diff --git a/include/functions.inc b/include/functions.inc
index 92f858105b100df5da3fa5d1566d106180e78b63..ec1d945f9d081d7dddb91b0f38672d7e0eeb4ee5 100644 (file)
--- a/include/functions.inc
+++ b/include/functions.inc
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
-/* Configuration file location */
-define ("CONFIG_DIR", "/etc/gosa");
+/* Allow setting the config patih in the apache configuration
+ e.g. SetEnv CONFIG_FILE /etc/path
+ */
+if(!isset($_SERVER['CONFIG_DIR'])){
+ define ("CONFIG_DIR", "/etc/gosa");
+}else{
+ define ("CONFIG_DIR",$_SERVER['CONFIG_DIR']);
+}
+
+/* Allow setting the config file in the apache configuration
+ e.g. SetEnv CONFIG_FILE gosa.conf.2.5
+ */
+if(!isset($_SERVER['CONFIG_FILE'])){
+ define ("CONFIG_FILE", "gosa.conf");
+}else{
+ define ("CONFIG_FILE",$_SERVER['CONFIG_FILE']);
+}
+
define ("CONFIG_TEMPLATE_DIR", "../contrib/");
define ("HELP_BASEDIR", "/var/www/doc/");
require_once ("class_config.inc");
require_once ("class_userinfo.inc");
require_once ("class_plugin.inc");
+require_once ("class_dhcpPlugin.inc");
require_once ("class_pluglist.inc");
require_once ("class_tabs.inc");
require_once ("class_mail-methods.inc");
require_once("class_password-methods.inc");
require_once ("functions_debug.inc");
require_once ("functions_dns.inc");
+require_once ("accept-to-gettext.inc");
require_once ("class_MultiSelectWindow.inc");
/* Define constants for debugging */
}
-/* Simple function to get browser language and convert it to
- xx_XY needed by locales. Ignores sublanguages and weights. */
function get_browser_language()
{
- global $BASE_DIR;
-
/* Try to use users primary language */
+ global $config;
$ui= get_userinfo();
- if ($ui != NULL){
+ if (isset($ui) && $ui !== NULL){
if ($ui->language != ""){
- return ($ui->language);
+ return ($ui->language.".UTF-8");
}
}
- /* Get list of languages */
- if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
- $lang= preg_replace("/\s+/", "", $_SERVER['HTTP_ACCEPT_LANGUAGE']);
- $languages= split (',', $lang);
- $languages[]= "C";
- } else {
- $languages= array("C");
+ /* Check for global language settings in gosa.conf */
+ if(isset($config->data['MAIN']['LANG']) && !empty($config->data['MAIN']['LANG'])) {
+ $lang = $config->data['MAIN']['LANG'];
+ if(!preg_match("/utf/i",$lang)){
+ $lang .= ".UTF-8";
+ }
+ return($lang);
}
- /* Walk through languages and get first supported */
- foreach ($languages as $val){
-
- /* Strip off weight */
- $lang= preg_replace("/;q=.*$/i", "", $val);
-
- /* Simplify sub language handling */
- $lang= preg_replace("/-.*$/", "", $lang);
+ /* Load supported languages */
+ $gosa_languages= get_languages();
- /* Cancel loop if available in GOsa, or the last
- entry has been reached */
- if (is_dir("$BASE_DIR/locale/$lang")){
- break;
- }
+ /* Move supported languages to flat list */
+ $langs= array();
+ foreach($gosa_languages as $lang => $dummy){
+ $langs[]= $lang.'.UTF-8';
}
- return (strtolower($lang)."_".strtoupper($lang));
+ /* Return gettext based string */
+ return (al2gt($langs, 'text/html'));
}
{
global $config;
- $ldap = new LDAP ($binddn, $pass, $server, isset($config->current['RECURSIVE']) && $config->current['RECURSIVE'] == "true",
+ $ldap = new LDAP ($binddn, $pass, $server,
+ isset($config->current['RECURSIVE']) && $config->current['RECURSIVE'] == "true",
isset($config->current['TLS']) && $config->current['TLS'] == "true");
/* Sadly we've no proper return values here. Use the error message instead. */
if (!preg_match("/Success/i", $ldap->error)){
- print_red(sprintf(_("Error when connecting the LDAP. Server said '%s'."),
- $ldap->get_error()));
- echo $_SESSION['errors'];
-
- /* Hard error. We'd like to use the LDAP, anyway... */
- exit;
+ echo sprintf(_("FATAL: Error when connecting the LDAP. Server said '%s'."), $ldap->get_error());
+ exit();
}
/* Preset connection base to $base and return to caller */
$ldap = $config->get_ldap_link();
if (!preg_match("/Success/i", $ldap->error)){
print_red(sprintf(_("User login failed. LDAP server said '%s'."), $ldap->get_error()));
- echo $_SESSION['errors'];
- exit;
+ $smarty= get_smarty();
+ $smarty->display(get_template_path('headers.tpl'));
+ echo "<body>".$_SESSION['errors']."</body></html>";
+ exit();
}
+
+ /* Check if mail address is also a valid auth name */
+ $auth_mail = FALSE;
+ if(isset($config->current['AUTH_MAIL']) && preg_match("/^true$/i",$config->current['AUTH_MAIL'])){
+ $auth_mail = TRUE;
+ }
+
$ldap->cd($config->current['BASE']);
- $ldap->search("(&(uid=$username)(objectClass=gosaAccount))", array("uid"));
+ if(!$auth_mail){
