egroupware/setup/admin_account.php

<?php
/**
 * eGroupware Setup - create admin account
 *
 * @link http://www.egroupware.org
 * @package setup
 * @author Miles Lott <milos@groupwhere.org>
 * @author Ralf Becker <RalfBecker-AT-outdoor-training.de>
 * @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
 * @version $Id$
 */

if (strpos($_SERVER['PHP_SELF'],'admin_account.php') !== false)
{
	include('./inc/functions.inc.php');

	// Authorize the user to use setup app and load the database
	// Does not return unless user is authorized
	if(!$GLOBALS['egw_setup']->auth('Config') || get_var('cancel',Array('POST')))
	{
		Header('Location: index.php');
		exit;
	}
	$GLOBALS['egw_setup']->loaddb(true);
}
$error = '';
if ($_POST['submit'])
{
	/* Posted admin data */
	$passwd   = get_var('passwd',Array('POST'));
	$passwd2  = get_var('passwd2',Array('POST'));
	$username = get_var('username',Array('POST'));
	$fname    = get_var('fname',Array('POST'));
	$lname    = get_var('lname',Array('POST'));
	$email    = get_var('email',Array('POST'));

	if($passwd != $passwd2 || !$username)
	{
		$error = '<p>'.lang('Passwords did not match, please re-enter') . ".</p>\n";
	}
	if(!$username)
	{
		$error = '<p>'.lang('You must enter a username for the admin') . ".</p>\n";
	}
}
if(!$_POST['submit'] || $error)
{
	$tpl_root = $GLOBALS['egw_setup']->html->setup_tpl_dir('setup');
	$setup_tpl = CreateObject('phpgwapi.Template',$tpl_root);
	$setup_tpl->set_file(array(
		'T_head'       => 'head.tpl',
		'T_footer'     => 'footer.tpl',
		'T_alert_msg'  => 'msg_alert_msg.tpl',
		'T_login_main' => 'login_main.tpl',
		'T_login_stage_header' => 'login_stage_header.tpl',
		'T_admin_account' => 'admin_account.tpl'
	));
	$setup_tpl->set_block('T_login_stage_header','B_multi_domain','V_multi_domain');
	$setup_tpl->set_block('T_login_stage_header','B_single_domain','V_single_domain');

	$GLOBALS['egw_setup']->html->show_header(lang('Create admin account'));

	$setup_tpl->set_var(array(
		'error'    => $error,
		'username' => $username,
		'fname'    => $fname,
		'lname'    => $lname,
		'email'    => $email,
	));
	$setup_tpl->set_var('action_url','admin_account.php');
	$setup_tpl->set_var('description',lang('This will create a first user in eGroupWare or reset password and admin rights of an exiting user'));
	$setup_tpl->set_var('lang_deleteall',lang('Delete all existing SQL accounts, groups, ACLs and preferences (normally not necessary)?'));

	$setup_tpl->set_var('detailadmin',lang('Details for Admin account'));
	$setup_tpl->set_var('adminusername',lang('Admin username'));
	$setup_tpl->set_var('adminfirstname',lang('Admin first name'));
	$setup_tpl->set_var('adminlastname',lang('Admin last name'));
	$setup_tpl->set_var('adminemail',lang('Admin email address'));
	$setup_tpl->set_var('adminpassword',lang('Admin password'));
	$setup_tpl->set_var('adminpassword2',lang('Re-enter password'));
	$setup_tpl->set_var('admin_all_apps',lang('Give admin access to all installed apps'));
	$setup_tpl->set_var('all_apps_desc',lang('Usually more annoying.<br />Admins can use Admin >> Manage accounts or groups to give access to further apps.'));
	$setup_tpl->set_var('create_demo_accounts',lang('Create demo accounts'));
	$setup_tpl->set_var('demo_desc',lang('The username/passwords are: demo/guest, demo2/guest and demo3/guest.'));

