X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=gosa-core%2Finclude%2Ffunctions.inc;h=bfe31d074dd4ecdd28049ffe6b6e12e94f3c466b;hb=f04b7b95f6468a806353f05cdd3faf97dd744d5c;hp=ce88fdc4b41900a8d7c495d48bb8c91e798f6b88;hpb=323ea50a9c89d14281b7057cb07651a210c4005e;p=gosa.git
diff --git a/gosa-core/include/functions.inc b/gosa-core/include/functions.inc
index ce88fdc4b..bfe31d074 100644
--- a/gosa-core/include/functions.inc
+++ b/gosa-core/include/functions.inc
@@ -20,11 +20,10 @@
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
-/* Configuration file location */
+/*! \file
+ * Common functions and named definitions. */
-/* Allow setting the config patj in the apache configuration
- e.g. SetEnv CONFIG_FILE /etc/path
- */
+/* Configuration file location */
if(!isset($_SERVER['CONFIG_DIR'])){
define ("CONFIG_DIR", "/etc/gosa");
}else{
@@ -40,6 +39,7 @@ if(!isset($_SERVER['CONFIG_FILE'])){
define ("CONFIG_FILE",$_SERVER['CONFIG_FILE']);
}
+/* Define common locatitions */
define ("CONFIG_TEMPLATE_DIR", "../contrib");
define ("TEMP_DIR","/var/cache/gosa/tmp");
@@ -78,16 +78,24 @@ require_once ("functions_debug.inc");
require_once ("accept-to-gettext.inc");
/* Define constants for debugging */
-define ("DEBUG_TRACE", 1);
-define ("DEBUG_LDAP", 2);
-define ("DEBUG_MYSQL", 4);
-define ("DEBUG_SHELL", 8);
-define ("DEBUG_POST", 16);
-define ("DEBUG_SESSION",32);
-define ("DEBUG_CONFIG", 64);
-define ("DEBUG_ACL", 128);
-define ("DEBUG_SI", 256);
-define ("DEBUG_MAIL", 512); // mailAccounts, imap, sieve etc.
+define ("DEBUG_TRACE", 1); /*! Debug level for tracing of common actions (save, check, etc.) */
+define ("DEBUG_LDAP", 2); /*! Debug level for LDAP queries */
+define ("DEBUG_MYSQL", 4); /*! Debug level for mysql operations */
+define ("DEBUG_SHELL", 8); /*! Debug level for shell commands */
+define ("DEBUG_POST", 16); /*! Debug level for POST content */
+define ("DEBUG_SESSION",32); /*! Debug level for SESSION content */
+define ("DEBUG_CONFIG", 64); /*! Debug level for CONFIG information */
+define ("DEBUG_ACL", 128); /*! Debug level for ACL infos */
+define ("DEBUG_SI", 256); /*! Debug level for communication with gosa-si */
+define ("DEBUG_MAIL", 512); /*! Debug level for all about mail (mailAccounts, imap, sieve etc.) */
+define ("DEBUG_FAI", 1024); // FAI (incomplete)
+define ("DEBUG_RPC", 2048); /*! Debug level for communication with remote procedures */
+
+// Define shadow states
+define ("POSIX_ACCOUNT_EXPIRED", 1);
+define ("POSIX_WARN_ABOUT_EXPIRATION", 2);
+define ("POSIX_FORCE_PASSWORD_CHANGE", 4);
+define ("POSIX_DISALLOW_PASSWORD_CHANGE", 8);
/* Rewrite german 'umlauts' and spanish 'accents'
to get better results */
@@ -112,36 +120,55 @@ $REWRITE= array( "ä" => "ae",
"Ã" => "Ny" );
-/* Class autoloader */
-function __autoload($class_name) {
+/*! \brief Does autoloading for classes used in GOsa.
+ *
+ * Takes the list generated by 'update-gosa' and loads the
+ * file containing the requested class.
+ *
+ * \param string 'class_name' The currently requested class
+ */
+function __gosa_autoload($class_name) {
global $class_mapping, $BASE_DIR;
if ($class_mapping === NULL){
- echo sprintf(_("Fatal error: no class locations defined - please run '%s' to fix this"), "update-gosa");
+ echo sprintf(_("Fatal error: no class locations defined - please run %s to fix this"), bold("update-gosa"));
exit;
}
if (isset($class_mapping["$class_name"])){
require_once($BASE_DIR."/".$class_mapping["$class_name"]);
} else {
- echo sprintf(_("Fatal error: cannot instantiate class '%s' - try running '%s' to fix this"), $class_name, "update-gosa");
+ echo sprintf(_("Fatal error: cannot instantiate class %s - try running %s to fix this"), bold($class_name), bold("update-gosa"));
exit;
}
}
+spl_autoload_register('__gosa_autoload');
/*! \brief Checks if a class is available.
- * @param name String The class name.
- * @return boolean True if class is available, else false.
+ * \param string 'name' The subject of the test
+ * \return boolean True if class is available, else false.
*/
function class_available($name)
{
- global $class_mapping;
- return(isset($class_mapping[$name]));
+ global $class_mapping, $config;
+
+ $disabled = array();
+ if($config instanceOf config && $config->configRegistry instanceOf configRegistry){
+ $disabled = $config->configRegistry->getDisabledPlugins();
+ }
+
+ return(isset($class_mapping[$name]) && !isset($disabled[$name]));
}
-/* Check if plugin is avaliable */
+/*! \brief Check if plugin is available
+ *
+ * Checks if a given plugin is available and readable.
+ *
+ * \param string 'plugin' the subject of the check
+ * \return boolean True if plugin is available, else FALSE.
+ */
function plugin_available($plugin)
{
global $class_mapping, $BASE_DIR;
@@ -154,34 +181,76 @@ function plugin_available($plugin)
}
-/* Create seed with microseconds */
+/*! \brief Create seed with microseconds
+ *
+ * Example:
+ * \code
+ * srand(make_seed());
+ * $random = rand();
+ * \endcode
+ *
+ * \return float a floating point number which can be used to feed srand() with it
+ * */
function make_seed() {
list($usec, $sec) = explode(' ', microtime());
return (float) $sec + ((float) $usec * 100000);
}
-/* Debug level action */
+/*! \brief Debug level action
+ *
+ * Print a DEBUG level if specified debug level of the level matches the
+ * the configured debug level.
+ *
+ * \param int 'level' The log level of the message (should use the constants,
+ * defined in functions.in (DEBUG_TRACE, DEBUG_LDAP, etc.)
