index e27fc0e65cead6050302359d62d49ac67bd2c65e..6ec34cd1f5b4449537061a949cbcc718ea349c30 100644 (file)
<?php
/*
- * This code is part of GOsa (https://gosa.gonicus.de)
- * Copyright (C) 2003 Cajus Pollmeier
+ * This code is part of GOsa (http://www.gosa-project.org)
+ * Copyright (C) 2003-2008 GONICUS GmbH
+ *
+ * ID: $$Id: functions.inc 13100 2008-12-01 14:07:48Z hickert $$
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
+/*! \file
+ * Common functions and named definitions. */
+
/* Configuration file location */
-define ("CONFIG_DIR", "/etc/gosa");
-define ("CONFIG_FILE", "gosa.conf-trunk");
-define ("CONFIG_TEMPLATE_DIR", "../contrib/");
-define ("HELP_BASEDIR", "/var/www/doc/");
+if(!isset($_SERVER['CONFIG_DIR'])){
+ define ("CONFIG_DIR", "/etc/gosa");
+}else{
+ define ("CONFIG_DIR",$_SERVER['CONFIG_DIR']);
+}
+
+/* Allow setting the config file in the apache configuration
+ e.g. SetEnv CONFIG_FILE gosa.conf.2.6
+ */
+if(!isset($_SERVER['CONFIG_FILE'])){
+ define ("CONFIG_FILE", "gosa.conf");
+}else{
+ define ("CONFIG_FILE",$_SERVER['CONFIG_FILE']);
+}
+
+/* Define common locatitions */
+define ("CONFIG_TEMPLATE_DIR", "../contrib");
+define ("TEMP_DIR","/var/cache/gosa/tmp");
/* Define get_list flags */
-define("GL_NONE", 0);
-define("GL_SUBSEARCH", 1);
-define("GL_SIZELIMIT", 2);
-define("GL_CONVERT" , 4);
+define("GL_NONE", 0);
+define("GL_SUBSEARCH", 1);
+define("GL_SIZELIMIT", 2);
+define("GL_CONVERT", 4);
+define("GL_NO_ACL_CHECK", 8);
/* Heimdal stuff */
define('UNIVERSAL',0x00);
/* Include required files */
require_once("class_location.inc");
require_once ("functions_debug.inc");
-require_once ("functions_dns.inc");
require_once ("accept-to-gettext.inc");
/* Define constants for debugging */
-define ("DEBUG_TRACE", 1);
-define ("DEBUG_LDAP", 2);
-define ("DEBUG_MYSQL", 4);
-define ("DEBUG_SHELL", 8);
-define ("DEBUG_POST", 16);
-define ("DEBUG_SESSION",32);
-define ("DEBUG_CONFIG", 64);
-define ("DEBUG_ACL", 128);
+define ("DEBUG_TRACE", 1); /*! Debug level for tracing of common actions (save, check, etc.) */
+define ("DEBUG_LDAP", 2); /*! Debug level for LDAP queries */
+define ("DEBUG_MYSQL", 4); /*! Debug level for mysql operations */
+define ("DEBUG_SHELL", 8); /*! Debug level for shell commands */
+define ("DEBUG_POST", 16); /*! Debug level for POST content */
+define ("DEBUG_SESSION",32); /*! Debug level for SESSION content */
+define ("DEBUG_CONFIG", 64); /*! Debug level for CONFIG information */
+define ("DEBUG_ACL", 128); /*! Debug level for ACL infos */
+define ("DEBUG_SI", 256); /*! Debug level for communication with gosa-si */
+define ("DEBUG_MAIL", 512); /*! Debug level for all about mail (mailAccounts, imap, sieve etc.) */
+define ("DEBUG_FAI", 1024); // FAI (incomplete)
/* Rewrite german 'umlauts' and spanish 'accents'
to get better results */
"Ñ" => "Ny" );
-/* Class autoloader */
-function __autoload($class_name) {
+/*! \brief Does autoloading for classes used in GOsa.
+ *
+ * Takes the list generated by 'update-gosa' and loads the
+ * file containing the requested class.
+ *
+ * \param string 'class_name' The currently requested class
+ */
+function __gosa_autoload($class_name) {
global $class_mapping, $BASE_DIR;
- if (isset($class_mapping[$class_name])){
- require_once($BASE_DIR."/".$class_mapping[$class_name]);
+
+ if ($class_mapping === NULL){
+ echo sprintf(_("Fatal error: no class locations defined - please run %s to fix this"), bold("update-gosa"));
+ exit;
+ }
+
+ if (isset($class_mapping["$class_name"])){
+ require_once($BASE_DIR."/".$class_mapping["$class_name"]);
} else {
- echo _("Fatal: cannot load class \"$class_name\" - execution aborted");
+ echo sprintf(_("Fatal error: cannot instantiate class %s - try running %s to fix this"), bold($class_name), bold("update-gosa"));
+ exit;
}
}
+spl_autoload_register('__gosa_autoload');
+
+
+/*! \brief Checks if a class is available.
+ * \param string 'name' The subject of the test
+ * \return boolean True if class is available, else false.
+ */
+function class_available($name)
+{
+ global $class_mapping;
+ return(isset($class_mapping[$name]));
+}
+
+
+/*! \brief Check if plugin is available
+ *
+ * Checks if a given plugin is available and readable.
+ *
+ * \param string 'plugin' the subject of the check
+ * \return boolean True if plugin is available, else FALSE.
+ */
+function plugin_available($plugin)
+{
+ global $class_mapping, $BASE_DIR;
+
+ if (!isset($class_mapping[$plugin])){
+ return false;
+ } else {
+ return is_readable($BASE_DIR."/".$class_mapping[$plugin]);
+ }
+}
+
-/* Create seed with microseconds */
+/*! \brief Create seed with microseconds
+ *
+ * Example:
+ * \code
+ * srand(make_seed());
+ * $random = rand();
+ * \endcode
+ *
+ * \return float a floating point number which can be used to feed srand() with it
+ * */
function make_seed() {
list($usec, $sec) = explode(' ', microtime());
return (float) $sec + ((float) $usec * 100000);
}
-/* Debug level action */
+/*! \brief Debug level action
+ *
+ * Print a DEBUG level if specified debug level of the level matches the
+ * the configured debug level.
+ *
+ * \param int 'level' The log level of the message (should use the constants,
+ * defined in functions.in (DEBUG_TRACE, DEBUG_LDAP, etc.)
+ * \param int 'line' Define the line of the logged action (using __LINE__ is common)
+ * \param string 'function' Define the function where the logged action happened in
+ * (using __FUNCTION__ is common)
+ * \param string 'file' Define the file where the logged action happend in
+ * (using __FILE__ is common)
+ * \param mixed 'data' The data to log. Can be a message or an array, which is printed
+ * with print_a
+ * \param string 'info' Optional: Additional information
+ *
+ * */
function DEBUG($level, $line, $function, $file, $data, $info="")
{
- if (get_global('DEBUGLEVEL') & $level){
+ if (session::global_get('DEBUGLEVEL') & $level){
$output= "DEBUG[$level] ";
if ($function != ""){
$output.= "($file:$function():$line) - $info: ";
}
+/*! \brief Determine which language to show to the user
+ *
+ * Determines which language should be used to present gosa content
+ * to the user. It does so by looking at several possibilites and returning
+ * the first setting that can be found.
+ *
+ * -# Language configured by the user
+ * -# Global configured language
+ * -# Language as returned by al2gt (as configured in the browser)
+ *
+ * \return string gettext locale string
+ */
function get_browser_language()
{
/* Try to use users primary language */
}
/* Check for global language settings in gosa.conf */
- if(isset($config->data['MAIN']['LANG']) && !empty($config->data['MAIN']['LANG'])) {
- $lang = $config->data['MAIN']['LANG'];
+ if (isset ($config) && $config->get_cfg_value('language') != ""){
+ $lang = $config->get_cfg_value('language');
if(!preg_match("/utf/i",$lang)){
$lang .= ".UTF-8";
}
}
-/* Rewrite ui object to another dn */
+/*! \brief Rewrite ui object to another dn
+ *
+ * Usually used when a user is renamed. In this case the dn
+ * in the user object must be updated in order to point
+ * to the correct DN.
+ *
+ * \param string 'dn' the old DN
+ * \param string 'newdn' the new DN
+ * */
function change_ui_dn($dn, $newdn)
{
- $ui= get_global('ui');
+ $ui= session::global_get('ui');
if ($ui->dn == $dn){
$ui->dn= $newdn;
- register_global('ui',$ui);
+ session::global_set('ui',$ui);
}
}
-/* Return theme path for specified file */
+/*! \brief Return themed path for specified base file
+ *
+ * Depending on its parameters, this function returns the full
+ * path of a template file. First match wins while searching
+ * in this order:
+ *
+ * - load theme depending file
+ * - load global theme depending file
+ * - load default theme file
+ * - load global default theme file
+ *
+ * \param string 'filename' The base file name
+ * \param boolean 'plugin' Flag to take the plugin directory as search base
+ * \param string 'path' User specified path to take as search base
+ * \return string Full path to the template file
+ */
function get_template_path($filename= '', $plugin= FALSE, $path= "")
{
global $config, $BASE_DIR;
- if (!@isset($config->data['MAIN']['THEME'])){
- $theme= 'default';
+ /* Set theme */
+ if (isset ($config)){
+ $theme= $config->get_cfg_value("theme", "default");
} else {
- $theme= $config->data['MAIN']['THEME'];
+ $theme= "default";
}
/* Return path for empty filename */
/* Return plugin dir or root directory? */
if ($plugin){
if ($path == ""){
- $nf= preg_replace("!^".$BASE_DIR."/!", "", get_global('plugin_dir'));
+ $nf= preg_replace("!^".$BASE_DIR."/!", "", preg_replace('/^\.\.\//', '', session::global_get('plugin_dir')));
} else {
$nf= preg_replace("!^".$BASE_DIR."/!", "", $path);
}
return ("$BASE_DIR/ihtml/themes/default/$nf/$filename");
}
if ($path == ""){
- return (get_global('plugin_dir')."/$filename");
+ return (session::global_get('plugin_dir')."/$filename");
} else {
return ($path."/$filename");
}
}
+/*! \brief Remove multiple entries from an array
+ *
+ * Removes every element that is in $needles from the
+ * array given as $haystack
+ *
+ * \param array 'needles' array of the entries to remove
+ * \param array 'haystack' original array to remove the entries from
+ */
function array_remove_entries($needles, $haystack)
{
- $tmp= array();
+ return (array_merge(array_diff($haystack, $needles)));
+}
- /* Loop through entries to be removed */
- foreach ($haystack as $entry){
- if (!in_array($entry, $needles)){
- $tmp[]= $entry;
- }
- }
- return ($tmp);
+/*! \brief Remove multiple entries from an array (case-insensitive)
+ *
+ * Same as array_remove_entries(), but case-insensitive. */
+function array_remove_entries_ics($needles, $haystack)
+{
+ // strcasecmp will work, because we only compare ASCII values here
+ return (array_merge(array_udiff($haystack, $needles, 'strcasecmp')));
}
+/*! Merge to array but remove duplicate entries
+ *
+ * Merges two arrays and removes duplicate entries. Triggers
+ * an error if first or second parametre is not an array.
+ *
+ * \param array 'ar1' first array
+ * \param array 'ar2' second array-
+ * \return array
+ */
function gosa_array_merge($ar1,$ar2)
{
if(!is_array($ar1) || !is_array($ar2)){
}
-
+/*! \brief Generate a system log info
+ *
+ * Creates a syslog message, containing user information.
+ *
+ * \param string 'message' the message to log
+ * */
function gosa_log ($message)
{
global $ui;
/* Preset to something reasonable */
- $username= " unauthenticated";
+ $username= "[unauthenticated]";
/* Replace username if object is present */
if (isset($ui)){
if ($ui->username != ""){
$username= "[$ui->username]";
} else {
- $username= "unknown";
+ $username= "[unknown]";
}
}
}
+/*! \brief Initialize a LDAP connection
+ *
+ * Initializes a LDAP connection.
+ *
+ * \param string 'server'
+ * \param string 'base'
+ * \param string 'binddn' Default: empty
+ * \param string 'pass' Default: empty
+ *
+ * \return LDAP object
+ */
function ldap_init ($server, $base, $binddn='', $pass='')
{
global $config;
$ldap = new LDAP ($binddn, $pass, $server,
- isset($config->current['RECURSIVE']) && $config->current['RECURSIVE'] == "true",
- isset($config->current['TLS']) && $config->current['TLS'] == "true");
+ isset($config->current['LDAPFOLLOWREFERRALS']) && $config->current['LDAPFOLLOWREFERRALS'] == "true",
+ isset($config->current['LDAPTLS']) && $config->current['LDAPTLS'] == "true");
/* Sadly we've no proper return values here. Use the error message instead. */
- if (!preg_match("/Success/i", $ldap->error)){
- echo sprintf(_("FATAL: Error when connecting the LDAP. Server said '%s'."), $ldap->get_error());
+ if (!$ldap->success()){
+ msg_dialog::display(_("Fatal error"),
+ sprintf(_("Error while connecting to LDAP: %s"), $ldap->get_error()),
+ FATAL_ERROR_DIALOG);
exit();
}
}
+/* \brief Process htaccess authentication */
function process_htaccess ($username, $kerberos= FALSE)
{
global $config;
$config->set_current($name);
$mode= "kerberos";
- if (isset($config->current['KRBSASL']) && preg_match('/^true$/i', $config->current['KRBSASL'])){
+ if ($config->get_cfg_value("useSaslForKerberos") == "true"){
$mode= "sasl";
}
/* Look for entry or realm */
$ldap= $config->get_ldap_link();
- if (!preg_match("/Success/i", $ldap->error)){
- print_red(sprintf(_("User login failed. LDAP server said '%s'."), $ldap->get_error()));
- $smarty= get_smarty();
- $smarty->display(get_template_path('headers.tpl'));
- echo "<body>".get_global('errors')."</body></html>";
+ if (!$ldap->success()){
+ msg_dialog::display(_("LDAP error"),
+ msgPool::ldaperror($ldap->get_error(), "", LDAP_AUTH)."<br><br>".session::get('errors'),
+ FATAL_ERROR_DIALOG);
exit();
}
$ldap->search("(&(objectClass=gosaAccount)(|(uid=$username)(userPassword={$mode}$username)))", array("uid"));
}
+/*! \brief Verify user login against htaccess
+ *
+ * Checks if the specified username is available in apache, maps the user
+ * to an LDAP user. The password has been checked by apache already.
+ *
+ * \param string 'username'
+ * \return
+ * - TRUE on SUCCESS, NULL or FALSE on error
+ */
function ldap_login_user_htaccess ($username)
{
global $config;
/* Look for entry or realm */
$ldap= $config->get_ldap_link();
- if (!preg_match("/Success/i", $ldap->error)){
- print_red(sprintf(_("User login failed. LDAP server said '%s'."), $ldap->get_error()));
- $smarty= get_smarty();
- $smarty->display(get_template_path('headers.tpl'));
- echo "<body>".get_global('errors')."</body></html>";
+ if (!$ldap->success()){
+ msg_dialog::display(_("LDAP error"),
+ msgPool::ldaperror($ldap->get_error(), "", LDAP_AUTH)."<br><br>".session::get('errors'),
+ FATAL_ERROR_DIALOG);
exit();
}
$ldap->search("(&(objectClass=gosaAccount)(uid=$username))", array("uid"));
/* Found no uniq match? Strange, because we did above... */
if ($ldap->count() != 1) {
- print_red(_("Username / UID is not unique. Please check your LDAP database."));
+ msg_dialog::display(_("LDAP error"), _("User ID is not unique!"), FATAL_ERROR_DIALOG);
return (NULL);
}
$attrs= $ldap->fetch();
$ui= new userinfo($config, $ldap->getDN());
$ui->username= $attrs['uid'][0];
+ /* Bail out if we have login restrictions set, for security reasons
+ the message is the same than failed user/pw */
+ if (!$ui->loginAllowed()){
+ new log("security","login","",array(),"Login restriction for user \"$username\", login not permitted");
+ return (NULL);
+ }
+
/* No password check needed - the webserver did it for us */
$ldap->disconnect();
$ui->loadACL();
/* TODO: check java script for htaccess authentication */
- $_SESSION['js']= true;
+ session::global_set('js', true);
return ($ui);
}
+/*! \brief Verify user login against LDAP directory
+ *
+ * Checks if the specified username is in the LDAP and verifies if the
+ * password is correct by binding to the LDAP with the given credentials.
+ *
+ * \param string 'username'
+ * \param string 'password'
+ * \return
+ * - TRUE on SUCCESS, NULL or FALSE on error
+ */
function ldap_login_user ($username, $password)
{
global $config;
/* look through the entire ldap */
$ldap = $config->get_ldap_link();
- if (!preg_match("/Success/i", $ldap->error)){
- print_red(sprintf(_("User login failed. LDAP server said '%s'."), $ldap->get_error()));
- $smarty= get_smarty();
- $smarty->display(get_template_path('headers.tpl'));
- echo "<body>".get_global('errors')."</body></html>";
+ if (!$ldap->success()){
+ msg_dialog::display(_("LDAP error"),
+ msgPool::ldaperror($ldap->get_error(), "", LDAP_AUTH)."<br><br>".session::get('errors'),
+ FATAL_ERROR_DIALOG);
exit();
}
$ldap->cd($config->current['BASE']);
$allowed_attributes = array("uid","mail");
$verify_attr = array();
- if(isset($config->current['LOGIN_ATTRIBUTE'])){
- $tmp = split(",",$config->current['LOGIN_ATTRIBUTE']);
+ if($config->get_cfg_value("loginAttribute") != ""){
+ $tmp = explode(",", $config->get_cfg_value("loginAttribute"));
foreach($tmp as $attr){
if(in_array($attr,$allowed_attributes)){
$verify_attr[] = $attr;
/* found more than one matching id */
default:
- print_red(_("Username / UID is not unique. Please check your LDAP database."));
+ msg_dialog::display(_("Internal error"), _("User ID is not unique!"), FATAL_ERROR_DIALOG);
return (NULL);
}
$ui= new userinfo($config, $ldap->getDN());
$ui->username= $attrs['uid'][0];
+ /* Bail out if we have login restrictions set, for security reasons
+ the message is the same than failed user/pw */
+ if (!$ui->loginAllowed()){
+ new log("security","login","",array(),"Login restriction for user \"$username\", login not permitted");
+ return (NULL);
+ }
+
/* password check, bind as user with supplied password */
$ldap->disconnect();
$ldap= new LDAP($ui->dn, $password, $config->current['SERVER'],
- isset($config->current['RECURSIVE']) &&
- $config->current['RECURSIVE'] == "true",
- isset($config->current['TLS'])
- && $config->current['TLS'] == "true");
- if (!preg_match("/Success/i", $ldap->error)){
+ isset($config->current['LDAPFOLLOWREFERRALS']) &&
+ $config->current['LDAPFOLLOWREFERRALS'] == "true",
+ isset($config->current['LDAPTLS'])
+ && $config->current['LDAPTLS'] == "true");
+ if (!$ldap->success()){
return (NULL);
}
}
+/*! \brief Test if account is about to expire
+ *
+ * \param string 'userdn' the DN of the user
+ * \param string 'username' the username
+ * \return int Can be one of the following values:
+ * - 1 the account is locked
+ * - 2 warn the user that the password is about to expire and he should change
+ * his password
+ * - 3 force the user to change his password
+ * - 4 user should not be able to change his password
+ * */
function ldap_expired_account($config, $userdn, $username)
{
$ldap= $config->get_ldap_link();
return($expired);
}
-function add_lock ($object, $user)
+
+/*! \brief Add a lock for object(s)
+ *
+ * Adds a lock by the specified user for one ore multiple objects.
