1 | <?php |
---|
2 | /**********************************************************************************\ |
---|
3 | * Expresso Administração * |
---|
4 | * by Joao Alfredo Knopik Junior (joao.alfredo@gmail.com, jakjr@celepar.pr.gov.br) * |
---|
5 | * --------------------------------------------------------------------------------* |
---|
6 | * This program is free software; you can redistribute it and/or modify it * |
---|
7 | * under the terms of the GNU General Public License as published by the * |
---|
8 | * Free Software Foundation; either version 2 of the License, or (at your * |
---|
9 | * option) any later version. * |
---|
10 | \**********************************************************************************/ |
---|
11 | |
---|
12 | include_once('class.ldap_functions.inc.php'); |
---|
13 | include_once('class.db_functions.inc.php'); |
---|
14 | include_once('class.imap_functions.inc.php'); |
---|
15 | include_once('class.functions.inc.php'); |
---|
16 | |
---|
17 | class user |
---|
18 | { |
---|
19 | var $ldap_functions; |
---|
20 | var $db_functions; |
---|
21 | var $imap_functions; |
---|
22 | var $functions; |
---|
23 | var $current_config; |
---|
24 | |
---|
25 | function user() |
---|
26 | { |
---|
27 | $this->ldap_functions = new ldap_functions; |
---|
28 | $this->db_functions = new db_functions; |
---|
29 | $this->imap_functions = new imap_functions; |
---|
30 | $this->functions = new functions; |
---|
31 | $this->current_config = $_SESSION['phpgw_info']['expresso']['expressoAdmin']; |
---|
32 | } |
---|
33 | |
---|
34 | function create($params) |
---|
35 | { |
---|
36 | $return['status'] = true; |
---|
37 | //$params['context'] = $params['dn']; |
---|
38 | $params['context'] = $params['ldap_relative_path']; |
---|
39 | // Verifica o acesso do gerente |
---|
40 | if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'add_users')) |
---|
41 | { |
---|
42 | // Adiciona a organização na frente do uid. |
---|
43 | if ($this->current_config['expressoAdmin_prefix_org'] == 'true') |
---|
44 | { |
---|
45 | $context_dn = ldap_explode_dn(strtolower($GLOBALS['phpgw_info']['server']['ldap_context']), 1); |
---|
46 | |
---|
47 | $explode_dn = ldap_explode_dn(strtolower($params['context']), 1); |
---|
48 | $explode_dn = array_reverse($explode_dn); |
---|
49 | //$params['uid'] = $explode_dn[3] . '-' . $params['uid']; |
---|
50 | $params['uid'] = $explode_dn[$context_dn['count']] . '-' . $params['uid']; |
---|
51 | } |
---|
52 | // Caso o login for um CPF, o uidNumber deverá ser esse CPF, sem os dígitos verificadores, sem os zeros iniciais (se houver). |
---|
53 | if(($params['uid'] + 0)and(strlen($params['uid'])==11)and($this->validarCPF($params['uid']))) |
---|
54 | { |
---|
55 | $id = substr($params['uid'],0,-2); |
---|
56 | $id = $id + 0; |
---|
57 | } |
---|
58 | else |
---|
59 | { |
---|
60 | // Leio o ID a ser usado na criação do objecto. Esta função já incrementa o ID no BD. |
---|
61 | $next_id = ($this->db_functions->get_next_id('accounts')); |
---|
62 | if ((!is_numeric($next_id['id'])) || (!$next_id['status'])) |
---|
63 | { |
---|
64 | $return['status'] = false; |
---|
65 | $return['msg'] = "Problemas obtendo ID do usuário.\n" . $id['msg']; |
---|
66 | return $return; |
---|
67 | } |
---|
68 | else |
---|
69 | { |
---|
70 | $id = $next_id['id']; |
---|
71 | } |
---|
72 | } |
---|
73 | // Cria array para incluir no LDAP |
---|
74 | $dn = 'uid=' . $params['uid'] . ',' . $params['context']; |
---|
75 | |
---|
76 | $user_info = array(); |
---|
77 | $user_info['accountStatus'] = $params['accountstatus'] == 1 ? 'active' : 'desactive'; |
---|
78 | $user_info['cn'] = $params['givenname'] . ' ' . $params['sn']; |
---|
79 | $user_info['gidNumber'] = $params['gidnumber']; |
---|
80 | $user_info['givenName'] = $params['givenname']; |
---|
81 | $user_info['homeDirectory'] = '/home/' . $params['uid']; |
---|
82 | $user_info['mail'] = $params['mail']; |
---|
83 | $user_info['objectClass'][] = 'posixAccount'; |
---|
84 | $user_info['objectClass'][] = 'inetOrgPerson'; |
---|
85 | $user_info['objectClass'][] = 'shadowAccount'; |
---|
86 | // O if abaixo decide se vai usar o objectClass qmailuser ( deve ser usado qdo for openldap no lugar do rhds). |
---|
87 | // No "setup" deve ser alterado o parametro do header de serprousr para person para usar o openldap. |
---|
88 | if(!$GLOBALS['phpgw_info']['server']['atributousuarios'] or $GLOBALS['phpgw_info']['server']['atributousuarios'] == "person") |
---|
89 | { |
---|
90 | $user_info['objectClass'][] = 'qmailuser'; |
---|
91 | } |
---|
92 | $user_info['objectClass'][] = 'phpgwaccount'; |
---|
93 | $user_info['objectClass'][] = 'top'; |
---|
94 | $user_info['objectClass'][] = 'person'; |
---|
95 | $user_info['objectClass'][] = 'organizationalPerson'; |
---|
96 | $user_info['objectClass'][] = 'sambasamaccount'; |
---|
97 | $user_info['sambasid'] = '1'; |
---|
98 | //verifica se o atributo usuários foi declarado no header e se o seu valor ja nao foi apresentado como uma objectclass |
---|
99 | if(isset($GLOBALS['phpgw_info']['server']['atributousuarios']) and !(array_search(($GLOBALS['phpgw_info']['server']['atributousuarios']), $user_info['objectClass']))) |
---|
100 | { |
---|
101 | $user_info['objectClass'][] = $GLOBALS['phpgw_info']['server']['atributousuarios']; |
---|
102 | } |
---|
103 | $user_info['phpgwAccountType'] = 'u'; |
---|
104 | $user_info['sn'] = $params['sn']; |
---|
105 | $user_info['uid'] = $params['uid']; |
---|
106 | $user_info['uidnumber'] = $id; |
---|
107 | switch ($this->current_config['expressoAdmin_passwordCrypt']) |
---|
108 | { |
---|
109 | case "md5": |
---|
110 | $user_info['userPassword'] = '{md5}'.base64_encode(pack("H*",md5($params['password1']))); |
---|
111 | break; |
---|
112 | case "plain": |
---|
113 | $user_info['userPassword'] = $params['password1']; |
---|
114 | break; |
---|
115 | default: |
---|
116 | $user_info['userPassword'] = '{md5}'.base64_encode(pack("H*",md5($params['password1']))); |
---|
117 | } |
---|
118 | //verificando o formato do atributo de expiracao |
---|
119 | $ldap_info = $this->ldap_functions->get_user_info($_SESSION['phpgw_info']['expresso']['user']['account_id']); |
---|
120 | //alterando o atributo de expiracao |
---|
121 | if(isset($GLOBALS['phpgw_info']['server']['atributoexpiracao'])) |
---|
122 | { |
---|
123 | if(substr($ldap_info['atributoexpiracao'],-1,1)=="Z") |
---|
124 | { |
---|
125 | ###quando a data de expiração estah no formato yyyymmddhhmmssZ |
---|
126 | $user_info[$GLOBALS['phpgw_info']['server']['atributoexpiracao']] = '19800101000000Z'; |
---|
127 | } |
---|
128 | else |
---|
129 | { |
---|
130 | ###Outro atributo ldap que, assim como o phpgwaccountexpires, tambem contem hora em formato unix |
---|
131 | $user_info[$GLOBALS['phpgw_info']['server']['atributoexpiracao']] = '0'; |
---|
132 | } |
---|
133 | } |
---|
134 | else |
---|
135 | { |
---|
136 | $ldap_mod_replace['phpgwaccountexpires'] = '0'; |
---|
137 | } |
---|
138 | |
---|
139 | // Gerenciar senhas RFC2617 |
---|
140 | if ($this->current_config['expressoAdmin_userPasswordRFC2617'] == 'true') |
---|
141 | { |
---|
142 | $realm = $this->current_config['expressoAdmin_realm_userPasswordRFC2617']; |
---|
143 | $uid = $user_info['uid']; |
---|
144 | $password = $params['password1']; |
---|
145 | $user_info['userPasswordRFC2617'] = $realm . ': ' . md5("$uid:$realm:$password"); |
---|
146 | } |
---|
147 | if ($params['phpgwaccountstatus'] == '1') |
---|
148 | $user_info['phpgwAccountStatus'] = 'A'; |
---|
149 | |
---|
150 | if ($params['departmentnumber'] != '') |
---|
151 | $user_info['departmentnumber'] = $params['departmentnumber']; |
---|
152 | |
---|
153 | // if ($params['telephonenumber'] != '') |
---|
154 | // $user_info['telephoneNumber'] = $params['telephonenumber']; |
---|
155 | |
