index ae3ccfc8e0b3a4fe1a1b04a85e1c527d2d2a70c2..d9d12986fd5aa5ba65846f3604594aa4025f3899 100644 (file)
define ("DEBUG_ACL", 128);
define ("DEBUG_SI", 256);
define ("DEBUG_MAIL", 512); // mailAccounts, imap, sieve etc.
+define ("DEBUG_FAI", 1024); // FAI (incomplete)
/* Rewrite german 'umlauts' and spanish 'accents'
to get better results */
/* Debug level action */
function DEBUG($level, $line, $function, $file, $data, $info="")
{
- if (session::get('DEBUGLEVEL') & $level){
+ if (session::global_get('DEBUGLEVEL') & $level){
$output= "DEBUG[$level] ";
if ($function != ""){
$output.= "($file:$function():$line) - $info: ";
/* Rewrite ui object to another dn */
function change_ui_dn($dn, $newdn)
{
- $ui= session::get('ui');
+ $ui= session::global_get('ui');
if ($ui->dn == $dn){
$ui->dn= $newdn;
- session::set('ui',$ui);
+ session::global_set('ui',$ui);
}
}
/* Return plugin dir or root directory? */
if ($plugin){
if ($path == ""){
- $nf= preg_replace("!^".$BASE_DIR."/!", "", session::get('plugin_dir'));
+ $nf= preg_replace("!^".$BASE_DIR."/!", "", session::global_get('plugin_dir'));
} else {
$nf= preg_replace("!^".$BASE_DIR."/!", "", $path);
}
return ("$BASE_DIR/ihtml/themes/default/$nf/$filename");
}
if ($path == ""){
- return (session::get('plugin_dir')."/$filename");
+ return (session::global_get('plugin_dir')."/$filename");
} else {
return ($path."/$filename");
}
$ui= new userinfo($config, $ldap->getDN());
$ui->username= $attrs['uid'][0];
+ /* Bail out if we have login restrictions set, for security reasons
+ the message is the same than failed user/pw */
+ if (!$ui->loginAllowed()){
+ return (NULL);
+ }
+
/* No password check needed - the webserver did it for us */
$ldap->disconnect();
$ui->loadACL();
/* TODO: check java script for htaccess authentication */
- session::set('js',true);
+ session::global_set('js',true);
return ($ui);
}
$ui= new userinfo($config, $ldap->getDN());
$ui->username= $attrs['uid'][0];
+ /* Bail out if we have login restrictions set, for security reasons
+ the message is the same than failed user/pw */
+ if (!$ui->loginAllowed()){
+ return (NULL);
+ }
+
/* password check, bind as user with supplied password */
$ldap->disconnect();
$ldap= new LDAP($ui->dn, $password, $config->current['SERVER'],
/* Remember which entries were opened as read only, because we
don't need to remove any locks for them later.
*/
- if(!session::is_set("LOCK_CACHE")){
- session::set("LOCK_CACHE",array(""));
+ if(!session::global_is_set("LOCK_CACHE")){
+ session::global_set("LOCK_CACHE",array(""));
+ }
+ if(is_array($object)){
+ foreach($object as $obj){
+ add_lock($obj,$user);
+ }
+ return;
}
- $cache = &session::get("LOCK_CACHE");
+
+ $cache = &session::global_get("LOCK_CACHE");
if(isset($_POST['open_readonly'])){
$cache['READ_ONLY'][$object] = TRUE;
return;
unset($cache['READ_ONLY'][$object]);
}
- if(is_array($object)){
- foreach($object as $obj){
- add_lock($obj,$user);
- }
- return;
- }
/* Just a sanity check... */
if ($object == "" || $user == ""){
/* If this object was opened in read only mode then
skip removing the lock entry, there wasn't any lock created.