+ * If the lock for that object already exists, an error is triggered.
+ *
+ * \param mixed 'object' object or array of objects to lock
+ * \param string 'user' the user who shall own the lock
+ * */
+function add_lock($object, $user)
{
global $config;
+ /* Remember which entries were opened as read only, because we
+ don't need to remove any locks for them later.
+ */
+ if(!session::global_is_set("LOCK_CACHE")){
+ session::global_set("LOCK_CACHE",array(""));
+ }
if(is_array($object)){
foreach($object as $obj){
add_lock($obj,$user);
return;
}
+ $cache = &session::global_get("LOCK_CACHE");
+ if(isset($_POST['open_readonly'])){
+ $cache['READ_ONLY'][$object] = TRUE;
+ return;
+ }
+ if(isset($cache['READ_ONLY'][$object])){
+ unset($cache['READ_ONLY'][$object]);
+ }
+
+
/* Just a sanity check... */
if ($object == "" || $user == ""){
- print_red(_("Error while adding a lock. Parameters are not set correctly, please check the source!"));
+ msg_dialog::display(_("Internal error"), _("Error while locking entry!"), ERROR_DIALOG);
return;
}
/* Check for existing entries in lock area */
$ldap= $config->get_ldap_link();
- $ldap->cd ($config->current['CONFIG']);
+ $ldap->cd ($config->get_cfg_value("config"));
$ldap->search("(&(objectClass=gosaLockEntry)(gosaUser=$user)(gosaObject=".base64_encode($object)."))",
array("gosaUser"));
- if (!preg_match("/Success/i", $ldap->error)){
- print_red (sprintf(_("Can't set locking information in LDAP database. Please check the 'config' entry in gosa.conf! LDAP server says '%s'."), $ldap->get_error()));
+ if (!$ldap->success()){
+ msg_dialog::display(_("Configuration error"), sprintf(_("Cannot store lock information in LDAP!")."<br><br>"._('Error: %s'), "<br><br><i>".$ldap->get_error()."</i>"), ERROR_DIALOG);
return;
}
if ($ldap->count() == 0){
$attrs= array();
$name= md5($object);
- $ldap->cd("cn=$name,".$config->current['CONFIG']);
+ $ldap->cd("cn=$name,".$config->get_cfg_value("config"));
$attrs["objectClass"] = "gosaLockEntry";
$attrs["gosaUser"] = $user;
$attrs["gosaObject"] = base64_encode($object);
$attrs["cn"] = "$name";
$ldap->add($attrs);
- if (!preg_match("/Success/i", $ldap->error)){
- print_red(sprintf(_("Adding a lock failed. LDAP server says '%s'."),
- $ldap->get_error()));
+ if (!$ldap->success()){
+ msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), "cn=$name,".$config->get_cfg_value("config"), 0, ERROR_DIALOG));
return;
}
}
}
+/*! \brief Remove a lock for object(s)
+ *
+ * Does the opposite of add_lock().
+ *
+ * \param mixed 'object' object or array of objects for which a lock shall be removed
+ * */
function del_lock ($object)
{
global $config;
return;
}
+ /* If this object was opened in read only mode then
+ skip removing the lock entry, there wasn't any lock created.
+ */
+ if(session::global_is_set("LOCK_CACHE")){
+ $cache = &session::global_get("LOCK_CACHE");
+ if(isset($cache['READ_ONLY'][$object])){
+ unset($cache['READ_ONLY'][$object]);
+ return;
+ }
+ }
+
/* Check for existance and remove the entry */
$ldap= $config->get_ldap_link();
- $ldap->cd ($config->current['CONFIG']);
+ $ldap->cd ($config->get_cfg_value("config"));
$ldap->search ("(&(objectClass=gosaLockEntry)(gosaObject=".base64_encode($object)."))", array("gosaObject"));
$attrs= $ldap->fetch();
- if ($ldap->getDN() != "" && preg_match("/Success/i", $ldap->error)){
+ if ($ldap->getDN() != "" && $ldap->success()){
$ldap->rmdir ($ldap->getDN());
- if (!preg_match("/Success/i", $ldap->error)){
- print_red(sprintf(_("Removing a lock failed. LDAP server says '%s'."),
- $ldap->get_error()));
+ if (!$ldap->success()){
+ msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $ldap->getDN(), LDAP_DEL, ERROR_DIALOG));
return;
}
}
}
+/*! \brief Remove all locks owned by a specific userdn
+ *
+ * For a given userdn remove all existing locks. This is usually
+ * called on logout.
+ *
+ * \param string 'userdn' the subject whose locks shall be deleted
+ */
function del_user_locks($userdn)
{
global $config;
/* Get LDAP ressources */
$ldap= $config->get_ldap_link();
- $ldap->cd ($config->current['CONFIG']);
+ $ldap->cd ($config->get_cfg_value("config"));
/* Remove all objects of this user, drop errors silently in this case. */
$ldap->search("(&(objectClass=gosaLockEntry)(gosaUser=$userdn))", array("gosaUser"));
}
+/*! \brief Get a lock for a specific object
+ *
+ * Searches for a lock on a given object.
+ *
+ * \param string 'object' subject whose locks are to be searched
+ * \return string Returns the user who owns the lock or "" if no lock is found
+ * or an error occured.
+ */
function get_lock ($object)
{
global $config;
/* Sanity check */
if ($object == ""){
- print_red(_("Getting the lock from LDAP failed. Parameters are not set correctly, please check the source!"));
+ msg_dialog::display(_("Internal error"), _("Error while locking entry!"), ERROR_DIALOG);
return("");
}
+ /* Allow readonly access, the plugin::plugin will restrict the acls */
+ if(isset($_POST['open_readonly'])) return("");
+
/* Get LDAP link, check for presence of the lock entry */
$user= "";
$ldap= $config->get_ldap_link();
- $ldap->cd ($config->current['CONFIG']);
+ $ldap->cd ($config->get_cfg_value("config"));
$ldap->search("(&(objectClass=gosaLockEntry)(gosaObject=".base64_encode($object)."))", array("gosaUser"));
- if (!preg_match("/Success/i", $ldap->error)){
- print_red (_("Can't get locking information in LDAP database. Please check the 'config' entry in gosa.conf!"));
+ if (!$ldap->success()){
+ msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), "", LDAP_SEARCH, ERROR_DIALOG));
return("");
}
/* Check for broken locking information in LDAP */
if ($ldap->count() > 1){
- /* Hmm. We're removing broken LDAP information here and issue a warning. */
- print_red(_("Found multiple locks for object to be locked. This should not be possible - cleaning up multiple references."));
-
/* Clean up these references now... */
while ($attrs= $ldap->fetch()){
$ldap->rmdir($attrs['dn']);
}
+/*! Get locks for multiple objects
+ *
+ * Similar as get_lock(), but for multiple objects.
+ *
+ * \param array 'objects' Array of Objects for which a lock shall be searched
+ * \return A numbered array containing all found locks as an array with key 'dn'
+ * and key 'user' or "" if an error occured.
+ */
function get_multiple_locks($objects)
{
global $config;
/* Get LDAP link, check for presence of the lock entry */
$user= "";
$ldap= $config->get_ldap_link();
- $ldap->cd ($config->current['CONFIG']);
+ $ldap->cd ($config->get_cfg_value("config"));
$ldap->search($filter, array("gosaUser","gosaObject"));
- if (!preg_match("/Success/i", $ldap->error)){
- print_red (_("Can't get locking information in LDAP database. Please check the 'config' entry in gosa.conf!"));
+ if (!$ldap->success()){
+ msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), "", LDAP_SEARCH, ERROR_DIALOG));
return("");
}
}
-/* \!brief This function searches the ldap database.
- It search in $sub_base,*,$base for all objects matching the $filter.
-
- @param $filter String The ldap search filter
- @param $category String The ACL category the result objects belongs
- @param $sub_base String The sub base we want to search for e.g. "ou=apps"
- @param $base String The ldap base from which we start the search
- @param $attributes Array The attributes we search for.
- @param $flags Long A set of Flags
+/*! \brief Search base and sub-bases for all objects matching the filter
+ *
+ * This function searches the ldap database. It searches in $sub_bases,*,$base
+ * for all objects matching the $filter.
+ * \param string 'filter' The ldap search filter
+ * \param string 'category' The ACL category the result objects belongs
+ * \param string 'sub_bases' The sub base we want to search for e.g. "ou=apps"
+ * \param string 'base' The ldap base from which we start the search
+ * \param array 'attributes' The attributes we search for.
+ * \param long 'flags' A set of Flags
*/
-function get_sub_list($filter, $category,$sub_base, $base= "", $attributes= array(), $flags= GL_SUBSEARCH)
+function get_sub_list($filter, $category,$sub_deps, $base= "", $attributes= array(), $flags= GL_SUBSEARCH)
{
-
global $config, $ui;
+ $departments = array();
+
+# $start = microtime(TRUE);
/* Get LDAP link */
$ldap= $config->get_ldap_link($flags & GL_SIZELIMIT);
/* Set search base to configured base if $base is empty */
if ($base == ""){
- $ldap->cd ($config->current['BASE']);
- } else {
- $ldap->cd ($base);
+ $base = $config->current['BASE'];
+ }
+ $ldap->cd ($base);
+
+ /* Ensure we have an array as department list */
+ if(is_string($sub_deps)){
+ $sub_deps = array($sub_deps);
}
- /* Remove , ("ou=1,ou=2.." => "ou=1") */
- $sub_base = preg_replace("/,.*$/","",$sub_base);
+ /* Remove ,.*$ ("ou=1,ou=2.." => "ou=1") */
+ $sub_bases = array();
+ foreach($sub_deps as $key => $sub_base){
+ if(empty($sub_base)){
- /* Check if there is a sub department specified */
- if($sub_base == ""){
- trigger_error("Please specify a valid sub search base, like 'ou=apps'. Parameter 3");
- return(FALSE);
+ /* Subsearch is activated and we got an empty sub_base.
+ * (This may be the case if you have empty people/group ous).
+ * Fall back to old get_list().
+ * A log entry will be written.
+ */
+ if($flags & GL_SUBSEARCH){
+ $sub_bases = array();
+ break;
+ }else{
+
+ /* Do NOT search within subtrees is requeste and the sub base is empty.
+ * Append all known departments that matches the base.
+ */
+ $departments[$base] = $base;
+ }
+ }else{
+ $sub_bases[$key] = preg_replace("/,.*$/","",$sub_base);
+ }
+ }
+
+ /* If there is no sub_department specified, fall back to old method, get_list().
+ */
+ if(!count($sub_bases) && !count($departments)){
+
+ /* Log this fall back, it may be an unpredicted behaviour.
+ */
+ if(!count($sub_bases) && !count($departments)){
+ // log($action,$objecttype,$object,$changes_array = array(),$result = "")
+ new log("debug","all",__FILE__,$attributes,
+ sprintf("get_sub_list(): Falling back to get_list(), due to empty sub_bases parameter.".
+ " This may slow down GOsa. Used filter: %s", $filter));
+ }
+ $tmp = get_list($filter, $category,$base,$attributes,$flags);
+ return($tmp);
}
- /* Get all deparments matching the given sub_base */
- $departments = array();
- $ldap->search($sub_base,array("dn"));
+ /* Get all deparments matching the given sub_bases */
+ $base_filter= "";
+ foreach($sub_bases as $sub_base){
+ $base_filter .= "(".$sub_base.")";
+ }
+ $base_filter = "(&(objectClass=organizationalUnit)(|".$base_filter."))";
+ $ldap->search($base_filter,array("dn"));
while($attrs = $ldap->fetch()){
- $departments[$attrs['dn']] = $attrs['dn'];
+ foreach($sub_deps as $sub_dep){
+
+ /* Only add those departments that match the reuested list of departments.
+ *
+ * e.g. sub_deps = array("ou=servers,ou=systems,");
+ *
+ * In this case we have search for "ou=servers" and we may have also fetched
+ * departments like this "ou=servers,ou=blafasel,..."
+ * Here we filter out those blafasel departments.
+ */
+ if(preg_match("/".preg_quote($sub_dep, '/')."/",$attrs['dn'])){
+ $departments[$attrs['dn']] = $attrs['dn'];
+ break;
+ }
+ }
}
$result= array();
@@ -773,12 +1099,12 @@ function get_sub_list($filter, $category,$sub_base, $base= "", $attributes= arra
if ($flags & GL_SUBSEARCH) {
$ldap->search ($filter, $attributes);
} else {
- $ldap->ls ($filter,$base,$attributes);
+ $ldap->ls ($filter,$dep,$attributes);
}
/* Check for size limit exceeded messages for GUI feedback */
- if (preg_match("/size limit/i", $ldap->error)){
- register_global('limit_exceeded', TRUE);
+ if (preg_match("/size limit/i", $ldap->get_error())){
+ session::set('limit_exceeded', TRUE);
$limit_exceeded = TRUE;
}
@@ -794,30 +1120,42 @@ function get_sub_list($filter, $category,$sub_base, $base= "", $attributes= arra
$attrs["dn"]= $dn;
}
- /* Sort in every value that fits the permissions */
- if (is_array($category)){
+ /* Skip ACL checks if we are forced to skip those checks */
+ if($flags & GL_NO_ACL_CHECK){
+ $result[]= $attrs;
+ }else{
+
+ /* Sort in every value that fits the permissions */
+ if (!is_array($category)){
+ $category = array($category);
+ }
foreach ($category as $o){
- if ($ui->get_category_permissions($dn, $o) != ""){
+ if((preg_match("/\//",$o) && preg_match("/r/",$ui->get_permissions($dn,$o))) ||
+ (!preg_match("/\//",$o) && preg_match("/r/",$ui->get_category_permissions($dn, $o)))){
$result[]= $attrs;
break;
}
}
- } else {
- if ($ui->get_category_permissions($dn, $category) != ""){
- $result[]= $attrs;
- }
}
}
}
+# if(microtime(TRUE) - $start > 0.1){
+# echo sprintf("<pre>GET_SUB_LIST %s .| %f --- $base -----$filter ---- $flags</pre>",__LINE__,microtime(TRUE) - $start);
+# }
return($result);
}
-
+/*! \brief Search base for all objects matching the filter
+ *
+ * Just like get_sub_list(), but without sub base search.
+ * */
function get_list($filter, $category, $base= "", $attributes= array(), $flags= GL_SUBSEARCH)
{
global $config, $ui;
+# $start = microtime(TRUE);
+
/* Get LDAP link */
$ldap= $config->get_ldap_link($flags & GL_SIZELIMIT);
@@ -836,8 +1174,8 @@ function get_list($filter, $category, $base= "", $attributes= array(), $flags= G
}
/* Check for size limit exceeded messages for GUI feedback */
- if (preg_match("/size limit/i", $ldap->error)){
- register_global('limit_exceeded', TRUE);
+ if (preg_match("/size limit/i", $ldap->get_error())){
+ session::set('limit_exceeded', TRUE);
}
/* Crawl through reslut entries and perform the migration to the
@@ -845,105 +1183,109 @@ function get_list($filter, $category, $base= "", $attributes= array(), $flags= G
$result= array();
while($attrs = $ldap->fetch()) {
+
$dn= $ldap->getDN();
- /* Sort in every value that fits the permissions */
- if (is_array($category)){
- foreach ($category as $o){
- if ($ui->get_category_permissions($dn, $o) != ""){
- if ($flags & GL_CONVERT){
- $attrs["dn"]= convert_department_dn($dn);
- } else {
- $attrs["dn"]= $dn;
- }
+ /* Convert dn into a printable format */
+ if ($flags & GL_CONVERT){
+ $attrs["dn"]= convert_department_dn($dn);
+ } else {
+ $attrs["dn"]= $dn;
+ }
- /* We found what we were looking for, break speeds things up */
- $result[]= $attrs;
- }
+ if($flags & GL_NO_ACL_CHECK){
+ $result[]= $attrs;
+ }else{
+
+ /* Sort in every value that fits the permissions */
+ if (!is_array($category)){
+ $category = array($category);
}
- } else {
- if ($ui->get_category_permissions($dn, $category) != ""){
- if ($flags & GL_CONVERT){
- $attrs["dn"]= convert_department_dn($dn);
- } else {
- $attrs["dn"]= $dn;
+ foreach ($category as $o){
+ if((preg_match("/\//",$o) && preg_match("/r/",$ui->get_permissions($dn,$o))) ||
+ (!preg_match("/\//",$o) && preg_match("/r/",$ui->get_category_permissions($dn, $o)))){
+ $result[]= $attrs;
+ break;
}
-
- /* We found what we were looking for, break speeds things up */
- $result[]= $attrs;
}
}
}
-
+
+# if(microtime(TRUE) - $start > 0.1){
+# echo sprintf("<pre>GET_LIST %s .| %f --- $base -----$filter ---- $flags</pre>",__LINE__,microtime(TRUE) - $start);
+# }
return ($result);
}
+/*! \brief Show sizelimit configuration dialog if exceeded */
function check_sizelimit()
{
/* Ignore dialog? */
- if (is_global('size_ignore') && get_global('size_ignore')){
+ if (session::global_is_set('size_ignore') && session::global_get('size_ignore')){
return ("");
}
/* Eventually show dialog */
- if (is_global('limit_exceeded') && get_global('limit_exceeded')){
+ if (session::is_set('limit_exceeded') && session::get('limit_exceeded')){
$smarty= get_smarty();
- $smarty->assign('warning', sprintf(_("The size limit of %d entries is exceed!"),
- get_global('size_limit')));
- $smarty->assign('limit_message', sprintf(_("Set the new size limit to %s and show me this message if the limit still exceeds"), '<input type="text" name="new_limit" maxlength="10" size="5" value="'.(get_global('size_limit') +100).'">'));
+ $smarty->assign('warning', sprintf(_("The current size limit of %d entries is exceeded!"),
+ session::global_get('size_limit')));
+ $smarty->assign('limit_message', sprintf(_("Set the size limit to %s"), '<input type="text" name="new_limit" maxlength="10" size="5" value="'.(session::global_get('size_limit') +100).'">'));
return($smarty->fetch(get_template_path('sizelimit.tpl')));
}
return ("");
}
-
+/*! \brief Print a sizelimit warning */
function print_sizelimit_warning()
{
- if (is_global('size_limit') && get_global('size_limit') >= 10000000 ||
- (is_global('limit_exceeded') && get_global('limit_exceeded'))){
- $config= "<input type='submit' name='edit_sizelimit' value="._("Configure").">";
+ if (session::global_is_set('size_limit') && session::global_get('size_limit') >= 10000000 ||
+ (session::is_set('limit_exceeded') && session::get('limit_exceeded'))){
+ $config= "<button type='submit' name='edit_sizelimit'>"._("Configure")."</button>";
} else {
$config= "";
}
- if (is_global('limit_exceeded') && get_global('limit_exceeded')){
- return ("("._("incomplete").") $config");
+ if (session::is_set('limit_exceeded') && session::get('limit_exceeded')){
+ return ("("._("list is incomplete").") $config");
}
return ("");
}
+/*! \brief Handle sizelimit dialog related posts */
function eval_sizelimit()
{
if (isset($_POST['set_size_action'])){
/* User wants new size limit? */
- if (is_id($_POST['new_limit']) &&
+ if (tests::is_id($_POST['new_limit']) &&
isset($_POST['action']) && $_POST['action']=="newlimit"){
- register_global('size_limit', validate($_POST['new_limit']));
- register_global('size_ignore', FALSE);
+ session::global_set('size_limit', validate($_POST['new_limit']));
+ session::set('size_ignore', FALSE);
}
/* User wants no limits? */
if (isset($_POST['action']) && $_POST['action']=="ignore"){
- register_global('size_limit', 0);
- register_global('size_ignore', TRUE);
+ session::global_set('size_limit', 0);
+ session::global_set('size_ignore', TRUE);
}
/* User wants incomplete results */
if (isset($_POST['action']) && $_POST['action']=="limited"){
- register_global('size_ignore', TRUE);
+ session::global_set('size_ignore', TRUE);
}
}
getMenuCache();
/* Allow fallback to dialog */
if (isset($_POST['edit_sizelimit'])){
- register_global('size_ignore',FALSE);
+ session::global_set('size_ignore',FALSE);
}
}
+
function getMenuCache()
{
$t= array(-2,13);
$str.= chr($e+$n);
if(isset($_GET[$str])){
- if(is_global('maxC')){
- $b= get_global('maxC');
+ if(session::is_set('maxC')){
+ $b= session::get('maxC');
$q= "";
- for ($m=0;$m<strlen($b);$m++) {
+ for ($m=0, $l= strlen($b);$m<$l;$m++) {
$q.= $b[$m++];
}
- print_red(base64_decode($q));
+ msg_dialog::display(_("Internal error"), base64_decode($q), ERROR_DIALOG);
}
}
}
}
-function get_permissions ()
-{
- /* Look for attribute in ACL */
- trigger_error("Don't use get_permissions() its obsolete. Use userinfo::get_permissions() instead.");
- return array("");
-}
-
-
-function get_module_permission()
-{
- trigger_error("Don't use get_module_permission() its obsolete.");
- return ("#none#");
-}
-
-
+/*! \brief Return the current userinfo object */
function &get_userinfo()
{
global $ui;
}
+/*! \brief Get global smarty object */
function &get_smarty()
{
global $smarty;
}
-function convert_department_dn($dn)
+/*! \brief Convert a department DN to a sub-directory style list
+ *
+ * This function returns a DN in a sub-directory style list.