---|
156 | // Cria user_info no caso de ter alias e forwarding email. |
---|
157 | foreach ($params['mailalternateaddress'] as $index=>$mailalternateaddress) |
---|
158 | { |
---|
159 | if ($mailalternateaddress != '') |
---|
160 | $user_info['mailAlternateAddress'][] = $mailalternateaddress; |
---|
161 | } |
---|
162 | |
---|
163 | foreach ($params['mailforwardingaddress'] as $index=>$mailforwardingaddress) |
---|
164 | { |
---|
165 | if ($mailforwardingaddress != '') |
---|
166 | $user_info['mailForwardingAddress'][] = $mailforwardingaddress; |
---|
167 | } |
---|
168 | |
---|
169 | foreach ($params['accountOwners'] as $index=>$responsavel) |
---|
170 | { |
---|
171 | if ($responsavel != '') |
---|
172 | $user_info['responsavel'][] = $responsavel; |
---|
173 | } |
---|
174 | |
---|
175 | if ($params['deliverymode']) |
---|
176 | $user_info['deliveryMode'] = 'forwardOnly'; |
---|
177 | |
---|
178 | //Ocultar da pesquisa e do catï¿œlogo |
---|
179 | if ($params['phpgwaccountvisible']) |
---|
180 | $user_info['phpgwAccountVisible'] = '-1'; |
---|
181 | |
---|
182 | // Suporte ao SAMBA |
---|
183 | if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($params['use_attrs_samba'] == 'on')) |
---|
184 | { |
---|
185 | // Qualquer um que crie um usuário, deve ter permissão para adicionar a senha samba. |
---|
186 | // Verifica o acesso do gerente aos atributos samba |
---|
187 | //if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_sambausers_attributes')) |
---|
188 | //{ |
---|
189 | //Verifica se o binario para criar as senhas do samba exite. |
---|
190 | if (!is_file('/home/expressolivre/mkntpwd')) |
---|
191 | { |
---|
192 | $return['status'] = false; |
---|
193 | $return['msg'] .= "O arquivo binário /home/expressolivre/mkntpwd não exite.\\nEle é necessário para a criação das senhas usadas pelo SAMBA.\\nInforme o administrador ExpressoLivre sobre isto."; |
---|
194 | } |
---|
195 | else |
---|
196 | { |
---|
197 | $user_info['objectClass'][] = 'sambaSamAccount'; |
---|
198 | $user_info['loginShell'] = '/bin/bash'; |
---|
199 | |
---|
200 | $user_info['sambaSID'] = $params['sambadomain'] . '-' . ((2 * $id)+1000); |
---|
201 | $user_info['sambaPrimaryGroupSID'] = $params['sambadomain'] . '-' . ((2 * $user_info['gidNumber'])+1001); |
---|
202 | |
---|
203 | $user_info['sambaAcctFlags'] = $params['sambaacctflags']; |
---|
204 | |
---|
205 | $user_info['sambaLogonScript'] = $params['sambalogonscript']; |
---|
206 | $user_info['homeDirectory'] = $params['sambahomedirectory']; |
---|
207 | |
---|
208 | $user_info['sambaLMPassword'] = exec('/home/expressolivre/mkntpwd -L '.$params['password1']); |
---|
209 | $user_info['sambaNTPassword'] = exec('/home/expressolivre/mkntpwd -N '.$params['password1']); |
---|
210 | $user_info['sambaPasswordHistory'] = '0000000000000000000000000000000000000000000000000000000000000000'; |
---|
211 | |
---|
212 | $user_info['sambaPwdCanChange'] = strtotime("now"); |
---|
213 | $user_info['sambaPwdLastSet'] = strtotime("now"); |
---|
214 | $user_info['sambaPwdMustChange'] = '2147483647'; |
---|
215 | } |
---|
216 | //} |
---|
217 | } |
---|
218 | |
---|
219 | // Verifica o acesso do gerente aos atributos corporativos |
---|
220 | if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'manipulate_corporative_information')) |
---|
221 | { |
---|
222 | foreach ($params as $atribute=>$value) |
---|
223 | { |
---|
224 | $pos = strstr($atribute, 'corporative_information_'); |
---|
225 | if ($pos !== false) |
---|
226 | { |
---|
227 | if ($params[$atribute]) |
---|
228 | { |
---|
229 | $ldap_atribute = str_replace("corporative_information_", "", $atribute); |
---|
230 | $user_info[$ldap_atribute] = $params[$atribute]; |
---|
231 | } |
---|
232 | } |
---|
233 | } |
---|
234 | } |
---|
235 | |
---|
236 | $result = $this->ldap_functions->ldap_add_entry($dn, $user_info); |
---|
237 | if (!$result['status']) |
---|
238 | { |
---|
239 | $return['status'] = false; |
---|
240 | $return['msg'] .= "Problemas na inclusão do usuário no ldap. ".$result['msg']; |
---|
241 | } |
---|
242 | else |
---|
243 | { |
---|
244 | // Chama funcao para salvar foto no OpenLDAP. |
---|
245 | if ( ($_FILES['photo']['name'] != '') && ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users_picture')) ) |
---|
246 | { |
---|
247 | $result = $this->ldap_functions->ldap_save_photo($dn, $_FILES['photo']['tmp_name']); |
---|
248 | if (!$result['status']) |
---|
249 | { |
---|
250 | $return['status'] = false; |
---|
251 | $return['msg'] .= $result['msg']; |
---|
252 | } |
---|
253 | } |
---|
254 | //GROUPS |
---|
255 | if ($params['groups']) |
---|
256 | { |
---|
257 | foreach ($params['groups'] as $gidnumber) |
---|
258 | { |
---|
259 | $result = $this->ldap_functions->add_user2group($gidnumber, $user_info['uid']); |
---|
260 | if (!$result['status']) |
---|
261 | { |
---|
262 | $return['status'] = false; |
---|
263 | $return['msg'] .= $result['msg']; |
---|
264 | } |
---|
265 | $result = $this->db_functions->add_user2group($gidnumber, $id); |
---|
266 | if (!$result['status']) |
---|
267 | { |
---|
268 | $return['status'] = false; |
---|
269 | $return['msg'] .= $result['msg']; |
---|
270 | } |
---|
271 | } |
---|
272 | } |
---|
273 | // Inclusao do Mail do usuário nas listas de email selecionadas. |
---|
274 | if ($params['maillists']) |
---|
275 | { |
---|
276 | foreach($params['maillists'] as $uid) |
---|
277 | { |
---|
278 | $result = $this->ldap_functions->add_user2maillist($uid, $user_info['mail']); |
---|
279 | if (!$result['status']) |
---|
280 | { |
---|
281 | $return['status'] = false; |
---|
282 | $return['msg'] .= $result['msg']; |
---|
283 | } |
---|
284 | } |
---|
285 | } |
---|
286 | // APPS |
---|
287 | if (count($params['apps'])) |
---|
288 | { |
---|
289 | $result = $this->db_functions->add_id2apps($id, $params['apps']); |
---|
290 | if (!$result['status']) |
---|
291 | { |
---|
292 | $return['status'] = false; |
---|
293 | $return['msg'] .= $result['msg']; |
---|
294 | } |
---|
295 | } |
---|
296 | // Chama funcao para incluir no pgsql as preferência de alterar senha. |
---|
297 | if ($params['changepassword']) |
---|
298 | { |
---|
299 | $result = $this->db_functions->add_pref_changepassword($id); |
---|
300 | if (!$result['status']) |
---|
301 | { |
---|
302 | $return['status'] = false; |
---|
303 | $return['msg'] .= $result['msg']; |
---|
304 | } |
---|
305 | } |
---|
306 | // Chama funcao para criar mailbox do usuario, no imap-cyrus. |
---|
307 | $result = $this->imap_functions->create($params['uid'], $params['mailquota']); |
---|
308 | if (!$result['status']) |
---|
309 | { |
---|
310 | $return['status'] = false; |
---|
311 | $return['msg'] .= $result['msg']; |
---|
312 | } |
---|
313 | $this->db_functions->write_log('criado usuario','',$dn,'',''); |
---|
314 | } |
---|
315 | } |
---|
316 | |
---|
317 | return $return; |
---|
318 | } |
---|
319 | |
---|
320 | function save($new_values) |
---|
321 | { |
---|
322 | $return['status'] = true; |
---|
323 | $old_values = $this->get_user_info($new_values['uidnumber']); |
---|
324 | $dn = 'uid=' . $old_values['uid'] . ',' . strtolower($old_values['context']); |
---|
325 | //Nao realiza a troca de dn ldap |
---|
326 | if($this->current_config['expressoAdmin_allowO rganizations']=='false') |
---|
327 | { |
---|
328 | $new_values['context']=$old_values['context']; |
---|
329 | } |
---|
330 | $diff = array_diff($new_values, $old_values); |
---|
331 | $manager_account_lid = $_SESSION['phpgw_info']['expresso']['user']['account_lid']; |
---|
332 | if ((!$this->functions->check_acl($manager_account_lid,'edit_users')) && |
---|
333 | (!$this->functions->check_acl($manager_account_lid,'change_users_password')) && |
---|
334 | (!$this->functions->check_acl($manager_account_lid,'edit_sambausers_attributes')) && |
---|