*/
- if(session::is_set("LOCK_CACHE")){
- $cache = &session::get("LOCK_CACHE");
+ if(session::global_is_set("LOCK_CACHE")){
+ $cache = &session::global_get("LOCK_CACHE");
if(isset($cache['READ_ONLY'][$object])){
unset($cache['READ_ONLY'][$object]);
return;
@@ -1025,7 +1039,7 @@ function get_list($filter, $category, $base= "", $attributes= array(), $flags= G
function check_sizelimit()
{
/* Ignore dialog? */
- if (session::is_set('size_ignore') && session::get('size_ignore')){
+ if (session::global_is_set('size_ignore') && session::global_get('size_ignore')){
return ("");
}
if (session::is_set('limit_exceeded') && session::get('limit_exceeded')){
$smarty= get_smarty();
$smarty->assign('warning', sprintf(_("The size limit of %d entries is exceed!"),
- session::get('size_limit')));
- $smarty->assign('limit_message', sprintf(_("Set the new size limit to %s and show me this message if the limit still exceeds"), '<input type="text" name="new_limit" maxlength="10" size="5" value="'.(session::get('size_limit') +100).'">'));
+ session::global_get('size_limit')));
+ $smarty->assign('limit_message', sprintf(_("Set the new size limit to %s and show me this message if the limit still exceeds"), '<input type="text" name="new_limit" maxlength="10" size="5" value="'.(session::global_get('size_limit') +100).'">'));
return($smarty->fetch(get_template_path('sizelimit.tpl')));
}
function print_sizelimit_warning()
{
- if (session::is_set('size_limit') && session::get('size_limit') >= 10000000 ||
+ if (session::global_is_set('size_limit') && session::global_get('size_limit') >= 10000000 ||
(session::is_set('limit_exceeded') && session::get('limit_exceeded'))){
$config= "<input type='submit' name='edit_sizelimit' value="._("Configure").">";
} else {
if (tests::is_id($_POST['new_limit']) &&
isset($_POST['action']) && $_POST['action']=="newlimit"){
- session::set('size_limit', validate($_POST['new_limit']));
+ session::global_set('size_limit', validate($_POST['new_limit']));
session::set('size_ignore', FALSE);
}
/* User wants no limits? */
if (isset($_POST['action']) && $_POST['action']=="ignore"){
- session::set('size_limit', 0);
- session::set('size_ignore', TRUE);
+ session::global_set('size_limit', 0);
+ session::global_set('size_ignore', TRUE);
}
/* User wants incomplete results */
if (isset($_POST['action']) && $_POST['action']=="limited"){
- session::set('size_ignore', TRUE);
+ session::global_set('size_ignore', TRUE);
}
}
getMenuCache();
/* Allow fallback to dialog */
if (isset($_POST['edit_sizelimit'])){
- session::set('size_ignore',FALSE);
+ session::global_set('size_ignore',FALSE);
}
}
global $config;
$map = array(
+ "roleRDN" => "ou=roles,",
"ogroupRDN" => "ou=groups,",
"applicationRDN" => "ou=apps,",
"systemRDN" => "ou=systems,",
/* Save variables from LOCK_VARS_TO_USE in session - for further editing */
if( session::is_set('LOCK_VARS_TO_USE') && count(session::get('LOCK_VARS_TO_USE'))){
- $LOCK_VARS_USED = array();
+ $LOCK_VARS_USED_GET = array();
+ $LOCK_VARS_USED_POST = array();
+ $LOCK_VARS_USED_REQUEST = array();
$LOCK_VARS_TO_USE = session::get('LOCK_VARS_TO_USE');
foreach($LOCK_VARS_TO_USE as $name){
foreach($_POST as $Pname => $Pvalue){
if(preg_match($name,$Pname)){
- $LOCK_VARS_USED[$Pname] = $_POST[$Pname];
+ $LOCK_VARS_USED_POST[$Pname] = $_POST[$Pname];
}
}
foreach($_GET as $Pname => $Pvalue){
if(preg_match($name,$Pname)){
- $LOCK_VARS_USED[$Pname] = $_GET[$Pname];
+ $LOCK_VARS_USED_GET[$Pname] = $_GET[$Pname];
+ }
+ }
+
+ foreach($_REQUEST as $Pname => $Pvalue){
+ if(preg_match($name,$Pname)){
+ $LOCK_VARS_USED_REQUEST[$Pname] = $_REQUEST[$Pname];
}
}
}
session::set('LOCK_VARS_TO_USE',array());
- session::set('LOCK_VARS_USED' , $LOCK_VARS_USED);
+ session::set('LOCK_VARS_USED_GET' , $LOCK_VARS_USED_GET);
+ session::set('LOCK_VARS_USED_POST' , $LOCK_VARS_USED_POST);
+ session::set('LOCK_VARS_USED_REQUEST' , $LOCK_VARS_USED_REQUEST);
}
/* Prepare and show template */
function expand_id($rule, $attributes)
{
/* Check for id rule */
- if(preg_match('/^id(:|#)\d+$/',$rule)){
- return (array("\{$rule}"));
+ if(preg_match('/^id(:|#|!)\d+$/',$rule)){
+ return (array("{$rule}"));
}
/* Check for clean attribute */
$proposed= recurse($stripped, $variables);
/* Get list of used ID's */
- $used= array();
$ldap= $config->get_ldap_link();
$ldap->cd($config->current['BASE']);
- $ldap->search('(uid=*)');
-
- while($attrs= $ldap->fetch()){
- $used[]= $attrs['uid'][0];
- }