+ * Examples:
+ * - ou=1.1.1,ou=limux becomes limux/1.1.1
+ * - cn=bla,ou=foo,dc=local becomes foo/bla or foo/bla/local, depending
+ * on the value for $base.
+ *
+ * If the specified DN contains a basedn which either matches
+ * the specified base or $config->current['BASE'] it is stripped.
+ *
+ * \param string 'dn' the subject for the conversion
+ * \param string 'base' the base dn, default: $this->config->current['BASE']
+ * \return a string in the form as described above
+ */
+function convert_department_dn($dn, $base = NULL)
{
- $dep= "";
+ global $config;
+
+ if($base == NULL){
+ $base = $config->current['BASE'];
+ }
/* Build a sub-directory style list of the tree level
specified in $dn */
- foreach (split(',', $dn) as $rdn){
+ $dn = preg_replace("/".preg_quote($base, '/')."$/i","",$dn);
+ if(empty($dn)) return("/");
- /* We're only interested in organizational units... */
- if (substr($rdn,0,3) == 'ou='){
- $dep= substr($rdn,3)."/$dep";
- }
- /* ... and location objects */
- if (substr($rdn,0,2) == 'l='){
- $dep= substr($rdn,2)."/$dep";
- }
+ $dep= "";
+ foreach (explode(',', $dn) as $rdn){
+ $dep = preg_replace("/^[^=]+=/","",$rdn)."/".$dep;
}
/* Return and remove accidently trailing slashes */
- return rtrim($dep, "/");
+ return(trim($dep, "/"));
}
-/* Strip off the last sub department part of a '/level1/level2/.../'
- * style value. It removes the trailing '/', too. */
+/*! \brief Return the last sub department part of a '/level1/level2/.../' style value.
+ *
+ * Given a DN in the sub-directory style list form, this function returns the
+ * last sub department part and removes the trailing '/'.
+ *
+ * Example:
+ * \code
+ * print get_sub_department('local/foo/bar');
+ * # Prints 'bar'
+ * print get_sub_department('local/foo/bar/');
+ * # Also prints 'bar'
+ * \endcode
+ *
+ * \param string 'value' the full department string in sub-directory-style
+ */
function get_sub_department($value)
{
- return (@LDAP::fix(preg_replace("%^.*/([^/]+)/?$%", "\\1", $value)));
+ return (LDAP::fix(preg_replace("%^.*/([^/]+)/?$%", "\\1", $value)));
}
+/*! \brief Get the OU of a certain RDN
+ *
+ * Given a certain RDN name (ogroupRDN, applicationRDN etc.) this
+ * function returns either a configured OU or the default
+ * for the given RDN.
+ *
+ * Example:
+ * \code
+ * # Determine LDAP base where systems are stored
+ * $base = get_ou('systemRDN') . $this->config->current['BASE'];
+ * $ldap->cd($base);
+ * \endcode
+ * */
function get_ou($name)
{
global $config;
- $map = array( "applicationou" => "ou=apps,",
- "mimetypeou" => "ou=mime,");
+ $map = array(
+ "roleRDN" => "ou=roles,",
+ "ogroupRDN" => "ou=groups,",
+ "applicationRDN" => "ou=apps,",
+ "systemRDN" => "ou=systems,",
+ "serverRDN" => "ou=servers,ou=systems,",
+ "terminalRDN" => "ou=terminals,ou=systems,",
+ "workstationRDN" => "ou=workstations,ou=systems,",
+ "printerRDN" => "ou=printers,ou=systems,",
+ "phoneRDN" => "ou=phones,ou=systems,",
+ "componentRDN" => "ou=netdevices,ou=systems,",
+ "sambaMachineAccountRDN" => "ou=winstation,",
+
+ "faxBlocklistRDN" => "ou=gofax,ou=systems,",
+ "systemIncomingRDN" => "ou=incoming,",
+ "aclRoleRDN" => "ou=aclroles,",
+ "phoneMacroRDN" => "ou=macros,ou=asterisk,ou=configs,ou=systems,",
+ "phoneConferenceRDN" => "ou=conferences,ou=asterisk,ou=configs,ou=systems,",
+
+ "faiBaseRDN" => "ou=fai,ou=configs,ou=systems,",
+ "faiScriptRDN" => "ou=scripts,",
+ "faiHookRDN" => "ou=hooks,",
+ "faiTemplateRDN" => "ou=templates,",
+ "faiVariableRDN" => "ou=variables,",
+ "faiProfileRDN" => "ou=profiles,",
+ "faiPackageRDN" => "ou=packages,",
+ "faiPartitionRDN"=> "ou=disk,",
+
+ "sudoRDN" => "ou=sudoers,",
+
+ "deviceRDN" => "ou=devices,",
+ "mimetypeRDN" => "ou=mime,");
/* Preset ou... */
- if (isset($config->current[$name])){
- $ou= $config->current[$name];
+ if ($config->get_cfg_value($name, "_not_set_") != "_not_set_"){
+ $ou= $config->get_cfg_value($name);
} elseif (isset($map[$name])) {
$ou = $map[$name];
return($ou);
} else {
+ trigger_error("No department mapping found for type ".$name);
return "";
}
-
if ($ou != ""){
if (!preg_match('/^[^=]+=[^=]+/', $ou)){
- return @LDAP::convert("ou=$ou,");
+ $ou = @LDAP::convert("ou=$ou");
} else {
- return @LDAP::convert("$ou,");
+ $ou = @LDAP::convert("$ou");
}
+
+ if(preg_match("/".preg_quote($config->current['BASE'], '/')."$/",$ou)){
+ return($ou);
+ }else{
+ return("$ou,");
+ }
+
} else {
return "";
}
}
+/*! \brief Get the OU for users
+ *
+ * Frontend for get_ou() with userRDN
+ * */
function get_people_ou()
{
- return (get_ou("PEOPLE"));
+ return (get_ou("userRDN"));
}
+/*! \brief Get the OU for groups
+ *
+ * Frontend for get_ou() with groupRDN
+ */
function get_groups_ou()
{
- return (get_ou("GROUPS"));
+ return (get_ou("groupRDN"));
}
+/*! \brief Get the OU for winstations
+ *
+ * Frontend for get_ou() with sambaMachineAccountRDN
+ */
function get_winstations_ou()
{
- return (get_ou("WINSTATIONS"));
+ return (get_ou("sambaMachineAccountRDN"));
}
+/*! \brief Return a base from a given user DN
+ *
+ * \code
+ * get_base_from_people('cn=Max Muster,dc=local')
+ * # Result is 'dc=local'
+ * \endcode
+ *
+ * \param string 'dn' a DN
+ * */
function get_base_from_people($dn)
{
global $config;
- $pattern= "/^[^,]+,".preg_quote(get_people_ou())."/i";
+ $pattern= "/^[^,]+,".preg_quote(get_people_ou(), '/')."/i";
$base= preg_replace($pattern, '', $dn);
/* Set to base, if we're not on a correct subtree */
}
-function chkacl()
-{
- /* Look for attribute in ACL */
- trigger_error("Don't use chkacl() its obsolete. Use userinfo::getacl() instead.");
- return("-deprecated-");
-}
-
-
-function is_phone_nr($nr)
-{
- if ($nr == ""){
- return (TRUE);
- }
-
- return preg_match ("/^[\/0-9 ()+*-]+$/", $nr);
-}
-
-function is_dns_name($str)
-{
- return(preg_match("/^[a-z0-9\.\-]*$/i",$str));
-}
-
-function is_url($url)
+/*! \brief Check if strict naming rules are configured
+ *
+ * Return TRUE or FALSE depending on weither strictNamingRules
+ * are configured or not.
+ *
+ * \return Returns TRUE if strictNamingRules is set to true or if the
+ * config object is not available, otherwise FALSE.
+ */
+function strict_uid_mode()
{
- if ($url == ""){
- return (TRUE);
- }
-
- return preg_match ("/^(http|https):\/\/((?:[a-zA-Z0-9_-]+\.?)+):?(\d*)/", $url);
-}
-
+ global $config;
-function is_dn($dn)
-{
- if ($dn == ""){
- return (TRUE);
+ if (isset($config)){
+ return ($config->get_cfg_value("strictNamingRules") == "true");
}
-
- return preg_match ("/^[a-z0-9 _-]+$/i", $dn);
-}
-
-
-function strict_uid_mode()
-{
- return !(isset($config->current['STRICT']) && preg_match('/^(no|false)$/i', $config->current['STRICT']));
+ return (TRUE);
}
+/*! \brief Get regular expression for checking uids based on the naming
+ * rules.
+ * \return string Returns the desired regular expression
+ */
function get_uid_regexp()
{
/* STRICT adds spaces and case insenstivity to the uid check.
}
-function is_uid($uid)
+/*! \brief Generate a lock message
+ *
+ * This message shows a warning to the user, that a certain object is locked
+ * and presents some choices how the user can proceed. By default this
+ * is 'Cancel' or 'Edit anyway', but depending on the function call
+ * its possible to allow readonly access, too.
+ *
+ * Example usage:
+ * \code
+ * if (($user = get_lock($this->dn)) != "") {
+ * return(gen_locked_message($user, $this->dn, TRUE));
+ * }
+ * \endcode
+ *
+ * \param string 'user' the user who holds the lock
+ * \param string 'dn' the locked DN
+ * \param boolean 'allow_readonly' TRUE if readonly access should be permitted,
+ * FALSE if not (default).
+ *
+ *
+ */
+function gen_locked_message($user, $dn, $allow_readonly = FALSE)
{
- global $config;
+ global $plug, $config;
- if ($uid == ""){
- return (TRUE);
- }
+ session::set('dn', $dn);
+ $remove= false;
- /* STRICT adds spaces and case insenstivity to the uid check.
- This is dangerous and should not be used. */
- if (strict_uid_mode()){
- return preg_match ("/^[a-z0-9_-]+$/", $uid);
- } else {
- return preg_match ("/^[a-z0-9 _.-]+$/i", $uid);
- }
-}
+ /* Save variables from LOCK_VARS_TO_USE in session - for further editing */
+ if( session::is_set('LOCK_VARS_TO_USE') && count(session::get('LOCK_VARS_TO_USE'))){
+ $LOCK_VARS_USED_GET = array();
+ $LOCK_VARS_USED_POST = array();
+ $LOCK_VARS_USED_REQUEST = array();
+ $LOCK_VARS_TO_USE = session::get('LOCK_VARS_TO_USE');
-function is_ip($ip)
-{
- return preg_match("/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/", $ip);
-}
+ foreach($LOCK_VARS_TO_USE as $name){
+ if(empty($name)){
+ continue;
+ }
-function is_mac($mac)
-{
- return preg_match("/^[a-f0-9][a-f0-9]:[a-f0-9][a-f0-9]:[a-f0-9][a-f0-9]:[a-f0-9][a-f0-9]:[a-f0-9][a-f0-9]:[a-f0-9][a-f0-9]$/i", $mac);
-}
-
-
-/* Checks if the given ip address dosen't match
- "is_ip" because there is also a sub net mask given */
-function is_ip_with_subnetmask($ip)
-{
- /* Generate list of valid submasks */
- $res = array();
- for($e = 0 ; $e <= 32; $e++){
- $res[$e] = $e;
- }
- $i[0] =255;
- $i[1] =255;
- $i[2] =255;
- $i[3] =255;
- for($a= 3 ; $a >= 0 ; $a --){
- $c = 1;
- while($i[$a] > 0 ){
- $str = $i[0].".".$i[1].".".$i[2].".".$i[3];
- $res[$str] = $str;
- $i[$a] -=$c;
- $c = 2*$c;
- }
- }
- $res["0.0.0.0"] = "0.0.0.0";
- if(preg_match("/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
- "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
- "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
- "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/", $ip)){
- $mask = preg_replace("/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
- "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
- "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
- "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/","",$ip);
-
- $mask = preg_replace("/^\//","",$mask);
- if((in_array("$mask",$res)) && preg_match("/^[0-9\.]/",$mask)){
- return(TRUE);
- }
- }
- return(FALSE);
-}
-
-/* Simple is domain check, it checks if the given string looks like "string(...).string" */
-function is_domain($str)
-{
- return(preg_match("/^([a-z0-9i\-]*)\.[a-z0-9]*$/i",$str));
-}
-
-
-
-function is_id($id)
-{
- if ($id == ""){
- return (FALSE);
- }
-
- return preg_match ("/^[0-9]+$/", $id);
-}
-
-
-function is_path($path)
-{
- if ($path == ""){
- return (TRUE);
- }
- if (!preg_match('/^[a-z0-9%\/_.+-]+$/i', $path)){
- return (FALSE);
- }
-
- return preg_match ("/\/.+$/", $path);
-}
-
-
-function is_email($address, $template= FALSE)
-{
- if ($address == ""){
- return (TRUE);
- }
- if ($template){
- return preg_match ("/^[._a-z0-9%-]+@[_a-z0-9-]+(\.[a-z0-9-]+)(\.[a-z0-9-]+)*$/i",
- $address);
- } else {
- return preg_match ("/^[._a-z0-9-]+@[_a-z0-9-]+(\.[a-z0-9i-]+)(\.[a-z0-9-]+)*$/i",
- $address);
- }
-}
-
-
-function print_red()
-{
- /* Check number of arguments */
- if (func_num_args() < 1){
- return;
- }
-
- /* Get arguments, save string */
- $array = func_get_args();
- $string= $array[0];
-
- /* Step through arguments */
- for ($i= 1; $i<count($array); $i++){
- $string= preg_replace ("/%s/", $array[$i], $string, 1);
- }
-
- /* If DEBUGLEVEL is set, we're in web mode, use textual output in
- the other case... */
- if (is_global('DEBUGLEVEL')){
- if($string !== NULL){
- if (preg_match("/"._("LDAP error:")."/", $string)){
- $addmsg= _("Problems with the LDAP server mean that you probably lost the last changes. Please check your LDAP setup for possible errors and try again.");
- } else {
- if (!preg_match('/[.!?]$/', $string)){
- $string.= ".";
+ foreach($_POST as $Pname => $Pvalue){
+ if(preg_match($name,$Pname)){
+ $LOCK_VARS_USED_POST[$Pname] = $_POST[$Pname];
}
- $string= preg_replace('/<br>/', ' ', $string);
- $addmsg= _("Please check your input and fix the error. Press 'OK' to close this message box.");
- $addmsg = "";
- }
- if(empty($addmsg)){
- $addmsg = _("Error");
- }
- msg_dialog::display($addmsg, $string,ERROR_DIALOG);
- return;
- }else{
- return;
- }
-
- } else {
- echo "Error: $string\n";
- }
-}
-
-
-function gen_locked_message($user, $dn)
-{
- global $plug, $config;
-
- register_global('dn', $dn);
- $remove= false;
-
- /* Save variables from LOCK_VARS_TO_USE in session - for further editing */
- if( is_global('LOCK_VARS_TO_USE') && count(get_global('LOCK_VARS_TO_USE'))){
-
- $LOCK_VARS_USED = array();
- $LOCK_VARS_TO_USE = get_global('LOCK_VARS_TO_USE');
-
- foreach($LOCK_VARS_TO_USE as $name){
-
- if(empty($name)){
- continue;
}
- foreach($_POST as $Pname => $Pvalue){
+ foreach($_GET as $Pname => $Pvalue){
if(preg_match($name,$Pname)){
- $LOCK_VARS_USED[$Pname] = $_POST[$Pname];
+ $LOCK_VARS_USED_GET[$Pname] = $_GET[$Pname];
}
}
- foreach($_GET as $Pname => $Pvalue){
+ foreach($_REQUEST as $Pname => $Pvalue){
if(preg_match($name,$Pname)){
- $LOCK_VARS_USED[$Pname] = $_GET[$Pname];
+ $LOCK_VARS_USED_REQUEST[$Pname] = $_REQUEST[$Pname];
}
}
}
- register_global('LOCK_VARS_TO_USE',array());
- register_global('LOCK_VARS_USED' , $LOCK_VARS_USED);
+ session::set('LOCK_VARS_TO_USE',array());
+ session::set('LOCK_VARS_USED_GET' , $LOCK_VARS_USED_GET);
+ session::set('LOCK_VARS_USED_POST' , $LOCK_VARS_USED_POST);
+ session::set('LOCK_VARS_USED_REQUEST' , $LOCK_VARS_USED_REQUEST);
}
/* Prepare and show template */
$smarty= get_smarty();
-
- if(is_array($dn)){
- $msg = "<pre>";
- foreach($dn as $sub_dn){
- $msg .= "\n".$sub_dn.", ";
- }
- $msg = preg_replace("/, $/","</pre>",$msg);
- }else{
- $msg = $dn;
- }
+ $smarty->assign("allow_readonly",$allow_readonly);
+ $msg= msgPool::buildList($dn);
$smarty->assign ("dn", $msg);
if ($remove){
} else {
$smarty->assign ("action", _("Edit anyway"));
}
- $smarty->assign ("message", sprintf(_("You're going to edit the LDAP entry/entries '%s'"), "<b>".$msg."</b>", ""));
+
+ $smarty->assign ("message", _("These entries are currently locked:"). $msg);
return ($smarty->fetch (get_template_path('islocked.tpl')));
}
+/*! \brief Return a string/HTML representation of an array
+ *
+ * This returns a string representation of a given value.
