/**
* Function called before changing user attributes
* @param $FH FormHandler of the page
* @param $mode add or edit mode
*/
function _base_verifInfo($FH, $mode)
{
global $error;
global $conf;
$base_errors = "";
$uid = $FH->getPostValue("uid");
$pass = $FH->getPostValue("pass");
$confpass = $FH->getPostValue("confpass");
$homedir = $FH->getPostValue("homeDirectory");
$primary = $FH->getPostValue("primary");
$firstname = $FH->getPostValue("givenName");
$lastname = $FH->getPostValue("sn");
$durete = $FH->testpassword($pass);
if (!preg_match("/^[a-zA-Z0-9][A-Za-z0-9_.-]*\$/", $uid)) {
$base_errors .= _("User's name invalid !") . "<br/>";
setFormError("uid");
}
if ($mode == "add" && $uid && userExists($uid)) {
$base_errors .= sprintf(_("The user %s already exists."), $uid) . "<br/>";
setFormError("uid");
}
if ($mode == "add" && $pass == '') {
$base_errors .= _("Password is empty.") . "<br/>";
setFormError("pass");
} else {
if (strlen($pass) < intval($conf["global"]["minsizepassword"])) {
$base_errors .= _("Minimum") . " " . $conf["global"]["minsizepassword"] . " " . _("characters for the password") . "<br/>";
setFormError("pass");
} else {
if ($FH->testpassword($pass) < intval($conf["global"]["weakPassword"])) {
if ($durete < 5) {
$msgval = _("very weak");
} else {
if ($durete < 15) {
$msgval = _("weak");
} else {
if ($durete < 40) {
$msgval = _("medium");
} else {
$msgval = _("good");
}
}
}
$base_errors .= _("Password") . " : " . $msgval . "<br/>";
setFormError("pass");
}
}
}
if ($mode == "add" && $lastname == '') {
$base_errors .= _("Last name is empty.") . "<br/>";
setFormError("sn");
}
if ($mode == "add" && $firstname == '') {
$base_errors .= _("First name is empty.") . "<br/>";
setFormError("givenName");
}
if ($pass != $confpass) {
$base_errors .= _("The confirmation password does not match the new password.") . " <br/>";
setFormError("pass");
setFormError("confpass");
}
/* Check that the primary group name exists */
if (!strlen($primary)) {
$base_errors .= _("The primary group field can't be empty.") . "<br />";
setFormError("primary");
} else {
if (!existGroup($primary)) {
$base_errors .= sprintf(_("The group %s does not exist, and so can't be set as primary group."), $primary) . "<br />";
setFormError("primary");
}
}
/* Check that the homeDir does not exists */
if ($mode == "add") {
if ($FH->getPostValue("createHomeDir") == "on" && $FH->getPostValue("ownHomeDir") != "on" && $uid) {
getHomeDir($uid, $FH->getValue("homeDirectory"));
}
} else {
/* If we want to move the userdir check the destination */
if ($FH->isUpdated("homeDirectory")) {
getHomeDir($uid, $FH->getValue("homeDirectory"));
}
}
$error .= $base_errors;
return $base_errors ? 1 : 0;
}
/**
* installs composer to the current working directory
*/
function installComposer($version, $installDir, $filename, $quiet, $disableTls, $cafile, $channel)
{
$installPath = (is_dir($installDir) ? rtrim($installDir, '/') . '/' : '') . $filename;
$installDir = realpath($installDir) ? realpath($installDir) : getcwd();
$file = $installDir . DIRECTORY_SEPARATOR . $filename;
if (is_readable($file)) {
@unlink($file);
}
$home = getHomeDir();
file_put_contents($home . '/keys.dev.pub', <<<DEVPUBKEY
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAnBDHjZS6e0ZMoK3xTD7f
FNCzlXjX/Aie2dit8QXA03pSrOTbaMnxON3hUL47Lz3g1SC6YJEMVHr0zYq4elWi
i3ecFEgzLcj+pZM5X6qWu2Ozz4vWx3JYo1/a/HYdOuW9e3lwS8VtS0AVJA+U8X0A
