diff --git a/phpgwapi/inc/class.accounts_ldap.inc.php b/phpgwapi/inc/class.accounts_ldap.inc.php index b626ac44ed..357b0cf14c 100644 --- a/phpgwapi/inc/class.accounts_ldap.inc.php +++ b/phpgwapi/inc/class.accounts_ldap.inc.php @@ -26,7 +26,7 @@ // Dont know where to put this (seek3r) // This is where it belongs (jengo) - // This is where it ended up (milosch) + // This is where it ended up (milosch) /* Since LDAP will return system accounts, there are a few we don't want to login. */ $phpgw_info['server']['global_denied_users'] = array( 'root' => True, 'bin' => True, 'daemon' => True, @@ -43,25 +43,7 @@ 'qmailr' => True, 'qmails' => True, 'rpc' => True, 'rpcuser' => True, 'amanda' => True, 'apache' => True, 'pvm' => True, 'squid' => True, 'ident' => True, - 'nscd' => True, 'mailnull' => True, 'cyrus' => True, - 'backup' => True - ); - - $phpgw_info['server']['global_denied_groups'] = array( - 'root' => True, 'bin' => True, 'daemon' => True, - 'sys' => True, 'adm' => True, 'tty' => True, - 'disk' => True, 'lp' => True, 'mem' => True, - 'kmem' => True, 'wheel' => True, 'mail' => True, - 'uucp' => True, 'man' => True, 'games' => True, - 'dip' => True, 'ftp' => True, 'nobody' => True, - 'floppy' => True, 'xfs' => True, 'console' => True, - 'utmp' => True, 'pppusers' => True, 'popusers' => True, - 'slipusers' => True, 'slocate' => True, 'mysql' => True, - 'dnstools' => True, 'web' => True, 'named' => True, - 'dba' => True, 'oinstall' => True, 'oracle' => True, - 'gdm' => True, 'sweep' => True, 'cvs' => True, - 'postgres' => True, 'qmail' => True, 'nofiles' => True, - 'ldap' => True. 'backup' => True + 'nscd' => True, 'mailnull' => True, 'cyrus' => True ); class accounts_ @@ -80,32 +62,16 @@ { global $phpgw, $phpgw_info; - /* get an ldap connection handle */ + // get a ldap connection handle $ds = $phpgw->common->ldapConnect(); - $acct_type = $this->get_type($this->account_id); - /* search the dn for the given uid */ - if ( ($acct_type == 'g') && $phpgw_info['server']['ldap_group_context'] ) - { - $sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], 'gidnumber='.$this->account_id); - } - else - { - $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uidnumber='.$this->account_id); - } + // search the dn for the given uid + $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uidnumber='.$this->account_id); $allValues = ldap_get_entries($ds, $sri); /* Now dump it into the array; take first entry found */ - if($acct_type =='g') - { - $this->data['account_id'] = $allValues[0]['gidnumber'][0]; - $this->data['account_lid'] = $allValues[0]['cn'][0]; - } - else - { - $this->data['account_id'] = $allValues[0]['uidnumber'][0]; - $this->data['account_lid'] = $allValues[0]['uid'][0]; - } + $this->data['account_id'] = $allValues[0]['uidnumber'][0]; + $this->data['account_lid'] = $allValues[0]['uid'][0]; $this->data['account_dn'] = $allValues[0]['dn']; $this->data['firstname'] = $allValues[0]['givenname'][0]; $this->data['lastname'] = $allValues[0]['sn'][0]; @@ -115,13 +81,14 @@ $this->data['homedirectory'] = $allValues[0]['homedirectory'][0]; $this->data['loginshell'] = $allValues[0]['loginshell'][0]; } + $this->db->query("SELECT * FROM phpgw_accounts WHERE account_id='" . $this->data['account_id'] . "'",__LINE__,__FILE__); + $this->db->next_record(); - $this->data['lastlogin'] = $allValues[0]['phpgwaccountlastlogin'][0]; - $this->data['lastloginfrom'] = $allValues[0]['phpgwaccountlastloginfrom'][0]; - $this->data['lastpasswd_change'] = $allValues[0]['phpgwlastpasswdchange'][0]; - $this->data['status'] = $allValues[0]['phpgwaccountstatus'][0]; - $this->data['type'] = $allValues[0]['phpgwaccounttype'][0]; - $this->data['expires'] = $allValues[0]['phpgwaccountexpires'][0]; + $this->data['lastlogin'] = $this->db->f('account_lastlogin'); + $this->data['lastloginfrom'] = $this->db->f('account_lastloginfrom'); + $this->data['lastpasswd_change'] = $this->db->f('account_lastpwd_change'); + $this->data['status'] = $this->db->f('account_status'); + $this->data['expires'] = -1; return $this->data; } @@ -131,28 +98,14 @@ global $phpgw_info, $phpgw; $ds = $phpgw->common->ldapConnect(); - $acct_type = $this->get_type($this->account_id); - /* search the dn for the given u/gidnumber */ - if ( ($acct_type == 'g') && $phpgw_info['server']['ldap_group_context'] ) - { - $sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], 'gidnumber='.