
41 global $config;
44 $messages= array();
45 $required_classes= array(
46 "gosaObject" => array("version" => "2.4"),
47 "gosaAccount" => array("version" => "2.4"),
48 "gosaLockEntry" => array("version" => "2.4"),
49 "gosaCacheEntry" => array("version" => "2.4"),
50 "gosaDepartment" => array("version" => "2.4"),
52 "goFaxAccount" => array("version" => "1.0.4", "class" => "gofaxAccount","file" => "gofax.schema"),
53 "goFaxSBlock" => array("version" => "1.0.4", "class" => "gofaxAccount","file" => "gofax.schema"),
54 "goFaxRBlock" => array("version" => "1.0.4", "class" => "gofaxAccount","file" => "gofax.schema"),
56 "gosaUserTemplate" => array("version" => "2.4", "class" => "posixAccount","file" => "nis.schema"),
57 "gosaMailAccount" => array("version" => "2.4", "class" => "mailAccount","file" => "gosa+samba3.schema"),
58 "gosaProxyAccount" => array("version" => "2.4", "class" => "proxyAccount","file" => "gosa+samba3.schema"),
59 "gosaApplication" => array("version" => "2.4", "class" => "appgroup","file" => "gosa.schema"),
60 "gosaApplicationGroup" => array("version" => "2.4", "class" => "appgroup","file" => "gosa.schema"),
62 "GOhard" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
63 "gotoTerminal" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
64 "goServer" => array("version" => "2.4","class" => "server","file" => "goserver.schema"),
65 "goTerminalServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
66 "goNfsServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
67 "goNtpServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
68 "goSyslogServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
69 "goLdapServer" => array("version" => "2.4"),
70 "goCupsServer" => array("version" => "2.4", "class" => array("posixAccount", "terminals"),),
71 "goImapServer" => array("version" => "2.4", "class" => array("mailAccount", "mailgroup"),"file" => "gosa+samba3.schema"),
72 "goKrbServer" => array("version" => "2.4"),
73 "goFaxServer" => array("version" => "2.4", "class" => "gofaxAccount","file" => "gofax.schema"),
75 );
77 /* Build LDAP connection */
78 $ds= ldap_connect ($server);
79 if (!$ds) {
80 return (array(_("Can't bind to LDAP. No schema check possible!")));
81 }
82 ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
83 $r= ldap_bind ($ds, $admin, $password);
85 /* Get base to look for schema */
86 $sr = @ldap_read ($ds, "", "objectClass=*", array("subschemaSubentry"));
87 $attr= @ldap_get_entries($ds,$sr);
88 if (!isset($attr[0]['subschemasubentry'][0])){
89 return (array(_("Can't get schema information from server. No schema check possible!")));
90 }
92 /* Get list of objectclasses */
93 $nb= $attr[0]['subschemasubentry'][0];
94 $objectclasses= array();
95 $sr= ldap_read ($ds, $nb, "objectClass=*", array("objectclasses"));
96 $attrs= ldap_get_entries($ds,$sr);
97 if (!isset($attrs[0])){
98 return (array(_("Can't get schema information from server. No schema check possible!")));
99 }
100 foreach ($attrs[0]['objectclasses'] as $val){
101 $name= preg_replace("/^.* NAME\s+\(*\s*'([^']+)'\s*\)*.*$/", '\\1', $val);
102 if ($name != $val){
103 $objectclasses[$name]= $val;
104 }
105 }
106 /* Walk through objectclasses and check if they are needed or not */
107 foreach ($required_classes as $key => $value){
108 if (isset($value['class'])){
109 if (!is_array($value['class'])){
110 $classes= array($value['class']);
111 } else {
112 $classes= $value['class'];
113 }
115 /* Check if we are using the class that requires */
116 foreach($classes as $class){
117 if (!isset($objectclasses[$key])){
118 $messages[$key]= sprintf(_("Optional objectclass '%s' required by plugin '%s' is not present in LDAP setup"), $key, $class);
119 } else {
120 if (!check_schema_version($objectclasses[$key], $value['version'])){
121 $messages[$key]= sprintf(_("Optional objectclass '%s' required by plugin '%s' does not have version %s"), $key, $class, $value['version']);
122 }else {
123 if(!isset($affich2[$class])){
124 $affich2[$class]="Support for <b>$class</b> enabled <td class=\"check\"> ".$value['file']."</td>";
125 }
126 }
127 }
129 }
130 } else {
131 /* Required class */
132 if (!isset($objectclasses[$key])){
133 $messages[$key]= sprintf(_("Required objectclass '%s' is not present in LDAP setup"), $key);
134 } else {
135 if (!check_schema_version($objectclasses[$key], $value['version'])){
136 $messages[$key]= sprintf(_("Required objectclass '%s' does not have version %s"), $key, $value['version']);
137 }
138 }
139 }
140 }
142 /* Check for correct samba parameters */
143 if (!isset($objectclasses['sambaSamAccount'])){
144 $messages['samba3']= _("SAMBA 3 support disabled, no schema seems to be installed");
145 $affich['samba3']= $messages['samba3']."<td class=\"check\">gosa+samba3.schema</td>";
146 }else{
