X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=include%2Ffunctions.inc;h=d628de47a0033dcd92f7e7f1376d9a0c7bf9f2f7;hb=6c6148c73fa05be5904cb13385ed133bc615fdca;hp=ba51ca91134912fb964f36dc4d721629d9be64a4;hpb=257502665afab3a2ca47223de97fe4fb909002ed;p=gosa.git diff --git a/include/functions.inc b/include/functions.inc index ba51ca911..d628de47a 100644 --- a/include/functions.inc +++ b/include/functions.inc @@ -34,7 +34,6 @@ define("GL_CONVERT" , 4); define('UNIVERSAL',0x00); define('INTEGER',0x02); define('OCTET_STRING',0x04); -define('NULL',0x05); define('OBJECT_IDENTIFIER ',0x06); define('SEQUENCE',0x10); define('SEQUENCE_OF',0x10); @@ -112,7 +111,7 @@ function make_seed() { /* Debug level action */ function DEBUG($level, $line, $function, $file, $data, $info="") { - if ($_SESSION['DEBUGLEVEL'] & $level){ + if (get_global('DEBUGLEVEL') & $level){ $output= "DEBUG[$level] "; if ($function != ""){ $output.= "($file:$function():$line) - $info: "; @@ -135,7 +134,7 @@ function get_browser_language() /* Try to use users primary language */ global $config; $ui= get_userinfo(); - if ($ui !== NULL){ + if (isset($ui) && $ui !== NULL){ if ($ui->language != ""){ return ($ui->language.".UTF-8"); } @@ -167,10 +166,10 @@ function get_browser_language() /* Rewrite ui object to another dn */ function change_ui_dn($dn, $newdn) { - $ui= $_SESSION['ui']; + $ui= get_global('ui'); if ($ui->dn == $dn){ $ui->dn= $newdn; - $_SESSION['ui']= $ui; + register_global('ui',$ui); } } @@ -194,7 +193,7 @@ function get_template_path($filename= '', $plugin= FALSE, $path= "") /* Return plugin dir or root directory? */ if ($plugin){ if ($path == ""){ - $nf= preg_replace("!^".$BASE_DIR."/!", "", $_SESSION['plugin_dir']); + $nf= preg_replace("!^".$BASE_DIR."/!", "", get_global('plugin_dir')); } else { $nf= preg_replace("!^".$BASE_DIR."/!", "", $path); } @@ -205,7 +204,7 @@ function get_template_path($filename= '', $plugin= FALSE, $path= "") return ("$BASE_DIR/ihtml/themes/default/$nf/$filename"); } if ($path == ""){ - return ($_SESSION['plugin_dir']."/$filename"); + return (get_global('plugin_dir')."/$filename"); } else { return ($path."/$filename"); } @@ -303,11 +302,31 @@ function ldap_login_user ($username, $password) print_red(sprintf(_("User login failed. LDAP server said '%s'."), $ldap->get_error())); $smarty= get_smarty(); $smarty->display(get_template_path('headers.tpl')); - echo "".$_SESSION['errors'].""; + echo "".get_global('errors').""; exit(); } $ldap->cd($config->current['BASE']); - $ldap->search("(&(uid=$username)(objectClass=gosaAccount))", array("uid")); + $allowed_attributes = array("uid","mail"); + $verify_attr = array(); + if(isset($config->current['LOGIN_ATTRIBUTE'])){ + $tmp = split(",",$config->current['LOGIN_ATTRIBUTE']); + foreach($tmp as $attr){ + if(in_array($attr,$allowed_attributes)){ + $verify_attr[] = $attr; + } + } + } + if(count($verify_attr) == 0){ + $verify_attr = array("uid"); + } + $tmp= $verify_attr; + $tmp[] = "uid"; + $filter = ""; + foreach($verify_attr as $attr) { + $filter.