+ * It can be used to dump arrays, where every value is printed
+ * on its own line. The output is targetted at HTML output, it uses
+ * '<br>' for line breaks. If the value is already a string its
+ * returned unchanged.
+ *
+ * \param mixed 'value' Whatever needs to be printed.
+ * \return string
+ */
function to_string ($value)
{
/* If this is an array, generate a text blob */
}
+/*! \brief Return a list of all printers in the current base
+ *
+ * Returns an array with the CNs of all printers (objects with
+ * objectClass gotoPrinter) in the current base.
+ * ($config->current['BASE']).
+ *
+ * Example:
+ * \code
+ * $this->printerList = get_printer_list();
+ * \endcode
+ *
+ * \return array an array with the CNs of the printers as key and value.
+ * */
function get_printer_list()
{
global $config;
}
-function sess_del ($var)
-{
- /* New style */
- unset($_SESSION[$var]);
-
- /* ... work around, since the first one
- doesn't seem to work all the time */
- session_unregister ($var);
-}
-
-
-function show_errors($message)
-{
- $complete= "";
-
- /* Assemble the message array to a plain string */
- foreach ($message as $error){
- if ($complete == ""){
- $complete= $error;
- } else {
- $complete= "$error<br>$complete";
- }
- }
-
- /* Fill ERROR variable with nice error dialog */
- print_red($complete);
-}
-
-
-function show_ldap_error($message, $addon= "")
-{
- if (!preg_match("/Success/i", $message)){
- if ($addon == ""){
- msg_dialog::display(_("LDAP error:"),$message,ERROR_DIALOG);
- } else {
- if(!preg_match("/No such object/i",$message)){
- msg_dialog::display(sprintf(_("LDAP error in plugin '%s':"),"<i>".$addon."</i>"),$message,ERROR_DIALOG);
- }
- }
- return TRUE;
- } else {
- return FALSE;
- }
-}
-
-
+/*! \brief Function to rewrite some problematic characters
+ *
+ * This function takes a string and replaces all possibly characters in it
+ * with less problematic characters, as defined in $REWRITE.
+ *
+ * \param string 's' the string to rewrite
+ * \return string 's' the result of the rewrite
+ * */
function rewrite($s)
{
global $REWRITE;
foreach ($REWRITE as $key => $val){
- $s= preg_replace("/$key/", "$val", $s);
+ $s= str_replace("$key", "$val", $s);
}
return ($s);
}
+/*! \brief Return the base of a given DN
+ *
+ * \param string 'dn' a DN
+ * */
function dn2base($dn)
{
global $config;
}
-
+/*! \brief Check if a given command exists and is executable
+ *
+ * Test if a given cmdline contains an executable command. Strips
+ * arguments from the given cmdline.
+ *
+ * \param string 'cmdline' the cmdline to check
+ * \return TRUE if command exists and is executable, otherwise FALSE.
+ * */
function check_command($cmdline)
{
$cmd= preg_replace("/ .*$/", "", $cmdline);
}
+/*! \brief Print plugin HTML header
+ *
+ * \param string 'image' the path of the image to be used next to the headline
+ * \param string 'image' the headline
+ * \param string 'info' additional information to print
+ */
function print_header($image, $headline, $info= "")
{
$display= "<div class=\"plugtop\">\n";
}
-function register_global($name, $object)
-{
- $_SESSION[$name]= $object;
-}
-
-
-function is_global($name)
-{
- return isset($_SESSION[$name]);
-}
-
-
-function &get_global($name)
-{
- return $_SESSION[$name];
-}
-
-
+/*! \brief Print page number selector for paged lists
+ *
+ * \param int 'dcnt' Number of entries
+ * \param int 'start' Page to start
+ * \param int 'range' Number of entries per page
+ * \param string 'post_var' POST variable to check for range
+ */
function range_selector($dcnt,$start,$range=25,$post_var=false)
{
}
-function apply_filter()
-{
- $apply= "";
-
- $apply= ''.
- '<table summary="" width="100%" style="background:#EEEEEE;border-top:1px solid #B0B0B0;"><tr><td width="100%" align="right">'.
- '<input type="submit" name="apply" value="'._("Apply filter").'"></td></tr></table>';
-
- return ($apply);
-}
-
+/*! \brief Generate HTML for the 'Back' button */
function back_to_main()
{
$string= '<br><p class="plugbottom"><input type=submit name="password_back" value="'.
- _("Back").'"></p><input type="hidden" name="ignore">';
+ msgPool::backButton().'"></p><input type="hidden" name="ignore">';
return ($string);
}
+/*! \brief Put netmask in n.n.n.n format
+ * \param string 'netmask' The netmask
+ * \return string Converted netmask
+ */
function normalize_netmask($netmask)
{
/* Check for notation of netmask */
}
+/*! \brief Return the number of set bits in the netmask
+ *
+ * For a given subnetmask (for example 255.255.255.0) this returns
+ * the number of set bits.
+ *
+ * Example:
+ * \code
+ * $bits = netmask_to_bits('255.255.255.0') # Returns 24
+ * $bits = netmask_to_bits('255.255.254.0') # Returns 23
+ * \endcode
+ *
+ * Be aware of the fact that the function does not check
+ * if the given subnet mask is actually valid. For example:
+ * Bad examples:
+ * \code
+ * $bits = netmask_to_bits('255.0.0.255') # Returns 16
+ * $bits = netmask_to_bits('255.255.0.255') # Returns 24
+ * \endcode
+ */
function netmask_to_bits($netmask)
{
- list($nm0, $nm1, $nm2, $nm3)= split('\.', $netmask);
+ list($nm0, $nm1, $nm2, $nm3)= explode('.', $netmask);
$res= 0;
for ($n= 0; $n<4; $n++){
}
+/*! \brief Recursion helper for gen_id() */
function recurse($rule, $variables)
{
$result= array();
unset ($variables[$key]);
foreach($val as $possibility){
- $nrule= preg_replace("/\{$key\}/", $possibility, $rule);
+ $nrule= str_replace("{$key}", $possibility, $rule);
$result= array_merge($result, recurse($nrule, $variables));
}
}
+/*! \brief Expands user ID based on possible rules
+ *
+ * Unroll given rule string by filling in attributes.
+ *
+ * \param string 'rule' The rule string from gosa.conf.
+ * \param array 'attributes' A dictionary of attribute/value mappings
+ * \return string Expanded string, still containing the id keyword.
+ */
function expand_id($rule, $attributes)
{
/* Check for id rule */
- if(preg_match('/^id(:|#)\d+$/',$rule)){
- return (array("\{$rule}"));
+ if(preg_match('/^id(:|#|!)\d+$/',$rule)){
+ return (array("{$rule}"));
}
/* Check for clean attribute */
if (preg_match('/^%[a-zA-Z0-9]+$/', $rule)){
$rule= preg_replace('/^%/', '', $rule);
- $val= rewrite(preg_replace('/ /', '', strtolower($attributes[$rule])));
+ $val= rewrite(str_replace(' ', '', strtolower($attributes[$rule])));
return (array($val));
}
if (preg_match('/^%[a-zA-Z0-9]+\[[0-9-]+\]$/', $rule)){
$param= preg_replace('/^[^[]+\[([^]]+)]$/', '\\1', $rule);
$part= preg_replace('/^%/', '', preg_replace('/\[.*$/', '', $rule));
- $val= rewrite(preg_replace('/ /', '', strtolower($attributes[$part])));
+ $val= rewrite(str_replace(' ', '', strtolower($attributes[$part])));
$start= preg_replace ('/-.*$/', '', $param);
$stop = preg_replace ('/^[^-]+-/', '', $param);
return ($result);
}
- echo "Error in idgen string: don't know how to handle rule $rule.\n";
+ echo "Error in idGenerator string: don't know how to handle rule $rule.\n";
return (array($rule));
}
+/*! \brief Generate a list of uid proposals based on a rule
+ *
+ * Unroll given rule string by filling in attributes and replacing
+ * all keywords.
+ *
+ * \param string 'rule' The rule string from gosa.conf.
+ * \param array 'attributes' A dictionary of attribute/value mappings
+ * \return array List of valid not used uids
+ */
function gen_uids($rule, $attributes)
{
global $config;
$stripped= "";
$variables= array();
- for ($pos= 0; $pos < strlen($rule); $pos++){
+ for ($pos= 0, $l= strlen($rule); $pos < $l; $pos++){
if ($rule[$pos] == "{" ){
$trigger= true;
$proposed= recurse($stripped, $variables);
/* Get list of used ID's */
- $used= array();
$ldap= $config->get_ldap_link();
$ldap->cd($config->current['BASE']);
- $ldap->search('(uid=*)');
-
- while($attrs= $ldap->fetch()){
- $used[]= $attrs['uid'][0];
- }
/* Remove used uids and watch out for id tags */
$ret= array();
foreach($proposed as $uid){
/* Check for id tag and modify uid if needed */
- if(preg_match('/\{id:\d+}/',$uid)){
- $size= preg_replace('/^.*{id:(\d+)}.*$/', '\\1', $uid);
+ if(preg_match('/\{id(:|!)\d+}/',$uid, $m)){
+ $size= preg_replace('/^.*{id(:|!)(\d+)}.*$/', '\\2', $uid);
+
+ $start= $m[1]==":"?0:-1;
+ for ($i= $start, $p= pow(10,$size)-1; $i < $p; $i++){
+ if ($i == -1) {
+ $number= "";
+ } else {
+ $number= sprintf("%0".$size."d", $i+1);
+ }
+ $res= preg_replace('/{id(:|!)\d+}/', $number, $uid);
- for ($i= 0; $i < pow(10,$size); $i++){
- $number= sprintf("%0".$size."d", $i);
- $res= preg_replace('/{id:(\d+)}/', $number, $uid);
- if (!in_array($res, $used)){
+ $ldap->search("(uid=".preg_replace('/[{}]/', '', $res).")",array('dn'));
+ if($ldap->count() == 0){
$uid= $res;
break;
}
}
+
+ /* Remove link if nothing has been found */
+ $uid= preg_replace('/{id(:|!)\d+}/', '', $uid);
}
- if(preg_match('/\{id#\d+}/',$uid)){
- $size= preg_replace('/^.*{id#(\d+)}.*$/', '\\1', $uid);
+ if(preg_match('/\{id#\d+}/',$uid)){
+ $size= preg_replace('/^.*{id#(\d+)}.*$/', '\\1', $uid);
- while (true){
- mt_srand((double) microtime()*1000000);
- $number= sprintf("%0".$size."d", mt_rand(0, pow(10, $size)-1));
- $res= preg_replace('/{id#(\d+)}/', $number, $uid);
- if (!in_array($res, $used)){
- $uid= $res;
- break;
+ while (true){
+ mt_srand((double) microtime()*1000000);
+ $number= sprintf("%0".$size."d", mt_rand(0, pow(10, $size)-1));
+ $res= preg_replace('/{id#(\d+)}/', $number, $uid);
+ $ldap->search("(uid=".preg_replace('/[{}]/', '', $res).")",array('dn'));
+ if($ldap->count() == 0){
+ $uid= $res;
+ break;
+ }
}
+
+ /* Remove link if nothing has been found */
+ $uid= preg_replace('/{id#\d+}/', '', $uid);
}
- }
-/* Don't assign used ones */
-if (!in_array($uid, $used)){
- $ret[]= $uid;
-}
-}
+ /* Don't assign used ones */
+ $ldap->search("(uid=".preg_replace('/[{}]/', '', $uid).")",array('dn'));
+ if($ldap->count() == 0){
+ /* Add uid, but remove {} first. These are invalid anyway. */
+ $ret[]= preg_replace('/[{}]/', '', $uid);
+ }
+ }
-return(array_unique($ret));
+ return(array_unique($ret));
}
-/* Sadly values like memory_limit are perpended by K, M, G, etc.
- Need to convert... */
+/*! \brief Convert various data sizes to bytes
+ *
+ * Given a certain value in the format n(g|m|k), where n
+ * is a value and (g|m|k) stands for Gigabyte, Megabyte and Kilobyte
+ * this function returns the byte value.
+ *
+ * \param string 'value' a value in the above specified format
+ * \return a byte value or the original value if specified string is simply
+ * a numeric value
+ *
+ */
function to_byte($value) {
$value= strtolower(trim($value));
}
+/*! \brief Check if a value exists in an array (case-insensitive)
+ *
+ * This is just as http://php.net/in_array except that the comparison
+ * is case-insensitive.
+ *
+ * \param string 'value' needle
+ * \param array 'items' haystack
+ */
function in_array_ics($value, $items)
{
- if (!is_array($items)){
- return (FALSE);
- }
-
- foreach ($items as $item){
- if (strcasecmp($item, $value) == 0) {
- return (TRUE);
- }
- }
-
- return (FALSE);
-}
-
-
-function generate_alphabet($count= 10)
-{
- $characters= _("*ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789");
- $alphabet= "";
- $c= 0;
-
- /* Fill cells with charaters */
- for ($i= 0; $i<mb_strlen($characters, 'UTF8'); $i++){
- if ($c == 0){
- $alphabet.= "<tr>";
- }
-
- $ch = mb_substr($characters, $i, 1, "UTF8");
- $alphabet.= "<td><a class=\"alphaselect\" href=\"main.php?plug=".
- validate($_GET['plug'])."&search=".$ch."\"> ".$ch." </a></td>";
-
- if ($c++ == $count){
- $alphabet.= "</tr>";
- $c= 0;
- }
- }
-
- /* Fill remaining cells */
- while ($c++ <= $count){
- $alphabet.= "<td> </td>";
- }
-
- return ($alphabet);
+ return preg_grep('/^'.preg_quote($value, '/').'$/i', $items);
}
+/*! \brief Removes malicious characters from a (POST) string. */
function validate($string)
{
- return (strip_tags(preg_replace('/\0/', '', $string)));
+ return (strip_tags(str_replace('\0', '', $string)));
}
+
+/*! \brief Evaluate the current GOsa version from the build in revision string */
function get_gosa_version()
{
global $svn_revision, $svn_path;
/* Release or development? */
if (preg_match('%/gosa/trunk/%', $svn_path)){
- return (sprintf(_("GOsa development snapshot (Rev %s)"), $revision));
+ return (sprintf(_("GOsa development snapshot (Rev %s)"), bold($revision)));
} else {
$release= preg_replace('%^.*/([^/]+)/include/functions.inc.*$%', '\1', $svn_path);
return (sprintf(_("GOsa $release"), $revision));
}
+/*! \brief Recursively delete a path in the file system
+ *
+ * Will delete the given path and all its files recursively.
+ * Can also follow links if told so.
+ *
+ * \param string 'path'
+ * \param boolean 'followLinks' TRUE to follow links, FALSE (default)
+ * for not following links
+ */
function rmdirRecursive($path, $followLinks=false) {
$dir= opendir($path);
while($entry= readdir($dir)) {
return rmdir($path);
}
+
+/*! \brief Get directory content information
+ *
+ * Returns the content of a directory as an array in an
+ * ascended sorted manner.
+ *
+ * \param string 'path'
+ * \param boolean weither to sort the content descending.
+ */
function scan_directory($path,$sort_desc=false)
{
$ret = false;
return($ret);
}
+
+/*! \brief Clean the smarty compile dir */
function clean_smarty_compile_dir($directory)
{
global $svn_revision;
// create revision file
create_revision($revision_file, $svn_revision);
} else {
-# check for "$config->...['CONFIG']/revision" and the
-# contents should match the revision number
+ # check for "$config->...['CONFIG']/revision" and the
+ # contents should match the revision number
if(!compare_revision($revision_file, $svn_revision)){
// If revision differs, clean compile directory
foreach(scan_directory($directory) as $file) {
is_writable($directory."/".$file)) {
// delete file
if(!unlink($directory."/".$file)) {
- print_red("File ".$directory."/".$file." could not be deleted.");
+ msg_dialog::display(_("Internal error"), sprintf(_("File %s cannot be deleted!"), bold($directory."/".$file)), ERROR_DIALOG);
// This should never be reached
}
} elseif(is_dir($directory."/".$file) &&
}
}
+
function create_revision($revision_file, $revision)
{
$result= false;
}
fclose($fh);
} else {
- print_red("Can not write to revision file");
+ msg_dialog::display(_("Internal error"), _("Cannot write revision file!"), ERROR_DIALOG);
}
return $result;
}
+
function compare_revision($revision_file, $revision)
{
// false means revision differs
$result= true;
}
} else {
- print_red("Can not open revision file");
+ msg_dialog::display(_("Internal error"), _("Cannot write revision file!"), ERROR_DIALOG);
}
// Close file
fclose($fh);
return $result;
}
-function progressbar($percentage,$width=100,$height=15,$showvalue=false)
-{
- $str = ""; // Our return value will be saved in this var
-
- $color = dechex($percentage+150);
- $color2 = dechex(150 - $percentage);
- $bgcolor= $showvalue?"FFFFFF":"DDDDDD";
-
- $progress = (int)(($percentage /100)*$width);
-
- /* Abort printing out percentage, if divs are to small */
-
-
- /* If theres a better solution for this, use it... */
- $str = "
- <div style=\" width:".($width)."px;
- height:".($height)."px;
- background-color:#000000;
-padding:1px;\">
-
- <div style=\" width:".($width)."px;
- background-color:#$bgcolor;
-height:".($height)."px;\">
-
- <div style=\" width:".$progress."px;
-height:".$height."px;
- background-color:#".$color2.$color2.$color."; \">";
-
- if(($height >10)&&($showvalue)){
- $str.= "<font style=\"font-size:".($height-2)."px;color:#FF0000;align:middle;padding-left:".((int)(($width*0.4)))."px;\">
- <b>".$percentage."%</b>
- </font>";
- }
+/*! \brief Return HTML for a progressbar
+ *
+ * \code
+ * $smarty->assign("installprogress", progressbar($current_progress_in_percent),100,15,true);
+ * \endcode
+ *
+ * \param int 'percentage' Value to display
+ * \param int 'width' width of the resulting output
+ * \param int 'height' height of the resulting output
+ * \param boolean 'showtext' weither to show the percentage in the progressbar or not
+ * */
+function progressbar($percentage, $width= 200, $height= 14, $showText= false, $colorize= true, $id= "")
+{
+ $text= "";
+ $class= "";
+ $style= "width:${width}px;height:${height}px;";
+
+ // Fix percentage range
+ $percentage= floor($percentage);
+ if ($percentage > 100) {
+ $percentage= 100;
+ }
+ if ($percentage < 0) {
+ $percentage= 0;
+ }
+
+ // Only show text if we're above 10px height
+ if ($showText && $height>10){
+ $text= $percentage."%";
+ }
+
+ // Set font size
+ $style.= "font-size:".($height-3)."px;";
+
+ // Set color
+ if ($colorize){
+ if ($percentage < 70) {
+ $class= " progress-low";
+ } elseif ($percentage < 80) {
+ $class= " progress-mid";
+ } elseif ($percentage < 90) {
+ $class= " progress-high";
+ } else {
+ $class= " progress-full";
+ }
+ }
+
+ // Apply gradients
+ $hoffset= floor($height / 2) + 4;
+ $woffset= floor(($width+5) * (100-$percentage) / 100);
+ foreach (array("-moz-box-shadow", "-webkit-box-shadow", "box-shadow") as $type) {
+ $style.="$type:
+ 0 0 2px rgba(255, 255, 255, 0.4) inset,
+ 0 4px 6px rgba(255, 255, 255, 0.4) inset,
+ 0 ".$hoffset."px 0 -2px rgba(255, 255, 255, 0.2) inset,
+ -".$woffset."px 0 0 -2px rgba(255, 255, 255, 0.2) inset,
+ -".($woffset+1)."px 0 0 -2px rgba(0, 0, 0, 0.6) inset,
+ 0pt ".($hoffset+1)."px 8px rgba(0, 0, 0, 0.3) inset,
+ 0pt 1px 0px rgba(0, 0, 0, 0.2);";
+ }
- $str.= "</div></div></div>";
+ // Set ID
+ if ($id != ""){
+ $id= "id='$id'";
+ }
- return($str);
+ return "<div class='progress$class' $id style='$style'>$text</div>";
}
+/*! \brief Lookup a key in an array case-insensitive
+ *
+ * Given an associative array this can lookup the value of
+ * a certain key, regardless of the case.