147 $affich['samba3']=_("SAMBA 3 support enabled")."<td class=\"check\">gosa+samba3.schema</td>";
148 }
150 if (!isset($objectclasses['sambaAccount'])){
151 $messages['samba2']= _("SAMBA 2 support disabled, no schema seems to be installed");
152 $affich['samba2']=$messages['samba2']."<td class=\"check\">samba.schema</td>";
153 }else{
154 $affich['samba2']=_("SAMBA 2 support enabled")."<td class=\"check\">samba.schema</td>";
155 }
157 /* Check pureftp/dns/ */
158 if (!isset($objectclasses['PureFTPdUser'])){
159 $messages['pureftp']= _("Support for pureftp disabled, no schema seems to be installed");
160 $affich['pureftp']= $messages['pureftp']."<td class=\"check\">pureftpd.schema</td>";
161 }else{
162 $affich['pureftp']=_("Support for pureftp enabled")."<td class=\"check\">pureftpd.schema</td>";
163 }
165 if (!isset($objectclasses['gosaWebdavAccount'])){
166 $messages['webdav']= _("Support for WebDAV disabled, no schema seems to be installed");
167 $affich['webdav']=$messages['webdav']."<td class=\"check\"></td>";
168 }else{
169 $affich['webdav']=_("Support for WebDAV enabled")."<td class=\"check\">gosa+samba3.schema</td>";
170 }
172 if (!isset($objectclasses['phpgwAccount'])){
173 $messages['phpgroupware']= _("Support for phpgroupware disabled, no schema seems to be installed");
174 $affich['phpgroupware']=$messages['phpgroupware']."<td class=\"check\">phpgwaccount.schema</td>";
175 }else{
176 $affich['phpgroupware']=_("Support for phpgroupware enabled")."<td class=\"check\">phpgwaccount.schema</td>";
177 }
179 if (!isset($objectclasses['goFonAccount'])){
180 $messages['phoneaccount']= _("Support for gofon disabled, no schema seems to be installed");
181 $affich['phoneaccount']=$messages['phoneaccount']."<td class=\"check\">gofon.schema</td>";
182 }else{
183 $affich['phoneaccount']=_("Support for gofon enabled")."<td class=\"check\">gofon.schema</td>";
184 }
187 if(($_SESSION['ldapconf']['mail_methods'][$_SESSION['ldapconf']['mail']] == "kolab"))
188 if(!isset($objectclasses['kolabInetOrgPerson']))
189 {
190 $messages['kolab']= _("Support for Kolab disabled, no schema seems to be installed, setting mail-method to cyrus");
191 $tmp = array_flip($_SESSION['ldapconf']['mail_methods']);
192 $_SESSION['ldapconf']['mail']=$tmp['cyrus'];
193 $affich['kolab']=$messages['kolab']."<td class=\"check\">kolab2.schema</td>";
194 }else{
195 $affich['kolab']=_("Support for Kolab enabled")."<td class=\"check\">gofon.schema</td>";
196 }
199 if($aff==0)return ($messages);
200 else return(array_merge($affich,$affich2));
203 }
207 function check(&$faults, $message, $description, $test, $required= TRUE)
208 {
209 $msg= "<table class='check'><tr><td class='check' style='font-size:14px;'>$message</td><td rowspan=2 style='vertical-align:middle; text-align:center;width:45px;'>";
210 if ($test){
211 $msg.= _("OK")."<br>";
212 } else {
213 if (!$required){
214 $msg.="<font color=red>"._("Ignored")."</font><br>";
215 } else {
216 $msg.="<font color=red>"._("Failed")."</font><br>";
217 $faults++;
218 }
219 }
220 $msg.= "</td></tr><tr><td class='check' style='padding-left:20px;background-color:#F0F0F0;'>$description</td></tr></table><br>";
222 return $msg;
223 }
225 function perform_php_checks(&$faults)
226 {
227 global $check_globals;
229 $faults= 0;
230 $msg= "";
232 $msg.= "<h1>"._("PHP setup inspection")."</h1>";
233 $msg.= check ( $faults, _("Checking for PHP version (>=4.1.0)"),
234 _("PHP must be of version 4.1.0 or above for some functions and known bugs in PHP language."),
235 minimum_version('4.1.0'));
237 $msg.= check ( $faults, _("Checking if register_globals is set to 'off'"),
238 _("register_globals is a PHP mechanism to register all global varibales to be accessible from scripts without changing the scope. This may be a security risk. GOsa will run in both modes."),
239 $check_globals == 0, FALSE);
241 $msg.= check ( $faults, _("Checking for ldap module"),
242 _("This is the main module used by GOsa and therefore really required."),
243 function_exists('ldap_bind'));
245 $msg.= check ( $faults, _("Checking for gettext support"),
246 _("Gettext support is required for internationalized GOsa."), function_exists('bindtextdomain'));
248 $msg.= check ( $faults, _("Checking for iconv support"),
249 _("This module is used by GOsa to convert samba munged dial informations and is therefore required."),
250 function_exists('iconv'));
252 $msg.= check ( $faults, _("Checking for mhash module"),
253 _("To use SSHA encryption, you'll need this module. If you are just using crypt or md5 encryption, ignore this message. GOsa will run without it."),
254 function_exists('mhash'), FALSE);
256 $msg.= check ( $faults, _("Checking for imap module"),
257 _("The IMAP module is needed to communicate with the IMAP server. It gets status informations, creates and deletes mail users."),