/* Remove used uids and watch out for id tags */
$ret= array();
foreach($proposed as $uid){
/* Check for id tag and modify uid if needed */
- if(preg_match('/\{id:\d+}/',$uid)){
- $size= preg_replace('/^.*{id:(\d+)}.*$/', '\\1', $uid);
+ if(preg_match('/\{id(:|!)\d+}/',$uid, $m)){
+ $size= preg_replace('/^.*{id(:|!)(\d+)}.*$/', '\\2', $uid);
+
+ $start= $m[1]==":"?0:-1;
+ for ($i= $start, $p= pow(10,$size); $i < $p; $i++){
+ if ($i == -1) {
+ $number= "";
+ } else {
+ $number= sprintf("%0".$size."d", $i+1);
+ }
+ $res= preg_replace('/{id(:|!)\d+}/', $number, $uid);
- for ($i= 0, $p= pow(10,$size); $i < $p; $i++){
- $number= sprintf("%0".$size."d", $i);
- $res= preg_replace('/{id:(\d+)}/', $number, $uid);
- if (!in_array($res, $used)){
+ $ldap->search("(uid=".preg_replace('/[{}]/', '', $res).")",array('dn'));
+ if($ldap->count() == 0){
$uid= $res;
break;
}
mt_srand((double) microtime()*1000000);
$number= sprintf("%0".$size."d", mt_rand(0, pow(10, $size)-1));
$res= preg_replace('/{id#(\d+)}/', $number, $uid);
- if (!in_array($res, $used)){
+ $ldap->search("(uid=".preg_replace('/[{}]/', '', $res).")",array('dn'));
+ if($ldap->count() == 0){
$uid= $res;
break;
}
}
/* Don't assign used ones */
- if (!in_array($uid, $used)){
- $ret[]= $uid;
+ $ldap->search("(uid=".preg_replace('/[{}]/', '', $uid).")",array('dn'));
+ if($ldap->count() == 0){
+ /* Add uid, but remove {} first. These are invalid anyway. */
+ $ret[]= preg_replace('/[{}]/', '', $uid);
}
}
function progressbar($percentage,$width=100,$height=15,$showvalue=false)
{
- $str = ""; // Our return value will be saved in this var
-
- $color = dechex($percentage+150);
- $color2 = dechex(150 - $percentage);
- $bgcolor= $showvalue?"FFFFFF":"DDDDDD";
-
- $progress = (int)(($percentage /100)*$width);
-
- /* If theres a better solution for this, use it... */
- $str = "\n <div style=\" width:".($width)."px; ";
- $str.= "\n height:".($height)."px; ";
- $str.= "\n background-color:#000000; ";
- $str.= "\n padding:1px;\" > ";
-
- $str.= "\n <div style=\" width:".($width)."px; ";
- $str.= "\n background-color:#$bgcolor; ";
- $str.= "\n height:".($height)."px;\" > ";
-
- if(($height >10)&&($showvalue)){
- $str.= "\n <font style=\"font-size:".($height-2)."px; ";
- $str.= "\n color:#FF0000; align:middle; ";
- $str.= "\n padding-left:".((int)(($width*0.4)))."px; \"> ";
- $str.= "\n <b>".$percentage."%</b> ";
- $str.= "\n </font> ";
- }
-
- $str.= "\n <div style=\" width:".$progress."px; ";
- $str.= "\n height:".$height."px; ";
- $str.= "\n background-color:#".$color2.$color2.$color."; \" >";
- $str.= "\n </div>";
- $str.= "\n </div>";
- $str.= "\n </div>";
-
- return($str);
+ return("<img src='progress.php?x=$width&y=$height&p=$percentage'>");
}
$checks['gosaObject']['IS_MUST_HAVE'] = TRUE;
/* GOsa Account class */
- $checks["gosaAccount"]["REQUIRED_VERSION"]= "2.6.1";
+ $checks["gosaAccount"]["REQUIRED_VERSION"]= "2.6.6";
$checks["gosaAccount"]["SCHEMA_FILES"] = array("gosa+samba3.schema","gosa.schema");
$checks["gosaAccount"]["CLASSES_REQUIRED"]= array("gosaAccount");
$checks["gosaAccount"]["IS_MUST_HAVE"] = TRUE;
} else {
$hash= "";
}
+
+ if ($hash == "") {
+ msg_dialog::display(_("Configuration error"), _("Cannot generate samba hash!"), ERROR_DIALOG);
+ return ("");
+ }
} else {
$tmp= $config->get_cfg_value('sambaHashHook')." ".escapeshellarg($password);
@DEBUG (DEBUG_LDAP, __LINE__, __FUNCTION__, __FILE__, $tmp, "Execute");
flush();
reset($ar);
$hash= current($ar);
- }
- if ($hash == "") {
- msg_dialog::display(_("Configuration error"), _("Cannot generate samba hash!"), ERROR_DIALOG);
- return ("");
+ if ($hash == "") {
+ msg_dialog::display(_("Configuration error"), sprintf(_("Cannot generate samba hash: running '%s' failed, check the 'sambaHashHook'!"),$config->get_cfg_value('sambaHashHook')), ERROR_DIALOG);
+ return ("");
+ }
}
list($lm,$nt)= split (":", trim($hash));
}
+
function cred_decrypt($input,$password) {
$size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM);
}
+function get_object_info()
+{
+ return(session::get('objectinfo'));
+}
+
+
+function set_object_info($str = "")
+{
+ session::set('objectinfo',$str);
+}
+
+
+function isIpInNet($ip, $net, $mask) {
+ // Move to long ints
+ $ip= ip2long($ip);
+ $net= ip2long($net);
+ $mask= ip2long($mask);
+
+ // Mask given IP with mask. If it returns "net", we're in...
+ $res= $ip & $mask;
+
+ return ($res == $net);
+}
+
+
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>