"; foreach($dn as $sub_dn){ @@ -1330,6 +1649,17 @@ function gen_locked_message($user, $dn) } +/*! \brief Return a string/HTML representation of an array + * + * This returns a string representation of a given value. + * It can be used to dump arrays, where every value is printed + * on its own line. The output is targetted at HTML output, it uses + * '
' for line breaks. If the value is already a string its + * returned unchanged. + * + * \param mixed 'value' Whatever needs to be printed. + * \return string + */ function to_string ($value) { /* If this is an array, generate a text blob */ @@ -1345,6 +1675,19 @@ function to_string ($value) } +/*! \brief Return a list of all printers in the current base + * + * Returns an array with the CNs of all printers (objects with + * objectClass gotoPrinter) in the current base. + * ($config->current['BASE']). + * + * Example: + * \code + * $this->printerList = get_printer_list(); + * \endcode + * + * \return array an array with the CNs of the printers as key and value. + * */ function get_printer_list() { global $config; @@ -1357,18 +1700,30 @@ function get_printer_list() } +/*! \brief Function to rewrite some problematic characters + * + * This function takes a string and replaces all possibly characters in it + * with less problematic characters, as defined in $REWRITE. + * + * \param string 's' the string to rewrite + * \return string 's' the result of the rewrite + * */ function rewrite($s) { global $REWRITE; foreach ($REWRITE as $key => $val){ - $s= preg_replace("/$key/", "$val", $s); + $s= str_replace("$key", "$val", $s); } return ($s); } +/*! \brief Return the base of a given DN + * + * \param string 'dn' a DN + * */ function dn2base($dn) { global $config; @@ -1385,7 +1740,14 @@ function dn2base($dn) } - +/*! \brief Check if a given command exists and is executable + * + * Test if a given cmdline contains an executable command. Strips + * arguments from the given cmdline. + * + * \param string 'cmdline' the cmdline to check + * \return TRUE if command exists and is executable, otherwise FALSE. + * */ function check_command($cmdline) { $cmd= preg_replace("/ .*$/", "", $cmdline); @@ -1404,6 +1766,12 @@ function check_command($cmdline) } +/*! \brief Print plugin HTML header + * + * \param string 'image' the path of the image to be used next to the headline + * \param string 'image' the headline + * \param string 'info' additional information to print + */ function print_header($image, $headline, $info= "") { $display= "\n"; @@ -1423,6 +1791,13 @@ function print_header($image, $headline, $info= "") } +/*! \brief Print page number selector for paged lists + * + * \param int 'dcnt' Number of entries + * \param int 'start' Page to start + * \param int 'range' Number of entries per page + * \param string 'post_var' POST variable to check for range + */ function range_selector($dcnt,$start,$range=25,$post_var=false) { @@ -1530,6 +1905,7 @@ function range_selector($dcnt,$start,$range=25,$post_var=false) } +/*! \brief Generate HTML for the 'Apply filter' button */ function apply_filter() { $apply= ""; @@ -1542,6 +1918,7 @@ function apply_filter() } +/*! \brief Generate HTML for the 'Back' button */ function back_to_main() { $string= 'get_ldap_link(); $ldap->cd($config->current['BASE']); - $ldap->search('(uid=*)'); - - while($attrs= $ldap->fetch()){ - $used[]= $attrs['uid'][0]; - } /* Remove used uids and watch out for id tags */ $ret= array(); foreach($proposed as $uid){ /* Check for id tag and modify uid if needed */ - if(preg_match('/\{id:\d+}/',$uid)){ - $size= preg_replace('/^.*{id:(\d+)}.*$/', '\\1', $uid); + if(preg_match('/\{id(:|!)\d+}/',$uid, $m)){ + $size= preg_replace('/^.*{id(:|!)(\d+)}.*$/', '\\2', $uid); + + $start= $m[1]==":"?0:-1; + for ($i= $start, $p= pow(10,$size)-1; $i < $p; $i++){ + if ($i == -1) { + $number= ""; + } else { + $number= sprintf("%0".$size."d", $i+1); + } + $res= preg_replace('/{id(:|!)\d+}/', $number, $uid); - for ($i= 0; $i < pow(10,$size); $i++){ - $number= sprintf("%0".$size."d", $i); - $res= preg_replace('/{id:(\d+)}/', $number, $uid); - if (!in_array($res, $used)){ + $ldap->search("(uid=".preg_replace('/[{}]/', '', $res).")",array('dn')); + if($ldap->count() == 0){ $uid= $res; break; } } + + /* Remove link if nothing has been found */ + $uid= preg_replace('/{id(:|!)\d+}/', '', $uid); } - if(preg_match('/\{id#\d+}/',$uid)){ - $size= preg_replace('/^.*{id#(\d+)}.*$/', '\\1', $uid); + if(preg_match('/\{id#\d+}/',$uid)){ + $size= preg_replace('/^.*{id#(\d+)}.*$/', '\\1', $uid); - while (true){ - mt_srand((double) microtime()*1000000); - $number= sprintf("%0".$size."d", mt_rand(0, pow(10, $size)-1)); - $res= preg_replace('/{id#(\d+)}/', $number, $uid); - if (!in_array($res, $used)){ - $uid= $res; - break; + while (true){ + mt_srand((double) microtime()*1000000); + $number= sprintf("%0".