$this->account_id); - } - else - { - $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uidnumber='.$this->account_id); - } + // search the dn for the given uid + $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uidnumber='.$this->account_id); $allValues = ldap_get_entries($ds, $sri); - $entry['cn'] = sprintf("%s %s", $this->data['firstname'], $this->data['lastname']); - $entry['sn'] = $this->data['lastname']; - $entry['givenname'] = $this->data['firstname']; - $entry['phpgwaccountlastlogin'] = $this->data['lastlogin']; - $entry['phpgwaccountlastloginfrom'] = $this->data['lastloginfrom']; - $entry['phpgwlastpasswdchange'] = $this->data['lastpasswd_change']; - $entry['phpgwaccountstatus'] = $this->data['status']; - $entry['phpgwaccounttype'] = $this->data['type']; - $entry['phpgwaccountexpires'] = $this->data['expires']; + $entry['cn'] = sprintf("%s %s", $this->data['firstname'], $this->data['lastname']); + $entry['sn'] = $this->data['lastname']; + $entry['givenname'] = $this->data['firstname']; if ($phpgw_info['server']['ldap_extra_attributes']) { @@ -160,141 +113,31 @@ $entry['loginshell'] = $this->data['loginshell']; } - /* - Changing the uid: Need to delete and add new, since - PHP cannot change the dn for the entry. - */ - if ($acct_type == 'g') { $test = $allValues[0]['cn'][0]; } - else { $test = $allValues[0]['uid'][0]; } - if ($test != $this->data['account_lid']) + while (list($key,$val) = each($entry)) { - ldap_delete($ds,$allValues[0]['dn']); - unset($allValues[0]['dn']); - while (list($key,$val) = each($allValues[0])) + $tmpentry = ''; + $tmpentry[$key] = trim($val); // must trim! + //echo '
'.$key.' '.$val; + if ($tmpentry[$key] && $key) { - /* Don't include row count and headers */ - if (gettype($key) == 'string' && $key != 'count') + if (!$allValues[0][$key][0]) { - if (is_array($val)) - { - if (count($val) == 1) - { - if($val[0]) { $entry[$key] = $val[0]; } - } - else - { - for ($i=0;$idata['account_type'] == 'g' && $phpgw_info['server']['ldap_group_context'] ) - { - $dn = 'cn='.$this->data['account_lid'].','.$phpgw_info['server']['ldap_group_context']; - $entry['cn'] = $this->data['account_lid']; - $entry['gidnumber'] = $this->data['account_id']; - /* $entry["objectclass"] = ''; */ - $entry['objectclass'][0] = 'top'; - $entry['objectclass'][1] = 'posixGroup'; - $members = $this->members($this->data["account_id"]); - $entry['memberuid'] = array(); - for ($i=0;$iid2name($members[$i]['account_id']); - if (!$this->isin_array($currname,$entry['memberuid'])) - { - $entry['memberuid'][] = $currname; - } - } - } - /* Accounts */ - else - { - $dn = 'uid='.$this->data['account_lid'].','.$phpgw_info['server']['ldap_context']; - $entry['uidnumber'] = $this->data['account_id']; - $entry['cn'] = sprintf("%s %s", $this->data['firstname'], $this->data['lastname']); - $entry['uid'] = $this->data['account_lid']; - $entry['givenname'] = $this->data['firstname']; - $entry['sn'] = $this->data['lastname']; - $entry['objectclass'] = ''; - $entry['objectclass'][0] = 'top'; - $entry['objectclass'][1] = 'person'; - $entry['objectclass'][2] = 'organizationalPerson'; - $entry['objectclass'][3] = 'inetOrgPerson'; - /* $entry['objectclass'][4] = 'account'; Causes problems with some LDAP servers */ - $entry['objectclass'][4] = 