function start_parse()
{
if ($GLOBALS["VERBOSE"]) {
"echo Loading...\n";
}
$unix = new unix();
if ($GLOBALS["VERBOSE"]) {
"echo Loading done...\n";
}
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$timefile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
$pid = @file_get_contents($pidfile);
if (!$GLOBALS["FORCE"]) {
if ($pid < 100) {
$pid = null;
}
$unix = new unix();
if ($unix->process_exists($pid, basename(__FILE__))) {
if ($GLOBALS["VERBOSE"]) {
echo "Already executed pid {$pid}\n";
}
return;
}
$timeexec = $unix->file_time_min($timefile);
if ($timeexec < 10) {
return;
}
$mypid = getmypid();
@file_put_contents($pidfile, $mypid);
}
@unlink($timefile);
@file_put_contents($timefile, time());
$ldap = new clladp();
if (!$ldap->IsKerbAuth()) {
return;
}
$q = new mysql_squid_builder();
$sql = "SELECT ID,GroupName FROM webfilters_sqgroups WHERE `enabled`=1 AND `GroupType`='proxy_auth_statad'";
$results = $q->QUERY_SQL($sql);
$REFRESH = false;
$Count = mysql_num_rows($results);
$UPDATED = array();
while ($ligne = mysql_fetch_assoc($results)) {
if (parse_object($ligne["ID"], $ligne["GroupName"])) {
$UPDATED[] = $ligne["GroupName"];
$REFRESH = true;
}
}
if ($REFRESH) {
squid_admin_mysql(1, "Reloading proxy service after updating " . count($UPDATED) . " Active Directory group(s)", @implode("\n", $UPDATED), __FILE__, __LINE__);
$squid = $unix->LOCATE_SQUID_BIN();
system("/etc/init.d/squid reload --force --script=exec.squid.static.ad.groups.php/" . __LINE__);
$sock = new sockets();
$EnableTransparent27 = intval($sock->GET_INFO("EnableTransparent27"));
if ($EnableTransparent27 == 1) {
system("/etc/init.d/squid-nat reload --script=" . basename(__FILE__));
}
}
}
function section_tab()
{
$boot = new boostrap_form();
$users = new usersMenus();
$callback = urlencode($_GET["CallBack"]);
if (!$users->AsAnAdministratorGeneric) {
senderror("no privs");
}
$page = CurrentPageName();
$tpl = new templates();
$array["{members} LDAP"] = "{$page}?section-search-ldap=yes&CallBack={$callback}";
$ldap = new clladp();
if ($ldap->IsKerbAuth()) {
$array["{members} Active Directory"] = "{$page}?section-search-ad=yes&CallBack={$callback}";
}
echo $boot->build_tab($array);
}
function tabs()
{
$page = CurrentPageName();
$tpl = new templates();
$t = time();
$boot = new boostrap_form();
$mini = new miniadm();
$users = new usersMenus();
$ldap = new clladp();
$tpl = new templates();
if (isset($_GET["title"])) {
$title = $tpl->_ENGINE_parse_body("<H3>{users_and_groups}</H3><p>{users_and_groups_system_explain}</p>");
}
if ($ldap->IsKerbAuth()) {
$array["{activedirectory_members}"] = "miniadm.members.browse.php?section-search-ad=yes";
}
$array["{radius_members}"] = "miniadm.system.members.radius.php";
if ($mini->IFItsProxy()) {
$array["{hostpot_members}"] = "miniadmin.hotspot.php?tabs=yes&title=yes";
}
echo $title . $boot->build_tab($array);
}
function popup()
{
$t = time();
$page = CurrentPageName();
$tpl = new templates();
$familysite = $_GET["familysite"];
$q = new mysql_squid_builder();
$sock = new sockets();
$ldap = new clladp();
if ($ldap->IsKerbAuth()) {
$whitelist_auth = "\t<center style='width:98%' class=form>\n\t\t<center>" . button("{do_not_authenticate_this_website}", "WhiteNTLMThis{$t}()", 30) . "</center>\n\t\t\t<center style='font-size:16px;margin-top:15px;margin-bottom:20px'>{do_not_authenticate_this_website_explain}\n\t\t\t<br>« <a href=\"javascript:blur();\" OnClick=\"javascript:Loadjs('squid.urlrewriteaccessdeny.php?add-ntlm-js=yes')\"\n\t\t\t\t\tstyle='text-decoration:underline'>{authentication_whitelist}</a> »\n\t\t\t\n\t\t\t</center>\n\t\t</center>\n\t\t<p> </p>";
}
$EnableRangeOffset = intval($sock->GET_INFO("EnableRangeOffset"));
if ($EnableRangeOffset == 1) {
$rangeoffset = "\t<center style='width:98%' class=form>\n\t\t\t<center>" . button("{enforce_partial_content}", "RangeOffsetLimit{$t}()", 30) . "</center>\n\t\t\t\t<center style='font-size:16px;margin-top:15px;margin-bottom:20px'>{enforce_partial_content_explain}\n\t\t\t\t<br>« <a href=\"javascript:blur();\" \n\t\t\t\t\tOnClick=\"javascript:Loadjs('squid.urlrewriteaccessdeny.php?add-rangeoffsetlimit-js=yes')\"\n\t\t\t\t\tstyle='text-decoration:underline'>{partial_content_list}</a> »\n\t\t\t\n\t\t\t\t</center>\n\t\t\t</center>\n\t\t\t<p> </p>";
}
if ($sock->EnableUfdbGuard()) {
$results = $q->QUERY_SQL("SELECT * FROM personal_categories");
while ($ligne = mysql_fetch_assoc($results)) {
$PERSO[$ligne["category"]] = true;
}
$results = $q->QUERY_SQL("SELECT category FROM webfilter_blks WHERE modeblk=1");
$WHITECATS[null] = "{select}";
while ($ligne = mysql_fetch_assoc($results)) {
if (!isset($PERSO[$ligne["category"]])) {
continue;
}
$WHITECATS[$ligne["category"]] = $ligne["category"];
}
$whitelist_ufdb = "\t<center style='width:98%' class=form>\n\t\t\t<center>" . button("{whitelist_this_website}", "WhiteThis{$t}()", 30) . "</center>\n\t\t\t\t<center style='font-size:16px;margin-top:15px;margin-bottom:20px'>{whitelist_this_website_explain}\n\t\t\t\t<br>« <a href=\"javascript:blur();\" OnClick=\"javascript:Loadjs('squid.urlrewriteaccessdeny.php?add-www-js=yes')\"\n\t\t\t\t\t\tstyle='text-decoration:underline'>{global_whitelists}</a> »\t\t\n\t\t\t\t\t\t\n\t\t\t\t</center>\n\t\t\t</center>\n\t\t\t<p> </p>";
$blacklist_ufdb = "\t<center style='width:98%' class=form>\n\t\t<center>" . button("{blacklist_this_website}", "BlackUFDBThis{$t}()", 30) . "</center>\n\t\t\t<center style='font-size:16px;margin-top:15px;margin-bottom:20px'>{blacklist_this_website_explain}\n\t\t\t<br>« <a href=\"javascript:blur();\" OnClick=\"javascript:Loadjs('squid.urlrewriteaccessdeny.php?add-black-js=yes')\"\n\t\t\t\t\tstyle='text-decoration:underline'>{global_blacklist}</a> »\n\t\t\t\n\t\t\t</center>\n\t\t</center>\n\t\t<p> </p>";
$white_category = "\t<p> </p>\n\t<div style='width:98%' class=form>\n\t<table style='width:100%'>\n\t<tr>\n\t\t<td style='font-size:22px' class=legend>{save_into_a_whitelisted_category}:</td>\n\t\t<td>" . Field_array_Hash($WHITECATS, "category-{$t}", null, "style:font-size:22px") . "</td>\n\t</tr>\n\t<tr>\n\t<td colspan=2 align='right'><hr>" . button("{add}", "CatzThis{$t}()", 30) . "</td>\n\t</tr>\n\t</table>";
}
$html = "<div style='font-size:35px;margin-bottom:20px'>« {$familysite} »</div>\n\t{$whitelist_auth}\n\t{$whitelist_ufdb}\n\t{$rangeoffset}\n\t\t<center style='width:98%' class=form>\t\n\t\t<center>" . button("{do_not_cache}", "NocacheThis{$t}()", 30) . "</center>\n\t\t\t<center style='font-size:16px;margin-top:15px;margin-bottom:20px'>{do_not_cache_this_web_site_explain}\n\t\t\t<br>« <a href=\"javascript:blur();\" OnClick=\"javascript:Loadjs('squid.urlrewriteaccessdeny.php?add-nocache-js=yes')\"\n\t\t\t\t\tstyle='text-decoration:underline'>{global_deny_cache_list}</a> »\t\t\n\t\t\t\t\t\n\t\t\t</center>\n\t\t</center>\t\n\t{$blacklist_ufdb}\t\t\t\n\t\t\t<p> </p>\t\t\n\t\t\t\t\n\t\t\t{$white_category}\n\t</div>\n<script>\n\nvar CallBack{$t}= function (obj) {\n\tvar res=obj.responseText;\n\tif(res.length>3){alert(res);return;}\n\tvar category=document.getElementById('category-{$t}').value;\n\tYahooWinBrowseHide();\n\tLoadjs('ufdbguard.compile.category.php?category='+category);\n}\t\nvar CallBackNocacheThis{$t}= function (obj) {\n\tvar res=obj.responseText;\n\tif(res.length>3){alert(res);return;}\n\tYahooWinBrowseHide();\n\tLoadjs('squid.global.wl.center.progress.php');\n}\nfunction CatzThis{$t}(){\n\tvar XHR = new XHRConnection();\n\tXHR.appendData('add-to-cat', '{$familysite}');\n\tXHR.appendData('category', document.getElementById('category-{$t}').value);\t \n\tXHR.sendAndLoad('{$page}', 'POST',CallBack{$t}); \t\t\t\n}\n\nfunction NocacheThis{$t}(){\n\tvar XHR = new XHRConnection();\n\tXHR.appendData('nocache_single', '{$familysite}'); \n\tXHR.sendAndLoad('squid.urlrewriteaccessdeny.php', 'POST',CallBackNocacheThis{$t}); \n\n}\n\nfunction RangeOffsetLimit{$t}(){\n\tvar XHR = new XHRConnection();\n\tXHR.appendData('rangeoffsetlimit_single', '{$familysite}'); \n\tXHR.sendAndLoad('squid.urlrewriteaccessdeny.php', 'POST',CallBackNocacheThis{$t}); \n}\n\nfunction WhiteNTLMThis{$t}(){\n\tvar XHR = new XHRConnection();\n\tXHR.appendData('nonntlm_single', '{$familysite}'); \n\tXHR.sendAndLoad('squid.urlrewriteaccessdeny.php', 'POST',CallBackNocacheThis{$t}); \n\n}\n\nvar CallBack2{$t}= function (obj) {\n\tvar res=obj.responseText;\n\tif(res.length>3){alert(res);return;}\n\tvar category=document.getElementById('category-{$t}').value;\n\tYahooWinBrowseHide();\n\tLoadjs('squid.compile.whiteblack.progress.php');\n}\n\t\n// \nfunction WhiteThis{$t}(){\n\tvar XHR = new XHRConnection();\n\tXHR.appendData('whitelist-single', '{$familysite}');\t\t\n\tXHR.sendAndLoad('squid.urlrewriteaccessdeny.php', 'POST',CallBack2{$t}); \n\n\t}\nfunction BlackUFDBThis{$t}(){\n\tvar XHR = new XHRConnection();\n\tXHR.appendData('blacklist-single', '{$familysite}');\t\t\n\tXHR.sendAndLoad('squid.urlrewriteaccessdeny.php', 'POST',CallBack2{$t}); \n\n\t}\t\n\n</script>\t\t\t\n\t\t\t\n\t\t\t\n";
echo $tpl->_ENGINE_parse_body($html);
}
function COUNT_DE_USERS()
{
$sock = new sockets();
$ldap = new clladp();
$_GET["dn"] = urldecode($_GET["dn"]);
if ($ldap->IsKerbAuth()) {
$ad = new external_ad_search();
echo $ad->CountDeUSerOu($_GET["count-de-users"], $_GET["dn"]);
}
$EnableManageUsersTroughActiveDirectory = $sock->GET_INFO("EnableManageUsersTroughActiveDirectory");
if (!is_numeric($EnableManageUsersTroughActiveDirectory)) {
$EnableManageUsersTroughActiveDirectory = 0;
}
if ($EnableManageUsersTroughActiveDirectory == 1) {
$ldap = new ldapAD();
echo $ldap->CountDeUSerOu($_GET["count-de-users"], $_GET["dn"]);
return;
}
$ldap = new clladp();
echo $ldap->CountDeUSerOu($_GET["count-de-users"]);
}
function finduser_list()
{
$keycached = "{$_GET["finduser"]}";
header("Pragma: no-cache");
header("Expires: 0");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
$GLOBALS["OUTPUT_DEBUG"] = false;
$stringtofind = trim($_GET["finduser"]);
if ($_POST["query"] != null) {
$stringtofind = $_POST["query"];
}
if (!isset($_POST["rp"])) {
$_POST["rp"] = 15;
}
$users = new usersMenus();
$sock = new sockets();
$EnableManageUsersTroughActiveDirectory = $sock->GET_INFO("EnableManageUsersTroughActiveDirectory");
if (!is_numeric($EnableManageUsersTroughActiveDirectory)) {
$EnableManageUsersTroughActiveDirectory = 0;
}
if (preg_match("#debug:(.+)#", $stringtofind, $re)) {
$GLOBALS["OUTPUT_DEBUG"] = true;
$stringtofind = trim($re[1]);
}
if ($GLOBALS["OUTPUT_DEBUG"]) {
echo "Want to search {$stringtofind}<br>";
}
$tpl = new templates();
$usermenu = new usersMenus();
$ldap = new clladp();
if (!$ldap->IsKerbAuth()) {
if ($usermenu->AsAnAdministratorGeneric == true) {
if ($GLOBALS["OUTPUT_DEBUG"]) {
echo "It is an administrator search in the entire tree<br>";
}