$size."d", mt_rand(0, pow(10, $size)-1)); + $res= preg_replace('/{id#(\d+)}/', $number, $uid); + $ldap->search("(uid=".preg_replace('/[{}]/', '', $res).")",array('dn')); + if($ldap->count() == 0){ + $uid= $res; + break; + } } + + /* Remove link if nothing has been found */ + $uid= preg_replace('/{id#\d+}/', '', $uid); } - } -/* Don't assign used ones */ -if (!in_array($uid, $used)){ - $ret[]= $uid; -} -} + /* Don't assign used ones */ + $ldap->search("(uid=".preg_replace('/[{}]/', '', $uid).")",array('dn')); + if($ldap->count() == 0){ + /* Add uid, but remove {} first. These are invalid anyway. */ + $ret[]= preg_replace('/[{}]/', '', $uid); + } + } -return(array_unique($ret)); + return(array_unique($ret)); } -/* Sadly values like memory_limit are perpended by K, M, G, etc. - Need to convert... */ +/*! \brief Convert various data sizes to bytes + * + * Given a certain value in the format n(g|m|k), where n + * is a value and (g|m|k) stands for Gigabyte, Megabyte and Kilobyte + * this function returns the byte value. + * + * \param string 'value' a value in the above specified format + * \return a byte value or the original value if specified string is simply + * a numeric value + * + */ function to_byte($value) { $value= strtolower(trim($value)); @@ -1770,22 +2207,21 @@ function to_byte($value) { } +/*! \brief Check if a value exists in an array (case-insensitive) + * + * This is just as http://php.net/in_array except that the comparison + * is case-insensitive. + * + * \param string 'value' needle + * \param array 'items' haystack + */ function in_array_ics($value, $items) { - if (!is_array($items)){ - return (FALSE); - } - - foreach ($items as $item){ - if (strcasecmp($item, $value) == 0) { - return (TRUE); - } - } - - return (FALSE); -} + return preg_grep('/^'.preg_quote($value, '/').'$/i', $items); +} +/*! \brief Generate a clickable alphabet */ function generate_alphabet($count= 10) { $characters= _("*ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"); @@ -1793,7 +2229,7 @@ function generate_alphabet($count= 10) $c= 0; /* Fill cells with charaters */ - for ($i= 0; $i
"; } @@ -1817,12 +2253,14 @@ function generate_alphabet($count= 10) } +/*! \brief Removes malicious characters from a (POST) string. */ function validate($string) { - return (strip_tags(preg_replace('/\0/', '', $string))); + return (strip_tags(str_replace('\0', '', $string))); } +/*! \brief Evaluate the current GOsa version from the build in revision string */ function get_gosa_version() { global $svn_revision, $svn_path; @@ -1840,6 +2278,15 @@ function get_gosa_version() } +/*! \brief Recursively delete a path in the file system + * + * Will delete the given path and all its files recursively. + * Can also follow links if told so. + * + * \param string 'path' + * \param boolean 'followLinks' TRUE to follow links, FALSE (default) + * for not following links + */ function rmdirRecursive($path, $followLinks=false) { $dir= opendir($path); while($entry= readdir($dir)) { @@ -1854,6 +2301,14 @@ function rmdirRecursive($path, $followLinks=false) { } +/*! \brief Get directory content information + * + * Returns the content of a directory as an array in an + * ascended sorted manner. + * + * \param string 'path' + * \param boolean weither to sort the content descending. + */ function scan_directory($path,$sort_desc=false) { $ret = false; @@ -1888,6 +2343,7 @@ function scan_directory($path,$sort_desc=false) } +/*! \brief Clean the smarty compile dir */ function clean_smarty_compile_dir($directory) { global $svn_revision; @@ -1975,61 +2431,55 @@ function compare_revision($revision_file, $revision) } +/*! \brief Return HTML for a progressbar + * + * \code + * $smarty->assign("installprogress", progressbar($current_progress_in_percent),100,15,true); + * \endcode + * + * \param int 'percentage' Value to display + * \param int 'width' width of the resulting output + * \param int 'height' height of the resulting output + * \param boolean 'showvalue' weither to show the percentage in the progressbar or not + * */ function progressbar($percentage,$width=100,$height=15,$showvalue=false) { - $str = ""; // Our return value will be saved in this var - - $color = dechex($percentage+150); - $color2 = dechex(150 - $percentage); - $bgcolor= $showvalue?"FFFFFF":"DDDDDD"; - - $progress = (int)(($percentage /100)*$width); - - /* If theres a better solution for this, use it... */ - $str = "\n "; - - $str.