+ $ldap->search("(&(uid=$username)(objectClass=gosaAccount))", array("uid"));
+ }else{
+ $ldap->search("(&(|(uid=".$username.")(mail=".$username."))(objectClass=gosaAccount))", array("uid","mail"));
+ }
/* get results, only a count of 1 is valid */
switch ($ldap->count()){
/* LDAP schema is not case sensitive. Perform additional check. */
$attrs= $ldap->fetch();
- if ($attrs['uid'][0] != $username){
- return(NULL);
+ if($auth_mail){
+ if ($attrs['uid'][0] != $username && strcasecmp($attrs['mail'][0], $username) != 0){
+ return(NULL);
+ }
+ }else{
+ if ($attrs['uid'][0] != $username){
+ return(NULL);
+ }
}
/* got user dn, fill acl's */
$ui= new userinfo($config, $ldap->getDN());
- $ui->username= $username;
+ $ui->username= $attrs['uid'][0];
/* password check, bind as user with supplied password */
$ldap->disconnect();
}
+function ldap_expired_account($config, $userdn, $username)
+{
+ //$this->config= $config;
+ $ldap= $config->get_ldap_link();
+ $ldap->cat($userdn);
+ $attrs= $ldap->fetch();
+
+ /* default value no errors */
+ $expired = 0;
+
+ $sExpire = 0;
+ $sLastChange = 0;
+ $sMax = 0;
+ $sMin = 0;
+ $sInactive = 0;
+ $sWarning = 0;
+
+ $current= date("U");
+
+ $current= floor($current /60 /60 /24);
+
+ /* special case of the admin, should never been locked */
+ /* FIXME should allow any name as user admin */
+ if($username != "admin")
+ {
+
+ if(isset($attrs['shadowExpire'][0])){
+ $sExpire= $attrs['shadowExpire'][0];
+ } else {
+ $sExpire = 0;
+ }
+
+ if(isset($attrs['shadowLastChange'][0])){
+ $sLastChange= $attrs['shadowLastChange'][0];
+ } else {
+ $sLastChange = 0;
+ }
+
+ if(isset($attrs['shadowMax'][0])){
+ $sMax= $attrs['shadowMax'][0];
+ } else {
+ $smax = 0;
+ }
+
+ if(isset($attrs['shadowMin'][0])){
+ $sMin= $attrs['shadowMin'][0];
+ } else {
+ $sMin = 0;
+ }
+
+ if(isset($attrs['shadowInactive'][0])){
+ $sInactive= $attrs['shadowInactive'][0];
+ } else {
+ $sInactive = 0;
+ }
+
+ if(isset($attrs['shadowWarning'][0])){
+ $sWarning= $attrs['shadowWarning'][0];
+ } else {
+ $sWarning = 0;
+ }
+
+ /* is the account locked */
+ /* shadowExpire + shadowInactive (option) */
+ if($sExpire >0){
+ if($current >= ($sExpire+$sInactive)){
+ return(1);
+ }
+ }
+
+ /* the user should be warned to change is password */
+ if((($sExpire >0) && ($sWarning >0)) && ($sExpire >= $current)){
+ if (($sExpire - $current) < $sWarning){
+ return(2);
+ }
+ }
+
+ /* force user to change password */
+ if(($sLastChange >0) && ($sMax) >0){
+ if($current >= ($sLastChange+$sMax)){
+ return(3);
+ }
+ }
+
+ /* the user should not be able to change is password */
+ if(($sLastChange >0) && ($sMin >0)){
+ if (($sLastChange + $sMin) >= $current){
+ return(4);
+ }
+ }
+ }
+ return($expired);
+}
+
function add_lock ($object, $user)
{
global $config;
$ldap->search("(&(objectClass=gosaLockEntry)(gosaUser=$user)(gosaObject=".base64_encode($object)."))",
array("gosaUser"));
if (!preg_match("/Success/i", $ldap->error)){
- print_red (sprintf(_("Can't set locking information in LDAP database. Please check the 'config' entry in gosa.conf! LDAP server says '%s'."), $ldap->get_error()));
+ print_red (sprintf(_("Can't set locking information in LDAP database. Please check the 'config' entry in %s! LDAP server says '%s'."),CONFIG_FILE, $ldap->get_error()));
return;
}
$ldap->cd ($config->current['CONFIG']);
$ldap->search("(&(objectClass=gosaLockEntry)(gosaObject=".base64_encode($object)."))", array("gosaUser"));
if (!preg_match("/Success/i", $ldap->error)){
- print_red (_("Can't get locking information in LDAP database. Please check the 'config' entry in gosa.conf!"));
+ print_red (sprintf(_("Can't get locking information in LDAP database. Please check the 'config' entry in %s!"),CONFIG_FILE));
return("");
}
function get_list($filter, $subtreeACL, $base= "", $attributes= array(), $flags= GL_SUBSEARCH)
{
- global $config;
+ global $config, $ui;
/* Get LDAP link */
$ldap= $config->get_ldap_link($flags & GL_SIZELIMIT);
@@ -504,6 +623,12 @@ function get_list($filter, $subtreeACL, $base= "", $attributes= array(), $flags=
$ldap->cd ($base);
}
+ /* Strict filter for administrative units? */
+ if ($ui->gosaUnitTag != "" && isset($config->current['STRICT_UNITS']) &&
+ preg_match('/TRUE/i', $config->current['STRICT_UNITS'])){
+ $filter= "(&(gosaUnitTag=".$ui->gosaUnitTag.")$filter)";
+ }
+
/* Perform ONE or SUB scope searches? */
if ($flags & GL_SUBSEARCH) {
$ldap->search ($filter, $attributes);
@@ -514,8 +639,6 @@ function get_list($filter, $subtreeACL, $base= "", $attributes= array(), $flags=
/* Check for size limit exceeded messages for GUI feedback */