$hash_full = $ldap->UserSearch(null, $stringtofind, $_POST["rp"]);
} else {
$us = $ldap->UserDatas($_SESSION["uid"]);
if ($GLOBALS["OUTPUT_DEBUG"]) {
echo "It is an user search in the {$us["ou"]} tree<br>";
}
$hash_full = $ldap->UserSearch($us["ou"], $stringtofind, $_POST["rp"]);
}
$hash1 = $hash_full[0];
$hash2 = $hash_full[1];
if ($GLOBALS["OUTPUT_DEBUG"]) {
echo "Search results " . count($hash1) . " users and " . count($hash2) . " contacts<br>";
}
} else {
include_once dirname(__FILE__) . "/ressources/class.external.ad.inc";
$ad = new external_ad_search();
$hash_full = $ad->UserSearch(null, $stringtofind, $_POST["rp"]);
$hash1 = $hash_full[0];
$hash2 = $hash_full[1];
if ($GLOBALS["OUTPUT_DEBUG"]) {
echo "Search results " . count($hash1) . " users and " . count($hash2) . " contacts<br>";
}
}
$hash = array();
$count = 0;
$data = array();
$data['page'] = 1;
$data['total'] = 0;
$data['rows'] = array();
if (is_array($hash1)) {
if ($GLOBALS["OUTPUT_DEBUG"]) {
echo "<strong>Search results ->HASH1</strong><br>\n";
}
while (list($num, $ligne) = each($hash1)) {
if (isset($ligne["samaccountname"][0])) {
$ligne["uid"][0] = $ligne["samaccountname"][0];
}
if ($ligne["uid"][0] == null) {
if (preg_match("#^CN=(.+?),#i", $ligne["dn"], $re)) {
$ligne["uid"][0] = $re[1];
$hash[$count]["displayname"][0] = $re[1];
}
}
if ($EnableManageUsersTroughActiveDirectory == 0) {
if ($ligne["uid"][0] == null && $ligne["employeenumber"][0] == null) {
continue;
}
}
if (strpos($ligne["dn"], "dc=pureftpd,dc=organizations") > 0) {
continue;
}
$hash[$count]["displayname"][0] = trim($ligne["displayname"][0]);
$hash[$count]["givenname"][0] = $ligne["givenname"][0];
if ($EnableManageUsersTroughActiveDirectory == 1) {
$hash[$count]["uid"][0] = $ligne["samaccountname"][0];
} else {
$hash[$count]["uid"][0] = $ligne["uid"][0];
}
if (substr($hash[$count]["uid"][0], strlen($hash[$count]["uid"][0]) - 1, 1) == '$') {
continue;
}
$hash[$count]["employeenumber"][0] = $ligne["employeenumber"][0];
$hash[$count]["title"][0] = $ligne["title"][0];
$hash[$count]["uri"][0] = $ligne["uri"][0];
$hash[$count]["mail"][0] = $ligne["mail"][0];
$hash[$count]["phone"][0] = $ligne["telephonenumber"][0];
$hash[$count]["sn"][0] = $ligne["sn"][0];
$hash[$count]["dn"] = $ligne["dn"];
$count++;
}
} else {
if ($GLOBALS["OUTPUT_DEBUG"]) {
echo "<strong>Search results ->HASH1 NOT AN ARRAY</strong><br>\n";
}
}
if (is_array($hash2)) {
if ($GLOBALS["OUTPUT_DEBUG"]) {
echo "<strong>Search results ->HASH2</strong><br>\n";
}
while (list($num, $ligne) = each($hash2)) {
if (isset($ligne["samaccountname"][0])) {
$ligne["uid"][0] = $ligne["samaccountname"][0];
}
if ($ligne["uid"][0] == null && $ligne["employeenumber"][0] == null) {
continue;
}
if (strpos($ligne["dn"], "dc=pureftpd,dc=organizations") > 0) {
continue;
}
$hash[$count]["displayname"][0] = $ligne["displayname"][0];
$hash[$count]["givenname"][0] = $ligne["givenname"][0];
$hash[$count]["uid"][0] = $ligne["uid"][0];
$hash[$count]["employeenumber"][0] = $ligne["employeenumber"][0];
$hash[$count]["title"][0] = $ligne["title"][0];
$hash[$count]["uri"][0] = $ligne["uri"][0];
$hash[$count]["mail"][0] = $ligne["mail"][0];
$hash[$count]["phone"][0] = $ligne["telephonenumber"][0];
$hash[$count]["sn"][0] = $ligne["sn"][0];
$hash[$count]["dn"] = $ligne["dn"];
$count = $count + 1;
}
} else {
if ($GLOBALS["OUTPUT_DEBUG"]) {
echo "<strong>Search results ->HASH2 NOT AN ARRAY</strong><br>\n";
}
}
$count = count($hash);
$data['total'] = $count;
if ($count == 0) {
json_error_show("no data", 1);
}
if ($GLOBALS["OUTPUT_DEBUG"]) {
echo "<strong>Search results {$count} items</strong><br>\n";
}
if (is_array($hash)) {
while (list($num, $ligne) = each($hash)) {
if ($GLOBALS["OUTPUT_DEBUG"]) {
echo "dn:{$ligne["dn"]}<br>";
}
if ($GLOBALS["OUTPUT_DEBUG"]) {
echo "uid:{$ligne["uid"][0]}<br>";
}
if ($GLOBALS["OUTPUT_DEBUG"]) {
echo "employeenumber:{$ligne["employeenumber"][0]}<br>";
}
if ($ligne["uid"][0] == null && $ligne["employeenumber"][0] == null) {
if ($GLOBALS["OUTPUT_DEBUG"]) {
echo "null twice, aborting...<br>";
}
continue;
}
if ($ligne["uid"][0] == "squidinternalauth") {
$count = $count - 1;
continue;
}
if ($GLOBALS["OUTPUT_DEBUG"]) {
echo "edit_config_user={$ligne["uid"][0]}<br>";
}
$edit_config_user = MEMBER_JS($ligne["uid"][0], 1, 0, $ligne["dn"]);
if ($usermenu->AllowAddUsers == true) {
$uri = $edit_config_user;
} else {
$uri = null;
}
if ($usermenu->AsOrgAdmin == true) {
$uri = $edit_config_user;
} else {
$uri = null;
}
if ($usermenu->AsArticaAdministrator == true) {
$uri = $edit_config_user;
} else {
$uri = null;
}
$displayname = trim($ligne["displayname"][0]);
$givenname = $ligne["givenname"][0];
$mail = $ligne["mail"][0];
if ($displayname == null) {
$displayname = $ligne["uid"][0];
}
if ($givenname == null) {
$givenname = '{unknown}';
}
if ($mail == null) {
$mail = '{unknown}';
}
if ($ligne["employeenumber"][0] != null) {
$array["employeenumber"] = $ligne["employeenumber"][0];
$user = new contacts($_SESSION["uid"], $ligne["employeenumber"][0]);
$array["title"] = $user->displayName;
$uri = "javascript:Loadjs('contact.php?employeeNumber={$ligne["employeenumber"][0]}')";
} else {
if ($ligne["uid"][0] != null) {
$array["title"] = $ligne["uid"][0];
$user = new user($ligne["uid"][0]);
}
}
if (strlen($user->jpegPhoto) > 0) {
$array["img"] = $user->img_identity;
} else {
$array["img"] = "img/contact-unknown-user.png";
}
writelogs("identity:{$user->img_identity} ", __FUNCTION__, __FILE__);
$array["uri"] = $uri;
$array["mail"] = $ligne["mail"][0];
$array["phone"] = $ligne["telephonenumber"][0];
$array["sn"] = $ligne["sn"][0];
if (!$ldap->EnableManageUsersTroughActiveDirectory) {
if ($displayname == null) {
$displayname = "{$givenname} {$ligne["sn"][0]}";
}
}
$array["displayname"] = $displayname;
$array["givenname"] = $givenname;
$array["JS"] = $edit_config_user;
$array["title"] = $ligne["title"][0];
$array["ou"] = $user->ou;
$array["uid"] = $ligne["uid"][0];
$data['rows'][] = finduser_format($array);
}
}
echo json_encode($data);
}
function quicklinks_members()
{
$users = new usersMenus();
$tpl = new templates();
$ldap = new clladp();
if ($ldap->IsKerbAuth() == 0) {
$tr[] = paragrapheWin("user-add-white-64.png", "{new_member}", "Loadjs('create-user.php')");
}
$search = $tpl->_ENGINE_parse_body("{search}");
$tr[] = paragrapheWin("users-search-white-64.png", "{members}: {$search}", "AnimateDiv('BodyContent');LoadAjax('BodyContent','domains.manage.users.index.php?finduser-tab=yes');");
if ($users->AsSystemAdministrator) {
$tr[] = paragrapheWin("postmasters-white-64.png", "{administrators}", "AnimateDiv('BodyContent');LoadAjax('BodyContent','freeradius.users.php?t=0&tab=yes');");
}
if ($users->AsAnAdministratorGeneric) {
$tr[] = paragrapheWin("64-computer2-white.png", "{my_computers}", "LoadAjax('BodyContent','computer-browse.php?tabs=yes',false)");
}
if ($users->SQUID_INSTALLED) {
if ($users->SAMBA_INSTALLED) {
if ($users->AsSystemAdministrator) {
$tr[] = paragrapheWin("windows-white-64.png", "Active Directory", "AnimateDiv('BodyContent');LoadAjax('BodyContent','squid.adker.php?tabs=yes');");
}
}
if ($users->AsWebStatisticsAdministrator) {
$tr[] = paragrapheWin("user-stats-64.png", "{web_statistics}", "AnimateDiv('BodyContent');LoadAjax('BodyContent','squid.users-profiling.php');");
}
if ($users->AsSquidAdministrator) {
$tr[] = paragrapheWin("users-search-white-64.png", "{identd_server}", "AnimateDiv('BodyContent');LoadAjax('BodyContent','squid.identd.php');");
$tr[] = paragrapheWin("users-search-white-64.png", "{proxy_members_aliases}", "AnimateDiv('BodyContent');LoadAjax('BodyContent','squid.macToUid.php');");
}
}
echo $tpl->_ENGINE_parse_body(CompileTr5_win($tr, true));
}
function auth_verif()
{
$tpl = new templates();
$ldap = new clladp();
if ($ldap->IsKerbAuth()) {
$external_ad_search = new external_ad_search();
if (!$external_ad_search->CheckUserAuth($_POST["username-logon"], $_POST["username-password"])) {
echo $tpl->_ENGINE_parse_body("<center><H2 style='color:red'>{unknown_user}</H2></center>");
return null;
}
$users = new usersMenus();
$privs = new privileges($_POST["username-logon"]);
$privileges_array = $privs->privs;
$_SESSION["InterfaceType"] = "{ARTICA_MINIADM}";
setcookie("mem-logon-user", $_POST["username-logon"], time() + 172800);
$_SESSION["privileges_array"] = $privs->privs;
$_SESSION["uid"] = $_POST["username-logon"];
$_SESSION["passwd"] = $_POST["username-logon"];
$_SESSION["privileges"]["ArticaGroupPrivileges"] = $privs->content;
BuildSession($_POST["username-logon"]);
echo "<script>YahooWinHide();LoadAjax('BodyContent','miniadm.index.php');</script>\n\t\t";
return;
}
$u = new user($_POST["username-logon"]);
$userPassword = $u->password;
if (trim($u->uidNumber) == null) {
writelogs('Unable to get user infos abort', __FUNCTION__, __FILE__);
echo $tpl->_ENGINE_parse_body("<center><H2 style='color:red'>{unknown_user}</H2></center>");
return null;
}
if (trim($_POST["username-password"]) == trim($userPassword)) {
$ldap = new clladp();
$users = new usersMenus();
$privs = new privileges($u->uid);
$privileges_array = $privs->privs;
$_SESSION["InterfaceType"] = "{ARTICA_MINIADM}";
setcookie("mem-logon-user", $_POST["username-logon"], time() + 172800);
$_SESSION["privileges_array"] = $privs->privs;
$_SESSION["privs"] = $privileges_array;
$_SESSION["OU_LANG"] = $privileges_array["ForceLanguageUsers"];
$_SESSION["uid"] = $_POST["username-logon"];
$_SESSION["passwd"] = $_POST["username-logon"];
$_SESSION["privileges"]["ArticaGroupPrivileges"] = $privs->content;
$_SESSION["groupid"] = $ldap->UserGetGroups($_POST["artica_username"], 1);
$_SESSION["DotClearUserEnabled"] = $u->DotClearUserEnabled;
$_SESSION["MailboxActive"] = $u->MailboxActive;
$_SESSION["ou"] = $u->ou;
$_SESSION["UsersInterfaceDatas"] = trim($u->UsersInterfaceDatas);
$lang = new articaLang();
writelogs("[{$_POST["username-logon"]}]: Default organization language={$_SESSION["OU_LANG"]}", __FUNCTION__, __FILE__);
if (trim($_SESSION["OU_LANG"]) != null) {
$_SESSION["detected_lang"] = $_SESSION["OU_LANG"];
setcookie("artica-language", $_SESSION["OU_LANG"], time() + 172800);
} else {
setcookie("artica-language", $_POST["lang"], time() + 172800);
$_SESSION["detected_lang"] = $lang->get_languages();
}
echo "<script>\n\t\t\tYahooWinHide();\n\t\t\tLoadAjax('BodyContent','miniadm.index.php');\n\t\t</script>\n\t\t";
return;
} else {
echo $tpl->_ENGINE_parse_body("<center><H2 style='color:red'>{bdu}</H2></center>");
}
}
function query_group()
{
if ($_GET["OnlyUsers"] == "yes") {
$_GET["OnlyUsers"] = 1;
}
$users = new user();
$query = $_POST["query"];
$nogetent = false;
$OnlyUsers = $_GET["OnlyUsers"];
$OnlyGroups = $_GET["OnlyGroups"];
$OnlyGUID = $_GET["OnlyGUID"];
$OnlyName = $_GET["OnlyName"];
$OnlyCheckAD = $_GET["OnlyCheckAD"];