'posixAccount'; - $entry['objectclass'][5] = 'shadowAccount'; - $entry['objectclass'][6] = 'phpgwAccount'; - - if ($phpgw_info['server']['ldap_extra_attributes']) - { - $entry['homedirectory'] = $this->data['homedirectory']; - $entry['loginshell'] = $this->data['loginshell']; - } - } - /* print_r($entry); exit;*/ - ldap_add($ds, $dn, $entry); - } - /* Normal behavior for save_repository */ - else - { - if ($this->data['account_type'] == 'g' && $phpgw_info['server']['ldap_group_context'] ) - { - $members = $this->members($this->data['account_id']); - $entry['memberuid'] = array(); - for ($i=0;$iid2name($members[$i]['account_id']); - if (!$this->isin_array($currname,$entry['memberuid'])) - { - $entry['memberuid'][] = $currname; - } - } - unset($entry['givenname']); - unset($entry['sn']); - } - while (list($key,$val) = each($entry)) - { - $tmpentry = ''; - if(is_array($val)) - { - $tmpentry[$key] = $val; + // attribute was not in LDAP, add it + ldap_mod_add($ds, $allValues[0]['dn'], $tmpentry); } else { - $tmpentry[$key] = trim($val); /* must trim! */ - } - - if ($tmpentry[$key] && $key) - { - if (!$allValues[0][$key][0]) - { - /* attribute was not in LDAP, add it */ - ldap_mod_add($ds, $allValues[0]['dn'], $tmpentry); - } - else - { - /* attribute was in LDAP, modify it */ - ldap_modify($ds, $allValues[0]['dn'], $tmpentry); - } + // attribute was in LDAP, modify it + //echo $val.' '; + ldap_modify($ds, $allValues[0]['dn'], $tmpentry); } } } - } - function isin_array($needle,$haystack=array()) - { - for($i=0;$idb->query("update phpgw_accounts set account_firstname='" . $this->data['firstname'] + . "', account_lastname='" . $this->data['lastname'] . "', account_status='" + . $this->data['status'] . "' where account_id='" . $this->account_id . "'",__LINE__,__FILE__); + } function delete($accountid = '') @@ -312,7 +155,7 @@ $del = ldap_delete($ds, $allValues[0]['dn']); } - /* Do this last since we are depending upon this record to get the account_lid above */ + // Do this last since we are depending upon this record to get the account_lid above $tables_array = Array('phpgw_accounts'); $this->db->lock($tables_array); $this->db->query('DELETE FROM phpgw_accounts WHERE account_id='.$account_id); @@ -325,70 +168,72 @@ if ($offset) { - $limitclause = '';//$phpgw->db->limit($start,$offset); + $limitclause = $phpgw->db->limit($start,$offset); } elseif ($start && !$offset) { - $limitclause = '';//$phpgw->db->limit($start); + $limitclause = $phpgw->db->limit($start); } if (! $sort) { - $sort = '';//"desc"; + $sort = 'desc'; } if ($order) { - $orderclause = '';//"order by $order $sort"; + $orderclause = "ORDER BY $order $sort"; } else { - $orderclause = '';//"order by account_lid,account_lastname,account_firstname asc"; + $orderclause = 'ORDER BY account_lid,account_lastname,account_firstname ASC'; } $ds = $phpgw->common->ldapConnect(); - if ($_type == 'both' || $_type == 'accounts') + switch($_type) { - $sri = ldap_search($ds, $phpgw_info["server"]["ldap_context"], '(&(uidnumber=*)(phpgwaccounttype=u))'); - $allValues = ldap_get_entries($ds, $sri); - while (list($null,$allVals) = @each($allValues)) + case 'accounts': + $whereclause = "WHERE account_type = 'u'"; + break; + case 'groups': + $whereclause = "WHERE account_type = 'g'"; + break; + default: + $whereclause = ''; + } + + $sql = "SELECT * FROM phpgw_accounts $whereclause $orderclause $limitclause"; + $this->db->query($sql,__LINE__,__FILE__); + while ($this->db->next_record()) + { + // get user information from ldap only, if it's a user, not a group + if ($this->db->f('account_type') == 'u') { - $test = $allVals['uid'][0]; - if (!