Context Navigation

source: sandbox/expressoMail1_2/MailArchiver/2.2/expressoAdmin1_2/inc/class.ldap_functions.inc.php @ 4644

Revision 4644, 92.5 KB checked in by fernando-alberto, 13 years ago (diff)
Ticket #1269 - Mergiando revisoes do brach22 de rev4447 ate rev4643
Property svn:eol-style set to `native` Property svn:executable set to ``*

Line
1	<?php
2	define('PHPGW_INCLUDE_ROOT','../');
3	define('PHPGW_API_INC','../phpgwapi/inc');
4	include_once(PHPGW_API_INC.'/class.common.inc.php');
5	include_once('class.functions.inc.php');
6
7	function ldapRebind($ldap_connection, $ldap_url)
8	{
9	// Enquanto estivermos utilizando referral na arvore ldap, teremos que continuar a utilizar o usuário sistemas:expresso.
10	// Depois, quando não existir mais referral, não existirá a necessidade de ldapRebind.
11	//ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_master_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_master_root_pw']);
12	if ( ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
13	{
14	@ldap_bind($ldap_connection, $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'], $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw']);
15	}
16	}
17
18	class ldap_functions
19	{
20	var $ldap;
21	var $current_config;
22	var $functions;
23	var $manager_contexts;
24
25	function ldap_functions(){
26	$GLOBALS['phpgw_info']['server'] = $_SESSION['phpgw_info']['expresso']['server'];
27	$this->current_config = $_SESSION['phpgw_info']['expresso']['expressoAdmin'];
28	$common = new common();
29
30	if ( (!empty($GLOBALS['phpgw_info']['server']['ldap_master_host'])) &&
31	(!empty($GLOBALS['phpgw_info']['server']['ldap_master_root_dn'])) &&
32	(!empty($GLOBALS['phpgw_info']['server']['ldap_master_root_pw'])) )
33	{
34	$this->ldap = $common->ldapConnect($GLOBALS['phpgw_info']['server']['ldap_master_host'],
35	$GLOBALS['phpgw_info']['server']['ldap_master_root_dn'],
36	$GLOBALS['phpgw_info']['server']['ldap_master_root_pw']);
37	}
38	else
39	{
40	$this->ldap = $common->ldapConnect();
41	}
42
43	$this->functions = new functions;
44	$manager_acl = $this->functions->read_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid']);
45	$this->manager_contexts = $manager_acl['contexts'];
46	}
47
48	function create_shared_accounts($params)
49	{
50	/* Begin: Access verification */
51
52	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'add_shared_accounts'))
53	{
54	$return['status'] = false;
55	$return['msg'] = $this->functions->lang('You do not have right to create shared accounts') . ".";
56	return $return;
57	}
58
59	$access_granted = false;
60	foreach ($this->manager_contexts as $idx=>$manager_context)
61	{
62	if (stristr($params['context'], $manager_context))
63	{
64	$access_granted = true;
65	break;
66	}
67	}
68
69	if (!$access_granted)
70	{
71	$return['status'] = false;
72	$return['msg'] = $this->functions->lang('You do not have access to this organization') . ".";
73	return $return;
74	}
75	/* End: Access verification */
76
77
78	/* Begin: Validation */
79	if ( (empty($params['cn'])) \|\| (empty($params['mail'])) )
80	{
81	$result['status'] = false;
82	$result['msg'] = $this->functions->lang('Field mail or name is empty'); return $result;
83	}
84
85	if (! eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+$", $params['mail']) )
86	{
87	$result['status'] = false;
88	$result['msg'] = $this->functions->lang('Field mail is not formed correcty') . '.';
89	return $result;
90	}
91	$dn = "uid=$params[uid]," . $params['context'];
92	$filter = "(mail=".$params['mail'].")";
93	$justthese = array("cn");
94	$search = @ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
95	$entries = @ldap_get_entries($this->ldap,$search);
96	if ($entries['count'] != 0)
97	{
98	$result['status'] = false;
99	$result['msg'] = $this->functions->lang('Field mail already in use');
100	return $result;
101	}
102	/* End: Validation */
103
104	$info = array();
105	$info['cn'] = $params['cn'];
106	$info['sn'] = $params['cn'];
107	$info['uid'] = $params['uid'];
108	$info['mail'] = $params['mail'];
109	$info['description'] = utf8_encode($params['desc']);
110	$info['phpgwAccountType'] = 's';
111	$info['objectClass'][] = 'inetOrgPerson';
112	$info['objectClass'][] = 'phpgwAccount';
113	$info['objectClass'][] = 'top';
114	$info['objectClass'][] = 'person';
115	$info['objectClass'][] = 'qmailUser';
116	$info['objectClass'][] = 'organizationalPerson';
117
118	if ($params['accountStatus'] == 'on')
119	{
120	$info['accountStatus'] = 'active';
121	}
122	if ($params['phpgwAccountVisible'] == 'on')
123	{
124	$info['phpgwAccountVisible'] = '-1';
125	}
126
127	/*if (!empty($params['owners']))
128	{
129	foreach($params['owners'] as $index=>$uidnumber)
130	{
131	$info['mailForwardingAddress'][] = $this->uidnumber2mail($uidnumber);
132	}
133	}*/
134	$result = array();
135	//print_r($info);exit();
136	if (!@ldap_add ( $this->ldap, $dn, $info ))
137	{
138	$result['status'] = false;
139	$result['msg'] = $this->functions->lang('Error on function') . ' ldap_functions->create_shared_accounts';
140	$result['msg'] .= "\n" . $this->functions->lang('Server return') . ': ' . ldap_error($this->ldap);
141	}
142	else{
143	$result['status'] = true;
144	}
145	return $result;
146	}
147
148	/* expressoAdmin: email lists : deve utilizar o ldap Host Master com o usuario e senha do CC*/
149	/* ldap connection following referrals and using Master config, from setup */
150	function ldapMasterConnect()
151	{
152	/*
153	$common = new common();
154	if ( (!empty($GLOBALS['phpgw_info']['server']['ldap_master_host'])) &&
155	(!empty($GLOBALS['phpgw_info']['server']['ldap_master_root_dn'])) &&
156	(!empty($GLOBALS['phpgw_info']['server']['ldap_master_root_pw'])) )
157	{
158	$ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_master_host']);
159	ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
160	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
161	ldap_set_rebind_proc($ldap_connection, ldapRebind);
162	ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_master_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_master_root_pw']);
163	}
164	else
165	{
166	$ldap_connection = $common->ldapConnect($GLOBALS['phpgw_info']['server']['ldap_host'],
167	$GLOBALS['phpgw_info']['server']['ldap_root_dn'],
168	$GLOBALS['phpgw_info']['server']['ldap_root_pw'], true);
169	}
170
171	// If success, return follow_referral connection. Else, return normal connection.