if (preg_match("/size limit/i", $ldap->error)){
$_SESSION['limit_exceeded']= TRUE;
- } else {
- $_SESSION['limit_exceeded']= FALSE;
}
/* Crawl through reslut entries and perform the migration to the
}
-function get_module_permission($acl_array, $module, $dn)
-{
- global $ui;
+function get_module_permission($acl_array, $module, $dn, $checkTag= TRUE){
+ global $ui, $config;
+
+ /* Check for strict tagging */
+ $ttag= "";
+ if ($checkTag && isset($config->current['STRICT_UNITS']) &&
+ preg_match('/^(yes|true)$/i', $config->current['STRICT_UNITS']) &&
+ $ui->gosaUnitTag != ""){
+ $size= 0;
+ foreach ($config->tdepartments as $tdn => $tag){
+ if (preg_match("/$tdn$/", $dn)){
+ if (strlen($tdn) > $size){
+ $size= strlen($tdn);
+ $ttag= $tag;
+ }
+ }
+ }
+
+ /* We have no permission for areas that don't carry our tag */
+ if ($ttag != $ui->gosaUnitTag){
+ return ("#none#");
+ }
+ }
$final= "";
foreach($acl_array as $acl){
{
global $config;
- $ou= $config->current[$name];
+ /* Preset ou... */
+ if (isset($config->current[$name])){
+ $ou= $config->current[$name];
+ } else {
+ return "";
+ }
+
if ($ou != ""){
if (!preg_match('/^[^=]+=[^=]+/', $ou)){
return @LDAP::convert("ou=$ou,");
{
global $config;
- $pattern= "/^[^,]+,".preg_quote(get_people_ou())."/";
+ $pattern= "/^[^,]+,".preg_quote(get_people_ou())."/i";
$base= preg_replace($pattern, '', $dn);
/* Set to base, if we're not on a correct subtree */
return preg_match ("/^[\/0-9 ()+*-]+$/", $nr);
}
+function is_dns_name($str)
+{
+ return(preg_match("/^[a-z0-9\.\-]*$/i",$str));
+}
function is_url($url)
{
/* STRICT adds spaces and case insenstivity to the uid check.
This is dangerous and should not be used. */
- if (isset($config->current['STRICT']) && preg_match('/^no$/i', $config->current['STRICT'])){
+ if (isset($config->current['STRICT']) && preg_match('/^(no|false)$/i', $config->current['STRICT'])){
return preg_match ("/^[a-z0-9 _.-]+$/i", $uid);
} else {
return preg_match ("/^[a-z0-9_-]+$/", $uid);
}
+function is_mac($mac)
+{
+ return preg_match("/^[a-f0-9][a-f0-9]:[a-f0-9][a-f0-9]:[a-f0-9][a-f0-9]:[a-f0-9][a-f0-9]:[a-f0-9][a-f0-9]:[a-f0-9][a-f0-9]$/i", $mac);
+}
+
+
+/* Checks if the given ip address doesn't match
+ "is_ip" because there is also a sub net mask given */
+function is_ip_with_subnetmask($ip)
+{
+ /* Generate list of valid submasks */
+ $res = array();
+ for($e = 0 ; $e <= 32; $e++){
+ $res[$e] = $e;
+ }
+ $i[0] =255;
+ $i[1] =255;
+ $i[2] =255;
+ $i[3] =255;
+ for($a= 3 ; $a >= 0 ; $a --){
+ $c = 1;
+ while($i[$a] > 0 ){
+ $str = $i[0].".".$i[1].".".$i[2].".".$i[3];
+ $res[$str] = $str;
+ $i[$a] -=$c;
+ $c = 2*$c;
+ }
+ }
+ $res["0.0.0.0"] = "0.0.0.0";
+ if(preg_match("/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
+ "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
+ "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
+ "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/", $ip)){
+ $mask = preg_replace("/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
+ "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
+ "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.".
+ "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/","",$ip);
+
+ $mask = preg_replace("/^\//","",$mask);
+ if((in_array("$mask",$res)) && preg_match("/^[0-9\.]/",$mask)){
+ return(TRUE);
+ }
+ }
+ return(FALSE);
+}
+
+/* Simple is domain check, it checks if the given string looks like "string(...).string" */
+function is_domain($str)
+{
+ return(preg_match("/^([a-z0-9i\-]*)\.[a-z0-9]*$/i",$str));
+}
+
+
function is_id($id)
{
if ($id == ""){
if (isset($_SESSION['DEBUGLEVEL'])){
if($_SESSION['LastError'] == $string){
-
+
if((!isset($_SESSION['errorsAlreadyPosted'][$string]))){
$_SESSION['errorsAlreadyPosted'][$string] = 1;
}
- $_SESSION['errorsAlreadyPosted'][$string] ++;
+ $_SESSION['errorsAlreadyPosted'][$string]++;
}else{
- if((!empty($_SESSION['LastError'])) && ($_SESSION['errorsAlreadyPosted'][$_SESSION['LastError']]>1)){
- $_SESSION['errors'].= "<div align=\"left\" style=\"border-width:5px;".
- "border-style:solid;border-color:red; background-color:black;".
- "margin-bottom:10px; padding:8px;\"><table style='width:100%' summary=''><tr><td><img alt=\"\" src=\"".
- get_template_path('images/warning.png')."\"></td>".
- "<td width=\"100%\" style=\"text-align:center\"><font color=\"#FFFFFF\">".
- "<b style='font-size:16px;'>".sprintf(_("Last message repeated %s times."),$_SESSION['errorsAlreadyPosted'][$_SESSION['LastError']])."</b></font></td><td>".
- "<img alt=\"\"src=\"".get_template_path('images/warning.png').