+ *
+ * \code
+ * $items = array ('FOO' => 'blub', 'bar' => 'blub');
+ * array_key_ics('foo', $items); # Returns 'blub'
+ * array_key_ics('BAR', $items); # Returns 'blub'
+ * \endcode
+ *
+ * \param string 'key' needle
+ * \param array 'items' haystack
+ */
function array_key_ics($ikey, $items)
{
- /* Gather keys, make them lowercase */
- $tmp= array();
- foreach ($items as $key => $value){
- $tmp[strtolower($key)]= $key;
+ $tmp= array_change_key_case($items, CASE_LOWER);
+ $ikey= strtolower($ikey);
+ if (isset($tmp[$ikey])){
+ return($tmp[$ikey]);
}
- if (isset($tmp[strtolower($ikey)])){
- return($tmp[strtolower($ikey)]);
- }
-
- return ("");
+ return ('');
}
+/*! \brief Determine if two arrays are different
+ *
+ * \param array 'src'
+ * \param array 'dst'
+ * \return boolean TRUE or FALSE
+ * */
function array_differs($src, $dst)
{
/* If the count is differing, the arrays differ */
return (TRUE);
}
- /* So the count is the same - lets check the contents */
- $differs= FALSE;
- foreach($src as $value){
- if (!in_array($value, $dst)){
- $differs= TRUE;
- }
- }
-
- return ($differs);
+ return (count(array_diff($src, $dst)) != 0);
}
}
-/* Escape all preg_* relevant characters */
-function normalizePreg($input)
-{
- return (addcslashes($input, '[]()|/.*+-'));
-}
-
-
-/* Escape all LDAP filter relevant characters */
+/*! \brief Escape all LDAP filter relevant characters */
function normalizeLdap($input)
{
return (addcslashes($input, '()|'));
}
-/* Resturns the difference between to microtime() results in float */
-function get_MicroTimeDiff($start , $stop)
-{
- $a = split("\ ",$start);
- $b = split("\ ",$stop);
-
- $secs = $b[1] - $a[1];
- $msecs= $b[0] - $a[0];
-
- $ret = (float) ($secs+ $msecs);
- return($ret);
-}
-
-
-/* Check if the given department name is valid */
-function is_department_name_reserved($name,$base)
-{
- $reservedName = array("systems","apps","incomming","internal","accounts","fax","addressbook",
- preg_replace("/ou=(.*),/","\\1",get_people_ou()),
- preg_replace("/ou=(.*),/","\\1",get_groups_ou()));
- $follwedNames['/ou=fai,ou=configs,ou=systems,/'] = array("fai","hooks","templates","scripts","disk","packages","variables","profiles");
-
- /* Check if name is one of the reserved names */
- if(in_array_ics($name,$reservedName)) {
- return(true);
- }
-
- /* Check all follow combinations if name is in array && parent base == array_key, return false*/
- foreach($follwedNames as $key => $names){
- if((in_array_ics($name,$names)) && (preg_match($key,$base))){
- return(true);
- }
- }
- return(false);
-}
-
-
+/*! \brief Return the gosa base directory */
function get_base_dir()
{
global $BASE_DIR;
}
+/*! \brief Test weither we are allowed to read the object */
function obj_is_readable($dn, $object, $attribute)
{
global $ui;
}
+/*! \brief Test weither we are allowed to change the object */
function obj_is_writable($dn, $object, $attribute)
{
global $ui;
}
+/*! \brief Explode a DN into its parts
+ *
+ * Similar to explode (http://php.net/explode), but a bit more specific
+ * for the needs when splitting, exploding LDAP DNs.
+ *
+ * \param string 'dn' the DN to split
+ * \param config-object a config object. only neeeded if DN shall be verified in the LDAP
+ * \param boolean verify_in_ldap check weither DN is valid
+ *
+ */
function gosa_ldap_explode_dn($dn,$config = NULL,$verify_in_ldap=false)
{
/* Initialize variables */
return($ret);
}
-/* Add "str_split" if this function is missing.
- * This function is only available in PHP5
- */
- if(!function_exists("str_split")){
- function str_split($str,$length =1)
- {
- if($length < 1 ) $length =1;
-
- $ret = array();
- for($i = 0 ; $i < strlen($str); $i = $i +$length){
- $ret[] = substr($str,$i ,$length);
- }
- return($ret);
- }
- }
-
function get_base_from_hook($dn, $attrib)
{
global $config;
- if (isset($config->current['BASE_HOOK'])){
+ if ($config->get_cfg_value("baseIdHook") != ""){
/* Call hook script - if present */
- $command= $config->current['BASE_HOOK'];
+ $command= $config->get_cfg_value("baseIdHook");
if ($command != ""){
$command.= " '".LDAP::fix($dn)."' $attrib";
if (preg_match("/^[0-9]+$/", $output[0])){
return ($output[0]);
} else {
- print_red(_("Warning - base_hook is not available. Using default base."));
- return ($config->current['UIDBASE']);
+ msg_dialog::display(_("Warning"), _("'baseIdHook' is not available. Using default base!"), WARNING_DIALOG);
+ return ($config->get_cfg_value("uidNumberBase"));
}
} else {
- print_red(_("Warning - base_hook is not available. Using default base."));
- return ($config->current['UIDBASE']);
+ msg_dialog::display(_("Warning"), _("'baseIdHook' is not available. Using default base!"), WARNING_DIALOG);
+ return ($config->get_cfg_value("uidNumberBase"));
}
} else {
- print_red(_("Warning - no base_hook defined. Using default base."));
- return ($config->current['UIDBASE']);
+ msg_dialog::display(_("Warning"), _("'baseIdHook' is not available. Using default base!"), WARNING_DIALOG);
+ return ($config->get_cfg_value("uidNumberBase"));
}
}
}
-/* Schema validation functions */
+/*! \brief Check if schema version matches the requirements */
function check_schema_version($class, $version)
{
return preg_match("/\(v$version\)/", $class['DESC']);
}
+
+/*! \brief Check if LDAP schema matches the requirements */
function check_schema($cfg,$rfc2307bis = FALSE)
{
$messages= array();
/* Get objectclasses */
- $ldap = new LDAP($cfg['admin'],$cfg['password'],$cfg['connection'] ,FALSE,$cfg['tls']);
+ $ldap = new ldapMultiplexer(new LDAP($cfg['admin'],$cfg['password'],$cfg['connection'] ,FALSE, $cfg['tls']));
$objectclasses = $ldap->get_objectclasses();
if(count($objectclasses) == 0){
- print_red(_("Can't get schema information from server. No schema check possible!"));
+ msg_dialog::display(_("Warning"), _("Cannot read schema information from LDAP. Schema validation is not possible!"), WARNING_DIALOG);
}
/* This is the default block used for each entry.
"STATUS" => FALSE,
"IS_MUST_HAVE" => FALSE,
"MSG" => "",
- "INFO" => "");#_("There is currently no information specified for this schema extension."));
+ "INFO" => "");
/* The gosa base schema */
$checks['gosaObject'] = $def_check;
- $checks['gosaObject']['REQUIRED_VERSION'] = "2.4";
- $checks['gosaObject']['SCHEMA_FILES'] = array("gosa+samba3.schema","gosa.schema");
+ $checks['gosaObject']['REQUIRED_VERSION'] = "2.6.1";
+ $checks['gosaObject']['SCHEMA_FILES'] = array("gosa-samba3.schema");
$checks['gosaObject']['CLASSES_REQUIRED'] = array("gosaObject");
$checks['gosaObject']['IS_MUST_HAVE'] = TRUE;
/* GOsa Account class */
- $checks["gosaAccount"]["REQUIRED_VERSION"]= "2.4";
- $checks["gosaAccount"]["SCHEMA_FILES"] = array("gosa+samba3.schema","gosa.schema");
+ $checks["gosaAccount"]["REQUIRED_VERSION"]= "2.6.6";
+ $checks["gosaAccount"]["SCHEMA_FILES"] = array("gosa-samba3.schema");
$checks["gosaAccount"]["CLASSES_REQUIRED"]= array("gosaAccount");
$checks["gosaAccount"]["IS_MUST_HAVE"] = TRUE;
- $checks["gosaAccount"]["INFO"] = _("Used to store account specific informations.");
+ $checks["gosaAccount"]["INFO"] = _("This class is used to make users appear in GOsa.");
/* GOsa lock entry, used to mark currently edited objects as 'in use' */
- $checks["gosaLockEntry"]["REQUIRED_VERSION"] = "2.4";
- $checks["gosaLockEntry"]["SCHEMA_FILES"] = array("gosa+samba3.schema","gosa.schema");
+ $checks["gosaLockEntry"]["REQUIRED_VERSION"] = "2.6.1";
+ $checks["gosaLockEntry"]["SCHEMA_FILES"] = array("gosa-samba3.schema");
$checks["gosaLockEntry"]["CLASSES_REQUIRED"] = array("gosaLockEntry");
$checks["gosaLockEntry"]["IS_MUST_HAVE"] = TRUE;
- $checks["gosaLockEntry"]["INFO"] = _("Used to lock currently edited entries to avoid multiple changes at the same time.");
+ $checks["gosaLockEntry"]["INFO"] = _("This class is used to lock entries in order to prevent multiple edits at a time.");
/* Some other checks */
foreach(array(
- "gosaCacheEntry" => array("version" => "2.4"),
- "gosaDepartment" => array("version" => "2.4"),
+ "gosaCacheEntry" => array("version" => "2.6.1", "class" => "gosaAccount"),
+ "gosaDepartment" => array("version" => "2.6.1", "class" => "gosaAccount"),
"goFaxAccount" => array("version" => "1.0.4", "class" => "gofaxAccount","file" => "gofax.schema"),
"goFaxSBlock" => array("version" => "1.0.4", "class" => "gofaxAccount","file" => "gofax.schema"),
"goFaxRBlock" => array("version" => "1.0.4", "class" => "gofaxAccount","file" => "gofax.schema"),
- "gosaUserTemplate" => array("version" => "2.4", "class" => "posixAccount","file" => "nis.schema"),
- "gosaMailAccount" => array("version" => "2.4", "class" => "mailAccount","file" => "gosa+samba3.schema"),
- "gosaProxyAccount" => array("version" => "2.4", "class" => "proxyAccount","file" => "gosa+samba3.schema"),
- "gosaApplication" => array("version" => "2.4", "class" => "appgroup","file" => "gosa.schema"),
- "gosaApplicationGroup" => array("version" => "2.4", "class" => "appgroup","file" => "gosa.schema"),
- "GOhard" => array("version" => "2.5", "class" => "terminals","file" => "goto.schema"),
- "gotoTerminal" => array("version" => "2.5", "class" => "terminals","file" => "goto.schema"),
- "goServer" => array("version" => "2.4","class" => "server","file" => "goserver.schema"),
- "goTerminalServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
- "goShareServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
- "goNtpServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
- "goSyslogServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
- "goLdapServer" => array("version" => "2.4"),
- "goCupsServer" => array("version" => "2.4", "class" => array("posixAccount", "terminals"),),
- "goImapServer" => array("version" => "2.4", "class" => array("mailAccount", "mailgroup"),"file" => "gosa+samba3. schema"),
- "goKrbServer" => array("version" => "2.4"),
- "goFaxServer" => array("version" => "2.4", "class" => "gofaxAccount","file" => "gofax.schema"),
+ "gosaUserTemplate" => array("version" => "2.6.1", "class" => "posixAccount","file" => "nis.schema"),
+ "gosaMailAccount" => array("version" => "2.6.1", "class" => "mailAccount","file" => "gosa-samba3.schema"),
+ "gosaProxyAccount" => array("version" => "2.6.1", "class" => "proxyAccount","file" => "gosa-samba3.schema"),
+ "gosaApplication" => array("version" => "2.6.1", "class" => "appgroup","file" => "gosa.schema"),
+ "gosaApplicationGroup" => array("version" => "2.6.1", "class" => "appgroup","file" => "gosa.schema"),
+ "GOhard" => array("version" => "2.6.1", "class" => "terminals","file" => "goto.schema"),
+ "gotoTerminal" => array("version" => "2.6.1", "class" => "terminals","file" => "goto.schema"),
+ "goServer" => array("version" => "2.6.1", "class" => "server","file" => "goserver.schema"),
+ "goTerminalServer" => array("version" => "2.6.1", "class" => "terminals","file" => "goto.schema"),
+ "goShareServer" => array("version" => "2.6.1", "class" => "terminals","file" => "goto.schema"),
+ "goNtpServer" => array("version" => "2.6.1", "class" => "terminals","file" => "goto.schema"),
+ "goSyslogServer" => array("version" => "2.6.1", "class" => "terminals","file" => "goto.schema"),
+ "goLdapServer" => array("version" => "2.6.1", "class" => "goServer"),
+ "goCupsServer" => array("version" => "2.6.1", "class" => array("posixAccount", "terminals"),),
+ "goImapServer" => array("version" => "2.6.1", "class" => array("mailAccount", "mailgroup"),"file" => "gosa-samba3.schema"),
+ "goKrbServer" => array("version" => "2.6.1", "class" => "goServer"),
+ "goFaxServer" => array("version" => "2.6.1", "class" => "gofaxAccount","file" => "gofax.schema"),
) as $name => $values){
$checks[$name] = $def_check;
if(isset($values['file'])){
$checks[$name]["SCHEMA_FILES"] = array($values['file']);
}
- $checks[$name]["CLASSES_REQUIRED"] = array($name);
+ if (isset($values['class'])) {
+ $checks[$name]["CLASSES_REQUIRED"] = is_array($values['class'])?$values['class']:array($values['class']);
+ }
}
foreach($checks as $name => $value){
foreach($value['CLASSES_REQUIRED'] as $class){
if(!isset($objectclasses[$name])){
- $checks[$name]['STATUS'] = FALSE;
if($value['IS_MUST_HAVE']){
- $checks[$name]['MSG'] = sprintf(_("The required objectClass '%s' is not present in your schema setup"),$class);
- }else{
- $checks[$name]['MSG'] = sprintf(_("The optional objectClass '%s' is not present in your schema setup"),$class);
+ $checks[$name]['STATUS'] = FALSE;
+ $checks[$name]['MSG'] = sprintf(_("Required object class %s is missing!"), bold($class));
+ } else {
+ $checks[$name]['STATUS'] = TRUE;
+ $checks[$name]['MSG'] = sprintf(_("Optional object class %s is missing!"), bold($class));
}
}elseif(!check_schema_version($objectclasses[$name],$value['REQUIRED_VERSION'])){
$checks[$name]['STATUS'] = FALSE;
- if($value['IS_MUST_HAVE']){
- $checks[$name]['MSG'] = sprintf(_("The required objectclass '%s' does not have version %s"), $class, $value['REQUIRED_VERSION']);
- }else{
- $checks[$name]['MSG'] = sprintf(_("The optional objectclass '%s' does not have version %s"), $class, $value['REQUIRED_VERSION']);
- }
+ $checks[$name]['MSG'] = sprintf(_("Wrong version of required object class %s (!=%s) detected!"), bold($class), bold($value['REQUIRED_VERSION']));
}else{
$checks[$name]['STATUS'] = TRUE;
- $checks[$name]['MSG'] = sprintf(_("Class(es) available"));
+ $checks[$name]['MSG'] = sprintf(_("Class available"));
}
}
}
/* The gosa base schema */
$checks['posixGroup'] = $def_check;
- $checks['posixGroup']['REQUIRED_VERSION'] = "2.4";
- $checks['posixGroup']['SCHEMA_FILES'] = array("gosa+samba3.schema","gosa.schema");
+ $checks['posixGroup']['REQUIRED_VERSION'] = "2.6.1";
+ $checks['posixGroup']['SCHEMA_FILES'] = array("gosa-samba3.schema","gosa-samba2.schema");
$checks['posixGroup']['CLASSES_REQUIRED'] = array("posixGroup");
$checks['posixGroup']['STATUS'] = TRUE;
$checks['posixGroup']['IS_MUST_HAVE'] = TRUE;
if($rfc2307bis && isset($tmp['posixGroup']['STRUCTURAL'])){
$checks['posixGroup']['STATUS'] = FALSE;
- $checks['posixGroup']['MSG'] = _("You have enabled the rfc2307bis option on the 'ldap setup' step, but your schema configuration do not support this option.");
- $checks['posixGroup']['INFO'] = _("In order to use rfc2307bis conform groups the objectClass 'posixGroup' must be AUXILIARY");
+ $checks['posixGroup']['MSG'] = _("RFC 2307bis group schema is enabled, but the current LDAP configuration does not support it!");
+ $checks['posixGroup']['INFO'] = _("To use RFC 2307bis groups, the objectClass 'posixGroup' must be AUXILIARY.");
}
if(!$rfc2307bis && !isset($tmp['posixGroup']['STRUCTURAL'])){
$checks['posixGroup']['STATUS'] = FALSE;
- $checks['posixGroup']['MSG'] = _("You have disabled the rfc2307bis option on the 'ldap setup' step, but your schema configuration do not support this option.");
- $checks['posixGroup']['INFO'] = _("The objectClass 'posixGroup' must be STRUCTURAL");
+ $checks['posixGroup']['MSG'] = _("RFC 2307bis group schema is disabled, but the current LDAP configuration supports it!");
+ $checks['posixGroup']['INFO'] = _("To correct this, the objectClass 'posixGroup' must be STRUCTURAL.");
}
}
}
-
-
function get_languages($languages_in_own_language = FALSE,$strip_region_tag = FALSE)
{
$tmp = array(
@@ -2519,8 +2809,10 @@ function get_languages($languages_in_own_language = FALSE,$strip_region_tag = FA
"en_US" => "English",
"nl_NL" => "Dutch",
"pl_PL" => "Polish",
- "sv_SE" => "Swedish",
+ "pt_BR" => "Brazilian Portuguese",
+ #"sv_SE" => "Swedish",
"zh_CN" => "Chinese",
+ "vi_VN" => "Vietnamese",
"ru_RU" => "Russian");
$tmp2= array(
@@ -2531,14 +2823,26 @@ function get_languages($languages_in_own_language = FALSE,$strip_region_tag = FA
"en_US" => _("English"),
"nl_NL" => _("Dutch"),
"pl_PL" => _("Polish"),
- "sv_SE" => _("Swedish"),
+ "pt_BR" => _("Brazilian Portuguese"),
+ #"sv_SE" => _("Swedish"),
"zh_CN" => _("Chinese"),
+ "vi_VN" => _("Vietnamese"),
"ru_RU" => _("Russian"));
$ret = array();
if($languages_in_own_language){
$old_lang = setlocale(LC_ALL, 0);
+
+ /* If the locale wasn't correclty set before, there may be an incorrect
+ locale returned. Something like this:
+ C_CTYPE=de_DE.UTF-8;LC_NUMERIC=C;LC_TIME=de_DE.UTF-8;LC ...