258 function_exists('imap_open'));
259 $msg.= check ( $faults, _("Checking for getacl in imap"),
260 _("The getacl support is needed for shared folder permissions. The standard IMAP module is not capable of reading acl's. You need a recend PHP version for this feature."),
261 function_exists('imap_getacl'), FALSE);
262 $msg.= check ( $faults, _("Checking for mysql module"),
263 _("MySQL support is needed for reading GOfax reports from databases."),
264 function_exists('mysql_query'), FALSE);
265 $msg.= check ( $faults, _("Checking for cups module"),
266 _("In order to read available printers from IPP protocol instead of printcap files, you've to install the CUPS module."),
267 function_exists('cups_get_dest_list'), FALSE);
268 $msg.= check ( $faults, _("Checking for kadm5 module"),
269 _("Managing users in kerberos requires the kadm5 module which is downloadable via PEAR network."),
270 function_exists('kadm5_init_with_password'), FALSE);
271 return ($msg);
272 }
275 function perform_additional_checks(&$faults)
276 {
277 # Programm check
278 $msg= "<h1>"._("Checking for some additional programms")."</h1>";
280 # Image Magick
281 $query= "LC_ALL=C LANG=C convert -help";
282 $output= shell_exec ($query);
283 if ($output != ""){
284 $lines= split ("\n", $output);
285 $version= preg_replace ("/^Version:[^I]+ImageMagick ([^\s]+).*/", "\\1", $lines[0]);
286 list($major, $minor)= split("\.", $version);
287 $msg.= check ( $faults, _("Checking for ImageMagick (>=5.4.0)"),
288 _("ImageMagick is used to convert user supplied images to fit the suggested size and the unified JPEG format."),
289 ($major > 5 || ($major == 5 && $minor >= 4)));
290 } else {
291 $msg.= check ( $faults, _("Checking imagick module for PHP"),
292 _("Imagick is used to convert user supplied images to fit the suggested size and the unified JPEG format from PHP script."), function_exists('imagick_blob2image'), TRUE);
293 }
295 # Check for fping
296 $query= "LC_ALL=C LANG=C fping -v 2>&1";
297 $output= shell_exec ($query);
298 $have_fping= preg_match("/^fping:/", $output);
299 $msg.= check ( $faults, _("Checking for fping utility"),
300 _("The fping utility is only used if you've got a thin client based terminal environment running."),
301 $have_fping, FALSE);
303 # Check for smb hash generation tool
304 $query= "mkntpwd 2>&1";
305 $output= shell_exec ($query);
306 $have_mkntpwd= preg_match("/^Usage: mkntpwd /", $output);
307 $alt = 0;
309 if (!$have_mkntpwd){
310 $query= "LC_ALL=C LANG=C perl -MCrypt::SmbHash -e 'ntlmgen \"PASSWD\", \$lm, \$nt; print \"\${lm}:\${nt}\\n\";' &>/dev/null";
311 system ($query, $ret);
312 $alt= ($ret == 0);
313 }
315 $msg.= check ( $faults, _("Checking for a way to generate LM/NT password hashes"),
316 _("In order to use SAMBA 2/3, you've to install some additional packages to generate password hashes."),
317 ($have_mkntpwd || $alt));
318 # checking for some PHP.ini Options
320 /* seesio.auto_start should be off, in order to without trouble*/
322 $arra = ini_get_all();
324 /* This array contains folling info now :
325 global_value 0
326 local_value 0
327 access 7
329 -->Access types
330 PHP_INI_USER 1 Entry can be set in user scripts
331 PHP_INI_PERDIR 2 Entry can be set in php.ini, .htaccess or httpd.conf
332 PHP_INI_SYSTEM 4 Entry can be set in php.ini or httpd.conf
333 PHP_INI_ALL 7 Entry can be set anywhere
335 */
337 $session_auto_start = ($arra['session.auto_start']);
338 $implicit_flush = ($arra['implicit_flush']);
339 $max_execution_time = ($arra['max_execution_time']);
340 $memory_limit = ($arra['memory_limit']);
341 $expose_php = ($arra['expose_php']);
342 $magic_quotes_gpc = ($arra['magic_quotes_gpc']);
343 $register_globals = ($arra['register_globals']);
346 // auto_register
347 $msg.= check ( $faults, _("PHP.ini check -> session.auto_register"),
348 _("In Order to use GOsa without any trouble, the session.auto_register option in your php.ini musst be 'Off'."),
349 (!$session_auto_start['local_value']));
353 //implicit_flush
354 $msg.= check ( $faults, _("PHP.ini check -> implicit_flush"),
355 _("This Option defines the Ouput handling, turn this Option off, to increase performance."),
356 !$implicit_flush['local_value'],0,false);
358 //max_execution_time
359 if($max_execution_time['local_value'] < 30 )
360 $max_execution_time['local_value']=false;
361 $msg.= check ( $faults, _("PHP.ini check -> max_execution_time"),
362 _("The Execution time, should be 30 seconds minimun, cause some actions will need huge ammount of time ."),
363 $max_execution_time['local_value'],0,false);
365 //memory_limit
366 if($memory_limit['local_value'] < 8 )
367 $memory_limit['local_value']=false;
368 $msg.= check ( $faults, _("PHP.ini check -> memory_limit"),
369 _("GOsa need at least 8M of memory, less will cause unpredictable errors, sometimes without error message!. Best would be 32 M here."),