- "\"></td></tr></table></div>\n";
- }
-
if($string != NULL){
- $_SESSION['errors'].= "<div align=\"left\" style=\"border-width:5px;".
- "border-style:solid;border-color:red; background-color:black;".
- "margin-bottom:10px; padding:8px;\"><table style='width:100%' summary=''><tr><td><img alt=\"\" src=\"".
- get_template_path('images/warning.png')."\"></td>".
- "<td width=\"100%\" style=\"text-align:center\"><font color=\"#FFFFFF\">".
- "<b style='font-size:16px;'>$string</b></font></td><td>".
- "<img alt=\"\"src=\"".get_template_path('images/warning.png').
- "\"></td></tr></table></div>\n";
+ if (preg_match("/"._("LDAP error:")."/", $string)){
+ $addmsg= _("Problems with the LDAP server mean that you probably lost the last changes. Please check your LDAP setup for possible errors and try again.");
+ $img= "images/error.png";
+ } else {
+ if (!preg_match('/[.!?]$/', $string)){
+ $string.= ".";
+ }
+ $string= preg_replace('/<br>/', ' ', $string);
+ $img= "images/warning.png";
+ $addmsg= _("Please check your input and fix the error. Press 'OK' to close this message box.");
+ }
+
+ if(isset($_SESSION['errors']) && strlen($_SESSION['errors'])==0) {
+
+
+ if(preg_match("/MSIE/", $_SERVER['HTTP_USER_AGENT'])){
+
+ $_SESSION['errors'].= "
+ <iframe id='e_layer3'
+ style=\" position:absolute;
+ width:100%;
+ height:100%;
+ top:0px;
+ left:0px;
+ border:none;
+ display:block;
+ allowtransparency='true';
+ background-color: #FFFFFF;
+ filter:chroma(color=#FFFFFF);
+ z-index:0; \">
+ </iframe>
+ <div id='e_layer2'
+ style=\"
+ position: absolute;
+ left: 0px;
+ top: 0px;
+ right:0px;
+ bottom:0px;
+ z-index:0;
+ width:100%;
+ height:100%;
+ filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(enabled=true, sizingMethod=scale, src='images/opacity_black.png'); \">
+ </div>";
+ $hide = "hide(\"e_layer\");hide(\"e_layer2\");hide(\"e_layer3\");";
+ }else{
+
+ $_SESSION['errors'].= "
+ <div id='e_layer2'
+ style=\"
+ position: absolute;
+ left: 0px;
+ top: 0px;
+ right:0px;
+ bottom:0px;
+ z-index:0;
+ background-image: url(images/opacity_black.png);\">
+ </div>";
+ $hide = "hide(\"e_layer\");hide(\"e_layer2\");";
+ }
+
+ $_SESSION['errors'].= "
+ <div style='left:20%;right:20%;top:30%;".
+ "background-color:white;padding:5px;border:5px solid red;z-index:150;".
+ "position:absolute' id='e_layer'><table style='width:100%' summary='' border=0>".
+ "<tr><td style='vertical-align:top;padding:10px'><img alt='' src='".
+ get_template_path($img)."'></td>".
+ "<td style='width:100%'><b>$string</b><br><br>$addmsg</td></tr><tr><td colspan='2' align='center'><br><button ".
+ (($_SESSION['js']==FALSE)?"type='submit'":"type='button' name='error_accept'").
+ " style='width:80px' onClick='".$hide."'>".
+ _("OK")."</button></td></tr></table></div>";
+ }
+
}else{
return;
}
- $_SESSION['errorsAlreadyPosted'] = array();
$_SESSION['errorsAlreadyPosted'][$string] = 1;
}
echo "Error: $string\n";
}
$_SESSION['LastError'] = $string;
-
}
$_SESSION['dn']= $dn;
$ldap= $config->get_ldap_link();
- $ldap->cat ($user);
+ $ldap->cat ($user, array('uid', 'cn'));
$attrs= $ldap->fetch();
- $uid= $attrs["uid"][0];
- // print_a($_POST);
- // print_a($_GET);
+ /* Stop if we have no user here... */
+ if (count($attrs)){
+ $uid= $attrs["uid"][0];
+ $cn= $attrs["cn"][0];
+ } else {
+ $uid= $attrs["uid"][0];
+ $cn= $attrs["cn"][0];
+ }
+
+ $remove= false;
if((isset($_SESSION['LOCK_VARS_TO_USE']))&&(count($_SESSION['LOCK_VARS_TO_USE']))){
$_SESSION['LOCK_VARS_USED'] =array();
/* Prepare and show template */
$smarty= get_smarty();
$smarty->assign ("dn", $dn);
- $smarty->assign ("message", sprintf(_("You're going to edit the LDAP entry '%s' which appears to be used by '%s'. Please contact the person in order to clarify proceedings."), $dn, "<a href=\"main.php?plug=0&viewid=$uid\">$uid</a>"));
+ if ($remove){
+ $smarty->assign ("action", _("Continue anyway"));
+ } else {
+ $smarty->assign ("action", _("Edit anyway"));
+ }
+ $smarty->assign ("message", sprintf(_("You're going to edit the LDAP entry '%s' which appears to be used by '%s'. Please contact the person in order to clarify proceedings."), "<b>".$dn."</b>", "<b><a href=\"main.php?plug=0&viewid=$uid\">$cn</a></b>"));
return ($smarty->fetch (get_template_path('islocked.tpl')));
}
$ar = false;
exec("lpstat -p", $ar);
foreach($ar as $val){
- list($dummy, $printer, $rest)= split(' ', $val, 3);
+ @list($dummy, $printer, $rest)= split(' ', $val, 3);
if (preg_match('/^[^@]+$/', $printer)){