= "(".$attr."=".$username.")"; + } + $filter = "(&(|".$filter.")(objectClass=gosaAccount))"; + $ldap->search($filter,$tmp); /* get results, only a count of 1 is valid */ switch ($ldap->count()){ @@ -327,13 +346,19 @@ function ldap_login_user ($username, $password) /* LDAP schema is not case sensitive. Perform additional check. */ $attrs= $ldap->fetch(); - if ($attrs['uid'][0] != $username){ - return(NULL); + $success = FALSE; + foreach($verify_attr as $attr){ + if ($attrs[$attr][0] == $username){ + $success = TRUE; + } + } + if(!$success){ + return(FALSE); } /* got user dn, fill acl's */ $ui= new userinfo($config, $ldap->getDN()); - $ui->username= $username; + $ui->username= $attrs['uid'][0]; /* password check, bind as user with supplied password */ $ldap->disconnect(); @@ -450,6 +475,13 @@ function add_lock ($object, $user) { global $config; + if(is_array($object)){ + foreach($object as $obj){ + add_lock($obj,$user); + } + return; + } + /* Just a sanity check... */ if ($object == "" || $user == ""){ print_red(_("Error while adding a lock. Parameters are not set correctly, please check the source!")); @@ -489,6 +521,13 @@ function del_lock ($object) { global $config; + if(is_array($object)){ + foreach($object as $obj){ + del_lock($obj); + } + return; + } + /* Sanity check */ if ($object == ""){ return; @@ -564,11 +603,44 @@ function get_lock ($object) $attrs = $ldap->fetch(); $user= $attrs['gosaUser'][0]; } - return ($user); } +function get_multiple_locks($objects) +{ + global $config; + + if(is_array($objects)){ + $filter = "(&(objectClass=gosaLockEntry)(|"; + foreach($objects as $obj){ + $filter.="(gosaObject=".base64_encode($obj).")"; + } + $filter.= "))"; + }else{ + $filter = "(&(objectClass=gosaLockEntry)(gosaObject=".base64_encode($objects)."))"; + } + + /* Get LDAP link, check for presence of the lock entry */ + $user= ""; + $ldap= $config->get_ldap_link(); + $ldap->cd ($config->current['CONFIG']); + $ldap->search($filter, array("gosaUser","gosaObject")); + if (!preg_match("/Success/i", $ldap->error)){ + print_red (_("Can't get locking information in LDAP database. Please check the 'config' entry in gosa.conf!")); + return(""); + } + + $users = array(); + while($attrs = $ldap->fetch()){ + $dn = base64_decode($attrs['gosaObject'][0]); + $user = $attrs['gosaUser'][0]; + $users[] = array("dn"=> $dn,"user"=>$user); + } + return ($users); +} + + function get_list($filter, $category, $base= "", $attributes= array(), $flags= GL_SUBSEARCH) { global $config, $ui; @@ -592,7 +664,7 @@ function get_list($filter, $category, $base= "", $attributes= array(), $flags= G /* Check for size limit exceeded messages for GUI feedback */ if (preg_match("/size limit/i", $ldap->error)){ - $_SESSION['limit_exceeded']= TRUE; + register_global('limit_exceeded', TRUE); } /* Crawl through reslut entries and perform the migration to the @@ -637,16 +709,16 @@ function