= "\n"; - - return($str); + return(""); } +/*! \brief Lookup a key in an array case-insensitive + * + * Given an associative array this can lookup the value of + * a certain key, regardless of the case. + * + * \code + * $items = array ('FOO' => 'blub', 'bar' => 'blub'); + * array_key_ics('foo', $items); # Returns 'blub' + * array_key_ics('BAR', $items); # Returns 'blub' + * \endcode + * + * \param string 'key' needle + * \param array 'items' haystack + */ function array_key_ics($ikey, $items) { - /* Gather keys, make them lowercase */ - $tmp= array(); - foreach ($items as $key => $value){ - $tmp[strtolower($key)]= $key; - } - - if (isset($tmp[strtolower($ikey)])){ - return($tmp[strtolower($ikey)]); + $tmp= array_change_key_case($items, CASE_LOWER); + $ikey= strtolower($ikey); + if (isset($tmp[$ikey])){ + return($tmp[$ikey]); } - return (""); + return (''); } +/*! \brief Determine if two arrays are different + * + * \param array 'src' + * \param array 'dst' + * \return boolean TRUE or FALSE + * */ function array_differs($src, $dst) { /* If the count is differing, the arrays differ */ @@ -2037,15 +2487,7 @@ function array_differs($src, $dst) return (TRUE); } - /* So the count is the same - lets check the contents */ - $differs= FALSE; - foreach($src as $value){ - if (!in_array($value, $dst)){ - $differs= TRUE; - } - } - - return ($differs); + return (count(array_diff($src, $dst)) != 0); } @@ -2076,34 +2518,14 @@ function saveFilter($a_filter, $values) } -/* Escape all preg_* relevant characters */ -function normalizePreg($input) -{ - return (addcslashes($input, '[]()|/.*+-')); -} - - -/* Escape all LDAP filter relevant characters */ +/*! \brief Escape all LDAP filter relevant characters */ function normalizeLdap($input) { return (addcslashes($input, '()|')); } -/* Resturns the difference between to microtime() results in float */ -function get_MicroTimeDiff($start , $stop) -{ - $a = split("\ ",$start); - $b = split("\ ",$stop); - - $secs = $b[1] - $a[1]; - $msecs= $b[0] - $a[0]; - - $ret = (float) ($secs+ $msecs); - return($ret); -} - - +/*! \brief Return the gosa base directory */ function get_base_dir() { global $BASE_DIR; @@ -2112,6 +2534,7 @@ function get_base_dir() } +/*! \brief Test weither we are allowed to read the object */ function obj_is_readable($dn, $object, $attribute) { global $ui; @@ -2120,6 +2543,7 @@ function obj_is_readable($dn, $object, $attribute) } +/*! \brief Test weither we are allowed to change the object */ function obj_is_writable($dn, $object, $attribute) { global $ui; @@ -2128,6 +2552,16 @@ function obj_is_writable($dn, $object, $attribute) } +/*! \brief Explode a DN into its parts + * + * Similar to explode (http://php.net/explode), but a bit more specific + * for the needs when splitting, exploding LDAP DNs. + * + * \param string 'dn' the DN to split + * \param config-object a config object. only neeeded if DN shall be verified in the LDAP + * \param boolean verify_in_ldap check weither DN is valid + * + */ function gosa_ldap_explode_dn($dn,$config = NULL,$verify_in_ldap=false) { /* Initialize variables */ @@ -2192,10 +2626,10 @@ function get_base_from_hook($dn, $attrib) { global $config; - if ($config->get_cfg_value("nextIdHook") != ""){ + if ($config->get_cfg_value("baseIdHook") != ""){ /* Call hook script - if present */ - $command= $config->get_cfg_value("nextIdHook"); + $command= $config->get_cfg_value("baseIdHook"); if ($command != ""){ $command.= " '".LDAP::fix($dn)."' $attrib"; @@ -2205,17 +2639,17 @@ function get_base_from_hook($dn, $attrib) if (preg_match("/^[0-9]+$/", $output[0])){ return ($output[0]); } else { - msg_dialog::display(_("Warning"), _("'nextIdHook' is not available. Using default base!"), WARNING_DIALOG); + msg_dialog::display(_("Warning"), _("'baseIdHook' is not available. Using default base!"), WARNING_DIALOG); return ($config->get_cfg_value("uidNumberBase")); } } else { - msg_dialog::display(_("Warning"), _("'nextIdHook' is not available. Using default base!"), WARNING_DIALOG); + msg_dialog::display(_("Warning"), _("'baseIdHook' is not available. Using default base!"), WARNING_DIALOG); return ($config->get_cfg_value("uidNumberBase")); } } else { - msg_dialog::display(_("Warning"), _("'nextIdHook' is not available. Using default base!"), WARNING_DIALOG); + msg_dialog::display(_("Warning"), _("'baseIdHook' is not available. Using default base!"), WARNING_DIALOG); return ($config->get_cfg_value("uidNumberBase")); } @@ -2223,12 +2657,14 @@ function get_base_from_hook($dn, $attrib) } +/*! \brief Check if schema version matches the requirements */ function check_schema_version($class, $version) { return preg_match("/\(v$version\)/", $class['DESC']); } +/*! \brief Check if LDAP schema matches the requirements */ function check_schema($cfg,$rfc2307bis = FALSE) { $messages= array(); @@ -2253,49 +2689,49 @@ function check_schema($cfg,$rfc2307bis = FALSE) /* The gosa base schema */ $checks['gosaObject'] = $def_check; - $checks['gosaObject']['REQUIRED_VERSION'] = "2.4"; - $checks['gosaObject']['SCHEMA_FILES'] = array("gosa+samba3.schema","gosa.schema"); + $checks['gosaObject']['REQUIRED_VERSION'] = "2.6.1"; + $checks['gosaObject']['SCHEMA_FILES'] = array("gosa-samba3.schema","gosa-samba2.schema"); $checks['gosaObject']['CLASSES_REQUIRED'] = array("gosaObject"); $checks['gosaObject']['IS_MUST_HAVE'] = TRUE; /* GOsa Account class */ - $checks["gosaAccount"]["REQUIRED_VERSION"]= "2.4"; - $checks["gosaAccount"]["SCHEMA_FILES"] = array("gosa+samba3.schema","gosa.schema"); + $checks["gosaAccount"]["REQUIRED_VERSION"]= "2.6.6"; + $checks["gosaAccount"]["SCHEMA_FILES"] = array("gosa-samba3.schema","gosa-samba2.schema"); $checks["gosaAccount"]["CLASSES_REQUIRED"]= array("gosaAccount"); $checks["gosaAccount"]["IS_MUST_HAVE"] = TRUE; $checks["gosaAccount"]["INFO"] = _("Used