370 !$implicit_flush['local_value'],0,false);
372 //expose_php
373 $msg.= check ( $faults, _("PHP.ini check -> expose_php"),
374 _("PHP won't send any Information about the Server you are running, should be a security fact."),
375 !$implicit_flush['local_value'],0,false);
377 //magic_quotes_gpc
378 $msg.= check ( $faults, _("PHP.ini check -> magic_quotes_gpc"),
379 _("Security option, php will escape all quotes in strings ."),
380 $magic_quotes_gpc['local_value'],0,false);
382 return $msg;
383 }
387 //! Added by Hickert
388 //
389 // Parse /contrib/gosa.conf to set user defined values
390 //This function may create the ldap.conf
391 // Lets try
392 function parse_contrib_conf()
393 {
394 /* First gather all needed informations */
398 /* Variables */
399 $str = "";
400 $used_samba_version = 0;
401 $query = "";
402 $fp = false;
403 $output = "";
404 $needridbase_sid = false;
405 $pwdhash = "";
406 $replacements = array();
407 $ldapconf = $_SESSION['ldapconf']; // The Installation information
408 $classes = $_SESSION['classes']; // Class information needed to define which features are enabled
409 $possible_plugins = array();
411 if(isset($classes['samba3'])) // means Samba 3 is disabled
412 $used_samba_version = 2;
413 else
414 $used_samba_version = 3;
417 if(file_exists("/usr/lib/gosa/mkntpasswd")) {
418 $pwdhash = "/usr/lib/gosa/mkntpasswd";
419 }
420 elseif (preg_match("/^Usage: mkntpwd /", shell_exec ("mkntpwd 2>&1"))) {
421 $pwdhash= "mkntpwd";
422 } else {
423 $pwdhash=addslashes(' perl -MCrypt::SmbHash -e "ntlmgen \"\$ARGV[0]\", \$lm, \$nt; print \"\${lm}:\${nt}\n\";" $1');
424 // $pwdhash= 'perl -MCrypt::SmbHash -e \"ntlmgen \\"\\$ARGV[0]\\", \\$lm, \\$nt; print \\"\\${lm}:\\${nt}\\\";\"';
425 }
428 // Define which variables will be replaced
429 $replacements['{LOCATIONNAME}'] = $ldapconf['location'];
430 $replacements['{SAMBAVERSION}'] = $used_samba_version;
431 $replacements['{LDAPBASE}'] = $ldapconf['base'];
432 $replacements['{LDAPADMIN}'] = $ldapconf['admin'];
433 $replacements['{DNMODE}'] = $ldapconf['peopledn'];
434 $replacements['{LDAPHOST}'] = $ldapconf['uri'];
435 $replacements['{PASSWORD}'] = $ldapconf['password'];
436 $replacements['{CRYPT}'] = $ldapconf['arr_cryptkeys'][$ldapconf['arr_crypts']];
437 $replacements['{SID}'] = "";
438 $replacements['{RIDBASE}'] = "";
439 $replacements['{MAILMETHOD}'] = $ldapconf['mail_methods'][$ldapconf['mail']];
440 $replacements['{SMBHASH}'] = $pwdhash;
441 $replacements['{GOVERNMENTMODE}'] = "false";
442 $replacements['{kolabAccount}'] = "";
443 $replacements['{servKolab}'] = "";
446 // This array contains all preg_replace syntax to delete all unused plugins
447 // THE kEY MUST BE THE CLASSNAME so we can check it with $ldapconf['classes']
449 $possible_plugins['fonreport'][] ="'\n.*<plugin.*fonreport+.*\n.*>.*\n'i";
450 $possible_plugins['phoneaccount'][] ="'\n.*<tab.*phoneAccount.*>.*\n'i";
452 $possible_plugins['logview'][] ="'\n.*<plugin.*logview+.*\n.*>.*\n'i";
454 $possible_plugins['pureftp'][] ="'\n.*<tab.*pureftp.*>.*\n'i";
456 $possible_plugins['webdav'][] ="'\n.*<tab.*webdav.*>.*\n'i";
458 $possible_plugins['phpgroupware'][] ="'\n.*<tab.*phpgroupware.*>'i";
461 // Header information
462 // Needed to send the generated gosa.conf to the browser
463 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
464 header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
465 header("Cache-Control: no-cache");
466 header("Pragma: no-cache");
467 header("Cache-Control: post-check=0, pre-check=0");
468 header("Content-type: text/plain");
470 if (preg_match('/MSIE 5.5/', $_SERVER['HTTP_USER_AGENT']) || preg_match('/MSIE 6.0/', $_SERVER['HTTP_USER_AGENT']))
471 {
472 header('Content-Disposition: filename="gosa.conf"');
473 } else {
474 header('Content-Disposition: attachment; filename="gosa.conf"');
475 }
478 if(!$fp=fopen(CONFIG_TEMPLATE_DIR."/gosa.conf","r"))
479 {
480 echo "Can't open file ".CONFIG_TEMPLATE_DIR."/gosa.conf";
481 // Don't write anything else
482 }
483 else
484 {
485 // Read out Data .....
486 while(!feof($fp))
487 {
488 $str.= fread($fp,512);
489 }
493 if($ldapconf['mail_methods'][$ldapconf['mail']]=="kolab")
494 {
495 $replacements['{kolabAccount}'] ="<tab class=\"kolabAccount\" />";
496 $replacements['{servKolab}'] ="<tab class=\"servkolab\" name=\"Kolab\" />";
497 }
503 // Lets check which samba version we will use
505 // in case of samba 2 we don't need to add additional objets in gosa.conf
506 // in case of samba 3 we musst detect if theres an objectType = SambaObjekt defined
507 // if theres is one, then do nothing, because the setup will detect the the SID themself
508 // if theres none defined add SID and RIDBASE to gosa.conf
511 if($used_samba_version == 2)
512 {
513 // Do nothing ...