335 | (!$this->functions->check_acl($manager_account_lid,'manipulate_corporative_information')) && |
---|
336 | (!$this->functions->check_acl($manager_account_lid,'edit_users_phonenumber')) |
---|
337 | ) |
---|
338 | { |
---|
339 | $return['status'] = false; |
---|
340 | $return['msg'] = 'Você não tem direito de editar informações de usuários.'; |
---|
341 | return $return; |
---|
342 | } |
---|
343 | |
---|
344 | // Verifica o acesso do gerente |
---|
345 | if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users')) |
---|
346 | { |
---|
347 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
348 | // Change user organization |
---|
349 | if ($diff['context']) |
---|
350 | { |
---|
351 | $newrdn = 'uid=' . $new_values['uid']; |
---|
352 | $newparent = $new_values['context']; |
---|
353 | $result = $this->ldap_functions->change_user_context($dn, $newrdn, $newparent); |
---|
354 | if (!$result['status']) |
---|
355 | { |
---|
356 | $return['status'] = false; |
---|
357 | $return['msg'] .= $result['msg']; |
---|
358 | } |
---|
359 | else |
---|
360 | { |
---|
361 | $dn = $newrdn . ',' . $newparent; |
---|
362 | $this->db_functions->write_log('alterado contexto do usuário','',$dn,'',''); |
---|
363 | } |
---|
364 | } |
---|
365 | |
---|
366 | ///////////////////////////////////////////////////////////////////////////////////////// |
---|
367 | //ATIVIDADES NECESSARIAS PARA O CASO DA CONTA EXISTIR APENAS NO LDAP |
---|
368 | // Chama funcao para criar mailbox do usuario, no imap-cyrus. |
---|
369 | $result = $this->imap_functions->create($old_values['uid'], $new_values['mailquota']); |
---|
370 | // Chama funcao para incluir no pgsql as preferencias de alterar senha. |
---|
371 | $result = $this->db_functions->add_pref_changepassword($new_values['uidnumber']); |
---|
372 | $findPhpgwaccount = false; |
---|
373 | foreach ($old_values['objectclass'] as $objectclass) |
---|
374 | { |
---|
375 | if(strtolower($objectclass) == 'phpgwaccount' ) |
---|
376 | { |
---|
377 | $findPhpgwaccount = true; |
---|
378 | } |
---|
379 | } |
---|
380 | if(!$findPhpgwaccount) |
---|
381 | { |
---|
382 | $ldap_add['objectclass'] = 'phpgwaccount'; |
---|
383 | $ldap_add['phpgwaccounttype'] = 'u'; |
---|
384 | } |
---|
385 | |
---|
386 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
387 | // REPLACE some attributes |
---|
388 | if ($diff['givenname']) |
---|
389 | { |
---|
390 | $ldap_mod_replace['givenname'] = $new_values['givenname']; |
---|
391 | $ldap_mod_replace['cn'] = $new_values['givenname'] . ' ' . $new_values['sn']; |
---|
392 | $this->db_functions->write_log("alterado givenname do usuario",'',$dn,'',''); |
---|
393 | } |
---|
394 | if ($diff['sn']) |
---|
395 | { |
---|
396 | $ldap_mod_replace['sn'] = $new_values['sn']; |
---|
397 | $ldap_mod_replace['cn'] = $new_values['givenname'] . ' ' . $new_values['sn']; |
---|
398 | $this->db_functions->write_log("altera$ldap_mod_do sn do usuario",'',$dn,'',''); |
---|
399 | } |
---|
400 | if ($diff['mail']) |
---|
401 | { |
---|
402 | $ldap_mod_replace['mail'] = $new_values['mail']; |
---|
403 | $this->ldap_functions->replace_user2maillists($new_values['mail'], $old_values['mail']); |
---|
404 | $this->ldap_functions->replace_mail_from_institutional_account($new_values['mail'], $old_values['mail']); |
---|
405 | $this->db_functions->write_log("alterado mail do usuario",'',$dn,'',''); |
---|
406 | } |
---|
407 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
408 | // Passwd Expired - Com atributo |
---|
409 | // |
---|
410 | // if (($old_values['passwd_expired'] != '') && ($new_values['passwd_expired'] == '1')) |
---|
411 | // { |
---|
412 | // $ldap_mod_replace['phpgwaccountexpires'] = '0'; |
---|
413 | // $this->db_functions->write_log("Expirado senha do usuï¿œrio",'',$dn,'',''); |
---|
414 | // } |
---|
415 | //alterando a expiracao |
---|
416 | if (($diff['password1']) || ($new_values['passwd_expired'] == '1')) |
---|
417 | { |
---|
418 | if(isset($GLOBALS['phpgw_info']['server']['atributoexpiracao'])) |
---|
419 | { |
---|
420 | if(substr($old_values['atributoexpiracao'],-1,1)=="Z") |
---|
421 | { |
---|
422 | ###quando a data de expiracao estah no formato yyyymmddhhmmssZ |
---|
423 | $ldap_mod_replace[$GLOBALS['phpgw_info']['server']['atributoexpiracao']] = '19800101000000Z'; |
---|
424 | } |
---|
425 | else |
---|
426 | { |
---|
427 | ###Outro atributo ldap que, assim como o phpgwaccountexpires, também contém hora em formato unix |
---|
428 | $ldap_mod_replace[$GLOBALS['phpgw_info']['server']['atributoexpiracao']] = '0'; |
---|
429 | } |
---|
430 | } |
---|
431 | else |
---|
432 | { |
---|
433 | $ldap_mod_replace['phpgwaccountexpires'] = '0'; |
---|
434 | } |
---|
435 | } |
---|
436 | } |
---|
437 | if ( ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users')) || |
---|
438 | ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'change_users_password')) ) |
---|
439 | { |
---|
440 | if ($diff['password1']) |
---|
441 | { |
---|
442 | switch ($this->current_config['expressoAdmin_passwordCrypt']) |
---|
443 | { |
---|
444 | case "md5": |
---|
445 | $ldap_mod_replace['userPassword'] = '{md5}'.base64_encode(pack("H*",md5($new_values['password1']))); |
---|
446 | break; |
---|
447 | case "plain": |
---|
448 | $ldap_mod_replace['userPassword'] = $new_values['password1']; |
---|
449 | break; |
---|
450 | default: |
---|
451 | $ldap_mod_replace['userPassword'] = '{md5}'.base64_encode(pack("H*",md5($new_values['password1']))); |
---|
452 | } |
---|
453 | // Suporte ao SAMBA |
---|
454 | if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on')) |
---|
455 | { |
---|
456 | $ldap_mod_replace['sambaLMPassword'] = exec('/home/expressolivre/mkntpwd -L '.$new_values['password1']); |
---|
457 | $ldap_mod_replace['sambaNTPassword'] = exec('/home/expressolivre/mkntpwd -N '.$new_values['password1']); |
---|
458 | } |
---|
459 | // Gerenciar senhas RFC2617 |
---|
460 | if ($this->current_config['expressoAdmin_userPasswordRFC2617'] == 'true') |
---|
461 | { |
---|
462 | $realm = $this->current_config['expressoAdmin_realm_userPasswordRFC2617']; |
---|
463 | $uid = $new_values['uid']; |
---|
464 | $password = $new_values['password1']; |
---|
465 | $passUserRFC2617 = $realm . ': ' . md5("$uid:$realm:$password"); |
---|
466 | |
---|
467 | if ($old_values['userPasswordRFC2617'] != '') |
---|
468 | $ldap_mod_replace['userPasswordRFC2617'] = $passUserRFC2617; |
---|
469 | else |
---|
470 | $ldap_add['userPasswordRFC2617'] = $passUserRFC2617; |
---|
471 | } |
---|
472 | $this->db_functions->write_log("alterado password do usuario",'',$dn,'',''); |
---|
473 | } |
---|
474 | } |
---|
475 | if ( ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users')) || |
---|
476 | ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users_phonenumber')) ) |
---|
477 | { |
---|
478 | // if (($diff['telephonenumber']) && ($old_values['telephonenumber'] != '')) |
---|
479 | // { |
---|
480 | // $ldap_mod_replace['telephonenumber'] = $new_values['telephonenumber']; |
---|
481 | // $this->db_functions->write_log("alterado telephonenumber do usuario",'',$dn,'',''); |
---|
482 | // } |
---|
483 | } |
---|
484 | |
---|
485 | // REPLACE, ADD & REMOVE COPORATIVEs ATRIBUTES |
---|
486 | // Verifica o acesso do gerente aos atributos corporativos |
---|
487 | |
---|
488 | if ( ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users')) || |
---|
489 | ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'manipulate_corporative_information')) ) |
---|
490 | { |
---|
491 | foreach ($new_values as $atribute=>$value) |
---|
492 | { |
---|
493 | $pos = strstr($atribute, 'corporative_information_'); |
---|
494 | if ($pos !== false) |
---|
495 | { |
---|
496 | $ldap_atribute = str_replace("corporative_information_", "", $atribute); |
---|
497 | // REPLACE ATTRS OF CORPORATIVE |
---|
