static function getAttributesInfo()
{
global $config;
$plugins = array();
if (session::global_is_set('plist')) {
$plugins = array_keys(session::global_get('plist')->info);
}
sort($plugins);
return array('look_n_feel' => array('name' => _('Look and feel'), 'attrs' => array(new SelectAttribute(_('Language'), _('Language of the application. If \'automatic\' or not available, the one asked by the browser will be used. This setting can be overriden per user.'), 'fdLanguage', FALSE, array('')), new SelectAttribute(_('Theme'), _('Theme to be used'), 'fdTheme', TRUE, self::get_themes(), 'default'), new SelectAttribute(_('Timezone'), _('Timezone to be used'), 'fdTimezone', TRUE, array('America/New_York')), new HiddenAttribute('fusionConfigMd5'))), 'schema_setup' => array('name' => _('Schema setup'), 'attrs' => array(new BooleanAttribute(_('Schema validation'), _('Enables schema checking during login.'), 'fdSchemaCheck', FALSE, TRUE))), 'password' => array('name' => _('Password settings'), 'attrs' => array(new SelectAttribute(_('Password default hash'), _('Default hash to be used'), 'fdPasswordDefaultHash', TRUE, array('ssha')), new BooleanAttribute(_('Force default hash'), _('Force the use of the default password hash'), 'fdForcePasswordDefaultHash'), new IntAttribute(_('Password minimum length'), _('Minimum length of user passwords'), 'fdPasswordMinLength', FALSE, 0, FALSE), new IntAttribute(_('Password minimum differs'), _('Minimum number of different characters from last password'), 'fdPasswordMinDiffer', FALSE, 0, FALSE), new BooleanAttribute(_('Use account expiration'), _('Enables shadow attribute tests during the login to FusionDirectory and forces password renewal or account locking'), 'fdHandleExpiredAccounts'), new StringAttribute(_('SASL Realm'), _('SASL Realm'), 'fdSaslRealm'), new StringAttribute(_('SASL Exop'), _('Attribute to be stored in the userPassword attribute'), 'fdSaslExop'))), 'core_settings' => array('name' => _('Core settings'), 'attrs' => array(new BooleanAttribute(_('Enable primary group filter'), _('It is time consuming to evaluate which groups are primary and which are not, so you may want to disable it if your group plugin is slow.'), 'fdPrimaryGroupFilter', FALSE, TRUE), new BooleanAttribute(_('Display summary in listings'), _('Determines whether a status bar will be shown on the bottom of lists, displaying a short summary of type and number of elements in the list.'), 'fdListSummary', FALSE, TRUE), new SelectAttribute(_('Edit locking'), _('Check if a entry currently being edited has been modified outside of FusionDirectory in the meantime.'), 'fdModificationDetectionAttribute', FALSE, array('', 'entryCSN', 'contextCSN'), 'entryCSN'), new BooleanAttribute(_('Enable logging'), _('Event logging on FusionDirectory side.'), 'fdLogging', FALSE, TRUE), new IntAttribute(_('LDAP size limit'), _('Defines the number of entries to get from LDAP by default.'), 'fdLdapSizeLimit', FALSE, 0, FALSE, 200))), 'login' => array('name' => _('Login and session'), 'attrs' => array(new SelectAttribute(_('Login attribute'), _('Which LDAP attribute should be used as the login name during login.'), 'fdLoginAttribute', TRUE, array('uid', 'mail', 'uid,mail'), 'uid', array('uid', 'mail', 'both')), new BooleanAttribute(_('Enforce encrypted connections'), _('Enables PHP security checks to force encrypted access (https) to the web interface.'), 'fdForceSSL'), new BooleanAttribute(_('Warn if session is not encrypted'), _('will display a warning to the user when http is used instead of https.'), 'fdWarnSSL', FALSE, TRUE), new IntAttribute(_('Session lifetime'), _('Defines when a