$phpgw_info['server']['global_denied_users'][$test]) - { - $accounts[] = Array( - 'account_id' => $allVals['uidnumber'][0], - 'account_lid' => $allVals['uid'][0], - 'account_type' => $allVals['phpgwaccounttype'], - 'account_firstname' => $allVals['givenname'][0], - 'account_lastname' => $allVals['sn'][0], - 'account_status' => $allVals['phpgwaccountstatus'][0] - ); - } + $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uidnumber='.$this->db->f('account_id')); + $allValues = ldap_get_entries($ds, $sri); + $accounts[] = Array( + 'account_id' => $allValues[0]['uidnumber'][0], + 'account_lid' => $allValues[0]['uid'][0], + 'account_type' => $this->db->f('account_type'), + 'account_firstname' => $allValues[0]['givenname'][0], + 'account_lastname' => $allValues[0]['sn'][0], + 'account_status' => $this->db->f('account_status') + ); + } + else + { + $accounts[] = Array( + 'account_id' => $this->db->f('account_id'), + 'account_lid' => $this->db->f('account_lid'), + 'account_type' => $this->db->f('account_type'), + 'account_firstname' => $this->db->f('account_firstname'), + 'account_lastname' => $this->db->f('account_lastname'), + 'account_status' => $this->db->f('account_status') + ); } } - elseif ($_type == 'both' || $_type == 'groups') - { - $sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], '(|(gidnumber=*)(phpgwaccounttype=g))'); - $allValues = ldap_get_entries($ds, $sri); - while (list($null,$allVals) = @each($allValues)) - { - $test = $allVals['cn'][0]; - if (!$phpgw_info['server']['global_denied_groups'][$test]) - { - $accounts[] = Array( - 'account_id' => $allVals['gidnumber'][0], - 'account_lid' => $allVals['cn'][0], - 'account_type' => $allVals['phpgwaccounttype'], - 'account_firstname' => $allVals['givenname'][0], - 'account_lastname' => $allVals['sn'][0], - 'account_status' => $allVals['phpgwaccountstatus'][0] - ); - } - } - } - $this->total = count($accounts); + return $accounts; } @@ -396,129 +241,11 @@ { global $phpgw, $phpgw_info; - $ds = $phpgw->common->ldapConnect(); - $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], "uid=$account_lid"); - $allValues = ldap_get_entries($ds, $sri); - - if ($allValues[0]['uidnumber'][0]) + $this->db->query("SELECT account_id FROM phpgw_accounts WHERE account_lid='".$account_lid."'",__LINE__,__FILE__); + if($this->db->num_rows()) { - return $allValues[0]['uidnumber'][0]; - } - - $sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], "cn=$account_id"); - $allValues = ldap_get_entries($ds, $sri); - - if ($allValues[0]['gidnumber'][0]) - { - return $allValues[0]['gidnumber'][0]; - } - - return False; - } - - function id2name($account_id) - { - global $phpgw, $phpgw_info; - - $ds = $phpgw->common->ldapConnect(); - $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], "uidnumber=$account_id"); - $allValues = ldap_get_entries($ds, $sri); - - if ($allValues[0]['uid'][0]) - { - return $allValues[0]['uid'][0]; - } - - $sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], "gidnumber=$account_id"); - $allValues = ldap_get_entries($ds, $sri); - - if ($allValues[0]['uid'][0]) - { - return $allValues[0]['uid'][0]; - } - - return False; - } - - function get_type($accountid = '') - { - global $phpgw, $phpgw_info; - - $account_id = get_account_id($accountid); - $ds = $phpgw->common->ldapConnect(); - - $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], "uid=$account_id"); - $allValues = ldap_get_entries($ds, $sri); - - if ($allValues[0]['phpgwaccounttype'][0]) - { - return $allValues[0]['phpgwaccounttype'][0]; - } - - $allValues = array(); - - $sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], "cn=$account_id"); - $allValues = ldap_get_entries($ds, $sri); - - if ($allValues[0]['phpgwaccounttype'][0]) - { - return $allValues[0]['phpgwaccounttype'][0]; - } - - return False; - } - - function exists($account_lid) - { - global $phpgw, $phpgw_info; - - if(gettype($account_lid) == 'integer') - { - $account_id = $account_lid; - settype($account_lid,'string'); - $account_lid = $this->id2name($account_id); - $searchlid = 0; - } - else - { - $searchlid = 1; - $account_id = $this->name2id($account_lid); - } - - $ds = $phpgw->common->ldapConnect(); - $acct_type = $this->acct_type; - - if ($acct_type == 'g' && $phpgw_info['server']['ldap_group_context']) - { - if($searchlid) - { - /* echo '