498 | if (($diff[$atribute]) && ($old_values[$atribute] != '')) |
---|
499 | { |
---|
500 | $ldap_atribute = str_replace("corporative_information_", "", $atribute); |
---|
501 | $ldap_mod_replace[$ldap_atribute] = $new_values[$atribute]; |
---|
502 | $this->db_functions->write_log("alterado $ldap_atribute do usuario",'',$dn,'',''); |
---|
503 | } |
---|
504 | //ADD ATTRS OF CORPORATIVE |
---|
505 | elseif (($old_values[$atribute] == '') && ($new_values[$atribute] != '')) |
---|
506 | { |
---|
507 | $ldap_add[$ldap_atribute] = $new_values[$atribute]; |
---|
508 | $this->db_functions->write_log("adicionado $ldap_atribute ao usuario",'',$dn,'',''); |
---|
509 | } |
---|
510 | //REMOVE ATTRS OF CORPORATIVE |
---|
511 | elseif (($old_values[$atribute] != '') && ($new_values[$atribute] == '')) |
---|
512 | { |
---|
513 | $ldap_remove[$ldap_atribute] = array(); |
---|
514 | $this->db_functions->write_log("removido $ldap_atribute do usuario",'',$dn,'',''); |
---|
515 | } |
---|
516 | } |
---|
517 | } |
---|
518 | } |
---|
519 | //Suporte ao SAMBA |
---|
520 | if ( ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users')) || |
---|
521 | ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_sambausers_attributes')) ) |
---|
522 | { |
---|
523 | if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on')) |
---|
524 | { |
---|
525 | if ($diff['sambaacctflags']) |
---|
526 | { |
---|
527 | $ldap_mod_replace['sambaacctflags'] = $new_values['sambaacctflags']; |
---|
528 | $this->db_functions->write_log("alterado sambaacctflags do usuario",'',$dn,'',''); |
---|
529 | } |
---|
530 | if ($diff['sambalogonscript']) |
---|
531 | { |
---|
532 | $ldap_mod_replace['sambalogonscript'] = $new_values['sambalogonscript']; |
---|
533 | $this->db_functions->write_log("alterado sambalogonscript do usuario",'',$dn,'',''); |
---|
534 | } |
---|
535 | if ($diff['sambahomedirectory']) |
---|
536 | { |
---|
537 | $ldap_mod_replace['homedirectory'] = $new_values['sambahomedirectory']; |
---|
538 | $this->db_functions->write_log("alterado homedirectory do usuario",'',$dn,'',''); |
---|
539 | } |
---|
540 | if ($diff['sambadomain']) |
---|
541 | { |
---|
542 | $ldap_mod_replace['sambaSID'] = $diff['sambadomain'] . '-' . ((2 * $old_values['uidnumber'])+1000); |
---|
543 | $ldap_mod_replace['sambaPrimaryGroupSID'] = $diff['sambadomain'] . '-' . ((2 * $old_values['gidnumber'])+1001); |
---|
544 | $this->db_functions->write_log("alterado dominio samba do usuario $dn para " . $params['sambadomain'],'',$dn,'',''); |
---|
545 | } |
---|
546 | } |
---|
547 | } |
---|
548 | |
---|
549 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
550 | // ADD or REMOVE some attributes |
---|
551 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
552 | |
---|
553 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
554 | // PHOTO |
---|
555 | if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users_picture')) |
---|
556 | { |
---|
557 | if ($new_values['delete_photo']) |
---|
558 | { |
---|
559 | $this->ldap_functions->ldap_remove_photo($dn); |
---|
560 | $this->db_functions->write_log("removido jpegphoto do usuario",'',$dn,'',''); |
---|
561 | } |
---|
562 | elseif ($_FILES['photo']['name'] != '') |
---|
563 | { |
---|
564 | |
---|
565 | if ($_FILES['photo']['size'] > 10000) |
---|
566 | { |
---|
567 | $return['status'] = false; |
---|
568 | $return['msg'] .= 'Foto do usuário não foi salva, pois excede o tamanho máximo de 10 kb.'; |
---|
569 | } |
---|
570 | else |
---|
571 | { |
---|
572 | if ($new_values['photo_exist']) |
---|
573 | { |
---|
574 | $photo_exist = true; |
---|
575 | $this->db_functions->write_log("substituido jpegphoto do usuario",'',$dn,'',''); |
---|
576 | } |
---|
577 | else |
---|
578 | { |
---|
579 | $photo_exist = false; |
---|
580 | $this->db_functions->write_log("adicionado jpegphoto ao usuario",'',$dn,'',''); |
---|
581 | } |
---|
582 | $this->ldap_functions->ldap_save_photo($dn, $_FILES['photo']['tmp_name'], $new_values['photo_exist'], $photo_exist); |
---|
583 | } |
---|
584 | } |
---|
585 | } |
---|
586 | |
---|
587 | // Verifica o acesso pï¿œra adicionar ou remover atributos |
---|
588 | if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users')) |
---|
589 | { |
---|
590 | ////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
591 | // Unidade Organizacional |
---|
592 | if (($old_values['ou'] == '') && ($new_values['ou'] != '')) |
---|
593 | { |
---|
594 | $ldap_add['ou'] = $new_values['ou']; |
---|
595 | $this->db_functions->write_log("modificado a OU do usuario",'',$dn,'',''); |
---|
596 | } |
---|
597 | if (($old_values['ou'] != '') && ($new_values['ou'] == '')) |
---|
598 | { |
---|
599 | $ldap_remove['ou'] = array(); |
---|
600 | $this->db_functions->write_log("removido a OU do usuario",'',$dn,'',''); |
---|
601 | } |
---|
602 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
603 | // Passwd Expired - Sem atributo |
---|
604 | // if (($old_values['passwd_expired'] == '') && ($new_values['passwd_expired'] == '1')) |
---|
605 | // { |
---|
606 | // $ldap_add['phpgwaccountexpires'] = '0'; |
---|
607 | // $this->db_functions->write_log("Expirado senha do usuï¿œrio",'',$dn,'',''); |
---|
608 | // } |
---|
609 | // if (($old_values['passwd_expired'] == '0') && ($new_values['passwd_expired'] == '')) |
---|
610 | // { |
---|
611 | // $ldap_remove['phpgwaccountexpires'] = array(); |
---|
612 | // $this->db_functions->write_log("Removido expiraᅵᅵo da senha do usuᅵrio",'',$dn,'',''); |
---|
613 | // } |
---|
614 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
615 | // PREF_CHANGEPASSWORD |
---|
616 | if (($old_values['changepassword'] == '') && ($new_values['changepassword'] != '')) |
---|
617 | { |
---|
618 | $this->db_functions->add_pref_changepassword($new_values['uidnumber']); |
---|
619 | $this->db_functions->write_log("adicionado changepassword ao usuario",'',$dn,'',''); |
---|
620 | } |
---|
621 | if (($old_values['changepassword'] != '') && ($new_values['changepassword'] == '')) |
---|
622 | { |
---|
623 | $this->db_functions->remove_pref_changepassword($new_values['uidnumber']); |
---|
624 | $this->db_functions->write_log("removido changepassword do usuario",'',$dn,'',''); |
---|
625 | } |
---|
626 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
627 | // ACCOUNT STATUS |
---|
628 | if (($old_values['phpgwaccountstatus'] == '') && ($new_values['phpgwaccountstatus'] != '')) |
---|
629 | { |
---|
630 | $ldap_add['phpgwaccountstatus'] = 'A'; |
---|
631 | $this->db_functions->write_log("ativado conta do usuario",'',$dn,'',''); |
---|
632 | } |
---|
633 | if (($old_values['phpgwaccountstatus'] != '') && ($new_values['phpgwaccountstatus'] == '')) |
---|
634 | { |
---|
635 | $ldap_remove['phpgwaccountstatus'] = array(); |
---|
636 | $this->db_functions->write_log("desativado conta do usuario",'',$dn,'',''); |
---|
637 | } |
---|
638 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
639 | // ACCOUNT VISIBLE |
---|
640 | if (($old_values['phpgwaccountvisible'] == '') && ($new_values['phpgwaccountvisible'] != '')) |
---|
641 | { |
---|
642 | $ldap_add['phpgwaccountvisible'] = '-1'; |
---|
643 | $this->db_functions->write_log("adicionado phpgwaccountvisible ao usuario",'',$dn,'',''); |
---|
644 | } |
---|
645 | if (($old_values['phpgwaccountvisible'] != '') && ($new_values['phpgwaccountvisible'] == '')) |
---|
646 | { |
---|
647 | $ldap_remove['phpgwaccountvisible'] = array(); |
---|
648 | $this->db_functions->write_log("removido phpgwaccountvisible ao usuario",'',$dn,'',''); |
---|
649 | } |
---|
650 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
651 | // Mail Account STATUS |
---|
652 | if (($old_values['accountstatus'] == '') && ($new_values['accountstatus'] != '')) |
---|
653 | { |
---|
654 | $ldap_add['accountstatus'] = 'active'; |
---|