session will expire in seconds.'), 'fdSessionLifeTime', TRUE, 0, FALSE, 1800))), 'snapshots' => array('name' => _('Snapshots'), 'attrs' => array(new BooleanAttribute(_('Enable snapshots'), _('This enables you to save certain states of entries and restore them later on.'), 'fdEnableSnapshots', FALSE, TRUE), new StringAttribute(_('Snapshot base'), _('The base where snapshots should be stored inside of the LDAP.'), 'fdSnapshotBase', FALSE, 'ou=snapshots,' . $config->current['BASE']))), 'ssl' => array('name' => _('SSL'), 'attrs' => array(new StringAttribute(_('Key path'), _('Path to FusionDirectory private key. Unused for now.'), 'fdSslKeyPath', FALSE, '/etc/ssl/private/fd.key'), new StringAttribute(_('Certificate path'), _('Path to FusionDirectory certificate. Unused for now.'), 'fdSslCertPath', FALSE, '/etc/ssl/certs/fd.cert'), new StringAttribute(_('CA certificate path'), _('Path to the CA certificate. Used for validating Argonaut Server host.'), 'fdSslCaCertPath', FALSE, '/etc/ssl/certs/ca.cert'))), 'people_and_group' => array('name' => _('People and group storage'), 'class' => array('critical'), 'attrs' => array(new SelectAttribute(_('People DN attribute'), _('Attribute to use at the beginning of users dn'), 'fdAccountPrimaryAttribute', TRUE, array('uid', 'cn')), new StringAttribute(_('CN pattern'), _('The pattern to use to build the common name field'), 'fdCnPattern', TRUE, '%givenName% %sn%'), new BooleanAttribute(_('Strict naming policy'), _('Enables strict checking of user and group names'), 'fdStrictNamingRules', FALSE, TRUE), new IntAttribute(_('Group/user min id'), _('The minimum assignable user or group id to avoid security leaks with id 0 accounts.'), 'fdMinId', FALSE, 0, FALSE, 100), new StringAttribute(_('Next id hook'), _('A script to be called for finding the next free id number for users or groups.'), 'fdNextIdHook', FALSE), new IntAttribute(_('Base number for user id'), _('Where to start looking for a new free user id.'), 'fdUidNumberBase', FALSE, 0, FALSE, 1100), new IntAttribute(_('Base number for group id'), _('Where to start looking for a new free group id.'), 'fdGidNumberBase', FALSE, 0, FALSE, 1100), new StringAttribute(_('Users RDN'), _('The branch where users are stored.'), 'fdUserRDN', TRUE, 'ou=people'), new StringAttribute(_('Groups RDN'), _('The branch where groups are stored.'), 'fdGroupRDN', TRUE, 'ou=groups'), new StringAttribute(_('ACL role RDN'), _('The branch where ACL roles are stored.'), 'fdAclRoleRDN', TRUE, 'ou=aclroles'), new SelectAttribute(_('Id allocation method'), _('Method to allocate user/group ids'), 'fdIdAllocationMethod', TRUE, array('traditional', 'pool'), 'traditional', array(_('Traditional'), _('Samba unix id pool'))), new IntAttribute(_('Pool user id min'), _('Minimum value for user id when using pool method'), 'fdUidNumberPoolMin', FALSE, 0, FALSE, 10000), new IntAttribute(_('Pool user id max'), _('Maximum value for user id when using pool method'), 'fdUidNumberPoolMax', FALSE, 0, FALSE, 40000), new IntAttribute(_('Pool group id min'), _('Minimum value for group id when using pool method'), 'fdGidNumberPoolMin', FALSE, 0, FALSE, 10000), new IntAttribute(_('Pool group id max'), _('Maximum value for group id when using pool method'), 'fdGidNumberPoolMax', FALSE, 0, FALSE, 40000))), 'debug' => array('name' => _('Debugging'), 'attrs' => array(new BooleanAttribute(_('Display errors'), _('Shows PHP errors in the upper part of the screen. This should be disabled in productive deployments, because there might be some passwords in it.'), 'fdDisplayErrors'), new IntAttribute(_('Maximum LDAP query time'), _('Stop LDAP actions if