![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
1 <?php
6 function minimum_version($vercheck)
7 {
8 $needver = split("\.",$vercheck);
9 $curver = split("\.",phpversion());
11 $c1 = count($needver);
12 $c2 = count($curver);
14 if($c2 >= $c1) $c1 = $c2;
16 for($i=0; $i < $c1 ; $i++)
17 {
18 if($needver[$i] > $curver[$i])
19 {
20 return(false);
21 }
22 if($needver[$i] < $curver[$i])
23 {
24 return(true);
25 }
26 }
27 }
29 function minimum_versioni2($vercheck)
30 {
31 $minver = (int)str_replace('.', '', $vercheck);
32 $curver = (int)str_replace('.', '', phpversion());
34 if($curver >= $minver){
35 return (true);
36 }
38 return (false);
39 }
42 function check_schema_version($description, $version)
43 {
44 $desc= preg_replace("/^.* DESC\s+\(*\s*'([^']+)'\s*\)*.*$/", '\\1', $description);
46 return preg_match("/\(v$version\)/", $desc);
47 }
49 function view_schema_check($table)
50 {
51 $message="<table class=\"check\">";
52 foreach ($table as $key => $msg){
53 $message.= "<tr><td class=\"check\">$msg";
54 if(strstr($msg,"enabled")) {
55 $message.="</td><td style='text-align:center' ><img src=images/true.png alt='true' /></td></tr>";
56 }
57 else
58 {
59 $message.="</td><td style='text-align:center' ><img src=images/button_cancel.png alt='false' /></td></tr>";}
60 }
61 $message.="</table>";
62 return $message;
63 }
65 function schema_check($server, $admin, $password,$aff=0)
66 {
67 global $config;
70 $messages= array();
71 $required_classes= array(
72 "gosaObject" => array("version" => "2.4"),
73 "gosaAccount" => array("version" => "2.4"),
74 "gosaLockEntry" => array("version" => "2.4"),
75 "gosaCacheEntry" => array("version" => "2.4"),
76 "gosaDepartment" => array("version" => "2.4"),
78 "goFaxAccount" => array("version" => "1.0.4", "class" => "gofaxAccount","file" => "gofax.schema"),
79 "goFaxSBlock" => array("version" => "1.0.4", "class" => "gofaxAccount","file" => "gofax.schema"),
80 "goFaxRBlock" => array("version" => "1.0.4", "class" => "gofaxAccount","file" => "gofax.schema"),
82 "gosaUserTemplate" => array("version" => "2.4", "class" => "posixAccount","file" => "nis.schema"),
83 "gosaMailAccount" => array("version" => "2.4", "class" => "mailAccount","file" => "gosa+samba3.schema"),
84 "gosaProxyAccount" => array("version" => "2.4", "class" => "proxyAccount","file" => "gosa+samba3.schema"),
85 "gosaApplication" => array("version" => "2.4", "class" => "appgroup","file" => "gosa.schema"),
86 "gosaApplicationGroup" => array("version" => "2.4", "class" => "appgroup","file" => "gosa.schema"),
88 "GOhard" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
89 "gotoTerminal" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
90 "goServer" => array("version" => "2.4","class" => "server","file" => "goserver.schema"),
91 "goTerminalServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
92 "goNfsServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
93 "goNtpServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
94 "goSyslogServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
95 "goLdapServer" => array("version" => "2.4"),
96 "goCupsServer" => array("version" => "2.4", "class" => array("posixAccount", "terminals"),),
97 "goImapServer" => array("version" => "2.4", "class" => array("mailAccount", "mailgroup"),"file" => "gosa+samba3.schema"),
98 "goKrbServer" => array("version" => "2.4"),
99 "goFaxServer" => array("version" => "2.4", "class" => "gofaxAccount","file" => "gofax.schema"),
101 );
103 /* Build LDAP connection */
104 $ds= ldap_connect ($server);
105 if (!$ds) {
106 return (array(_("Can't bind to LDAP. No schema check possible!")));
107 }
108 ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
109 $r= ldap_bind ($ds, $admin, $password);
111 /* Get base to look for schema */
112 $sr = @ldap_read ($ds, "", "objectClass=*", array("subschemaSubentry"));
113 $attr= @ldap_get_entries($ds,$sr);
114 if (!isset($attr[0]['subschemasubentry'][0])){
115 return (array(_("Can't get schema information from server. No schema check possible!")));
116 }
118 /* Get list of objectclasses */
119 $nb= $attr[0]['subschemasubentry'][0];
120 $objectclasses= array();
121 $sr= ldap_read ($ds, $nb, "objectClass=*", array("objectclasses"));
122 $attrs= ldap_get_entries($ds,$sr);
123 if (!isset($attrs[0])){
124 return (array(_("Can't get schema information from server. No schema check possible!")));
125 }
126 foreach ($attrs[0]['objectclasses'] as $val){
127 $name= preg_replace("/^.* NAME\s+\(*\s*'([^']+)'\s*\)*.*$/", '\\1', $val);
128 if ($name != $val){
129 $objectclasses[$name]= $val;
130 }
131 }
132 /* Walk through objectclasses and check if they are needed or not */
133 foreach ($required_classes as $key => $value){
134 if (isset($value['class'])){
135 if (!is_array($value['class'])){
136 $classes= array($value['class']);
137 } else {
138 $classes= $value['class'];
139 }
141 /* Check if we are using the class that requires */
142 foreach($classes as $class){
143 if (!isset($objectclasses[$key])){