$UseDN = $_GET["UseDN"];
$Zarafa = $_GET["Zarafa"];
if (!is_numeric($_POST["rp"])) {
$_POST["rp"] = 250;
}
$ObjectZarafa = false;
if (!is_numeric($OnlyGUID)) {
$OnlyGUID = 0;
}
if (!is_numeric($OnlyUsers)) {
$OnlyUsers = 0;
}
if (!is_numeric($OnlyName)) {
$OnlyName = 0;
}
if (!is_numeric($OnlyCheckAD)) {
$OnlyCheckAD = 0;
}
if ($Zarafa == 1) {
$nogetent = true;
$ObjectZarafa = true;
}
if ($GLOBALS["VERBOSE"]) {
echo __FUNCTION__ . ":" . __LINE__ . " OnlyUsers={$OnlyUsers},OnlyGroups={$OnlyGroups}<br>\n";
}
$OnlyUsers = 0;
$OnlyGroups = 1;
$ObjectZarafa = false;
$Zarafa = $_GET["Zarafa"];
if ($Zarafa == 1) {
$nogetent = true;
$ObjectZarafa = true;
}
$hash = array();
if (!isset($_GET["prepend"])) {
$_GET["prepend"] = 0;
} else {
if ($_GET["prepend"] == 'yes') {
$_GET["prepend"] = 1;
}
if ($_GET["prepend"] == 'no') {
$_GET["prepend"] = 0;
}
}
$WORKGROUP = null;
$sock = new sockets();
$ldap = new clladp();
if ($query == null) {
$query = "*";
}
if ($ldap->IsKerbAuth()) {
$adKerb = new external_ad_search();
if ($GLOBALS["VERBOSE"]) {
echo "<strong>searchGroup({$query},array(),{$_POST["rp"]})</strong><br>\n";
}
$hash = $adKerb->searchGroup($query, array(), $_POST["rp"]);
if ($adKerb->IsError) {
json_error_show($adKerb->error, 1);
}
} else {
if ($GLOBALS["VERBOSE"]) {
echo "<strong>IsKerbAuth = false</strong><br>\n";
}
if ($OnlyGroups == 1) {
if ($GLOBALS["VERBOSE"]) {
echo "<strong>find_ldap_items_groups({$query},...)</strong><br>\n";
}
$hash = $users->find_ldap_items_groups($query, $_GET["organization"], $nogetent, $ObjectZarafa, $_POST["rp"], $OnlyGUID, $OnlyUsers, $OnlyCheckAD);
} else {
if ($GLOBALS["VERBOSE"]) {
echo "<strong>find_ldap_items({$query},{$_GET["organization"]},{$nogetent},{$ObjectZarafa},{$_POST["rp"]},{$OnlyGUID},{$OnlyUsers},{$OnlyCheckAD})<br>\n";
}
$hash = $users->find_ldap_items($query, $_GET["organization"], $nogetent, $ObjectZarafa, $_POST["rp"], $OnlyGUID, $OnlyUsers, $OnlyCheckAD);
}
}
$query = $_POST["query"];
if ($query == null) {
$query = "*";
}
$data = array();
$data['page'] = 1;
$data['total'] = count($hash);
$data['rows'] = array();
$c = 0;
while (list($num, $ligne) = each($hash)) {
if ($GLOBALS["VERBOSE"]) {
echo "<code>»{$num}« = {$ligne}</code><br>\n";
}
if ($num == null) {
continue;
}
$gid = 0;
if (!preg_match("#^@(.+?):(.+?)\$#", $ligne, $re)) {
if ($GLOBALS["VERBOSE"]) {
echo "<code style='color:red'>»{$ligne}« ! = ^@(.+?):([0-9]+)</code><br>\n";
}
continue;
}
if ($OnlyUsers == 1) {
if ($GLOBALS["VERBOSE"]) {
echo "<code style='color:red'>OnlyUsers = 1 -> next</code><br>\n";
}
continue;
}
$img = "wingroup.png";
$Displayname = "{$re[1]}";
$prepend = "group:";
$gid = $re[2];
if ($OnlyName == 1) {
if (preg_match("#^@(.+)#", $num, $ri)) {
$num = $ri[1];
}
}
$js = "SambaBrowseSelect('{$num}','{$prepend}','{$gid}')";
if ($_GET["callback"] != null) {
$js = "{$_GET["callback"]}('{$num}','{$prepend}','{$gid}')";
}
$c++;
if ($c > $_POST["rp"]) {
if ($GLOBALS["VERBOSE"]) {
echo "<code style='color:red'>\$c ({$c}) > {$_POST["rp"]} break</code><br>\n";
}
break;
}
$data['rows'][] = array('id' => md5(serialize($ligne["displayname"])), 'cell' => array("<img src='img/{$img}'>", "<span style='font-size:14px;font-weight:bolder'>{$Displayname}</span> <span style='font-size:11px'>({$num})</span>", "<span style='font-size:14px'>" . imgsimple("arrow-right-24.png", "{add}", $js) . "</span>"));
}
$data['total'] = $c;
echo json_encode($data);
}
function main_admin_tabs()
{
if (!$GLOBALS["AS_ROOT"]) {
if (GET_CACHED(__FILE__, __FUNCTION__, __FUNCTION__)) {
return null;
}
}
$ldap = new clladp();
$users = new usersMenus();
$sys = new syslogs();
$artica = new artica_general();
$tpl = new templates();
$page = CurrentPageName();
$sock = new sockets();
if ($GLOBALS["VERBOSE"]) {
echo "<li>" . __FUNCTION__ . " line:" . __LINE__ . "</li>";
}
$OnlyWebstats = OnlyWebstats($users);
$page = CurrentPageName();
$array["t:frontend"] = "{status}";
$DisableMessaging = intval($sock->GET_INFO("DisableMessaging"));
if ($DisableMessaging == 1) {
$users->POSTFIX_INSTALLED = false;
}
$SquidPerformance = intval($sock->GET_INFO("SquidPerformance"));
$SQUIDEnable = trim($sock->GET_INFO("SQUIDEnable"));
if (!is_numeric($SQUIDEnable)) {
$SQUIDEnable = 1;
}
if ($SQUIDEnable == 0) {
$users->SQUID_INSTALLED = false;
}
// 2 = Not statistics,
if ($SquidPerformance < 3) {
if (!$ldap->IsKerbAuth()) {
$array["t:orgs"] = "{organizations}";
}
}
$StatsApplianceReceivers = intval($sock->GET_INFO("StatsApplianceReceivers"));
if ($StatsApplianceReceivers > 0) {
$array["t:STAS_APP"] = "{$StatsApplianceReceivers} Proxy(s)";
}
if ($users->SAMBA_APPLIANCE) {
$array["t:smbshares"] = '{shared_folders}';
}
if ($users->VPS_OPENVZ) {
$array["t:openvz"] = 'OpenVZ';
}
if ($artica->EnableMonitorix == 1) {
$array["t:monitorix"] = '{monitorix}';
}
if ($users->POSTFIX_INSTALLED) {
if ($users->AsPostfixAdministrator) {
$EnableArticaSMTPStatistics = $sock->GET_INFO("EnableArticaSMTPStatistics");
if (!is_numeric($EnableArticaSMTPStatistics)) {
$EnableArticaSMTPStatistics = 1;
}
$EnablePostfixMultiInstance = $sock->GET_INFO("EnablePostfixMultiInstance");
if (!is_numeric($EnablePostfixMultiInstance)) {
$EnablePostfixMultiInstance = 0;
}
if ($EnableArticaSMTPStatistics == 1) {
$array["t:realtime-smtp"] = "{realtime_monitor}";
$array["t:emails_received"] = "{emails_received}";
$array["t:connections"] = "{connections}";
if (_milter_greylist_enabled() == 1) {
$array["t:miltergreylist"] = "{greylisting}";
}
}
if ($EnablePostfixMultiInstance == 1) {
$array["t:multiple_instances"] = "{multiple_instances}";
}
}
}
if ($users->KASPERSKY_SMTP_APPLIANCE) {
$array["t:kaspersky"] = "Kaspersky";
} else {
if ($users->AsSystemAdministrator) {
$array["t:system"] = "{webinterface}";
}
}
if (count($array) < 8) {
if ($users->SQUID_INSTALLED) {
$array["t:starting-guide-squid"] = "{starting_guide}";
}
}
$build_artica_tabs_size = 0;
$count = count($array);
//if($count<7){$array["add-tab"]="{add} »";}
$t = time();
if (isset($_GET["tab-font-size"])) {
if ($_GET["tab-font-size"] == "14px") {
$_GET["tab-font-size"] = "12px";
}
$style = "style=font-size:{$_GET["tab-font-size"]}";
}
if (isset($_GET["tab-width"])) {
$width = $_GET["tab-width"];
}
if (isset($_GET["newfrontend"])) {
$newfrontend = "&newfrontend=yes";
}
if (count($array) > 0) {
$style = "style=font-size:22px";
}
if (count($array) > 4) {
$style = "style=font-size:18px";
}
if (count($array) > 6) {
$style = "style=font-size:16px";
}
if (count($array) > 7) {
$style = "style=font-size:11px";
}
//$style="style=font-size:18px";
while (list($num, $ligne) = each($array)) {
if (preg_match("#t:(.+)#", $num, $re)) {
$ligne = $tpl->javascript_parse_text($ligne);
if ($re[1] == "prxystatsimport") {
$html[] = "<li ><a href=\"squid.statistics.import.php\"><span {$style}>{$ligne}</span></a></li>\n";
continue;
}
if ($re[1] == "system") {
$html[] = "<li ><a href=\"artica.webconsole.php\"><span {$style}>{$ligne}</span></a></li>\n";
continue;
}
if ($re[1] == "smbshares") {
$html[] = "<li ><a href=\"samba.index.php?main=shared_folders\"><span {$style}>{$ligne}</span></a></li>\n";
continue;
}
if ($re[1] == "TOP-WEB") {
$html[] = "<li ><a href=\"admin.index.load.top-web.php\"><span {$style}>{$ligne}</span></a></li>\n";
continue;
}
if ($re[1] == "realtime-smtp") {
$html[] = "<li ><a href=\"postfix.realtime.monitor.php\"><span {$style}>{$ligne}</span></a></li>\n";
continue;
}
if ($re[1] == "STAS_APP") {
$html[] = "<li ><a href=\"stats-appliance.proxys.php\"><span {$style}>{$ligne}</span></a></li>\n";
continue;
}
if ($re[1] == "BANDWITH-STATS") {
$html[] = "<li ><a href=\"admin.index.load.bandwith.php\"><span {$style}>{$ligne}</span></a></li>\n";
continue;
}
if ($re[1] == "starting-guide-squid") {
$html[] = "<li ><a href=\"admin.index.startingguide.squid.php\"><span {$style}>{$ligne}</span></a></li>\n";
continue;
}
if ($re[1] == "connections") {
if ($users->AsPostfixAdministrator) {
$html[] = "<li ><a href=\"admin.postfix.connections.php\"><span {$style}>{$ligne}</span></a></li>\n";
continue;
}
}
if ($re[1] == "miltergreylist") {
if ($users->AsPostfixAdministrator) {
$html[] = "<li ><a href=\"admin.miltergreylist.connections.php\"><span {$style}>{$ligne}</span></a></li>\n";
continue;
}
}
if ($re[1] == "cnx") {
$html[] = "<li ><a href=\"admin.cnx.php?t=0{$newfrontend}\"><span {$style}>{$ligne}</span></a></li>\n";
continue;
}
if ($re[1] == "members") {
$html[] = "<li ><a href=\"freeradius.users.php?t=0{$newfrontend}\"><span {$style}>{$ligne}</span></a></li>\n";
continue;
}
if ($re[1] == "multiple_instances") {
$html[] = "<li ><a href=\"postfix.multiple.instances.infos.php?iniline=yes{$newfrontend}\"><span {$style}>{$ligne}</span></a></li>\n";
continue;
}
if ($re[1] == "remote-web-appliances") {
$html[] = "<li ><a href=\"squid.statsappliance.clients.php?listonly=yes\"><span {$style}>{$ligne}</span></a></li>\n";
continue;
}
if ($re[1] == "orgs") {
$html[] = "<li ><a href=\"domains.index.php?inside-tab=yes{$newfrontend}\"><span {$style}>{$ligne}</span></a></li>\n";
continue;
}
if ($re[1] == "openvz") {
$html[] = "<li ><a href=\"openvz.status.php\"><span {$style}>{$ligne}</span></a></li>\n";
continue;
}
$html[] = "<li><a href=\"admin.tabs.php?main={$re[1]}{$newfrontend}\"><span {$style}>{$ligne}</span></a></li>\n";
continue;
}
$html[] = $tpl->_ENGINE_parse_body("<li><a href=\"admin.tabs.php?tab={$num}{$newfrontend}\"><span {$style}>{$ligne}</span></a></li>\n");
}
$t = time();
return build_artica_tabs($html, "admin_perso_tabs-{$t}", $build_artica_tabs_size) . "\n\t\t<input type=hidden id='admin_perso_tabs-ID' value='admin_perso_tabs-{$t}'>\n\t\t<script>LeftDesign('dashboard-256-opac20.png');</script>";
}
function ImportTasks()
{
$sock = new sockets();
$ldap = new clladp();
$users = new usersMenus();
$EnableKerbAuth = 1;
if (!$ldap->IsKerbAuth()) {
$EnableKerbAuth = 0;
}
if (!is_numeric($EnableKerbAuth)) {
$EnableKerbAuth = 0;
}
if ($GLOBALS["VERBOSE"]) {
echo "EnableKerbAuth={$EnableKerbAuth}\n";
}
if ($EnableKerbAuth == 0) {
return;
}
$unix = new unix();
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = @file_get_contents($pidfile);
if ($unix->process_exists($pid, __FILE__)) {
ufdbguard_admin_events("Warning: Task Already running pid {$pid}", __FUNCTION__, __FILE__, __LINE__);
return;
}
if (!CheckTables()) {
ufdbguard_admin_events("Failed, Mysql is not ready", __FUNCTION__, __FILE__, __LINE__, "activedirectory");
return;
}
$q = new mysql();
$q->check_storage_table(true);
$unix = new unix();
$nohup = $unix->find_program("nohup");
$wbinfo = $unix->find_program("wbinfo");
$GLOBALS["xxxCOUNT"] = 0;
exec("{$wbinfo} -g 2>&1", $results);
while (list($num, $line) = each($results)) {
if (preg_match("#Error looking#", $line)) {
ufdbguard_admin_events("Failed to lookup users, aborting task", __FUNCTION__, __FILE__, __LINE__, "activedirectory");
