using one list of auth-types (in order of importance) and detecting additional ones in the filesystem

setup/inc/class.setup_cmd_config.inc.php

@@ -0,0 +1,445 @@
+<?php
+/**
+ * eGgroupWare setup - create / change eGW configuration
+ *
+ * @link http://www.egroupware.org
+ * @author Ralf Becker <RalfBecker-AT-outdoor-training.de>
+ * @package setup
+ * @copyright (c) 2007 by Ralf Becker <RalfBecker-AT-outdoor-training.de>
+ * @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
+ * @version $Id$
+ */
+
+/**
+ * setup command: create / change eGW configuration
+ */
+class setup_cmd_config extends setup_cmd
+{
+	/**
+	 * Constructor
+	 *
+	 * @param string $domain string with domain-name or array with all arguments
+	 * @param string $config_user=null user to config the domain (or header_admin_user)
+	 * @param string $config_passwd=null pw of above user
+	 * @param string $arguments=null array with command line argruments
+	 * @param boolean $verbose=false if true, echos out some status information during the run
+	 */
+	function __construct($domain,$config_user=null,$config_passwd=null,$arguments=null,$verbose=false)
+	{
+		if (!is_array($domain))
+		{
+			$domain = array(
+				'domain'        => $domain,
+				'config_user'   => $config_user,
+				'config_passwd' => $config_passwd,
+				'arguments'     => $arguments,
+				'verbose'       => $verbose,
+			);
+		}
+		//echo __CLASS__.'::__construct()'; _debug_array($domain);
+		admin_cmd::__construct($domain);
+	}
+
+	/**
+	 * run the command: write the configuration to the database
+	 *
+	 * @param boolean $check_only=false only run the checks (and throw the exceptions), but not the command itself
+	 * @return string success message
+	 * @throws Exception(lang('Wrong credentials to access the header.inc.php file!'),2);
+	 * @throws Exception('header.inc.php not found!');
+	 */
+	protected function exec($check_only=false)
+	{
+		if ($check_only && $this->remote_id)
+		{
+			return true;	// can only check locally
+		}
+		// instanciate setup object and check authorisation
+		$this->check_setup_auth($this->config_user,$this->config_passwd,$this->domain);
+
+		$this->check_installed($this->domain,15,$this->verbose);
+
+		// fixing authtypes in self::$options
+		self::auth_types(true);
+		
+		$values = array();
+		if ($this->arguments)	// we have command line arguments
+		{
+			$save_ea_profile = $this->_parse_cli_arguments($values);
+		}
+		else
+		{
+			$save_ea_profile = $this->_parse_properties($values);
+		}
+
+		// store the config
+		foreach($values as $name => $value)
+		{
+			self::$egw_setup->db->insert(self::$egw_setup->config_table,array(
+				'config_value' => $value,
+			),array(
+				'config_app'  => 'phpgwapi',
+				'config_name' => $name,
+			),__LINE__,__FILE__);
+		}
+		if (count($values))
+		{
+			if ($save_ea_profile) $this->_save_ea_profile();
+
+			$this->restore_db();
+
+			return lang('Configuration changed.');
+		}
+		$this->restore_db();
+
+		return lang('Nothing to change.');
+	}
+
+	/**
+	 * Return or echo the most common config options
+	 *
+	 * @param boolean $echoit=false if true the config is additionally echo'ed out
+	 * @return array with name => value pairs
+	 */
+	static function get_config($echoit=false)
+	{
+		self::$egw_setup->db->select(self::$egw_setup->config_table,'config_name,config_value',array(
+			'config_app'  => 'phpgwapi',
+			"(config_name LIKE '%\\_dir' OR (config_name LIKE 'mail%' AND config_name != 'mail_footer') OR config_name LIKE 'smtp\\_%' OR config_name LIKE 'ldap%' OR config_name IN ('webserver_url','system_charset','auth_type','account_repository'))",
+		),__LINE__,__FILE__);
+
+		$config = array();
+		while (($row = self::$egw_setup->db->row(true)))
+		{
+			$config[$row['config_name']] = $row['config_value'];
+		}
+		if ($echoit)
+		{
+			echo lang('Current configuration:')."\n";
+			foreach($config as $name => $value)
+			{
+				echo str_pad($name.':',22).$value."\n";
+			}
+		}
+		return $config;
+	}
+
+	/**
+	 * Available options and allowed arguments
+	 *
+	 * @var array
+	 */
+	static $options = array(
+		'--config'     => array(),	// name=value,...