144 $messages[$key]= sprintf(_("Optional objectclass '%s' required by plugin '%s' is not present in LDAP setup"), $key, $class);
145 } else {
146 if (!check_schema_version($objectclasses[$key], $value['version'])){
147 $messages[$key]= sprintf(_("Optional objectclass '%s' required by plugin '%s' does not have version %s"), $key, $class, $value['version']);
148 }else {
149 if(!isset($affich2[$class])){
150 $affich2[$class]="Support for <b>$class</b> enabled <td class=\"check\"> ".$value['file']."</td>";
151 }
152 }
153 }
155 }
156 } else {
157 /* Required class */
158 if (!isset($objectclasses[$key])){
159 $messages[$key]= sprintf(_("Required objectclass '%s' is not present in LDAP setup"), $key);
160 } else {
161 if (!check_schema_version($objectclasses[$key], $value['version'])){
162 $messages[$key]= sprintf(_("Required objectclass '%s' does not have version %s"), $key, $value['version']);
163 }
164 }
165 }
166 }
168 /* Check for correct samba parameters */
169 if (!isset($objectclasses['sambaSamAccount'])){
170 $messages['samba3']= _("SAMBA 3 support disabled, no schema seems to be installed");
171 $affich['samba3']= $messages['samba3']."<td class=\"check\">gosa+samba3.schema</td>";
172 }else{
173 $affich['samba3']=_("SAMBA 3 support enabled")."<td class=\"check\">gosa+samba3.schema</td>";
174 }
176 if (!isset($objectclasses['sambaAccount'])){
177 $messages['samba2']= _("SAMBA 2 support disabled, no schema seems to be installed");
178 $affich['samba2']=$messages['samba2']."<td class=\"check\">samba.schema</td>";
179 }else{
180 $affich['samba2']=_("SAMBA 2 support enabled")."<td class=\"check\">samba.schema</td>";
181 }
183 /* Check pureftp/dns/ */
184 if (!isset($objectclasses['PureFTPdUser'])){
185 $messages['pureftp']= _("Support for pureftp disabled, no schema seems to be installed");
186 $affich['pureftp']= $messages['pureftp']."<td class=\"check\">pureftpd.schema</td>";
187 }else{
188 $affich['pureftp']=_("Support for pureftp enabled")."<td class=\"check\">pureftpd.schema</td>";
189 }
191 if (!isset($objectclasses['gosaWebdavAccount'])){
192 $messages['webdav']= _("Support for WebDAV disabled, no schema seems to be installed");
193 $affich['webdav']=$messages['webdav']."<td class=\"check\"></td>";
194 }else{
195 $affich['webdav']=_("Support for WebDAV enabled")."<td class=\"check\">gosa+samba3.schema</td>";
196 }
198 if (!isset($objectclasses['phpgwAccount'])){
199 $messages['phpgroupware']= _("Support for phpgroupware disabled, no schema seems to be installed");
200 $affich['phpgroupware']=$messages['phpgroupware']."<td class=\"check\">phpgwaccount.schema</td>";
201 }else{
202 $affich['phpgroupware']=_("Support for phpgroupware enabled")."<td class=\"check\">phpgwaccount.schema</td>";
203 }
205 if (!isset($objectclasses['goFonAccount'])){
206 $messages['phoneaccount']= _("Support for gofon disabled, no schema seems to be installed");
207 $affich['phoneaccount']=$messages['phoneaccount']."<td class=\"check\">gofon.schema</td>";
208 }else{
209 $affich['phoneaccount']=_("Support for gofon enabled")."<td class=\"check\">gofon.schema</td>";
210 }
213 if(($_SESSION['ldapconf']['mail_methods'][$_SESSION['ldapconf']['mail']] == "kolab"))
214 if(!isset($objectclasses['kolabInetOrgPerson']))
215 {
216 $messages['kolab']= _("Support for Kolab disabled, no schema seems to be installed, setting mail-method to cyrus");
217 $tmp = array_flip($_SESSION['ldapconf']['mail_methods']);
218 $_SESSION['ldapconf']['mail']=$tmp['cyrus'];
219 $affich['kolab']=$messages['kolab']."<td class=\"check\">kolab2.schema</td>";
220 }else{
221 $affich['kolab']=_("Support for Kolab enabled")."<td class=\"check\">gofon.schema</td>";
222 }
225 if($aff==0)return ($messages);
226 else return(array_merge($affich,$affich2));
229 }
233 function check(&$faults, $message, $description, $test, $required= TRUE)
234 {
235 $msg= "<table class='check'><tr><td class='check' style='font-size:14px;'>$message</td><td rowspan=2 style='vertical-align:middle; text-align:center;width:45px;'>";
236 if ($test){
237 $msg.= _("OK")."<br>";
238 } else {
239 if (!$required){
240 $msg.="<font color=red>"._("Ignored")."</font><br>";
241 } else {
242 $msg.="<font color=red>"._("Failed")."</font><br>";
243 $faults++;
244 }
245 }
246 $msg.= "</td></tr><tr><td class='check' style='padding-left:20px;background-color:#F0F0F0;'>$description</td></tr></table><br>";
248 return $msg;
249 }
251 function perform_php_checks(&$faults)
252 {
253 global $check_globals;
255 $faults= 0;
256 $msg= "";
258 $msg.= "<h1>"._("PHP setup inspection")."</h1>";
259 $msg.= check ( $faults, _("Checking for PHP version (>=4.1.0)"),
260 _("PHP must be of version 4.1.0 or above for some functions and known bugs in PHP language."),
261 minimum_version('4.1.0'));
263 $msg.= check ( $faults, _("Checking for PHP version (<=5)"),
264 _("PHP must be below version 5."),
265 !minimum_version('5'));
268 $msg.= check ( $faults, _("Checking if register_globals is set to 'off'"),
