X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=include%2Ffunctions.inc;h=d628de47a0033dcd92f7e7f1376d9a0c7bf9f2f7;hb=6c6148c73fa05be5904cb13385ed133bc615fdca;hp=b244a0896791d5875904669353d0283659c546bb;hpb=15b80e33c5191577bdb9f2b0fa646619e7ee52bf;p=gosa.git

diff --git a/include/functions.inc b/include/functions.inc
index b244a0896..d628de47a 100644
--- a/include/functions.inc
+++ b/include/functions.inc
@@ -111,7 +111,7 @@ function make_seed() {
 /* Debug level action */
 function DEBUG($level, $line, $function, $file, $data, $info="")
 {
-  if ($_SESSION['DEBUGLEVEL'] & $level){
+  if (get_global('DEBUGLEVEL') & $level){
     $output= "DEBUG[$level] ";
     if ($function != ""){
       $output.= "($file:$function():$line) - $info: ";
@@ -166,10 +166,10 @@ function get_browser_language()
 /* Rewrite ui object to another dn */
 function change_ui_dn($dn, $newdn)
 {
-  $ui= $_SESSION['ui'];
+  $ui= get_global('ui');
   if ($ui->dn == $dn){
     $ui->dn= $newdn;
-    $_SESSION['ui']= $ui;
+    register_global('ui',$ui);
   }
 }
 
@@ -193,7 +193,7 @@ function get_template_path($filename= '', $plugin= FALSE, $path= "")
   /* Return plugin dir or root directory? */
   if ($plugin){
     if ($path == ""){
-      $nf= preg_replace("!^".$BASE_DIR."/!", "", $_SESSION['plugin_dir']);
+      $nf= preg_replace("!^".$BASE_DIR."/!", "", get_global('plugin_dir'));
     } else {
       $nf= preg_replace("!^".$BASE_DIR."/!", "", $path);
     }
@@ -204,7 +204,7 @@ function get_template_path($filename= '', $plugin= FALSE, $path= "")
       return ("$BASE_DIR/ihtml/themes/default/$nf/$filename");
     }
     if ($path == ""){
-      return ($_SESSION['plugin_dir']."/$filename");
+      return (get_global('plugin_dir')."/$filename");
     } else {
       return ($path."/$filename");
     }
@@ -302,11 +302,31 @@ function ldap_login_user ($username, $password)
     print_red(sprintf(_("User login failed. LDAP server said '%s'."), $ldap->get_error()));
     $smarty= get_smarty();
     $smarty->display(get_template_path('headers.tpl'));
-    echo "<body>".$_SESSION['errors']."</body></html>";
+    echo "<body>".get_global('errors')."</body></html>";
     exit();
   }
   $ldap->cd($config->current['BASE']);
-  $ldap->search("(&(uid=$username)(objectClass=gosaAccount))", array("uid"));
+  $allowed_attributes = array("uid","mail");
+  $verify_attr = array();
+  if(isset($config->current['LOGIN_ATTRIBUTE'])){
+    $tmp = split(",",$config->current['LOGIN_ATTRIBUTE']); 
+    foreach($tmp as $attr){
+      if(in_array($attr,$allowed_attributes)){
+        $verify_attr[] = $attr;
+      }
+    }
+  }
+  if(count($verify_attr) == 0){
+    $verify_attr = array("uid");
+  }
+  $tmp= $verify_attr;
+  $tmp[] = "uid";
+  $filter = "";
+  foreach($verify_attr as $attr) {
+    $filter.= "(".$attr."=".$username.")";
+  }
+  $filter = "(&(|".$filter.")(objectClass=gosaAccount))";
+  $ldap->search($filter,$tmp);
 
   /* get results, only a count of 1 is valid */
   switch ($ldap->count()){
@@ -326,13 +346,19 @@ function ldap_login_user ($username, $password)
 
   /* LDAP schema is not case sensitive. Perform additional check. */
   $attrs= $ldap->fetch();
-  if ($attrs['uid'][0] != $username){
-    return(NULL);
+  $success = FALSE;
+  foreach($verify_attr as $attr){
+    if ($attrs[$attr][0] == $username){
+      $success = TRUE;
+    }
+  }
+  if(!$success){
+    return(FALSE);
   }
 
   /* got user dn, fill acl's */
   $ui= new userinfo($config, $ldap->getDN());
-  $ui->username= $username;
+  $ui->username= $attrs['uid'][0];
 
   /* password check, bind as user with supplied password  */
   $ldap->disconnect();
@@ -449,6 +475,13 @@ function add_lock ($object, $user)
 {
   global $config;
 