+		'--files-dir'  => 'files_dir',
+		'--vfs-root-user' => 'vfs_root_user',
+		'--backup-dir' => 'backup_dir',
+		'--temp-dir'   => 'temp_dir',
+		'--webserver-url' => 'webserver_url',
+		'--mailserver' => array(	//server,{IMAP|IMAPS|POP|POPS},[domain],[{standard(default)|vmailmgr = add domain for mailserver login|email = use email of user (Standard Maildomain should be set)}]
+			'mail_server',
+			array('name' => 'mail_server_type','allowed' => array('imap','imaps','pop3','pop3s'),'default'=>'imap'),
+			'mail_suffix',
+			array('name' => 'mail_login_type','allowed'  => array(
+				'username (standard)' => 'standard',
+				'username@domain (virtual mail manager)' => 'vmailmgr',
+				'email (Standard Maildomain should be set)' => 'email',
+			),'default'=>'standard'),
+		),
+		'--cyrus' => array(
+			'imapAdminUsername',
+			'imapAdminPW',
+			array('name' => 'imapType','default' => 3),
+			array('name' => 'imapEnableCyrusAdmin','default' => 'yes'),
+		),
+		'--sieve' => array(
+			array('name' => 'imapSieveServer','default' => 'localhost'),
+			array('name' => 'imapSievePort','default' => 2000),
+			array('name' => 'imapEnableSieve','default' => 'yes'),	// null or yes
+		),
+		'--postfix' => array(
+			array('name' => 'editforwardingaddress','allowed' => array('yes',null)),
+			array('name' => 'smtpType','default' => 2),
+		),
+		'--smtpserver' => array(	//smtp server,[smtp port],[smtp user],[smtp password]
+			'smtp_server',array('name' => 'smtp_port','default' => 25),'smtp_auth_user','smtp_auth_passwd',''
+		),
+		'--account-auth' => array(
+			array('name' => 'account_repository','allowed' => array('sql','ldap'),'default'=>'sql'),
+			array('name' => 'auth_type','allowed' => array('sql','ldap','mail','ads','http','sqlssl','nis','pam'),'default'=>'sql'),
+			array('name' => 'sql_encryption','allowed' => array('md5','blowfish_crypt','md5_crypt','crypt'),'default'=>'md5'),
+			'check_save_password','allow_cookie_auth'),
+		'--ldap-host' => 'ldap_host',
+		'--ldap-root-dn' => 'ldap_root_dn',
+		'--ldap-root-pw' => 'ldap_root_pw',
+		'--ldap-context' => 'ldap_context',
+		'--ldap-search-filter' => 'ldap_search_filter',
+		'--ldap-group-context' => 'ldap_group_context',
+		'--allow-remote-admin' => 'allow_remote_admin',
+		'--install-id' => 'install_id',
+	);
+
+	/**
+	 * Parses properties from this object
+	 *
+	 * @param array &$value contains set values on return
+	 * @return boolean do we need to save the emailadmin profile
+	 */
+	private function _parse_properties(&$values)
+	{
+		$this->_merge_defaults();
+
+		$save_ea_profile = false;
+		$values = array();
+		foreach(self::$options as $arg => $option)
+		{
+			foreach(is_array($option) ? $option : array($option) as $n => $data)
+			{
+				$name = is_array($data) ? $data['name'] : $data;
+
+				if (isset($this->$name))
+				{
+					$save_ea_profile |= $this->_parse_value($arg,$n,$option,$this->$name,$values);
+				}
+			}
+		}
+		return $save_ea_profile;
+	}
+
+	/**
+	 * Parses command line arguments in $this->arguments
+	 *
+	 * @param array &$value contains set values on return
+	 * @return boolean do we need to save the emailadmin profile
+	 */
+	private function _parse_cli_arguments(&$values)
+	{
+		$arguments = $this->arguments;
+		$values = array();
+		$save_ea_profile = false;
+		$args = $this->arguments;
+		while(($arg = array_shift($args)))
+		{
+			if (!isset(self::$options[$arg]))
+			{
+				throw new egw_exception_wrong_userinput(lang("Unknown option '%1' !!!",$arg),90);
+			}
+			$options = is_array(self::$options[$arg]) ? explode(',',array_shift($args)) : array(array_shift($args));
+
+			if ($arg == '--config')
+			{
+				foreach($options as $option)
+				{
+					list($name,$value) = explode('=',$option,2);
+					$values[$name] = $value;
+				}
+				continue;
+			}
+			$options[] = ''; $options[] = '';
+			foreach($options as $n => $value)
+			{
+				$save_ea_profile |= $this->_parse_value($arg,$n,self::$options[$arg],$value,$values);
+			}
+		}
+		return $save_ea_profile;
+	}
+
+	/**
+	 * Parses a single value
+	 *
+	 * @param string $arg current cli argument processed
+	 * @param int $n number of the property
+	 * @param array/string $data string with type or array containing values for type, allowed
+	 * @param mixed $value value to set
+	 * @param array &$values where the values get set
+	 */
+	private function _parse_value($arg,$n,$data,$value,array &$values)
+	{
+		if ($value === '' && is_array($data) && !isset($data[$n]['default'])) return false;
+
+		$name = is_array($data) || $n ? $data[$n] : $data;
+
+		if (is_array($name))
+		{
+			if (!$value && isset($name['default'])) $value = $name['default'];
+
+			if (isset($name['allowed']) && !in_array($value,$name['allowed']))
+			{
+				throw new egw_exception_wrong_userinput(lang("'%1' is not allowed as %2. arguments of option %3 !!!",$value,1+$n,$arg)." ($name[name])",91);
+			}
+			$name = $name['name'];
+		}
+		$values[$name] = $value;
+
+		return in_array($arg,array('--mailserver','--smtpserver','--cyrus','--postfix','--sieve'));
+	}
+
+	/**
+	 * Updates the default EMailAdmin profile from the eGW config
+	 */
+	function _save_ea_profile($config=array())
+	{
+		self::$egw_setup->db->select(self::$egw_setup->config_table,'config_name,config_value',array(
+			'config_app'  => 'phpgwapi',
+			"((config_name LIKE 'mail%' AND config_name != 'mail_footer') OR config_name LIKE 'smtp%' OR config_name LIKE 'imap%' OR config_name='editforwardingaddress')",
+		),__LINE__,__FILE__);