return;
}
if (trim($line) == null) {
continue;
}
if ($GLOBALS["VERBOSE"]) {
echo "Checking group {$line}\n";
}
CheckGroup($line);
}
if ($users->SQUID_INSTALLED or $users->APP_UFDBGUARD_INSTALLED) {
ufdbguard_admin_events("Importing {$GLOBALS["xxxCOUNT"]} users done", __FUNCTION__, __FILE__, __LINE__, "activedirectory");
if ($GLOBALS["xxxCOUNT"] > 0) {
$php5 = $unix->LOCATE_PHP5_BIN();
shell_exec("{$nohup} {$php5} " . dirname(__FILE__) . "/exec.squidguard.php --build schedule-id={$GLOBALS["SCHEDULE_ID"]} >/dev/null 2>&1 &");
}
$AdSchBuildProxy = $sock->GET_INFO("AdSchBuildProxy");
$AdSchBuildUfdb = $sock->GET_INFO("AdSchBuildUfdb");
$AdSchRestartSquid = $sock->GET_INFO("AdSchRestartSquid");
if (!is_numeric($AdSchBuildProxy)) {
$AdSchBuildProxy = 0;
}
if (!is_numeric($AdSchBuildUfdb)) {
$AdSchBuildUfdb = 0;
}
if (!is_numeric($AdSchRestartSquid)) {
$AdSchRestartSquid = 0;
}
if ($AdSchBuildProxy == 1) {
shell_exec("{$php5} " . dirname(__FILE__) . "/exec.squid.build --build --force schedule-id={$GLOBALS["SCHEDULE_ID"]} >/dev/null 2>&1");
}
if ($AdSchBuildUfdb == 1) {
shell_exec("{$php5} " . dirname(__FILE__) . "/exec.squidguard.php --build --force schedule-id={$GLOBALS["SCHEDULE_ID"]} >/dev/null 2>&1");
}
if ($AdSchRestartSquid == 1) {
shell_exec("{$php5} " . dirname(__FILE__) . "/exec.squidguard.php --reload-squid schedule-id={$GLOBALS["SCHEDULE_ID"]} >/dev/null 2>&1");
}
}
shell_exec("{$nohup} {$php5} " . __FILE__ . " --computers schedule-id={$GLOBALS["SCHEDULE_ID"]} >/dev/null 2>&1 &");
}
function checklogon($Aspost = false)
{
include_once dirname(__FILE__) . "/ressources/class.user.inc";
include "ressources/settings.inc";
$username = $_POST["username"];
$_POST["password"] = url_decode_special_tool($_POST["password"]);
$password = trim($_POST["password"]);
$users = new usersMenus();
if ($users->WEBSTATS_APPLIANCE) {
$users->SQUID_INSTALLED = true;
}
//echo $username."\n$password\n";
if ($password == null) {
if ($Aspost) {
MainPage("Bad password");
return;
}
echo "Bad password";
return;
}
if (trim(strtolower($username)) == trim(strtolower($_GLOBAL["ldap_admin"]))) {
$passwordMD = md5(trim($_GLOBAL["ldap_password"]));
if ($password == $passwordMD) {
$_SESSION["uid"] = '-100';
$_SESSION["groupid"] = '-100';
$_SESSION["passwd"] = $_GLOBAL["ldap_password"];
$_SESSION["CORP"] = $users->CORP_LICENSE;
$_SESSION["privileges"]["ArticaGroupPrivileges"] = '
[AllowAddGroup]="yes"
[AllowAddUsers]="yes"
[AllowChangeKav]="yes"
[AllowChangeKas]="yes"
[AllowChangeUserPassword]="yes"
[AllowEditAliases]="yes"
[AllowEditAsWbl]="yes"
[AsSystemAdministrator]="yes"
[AsPostfixAdministrator]="yes"
[AsArticaAdministrator]="yes"';
$_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}";
$_SESSION["AsWebStatisticsAdministrator"] = true;
if ($Aspost) {
header("location:miniadm.index.php");
return;
}
return;
}
}
if ($users->SQUID_INSTALLED) {
$q = new mysql_squid_builder();
$passwordMD = md5($password);
$sql = "SELECT webfilters_sqitems.gpid AS maingpid\n\t\t\tFROM webfilters_sqacllinks, webfilters_sqgroups, webfilters_sqitems, webfilters_sqacls\n\t\t\tWHERE webfilters_sqacllinks.gpid = webfilters_sqgroups.ID\n\t\t\tAND webfilters_sqacllinks.aclid = webfilters_sqacls.ID\n\t\t\tAND webfilters_sqgroups.ID = webfilters_sqitems.gpid\n\t\t\tAND webfilters_sqacls.enabled =1\n\t\t\tAND webfilters_sqgroups.enabled =1\n\t\t\tAND webfilters_sqitems.enabled =1\n\t\t\tAND webfilters_sqgroups.GroupType = 'dynamic_acls'\n\t\t\tAND webfilters_sqitems.pattern = '{$username}:{$passwordMD}'";
$results = $q->QUERY_SQL($sql);
if (!$q->mysql_error) {
echo $q->mysql_error;
}
$CountDerules = mysql_num_rows($results);
writelogs("{$username}::webfilters_sqitems:: {$CountDerules} rules", __FUNCTION__, __FILE__, __LINE__);
if ($CountDerules > 0) {
writelogs("{$username}::webfilters_sqitems:: Building rules....", __FUNCTION__, __FILE__, __LINE__);
while ($ligne = mysql_fetch_assoc($results)) {
$_SESSION["SQUID_DYNAMIC_ACLS_VIRTUALS"][$ligne["maingpid"]] = true;
}
$_SESSION["InterfaceType"] = "{ARTICA_MINIADM}";
$_SESSION["VirtAclUser"] = true;
$_SESSION["ou"] = "Proxy Service";
$_SESSION["CORP"] = $users->CORP_LICENSE;
setcookie("mem-logon-user", $_POST["username-logon"], time() + 172800);
$_SESSION["privileges_array"] = $privs->privs;
$_SESSION["uid"] = $username;
$_SESSION["privileges"]["ArticaGroupPrivileges"] = array();
BuildSession($username);
if ($Aspost) {
header("location:miniadm.index.php");
return;
}
return;
}
}
writelogs("{$username}:: Continue, processing....", __FUNCTION__, __FILE__, __LINE__);
$ldap = new clladp();
$IsKerbAuth = $ldap->IsKerbAuth();
writelogs("{$username}:: Is AD -> {$IsKerbAuth}", __FUNCTION__, __FILE__, __LINE__);
if ($ldap->IsKerbAuth()) {
$external_ad_search = new external_ad_search();
if ($external_ad_search->CheckUserAuth($username, $password)) {
$users = new usersMenus();
$privs = new privileges($_POST["username-logon"]);
$privileges_array = $privs->privs;
$_SESSION["InterfaceType"] = "{ARTICA_MINIADM}";
$_SESSION["VirtAclUser"] = false;
setcookie("mem-logon-user", $_POST["username-logon"], time() + 172800);
$_SESSION["privileges_array"] = $privs->privs;
$_SESSION["uid"] = $_POST["username-logon"];
$_SESSION["passwd"] = $_POST["username-logon"];
$_SESSION["privileges"]["ArticaGroupPrivileges"] = $privs->content;
BuildSession($username);
if ($Aspost) {
header("location:miniadm.index.php");
return;
}
return;
}
writelogs("{$username}:: Checks Active Directory failed, continue processing...", __FUNCTION__, __FILE__, __LINE__);
}
writelogs("{$username}:: Continue, processing....", __FUNCTION__, __FILE__, __LINE__);
$q = new mysql();
$sql = "SELECT `username`,`value`,id FROM radcheck WHERE `username`='{$username}' AND `attribute`='Cleartext-Password' LIMIT 0,1";
writelogs("{$username}:: Is a RADIUS users \"{$sql}\"", __FUNCTION__, __FILE__, __LINE__);
$ligne = mysql_fetch_array($q->QUERY_SQL($sql, "artica_backup"));
if (!is_numeric($ligne["id"])) {
$ligne["id"] = 0;
}
if (!$q->ok) {
writelogs("{$username}:: {$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__);
}
writelogs("{$username}:: {$password} <> " . md5($ligne["value"]), __FUNCTION__, __FILE__, __LINE__);
if ($ligne["id"] > 0) {
$checkRadiusPass = false;
if (md5($ligne["value"]) == $password) {
writelogs("{$username}:: RADIUS Password true for no MD5", __FUNCTION__, __FILE__, __LINE__);
$checkRadiusPass = true;
}
if (md5($ligne["value"]) == $passwordMD) {
writelogs("{$username}:: RADIUS Password true for yes MD5", __FUNCTION__, __FILE__, __LINE__);
$checkRadiusPass = true;
}
if ($checkRadiusPass) {
writelogs("{$username}:: Authenticated as a RADIUS users id={$ligne["id"]}", __FUNCTION__, __FILE__, __LINE__);
$privs = new privileges($_POST["username-logon"], null, $ligne["id"]);
$privileges_array = $privs->privs;
$_SESSION["CORP"] = $users->CORP_LICENSE;
$_SESSION["InterfaceType"] = "{ARTICA_MINIADM}";
setcookie("mem-logon-user", $username, time() + 172800);
$_SESSION["privileges_array"] = $privs->privs;
while (list($key, $val) = each($_SESSION["privileges_array"])) {
if (!isset($_SESSION[$key])) {
$_SESSION[$key] = $val;
}
}
reset($_SESSION["privileges_array"]);
$_SESSION["uid"] = $username;
$_SESSION["RADIUS_ID"] = $ligne["id"];
BuildSession($username);
if ($Aspost) {
header("location:miniadm.index.php");
return;
}
return;
}
}
writelogs("{$username}::Finally Is LOCAL LDAP ? -> {$IsKerbAuth}", __FUNCTION__, __FILE__, __LINE__);
$u = new user($username);
$tpl = new templates();
$userPassword = $u->password;
if (trim($u->uidNumber) == null) {
writelogs('Unable to get user infos abort', __FUNCTION__, __FILE__);
if ($Aspost) {
MainPage("Unknown user (" . __LINE__ . ")");
return;
}
echo "Unknown user (" . __LINE__ . ")";
die;
}
writelogs("{$username}:: Password match ? Aspost = {$Aspost}", __FUNCTION__, __FILE__, __LINE__);
if ($Aspost) {
if (trim($password) != trim($userPassword)) {
writelogs("{$username}:: Password match NO Aspost = {$Aspost}", __FUNCTION__, __FILE__, __LINE__);
MainPage("Bad password (" . __LINE__ . ")");
return;
}
}
if (!$Aspost) {
if (trim($password) != md5(trim($userPassword))) {
writelogs("{$username}:: Password match NO Aspost = {$Aspost}", __FUNCTION__, __FILE__, __LINE__);
writelogs("[{$_POST["username"]}]: The password typed is not the same in ldap database...", __FUNCTION__, __FILE__);
artica_mysql_events("Failed to logon on the management console as user `{$username}` from {$_SERVER["REMOTE_HOST"]} (bad password)", @implode("\n", $notice), "security", "security");
if ($Aspost) {
MainPage("Bad password (" . __LINE__ . ")");
return;
}
echo "Error: (" . __LINE__ . ") bad password";
return null;
}
}
writelogs("{$username}:: Password match YES Aspost = {$Aspost}", __FUNCTION__, __FILE__, __LINE__);
$ldap = new clladp();
$users = new usersMenus();
$_SESSION["CORP"] = $users->CORP_LICENSE;
$privs = new privileges($u->uid);
$privs->SearchPrivileges();
$privileges_array = $privs->privs;
$_SESSION["VirtAclUser"] = false;
$_SESSION["privileges_array"] = $privs->privs;
$_SESSION["privs"] = $privileges_array;
if (isset($privileges_array["ForceLanguageUsers"])) {
$_SESSION["OU_LANG"] = $privileges_array["ForceLanguageUsers"];
}
$_SESSION["uid"] = $username;
$_SESSION["privileges"]["ArticaGroupPrivileges"] = $privs->content;
$_SESSION["groupid"] = $ldap->UserGetGroups($_POST["username"], 1);
$_SESSION["DotClearUserEnabled"] = $u->DotClearUserEnabled;
$_SESSION["MailboxActive"] = $u->MailboxActive;
$_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}";
$_SESSION["ou"] = $u->ou;
$_SESSION["UsersInterfaceDatas"] = trim($u->UsersInterfaceDatas);
include_once dirname(__FILE__) . "/ressources/class.translate.rights.inc";
$cr = new TranslateRights(null, null);
$r = $cr->GetPrivsArray();
while (list($key, $val) = each($r)) {
if ($users->{$key}) {
$_SESSION[$key] = $users->{$key};
}
}
if (is_array($_SESSION["privs"])) {
$r = $_SESSION["privs"];
while (list($key, $val) = each($r)) {
$t[$key] = $val;
$_SESSION[$key] = $val;
}
}
if (!isset($_SESSION["OU_LANG"])) {
$_SESSION["OU_LANG"] = null;
}
if (!isset($_SESSION["ASDCHPAdmin"])) {
$_SESSION["ASDCHPAdmin"] = false;
}
if (trim($_SESSION["OU_LANG"]) != null) {
$_SESSION["detected_lang"] = $_SESSION["OU_LANG"];
} else {
include_once dirname(__FILE__) . "/ressources/class.langages.inc";
$lang = new articaLang();
$_SESSION["detected_lang"] = $lang->get_languages();
}
if (isset($GLOBALS["FixedLanguage"])) {
$sock = new sockets();
$GLOBALS["FixedLanguage"] = $sock->GET_INFO("FixedLanguage");
}
if (trim($GLOBALS["FixedLanguage"]) != null) {
$_SESSION["detected_lang"] = $GLOBALS["FixedLanguage"];
}
if ($Aspost) {
header("location:miniadm.index.php");
return;
}
}
function status_users()
{
$ldap = new clladp();
$sock = new sockets();