hZnBmGpltHhO8hPKHgkJtkTUxCheTcbqn4wGHl8Z2SediDcPTLwqezWKUfrYzu1f
o/j3WFwFs6GtK4wdYtiXr+yspBZHO3y1udf8eFFGcb2V3EaLOrtfur6XQVizjOuk
8lw5zzse1Qp/klHqbDRsjSzJ6iL6F4aynBc6Euqt/8ccNAIz0rLjLhOraeyj4eNn
8iokwMKiXpcrQLTKH+RH1JCuOVxQ436bJwbSsp1VwiqftPQieN+tzqy+EiHJJmGf
TBAbWcncicCk9q2md+AmhNbvHO4PWbbz9TzC7HJb460jyWeuMEvw3gNIpEo2jYa9
pMV6cVqnSa+wOc0D7pC9a6bne0bvLcm3S+w6I5iDB3lZsb3A9UtRiSP7aGSo7D72
8tC8+cIgZcI7k9vjvOqH+d7sdOU2yPCnRY6wFh62/g8bDnUpr56nZN1G89GwM4d4
r/TU7BQQIzsZgAiqOGXvVklIgAMiV0iucgf3rNBLjjeNEwNSTTG9F0CtQ+7JLwaE
wSEuAuRm+pRqi8BRnQ/GKUcCAwEAAQ==
-----END PUBLIC KEY-----
DEVPUBKEY
);
file_put_contents($home . '/keys.tags.pub', <<<TAGSPUBKEY
-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0Vi/2K6apCVj76nCnCl2
MQUPdK+A9eqkYBacXo2wQBYmyVlXm2/n/ZsX6pCLYPQTHyr5jXbkQzBw8SKqPdlh
vA7NpbMeNCz7wP/AobvUXM8xQuXKbMDTY2uZ4O7sM+PfGbptKPBGLe8Z8d2sUnTO
bXtX6Lrj13wkRto7st/w/Yp33RHe9SlqkiiS4MsH1jBkcIkEHsRaveZzedUaxY0M
mba0uPhGUInpPzEHwrYqBBEtWvP97t2vtfx8I5qv28kh0Y6t+jnjL1Urid2iuQZf
noCMFIOu4vksK5HxJxxrN0GOmGmwVQjOOtxkwikNiotZGPR4KsVj8NnBrLX7oGuM
nQvGciiu+KoC2r3HDBrpDeBVdOWxDzT5R4iI0KoLzFh2pKqwbY+obNPS2bj+2dgJ
rV3V5Jjry42QOCBN3c88wU1PKftOLj2ECpewY6vnE478IipiEu7EAdK8Zwj2LmTr
RKQUSa9k7ggBkYZWAeO/2Ag0ey3g2bg7eqk+sHEq5ynIXd5lhv6tC5PBdHlWipDK
tl2IxiEnejnOmAzGVivE1YGduYBjN+mjxDVy8KGBrjnz1JPgAvgdwJ2dYw4Rsc/e
TzCFWGk/HM6a4f0IzBWbJ5ot0PIi4amk07IotBXDWwqDiQTwyuGCym5EqWQ2BD95
RGv89BPD+2DLnJysngsvVaUCAwEAAQ==
-----END PUBLIC KEY-----
TAGSPUBKEY
);
if (false === $disableTls && empty($cafile) && !HttpClient::getSystemCaRootBundlePath()) {
$errorHandler = new ErrorHandler();
set_error_handler(array($errorHandler, 'handleError'));
$target = $home . '/cacert.pem';
$write = file_put_contents($target, HttpClient::getPackagedCaFile(), LOCK_EX);
@chmod($target, 0644);
restore_error_handler();
if (!$write) {
throw new RuntimeException('Unable to write bundled cacert.pem to: ' . $target);
}
$cafile = $target;
}
$httpClient = new HttpClient($disableTls, $cafile);
$uriScheme = false === $disableTls ? 'https' : 'http';
if (!$version) {
$versions = json_decode($httpClient->get($uriScheme . '://getcomposer.org/versions'), true);
foreach ($versions[$channel] as $candidate) {
if ($candidate['min-php'] <= PHP_VERSION_ID) {
$version = $candidate['version'];
$downloadUrl = $candidate['path'];
break;
}
}
if (!$version) {
throw new RuntimeException('There is no version of Composer available for your PHP version (' . PHP_VERSION . ')');
}
} else {
$downloadUrl = "/download/{$version}/composer.phar";
}
$retries = 3;
while ($retries--) {
if (!$quiet) {
out("Downloading {$version}...", 'info');
}
$url = "{$uriScheme}://getcomposer.org{$downloadUrl}";
$errorHandler = new ErrorHandler();
set_error_handler(array($errorHandler, 'handleError'));
// download signature file
if (false === $disableTls) {
$signature = $httpClient->get($url . '.sig');
if (!$signature) {
out('Download failed: ' . $errorHandler->message, 'error');
} else {
$signature = json_decode($signature, true);
$signature = base64_decode($signature['sha384']);
}
}
$fh = fopen($file, 'w');
if (!$fh) {
out('Could not create file ' . $file . ': ' . $errorHandler->message, 'error');
}
if (!fwrite($fh, $httpClient->get($url))) {
out('Download failed: ' . $errorHandler->message, 'error');
}
fclose($fh);
restore_error_handler();
if ($errorHandler->message) {
continue;
}
try {
// create a temp file ending in .phar since the Phar class only accepts that
if ('.phar' !== substr($file, -5)) {
