* @version 1.0 */ /** * Path */ define('EVOADMIN_BASE','./'); /** * PHP cookies session */ session_name('EVOADMIN_SESS'); session_start(); if (isset($_SESSION['login'])) { // $login var need for debut.php $login = $_SESSION['login']; /** * Requires */ require_once EVOADMIN_BASE . 'common.php'; include EVOADMIN_BASE . 'haut.php'; include EVOADMIN_BASE . 'inc/add.js'; include EVOADMIN_BASE . 'debut.php'; $rdn = $_SESSION['rdn']; /** * Account modification */ if (isset($_GET['view'])) { $uid = Html::clean($_GET['view']); $ldapconn = Ldap::lda_connect(LDAP_ADMIN_DN,LDAP_ADMIN_PASS); $filter="(uid=$uid)"; $sr=ldap_search($ldapconn, $rdn, $filter); $info = ldap_get_entries($ldapconn, $sr); $cn = $info[0]["cn"][0]; $sn = $info[0]["sn"][0]; $gid = $info[0]["gidnumber"][0]; // optional $mail = array_key_exists("mail",$info[0]) ? $info[0]["mail"][0] : ''; // Cas d'un compte Samba if (($conf['admin']['what'] == 2) || ($conf['admin']['what'] == 3)) { $displayname = $info[0]["displayname"][0]; $sambagroup = array_search($gid,getsambagroups('unix')); if (!$sambagroup) { $sambagroup = "!!undefined!!"; } } /** * Set account modification */ if ( (isset($_GET['modif'])) && ($_GET['modif'] == 'yes')) { print "
Modification en cours...
"; // TODO : contraintes sur cn, sn, etc. if ( $cn != Html::clean($_POST['cn']) ) { $new["cn"] = Html::justclean(Html::purgeaccents(utf8_decode($_POST['cn']))); if ($conf['evoadmin']['version'] == 1) { $new["sn"] = $new["cn"]; } } if ( ($conf['evoadmin']['version'] > 1) && (!$conf['domaines']['ldap']['virtual']) && ( $sn != Html::clean($_POST['sn']) ) ) { $new["sn"] = Html::justclean(Html::purgeaccents(utf8_decode($_POST['sn']))); } if ( (!$conf['domaines']['ldap']['virtual']) && ( $mail != Html::clean($_POST['mail']) )) { $new["mail"] = Html::clean($_POST['mail']); } if ( $_POST['pass1'] != '' ) { if ( $_POST['pass1'] != $_POST['pass2'] ) { print "Erreur, vous avez tapé deux mots de passe différents
"; EvoLog::log("Reinit password failed for $uid by $login"); exit(1); } if ( Auth::badpassword($_POST['pass1']) ) { print "Erreur, mot de passe invalide (trop court ou avec des caracteres incorrects)
"; EvoLog::log("Set password failed for $uid by $login"); exit(1); } $new["userPassword"] = "{SSHA}".Ldap::ssha($_POST['pass1']); // Cas d'un compte Samba if (($conf['admin']['what'] == 2) || ($conf['admin']['what'] == 3)) { $new["sambaPwdLastSet"] = strtotime("now"); $new["sambaLMPassword"] = Ldap::sambalm($_POST['pass1']); $new["sambaNTPassword"] = Ldap::sambant($_POST['pass1']); $new["shadowLastChange"] = floor(strtotime("now")/(3600*24)); } } $postisactive = (isset($_POST['isactive']) ? 'TRUE' : 'FALSE'); if ( $info[0]["isactive"][0] != $postisactive ) { $new["isActive"] = $postisactive; } $postisadmin = (isset($_POST['isadmin']) ? 'TRUE' : 'FALSE'); if ( $info[0]["isadmin"][0] != $postisadmin ) { $new["isAdmin"] = $postisadmin; } if ($_POST['loginshell'] != $info[0]['loginshell'][0]) { $new["loginShell"] = Html::clean($_POST['loginshell']); } // only for mail mode if (($conf['admin']['what'] == 1) || ($conf['admin']['what'] == 3)) { $postaccountactive = (isset($_POST['accountactive']) ? 'TRUE' : 'FALSE'); if ( $info[0]["accountactive"][0] != $postaccountactive ) { $new["accountActive"] = $postaccountactive; } $postauthsmtpactive = (isset($_POST['authsmtpactive']) ? 'TRUE' : 'FALSE'); if ( $info[0]["authsmtpactive"][0] != $postauthsmtpactive ) { $new["authsmtpActive"] = $postauthsmtpactive; } $postwebmailactive = (isset($_POST['webmailactive']) ? 'TRUE' : 'FALSE'); if ( $info[0]["webmailactive"][0] != $postwebmailactive ) { $new["webmailActive"] = $postwebmailactive; } $postcourieractive = (isset($_POST['courieractive']) ? 'TRUE' : 'FALSE'); if ( $info[0]["courieractive"][0] != $postcourieractive ) { $new["courierActive"] = $postcourieractive; } // on obtient une table avec les nouveaux champs mailacceptinggeneralid // TODO : if driver == ldap, verifier le domaine !! $count = array_shift($info[0]["mailacceptinggeneralid"]); // Compatibilite anciens schemas LDAP et mode "virtuel" if (($conf['evoadmin']['version'] == 1) || ($conf['domaines']['ldap']['virtual'])) { // add @domain for each element array_walk($_POST['mailaccept'],'adddomain'); } $newmailaccept = array_pop($_POST['mailaccept']); if ( ($newmailaccept != NULL) | array_diff($info[0]["mailacceptinggeneralid"],$_POST['mailaccept']) ) { $new["mailacceptinggeneralid"] = $_POST['mailaccept']; $new["mailacceptinggeneralid"][$count]= $newmailaccept; // on