269 _("register_globals is a PHP mechanism to register all global varibales to be accessible from scripts without changing the scope. This may be a security risk. GOsa will run in both modes."),
270 $check_globals == 0, FALSE);
272 $msg.= check ( $faults, _("Checking for ldap module"),
273 _("This is the main module used by GOsa and therefore really required."),
274 function_exists('ldap_bind'));
276 $msg.= check ( $faults, _("Checking for gettext support"),
277 _("Gettext support is required for internationalized GOsa."), function_exists('bindtextdomain'));
279 $msg.= check ( $faults, _("Checking for iconv support"),
280 _("This module is used by GOsa to convert samba munged dial informations and is therefore required."),
281 function_exists('iconv'));
283 $msg.= check ( $faults, _("Checking for mhash module"),
284 _("To use SSHA encryption, you'll need this module. If you are just using crypt or md5 encryption, ignore this message. GOsa will run without it."),
285 function_exists('mhash'), FALSE);
287 $msg.= check ( $faults, _("Checking for imap module"),
288 _("The IMAP module is needed to communicate with the IMAP server. It gets status informations, creates and deletes mail users."),
289 function_exists('imap_open'));
290 $msg.= check ( $faults, _("Checking for getacl in imap"),
291 _("The getacl support is needed for shared folder permissions. The standard IMAP module is not capable of reading acl's. You need a recend PHP version for this feature."),
292 function_exists('imap_getacl'), FALSE);
293 $msg.= check ( $faults, _("Checking for mysql module"),
294 _("MySQL support is needed for reading GOfax reports from databases."),
295 function_exists('mysql_query'), FALSE);
296 $msg.= check ( $faults, _("Checking for cups module"),
297 _("In order to read available printers from IPP protocol instead of printcap files, you've to install the CUPS module."),
298 function_exists('cups_get_dest_list'), FALSE);
299 $msg.= check ( $faults, _("Checking for kadm5 module"),
300 _("Managing users in kerberos requires the kadm5 module which is downloadable via PEAR network."),
301 function_exists('kadm5_init_with_password'), FALSE);
302 return ($msg);
303 }
306 function perform_additional_checks(&$faults)
307 {
308 # Programm check
309 $msg= "<h1>"._("Checking for some additional programms")."</h1>";
311 # Image Magick
312 $query= "LC_ALL=C LANG=C convert -help";
313 $output= shell_exec ($query);
314 if ($output != ""){
315 $lines= split ("\n", $output);
316 $version= preg_replace ("/^Version:[^I]+ImageMagick ([^\s]+).*/", "\\1", $lines[0]);
317 list($major, $minor)= split("\.", $version);
318 $msg.= check ( $faults, _("Checking for ImageMagick (>=5.4.0)"),
319 _("ImageMagick is used to convert user supplied images to fit the suggested size and the unified JPEG format."),
320 ($major > 5 || ($major == 5 && $minor >= 4)));
321 } else {
322 $msg.= check ( $faults, _("Checking imagick module for PHP"),
323 _("Imagick is used to convert user supplied images to fit the suggested size and the unified JPEG format from PHP script."), function_exists('imagick_blob2image'), TRUE);
324 }
326 # Check for fping
327 $query= "LC_ALL=C LANG=C fping -v 2>&1";
328 $output= shell_exec ($query);
329 $have_fping= preg_match("/^fping:/", $output);
330 $msg.= check ( $faults, _("Checking for fping utility"),
331 _("The fping utility is only used if you've got a thin client based terminal environment running."),
332 $have_fping, FALSE);
334 # Check for smb hash generation tool
335 $query= "mkntpwd 2>&1";
336 $output= shell_exec ($query);
337 $have_mkntpwd= preg_match("/^Usage: mkntpwd /", $output);
338 $alt = 0;
340 if (!$have_mkntpwd){
341 $query= "LC_ALL=C LANG=C perl -MCrypt::SmbHash -e 'ntlmgen \"PASSWD\", \$lm, \$nt; print \"\${lm}:\${nt}\\n\";' &>/dev/null";
342 system ($query, $ret);
343 $alt= ($ret == 0);
344 }
346 $msg.= check ( $faults, _("Checking for a way to generate LM/NT password hashes"),
347 _("In order to use SAMBA 2/3, you've to install some additional packages to generate password hashes."),
348 ($have_mkntpwd || $alt));
349 # checking for some PHP.ini Options
351 /* seesio.auto_start should be off, in order to without trouble*/
353 $arra = ini_get_all();
355 /* This array contains folling info now :
356 global_value 0
357 local_value 0
358 access 7
360 -->Access types
361 PHP_INI_USER 1 Entry can be set in user scripts
362 PHP_INI_PERDIR 2 Entry can be set in php.ini, .htaccess or httpd.conf
363 PHP_INI_SYSTEM 4 Entry can be set in php.ini or httpd.conf
364 PHP_INI_ALL 7 Entry can be set anywhere
366 */
368 $session_auto_start = ($arra['session.auto_start']);
369 $implicit_flush = ($arra['implicit_flush']);
370 $max_execution_time = ($arra['max_execution_time']);
371 $memory_limit = ($arra['memory_limit']);
372 $expose_php = ($arra['expose_php']);
373 $magic_quotes_gpc = ($arra['magic_quotes_gpc']);
374 $register_globals = ($arra['register_globals']);
377 // auto_register
378 $msg.= check ( $faults, _("PHP.ini check -> session.auto_register"),
379 _("In Order to use GOsa without any trouble, the session.auto_register option in your php.ini musst be 'Off'."),