+		while (($row = self::$egw_setup->db->row(true)))
+		{
+			$config[$row['config_name']] = $row['config_value'];
+		}
+		$config['smtpAuth'] = $config['smtp_auth_user'] ? 'yes' : null;
+
+		$emailadmin = new emailadmin_bo(-1,false);	// false=no session stuff
+		$emailadmin->setDefaultProfile($config);
+
+		if ($this->verbose)
+		{
+			echo "\n".lang('EMailAdmin profile updated:')."\n";
+			foreach($config as $name => $value)
+			{
+				echo str_pad($name.':',22).$value."\n";
+			}
+		}
+	}
+
+	/**
+	 * Return the options from the $options array
+	 *
+	 * @return array with name => array(value=>label,...) pairs
+	 */
+	static function options()
+	{
+		$options = array();
+		foreach(self::$options as $option)
+		{
+			if (is_array($option))
+			{
+				foreach($option as $n => $data)
+				{
+					if (is_array($data) && isset($data['allowed']))
+					{
+						if ($data['name'] == 'auth_type')
+						{
+							$options[$data['name']] = self::auth_types();
+							continue;
+						}
+						foreach($data['allowed'] as $label => $value)
+						{
+							if (is_int($label))
+							{
+								$label = (string) $value === '' ? 'No' : strtoupper($value);
+							}
+							$options[$data['name']][$value] = lang($label);
+						}
+					}
+				}
+			}
+		}
+		return $options;
+	}
+	
+	/**
+	 * Read auth-types (existing auth backends) from filesystem and fix our $options array
+	 * 
+	 * @return array
+	 */
+	static function auth_types()
+	{
+		// default backends in order of importance
+		static $auth_types = array(
+			'sql'  => 'SQL',
+			'ldap' => 'LDAP',
+			'mail' => 'Mail',
+			'ads'  => 'Active Directory',
+			'http' => 'HTTP',
+			'fallback' => 'Fallback LDAP --> SQL',
+			'sqlssl' => 'SQL / SSL',
+		);
+		static $scan_done;
+		if (!$scan_done++)
+		{
+			// now add auth backends found in filesystem
+			foreach(scandir(EGW_INCLUDE_ROOT.'/phpgwapi/inc') as $class)
+			{
+				if (preg_match('/^class\.auth_([a-z]+)\.inc\.php$/',$class,$matches) &&
+					!isset($auth_types[$matches[1]]))
+				{
+					$auth_types[$matches[1]] = ucfirst($matches[1]);
+				}
+			}
+			foreach(self::$options['--account-auth'] as &$param)
+			{
+				if ($param['name'] == 'auth_type')
+				{
+					$param['allowed'] = array_keys($auth_types);
+					break;
+				}
+			}
+		}
+		return $auth_types;
+	}
+
+	/**
+	 * Return the defaults from the $options array
+	 *
+	 * @return array with name => $value pairs
+	 */
+	static function defaults()
+	{
+		$defaults = array();
+		// fetch the default from the cli options
+		foreach(self::$options as $option)
+		{
+			if (is_array($option))
+			{
+				foreach($option as $n => $data)
+				{
+					if (is_array($data) && isset($data['default']))
+					{
+						$defaults[$data['name']] = $data['default'];
+					}
+				}
+			}
+		}
+		// some extra defaults for non-cli operation
+		$defaults['files_dir'] = '/var/lib/egroupware/$domain/files';
+		$defaults['backup_dir'] = '/var/lib/egroupware/$domain/backup';
+		$defaults['backup_mincount'] = 0;
+		$defaults['backup_files'] = false;
+		$defaults['temp_dir'] = '/tmp';
+		$defaults['webserver_url'] = '/egroupware';
+		$defaults['smtp_server'] = $defaults['mail_server'] = 'localhost';
+		$defaults['mail_suffix'] = '$domain';
+		$defaults['imapAdminUsername'] = 'cyrus@$domain';
+		$defaults['imapAdminPW'] = self::randomstring();
+		$defaults['imapType'] = 2;	// standard IMAP
+		$defaults['smtpType'] = 1;	// standard SMTP
+
+		return $defaults;
+	}
+
+	/**
+	 * Merges the default into the current properties, if they are empty or contain placeholders
+	 *
+	 * Replacements like $domain, only work for values listed by self::defaults()
+	 */
+	private function _merge_defaults()
+	{
+		foreach(self::defaults() as $name => $default)
+		{
+			if (!$this->$name)
+			{
+				//echo "<p>setting $name='{$this->$name}' to it's default='$default'</p>\n";
+				$this->set_defaults[$name] = $this->$name = $default;
+			}
+			if (strpos($this->$name,'$') !== false)
+			{
+				$this->$name = str_replace(array(
+					'$domain',
+				),array(
+					$this->domain,
+				),$this->$name);
+			}
+		}
+	}
+}

setup/inc/hook_config.inc.php

@@ -0,0 +1,268 @@
+<?php
+/**
+ * Setup
+ *
+ * @link http://www.egroupware.org
+ * @package setup
+ * @author Miles Lott <milos@groupwhere.org>
+ * @author Ralf Becker <RalfBecker-AT-outdoor-training.de>
+ * @license http://opensource.org/licenses/gpl-license.php GPL - GNU General Public License
+ * @version $Id$
+ */
+
+/**
+ * Get the options for vfs_storage_mode, select the right one depending on vfs_fstab
+ *
+ * @param array $config
+ * @return string
+ */
+function vfs_storage_mode_options($config)
+{
+	if (!isset($config['vfs_fstab']) || $config['vfs_fstab'] == serialize(array(
+		'/' => 'sqlfs://$host/',
+		'/apps' => 'links://$host/apps',
+	)))
+	{
+		$config['vfs_storage_mode'] = 'fs';
+	}
+	elseif($config['vfs_fstab'] == serialize(array(
+		'/' => 'sqlfs://$host/?storage=db',
+		'/apps' => 'links://$host/apps?storage=db',
+	)))
+	{
+		$config['vfs_storage_mode'] = 'db';
+	}
+	else
+	{
+		$config['vfs_storage_mode'] = 'custom';
+	}
+	//_debug_array(array_intersect_key($config,array('vfs_fstab'=>1,'vfs_storage_mode'=>1)));
+	foreach(array(
+		'fs' => lang('Filesystem (default)'),
+		'db' => lang('Database').' (problems with files > 1MB)',
+		'custom' => lang('Custom set via %1','filemanager/cli.php mount'),
+	) as $name => $label)
+	{
+		$options .= '<option value="'.$name.($name === $config['vfs_storage_mode'] ? '" selected="selected' : '').