$res[$printer]= "$printer";
}
/* Merge in printers from LDAP */
$ldap= $config->get_ldap_link();
$ldap->cd ($config->current['BASE']);
- $ldap->search('(objectClass=gotoPrinter)', array('cn'));
- while ($attrs= $ldap->fetch()){
- $res[$attrs["cn"][0]]= $attrs["cn"][0];
+ $ui= get_userinfo();
+ if (isset($config->current['STRICT_UNITS']) && preg_match('/TRUE/i', $config->current['STRICT_UNITS']) && $ui->gosaUnitTag != ""){
+ $ldap->search('((objectClass=gotoPrinter)(gosaUnitTag='.$ui->gosaUnitTag.'))', array('cn'));
+ } else {
+ $ldap->search('(objectClass=gotoPrinter)', array('cn'));
+ }
+ while($attrs = $ldap->fetch()){
+ $res[$attrs['cn'][0]] = $attrs['cn'][0];
}
return $res;
}
-function show_ldap_error($message)
+function show_ldap_error($message, $addon= "")
{
if (!preg_match("/Success/i", $message)){
- print_red (_("LDAP error:")." $message");
+ if ($addon == ""){
+ print_red (_("LDAP error: $message"));
+ } else {
+ print_red ("$addon<br><br><b>"._("LDAP error:")."</b> $message");
+ }
return TRUE;
} else {
return FALSE;
global $config;
if (get_people_ou() != ""){
- $dn= preg_replace('/,'.get_people_ou().'/' , ',', $dn);
+ $dn= preg_replace('/,'.get_people_ou().'/i' , ',', $dn);
}
if (get_groups_ou() != ""){
- $dn= preg_replace('/,'.get_groups_ou().'/' , ',', $dn);
+ $dn= preg_replace('/,'.get_groups_ou().'/i' , ',', $dn);
}
$base= preg_replace ('/^[^,]+,/i', '', $dn);
$display.= " ";
$display.= "</div>\n";
}
+# if (isset($_SESSION['errors'])){
+# $display.= $_SESSION['errors'];
+# }
return ($display);
}
if ($rule[$pos] == "}" ){
$variables[$pos]= expand_id($part, $attributes);
- $stripped.= "\{$pos}";
+ $stripped.= "{".$pos."}";
$trigger= false;
continue;
}
return (sprintf(_("GOsa development snapshot (Rev %s)"), $revision));
} else {
$release= preg_replace('%^.*/([^/]+)/include/functions.inc.*$%', '\1', $svn_path);
- return (sprintf(_("GOsa $release"), $revision));
+ return (_("GOsa $release"));
}
}
$progress = (int)(($percentage /100)*$width);
- /* Abort printing out percentage, if divs are to small */
-
-
/* If theres a better solution for this, use it... */
- $str = "
- <div style=\" width:".($width)."px;
- height:".($height)."px;
- background-color:#000000;
-padding:1px;\">
-
- <div style=\" width:".($width)."px;
- background-color:#$bgcolor;
-height:".($height)."px;\">
+ $str = "\n <div style=\" width:".($width)."px; ";
+ $str.= "\n height:".($height)."px; ";
+ $str.= "\n background-color:#000000; ";
+ $str.= "\n padding:1px;\" > ";
- <div style=\" width:".$progress."px;
-height:".$height."px;
- background-color:#".$color2.$color2.$color."; \">";
+ $str.= "\n <div style=\" width:".($width)."px; ";
+ $str.= "\n background-color:#$bgcolor; ";
+ $str.= "\n height:".($height)."px;\" > ";
- if(($height >10)&&($showvalue)){
- $str.= "<font style=\"font-size:".($height-2)."px;color:#FF0000;align:middle;padding-left:".((int)(($width*0.4)))."px;\">
- <b>".$percentage."%</b>
- </font>";
- }
+ if(($height >10)&&($showvalue)){
+ $str.= "\n <font style=\"font-size:".($height-2)."px; ";
+ $str.= "\n color:#FF0000; align:middle; ";
+ $str.= "\n padding-left:".((int)(($width*0.4)))."px; \"> ";
+ $str.= "\n <b>".$percentage."%</b> ";
+ $str.= "\n </font> ";
+ }
- $str.= "</div></div></div>";
+ $str.= "\n <div style=\" width:".$progress."px; ";
+ $str.= "\n height:".$height."px; ";
+ $str.= "\n background-color:#".$color2.$color2.$color."; \" >";
+ $str.= "\n </div>";
+ $str.= "\n </div>";
+ $str.= "\n </div>";
- return($str);
+ return($str);
}
}
+/* Check if the given department name is valid */
+function is_department_name_reserved($name,$base)
+{
+ $reservedName = array("systems","apps","incomming","internal","accounts","fax","addressbook",
+ preg_replace("/ou=(.*),/","\\1",get_people_ou()),
+ preg_replace("/ou=(.*),/","\\1",get_groups_ou()));
+ $follwedNames['/ou=fai,ou=configs,ou=systems,/'] = array("fai","hooks","templates","scripts","disk","packages","variables","profiles");
+
+ /* Check if name is one of the reserved names */
+ if(in_array_ics($name,$reservedName)) {
+ return(true);
+ }
+
+ /* Check all follow combinations if name is in array && parent base == array_key, return false*/
+ foreach($follwedNames as $key => $names){
+ if((in_array_ics($name,$names)) && (preg_match($key,$base))){
+ return(true);
+ }
+ }
+ return(false);
+}
+
+
+function is_php4()
+{
+ if (isset($_SESSION['PHP4COMPATIBLE'])){
+ return true;
+ }
+ return (preg_match('/^4/', phpversion()));
+}
+
+