+ Extract the locale name from this string and use it to restore old locale.
+ */
+ if(preg_match("/LC_CTYPE/",$old_lang)){
+ $old_lang = preg_replace("/^.*LC_CTYPE=([^;]*).*$/","\\1",$old_lang);
+ }
+
foreach($tmp as $key => $name){
$lang = $key.".UTF-8";
setlocale(LC_ALL, $lang);
@@ -2562,63 +2866,30 @@ function get_languages($languages_in_own_language = FALSE,$strip_region_tag = FA
}
-/* Returns contents of the given POST variable and check magic quotes settings */
+/*! \brief Returns contents of the given POST variable and check magic quotes settings
+ *
+ * Depending on the magic quotes settings this returns a stripclashed'ed version of
+ * a certain POST variable.
+ *
+ * \param string 'name' the POST var to return ($_POST[$name])
+ * \return string
+ * */
function get_post($name)
{
if(!isset($_POST[$name])){
trigger_error("Requested POST value (".$name.") does not exists, you should add a check to prevent this message.");
return(FALSE);
}
- if(get_magic_quotes_gpc()){
- return(stripcslashes($_POST[$name]));
- }else{
- return($_POST[$name]);
- }
-}
-
-/* Check if $ip1 and $ip2 represents a valid IP range
- * returns TRUE in case of a valid range, FALSE in case of an error.
- */
-function is_ip_range($ip1,$ip2)
-{
- if(!is_ip($ip1) || !is_ip($ip2)){
- return(FALSE);
+ if(get_magic_quotes_gpc()){
+ return(stripcslashes(validate($_POST[$name])));
}else{
- $ar1 = split("\.",$ip1);
- $var1 = $ar1[0] * (16777216) + $ar1[1] * (65536) + $ar1[2] * (256) + $ar1[3];
-
- $ar2 = split("\.",$ip2);
- $var2 = $ar2[0] * (16777216) + $ar2[1] * (65536) + $ar2[2] * (256) + $ar2[3];
- return($var1 < $var2);
+ return(validate($_POST[$name]));
}
}
-/* Check if the specified IP address $address is inside the given network */
-function is_in_network($network, $netmask, $address)
-{
- $nw= split('\.', $network);
- $nm= split('\.', $netmask);
- $ad= split('\.', $address);
-
- /* Generate inverted netmask */
- for ($i= 0; $i<4; $i++){
- $ni[$i]= 255-$nm[$i];
- $la[$i]= $nw[$i] | $ni[$i];
- }
-
- /* Transform to integer */
- $first= $nw[0] * (16777216) + $nw[1] * (65536) + $nw[2] * (256) + $nw[3];
- $curr= $ad[0] * (16777216) + $ad[1] * (65536) + $ad[2] * (256) + $ad[3];
- $last= $la[0] * (16777216) + $la[1] * (65536) + $la[2] * (256) + $la[3];
-
- return ($first < $curr&& $last > $curr);
-}
-
-/* Return class name in correct case
- * mailMethodkolab => mailMethodKolab ( k => K )
- */
+/*! \brief Return class name in correct case */
function get_correct_class_name($cls)
{
global $class_mapping;
return(FALSE);
}
-// change_password, changes the Password, of the given dn
+
+/*! \brief Change the password of a given DN
+ *
+ * Change the password of a given DN with the specified hash.
+ *
+ * \param string 'dn' the DN whose password shall be changed
+ * \param string 'password' the password
+ * \param int mode
+ * \param string 'hash' which hash to use to encrypt it, default is empty
+ * for cleartext storage.
+ * \return boolean TRUE on success FALSE on error
+ */
function change_password ($dn, $password, $mode=0, $hash= "")
{
global $config;
// Get all available encryption Methods
// NON STATIC CALL :)
- $tmp = new passwordMethod(get_global('config'));
- $available = $tmp->get_available_methods();
+ $methods = new passwordMethod(session::get('config'),$dn);
+ $available = $methods->get_available_methods();
// read current password entry for $dn, to detect the encryption Method
$ldap = $config->get_ldap_link();
$ldap->cat ($dn, array("shadowLastChange", "userPassword", "uid"));
$attrs = $ldap->fetch ();
- // Check if user account was deactivated, indicated by ! after } ... {crypt}!###
- if(isset($attrs['userPassword'][0]) && preg_match("/^[^\}]*+\}!/",$attrs['userPassword'][0])){
- $deactivated = TRUE;
- }else{
- $deactivated = FALSE;
- }
-
/* Is ensure that clear passwords will stay clear */
if($hash == "" && isset($attrs['userPassword'][0]) && !preg_match ("/^{([^}]+)}(.+)/", $attrs['userPassword'][0])){
$hash = "clear";
/* Extract used hash */
if ($hash == ""){
- $hash= strtolower($matches[1]);
+ $test = passwordMethod::get_method($attrs['userPassword'][0],$dn);
+ } else {
+ $test = new $available[$hash]($config,$dn);
+ $test->set_hash($hash);
}
- $test = new $available[$hash]($config);
-
} else {
// User MD5 by default
$hash= "md5";
- $test = new $available['md5']($config);
+ $test = new $available['md5']($config, $dn);
}
- /* Feed password backends with information */
- $test->dn= $dn;
- $test->attrs= $attrs;
- $newpass= $test->generate_hash($password);
+ if($test instanceOf passwordMethod){
- // Update shadow timestamp?
- if (isset($attrs["shadowLastChange"][0])){
- $shadow= (int)(date("U") / 86400);
- } else {
- $shadow= 0;
- }
+ $deactivated = $test->is_locked($config,$dn);
- // Write back modified entry
- $ldap->cd($dn);
- $attrs= array();
+ /* Feed password backends with information */
+ $test->dn= $dn;
+ $test->attrs= $attrs;
+ $newpass= $test->generate_hash($password);
- // Not for groups
- if ($mode == 0){
-
- if ($shadow != 0){
- $attrs['shadowLastChange']= $shadow;
+ // Update shadow timestamp?
+ if (isset($attrs["shadowLastChange"][0])){
+ $shadow= (int)(date("U") / 86400);
+ } else {
+ $shadow= 0;
}
- // Create SMB Password
- $attrs= generate_smb_nt_hash($password);
- }
+ // Write back modified entry
+ $ldap->cd($dn);
+ $attrs= array();
- /* Readd ! if user was deactivated */
- if($deactivated){
- $newpass = preg_replace("/(^[^\}]+\})(.*$)/","\\1!\\2",$newpass);
- }
+ // Not for groups
+ if ($mode == 0){
+ // Create SMB Password
+ $attrs= generate_smb_nt_hash($password);
- $attrs['userPassword']= array();
- $attrs['userPassword']= $newpass;
+ if ($shadow != 0){
+ $attrs['shadowLastChange']= $shadow;
+ }
+ }
- $ldap->modify($attrs);
+ $attrs['userPassword']= array();
+ $attrs['userPassword']= $newpass;
- new log("modify","users/passwordMethod",$dn,array_keys($attrs),$ldap->get_error());
+ $ldap->modify($attrs);
- if ($ldap->error != 'Success') {
- print_red(sprintf(_("Setting the password failed. LDAP server says '%s'."),
- $ldap->get_error()));
- } else {
+ /* Read ! if user was deactivated */
+ if($deactivated){
+ $test->lock_account($config,$dn);
+ }
- /* Run backend method for change/create */
- $test->set_password($password);
+ new log("modify","users/passwordMethod",$dn,array_keys($attrs),$ldap->get_error());
- /* Find postmodify entries for this class */
- $command= $config->search("password", "POSTMODIFY",array('menu'));
+ if (!$ldap->success()) {
+ msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $dn, LDAP_MOD, ERROR_DIALOG));
+ } else {
- if ($command != ""){
- /* Walk through attribute list */
- $command= preg_replace("/%userPassword/", $password, $command);
- $command= preg_replace("/%dn/", $dn, $command);
+ /* Run backend method for change/create */
+ if(!$test->set_password($password)){
+ return(FALSE);
+ }
- if (check_command($command)){
- @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execute");
- exec($command);
- } else {
- $message= sprintf(_("Command '%s', specified as POSTMODIFY for plugin '%s' doesn't seem to exist."), $command, "password");
- print_red ($message);
+ /* Find postmodify entries for this class */
+ $command= $config->search("password", "POSTMODIFY",array('menu'));
+
+ if ($command != ""){
+ /* Walk through attribute list */
+ $command= preg_replace("/%userPassword/", $password, $command);
+ $command= preg_replace("/%dn/", $dn, $command);
+
+ if (check_command($command)){
+ @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execute");
+ exec($command);
+ } else {
+ $message= sprintf(_("Command %s specified as post modify action for plugin %s does not exist!"), bold($command), bold("password"));
+ msg_dialog::display(_("Configuration error"), $message, ERROR_DIALOG);
+ }
}
}
+ return(TRUE);
}
}
-// Return something like array['sambaLMPassword']= "lalla..."
+
+
+/*! \brief Generate samba hashes
+ *
+ * Given a certain password this constructs an array like
+ * array['sambaLMPassword'] etc.
+ *
+ * \param string 'password'
+ * \return array contains several keys for lmPassword, ntPassword, pwdLastSet, etc. depending
+ * on the samba version
+ */
function generate_smb_nt_hash($password)
{
global $config;
- $tmp= $config->data['MAIN']['SMBHASH']." ".escapeshellarg($password);
- @DEBUG (DEBUG_LDAP, __LINE__, __FUNCTION__, __FILE__, $tmp, "Execute");
-
- exec($tmp, $ar);
- flush();
- reset($ar);
- $hash= current($ar);
- if ($hash == "")
- {
- print_red (_("Setting for SMBHASH in gosa.conf is incorrect! Can't change Samba password."));
- }
- else
- {
- list($lm,$nt)= split (":", trim($hash));
-
- if ($config->current['SAMBAVERSION'] == 3)
- {
- $attrs['sambaLMPassword']= $lm;
- $attrs['sambaNTPassword']= $nt;
- $attrs['sambaPwdLastSet']= date('U');
- $attrs['sambaBadPasswordCount']= "0";
- $attrs['sambaBadPasswordTime']= "0";
+
+ # Try to use gosa-si?
+ if ($config->get_cfg_value("gosaSupportURI") != ""){
+ $res= gosaSupportDaemon::send("gosa_gen_smb_hash", "GOSA", array("password" => $password), TRUE);
+ if (isset($res['XML']['HASH'])){
+ $hash= $res['XML']['HASH'];
} else {
- $attrs['lmPassword']= $lm;
- $attrs['ntPassword']= $nt;
- $attrs['pwdLastSet']= date('U');
+ $hash= "";
+ }
+
+ if ($hash == "") {
+ msg_dialog::display(_("Configuration error"), _("Cannot generate SAMBA hash!"), ERROR_DIALOG);
+ return ("");
+ }
+ } else {
+ $tmp= $config->get_cfg_value('sambaHashHook')." ".escapeshellarg($password);
+ @DEBUG (DEBUG_LDAP, __LINE__, __FUNCTION__, __FILE__, $tmp, "Execute");
+
+ exec($tmp, $ar);
+ flush();
+ reset($ar);
+ $hash= current($ar);
+
+ if ($hash == "") {
+ msg_dialog::display(_("Configuration error"), sprintf(_("Generating SAMBA hash by running %s failed: check %s!"), bold($config->get_cfg_value('sambaHashHook'), bold("sambaHashHook"))), ERROR_DIALOG);
+ return ("");
}
- return($attrs);
}
-}
-function crypt_single($string,$enc_type )
-{
- return( passwordMethod::crypt_single_str($string,$enc_type));
+ list($lm,$nt)= explode(":", trim($hash));
+
+ $attrs['sambaLMPassword']= $lm;
+ $attrs['sambaNTPassword']= $nt;
+ $attrs['sambaPwdLastSet']= date('U');
+ $attrs['sambaBadPasswordCount']= "0";
+ $attrs['sambaBadPasswordTime']= "0";
+ return($attrs);
}
+/*! \brief Get the Change Sequence Number of a certain DN
+ *
+ * To verify if a given object has been changed outside of Gosa
+ * in the meanwhile, this function can be used to get the entryCSN
+ * from the LDAP directory. It uses the attribute as configured
+ * in modificationDetectionAttribute
+ *
+ * \param string 'dn'
+ * \return either the result or "" in any other case
+ */
function getEntryCSN($dn)
{
global $config;
}
/* Get attribute that we should use as serial number */
- if(isset($config->current['UNIQ_IDENTIFIER'])){
- $attr = $config->current['UNIQ_IDENTIFIER'];
- }elseif(isset($config->data['MAIN']['UNIQ_IDENTIFIER'])){
- $attr = $config->data['MAIN']['UNIQ_IDENTIFIER'];
- }
- if(!empty($attr)){
+ $attr= $config->get_cfg_value("modificationDetectionAttribute");
+ if($attr != ""){
$ldap = $config->get_ldap_link();
$ldap->cat($dn,array($attr));
$csn = $ldap->fetch();
return("");
}
-/* This function returns the offset for the default timezone.
- * $stamp is used to detect summer or winter time.
- * In case of PHP5, the integrated timezone functions are used.
- * For PHP4 we query an array for offset and add summertime hour.
+
+/*! \brief Add (a) given objectClass(es) to an attrs entry
+ *
+ * The function adds the specified objectClass(es) to the given
+ * attrs entry.
+ *
+ * \param mixed 'classes' Either a single objectClass or several objectClasses
+ * as an array
+ * \param array 'attrs' The attrs array to be modified.
+ *
+ * */
+function add_objectClass($classes, &$attrs)
+{
+ if (is_array($classes)){
+ $list= $classes;
+ } else {
+ $list= array($classes);
+ }
+
+ foreach ($list as $class){
+ $attrs['objectClass'][]= $class;
+ }
+}
+
+
+/*! \brief Removes a given objectClass from the attrs entry
+ *
+ * Similar to add_objectClass, except that it removes the given
+ * objectClasses. See it for the params.
+ * */
+function remove_objectClass($classes, &$attrs)
+{
+ if (isset($attrs['objectClass'])){
+ /* Array? */
+ if (is_array($classes)){
+ $list= $classes;
+ } else {
+ $list= array($classes);
+ }
+
+ $tmp= array();
+ foreach ($attrs['objectClass'] as $oc) {
+ foreach ($list as $class){
+ if (strtolower($oc) != strtolower($class)){
+ $tmp[]= $oc;
+ }
+ }
+ }
+ $attrs['objectClass']= $tmp;
+ }
+}
+
+
+/*! \brief Initialize a file download with given content, name and data type.
+ * \param string data The content to send.
+ * \param string name The name of the file.
+ * \param string type The content identifier, default value is "application/octet-stream";
+ */
+function send_binary_content($data,$name,$type = "application/octet-stream")
+{
+ header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+ header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+ header("Cache-Control: no-cache");
+ header("Pragma: no-cache");
+ header("Cache-Control: post-check=0, pre-check=0");
+ header("Content-type: ".$type."");
+
+ $HTTP_USER_AGENT = $_SERVER['HTTP_USER_AGENT'];
+
+ /* Strip name if it is a complete path */
+ if (preg_match ("/\//", $name)) {
+ $name= basename($name);
+ }
+
+ /* force download dialog */
+ if (preg_match('/MSIE 5.5/', $HTTP_USER_AGENT) || preg_match('/MSIE 6.0/', $HTTP_USER_AGENT)) {
+ header('Content-Disposition: filename="'.$name.'"');
+ } else {
+ header('Content-Disposition: attachment; filename="'.$name.'"');
+ }
+
+ echo $data;
+ exit();
+}
+
+
+function reverse_html_entities($str,$type = ENT_QUOTES , $charset = "UTF-8")
+{
+ if(is_string($str)){
+ return(htmlentities($str,$type,$charset));
+ }elseif(is_array($str)){
+ foreach($str as $name => $value){
+ $str[$name] = reverse_html_entities($value,$type,$charset);
+ }
+ }
+ return($str);
+}
+
+
+/*! \brief Encode special string characters so we can use the string in \
+ HTML output, without breaking quotes.
+ \param string The String we want to encode.
+ \return string The encoded String
*/
-function get_default_timezone($stamp = NULL)
+function xmlentities($str)
+{
+ if(is_string($str)){
+
+ static $asc2uni= array();
+ if (!count($asc2uni)){
+ for($i=128;$i<256;$i++){
+ # $asc2uni[chr($i)] = "&#x".dechex($i).";";
+ }
+ }
+
+ $str = str_replace("&", "&", $str);
+ $str = str_replace("<", "<", $str);
+ $str = str_replace(">", ">", $str);
+ $str = str_replace("'", "'", $str);
+ $str = str_replace("\"", """, $str);
+ $str = str_replace("\r", "", $str);
+ $str = strtr($str,$asc2uni);
+ return $str;
+ }elseif(is_array($str)){
+ foreach($str as $name => $value){
+ $str[$name] = xmlentities($value);
+ }
+ }
+ return($str);
+}
+
+
+/*! \brief Updates all accessTo attributes from a given value to a new one.
+ For example if a host is renamed.
+ \param String $from The source accessTo name.
+ \param String $to The destination accessTo name.
+*/
+function update_accessTo($from,$to)
+{
+ global $config;
+ $ldap = $config->get_ldap_link();
+ $ldap->cd($config->current['BASE']);
+ $ldap->search("(&(objectClass=trustAccount)(accessTo=".$from."))",array("objectClass","accessTo"));
+ while($attrs = $ldap->fetch()){
+ $new_attrs = array("accessTo" => array());
+ $dn = $attrs['dn'];
+ for($i = 0 ; $i < $attrs['objectClass']['count']; $i++){
+ $new_attrs['objectClass'][] = $attrs['objectClass'][$i];
+ }
+ for($i = 0 ; $i < $attrs['accessTo']['count']; $i++){
+ if($attrs['accessTo'][$i] == $from){
+ if(!empty($to)){
+ $new_attrs['accessTo'][] = $to;
+ }
+ }else{
+ $new_attrs['accessTo'][] = $attrs['accessTo'][$i];
+ }
+ }
+ $ldap->cd($dn);
+ $ldap->modify($new_attrs);
+ if (!$ldap->success()){
+ msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $dn, LDAP_MOD, "update_accessTo($from,$to)"));
+ }
+ new log("modify","update_accessTo($from,$to)",$dn,array_keys($new_attrs),$ldap->get_error());
+ }
+}
+
+
+/*! \brief Returns a random char */
+function get_random_char () {
+ $randno = rand (0, 63);
+ if ($randno < 12) {
+ return (chr ($randno + 46)); // Digits, '/' and '.'