+ * \param int 'line' Define the line of the logged action (using __LINE__ is common)
+ * \param string 'function' Define the function where the logged action happened in
+ * (using __FUNCTION__ is common)
+ * \param string 'file' Define the file where the logged action happend in
+ * (using __FILE__ is common)
+ * \param mixed 'data' The data to log. Can be a message or an array, which is printed
+ * with print_a
+ * \param string 'info' Optional: Additional information
+ *
+ * */
function DEBUG($level, $line, $function, $file, $data, $info="")
{
- if (session::global_get('DEBUGLEVEL') & $level){
- $output= "DEBUG[$level] ";
- if ($function != ""){
- $output.= "($file:$function():$line) - $info: ";
- } else {
- $output.= "($file:$line) - $info: ";
+ global $config;
+ $debugLevel = 0;
+ if($config instanceOf config){
+ $debugLevel = $config->get_cfg_value('core', 'debugLevel');
}
- echo $output;
- if (is_array($data)){
- print_a($data);
- } else {
- echo "'$data'";
+ if ($debugLevel & $level){
+ $output= "DEBUG[$level] ";
+ if ($function != ""){
+ $output.= "($file:$function():$line) - $info: ";
+ } else {
+ $output.= "($file:$line) - $info: ";
+ }
+ echo $output;
+ if (is_array($data)){
+ print_a($data);
+ } else {
+ echo "'$data'";
+ }
+ echo "
";
}
- echo "
";
- }
}
+/*! \brief Determine which language to show to the user
+ *
+ * Determines which language should be used to present gosa content
+ * to the user. It does so by looking at several possibilites and returning
+ * the first setting that can be found.
+ *
+ * -# Language configured by the user
+ * -# Global configured language
+ * -# Language as returned by al2gt (as configured in the browser)
+ *
+ * \return string gettext locale string
+ */
function get_browser_language()
{
/* Try to use users primary language */
@@ -194,8 +263,8 @@ function get_browser_language()
}
/* Check for global language settings in gosa.conf */
- if (isset ($config) && $config->get_cfg_value('language') != ""){
- $lang = $config->get_cfg_value('language');
+ if (isset ($config) && $config->get_cfg_value("core",'language') != ""){
+ $lang = $config->get_cfg_value("core",'language');
if(!preg_match("/utf/i",$lang)){
$lang .= ".UTF-8";
}
@@ -216,7 +285,15 @@ function get_browser_language()
}
-/* Rewrite ui object to another dn */
+/*! \brief Rewrite ui object to another dn
+ *
+ * Usually used when a user is renamed. In this case the dn
+ * in the user object must be updated in order to point
+ * to the correct DN.
+ *
+ * \param string 'dn' the old DN
+ * \param string 'newdn' the new DN
+ * */
function change_ui_dn($dn, $newdn)
{
$ui= session::global_get('ui');
@@ -227,14 +304,29 @@ function change_ui_dn($dn, $newdn)
}
-/* Return theme path for specified file */
+/*! \brief Return themed path for specified base file
+ *
+ * Depending on its parameters, this function returns the full
+ * path of a template file. First match wins while searching
+ * in this order:
+ *
+ * - load theme depending file
+ * - load global theme depending file
+ * - load default theme file
+ * - load global default theme file
+ *
+ * \param string 'filename' The base file name
+ * \param boolean 'plugin' Flag to take the plugin directory as search base
+ * \param string 'path' User specified path to take as search base
+ * \return string Full path to the template file
+ */
function get_template_path($filename= '', $plugin= FALSE, $path= "")
{
global $config, $BASE_DIR;
/* Set theme */
if (isset ($config)){
- $theme= $config->get_cfg_value("theme", "default");
+ $theme= $config->get_cfg_value("core","theme");
} else {
$theme= "default";
}
@@ -247,7 +339,7 @@ function get_template_path($filename= '', $plugin= FALSE, $path= "")
/* Return plugin dir or root directory? */
if ($plugin){
if ($path == ""){
- $nf= preg_replace("!^".$BASE_DIR."/!", "", session::global_get('plugin_dir'));
+ $nf= preg_replace("!^".$BASE_DIR."/!", "", preg_replace('/^\.\.\//', '', session::global_get('plugin_dir')));
} else {
$nf= preg_replace("!^".$BASE_DIR."/!", "", $path);
}
@@ -280,12 +372,23 @@ function get_template_path($filename= '', $plugin= FALSE, $path= "")
}
+/*! \brief Remove multiple entries from an array
+ *
+ * Removes every element that is in $needles from the
+ * array given as $haystack
+ *
+ * \param array 'needles' array of the entries to remove
+ * \param array 'haystack' original array to remove the entries from
+ */
function array_remove_entries($needles, $haystack)
{
return (array_merge(array_diff($haystack, $needles)));
}
+/*! \brief Remove multiple entries from an array (case-insensitive)
+ *
+ * Same as array_remove_entries(), but case-insensitive. */
function array_remove_entries_ics($needles, $haystack)
{
// strcasecmp will work, because we only compare ASCII values here
@@ -293,6 +396,15 @@ function array_remove_entries_ics($needles, $haystack)
}
+/*! Merge to array but remove duplicate entries
+ *
+ * Merges two arrays and removes duplicate entries. Triggers
+ * an error if first or second parametre is not an array.
+ *
+ * \param array 'ar1' first array
+ * \param array 'ar2' second array-
+ * \return array
+ */
function gosa_array_merge($ar1,$ar2)
{
if(!is_array($ar1) || !is_array($ar2)){
@@ -303,19 +415,25 @@ function gosa_array_merge($ar1,$ar2)
}
+/*! \brief Generate a system log info
+ *
+ * Creates a syslog message, containing user information.
+ *
+ * \param string 'message' the message to log
+ * */
function gosa_log ($message)
{
global $ui;
/* Preset to something reasonable */
- $username= " unauthenticated";
+ $username= "[unauthenticated]";
/* Replace username if object is present */
if (isset($ui)){
if ($ui->username != ""){
$username= "[$ui->username]";
} else {
- $username= "unknown";
+ $username= "[unknown]";
}
}
@@ -323,6 +441,17 @@ function gosa_log ($message)
}
+/*! \brief Initialize a LDAP connection
+ *
+ * Initializes a LDAP connection.
