X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=include%2Ffunctions.inc;h=2262718feee29e28c1302b785ac85c3c0d73e246;hb=b130a469e86d937a382fac5864219c190f2a6e36;hp=0bedbcee828d14132802645e0bcddf07024a8a0d;hpb=9661305ec872b58877cee3ac6b772134dcf7282c;p=gosa.git diff --git a/include/functions.inc b/include/functions.inc index 0bedbcee8..2262718fe 100644 --- a/include/functions.inc +++ b/include/functions.inc @@ -295,12 +295,8 @@ function ldap_init ($server, $base, $binddn='', $pass='') /* Sadly we've no proper return values here. Use the error message instead. */ if (!preg_match("/Success/i", $ldap->error)){ - print_red(sprintf(_("Error when connecting the LDAP. Server said '%s'."), - $ldap->get_error())); - echo $_SESSION['errors']; - - /* Hard error. We'd like to use the LDAP, anyway... */ - exit; + echo sprintf(_("FATAL: Error when connecting the LDAP. Server said '%s'."), $ldap->get_error()); + exit(); } /* Preset connection base to $base and return to caller */ @@ -317,8 +313,10 @@ function ldap_login_user ($username, $password) $ldap = $config->get_ldap_link(); if (!preg_match("/Success/i", $ldap->error)){ print_red(sprintf(_("User login failed. LDAP server said '%s'."), $ldap->get_error())); - echo $_SESSION['errors']; - exit; + $smarty= get_smarty(); + $smarty->display(get_template_path('headers.tpl')); + echo "".$_SESSION['errors'].""; + exit(); } $ldap->cd($config->current['BASE']); $ldap->search("(&(uid=$username)(objectClass=gosaAccount))", array("uid")); @@ -367,6 +365,100 @@ function ldap_login_user ($username, $password) } +function ldap_expired_account($config, $userdn, $username) +{ + $this->config= $config; + $ldap= $this->config->get_ldap_link(); + $ldap->cat($userdn); + $attrs= $ldap->fetch(); + + /* default value no errors */ + $expired = 0; + + $sExpire = 0; + $sLastChange = 0; + $sMax = 0; + $sMin = 0; + $sInactive = 0; + $sWarning = 0; + + $current= date("U"); + + $current= floor($current /60 /60 /24); + + /* special case of the admin, should never been locked */ + /* FIXME should allow any name as user admin */ + if($username != "admin") + { + + if(isset($attrs['shadowExpire'][0])){ + $sExpire= $attrs['shadowExpire'][0]; + } else { + $sExpire = 0; + } + + if(isset($attrs['shadowLastChange'][0])){ + $sLastChange= $attrs['shadowLastChange'][0]; + } else { + $sLastChange = 0; + } + + if(isset($attrs['shadowMax'][0])){ + $sMax= $attrs['shadowMax'][0]; + } else { + $smax = 0; + } + + if(isset($attrs['shadowMin'][0])){ + $sMin= $attrs['shadowMin'][0]; + } else { + $sMin = 0; + } + + if(isset($attrs['shadowInactive'][0])){ + $sInactive= $attrs['shadowInactive'][0]; + } else { + $sInactive = 0; + } + + if(isset($attrs['shadowWarning'][0])){ + $sWarning= $attrs['shadowWarning'][0]; + } else { + $sWarning = 0; + } + + /* is the account locked */ + /* shadowExpire + shadowInactive (option) */ + if($sExpire >0){ + if($current >= ($sExpire+$sInactive)){ + return(1); + } + } + + /* the user should be warned to change is password */ + if((($sExpire >0) && ($sWarning >0)) && ($sExpire >= $current)){ + if (($sExpire - $current) < $sWarning){ + return(2); + } + } + + /* force user to change password */ + if(($sLastChange >0) && ($sMax) >0){ + if($current >= ($sLastChange+$sMax)){ + return(3); + } + } + + /* the user should not be able to change is password */ + if(($sLastChange >0) && ($sMin >0)){ + if (($sLastChange + $sMin) >= $current){ + return(4); + } + } + } + return($expired); +} + function add_lock ($object, $user) { global $config; @@ -492,7 +584,7 @@ function get_lock ($object) function get_list($filter, $subtreeACL, $base= "", $attributes= array(), $flags= GL_SUBSEARCH) { - global $config; + global $config, $ui; /* Get LDAP link */ $ldap= $config->get_ldap_link($flags & GL_SIZELIMIT); @@ -504,6 +596,12 @@ function get_list($filter, $subtreeACL, $base= "", $attributes= array(), $flags= $ldap->cd ($base); } + /* Strict filter for administrative units? */ + if ($ui->gosaUnitTag != "" && isset($config->current['STRICT_UNITS']) && + preg_match('/TRUE/i', $config->current['STRICT_UNITS'])){ + $filter= "(&(gosaUnitTag=".$ui->gosaUnitTag.")$filter)"; + } + /* Perform ONE or SUB scope searches? */ if ($flags & GL_SUBSEARCH) { $ldap->search ($filter, $attributes); @@ -770,7 +868,13 @@ function get_ou($name) { global $config; - $ou= $config->current[$name]; + /* Preset ou... */ + if (isset($config->current[$name])){ + $ou= $config->current[$name]; + } else { + return ""; + } + if ($ou != ""){ if (!preg_match('/^[^=]+=[^=]+/', $ou)){ return @LDAP::convert("ou=$ou,"); @@ -947,37 +1051,42 @@ function print_red() if (isset($_SESSION['DEBUGLEVEL'])){ if($_SESSION['LastError'] == $string){ - + if((!isset($_SESSION['errorsAlreadyPosted'][$string]))){ $_SESSION['errorsAlreadyPosted'][$string] = 1; } - $_SESSION['errorsAlreadyPosted'][$string] ++; + $_SESSION['errorsAlreadyPosted'][$string]++; }else{ - if((!empty($_SESSION['LastError'])) && ($_SESSION['errorsAlreadyPosted'][$_SESSION['LastError']]>1)){ - $_SESSION['errors'].= "
". - "
\"\"". - "".sprintf(_("Last message repeated %s times."),$_SESSION['errorsAlreadyPosted'][$_SESSION['LastError']])."". - "\"\"src=\"".get_template_path('images/warning.png').
\n"; - } - if($string != NULL){ - $_SESSION['errors'].= "
". - "
\"\"". - "$string". - "\"\"src=\"".get_template_path('images/warning.png').
\n"; + if (preg_match("/"._("LDAP error:")."/", $string)){ + $addmsg= _("Problems with the LDAP server mean that you probably lost the last changes. Please check your LDAP setup for possible errors and try again."); + $img= "images/error.png"; + } else { + if (!preg_match('/[.!?]$/', $string)){ + $string.= "."; + } + $string= preg_replace('/
/', ' ', $string); + $img= "images/warning.png"; + $addmsg= _("Please check your input and fix the error. Press 'OK' to close this message box."); + } + + if(isset($_SESSION['errors']) && strlen($_SESSION['errors'])==0) { + $_SESSION['errors'].= "
". + "". + "

