X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=include%2Ffunctions.inc;h=46a0e53e9ddd51036441153a199723d2d01d374f;hb=1fac73f3983fd6dc8f75341dbe44637c1d7820fe;hp=00f8914548def78c6da7910597a1ca645b093771;hpb=1550d033643f0ab31912a22c0b69b569017d1ebb;p=gosa.git

diff --git a/include/functions.inc b/include/functions.inc
index 00f891454..46a0e53e9 100644
--- a/include/functions.inc
+++ b/include/functions.inc
@@ -295,12 +295,8 @@ function ldap_init ($server, $base, $binddn='', $pass='')
 
   /* Sadly we've no proper return values here. Use the error message instead. */
   if (!preg_match("/Success/i", $ldap->error)){
-    print_red(sprintf(_("Error when connecting the LDAP. Server said '%s'."),
-          $ldap->get_error()));
-    echo $_SESSION['errors'];
-
-    /* Hard error. We'd like to use the LDAP, anyway... */
-    exit;
+    echo sprintf(_("FATAL: Error when connecting the LDAP. Server said '%s'."), $ldap->get_error());
+    exit();
   }
 
   /* Preset connection base to $base and return to caller */
@@ -317,8 +313,10 @@ function ldap_login_user ($username, $password)
   $ldap = $config->get_ldap_link();
   if (!preg_match("/Success/i", $ldap->error)){
     print_red(sprintf(_("User login failed. LDAP server said '%s'."), $ldap->get_error()));
-    echo $_SESSION['errors'];
-    exit;
+    $smarty= get_smarty();
+    $smarty->display(get_template_path('headers.tpl'));
+    echo "<body>".$_SESSION['errors']."</body></html>";
+    exit();
   }
   $ldap->cd($config->current['BASE']);
   $ldap->search("(&(uid=$username)(objectClass=gosaAccount))", array("uid"));
@@ -367,6 +365,100 @@ function ldap_login_user ($username, $password)
 }
 
 
+function ldap_expired_account($config, $userdn, $username)
+{
+    //$this->config= $config; 
+    $ldap= $config->get_ldap_link();
+    $ldap->cat($userdn);
+    $attrs= $ldap->fetch();
+    
+    /* default value no errors */
+    $expired = 0;
+    
+    $sExpire = 0;
+    $sLastChange = 0;
+    $sMax = 0;
+    $sMin = 0;
+    $sInactive = 0;
+    $sWarning = 0;
+    
+    $current= date("U");
+    
+    $current= floor($current /60 /60 /24);
+    
+    /* special case of the admin, should never been locked */
+    /* FIXME should allow any name as user admin */
+    if($username != "admin")
+    {
+
+      if(isset($attrs['shadowExpire'][0])){
+        $sExpire= $attrs['shadowExpire'][0];
+      } else {
+        $sExpire = 0;
+      }
+      
+      if(isset($attrs['shadowLastChange'][0])){
+        $sLastChange= $attrs['shadowLastChange'][0];
+      } else {
+        $sLastChange = 0;
+      }
+      
+      if(isset($attrs['shadowMax'][0])){
+        $sMax= $attrs['shadowMax'][0];
+      } else {
+        $smax = 0;
+      }
+
+      if(isset($attrs['shadowMin'][0])){
+        $sMin= $attrs['shadowMin'][0];
+      } else {
+        $sMin = 0;
+      }
+      
+      if(isset($attrs['shadowInactive'][0])){
+        $sInactive= $attrs['shadowInactive'][0];
+      } else {
+        $sInactive = 0;
+      }
+      
+      if(isset($attrs['shadowWarning'][0])){
+        $sWarning= $attrs['shadowWarning'][0];
+      } else {
+        $sWarning = 0;
+      }
+      
+      /* is the account locked */
+      /* shadowExpire + shadowInactive (option) */
+      if($sExpire >0){
+        if($current >= ($sExpire+$sInactive)){
+          return(1);
+        }
+      }
+    
+      /* the user should be warned to change is password */
+      if((($sExpire >0) && ($sWarning >0)) && ($sExpire >= $current)){
+        if (($sExpire - $current) < $sWarning){
+          return(2);
+        }
+      }
+      
+      /* force user to change password */
+      if(($sLastChange >0) && ($sMax) >0){
+        if($current >= ($sLastChange+$sMax)){
+          return(3);
+        }
+      }
+      
+      /* the user should not be able to change is password */
+      if(($sLastChange >0) && ($sMin >0)){
+        if (($sLastChange + $sMin) >= $current){
+          return(4);
+        }
+      }
+    }
+   return($expired);
+}
+
 function add_lock ($object, $user)
 {
   global $config;
@@ -492,7 +584,7 @@ function get_lock ($object)
 
 function get_list($filter, $subtreeACL, $base= "", $attributes= array(), $flags= GL_SUBSEARCH)
 {
-  global $config;
+  global $config, $ui;
 