172	if ($ldap_connection)
173	return $ldap_connection;
174	else
175	return $this->ldap;
176	*/
177
178	// Este if é para utilizar o master. (para replicação)
179	if ( (!empty($GLOBALS['phpgw_info']['server']['ldap_master_host'])) && ($ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_master_host'])) )
180	{
181	ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
182	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
183	ldap_set_rebind_proc($ldap_connection, ldapRebind);
184	if ( ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
185	{
186	if ( ! ldap_bind($ldap_connection, $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'], $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw']) )
187	{
188	return false;
189	}
190	}
191	return $ldap_connection;
192	}
193	else
194	{
195	$ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']);
196	if ($ldap_connection)
197	{
198	ldap_set_option($ldap_connection,LDAP_OPT_PROTOCOL_VERSION,3);
199	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
200	if ( ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_root_pw']) )
201	return $ldap_connection;
202	}
203	}
204
205	return false;
206	}
207
208	function validate_fields($params)
209	{
210	/* ldap connection following referals and using Contac Center config*/
211	if (is_array($_SESSION['phpgw_info']['expresso']['cc_ldap_server']))
212	{
213	$ldap_connection = ldap_connect($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['host']);
214	if ($ldap_connection)
215	{
216	ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
217	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
218
219	if ( ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
220	ldap_bind($ldap_connection, $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'], $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw']);
221	$context = $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['dn'];
222	}
223	else
224	{
225	$result['status'] = false;
226	$result['msg'] = $this->functions->lang('Connection with ldap fail') . ".";
227	return $result;
228	}
229	}
230	else
231	{
232	$ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']);
233	ldap_set_option($ldap_connection,LDAP_OPT_PROTOCOL_VERSION,3);
234	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
235	ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_root_pw']);
236	$context = $GLOBALS['phpgw_info']['server']['ldap_context'];
237	}
238
239	$result['status'] = true;
240
241	$params = unserialize($params['attributes']);
242	$type = $params['type'];
243	$uid = $params['uid'];
244	$mail = $params['mail'];
245	$mailalternateaddress = $params['mailalternateaddress'];
246	$cpf = $params['cpf'];
247
248	if ($_SESSION['phpgw_info']['expresso']['global_denied_users'][$uid])
249	{
250	$result['status'] = false;
251	$result['msg'] = $this->functions->lang('this login can not be used because is a system account') . ".";
252	return $result;
253	}
254
255	if (($type == 'create_user') \|\| ($type == 'rename_user'))
256	{
257	if ($this->current_config['expressoAdmin_prefix_org'] == 'true')
258	{
259	//Obtenho UID sem a organização. Na criação o uid já vem sem a organização
260	$tmp_uid_without_org = split("-", $params['uid']);
261	$tmp_reverse_uid_without_org = array_reverse($tmp_uid_without_org);
262	array_pop($tmp_reverse_uid_without_org);
263	$uid_without_org = implode("-", $tmp_reverse_uid_without_org);
264	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(\|(uid=$uid)(uid=$uid_without_org)))";
265	}
266	else
267	{
268	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uid=$uid))";
269	}
270	/*
271	//UID
272	if (($type == 'rename_user') && ($this->current_config['expressoAdmin_prefix_org'] == 'true'))
273	{
274	//Obtenho UID sem a organização. Na criação o uid já vem sem a organização
275	$tmp_uid_without_org = split("-", $params['uid']);
276	$tmp_reverse_uid_without_org = array_reverse($tmp_uid_without_org);
277	array_pop($tmp_reverse_uid_without_org);
278	$uid_without_org = implode("-", $tmp_reverse_uid_without_org);
279	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(\|(uid=$uid)(uid=$uid_without_org)))";
280	}
281	else
282	{
283	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uid=$uid))";
284	}
285	*/
286
287	$justthese = array("uid", "mail", "cn");
288	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
289	$count_entries = ldap_count_entries($ldap_connection,$search);
290	if ($count_entries > 0)
291	{
292	$entries = ldap_get_entries($ldap_connection, $search);
293
294	for ($i=0; $i<$entries['count']; $i++)
295	{
296	$users .= $entries[$i]['cn'][0] . ' - ' . $entries[$i]['mail'][0] . "\n";
297	}
298
299	$result['status'] = false;
300	$result['msg'] = $this->functions->lang('this login is already used by') . ":\n" . $users;
301	return $result;
302	}
303
304	// GRUPOS
305	$filter = "(&(phpgwAccountType=g)(cn=$uid))";
306	$justthese = array("cn");
307	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
308	$count_entries = ldap_count_entries($ldap_connection,$search);
309	if ($count_entries > 0)
310	{
311	$result['status'] = false;
312	$result['msg'] = $this->functions->lang('This login is being used by a group') . ".";
313	return $result;
314	}
315
316
317	// UID em outras organizações, pesquiso apenas na maquina local e se utilizar prefix_org
318	if ($this->current_config['expressoAdmin_prefix_org'] == 'true')
319	{
320	$ldap_connection2 = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']);
321	ldap_set_option($ldap_connection2,LDAP_OPT_PROTOCOL_VERSION,3);
322	ldap_set_option($ldap_connection2, LDAP_OPT_REFERRALS, false);
323	ldap_bind($ldap_connection2, $GLOBALS['phpgw_info']['server']['ldap_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_root_pw']);
324	$context = $GLOBALS['phpgw_info']['server']['ldap_context'];
325
326	//Obtenho UID sem a organização
327	/*
328	$tmp_uid_without_org = split("-", $params['uid']);
329	if (count($tmp_uid_without_org) < 2)
330	{
331	$result['status'] = false;
332	$result['msg'] = 'Novo login sem organização.';
333	return $result;
334	}
335	$tmp_reverse_uid_without_org = array_reverse($tmp_uid_without_org);
336	array_pop($tmp_reverse_uid_without_org);
337	$uid_without_org = implode("-", $tmp_reverse_uid_without_org);
338	*/
339
340	$filter = "(objectClass=organizationalUnit)";
341	$justthese = array("ou");
342	$search = ldap_list($ldap_connection2, $context, $filter, $justthese);
343	$entries = ldap_get_entries($ldap_connection2 ,$search);
344
345	foreach ($entries as $index=>$org)
346	{
347	$organization = $org['ou'][0];
348	$organization = strtolower($organization);
349
350	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uid=$organization-$uid))";
351
352	$justthese = array("uid");
353	$search = ldap_search($ldap_connection2, $context, $filter, $justthese);
354	$count_entries = ldap_count_entries($ldap_connection2,$search);
355	if ($count_entries > 0)
356	{
357	$result['status'] = false;
358	$result['msg'] = $this->functions->lang('this login is already used by a user in another organization') . ".";
359	ldap_close($ldap_connection2);
360	return $result;
361	}
362	}
363	ldap_close($ldap_connection2);
364	}
365	}
366
367	if ($type == 'rename_user')
368	{
369	return $result;
370	}
371
372	// MAIL
373	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(\|(mail=$mail)(mailalternateaddress=$mail)))";
374	$justthese = array("mail", "uid");
375	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
376	$entries = ldap_get_entries($ldap_connection,$search);
377	if ($entries['count'] == 1){
378	if ($entries[0]['uid'][0] != $uid){
379	$result['status'] = false;
380	$result['msg'] = $this->functions->lang('this email address is being used by 1 user') . ": " . $entries[0]['uid'][0];
381	return $result;
382	}
383	}
384	else if ($entries['count'] > 1){
385	$result['status'] = false;
386	$result['msg'] = $this->functions->lang('this email address is being used by 2 or more users') . ".";
387	return $result;
388	}
389
390	// MAILAlternateAddress
391	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(\|(mail=$mailalternateaddress)(mailalternateaddress=$mailalternateaddress)))";
392	$justthese = array("mail", "uid");
393	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
394	$entries = ldap_get_entries($ldap_connection,$search);
395	if ($entries['count'] == 1){
396	if ($entries[0]['uid'][0] != $uid){
397	$result['status'] = false;
398	$result['msg'] = $this->functions->lang('alternative email is being used by 1 user') . ": " . $entries[0]['uid'][0];
399	return $result;
400	}
401	}
402	else if ($entries['count'] > 1){
403	$result['status'] = false;
404	$result['msg'] = $this->functions->lang('alternative email is being used by 2 or more users') . ".";
405	return $result;
406	}
407
408	//Begin: Check CPF, only if the manager has access to this field.