if ($ldap->IsKerbAuth()) {
include_once dirname(__FILE__) . "/ressources/class.external.ad.inc";
$ad = new external_ad_search();
$users = $ad->NumUsers();
return "<tr>\n\t<td width=1%><span id='AdSquidStatusLeft35'><img src='img/member-24.png'></span></td>\n\t<td class=legend nowrap style='font-size:12px'>{members}:</td>\n\t<td><div style='font-size:12px' nowrap>\n\t<a href=\"javascript:blur();\"\n\tOnClick=\"javascript:Loadjs('squid.adker.php',true);\"\n\tstyle='font-size:12px;font-weight:bold;text-decoration:underline'>{$users}</a></td>\n\t</tr>";
}
$EnableMacAddressFilter = $sock->GET_INFO("EnableMacAddressFilter");
if (!is_numeric($EnableMacAddressFilter)) {
$EnableMacAddressFilter = 1;
}
$q = new mysql_squid_builder();
if ($EnableMacAddressFilter == 1) {
$sql = "SELECT MAC FROM UserAutDB GROUP BY MAC";
$results = $q->QUERY_SQL($sql);
$users = mysql_num_rows($results);
$js = "Loadjs('squid.UserAutDB.php?filterby=MAC',true);";
} else {
$sql = "SELECT ipaddr FROM UserAutDB GROUP BY ipaddr";
$results = $q->QUERY_SQL($sql);
$users = mysql_num_rows($results);
$js = "Loadjs('squid.UserAutDB.php?filterby=ipaddr',true);";
}
return "<tr>\n\t<td width=1%><span id='AdSquidStatusLeft35'><img src='img/member-24.png'></span></td>\n\t<td class=legend nowrap style='font-size:12px'>{members}:</td>\n\t<td><div style='font-size:12px' nowrap>\n\t<a href=\"javascript:blur();\"\n\tOnClick=\"javascript:{$js}\"\n\tstyle='font-size:12px;font-weight:bold;text-decoration:underline'>{$users}</a></td>\n\t</tr>";
}
function users_search()
{
$tpl = new templates();
$MyPage = CurrentPageName();
$ldap = new clladp();
if ($ldap->IsKerbAuth()) {
users_search_directory();
return;
}
$page = 1;
$t = $_GET["t"];
$sock = new sockets();
$EnableManageUsersTroughActiveDirectory = $sock->GET_INFO("EnableManageUsersTroughActiveDirectory");
if (!is_numeric($EnableManageUsersTroughActiveDirectory)) {
$EnableManageUsersTroughActiveDirectory = 0;
}
if (is_base64_encoded($_GET["ou"])) {
$ou_encoded = $_GET["ou"];
$ou = base64_decode($_GET["ou"]);
} else {
$ou = $_GET["ou"];
$ou_encoded = base64_encode($_GET["ou"]);
}
if ($_SESSION["uid"] != -100) {
$ou = $_SESSION["ou"];
}
if ($_POST["query"] != null) {
$tofind = $_POST["query"];
}
if ($tofind == null) {
$tofind = '*';
} else {
$tofind = "*{$tofind}*";
}
$filter = "(&(objectClass=userAccount)(|(cn={$tofind})(mail={$tofind})(displayName={$tofind})(uid={$tofind}) (givenname={$tofind})))";
$attrs = array("displayName", "uid", "mail", "givenname", "telephoneNumber", "title", "sn", "mozillaSecondEmail", "employeeNumber", "sAMAccountName");
if (!$ldap->IsOUUnderActiveDirectory($ou)) {
if ($EnableManageUsersTroughActiveDirectory == 1) {
$cc = new ldapAD();
$hash = $cc->find_users($ou, $tofind);
} else {
$ldap = new clladp();
$dn = "ou={$ou},dc=organizations,{$ldap->suffix}";
$hash = $ldap->Ldap_search($dn, $filter, $attrs, 150);
}
} else {
$EnableManageUsersTroughActiveDirectory = 1;
include_once dirname(__FILE__) . "/ressources/class.external.ad.inc";
$ad = new external_ad_search();
$hash = $ad->find_users($ou, $tofind);
}
$boot = new boostrap_form();
$users = new user();
$number = $hash["count"];
if (!is_numeric($number)) {
$number = 0;
}
$data = array();
$data['page'] = 1;
$data['total'] = $number;
$data['rows'] = array();
$styleTD = " style='font-size:16px'";
for ($i = 0; $i < $number; $i++) {
$userARR = $hash[$i];
$uid = $userARR["uid"][0];
if ($EnableManageUsersTroughActiveDirectory == 1) {
$uid = $userARR["samaccountname"][0];
}
if ($uid == "squidinternalauth") {
continue;
}
$js = MEMBER_JS($uid, 1, 1);
if ($userARR["sn"][0] == null && $userARR["givenname"][0] == null) {
$userARR["sn"][0] = $uid;
}
$sn = texttooltip($userARR["sn"][0], "{display}:{$uid}", $js, null, 0, "font-size:13px");
$givenname = texttooltip($userARR["givenname"][0], "{display}:{$uid}", $js, null, 0, "font-size:13px");
$title = texttooltip($userARR["title"][0], "{display}:{$uid}", $js, null, 0, "font-size:13px");
$mail = texttooltip($userARR["mail"][0], "{display}:{$uid}", $js, null, 0, "font-size:13px");
$telephonenumber = texttooltip($userARR["telephonenumber"][0], "{display}:{$uid}", $js, null, 0, "font-size:13px");
if ($userARR["telephonenumber"][0] == null) {
$userARR["telephonenumber"][0] = " ";
}
if ($userARR["mail"][0] == null) {
$userARR["mail"][0] = " ";
}
$dele = imgsimple("delete-24.png", null, "Loadjs('domains.delete.user.php?uid={$uid}&flexRT={$t}');");
$link = $boot->trswitch($js);
$tr[] = "\n\t\t<tr id='{$id}'>\n\t\t<td {$styleTD} width=99% nowrap {$link}><i class='icon-user'></i> {$userARR["sn"][0]} {$userARR["givenname"][0]}<div><i>{$userARR["title"][0]}</i></td>\n\t\t<td {$styleTD} width=99% nowrap {$link}>{$userARR["telephonenumber"][0]}</td>\n\t\t<td {$styleTD} width=99% nowrap {$link}>{$userARR["mail"][0]}</td>\n\t\t<td width=35px align='center' nowrap>{$dele}</td>\n\t\t</tr>";
}
echo $tpl->_ENGINE_parse_body("\n\t\n\t\t<table class='table table-bordered table-hover'>\n\t\n\t\t\t<thead>\n\t\t\t\t<tr>\n\t\t\t\t\t<th>{member}</th>\n\t\t\t\t\t<th>{phone}</th>\n\t\t\t\t\t<th>{email}</th>\n\t\t\t\t\t<th> </th>\n\t\t\t\t</tr>\n\t\t\t</thead>\n\t\t\t <tbody>\n\t\t\t") . @implode("\n", $tr) . " </tbody>\n\t\t\t\t</table>";
}
function logon()
{
include "ressources/settings.inc";
include_once 'ressources/class.sockets.inc';
include_once 'ressources/class.ldap.inc';
include_once 'ressources/class.user.inc';
include_once 'ressources/class.langages.inc';
$sock = new sockets();
$tpl = new templates();
$_POST["artica_password"] = url_decode_special($_POST["artica_password"]);
writelogs("Testing logon....{$_POST["artica_username"]}", __FUNCTION__, __FILE__, __LINE__);
//writelogs("Testing logon.... password:{$_POST["artica_password"]}",__FUNCTION__,__FILE__,__LINE__);
$_COOKIE["artica-language"] = $_POST["lang"];
$FileCookyKey = md5($_SERVER["REMOTE_ADDR"] . $_SERVER["HTTP_USER_AGENT"]);
$sock->SET_INFO($FileCookyKey, $_POST["Changelang"]);
if (!isset($GLOBALS["FixedLanguage"])) {
$GLOBALS["FixedLanguage"] = $sock->GET_INFO("FixedLanguage");
}
$VIA_API = false;
if (isset($_POST["VIA_API"])) {
$VIA_API = true;
}
if ($_SESSION["uid"] != null) {
if (!$VIA_API) {
echo "location:admin.index.php";
return;
}
}
$socks = new sockets();
while (list($index, $value) = each($_SERVER)) {
$notice[] = "{$index}:{$value}";
}
if ($_GLOBAL["ldap_admin"] == null) {
$sock->getFrameWork("services.php?process1-tenir=yes?MyCURLTIMEOUT=120");
include "ressources/settings.inc";
}
if ($_GLOBAL["ldap_admin"] == null) {
if ($VIA_API) {
echo "FALSE";
return;
}
$tpl = new templates();
echo $tpl->javascript_parse_text("{ldap_username_corrupt_text}");
return null;
}
$md5submitted = $_POST["artica_password"];
if ($VIA_API) {
$md5submitted = md5($_POST["artica_password"]);
}
$md5Manager = md5(trim($_GLOBAL["ldap_password"]));
if (trim($GLOBALS["FixedLanguage"]) != null) {
$_POST["lang"] = $GLOBALS["FixedLanguage"];
}
$trimed_artica_username = trim(strtolower($_POST["artica_username"]));
$trimed_ldap_admin = trim(strtolower($_GLOBAL["ldap_admin"]));
writelogs("Manager -> {$trimed_artica_username} ?=== {$trimed_ldap_admin}", _FUNCTION__, __FILE__, __LINE__);
if ($trimed_artica_username == $trimed_ldap_admin) {
writelogs("Manager: `YES`", __FUNCTION__, __FILE__, __LINE__);
if ($md5Manager != $md5submitted) {
$tpl = new templates();
//writelogs("Testing logon.... password:{$_POST["artica_password"]}!==\"{$_GLOBAL["ldap_password"]}\"",__FUNCTION__,__FILE__,__LINE__);
artica_mysql_events("Failed to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]}", @implode("\n", $notice), "security", "security");
if ($VIA_API) {
echo "FALSE";
return;
}
echo $tpl->javascript_parse_text("{wrong_password_or_username}");
return null;
} else {
$users = new usersMenus();
artica_mysql_events("Success to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]} as SuperAdmin", @implode("\n", $notice), "security", "security");
//session_start();
$_SESSION["uid"] = '-100';
$_SESSION["groupid"] = '-100';
$_SESSION["passwd"] = $_GLOBAL["ldap_password"];
$_SESSION["MINIADM"] = false;
setcookie("MINIADM", "No", time() + 1000);
$_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}";
setcookie("artica-language", $_POST["lang"], time() + 172800);
$_SESSION["detected_lang"] = $_POST["lang"];
$_SESSION["CORP"] = $users->CORP_LICENSE;
$_SESSION["privileges"]["ArticaGroupPrivileges"] = '
[AllowAddGroup]="yes"
[AllowAddUsers]="yes"
[AllowChangeKav]="yes"
[AllowChangeKas]="yes"
[AllowChangeUserPassword]="yes"
[AllowEditAliases]="yes"
[AllowEditAsWbl]="yes"
[AsSystemAdministrator]="yes"
[AsPostfixAdministrator]="yes"
[AsArticaAdministrator]="yes"
[AsArticaMetaAdmin]="yes"
';
if ($VIA_API) {
writelogs("VIA API = TRUE -> BUILD SESSION", _FUNCTION__, __FILE__, __LINE__);
BuildSession($_SESSION["uid"]);
echo "TRUE";
return;
}
$tpl = new templates();
$sock->getFrameWork("squid.php?clean-catz-cache=yes");
writelogs("OK it is a global admin -> location:admin.index.php", _FUNCTION__, __FILE__, __LINE__);
echo "location:admin.index.php";
exit;
}
}
$ldap = new clladp();
if ($ldap->IsKerbAuth()) {
$userPassword = $_POST["artica_password"];
if (isset($_POST["artica_password_crypted"])) {
$userPassword = $_POST["artica_password_crypted"];
include_once dirname(__FILE__) . "/ressources/class.cryptform.inc";
$userPassword = logon_decrypt($userPassword);
}
writelogs("*** TEST Active Directory user {$_POST["artica_username"]} ****", __FUNCTION__, __FILE__, __LINE__);
$external_ad_search = new external_ad_search();
if ($external_ad_search->CheckUserAuth($_POST["artica_username"], $userPassword)) {
writelogs("*** TEST Active Directory user {$_POST["artica_username"]} success ****", __FUNCTION__, __FILE__, __LINE__);
$_SESSION["MINIADM"] = false;
setcookie("MINIADM", "No", time() + 1000);
$_SESSION["InterfaceType"] = "{APP_ARTICA_ADM}";
setcookie("artica-language", $_POST["lang"], time() + 172800);
$_SESSION["detected_lang"] = $_POST["lang"];
$_SESSION["CORP"] = $users->CORP_LICENSE;
$users = new usersMenus();
$privs = new privileges($_POST["artica_username"]);
$privileges_array = $privs->privs;
DumpPrivileges($_POST["artica_username"], $privileges_array);
$users->_TranslateRights($privileges_array, true);
setcookie("mem-logon-user", $_POST["artica_username"], time() + 172800);
$_SESSION["privileges_array"] = $privs->privs;
$_SESSION["uid"] = $_POST["artica_username"];
BuildSession($_POST["artica_username"]);
$sock->getFrameWork("squid.php?clean-catz-cache=yes");
$_SESSION["MINIADM"] = false;
setcookie("MINIADM", "No", time() + 1000);
if ($VIA_API) {
BuildSession($_SESSION["uid"]);
echo "TRUE";
return;
}
echo "location:admin.index.php";
return;
} else {
if (is_array($GLOBALS["CLASS_ACTV"])) {
while (list($key, $line) = each($GLOBALS["CLASS_ACTV"])) {