380 (!$session_auto_start['local_value']));
384 //implicit_flush
385 $msg.= check ( $faults, _("PHP.ini check -> implicit_flush"),
386 _("This Option defines the Ouput handling, turn this Option off, to increase performance."),
387 !$implicit_flush['local_value'],0,false);
389 //max_execution_time
390 if($max_execution_time['local_value'] < 30 )
391 $max_execution_time['local_value']=false;
392 $msg.= check ( $faults, _("PHP.ini check -> max_execution_time"),
393 _("The Execution time, should be 30 seconds minimun, cause some actions will need huge ammount of time ."),
394 $max_execution_time['local_value'],0,false);
396 //memory_limit
397 if($memory_limit['local_value'] < 8 )
398 $memory_limit['local_value']=false;
399 $msg.= check ( $faults, _("PHP.ini check -> memory_limit"),
400 _("GOsa need at least 8M of memory, less will cause unpredictable errors, sometimes without error message!. Best would be 32 M here."),
401 !$implicit_flush['local_value'],0,false);
403 //expose_php
404 $msg.= check ( $faults, _("PHP.ini check -> expose_php"),
405 _("PHP won't send any Information about the Server you are running, should be a security fact."),
406 !$implicit_flush['local_value'],0,false);
408 //magic_quotes_gpc
409 $msg.= check ( $faults, _("PHP.ini check -> magic_quotes_gpc"),
410 _("Security option, php will escape all quotes in strings ."),
411 $magic_quotes_gpc['local_value'],0,false);
413 return $msg;
414 }
418 //! Added by Hickert
419 //
420 // Parse /contrib/gosa.conf to set user defined values
421 //This function may create the ldap.conf
422 // Lets try
423 function parse_contrib_conf()
424 {
425 /* First gather all needed informations */
429 /* Variables */
430 $str = "";
431 $used_samba_version = 0;
432 $query = "";
433 $fp = false;
434 $output = "";
435 $needridbase_sid = false;
436 $pwdhash = "";
437 $replacements = array();
438 $ldapconf = $_SESSION['ldapconf']; // The Installation information
439 $classes = $_SESSION['classes']; // Class information needed to define which features are enabled
440 $possible_plugins = array();
442 if(isset($classes['samba3'])) // means Samba 3 is disabled
443 $used_samba_version = 2;
444 else
445 $used_samba_version = 3;
448 if(file_exists("/usr/lib/gosa/mkntpasswd")) {
449 $pwdhash = "/usr/lib/gosa/mkntpasswd";
450 }
451 elseif (preg_match("/^Usage: mkntpwd /", shell_exec ("mkntpwd 2>&1"))) {
452 $pwdhash= "mkntpwd";
453 } else {
454 $pwdhash=addslashes(' perl -MCrypt::SmbHash -e "ntlmgen \"\$ARGV[0]\", \$lm, \$nt; print \"\${lm}:\${nt}\n\";" $1');
455 // $pwdhash= 'perl -MCrypt::SmbHash -e \"ntlmgen \\"\\$ARGV[0]\\", \\$lm, \\$nt; print \\"\\${lm}:\\${nt}\\\";\"';
456 }
459 // Define which variables will be replaced
460 $replacements['{LOCATIONNAME}'] = $ldapconf['location'];
461 $replacements['{SAMBAVERSION}'] = $used_samba_version;
462 $replacements['{LDAPBASE}'] = $ldapconf['base'];
463 $replacements['{LDAPADMIN}'] = $ldapconf['admin'];
464 $replacements['{DNMODE}'] = $ldapconf['peopledn'];
465 $replacements['{LDAPHOST}'] = $ldapconf['uri'];
466 $replacements['{PASSWORD}'] = $ldapconf['password'];
467 $replacements['{CRYPT}'] = $ldapconf['arr_cryptkeys'][$ldapconf['arr_crypts']];
468 $replacements['{SID}'] = "";
469 $replacements['{RIDBASE}'] = "";
470 $replacements['{MAILMETHOD}'] = $ldapconf['mail_methods'][$ldapconf['mail']];
471 $replacements['{SMBHASH}'] = $pwdhash;
472 $replacements['{GOVERNMENTMODE}'] = "false";
473 $replacements['{kolabAccount}'] = "";
474 $replacements['{servKolab}'] = "";
477 // This array contains all preg_replace syntax to delete all unused plugins
478 // THE kEY MUST BE THE CLASSNAME so we can check it with $ldapconf['classes']
480 $possible_plugins['fonreport'][] ="'\n.*<plugin.*fonreport+.*\n.*>.*\n'i";
481 $possible_plugins['phoneaccount'][] ="'\n.*<tab.*phoneAccount.*>.*\n'i";
483 $possible_plugins['logview'][] ="'\n.*<plugin.*logview+.*\n.*>.*\n'i";
485 $possible_plugins['pureftp'][] ="'\n.*<tab.*pureftp.*>.*\n'i";
487 $possible_plugins['webdav'][] ="'\n.*<tab.*webdav.*>.*\n'i";
489 $possible_plugins['phpgroupware'][] ="'\n.*<tab.*phpgroupware.*>'i";
492 // Header information
493 // Needed to send the generated gosa.conf to the browser
494 header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
495 header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
496 header("Cache-Control: no-cache");
497 header("Pragma: no-cache");
498 header("Cache-Control: post-check=0, pre-check=0");
499 header("Content-type: text/plain");
501 if (preg_match('/MSIE 5.5/', $_SERVER['HTTP_USER_AGENT']) || preg_match('/MSIE 6.0/', $_SERVER['HTTP_USER_AGENT']))
502 {
503 header('Content-Disposition: filename="gosa.conf"');
504 } else {
505 header('Content-Disposition: attachment; filename="gosa.conf"');
506 }
509 if(!$fp=fopen(CONFIG_TEMPLATE_DIR."/gosa.conf","r"))
510 {
511 echo "Can't open file ".CONFIG_TEMPLATE_DIR."/gosa.conf";
512 // Don't write anything else
513 }
514 else
515 {
516 // Read out Data .....