+			'">'.htmlspecialchars($label)."</options>\n";
+	}
+	//echo "<pre>".htmlspecialchars($options)."</pre>\n";
+	return $options;
+}
+
+function encryptalgo($config)
+{
+	if(@function_exists('mcrypt_list_algorithms'))
+	{
+		$listed = array();
+		if(!isset($config['mcrypt_algo']))
+		{
+			$config['mcrypt_algo'] = 'tripledes';  /* MCRYPT_TRIPLEDES */
+		}
+		$algos = @mcrypt_list_algorithms();
+		$found = False;
+
+		$out = '';
+		while(list($key,$value) = each($algos))
+		{
+			$found = True;
+			/* Only show each once - seems this is a problem in some installs */
+			if(!in_array($value,$listed))
+			{
+				if($config['mcrypt_algo'] == $value)
+				{
+					$selected = ' selected="selected"';
+				}
+				else
+				{
+					$selected = '';
+				}
+				$descr = strtoupper($value);
+
+				$out .= '<option value="' . $value . '"' . $selected . '>' . $descr . '</option>' . "\n";
+				$listed[] = $value;
+			}
+		}
+		if(!$found)
+		{
+			/* Something is wrong with their mcrypt install or php.ini */
+			$out = '<option value="">' . lang('no algorithms available') . '</option>' . "\n";;
+		}
+	}
+	else
+	{
+		$out = '<option value="tripledes">TRIPLEDES</option>' . "\n";;
+	}
+	return $out;
+}
+
+function encryptmode($config)
+{
+	if(@function_exists('mcrypt_list_modes'))
+	{
+		$listed = array();
+		if(!isset($config['mcrypt_mode']))
+		{
+			$config['mcrypt_mode'] = 'cbc'; /* MCRYPT_MODE_CBC */
+		}
+		$modes = @mcrypt_list_modes();
+		$found = False;
+
+		$out = '';
+		while(list($key,$value) = each($modes))
+		{
+			$found = True;
+			/* Only show each once - seems this is a problem in some installs */
+			if(!in_array($value,$listed))
+			{
+				if($config['mcrypt_mode'] == $value)
+				{
+					$selected = ' selected="selected"';
+				}
+				else
+				{
+					$selected = '';
+				}
+				$descr = strtoupper($value);
+
+				$out .= '<option value="' . $value . '"' . $selected . '>' . $descr . '</option>' . "\n";
+				$listed[] = $value;
+			}
+		}
+		if(!$found)
+		{
+			/* Something is wrong with their mcrypt install or php.ini */
+			$out = '<option value="" selected="selected">' . lang('no modes available') . '</option>' . "\n";
+		}
+	}
+	else
+	{
+		$out = '<option value="cbc" selected="selected">CBC</option>' . "\n";
+	}
+	return $out;
+}
+
+function passwdhashes($config)
+{
+	$hashes = array(
+		'des' => 'des',
+		'md5' => 'md5',
+		'smd5' => 'smd5',
+		'sha'  => 'sha',
+		'ssha' => 'ssha',
+		'plain' => 'plain',
+	);
+	/* Check for available crypt methods based on what is defined by php */
+	if(@defined('CRYPT_BLOWFISH') && CRYPT_BLOWFISH == 1)
+	{
+		$hashes['blowish_crypt'] = 'blowish_crypt';
+	}
+	if(@defined('CRYPT_MD5') && CRYPT_MD5 == 1)
+	{
+		$hashes['md5_crypt'] = 'md5_crypt';
+	}
+	if(@defined('CRYPT_EXT_DES') && CRYPT_EXT_DES == 1)
+	{
+		$hashes['ext_crypt'] = 'ext_crypt';
+	}
+
+	foreach($hashes as $key => $value)
+	{
+		if($config['ldap_encryption_type'] == $value)
+		{
+			$selected = ' selected="selected"';
+		}
+		else
+		{
+			$selected = '';
+		}
+		$descr = strtoupper($value);
+
+		$out .= '<option value="' . $value . '"' . $selected . '>' . $descr . '</option>' . "\n";
+	}
+	return $out;
+}
+
+function sql_passwdhashes($config)
+{
+	$hashes = array(
+		'md5' => 'md5'
+	);
+
+	/* Check for available crypt methods based on what is defined by php */
+	if(@defined('CRYPT_BLOWFISH') && CRYPT_BLOWFISH == 1)
+	{
+		$hashes['blowish_crypt'] = 'blowish_crypt';
+	}
+	if(@defined('CRYPT_MD5') && CRYPT_MD5 == 1)
+	{
+		$hashes['md5_crypt'] = 'md5_crypt';
+	}
+	if(@defined('CRYPT_EXT_DES') && CRYPT_EXT_DES == 1)
+	{
+		$hashes['ext_crypt'] = 'ext_crypt';
+	}
+	if(@defined('CRYPT_STD_DES') && CRYPT_STD_DES == 1)
+	{
+		$hashes['crypt'] = 'crypt';
+	}
+
+	$hashes += array(
+		'smd5' => 'smd5',
+		'sha'  => 'sha',
+		'ssha' => 'ssha',
+		'plain' => 'plain',
+	);
+
+	foreach($hashes as $key => $value)
+	{
+		if($config['sql_encryption_type'] == $value)
+		{
+			$selected = ' selected="selected"';
+		}
+		else
+		{
+			$selected = '';
+		}
+		$descr = strtoupper($value);
+
+		$out .= '<option value="' . $value . '"' . $selected . '>' . $descr . '</option>' . "\n";
+	}
+	return $out;
+}
+
+/**
+ * Make auth-types from setup_cmd_config available
+ * 
+ * @param array $config
+ * @return string
+ */
+function auth_type($config)
+{
+	return _options_from(setup_cmd_config::auth_types(),$config['auth_type']);
+}
+function auth_type_syncml($config)
+{
+	return _options_from(setup_cmd_config::auth_types(),$config['auth_type_syncml']);
+}
+function auth_type_groupdav($config)
+{
+	return _options_from(setup_cmd_config::auth_types(),$config['auth_type_groupdav']);
+}
+
+/**
+ * Returns options string
+ * 
+ * @param array $options value => label pairs
+ * @param string $selected value of selected optino
+ * @return string
+ */
+function _options_from(array $options,$selected)
+{
+	foreach($options as $value => $label)
+	{
+		$out .= '<option value="' . htmlspecialchars($value) . '"' . 