514 }
515 else
516 {
517 // Create LDAP connection, to check if theres a domain Objekt definen in the Ldap scheme
518 $ldap= new LDAP($ldapconf['admin'], $ldapconf['password'], $ldapconf['uri']);
521 // Try to find a Samba Domain Objekt
522 $ldap->search("(objectClass=sambaDomain)");
524 // Something found ??? so we need to define ridbase an SID by ourselfs
525 if($ldap->count()< 1)
526 {
527 $replacements['{SID}'] = "sid=\"123412-11\"";
528 $replacements['{RIDBASE}'] = "ridbase=\"1000\"";
529 }
530 }// else --> $used_samba_version == 2
532 // Data readed, types replaced, samba version detected and checked if we need to add SID and RIDBASE
535 // Check if there is an ivbbEntry in the LDAP tree, in this case we will set the governmentmode to true
536 // Create LDAP connection, to check if theres a domain Objekt definen in the Ldap scheme
538 if(!isset($ldap))
539 $ldap= new LDAP($ldapconf['admin'], $ldapconf['password'], $ldapconf['uri']);
542 // Try to find a Samba Domain Objekt
543 $ldap->search("(objectClass=ivbbEntry)");
545 // Something found ??? so we need to define ridbase an SID by ourselfs
546 if($ldap->count()> 0)
547 {
548 $replacements['{GOVERNMENTMODE}'] = "true";
549 }
552 // Replace all colleted information with placeholder
553 foreach($replacements as $key => $val)
554 {
555 $str = preg_replace("/".$key."/",$val,$str);
556 // $str = ereg_replace($key,$val,$str);
557 }
559 // Remove all unused plugins
560 foreach($possible_plugins as $plugin)
561 {
562 foreach($plugin as $key=>$val)
563 {
564 if(in_array($plugin,$classes))
565 {
566 $str = preg_replace($val,"\n",$str);
567 }
568 }
569 }
572 }// else --> !$fp=fopen("../contrib/gosa.conf","r")
574 return ((($str)));
575 }
578 // This ist the first page shown in setup
579 // This page test some packages, like php version, ldap_module aso
580 // The funtion don't save anything, it tests only, when withoutput = false
581 // (called from setup.php);
582 function show_setup_page1($withoutput = true)
583 {
584 $smarty = get_smarty();
586 $smarty->assign ("content", get_template_path('setup_introduction.tpl'));
587 $smarty->assign ("tests", perform_php_checks($faults));
591 // This var is true if there is anything went wrong
592 if ($faults)
593 {
594 $smarty->assign("mode", "disabled");
595 }
597 // This line displays the template only if (withoutput is set)
598 if($withoutput)
599 $smarty->display (get_template_path('headers.tpl'));
601 if (isset($_SESSION['errors']))
602 {
603 $smarty->assign("errors", $_SESSION['errors']);
604 }
606 if($withoutput)
607 $smarty->display (get_template_path('setup.tpl'));
609 return (!$faults);
610 }
618 /* Shows Setup_page 2*/
619 function show_setup_page2($withoutput = true)
620 {
621 $smarty = get_smarty();
623 $smarty->assign ("content", get_template_path('setup_step2.tpl'));
624 $smarty->assign ("tests", perform_additional_checks($faults));
626 if ($faults) {
627 $smarty->assign("mode", "disabled");
628 }
629 if($withoutput){
630 $smarty->display (get_template_path('headers.tpl'));
631 }
633 if (isset($_SESSION['errors'])) {
634 $smarty->assign("errors", $_SESSION['errors']);
635 }
636 if($withoutput){
637 $smarty->display (get_template_path('setup.tpl'));
638 }
639 return (!$faults);
640 }
643 /* Setup page 3 asks for the server address
644 "Now we're going to include your LDAP server and create an initial configuration"*/
645 function show_setup_page3($withoutput = true)
646 {
648 // Take the Post oder the Sessioin saved data
649 if(isset($_POST['uri']))
650 $uri = $_POST['uri'];
651 elseif(isset($_SESSION['ldapconf']['uri']))
652 $uri = $_SESSION['ldapconf']['uri'];
654 // If Page called first time, field is empty
655 if((!isset($uri))||(empty($uri)))
656 $uri = "ldap://localhost:389";
659 $smarty = get_smarty();
661 // if isset $uri save it to session
662 if(isset($uri))
663 {
664 $_SESSION['ldapconf']['uri'] = $uri;
665 $smarty->assign ("uri", validate($uri));
666 }
669 // No error till now
670 $fault = false;
673 // If we pushed the Button continue
674 if(isset($_POST['continue3']))
675 if(!isset($uri))
676 {
677 $fault = true;
678 // Output the Error
679 if($withoutput)
680 {
681 print_red (_("You've to specify an ldap server before continuing!"));
682 $smarty->assign ("content", get_template_path('setup_step3.tpl'));
683 }
684 }
685 elseif (!$ds = @ldap_connect (validate($uri)))
686 {
687 $fault =true;
688 // Output the Error
689 if($withoutput)
690 {
691 print_red (_("Can't connect to the specified LDAP server! Please make sure that is reachable for GOsa."));
692 $smarty->assign ("uri", validate($uri));
693 $smarty->assign ("content", get_template_path('setup_step3.tpl'));
694 }
695 }
696 else
697 {
698 // Try to bind the connection
699 ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
701 // if we can't bind , print error
702 if (!$r = @ldap_bind ($ds))
703 {
704 $fault = true;
705 // Output the Error
706 if($withoutput)
707 {
708 print_red (_("Can't bind to the specified LDAP server! Please make sure that is reachable for GOsa."));
709 $smarty->assign ("content", get_template_path('setup_step3.tpl'));
710 $smarty->assign ("uri", validate($uri));
711 }
712 }
713 else
714 {
715 $fault = false;
716 }
717 }
720 $smarty->assign ("content", get_template_path('setup_step3.tpl'));
723 // Load Header
724 if($withoutput)
725 $smarty->display (get_template_path('headers.tpl'));
727 // Set Errors to Smarty
728 if (isset($_SESSION['errors']))
729 {
730 $smarty->assign("errors", $_SESSION['errors']);
731 }
733 // Print out Template
734 if($withoutput)
735 $smarty->display (get_template_path('setup.tpl'));
739 return (!$fault);
740 }
744 // Setup page 4
745 // This page asked for detailed info, like base dn or admin user
746 // if evrything is ok , but there's a missing user with ACL :all we show a a user creation page before we show page 5
747 function show_setup_page4($withoutput = true)
748 {
751 require_once("class_password-methods.inc");
753 error_reporting(E_ALL);
758 $fault = false; // If an error occures we set this var to true
759 $smarty = get_smarty(); // Our smarty instance
760 $uri = $_SESSION['ldapconf']['uri']; // This is the the connect path to the ldapserver like ldap://lo..