	$setup_tpl->set_var('lang_submit',lang('Save'));
	$setup_tpl->set_var('lang_cancel',lang('Cancel'));
	$setup_tpl->pparse('out','T_admin_account');
	$GLOBALS['egw_setup']->html->show_footer();
}
else
{
	/* Begin transaction for acl, etc */
	$GLOBALS['egw_setup']->db->transaction_begin();

	if($_POST['delete_all'])
	{
		/* Now, clear out existing tables */
		foreach(array($GLOBALS['egw_setup']->accounts_table,$GLOBALS['egw_setup']->acl_table,'egw_access_log') as $table)
		{
			$GLOBALS['egw_setup']->db->delete($table,'1=1',__LINE__,__FILE__);
		}
		// keep default and forced prefs from installed apps
		$GLOBALS['egw_setup']->db->delete($GLOBALS['egw_setup']->prefs_table,'preferences_owner NOT IN (-1,-2)',__LINE__,__FILE__);
		// remove accounts from addressbook
		$GLOBALS['egw_setup']->db->delete('egw_addressbook','account_id IS NOT NULL',__LINE__,__FILE__);
	}
	/* Create the demo groups */
	$defaultgroupid = (int)$GLOBALS['egw_setup']->add_account('Default','Default','Group',False,False);
	$admingroupid   = (int)$GLOBALS['egw_setup']->add_account('Admins','Admin','Group',False,False);

	if (!$defaultgroupid || !$admingroupid)
	{
		if (strpos($_SERVER['PHP_SELF'],'admin_account.php') === false)
		{
			return 42; //lang('Error in group-creation !!!');	// dont exit on setup-cli
		}
		echo '<p><b>'.lang('Error in group-creation !!!')."</b></p>\n";
		echo '<p>'.lang('click <a href="index.php">here</a> to return to setup.')."</p>\n";
		$GLOBALS['egw_setup']->db->transaction_abort();
		exit;
	}

	// Group perms for the default group
	$GLOBALS['egw_setup']->add_acl(array('addressbook','calendar','infolog','felamimail','filemanager','preferences','manual','groupdav','notifications','syncml','importexport','activesync'),'run',$defaultgroupid);

	$apps = array();
	foreach($GLOBALS['egw_setup']->db->select($GLOBALS['egw_setup']->applications_table,'app_name','app_enabled < 3',__LINE__,__FILE__) as $row)
	{
		$apps[] = $row['app_name'];
	}
	// if not otherwise selected, give admin only access to the rest of the default apps,
	// not yet set for the default group or development only apps like (etemplate, jinn, tt's)
	if (!$_POST['admin_all_apps'])
	{
		$apps = array_intersect(array('admin','bookmarks','emailadmin','mydms','news_admin','phpbrain','phpsysinfo','polls','phpfreechat','projectmanager','resources','sambaadmin','sitemgr','timesheet','tracker','wiki'),$apps);
	}
	$GLOBALS['egw_setup']->add_acl($apps,'run',$admingroupid);

	/* Creation of the demo accounts is optional - the checkbox is on by default. */
	if(get_var('create_demo',Array('POST')))
	{
		// Create 3 demo accounts
		$GLOBALS['egw_setup']->add_account('demo','Demo','Account','guest');
		$GLOBALS['egw_setup']->add_account('demo2','Demo2','Account','guest');
		$GLOBALS['egw_setup']->add_account('demo3','Demo3','Account','guest');
	}

	/* Create records for administrator account, with Admins as primary and Default as additional group */
	$accountid = $GLOBALS['egw_setup']->add_account($username,$fname,$lname,$passwd,'Admins',True,$email);
	if (!$accountid)
	{
		if (strpos($_SERVER['PHP_SELF'],'admin_account.php') === false)
		{
			return 41; //lang('Error in admin-creation !!!');	// dont exit on setup-cli
		}
		echo '<p><b>'.lang('Error in admin-creation !!!')."</b></p>\n";
		echo '<p>'.lang('click <a href="index.php">here</a> to return to setup.')."</p>\n";
		$GLOBALS['egw_setup']->db->transaction_abort();
		exit;
	}
	$GLOBALS['egw_setup']->set_memberships(array($admingroupid,$defaultgroupid),$accountid);