+			($selected == $value ? ' selected="selected"' : '') . '>' . $label . '</option>' . "\n";
+	}
+	return $out;
+}

setup/templates/default/config.tpl

@@ -0,0 +1,581 @@
+<!-- $Id$ -->
+
+<!-- BEGIN header -->
+
+<form method="post" action="{action_url}">
+<table align="center" cellspacing="0" border="5" width="90%" >
+   <tr class="th">
+    <td colspan="2">&nbsp;{title}</td>
+   </tr>
+
+<!-- END header -->
+
+<!-- BEGIN body -->
+   <tr class="th">
+    <td colspan="2"><b>{lang_Path_information}, {lang_Virtual_filesystem}</b></td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_Where_should_eGroupware_store_file_content}:</td>
+    <td>
+      <select name="newsettings[vfs_storage_mode]">
+{hook_vfs_storage_mode_options}
+      </select>
+    </td>
+   </tr>
+
+   <tr class="row_off">
+    <td colspan="2"><b>{lang_Don't_change,_if_you_already_stored_files!_You_will_loose_them!}</b> There's currently no migration avaliable.</td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_Enter_the_full_path_for_users_and_group_files.<br />Examples:_/files,_E:\FILES}</td>
+    <td><input name="newsettings[files_dir]" value="{value_files_dir}" size="40" /></td>
+   </tr>
+
+   <tr class="row_off">
+    <td colspan="2">
+    	<b>{lang_This_has_to_be_outside_the_webservers_document-root!!!}</b><br />
+    	{lang_If_you_can_only_access_the_docroot_choose_<b>Database</b>_for_where_to_store_the_file_content_AND_use_same_path_as_for_temporary_files.}
+    </td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_Usernames_(comma-separated)_which_can_get_VFS_root_access_(beside_setup_user)}</td>
+    <td><input name="newsettings[vfs_root_user]" value="{value_vfs_root_user}" size="40" /></td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_Enter_the_full_path_to_the_backup_directory.<br />if_empty:_files_directory}/db_backup:</td>
+    <td><input name="newsettings[backup_dir]" value="{value_backup_dir}" size="40" /></td>
+   </tr>
+
+   <tr class="row_on">
+    <td colspan="2"><b>{lang_This_has_to_be_outside_the_webservers_document-root!!!}</b></td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_Enter_the_full_path_for_temporary_files.<br />Examples:_/tmp,_C:\TEMP}:</td>
+    <td><input name="newsettings[temp_dir]" value="{value_temp_dir}" size="40" /></td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_Enter_the_location_of_eGroupWare's_URL.<br />Example:_http://www.domain.com/egroupware_&nbsp;_or_&nbsp;_/egroupware<br /><b>No_trailing_slash</b>}:</td>
+    <td><input name="newsettings[webserver_url]" value="{value_webserver_url}" size="40" /></td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_Image_type_selection_order}:</td>
+    <td>
+     <select name="newsettings[image_type]">
+      <option value="">GIF->JPG->PNG</option>
+      <option value="1"{selected_image_type_1}>PNG->JPG->GIF</option>
+      <option value="2"{selected_image_type_2}>PNG->JPG</option>
+     </select>
+    </td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_Complete_path_to_aspell_program}:</td>
+    <td>
+     <input name="newsettings[aspell_path]" value="{value_aspell_path}" size="40">
+    </td>
+   </tr>
+
+   <tr class="row_off">
+    <td colspan="2">&nbsp;</td>
+   </tr>
+
+   <tr class="th">
+    <td colspan="2"><b>{lang_Host_information}</b></td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_Enter_the_hostname_of_the_machine_on_which_this_server_is_running}:</td>
+    <td><input name="newsettings[hostname]" value="{value_hostname}" /></td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_Enter_your_default_FTP_server}:</td>
+    <td><input name="newsettings[default_ftp_server]" value="{value_default_ftp_server}" /></td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_Attempt_to_use_correct_mimetype_for_FTP_instead_of_default_'application/octet-stream'}:</td>
+    <td>
+     <select name="newsettings[ftp_use_mime]">
+      <option value="">{lang_No}</option>
+      <option value="True"{selected_ftp_use_mime_True}>{lang_Yes}</option>
+     </select>
+    </td>
+   </tr>
+<!-- this is not working correct
+   <tr class="row_off">
+    <td>{lang_Datetime_port.<br />If_using_port_13,_please_set_firewall_rules_appropriately_before_submitting_this_page.<br />(Port:_13_/_Host:_129.6.15.28)}</td>
+    <td>
+      <select name="newsettings[daytime_port]">
+       <option value="00"{selected_daytime_port_00}>{lang_00_(disable)}</option>
+       <option value="13"{selected_daytime_port_13}>{lang_13_(ntp)}</option>
+       <option value="80"{selected_daytime_port_80}>{lang_80_(http)}</option>
+      </select>
+    </td>
+   </tr>
+-->
+   <tr class="row_off">
+    <td>{lang_Enter_your_HTTP_proxy_server}:</td>
+    <td><input name="newsettings[httpproxy_server]" value="{value_httpproxy_server}" /></td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_Enter_your_HTTP_proxy_server_port}:</td>
+    <td><input name="newsettings[httpproxy_port]" value="{value_httpproxy_port}" /></td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_Enter_your_HTTP_proxy_server_username}:</td>