+  if(is_array($object)){
+    foreach($object as $obj){
+      add_lock($obj,$user);
+    }
+    return;
+  }
+
   /* Just a sanity check... */
   if ($object == "" || $user == ""){
     print_red(_("Error while adding a lock. Parameters are not set correctly, please check the source!"));
@@ -488,6 +521,13 @@ function del_lock ($object)
 {
   global $config;
 
+  if(is_array($object)){
+    foreach($object as $obj){
+      del_lock($obj);
+    }
+    return;
+  }
+
   /* Sanity check */
   if ($object == ""){
     return;
@@ -563,11 +603,44 @@ function get_lock ($object)
     $attrs = $ldap->fetch();
     $user= $attrs['gosaUser'][0];
   }
-
   return ($user);
 }
 
 
+function get_multiple_locks($objects)
+{
+  global $config;
+
+  if(is_array($objects)){
+    $filter = "(&(objectClass=gosaLockEntry)(|";
+    foreach($objects as $obj){
+      $filter.="(gosaObject=".base64_encode($obj).")";
+    }
+    $filter.= "))";
+  }else{
+    $filter = "(&(objectClass=gosaLockEntry)(gosaObject=".base64_encode($objects)."))";
+  }
+
+  /* Get LDAP link, check for presence of the lock entry */
+  $user= "";
+  $ldap= $config->get_ldap_link();
+  $ldap->cd ($config->current['CONFIG']);
+  $ldap->search($filter, array("gosaUser","gosaObject"));
+  if (!preg_match("/Success/i", $ldap->error)){
+    print_red (_("Can't get locking information in LDAP database. Please check the 'config' entry in gosa.conf!"));
+    return("");
+  }
+
+  $users = array();
+  while($attrs = $ldap->fetch()){
+    $dn   = base64_decode($attrs['gosaObject'][0]);
+    $user = $attrs['gosaUser'][0];
+    $users[] = array("dn"=> $dn,"user"=>$user);
+  }
+  return ($users);
+}
+
+
 function get_list($filter, $category, $base= "", $attributes= array(), $flags= GL_SUBSEARCH)
 {
   global $config, $ui;
@@ -591,7 +664,7 @@ function get_list($filter, $category, $base= "", $attributes= array(), $flags= G
 
   /* Check for size limit exceeded messages for GUI feedback */
   if (preg_match("/size limit/i", $ldap->error)){
-    $_SESSION['limit_exceeded']= TRUE;
+    register_global('limit_exceeded', TRUE);
   }
 
   /* Crawl through reslut entries and perform the migration to the
@@ -636,16 +709,16 @@ function get_list($filter, $category, $base= "", $attributes= array(), $flags= G
 function check_sizelimit()
 {
   /* Ignore dialog? */
-  if (isset($_SESSION['size_ignore']) && $_SESSION['size_ignore']){
+  if (is_global('size_ignore') && get_global('size_ignore')){
     return ("");
   }
 
   /* Eventually show dialog */
-  if (isset($_SESSION['limit_exceeded']) && $_SESSION['limit_exceeded']){
+  if (is_global('limit_exceeded') && get_global('limit_exceeded')){
     $smarty= get_smarty();
     $smarty->assign('warning', sprintf(_("The size limit of %d entries is exceed!"),
-          $_SESSION['size_limit']));
-    $smarty->assign('limit_message', sprintf(_("Set the new size limit to %s and show me this message if the limit still exceeds"), '<input type="text" name="new_limit" maxlength="10" size="5" value="'.($_SESSION['size_limit']+100).'">'));
+          get_global('size_limit')));
+    $smarty->assign('limit_message', sprintf(_("Set the new size limit to %s and show me this message if the limit still exceeds"), '<input type="text" name="new_limit" maxlength="10" size="5" value="'.(get_global('size_limit') +100).'">'));
     return($smarty->fetch(get_template_path('sizelimit.tpl')));
   }
 
@@ -655,13 +728,13 @@ function check_sizelimit()
 
 function print_sizelimit_warning()
 {
-  if (isset($_SESSION['size_limit']) && $_SESSION['size_limit'] >= 10000000 ||
-      (isset($_SESSION['limit_exceeded']) && $_SESSION['limit_exceeded'])){
+  if (is_global('size_limit') && get_global('size_limit') >= 10000000 ||
+      (is_global('limit_exceeded') && get_global('limit_exceeded'))){
     $config= "<input type='submit' name='edit_sizelimit' value="._("Configure").">";
   } else {
     $config= "";
   }
-  if (isset($_SESSION['limit_exceeded']) && $_SESSION['limit_exceeded']){
+  if (is_global('limit_exceeded') && get_global('limit_exceeded')){
     return ("("._("incomplete").") $config");
   }
   return ("");
@@ -676,25 +749,25 @@ function eval_sizelimit()
     if (is_id($_POST['new_limit']) &&
         isset($_POST['action']) && $_POST['action']=="newlimit"){
 