+ *
+ * \param string 'server'
+ * \param string 'base'
+ * \param string 'binddn' Default: empty
+ * \param string 'pass' Default: empty
+ *
+ * \return LDAP object
+ */
function ldap_init ($server, $base, $binddn='', $pass='')
{
global $config;
@@ -334,7 +463,7 @@ function ldap_init ($server, $base, $binddn='', $pass='')
/* Sadly we've no proper return values here. Use the error message instead. */
if (!$ldap->success()){
msg_dialog::display(_("Fatal error"),
- sprintf(_("FATAL: Error when connecting the LDAP. Server said '%s'."), $ldap->get_error()),
+ sprintf(_("Error while connecting to LDAP: %s"), $ldap->get_error()),
FATAL_ERROR_DIALOG);
exit();
}
@@ -345,6 +474,7 @@ function ldap_init ($server, $base, $binddn='', $pass='')
}
+/* \brief Process htaccess authentication */
function process_htaccess ($username, $kerberos= FALSE)
{
global $config;
@@ -354,7 +484,7 @@ function process_htaccess ($username, $kerberos= FALSE)
$config->set_current($name);
$mode= "kerberos";
- if ($config->get_cfg_value("useSaslForKerberos") == "true"){
+ if ($config->get_cfg_value("core","useSaslForKerberos") == "true"){
$mode= "sasl";
}
@@ -380,6 +510,15 @@ function process_htaccess ($username, $kerberos= FALSE)
}
+/*! \brief Verify user login against htaccess
+ *
+ * Checks if the specified username is available in apache, maps the user
+ * to an LDAP user. The password has been checked by apache already.
+ *
+ * \param string 'username'
+ * \return
+ * - TRUE on SUCCESS, NULL or FALSE on error
+ */
function ldap_login_user_htaccess ($username)
{
global $config;
@@ -395,7 +534,7 @@ function ldap_login_user_htaccess ($username)
$ldap->search("(&(objectClass=gosaAccount)(uid=$username))", array("uid"));
/* Found no uniq match? Strange, because we did above... */
if ($ldap->count() != 1) {
- msg_dialog::display(_("LDAP error"), _("Username / UID is not unique inside the LDAP tree!"), FATAL_ERROR_DIALOG);
+ msg_dialog::display(_("LDAP error"), _("User ID is not unique!"), FATAL_ERROR_DIALOG);
return (NULL);
}
$attrs= $ldap->fetch();
@@ -404,6 +543,13 @@ function ldap_login_user_htaccess ($username)
$ui= new userinfo($config, $ldap->getDN());
$ui->username= $attrs['uid'][0];
+ /* Bail out if we have login restrictions set, for security reasons
+ the message is the same than failed user/pw */
+ if (!$ui->loginAllowed()){
+ new log("security","login","",array(),"Login restriction for user \"$username\", login not permitted");
+ return (NULL);
+ }
+
/* No password check needed - the webserver did it for us */
$ldap->disconnect();
@@ -411,12 +557,22 @@ function ldap_login_user_htaccess ($username)
$ui->loadACL();
/* TODO: check java script for htaccess authentication */
- session::global_set('js',true);
+ session::global_set('js', true);
return ($ui);
}
+/*! \brief Verify user login against LDAP directory
+ *
+ * Checks if the specified username is in the LDAP and verifies if the
+ * password is correct by binding to the LDAP with the given credentials.
+ *
+ * \param string 'username'
+ * \param string 'password'
+ * \return
+ * - TRUE on SUCCESS, NULL or FALSE on error
+ */
function ldap_login_user ($username, $password)
{
global $config;
@@ -432,8 +588,8 @@ function ldap_login_user ($username, $password)
$ldap->cd($config->current['BASE']);
$allowed_attributes = array("uid","mail");
$verify_attr = array();
- if($config->get_cfg_value("loginAttribute") != ""){
- $tmp = split(",", $config->get_cfg_value("loginAttribute"));
+ if($config->get_cfg_value("core","loginAttribute") != ""){
+ $tmp = explode(",", $config->get_cfg_value("core","loginAttribute"));
foreach($tmp as $attr){
if(in_array($attr,$allowed_attributes)){
$verify_attr[] = $attr;
@@ -464,7 +620,7 @@ function ldap_login_user ($username, $password)
/* found more than one matching id */
default:
- msg_dialog::display(_("Internal error"), _("Username / UID is not unique inside the LDAP tree. Please contact your Administrator."), FATAL_ERROR_DIALOG);
+ msg_dialog::display(_("Internal error"), _("User ID is not unique!"), FATAL_ERROR_DIALOG);
return (NULL);
}
@@ -484,6 +640,13 @@ function ldap_login_user ($username, $password)
$ui= new userinfo($config, $ldap->getDN());
$ui->username= $attrs['uid'][0];
+ /* Bail out if we have login restrictions set, for security reasons
+ the message is the same than failed user/pw */
+ if (!$ui->loginAllowed()){
+ new log("security","login","",array(),"Login restriction for user \"$username\", login not permitted");
+ return (NULL);
+ }
+
/* password check, bind as user with supplied password */
$ldap->disconnect();
$ldap= new LDAP($ui->dn, $password, $config->current['SERVER'],
@@ -502,100 +665,136 @@ function ldap_login_user ($username, $password)
}
-function ldap_expired_account($config, $userdn, $username)
+/*! \brief Checks the posixAccount status by comparing the shadow attributes.
+ *
+ * @param Object The GOsa configuration object.
+ * @param String The 'dn' of the user to test the account status for.
+ * @param String The 'uid' of the user we're going to test.
+ * @return Const
+ * POSIX_ACCOUNT_EXPIRED - If the account is expired.
+ * POSIX_WARN_ABOUT_EXPIRATION - If the account is going to expire.
+ * POSIX_FORCE_PASSWORD_CHANGE - The password has to be changed.
+ * POSIX_DISALLOW_PASSWORD_CHANGE - The password cannot be changed right now.
+ *
+ *
+ *
+ * shadowLastChange
+ * |
+ * |---- shadowMin ---> | <-- shadowMax --
+ * | | |
+ * |------- shadowWarning -> |
+ * |-- shadowInactive --> DEACTIVATED
+ * |
+ * EXPIRED
+ *
+ */
+function ldap_expired_account($config, $userdn, $uid)
{
+ // Skip this for the admin account, we do not want to lock him out.