+    <td><input name="newsettings[httpproxy_server_username]" value="{value_httpproxy_server_username}" /></td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_Enter_your_HTTP_proxy_server_password}:</td>
+    <td><input name="newsettings[httpproxy_server_password]" value="{value_httpproxy_server_password}" /></td>
+   </tr>
+
+<!-- until they are working
+   <tr class="row_off">
+    <td>{lang_Enter_the_site_username_for_peer_servers}.</td>
+    <td><input name="newsettings[site_username]" value="{value_site_username}" /></td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_Enter_the_site_password_for_peer_servers}.</td>
+    <td><input type="password" name="newsettings[site_password]" value="{value_site_password}" /></td>
+   </tr>
+-->
+
+  <tr class="row_off">
+    <td colspan="2">&nbsp;</td>
+   </tr>
+
+   <tr class="th">
+    <td colspan="2"><b>{lang_Standard_mailserver_settings_(used_for_Mail_authentication_too)}:</b></td>
+   </tr>
+   <tr class="row_on"">
+    <td>{lang_POP/IMAP_mail_server_hostname_or_IP_address}:</td>
+    <td><input name="newsettings[mail_server]" value="{value_mail_server}"></td>
+   </tr>
+   <tr class="row_off"">
+    <td>{lang_Mail_server_protocol}:</td>
+    <td>
+     <select name="newsettings[mail_server_type]">
+      <option value="imap" {selected_mail_server_type_imap}>IMAP</option>
+      <option value="imaps" {selected_mail_server_type_imaps}>IMAPS</option>
+     </select>
+    </td>
+   </tr>
+   <tr class="row_on"">
+    <td>{lang_Mail_server_login_type}:</td>
+    <td>
+     <select name="newsettings[mail_login_type]">
+      <option value="standard" {selected_mail_login_type_standard}>{lang_standard (login-name_identical_to_eGroupWare_user-name)}</option>
+      <option value="vmailmgr" {selected_mail_login_type_vmailmgr}>{lang_Virtual_mail_manager_(login-name_includes_domain)}</option>
+      <option value="email" {selected_mail_login_type_email}>{lang_email_(Standard_Maildomain_should_be_set)}</option>
+     </select>
+    </td>
+   </tr>
+   <tr class="row_off"">
+    <td>{lang_Mail_domain_(for_Virtual_mail_manager)}:</td>
+    <td><input name="newsettings[mail_suffix]" value="{value_mail_suffix}"></td>
+   </tr>
+   <tr class="row_on">
+    <td>{lang_SMTP_server_hostname_or_IP_address}:</td>
+    <td><input name="newsettings[smtp_server]" value="{value_smtp_server}"></td>
+   </tr>
+   <tr class="row_off">
+    <td>{lang_SMTP_server_port}:</td>
+    <td><input name="newsettings[smtp_port]" value="{value_smtp_port}"></td>
+   </tr>
+   <tr class="row_on">
+    <td>{lang_User_for_SMTP-authentication_(leave_it_empty_if_no_auth_required)}:</td>
+    <td><input name="newsettings[smtp_auth_user]" value="{value_smtp_auth_user}"></td>
+   </tr>
+   <tr class="row_off">
+    <td>{lang_Password_for_SMTP-authentication}:</td>
+    <td><input type="password" name="newsettings[smtp_auth_passwd]" value="{value_smtp_auth_passwd}"></td>
+   </tr>
+   <tr class="row_on">
+    <td colspan="2">&nbsp;</td>
+   </tr>
+
+<!-- from admin -->
+
+   <tr class="th">
+    <td colspan="2"><b>{lang_Authentication_/_Accounts}</b></td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_Select_which_type_of_authentication_you_are_using}:</td>
+    <td>
+     <select name="newsettings[auth_type]">
+{hook_auth_type}
+     </select>
+    </td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_Authentication_type_for_application}: <b>SyncML</b></td>
+    <td>
+     <select name="newsettings[auth_type_syncml]">
+      <option value="">{lang_Standard,_as_defined_above}</option>
+{hook_auth_type_syncml}
+     </select>
+    </td>
+   </tr>
+
+    <tr class="row_off">
+    <td>{lang_Authentication_type_for_application}: <b>GroupDAV/CalDAV/CardDAV</b></td>
+    <td>
+     <select name="newsettings[auth_type_groupdav]">
+      <option value="">{lang_Standard,_as_defined_above}</option>
+{hook_auth_type_groupdav}
+     </select>
+    </td>
+   </tr>
+
+  <tr class="row_on">
+    <td>{lang_HTTP_auth_types_(comma-separated)_to_use_without_login-page, eg. "NTLM"}:</td>
+    <td>
+      <input name="newsettings[http_auth_types]" value="{value_http_auth_types}" size="20" />
+    </td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_Select_where_you_want_to_store/retrieve_user_accounts}:</td>
+    <td>
+     <select name="newsettings[account_repository]">
+      <option value="sql"{selected_account_repository_sql}>SQL</option>
+      <option value="ldap"{selected_account_repository_ldap}>LDAP</option>
+      <!--<option value="contacts"{selected_account_repository_contacts}>Contacts - EXPERIMENTAL</option>-->
+     </select>
+    </td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_sql_encryption_type}:</td>
+    <td>
+     <select name="newsettings[sql_encryption_type]">{hook_sql_passwdhashes}</select>
+    </td>
+   </tr>
+
+   <tr class="row_off">
+     <td>{lang_Activate_safe_password_check}:</td>
+     <td>
+      <select name="newsettings[check_save_passwd]">
+       <option value="">{lang_No}</option>
+       <option value="True" {selected_check_save_passwd_True}>{lang_Yes}</option>