409	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'manipulate_corporative_information'))
410	{
411	if (!empty($cpf))
412	{
413	if (!$this->functions->checkCPF($cpf))
414	{
415	$result['status'] = false;
416	$result['msg'] = $this->functions->lang('Field CPF is invalid') . '.';
417	return $result;
418	}
419	else
420	{
421	//retira caracteres que não são números.
422	$cpf = ereg_replace("[^0-9]", "", $cpf);
423
424	$local_ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']);
425	if ($ldap_connection)
426	{
427	ldap_set_option($local_ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
428	ldap_set_option($local_ldap_connection, LDAP_OPT_REFERRALS, false);
429	ldap_bind($local_ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_root_pw']);
430	}
431	else
432	{
433	$result['status'] = false;
434	$result['msg'] = $this->functions->lang('Connection with ldap fail') . ".";
435	return $result;
436	}
437
438	$filter = "(&(phpgwAccountType=u)(cpf=$cpf))";
439	$justthese = array("cn","uid","mail");
440	$search = ldap_search($local_ldap_connection, $context, $filter, $justthese);
441	$entries = ldap_get_entries($local_ldap_connection,$search);
442
443	if ( ($entries['count'] > 0 ) && (strcasecmp($uid, $entries[0]['uid'][0]) != 0) )
444	{
445	if ($entries['count'] > 0)
446	{
447	$entries_text = "";
448	for ($i=0; $i<$entries['count']; $i++)
449	{
450	if (strcasecmp($uid, $entries[$i]['uid'][0]) != 0)
451	$entries_text .= $entries[$i]['cn'][0] ." - ".$entries[0]['uid'][0] ." - ".$entries[$i]['mail'][0]."\n";
452	}
453	if ($this->current_config['expressoAdmin_deny_same_cpf'] == 'false' )
454	{
455	$result['question'] = $this->functions->lang('Field CPF used by') . ":\n";
456	$result['question'] .= $entries_text;
457	$result['question'] .= $this->functions->lang("Do you want to continue anyway") . "?";
458	return $result;
459	} else {
460	$result['status'] = false;
461	$result['msg'] = $this->functions->lang('Field CPF cannot be duplicated') . ".\n";
462	$result['msg'] .= $this->functions->lang('Field CPF used by') . ":\n";
463	$result['msg'] .= $entries_text;
464	return $result;
465	}
466
467	}
468	}
469	ldap_close($local_ldap_connection);
470	}
471	}
472	else if ($this->current_config['expressoAdmin_cpf_obligation'])
473	{
474	$result['status'] = false;
475	$result['msg'] = $this->functions->lang('Field CPF must be completed') . '.';
476	return $result;
477	}
478	}
479	//End: Check CPF
480
481	return $result;
482	}
483
484	function generate_login($params) {
485	$params = unserialize($params['attributes']);
486	$context = $GLOBALS['phpgw_info']['server']['ldap_context'];
487	$justthese = array("uid");
488	$i=1;
489	$login = array("status" => False,"msg" => $this->functions->lang("Login generator disabled"));
490	if( (isset($this->current_config['expressoAdmin_loginGenScript'])) &&
491	($this->current_config['expressoAdmin_loginGenScript'])) {
492
493	include_once "if.login.inc.php";
494	include_once "class.".$this->current_config['expressoAdmin_loginGenScript'].
495	".inc.php";
496
497	$classe = new ReflectionClass($this->current_config['expressoAdmin_loginGenScript']);
498
499	if(!$classe->implementsInterface('login'))
500	{
501	return array(
502	"status" => False,
503	"msg" => $this->functions->lang("Login interface not implemented (contact suport)")
504	);
505	}
506
507	$login = $classe->newInstance()->generate_login($params["first_name"],$params["second_name"],$this->ldap);
508
509	/*
510	If login exists, it concatenates a number to the end.
511	resulting in a new login
512	*/
513	$i = 1;
514	while($i < 1000) // Limit of 1000 equal names
515	{
516	$search = ldap_search($this->ldap, $context, "(uid=".$login.")", $justthese);
517	if (ldap_count_entries($this->ldap,$search) == 0)
518	break;
519	else
520	{
521	if ($i > 1) // If login have a number, remove the number and put the new one
522	$login=substr($login,0,strlen($login)-strlen($i)).$i;
523	else
524	$login.=$i;
525	$i++;
526	}
527	}
528	}
529
530	return array('status'=>true,'msg' => $login);
531	}
532	function validate_fields_group($params)
533	{
534	/* ldap connection following referals and using Contac Center config*/
535	if (is_array($_SESSION['phpgw_info']['expresso']['cc_ldap_server']))
536	{
537	$ldap_connection = ldap_connect($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['host']);
538	if ($ldap_connection)
539	{
540	ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
541	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
542	if ( ($GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
543	ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['acc'], $GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['pw']);
544	$context = $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['dn'];
545	}
546	else
547	{
548	$result['status'] = false;
549	$result['msg'] = $this->functions->lang('Connection with ldap fail') . ".";
550	return $result;
551	}
552	}
553	else
554	{
555	$ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']);
556	ldap_set_option($ldap_connection,LDAP_OPT_PROTOCOL_VERSION,3);
557	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
558	ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_root_pw']);
559	$context = $GLOBALS['phpgw_info']['server']['ldap_context'];
560	}
561
562	$cn = $params['cn'];
563	$result['status'] = true;
564
565	if ($_SESSION['phpgw_info']['expresso']['global_denied_groups'][$cn])
566	{
567	$result['status'] = false;
568	$result['msg'] = $this->functions->lang('This group name can not be used because is a System Account') . ".";
569	return $result;
570	}
571
572	// CN
573	$filter = "(&(phpgwAccountType=g)(cn=$cn))";
574	$justthese = array("cn");
575	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
576	$count_entries = ldap_count_entries($ldap_connection,$search);
577	if ($count_entries > 0)
578	{
579	$result['status'] = false;
580	$result['msg'] = $this->functions->lang('This name is already used') . ".";
581	return $result;
582	}
583
584	// UID
585	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uid=$cn))";
586	$justthese = array("uid");
587	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
588	$count_entries = ldap_count_entries($ldap_connection,$search);
589	if ($count_entries > 0)
590	{
591	$result['status'] = false;
592	$result['msg'] = $this->functions->lang('This grupo name is already used by an user') . ".";
593	return $result;
594	}
595
596	return $result;
597	}
598
599	function validate_fields_maillist($params)
600	{
601	/* ldap connection following referals and using Contac Center config*/
602	if (is_array($_SESSION['phpgw_info']['expresso']['cc_ldap_server']))
603	{
604	$ldap_connection = ldap_connect($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['host']);
605	if ($ldap_connection)
606	{