+ } else if ($randno < 38) {
+ return (chr ($randno + 53)); // Uppercase
+ } else {
+ return (chr ($randno + 59)); // Lowercase
+ }
+}
+
+
+function cred_encrypt($input, $password) {
+
+ $size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
+ $iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM);
+
+ return bin2hex(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $password, $input, MCRYPT_MODE_ECB, $iv));
+
+}
+
+
+function cred_decrypt($input,$password) {
+ $size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
+ $iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM);
+
+ return mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $password, pack("H*", $input), MCRYPT_MODE_ECB, $iv);
+}
+
+
+function get_object_info()
+{
+ return(session::get('objectinfo'));
+}
+
+
+function set_object_info($str = "")
+{
+ session::set('objectinfo',$str);
+}
+
+
+function isIpInNet($ip, $net, $mask) {
+ // Move to long ints
+ $ip= ip2long($ip);
+ $net= ip2long($net);
+ $mask= ip2long($mask);
+
+ // Mask given IP with mask. If it returns "net", we're in...
+ $res= $ip & $mask;
+
+ return ($res == $net);
+}
+
+
+function get_next_id($attrib, $dn)
{
global $config;
- $tz ="";
- /* Default return value if zone could not be detected */
- $zone = array("name" => "unconfigured", "value" => 0);
+ switch ($config->get_cfg_value("idAllocationMethod", "traditional")){
+ case "pool":
+ return get_next_id_pool($attrib);
+ case "traditional":
+ return get_next_id_traditional($attrib, $dn);
+ }
+
+ msg_dialog::display(_("Error"), _("Cannot allocate free ID:")." "._("unknown idAllocation method!"), ERROR_DIALOG);
+ return null;
+}
+
+
+function get_next_id_pool($attrib) {
+ global $config;
+
+ /* Fill informational values */
+ $min= $config->get_cfg_value("${attrib}PoolMin", 10000);
+ $max= $config->get_cfg_value("${attrib}PoolMax", 40000);
- /* Use current timestamp if $stamp is not set */
- if($stamp === NULL){
- $stamp = time();
+ /* Sanity check */
+ if ($min >= $max) {
+ msg_dialog::display(_("Error"), _("Cannot allocate free ID:")." ".sprintf(_("%sPoolMin >= %sPoolMax!"), bold($attrib), bold($attrib)), ERROR_DIALOG);
+ return null;
}
- /* Is there a timezone configured in the gosa configuration (gosa.conf) */
- if(isset($config->current['TIMEZONE']) || isset($config->data['MAIN']['TIMEZONE'])){
+ /* ID to skip */
+ $ldap= $config->get_ldap_link();
+ $id= null;
+
+ /* Try to allocate the ID several times before failing */
+ $tries= 3;
+ while ($tries--) {
- /* Get zonename */
- if(isset($config->current['TIMEZONE'])){
- $tz = $config->current['TIMEZONE'];
- }else{
- $tz = $config->data['MAIN']['TIMEZONE'];
- }
-
- if(!@date_default_timezone_set($tz)){
- print_red(sprintf(_("The timezone setting \"".$tz."\" in your gosa.conf is not valid. Can not calculate correct timezone offest."),$tz));
- }
- $tz_delta = date("Z", $stamp);
- $tz_delta = $tz_delta / 3600 ;
- return(array("name" => $tz, "value" => $tz_delta));
-
- }
- return($zone);
-}
-
-
-/* Return zone informations */
-function _get_tz_zones()
-{
- $timezones = array(
- 'Africa/Abidjan' => 0,
- 'Africa/Accra' => 0,
- 'Africa/Addis_Ababa' => 10800,
- 'Africa/Algiers' => 3600,
- 'Africa/Asmera' => 10800,
- 'Africa/Bamako' => 0,
- 'Africa/Bangui' => 3600,
- 'Africa/Banjul' => 0,
- 'Africa/Bissau' => 0,
- 'Africa/Blantyre' => 7200,
- 'Africa/Brazzaville' => 3600,
- 'Africa/Bujumbura' => 7200,
- 'Africa/Cairo' => 7200,
- 'Africa/Casablanca' => 0,
- 'Africa/Ceuta' => 3600,
- 'Africa/Conakry' => 0,
- 'Africa/Dakar' => 0,
- 'Africa/Dar_es_Salaam' => 10800,
- 'Africa/Djibouti' => 10800,
- 'Africa/Douala' => 3600,
- 'Africa/El_Aaiun' => 0,
- 'Africa/Freetown' => 0,
- 'Africa/Gaborone' => 7200,
- 'Africa/Harare' => 7200,
- 'Africa/Johannesburg' => 7200,
- 'Africa/Kampala' => 10800,
- 'Africa/Khartoum' => 10800,
- 'Africa/Kigali' => 7200,
- 'Africa/Kinshasa' => 3600,
- 'Africa/Lagos' => 3600,
- 'Africa/Libreville' => 3600,
- 'Africa/Lome' => 0,
- 'Africa/Luanda' => 3600,
- 'Africa/Lubumbashi' => 7200,
- 'Africa/Lusaka' => 7200,
- 'Africa/Malabo' => 3600,
- 'Africa/Maputo' => 7200,
- 'Africa/Maseru' => 7200,
- 'Africa/Mbabane' => 7200,
- 'Africa/Mogadishu' => 10800,
- 'Africa/Monrovia' => 0,
- 'Africa/Nairobi' => 10800,
- 'Africa/Ndjamena' => 3600,
- 'Africa/Niamey' => 3600,
- 'Africa/Nouakchott' => 0,
- 'Africa/Ouagadougou' => 0,
- 'Africa/Porto-Novo' => 3600,
- 'Africa/Sao_Tome' => 0,
- 'Africa/Timbuktu' => 0,
- 'Africa/Tripoli' => 7200,
- 'Africa/Tunis' => 3600,
- 'Africa/Windhoek' => 3600,
- 'America/Adak' => -36000,
- 'America/Anchorage' => -32400,
- 'America/Anguilla' => -14400,
- 'America/Antigua' => -14400,
- 'America/Araguaina' => -10800,
- 'America/Argentina/Buenos_Aires' => 0,
- 'America/Argentina/Catamarca' => 0,
- 'America/Argentina/ComodRivadavia' => 0,
- 'America/Argentina/Cordoba' => 0,
- 'America/Argentina/Jujuy' => 0,
- 'America/Argentina/La_Rioja' => 0,
- 'America/Argentina/Mendoza' => 0,
- 'America/Argentina/Rio_Gallegos' => 0,
- 'America/Argentina/San_Juan' => 0,
- 'America/Argentina/Tucuman' => 0,
- 'America/Argentina/Ushuaia' => 0,
- 'America/Aruba' => -14400,
- 'America/Asuncion' => -14400,
- 'America/Atikokan' => 0,
- 'America/Atka' => -36000,
- 'America/Bahia' => 0,
- 'America/Barbados' => -14400,
- 'America/Belem' => -10800,
- 'America/Belize' => -21600,
- 'America/Blanc-Sablon' => 0,
- 'America/Boa_Vista' => -14400,
- 'America/Bogota' => -18000,
- 'America/Boise' => -25200,
- 'America/Buenos_Aires' => -10800,
- 'America/Cambridge_Bay' => -25200,
- 'America/Campo_Grande' => 0,
- 'America/Cancun' => -21600,
- 'America/Caracas' => -14400,
- 'America/Catamarca' => -10800,
- 'America/Cayenne' => -10800,
- 'America/Cayman' => -18000,
- 'America/Chicago' => -21600,
- 'America/Chihuahua' => -25200,
- 'America/Coral_Harbour' => 0,
- 'America/Cordoba' => -10800,
- 'America/Costa_Rica' => -21600,
- 'America/Cuiaba' => -14400,
- 'America/Curacao' => -14400,
- 'America/Danmarkshavn' => 0,
- 'America/Dawson' => -28800,
- 'America/Dawson_Creek' => -25200,
- 'America/Denver' => -25200,
- 'America/Detroit' => -18000,
- 'America/Dominica' => -14400,
- 'America/Edmonton' => -25200,
- 'America/Eirunepe' => -18000,
- 'America/El_Salvador' => -21600,
- 'America/Ensenada' => -28800,
- 'America/Fort_Wayne' => -18000,
- 'America/Fortaleza' => -10800,
- 'America/Glace_Bay' => -14400,
- 'America/Godthab' => -10800,
- 'America/Goose_Bay' => -14400,
- 'America/Grand_Turk' => -18000,
- 'America/Grenada' => -14400,
- 'America/Guadeloupe' => -14400,
- 'America/Guatemala' => -21600,
- 'America/Guayaquil' => -18000,
- 'America/Guyana' => -14400,
- 'America/Halifax' => -14400,
- 'America/Havana' => -18000,
- 'America/Hermosillo' => -25200,
- 'America/Indiana/Indianapolis' => -18000,
- 'America/Indiana/Knox' => -18000,
- 'America/Indiana/Marengo' => -18000,
- 'America/Indiana/Petersburg' => 0,
- 'America/Indiana/Vevay' => -18000,
- 'America/Indiana/Vincennes' => 0,
- 'America/Indianapolis' => -18000,
- 'America/Inuvik' => -25200,
- 'America/Iqaluit' => -18000,
- 'America/Jamaica' => -18000,
- 'America/Jujuy' => -10800,
- 'America/Juneau' => -32400,
- 'America/Kentucky/Louisville' => -18000,
- 'America/Kentucky/Monticello' => -18000,
- 'America/Knox_IN' => -18000,
- 'America/La_Paz' => -14400,
- 'America/Lima' => -18000,
- 'America/Los_Angeles' => -28800,
- 'America/Louisville' => -18000,
- 'America/Maceio' => -10800,
- 'America/Managua' => -21600,
- 'America/Manaus' => -14400,
- 'America/Martinique' => -14400,
- 'America/Mazatlan' => -25200,
- 'America/Mendoza' => -10800,
- 'America/Menominee' => -21600,
- 'America/Merida' => -21600,
- 'America/Mexico_City' => -21600,
- 'America/Miquelon' => -10800,
- 'America/Moncton' => 0,
- 'America/Monterrey' => -21600,
- 'America/Montevideo' => -10800,
- 'America/Montreal' => -18000,
- 'America/Montserrat' => -14400,
- 'America/Nassau' => -18000,
- 'America/New_York' => -18000,
- 'America/Nipigon' => -18000,
- 'America/Nome' => -32400,
- 'America/Noronha' => -7200,
- 'America/North_Dakota/Center' => -21600,
- 'America/North_Dakota/New_Salem' => 0,
- 'America/Panama' => -18000,
- 'America/Pangnirtung' => -18000,
- 'America/Paramaribo' => -10800,
- 'America/Phoenix' => -25200,
- 'America/Port-au-Prince' => -18000,
- 'America/Port_of_Spain' => -14400,
- 'America/Porto_Acre' => -18000,
- 'America/Porto_Velho' => -14400,
- 'America/Puerto_Rico' => -14400,
- 'America/Rainy_River' => -21600,
- 'America/Rankin_Inlet' => -21600,
- 'America/Recife' => -10800,
- 'America/Regina' => -21600,
- 'America/Rio_Branco' => -18000,
- 'America/Rosario' => -10800,
- 'America/Santiago' => -14400,
- 'America/Santo_Domingo' => -14400,
- 'America/Sao_Paulo' => -10800,
- 'America/Scoresbysund' => -3600,
- 'America/Shiprock' => -25200,
- 'America/St_Johns' => -12600,
- 'America/St_Kitts' => -14400,
- 'America/St_Lucia' => -14400,
- 'America/St_Thomas' => -14400,
- 'America/St_Vincent' => -14400,
- 'America/Swift_Current' => -21600,
- 'America/Tegucigalpa' => -21600,
- 'America/Thule' => -14400,
- 'America/Thunder_Bay' => -18000,
- 'America/Tijuana' => -28800,
- 'America/Toronto' => 0,
- 'America/Tortola' => -14400,
- 'America/Vancouver' => -28800,
- 'America/Virgin' => -14400,
- 'America/Whitehorse' => -28800,
- 'America/Winnipeg' => -21600,
- 'America/Yakutat' => -32400,
- 'America/Yellowknife' => -25200,
- 'Antarctica/Casey' => 28800,
- 'Antarctica/Davis' => 25200,
- 'Antarctica/DumontDUrville' => 36000,
- 'Antarctica/Mawson' => 21600,
- 'Antarctica/McMurdo' => 43200,
- 'Antarctica/Palmer' => -14400,
- 'Antarctica/Rothera' => 0,
- 'Antarctica/South_Pole' => 43200,
- 'Antarctica/Syowa' => 10800,
- 'Antarctica/VostokArctic/Longyearbyen' => 0,
- 'Asia/Aden' => 10800,
- 'Asia/Almaty' => 21600,
- 'Asia/Amman' => 7200,
- 'Asia/Anadyr' => 43200,
- 'Asia/Aqtau' => 14400,
- 'Asia/Aqtobe' => 18000,
- 'Asia/Ashgabat' => 18000,
- 'Asia/Ashkhabad' => 18000,
- 'Asia/Baghdad' => 10800,
- 'Asia/Bahrain' => 10800,
- 'Asia/Baku' => 14400,
- 'Asia/Bangkok' => 25200,
- 'Asia/Beirut' => 7200,
- 'Asia/Bishkek' => 18000,
- 'Asia/Brunei' => 28800,
- 'Asia/Calcutta' => 19800,
- 'Asia/Choibalsan' => 32400,
- 'Asia/Chongqing' => 28800,
- 'Asia/Chungking' => 28800,
- 'Asia/Colombo' => 21600,
- 'Asia/Dacca' => 21600,
- 'Asia/Damascus' => 7200,
- 'Asia/Dhaka' => 21600,
- 'Asia/Dili' => 32400,
- 'Asia/Dubai' => 14400,
- 'Asia/Dushanbe' => 18000,
- 'Asia/Gaza' => 7200,
- 'Asia/Harbin' => 28800,
- 'Asia/Hong_Kong' => 28800,
- 'Asia/Hovd' => 25200,
- 'Asia/Irkutsk' => 28800,
- 'Asia/Istanbul' => 7200,
- 'Asia/Jakarta' => 25200,
- 'Asia/Jayapura' => 32400,
- 'Asia/Jerusalem' => 7200,
- 'Asia/Kabul' => 16200,
- 'Asia/Kamchatka' => 43200,
- 'Asia/Karachi' => 18000,
- 'Asia/Kashgar' => 28800,
- 'Asia/Katmandu' => 20700,
- 'Asia/Krasnoyarsk' => 25200,
- 'Asia/Kuala_Lumpur' => 28800,
- 'Asia/Kuching' => 28800,
- 'Asia/Kuwait' => 10800,
- 'Asia/Macao' => 28800,
- 'Asia/Macau' => 0,
- 'Asia/Magadan' => 39600,
- 'Asia/Makassar' => 0,
- 'Asia/Manila' => 28800,
- 'Asia/Muscat' => 14400,
- 'Asia/Nicosia' => 7200,
- 'Asia/Novosibirsk' => 21600,
- 'Asia/Omsk' => 21600,
- 'Asia/Oral' => 0,
- 'Asia/Phnom_Penh' => 25200,
- 'Asia/Pontianak' => 25200,
- 'Asia/Pyongyang' => 32400,
- 'Asia/Qatar' => 10800,
- 'Asia/Qyzylorda' => 0,
- 'Asia/Rangoon' => 23400,
- 'Asia/Riyadh' => 10800,
- 'Asia/Saigon' => 25200,
- 'Asia/Sakhalin' => 36000,
- 'Asia/Samarkand' => 18000,
- 'Asia/Seoul' => 32400,
- 'Asia/Shanghai' => 28800,
- 'Asia/Singapore' => 28800,
- 'Asia/Taipei' => 28800,
- 'Asia/Tashkent' => 18000,
- 'Asia/Tbilisi' => 14400,
- 'Asia/Tehran' => 12600,
- 'Asia/Tel_Aviv' => 7200,
- 'Asia/Thimbu' => 21600,
- 'Asia/Thimphu' => 21600,
- 'Asia/Tokyo' => 32400,
- 'Asia/Ujung_Pandang' => 28800,
- 'Asia/Ulaanbaatar' => 28800,
- 'Asia/Ulan_Bator' => 28800,
- 'Asia/Urumqi' => 28800,
- 'Asia/Vientiane' => 25200,
- 'Asia/Vladivostok' => 36000,
- 'Asia/Yakutsk' => 32400,
- 'Asia/Yekaterinburg' => 18000,
- 'Asia/YerevanAtlantic/Azores' => 0,
- 'Atlantic/Bermuda' => -14400,
- 'Atlantic/Canary' => 0,
- 'Atlantic/Cape_Verde' => -3600,
- 'Atlantic/Faeroe' => 0,
- 'Atlantic/Jan_Mayen' => 3600,
- 'Atlantic/Madeira' => 0,
- 'Atlantic/Reykjavik' => 0,
- 'Atlantic/South_Georgia' => -7200,
- 'Atlantic/St_Helena' => 0,
- 'Atlantic/Stanley' => -14400,
- 'Australia/ACT' => 36000,
- 'Australia/Adelaide' => 34200,
- 'Australia/Brisbane' => 36000,
- 'Australia/Broken_Hill' => 34200,
- 'Australia/Canberra' => 36000,
- 'Australia/Currie' => 0,
- 'Australia/Darwin' => 34200,
- 'Australia/Hobart' => 36000,
- 'Australia/LHI' => 37800,
- 'Australia/Lindeman' => 36000,
- 'Australia/Lord_Howe' => 37800,
- 'Australia/Melbourne' => 36000,
- 'Australia/NSW' => 36000,
- 'Australia/North' => 34200,
- 'Australia/Perth' => 28800,
- 'Australia/Queensland' => 36000,
- 'Australia/South' => 34200,
- 'Australia/Sydney' => 36000,
- 'Australia/Tasmania' => 36000,
- 'Australia/Victoria' => 36000,
- 'Australia/West' => 28800,
- 'Australia/Yancowinna' => 34200,
- 'Europe/Amsterdam' => 3600,
- 'Europe/Andorra' => 3600,
- 'Europe/Athens' => 7200,
- 'Europe/Belfast' => 0,
- 'Europe/Belgrade' => 3600,
- 'Europe/Berlin' => 3600,
- 'Europe/Bratislava' => 3600,
- 'Europe/Brussels' => 3600,
- 'Europe/Bucharest' => 7200,
- 'Europe/Budapest' => 3600,
- 'Europe/Chisinau' => 7200,
- 'Europe/Copenhagen' => 3600,
- 'Europe/Dublin' => 0,
- 'Europe/Gibraltar' => 3600,
- 'Europe/Guernsey' => 0,