+      </select>
+     </td>
+    </tr>
+
+   <tr class="row_off">
+    <td>{lang_Allow_authentication_via_cookie}:</td>
+    <td>
+      <select name="newsettings[allow_cookie_auth]">
+         <option value="">{lang_No}</option>
+         <option value="True" {selected_allow_cookie_auth_True}>{lang_Yes}</option>
+       </select>
+    </td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_Auto_login_anonymous_user}:</td>
+    <td>
+      <select name="newsettings[auto_anon_login]">
+         <option value="">{lang_No}</option>
+         <option value="True"{selected_auto_anon_login_True}>{lang_Yes}</option>
+       </select>
+    </td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_Allow_password_migration}:</td>
+    <td>
+      <select name="newsettings[pwd_migration_allowed]">
+         <option value="">{lang_No}</option>
+         <option value="True" {selected_pwd_migration_allowed_True}>{lang_Yes}</option>
+       </select>
+    </td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_Allowed_migration_types_(comma-separated)}:</td>
+    <td>
+      <input name="newsettings[pwd_migration_types]" value="{value_pwd_migration_types}" size="20" />
+    </td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_Minimum_account_id_(e.g._500_or_100,_etc.)}:</td>
+    <td><input name="newsettings[account_min_id]" value="{value_account_min_id}" /></td>
+   </tr>
+   <tr class="row_on">
+    <td>{lang_Maximum_account_id_(e.g._65535_or_1000000)}:</td>
+    <td><input name="newsettings[account_max_id]" value="{value_account_max_id}" /></td>
+   </tr>
+   <tr class="row_off">
+    <td>{lang_User_account_prefix}:</td>
+    <td><input name="newsettings[account_prefix]" value="{value_account_prefix}" /></td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_Usernames_are_casesensitive}:</td>
+    <td>
+      <select name="newsettings[case_sensitive_username]">
+       <option value="">{lang_No}</option>
+       <option value="True"{selected_case_sensitive_username_True}>{lang_Yes}</option>
+      </select>
+    </td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_Auto_create_account_records_for_authenticated_users}:</td>
+    <td>
+      <select name="newsettings[auto_create_acct]">
+       <option value="">{lang_No}</option>
+       <option value="True"{selected_auto_create_acct_True}>{lang_Yes}</option>
+       <option value="lowercase"{selected_auto_create_acct_lowercase}>{lang_Yes,_with lowercase_usernames}</option>
+      </select>
+    </td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_Auto-created_user_accounts_expire}:</td>
+    <td>
+     <select name="newsettings[auto_create_expire]">
+      <option value="604800"{selected_auto_create_expire_604800}>{lang_one_week}</option>
+      <option value="1209600"{selected_auto_create_expire_1209600}>{lang_two_weeks}</option>
+      <option value="2592000"{selected_auto_create_expire_2592000}>{lang_one_month}</option>
+      <option value="never"{selected_auto_create_expire_never}>{lang_Never}</option>
+     </select>
+    </td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_Add_auto-created_users_to_this_group_('Default'_will_be_attempted_if_this_is_empty.)}:</td>
+    <td><input name="newsettings[default_group_lid]" value="{value_default_group_lid}" /></td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_If_no_ACL_records_for_user_or_any_group_the_user_is_a_member_of}:</td>
+    <td>
+     <select name="newsettings[acl_default]">
+      <option value="deny"{selected_acl_default_deny}>{lang_Deny_Access}</option>
+      <option value="grant"{selected_acl_default_grant}>{lang_Grant_Access}</option>
+     </select>
+    </td>
+   </tr>
+
+   <tr class="row_off">
+    <td colspan="2">&nbsp;</td>
+   </tr>
+
+   <tr class="th">
+    <td colspan="2"><b>{lang_If_using_LDAP}:</b></td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_LDAP_host}:</td>
+    <td><input name="newsettings[ldap_host]" value="{value_ldap_host}" /></td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_LDAP_accounts_context}:</td>
+    <td><input name="newsettings[ldap_context]" value="{value_ldap_context}" size="40" /></td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_LDAP_search_filter_for_accounts,_default:_"(uid=%user)",_%domain=eGW-domain}:</td>
+    <td><input name="newsettings[ldap_search_filter]" value="{value_ldap_search_filter}" size="40" /></td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_LDAP_groups_context}:</td>
+    <td><input name="newsettings[ldap_group_context]" value="{value_ldap_group_context}" size="40" /></td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_LDAP_rootdn} {lang_(searching_accounts_and_changing_passwords)}:</td>
+    <td><input name="newsettings[ldap_root_dn]" value="{value_ldap_root_dn}" size="40" /></td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_LDAP_root_password}:</td>
+    <td><input name="newsettings[ldap_root_pw]" type="password" value="{value_ldap_root_pw}" /></td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_LDAP_encryption_type}:</td>