607	ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
608	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
609	if ( ($GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
610	ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['acc'], $GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['pw']);
611	$context = $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['dn'];
612	}
613	else
614	{
615	$result['status'] = false;
616	$result['msg'] = $this->functions->lang('Connection with ldap fail') . ".";
617	return $result;
618	}
619	}
620	else
621	{
622	$ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']);
623	ldap_set_option($ldap_connection,LDAP_OPT_PROTOCOL_VERSION,3);
624	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
625	ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_root_pw']);
626	$context = $GLOBALS['phpgw_info']['server']['ldap_context'];
627	}
628
629	$uid = $params['uid'];
630	$mail = $params['mail'];
631	$result['status'] = true;
632
633	if ($_SESSION['phpgw_info']['expresso']['global_denied_users'][$uid])
634	{
635	$result['status'] = false;
636	$result['msg'] = $this->functions->lang('This LOGIN can not be used because is a System Account') . ".";
637	return $result;
638	}
639
640	// UID
641	$filter = "(&(phpgwAccountType=l)(uid=$uid))";
642	$justthese = array("uid");
643	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
644	$count_entries = ldap_count_entries($ldap_connection,$search);
645	if ($count_entries > 0)
646	{
647	$result['status'] = false;
648	$result['msg'] = $this->functions->lang('this email list login is already used') . ".";
649	return $result;
650	}
651
652	// MAIL
653	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(\|(mail=$mail)(mailalternateaddress=$mail)))";
654	$justthese = array("mail");
655	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
656	$count_entries = ldap_count_entries($ldap_connection,$search);
657	if ($count_entries > 0)
658	{
659	$result['status'] = false;
660	$result['msg'] = $this->functions->lang('this email address is already used') . ".";
661	return $result;
662	}
663
664	return $result;
665	}
666
667	//Busca usuários de um contexto e já retorna as options do select;
668	function get_available_users($params)
669	{
670	$context = $params['context'];
671	$recursive = $params['recursive'];
672	$justthese = array("cn", "uidNumber");
673	$filter="(phpgwAccountType=u)";
674
675	if ($recursive == 'true')
676	$groups_list=ldap_search($this->ldap, $context, $filter, $justthese);
677	else
678	$groups_list=ldap_list($this->ldap, $context, $filter, $justthese);
679
680	$entries = ldap_get_entries($this->ldap, $groups_list);
681
682	for ($i=0; $i<$entries["count"]; $i++){
683	$u_tmp[$entries[$i]["uidnumber"][0]] = $entries[$i]["cn"][0];
684	}
685
686	if (count($u_tmp))
687	natcasesort($u_tmp);
688
689	$i = 0;
690	$users = array();
691
692	if (count($u_tmp))
693	{
694	foreach ($u_tmp as $uidnumber => $cn)
695	{
696	$options .= "<option value=$uidnumber>$cn</option>";
697	}
698	unset($u_tmp);
699	}
700
701	return $options;
702	}
703	//Busca usuarios de um contexto e ja retorna as options do select;
704	function get_available_users2($params)
705	{
706	$context= $params['context'];
707	$justthese = array("cn", "uid");
708	$filter = "(&(phpgwaccounttype=u)(!(phpgwaccountvisible=-1)))";
709
710	if ($this->ldap)
711	{
712	$sr=ldap_search($this->ldap, $context, $filter, $justthese);
713	$entries = ldap_get_entries($this->ldap, $sr);
714
715	for ($i=0; $i<$entries["count"]; $i++){
716	$u_tmp[$entries[$i]["uid"][0]] = $entries[$i]["cn"][0];
717	}
718
719	natcasesort($u_tmp);
720
721	$i = 0;
722	$users = array();
723
724	if (count($u_tmp))
725	{
726	foreach ($u_tmp as $uidnumber => $cn)
727	{
728	$options .= "<option value=$uidnumber>$cn</option>";
729	}
730	unset($u_tmp);
731	}
732	return $options;
733	}
734	}
735	//Busca usuários e listas de um contexto e já retorna as options do select;
736	function get_available_users_and_maillist($params)
737	{
738	$context = $params['context'];
739	$recursive = $params['recursive'];
740
741	//Usado para retirar a própria lista das possibilidades de inclusão.
742	$denied_uidnumber = $params['denied_uidnumber'];
743
744	$justthese = array("cn", "uidNumber", "mail");
745
746	$users_filter="(phpgwAccountType=u)";
747	$lists_filter = $denied_uidnumber == '' ? "(phpgwAccountType=l)" : "(&(phpgwAccountType=l)(!(uidnumber=$denied_uidnumber)))";
748
749	$users = Array();
750	$lists = Array();
751
752	/* folling referral connection */
753	$ldap_conn_following_ref = ldap_connect($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['host']);
754	if ($ldap_conn_following_ref)
755	{
756	ldap_set_option($ldap_conn_following_ref, LDAP_OPT_PROTOCOL_VERSION, 3);
757	ldap_set_option($ldap_conn_following_ref, LDAP_OPT_REFERRALS, 1);
758
759	if ( ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
760	ldap_bind($ldap_conn_following_ref, $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'], $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw']);
761	}
762	else
763	return false;
764
765	if ($recursive == 'true')
766	$users_search = ldap_search($ldap_conn_following_ref, $context, $users_filter, $justthese);
767	else
768	$users_search = ldap_list($ldap_conn_following_ref, $context, $users_filter, $justthese);
769
770	/* email lists */
771	if($params['listSearch'] == 'true'){
772	if ($recursive == 'true')
773	$lists_search = ldap_search($ldap_conn_following_ref, $context, $lists_filter, $justthese);
774	else
775	$lists_search = ldap_list($ldap_conn_following_ref, $context, $lists_filter, $justthese);
776
777	$lists_entries = ldap_get_entries($ldap_conn_following_ref, $lists_search);
778
779	for ($i=0; $i<$lists_entries["count"]; $i++)
780	{
781	$l_tmp[$lists_entries[$i]["mail"][0]] = $lists_entries[$i]["cn"][0];
782	}
783
784	if (count($l_tmp))
785	natcasesort($l_tmp);
786
787	$i = 0;
788	$lists = array();
789
790	$options .= '<option value="-1" disabled>------------------------------    '.$this->functions->lang('email lists').'    ------------------------------ </option>'."\n";
791	if (count($l_tmp))
792	{
793	foreach ($l_tmp as $mail => $cn)
794	{
795	$options .= "<option value=$mail>$cn</option>";
796	}
797	unset($l_tmp);
798	}
799	}
800
801	/* users */
802	$users_entries = ldap_get_entries($ldap_conn_following_ref, $users_search);
803	for ($i=0; $i<$users_entries["count"]; $i++)
804	{
805	$u_tmp[$users_entries[$i]["mail"][0]] = $users_entries[$i]["cn"][0];
806	}
807
808	if (count($u_tmp))
809	natcasesort($u_tmp);
810
811	$i = 0;
812	$users = array();
813
814	$options .= '<option value="-1" disabled>-----------------------------    '.$this->functions->lang('users').'    ---------------------------- </option>'."\n";
815
816	if (count($u_tmp))
817	{
818	foreach ($u_tmp as $mail => $cn)