655 | $this->db_functions->write_log("ativado conta de email do usuario",'',$dn,'',''); |
---|
656 | } |
---|
657 | if (($old_values['accountstatus'] != '') && ($new_values['accountstatus'] == '')) |
---|
658 | { |
---|
659 | $ldap_remove['accountstatus'] = array(); |
---|
660 | $this->db_functions->write_log("desativado conta de email do usuario",'',$dn,'',''); |
---|
661 | } |
---|
662 | |
---|
663 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
664 | // MAILALTERNATEADDRESS |
---|
665 | if (!$new_values['mailalternateaddress']) |
---|
666 | $new_values['mailalternateaddress'] = array(); |
---|
667 | if (!$old_values['mailalternateaddress']) |
---|
668 | $old_values['mailalternateaddress'] = array(); |
---|
669 | $add_mailalternateaddress = array_diff($new_values['mailalternateaddress'], $old_values['mailalternateaddress']); |
---|
670 | $remove_mailalternateaddress = array_diff($old_values['mailalternateaddress'], $new_values['mailalternateaddress']); |
---|
671 | foreach ($add_mailalternateaddress as $index=>$mailalternateaddress) |
---|
672 | { |
---|
673 | if ($mailalternateaddress != '') |
---|
674 | { |
---|
675 | $ldap_add['mailalternateaddress'][] = $mailalternateaddress; |
---|
676 | $this->db_functions->write_log("adicionado mailalternateaddress $mailalternateaddress ao usuario $dn",'',$dn,'',''); |
---|
677 | } |
---|
678 | } |
---|
679 | foreach ($remove_mailalternateaddress as $index=>$mailalternateaddress) |
---|
680 | { |
---|
681 | if ($mailalternateaddress != '') |
---|
682 | { |
---|
683 | if ($index !== 'count') |
---|
684 | { |
---|
685 | $ldap_remove['mailalternateaddress'][] = $mailalternateaddress; |
---|
686 | $this->db_functions->write_log("removido mailalternateaddress $mailalternateaddress do usuario $dn",'',$dn,'',''); |
---|
687 | } |
---|
688 | } |
---|
689 | } |
---|
690 | |
---|
691 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
692 | // MAILFORWARDINGADDRESS |
---|
693 | if (!$new_values['mailforwardingaddress']) |
---|
694 | $new_values['mailforwardingaddress'] = array(); |
---|
695 | if (!$old_values['mailforwardingaddress']) |
---|
696 | $old_values['mailforwardingaddress'] = array(); |
---|
697 | $add_mailforwardingaddress = array_diff($new_values['mailforwardingaddress'], $old_values['mailforwardingaddress']); |
---|
698 | $remove_mailforwardingaddress = array_diff($old_values['mailforwardingaddress'], $new_values['mailforwardingaddress']); |
---|
699 | foreach ($add_mailforwardingaddress as $index=>$mailforwardingaddress) |
---|
700 | { |
---|
701 | if ($mailforwardingaddress != '') |
---|
702 | { |
---|
703 | $ldap_add['mailforwardingaddress'][] = $mailforwardingaddress; |
---|
704 | $this->db_functions->write_log("adicionado mailforwardingaddress $mailforwardingaddress ao usuario $dn",'',$dn,'',''); |
---|
705 | } |
---|
706 | } |
---|
707 | foreach ($remove_mailforwardingaddress as $index=>$mailforwardingaddress) |
---|
708 | { |
---|
709 | if ($mailforwardingaddress != '') |
---|
710 | { |
---|
711 | if ($index !== 'count') |
---|
712 | { |
---|
713 | $ldap_remove['mailforwardingaddress'][] = $mailforwardingaddress; |
---|
714 | $this->db_functions->write_log("removido mailforwardingaddress $mailforwardingaddress do usuario $dn",'',$dn,'',''); |
---|
715 | } |
---|
716 | } |
---|
717 | } |
---|
718 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
719 | // ACCOUNTOWNERS |
---|
720 | if (!$new_values['accountOwners']) |
---|
721 | $new_values['accountOwners'] = array(); |
---|
722 | if (!$old_values['accountOwners']) |
---|
723 | $old_values['accountOwners'] = array(); |
---|
724 | $add_accountOwners = array_diff($new_values['accountOwners'], $old_values['accountOwners']); |
---|
725 | $remove_accountOwners = array_diff($old_values['accountOwners'], $new_values['accountOwners']); |
---|
726 | foreach ($add_accountOwners as $index=>$accountOwners) |
---|
727 | { |
---|
728 | if ($accountOwners != '') |
---|
729 | { |
---|
730 | $ldap_add['responsavel'][] = $accountOwners; |
---|
731 | $this->db_functions->write_log("adicionado responsavel $accountOwners ao usuario $dn",'',$dn,'',''); |
---|
732 | } |
---|
733 | } |
---|
734 | foreach ($remove_accountOwners as $index=>$accountOwners) |
---|
735 | { |
---|
736 | if ($accountOwners != '') |
---|
737 | { |
---|
738 | if ($index !== 'count') |
---|
739 | { |
---|
740 | $ldap_remove['responsavel'][] = $accountOwners; |
---|
741 | $this->db_functions->write_log("removido responsavel $accountOwners do usuario $dn",'',$dn,'',''); |
---|
742 | } |
---|
743 | } |
---|
744 | } |
---|
745 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
746 | // Delivery Mode |
---|
747 | if (($old_values['deliverymode'] == '') && ($new_values['deliverymode'] != '')) |
---|
748 | { |
---|
749 | $ldap_add['deliverymode'] = 'forwardOnly'; |
---|
750 | $this->db_functions->write_log("adicionado forwardOnly ao usuario",'',$dn,'',''); |
---|
751 | } |
---|
752 | if (($old_values['deliverymode'] != '') && ($new_values['deliverymode'] == '')) |
---|
753 | { |
---|
754 | $ldap_remove['deliverymode'] = array(); |
---|
755 | $this->db_functions->write_log("removido forwardOnly ao usuario",'',$dn,'',''); |
---|
756 | } |
---|
757 | } |
---|
758 | |
---|
759 | if ( ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users')) || |
---|
760 | ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'change_users_quote')) ) |
---|
761 | { |
---|
762 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
763 | // MAILQUOTA |
---|
764 | if ($diff['mailquota']) |
---|
765 | { |
---|
766 | $this->imap_functions->change_user_quota($new_values['uid'], $new_values['mailquota']); |
---|
767 | $this->db_functions->write_log("alterado cota do usuario",'',$dn,'',''); |
---|
768 | } |
---|
769 | } |
---|
770 | |
---|
771 | if ( ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users')) || |
---|
772 | ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_sambausers_attributes')) ) |
---|
773 | { |
---|
774 | ////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
775 | // REMOVE ATTRS OF SAMBA |
---|
776 | if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] != 'on')) |
---|
777 | { |
---|
778 | $ldap_remove['objectclass'] = 'sambaSamAccount'; |
---|
779 | $ldap_remove['loginShell'] = array(); |
---|
780 | $ldap_remove['sambaSID'] = array(); |
---|
781 | $ldap_remove['sambaPrimaryGroupSID'] = array(); |
---|
782 | $ldap_remove['sambaAcctFlags'] = array(); |
---|
783 | $ldap_remove['sambaLogonScript'] = array(); |
---|
784 | $ldap_remove['sambaLMPassword'] = array(); |
---|
785 | $ldap_remove['sambaNTPassword'] = array(); |
---|
786 | $ldap_remove['sambaPasswordHistory'] = array(); |
---|
787 | $ldap_remove['sambaPwdCanChange'] = array(); |
---|
788 | $ldap_remove['sambaPwdLastSet'] = array(); |
---|
789 | $ldap_remove['sambaPwdMustChange'] = array(); |
---|
790 | $this->db_functions->write_log("removido atributos samba do usuario.",'',$dn,'',''); |
---|
791 | } |
---|
792 | ////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
793 | // ADD ATTRS OF SAMBA |
---|
794 | if (($this->current_config['expressoAdmin_samba_support'] == 'true') && (!$new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on')) |
---|
795 | { |
---|
796 | //Verifica se o binario para criar as senhas do samba exite. |
---|
797 | if (!is_file('/home/expressolivre/mkntpwd')) |
---|
798 | { |
---|
799 | $return['status'] = false; |
---|
800 | $return['msg'] .= "O arquivo binário /home/expressolivre/mkntpwd não exite.\\nEle é necessário para a criação das senhas usadas pelo SAMBA.\\nInforme o administrador Expresso.\\n"; |
---|
801 | } |
---|
802 | else |
---|
803 | { |
---|
804 | $ldap_add['objectClass'][] = 'sambaSamAccount'; |
---|
805 | $ldap_mod_replace['loginShell'] = '/bin/bash'; |
---|
806 | $ldap_add['sambaSID'] = $new_values['sambadomain'] . '-' . ((2 * $new_values['uidnumber'])+1000); |