+ if($uid == 'admin') return(0);
+
$ldap= $config->get_ldap_link();
+ $ldap->cd($config->current['BASE']);
$ldap->cat($userdn);
$attrs= $ldap->fetch();
-
- /* default value no errors */
- $expired = 0;
-
- $sExpire = 0;
- $sLastChange = 0;
- $sMax = 0;
- $sMin = 0;
- $sInactive = 0;
- $sWarning = 0;
-
- $current= date("U");
-
- $current= floor($current /60 /60 /24);
-
- /* special case of the admin, should never been locked */
- /* FIXME should allow any name as user admin */
- if($username != "admin")
- {
+ $current= floor(date("U") /60 /60 /24);
- if(isset($attrs['shadowExpire'][0])){
- $sExpire= $attrs['shadowExpire'][0];
- } else {
- $sExpire = 0;
- }
-
- if(isset($attrs['shadowLastChange'][0])){
- $sLastChange= $attrs['shadowLastChange'][0];
- } else {
- $sLastChange = 0;
- }
-
- if(isset($attrs['shadowMax'][0])){
- $sMax= $attrs['shadowMax'][0];
- } else {
- $smax = 0;
- }
+ // Fetch required attributes
+ foreach(array('shadowExpire','shadowLastChange','shadowMax','shadowMin',
+ 'shadowInactive','shadowWarning') as $attr){
+ $$attr = (isset($attrs[$attr][0]))? $attrs[$attr][0] : null;
+ }
- if(isset($attrs['shadowMin'][0])){
- $sMin= $attrs['shadowMin'][0];
- } else {
- $sMin = 0;
- }
-
- if(isset($attrs['shadowInactive'][0])){
- $sInactive= $attrs['shadowInactive'][0];
- } else {
- $sInactive = 0;
- }
-
- if(isset($attrs['shadowWarning'][0])){
- $sWarning= $attrs['shadowWarning'][0];
- } else {
- $sWarning = 0;
- }
-
- /* is the account locked */
- /* shadowExpire + shadowInactive (option) */
- if($sExpire >0){
- if($current >= ($sExpire+$sInactive)){
- return(1);
+
+ // Check if the account has expired.
+ // ---------------------------------
+ // An account is locked/expired once its expiration date has reached (shadowExpire).
+ // If the optional attribute (shadowInactive) is set, we've to postpone
+ // the account expiration by the amount of days specified in (shadowInactive).
+ if($shadowExpire != null && $shadowExpire >= $current){
+
+ // The account seems to be expired, but we've to check 'shadowInactive' additionally.
+ // ShadowInactive specifies an amount of days we've to reprieve the user.
+ // It some kind of x days' grace.
+ if($shadowInactive == null || $current > $shadowExpire + $shadowInactive){
+
+ // Finally we've detect that the account is deactivated.
+ return(POSIX_ACCOUNT_EXPIRED);
}
- }
-
- /* the user should be warned to change is password */
- if((($sExpire >0) && ($sWarning >0)) && ($sExpire >= $current)){
- if (($sExpire - $current) < $sWarning){
- return(2);
+ }
+
+ // The users password is going to expire.
+ // --------------------------------------
+ // We've to warn the user in the case of an expiring account.
+ // An account is going to expire when it reaches its expiration date (shadowExpire).
+ // The user has to be warned, if the days left till expiration, match the
+ // configured warning period (shadowWarning)
+ // --> shadowWarning: Warn x days before account expiration.
+ if($shadowExpire != null && $shadowWarning != null){
+
+ // Check if the account is still active and not already expired.
+ if($shadowExpire >= $current){
+
+ // Check if we've to warn the user by comparing the remaining
+ // number of days till expiration with the configured amount
+ // of days in shadowWarning.
+ if(($shadowExpire - $current) <= $shadowWarning){
+ return(POSIX_WARN_ABOUT_EXPIRATION);
+ }
}
- }
-
- /* force user to change password */
- if(($sLastChange >0) && ($sMax) >0){
- if($current >= ($sLastChange+$sMax)){
- return(3);
+ }
+
+ // -- I guess this is the correct detection, isn't it?
+ if($shadowLastChange != null && $shadowWarning != null && $shadowMax != null){
+ $daysRemaining = ($shadowLastChange + $shadowMax) - $current ;
+ if($daysRemaining > 0 && $daysRemaining <= $shadowWarning){
+ return(POSIX_WARN_ABOUT_EXPIRATION);
}
- }
-
- /* the user should not be able to change is password */
- if(($sLastChange >0) && ($sMin >0)){
- if (($sLastChange + $sMin) >= $current){
- return(4);
+ }
+
+
+ // Check if we've to force the user to change his password.
+ // --------------------------------------------------------
+ // A password change is enforced when the password is older than
+ // the configured amount of days (shadowMax).
+ // The age of the current password (shadowLastChange) plus the maximum
+ // amount amount of days (shadowMax) has to be smaller than the
+ // current timestamp.
+ if($shadowLastChange != null && $shadowMax != null){
+
+ // Check if we've an outdated password.
+ if($current >= ($shadowLastChange + $shadowMax)){
+ return(POSIX_FORCE_PASSWORD_CHANGE);
}
- }
}
- return($expired);
+
+
+ // Check if we've to freeze the users password.
+ // --------------------------------------------
+ // Once a user has changed his password, he cannot change it again
+ // for a given amount of days (shadowMin).
+ // We should not allow to change the password within GOsa too.
+ if($shadowLastChange != null && $shadowMin != null){
+
+ // Check if we've an outdated password.
+ if(($shadowLastChange + $shadowMin) >= $current){
+ return(POSIX_DISALLOW_PASSWORD_CHANGE);
+ }
+ }
+
+ return(0);
}
+
+/*! \brief Add a lock for object(s)
+ *
+ * Adds a lock by the specified user for one ore multiple objects.
+ * If the lock for that object already exists, an error is triggered.
+ *
+ * \param mixed 'object' object or array of objects to lock
+ * \param string 'user' the user who shall own the lock
+ * */
function add_lock($object, $user)
{
global $config;
@@ -606,6 +805,13 @@ function add_lock($object, $user)
if(!session::global_is_set("LOCK_CACHE")){
session::global_set("LOCK_CACHE",array(""));
}
+ if(is_array($object)){
+ foreach($object as $obj){
+ add_lock($obj,$user);
+ }
+ return;
+ }
+
$cache = &session::global_get("LOCK_CACHE");
if(isset($_POST['open_readonly'])){
$cache['READ_ONLY'][$object] = TRUE;
@@ -615,26 +821,20 @@ function add_lock($object, $user)
unset($cache['READ_ONLY'][$object]);
}
- if(is_array($object)){
- foreach($object as $obj){
- add_lock($obj,$user);
- }
- return;
- }
/* Just a sanity check... */
if ($object == "" || $user == ""){
- msg_dialog::display(_("Internal error"), _("Error while adding a lock. Contact the developers!"), ERROR_DIALOG);
+ msg_dialog::display(_("Internal error"), _("Error while locking entry!"), ERROR_DIALOG);
return;
}
/* Check for existing entries in lock area */
$ldap= $config->get_ldap_link();
- $ldap->cd ($config->get_cfg_value("config"));
+ $ldap->cd ($config->get_cfg_value("core","config"));
$ldap->search("(&(objectClass=gosaLockEntry)(gosaUser=$user)(gosaObject=".base64_encode($object)."))",
array("gosaUser"));
if (!$ldap->success()){
- msg_dialog::display(_("Configuration error"), sprintf(_("Cannot create locking information in LDAP tree. Please contact your administrator!")."