to store account specific informations."); /* GOsa lock entry, used to mark currently edited objects as 'in use' */ - $checks["gosaLockEntry"]["REQUIRED_VERSION"] = "2.4"; - $checks["gosaLockEntry"]["SCHEMA_FILES"] = array("gosa+samba3.schema","gosa.schema"); + $checks["gosaLockEntry"]["REQUIRED_VERSION"] = "2.6.1"; + $checks["gosaLockEntry"]["SCHEMA_FILES"] = array("gosa-samba3.schema","gosa-samba2.schema"); $checks["gosaLockEntry"]["CLASSES_REQUIRED"] = array("gosaLockEntry"); $checks["gosaLockEntry"]["IS_MUST_HAVE"] = TRUE; $checks["gosaLockEntry"]["INFO"] = _("Used to lock currently edited entries to avoid multiple changes at the same time."); /* Some other checks */ foreach(array( - "gosaCacheEntry" => array("version" => "2.4"), - "gosaDepartment" => array("version" => "2.4"), + "gosaCacheEntry" => array("version" => "2.6.1", "class" => "gosaAccount"), + "gosaDepartment" => array("version" => "2.6.1", "class" => "gosaAccount"), "goFaxAccount" => array("version" => "1.0.4", "class" => "gofaxAccount","file" => "gofax.schema"), "goFaxSBlock" => array("version" => "1.0.4", "class" => "gofaxAccount","file" => "gofax.schema"), "goFaxRBlock" => array("version" => "1.0.4", "class" => "gofaxAccount","file" => "gofax.schema"), - "gosaUserTemplate" => array("version" => "2.4", "class" => "posixAccount","file" => "nis.schema"), - "gosaMailAccount" => array("version" => "2.4", "class" => "mailAccount","file" => "gosa+samba3.schema"), - "gosaProxyAccount" => array("version" => "2.4", "class" => "proxyAccount","file" => "gosa+samba3.schema"), - "gosaApplication" => array("version" => "2.4", "class" => "appgroup","file" => "gosa.schema"), - "gosaApplicationGroup" => array("version" => "2.4", "class" => "appgroup","file" => "gosa.schema"), - "GOhard" => array("version" => "2.5", "class" => "terminals","file" => "goto.schema"), - "gotoTerminal" => array("version" => "2.5", "class" => "terminals","file" => "goto.schema"), - "goServer" => array("version" => "2.4","class" => "server","file" => "goserver.schema"), - "goTerminalServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"), - "goShareServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"), - "goNtpServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"), - "goSyslogServer" => array("version" => "2.4", "class" => "terminals","file" => "goto.schema"), - "goLdapServer" => array("version" => "2.4"), - "goCupsServer" => array("version" => "2.4", "class" => array("posixAccount", "terminals"),), - "goImapServer" => array("version" => "2.4", "class" => array("mailAccount", "mailgroup"),"file" => "gosa+samba3. schema"), - "goKrbServer" => array("version" => "2.4"), - "goFaxServer" => array("version" => "2.4", "class" => "gofaxAccount","file" => "gofax.schema"), + "gosaUserTemplate" => array("version" => "2.6.1", "class" => "posixAccount","file" => "nis.schema"), + "gosaMailAccount" => array("version" => "2.6.1", "class" => "mailAccount","file" => "gosa-samba3.schema"), + "gosaProxyAccount" => array("version" => "2.6.1", "class" => "proxyAccount","file" => "gosa-samba3.schema"), + "gosaApplication" => array("version" => "2.6.1", "class" => "appgroup","file" => "gosa.schema"), + "gosaApplicationGroup" => array("version" => "2.6.1", "class" => "appgroup","file" => "gosa.schema"), + "GOhard" => array("version" => "2.6.1", "class" => "terminals","file" => "goto.schema"), + "gotoTerminal" => array("version" => "2.6.1", "class" => "terminals","file" => "goto.schema"), + "goServer" => array("version" => "2.6.1", "class" => "server","file" => "goserver.schema"), + "goTerminalServer" => array("version" => "2.6.1", "class" => "terminals","file" => "goto.schema"), + "goShareServer" => array("version" => "2.6.1", "class" => "terminals","file" => "goto.schema"), + "goNtpServer" => array("version" => "2.6.1", "class" => "terminals","file" => "goto.schema"), + "goSyslogServer" => array("version" => "2.6.1", "class" => "terminals","file" => "goto.schema"), + "goLdapServer" => array("version" => "2.6.1", "class" => "goServer"), + "goCupsServer" => array("version" => "2.6.1", "class" => array("posixAccount", "terminals"),), + "goImapServer" => array("version" => "2.6.1", "class" => array("mailAccount", "mailgroup"),"file" => "gosa-samba3.schema"), + "goKrbServer" => array("version" => "2.6.1", "class" => "goServer"), + "goFaxServer" => array("version" => "2.6.1", "class" => "gofaxAccount","file" => "gofax.schema"), ) as $name => $values){ $checks[$name] = $def_check; @@ -2305,26 +2741,25 @@ function check_schema($cfg,$rfc2307bis = FALSE) if(isset($values['file'])){ $checks[$name]["SCHEMA_FILES"] = array($values['file']); } - $checks[$name]["CLASSES_REQUIRED"] = array($name); + if (isset($values['class'])) { + $checks[$name]["CLASSES_REQUIRED"] = is_array($values['class'])?