+function gosa_ldap_explode_dn($dn,$config = NULL,$verify_in_ldap=false)
+{
+ /* Initialize variables */
+ $ret = array("count" => 0); // Set count to 0
+ $next = true; // if false, then skip next loops and return
+ $cnt = 0; // Current number of loops
+ $max = 100; // Just for security, prevent looops
+ $ldap = NULL; // To check if created result a valid
+ $keep = ""; // save last failed parse string
+
+ /* Check each parsed dn in ldap ? */
+ if($config!=NULL && $verify_in_ldap){
+ $ldap = $config->get_ldap_link();
+ }
+
+ /* Lets start */
+ $called = false;
+ while(preg_match("/,/",$dn) && $next && $cnt < $max){
+
+ $cnt ++;
+ if(!preg_match("/,/",$dn)){
+ $next = false;
+ }
+ $object = preg_replace("/[,].*$/","",$dn);
+ $dn = preg_replace("/^[^,]+,/","",$dn);
+
+ $called = true;
+
+ /* Check if current dn is valid */
+ if($ldap!=NULL){
+ $ldap->cd($dn);
+ $ldap->cat($dn,array("dn"));
+ if($ldap->count()){
+ $ret[] = $keep.$object;
+ $keep = "";
+ }else{
+ $keep .= $object.",";
+ }
+ }else{
+ $ret[] = $keep.$object;
+ $keep = "";
+ }
+ }
+
+ /* No dn was posted */
+ if($cnt == 0 && !empty($dn)){
+ $ret[] = $dn;
+ }
+
+ /* Append the rest */
+ $test = $keep.$dn;
+ if($called && !empty($test)){
+ $ret[] = $keep.$dn;
+ }
+ $ret['count'] = count($ret) - 1;
+
+ return($ret);
+}
+
+
+function get_base_from_hook($dn, $attrib)
+{
+ global $config;
+
+ if (isset($config->current['BASE_HOOK'])){
+
+ /* Call hook script - if present */
+ $command= $config->current['BASE_HOOK'];
+
+ if ($command != ""){
+ $command.= " '".@LDAP::fix($dn)."' $attrib";
+ if (check_command($command)){
+ @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execute");
+ exec($command, $output);
+ if (preg_match("/^[0-9]+$/", $output[0])){
+ return ($output[0]);
+ } else {
+ print_red(_("Warning - base_hook is not available. Using default base."));
+ return ($config->current['UIDBASE']);
+ }
+ } else {
+ print_red(_("Warning - base_hook is not available. Using default base."));
+ return ($config->current['UIDBASE']);
+ }
+
+ } else {
+
+ print_red(_("Warning - no base_hook defined. Using default base."));
+ return ($config->current['UIDBASE']);
+
+ }
+ }
+}
+
+/* Schema validation functions */
+
+ function check_schema_version($class, $version)
+ {
+ return preg_match("/\(v$version\)/", $class['DESC']);
+ }
+
+
+
+ function check_schema($cfg,$rfc2307bis = FALSE)
+ {
+
+ $messages= array();
+
+ /* Get objectclasses */
+ $ldap = new LDAP($cfg['admin'],$cfg['password'],$cfg['connection'] ,FALSE,$cfg['tls']);
+ $objectclasses = $ldap->get_objectclasses();
+ if(count($objectclasses) == 0){
+ print_red(_("Can't get schema information from server. No schema check possible!"));
+ }
+
+ /* This is the default block used for each entry.
+ * to avoid unset indexes.
+ */
+ $def_check = array("REQUIRED_VERSION" => "0",
+ "SCHEMA_FILES" => array(),
+ "CLASSES_REQUIRED" => array(),
+ "STATUS" => FALSE,
+ "IS_MUST_HAVE" => FALSE,
+ "MSG" => "",
+ "INFO" => "");#_("There is currently no information specified for this schema extension."));
+
+ /* The gosa base schema */
+ $checks['gosaObject'] = $def_check;
+ $checks['gosaObject']['REQUIRED_VERSION'] = "2.4";
+ $checks['gosaObject']['SCHEMA_FILES'] = array("gosa+samba3.schema","gosa.schema");
+ $checks['gosaObject']['CLASSES_REQUIRED'] = array("gosaObject");
+ $checks['gosaObject']['IS_MUST_HAVE'] = TRUE;
+
+ /* GOsa Account class */
+ $checks["gosaAccount"]["REQUIRED_VERSION"]= "2.4";
+ $checks["gosaAccount"]["SCHEMA_FILES"] = array("gosa+samba3.schema","gosa.schema");
+ $checks["gosaAccount"]["CLASSES_REQUIRED"]= array("gosaAccount");
+ $checks["gosaAccount"]["IS_MUST_HAVE"] = TRUE;
+ $checks["gosaAccount"]["INFO"] = _("Used to store account specific informations.");
+
+ /* GOsa lock entry, used to mark currently edited objects as 'in use' */
+ $checks["gosaLockEntry"]["REQUIRED_VERSION"] = "2.4";
+ $checks["gosaLockEntry"]["SCHEMA_FILES"] = array("gosa+samba3.schema","gosa.schema");
+ $checks["gosaLockEntry"]["CLASSES_REQUIRED"] = array("gosaLockEntry");
+ $checks["gosaLockEntry"]["IS_MUST_HAVE"] = TRUE;
+ $checks["gosaLockEntry"]["INFO"] = _("Used to lock currently edited entries to avoid multiple changes at the same time.");
+
+ /* Some other checks */
+ foreach(array(
+ "gosaCacheEntry" => array("version" => "2.4"),
+ "gosaDepartment" => array("version" => "2.4"),
+ "goFaxAccount" => array("version" => "1.0.4", "class" => "gofaxAccount","file" => "gofax.schema"),