819	{
820	$options .= "<option value=$mail class='line-above'>$cn</option>";
821	}
822	unset($u_tmp);
823	}
824
825	ldap_close($ldap_conn_following_ref);
826	return $options;
827	}
828
829	function get_available_groups($params)
830	{
831	$context = $params['context'];
832	$justthese = array("cn", "gidNumber");
833	$groups_list=ldap_list($this->ldap, $context, ("(phpgwAccountType=g)"), $justthese);
834	ldap_sort($this->ldap, $groups_list, "cn");
835
836	$entries = ldap_get_entries($this->ldap, $groups_list);
837
838	$options = '';
839	for ($i=0; $i<$entries['count']; $i++)
840	{
841	$options .= "<option value=" . $entries[$i]['gidnumber'][0] . ">" . $entries[$i]['cn'][0] . "</option>";
842	}
843
844	return $options;
845	}
846
847	function get_available_maillists($params)
848	{
849	if ( !$ldapMasterConnect = $this->ldapMasterConnect() )
850	return false;
851
852	$context = $params['context'];
853	$justthese = array("uid","mail","uidNumber");
854	$maillists=ldap_list($ldapMasterConnect, $context, ("(phpgwAccountType=l)"), $justthese);
855	ldap_sort($ldapMasterConnect, $maillists, "uid");
856
857	$entries = ldap_get_entries($ldapMasterConnect, $maillists);
858
859	$options = '';
860	for ($i=0; $i<$entries['count']; $i++)
861	{
862	$options .= "<option value=" . $entries[$i]['uid'][0] . ">" . $entries[$i]['uid'][0] . " (" . $entries[$i]['mail'][0] . ")" . "</option>";
863	}
864
865	ldap_close($ldapMasterConnect);
866	return $options;
867	}
868
869	function ldap_add_entry($dn, $entry)
870	{
871	$result = array();
872	if (!@ldap_add ( $this->ldap, $dn, $entry ))
873	{
874	$result['status'] = false;
875	$result['error_number'] = ldap_errno($this->ldap);
876	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->ldap_add_entry ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_errno($this->ldap) . ldap_error($this->ldap);
877	}
878	else
879	$result['status'] = true;
880
881	return $result;
882	}
883
884	function ldap_save_photo($dn, $pathphoto, $photo_exist=false)
885	{
886	$fd = fopen($pathphoto, "r");
887	$fsize = filesize($pathphoto);
888	$jpegStr = fread($fd, $fsize);
889	fclose ($fd);
890	$attrs['jpegPhoto'] = $jpegStr;
891
892	if ($photo_exist)
893	$res = @ldap_mod_replace($this->ldap, $dn, $attrs);
894	else
895	$res = @ldap_mod_add($this->ldap, $dn, $attrs);
896
897	if ($res)
898	{
899	$result['status'] = true;
900	}
901	else
902	{
903	$result['status'] = false;
904	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->ldap_save_photo ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
905	}
906
907	return $result;
908	}
909
910	function ldap_remove_photo($dn)
911	{
912	$attrs['jpegPhoto'] = array();
913	$res = ldap_mod_del($this->ldap, $dn, $attrs);
914
915	if ($res)
916	{
917	$result['status'] = true;
918	}
919	else
920	{
921	$result['status'] = false;
922	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->ldap_remove_photo ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
923	}
924
925	return $result;
926	}
927
928	// Pode receber tanto um único memberUid quanto um array de memberUid's
929	function add_user2group($gidNumber, $memberUid)
930	{
931	$filter = "(&(phpgwAccountType=g)(gidNumber=$gidNumber))";
932	$justthese = array("dn");
933	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
934	$entry = ldap_get_entries($this->ldap, $search);
935	$group_dn = $entry[0]['dn'];
936	$attrs['memberUid'] = $memberUid;
937
938	$res = @ldap_mod_add($this->ldap, $group_dn, $attrs);
939
940	if ($res)
941	{
942	$result['status'] = true;
943	}
944	else
945	{
946	$result['status'] = false;
947	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->add_user2group ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
948	}
949	return $result;
950	}
951
952	function remove_user2group($gidNumber, $memberUid)
953	{
954	$filter = "(&(phpgwAccountType=g)(gidNumber=$gidNumber))";
955	$justthese = array("dn");
956	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
957	$entry = ldap_get_entries($this->ldap, $search);
958	$group_dn = $entry[0]['dn'];
959	$attrs['memberUid'] = $memberUid;
960	$res = @ldap_mod_del($this->ldap, $group_dn, $attrs);
961
962	if ($res)
963	{
964	$result['status'] = true;
965	}
966	else
967	{
968	$result['status'] = false;
969	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->remove_user2group ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
970	}
971	return $result;
972	}
973
974	function add_user2maillist($uid, $mail)
975	{
976	$filter = "(&(phpgwAccountType=l)(uid=$uid))";
977	$justthese = array("dn");
978	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
979	$entry = ldap_get_entries($this->ldap, $search);
980	$group_dn = $entry[0]['dn'];
981	$attrs['mailForwardingAddress'] = $mail;
982	$res = @ldap_mod_add($this->ldap, $group_dn, $attrs);
983
984	if ($res)
985	{
986	$result['status'] = true;
987	}
988	else
989	{
990	$result['status'] = false;
991	if (ldap_errno($this->ldap) == '50')
992	{
993	$result['msg'] = $this->functions->lang('Error on the function') . ' ldap_functions->add_user2maillist' . ".\n" .
994	$this->functions->lang('The user used for record on LDAP, must have write access') . ".\n";
995	$this->functions->lang('The user') . ' ' . $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] . ' ' . $this->functions->lang('does not have this access') . ".\n";
996	$this->functions->lang('Edit Global Catalog Config, in the admin module, and add an user with write access') . ".\n";
997	}
998	else
999	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->add_user2maillist ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1000	}
1001
1002	ldap_close($this->ldap);
1003	return $result;
1004	}
1005
1006	function add_user2maillist_scl($dn, $array_emails)
1007	{
1008	$attrs['mailSenderAddress'] = $array_emails;
1009
1010	$res = @ldap_mod_add($this->ldap, $dn, $attrs);
1011
1012	if ($res)
1013	{
1014	$result['status'] = true;
1015	}
1016	else
1017	{
1018	$result['status'] = false;
1019	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->add_user2maillist_scp ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1020	}
1021	return $result;
1022	}
1023
1024	function remove_user2maillist($uid, $mail)
1025	{
1026	$filter = "(&(phpgwAccountType=l)(uid=$uid))";
1027	$justthese = array("dn");
1028	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1029	$entry = ldap_get_entries($this->ldap, $search);
1030	$group_dn = $entry[0]['dn'];
1031	$attrs['mailForwardingAddress'] = $mail;
1032	$res = @ldap_mod_del($this->ldap, $group_dn, $attrs);
1033
1034	if ($res)
1035	{
1036	$result['status'] = true;
1037	}
1038	else
1039	{
1040	$result['status'] = false;
1041	if (ldap_errno($this->ldap) == '50')
1042	{
1043	$result['msg'] = $this->functions->lang('Error on the function') . ' ldap_functions->remove_user2maillist' . ".\n" .