$values['class']:array($values['class']); + } } foreach($checks as $name => $value){ foreach($value['CLASSES_REQUIRED'] as $class){ if(!isset($objectclasses[$name])){ - $checks[$name]['STATUS'] = FALSE; if($value['IS_MUST_HAVE']){ + $checks[$name]['STATUS'] = FALSE; $checks[$name]['MSG'] = sprintf(_("Missing required object class '%s'!"),$class); - }else{ + } else { + $checks[$name]['STATUS'] = TRUE; $checks[$name]['MSG'] = sprintf(_("Missing optional object class '%s'!"),$class); } }elseif(!check_schema_version($objectclasses[$name],$value['REQUIRED_VERSION'])){ $checks[$name]['STATUS'] = FALSE; - if($value['IS_MUST_HAVE']){ - $checks[$name]['MSG'] = sprintf(_("Version mismatch for required object class '%s' (!=%s)!"), $class, $value['REQUIRED_VERSION']); - }else{ - $checks[$name]['MSG'] = sprintf(_("Version mismatch for optional object class '%s' (!=%s)!"), $class, $value['REQUIRED_VERSION']); - } + $checks[$name]['MSG'] = sprintf(_("Version mismatch for required object class '%s' (!=%s)!"), $class, $value['REQUIRED_VERSION']); }else{ $checks[$name]['STATUS'] = TRUE; $checks[$name]['MSG'] = sprintf(_("Class(es) available")); @@ -2336,8 +2771,8 @@ function check_schema($cfg,$rfc2307bis = FALSE) /* The gosa base schema */ $checks['posixGroup'] = $def_check; - $checks['posixGroup']['REQUIRED_VERSION'] = "2.4"; - $checks['posixGroup']['SCHEMA_FILES'] = array("gosa+samba3.schema","gosa.schema"); + $checks['posixGroup']['REQUIRED_VERSION'] = "2.6.1"; + $checks['posixGroup']['SCHEMA_FILES'] = array("gosa-samba3.schema","gosa-samba2.schema"); $checks['posixGroup']['CLASSES_REQUIRED'] = array("posixGroup"); $checks['posixGroup']['STATUS'] = TRUE; $checks['posixGroup']['IS_MUST_HAVE'] = TRUE; @@ -2373,7 +2808,7 @@ function get_languages($languages_in_own_language = FALSE,$strip_region_tag = FA "en_US" => "English", "nl_NL" => "Dutch", "pl_PL" => "Polish", - "sv_SE" => "Swedish", + #"sv_SE" => "Swedish", "zh_CN" => "Chinese", "vi_VN" => "Vietnamese", "ru_RU" => "Russian"); @@ -2386,7 +2821,7 @@ function get_languages($languages_in_own_language = FALSE,$strip_region_tag = FA "en_US" => _("English"), "nl_NL" => _("Dutch"), "pl_PL" => _("Polish"), - "sv_SE" => _("Swedish"), + #"sv_SE" => _("Swedish"), "zh_CN" => _("Chinese"), "vi_VN" => _("Vietnamese"), "ru_RU" => _("Russian")); @@ -2428,22 +2863,30 @@ function get_languages($languages_in_own_language = FALSE,$strip_region_tag = FA } -/* Returns contents of the given POST variable and check magic quotes settings */ +/*! \brief Returns contents of the given POST variable and check magic quotes settings + * + * Depending on the magic quotes settings this returns a stripclashed'ed version of + * a certain POST variable. + * + * \param string 'name' the POST var to return ($_POST[$name]) + * \return string + * */ function get_post($name) { if(!isset($_POST[$name])){ trigger_error("Requested POST value (".$name.") does not exists, you should add a check to prevent this message."); return(FALSE); } + if(get_magic_quotes_gpc()){ - return(stripcslashes($_POST[$name])); + return(stripcslashes(validate($_POST[$name]))); }else{ - return($_POST[$name]); + return(validate($_POST[$name])); } } -/* Return class name in correct case */ +/*! \brief Return class name in correct case */ function get_correct_class_name($cls) { global $class_mapping; @@ -2458,7 +2901,17 @@ function get_correct_class_name($cls) } -// change_password, changes the Password, of the given dn +/*! \brief Change the password of a given DN + * + * Change the password of a given DN with the specified hash. + * + * \param string 'dn' the DN whose password shall be changed + * \param string 'password' the password + * \param int mode + * \param string 'hash' which hash to use to encrypt it, default is empty + * for cleartext storage. + * \return boolean TRUE on success FALSE on error + */ function change_password ($dn, $password, $mode=0, $hash= "") { global $config; @@ -2478,13 +2931,6 @@ function change_password ($dn, $password, $mode=0, $hash= "") $ldap->cat ($dn, array("shadowLastChange", "userPassword", "uid")); $attrs = $ldap->fetch (); - // Check if user account was deactivated, indicated by ! after } ... {crypt}!### - if(isset($attrs['userPassword'][0]) && preg_match("/^[^\}]*+\}!/",$attrs['userPassword'][0])){ - $deactivated = TRUE; - }else{ - $deactivated = FALSE; - } - /* Is ensure that clear passwords will stay clear */ if($hash == "" && isset($attrs['userPassword'][0]) && !preg_match ("/^{([^}]+)}(.