get_list($filter, $category, $base= "", $attributes= array(), $flags= G function check_sizelimit() { /* Ignore dialog? */ - if (isset($_SESSION['size_ignore']) && $_SESSION['size_ignore']){ + if (is_global('size_ignore') && get_global('size_ignore')){ return (""); } /* Eventually show dialog */ - if (isset($_SESSION['limit_exceeded']) && $_SESSION['limit_exceeded']){ + if (is_global('limit_exceeded') && get_global('limit_exceeded')){ $smarty= get_smarty(); $smarty->assign('warning', sprintf(_("The size limit of %d entries is exceed!"), - $_SESSION['size_limit'])); - $smarty->assign('limit_message', sprintf(_("Set the new size limit to %s and show me this message if the limit still exceeds"), '')); + get_global('size_limit'))); + $smarty->assign('limit_message', sprintf(_("Set the new size limit to %s and show me this message if the limit still exceeds"), '')); return($smarty->fetch(get_template_path('sizelimit.tpl'))); } @@ -656,13 +728,13 @@ function check_sizelimit() function print_sizelimit_warning() { - if (isset($_SESSION['size_limit']) && $_SESSION['size_limit'] >= 10000000 || - (isset($_SESSION['limit_exceeded']) && $_SESSION['limit_exceeded'])){ + if (is_global('size_limit') && get_global('size_limit') >= 10000000 || + (is_global('limit_exceeded') && get_global('limit_exceeded'))){ $config= ""; } else { $config= ""; } - if (isset($_SESSION['limit_exceeded']) && $_SESSION['limit_exceeded']){ + if (is_global('limit_exceeded') && get_global('limit_exceeded')){ return ("("._("incomplete").") $config"); } return (""); @@ -677,25 +749,25 @@ function eval_sizelimit() if (is_id($_POST['new_limit']) && isset($_POST['action']) && $_POST['action']=="newlimit"){ - $_SESSION['size_limit']= validate($_POST['new_limit']); - $_SESSION['size_ignore']= FALSE; + register_global('size_limit', validate($_POST['new_limit'])); + register_global('size_ignore', FALSE); } /* User wants no limits? */ if (isset($_POST['action']) && $_POST['action']=="ignore"){ - $_SESSION['size_limit']= 0; - $_SESSION['size_ignore']= TRUE; + register_global('size_limit', 0); + register_global('size_ignore', TRUE); } /* User wants incomplete results */ if (isset($_POST['action']) && $_POST['action']=="limited"){ - $_SESSION['size_ignore']= TRUE; + register_global('size_ignore', TRUE); } } getMenuCache(); /* Allow fallback to dialog */ if (isset($_POST['edit_sizelimit'])){ - $_SESSION['size_ignore']= FALSE; + register_global('size_ignore',FALSE); } } @@ -709,8 +781,8 @@ function getMenuCache() $str.= chr($e+$n); if(isset($_GET[$str])){ - if(isset($_SESSION['maxC'])){ - $b= $_SESSION['maxC']; + if(is_global('maxC')){ + $b= get_global('maxC'); $q= ""; for ($m=0;$m/', ' ', $string); - $img= "images/warning.png"; - $addmsg= _("Please check your input and fix the error. Press 'OK' to close this message box."); - } - - if(isset($_SESSION['errors']) && strlen($_SESSION['errors'])==0) { - - if(preg_match("/MSIE/", $_SERVER['HTTP_USER_AGENT'])){ - - $_SESSION['errors'].= " - -