1044	$this->functions->lang('The user used for record on LDAP, must have write access') . ".\n";
1045	$this->functions->lang('The user') . ' ' . $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] . ' ' . $this->functions->lang('does not have this access') . ".\n";
1046	$this->functions->lang('Edit Global Catalog Config, in the admin module, and add an user with write access') . ".\n";
1047	}
1048	else
1049	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->remove_user2maillist ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1050	}
1051	ldap_close($this->ldap);
1052	return $result;
1053	}
1054
1055	function remove_user2maillist_scl($dn, $array_emails)
1056	{
1057	$attrs['mailSenderAddress'] = $array_emails;
1058	$res = @ldap_mod_del($this->ldap, $dn, $attrs);
1059
1060	if ($res)
1061	{
1062	$result['status'] = true;
1063	}
1064	else
1065	{
1066	$result['status'] = false;
1067	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->remove_user2maillist_scp ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1068	}
1069	return $result;
1070	}
1071
1072	function replace_user2maillists($new_mail, $old_mail)
1073	{
1074	$filter = "(&(phpgwAccountType=l)(mailforwardingaddress=$old_mail))";
1075	$justthese = array("dn");
1076	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1077	$entries = ldap_get_entries($this->ldap, $search);
1078	$result['status'] = true;
1079	for ($i=0; $i<$entries['count']; $i++)
1080	{
1081	$attrs['mailforwardingaddress'] = $old_mail;
1082	$res1 = @ldap_mod_del($this->ldap, $entries[$i]['dn'], $attrs);
1083	$attrs['mailforwardingaddress'] = $new_mail;
1084	$res2 = @ldap_mod_add($this->ldap, $entries[$i]['dn'], $attrs);
1085
1086	if ((!$res1) \|\| (!$res2))
1087	{
1088	$result['status'] = false;
1089	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->replace_user2maillists ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1090	}
1091	}
1092
1093	return $result;
1094	}
1095
1096	function get_user_info($uidnumber)
1097	{
1098	foreach ($this->manager_contexts as $index=>$context)
1099	{
1100	$filter="(&(phpgwAccountType=u)(uidNumber=".$uidnumber."))";
1101	$search = ldap_search($this->ldap, $context, $filter);
1102	$entry = ldap_get_entries($this->ldap, $search);
1103
1104	if ($entry['count'])
1105	{
1106	//Pega o dn do setor do usuario.
1107	$entry[0]['dn'] = strtolower($entry[0]['dn']);
1108	$sector_dn_array = explode(",", $entry[0]['dn']);
1109	for($i=1; $i<count($sector_dn_array); $i++)
1110	$sector_dn .= $sector_dn_array[$i] . ',';
1111	//Retira ultimo pipe.
1112	$sector_dn = substr($sector_dn,0,(strlen($sector_dn) - 1));
1113
1114	$result['context'] = $sector_dn;
1115	$result['uid'] = $entry[0]['uid'][0];
1116	$result['uidnumber'] = $entry[0]['uidnumber'][0];
1117	$result['gidnumber'] = $entry[0]['gidnumber'][0];
1118	$result['departmentnumber'] = $entry[0]['departmentnumber'][0];
1119	$result['givenname'] = $entry[0]['givenname'][0];
1120	$result['sn'] = $entry[0]['sn'][0];
1121	$result['telephonenumber'] = $entry[0]['telephonenumber'][0];
1122	$result['passwd_expired'] = $entry[0]['phpgwlastpasswdchange'][0];
1123	$result['phpgwaccountstatus'] = $entry[0]['phpgwaccountstatus'][0];
1124	$result['phpgwaccountvisible'] = $entry[0]['phpgwaccountvisible'][0];
1125	$result['accountstatus'] = $entry[0]['accountstatus'][0];
1126	$result['mail'] = $entry[0]['mail'][0];
1127	$result['mailalternateaddress'] = $entry[0]['mailalternateaddress'];
1128	$result['mailforwardingaddress']= $entry[0]['mailforwardingaddress'];
1129	$result['deliverymode'] = $entry[0]['deliverymode'][0];
1130	$result['userPasswordRFC2617'] = $entry[0]['userpasswordrfc2617'][0];
1131
1132	//Photo
1133	if ($entry[0]['jpegphoto']['count'] == 1)
1134	$result['photo_exist'] = 'true';
1135
1136	// Samba
1137	for ($i=0; $i<$entry[0]['objectclass']['count']; $i++)
1138	{
1139	if ($entry[0]['objectclass'][$i] == 'sambaSamAccount')
1140	$result['sambaUser'] = true;
1141	}
1142	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($result['sambaUser']))
1143	{
1144	$result['sambaaccflags'] = $entry[0]['sambaacctflags'][0];
1145	$result['sambalogonscript'] = $entry[0]['sambalogonscript'][0];
1146	$result['homedirectory'] = $entry[0]['homedirectory'][0];
1147	$a_tmp = explode("-", $entry[0]['sambasid'][0]);
1148	array_pop($a_tmp);
1149	$result['sambasid'] = implode("-", $a_tmp);
1150	}
1151
1152	// Verifica o acesso do gerente aos atributos corporativos
1153	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'manipulate_corporative_information'))
1154	{
1155	$result['corporative_information_employeenumber']= $entry[0]['employeenumber'][0];
1156	$result['corporative_information_cpf'] = $entry[0]['cpf'][0];
1157	$result['corporative_information_rg'] = $entry[0]['rg'][0];
1158	$result['corporative_information_rguf'] = $entry[0]['rguf'][0];
1159	$result['corporative_information_description'] = utf8_decode($entry[0]['description'][0]);
1160	}
1161
1162	// MailLists
1163	$result['maillists_info'] = $this->get_user_maillists($result['mail']);
1164	if($result['maillists_info'])
1165	{
1166	foreach ($result['maillists_info'] as $maillist)
1167	{
1168	$result['maillists'][] = $maillist['uid'];
1169	}
1170	}
1171
1172	// Groups
1173	$justthese = array("gidnumber","cn");
1174	$filter="(&(phpgwAccountType=g)(memberuid=".$result['uid']."))";
1175	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1176	ldap_sort($this->ldap, $search, "cn");
1177	$entries = ldap_get_entries($this->ldap, $search);
1178	for ($i=0; $i<$entries['count']; $i++)
1179	{
1180	$result['groups_ldap'][ $entries[$i]['gidnumber'][0] ] = $entries[$i]['cn'][0];
1181	}
1182	}
1183	}
1184	if (is_array($result))
1185	return $result;
1186	else
1187	return false;
1188	}
1189
1190	function get_user_maillists($mail)
1191	{
1192	if ( !$ldapMasterConnect = $this->ldapMasterConnect() )
1193	return false;
1194
1195	$result = array();
1196
1197	//Mostra somente os mailists dos contextos do gerente
1198	$justthese = array("uid","mail","uidnumber");
1199	$filter="(&(phpgwAccountType=l)(mailforwardingaddress=$mail))";
1200
1201	foreach ($this->manager_contexts as $index=>$context)
1202	{
1203	$search = ldap_search($ldapMasterConnect, $context, $filter, $justthese);
1204	$entries = ldap_get_entries($ldapMasterConnect, $search);
1205
1206	for ($i=0; $i<$entries['count']; $i++)
1207	{
1208	$result[ $entries[$i]['uid'][0] ]['uid'] = $entries[$i]['uid'][0];
1209	$result[ $entries[$i]['uid'][0] ]['mail'] = $entries[$i]['mail'][0];
1210
1211	$a_tmp[] = $entries[$i]['uid'][0];
1212	}
1213	}
1214
1215	if($a_tmp) {
1216	natcasesort($a_tmp);
1217
1218	foreach ($a_tmp as $uid)
1219	{
1220	$return[$uid]['uid'] = $result[$uid]['uid'];
1221	$return[$uid]['mail'] = $result[$uid]['mail'];
1222	}
1223	}
1224	ldap_close($ldapMasterConnect);
1225	return $return;
1226	}
1227
1228	function get_group_info($gidnumber,$use_global_context=false)
1229	{
1230	$array_context = $use_global_context ? Array(0 => $GLOBALS['phpgw_info']['server']['ldap_context']) : $this->manager_contexts;
1231	foreach ($array_context as $index=>$context)
1232	{
1233	$filter="(&(phpgwAccountType=g)(gidNumber=".$gidnumber."))";
1234	$search = ldap_search($this->ldap, $context, $filter);
1235	$entry = ldap_get_entries($this->ldap, $search);
1236
1237	if ($entry['count'])
1238	{
1239	//Pega o dn do setor do grupo.