there is no answer within the specified number of seconds.'), 'fdLdapMaxQueryTime', FALSE, 0, FALSE), new BooleanAttribute(_('Log LDAP statistics'), _('Track LDAP timing statistics to the syslog. This may help to find indexing problems or bad search filters.'), 'fdLdapStats'), new DebugLevelAttribute(new SelectAttribute(_('Debug level'), _('Display certain information on each page load.'), 'fdDebugLevel', FALSE, array(DEBUG_TRACE, DEBUG_LDAP, DEBUG_DB, DEBUG_SHELL, DEBUG_POST, DEBUG_SESSION, DEBUG_ACL, DEBUG_SI, DEBUG_MAIL), DEBUG_TRACE, array('Trace', 'LDAP', 'Database', 'Shell', 'POST', 'SESSION', 'ACL', 'SI', 'Mail'))))), 'miscellaneous' => array('name' => _('Miscellaneous'), 'class' => array('fullwidth'), 'attrs' => array(new OrderedArrayAttribute(new CompositeAttribute(_('Hooks that are called when specific actions happens'), 'fdTabHook', array(new SelectAttribute(_('tab'), _('The tab that this hook concerns'), 'hookTab', TRUE, $plugins), new SelectAttribute(_('mode'), _('When to call this command'), 'hookMode', TRUE, array('postcreate', 'postremove', 'postmodify', 'precreate', 'preremove', 'premodify', 'check')), new StringAttribute(_('cmd'), _('The command that will be called'), 'hookCmd', TRUE)), '/^([^\\|]+)\\|([^\\|]+)\\|(.*)$/', '%s|%s|%s', '', _('Hooks')), FALSE, array(), TRUE), new BooleanAttribute(_('Display hook output'), _('When enabled successful hook execution output is displayed to the user using a dialog.'), 'fdDisplayHookOutput'), new SetAttribute(new StringAttribute(_('Available shells'), _('Available POSIX shells for FD users.'), 'fdShells', FALSE), array('/bin/ash', '/bin/bash', '/bin/csh', '/bin/sh', '/bin/ksh', '/bin/tcsh', '/bin/dash', '/bin/zsh', '/sbin/nologin', '/bin/false')), new BooleanAttribute(_('Show ACL tab on all objects'), _('For very specific ACL rights setting where you might need to give right on a single object.'), 'fdAclTabOnObjects'))));
}
$smarty->assign("date", date("l, dS F Y H:i:s O"));
$smarty->assign("lang", preg_replace('/_.*$/', '', $lang));
$smarty->assign("rtl", language_is_rtl($lang));
$smarty->display(get_template_path('headers.tpl'));
$smarty->assign("version", FD_VERSION);
$smarty->display(get_template_path('login.tpl'));
exit;
}
/*****************************************************************************
* M A I N *
*****************************************************************************/
/* Set error handler to own one, initialize time calculation
and start session. */
session::start();
if (isset($_REQUEST['signout']) && $_REQUEST['signout']) {
if (session::global_is_set('connected')) {
$config = session::global_get('config');
if ($config->get_cfg_value('casActivated') == 'TRUE') {
require_once 'CAS.php';
/* Move CAS autoload before FD autoload */
spl_autoload_unregister('CAS_autoload');
spl_autoload_register('CAS_autoload', TRUE, TRUE);
phpCAS::client(CAS_VERSION_2_0, $config->get_cfg_value('casHost', 'localhost'), (int) $config->get_cfg_value('casPort', 443), $config->get_cfg_value('casContext', ''));
// Set the CA certificate that is the issuer of the cert
phpCAS::setCasServerCACert($config->get_cfg_value('casServerCaCertPath'));
phpCas::logout();
}
}
session::destroy();
session::start();
}
// max number of results shown in result list
$minwordlength = 3;
// Word less than 3 chars will be dropped in search
$allowed_chars_in_searchword = "'[^a-z0-9 %_-]'i";
// Remove all chars that would disturb our search like < or > ...
/* Default pages */
$backward = $defaultpage;
$index = $defaultpage;
$forward = "node1.html";
$helpdir = "";
/* Every class which is called within a tab, stores its name in the Session.