517 while(!feof($fp))
518 {
519 $str.= fread($fp,512);
520 }
524 if($ldapconf['mail_methods'][$ldapconf['mail']]=="kolab")
525 {
526 $replacements['{kolabAccount}'] ="<tab class=\"kolabAccount\" />";
527 $replacements['{servKolab}'] ="<tab class=\"servkolab\" name=\"Kolab\" />";
528 }
534 // Lets check which samba version we will use
536 // in case of samba 2 we don't need to add additional objets in gosa.conf
537 // in case of samba 3 we musst detect if theres an objectType = SambaObjekt defined
538 // if theres is one, then do nothing, because the setup will detect the the SID themself
539 // if theres none defined add SID and RIDBASE to gosa.conf
542 if($used_samba_version == 2)
543 {
544 // Do nothing ...
545 }
546 else
547 {
548 // Create LDAP connection, to check if theres a domain Objekt definen in the Ldap scheme
549 $ldap= new LDAP($ldapconf['admin'], $ldapconf['password'], $ldapconf['uri']);
552 // Try to find a Samba Domain Objekt
553 $ldap->search("(objectClass=sambaDomain)");
555 // Something found ??? so we need to define ridbase an SID by ourselfs
556 if($ldap->count()< 1)
557 {
558 $replacements['{SID}'] = "sid=\"123412-11\"";
559 $replacements['{RIDBASE}'] = "ridbase=\"1000\"";
560 }
561 }// else --> $used_samba_version == 2
563 // Data readed, types replaced, samba version detected and checked if we need to add SID and RIDBASE
566 // Check if there is an ivbbEntry in the LDAP tree, in this case we will set the governmentmode to true
567 // Create LDAP connection, to check if theres a domain Objekt definen in the Ldap scheme
569 if(!isset($ldap))
570 $ldap= new LDAP($ldapconf['admin'], $ldapconf['password'], $ldapconf['uri']);
573 // Try to find a Samba Domain Objekt
574 $ldap->search("(objectClass=ivbbEntry)");
576 // Something found ??? so we need to define ridbase an SID by ourselfs
577 if($ldap->count()> 0)
578 {
579 $replacements['{GOVERNMENTMODE}'] = "true";
580 }
583 // Replace all colleted information with placeholder
584 foreach($replacements as $key => $val)
585 {
586 $str = preg_replace("/".$key."/",$val,$str);
587 // $str = ereg_replace($key,$val,$str);
588 }
590 // Remove all unused plugins
591 foreach($possible_plugins as $plugin)
592 {
593 foreach($plugin as $key=>$val)
594 {
595 if(in_array($plugin,$classes))
596 {
597 $str = preg_replace($val,"\n",$str);
598 }
599 }
600 }
603 }// else --> !$fp=fopen("../contrib/gosa.conf","r")
605 return ((($str)));
606 }
609 // This ist the first page shown in setup
610 // This page test some packages, like php version, ldap_module aso
611 // The funtion don't save anything, it tests only, when withoutput = false
612 // (called from setup.php);
613 function show_setup_page1($withoutput = true)
614 {
615 $smarty = get_smarty();
617 $smarty->assign ("content", get_template_path('setup_introduction.tpl'));
618 $smarty->assign ("tests", perform_php_checks($faults));
622 // This var is true if there is anything went wrong
623 if ($faults)
624 {
625 $smarty->assign("mode", "disabled");
626 }
628 // This line displays the template only if (withoutput is set)
629 if($withoutput)
630 $smarty->display (get_template_path('headers.tpl'));
632 if (isset($_SESSION['errors']))
633 {
634 $smarty->assign("errors", $_SESSION['errors']);
635 }
637 if($withoutput)
638 $smarty->display (get_template_path('setup.tpl'));
640 return (!$faults);
641 }
649 /* Shows Setup_page 2*/
650 function show_setup_page2($withoutput = true)
651 {
652 $smarty = get_smarty();
654 $smarty->assign ("content", get_template_path('setup_step2.tpl'));
655 $smarty->assign ("tests", perform_additional_checks($faults));
657 if ($faults) {
658 $smarty->assign("mode", "disabled");
659 }
660 if($withoutput){
661 $smarty->display (get_template_path('headers.tpl'));
662 }
664 if (isset($_SESSION['errors'])) {
665 $smarty->assign("errors", $_SESSION['errors']);
666 }
667 if($withoutput){
668 $smarty->display (get_template_path('setup.tpl'));
669 }
670 return (!$faults);
671 }
674 /* Setup page 3 asks for the server address
675 "Now we're going to include your LDAP server and create an initial configuration"*/
676 function show_setup_page3($withoutput = true)
677 {
679 // Take the Post oder the Sessioin saved data
680 if(isset($_POST['uri']))
681 $uri = $_POST['uri'];
682 elseif(isset($_SESSION['ldapconf']['uri']))
683 $uri = $_SESSION['ldapconf']['uri'];
685 // If Page called first time, field is empty
686 if((!isset($uri))||(empty($uri)))
687 $uri = "ldap://localhost:389";
690 $smarty = get_smarty();
692 // if isset $uri save it to session
693 if(isset($uri))
694 {
695 $_SESSION['ldapconf']['uri'] = $uri;
696 $smarty->assign ("uri", validate($uri));
697 }
700 // No error till now
701 $fault = false;
704 // If we pushed the Button continue
705 if(isset($_POST['continue3']))
706 if(!isset($uri))
707 {
708 $fault = true;
709 // Output the Error
710 if($withoutput)
711 {
712 print_red (_("You've to specify an ldap server before continuing!"));
713 $smarty->assign ("content", get_template_path('setup_step3.tpl'));
714 }
715 }
716 elseif (!$ds = @ldap_connect (validate($uri)))
717 {
718 $fault =true;
719 // Output the Error
720 if($withoutput)
721 {