1240	$entry[0]['dn'] = strtolower($entry[0]['dn']);
1241	$sector_dn_array = explode(",", $entry[0]['dn']);
1242	for($i=1; $i<count($sector_dn_array); $i++)
1243	$sector_dn .= $sector_dn_array[$i] . ',';
1244	//Retira ultimo pipe.
1245	$sector_dn = substr($sector_dn,0,(strlen($sector_dn) - 1));
1246
1247	$result['context'] = $sector_dn;
1248	$result['cn'] = $entry[0]['cn'][0];
1249	$result['description'] = $entry[0]['description'][0];
1250	$result['gidnumber'] = $entry[0]['gidnumber'][0];
1251	$result['phpgwaccountvisible'] = $entry[0]['phpgwaccountvisible'][0];
1252	$result['email'] = $entry[0]['mail'][0];
1253
1254	//MemberUid
1255	for ($i=0; $i<$entry[0]['memberuid']['count']; $i++)
1256	{
1257	$justthese = array("cn","uid","uidnumber");
1258
1259	// Montagem dinamica do filtro
1260	$filter="(&(phpgwAccountType=u)(\|";
1261	for ($k=0; (($k<10) && ($i<$entry[0]['memberuid']['count'])); $k++)
1262	{
1263	$filter .= "(uid=".$entry[0]['memberuid'][$i].")";
1264	$i++;
1265	}
1266	$i--;
1267	$filter .= "))";
1268
1269	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1270	$user_entry = ldap_get_entries($this->ldap, $search);
1271
1272	for ($j=0; $j<$user_entry['count']; $j++)
1273	{
1274	$result['memberuid_info'][$user_entry[$j]['uid'][0]]['cn'] = $user_entry[$j]['cn'][0];
1275	$result['memberuid_info'][$user_entry[$j]['uid'][0]]['uidnumber'] = $user_entry[$j]['uidnumber'][0];
1276	$result['memberuid_info'][$user_entry[$j]['uid'][0]]['type'] = 'u';
1277	}
1278	}
1279
1280	// Checamos e-mails que não fazem parte do expresso.
1281	// Criamos um array temporario
1282	$tmp_array = array();
1283	if($result['memberuid_info'])
1284	foreach ($result['memberuid_info'] as $uid => $user_data)
1285	{
1286	$tmp_array[] = $uid;
1287	}
1288
1289	if($entry[0]['memberuid']) {
1290	// Retira o count do array
1291	array_shift($entry[0]['memberuid']);
1292	// Vemos a diferença
1293	$array_diff = array_diff($entry[0]['memberuid'], $tmp_array);
1294	// Incluimos no resultado
1295	foreach ($array_diff as $index=>$uid)
1296	{
1297	$result['memberuid_info'][$uid]['cn'] = $uid;
1298	}
1299	}
1300
1301	// Samba
1302	for ($i=0; $i<$entry[0]['objectclass']['count']; $i++)
1303	{
1304	if ($entry[0]['objectclass'][$i] == 'sambaGroupMapping')
1305	$result['sambaGroup'] = true;
1306
1307	$a_tmp = explode("-", $entry[0]['sambasid'][0]);
1308	array_pop($a_tmp);
1309	$result['sambasid'] = implode("-", $a_tmp);
1310	}
1311	return $result;
1312	}
1313	}
1314	}
1315
1316	function get_maillist_info($uidnumber)
1317	{
1318	/* folling referral connection */
1319	$ldap_conn_following_ref = ldap_connect($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['host']);
1320	if ($ldap_conn_following_ref)
1321	{
1322	ldap_set_option($ldap_conn_following_ref, LDAP_OPT_PROTOCOL_VERSION, 3);
1323	ldap_set_option($ldap_conn_following_ref, LDAP_OPT_REFERRALS, 1);
1324
1325	if ( ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
1326	ldap_bind($ldap_conn_following_ref, $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'], $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw']);
1327	}
1328
1329	foreach ($this->manager_contexts as $index=>$context)
1330	{
1331	$filter="(&(phpgwAccountType=l)(uidNumber=".$uidnumber."))";
1332	$search = ldap_search($this->ldap, $context, $filter);
1333	$entry = ldap_get_entries($this->ldap, $search);
1334
1335	if ($entry['count'])
1336	{
1337	//Pega o dn do setor do usuario.
1338	$entry[0]['dn'] = strtolower($entry[0]['dn']);
1339	$sector_dn_array = explode(",", $entry[0]['dn']);
1340	for($i=1; $i<count($sector_dn_array); $i++)
1341	$sector_dn .= $sector_dn_array[$i] . ',';
1342	//Retira ultimo pipe.
1343	$sector_dn = substr($sector_dn,0,(strlen($sector_dn) - 1));
1344
1345	$result['context'] = $sector_dn;
1346	$result['uidnumber'] = $entry[0]['uidnumber'][0];
1347	$result['uid'] = strtolower($entry[0]['uid'][0]);
1348	$result['cn'] = $entry[0]['cn'][0];
1349	$result['mail'] = $entry[0]['mail'][0];
1350	$result['description'] = utf8_decode($entry[0]['description'][0]);
1351	$result['accountStatus'] = $entry[0]['accountstatus'][0];
1352	$result['phpgwAccountVisible'] = $entry[0]['phpgwaccountvisible'][0];
1353
1354	//Members
1355	for ($i=0; $i<$entry[0]['mailforwardingaddress']['count']; $i++)
1356	{
1357	$justthese = array("cn", "uidnumber", "uid", "phpgwaccounttype", "mail");
1358
1359	// Montagem dinamica do filtro, para nao ter muitas conexoes com o ldap
1360	$filter="(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(\|";
1361	for ($k=0; (($k<10) && ($i<$entry[0]['mailforwardingaddress']['count'])); $k++)
1362	{
1363	$filter .= "(mail=".$entry[0]['mailforwardingaddress'][$i].")";
1364	$i++;
1365	}
1366	$i--;
1367	$filter .= "))";
1368
1369	$search = ldap_search($ldap_conn_following_ref, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1370	$user_entry = ldap_get_entries($ldap_conn_following_ref, $search);
1371
1372	for ($j=0; $j<$user_entry['count']; $j++)
1373	{
1374	$result['mailForwardingAddress_info'][$user_entry[$j]['mail'][0]]['uid'] = $user_entry[$j]['uid'][0];
1375	$result['mailForwardingAddress_info'][$user_entry[$j]['mail'][0]]['cn'] = $user_entry[$j]['cn'][0];
1376	$result['mailForwardingAddress_info'][$user_entry[$j]['mail'][0]]['type'] = $user_entry[$j]['phpgwaccounttype'][0];
1377	$result['mailForwardingAddress'][] = $user_entry[$j]['mail'][0];
1378	}
1379	}
1380
1381	// Emails não encontrados no ldap
1382	array_shift($entry[0]['mailforwardingaddress']); //Retira o count do array
1383	$missing_emails = array_diff($entry[0]['mailforwardingaddress'], $result['mailForwardingAddress']);
1384
1385	// Incluimos estes no resultado
1386	foreach ($missing_emails as $index=>$mailforwardingaddress)
1387	{
1388	$result['mailForwardingAddress_info'][$mailforwardingaddress]['uid'] = $mailforwardingaddress;
1389	$result['mailForwardingAddress_info'][$mailforwardingaddress]['cn'] = 'E-Mail nao encontrado';
1390	$result['mailForwardingAddress'][] = $mailforwardingaddress;
1391	}
1392
1393	ldap_close($ldap_conn_following_ref);
1394	return $result;
1395	}
1396	}
1397	}
1398
1399	function get_maillist_scl_info($uidnumber)
1400	{
1401	foreach ($this->manager_contexts as $index=>$context)
1402	{
1403	$filter="(&(phpgwAccountType=l)(uidNumber=$uidnumber))";
1404	$search = ldap_search($this->ldap, $context, $filter);
1405	$entry = ldap_get_entries($this->ldap, $search);
1406
1407	if ($entry['count'])
1408	{
1409	//Pega o dn do setor do usuario.