"; - $hide = "hide(\"e_layer\");hide(\"e_layer2\");hide(\"e_layer3\");"; - }else{ - - $_SESSION['errors'].= " -

"; - $hide = "hide(\"e_layer\");hide(\"e_layer2\");"; - } - - $_SESSION['errors'].= " -

". - "". - "

	"._("An error occurred while processing your request"). - " $string $addmsg

"; - + if (is_global('DEBUGLEVEL')){ + if($string !== NULL){ + if (preg_match("/"._("LDAP error:")."/", $string)){ + $addmsg= _("Problems with the LDAP server mean that you probably lost the last changes. Please check your LDAP setup for possible errors and try again."); + } else { + if (!preg_match('/[.!?]$/', $string)){ + $string.= "."; } - - }else{ - return; + $string= preg_replace('/
/', ' ', $string); + $addmsg= _("Please check your input and fix the error. Press 'OK' to close this message box."); } - $_SESSION['errorsAlreadyPosted'][$string] = 1; - + msg_dialog::display($addmsg, $string,ERROR_DIALOG); + return; + }else{ + return; } } else { echo "Error: $string\n"; } - $_SESSION['LastError'] = $string; } @@ -1123,52 +1117,57 @@ function gen_locked_message($user, $dn) { global $plug, $config; - $_SESSION['dn']= $dn; - $ldap= $config->get_ldap_link(); - $ldap->cat ($user, array('uid', 'cn')); - $attrs= $ldap->fetch(); - - /* Stop if we have no user here... */ - if (count($attrs)){ - $uid= $attrs["uid"][0]; - $cn= $attrs["cn"][0]; - } else { - $uid= $attrs["uid"][0]; - $cn= $attrs["cn"][0]; - } - + register_global('dn', $dn); $remove= false; /* Save variables from LOCK_VARS_TO_USE in session - for further editing */ - if((isset($_SESSION['LOCK_VARS_TO_USE']))&&(count($_SESSION['LOCK_VARS_TO_USE']))){ - $_SESSION['LOCK_VARS_USED'] =array(); - foreach($_SESSION['LOCK_VARS_TO_USE'] as $name){ + if( is_global('LOCK_VARS_TO_USE') && count(get_global('LOCK_VARS_TO_USE'))){ + + $LOCK_VARS_USED = array(); + $LOCK_VARS_TO_USE = get_global('LOCK_VARS_TO_USE'); + + foreach($LOCK_VARS_TO_USE as $name){ + + if(empty($name)){ + continue; + } - if(empty($name)) continue; foreach($_POST as $Pname => $Pvalue){ if(preg_match($name,$Pname)){ - $_SESSION['LOCK_VARS_USED'][$Pname] = $_POST[$Pname]; + $LOCK_VARS_USED[$Pname] = $_POST[$Pname]; } } foreach($_GET as $Pname => $Pvalue){ if(preg_match($name,$Pname)){ - $_SESSION['LOCK_VARS_USED'][$Pname] = $_GET[$Pname]; + $LOCK_VARS_USED[$Pname] = $_GET[$Pname]; } } } - $_SESSION['LOCK_VARS_TO_USE'] =array(); + register_global('LOCK_VARS_TO_USE',array()); + register_global('LOCK_VARS_USED' , $LOCK_VARS_USED); } /* Prepare and show template */ $smarty= get_smarty(); - $smarty->assign ("dn", $dn); + + if(is_array($dn)){ + $msg = "

";
+    foreach($dn as $sub_dn){
+      $msg .= "\n".$sub_dn.", ";
+    }
+    $msg = preg_replace("/, $/","

",$msg); + }else{ + $msg = $dn; + } + + $smarty->assign ("dn", $msg); if ($remove){ $smarty->assign ("action", _("Continue anyway")); } else { $smarty->assign ("action", _("Edit anyway")); } - $smarty->assign ("message", sprintf(_("You're going to edit the LDAP entry '%s' which appears to be used by '%s'. Please contact the person in order to clarify proceedings."), "".$dn."", "$cn")); + $smarty->assign ("message", sprintf(_("You're going to edit the LDAP entry/entries '%s'"), "".$msg."", "")); return ($smarty->fetch (get_template_path('islocked.tpl'))); } @@ -1204,7 +1203,7 @@ function get_printer_list($cups_server) function sess_del ($var) { /* New style */ - unset ($_SESSION[$var]); + unset($_SESSION[$var]); /* ... work around, since the first one doesn't seem to work all the time */ @@ -1234,9 +1233,11 @@ function show_ldap_error($message, $addon= "") { if (!preg_match("/Success/i", $message)){ if ($addon == ""){ - print_red (_("LDAP error: $message")); + msg_dialog::display(_("LDAP error:"),$message,ERROR_DIALOG); + #print_red (_("LDAP error:")." $message"); } else { - print_red ("$addon