* If session::global_is_set('current_class_for_help') is true,
* get the helpfile specified in the xml file and display it.
* Unset this Session entry, to avoid displaying it again.
*/
if (session::global_is_set('current_class_for_help')) {
/* Create new XML parser with the path to the Xml file */
$xml = new parseXml("../doc/guide.xml");
/* Generate help array */
$str = $xml->parse();
/* __LANG__ is used as placeholder for the used language*/
$helpdir = @preg_replace("/__LANG__/i", $lang, $str[session::global_get('current_class_for_help')]['PATH']);
/* If there is no entry in the xml file for this class, display an error message */
if ($helpdir == "") {
$smarty->assign("help_contents", "<br><h2>" . _("There is no help file specified for this class")) . "</h2>";
$header = "<!-- headers.tpl-->" . $smarty->fetch(get_template_path('headers.tpl'));
$display = $header . $smarty->fetch(get_template_path('help.tpl'));
echo $display;
session::global_un_set('current_class_for_help');
exit;
}
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
*/
/* Basic setup, remove eventually registered sessions */
@(require_once "../include/php_setup.inc");
@(require_once "functions.inc");
@(require_once "variables.inc");
session_cache_limiter("private");
session::start();
session::global_set('errorsAlreadyPosted', array());
/* Logged in? Simple security check */
if (!session::global_is_set('ui')) {
new log("security", "unknown", "", array(), "Error: autocomplete.php called without session");
header("Location: index.php");
exit;
}
/* Base completition or filter completition? */
if (isset($_GET['type']) && $_GET['type'] == "base") {
// Find dn based on name and description
if (session::is_set("pathMapping") && count($_POST) == 1) {
$res = "";
$pathMapping = session::get("pathMapping");
$search = preg_replace('/"/', '"', current($_POST));
$config = session::global_get('config');
foreach ($config->department_info as $dn => $info) {
if (!isset($pathMapping[$dn])) {
continue;
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
*/
/* Basic setup, remove eventually registered sessions */
@(require_once "../include/php_setup.inc");
@(require_once "functions.inc");
@(require_once "variables.inc");
session_cache_limiter("private");
session::start();
session::global_set('errorsAlreadyPosted', array());
$theme = '';
if (session::global_is_set('config')) {
$config = session::global_get('config');
$theme = $config->get_cfg_value('theme');
} else {
header("cache-control: no-cache");
}
IconTheme::$extensions = array('png');
$src = IconTheme::findThemeIcon($theme, $_GET['context'], $_GET['icon'], $_GET['size']);
header("Content-Type: image/png");
if (isset($_GET['disabled']) && $_GET['disabled']) {
$im = imagecreatefrompng($src);
imageAlphaBlending($im, TRUE);
imageSaveAlpha($im, TRUE);
imagefilter($im, IMG_FILTER_GRAYSCALE);
imagepng($im);
imagedestroy($im);
$smarty->assign("usePrototype", "false");
/* React on clicks */
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (isset($_POST['delete_lock']) || isset($_POST['open_readonly'])) {
/* Set old Post data */
if (session::global_is_set('LOCK_VARS_USED_GET')) {
foreach (session::global_get('LOCK_VARS_USED_GET') as $name => $value) {
$_GET[$name] = $value;
}
}
if (session::global_is_set('LOCK_VARS_USED_POST')) {
foreach (session::global_get('LOCK_VARS_USED_POST') as $name => $value) {
$_POST[$name] = $value;
}
}
if (session::global_is_set('LOCK_VARS_USED_REQUEST')) {
foreach (session::global_get('LOCK_VARS_USED_REQUEST') as $name => $value) {
$_REQUEST[$name] = $value;
}
}
}
}
/* Load plugin */
if (is_file("{$plugin_dir}/main.inc")) {
$display = "";
require "{$plugin_dir}/main.inc";