761 $ldapconf = $_SESSION['ldapconf']; // The ldap Configuration informations, we collected while setup
762 $arr_crypts = array(); // array which includes contains all possible password crypting methods
763 $temp = ""; // Temp
764 $checkvars = array("location","admin","password","peopleou","peopledn","arr_crypts","mail","uidbase");
767 if(!isset($_SESSION['ldapconf']['arr_cryptkeys']))
768 {
769 require_once("class_password-methods.inc");
770 $tmp = passwordMethod::get_available_methods_if_not_loaded();
771 $_SESSION['ldapconf']['arr_cryptkeys']= $tmp['name'];
772 }
776 if(!isset($_SESSION['ldapconf']['mail_methods']))
777 {
778 $_SESSION['ldapconf']['mail_methods']=array();
779 $temp = get_available_mail_classes();
780 $_SESSION['ldapconf']['mail_methods']= $temp['name'];
781 }
786 // If there are some empty vars in ldapconnect
787 // This values also represent out default values
789 # first try to get $base
790 if(!$ds = @ldap_connect (validate($uri)))
791 {
792 $fault = true;
793 if($withoutput)
794 print_red (_("Can't connect to the specified LDAP server! Please make sure that is reachable for GOsa."));
795 }
796 elseif(!@ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3))
797 {
798 $fault = true;
799 if($withoutput)
800 print_red (_("Can't bind to the specified LDAP server!. Please make sure that is reachable for GOsa."));
801 }
802 elseif(! $r = @ldap_bind ($ds))
803 {
804 $fault = true;
805 if($withoutput)
806 print_red (_("Can't bind to the specified LDAP server! Please make sure that is reachable for GOsa."));
807 }
808 else
809 {
810 $sr= @ldap_search ($ds, "", "objectClass=*", array("namingContexts"));
813 $attr= @ldap_get_entries($ds,$sr);
814 if((empty($attr)))
815 {
816 $base= "dc=example,dc=net";
819 if($withoutput)
820 print_red(_("Bind to server successfull, but the server seems to be completly empty, please check all informations twice"));
822 }
823 else
824 {
825 $base= $attr[0]['dn'];
826 }
827 }
831 if(!isset($_SESSION['ldapconf']['base'])) $_SESSION['ldapconf']['base'] = $base;
832 if(!isset($_SESSION['ldapconf']['admin'])) $_SESSION['ldapconf']['admin'] = "cn=ldapadmin,".$base;
833 if(!isset($_SESSION['ldapconf']['peopleou'])) $_SESSION['ldapconf']['peopleou'] = "ou=people";
834 if(!isset($_SESSION['ldapconf']['groupou'])) $_SESSION['ldapconf']['groupou'] = "ou=groups";
835 if(!isset($_SESSION['ldapconf']['peopledn'])) $_SESSION['ldapconf']['peopledn'] = "cn";
836 if(!isset($_SESSION['ldapconf']['password'])) $_SESSION['ldapconf']['password'] = "";
837 if(!isset($_SESSION['ldapconf']['location'])) $_SESSION['ldapconf']['location'] = "Example";
838 if(!isset($_SESSION['ldapconf']['uidbase'])) $_SESSION['ldapconf']['uidbase'] = "1000";
839 if(!isset($_SESSION['ldapconf']['mail'])) $_SESSION['ldapconf']['mail'] = 0;
840 $tmp = array_flip($_SESSION['ldapconf']['arr_cryptkeys']);
841 if(!isset($_SESSION['ldapconf']['arr_crypts'])) $_SESSION['ldapconf']['arr_crypts'] = $tmp['md5'];
844 // check Post data
846 if(isset($_POST['check']))
847 {
848 // Check if all needed vars are submitted
849 foreach($checkvars as $key)
850 {
851 if((isset($_POST[$key]))&&($_POST[$key]!=""))
852 {
853 $_SESSION['ldapconf'][$key] = $_POST[$key];
854 }
855 else
856 {
857 if($withoutput)
858 {
859 print_red(sprintf(_("You're missing the required attribute '%s' from this formular. Please complete!"), $key));
860 }
861 $fault = true;
862 }
863 }
865 // check if another base is given ... (ldapadmin...dc=base,dc=de) ..