---|
807 | $ldap_add['sambaPrimaryGroupSID'] = $new_values['sambadomain'] . '-' . ((2 * $new_values['gidnumber'])+1001); |
---|
808 | $ldap_add['sambaAcctFlags'] = $new_values['sambaacctflags']; |
---|
809 | $ldap_add['sambaLogonScript'] = $new_values['sambalogonscript']; |
---|
810 | $ldap_mod_replace['homeDirectory'] = $new_values['sambahomedirectory']; |
---|
811 | $ldap_add['sambaLMPassword'] = exec('/home/expressolivre/mkntpwd -L '.'senha'); |
---|
812 | $ldap_add['sambaNTPassword'] = exec('/home/expressolivre/mkntpwd -N '.'senha'); |
---|
813 | $ldap_add['sambaPasswordHistory'] = '0000000000000000000000000000000000000000000000000000000000000000'; |
---|
814 | $ldap_add['sambaPwdCanChange'] = strtotime("now"); |
---|
815 | $ldap_add['sambaPwdLastSet'] = strtotime("now"); |
---|
816 | $ldap_add['sambaPwdMustChange'] = '2147483647'; |
---|
817 | $this->db_functions->write_log("adicionado atributos samba do usuario.",'',$dn,'',''); |
---|
818 | } |
---|
819 | } |
---|
820 | } |
---|
821 | |
---|
822 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
823 | // GROUPS |
---|
824 | if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users')) |
---|
825 | { |
---|
826 | if (!$new_values['groups']) |
---|
827 | $new_values['groups'] = array(); |
---|
828 | if (!$old_values['groups']) |
---|
829 | $old_values['groups'] = array(); |
---|
830 | |
---|
831 | $add_groups = array_diff($new_values['groups'], $old_values['groups']); |
---|
832 | $remove_groups = array_diff($old_values['groups'], $new_values['groups']); |
---|
833 | |
---|
834 | if (count($add_groups)>0) |
---|
835 | { |
---|
836 | foreach($add_groups as $gidnumber) |
---|
837 | { |
---|
838 | $this->db_functions->add_user2group($gidnumber, $new_values['uidnumber']); |
---|
839 | $this->ldap_functions->add_user2group($gidnumber, $new_values['uid']); |
---|
840 | $this->db_functions->write_log("adicionado usuario ao grupo $gidnumber.",'',$dn,'',''); |
---|
841 | } |
---|
842 | } |
---|
843 | |
---|
844 | if (count($remove_groups)>0) |
---|
845 | { |
---|
846 | foreach($remove_groups as $gidnumber) |
---|
847 | { |
---|
848 | foreach($old_values['groups_info'] as $group) |
---|
849 | { |
---|
850 | if (($group['gidnumber'] == $gidnumber) && ($group['group_disabled'] == 'false')) |
---|
851 | { |
---|
852 | $this->db_functions->remove_user2group($gidnumber, $new_values['uidnumber']); |
---|
853 | $this->ldap_functions->remove_user2group($gidnumber, $new_values['uid']); |
---|
854 | $this->db_functions->write_log("removido usuario do grupo $gidnumber.",'',$dn,'',''); |
---|
855 | } |
---|
856 | } |
---|
857 | } |
---|
858 | } |
---|
859 | |
---|
860 | // if ($diff['gidnumber']) |
---|
861 | // { |
---|
862 | // $ldap_mod_replace['gidnumber'] = $new_values['gidnumber']; |
---|
863 | // if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($new_values['userSamba']) && ($new_values['use_attrs_samba'] == 'on')) |
---|
864 | // { |
---|
865 | // $ldap_mod_replace['sambaPrimaryGroupSID'] = $this->current_config['expressoAdmin_sambaSID'] . '-' . ((2 * $new_values['gidnumber'])+1001); |
---|
866 | // } |
---|
867 | // $this->db_functions->write_log("alterado gidnumber do usuario.",'',$dn,'',''); |
---|
868 | // } |
---|
869 | } |
---|
870 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
871 | // LDAP_MOD_REPLACE |
---|
872 | if (count($ldap_mod_replace)) |
---|
873 | { |
---|
874 | $result = $this->ldap_functions->replace_user_attributes($dn, $ldap_mod_replace); |
---|
875 | if (!$result['status']) |
---|
876 | { |
---|
877 | $return['status'] = false; |
---|
878 | $return['msg'] .= $result['msg']; |
---|
879 | } |
---|
880 | //Adaptacao para fazer o sistema escrever no atributo de expiracao depois que ja tiver alterado a senha |
---|
881 | if((isset($ldap_mod_replace['userpassword']))&&($GLOBALS['phpgw_info']['server']['politicasenhas']=='diretorio')) |
---|
882 | { |
---|
883 | sleep(1); |
---|
884 | $modifica[$GLOBALS['phpgw_info']['server']['atributoexpiracao']]=$ldap_mod_replace[$GLOBALS['phpgw_info']['server']['atributoexpiracao']]; |
---|
885 | $result = $this->ldap_functions->replace_user_attributes($dn, $modifica); |
---|
886 | } |
---|
887 | } |
---|
888 | |
---|
889 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
890 | // LDAP_MOD_ADD |
---|
891 | if (count($ldap_add)) |
---|
892 | { |
---|
893 | echo 'ldap-add<br>'; |
---|
894 | print_r($ldap_add); |
---|
895 | $result = $this->ldap_functions->add_user_attributes($dn, $ldap_add); |
---|
896 | if (!$result['status']) |
---|
897 | { |
---|
898 | $return['status'] = false; |
---|
899 | $return['msg'] .= $result['msg']; |
---|
900 | } |
---|
901 | } |
---|
902 | |
---|
903 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
904 | // LDAP_MOD_REMOVE |
---|
905 | if (count($ldap_remove)) |
---|
906 | { |
---|
907 | echo 'ldap-remove<br>'; |
---|
908 | print_r($ldap_remove); |
---|
909 | $result = $this->ldap_functions->remove_user_attributes($dn, $ldap_remove); |
---|
910 | if (!$result['status']) |
---|
911 | { |
---|
912 | $return['status'] = false; |
---|
913 | $return['msg'] .= $result['msg']; |
---|
914 | } |
---|
915 | } |
---|
916 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
917 | |
---|
918 | |
---|
919 | if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_users')) |
---|
920 | { |
---|
921 | //////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
922 | // MAILLISTS |
---|
923 | if (!$new_values['maillists']) |
---|
924 | $new_values['maillists'] = array(); |
---|
925 | if (!$old_values['maillists']) |
---|
926 | $old_values['maillists'] = array(); |
---|
927 | |
---|
928 | $add_maillists = array_diff($new_values['maillists'], $old_values['maillists']); |
---|
929 | $remove_maillists = array_diff($old_values['maillists'], $new_values['maillists']); |
---|
930 | |
---|
931 | if (count($add_maillists)>0) |
---|
932 | { |
---|
933 | foreach($add_maillists as $uid) |
---|
934 | { |
---|
935 | $this->ldap_functions->add_user2maillist($uid, $new_values['mail']); |
---|
936 | $this->db_functions->write_log("adicionado usuario a maillist $uid.",'',$dn,'',''); |
---|
937 | } |
---|
938 | } |
---|
939 | /* |
---|
940 | echo '<pre>'; |
---|
941 | print_r($old_values['maillists']); |
---|
942 | print_r($new_values['maillists']); |
---|
943 | */ |
---|
944 | |
---|
945 | if (count($remove_maillists)>0) |
---|
946 | { |
---|
947 | foreach($remove_maillists as $uid) |
---|
948 | { |
---|
949 | $this->ldap_functions->remove_user2maillist($uid, $new_values['mail']); |
---|
950 | $this->db_functions->write_log("removido usuario da maillist $uid.",'',$dn,'',''); |
---|
951 | } |
---|
952 | } |
---|
953 | |
---|
954 | ////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
955 | // APPS |
---|
956 | $new_values2 = array(); |
---|
957 | $old_values2 = array(); |
---|
958 | if (count($new_values['apps'])>0) |
---|
959 | { |
---|
960 | foreach ($new_values['apps'] as $app=>$tmp) |
---|
961 | { |
---|
962 | $new_values2[] = $app; |
---|
963 | } |
---|
964 | } |
---|
965 | if (count($old_values['apps'])>0) |
---|
966 | { |
---|
967 | foreach ($old_values['apps'] as $app=>$tmp) |
---|
968 | { |
---|
969 | $old_values2[] = $app; |
---|
970 | } |
---|
971 | } |
---|
972 | $add_apps = array_flip(array_diff($new_values2, $old_values2)); |
---|
973 | $remove_apps = array_flip(array_diff($old_values2, $new_values2)); |
---|
974 | |
---|
975 | if (count($add_apps)>0) |
---|
976 | { |
---|
977 | $this->db_functions->add_id2apps($new_values['uidnumber'], $add_apps); |
---|
978 | |
---|
979 | foreach ($add_apps as $app => $index) |
---|
980 | $this->db_functions->write_log("Adicionado aplicativo $app ao usuário $dn",'',$dn,'',''); |
---|
981 | } |
---|
982 | if (count($remove_apps)>0) |
---|
983 | { |
---|