+ "goFaxSBlock" => array("version" => "1.0.4", "class" => "gofaxAccount","file" => "gofax.schema"),
+ "goFaxRBlock" => array("version" => "1.0.4", "class" => "gofaxAccount","file" => "gofax.schema"),
+ "gosaUserTemplate" => array("version" => "2.4", "class" => "posixAccount","file" => "nis.schema"),
+ "gosaMailAccount" => array("version" => "2.4", "class" => "mailAccount","file" => "gosa+samba3.schema"),
+ "gosaProxyAccount" => array("version" => "2.4", "class" => "proxyAccount","file" => "gosa+samba3.schema"),
+ "gosaApplication" => array("version" => "2.4", "class" => "appgroup","file" => "gosa.schema"),
+ "gosaApplicationGroup" => array("version" => "2.4", "class" => "appgroup","file" => "gosa.schema"),
+ "GOhard" => array("version" => "2.5", "class" => "terminals","file" => "goto.schema"),
+ "gotoTerminal" => array("version" => "2.5", "class" => "terminals","file" => "goto.schema"),
+ "goServer" => array("version" => "2.4","class" => "server","file" => "goserver.schema"),
+ "goTerminalServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
+ "goShareServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
+ "goNtpServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
+ "goSyslogServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"),
+ "goLdapServer" => array("version" => "2.4"),
+ "goCupsServer" => array("version" => "2.4", "class" => array("posixAccount", "terminals"),),
+ "goImapServer" => array("version" => "2.4", "class" => array("mailAccount", "mailgroup"),"file" => "gosa+samba3. schema"),
+ "goKrbServer" => array("version" => "2.4"),
+ "goFaxServer" => array("version" => "2.4", "class" => "gofaxAccount","file" => "gofax.schema"),
+ ) as $name => $values){
+
+ $checks[$name] = $def_check;
+ if(isset($values['version'])){
+ $checks[$name]["REQUIRED_VERSION"] = $values['version'];
+ }
+ if(isset($values['file'])){
+ $checks[$name]["SCHEMA_FILES"] = array($values['file']);
+ }
+ $checks[$name]["CLASSES_REQUIRED"] = array($name);
+ }
+ foreach($checks as $name => $value){
+ foreach($value['CLASSES_REQUIRED'] as $class){
+
+ if(!isset($objectclasses[$name])){
+ $checks[$name]['STATUS'] = FALSE;
+ if($value['IS_MUST_HAVE']){
+ $checks[$name]['MSG'] = sprintf(_("The required objectClass '%s' is not present in your schema setup"),$class);
+ }else{
+ $checks[$name]['MSG'] = sprintf(_("The optional objectClass '%s' is not present in your schema setup"),$class);
+ }
+ }elseif(!check_schema_version($objectclasses[$name],$value['REQUIRED_VERSION'])){
+ $checks[$name]['STATUS'] = FALSE;
+
+ if($value['IS_MUST_HAVE']){
+ $checks[$name]['MSG'] = sprintf(_("The required objectclass '%s' does not have version %s"), $class, $value['REQUIRED_VERSION']);
+ }else{
+ $checks[$name]['MSG'] = sprintf(_("The optional objectclass '%s' does not have version %s"), $class, $value['REQUIRED_VERSION']);
+ }
+ }else{
+ $checks[$name]['STATUS'] = TRUE;
+ $checks[$name]['MSG'] = sprintf(_("Class(es) available"));
+ }
+ }
+ }
+
+ $tmp = $objectclasses;
+
+
+ /* The gosa base schema */
+ $checks['posixGroup'] = $def_check;
+ $checks['posixGroup']['REQUIRED_VERSION'] = "2.4";
+ $checks['posixGroup']['SCHEMA_FILES'] = array("gosa+samba3.schema","gosa.schema");
+ $checks['posixGroup']['CLASSES_REQUIRED'] = array("posixGroup");
+ $checks['posixGroup']['STATUS'] = TRUE;
+ $checks['posixGroup']['IS_MUST_HAVE'] = TRUE;
+ $checks['posixGroup']['MSG'] = "";
+ $checks['posixGroup']['INFO'] = "";
+
+ /* Depending on selected rfc2307bis mode, we need different schema configurations */
+ if(isset($tmp['posixGroup'])){
+
+ if($rfc2307bis && isset($tmp['posixGroup']['STRUCTURAL'])){
+ $checks['posixGroup']['STATUS'] = FALSE;
+ $checks['posixGroup']['MSG'] = _("You have enabled the rfc2307bis option on the 'ldap setup' step, but your schema configuration do not support this option.");
+ $checks['posixGroup']['INFO'] = _("In order to use rfc2307bis conform groups the objectClass 'posixGroup' must be AUXILIARY");
+ }
+ if(!$rfc2307bis && !isset($tmp['posixGroup']['STRUCTURAL'])){
+ $checks['posixGroup']['STATUS'] = FALSE;
+ $checks['posixGroup']['MSG'] = _("You have disabled the rfc2307bis option on the 'ldap setup' step, but your schema configuration do not support this option.");
+ $checks['posixGroup']['INFO'] = _("The objectClass 'posixGroup' must be STRUCTURAL");
+ }
+ }
+
+ return($checks);
+ }
+
+
+
+
+function mac2company($mac)
+{
+ $vendor= "";
+
+ /* Generate a normailzed mac... */
+ $mac= substr(preg_replace('/[:-]/', '', $mac), 0, 6);
+