722 print_red (_("Can't connect to the specified LDAP server! Please make sure that is reachable for GOsa."));
723 $smarty->assign ("uri", validate($uri));
724 $smarty->assign ("content", get_template_path('setup_step3.tpl'));
725 }
726 }
727 else
728 {
729 // Try to bind the connection
730 ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
732 // if we can't bind , print error
733 if (!$r = @ldap_bind ($ds))
734 {
735 $fault = true;
736 // Output the Error
737 if($withoutput)
738 {
739 print_red (_("Can't bind to the specified LDAP server! Please make sure that is reachable for GOsa."));
740 $smarty->assign ("content", get_template_path('setup_step3.tpl'));
741 $smarty->assign ("uri", validate($uri));
742 }
743 }
744 else
745 {
746 $fault = false;
747 }
748 }
751 $smarty->assign ("content", get_template_path('setup_step3.tpl'));
754 // Load Header
755 if($withoutput)
756 $smarty->display (get_template_path('headers.tpl'));
758 // Set Errors to Smarty
759 if (isset($_SESSION['errors']))
760 {
761 $smarty->assign("errors", $_SESSION['errors']);
762 }
764 // Print out Template
765 if($withoutput)
766 $smarty->display (get_template_path('setup.tpl'));
770 return (!$fault);
771 }
775 // Setup page 4
776 // This page asked for detailed info, like base dn or admin user
777 // if evrything is ok , but there's a missing user with ACL :all we show a a user creation page before we show page 5
778 function show_setup_page4($withoutput = true)
779 {
782 require_once("class_password-methods.inc");
784 error_reporting(E_ALL);
789 $fault = false; // If an error occures we set this var to true
790 $smarty = get_smarty(); // Our smarty instance
791 $uri = $_SESSION['ldapconf']['uri']; // This is the the connect path to the ldapserver like ldap://lo..
792 $ldapconf = $_SESSION['ldapconf']; // The ldap Configuration informations, we collected while setup
793 $arr_crypts = array(); // array which includes contains all possible password crypting methods
794 $temp = ""; // Temp
795 $checkvars = array("location","admin","password","peopleou","peopledn","arr_crypts","mail","uidbase");
798 if(!isset($_SESSION['ldapconf']['arr_cryptkeys']))
799 {
800 require_once("class_password-methods.inc");
801 $tmp = passwordMethod::get_available_methods_if_not_loaded();
802 $_SESSION['ldapconf']['arr_cryptkeys']= $tmp['name'];
803 }
807 if(!isset($_SESSION['ldapconf']['mail_methods']))
808 {
809 $_SESSION['ldapconf']['mail_methods']=array();
810 $temp = get_available_mail_classes();
811 $_SESSION['ldapconf']['mail_methods']= $temp['name'];
812 }
817 // If there are some empty vars in ldapconnect
818 // This values also represent out default values
820 # first try to get $base
821 if(!$ds = @ldap_connect (validate($uri)))
822 {
823 $fault = true;
824 if($withoutput)
825 print_red (_("Can't connect to the specified LDAP server! Please make sure that is reachable for GOsa."));
826 }
827 elseif(!@ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3))
828 {
829 $fault = true;
830 if($withoutput)
831 print_red (_("Can't bind to the specified LDAP server!. Please make sure that is reachable for GOsa."));
832 }
833 elseif(! $r = @ldap_bind ($ds))
834 {
835 $fault = true;
836 if($withoutput)
837 print_red (_("Can't bind to the specified LDAP server! Please make sure that is reachable for GOsa."));
838 }
839 else
840 {
841 $sr= @ldap_search ($ds, "", "objectClass=*", array("namingContexts"));
844 $attr= @ldap_get_entries($ds,$sr);
845 if((empty($attr)))
846 {
847 $base= "dc=example,dc=net";
850 if($withoutput)
851 print_red(_("Bind to server successful, but the server seems to be completly empty, please check all informations twice"));
853 }
854 else
855 {
856 $base= $attr[0]['dn'];
857 }
858 }
862 if(!isset($_SESSION['ldapconf']['base'])) $_SESSION['ldapconf']['base'] = $base;
863 if(!isset($_SESSION['ldapconf']['admin'])) $_SESSION['ldapconf']['admin'] = "cn=ldapadmin,".$base;
864 if(!isset($_SESSION['ldapconf']['peopleou'])) $_SESSION['ldapconf']['peopleou'] = "ou=people";
865 if(!isset($_SESSION['ldapconf']['groupou'])) $_SESSION['ldapconf']['groupou'] = "ou=groups";
866 if(!isset($_SESSION['ldapconf']['peopledn'])) $_SESSION['ldapconf']['peopledn'] = "cn";
867 if(!isset($_SESSION['ldapconf']['password'])) $_SESSION['ldapconf']['password'] = "";
868 if(!isset($_SESSION['ldapconf']['location'])) $_SESSION['ldapconf']['location'] = "Example";
869 if(!isset($_SESSION['ldapconf']['uidbase'])) $_SESSION['ldapconf']['uidbase'] = "1000";
870 if(!isset($_SESSION['ldapconf']['mail'])) $_SESSION['ldapconf']['mail'] = 0;
871 $tmp = array_flip($_SESSION['ldapconf']['arr_cryptkeys']);
872 if(!isset($_SESSION['ldapconf']['arr_crypts'])) $_SESSION['ldapconf']['arr_crypts'] = $tmp['md5'];
875 // check Post data
877 if(isset($_POST['check']))
878 {
879 // Check if all needed vars are submitted
880 foreach($checkvars as $key)
881 {
882 if((isset($_POST[$key]))&&($_POST[$key]!=""))
883 {
884 $_SESSION['ldapconf'][$key] = $_POST[$key];
885 }
886 else
887 {
888 if($withoutput)
889 {
890 print_red(sprintf(_("You're missing the required attribute '%s' from this formular. Please complete!"), $key));
891 }
892 $fault = true;
893 }
894 }
896 // check if another base is given ... (ldapadmin...dc=base,dc=de) ..