vire les valeurs nulles en triant puis supprimant les premieres valeurs sort($new["mailacceptinggeneralid"]); while ( $new["mailacceptinggeneralid"][0] == NULL ) { array_shift($new["mailacceptinggeneralid"]); // on evite une boucle infinie if ( count($new["mailacceptinggeneralid"]) == 0 ) { print "Erreur, vous devez avoir au moins un mail entrant\n"; exit(1); } } } // idem avec maildrop $count = array_shift($info[0]["maildrop"]); $newmaildrop = array_pop($_POST['maildrop']); if ( ($newmaildrop != NULL) | array_diff($info[0]["maildrop"],$_POST['maildrop']) ) { $new["maildrop"] = $_POST['maildrop']; $new["maildrop"][$count]= $newmaildrop; // on vire les valeurs nulles sort($new["maildrop"]); while ( $new["maildrop"][0] == NULL ) { array_shift($new["maildrop"]); // on evite une boucle infinie if ( count($new["maildrop"]) == 0 ) { print "Erreur, vous devez avoir au moins une redirection.\n"; exit(1); } } } } // only for samba mode if (($conf['admin']['what'] == 2) || ($conf['admin']['what'] == 3)) { $postsmbactive = (isset($_POST['smbactive']) ? 'TRUE' : 'FALSE'); if ( $info[0]["smbactive"][0] != $postsmbactive ) { $new["smbActive"] = $postsmbactive; } if ( $displayname != Html::clean($_POST['displayname']) ) { $new["displayname"] = Html::clean($_POST['displayname']); } } // if $new not null, set modification if ( (isset($new)) && ($new != NULL) ) { $sr=ldap_modify($ldapconn,"uid=" .$uid. ",".$rdn,$new); // Si LDAP est content, c'est bon :) if ( $sr ) { print "Modifications effectuées.
"; print "Voir le compte modifié"; } else { print "Erreur, envoyez le message d'erreur suivant à votre administrateur :
"; var_dump($new); Evolog::log("Modify error of $uid by $login"); } } else { print "Aucune modification nécessaire.
"; } print "Erreur, compte inexistant
"; EvoLog::log("login $uid unknown"); exit(1); } print "Modifiez les champs que vous désirez changer.
[*] indique ceux qui ne doivent pas être nuls.
Vous pouvez réinitialiser le mot de passe si besoin.
Suppression $uid en cours...
"; // Verify if person exists... // TODO : /!\ il faudrait verifier le DN plutot que le uid if (!Ldap::is_uid($uid)) { print "Erreur, compte inexistant
"; EvoLog::log("Delete $uid failed (user doesn't exist)."); // *Try* to verify if user is always in aliases... } elseif (Ldap::is_what($uid,'maildrop')>1) { print "Erreur, compte encore présent dans certains alias
"; EvoLog::log("Delete $uid failed (user always in aliases)."); // LDAP deletion } elseif (Ldap::lda_del($ldapconn,"uid=" .$uid. "," .$rdn)) { if (!$conf['domaines']['ldap']['virtual']) { // script suppression systeme unix_del($uid); } // TODO : suppression params HORDE // $query = 'delete from horde_prefs where pref_uid="' .$uid. '"'; print "Suppression $uid effectuée.
"; EvoLog::log("Del user ".$uid); } else { print "$uid
";
print "Tous ses messages et paramètres seront définitivement perdus.
Erreur, mot de passe invalide (trop court ou avec des caracteres incorrects)
"; EvoLog::log("Set password failed for $postuid by $login"); exit(1); } $cn = Html::justclean(Html::purgeaccents(utf8_decode($_POST['cn']))); if (badname($postuid)) { print "Erreur, mail deja present !
"; EvoLog::log("$mail already exists by $login"); exit(1); } // ...sinon on le change legerement ! $tmp = 1; $uid = $postuid; while (Ldap::is_uid($uid)) { $tmp++; $uid = $postuid.$tmp; } } else { $uid = $mail; if (Ldap::is_uid($uid)) { print "Erreur, mail deja present !
"; EvoLog::log("$uid already exists by $login"); exit(1); } } // Cas d'un compte Samba if (($conf['admin']['what'] == 2) || ($conf['admin']['what'] == 3)) { $smbgroup = Html::clean($_POST['smbgroup']); $tmp = getsambagroups('unix'); $gid = $tmp[$smbgroup]; } else { $gid = getgid($_SESSION['domain']); } if ( $gid < 1 ) { print "Erreur, groupe non detecte..."; exit(1); } print "Ajout effectué.
"; print "Voir le compte créé"; EvoLog::log("Add user ".$uid); // notification par mail mailnotify($info,$_SESSION['domain'],$_POST['pass1']); if ($conf['samba']['admin_default'] == true) { // ajout dans le groupe smbadmins par defaut #7015 $entry_group_smbadmins["memberUid"] = $uid; ldap_mod_add($ldapconn, "cn=smbadmins,ou=group,dc=cleo,dc=cnrs,dc=fr", $entry_group_smbadmins); } } else { print "Erreur, envoyez le message d'erreur suivant à votre administrateur :
"; var_dump($info); EvoLog::log("Add $uid failed"); } print "