searching LDAP groups for lid: '.$account_lid; */ - $sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], 'cn='.$account_lid); - } - else - { - /* echo '
searching LDAP groups for id: '.$account_id; */ - $sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], 'gidnumber='.$account_id); - } - } - else - { - if($searchlid) - { - /* echo '
searching LDAP accounts for lid: '.$account_lid; */ - $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uid='.$account_lid); - } - else - { - /* echo '
searching LDAP accounts for id: '.$account_id; */ - $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uidnumber='.$account_id); - } - } - $allValues = ldap_get_entries($ds, $sri); - - if ($allValues[0]['dn']) - { - return True; + $this->db->next_record(); + return intval($this->db->f('account_id')); } else { @@ -526,37 +253,130 @@ } } + function id2name($account_id) + { + global $phpgw, $phpgw_info; + + $this->db->query("SELECT account_lid FROM phpgw_accounts WHERE account_id='".$account_id."'",__LINE__,__FILE__); + if($this->db->num_rows()) + { + $this->db->next_record(); + return $this->db->f('account_lid'); + } + else + { + return False; + } + } + + function get_type($accountid = '') + { + global $phpgw, $phpgw_info; + + $account_id = get_account_id($accountid); + $this->db->query("SELECT account_type FROM phpgw_accounts WHERE account_id='".$account_id."'",__LINE__,__FILE__); + if ($this->db->num_rows()) + { + $this->db->next_record(); + return $this->db->f('account_type'); + } + else + { + return False; + } + } + + /* + * returns nonzero if $account exists in SQL or LDAP: 0: nowhere 1: SQL, 2: LDAP, 3: SQL+LDAP + * $account can be an account_id (LDAP: uidnumber) or an account_lid (LDAP: uid) (is determinded by gettype($account) == 'interger') + */ + function exists($account) + { + global $phpgw, $phpgw_info; + + if(gettype($account) == 'integer') + { + $sql_name = 'account_id'; + $ldap_name = 'uidnumber'; + } + else + { + $sql_name = 'account_lid'; + $ldap_name = 'uid'; + } + $this->db->query("SELECT count(*) FROM phpgw_accounts WHERE $sql_name='$account'",__LINE__,__FILE__); + $this->db->next_record(); + if ($this->db->f(0)) + { + $in += 1; + } + + $ds = $phpgw->common->ldapConnect(); + $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], "$ldap_name=$account"); + $allValues = ldap_get_entries($ds, $sri); + + if ($allValues[0]['dn']) + { + $in += 2; + } + // echo "

class_accounts_ldap->exists('$account') == $in

"; + + return $in; + } + function create($account_info) { global $phpgw_info, $phpgw; $ds = $phpgw->common->ldapConnect(); - $this->acct_type = $account_type; - /* echo '
in create for account_lid: "'.$account_lid.'"'; */ - if (empty($account_info['id']) || !$account_info['id']) + if (!($account_id = $account_info['account_id'])) { - $account_id = $this->get_nextid(); - /* echo '
using'.$account_id;exit; */ - } - $entry['userpasswd'] = $account_info['account_passwd']; -// $entry['phpgwaccountlastlogin'] = $account_info['lastlogin']; -// $entry['phpgwaccountlastloginfrom'] = $account_info['lastloginfrom']; -// $entry['phpgwlastpasswdchange'] = $account_info['lastpasswd_change']; -// $entry['phpgwaccountstatus'] = $account_info['account_status']; - $entry['phpgwaccounttype'] = $account_info['account_type']; - $entry['phpgwaccountexpires'] = $account_info['account_expires']; + if ($phpgw_info['server']['account_min_id']) { $min = $phpgw_info['server']['account_min_id']; } + if ($phpgw_info['server']['account_max_id']) { $max = $phpgw_info['server']['account_max_id']; } - if ($account_type == 'g') - { - $sri = ldap_search($ds, $phpgw_info['server']['ldap_group_context'], 'cn=' . $account_info['account_lid']); - } - else - { - $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'], 'uid=' . $account_info['account_lid']); + $nextid = $phpgw->common->last_id('accounts_ldap',$min,$max); + + // Loop until we find a free id + $free = 0; + while (!