} else {
msg_dialog::display(_("Plugin"), sprintf(_("Fatal error: Cannot find any plugin definitions for plugin '%s' ('%s' is not a file)!"), $plug, "{$plugin_dir}/main.inc"), FATAL_ERROR_DIALOG);
exit;
}
/* Print_out last ErrorMessage repeated string. */
case 'invalidparameter':
$message = sprintf(_('Invalid plugin parameter "%s"!'), $_REQUEST['plug']);
break;
case 'nosession':
$message = _('No session found!');
break;
default:
$message = $_REQUEST['message'];
}
}
/* Got a formular answer, validate and try to log in */
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) {
/* Reset error messages */
$message = "";
/* Destroy old sessions, they cause a successfull login to relog again ...*/
if (session::global_is_set('_LAST_PAGE_REQUEST')) {
session::global_set('_LAST_PAGE_REQUEST', time());
}
/* Admin-logon and verify */
$ldap = $config->get_ldap_link();
if (is_null($ldap) || is_int($ldap) && $ldap == 0) {
msg_dialog::display(_("LDAP error"), msgPool::ldaperror($ldap->get_error(), $this->dn, 0, get_class()), LDAP_ERROR);
displayLogin();
exit;
}
/* Check for schema file presence */
if ($config->get_cfg_value("schemaCheck") == "TRUE") {
$recursive = $config->get_cfg_value("ldapFollowReferrals") == "TRUE";
$tls = $config->get_cfg_value("ldapTLS") == "TRUE";
if (!count($ldap->get_objectclasses())) {
msg_dialog::display(_("LDAP error"), _("Cannot detect information about the installed LDAP schema!"), ERROR_DIALOG);
}
$display = "<!-- headers.tpl-->" . $smarty->fetch(get_template_path('headers.tpl')) . $smarty->fetch(get_template_path('framework.tpl'));
/* Save dialog filters and selected base in a cookie.
So we may be able to restore the filter an base settings on reload.
*/
$cookie = array();
if (isset($_COOKIE['GOsa_Filter_Settings'])) {
$cookie = unserialize(base64_decode($_COOKIE['GOsa_Filter_Settings']));
} elseif (isset($HTTP_COOKIE_VARS['GOsa_Filter_Settings'])) {
$cookie = unserialize(base64_decode($HTTP_COOKIE_VARS['GOsa_Filter_Settings']));
}
/* Save filters? */
if ($config->get_cfg_value("core", "storeFilterSettings") == "true") {
$cookie_vars = array("MultiDialogFilters", "CurrentMainBase");
foreach ($cookie_vars as $var) {
if (session::global_is_set($var)) {
$cookie[$ui->dn][$var] = session::global_get($var);
}
}
if (isset($_GET['plug'])) {
$cookie[$ui->dn]['plug'] = $_GET['plug'];
}
@setcookie("GOsa_Filter_Settings", base64_encode(serialize($cookie)), time() + 60 * 60 * 24);
}
/* Show page... */
echo $display;
/* Save plist and config */
session::global_set('plist', $plist);
session::global_set('config', $config);
session::set('errorsAlreadyPosted', array());
// vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler:
msg_dialog::display(_("Smarty"), sprintf(_("Compile directory %s is not accessible!"), bold('/var/spool/gosa/')), FATAL_ERROR_DIALOG);
exit;
}
/* Get posted language */
if (!session::global_is_set('lang')) {
session::global_set('lang', get_browser_language());
}
if (isset($_POST['lang_selected'])) {
if ($_POST['lang_selected'] != "") {
session::global_set('lang', $_POST['lang_selected']);
} else {
session::global_set('lang', get_browser_language());
}
}
/* Check for js */
if (!isset($_GET['js']) && !session::global_is_set('js')) {
echo '<script language="JavaScript" type="text/javascript">';
echo ' location = "setup.php?js=true";';
echo '</script>';
session::global_set('js', FALSE);
} elseif (isset($_GET['js'])) {
session::global_set('js', TRUE);
}
$lang = session::global_get('lang');
/* Append .UTF-8 to language string if necessary */
if (!preg_match("/utf(-)8\$/i", $lang)) {
$lang .= ".UTF-8";
}
putenv("LANGUAGE=");
putenv("LANG={$lang}");
setlocale(LC_ALL, $lang);