writelogs("*** Active Directory {$line}", __FUNCTION__, __FILE__, __LINE__);
}
}
}
}
if (Radius_admins($_POST["artica_username"], $md5submitted)) {
writelogs('*** TEST RADIUS USER ****', __FUNCTION__, __FILE__, __LINE__);
$tpl = new templates();
$sock->getFrameWork("squid.php?clean-catz-cache=yes");
writelogs("OK it is a global admin -> location:admin.index.php", _FUNCTION__, __FILE__, __LINE__);
if ($VIA_API) {
BuildSession($_SESSION["uid"]);
echo "TRUE";
return;
}
echo "location:admin.index.php";
exit;
}
writelogs('This is not Global admin, so test user...', __FUNCTION__, __FILE__, __LINE__);
$u = new user($_POST["artica_username"]);
$userPassword = $u->password;
if (trim($u->uidNumber) == null) {
if ($VIA_API) {
echo "FALSE";
return;
}
writelogs('Unable to get user infos abort', __FUNCTION__, __FILE__);
echo $tpl->javascript_parse_text("{wrong_password_or_username}");
return null;
}
$tpl = new templates();
if (trim($_POST["artica_password"]) == md5(trim($userPassword))) {
BuildSession($u->uid);
$ldap = new clladp();
$users = new usersMenus();
$privs = new privileges($u->uid);
$privileges_array = $privs->privs;
if (trim($FixedLanguage) != null) {
$_SESSION["detected_lang"] = $FixedLanguage;
}
$users->_TranslateRights($privileges_array, true);
if (!$users->IfIsAnuser(true)) {
if ($VIA_API) {
echo "TRUE";
return;
}
artica_mysql_events("Success to logon on the Artica Web console from {$_SERVER["REMOTE_HOST"]} as User", @implode("\n", $notice), "security", "security");
writelogs("[{$_POST["artica_username"]}]: This is not an user =>admin.index.php", __FUNCTION__, __FILE__);
$sock->getFrameWork("squid.php?clean-catz-cache=yes");
$_SESSION["MINIADM"] = false;
setcookie("MINIADM", "No", time() + 1000);
if ($VIA_API) {
BuildSession($_SESSION["uid"]);
echo "TRUE";
return;
}
echo "location:admin.index.php";
return null;
}
if ($VIA_API) {
BuildSession($_SESSION["uid"]);
echo "TRUE";
return;
}
writelogs("[{$_POST["artica_username"]}]: IS AN USER =>../user-backup/logon.php", __FUNCTION__, __FILE__);
$array["USERNAME"] = $_POST["artica_username"];
$array["PASSWORD"] = md5($_POST["artica_username"]);
$credentials = base64_encode(serialize($array));
artica_mysql_events("Success to redirect on the end-user management console from {$_SERVER["REMOTE_HOST"]} as User", @implode("\n", $notice), "security", "security");
echo "location:../miniadm.logon.php?credentials={$credentials}";
return null;
exit;
} else {
if ($VIA_API) {
echo "FALSE";
return;
}
writelogs("[{$_POST["artica_username"]}]: The password typed is not the same in ldap database...", __FUNCTION__, __FILE__);
artica_mysql_events("Failed to logon on the management console as user from {$_SERVER["REMOTE_HOST"]} (bad password)", @implode("\n", $notice), "security", "security");
echo $tpl->javascript_parse_text("{wrong_password_or_username}");
return null;
}
}
function users_list()
{
$tpl = new templates();
$MyPage = CurrentPageName();
$ldap = new clladp();
if ($ldap->IsKerbAuth()) {
users_list_active_directory();
return;
}
$database = "artica_backup";
$search = '%';
$table = "squid_ssl";
$page = 1;
$FORCE_FILTER = "AND `type`='ssl-bump-wl'";
$t = $_GET["t"];
$sock = new sockets();
$EnableManageUsersTroughActiveDirectory = $sock->GET_INFO("EnableManageUsersTroughActiveDirectory");
if (!is_numeric($EnableManageUsersTroughActiveDirectory)) {
$EnableManageUsersTroughActiveDirectory = 0;
}
if (is_base64_encoded($_GET["ou"])) {
$ou_encoded = $_GET["ou"];
$ou = base64_decode($_GET["ou"]);
} else {
$ou = $_GET["ou"];
$ou_encoded = base64_encode($_GET["ou"]);
}
if ($_SESSION["uid"] != -100) {
$ou = $_SESSION["ou"];
}
if ($_POST["query"] != null) {
$tofind = $_POST["query"];
}
if ($tofind == null) {
$tofind = '*';
} else {
$tofind = "*{$tofind}*";
}
$filter = "(&(objectClass=userAccount)(|(cn={$tofind})(mail={$tofind})(displayName={$tofind})(uid={$tofind}) (givenname={$tofind})))";
$attrs = array("displayName", "uid", "mail", "givenname", "telephoneNumber", "title", "sn", "mozillaSecondEmail", "employeeNumber", "sAMAccountName");
if (!$ldap->IsOUUnderActiveDirectory($ou)) {
if ($EnableManageUsersTroughActiveDirectory == 1) {
$cc = new ldapAD();
$hash = $cc->find_users($ou, $tofind);
} else {
$ldap = new clladp();
$dn = "ou={$ou},dc=organizations,{$ldap->suffix}";
$hash = $ldap->Ldap_search($dn, $filter, $attrs, 150);
}
} else {
$EnableManageUsersTroughActiveDirectory = 1;
include_once dirname(__FILE__) . "/ressources/class.external.ad.inc";
$ad = new external_ad_search();
$hash = $ad->find_users($ou, $tofind);
}
$users = new user();
$number = $hash["count"];
if (!is_numeric($number)) {
$number = 0;
}
$data = array();
$data['page'] = 1;
$data['total'] = $number;
$data['rows'] = array();
for ($i = 0; $i < $number; $i++) {
$userARR = $hash[$i];
$uid = $userARR["uid"][0];
if ($EnableManageUsersTroughActiveDirectory == 1) {
$uid = $userARR["samaccountname"][0];
}
if ($uid == "squidinternalauth") {
continue;
}
$js = MEMBER_JS($uid, 1, 1);
if ($userARR["sn"][0] == null && $userARR["givenname"][0] == null) {
$userARR["sn"][0] = $uid;
}
$sn = texttooltip($userARR["sn"][0], "{display}:{$uid}", $js, null, 0, "font-size:13px");
$givenname = texttooltip($userARR["givenname"][0], "{display}:{$uid}", $js, null, 0, "font-size:13px");
$title = texttooltip($userARR["title"][0], "{display}:{$uid}", $js, null, 0, "font-size:13px");
$mail = texttooltip($userARR["mail"][0], "{display}:{$uid}", $js, null, 0, "font-size:13px");
$telephonenumber = texttooltip($userARR["telephonenumber"][0], "{display}:{$uid}", $js, null, 0, "font-size:13px");
if ($userARR["telephonenumber"][0] == null) {
$userARR["telephonenumber"][0] = " ";
}
if ($userARR["mail"][0] == null) {
$userARR["mail"][0] = " ";
}
$img = imgsimple("contact-24.png", null, $js);
$href = "<a href=\"javascript:blur();\" OnClick=\"javascript:{$js}\" style='text-decoration:underline'>";
$dele = imgsimple("delete-24.png", null, "Loadjs('domains.delete.user.php?uid={$uid}&flexRT={$t}');");
$data['rows'][] = array('id' => $uid, 'cell' => array($img, "<span style='font-size:14px;color:{$color}'>{$href}{$userARR["sn"][0]} {$userARR["givenname"][0]}</a><div><i>{$userARR["title"][0]}</i></span>", "<span style='font-size:14px;color:{$color}'>{$userARR["telephonenumber"][0]}</span>", "<span style='font-size:14px;color:{$color}'>{$href}{$userARR["mail"][0]}</a></span>", $dele));
}
echo json_encode($data);
}
function step4()
{
$t = $_GET["t"];
$page = CurrentPageName();
$tpl = new templates();
$ldap = new clladp();
$ARRAY1["ALL"] = "{AllSystems}";
$ARRAY1["IPADDR"] = "{ipaddr}";
if ($ldap->IsKerbAuth()) {
$ARRAY1["AD"] = "{ActiveDirectory}";
}
$ARRAY[0] = "{block_unproductive_websites}";
$ARRAY[1] = "{block_sexual_websites}";
$ARRAY[2] = "{block_susp_websites}";
$ARRAY[3] = "{block_multi_websites}";
$sock = new sockets();
$WizardUFDB = unserialize(base64_decode($sock->GET_INFO("WizardUFDB")));
if (!is_numeric($WizardUFDB["CATZ"])) {
$WizardUFDB["CATZ"] = 0;
}
if ($WizardUFDB["SOURCE_TYPE"] == "ALL") {
$WizardUFDB["TYPE_VALUE"] = null;
}
if ($WizardUFDB["SOURCE_TYPE"] == "AD") {
$dndata = $WizardUFDB["TYPE_VALUE"];
if (preg_match("#AD:(.*?):(.+)#", $WizardUFDB["TYPE_VALUE"], $re)) {
$dnEnc = $re[2];
$LDAPID = $re[1];
}
$GPS["localldap"] = 2;
$GPS["gpid"] = 0;
$GPS["dn"] = $dndata;
$ACtiveDir = new ActiveDirectory($LDAPID);
$array = $ACtiveDir->ObjectProperty(base64_decode($dnEnc));
$WizardUFDB["TYPE_VALUE"] = $array["cn"];
}
$html = "\n<div style='font-size:30px;margin-bottom:20px'>{build_the_rule}</div>\n<div class=explain style='font-size:20px'>{wizard_rule_ufdb_4}</div>\n<div style='width:98%' class=form>\n<table style='width:100%'>\n<tr>\n\t<td class=legend style='font-size:26px'>{$ARRAY1[$WizardUFDB["SOURCE_TYPE"]]}:</td>\n\t<td> </td>\n\t<td style='font-size:26px'>{$WizardUFDB["TYPE_VALUE"]}</td>\n</tr>\n<tr>\n\t<td class=legend style='font-size:26px'>{categories}:</td>\n\t<td> </td>\n\t<td style='font-size:26px'>{$ARRAY[$WizardUFDB["CATZ"]]}</td>\n</tr>\n<tr>\n\t<td colspan=3 style='padding-top:15px;padding-left:10px;'><hr></td>\n</tr>\n<tr>\n\t<td align='left'>" . button("{back}", "LoadAjax('main-{$t}','{$page}?step3=yes&t={$_GET["t"]}',false);", "28px") . "</td>\n\t<td> </td>\n\t<td align='right'>" . button("{build_the_rule}", "Save{$t}()", "28px") . "</td>\n</tr>\n</table>\n</div>\n<script>\nvar xSave{$t}= function (obj) {\n\tvar results=obj.responseText;\n\tUnlockPage();\n\tLoadAjax('main-{$_GET["t"]}','{$page}?step5=yes&t={$_GET["t"]}');\n}\n\t\nfunction Save{$t}(){\n\tvar XHR = new XHRConnection();\n\tXHR.appendData('ACCEPT','yes');\n\tXHR.sendAndLoad('{$page}', 'POST',xSave{$t});\n}\n</script>";
echo $tpl->_ENGINE_parse_body($html);
}
function ORGANISATIONS_LIST()
{
$tpl = new templates();
$ldap = new clladp();
if ($ldap->IsKerbAuth()) {
return ORGANISATIONS_LIST_ACTIVE_DIRECTORY();
}
include_once dirname(__FILE__) . "/ressources/class.external.ad.inc";
$Mypage = CurrentPageName();
$users = new usersMenus();
$sock = new sockets();
$ou_nozarafa_explain = $tpl->_ENGINE_parse_body("{ou_nozarafa_explain}");
$t = $_GET["t"];
$EnableManageUsersTroughActiveDirectory = $sock->GET_INFO("EnableManageUsersTroughActiveDirectory");
if (!is_numeric($EnableManageUsersTroughActiveDirectory)) {
$EnableManageUsersTroughActiveDirectory = 0;
}
$AllowInternetUsersCreateOrg = $sock->GET_INFO("AllowInternetUsersCreateOrg");
if ($EnableManageUsersTroughActiveDirectory == 1) {
$ldap = new ldapAD();
$hash = $ldap->hash_get_ou(true);
} else {
$ldap = new clladp();
$hash = $ldap->hash_get_ou(true);
}
if (!is_array($hash)) {
json_error_show("No data...");
}
ksort($hash);
if ($EnableManageUsersTroughActiveDirectory == 0) {
if (!$ldap->BuildOrganizationBranch()) {
json_error_show("{GENERIC_LDAP_ERROR}<br>{$ldap->ldap_last_error}");
}
}
if ($_POST["query"] != null) {
$search = $_POST["query"];
$search = str_replace(".", "\\.", $search);
$search = str_replace("*", ".*?", $search);
}
if (isset($_GET["ajaxmenu"])) {
$ajax = true;
}
$pic = "32-environement.png";
$style = "style='font-size:16px;'";
$c = 0;
$ldap2 = new clladp();
if (count($hash) == 0) {
json_error_show("no data");
}
while (list($num, $ligne) = each($hash)) {
$ou = $ligne;
$ou_encoded = base64_encode($ou);
if (!preg_match("#{$search}#i", $ligne)) {
writelogs("'{$ligne}' NO MATCH {$search}", __FUNCTION__, __FILE__, __LINE__);
continue;
}
$md = md5(serialize($hash) . time());
$md5S = $md;
$uri = "javascript:Loadjs('domains.manage.org.index.php?js=yes&ou={$ligne}');";
if ($ajax) {
$uri = "javascript:Loadjs('{$Mypage}?LoadOrgPopup={$ligne}');";
}
$IsOUUnderActiveDirectory = $ldap2->IsOUUnderActiveDirectory($ou);
$GroupsNB = 0;
if ($EnableManageUsersTroughActiveDirectory == 0) {
$img = $ldap->get_organization_picture($ligne, 32);
