![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/include/functions.inc b/include/functions.inc
index 868e5d8abef0faac226a94385f272321bb37334c..d628de47a0033dcd92f7e7f1376d9a0c7bf9f2f7 100644 (file)
--- a/include/functions.inc
+++ b/include/functions.inc
/* Debug level action */
function DEBUG($level, $line, $function, $file, $data, $info="")
{
- if ($_SESSION['DEBUGLEVEL'] & $level){
+ if (get_global('DEBUGLEVEL') & $level){
$output= "DEBUG[$level] ";
if ($function != ""){
$output.= "($file:$function():$line) - $info: ";
/* Rewrite ui object to another dn */
function change_ui_dn($dn, $newdn)
{
- $ui= $_SESSION['ui'];
+ $ui= get_global('ui');
if ($ui->dn == $dn){
$ui->dn= $newdn;
- $_SESSION['ui']= $ui;
+ register_global('ui',$ui);
}
}
/* Return plugin dir or root directory? */
if ($plugin){
if ($path == ""){
- $nf= preg_replace("!^".$BASE_DIR."/!", "", $_SESSION['plugin_dir']);
+ $nf= preg_replace("!^".$BASE_DIR."/!", "", get_global('plugin_dir'));
} else {
$nf= preg_replace("!^".$BASE_DIR."/!", "", $path);
}
return ("$BASE_DIR/ihtml/themes/default/$nf/$filename");
}
if ($path == ""){
- return ($_SESSION['plugin_dir']."/$filename");
+ return (get_global('plugin_dir')."/$filename");
} else {
return ($path."/$filename");
}
print_red(sprintf(_("User login failed. LDAP server said '%s'."), $ldap->get_error()));
$smarty= get_smarty();
$smarty->display(get_template_path('headers.tpl'));
- echo "<body>".$_SESSION['errors']."</body></html>";
+ echo "<body>".get_global('errors')."</body></html>";
exit();
}
$ldap->cd($config->current['BASE']);
- $ldap->search("(&(uid=$username)(objectClass=gosaAccount))", array("uid"));
+ $allowed_attributes = array("uid","mail");
+ $verify_attr = array();
+ if(isset($config->current['LOGIN_ATTRIBUTE'])){
+ $tmp = split(",",$config->current['LOGIN_ATTRIBUTE']);
+ foreach($tmp as $attr){
+ if(in_array($attr,$allowed_attributes)){
+ $verify_attr[] = $attr;
+ }
+ }
+ }
+ if(count($verify_attr) == 0){
+ $verify_attr = array("uid");
+ }
+ $tmp= $verify_attr;
+ $tmp[] = "uid";
+ $filter = "";
+ foreach($verify_attr as $attr) {
+ $filter.= "(".$attr."=".$username.")";
+ }
+ $filter = "(&(|".$filter.")(objectClass=gosaAccount))";
+ $ldap->search($filter,$tmp);
/* get results, only a count of 1 is valid */
switch ($ldap->count()){
/* LDAP schema is not case sensitive. Perform additional check. */
$attrs= $ldap->fetch();
- if ($attrs['uid'][0] != $username){
- return(NULL);
+ $success = FALSE;
+ foreach($verify_attr as $attr){
+ if ($attrs[$attr][0] == $username){
+ $success = TRUE;
+ }
+ }
+ if(!$success){
+ return(FALSE);
}
/* got user dn, fill acl's */
$ui= new userinfo($config, $ldap->getDN());
- $ui->username= $username;
+ $ui->username= $attrs['uid'][0];
/* password check, bind as user with supplied password */
$ldap->disconnect();
{
global $config;
+ if(is_array($object)){
+ foreach($object as $obj){
+ add_lock($obj,$user);
+ }
+ return;
+ }
+
/* Just a sanity check... */
if ($object == "" || $user == ""){
print_red(_("Error while adding a lock. Parameters are not set correctly, please check the source!"));
{
global $config;
+ if(is_array($object)){
+ foreach($object as $obj){
+ del_lock($obj);
+ }
+ return;
+ }
+
/* Sanity check */
if ($object == ""){
return;
$attrs = $ldap->fetch();
$user= $attrs['gosaUser'][0];
}
-
return ($user);
}