	$GLOBALS['egw_setup']->db->transaction_commit();

	if (strpos($_SERVER['PHP_SELF'],'admin_account.php') !== false)
	{
		Header('Location: index.php');
	}
}
this is now setup3 code 2001-07-30 17:59:25 +02:00			`<?php`
got setup command line interface fully working: - create, edit & update the header - install & update eGW - config eGW - create admin account - install & update languages - create & restore (install) backups ---> update, languages & backup can work for all domains at once ---> for use in 1.2 you have to update/switch the whole setup app to HEAD/trunk 2006-05-29 04:56:16 +02:00			`/**`
phpDoc headers 2008-08-20 08:04:28 +02:00			`* eGroupware Setup - create admin account`
got setup command line interface fully working: - create, edit & update the header - install & update eGW - config eGW - create admin account - install & update languages - create & restore (install) backups ---> update, languages & backup can work for all domains at once ---> for use in 1.2 you have to update/switch the whole setup app to HEAD/trunk 2006-05-29 04:56:16 +02:00			`*`
			`* @link http://www.egroupware.org`
			`* @package setup`
			`* @author Miles Lott <milos@groupwhere.org>`
			`* @author Ralf Becker <RalfBecker-AT-outdoor-training.de>`
			`* @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License`
			`* @version $Id$`
			`*/`

phpDoc headers 2008-08-20 08:04:28 +02:00			`if (strpos($_SERVER['PHP_SELF'],'admin_account.php') !== false)`
			`{`
			`include('./inc/functions.inc.php');`

			`// Authorize the user to use setup app and load the database`
			`// Does not return unless user is authorized`
			`if(!$GLOBALS['egw_setup']->auth('Config') \|\| get_var('cancel',Array('POST')))`
Removed random account numbers for maximum db portability. 2001-09-17 04:23:41 +02:00			`{`
phpDoc headers 2008-08-20 08:04:28 +02:00			`Header('Location: index.php');`
			`exit;`
this is now setup3 code 2001-07-30 17:59:25 +02:00			`}`
phpDoc headers 2008-08-20 08:04:28 +02:00			`$GLOBALS['egw_setup']->loaddb(true);`
			`}`
			`$error = '';`
			`if ($_POST['submit'])`
			`{`
			`/* Posted admin data */`
			`$passwd = get_var('passwd',Array('POST'));`
			`$passwd2 = get_var('passwd2',Array('POST'));`
			`$username = get_var('username',Array('POST'));`
			`$fname = get_var('fname',Array('POST'));`
			`$lname = get_var('lname',Array('POST'));`
			`$email = get_var('email',Array('POST'));`