+)/", $attrs['userPassword'][0])){ $hash = "clear"; @@ -2510,76 +2956,88 @@ function change_password ($dn, $password, $mode=0, $hash= "") $test = new $available['md5']($config); } - /* Feed password backends with information */ - $test->dn= $dn; - $test->attrs= $attrs; - $newpass= $test->generate_hash($password); - - // Update shadow timestamp? - if (isset($attrs["shadowLastChange"][0])){ - $shadow= (int)(date("U") / 86400); - } else { - $shadow= 0; - } + if($test instanceOf passwordMethod){ - // Write back modified entry - $ldap->cd($dn); - $attrs= array(); + $deactivated = $test->is_locked($config,$dn); - // Not for groups - if ($mode == 0){ + /* Feed password backends with information */ + $test->dn= $dn; + $test->attrs= $attrs; + $newpass= $test->generate_hash($password); - if ($shadow != 0){ - $attrs['shadowLastChange']= $shadow; + // Update shadow timestamp? + if (isset($attrs["shadowLastChange"][0])){ + $shadow= (int)(date("U") / 86400); + } else { + $shadow= 0; } - // Create SMB Password - $attrs= generate_smb_nt_hash($password); - } - - /* Read ! if user was deactivated */ - if($deactivated){ - $newpass = preg_replace("/(^[^\}]+\})(.*$)/","\\1!\\2",$newpass); - } + // Write back modified entry + $ldap->cd($dn); + $attrs= array(); - $attrs['userPassword']= array(); - $attrs['userPassword']= $newpass; + // Not for groups + if ($mode == 0){ + // Create SMB Password + $attrs= generate_smb_nt_hash($password); - $ldap->modify($attrs); + if ($shadow != 0){ + $attrs['shadowLastChange']= $shadow; + } + } - new log("modify","users/passwordMethod",$dn,array_keys($attrs),$ldap->get_error()); + $attrs['userPassword']= array(); + $attrs['userPassword']= $newpass; - if (!$ldap->success()) { - msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $dn, LDAP_MOD, ERROR_DIALOG)); - } else { + $ldap->modify($attrs); - /* Run backend method for change/create */ - if(!$test->set_password($password)){ - return(FALSE); + /* Read ! if user was deactivated */ + if($deactivated){ + $test->lock_account($config,$dn); } - /* Find postmodify entries for this class */ - $command= $config->search("password", "POSTMODIFY",array('menu')); + new log("modify","users/passwordMethod",$dn,array_keys($attrs),$ldap->get_error()); - if ($command != ""){ - /* Walk through attribute list */ - $command= preg_replace("/%userPassword/", $password, $command); - $command= preg_replace("/%dn/", $dn, $command); + if (!$ldap->success()) { + msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $dn, LDAP_MOD, ERROR_DIALOG)); + } else { - if (check_command($command)){ - @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execute"); - exec($command); - } else { - $message= sprintf(_("Command '%s', specified as POSTMODIFY for plugin '%s' doesn't seem to exist."), $command, "password"); - msg_dialog::display(_("Configuration error"), $message, ERROR_DIALOG); + /* Run backend method for change/create */ + if(!$test->set_password($password)){ + return(FALSE); + } + + /* Find postmodify entries for this class */ + $command= $config->search("password", "POSTMODIFY",array('menu')); + + if ($command != ""){ + /* Walk through attribute list */ + $command= preg_replace("/%userPassword/", $password, $command); + $command= preg_replace("/%dn/", $dn, $command); + + if (check_command($command)){ + @DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execute"); + exec($command); + } else { + $message= sprintf(_("Command '%s', specified as POSTMODIFY for plugin '%s' doesn't seem to exist."), $command, "password"); + msg_dialog::display(_("Configuration error"), $message, ERROR_DIALOG); + } } } + return(TRUE); } - return(TRUE); } -// Return something like array['sambaLMPassword']= "lalla..." +/*! \brief Generate samba hashes + * + * Given a certain password this constructs an array like + * array['sambaLMPassword'] etc. + * + * \param string 'password' + * \return array contains several keys for lmPassword, ntPassword, pwdLastSet, etc. depending + * on the samba version + */ function generate_smb_nt_hash($password) { global $config; @@ -2592,6 +3050,11 @@ function generate_smb_nt_hash($password) } else { $hash= ""; } + + if ($hash == "") { + msg_dialog::display(_("Configuration error"), _("Cannot generate samba hash!"), ERROR_DIALOG); + return (""); + } } else { $tmp= $config->get_cfg_value('sambaHashHook')." ".escapeshellarg($password); @DEBUG (DEBUG_LDAP, __LINE__, __FUNCTION__, __FILE__, $tmp, "Execute"); @@ -2600,30 +3063,34 @@ function generate_smb_nt_hash($password) flush(); reset($ar); $hash= current($ar); - } - if ($hash == "") { - msg_dialog::display(_("Configuration error"), _("Cannot generate samba hash!"), ERROR_DIALOG); - return (""); + if ($hash == "") { + msg_dialog::display(_("Configuration error"), sprintf(_("Cannot generate samba hash: running '%s' failed, check the 'sambaHashHook'!"),$config->get_cfg_value('sambaHashHook')), ERROR_DIALOG); + return (""); + } } - list($lm,$nt)= split (":", trim($hash)); + list($lm,$nt)= explode(":", trim($hash)); - if ($config->get_cfg_value("sambaversion") == 3) { - $attrs['sambaLMPassword']= $lm; - $attrs['sambaNTPassword']= $nt; - $attrs['sambaPwdLastSet']= date('U'); - $attrs['sambaBadPasswordCount']= "0"; - $attrs['sambaBadPasswordTime']= "0"; - } else { - $attrs['lmPassword']= $lm; - $attrs['ntPassword']= $nt; - $attrs['pwdLastSet']= date('U'); - } + $attrs['sambaLMPassword']= $lm; + $attrs['sambaNTPassword']= $nt; + $attrs['sambaPwdLastSet']= date('U'); + $attrs['sambaBadPasswordCount']= "0"; + $attrs['sambaBadPasswordTime']= "0"; return($attrs); } +/*! \brief