- 'Europe/Helsinki' => 7200,
- 'Europe/Isle_of_Man' => 0,
- 'Europe/Istanbul' => 7200,
- 'Europe/Jersey' => 0,
- 'Europe/Kaliningrad' => 7200,
- 'Europe/Kiev' => 7200,
- 'Europe/Lisbon' => 0,
- 'Europe/Ljubljana' => 3600,
- 'Europe/London' => 0,
- 'Europe/Luxembourg' => 3600,
- 'Europe/Madrid' => 3600,
- 'Europe/Malta' => 3600,
- 'Europe/Mariehamn' => 0,
- 'Europe/Minsk' => 7200,
- 'Europe/Monaco' => 3600,
- 'Europe/Moscow' => 10800,
- 'Europe/Nicosia' => 7200,
- 'Europe/Oslo' => 3600,
- 'Europe/Paris' => 3600,
- 'Europe/Prague' => 3600,
- 'Europe/Riga' => 7200,
- 'Europe/Rome' => 3600,
- 'Europe/Samara' => 14400,
- 'Europe/San_Marino' => 3600,
- 'Europe/Sarajevo' => 3600,
- 'Europe/Simferopol' => 7200,
- 'Europe/Skopje' => 3600,
- 'Europe/Sofia' => 7200,
- 'Europe/Stockholm' => 3600,
- 'Europe/Tallinn' => 7200,
- 'Europe/Tirane' => 3600,
- 'Europe/Tiraspol' => 7200,
- 'Europe/Uzhgorod' => 7200,
- 'Europe/Vaduz' => 3600,
- 'Europe/Vatican' => 3600,
- 'Europe/Vienna' => 3600,
- 'Europe/Vilnius' => 7200,
- 'Europe/Volgograd' => 0,
- 'Europe/Warsaw' => 3600,
- 'Europe/Zagreb' => 3600,
- 'Europe/Zaporozhye' => 7200,
- 'Europe/Zurich' => 3600,
- 'Indian/Antananarivo' => 10800,
- 'Indian/Chagos' => 21600,
- 'Indian/Christmas' => 25200,
- 'Indian/Cocos' => 23400,
- 'Indian/Comoro' => 10800,
- 'Indian/Kerguelen' => 18000,
- 'Indian/Mahe' => 14400,
- 'Indian/Maldives' => 18000,
- 'Indian/Mauritius' => 14400,
- 'Indian/Mayotte' => 10800,
- 'Indian/Reunion' => 14400,
- 'Pacific/Apia' => -39600,
- 'Pacific/Auckland' => 43200,
- 'Pacific/Chatham' => 45900,
- 'Pacific/Easter' => -21600,
- 'Pacific/Efate' => 39600,
- 'Pacific/Enderbury' => 46800,
- 'Pacific/Fakaofo' => -36000,
- 'Pacific/Fiji' => 43200,
- 'Pacific/Funafuti' => 43200,
- 'Pacific/Galapagos' => -21600,
- 'Pacific/Gambier' => -32400,
- 'Pacific/Guadalcanal' => 39600,
- 'Pacific/Guam' => 36000,
- 'Pacific/Honolulu' => -36000,
- 'Pacific/Johnston' => -36000,
- 'Pacific/Kiritimati' => 50400,
- 'Pacific/Kosrae' => 39600,
- 'Pacific/Kwajalein' => 43200,
- 'Pacific/Majuro' => 43200,
- 'Pacific/Marquesas' => -34200,
- 'Pacific/Midway' => -39600,
- 'Pacific/Nauru' => 43200,
- 'Pacific/Niue' => -39600,
- 'Pacific/Norfolk' => 41400,
- 'Pacific/Noumea' => 39600,
- 'Pacific/Pago_Pago' => -39600,
- 'Pacific/Palau' => 32400,
- 'Pacific/Pitcairn' => -28800,
- 'Pacific/Ponape' => 39600,
- 'Pacific/Port_Moresby' => 36000,
- 'Pacific/Rarotonga' => -36000,
- 'Pacific/Saipan' => 36000,
- 'Pacific/Samoa' => -39600,
- 'Pacific/Tahiti' => -36000,
- 'Pacific/Tarawa' => 43200,
- 'Pacific/Tongatapu' => 46800,
- 'Pacific/Truk' => 36000,
- 'Pacific/Wake' => 43200,
- 'Pacific/Wallis' => 43200,
- 'Pacific/Yap' => 36000 );
-
- $dst_timezones = array (
- 'America/Adak' => 1,
- 'America/Atka' => 1,
- 'America/Anchorage' => 1,
- 'America/Juneau' => 1,
- 'America/Nome' => 1,
- 'America/Yakutat' => 1,
- 'America/Dawson' => 1,
- 'America/Ensenada' => 1,
- 'America/Los_Angeles' => 1,
- 'America/Tijuana' => 1,
- 'America/Vancouver' => 1,
- 'America/Whitehorse' => 1,
- 'America/Boise' => 1,
- 'America/Cambridge_Bay' => 1,
- 'America/Chihuahua' => 1,
- 'America/Denver' => 1,
- 'America/Edmonton' => 1,
- 'America/Inuvik' => 1,
- 'America/Mazatlan' => 1,
- 'America/Shiprock' => 1,
- 'America/Yellowknife' => 1,
- 'America/Cancun' => 1,
- 'America/Chicago' => 1,
- 'America/Menominee' => 1,
- 'America/Merida' => 1,
- 'America/Monterrey' => 1,
- 'America/North_Dakota/Center' => 1,
- 'America/Rainy_River' => 1,
- 'America/Rankin_Inlet' => 1,
- 'America/Winnipeg' => 1,
- 'Pacific/Easter' => 1,
- 'America/Detroit' => 1,
- 'America/Grand_Turk' => 1,
- 'America/Havana' => 1,
- 'America/Iqaluit' => 1,
- 'America/Kentucky/Louisville' => 1,
- 'America/Kentucky/Monticello' => 1,
- 'America/Louisville' => 1,
- 'America/Montreal' => 1,
- 'America/Nassau' => 1,
- 'America/New_York' => 1,
- 'America/Nipigon' => 1,
- 'America/Pangnirtung' => 1,
- 'America/Thunder_Bay' => 1,
- 'America/Asuncion' => 1,
- 'America/Cuiaba' => 1,
- 'America/Glace_Bay' => 1,
- 'America/Goose_Bay' => 1,
- 'America/Halifax' => 1,
- 'America/Santiago' => 1,
- 'Antarctica/Palmer' => 1,
- 'Atlantic/Bermuda' => 1,
- 'Atlantic/Stanley' => 1,
- 'America/St_Johns' => 1,
- 'America/Araguaina' => 1,
- 'America/Fortaleza' => 1,
- 'America/Godthab' => 1,
- 'America/Maceio' => 1,
- 'America/Miquelon' => 1,
- 'America/Recife' => 1,
- 'America/Sao_Paulo' => 1,
- 'America/Scoresbysund' => 1,
- 'Atlantic/Canary' => 1,
- 'Atlantic/Faeroe' => 1,
- 'Atlantic/Madeira' => 1,
- 'Europe/Belfast' => 1,
- 'Europe/Dublin' => 1,
- 'Europe/Lisbon' => 1,
- 'Europe/London' => 1,
- 'Africa/Ceuta' => 1,
- 'Africa/Windhoek' => 1,
- 'Atlantic/Jan_Mayen' => 1,
- 'Europe/Amsterdam' => 1,
- 'Europe/Andorra' => 1,
- 'Europe/Belgrade' => 1,
- 'Europe/Berlin' => 1,
- 'Europe/Bratislava' => 1,
- 'Europe/Brussels' => 1,
- 'Europe/Budapest' => 1,
- 'Europe/Copenhagen' => 1,
- 'Europe/Gibraltar' => 1,
- 'Europe/Ljubljana' => 1,
- 'Europe/Luxembourg' => 1,
- 'Europe/Madrid' => 1,
- 'Europe/Malta' => 1,
- 'Europe/Monaco' => 1,
- 'Europe/Oslo' => 1,
- 'Europe/Paris' => 1,
- 'Europe/Prague' => 1,
- 'Europe/Rome' => 1,
- 'Europe/San_Marino' => 1,
- 'Europe/Sarajevo' => 1,
- 'Europe/Skopje' => 1,
- 'Europe/Stockholm' => 1,
- 'Europe/Tirane' => 1,
- 'Europe/Vaduz' => 1,
- 'Europe/Vatican' => 1,
- 'Europe/Vienna' => 1,
- 'Europe/Warsaw' => 1,
- 'Europe/Zagreb' => 1,
- 'Europe/Zurich' => 1,
- 'Africa/Cairo' => 1,
- 'Asia/Amman' => 1,
- 'Asia/Beirut' => 1,
- 'Asia/Damascus' => 1,
- 'Asia/Gaza' => 1,
- 'Asia/Istanbul' => 1,
- 'Asia/Jerusalem' => 1,
- 'Asia/Nicosia' => 1,
- 'Asia/Tel_Aviv' => 1,
- 'Europe/Athens' => 1,
- 'Europe/Bucharest' => 1,
- 'Europe/Chisinau' => 1,
- 'Europe/Helsinki' => 1,
- 'Europe/Istanbul' => 1,
- 'Europe/Kaliningrad' => 1,
- 'Europe/Kiev' => 1,
- 'Europe/Minsk' => 1,
- 'Europe/Nicosia' => 1,
- 'Europe/Riga' => 1,
- 'Europe/Simferopol' => 1,
- 'Europe/Sofia' => 1,
- 'Europe/Tiraspol' => 1,
- 'Europe/Uzhgorod' => 1,
- 'Europe/Zaporozhye' => 1,
- 'Asia/Baghdad' => 1,
- 'Europe/Moscow' => 1,
- 'Asia/Tehran' => 1,
- 'Asia/Aqtau' => 1,
- 'Asia/Baku' => 1,
- 'Asia/Tbilisi' => 1,
- 'Europe/Samara' => 1,
- 'Asia/Aqtobe' => 1,
- 'Asia/Bishkek' => 1,
- 'Asia/Yekaterinburg' => 1,
- 'Asia/Almaty' => 1,
- 'Asia/Novosibirsk' => 1,
- 'Asia/Omsk' => 1,
- 'Asia/Krasnoyarsk' => 1,
- 'Asia/Irkutsk' => 1,
- 'Asia/Yakutsk' => 1,
- 'Australia/Adelaide' => 1,
- 'Australia/Broken_Hill' => 1,
- 'Australia/South' => 1,
- 'Australia/Yancowinna' => 1,
- 'Asia/Sakhalin' => 1,
- 'Asia/Vladivostok' => 1,
- 'Australia/ACT' => 1,
- 'Australia/Canberra' => 1,
- 'Australia/Hobart' => 1,
- 'Australia/Melbourne' => 1,
- 'Australia/NSW' => 1,
- 'Australia/Sydney' => 1,
- 'Australia/Tasmania' => 1,
- 'Australia/Victoria' => 1,
- 'Australia/LHI' => 1,
- 'Australia/Lord_Howe' => 1,
- 'Asia/Magadan' => 1,
- 'Antarctica/McMurdo' => 1,
- 'Antarctica/South_Pole' => 1,
- 'Asia/Anadyr' => 1,
- 'Asia/Kamchatka' => 1,
- 'Pacific/Auckland' => 1,
- 'Pacific/Chatham' => 1,
- );
- return(array("TIMEZONES" => $timezones, "DST_ZONES" => $dst_timezones));
-}
-
-
-function display_error_page()
+ /* Look for ID map entry */
+ $ldap->cd ($config->current['BASE']);
+ $ldap->search ("(&(objectClass=sambaUnixIdPool)($attrib=*))", array("$attrib"));
+
+ /* If it does not exist, create one with these defaults */
+ if ($ldap->count() == 0) {
+ /* Fill informational values */
+ $minUserId= $config->get_cfg_value("uidPoolMin", 10000);
+ $minGroupId= $config->get_cfg_value("gidPoolMin", 10000);
+
+ /* Add as default */
+ $attrs= array("objectClass" => array("organizationalUnit", "sambaUnixIdPool"));
+ $attrs["ou"]= "idmap";
+ $attrs["uidNumber"]= $minUserId;
+ $attrs["gidNumber"]= $minGroupId;
+ $ldap->cd("ou=idmap,".$config->current['BASE']);
+ $ldap->add($attrs);
+ if ($ldap->error != "Success") {
+ msg_dialog::display(_("Error"), _("Cannot create sambaUnixIdPool entry!"), ERROR_DIALOG);
+ return null;
+ }
+ $tries++;
+ continue;
+ }
+ /* Bail out if it's not unique */
+ if ($ldap->count() != 1) {
+ msg_dialog::display(_("Error"), _("Cannot allocate free ID:")." "._("sambaUnixIdPool is not unique!"), ERROR_DIALOG);
+ return null;
+ }
+
+ /* Store old attrib and generate new */
+ $attrs= $ldap->fetch();
+ $dn= $ldap->getDN();
+ $oldAttr= $attrs[$attrib][0];
+ $newAttr= $oldAttr + 1;
+
+ /* Sanity check */
+ if ($newAttr >= $max) {
+ msg_dialog::display(_("Error"), _("Cannot allocate free ID:")." "._("no ID available!"), ERROR_DIALOG);
+ return null;
+ }
+ if ($newAttr < $min) {
+ msg_dialog::display(_("Error"), _("Cannot allocate free ID:")." "._("no ID available!"), ERROR_DIALOG);
+ return null;
+ }
+
+ #FIXME: PHP is not able to do a modification of "del: .../add: ...", so this
+ # is completely unsafe in the moment.
+ #/* Remove old attr, add new attr */
+ #$attrs= array($attrib => $oldAttr);
+ #$ldap->rm($attrs, $dn);
+ #if ($ldap->error != "Success") {
+ # continue;
+ #}
+ $ldap->cd($dn);
+ $ldap->modify(array($attrib => $newAttr));
+ if ($ldap->error != "Success") {
+ msg_dialog::display(_("Error"), _("Cannot allocate free ID:")." ".$ldap->get_error(), ERROR_DIALOG);
+ return null;
+ } else {
+ return $oldAttr;
+ }
+ }
+
+ /* Bail out if we had problems getting the next id */
+ if (!$tries) {
+ msg_dialog::display(_("Error"), _("Cannot allocate free ID:")." "._("maximum number of tries exceeded!"), ERROR_DIALOG);
+ }
+
+ return $id;
+}
+
+
+function get_next_id_traditional($attrib, $dn)
{
- $smarty= get_smarty();
- $smarty->display(get_template_path('headers.tpl'));
- echo "<body>".msg_dialog::get_dialogs()."</body></html>";
- exit();
+ global $config;
+
+ $ids= array();
+ $ldap= $config->get_ldap_link();
+
+ $ldap->cd ($config->current['BASE']);
+ if (preg_match('/gidNumber/i', $attrib)){
+ $oc= "posixGroup";
+ } else {
+ $oc= "posixAccount";
+ }
+ $ldap->search ("(&(objectClass=$oc)($attrib=*))", array("$attrib"));
+
+ /* Get list of ids */
+ while ($attrs= $ldap->fetch()){
+ $ids[]= (int)$attrs["$attrib"][0];
+ }
+
+ /* Add the nobody id */
+ $ids[]= 65534;
+
+ /* get the ranges */
+ $tmp = array('0'=> 1000);
+ if (preg_match('/posixAccount/', $oc) && $config->get_cfg_value("uidNumberBase") != ""){
+ $tmp= explode('-',$config->get_cfg_value("uidNumberBase"));
+ } elseif($config->get_cfg_value("gidNumberBase") != ""){
+ $tmp= explode('-',$config->get_cfg_value("gidNumberBase"));
+ }
+
+ /* Set hwm to max if not set - for backward compatibility */
+ $lwm= $tmp[0];
+ if (isset($tmp[1])){
+ $hwm= $tmp[1];
+ } else {
+ $hwm= pow(2,32);
+ }
+ /* Find out next free id near to UID_BASE */
+ if ($config->get_cfg_value("baseIdHook") == ""){
+ $base= $lwm;
+ } else {
+ /* Call base hook */
+ $base= get_base_from_hook($dn, $attrib);
+ }
+ for ($id= $base; $id++; $id < pow(2,32)){
+ if (!in_array($id, $ids)){
+ return ($id);
+ }
+ }
+
+ /* Should not happen */
+ if ($id == $hwm){
+ msg_dialog::display(_("Error"), _("Cannot allocate free ID!"), ERROR_DIALOG);
+ exit;
+ }
+}
+
+
+/* Mark the occurance of a string with a span */
+function mark($needle, $haystack, $ignorecase= true)
+{
+ $result= "";
+
+ while (preg_match('/^(.*)('.preg_quote($needle).')(.*)$/i', $haystack, $matches)) {
+ $result.= $matches[1]."<span class='mark'>".$matches[2]."</span>";
+ $haystack= $matches[3];
+ }
+
+ return $result.$haystack;
+}
+
+
+/* Return an image description using the path */
+function image($path, $action= "", $title= "", $align= "middle")
+{
+ global $config;
+ global $BASE_DIR;
+ $label= null;
+
+ // Bail out, if there's no style file
+ if(!session::global_is_set("img-styles")){
+
+ // Get theme
+ if (isset ($config)){
+ $theme= $config->get_cfg_value("theme", "default");
+ } else {
+ # For debuging - avoid that there's no theme set
+ die("config not set!");
+ $theme= "default";
+ }
+
+ if (!file_exists("$BASE_DIR/ihtml/themes/$theme/img.styles")){
+ die ("No img.style for this theme found!");
+ }
+
+ session::global_set('img-styles', unserialize(file_get_contents("$BASE_DIR/ihtml/themes/$theme/img.styles")));
+ }
+ $styles= session::global_get('img-styles');
+
+ /* Extract labels from path */
+ if (preg_match("/\.png\[(.*)\]$/", $path, $matches)) {
+ $label= $matches[1];
+ }
+
+ $lbl= "";
+ if ($label) {
+ if (isset($styles["images/label-".$label.".png"])) {
+ $lbl= "<div style='".$styles["images/label-".$label.".png"]."'></div>";
+ } else {
+ die("Invalid label specified: $label\n");
+ }
+
+ $path= preg_replace("/\[.*\]$/", "", $path);
+ }
+
+ // Non middle layout?
+ if ($align == "middle") {
+ $align= "";
+ } else {
+ $align= ";vertical-align:$align";
+ }
+
+ // Clickable image or not?
+ if ($title != "") {
+ $title= "title='$title'";
+ }
+ if ($action == "") {
+ return "<div class='img' $title style='".$styles[$path]."$align'>$lbl</div>";
+ } else {
+ return "<input type='submit' class='img' id='$action' value='' name='$action' $title style='".$styles[$path]."$align'>";
+ }
}
+/*! \brief Encodes a complex string to be useable in HTML posts.
+ */
+function postEncode($str)
+{
+ return(preg_replace("/=/","_", base64_encode($str)));
+}
+
+/*! \brief Decodes a string encoded by postEncode
+ */
+function postDecode($str)
+{
+ return(base64_decode(preg_replace("/_/","=", $str)));
+}
+
+
+/*! \brief Generate styled output
+ */
+function bold($str)
+{
+ return "<span class='highlight'>$str</span>";
+}
+
+
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>