"._('LDAP server returned: %s'), "
".$ldap->get_error().""), ERROR_DIALOG);
+ msg_dialog::display(_("Configuration error"), sprintf(_("Cannot store lock information in LDAP!")."
"._('Error: %s'), "
".$ldap->get_error().""), ERROR_DIALOG);
return;
}
@@ -642,20 +842,26 @@ function add_lock($object, $user)
if ($ldap->count() == 0){
$attrs= array();
$name= md5($object);
- $ldap->cd("cn=$name,".$config->get_cfg_value("config"));
+ $ldap->cd("cn=$name,".$config->get_cfg_value("core","config"));
$attrs["objectClass"] = "gosaLockEntry";
$attrs["gosaUser"] = $user;
$attrs["gosaObject"] = base64_encode($object);
$attrs["cn"] = "$name";
$ldap->add($attrs);
if (!$ldap->success()){
- msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), "cn=$name,".$config->get_cfg_value("config"), 0, ERROR_DIALOG));
+ msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), "cn=$name,".$config->get_cfg_value("core","config"), 0, ERROR_DIALOG));
return;
}
}
}
+/*! \brief Remove a lock for object(s)
+ *
+ * Does the opposite of add_lock().
+ *
+ * \param mixed 'object' object or array of objects for which a lock shall be removed
+ * */
function del_lock ($object)
{
global $config;
@@ -685,7 +891,7 @@ function del_lock ($object)
/* Check for existance and remove the entry */
$ldap= $config->get_ldap_link();
- $ldap->cd ($config->get_cfg_value("config"));
+ $ldap->cd ($config->get_cfg_value("core","config"));
$ldap->search ("(&(objectClass=gosaLockEntry)(gosaObject=".base64_encode($object)."))", array("gosaObject"));
$attrs= $ldap->fetch();
if ($ldap->getDN() != "" && $ldap->success()){
@@ -699,13 +905,20 @@ function del_lock ($object)
}
+/*! \brief Remove all locks owned by a specific userdn
+ *
+ * For a given userdn remove all existing locks. This is usually
+ * called on logout.
+ *
+ * \param string 'userdn' the subject whose locks shall be deleted
+ */
function del_user_locks($userdn)
{
global $config;
/* Get LDAP ressources */
$ldap= $config->get_ldap_link();
- $ldap->cd ($config->get_cfg_value("config"));
+ $ldap->cd ($config->get_cfg_value("core","config"));
/* Remove all objects of this user, drop errors silently in this case. */
$ldap->search("(&(objectClass=gosaLockEntry)(gosaUser=$userdn))", array("gosaUser"));
@@ -715,13 +928,21 @@ function del_user_locks($userdn)
}
+/*! \brief Get a lock for a specific object
+ *
+ * Searches for a lock on a given object.
+ *
+ * \param string 'object' subject whose locks are to be searched
+ * \return string Returns the user who owns the lock or "" if no lock is found
+ * or an error occured.
+ */
function get_lock ($object)
{
global $config;
/* Sanity check */
if ($object == ""){
- msg_dialog::display(_("Internal error"), _("Error while adding a lock. Contact the developers!"), ERROR_DIALOG);
+ msg_dialog::display(_("Internal error"), _("Error while locking entry!"), ERROR_DIALOG);
return("");
}
@@ -731,7 +952,7 @@ function get_lock ($object)
/* Get LDAP link, check for presence of the lock entry */
$user= "";
$ldap= $config->get_ldap_link();
- $ldap->cd ($config->get_cfg_value("config"));
+ $ldap->cd ($config->get_cfg_value("core","config"));
$ldap->search("(&(objectClass=gosaLockEntry)(gosaObject=".base64_encode($object)."))", array("gosaUser"));
if (!$ldap->success()){
msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), "", LDAP_SEARCH, ERROR_DIALOG));
@@ -741,9 +962,6 @@ function get_lock ($object)
/* Check for broken locking information in LDAP */
if ($ldap->count() > 1){
- /* Hmm. We're removing broken LDAP information here and issue a warning. */
- msg_dialog::display(_("Warning"), _("Found multiple locks for object to be locked. This should not happen - cleaning up multiple references."), WARNING_DIALOG);
-
/* Clean up these references now... */
while ($attrs= $ldap->fetch()){
$ldap->rmdir($attrs['dn']);
@@ -759,6 +977,14 @@ function get_lock ($object)
}
+/*! Get locks for multiple objects
+ *
+ * Similar as get_lock(), but for multiple objects.
+ *
+ * \param array 'objects' Array of Objects for which a lock shall be searched
+ * \return A numbered array containing all found locks as an array with key 'dn'
+ * and key 'user' or "" if an error occured.
+ */
function get_multiple_locks($objects)
{
global $config;
@@ -776,7 +1002,7 @@ function get_multiple_locks($objects)
/* Get LDAP link, check for presence of the lock entry */
$user= "";
$ldap= $config->get_ldap_link();
- $ldap->cd ($config->get_cfg_value("config"));
+ $ldap->cd ($config->get_cfg_value("core","config"));
$ldap->search($filter, array("gosaUser","gosaObject"));
if (!$ldap->success()){
msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), "", LDAP_SEARCH, ERROR_DIALOG));
@@ -793,15 +1019,16 @@ function get_multiple_locks($objects)
}
-/* \!brief This function searches the ldap database.
- It search in $sub_bases,*,$base for all objects matching the $filter.
-
- @param $filter String The ldap search filter
- @param $category String The ACL category the result objects belongs
- @param $sub_bases String The sub base we want to search for e.g. "ou=apps"
- @param $base String The ldap base from which we start the search
- @param $attributes Array The attributes we search for.