867 $base = $_SESSION['ldapconf']['admin'];
868 $tmp = array_reverse ( split(",",$base));
869 $base = $tmp[1].",".$tmp[0];
870 $_SESSION['ldapconf']['base'] = $base;
873 }
877 $smarty->assign("arr_cryptkeys",$_SESSION['ldapconf']['arr_cryptkeys']);
878 $smarty->assign("mail_methods", $_SESSION['ldapconf']['mail_methods']);
880 foreach($_SESSION['ldapconf'] as $key => $val)
881 {
882 $smarty->assign($key,$val);
883 }
885 if(isset($_POST['check']))
886 {
887 $ldap= new LDAP($_SESSION['ldapconf']['admin'], $_SESSION['ldapconf']['password'], $_SESSION['ldapconf']['uri']);
889 $m= schema_check($_SESSION['ldapconf']['uri'], $_SESSION['ldapconf']['admin'], $_SESSION['ldapconf']['password']);
890 $_SESSION['classes']= $m;
892 if ($ldap->error != "Success")
893 {
894 if($withoutput)
895 {
896 print_red(sprintf(_("Can't log into LDAP server. Reason was: %s."), $ldap->get_error()));
897 }
898 $fault = true;
899 }
900 }
904 // Set smarty output
905 $smarty->assign ("content", get_template_path('setup_step4.tpl'));
907 $smarty->assign ("peopledns", array("cn", "uid"));
908 if($withoutput)
909 $smarty->display (get_template_path('headers.tpl'));
911 if(isset($_SESSION['errors']))
912 {
913 $smarty->assign("errors", $_SESSION['errors']);
914 }
915 if($withoutput)
916 $smarty->display (get_template_path('setup.tpl'));
919 return (!$fault);
922 }
927 // This page shows your configuration
928 // and wants you to download the gosa.conf ....
929 function show_setup_page5($withoutput=true)
930 {
931 // Get ldapconf
932 $ldapconf= $_SESSION['ldapconf'];
934 // get smarty
935 $smarty = get_smarty();
937 if(isset($_SESSION['classes']))
938 $classes = $_SESSION['classes'];
940 $info= posix_getgrgid(posix_getgid());
941 $smarty->assign ("webgroup", $info['name']);
942 $smarty->assign ("path", CONFIG_DIR);
943 $message = "";
944 $message.="<table class=\"check\">";
945 $m= schema_check($ldapconf['uri'], $ldapconf['admin'], $ldapconf['password'],1);
947 if($withoutput)
948 {
949 $smarty->assign ("schemas", view_schema_check($m));
950 $smarty->assign ("content", get_template_path('setup_finish.tpl'));
951 }
952 // Output templates ....
954 if($withoutput)
955 $smarty->display (get_template_path('headers.tpl'));
957 if (isset($_SESSION['errors']))
958 {
959 $smarty->assign("errors", $_SESSION['errors']);
960 }
961 if($withoutput)
962 $smarty->display (get_template_path('setup.tpl'));
963 return(true);
964 }
977 // this function is called by setup step 5, in order to create a missinf Administrator
978 // and or Administrational user
979 // on success go on with setup_page5
980 // else show this page aggain
981 function create_user_for_setup($withoutput=true)
982 {
984 error_reporting(E_ALL);
986 global $samba;
988 $ldapconf = $_SESSION['ldapconf'];
989 $smarty = get_smarty();
993 if(isset($_SESSION['classes']))
994 $classes= $_SESSION['classes'];
996 // Everything runns perfect ...
997 // So we do a last test on this page
998 // is there a user with ACLs :all which will be able to adminsitrate GOsa
999 // We check that, if this user or group is missing we ask for creating them
1001 $ldap= new LDAP($_SESSION['ldapconf']['admin'], $_SESSION['ldapconf']['password'], $_SESSION['ldapconf']['uri']);
1003 // $ldap= new LDAP($ldapconf['admin'], $ldapconf['password'], $ldapconf['uri']);
1005 // Now we are testing for a group, with the rights :all
1006 $ldap->cd($ldapconf['base']);
1007 $ldap->search("(&(objectClass=gosaObject)(gosaSubtreeACL=:all))");
1009 $group_cnt = $ldap->count();
1010 $data = $ldap->fetch();
1011 $create_user = false;
1013 // We need to create Administrative user and group
1014 // Because theres no Group found
1015 if($group_cnt < 1)
1016 {
1017 // Set var to create user
1018 $create_user = true;
1020 // Output error
1021 if(($withoutput)&&(!isset($_POST['new_admin'])))
1022 print_red(_("You're missing an administrative account for GOsa, you'll not be able to administrate anything!"));
1023 }
1024 else
1025 {
1027 // We found an Administrative Group, is there a user too
1028 if(isset($data['memberUid'][0]))
1029 {
1030 $ldap->search("(&(objectClass=gosaAccount)(objectClass=person))",array("uid=".$data['memberUid'][0]));
1031 $data2 = $ldap->fetch();
1032 $user_cnt = $ldap->count();
1033 }
1035 // We must create a user
1036 if (($ldap->count() < 1)||(!isset($data2)))
1037 {
1038 $create_user = true;
1039 if(($withoutput)&&(!isset($_POST['new_admin'])))
1040 print_red(_("You're missing an administrative account for GOsa, you'll not be able to administrate anything!"));
1041 }
1042 else
1043 {
1044 // We don't need to add a user
1045 return(true);
1046 }
1048 }// if($group_cn)
1050 // We need to create a new user with group
1051 if(isset($_POST['new_admin']))
1052 {
1053 // Is there a running user ?