$free) + { + $ldap_fields = ''; + $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'],'uidnumber='.$nextid); + $ldap_test = ldap_get_entries($ds, $sri); + if ($ldap_test[0]['dn'][0]) + { + $nextid = $phpgw->common->next_id('accounts_ldap',$min,$max); + } + else + { + $free = True; + } + } + + if ($phpgw_info['server']['account_max_id'] && ($nextid > $phpgw_info['server']['account_max_id'])) + { + return False; + } + $account_id = $nextid; + //echo $account_id;exit; } + + $this->db->query("INSERT INTO phpgw_accounts (account_id, account_lid, account_type, account_pwd, " + . "account_firstname, account_lastname, account_status, account_expires) VALUES ('" . $account_id . "','" . $account_info['account_lid'] + . "','" . $account_info['account_type'] . "','" . md5($account_info['account_passwd']) . "', '" . $account_info['account_firstname'] + . "','" . $account_info['account_lastname'] . "','" . $account_info['account_status'] . "'," . $account_info['account_expires'] . ")",__LINE__,__FILE__); + + $sri = ldap_search($ds, $phpgw_info['server']['ldap_context'],'uid=' . $account_info['account_lid']); $allValues = ldap_get_entries($ds, $sri); + $entry['uidnumber'] = $account_id; + $entry['uid'] = $account_info['account_lid']; + $entry['cn'] = sprintf('%s %s', $account_info['account_firstname'], $account_info['account_lastname']); + $entry['sn'] = $account_info['account_lastname']; + $entry['givenname'] = $account_info['account_firstname']; + $entry['userpassword'] = $phpgw->common->encrypt_password($account_info['account_passwd']); + if ($phpgw_info['server']['ldap_extra_attributes'] && $account_info['account_type'] != 'g') { if ($account_home) @@ -580,144 +400,98 @@ if ($allValues[0]['dn']) { - /* This should keep the password from being overwritten here on ldap import */ + // This should keep the password from being overwritten here ? unset($entry['userpassword']); - $entry['gidnumber'] = $account_id; while (list($key,$val) = each($entry)) { $tmpentry = ''; - $tmpentry[$key] = trim($val); /* must trim! */ - /* echo '
'.$key.' '.$val; */ + $tmpentry[$key] = trim($val); // must trim! + //echo '
'.$key.' '.$val; if ($tmpentry[$key]) { if (!$allValues[0][$key][0]) { - /* attribute was not in LDAP, add it */ - ldap_mod_add($ds, $allValues[0]["dn"], $tmpentry); + // attribute was not in LDAP, add it + ldap_mod_add($ds, $allValues[0]['dn'], $tmpentry); } else { - /* attribute was in LDAP, modify it */ - ldap_modify($ds, $allValues[0]["dn"], $tmpentry); + // attribute was in LDAP, modify it + ldap_modify($ds, $allValues[0]['dn'], $tmpentry); } } } - if ($account_type == 'g') +// if ($account_type == 'g') +// { +// $tmpentry['objectclass'][0] = 'top'; +// $tmpentry['objectclass'][1] = 'posixGroup'; +// } +// else + if ($account_info['account_type'] == 'u') { - $tmpentry['objectclass'][0] = 'top'; - $tmpentry['objectclass'][1] = 'posixGroup'; - } - else - { - $tmpentry['uidnumber'] = $account_id; $tmpentry['objectclass'][0] = 'top'; $tmpentry['objectclass'][1] = 'person'; $tmpentry['objectclass'][2] = 'organizationalPerson'; $tmpentry['objectclass'][3] = 'inetOrgPerson'; - $tmpentry['userpassword'] = $phpgw->common->encrypt_password($account_info['account_passwd']); - /* $tmpentry['objectclass'][4] = 'account'; Causes problems with some LDAP servers */ - $tmpentry['objectclass'][4] = 'posixAccount'; - $tmpentry['objectclass'][5] = 'shadowAccount'; - $tmpentry['objectclass'][6] = 'phpgwAccount'; - $tmpentry['phpgwaccountstatus'] = $account_info['account_status']; - $tmpentry['phpgwaccounttype'] = $account_info['account_type']; - $tmpentry['phpgwaccountexpires'] = $account_info['account_expires']; + $tmpentry['objectclass'][4] = 'account'; + $tmpentry['objectclass'][5] = 'posixAccount'; + $tmpentry['objectclass'][6] = 'shadowAccount'; } - ldap_modify($ds, $allValues[0]["dn"], $tmpentry); + + ldap_modify($ds, $allValues[0]['dn'], $tmpentry); } else { - /* Not already there, we will add it */ - if ($account_type == "g") - { - $dn = 'cn='.