writelogs("ldap->CountDeUSerOu({$ligne})", __FUNCTION__, __FILE__, __LINE__);
$usersNB = $ldap->CountDeUSerOu($ligne);
$usersNB = "{$usersNB}";
} else {
$img = $pic;
if ($IsOUUnderActiveDirectory) {
$ad = new external_ad_search();
writelogs("ldap->CountDeUSerOu({$ligne})", __FUNCTION__, __FILE__, __LINE__);
$usersNB = $ad->CountDeUSerOu($ligne);
} else {
writelogs("ldap->CountDeUSerOu({$ligne})", __FUNCTION__, __FILE__, __LINE__);
$usersNB = $ldap->CountDeUSerOu($ligne);
$usersNB = "{$usersNB}";
}
}
$delete = imgtootltip("delete-32-grey.png", "<b>{delete_ou} {$ligne}</b><br><i>{delete_ou_text}</i>");
if ($users->AsArticaAdministrator) {
$delete = Paragraphe('64-cancel.png', "{delete_ou} {$ligne}", '{delete_ou_text}', "javascript:Loadjs('domains.delete.org.php?ou={$ligne}');", null, 210, 100, 0, true);
$delete = imgsimple("delete-32.png", "<b>{delete_ou} {$ligne}</b><br><i>{delete_ou_text}</i>", "javascript:Loadjs('domains.delete.org.php?ou={$ligne}&t={$t}&id-table={$md5S}');");
}
$DomainsNB = $ldap->CountDeDomainsOU($ligne);
if ($GroupsNB == 0) {
if ($IsOUUnderActiveDirectory) {
$ad = new external_ad_search();
writelogs("->CountDeGroups({$ou})", __FUNCTION__, __FILE__, __LINE__);
$GroupsNB = $ad->CountDeGroups($ou);
} else {
writelogs("->CountDeGroups({$ou})", __FUNCTION__, __FILE__, __LINE__);
$GroupsNB = $ldap->CountDeGroups($ou);
}
}
Paragraphe('folder-useradd-64.png', '{create_user}', '{create_user_text}', "javascript:Loadjs('domains.add.user.php?ou={$ou}')", null, 210, null, 0, true);
Paragraphe('64-folder-group-add.png', '{create_user}', '{create_user_text}', "javascript:Loadjs('domains.add.user.php?ou={$ou}')", null, 210, null, 0, true);
Paragraphe("64-folder-group-add.png", "{$ou}:{add_group}", "{add_a_new_group_in_this_org}:<b>{$ou}</b>", "javascript:Loadjs('domains.edit.group.php?popup-add-group=yes&ou={$ou}&t={$t}')");
$select = imgsimple("domain-32.png", "{manage_organisations_text}", $uri);
$adduser = imgsimple("folder-useradd-32.png", "{$ou}<hr><b>{create_user}</b><br><i>{create_user_text}</i>", "Loadjs('domains.add.user.php?ou={$ou_encoded}&encoded=yes');");
$addgroup = imgsimple("32-folder-group-add.png", "{$ou}<hr><b>{add_group}</b><br><i>{add_a_new_group_in_this_org}</i>", "Loadjs('domains.edit.group.php?popup-add-group=yes&ou={$ou}&t={$t}');");
$SearchUser = imgsimple("loupe-32.png", "{$ou}<hr><b>{search}</b>:<i>{members}</i>", "Loadjs('domains.find.user.php?ou={$ou_encoded}&encoded=yes');");
$SearchGroup = imgsimple("loupe-32.png", "{$ou}<hr><b>{search}</b>:<i>{groups}</i>", "Loadjs('domains.find.groups.php?ou={$ou_encoded}&encoded=yes&t={$t}');");
$searchDomain = imgsimple("loupe-32.png", "{$ou}<hr><b>{localdomains}</b>:<i>{localdomains_text}</i>", "Loadjs('domains.edit.domains.php?js=yes&ou={$ou}&master-t={$t}');");
$NOZARAFA = 0;
$OuZarafaText = null;
if ($IsOUUnderActiveDirectory) {
$delete = imgtootltip("delete-24-grey.png", "", "");
$adduser = imgsimple("folder-useradd-32-grey.png");
$addgroup = imgsimple("32-folder-group-add-grey.png");
}
if ($_GET["zarafaF"] == 1) {
$info = $ldap->OUDatas($ou);
if (!$info["objectClass"]["zarafa-company"]) {
$NOZARAFA = 1;
$OuZarafaText = "<br><a href=\"javascript:blur()\" style='color:#B20808;text-decoration:underline;font-style:italic' \n\t\t\t\tOnClick=\"javascript:Loadjs('domains.edit.zarafa.php?ou={$ou_encoded}&t={$t}')\">{$ou_nozarafa_explain}</a>";
}
}
$array = array();
$array[] = "<a href=\"javascript:blur();\" \n\t\tOnClick=\"{$uri}\" style='font-size:26px;font-weight:bolder;text-transform:capitalize;\n\t\ttext-decoration:underline'>{$ligne}</strong></a>{$OuZarafaText}";
if ($_GET["zarafaF"] == 1) {
$zarafaEnabled = "zarafa-logo-32.png";
if ($NOZARAFA == 1) {
$zarafaEnabled = "zarafa-logo-32-grey.png";
}
$array[] = "<center>" . imgsimple($zarafaEnabled, "<strong style=font-size:26px>{$ou}:{APP_ZARAFA}</strong>\n\t\t\t\t\t<br>{ZARAFA_OU_ICON_TEXT}", "Loadjs('domains.edit.zarafa.php?ou={$ou_encoded}&t={$t}')") . "</center>";
} else {
$array[] = " ";
}
$array[] = "<strong style='font-size:26px'>{$usersNB}</strong>";
$array[] = "<center style='font-size:16px'>{$SearchUser}</center>";
$array[] = "<strong style='font-size:26px'>{$GroupsNB}</strong>";
$array[] = "<center style='font-size:16px'>{$SearchGroup}</center>";
$array[] = "<strong style='font-size:26px'>{$DomainsNB}</strong>";
$array[] = "<center style='font-size:16px'>{$searchDomain}</center>";
$array[] = "<center style='font-size:16px'>{$adduser}</center>";
$array[] = "<center style='font-size:16px'>{$addgroup}</center>";
$array[] = "<center style='font-size:16px'>{$delete}</center>";
$c++;
$data['rows'][] = array('id' => $md5S, 'cell' => $array);
}
$total = $c;
$data['page'] = 1;
$data['total'] = $total;
echo json_encode($data);
}
function parseTemplate_unlock_checkcred()
{
include_once dirname(__FILE__) . "/ressources/class.sockets.inc";
include_once dirname(__FILE__) . "/ressources/class.mysql.squid.builder.php";
include_once dirname(__FILE__) . "/ressources/class.tcpip.inc";
include_once dirname(__FILE__) . "/ressources/class.user.inc";
include_once dirname(__FILE__) . "/ressources/class.templates.inc";
include_once dirname(__FILE__) . "/ressources/class.users.menus.inc";
include_once dirname(__FILE__) . "/ressources/class.external.ad.inc";
include_once dirname(__FILE__) . "/ressources/class.ldap-extern.inc";
include "ressources/settings.inc";
$sock = new sockets();
$UfdbGuardHTTPAllowNoCreds = intval($sock->GET_INFO("UfdbGuardHTTPAllowNoCreds"));
if ($UfdbGuardHTTPAllowNoCreds == 1) {
return true;
}
if ($_POST["nocreds"] == 1) {
return true;
}
$username = $_POST["username"];
$password = trim($_POST["password"]);
if ($sock->SQUID_IS_EXTERNAL_LDAP()) {
$ldap_extern = new ldap_extern();
if ($ldap_extern->checkcredentials($username, $password)) {
return true;
}
}
if (trim(strtolower($username)) == trim(strtolower($_GLOBAL["ldap_admin"]))) {
if ($password == trim($_GLOBAL["ldap_password"])) {
return true;
}
}
$ldap = new clladp();
if ($ldap->IsKerbAuth()) {
$external_ad_search = new external_ad_search();
if ($external_ad_search->CheckUserAuth($username, $password)) {
return true;
}
}
$q = new mysql();
$sql = "SELECT `username`,`value`,id FROM radcheck WHERE `username`='{$username}' AND `attribute`='Cleartext-Password' LIMIT 0,1";
$ligne = mysql_fetch_array($q->QUERY_SQL($sql, "artica_backup"));
if (!is_numeric($ligne["id"])) {
$ligne["id"] = 0;
}
if (!$q->ok) {
writelogs("{$username}:: {$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__);
}
if ($ligne["id"] > 0) {
if ($ligne["value"] == $password) {
return true;
}
}
$u = new user($username);
if (trim($u->uidNumber) != null) {
if (trim($password) == trim($u->password)) {
return true;
}
}
return false;
}
$tr[] = BuildIcons("load-balance-white-32.png", "load-balance-white-32.png", "{load_balancing}", "GotToHAPROXY()");
}
}
}
if (!$AsSquid) {
if ($users->AsSambaAdministrator) {
if ($users->SAMBA_INSTALLED) {
$tr[] = BuildIcons("filesharing-32-white.png", "filesharing-32-white.png", "{file_sharing_services}", "LoadAjax('BodyContent','quicklinks.fileshare.php');");
}
}
}
$tr[] = "<!-- L." . __LINE__ . " -->";
if ($_SESSION["uid"] != null) {
if ($users->AsAnAdministratorGeneric) {
$ldap = new clladp();
if ($ldap->IsKerbAuth()) {
$tr[] = BuildIcons("windows-white-32.png", "windows-white-32.png", "AD {members}", "GotoMembersSearch()");
} else {
if ($EnableIntelCeleron == 0) {
$EnableOpenLDAP = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/EnableOpenLDAP"));
if ($EnableOpenLDAP == 1) {
$tr[] = BuildIcons("users-white-32.png", "users-white-32.png", "{local_members}", "GotoMembersSearch()");
}
}
}
$tr[] = BuildIcons("members-settings-32-white.png", "members-settings-32-white.png", "{members_settings}", "MessagesTopshowMessageDisplay('quicklinks_members');");
}
}
//32-settings-white.png
//close-white-32.png
$fleche_js = "MessagesTopshowMessageDisplay('quicklinks_main_menu');";
function CategoriesCheckGroupsArray()
{
if (isset($GLOBALS[__CLASS__ . __FUNCTION__])) {
return $GLOBALS[__CLASS__ . __FUNCTION__];
}
$ldap = new clladp();
$ARRAYPERS = array();
if ($ldap->IsKerbAuth()) {
include_once dirname(__FILE__) . "/class.external.ad.inc";
$ad = new external_ad_search();
$groups = $ad->GroupsOfMember($_SESSION["uid"]);
if (!is_array($groups)) {
$groups = array();
}
while (list($dn, $name) = each($groups)) {
$ARRAYPERS[strtolower($dn)] = true;
}
} else {
$users = new user($_SESSION["uid"]);
$groups = $users->Groups_list();
if (!is_array($groups)) {
$groups = array();
}
while (list($gid, $name) = each($groups)) {
$ARRAYPERS[$gid] = true;
}
}
$GLOBALS[__CLASS__ . __FUNCTION__] = $ARRAYPERS;
return $ARRAYPERS;
}
function privileges()
{
$tpl = new templates();
$sock = new sockets();
if ($GLOBALS["VERBOSE"]) {
echo "<H1>" . __FUNCTION__ . "(line " . __LINE__ . ")</H1>\n";
}
$EnableSambaVirtualsServers = 0;
include_once dirname(__FILE__) . "/ressources/class.translate.rights.inc";
$cr = new TranslateRights(null, null);
$r = $cr->GetPrivsArray();
$users = new usersMenus();
$ldap = new clladp();
$ht = array();
$ht[] = "<div style='width:98%' class=form>";
$ht[] = "<table style='width:99%'>";
if ($ldap->IsKerbAuth()) {
if ($GLOBALS["VERBOSE"]) {
echo "<li><strong>IsKerbAuth = TRUE (line " . __LINE__ . ")</strong></li>\n";
}
include_once dirname(__FILE__) . "/ressources/class.external.ad.inc";
$ht[] = "<div style='font-size:18px;font-weight:bold'>{my_microsoft_groups}</div>";
$ad = new external_ad_search();
$groups = $ad->GroupsOfMember($_SESSION["uid"]);
while (list($dn, $name) = each($groups)) {
$ht[] = "<tr>\n\t\t\t\t\t<td width=1% valign='top'><img src='img/arrow-right-16.png'></td>\n\t\t\t\t\t<td><span style='font-size:14px;font-weight:bold'>{$name}</span>\n\t\t\t\t\t\t<br><span style='font-size:10px'> ({$dn})</span></td>\n\t\t\t\t</tr>";
}
}
while (list($key, $val) = each($r)) {
if ($GLOBALS["VERBOSE"]) {
echo "<li>{$key} = \"{$val}\"</li>\n";
}
if ($users->{$key}) {
$ht[] = "<tr><td width=1%><img src='img/arrow-right-16.png'></td><td><span style='font-size:14px'>{{$key}}</span></td></tr>";
}
}
$users = new usersMenus();
if ($users->SAMBA_INSTALLED) {
$EnableSambaVirtualsServers = $sock->GET_INFO("EnableSambaVirtualsServers");
if (!is_numeric($EnableSambaVirtualsServers)) {
$EnableSambaVirtualsServers = 0;
}
}
if ($EnableSambaVirtualsServers == 1) {
if (count($_SESSION["VIRTUALS_SERVERS"]) > 0) {
$ht[] = "<tr><td colspan=2 style='font-size:16px;font-weight:bolder'>{virtual_servers}</td></tr>";
while (list($key, $val) = each($_SESSION["VIRTUALS_SERVERS"])) {
$ht[] = "<tr><td width=1%><img src='img/arrow-right-16.png'></td><td><span style='font-size:14px'>{$key}</span></td></tr>";
}
}
}
$ht[] = "</table></div>";
echo $tpl->_ENGINE_parse_body(@implode("\n", $ht));
}
function LIST_GROUPS_FROM_OU_search()
{
$ldap = new clladp();