898 $base = $_SESSION['ldapconf']['admin'];
899 $tmp = array_reverse ( split(",",$base));
900 $base = $tmp[1].",".$tmp[0];
901 $_SESSION['ldapconf']['base'] = $base;
904 }
908 $smarty->assign("arr_cryptkeys",$_SESSION['ldapconf']['arr_cryptkeys']);
909 $smarty->assign("mail_methods", $_SESSION['ldapconf']['mail_methods']);
911 foreach($_SESSION['ldapconf'] as $key => $val)
912 {
913 $smarty->assign($key,$val);
914 }
916 if(isset($_POST['check']))
917 {
918 $ldap= new LDAP($_SESSION['ldapconf']['admin'], $_SESSION['ldapconf']['password'], $_SESSION['ldapconf']['uri']);
920 $m= schema_check($_SESSION['ldapconf']['uri'], $_SESSION['ldapconf']['admin'], $_SESSION['ldapconf']['password']);
921 $_SESSION['classes']= $m;
923 if ($ldap->error != "Success")
924 {
925 if($withoutput)
926 {
927 print_red(sprintf(_("Can't log into LDAP server. Reason was: %s."), $ldap->get_error()));
928 }
929 $fault = true;
930 }
931 }
935 // Set smarty output
936 $smarty->assign ("content", get_template_path('setup_step4.tpl'));
938 $smarty->assign ("peopledns", array("cn", "uid"));
939 if($withoutput)
940 $smarty->display (get_template_path('headers.tpl'));
942 if(isset($_SESSION['errors']))
943 {
944 $smarty->assign("errors", $_SESSION['errors']);
945 }
946 if($withoutput)
947 $smarty->display (get_template_path('setup.tpl'));
950 return (!$fault);
953 }
958 // This page shows your configuration
959 // and wants you to download the gosa.conf ....
960 function show_setup_page5($withoutput=true)
961 {
962 // Get ldapconf
963 $ldapconf= $_SESSION['ldapconf'];
965 // get smarty
966 $smarty = get_smarty();
968 if(isset($_SESSION['classes']))
969 $classes = $_SESSION['classes'];
971 $info= posix_getgrgid(posix_getgid());
972 $smarty->assign ("webgroup", $info['name']);
973 $smarty->assign ("path", CONFIG_DIR);
974 $message = "";
975 $message.="<table class=\"check\">";
976 $m= schema_check($ldapconf['uri'], $ldapconf['admin'], $ldapconf['password'],1);
978 if($withoutput)
979 {
980 $smarty->assign ("schemas", view_schema_check($m));
981 $smarty->assign ("content", get_template_path('setup_finish.tpl'));
982 }
983 // Output templates ....
985 if($withoutput)
986 $smarty->display (get_template_path('headers.tpl'));
988 if (isset($_SESSION['errors']))
989 {
990 $smarty->assign("errors", $_SESSION['errors']);
991 }
992 if($withoutput)
993 $smarty->display (get_template_path('setup.tpl'));
994 return(true);
995 }
1008 // this function is called by setup step 5, in order to create a missinf Administrator
1009 // and or Administrational user
1010 // on success go on with setup_page5
1011 // else show this page aggain
1012 function create_user_for_setup($withoutput=true)
1013 {
1015 error_reporting(E_ALL);
1017 global $samba;
1019 $ldapconf = $_SESSION['ldapconf'];
1020 $smarty = get_smarty();
1024 if(isset($_SESSION['classes']))
1025 $classes= $_SESSION['classes'];
1027 // Everything runns perfect ...
1028 // So we do a last test on this page
1029 // is there a user with ACLs :all which will be able to adminsitrate GOsa
1030 // We check that, if this user or group is missing we ask for creating them
1032 $ldap= new LDAP($_SESSION['ldapconf']['admin'], $_SESSION['ldapconf']['password'], $_SESSION['ldapconf']['uri']);
1034 // $ldap= new LDAP($ldapconf['admin'], $ldapconf['password'], $ldapconf['uri']);
1036 // Now we are testing for a group, with the rights :all
1037 $ldap->cd($ldapconf['base']);
1038 $ldap->search("(&(objectClass=gosaObject)(gosaSubtreeACL=:all))");
1040 $group_cnt = $ldap->count();
1041 $data = $ldap->fetch();
1042 $create_user = false;
1044 // We need to create Administrative user and group
1045 // Because theres no Group found
1046 if($group_cnt < 1)
1047 {
1048 // Set var to create user
1049 $create_user = true;
1051 // Output error
1052 if(($withoutput)&&(!isset($_POST['new_admin'])))
1053 print_red(_("You're missing an administrative account for GOsa, you'll not be able to administrate anything!"));
1054 }
1055 else
1056 {
1058 // We found an Administrative Group, is there a user too
1059 if(isset($data['memberUid'][0]))
1060 {
1061 $ldap->search("(&(objectClass=gosaAccount)(objectClass=person))",array("uid=".$data['memberUid'][0]));
1062 $data2 = $ldap->fetch();
1063 $user_cnt = $ldap->count();
1064 }
1066 // We must create a user
1067 if (($ldap->count() < 1)||(!isset($data2)))
1068 {
1069 $create_user = true;
1070 if(($withoutput)&&(!isset($_POST['new_admin'])))
1071 print_red(_("You're missing an administrative account for GOsa, you'll not be able to administrate anything!"));
1072 }
1073 else
1074 {
1075 // We don't need to add a user
1076 return(true);
1077 }
1079 }// if($group_cn)
1081 // We need to create a new user with group
1082 if(isset($_POST['new_admin']))
1083 {
1084 // Is there a running user ?