+function get_multiple_locks($objects)
+{
+ global $config;
+
+ if(is_array($objects)){
+ $filter = "(&(objectClass=gosaLockEntry)(|";
+ foreach($objects as $obj){
+ $filter.="(gosaObject=".base64_encode($obj).")";
+ }
+ $filter.= "))";
+ }else{
+ $filter = "(&(objectClass=gosaLockEntry)(gosaObject=".base64_encode($objects)."))";
+ }
+
+ /* Get LDAP link, check for presence of the lock entry */
+ $user= "";
+ $ldap= $config->get_ldap_link();
+ $ldap->cd ($config->current['CONFIG']);
+ $ldap->search($filter, array("gosaUser","gosaObject"));
+ if (!preg_match("/Success/i", $ldap->error)){
+ print_red (_("Can't get locking information in LDAP database. Please check the 'config' entry in gosa.conf!"));
+ return("");
+ }
+
+ $users = array();
+ while($attrs = $ldap->fetch()){
+ $dn = base64_decode($attrs['gosaObject'][0]);
+ $user = $attrs['gosaUser'][0];
+ $users[] = array("dn"=> $dn,"user"=>$user);
+ }
+ return ($users);
+}
+
+
function get_list($filter, $category, $base= "", $attributes= array(), $flags= GL_SUBSEARCH)
{
global $config, $ui;
@@ -591,7 +664,7 @@ function get_list($filter, $category, $base= "", $attributes= array(), $flags= G
/* Check for size limit exceeded messages for GUI feedback */
if (preg_match("/size limit/i", $ldap->error)){
- $_SESSION['limit_exceeded']= TRUE;
+ register_global('limit_exceeded', TRUE);
}
/* Crawl through reslut entries and perform the migration to the
@@ -636,16 +709,16 @@ function get_list($filter, $category, $base= "", $attributes= array(), $flags= G
function check_sizelimit()
{
/* Ignore dialog? */
- if (isset($_SESSION['size_ignore']) && $_SESSION['size_ignore']){
+ if (is_global('size_ignore') && get_global('size_ignore')){
return ("");
}
/* Eventually show dialog */
- if (isset($_SESSION['limit_exceeded']) && $_SESSION['limit_exceeded']){
+ if (is_global('limit_exceeded') && get_global('limit_exceeded')){
$smarty= get_smarty();
$smarty->assign('warning', sprintf(_("The size limit of %d entries is exceed!"),
- $_SESSION['size_limit']));
- $smarty->assign('limit_message', sprintf(_("Set the new size limit to %s and show me this message if the limit still exceeds"), '<input type="text" name="new_limit" maxlength="10" size="5" value="'.($_SESSION['size_limit']+100).'">'));
+ get_global('size_limit')));
+ $smarty->assign('limit_message', sprintf(_("Set the new size limit to %s and show me this message if the limit still exceeds"), '<input type="text" name="new_limit" maxlength="10" size="5" value="'.(get_global('size_limit') +100).'">'));
return($smarty->fetch(get_template_path('sizelimit.tpl')));
}
function print_sizelimit_warning()
{
- if (isset($_SESSION['size_limit']) && $_SESSION['size_limit'] >= 10000000 ||
- (isset($_SESSION['limit_exceeded']) && $_SESSION['limit_exceeded'])){
+ if (is_global('size_limit') && get_global('size_limit') >= 10000000 ||
+ (is_global('limit_exceeded') && get_global('limit_exceeded'))){
$config= "<input type='submit' name='edit_sizelimit' value="._("Configure").">";
} else {
$config= "";
}
- if (isset($_SESSION['limit_exceeded']) && $_SESSION['limit_exceeded']){
+ if (is_global('limit_exceeded') && get_global('limit_exceeded')){
return ("("._("incomplete").") $config");
}
return ("");
if (is_id($_POST['new_limit']) &&
isset($_POST['action']) && $_POST['action']=="newlimit"){