			`if($passwd != $passwd2 \|\| !$username)`
- setup uses now the system_charset, that fixes various errors reported: + setup_demo gives errors under postgres + setup_demo can save special chars in the admin name - renamed setup_demo into admin_account, as setting up demo accounts is the least used function of it - fixed warning db::delete missing params, if delete_all was checked 2005-11-27 08:48:22 +01:00			`{`
phpDoc headers 2008-08-20 08:04:28 +02:00			`$error = '<p>'.lang('Passwords did not match, please re-enter') . ".</p>\n";`
- setup uses now the system_charset, that fixes various errors reported: + setup_demo gives errors under postgres + setup_demo can save special chars in the admin name - renamed setup_demo into admin_account, as setting up demo accounts is the least used function of it - fixed warning db::delete missing params, if delete_all was checked 2005-11-27 08:48:22 +01:00			`}`
phpDoc headers 2008-08-20 08:04:28 +02:00			`if(!$username)`
setup_demo now works for LDAP (here anyway) and still works for SQL; now uses the accounts classes in phpgw; This is devel CVS, please test ;) 2001-12-11 05:36:40 +01:00			`{`
phpDoc headers 2008-08-20 08:04:28 +02:00			`$error = '<p>'.lang('You must enter a username for the admin') . ".</p>\n";`
setup_demo now works for LDAP (here anyway) and still works for SQL; now uses the accounts classes in phpgw; This is devel CVS, please test ;) 2001-12-11 05:36:40 +01:00			`}`
phpDoc headers 2008-08-20 08:04:28 +02:00			`}`
			`if(!$_POST['submit'] \|\| $error)`
			`{`
			`$tpl_root = $GLOBALS['egw_setup']->html->setup_tpl_dir('setup');`
			`$setup_tpl = CreateObject('phpgwapi.Template',$tpl_root);`
			`$setup_tpl->set_file(array(`
			`'T_head' => 'head.tpl',`
			`'T_footer' => 'footer.tpl',`
			`'T_alert_msg' => 'msg_alert_msg.tpl',`
			`'T_login_main' => 'login_main.tpl',`
			`'T_login_stage_header' => 'login_stage_header.tpl',`
			`'T_admin_account' => 'admin_account.tpl'`
			`));`
			`$setup_tpl->set_block('T_login_stage_header','B_multi_domain','V_multi_domain');`
			`$setup_tpl->set_block('T_login_stage_header','B_single_domain','V_single_domain');`
setup_demo now works for LDAP (here anyway) and still works for SQL; now uses the accounts classes in phpgw; This is devel CVS, please test ;) 2001-12-11 05:36:40 +01:00
phpDoc headers 2008-08-20 08:04:28 +02:00			`$GLOBALS['egw_setup']->html->show_header(lang('Create admin account'));`
this is now setup3 code 2001-07-30 17:59:25 +02:00
phpDoc headers 2008-08-20 08:04:28 +02:00			`$setup_tpl->set_var(array(`
			`'error' => $error,`
			`'username' => $username,`
			`'fname' => $fname,`
			`'lname' => $lname,`
			`'email' => $email,`
			`));`
			`$setup_tpl->set_var('action_url','admin_account.php');`
			`$setup_tpl->set_var('description',lang('This will create a first user in eGroupWare or reset password and admin rights of an exiting user'));`
			`$setup_tpl->set_var('lang_deleteall',lang('Delete all existing SQL accounts, groups, ACLs and preferences (normally not necessary)?'));`
give admin access to all apps, to save us some support requests 2004-03-21 17:11:51 +01:00
phpDoc headers 2008-08-20 08:04:28 +02:00			`$setup_tpl->set_var('detailadmin',lang('Details for Admin account'));`
			`$setup_tpl->set_var('adminusername',lang('Admin username'));`
			`$setup_tpl->set_var('adminfirstname',lang('Admin first name'));`
			`$setup_tpl->set_var('adminlastname',lang('Admin last name'));`
			`$setup_tpl->set_var('adminemail',lang('Admin email address'));`
			`$setup_tpl->set_var('adminpassword',lang('Admin password'));`
			`$setup_tpl->set_var('adminpassword2',lang('Re-enter password'));`
			`$setup_tpl->set_var('admin_all_apps',lang('Give admin access to all installed apps'));`
			`$setup_tpl->set_var('all_apps_desc',lang('Usually more annoying.<br />Admins can use Admin >> Manage accounts or groups to give access to further apps.'));`
			`$setup_tpl->set_var('create_demo_accounts',lang('Create demo accounts'));`
			`$setup_tpl->set_var('demo_desc',lang('The username/passwords are: demo/guest, demo2/guest and demo3/guest.'));`