1054 // Then add additional
1056 if (isset($classes['samba3']))
1057 {
1058 $samba= "2";
1059 $lmPassword = "lmPassword";
1060 $ntPassword = "ntPassword";
1061 } else {
1062 $samba= "3";
1063 $lmPassword = "sambaLMPassword";
1064 $ntPassword = "sambaNtPassword";
1065 }
1068 // Nothing submitted
1069 if(( (empty($_POST['admin_name']))||(empty($_POST['admin_pass'])) )&&(!$create_user))
1070 {
1071 return(true);
1072 }
1074 // We have the order to create on Admin ^^
1075 // Detect Samba version to define the Attribute names shown below
1076 // go to base
1077 $ldap->cd($ldapconf['base']);
1079 // Define the user we are going to create
1080 $dn = "cn=".$_POST['admin_name'].",".$ldapconf['peopleou'].",".$ldapconf['base'];
1083 $arr['objectClass'][0] ="person";
1084 $arr['objectClass'][1] ="organizationalPerson";
1085 $arr['objectClass'][2] ="inetOrgPerson";
1086 $arr['objectClass'][3] ="gosaAccount";
1087 $arr['uid'] = $_POST['admin_name'];
1088 $arr['cn'] = $_POST['admin_name'];
1089 $arr['sn'] = $_POST['admin_name'];
1091 $arr['givenName'] = "GOsa main administrator";
1092 $arr[$lmPassword] = "10974C6EFC0AEE1917306D272A9441BB";
1093 $arr[$ntPassword] = "38F3951141D0F71A039CFA9D1EC06378";
1094 $arr['userPassword'] = crypt_single($_POST['admin_pass'],"md5");
1095 if( ! $ldap->dn_exists ( $dn )) {
1096 $ldap->cd($dn);
1097 $ldap->create_missing_trees($dn);
1098 $ldap->add($arr);
1099 if($ldap->error!="Success") {
1100 print_red("Can't create user, and / or Group, possibly this problem depends on an empty LDAP server. Check your configuration and try again!");
1101 }
1102 }
1104 // theres already a group for administrator, so we only need to add the user
1105 if($group_cnt)
1106 {
1107 if(!isset($data['memberUid']))
1108 {
1109 $arrr['memberUid']= $_POST['admin_name'];
1110 }
1111 else
1112 {
1113 $data['memberUid'][$data['memberUid']['count']]=$_POST['admin_name'];
1114 $arrr['memberUid'] = $data['memberUid'];
1115 unset($arrr['memberUid']['count']);
1116 }
1117 $ldap->cd($data['dn']);
1118 $ldap->modify($arrr);
1119 }
1120 else
1121 {
1122 // there was no group defined, so we must create one
1123 $dn = "cn=administrators,".$ldapconf['groupou'].",".$ldapconf['base'];
1124 $arrr['objectClass'][0] = "gosaObject";
1125 $arrr['objectClass'][1] = "posixGroup";
1126 $arrr['gosaSubtreeACL'] = ":all";
1127 $arrr['cn'] = "administrators";
1128 $arrr['gidNumber'] = "999";
1129 $arrr['memberUid'] = $_POST['admin_name'];
1130 $ldap->cd($dn);
1131 $ldap->add($arrr);
1132 }
1135 // We created the Group and the user, so we can go on with the next setup step
1136 return(true);
1137 }
1138 else
1139 {
1140 if(!($create_user))
1141 {
1142 $smarty->assign ("content", get_template_path('setup_useradmin.tpl'));
1143 $smarty->assign("exists",true);
1144 }
1145 else
1146 {
1147 $smarty->assign ("content", get_template_path('setup_useradmin.tpl'));
1148 $smarty->assign("exists",false);
1149 }
1150 }
1153 // Smarty outout
1155 if($withoutput)
1156 $smarty->display (get_template_path('headers.tpl'));
1158 if (isset($_SESSION['errors']))
1159 {
1160 $smarty->assign("errors", $_SESSION['errors']);
1161 }
1162 if($withoutput)
1163 $smarty->display (get_template_path('setup.tpl'));
1166 return(false);
1167 }
1170 // Returns the classnames auf the mail classes
1171 function get_available_mail_classes()
1172 {
1173 $dir = opendir( "../include");
1174 $methods = array();
1175 $suffix = "class_mail-methods-";
1176 $lensuf = strlen($suffix);
1177 $prefix = ".inc";
1178 $lenpre = strlen($prefix);
1181 $i = 0;
1182 while (($file = readdir($dir)) !== false)
1183 {
1184 if(stristr($file,$suffix))
1185 {
1186 $lenfile = strlen($file);
1187 $methods['name'][$i] = substr($file,$lensuf,($lenfile-$lensuf)-$lenpre);
1188 $methods['file'][$i] = $file;
1189 $methods[$i]['file'] = $file;
1190 $methods[$i]['name'] = substr($file,$lensuf,($lenfile-$lensuf)-$lenpre);
1191 $i++;
1192 }
1193 }
1194 return($methods);
1195 }
1203 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1204 ?>