+    <td>
+     <select name="newsettings[ldap_encryption_type]">
+{hook_passwdhashes}
+     </select>
+    </td>
+   </tr>
+
+   <tr class="row_off">
+     <td>{lang_Do_you_want_to_manage_homedirectory_and_loginshell_attributes?}:</td>
+     <td>
+      <select name="newsettings[ldap_extra_attributes]">
+       <option value="">{lang_No}</option>
+       <option value="True"{selected_ldap_extra_attributes_True}>{lang_Yes}</option>
+      </select>
+     </td>
+    </tr>
+
+   <tr class="row_on">
+    <td>{lang_LDAP_Default_homedirectory_prefix_(e.g._/home_for_/home/username)}:</td>
+    <td><input name="newsettings[ldap_account_home]" value="{value_ldap_account_home}" /></td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_LDAP_Default_shell_(e.g._/bin/bash)}:</td>
+    <td><input name="newsettings[ldap_account_shell]" value="{value_ldap_account_shell}" /></td>
+   </tr>
+
+   <tr class="row_on">
+     <td>{lang_Allow_usernames_identical_to_system_users?}:</td>
+     <td>
+      <select name="newsettings[ldap_allow_systemusernames]">
+       <option value="">{lang_No}</option>
+       <option value="True"{selected_ldap_allow_systemusernames_True}>{lang_Yes}</option>
+      </select>
+     </td>
+    </tr>
+
+   <tr class="row_off" valign="top">
+    <td>
+     <a href="account_migration.php"><b>{lang_Migration_between_eGroupWare_account_repositories}:</b></a>
+    </td>
+    <td>
+      <li>{lang_Account_repository_need_to_be_set_to_the_one_you_migrate_to!}</li>
+      <li>{lang_You_need_to_save_the_settings_you_made_here_first!}</li>
+    </td>
+   </tr>
+
+   <tr class="th">
+    <td colspan="2"><b>{lang_If_using_CAS_(Central_Authentication_Service):}</b></td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_CAS_server_host_name:<br />Example:_sso-cas.univ-rennes1.fr}</td>
+    <td><input name="newsettings[cas_server_host_name]" value="{value_cas_server_host_name}" size="40" /></td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_CAS_server_port:<br />Example:_443}</td>
+    <td><input name="newsettings[cas_server_port]" value="{value_cas_server_port}" size="40" /></td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_CAS_server_uri:}</td>
+    <td><input name="newsettings[cas_server_uri]" value="{value_cas_server_uri}" size="40" /></td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_Authentification_mode:}</td>
+    <td>
+     <select name="newsettings[cas_authentication_mode]">
+      <option value="Client"{selected_cas_authentication_mode_Client}>{lang_php_Client}</option>
+      <option value="Proxy"{selected_cas_authentication_mode_Proxy}>{lang_php_Proxy}</option>
+     </select>
+    </td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_SSL_validation:}</td>
+    <td>
+     <select name="newsettings[cas_ssl_validation]">
+      <option value="No"{selected_cas_ssl_validation_No}>{lang_No}</option>
+      <option value="PEMCertificate"{selected_cas_ssl_validation_PEMCertificate}>{lang_PEM_Certificate}</option>
+      <option value="CACertificate"{selected_cas_ssl_validation_CACertificate}>{lang_CA_Certificate}</option>
+     </select>
+    </td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_Certificate_(PEM_or_CA):}</td>
+    <td><input name="newsettings[cas_cert]" value="{value_cas_cert}" size="40" /></td>
+   </tr>
+
+   <tr class="row_on">
+    <td colspan="2">&nbsp;</td>
+   </tr>
+
+   <tr class="th">
+    <td colspan="2"><b>{lang_If_using_ADS_(Active_Directory)_authentication}:</b></td>
+   </tr>
+   <tr class="row_off">
+     <td>{lang_Host/IP_Domain_controler}:</td>
+     <td><input name="newsettings[ads_host]" value="{value_ads_host}" size="40" /></td>
+   </tr>
+   <tr class="row_on">
+     <td>{lang_Domain_name}:</td>
+     <td><input name="newsettings[ads_domain]" value="{value_ads_domain}" size="40" /></td>
+   </tr>
+
+   <tr class="row_off">
+    <td colspan="2">&nbsp;</td>
+   </tr>
+<!--
+   <tr class="th">
+    <td colspan="2"><b>{lang_Mcrypt_settings_(requires_mcrypt_PHP_extension)}</b></td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_Enter_some_random_text_for_app_session_encryption}:</td>
+    <td><input name="newsettings[encryptkey]" value="{value_encryptkey}" size="40" /></td>
+   </tr>
+
+   <tr class="row_off">
+    <td>{lang_Mcrypt_algorithm_(default_TRIPLEDES)}:</td>
+    <td>
+     <select name="newsettings[mcrypt_algo]">
+{hook_encryptalgo}
+     </select>
+    </td>
+   </tr>
+
+   <tr class="row_on">
+    <td>{lang_Mcrypt_mode_(default_CBC)}:</td>
+    <td>
+     <select name="newsettings[mcrypt_mode]">
+{hook_encryptmode}
+     </select>
+    </td>
+   </tr>
+
+   <tr class="row_off">
+    <td colspan="2">&nbsp;</td>
+   </tr>
+-->
+<!-- end from admin -->
+
+<!-- END body -->
+
+<!-- BEGIN footer -->
+  <tr class="th">
+    <td colspan="2">
+	&nbsp;
+    </td>
+  </tr>
+  <tr>
+    <td colspan="2" align="center">
+      <input type="submit" name="submit" value="Submit" />
+      <input type="submit" name="cancel" value="Cancel" />
+    </td>
+  </tr>
+</table>
+</form>
+<!-- END footer -->
+
+