			`$setup_tpl->set_var('lang_submit',lang('Save'));`
			`$setup_tpl->set_var('lang_cancel',lang('Cancel'));`
			`$setup_tpl->pparse('out','T_admin_account');`
			`$GLOBALS['egw_setup']->html->show_footer();`
			`}`
			`else`
			`{`
			`/* Begin transaction for acl, etc */`
			`$GLOBALS['egw_setup']->db->transaction_begin();`

			`if($_POST['delete_all'])`
			`{`
			`/* Now, clear out existing tables */`
* API: full support of active directory as account storage, tested so far with Samba4 2013-05-22 19:22:20 +02:00			`foreach(array($GLOBALS['egw_setup']->accounts_table,$GLOBALS['egw_setup']->acl_table,'egw_access_log') as $table)`
give admin access to all apps, to save us some support requests 2004-03-21 17:11:51 +01:00			`{`
phpDoc headers 2008-08-20 08:04:28 +02:00			`$GLOBALS['egw_setup']->db->delete($table,'1=1',__LINE__,__FILE__);`
- new account-migration script which replace the former import and export - retired the modifiy script as it's no longer necessary - removed references and translations of the old scripts - removed ldap version 3 switch from config 2006-06-08 01:10:06 +02:00			`}`
* API: full support of active directory as account storage, tested so far with Samba4 2013-05-22 19:22:20 +02:00			`// keep default and forced prefs from installed apps`
			`$GLOBALS['egw_setup']->db->delete($GLOBALS['egw_setup']->prefs_table,'preferences_owner NOT IN (-1,-2)',__LINE__,__FILE__);`
			`// remove accounts from addressbook`
			`$GLOBALS['egw_setup']->db->delete('egw_addressbook','account_id IS NOT NULL',__LINE__,__FILE__);`
phpDoc headers 2008-08-20 08:04:28 +02:00			`}`
			`/* Create the demo groups */`
			`$defaultgroupid = (int)$GLOBALS['egw_setup']->add_account('Default','Default','Group',False,False);`
			`$admingroupid = (int)$GLOBALS['egw_setup']->add_account('Admins','Admin','Group',False,False);`

			`if (!$defaultgroupid \|\| !$admingroupid)`
			`{`
			`if (strpos($_SERVER['PHP_SELF'],'admin_account.php') === false)`
- new account-migration script which replace the former import and export - retired the modifiy script as it's no longer necessary - removed references and translations of the old scripts - removed ldap version 3 switch from config 2006-06-08 01:10:06 +02:00			`{`
phpDoc headers 2008-08-20 08:04:28 +02:00			`return 42; //lang('Error in group-creation !!!'); // dont exit on setup-cli`
give admin access to all apps, to save us some support requests 2004-03-21 17:11:51 +01:00			`}`
phpDoc headers 2008-08-20 08:04:28 +02:00			`echo '<p><b>'.lang('Error in group-creation !!!')."</b></p>\n";`
			`echo '<p>'.lang('click <a href="index.php">here</a> to return to setup.')."</p>\n";`
			`$GLOBALS['egw_setup']->db->transaction_abort();`
			`exit;`
			`}`