if ($ldap->IsKerbAuth()) {
LIST_GROUPS_FROM_OU_search_ActiveDirectory();
return;
}
if ($_POST["query"] != null) {
$search = $_POST["query"];
}
$GLOBALS["NOUSERSCOUNT"] = false;
$ou = base64_decode($_GET["ou"]);
$sock = new sockets();
$page = CurrentPageName();
$tpl = new templates();
$EnableManageUsersTroughActiveDirectory = $sock->GET_INFO("EnableManageUsersTroughActiveDirectory");
if (!is_numeric($EnableManageUsersTroughActiveDirectory)) {
$EnableManageUsersTroughActiveDirectory = 0;
}
$data = array();
$data['page'] = 1;
$data['total'] = 0;
$data['rows'] = array();
writelogs("[{$search}]: EnableManageUsersTroughActiveDirectory = {$EnableManageUsersTroughActiveDirectory} ", __FUNCTION__, __FILE__);
$ldap = new clladp();
if (!$ldap->IsOUUnderActiveDirectory($ou)) {
if ($EnableManageUsersTroughActiveDirectory == 1) {
$GLOBALS["NOUSERSCOUNT"] = true;
$ldap = new ldapAD();
writelogs("[{$search}]: ->hash_get_groups_from_ou_mysql({$ou},{$search}) ", __FUNCTION__, __FILE__);
$hash = $ldap->hash_get_groups_from_ou_mysql($ou, $search, true);
} else {
$ldap = new clladp();
$hash = $ldap->hash_groups($ou, 1);
}
} else {
$GLOBALS["NOUSERSCOUNT"] = true;
$EnableManageUsersTroughActiveDirectory = 1;
include_once dirname(__FILE__) . "/ressources/class.external.ad.inc";
$ad = new external_ad_search();
$hash = $ad->hash_groups($ou);
}
$tr = array();
$search = str_replace(".", '\\.', $search);
$search = str_replace("*", '.*?', $search);
if (!is_array($hash)) {
json_error_show("No group");
}
$c = 0;
while (list($num, $line) = each($hash)) {
if (strtolower($line) == 'default_group') {
continue;
}
if (strlen($search) > 2) {
if (!preg_match("#{$search}#", $line)) {
continue;
}
}
$color = "black";
$lineEnc = urlencode($line);
$js = "javascript:Loadjs('domains.edit.group.tabs.php?gid={$num}&name={$lineEnc}&ou={$_GET["ou"]}&encoded=yes')";
if (!$GLOBALS["NOUSERSCOUNT"]) {
$gp = new groups($num);
$members = count($gp->members_array);
$text = $tpl->_ENGINE_parse_body("{manage_this_group}");
if ($gp->description != null) {
$text == $tpl->_ENGINE_parse_body($gp->description);
}
$c++;
$data['rows'][] = array('id' => md5($line), 'cell' => array("<span style='font-size:14px;color:{$color};'><img src='img/group-24.png'></span>", "<a href=\"javascript:blur();\" OnClick=\"{$js}\" style='font-size:14px;color:{$color};text-decoration:underline'>{$line}</a>", "<span style='font-size:14px;color:{$color};'>{$members}</span>", "<a href=\"javascript:blur();\" OnClick=\"{$js}\" style='font-size:14px;color:{$color};text-decoration:underline'>{$text}</a>"));
} else {
$text = "{manage_this_group}";
if (is_array($line)) {
$members = $line["UsersCount"];
$text = $tpl->_ENGINE_parse_body("{manage_this_group}");
if ($line["description"] != null) {
$text = $tpl->_ENGINE_parse_body($line["description"]);
}
$c++;
$data['rows'][] = array('id' => md5($line["groupname"]), 'cell' => array("<span style='font-size:14px;color:{$color};'><img src='img/group-24.png'></span>", "<a href=\"javascript:blur();\" OnClick=\"{$js}\" style='font-size:14px;color:{$color};text-decoration:underline'>{$line["groupname"]}</span>", "<span style='font-size:14px;color:{$color};'>{$members}</span>", "<span style='font-size:14px;color:{$color};'>{$text}</span>"));
} else {
$c++;
$data['rows'][] = array('id' => md5($line), 'cell' => array("<span style='font-size:14px;color:{$color};'><img src='img/group-24.png'></span>", "<a href=\"javascript:blur();\" OnClick=\"{$js}\" style='font-size:14px;color:{$color};text-decoration:underline'>{$line}</span>", "<span style='font-size:14px;color:{$color};'>{$members}</span>", "<span style='font-size:14px;color:{$color};'>{$text}</span>"));
}
}
}
$data['total'] = $c;
echo json_encode($data);
}
function quicklinks_members()
{
$users = new usersMenus();
$tpl = new templates();
$ldap = new clladp();
$sock = new sockets();
$EnableIntelCeleron = intval($sock->GET_INFO("EnableIntelCeleron"));
$IsKerbAuth = $ldap->IsKerbAuth();
$sock = new sockets();
$SquidPerformance = intval($sock->GET_INFO("SquidPerformance"));
if ($SquidPerformance < 3) {
if ($IsKerbAuth == 0) {
$tr[] = paragrapheWin("user-add-white-64.png", "{new_member}", "Loadjs('create-user.php')");
}
}
$stats = new stats_appliance();
if ($SquidPerformance < 3) {
$search = $tpl->_ENGINE_parse_body("{search}");
$tr[] = paragrapheWin("users-search-white-64.png", "{members}: {$search}", "GotoMembersSearch();");
}
if ($users->AsSystemAdministrator) {
$tr[] = paragrapheWin("postmasters-white-64.png", "{administrators}", "GotoMembersRadius();");
}
if ($users->AsInventoryAdmin) {
if ($SquidPerformance < 3) {
$tr[] = paragrapheWin("64-computer2-white.png", "{my_computers}", "GotoMemberMyComp()");
}
}
$tr[] = paragrapheWin("users-search-white-64.png", "{groups}: {$search}", "GotoGroupsSearch();");
if ($users->SQUID_INSTALLED) {
if ($users->SAMBA_INSTALLED) {
if ($users->AsSystemAdministrator) {
if ($EnableIntelCeleron == 0) {
$tr[] = paragrapheWin("windows-white-64.png", "Active Directory", "GotoAdConnection()");
}
}
}
if ($users->AsSquidAdministrator) {
$tr[] = paragrapheWin("users-search-white-64.png", "{identd_server}", "GotoSquidIdent()");
$tr[] = paragrapheWin("users-search-white-64.png", "{proxy_members_aliases}", "GoToProxyAliases()");
}
}
if ($users->AsSystemAdministrator) {
if ($EnableIntelCeleron == 0) {
$tr[] = paragrapheWin("user-server-64-white.png", "{users_and_system}", "GotoNsswitch()");
}
}
echo $tpl->_ENGINE_parse_body(CompileTr5_win($tr, true));
}
function find_member()
{
$ldap = new clladp();
if ($ldap->IsKerbAuth()) {
find_member_active_directory();
return;
}
if ($_POST["qtype"] == "find-member") {
$tofind = $_POST["query"];
}
$t = $_GET["t"];
$tt = $_GET["tt"];
if ($_SESSION["uid"] == -100) {
$ou = $_GET["ou"];
} else {
$ou = $_SESSION["ou"];
}
$sock = new sockets();
if (is_base64_encoded($ou)) {
$ou = base64_decode($ou);
}
if ($tofind == null) {
$tofind = '*';
} else {
$tofind = "*{$tofind}*";
}
$tofind = str_replace('***', '*', $tofind);
$tofind = str_replace('**', '*', $tofind);
$tofind = str_replace('**', '*', $tofind);
$EnableManageUsersTroughActiveDirectory = $sock->GET_INFO("EnableManageUsersTroughActiveDirectory");
if (!is_numeric($EnableManageUsersTroughActiveDirectory)) {
$EnableManageUsersTroughActiveDirectory = 0;
}
$tofind = str_replace(".", '\\.', $tofind);
$tofind = str_replace("*", '.*?', $tofind);
$ldap = new clladp();
writelogs("FIND {$tofind} IN OU \"{$ou}\"", __FUNCTION__, __FILE__, __LINE__);
if (!$ldap->IsOUUnderActiveDirectory($ou)) {
if ($EnableManageUsersTroughActiveDirectory == 1) {
$GLOBALS["NOUSERSCOUNT"] = true;
$ldap = new ldapAD();
writelogs("[{$tofind}]: ->hash_get_groups_from_ou_mysql({$ou},{$tofind}) ", __FUNCTION__, __FILE__);
$hash = $ldap->hash_get_groups_from_ou_mysql($ou, $tofind, true);
} else {
$ldap = new clladp();
$hash = $ldap->hash_groups($ou, 1);
}
} else {
$hash = find_member_active_directory();
$ldap->EnableManageUsersTroughActiveDirectory = true;
$GLOBALS["NOUSERSCOUNT"] = true;
}
$number = count($hash);
$data = array();
$data['page'] = 0;
$data['total'] = $number;
$data['rows'] = array();
$styla = "style='font-size:14px;text-decoration:underline;font-weight:bold'";
$styleNum = "style='font-size:16px;font-weight:bold'";
$search = string_to_flexregex();
if (is_array($hash)) {
while (list($num, $line) = each($hash)) {
if (strtolower($line) == 'default_group') {
continue;
}
if (strlen($search) > 2) {
if (!preg_match("#{$search}#", $line)) {
continue;
}
}
$text = null;
$js = "javascript:Loadjs('domains.edit.group.php?js=yes&group-id={$num}&ou={$_GET["ou"]}&encoded=yes&tt={$t}&ttt={$tt}')";
$delete = imgsimple("delete-24.png", "{delete} {$num}", "Loadjs('domains.delete.group.php?gpid={$num}')");
if (!$GLOBALS["NOUSERSCOUNT"]) {
$delete = " ";
$gp = new groups($num);
$members = count($gp->members_array);
if ($gp->description != null) {
$text = $gp->description;
}
$data['rows'][] = array('id' => $line, 'cell' => array("<a href=\"javascript:blur();\" OnClick=\"{$js}\" {$styla}>{$line}</a>", "<span {$styleNum}>{$members}</span>", "<span style='font-size:14px'>{$text}</span>", $delete));
} else {
if (is_array($line)) {
if ($line["description"] != null) {
$text = $line["description"];
}
if (strlen($search) > 2) {
if (!preg_match("#{$search}#", $line["groupname"])) {
continue;
}
}
if (!is_numeric($line["gid"])) {
$delete = imgsimple("delete-24-grey.png");
}
$js = "javascript:Loadjs('domains.edit.group.php?js=yes&group-id={$line["gid"]}&ou={$_GET["ou"]}&encoded=yes&tt={$t}&ttt={$tt}')";
$data['rows'][] = array('id' => md5($line["groupname"]), 'cell' => array("<a href=\"javascript:blur();\" OnClick=\"{$js}\" {$styla}>{$line["groupname"]}</a>", "<span {$styleNum}>{$line["UsersCount"]}</span>", "<span style='font-size:14px'>{$text}</span>", $delete));
} else {
$data['rows'][] = array('id' => $line, 'cell' => array("<a href=\"javascript:blur();\" OnClick=\"{$js}\" {$styla}>{$line}</a>", "<span {$styleNum}>?</span>", "<span style='font-size:14px'></span>", $delete));
}
}
}
}
echo json_encode($data);
}
function start()
{
if ($GLOBALS["VERBOSE"]) {
"echo Loading...\n";
}
$unix = new unix();
if ($GLOBALS["VERBOSE"]) {
"echo Loading done...\n";
}
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$timefile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
$pid = @file_get_contents($pidfile);
if (!$GLOBALS["FORCE"]) {
if ($pid < 100) {
$pid = null;
}
$unix = new unix();
if ($unix->process_exists($pid, basename(__FILE__))) {
if ($GLOBALS["VERBOSE"]) {
echo "Already executed pid {$pid}\n";
}
return;
}
$timeexec = $unix->file_time_min($timefile);
if ($timeexec < 120) {
return;
}
$mypid = getmypid();
@file_put_contents($pidfile, $mypid);
}
@unlink($timefile);
@file_put_contents($timefile, time());
@unlink("/etc/artica-postfix/activedirectory-ou.db");
$ldap = new clladp();
if (!$ldap->IsKerbAuth()) {
return;
}
$f = new external_ad_search();
$ALPHABET = array('a', 'b', 'c', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '1', '2', '3', '4', '5', '6', '7', '8', '9', '0');
while (list($num, $letter) = each($ALPHABET)) {
$hash = $f->find_DN("{$letter}*", 0);
for ($i = 0; $i < $hash["count"]; $i++) {
if (isset($hash[$i]["samaccountname"][0])) {
$uid = $hash[$i]["samaccountname"][0];
}
if (isset($hash[$i]["uid"][0])) {
$uid = $hash[$i]["uid"][0];
}
if (isset($hash[$i]["dn"])) {
$dn = $hash[$i]["dn"];
}
if (strpos($uid, "\$") > 0) {
continue;
}
$tr = explode(",", $dn);
$OUS = array();
while (list($num, $a) = each($tr)) {
if (!preg_match("#ou=(.+)\$#i", $a, $re)) {
continue;
}
$OUS[] = $re[1];
}
if (count($OUS) == 0) {
continue;
}
$USEROU = $OUS[0];
if ($USEROU == null) {
continue;
}
$USERS[$uid] = $USEROU;
}
}
@file_put_contents("/etc/artica-postfix/activedirectory-ou.db", serialize($USERS));
}