- @param $flags Long A set of Flags
+/*! \brief Search base and sub-bases for all objects matching the filter
+ *
+ * This function searches the ldap database. It searches in $sub_bases,*,$base
+ * for all objects matching the $filter.
+ * \param string 'filter' The ldap search filter
+ * \param string 'category' The ACL category the result objects belongs
+ * \param string 'sub_bases' The sub base we want to search for e.g. "ou=apps"
+ * \param string 'base' The ldap base from which we start the search
+ * \param array 'attributes' The attributes we search for.
+ * \param long 'flags' A set of Flags
*/
function get_sub_list($filter, $category,$sub_deps, $base= "", $attributes= array(), $flags= GL_SUBSEARCH)
{
@@ -859,7 +1086,7 @@ function get_sub_list($filter, $category,$sub_deps, $base= "", $attributes= arra
// log($action,$objecttype,$object,$changes_array = array(),$result = "")
new log("debug","all",__FILE__,$attributes,
sprintf("get_sub_list(): Falling back to get_list(), due to empty sub_bases parameter.".
- " This may slow down GOsa. Search was: '%s'",$filter));
+ " This may slow down GOsa. Used filter: %s", $filter));
}
$tmp = get_list($filter, $category,$base,$attributes,$flags);
return($tmp);
@@ -954,6 +1181,10 @@ function get_sub_list($filter, $category,$sub_deps, $base= "", $attributes= arra
}
+/*! \brief Search base for all objects matching the filter
+ *
+ * Just like get_sub_list(), but without sub base search.
+ * */
function get_list($filter, $category, $base= "", $attributes= array(), $flags= GL_SUBSEARCH)
{
global $config, $ui;
@@ -1022,6 +1253,7 @@ function get_list($filter, $category, $base= "", $attributes= array(), $flags= G
}
+/*! \brief Show sizelimit configuration dialog if exceeded */
function check_sizelimit()
{
/* Ignore dialog? */
@@ -1032,31 +1264,32 @@ function check_sizelimit()
/* Eventually show dialog */
if (session::is_set('limit_exceeded') && session::get('limit_exceeded')){
$smarty= get_smarty();
- $smarty->assign('warning', sprintf(_("The size limit of %d entries is exceed!"),
+ $smarty->assign('warning', sprintf(_("The current size limit of %d entries is exceeded!"),
session::global_get('size_limit')));
- $smarty->assign('limit_message', sprintf(_("Set the new size limit to %s and show me this message if the limit still exceeds"), ''));
+ $smarty->assign('limit_message', sprintf(_("Set the size limit to %s"), ''));
return($smarty->fetch(get_template_path('sizelimit.tpl')));
}
return ("");
}
-
+/*! \brief Print a sizelimit warning */
function print_sizelimit_warning()
{
if (session::global_is_set('size_limit') && session::global_get('size_limit') >= 10000000 ||
(session::is_set('limit_exceeded') && session::get('limit_exceeded'))){
- $config= "";
+ $config= "";
} else {
$config= "";
}
if (session::is_set('limit_exceeded') && session::get('limit_exceeded')){
- return ("("._("incomplete").") $config");
+ return ("("._("list is incomplete").") $config");
}
return ("");
}
+/*! \brief Handle sizelimit dialog related posts */
function eval_sizelimit()
{
if (isset($_POST['set_size_action'])){
@@ -1065,7 +1298,7 @@ function eval_sizelimit()
if (tests::is_id($_POST['new_limit']) &&
isset($_POST['action']) && $_POST['action']=="newlimit"){
- session::global_set('size_limit', validate($_POST['new_limit']));
+ session::global_set('size_limit', get_post('new_limit'));
session::set('size_ignore', FALSE);
}
@@ -1111,6 +1344,7 @@ function getMenuCache()
}
+/*! \brief Return the current userinfo object */
function &get_userinfo()
{
global $ui;
@@ -1119,6 +1353,7 @@ function &get_userinfo()
}
+/*! \brief Get global smarty object */
function &get_smarty()
{
global $smarty;
@@ -1127,6 +1362,21 @@ function &get_smarty()
}
+/*! \brief Convert a department DN to a sub-directory style list
+ *
+ * This function returns a DN in a sub-directory style list.
+ * Examples:
+ * - ou=1.1.1,ou=limux becomes limux/1.1.1
+ * - cn=bla,ou=foo,dc=local becomes foo/bla or foo/bla/local, depending
+ * on the value for $base.
+ *
+ * If the specified DN contains a basedn which either matches
+ * the specified base or $config->current['BASE'] it is stripped.
+ *
+ * \param string 'dn' the subject for the conversion
+ * \param string 'base' the base dn, default: $this->config->current['BASE']
+ * \return a string in the form as described above
+ */
function convert_department_dn($dn, $base = NULL)
{
global $config;
@@ -1142,7 +1392,7 @@ function convert_department_dn($dn, $base = NULL)
$dep= "";
- foreach (split(',', $dn) as $rdn){
+ foreach (explode(',', $dn) as $rdn){
$dep = preg_replace("/^[^=]+=/","",$rdn)."/".$dep;
}
@@ -1151,99 +1401,112 @@ function convert_department_dn($dn, $base = NULL)
}
-/* Strip off the last sub department part of a '/level1/level2/.../'
- * style value. It removes the trailing '/', too. */
+/*! \brief Return the last sub department part of a '/level1/level2/.../' style value.
+ *
+ * Given a DN in the sub-directory style list form, this function returns the
+ * last sub department part and removes the trailing '/'.
+ *
+ * Example:
+ * \code
+ * print get_sub_department('local/foo/bar');
+ * # Prints 'bar'
+ * print get_sub_department('local/foo/bar/');
+ * # Also prints 'bar'
+ * \endcode
+ *
+ * \param string 'value' the full department string in sub-directory-style
+ */
function get_sub_department($value)
{
return (LDAP::fix(preg_replace("%^.*/([^/]+)/?$%", "\\1", $value)));
}
-function get_ou($name)
-{
- global $config;
+/*! \brief Get the OU of a certain RDN
+ *
+ * Given a certain RDN name (ogroupRDN, applicationRDN etc.) this
+ * function returns either a configured OU or the default
+ * for the given RDN.