			`// Group perms for the default group`
add importexport and activesync to apps of Default group, when creating a new admin user 2011-05-07 14:36:46 +02:00			`$GLOBALS['egw_setup']->add_acl(array('addressbook','calendar','infolog','felamimail','filemanager','preferences','manual','groupdav','notifications','syncml','importexport','activesync'),'run',$defaultgroupid);`
phpDoc headers 2008-08-20 08:04:28 +02:00
			`$apps = array();`
* give everyone implicit rights for home app, as taking them away makes to many support problems 2011-03-30 09:54:29 +02:00			`foreach($GLOBALS['egw_setup']->db->select($GLOBALS['egw_setup']->applications_table,'app_name','app_enabled < 3',__LINE__,__FILE__) as $row)`
phpDoc headers 2008-08-20 08:04:28 +02:00			`{`
* give everyone implicit rights for home app, as taking them away makes to many support problems 2011-03-30 09:54:29 +02:00			`$apps[] = $row['app_name'];`
phpDoc headers 2008-08-20 08:04:28 +02:00			`}`
			`// if not otherwise selected, give admin only access to the rest of the default apps,`
			`// not yet set for the default group or development only apps like (etemplate, jinn, tt's)`
			`if (!$_POST['admin_all_apps'])`
			`{`
"adding 'bookmarks' & 'phpfreechat' to apps of Admins group" 2010-05-20 20:43:09 +02:00			`$apps = array_intersect(array('admin','bookmarks','emailadmin','mydms','news_admin','phpbrain','phpsysinfo','polls','phpfreechat','projectmanager','resources','sambaadmin','sitemgr','timesheet','tracker','wiki'),$apps);`
phpDoc headers 2008-08-20 08:04:28 +02:00			`}`
			`$GLOBALS['egw_setup']->add_acl($apps,'run',$admingroupid);`

			`/* Creation of the demo accounts is optional - the checkbox is on by default. */`
			`if(get_var('create_demo',Array('POST')))`
			`{`
			`// Create 3 demo accounts`
			`$GLOBALS['egw_setup']->add_account('demo','Demo','Account','guest');`
			`$GLOBALS['egw_setup']->add_account('demo2','Demo2','Account','guest');`
			`$GLOBALS['egw_setup']->add_account('demo3','Demo3','Account','guest');`
			`}`
Removed random account numbers for maximum db portability. 2001-09-17 04:23:41 +02:00
phpDoc headers 2008-08-20 08:04:28 +02:00			`/* Create records for administrator account, with Admins as primary and Default as additional group */`
			`$accountid = $GLOBALS['egw_setup']->add_account($username,$fname,$lname,$passwd,'Admins',True,$email);`
			`if (!$accountid)`
			`{`
			`if (strpos($_SERVER['PHP_SELF'],'admin_account.php') === false)`
stoping account or group creation process, if there is an error and therefor no id (else the acl or preference class assumes to change the current user) 2004-07-13 00:06:13 +02:00			`{`
phpDoc headers 2008-08-20 08:04:28 +02:00			`return 41; //lang('Error in admin-creation !!!'); // dont exit on setup-cli`
stoping account or group creation process, if there is an error and therefor no id (else the acl or preference class assumes to change the current user) 2004-07-13 00:06:13 +02:00			`}`
phpDoc headers 2008-08-20 08:04:28 +02:00			`echo '<p><b>'.lang('Error in admin-creation !!!')."</b></p>\n";`
			`echo '<p>'.lang('click <a href="index.php">here</a> to return to setup.')."</p>\n";`
			`$GLOBALS['egw_setup']->db->transaction_abort();`
			`exit;`
			`}`
			`$GLOBALS['egw_setup']->set_memberships(array($admingroupid,$defaultgroupid),$accountid);`
Moved setup and schema_proc classes to api; reorganize how the setup class is created 2002-03-03 22:53:00 +01:00
phpDoc headers 2008-08-20 08:04:28 +02:00			`$GLOBALS['egw_setup']->db->transaction_commit();`
setup_demo now works for LDAP (here anyway) and still works for SQL; now uses the accounts classes in phpgw; This is devel CVS, please test ;) 2001-12-11 05:36:40 +01:00
phpDoc headers 2008-08-20 08:04:28 +02:00			`if (strpos($_SERVER['PHP_SELF'],'admin_account.php') !== false)`
			`{`
			`Header('Location: index.php');`
setup_demo now works for LDAP (here anyway) and still works for SQL; now uses the accounts classes in phpgw; This is devel CVS, please test ;) 2001-12-11 05:36:40 +01:00			`}`
phpDoc headers 2008-08-20 08:04:28 +02:00			`}`