984 | //Verifica se o gerente tem acesso a aplicação antes de removê-la do usuario. |
---|
985 | $manager_apps = $this->db_functions->get_apps($_SESSION['phpgw_info']['expresso']['user']['account_lid']); |
---|
986 | |
---|
987 | foreach ($remove_apps as $app => $app_index) |
---|
988 | { |
---|
989 | if ($manager_apps[$app] == 'run') |
---|
990 | $remove_apps2[$app] = $app_index; |
---|
991 | } |
---|
992 | $this->db_functions->remove_id2apps($new_values['uidnumber'], $remove_apps2); |
---|
993 | |
---|
994 | foreach ($remove_apps2 as $app => $access) |
---|
995 | $this->db_functions->write_log("Removido aplicativo $app do usuï¿œrio $dn",'',$dn,'',''); |
---|
996 | } |
---|
997 | ////////////////////////////////////////////////////////////////////////////////////////////////////////////////// |
---|
998 | } |
---|
999 | return $return; |
---|
1000 | } |
---|
1001 | function get_user_info($uidnumber) |
---|
1002 | { |
---|
1003 | $user_info_ldap = $this->ldap_functions->get_user_info($uidnumber); |
---|
1004 | $user_info_db1 = $this->db_functions->get_user_info($uidnumber); |
---|
1005 | $user_info_db2 = $this->ldap_functions->gidnumbers2cn($user_info_db1['groups']); |
---|
1006 | $user_info_imap = $this->imap_functions->get_user_info($user_info_ldap['uid']); |
---|
1007 | $user_info = array_merge($user_info_ldap, $user_info_db1, $user_info_db2, $user_info_imap); |
---|
1008 | return $user_info; |
---|
1009 | } |
---|
1010 | function set_user_default_password($params) |
---|
1011 | { |
---|
1012 | $return['status'] = true; |
---|
1013 | $uid = $params['uid']; |
---|
1014 | switch ($this->current_config['expressoAdmin_passwordCrypt']) |
---|
1015 | { |
---|
1016 | case "md5": |
---|
1017 | $defaultUserPassword = '{md5}'.base64_encode(pack("H*",md5($this->current_config['expressoAdmin_defaultUserPassword']))); |
---|
1018 | break; |
---|
1019 | case "plain": |
---|
1020 | $defaultUserPassword = $this->current_config['expressoAdmin_defaultUserPassword']; |
---|
1021 | break; |
---|
1022 | default: |
---|
1023 | $defaultUserPassword = '{md5}'.base64_encode(pack("H*",md5($this->current_config['expressoAdmin_defaultUserPassword']))); |
---|
1024 | } |
---|
1025 | //$defaultUserPassword = '{md5}'.base64_encode(pack("H*",md5($this->current_config['expressoAdmin_defaultUserPassword']))); |
---|
1026 | |
---|
1027 | if (!$this->db_functions->default_user_password_is_set($uid)) |
---|
1028 | { |
---|
1029 | $userPassword = $this->ldap_functions->set_user_password($uid, $defaultUserPassword); |
---|
1030 | $this->db_functions->set_user_password($uid, $userPassword); |
---|
1031 | } |
---|
1032 | else |
---|
1033 | { |
---|
1034 | $return['status'] = false; |
---|
1035 | $return['msg'] = 'Senha default já cadastrada!'; |
---|
1036 | } |
---|
1037 | |
---|
1038 | $this->db_functions->write_log('Setado senha default','',$uid,'',''); |
---|
1039 | |
---|
1040 | return $return; |
---|
1041 | } |
---|
1042 | function return_user_password($params) |
---|
1043 | { |
---|
1044 | $return['status'] = true; |
---|
1045 | $uid = $params['uid']; |
---|
1046 | |
---|
1047 | if ($this->db_functions->default_user_password_is_set($uid)) |
---|
1048 | { |
---|
1049 | $userPassword = $this->db_functions->get_user_password($uid); |
---|
1050 | $this->ldap_functions->set_user_password($uid, $userPassword); |
---|
1051 | } |
---|
1052 | else |
---|
1053 | { |
---|
1054 | $return['status'] = false; |
---|
1055 | $return['msg'] = 'Senha default não cadastrada!'; |
---|
1056 | } |
---|
1057 | |
---|
1058 | $this->db_functions->write_log('Retornado senha default','',$uid,'',''); |
---|
1059 | |
---|
1060 | return $return; |
---|
1061 | } |
---|
1062 | |
---|
1063 | function delete($params) |
---|
1064 | { |
---|
1065 | $return['status'] = true; |
---|
1066 | // Verifica o acesso do gerente |
---|
1067 | if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'delete_users')) |
---|
1068 | { |
---|
1069 | $uidnumber = $params['uidnumber']; |
---|
1070 | $user_info = $this->get_user_info($uidnumber); |
---|
1071 | //LDAP |
---|
1072 | $result_ldap = $this->ldap_functions->delete_user($user_info); |
---|
1073 | if (!$result_ldap['status']) |
---|
1074 | { |
---|
1075 | $return['status'] = false; |
---|
1076 | //$return['msg'] .= $result_ldap['msg']; |
---|
1077 | $return['msg'] .= "Exclusao do ldap: erro; |
---|
1078 | "; |
---|
1079 | $return['msg'] .= "Tentando remover apenas os atributos do Expresso: "; |
---|
1080 | $result_attributes = $this->ldap_functions->delete_expresso_attributes($user_info); |
---|
1081 | if (!$result_attributes['status']) |
---|
1082 | //$return['msg'] .= $result_attributes['msg']; |
---|
1083 | $return['msg'] .= "Nao foi possivel; |
---|
1084 | "; |
---|
1085 | else |
---|
1086 | $return['msg'] .= "OK; |
---|
1087 | "; |
---|
1088 | } |
---|
1089 | else |
---|
1090 | $return['msg'] .= "Exclusão do ldap: OK; |
---|
1091 | "; |
---|
1092 | //DB |
---|
1093 | $result_db = $this->db_functions->delete_user($user_info); |
---|
1094 | if (!$result_db['status']) |
---|
1095 | { |
---|
1096 | $return['status'] = false; |
---|
1097 | //$return['msg'] .= $result_db['msg']; |
---|
1098 | $return['msg'] .= "Exclusão no banco: erro; |
---|
1099 | "; |
---|
1100 | } |
---|
1101 | else |
---|
1102 | $return['msg'] .= "Exclusão no banco: OK; |
---|
1103 | "; |
---|
1104 | //IMAP |
---|
1105 | $result_imap = $this->imap_functions->account_exist($user_info['uid']); |
---|
1106 | if($result_imap) |
---|
1107 | { |
---|
1108 | $result_imap = $this->imap_functions->delete_user($user_info['uid']); |
---|
1109 | if (!$result_imap['status']) |
---|
1110 | { |
---|
1111 | $return['status'] = false; |
---|
1112 | //$return['msg'] .= $result_imap['msg']; |
---|
1113 | $return['msg'] .= "Exclusão da caixa: erros |
---|
1114 | "; |
---|
1115 | } |
---|
1116 | else |
---|
1117 | if((!$result_ldap['status'])||(!$result_imap['status'])) |
---|
1118 | $return['msg'] .= "Exclusão da caixa: OK. |
---|
1119 | "; |
---|
1120 | $this->db_functions->write_log('Excluido o usuario','',$user_info['uid'],'',''); |
---|
1121 | } |
---|
1122 | else |
---|
1123 | { |
---|
1124 | $return['status'] = false; |
---|
1125 | //$return['msg'] .= $result_imap['msg']; |
---|
1126 | $return['msg'] .= "Exclusão da caixa. A Caixa não existe. |
---|
1127 | "; |
---|
1128 | } |
---|
1129 | } |
---|
1130 | return $return; |
---|
1131 | } |
---|
1132 | |
---|
1133 | /* |
---|
1134 | function delete($params) |
---|
1135 | { |
---|
1136 | $return['status'] = true; |
---|
1137 | |
---|
1138 | // Verifica o acesso do gerente |
---|
1139 | if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'delete_users')) |
---|
1140 | { |
---|
1141 | $uidnumber = $params['uidnumber']; |
---|
1142 | $user_info = $this->get_user_info($uidnumber); |
---|
1143 | |
---|
1144 | //LDAP |
---|
1145 | $result_ldap = $this->ldap_functions->delete_user($user_info); |
---|
1146 | if (!$result_ldap['status']) |
---|
1147 | { |
---|
1148 | $return['status'] = false; |
---|
1149 | $return['msg'] .= $result_ldap['msg']; |
---|
1150 | } |
---|
1151 | else |
---|
1152 | { |
---|
1153 | //DB |
---|
1154 | $result_db = $this->db_functions->delete_user($user_info); |
---|
1155 | if (!$result_db['status']) |
---|
1156 | { |
---|
1157 | $return['status'] = false; |
---|
1158 | $return['msg'] .= $result_ldap['msg']; |
---|
1159 | } |
---|
1160 | |
---|
1161 | //IMAP |
---|
1162 | $result_imap = $this->imap_functions->delete_user($user_info['uid']); |
---|
1163 | if (!$result_imap['status']) |
---|
1164 | { |
---|
1165 | $return['status'] = false; |
---|
1166 | $return['msg'] .= $result_ldap['msg']; |
---|
1167 | } |
---|
1168 | $this->db_functions->write_log('deletado usuario','',$user_info['uid'],'',''); |
---|
1169 | } |
---|
1170 | } |
---|
1171 | |
---|
1172 | return $return; |
---|
1173 | } |