copy($file, $file . '.tmp.phar');
$pharFile = $file . '.tmp.phar';
} else {
$pharFile = $file;
}
// verify signature
if (false === $disableTls) {
$pubkeyid = openssl_pkey_get_public('file://' . $home . '/' . (preg_match('{^[0-9a-f]{40}$}', $version) ? 'keys.dev.pub' : 'keys.tags.pub'));
$algo = defined('OPENSSL_ALGO_SHA384') ? OPENSSL_ALGO_SHA384 : 'SHA384';
if (!in_array('SHA384', openssl_get_md_methods())) {
out('SHA384 is not supported by your openssl extension, could not verify the phar file integrity', 'error');
exit(1);
}
$verified = 1 === openssl_verify(file_get_contents($file), $signature, $pubkeyid, $algo);
openssl_free_key($pubkeyid);
if (!$verified) {
out('Signature mismatch, could not verify the phar file integrity', 'error');
exit(1);
}
}
// test the phar validity
if (!ini_get('phar.readonly')) {
$phar = new Phar($pharFile);
// free the variable to unlock the file
unset($phar);
}
// clean up temp file if needed
if ($file !== $pharFile) {
unlink($pharFile);
}
break;
} catch (Exception $e) {
if (!$e instanceof UnexpectedValueException && !$e instanceof PharException) {
throw $e;
}
// clean up temp file if needed
if ($file !== $pharFile) {
unlink($pharFile);
}
unlink($file);
if ($retries) {
if (!$quiet) {
out('The download is corrupt, retrying...', 'error');
}
} else {
out('The download is corrupt (' . $e->getMessage() . '), aborting.', 'error');
exit(1);
}
}
}
if ($errorHandler->message) {
out('The download failed repeatedly, aborting.', 'error');
exit(1);
}
chmod($file, 0755);
if (!$quiet) {
out(PHP_EOL . "Composer successfully installed to: " . $file, 'success', false);
out(PHP_EOL . "Use it: php {$installPath}", 'info');
}
}
/**
* Function called before changing user attributes
* @param $FH FormHandler of the page
* @param $mode add or edit mode
*/
function _base_verifInfo($FH, $mode)
{
global $error;
$base_errors = "";
$uid = $FH->getPostValue("uid");
$pass = $FH->getPostValue("pass");
$confpass = $FH->getPostValue("confpass");
$homedir = $FH->getPostValue("homeDirectory");
$primary = $FH->getPostValue("primary");
if (!preg_match("/^[a-zA-Z0-9][A-Za-z0-9_.-]*\$/", $uid)) {
$base_errors .= _("User's name invalid !") . "<br/>";
setFormError("uid");
}
if ($mode == "add" && $uid && userExists($uid)) {
$base_errors .= sprintf(_("The user %s already exists."), $uid) . "<br/>";
setFormError("uid");
}
if ($mode == "add" && $pass == '') {
$base_errors .= _("Password is empty.") . "<br/>";
setFormError("pass");
}
if ($pass != $confpass) {
$base_errors .= _("The confirmation password does not match the new password.") . " <br/>";
setFormError("pass");
setFormError("confpass");
}
/* Check that the primary group name exists */
if (!strlen($primary)) {
$base_errors .= _("The primary group field can't be empty.") . "<br />";
setFormError("primary");
} else {
if (!existGroup($primary)) {
$base_errors .= sprintf(_("The group %s does not exist, and so can't be set as primary group."), $primary) . "<br />";
setFormError("primary");
}
}
/* Check that the homeDir does not exists */
if ($mode == "add") {
if ($FH->getPostValue("createHomeDir") == "on" && $FH->getPostValue("ownHomeDir") != "on" && $uid) {
getHomeDir($uid, $FH->getValue("homeDirectory"));
}
} else {
/* If we want to move the userdir check the destination */
if ($FH->isUpdated("homeDirectory")) {
getHomeDir($uid, $FH->getValue("homeDirectory"));
}
}
$error .= $base_errors;
return $base_errors ? 1 : 0;
}