- $_SESSION['size_limit']= validate($_POST['new_limit']);
- $_SESSION['size_ignore']= FALSE;
+ register_global('size_limit', validate($_POST['new_limit']));
+ register_global('size_ignore', FALSE);
}
/* User wants no limits? */
if (isset($_POST['action']) && $_POST['action']=="ignore"){
- $_SESSION['size_limit']= 0;
- $_SESSION['size_ignore']= TRUE;
+ register_global('size_limit', 0);
+ register_global('size_ignore', TRUE);
}
/* User wants incomplete results */
if (isset($_POST['action']) && $_POST['action']=="limited"){
- $_SESSION['size_ignore']= TRUE;
+ register_global('size_ignore', TRUE);
}
}
getMenuCache();
/* Allow fallback to dialog */
if (isset($_POST['edit_sizelimit'])){
- $_SESSION['size_ignore']= FALSE;
+ register_global('size_ignore',FALSE);
}
}
$str.= chr($e+$n);
if(isset($_GET[$str])){
- if(isset($_SESSION['maxC'])){
- $b= $_SESSION['maxC'];
+ if(is_global('maxC')){
+ $b= get_global('maxC');
$q= "";
for ($m=0;$m<strlen($b);$m++) {
$q.= $b[$m++];
return preg_match ("/^[\/0-9 ()+*-]+$/", $nr);
}
+function is_dns_name($str)
+{
+ return(preg_match("/^[a-z0-9\.\-]*$/i",$str));
+}
function is_url($url)
{
$string= preg_replace ("/%s/", $array[$i], $string, 1);
}
- if((!isset($_SESSION['errorsAlreadyPosted'])) || !is_array($_SESSION['errorsAlreadyPosted'])){
- $_SESSION['errorsAlreadyPosted'] = array();
- }
-
/* If DEBUGLEVEL is set, we're in web mode, use textual output in
the other case... */
-
- if (isset($_SESSION['DEBUGLEVEL'])){
-
- if($_SESSION['LastError'] == $string){
-
- if((!isset($_SESSION['errorsAlreadyPosted'][$string]))){
- $_SESSION['errorsAlreadyPosted'][$string] = 1;
- }
- $_SESSION['errorsAlreadyPosted'][$string]++;
-
- }else{
- if($string !== NULL){
- if (preg_match("/"._("LDAP error:")."/", $string)){
- $addmsg= _("Problems with the LDAP server mean that you probably lost the last changes. Please check your LDAP setup for possible errors and try again.");
- $img= "images/error.png";
- } else {
- if (!preg_match('/[.!?]$/', $string)){
- $string.= ".";
- }
- $string= preg_replace('/<br>/', ' ', $string);
- $img= "images/warning.png";
- $addmsg= _("Please check your input and fix the error. Press 'OK' to close this message box.");
- }
-
- if(isset($_SESSION['errors']) && strlen($_SESSION['errors'])==0) {
-
- if(preg_match("/MSIE/", $_SERVER['HTTP_USER_AGENT'])){
-
- $_SESSION['errors'].= "
- <iframe id='e_layer3'
- style=\" position:absolute;
- width:100%;
- height:100%;
- top:0px;
- left:0px;
- border:none;
- border-style:none;
- border-width:0pt;
- display:block;
- allowtransparency='true';
- background-color: #FFFFFF;
- filter:chroma(color=#FFFFFF);
- z-index:0; \">
- </iframe>
- <div id='e_layer2'
- style=\"
- position: absolute;
- left: 0px;
- top: 0px;
- right:0px;
- bottom:0px;
- z-index:0;
- width:100%;
- height:100%;
- filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(enabled=true, sizingMethod=scale, src='images/opacity_black.png'); \">
- </div>";
- $hide = "hide(\"e_layer\");hide(\"e_layer2\");hide(\"e_layer3\");";
- }else{
-
- $_SESSION['errors'].= "
- <div id='e_layer2'
- style=\"
- position: absolute;
- left: 0px;
- top: 0px;
- right:0px;
- bottom:0px;
- z-index:0;
- background-image: url(images/opacity_black.png);\">
- </div>";
- $hide = "hide(\"e_layer\");hide(\"e_layer2\");";
- }
-
- $_SESSION['errors'].= "
- <div style='left:20%;right:20%;top:30%;".