"._("An error occured while processing your request"). + "

$string

$addmsg

"; + } + }else{ return; } - $_SESSION['errorsAlreadyPosted'] = array(); $_SESSION['errorsAlreadyPosted'][$string] = 1; } @@ -986,7 +1095,6 @@ function print_red() echo "Error: $string\n"; } $_SESSION['LastError'] = $string; - } @@ -998,8 +1106,16 @@ function gen_locked_message($user, $dn) $ldap= $config->get_ldap_link(); $ldap->cat ($user, array('uid', 'cn')); $attrs= $ldap->fetch(); - $uid= $attrs["uid"][0]; - $cn= $attrs["cn"][0]; + + /* Stop if we have no user here... */ + if (count($attrs)){ + $uid= $attrs["uid"][0]; + $cn= $attrs["cn"][0]; + } else { + $uid= $attrs["uid"][0]; + $cn= $attrs["cn"][0]; + } + $remove= false; if((isset($_SESSION['LOCK_VARS_TO_USE']))&&(count($_SESSION['LOCK_VARS_TO_USE']))){ @@ -1130,9 +1246,9 @@ function show_ldap_error($message, $addon= "") { if (!preg_match("/Success/i", $message)){ if ($addon == ""){ - print_red (_("LDAP error:")." $message"); + print_red (_("LDAP error: $message")); } else { - print_red ("$addon (LDAP error: $message)"); + print_red ("$addon

"._("LDAP error:")." $message"); } return TRUE; } else { @@ -1203,6 +1319,9 @@ function print_header($image, $headline, $info= "") $display.= " "; $display.= "\n"; } + if (isset($_SESSION['errors'])){ + $display.= $_SESSION['errors']; + } return ($display); } @@ -1949,5 +2068,28 @@ function get_MicroTimeDiff($start , $stop) } +/* Check if the given department name is valid */ +function is_department_name_reserved($name,$base) +{ + $reservedName = array("systems","apps","incomming","internal","accounts","fax","addressbook", + preg_replace("/ou=(.*),/","\\1",get_people_ou()), + preg_replace("/ou=(.*),/","\\1",get_groups_ou())); + $follwedNames['/ou=fai,ou=configs,ou=systems,/'] = array("fai","hooks","templates","scripts","disk","packages","variables","profiles"); + + /* Check if name is one of the reserved names */ + if(in_array_ics($name,$reservedName)) { + return(true); + } + + /* Check all follow combinations if name is in array && parent base == array_key, return false*/ + foreach($follwedNames as $key => $names){ + if((in_array_ics($name,$names)) && (preg_match($key,$base))){ + return(true); + } + } + return(false); +} + + // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: ?>