Get the Change Sequence Number of a certain DN + * + * To verify if a given object has been changed outside of Gosa + * in the meanwhile, this function can be used to get the entryCSN + * from the LDAP directory. It uses the attribute as configured + * in modificationDetectionAttribute + * + * \param string 'dn' + * \return either the result or "" in any other case + */ function getEntryCSN($dn) { global $config; @@ -2645,7 +3112,16 @@ function getEntryCSN($dn) } -/* Add a given objectClass to an attrs entry */ +/*! \brief Add (a) given objectClass(es) to an attrs entry + * + * The function adds the specified objectClass(es) to the given + * attrs entry. + * + * \param mixed 'classes' Either a single objectClass or several objectClasses + * as an array + * \param array 'attrs' The attrs array to be modified. + * + * */ function add_objectClass($classes, &$attrs) { if (is_array($classes)){ @@ -2660,7 +3136,11 @@ function add_objectClass($classes, &$attrs) } -/* Removes a given objectClass from the attrs entry */ +/*! \brief Removes a given objectClass from the attrs entry + * + * Similar to add_objectClass, except that it removes the given + * objectClasses. See it for the params. + * */ function remove_objectClass($classes, &$attrs) { if (isset($attrs['objectClass'])){ @@ -2683,10 +3163,11 @@ function remove_objectClass($classes, &$attrs) } } + /*! \brief Initialize a file download with given content, name and data type. - * @param data String The content to send. - * @param name String The name of the file. - * @param type String The content identifier, default value is "application/octet-stream"; + * \param string data The content to send. + * \param string name The name of the file. + * \param string type The content identifier, default value is "application/octet-stream"; */ function send_binary_content($data,$name,$type = "application/octet-stream") { @@ -2731,8 +3212,8 @@ function reverse_html_entities($str,$type = ENT_QUOTES , $charset = "UTF-8") /*! \brief Encode special string characters so we can use the string in \ HTML output, without breaking quotes. - @param The String we want to encode. - @return The encoded String + \param string The String we want to encode. + \return string The encoded String */ function xmlentities($str) { @@ -2764,8 +3245,8 @@ function xmlentities($str) /*! \brief Updates all accessTo attributes from a given value to a new one. For example if a host is renamed. - @param String $from The source accessTo name. - @param String $to The destination accessTo name. + \param String $from The source accessTo name. + \param String $to The destination accessTo name. */ function update_accessTo($from,$to) { @@ -2798,6 +3279,7 @@ function update_accessTo($from,$to) } +/*! \brief Returns a random char */ function get_random_char () { $randno = rand (0, 63); if ($randno < 12) { @@ -2819,6 +3301,7 @@ function cred_encrypt($input, $password) { } + function cred_decrypt($input,$password) { $size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC); $iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM); @@ -2827,5 +3310,268 @@ function cred_decrypt($input,$password) { } +function get_object_info() +{ + return(session::get('objectinfo')); +} + + +function set_object_info($str = "") +{ + session::set('objectinfo',$str); +} + + +function isIpInNet($ip, $net, $mask) { + // Move to long ints + $ip= ip2long($ip); + $net= ip2long($net); + $mask= ip2long($mask); + + // Mask given IP with mask. If it returns "net", we're in... + $res= $ip & $mask; + + return ($res == $net); +} + + +function get_next_id($attrib, $dn) +{ + global $config; + + switch ($config->get_cfg_value("idAllocationMethod", "traditional")){ + case "pool": + return get_next_id_pool($attrib); + case "traditional": + return get_next_id_traditional($attrib, $dn); + } + + msg_dialog::display(_("Error"), _("Cannot allocate a free ID:")." "._("unknown idAllocation method!"), ERROR_DIALOG); + return null; +} + + +function get_next_id_pool($attrib) { + global $config; + + /* Fill informational values */ + $min= $config->get_cfg_value("${attrib}PoolMin", 10000); + $max= $config->get_cfg_value("${attrib}PoolMax", 40000); + + /* Sanity check */ + if ($min >= $max) { + msg_dialog::display(_("Error"), _("Cannot allocate a free ID:")." ".sprintf(_("%sPoolMin >= %sPoolMax!"), $attrib), ERROR_DIALOG); + return null; + } + + /* ID to skip */ + $ldap= $config->get_ldap_link(); + $id= null; + + /* Try to allocate the ID several times before failing */ + $tries= 3; + while ($tries--) { + + /* Look for ID map entry */ + $ldap->cd ($config->current['BASE']); + $ldap->search ("(&(objectClass=sambaUnixIdPool)($attrib=*))", array("$attrib")); + + /* If it does not exist, create one with these defaults */ + if ($ldap->count() == 0) { + /* Fill informational values */ + $minUserId= $config->get_cfg_value("uidPoolMin", 10000); + $minGroupId= $config->get_cfg_value("gidPoolMin", 10000); + + /* Add as default */ + $attrs= array("objectClass" => array("organizationalUnit", "sambaUnixIdPool")); + $attrs["ou"]= "idmap"; + $attrs["uidNumber"]= $minUserId; + $attrs["gidNumber"]= $minGroupId; + $ldap->cd("ou=idmap,".