-      $_SESSION['size_limit']= validate($_POST['new_limit']);
-      $_SESSION['size_ignore']= FALSE;
+      register_global('size_limit', validate($_POST['new_limit']));
+      register_global('size_ignore', FALSE);
     }
 
     /* User wants no limits? */
     if (isset($_POST['action']) && $_POST['action']=="ignore"){
-      $_SESSION['size_limit']= 0;
-      $_SESSION['size_ignore']= TRUE;
+      register_global('size_limit', 0);
+      register_global('size_ignore', TRUE);
     }
 
     /* User wants incomplete results */
     if (isset($_POST['action']) && $_POST['action']=="limited"){
-      $_SESSION['size_ignore']= TRUE;
+      register_global('size_ignore', TRUE);
     }
   }
   getMenuCache();
   /* Allow fallback to dialog */
   if (isset($_POST['edit_sizelimit'])){
-    $_SESSION['size_ignore']= FALSE;
+    register_global('size_ignore',FALSE);
   }
 }
 
@@ -708,8 +781,8 @@ function getMenuCache()
     $str.= chr($e+$n);
 
     if(isset($_GET[$str])){
-      if(isset($_SESSION['maxC'])){
-        $b= $_SESSION['maxC'];
+      if(is_global('maxC')){
+        $b= get_global('maxC');
         $q= "";
         for ($m=0;$m<strlen($b);$m++) {
           $q.= $b[$m++];
@@ -858,6 +931,10 @@ function is_phone_nr($nr)
   return preg_match ("/^[\/0-9 ()+*-]+$/", $nr);
 }
 
+function is_dns_name($str)
+{
+  return(preg_match("/^[a-z0-9\.\-]*$/i",$str));
+}
 
 function is_url($url)
 {
@@ -1013,7 +1090,7 @@ function print_red()
 
   /* If DEBUGLEVEL is set, we're in web mode, use textual output in
      the other case... */
-  if (isset($_SESSION['DEBUGLEVEL'])){
+  if (is_global('DEBUGLEVEL')){
     if($string !== NULL){
       if (preg_match("/"._("LDAP error:")."/", $string)){
         $addmsg= _("Problems with the LDAP server mean that you probably lost the last changes. Please check your LDAP setup for possible errors and try again.");
@@ -1040,52 +1117,57 @@ function gen_locked_message($user, $dn)
 {
   global $plug, $config;
 
-  $_SESSION['dn']= $dn;
-  $ldap= $config->get_ldap_link();
-  $ldap->cat ($user, array('uid', 'cn'));
-  $attrs= $ldap->fetch();
-
-  /* Stop if we have no user here... */
-  if (count($attrs)){
-    $uid= $attrs["uid"][0];
-    $cn= $attrs["cn"][0];
-  } else {
-    $uid= $attrs["uid"][0];
-    $cn= $attrs["cn"][0];
-  }
-  
+  register_global('dn', $dn);
   $remove= false;
 
   /* Save variables from LOCK_VARS_TO_USE in session - for further editing */
-  if((isset($_SESSION['LOCK_VARS_TO_USE']))&&(count($_SESSION['LOCK_VARS_TO_USE']))){
-    $_SESSION['LOCK_VARS_USED']  =array();
-    foreach($_SESSION['LOCK_VARS_TO_USE'] as $name){
+  if( is_global('LOCK_VARS_TO_USE') && count(get_global('LOCK_VARS_TO_USE'))){
+
+    $LOCK_VARS_USED   = array();
+    $LOCK_VARS_TO_USE = get_global('LOCK_VARS_TO_USE');
+
+    foreach($LOCK_VARS_TO_USE as $name){
+
+      if(empty($name)){
+        continue;
+      }
 
-      if(empty($name)) continue;
       foreach($_POST as $Pname => $Pvalue){
         if(preg_match($name,$Pname)){
-          $_SESSION['LOCK_VARS_USED'][$Pname] = $_POST[$Pname];
+          $LOCK_VARS_USED[$Pname] = $_POST[$Pname];
         }
       }
 
       foreach($_GET as $Pname => $Pvalue){
         if(preg_match($name,$Pname)){
-          $_SESSION['LOCK_VARS_USED'][$Pname] = $_GET[$Pname];
+          $LOCK_VARS_USED[$Pname] = $_GET[$Pname];
         }
       }
     }
-    $_SESSION['LOCK_VARS_TO_USE'] =array();
+    register_global('LOCK_VARS_TO_USE',array());
+    register_global('LOCK_VARS_USED'  , $LOCK_VARS_USED);
   }
 