$account_info['account_lid'] . ',' . $phpgw_info['server']['ldap_group_context']; - unset($entry['homedirectory']); - unset($entry['loginshell']); - $entry['objectclass'][0] = 'top'; - $entry['objectclass'][1] = 'posixGroup'; - $entry['cn'] = $account_info['account_lid']; - $entry['gidnumber'] = $account_id; - $entry['userpassword'] = $phpgw->common->encrypt_password($account_info['account_passwd']); - $entry['description'] = 'phpgw-created group'; - } - else +// if ($account_type == 'g') +// { +// $entry['objectclass'][0] = 'top'; +// $entry['objectclass'][1] = 'posixGroup'; +// } +// else + if ($account_info['account_type'] == 'u') { $dn = 'uid=' . $account_info['account_lid'] . ',' . $phpgw_info['server']['ldap_context']; - $entry['cn'] = sprintf("%s %s", $account_info['account_firstname'], $account_info['account_lastname']); - $entry['sn'] = $account_info['account_lastname']; - $entry['givenname'] = $account_info['account_firstname']; - $entry['uid'] = $account_info['account_lid']; - $entry['uidnumber'] = $account_id; - $entry['uidnumber'] = $phpgw->common->encrypt_password($account_info['account_passwd']); - if ($phpgw_info['server']['ldap_group_id']) - { - $entry['gidnumber'] = $phpgw_info['server']['ldap_group_id']; - } - else - { - $entry['gidnumber'] = $account_id; - } - $entry['userpassword'] = $phpgw->common->encrypt_password($account_info['account_passwd']); $entry['objectclass'][0] = 'top'; $entry['objectclass'][1] = 'person'; $entry['objectclass'][2] = 'organizationalPerson'; $entry['objectclass'][3] = 'inetOrgPerson'; - /* $entry['objectclass'][4] = 'account'; Causes problems with some LDAP servers */ - $entry['objectclass'][4] = 'posixAccount'; - $entry['objectclass'][5] = 'shadowAccount'; - $entry['objectclass'][5] = 'phpgwAccount'; - } + $entry['objectclass'][4] = 'account'; + $entry['objectclass'][5] = 'posixAccount'; + $entry['objectclass'][6] = 'shadowAccount'; - ldap_add($ds, $dn, $entry); + ldap_add($ds, $dn, $entry); + } + //ldap_add($ds, $dn, $entry); } - /* print ldap_error($ds); */ + //print ldap_error($ds); } - function auto_add($accountname, $passwd, $default_prefs = False, $default_acls = False, $expiredate = 0, $account_status = 'A') + function auto_add($account_name, $passwd, $default_prefs=False, $default_acls= False) { - return False; - + print "not done until now auto_generate class.accounts_ldap.inc.php
"; + exit(); global $phpgw, $phpgw_info; - - if (! $expiredate) + $accountid = mt_rand (100, 600000); + if ($defaultprefs =='') { - /* expire in 30 days by default */ - $expiredate = time() + ( ( 60 * 60 ) * (30 * 24) ); + $defaultprefs = 'a:5:{s:6:"common";a:10:{s:9:"maxmatchs";s:2:"15";s:12:"template_set";s:8:"verdilak";s:5:"theme";s:6:"purple";s:13:"navbar_format";s:5:"icons";s:9:"tz_offset";N;s:10:"dateformat";s:5:"m/d/Y";s:10:"timeformat";s:2:"12";s:4:"lang";s:2:"en";s:11:"default_app";N;s:8:"currency";s:1:"$";}s:11:"addressbook";a:1:{s:0:"";s:4:"True";}:s:8:"calendar";a:4:{s:13:"workdaystarts";s:1:"7";s:11:"workdayends";s:2:"15";s:13:"weekdaystarts";s:6:"Monday";s:15:"defaultcalendar";s:9:"month.php";}}'; +// $defaultprefs = 'a:5:{s:6:"common";a:1:{s:0:"";s:2:"en";}s:11:"addressbook";a:1:{s:0:"";s:4:"True";}s:8:"calendar";a:1:{s:0:"";s:13:"workdaystarts";}i:15;a:1:{s:0:"";s:11:"workdayends";}s:6:"Monday";a:1:{s:0:"";s:13:"weekdaystarts";}}'; } - - $acct_info = array( - 'account_lid' => $accountname, - 'account_type' => 'u', - 'account_passwd' => $passwd, - 'account_firstname' => 'New', - 'account_lastname' => 'User', - 'account_status' => $account_status, - 'account_expires' => mktime(2,0,0,date('n',$expiredate), intval(date('d',$expiredate)), date('Y',$expiredate)) - ); - $this->create($acct_info); - $accountid = $this->name2id($accountname); - - $this->db->transaction_begin(); - if ($default_prefs == False) - { - $default_prefs = 'a:5:{s:6:"common";a:10:{s:9:"maxmatchs";s:2:"15";s:12:"template_set";s:8:"verdilak";s:5:"theme";s:6:"purple";s:13:"navbar_format";s:5:"icons";s:9:"tz_offset";N;s:10:"dateformat";s:5:"m/d/Y";s:10:"timeformat";s:2:"12";s:4:"lang";s:2:"en";s:11:"default_app";N;s:8:"currency";s:1:"$";}s:11:"addressbook";a:1:{s:0:"";s:4:"True";}:s:8:"calendar";a:4:{s:13:"workdaystarts";s:1:"7";s:11:"workdayends";s:2:"15";s:13:"weekdaystarts";s:6:"Monday";s:15:"defaultcalendar";s:9:"month.php";}}'; - $this->db->query("insert into phpgw_preferences (preference_owner, preference_value) values ('".$accountid."', '$default_prefs')"); - } - - if ($default_acls == False) - { - $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights)values('preferences', 'changepassword', ".$accountid.", 1)",__LINE__,__FILE__); - $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('phpgw_group', '1', ".$accountid.", 1)",__LINE__,__FILE__); - $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('addressbook', 'run', ".$accountid.", 1)",__LINE__,__FILE__); - $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('filemanager', 'run', ".$accountid.", 1)",__LINE__,__FILE__); - $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('calendar', 'run', ".$accountid.", 1)",__LINE__,__FILE__); - $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('email', 'run', ".$accountid.", 1)",__LINE__,__FILE__); - $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('notes', 'run', ".$accountid.", 1)",__LINE__,__FILE__); - $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_rights) values('todo', 'run', ".$accountid.", 1)",__LINE__,__FILE__); - } - $this->db->transaction_commit(); + $sql = "insert into phpgw_accounts"; + $sql .= "(account_id, account_lid, account_pwd, account_firstname, account_lastname, account_lastpwd_change, account_status, account_type)"; + $sql .= "values (".$accountid.", '".$accountname."', '".md5($passwd)."', '".$accountname."', 'AutoCreated', ".time().", 'A','u')"; + $this->db->query($sql); + $this->db->query("insert into phpgw_preferences (preference_owner, preference_value) values ('".$accountid."', '$defaultprefs')"); + $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights)values('preferences', 'changepassword', ".$accountid.", 'u', 1)",__LINE__,__FILE__); + $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) values('phpgw_group', '1', ".$accountid.", 'u', 1)",__LINE__,__FILE__); + $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) values('addressbook', 'run', ".$accountid.", 'u', 1)",__LINE__,__FILE__); + $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) values('filemanager', 'run', ".$accountid.", 'u', 1)",__LINE__,__FILE__); + $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) values('calendar', 'run', ".$accountid.", 'u', 1)",__LINE__,__FILE__); + $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) values('email', 'run', ".$accountid.", 'u', 1)",__LINE__,__FILE__); + $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) values('notes', 'run', ".$accountid.", 'u', 1)",__LINE__,__FILE__); + $this->db->query("insert into phpgw_acl (acl_appname, acl_location, acl_account, acl_account_type, acl_rights) values('todo', 'run', ".$accountid.", 'u', 1)",__LINE__,__FILE__); return $accountid; }