+ *
+ * Example:
+ * \code
+ * # Determine LDAP base where systems are stored
+ * $base = get_ou("systemManagement", "systemRDN") . $this->config->current['BASE'];
+ * $ldap->cd($base);
+ * \endcode
+ * */
+function get_ou($class,$name)
+{
+ global $config;
+
+ if(!$config->configRegistry->propertyExists($class,$name)){
+ trigger_error("No department mapping found for type ".$name);
+ return "";
+ }
+
+ $ou = $config->configRegistry->getPropertyValue($class,$name);
+ if ($ou != ""){
+ if (!preg_match('/^[^=]+=[^=]+/', $ou)){
+ $ou = @LDAP::convert("ou=$ou");
+ } else {
+ $ou = @LDAP::convert("$ou");
+ }
- $map = array(
- "ogroupRDN" => "ou=groups,",
- "applicationRDN" => "ou=apps,",
- "systemRDN" => "ou=systems,",
- "serverRDN" => "ou=servers,ou=systems,",
- "terminalRDN" => "ou=terminals,ou=systems,",
- "workstationRDN" => "ou=workstations,ou=systems,",
- "printerRDN" => "ou=printers,ou=systems,",
- "phoneRDN" => "ou=phones,ou=systems,",
- "componentRDN" => "ou=netdevices,ou=systems,",
- "sambaMachineAccountRDN" => "ou=winstation,",
-
- "faxBlocklistRDN" => "ou=gofax,ou=systems,",
- "systemIncomingRDN" => "ou=incoming,",
- "aclRoleRDN" => "ou=aclroles,",
- "phoneMacroRDN" => "ou=macros,ou=asterisk,ou=configs,ou=systems,",
- "phoneConferenceRDN" => "ou=conferences,ou=asterisk,ou=configs,ou=systems,",
-
- "faiBaseRDN" => "ou=fai,ou=configs,ou=systems,",
- "faiScriptRDN" => "ou=scripts,",
- "faiHookRDN" => "ou=hooks,",
- "faiTemplateRDN" => "ou=templates,",
- "faiVariableRDN" => "ou=variables,",
- "faiProfileRDN" => "ou=profiles,",
- "faiPackageRDN" => "ou=packages,",
- "faiPartitionRDN"=> "ou=disk,",
-
- "sudoRDN" => "ou=sudoers,",
-
- "deviceRDN" => "ou=devices,",
- "mimetypeRDN" => "ou=mime,");
-
- /* Preset ou... */
- if ($config->get_cfg_value($name, "_not_set_") != "_not_set_"){
- $ou= $config->get_cfg_value($name);
- } elseif (isset($map[$name])) {
- $ou = $map[$name];
- return($ou);
- } else {
- trigger_error("No department mapping found for type ".$name);
- return "";
- }
-
-
- if ($ou != ""){
- if (!preg_match('/^[^=]+=[^=]+/', $ou)){
- $ou = @LDAP::convert("ou=$ou");
- } else {
- $ou = @LDAP::convert("$ou");
- }
+ if(preg_match("/".preg_quote($config->current['BASE'], '/')."$/",$ou)){
+ return($ou);
+ }else{
+ if(!preg_match("/,$/", $ou)){
+ return("$ou,");
+ }else{
+ return($ou);
+ }
+ }
- if(preg_match("/".preg_quote($config->current['BASE'], '/')."$/",$ou)){
- return($ou);
- }else{
- return("$ou,");
+ } else {
+ return "";
}
-
- } else {
- return "";
- }
}
+/*! \brief Get the OU for users
+ *
+ * Frontend for get_ou() with userRDN
+ * */
function get_people_ou()
{
- return (get_ou("userRDN"));
+ return (get_ou("core", "userRDN"));
}
+/*! \brief Get the OU for groups
+ *
+ * Frontend for get_ou() with groupRDN
+ */
function get_groups_ou()
{
- return (get_ou("groupRDN"));
+ return (get_ou("core", "groupRDN"));
}
+/*! \brief Get the OU for winstations
+ *
+ * Frontend for get_ou() with sambaMachineAccountRDN
+ */
function get_winstations_ou()
{
- return (get_ou("sambaMachineAccountRDN"));
+ return (get_ou("wingeneric", "sambaMachineAccountRDN"));
}
+/*! \brief Return a base from a given user DN
+ *
+ * \code
+ * get_base_from_people('cn=Max Muster,dc=local')
+ * # Result is 'dc=local'
+ * \endcode
+ *
+ * \param string 'dn' a DN
+ * */
function get_base_from_people($dn)
{
global $config;
@@ -1260,17 +1523,29 @@ function get_base_from_people($dn)
}
+/*! \brief Check if strict naming rules are configured
+ *
+ * Return TRUE or FALSE depending on weither strictNamingRules
+ * are configured or not.
+ *
+ * \return Returns TRUE if strictNamingRules is set to true or if the
+ * config object is not available, otherwise FALSE.
+ */
function strict_uid_mode()
{
global $config;
if (isset($config)){
- return ($config->get_cfg_value("strictNamingRules") == "true");
+ return ($config->get_cfg_value("core","strictNamingRules") == "true");
}
return (TRUE);
}
+/*! \brief Get regular expression for checking uids based on the naming
+ * rules.
+ * \return string Returns the desired regular expression
+ */
function get_uid_regexp()
{
/* STRICT adds spaces and case insenstivity to the uid check.
@@ -1283,6 +1558,27 @@ function get_uid_regexp()
}
+/*! \brief Generate a lock message
+ *
+ * This message shows a warning to the user, that a certain object is locked
+ * and presents some choices how the user can proceed. By default this
+ * is 'Cancel' or 'Edit anyway', but depending on the function call
+ * its possible to allow readonly access, too.
+ *
+ * Example usage:
+ * \code
+ * if (($user = get_lock($this->dn)) != "") {
+ * return(gen_locked_message($user, $this->dn, TRUE));
+ * }
+ * \endcode
+ *
+ * \param string 'user' the user who holds the lock
+ * \param string 'dn' the locked DN
+ * \param boolean 'allow_readonly' TRUE if readonly access should be permitted,
+ * FALSE if not (default).