   /* Get LDAP link */
   $ldap= $config->get_ldap_link($flags & GL_SIZELIMIT);
@@ -504,6 +596,12 @@ function get_list($filter, $subtreeACL, $base= "", $attributes= array(), $flags=
     $ldap->cd ($base);
   }
 
+  /* Strict filter for administrative units? */
+  if ($ui->gosaUnitTag != "" && isset($config->current['STRICT_UNITS']) &&
+      preg_match('/TRUE/i', $config->current['STRICT_UNITS'])){
+    $filter= "(&(gosaUnitTag=".$ui->gosaUnitTag.")$filter)";
+  }
+
   /* Perform ONE or SUB scope searches? */
   if ($flags & GL_SUBSEARCH) {
     $ldap->search ($filter, $attributes);
@@ -811,7 +909,7 @@ function get_base_from_people($dn)
 {
   global $config;
 
-  $pattern= "/^[^,]+,".preg_quote(get_people_ou())."/";
+  $pattern= "/^[^,]+,".preg_quote(get_people_ou())."/i";
   $base= preg_replace($pattern, '', $dn);
 
   /* Set to base, if we're not on a correct subtree */
@@ -960,45 +1058,35 @@ function print_red()
       $_SESSION['errorsAlreadyPosted'][$string]++;
 
     }else{
-#      if((!empty($_SESSION['LastError'])) && ($_SESSION['errorsAlreadyPosted'][$_SESSION['LastError']]>1)){
-#        $_SESSION['errors'].= "<div align=\"left\" style=\"border-width:5px;".
-#          "border-style:solid;border-color:red; background-color:black;".
-#          "margin-bottom:10px; padding:8px;\"><table style='width:100%' summary=''><tr><td><img alt=\"\" src=\"".
-#          get_template_path('images/warning.png')."\"></td>".
-#          "<td width=\"100%\" style=\"text-align:center\"><font color=\"#FFFFFF\">".
-#          "<b style='font-size:16px;'>".sprintf(_("Last message repeated %s times."),$_SESSION['errorsAlreadyPosted'][$_SESSION['LastError']])."</b></font></td><td>".
-#          "<img alt=\"\"src=\"".get_template_path('images/warning.png').
-#          "\"></td></tr></table></div>\n";
-#      }
-
-#      if($string != NULL){
-#        $_SESSION['errors'].= "<div align=\"left\" style=\"border-width:5px;".
-#          "border-style:solid;border-color:red; background-color:black;".
-#          "margin-bottom:10px; padding:8px;\"><table style='width:100%' summary=''><tr><td><img alt=\"\" src=\"".
-#          get_template_path('images/warning.png')."\"></td>".
-#          "<td width=\"100%\" style=\"text-align:center\"><font color=\"#FFFFFF\">".
-#          "<b style='font-size:16px;'>$string</b></font></td><td>".
-#          "<img alt=\"\"src=\"".get_template_path('images/warning.png').
-#          "\"></td></tr></table></div>\n";
-######### Test #########
       if($string != NULL){
-        if (!preg_match('/[.!?]$/', $string)){
-          $string.= ".";
+        if (preg_match("/"._("LDAP error:")."/", $string)){
+          $addmsg= _("Problems with the LDAP server mean that you probably lost the last changes. Please check your LDAP setup for possible errors and try again.");
+          $img= "images/error.png";
+        } else {
+          if (!preg_match('/[.!?]$/', $string)){
+            $string.= ".";
+          }
+          $string= preg_replace('/<br>/', ' ', $string);
+          $img= "images/warning.png";
+          $addmsg= _("Please check your input and fix the error. Press 'OK' to close this message box.");
         }
-        $string= preg_replace('/<br>/', ' ', $string);
       