---|
1174 | */ |
---|
1175 | function rename($params) |
---|
1176 | { |
---|
1177 | |
---|
1178 | $return['status'] = true; |
---|
1179 | |
---|
1180 | // Verifica acesso do gerente (OU) ao tentar renomear um usuï¿œrio. |
---|
1181 | if ( ! $this->ldap_functions->check_access_to_renamed($params['uid']) ) |
---|
1182 | { |
---|
1183 | $return['status'] = false; |
---|
1184 | $return['msg'] .= 'Você não tem acesso para excluir este usuário.'; |
---|
1185 | return $return; |
---|
1186 | } |
---|
1187 | |
---|
1188 | // Verifica o acesso do gerente |
---|
1189 | if ($this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'rename_users')) |
---|
1190 | { |
---|
1191 | $uid = $params['uid']; |
---|
1192 | $new_uid = $params['new_uid']; |
---|
1193 | switch ($this->current_config['expressoAdmin_passwordCrypt']) |
---|
1194 | { |
---|
1195 | case "md5": |
---|
1196 | $defaultUserPassword = '{md5}'.base64_encode(pack("H*",md5($this->current_config['expressoAdmin_defaultUserPassword']))); |
---|
1197 | break; |
---|
1198 | case "plain": |
---|
1199 | $defaultUserPassword = $this->current_config['expressoAdmin_defaultUserPassword']; |
---|
1200 | break; |
---|
1201 | default: |
---|
1202 | $defaultUserPassword = '{md5}'.base64_encode(pack("H*",md5($this->current_config['expressoAdmin_defaultUserPassword']))); |
---|
1203 | } |
---|
1204 | |
---|
1205 | $defaultUserPassword_plain = $this->current_config['expressoAdmin_defaultUserPassword']; |
---|
1206 | |
---|
1207 | $emailadmin_profiles = $this->db_functions->get_sieve_info(); |
---|
1208 | $sieve_enable = $emailadmin_profiles[0]['imapenablesieve']; |
---|
1209 | $sieve_server = $emailadmin_profiles[0]['imapsieveserver']; |
---|
1210 | $sieve_port = $emailadmin_profiles[0]['imapsieveport']; |
---|
1211 | |
---|
1212 | $imap_admin = $_SESSION['phpgw_info']['expresso']['email_server']['imapAdminUsername']; |
---|
1213 | $imap_passwd = $_SESSION['phpgw_info']['expresso']['email_server']['imapAdminPW']; |
---|
1214 | $imap_server = $_SESSION['phpgw_info']['expresso']['email_server']['imapServer']; |
---|
1215 | $imap_port = $_SESSION['phpgw_info']['expresso']['email_server']['imapPort']; |
---|
1216 | $imapDelimiter = $_SESSION['phpgw_info']['expresso']['email_server']['imapDelimiter']; |
---|
1217 | |
---|
1218 | //Verifica se estᅵ sendo usuado cyrus 2.2 ou superior |
---|
1219 | $sk = fsockopen ($imap_server,$imap_port); |
---|
1220 | $server_resp = fread($sk, 100); |
---|
1221 | $tmp = split('v2.', $server_resp); |
---|
1222 | $cyrus_version = '2' . $tmp[1][0]; |
---|
1223 | //$is_cyrus22 = strpos($server_resp, "v2.2"); |
---|
1224 | |
---|
1225 | if ($cyrus_version > '21') |
---|
1226 | { |
---|
1227 | // Seta senha default |
---|
1228 | $user_password = $this->ldap_functions->set_user_password($uid, $defaultUserPassword); |
---|
1229 | |
---|
1230 | // Renomeia UID no openldap |
---|
1231 | $result = $this->ldap_functions->rename_uid($uid, $new_uid); |
---|
1232 | $new_dn = $result['new_dn']; |
---|
1233 | if (!$result['status']) |
---|
1234 | { |
---|
1235 | $return['status'] = false; |
---|
1236 | $return['msg'] .= "\n" . $result['msg']; |
---|
1237 | $return['msg'] .= "\nErro ao renomear usuário no LDAP. Processo interrompido."; |
---|
1238 | return $return; |
---|
1239 | } |
---|
1240 | |
---|
1241 | // Remove old UID do ldap |
---|
1242 | $user_info_mod_remove['uid'] = $uid; |
---|
1243 | $this->ldap_functions->remove_user_attributes($new_dn, $user_info_mod_remove); |
---|
1244 | |
---|
1245 | //Renomeia mailbox |
---|
1246 | $result = $this->imap_functions->rename_mailbox($uid, $new_uid); |
---|
1247 | if (!$result['status']) |
---|
1248 | { |
---|
1249 | $return['status'] = false; |
---|
1250 | $return['msg'] .= "\n" . $result['msg']; |
---|
1251 | $return['msg'] .= "\nErro ao renomear usuário no Cyrus. Processo interrompido."; |
---|
1252 | } |
---|
1253 | |
---|
1254 | // Renomeia sieve script |
---|
1255 | include_once('sieve-php.lib.php'); |
---|
1256 | $sieve=new sieve($sieve_server, $sieve_port, $new_uid, $defaultUserPassword_plain); |
---|
1257 | |
---|
1258 | if ($sieve->sieve_login()) |
---|
1259 | { |
---|
1260 | $sieve->sieve_listscripts(); |
---|
1261 | $myactivescript=$sieve->response["ACTIVE"]; |
---|
1262 | $sieve->sieve_getscript($myactivescript); |
---|
1263 | |
---|
1264 | $script = ''; |
---|
1265 | foreach($sieve->response as $result) |
---|
1266 | { |
---|
1267 | $script .= $result; |
---|
1268 | } |
---|
1269 | |
---|
1270 | $scriptname = $new_uid; |
---|
1271 | if($sieve->sieve_sendscript($new_uid,$script)) |
---|
1272 | { |
---|
1273 | if ($sieve->sieve_setactivescript($new_uid)) |
---|
1274 | { |
---|
1275 | $sieve->sieve_deletescript($myactivescript); |
---|
1276 | } |
---|
1277 | } |
---|
1278 | else |
---|
1279 | { |
---|
1280 | $return['status'] = false; |
---|
1281 | $return['msg'] .= $result['msg'] . "\nErro ao renomear script sieve, falha no envio do novo script."; |
---|
1282 | } |
---|
1283 | $sieve->sieve_logout(); |
---|
1284 | } |
---|
1285 | else |
---|
1286 | { |
---|
1287 | $return['status'] = false; |
---|
1288 | $return['msg'] .= $result['msg'] . "\nErro ao renomear script sieve, falha no Login."; |
---|
1289 | } |
---|
1290 | |
---|
1291 | // Retorna senha do usuï¿œrio |
---|
1292 | $this->ldap_functions->set_user_password($new_uid, $user_password); |
---|
1293 | |
---|
1294 | $this->db_functions->write_log('renomeado usuario',$new_uid,$uid,'',''); |
---|
1295 | |
---|
1296 | $return['exec_return'] = ""; |
---|
1297 | } |
---|
1298 | else |
---|
1299 | { |
---|
1300 | $return['status'] = false; |
---|
1301 | $return['msg'] .= "A renomeação de usuários só é permitida com o Cyrus versão 2.2 ou superior,"; |
---|
1302 | $return['msg'] .= "\ne com a opção 'allowusermoves: yes' configurado no imapd.conf."; |
---|
1303 | } |
---|
1304 | return $return; |
---|
1305 | } |
---|
1306 | } |
---|
1307 | |
---|
1308 | function write_log_from_ajax($params) |
---|
1309 | { |
---|
1310 | $this->db_functions->write_log($params['_action'],'',$params['userinfo'],'',''); |
---|
1311 | return true; |
---|
1312 | } |
---|
1313 | |
---|
1314 | |
---|
1315 | function validarCPF($cpf) |
---|
1316 | { |
---|
1317 | $nulos = array("12345678909","11111111111","22222222222","33333333333", |
---|
1318 | "44444444444","55555555555","66666666666","77777777777", |
---|
1319 | "88888888888","99999999999","00000000000"); |
---|
1320 | /* Retira todos os caracteres que nao sejam 0-9 */ |
---|
1321 | $cpf = ereg_replace("[^0-9]", "", $cpf); |
---|
1322 | |
---|
1323 | /*Retorna falso se houver letras no cpf */ |
---|
1324 | if (!(ereg("[0-9]",$cpf))) |
---|
1325 | return 0; |
---|
1326 | |
---|
1327 | /* Retorna falso se o cpf for nulo */ |
---|
1328 | if( in_array($cpf, $nulos) ) |
---|
1329 | return 0; |
---|
1330 | |
---|
1331 | /*Calcula o penúltimo dígito verificador*/ |
---|
1332 | $acum=0; |
---|
1333 | for($i=0; $i<9; $i++) { |
---|
1334 | $acum+= $cpf[$i]*(10-$i); |
---|
1335 | } |
---|
1336 | |
---|
1337 | $x=$acum % 11; |
---|
1338 | $acum = ($x>1) ? (11 - $x) : 0; |
---|
1339 | /* Retorna falso se o digito calculado eh diferente do passado na string */ |
---|
1340 | if ($acum != $cpf[9]){ |
---|
1341 | return 0; |
---|
1342 | } |
---|
1343 | /*Calcula o último dígito verificador*/ |
---|
1344 | $acum=0; |
---|
1345 | for ($i=0; $i<10; $i++){ |
---|
1346 | $acum+= $cpf[$i]*(11-$i); |
---|
1347 | } |
---|
1348 | |
---|
1349 | $x=$acum % 11; |
---|
1350 | $acum = ($x > 1) ? (11-$x) : 0; |
---|
1351 | /* Retorna falso se o digito calculado eh diferente do passado na string */ |
---|
1352 | if ( $acum != $cpf[10]){ |
---|
1353 | return 0; |
---|
1354 | } |
---|
1355 | /* Retorna verdadeiro se o cpf eh valido */ |
---|
1356 | return 1; |
---|
1357 | } |
---|
1358 | |
---|
1359 | } |
---|
1360 | ?> |
---|