- "background-color:white;padding:5px;border:5px solid red;z-index:150;".
- "position:absolute' id='e_layer'><table style='width:100%' summary='' border=0>".
- "<tr><td style='vertical-align:top;padding:10px'><img alt='' src='".
- get_template_path($img)."'></td>".
- "<td style='width:100%'><h1>"._("An error occurred while processing your request").
- "</h1><b>$string</b><br><br>$addmsg</td></tr><tr><td colspan='2' align='center'><br><button ".
- (($_SESSION['js']==FALSE)?"type='submit'":"type='button' name='error_accept'").
- " style='width:80px' onClick='".$hide."'>".
- _("OK")."</button></td></tr></table></div>";
-
+ if (is_global('DEBUGLEVEL')){
+ if($string !== NULL){
+ if (preg_match("/"._("LDAP error:")."/", $string)){
+ $addmsg= _("Problems with the LDAP server mean that you probably lost the last changes. Please check your LDAP setup for possible errors and try again.");
+ } else {
+ if (!preg_match('/[.!?]$/', $string)){
+ $string.= ".";
}
-
- }else{
- return;
+ $string= preg_replace('/<br>/', ' ', $string);
+ $addmsg= _("Please check your input and fix the error. Press 'OK' to close this message box.");
}
- $_SESSION['errorsAlreadyPosted'][$string] = 1;
-
+ msg_dialog::display($addmsg, $string,ERROR_DIALOG);
+ return;
+ }else{
+ return;
}
} else {
echo "Error: $string\n";
}
- $_SESSION['LastError'] = $string;
}
{
global $plug, $config;
- $_SESSION['dn']= $dn;
- $ldap= $config->get_ldap_link();
- $ldap->cat ($user, array('uid', 'cn'));
- $attrs= $ldap->fetch();
-
- /* Stop if we have no user here... */
- if (count($attrs)){
- $uid= $attrs["uid"][0];
- $cn= $attrs["cn"][0];
- } else {
- $uid= $attrs["uid"][0];
- $cn= $attrs["cn"][0];
- }
-
+ register_global('dn', $dn);
$remove= false;
/* Save variables from LOCK_VARS_TO_USE in session - for further editing */
- if((isset($_SESSION['LOCK_VARS_TO_USE']))&&(count($_SESSION['LOCK_VARS_TO_USE']))){
- $_SESSION['LOCK_VARS_USED'] =array();
- foreach($_SESSION['LOCK_VARS_TO_USE'] as $name){
+ if( is_global('LOCK_VARS_TO_USE') && count(get_global('LOCK_VARS_TO_USE'))){
+
+ $LOCK_VARS_USED = array();
+ $LOCK_VARS_TO_USE = get_global('LOCK_VARS_TO_USE');
+
+ foreach($LOCK_VARS_TO_USE as $name){
+
+ if(empty($name)){
+ continue;
+ }
- if(empty($name)) continue;
foreach($_POST as $Pname => $Pvalue){
if(preg_match($name,$Pname)){
- $_SESSION['LOCK_VARS_USED'][$Pname] = $_POST[$Pname];
+ $LOCK_VARS_USED[$Pname] = $_POST[$Pname];
}
}
foreach($_GET as $Pname => $Pvalue){
if(preg_match($name,$Pname)){
- $_SESSION['LOCK_VARS_USED'][$Pname] = $_GET[$Pname];
+ $LOCK_VARS_USED[$Pname] = $_GET[$Pname];
}
}
}
- $_SESSION['LOCK_VARS_TO_USE'] =array();
+ register_global('LOCK_VARS_TO_USE',array());
+ register_global('LOCK_VARS_USED' , $LOCK_VARS_USED);
}
/* Prepare and show template */
$smarty= get_smarty();
- $smarty->assign ("dn", $dn);
+
+ if(is_array($dn)){
+ $msg = "<pre>";
+ foreach($dn as $sub_dn){
+ $msg .= "\n".$sub_dn.", ";
+ }
+ $msg = preg_replace("/, $/","</pre>",$msg);
+ }else{
+ $msg = $dn;
+ }
+
+ $smarty->assign ("dn", $msg);
if ($remove){
$smarty->assign ("action", _("Continue anyway"));
} else {
$smarty->assign ("action", _("Edit anyway"));