         if(isset($_SESSION['errors']) && strlen($_SESSION['errors'])==0) {
-          $_SESSION['errors'].= "<div style='margin-left:15%;margin-top:100px;background-color:white;padding:5px;border:5px solid red;width:60%;position:absolute' id='e_layer'>".
-          "<table style='width:100%' summary='' border=0><tr><td style='vertical-align:top;padding:10px'><img alt='' src='".get_template_path('images/warning.png')."'></td>".
-          "<td style='width:100%'><h1>"._("An error occured while processing your request")."</h1>".
-          "<b>$string</b> "._("Please check your input and fix the contents of the highlighted field. Press 'OK' to close this message box.")."</td>".
-          "</tr><tr><td colspan='2' align='center'><br><button ".(($_SESSION['js']==FALSE)?"type='submit'":"type='button'")." style='width:80px' onClick='hide(\"e_layer\")'>"._("OK")."</button></td></tr></table></div>";
+          $_SESSION['errors'].= "<div style='margin-left:15%;margin-top:100px;".
+            "background-color:white;padding:5px;border:5px solid red;width:55%;z-index:150;".
+            "position:absolute' id='e_layer'><table style='width:100%' summary='' border=0>".
+            "<tr><td style='vertical-align:top;padding:10px'><img alt='' src='".
+            get_template_path($img)."'></td>".
+            "<td style='width:100%'><h1>"._("An error occured while processing your request").
+            "</h1><b>$string</b><br><br>$addmsg</td></tr><tr><td colspan='2' align='center'><br><button ".
+            (($_SESSION['js']==FALSE)?"type='submit'":"type='button'").
+            " style='width:80px' onClick='hide(\"e_layer\")'>".
+            _("OK")."</button></td></tr></table></div>";
         }
-  #########################
+
       }else{
         return;
       }
-      #$_SESSION['errorsAlreadyPosted'] = array();
       $_SESSION['errorsAlreadyPosted'][$string] = 1;
 
     }
@@ -1106,7 +1194,7 @@ function get_printer_list($cups_server)
     $ar = false;
     exec("lpstat -p", $ar);
     foreach($ar as $val){
-      list($dummy, $printer, $rest)= split(' ', $val, 3);
+      @list($dummy, $printer, $rest)= split(' ', $val, 3);
       if (preg_match('/^[^@]+$/', $printer)){
         $res[$printer]= "$printer";
       }
@@ -1158,9 +1246,9 @@ function show_ldap_error($message, $addon= "")
 {
   if (!preg_match("/Success/i", $message)){
     if ($addon == ""){
-      print_red (_("LDAP error:")." $message");
+      print_red (_("LDAP error: $message"));
     } else {
-      print_red ("$addon (LDAP error: $message)");
+      print_red ("$addon<br><br><b>"._("LDAP error:")."</b> $message");
     }
     return TRUE;
   } else {
@@ -1186,10 +1274,10 @@ function dn2base($dn)
   global $config;
 
   if (get_people_ou() != ""){
-    $dn= preg_replace('/,'.get_people_ou().'/' , ',', $dn);
+    $dn= preg_replace('/,'.get_people_ou().'/i' , ',', $dn);
   }
   if (get_groups_ou() != ""){
-    $dn= preg_replace('/,'.get_groups_ou().'/' , ',', $dn);
+    $dn= preg_replace('/,'.get_groups_ou().'/i' , ',', $dn);
   }
   $base= preg_replace ('/^[^,]+,/i', '', $dn);
 
@@ -1980,5 +2068,28 @@ function get_MicroTimeDiff($start , $stop)
 }
 
 
+/* Check if the given department name is valid */
+function is_department_name_reserved($name,$base)
+{
+  $reservedName = array("systems","apps","incomming","internal","accounts","fax","addressbook",
+                          preg_replace("/ou=(.*),/","\\1",get_people_ou()),
+                          preg_replace("/ou=(.*),/","\\1",get_groups_ou()));
+  $follwedNames['/ou=fai,ou=configs,ou=systems,/'] = array("fai","hooks","templates","scripts","disk","packages","variables","profiles");
+
+  /* Check if name is one of the reserved names */
+  if(in_array_ics($name,$reservedName)) {
+    return(true);
+  }
+
+  /* Check all follow combinations if name is in array && parent base == array_key, return false*/
+  foreach($follwedNames as $key => $names){
+    if((in_array_ics($name,$names)) && (preg_match($key,$base))){
+      return(true);
+    }
+  }
+  return(false);
+}
+
+
 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
 ?>