+ /* Check for existance of the oui file */
+ if (!is_readable(CONFIG_DIR."/oui.txt")){
+ return ("");
+ }
+
+ /* Open file and look for mac addresses... */
+ $handle = @fopen(CONFIG_DIR."/oui.txt", "r");
+ if ($handle) {
+ while (!feof($handle)) {
+ $line = fgets($handle, 4096);
+
+ if (preg_match("/^$mac/i", $line)){
+ $vendor= substr($line, 32);
+ }
+ }
+ fclose($handle);
+ }
+
+ return ($vendor);
+}
+
+
+function get_languages($languages_in_own_language = FALSE,$strip_region_tag = FALSE)
+{
+ $tmp = array(
+ "de_DE" => "German",
+ "fr_FR" => "French",
+ "it_IT" => "Italian",
+ "es_ES" => "Spanish",
+ "en_US" => "English",
+ "nl_NL" => "Dutch",
+ "pl_PL" => "Polish",
+ "sv_SE" => "Swedish",
+ "zh_CN" => "Chinese",
+ "ru_RU" => "Russian");
+
+ $tmp2= array(
+ "de_DE" => _("German"),
+ "fr_FR" => _("French"),
+ "it_IT" => _("Italian"),
+ "es_ES" => _("Spanish"),
+ "en_US" => _("English"),
+ "nl_NL" => _("Dutch"),
+ "pl_PL" => _("Polish"),
+ "sv_SE" => _("Swedish"),
+ "zh_CN" => _("Chinese"),
+ "ru_RU" => _("Russian"));
+
+ $ret = array();
+ if($languages_in_own_language){
+
+ $old_lang = setlocale(LC_ALL, 0);
+ foreach($tmp as $key => $name){
+ $lang = $key.".UTF-8";
+ setlocale(LC_ALL, $lang);
+ if($strip_region_tag){
+ $ret[preg_replace("/^([^_]*).*$/","\\1",$key)] = _($name)." (".$tmp2[$key].")";
+ }else{
+ $ret[$key] = _($name)." (".$tmp2[$key].")";
+ }
+ }
+ setlocale(LC_ALL, $old_lang);
+ }else{
+ foreach($tmp as $key => $name){
+ if($strip_region_tag){
+ $ret[preg_replace("/^([^_]*).*/","\\1",$key)] = _($name);
+ }else{
+ $ret[$key] = _($name);
+ }
+ }
+ }
+ return($ret);
+}
+
+
+/* Check if $ip1 and $ip2 represents a valid IP range
+ * returns TRUE in case of a valid range, FALSE in case of an error.
+ */
+function is_ip_range($ip1,$ip2)
+{
+ if(!is_ip($ip1) || !is_ip($ip2)){
+ return(FALSE);
+ }else{
+ $ar1 = split("\.",$ip1);
+ $var1 = $ar1[0] * (16777216) + $ar1[1] * (65536) + $ar1[2] * (256) + $ar1[3];
+
+ $ar2 = split("\.",$ip2);
+ $var2 = $ar2[0] * (16777216) + $ar2[1] * (65536) + $ar2[2] * (256) + $ar2[3];
+ return($var1 < $var2);
+ }
+}
+
+
+/* Check if the specified IP address $address is inside the given network */
+function is_in_network($network, $netmask, $address)
+{
+ $nw= split('\.', $network);
+ $nm= split('\.', $netmask);
+ $ad= split('\.', $address);
+
+ /* Generate inverted netmask */
+ for ($i= 0; $i<4; $i++){
+ $ni[$i]= 255-$nm[$i];
+ $la[$i]= $nw[$i] | $ni[$i];
+ }
+
+ /* Transform to integer */
+ $first= $nw[0] * (16777216) + $nw[1] * (65536) + $nw[2] * (256) + $nw[3];
+ $curr= $ad[0] * (16777216) + $ad[1] * (65536) + $ad[2] * (256) + $ad[3];
+ $last= $la[0] * (16777216) + $la[1] * (65536) + $la[2] * (256) + $la[3];
+
+ return ($first < $curr&& $last > $curr);
+}
+
+
+/* Add a given objectClass to an attrs entry */
+function add_objectClass($classes, &$attrs)
+{
+ if (is_array($classes)){
+ $list= $classes;
+ } else {
+ $list= array($classes);
+ }
+
+ foreach ($list as $class){
+ $attrs['objectClass'][]= $class;
+ }
+}
+
+
+/* Removes a given objectClass from the attrs entry */
+function remove_objectClass($classes, &$attrs)
+{
+ if (isset($attrs['objectClass'])){
+ /* Array? */
+ if (is_array($classes)){
+ $list= $classes;
+ } else {
+ $list= array($classes);
+ }
+
+ $tmp= array();
+ foreach ($attrs['objectClass'] as $oc) {
+ foreach ($list as $class){
+ if ($oc != $class){
+ $tmp[]= $oc;
+ }
+ }
+ }
+ $attrs['objectClass']= $tmp;
+ }
+}
+
+
+function cred_encrypt($input, $password) {
+
+ $size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
+ $iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM);
+
+ return bin2hex(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $password, $input, MCRYPT_MODE_ECB, $iv));
+}
+
+
+function cred_decrypt($input,$password) {
+ $size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
+ $iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM);
+
+ return mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $password, pack("H*", $input), MCRYPT_MODE_ECB, $iv);
+}
+
+
+/* Returns contents of the given POST variable and check magic quotes settings */
+function get_post($name)
+{
+ if(!isset($_POST[$name])){
+ trigger_error("Requested POST value (".$name.") does not exists, you should add a check to prevent this message.");
+ return(FALSE);
+ }
+ if(get_magic_quotes_gpc()){
+ return(stripcslashes($_POST[$name]));
+ }else{
+ return($_POST[$name]);
+ }
+}
+
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
?>