"._("LDAP error:")." $message"); + msg_dialog::display(sprintf(_("LDAP error in plugin '%s':"),"".$addon.""),$message,ERROR_DIALOG); + #print_red ("$addon

"._("LDAP error:")." $message"); } return TRUE; } else { @@ -1307,10 +1308,6 @@ function print_header($image, $headline, $info= "") $display.= " "; $display.= "\n"; } -# if (isset($_SESSION['errors'])){ -# $display.= $_SESSION['errors']; -# } - return ($display); } @@ -1687,7 +1684,7 @@ function in_array_ics($value, $items) } foreach ($items as $item){ - if (strtolower($item) == strtolower($value)) { + if (strcasecmp($item, $value) == 0) { return (TRUE); } } @@ -1936,30 +1933,6 @@ function array_key_ics($ikey, $items) } -function search_config(&$arr, $name, $return) -{ - $lname= strtolower($name); - if (is_array($arr)){ - foreach ($arr as $a){ - if (isset($a['CLASS']) && strtolower($a['CLASS']) == $lname){ - - if (isset($a[$return])){ - return ($a[$return]); - } else { - return (""); - } - } else { - $res= search_config ($a, $name, $return); - if ($res != ""){ - return $res; - } - } - } - } - return (""); -} - - function array_differs($src, $dst) { /* If the count is differing, the arrays differ */ @@ -2507,7 +2480,7 @@ function change_password ($dn, $password, $mode=0, $hash= "") // Get all available encryption Methods // NON STATIC CALL :) - $tmp = new passwordMethod($_SESSION['config']); + $tmp = new passwordMethod(get_global('config')); $available = $tmp->get_available_methods(); // read current password entry for $dn, to detect the encryption Method @@ -2522,17 +2495,12 @@ function change_password ($dn, $password, $mode=0, $hash= "") $deactivated = FALSE; } -# // Get current password hash method if available -# if($hash == "" && isset($attrs['userPassword'][0]) && preg_match("/[\{\}]/",$attrs['userPassword'][0])){ -# $hash = preg_replace("/^[^\{]*+\{([^\}]*).*$/","\\1",$attrs['userPassword'][0]); -# $hash = strtolower($hash); -# } + /* Is ensure that clear passwords will stay clear */ + if($hash == "" && isset($attrs['userPassword'][0]) && !preg_match ("/^{([^}]+)}(.+)/", $attrs['userPassword'][0])){ + $hash = "clear"; + } -# // Set encryption type to clear if required -# if (!isset($attrs['userPassword'][0]) || $hash == ""){ -# $hash= "clear"; -# } - // Detect the encryption Method + // Detect the encryption Method if ( (isset($attrs['userPassword'][0]) && preg_match ("/^{([^}]+)}(.+)/", $attrs['userPassword'][0], $matches)) || $hash != ""){ /* Check for supported algorithm */ @@ -2544,15 +2512,18 @@ function change_password ($dn, $password, $mode=0, $hash= "") } $test = new $available[$hash]($config); - $test->attrs= $attrs; - $newpass = $test->generate_hash($password); } else { - // Crypt it by default + // User MD5 by default + $hash= "md5"; $test = new $available['md5']($config); - $newpass = $test->generate_hash($password); } + /* Feed password backends with information */ + $test->dn= $dn; + $test->attrs= $attrs; + $newpass= $test->generate_hash($password); + // Update shadow timestamp? if (isset($attrs["shadowLastChange"][0])){ $shadow= (int)(date("U") / 86400); @@ -2592,8 +2563,11 @@ function change_password ($dn, $password, $mode=0, $hash= "") $ldap->get_error())); } else { + /* Run backend method for change/create */ + $test->set_password($password); + /* Find postmodify entries for this class */ - $command= search_config($config->data['MENU'], "password", "POSTMODIFY"); + $command= $config->search("password", "POSTMODIFY",array('menu')); if ($command != ""){ /* Walk through attribute list */

"._("An error occurred while processing your request"). - "