$config->current['BASE']); + $ldap->add($attrs); + if ($ldap->error != "Success") { + msg_dialog::display(_("Error"), _("Cannot create sambaUnixIdPool entry!"), ERROR_DIALOG); + return null; + } + $tries++; + continue; + } + /* Bail out if it's not unique */ + if ($ldap->count() != 1) { + msg_dialog::display(_("Error"), _("Cannot allocate a free ID:")." "._("sambaUnixIdPool is not unique!"), ERROR_DIALOG); + return null; + } + + /* Store old attrib and generate new */ + $attrs= $ldap->fetch(); + $dn= $ldap->getDN(); + $oldAttr= $attrs[$attrib][0]; + $newAttr= $oldAttr + 1; + + /* Sanity check */ + if ($newAttr >= $max) { + msg_dialog::display(_("Error"), _("Cannot allocate a free ID:")." "._("no ID available!"), ERROR_DIALOG); + return null; + } + if ($newAttr < $min) { + msg_dialog::display(_("Error"), _("Cannot allocate a free ID:")." "._("no ID available!"), ERROR_DIALOG); + return null; + } + + #FIXME: PHP is not able to do a modification of "del: .../add: ...", so this + # is completely unsafe in the moment. + #/* Remove old attr, add new attr */ + #$attrs= array($attrib => $oldAttr); + #$ldap->rm($attrs, $dn); + #if ($ldap->error != "Success") { + # continue; + #} + $ldap->cd($dn); + $ldap->modify(array($attrib => $newAttr)); + if ($ldap->error != "Success") { + msg_dialog::display(_("Error"), _("Cannot allocate a free ID:")." ".$ldap->get_error(), ERROR_DIALOG); + return null; + } else { + return $oldAttr; + } + } + + /* Bail out if we had problems getting the next id */ + if (!$tries) { + msg_dialog::display(_("Error"), _("Cannot allocate a free ID:")." "._("maximum tries exceeded!"), ERROR_DIALOG); + } + + return $id; +} + + +function get_next_id_traditional($attrib, $dn) +{ + global $config; + + $ids= array(); + $ldap= $config->get_ldap_link(); + + $ldap->cd ($config->current['BASE']); + if (preg_match('/gidNumber/i', $attrib)){ + $oc= "posixGroup"; + } else { + $oc= "posixAccount"; + } + $ldap->search ("(&(objectClass=$oc)($attrib=*))", array("$attrib")); + + /* Get list of ids */ + while ($attrs= $ldap->fetch()){ + $ids[]= (int)$attrs["$attrib"][0]; + } + + /* Add the nobody id */ + $ids[]= 65534; + + /* get the ranges */ + $tmp = array('0'=> 1000); + if (preg_match('/posixAccount/', $oc) && $config->get_cfg_value("uidNumberBase") != ""){ + $tmp= explode('-',$config->get_cfg_value("uidNumberBase")); + } elseif($config->get_cfg_value("gidNumberBase") != ""){ + $tmp= explode('-',$config->get_cfg_value("gidNumberBase")); + } + + /* Set hwm to max if not set - for backward compatibility */ + $lwm= $tmp[0]; + if (isset($tmp[1])){ + $hwm= $tmp[1]; + } else { + $hwm= pow(2,32); + } + /* Find out next free id near to UID_BASE */ + if ($config->get_cfg_value("baseIdHook") == ""){ + $base= $lwm; + } else { + /* Call base hook */ + $base= get_base_from_hook($dn, $attrib); + } + for ($id= $base; $id++; $id < pow(2,32)){ + if (!in_array($id, $ids)){ + return ($id); + } + } + + /* Should not happen */ + if ($id == $hwm){ + msg_dialog::display(_("Error"), _("Cannot allocate a free ID!"), ERROR_DIALOG); + exit; + } +} + + +/* Mark the occurance of a string with a span */ +function mark($needle, $haystack, $ignorecase= true) +{ + $result= ""; + + while (preg_match('/^(.*)('.preg_quote($needle).')(.*)$/i', $haystack, $matches)) { + $result.= $matches[1]."".$matches[2].""; + $haystack= $matches[3]; + } + + return $result.$haystack; +} + + +/* Return an image description using the path */ +function image($path, $label= null, $action= "", $title= "", $align= "middle") +{ + global $config; + global $BASE_DIR; + + // Bail out, if there's no style file + if(!session::global_is_set("img-styles")){ + + // Get theme + if (isset ($config)){ + $theme= $config->get_cfg_value("theme", "default"); + } else { + # For debuging - avoid that there's no theme set + die("config not set!"); + $theme= "default"; + } + + if (!file_exists("$BASE_DIR/ihtml/themes/$theme/img.styles")){ + die ("No img.style for this theme found!"); + } + + session::global_set('img-styles', unserialize(file_get_contents("$BASE_DIR/ihtml/themes/$theme/img.styles"))); + } + $styles= session::global_get('img-styles'); + + $lbl= ""; + if ($label) { + if (isset($styles["images/label-".$label.".png"])) { + $lbl= ""; + } else { + die("Invalid label specified: $label\n"); + } + } + + // Non middle layout? + if ($align == "middle") { + $align= ""; + } else { + $align= ";vertical-align:$align"; + } + + // Clickable image or not? + if ($title != "") { + $title= "title='$title'"; + } + if ($action == "") { + return ""; - - if(($height >10)&&($showvalue)){ - $str.= "\n "; - $str.= "\n ".$percentage."% "; - $str.= "\n "; - } - - $str.= "\n"; - $str.= "\n"; - $str.= "\n"; - $str.= "\n$lbl"; + } else { + return ""; + } +} + + + // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: ?>