+ *
+ *
+ */
function gen_locked_message($user, $dn, $allow_readonly = FALSE)
{
global $plug, $config;
@@ -1293,7 +1589,9 @@ function gen_locked_message($user, $dn, $allow_readonly = FALSE)
/* Save variables from LOCK_VARS_TO_USE in session - for further editing */
if( session::is_set('LOCK_VARS_TO_USE') && count(session::get('LOCK_VARS_TO_USE'))){
- $LOCK_VARS_USED = array();
+ $LOCK_VARS_USED_GET = array();
+ $LOCK_VARS_USED_POST = array();
+ $LOCK_VARS_USED_REQUEST = array();
$LOCK_VARS_TO_USE = session::get('LOCK_VARS_TO_USE');
foreach($LOCK_VARS_TO_USE as $name){
@@ -1304,32 +1602,32 @@ function gen_locked_message($user, $dn, $allow_readonly = FALSE)
foreach($_POST as $Pname => $Pvalue){
if(preg_match($name,$Pname)){
- $LOCK_VARS_USED[$Pname] = $_POST[$Pname];
+ $LOCK_VARS_USED_POST[$Pname] = $_POST[$Pname];
}
}
foreach($_GET as $Pname => $Pvalue){
if(preg_match($name,$Pname)){
- $LOCK_VARS_USED[$Pname] = $_GET[$Pname];
+ $LOCK_VARS_USED_GET[$Pname] = $_GET[$Pname];
+ }
+ }
+
+ foreach($_REQUEST as $Pname => $Pvalue){
+ if(preg_match($name,$Pname)){
+ $LOCK_VARS_USED_REQUEST[$Pname] = $_REQUEST[$Pname];
}
}
}
session::set('LOCK_VARS_TO_USE',array());
- session::set('LOCK_VARS_USED' , $LOCK_VARS_USED);
+ session::set('LOCK_VARS_USED_GET' , $LOCK_VARS_USED_GET);
+ session::set('LOCK_VARS_USED_POST' , $LOCK_VARS_USED_POST);
+ session::set('LOCK_VARS_USED_REQUEST' , $LOCK_VARS_USED_REQUEST);
}
/* Prepare and show template */
$smarty= get_smarty();
$smarty->assign("allow_readonly",$allow_readonly);
- if(is_array($dn)){
- $msg = "
"; - foreach($dn as $sub_dn){ - $msg .= "\n".$sub_dn.", "; - } - $msg = preg_replace("/, $/","",$msg); - }else{ - $msg = $dn; - } + $msg= msgPool::buildList($dn); $smarty->assign ("dn", $msg); if ($remove){ @@ -1337,12 +1635,24 @@ function gen_locked_message($user, $dn, $allow_readonly = FALSE) } else { $smarty->assign ("action", _("Edit anyway")); } - $smarty->assign ("message", sprintf(_("You're going to edit the LDAP entry/entries %s"), "".$msg."", "")); + + $smarty->assign ("message", _("These entries are currently locked:"). $msg); return ($smarty->fetch (get_template_path('islocked.tpl'))); } +/*! \brief Return a string/HTML representation of an array + * + * This returns a string representation of a given value. + * It can be used to dump arrays, where every value is printed + * on its own line. The output is targetted at HTML output, it uses + * '
'. - ' |
get_ldap_link(); $ldap->cd($config->current['BASE']); - $ldap->search('(uid=*)'); - - while($attrs= $ldap->fetch()){ - $used[]= $attrs['uid'][0]; - } /* Remove used uids and watch out for id tags */ $ret= array(); foreach($proposed as $uid){ /* Check for id tag and modify uid if needed */ - if(preg_match('/\{id:\d+}/',$uid)){ - $size= preg_replace('/^.*{id:(\d+)}.*$/', '\\1', $uid); + if(preg_match('/\{id(:|!)\d+}/',$uid, $m)){ + $size= preg_replace('/^.*{id(:|!)(\d+)}.*$/', '\\2', $uid); - for ($i= 0, $p= pow(10,$size); $i < $p; $i++){ - $number= sprintf("%0".$size."d", $i); - $res= preg_replace('/{id:(\d+)}/', $number, $uid); - if (!in_array($res, $used)){ + $start= $m[1]==":"?0:-1; + for ($i= $start, $p= pow(10,$size)-1; $i < $p; $i++){ + if ($i == -1) { + $number= ""; + } else { + $number= sprintf("%0".$size."d", $i+1); + } + $res= preg_replace('/{id(:|!)\d+}/', $number, $uid); + + $ldap->search("(uid=".preg_replace('/[{}]/', '', $res).")",array('dn')); + if($ldap->count() == 0){ $uid= $res; break; } } + + /* Remove link if nothing has been found */ + $uid= preg_replace('/{id(:|!)\d+}/', '', $uid); } if(preg_match('/\{id#\d+}/',$uid)){ @@ -1740,15 +2130,20 @@ function gen_uids($rule, $attributes) mt_srand((double) microtime()*1000000); $number= sprintf("%0".$size."d", mt_rand(0, pow(10, $size)-1)); $res= preg_replace('/{id#(\d+)}/', $number, $uid); - if (!in_array($res, $used)){ + $ldap->search("(uid=".preg_replace('/[{}]/', '', $res).")",array('dn')); + if($ldap->count() == 0){ $uid= $res; break; } } + + /* Remove link if nothing has been found */ + $uid= preg_replace('/{id#\d+}/', '', $uid); } /* Don't assign used ones */ - if (!in_array($uid, $used)){ + $ldap->search("(uid=".preg_replace('/[{}]/', '', $uid).")",array('dn')); + if($ldap->count() == 0){ /* Add uid, but remove {} first. These are invalid anyway. */ $ret[]= preg_replace('/[{}]/', '', $uid); } @@ -1758,8 +2153,17 @@ function gen_uids($rule, $attributes) } -/* Sadly values like memory_limit are perpended by K, M, G, etc. - Need to convert... */ +/*! \brief Convert various data sizes to bytes + * + * Given a certain value in the format n(g|m|k), where n + * is a value and (g|m|k) stands for Gigabyte, Megabyte and Kilobyte + * this function returns the byte value. + * + * \param string 'value' a value in the above specified format + * \return a byte value or the original value if specified string is simply + * a numeric value + * + */ function to_byte($value) { $value= strtolower(trim($value)); @@ -1784,66 +2188,73 @@ function to_byte($value) { } +/*! \brief Check if a value exists in an array (case-insensitive) + * + * This is just as http://php.net/in_array except that the comparison + * is case-insensitive. + * + * \param string 'value' needle + * \param array 'items' haystack + */ function in_array_ics($value, $items) { return preg_grep('/^'.preg_quote($value, '/').'$/i', $items); } -function generate_alphabet($count= 10) -{ - $characters= _("*ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"); - $alphabet= ""; - $c= 0; - - /* Fill cells with charaters */ - for ($i= 0, $l= mb_strlen($characters, 'UTF8'); $i<$l; $i++){ - if ($c == 0){ - $alphabet.= "