1085 // Then add additional
1087 if (isset($classes['samba3']))
1088 {
1089 $samba= "2";
1090 $lmPassword = "lmPassword";
1091 $ntPassword = "ntPassword";
1092 } else {
1093 $samba= "3";
1094 $lmPassword = "sambaLMPassword";
1095 $ntPassword = "sambaNtPassword";
1096 }
1099 // Nothing submitted
1100 if(( (empty($_POST['admin_name']))||(empty($_POST['admin_pass'])) )&&(!$create_user))
1101 {
1102 return(true);
1103 }
1105 // We have the order to create on Admin ^^
1106 // Detect Samba version to define the Attribute names shown below
1107 // go to base
1108 $ldap->cd($ldapconf['base']);
1110 // Define the user we are going to create
1111 $dn = "cn=".$_POST['admin_name'].",".$ldapconf['peopleou'].",".$ldapconf['base'];
1114 $arr['objectClass'][0] ="person";
1115 $arr['objectClass'][1] ="organizationalPerson";
1116 $arr['objectClass'][2] ="inetOrgPerson";
1117 $arr['objectClass'][3] ="gosaAccount";
1118 $arr['uid'] = $_POST['admin_name'];
1119 $arr['cn'] = $_POST['admin_name'];
1120 $arr['sn'] = $_POST['admin_name'];
1122 $arr['givenName'] = "GOsa main administrator";
1123 $arr[$lmPassword] = "10974C6EFC0AEE1917306D272A9441BB";
1124 $arr[$ntPassword] = "38F3951141D0F71A039CFA9D1EC06378";
1125 $arr['userPassword'] = crypt_single($_POST['admin_pass'],"md5");
1126 if( ! $ldap->dn_exists ( $dn )) {
1127 $ldap->cd($dn);
1128 $ldap->create_missing_trees($dn);
1129 $ldap->add($arr);
1130 if($ldap->error!="Success") {
1131 print_red("Can't create user, and / or Group, possibly this problem depends on an empty LDAP server. Check your configuration and try again!");
1132 }
1133 }
1135 // theres already a group for administrator, so we only need to add the user
1136 if($group_cnt)
1137 {
1138 if(!isset($data['memberUid']))
1139 {
1140 $arrr['memberUid']= $_POST['admin_name'];
1141 }
1142 else
1143 {
1144 $data['memberUid'][$data['memberUid']['count']]=$_POST['admin_name'];
1145 $arrr['memberUid'] = $data['memberUid'];
1146 unset($arrr['memberUid']['count']);
1147 }
1148 $ldap->cd($data['dn']);
1149 $ldap->modify($arrr);
1150 }
1151 else
1152 {
1153 // there was no group defined, so we must create one
1154 $dn = "cn=administrators,".$ldapconf['groupou'].",".$ldapconf['base'];
1155 $arrr['objectClass'][0] = "gosaObject";
1156 $arrr['objectClass'][1] = "posixGroup";
1157 $arrr['gosaSubtreeACL'] = ":all";
1158 $arrr['cn'] = "administrators";
1159 $arrr['gidNumber'] = "999";
1160 $arrr['memberUid'] = $_POST['admin_name'];
1161 $ldap->cd($dn);
1162 $ldap->add($arrr);
1163 }
1166 // We created the Group and the user, so we can go on with the next setup step
1167 return(true);
1168 }
1169 else
1170 {
1171 if(!($create_user))
1172 {
1173 $smarty->assign ("content", get_template_path('setup_useradmin.tpl'));
1174 $smarty->assign("exists",true);
1175 }
1176 else
1177 {
1178 $smarty->assign ("content", get_template_path('setup_useradmin.tpl'));
1179 $smarty->assign("exists",false);
1180 }
1181 }
1184 // Smarty outout
1186 if($withoutput)
1187 $smarty->display (get_template_path('headers.tpl'));
1189 if (isset($_SESSION['errors']))
1190 {
1191 $smarty->assign("errors", $_SESSION['errors']);
1192 }
1193 if($withoutput)
1194 $smarty->display (get_template_path('setup.tpl'));
1197 return(false);
1198 }
1201 // Returns the classnames auf the mail classes
1202 function get_available_mail_classes()
1203 {
1204 $dir = opendir( "../include");
1205 $methods = array();
1206 $suffix = "class_mail-methods-";
1207 $lensuf = strlen($suffix);
1208 $prefix = ".inc";
1209 $lenpre = strlen($prefix);
1212 $i = 0;
1213 while (($file = readdir($dir)) !== false)
1214 {
1215 if(stristr($file,$suffix))
1216 {
1217 $lenfile = strlen($file);
1218 $methods['name'][$i] = substr($file,$lensuf,($lenfile-$lensuf)-$lenpre);
1219 $methods['file'][$i] = $file;
1220 $methods[$i]['file'] = $file;
1221 $methods[$i]['name'] = substr($file,$lensuf,($lenfile-$lensuf)-$lenpre);
1222 $i++;
1223 }
1224 }
1225 return($methods);
1226 }
1234 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
1235 ?>