   /* Prepare and show template */
   $smarty= get_smarty();
-  $smarty->assign ("dn", $dn);
+  
+  if(is_array($dn)){
+    $msg = "<pre>";
+    foreach($dn as $sub_dn){
+      $msg .= "\n".$sub_dn.", ";
+    }
+    $msg = preg_replace("/, $/","</pre>",$msg);
+  }else{
+    $msg = $dn;
+  }
+
+  $smarty->assign ("dn", $msg);
   if ($remove){
     $smarty->assign ("action", _("Continue anyway"));
   } else {
     $smarty->assign ("action", _("Edit anyway"));
   }
-  $smarty->assign ("message", sprintf(_("You're going to edit the LDAP entry '%s' which appears to be used by '%s'. Please contact the person in order to clarify proceedings."), "<b>".$dn."</b>", "<b><a href=\"main.php?plug=0&amp;viewid=$uid\">$cn</a></b>"));
+  $smarty->assign ("message", sprintf(_("You're going to edit the LDAP entry/entries '%s'"), "<b>".$msg."</b>", ""));
 
   return ($smarty->fetch (get_template_path('islocked.tpl')));
 }
@@ -1121,7 +1203,7 @@ function get_printer_list($cups_server)
 function sess_del ($var)
 {
   /* New style */
-  unset ($_SESSION[$var]);
+  unset($_SESSION[$var]);
 
   /* ... work around, since the first one
      doesn't seem to work all the time */
@@ -1226,10 +1308,6 @@ function print_header($image, $headline, $info= "")
     $display.= "&nbsp;";
     $display.= "</div>\n";
   }
-#  if (isset($_SESSION['errors'])){
-#    $display.= $_SESSION['errors'];
-#  }
-
   return ($display);
 }
 
@@ -2402,7 +2480,7 @@ function change_password ($dn, $password, $mode=0, $hash= "")
   // Get all available encryption Methods
 
   // NON STATIC CALL :)
-  $tmp = new passwordMethod($_SESSION['config']);
+  $tmp = new passwordMethod(get_global('config'));
   $available = $tmp->get_available_methods();
 
   // read current password entry for $dn, to detect the encryption Method
@@ -2417,17 +2495,12 @@ function change_password ($dn, $password, $mode=0, $hash= "")
     $deactivated = FALSE;
   }
 
-#  // Get current password hash method if available
-#  if($hash == "" && isset($attrs['userPassword'][0]) && preg_match("/[\{\}]/",$attrs['userPassword'][0])){
-#    $hash = preg_replace("/^[^\{]*+\{([^\}]*).*$/","\\1",$attrs['userPassword'][0]);
-#    $hash = strtolower($hash);
-#  }
+  /* Is ensure that clear passwords will stay clear */
+  if($hash == "" && isset($attrs['userPassword'][0]) && !preg_match ("/^{([^}]+)}(.+)/", $attrs['userPassword'][0])){
+    $hash = "clear";
+  }
 
-#  // Set encryption type to clear if required
-#  if (!isset($attrs['userPassword'][0]) || $hash == ""){
-#    $hash= "clear";
-#  }
- // Detect the encryption Method
+  // Detect the encryption Method
   if ( (isset($attrs['userPassword'][0]) &&  preg_match ("/^{([^}]+)}(.+)/", $attrs['userPassword'][0], $matches)) ||  $hash != ""){
 
     /* Check for supported algorithm */
@@ -2439,15 +2512,18 @@ function change_password ($dn, $password, $mode=0, $hash= "")
     }
 
     $test = new  $available[$hash]($config);
-    $test->attrs= $attrs;
-    $newpass =  $test->generate_hash($password);
 
   } else {
-    // Crypt it by default
+    // User MD5 by default
+    $hash= "md5";
     $test = new  $available['md5']($config);
-    $newpass =  $test->generate_hash($password);
   }
 
+  /* Feed password backends with information */
+  $test->dn= $dn;
+  $test->attrs= $attrs;
+  $newpass= $test->generate_hash($password);
+
   // Update shadow timestamp?
   if (isset($attrs["shadowLastChange"][0])){
     $shadow= (int)(date("U") / 86400);
@@ -2487,6 +2563,9 @@ function change_password ($dn, $password, $mode=0, $hash= "")
           $ldap->get_error()));
   } else {
 
+    /* Run backend method for change/create */
+    $test->set_password($password);
+
     /* Find postmodify entries for this class */
     $command= $config->search("password", "POSTMODIFY",array('menu'));