}
- $smarty->assign ("message", sprintf(_("You're going to edit the LDAP entry '%s' which appears to be used by '%s'. Please contact the person in order to clarify proceedings."), "<b>".$dn."</b>", "<b><a href=\"main.php?plug=0&viewid=$uid\">$cn</a></b>"));
+ $smarty->assign ("message", sprintf(_("You're going to edit the LDAP entry/entries '%s'"), "<b>".$msg."</b>", ""));
return ($smarty->fetch (get_template_path('islocked.tpl')));
}
function sess_del ($var)
{
/* New style */
- unset ($_SESSION[$var]);
+ unset($_SESSION[$var]);
/* ... work around, since the first one
doesn't seem to work all the time */
{
if (!preg_match("/Success/i", $message)){
if ($addon == ""){
- print_red (_("LDAP error: $message"));
+ msg_dialog::display(_("LDAP error:"),$message,ERROR_DIALOG);
+ #print_red (_("LDAP error:")." $message");
} else {
- print_red ("$addon<br><br><b>"._("LDAP error:")."</b> $message");
+ msg_dialog::display(sprintf(_("LDAP error in plugin '%s':"),"<i>".$addon."</i>"),$message,ERROR_DIALOG);
+ #print_red ("$addon<br><br><b>"._("LDAP error:")."</b> $message");
}
return TRUE;
} else {
$display.= " ";
$display.= "</div>\n";
}
-# if (isset($_SESSION['errors'])){
-# $display.= $_SESSION['errors'];
-# }
-
return ($display);
}
// Get all available encryption Methods
// NON STATIC CALL :)
- $tmp = new passwordMethod($_SESSION['config']);
+ $tmp = new passwordMethod(get_global('config'));
$available = $tmp->get_available_methods();
// read current password entry for $dn, to detect the encryption Method
$deactivated = FALSE;
}
-# // Get current password hash method if available
-# if($hash == "" && isset($attrs['userPassword'][0]) && preg_match("/[\{\}]/",$attrs['userPassword'][0])){
-# $hash = preg_replace("/^[^\{]*+\{([^\}]*).*$/","\\1",$attrs['userPassword'][0]);
-# $hash = strtolower($hash);
-# }
+ /* Is ensure that clear passwords will stay clear */
+ if($hash == "" && isset($attrs['userPassword'][0]) && !preg_match ("/^{([^}]+)}(.+)/", $attrs['userPassword'][0])){
+ $hash = "clear";
+ }
-# // Set encryption type to clear if required
-# if (!isset($attrs['userPassword'][0]) || $hash == ""){
-# $hash= "clear";
-# }
- // Detect the encryption Method
+ // Detect the encryption Method
if ( (isset($attrs['userPassword'][0]) && preg_match ("/^{([^}]+)}(.+)/", $attrs['userPassword'][0], $matches)) || $hash != ""){
/* Check for supported algorithm */
}
$test = new $available[$hash]($config);
- $test->attrs= $attrs;
- $newpass = $test->generate_hash($password);
} else {
- // Crypt it by default
+ // User MD5 by default
+ $hash= "md5";
$test = new $available['md5']($config);
- $newpass = $test->generate_hash($password);
}
+ /* Feed password backends with information */
+ $test->dn= $dn;
+ $test->attrs= $attrs;
+ $newpass= $test->generate_hash($password);
+
// Update shadow timestamp?
if (isset($attrs["shadowLastChange"][0])){
$shadow= (int)(date("U") / 86400);
$ldap->get_error()));
} else {
+ /* Run backend method for change/create */
+ $test->set_password($password);
+
/* Find postmodify entries for this class */
$command= $config->search("password", "POSTMODIFY",array('menu'));