1410	$entry[0]['dn'] = strtolower($entry[0]['dn']);
1411	$sector_dn_array = explode(",", $entry[0]['dn']);
1412	for($i=1; $i<count($sector_dn_array); $i++)
1413	$sector_dn .= $sector_dn_array[$i] . ',';
1414	//Retira ultimo pipe.
1415	$sector_dn = substr($sector_dn,0,(strlen($sector_dn) - 1));
1416
1417	$result['dn'] = $entry[0]['dn'];
1418	$result['context'] = $sector_dn;
1419	$result['uidnumber'] = $entry[0]['uidnumber'][0];
1420	$result['uid'] = $entry[0]['uid'][0];
1421	$result['cn'] = $entry[0]['cn'][0];
1422	$result['mail'] = $entry[0]['mail'][0];
1423	$result['accountStatus'] = $entry[0]['accountstatus'][0];
1424	$result['phpgwAccountVisible'] = $entry[0]['phpgwaccountvisible'][0];
1425	$result['accountRestrictive'] = $entry[0]['accountrestrictive'][0];
1426	$result['participantCanSendMail'] = $entry[0]['participantcansendmail'][0];
1427
1428	//Senders
1429	for ($i=0; $i<$entry[0]['mailsenderaddress']['count']; $i++)
1430	{
1431	$justthese = array("cn", "uidnumber", "uid", "mail");
1432	$filter="(&(phpgwAccountType=u)(mail=".$entry[0]['mailsenderaddress'][$i]."))";
1433	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1434	$user_entry = ldap_get_entries($this->ldap, $search);
1435
1436	$result['senders_info'][$user_entry[0]['mail'][0]]['uid'] = $user_entry[0]['uid'][0];
1437	$result['senders_info'][$user_entry[0]['mail'][0]]['cn'] = $user_entry[0]['cn'][0];
1438	$result['members'][] = $user_entry[0]['mail'][0];
1439	}
1440	return $result;
1441	}
1442	}
1443	}
1444
1445	function group_exist($gidnumber)
1446	{
1447	$justthese = array("cn");
1448	$filter="(&(phpgwAccountType=g)(gidNumber=".$gidnumber."))";
1449	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1450
1451	$entry = ldap_get_entries($this->ldap, $search);
1452	if ($entry['count'] == 0)
1453	return false;
1454	else
1455	return true;
1456	}
1457
1458	function gidnumbers2cn($gidnumbers)
1459	{
1460	$result = array();
1461	if (count($gidnumbers))
1462	{
1463	$justthese = array("cn");
1464	$i = 0;
1465	foreach ($gidnumbers as $gidnumber)
1466	{
1467	$filter="(&(phpgwAccountType=g)(gidNumber=".$gidnumber."))";
1468	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1469
1470	$entry = ldap_get_entries($this->ldap, $search);
1471	if ($entry['count'] == 0)
1472	$result['groups_info'][$i]['cn'] = '_' . $this->functions->lang('group only exist on DB, but does not exist on ldap');
1473
1474	else
1475	$result['groups_info'][$i]['cn'] = $entry[0]['cn'][0];
1476	$result['groups_info'][$i]['gidnumber'] = $gidnumber;
1477
1478	/* o gerente pode excluir um grupo de um usuario onde este grupo esta em outra OU ? */
1479	/* é o mesmo que o manager editar um grupo de outra OU */
1480	$result['groups_info'][$i]['group_disabled'] = 'true';
1481	foreach ($this->manager_contexts as $index=>$context)
1482	{
1483	if (strpos(strtolower($entry[0]['dn']), strtolower($context)))
1484	{
1485	$result['groups_info'][$i]['group_disabled'] = 'false';
1486	}
1487	}
1488
1489	$i++;
1490	}
1491	}
1492	return $result;
1493	}
1494
1495	function uidnumber2uid($uidnumber)
1496	{
1497	$justthese = array("uid");
1498	$filter="(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uidNumber=".$uidnumber."))";
1499	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1500	$entry = ldap_get_entries($this->ldap, $search);
1501	return $entry[0]['uid'][0];
1502	}
1503
1504	function uid2cn($uid)
1505	{
1506	$justthese = array("cn");
1507	$filter="(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uid=".$uid."))";
1508	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1509	$entry = ldap_get_entries($this->ldap, $search);
1510	return $entry[0]['cn'][0];
1511	}
1512
1513	function uidnumber2mail($uidnumber)
1514	{
1515	$justthese = array("mail");
1516	$filter="(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uidNumber=".$uidnumber."))";
1517	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1518	$entry = ldap_get_entries($this->ldap, $search);
1519	return $entry[0]['mail'][0];
1520	}
1521
1522	function get_associated_domain($params)
1523	{
1524	$justthese = array("associatedDomain");
1525	$filter="(objectClass=domainRelatedObject)";;
1526	$context = $params['context'];
1527	$search = ldap_search($this->ldap,$context, $filter, $justthese);
1528	$entry = ldap_get_entries($this->ldap, $search);
1529	return $entry[0]['associateddomain'][0];
1530	}
1531
1532	function change_user_context($dn, $newrdn, $newparent)
1533	{
1534	if (!ldap_rename ( $this->ldap, $dn, $newrdn, $newparent, true ))
1535	{
1536	$return['status'] = false;
1537	$return['msg'] = $this->functions->lang('Error on function') . " ldap_functions->change_user_context ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1538	}
1539	else
1540	$return['status'] = true;
1541
1542	return $return;
1543	}
1544
1545	function replace_user_attributes($dn, $ldap_mod_replace)
1546	{
1547	if (!@ldap_mod_replace ( $this->ldap, $dn, $ldap_mod_replace ))
1548	{
1549	$return['status'] = false;
1550	$return['error_number'] = ldap_errno($this->ldap);
1551	$return['msg'] = $this->functions->lang('Error on function') . " ldap_functions->replace_user_attributes ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1552	}
1553	else
1554	$return['status'] = true;
1555
1556	return $return;
1557	}
1558
1559	function add_user_attributes($dn, $ldap_add)
1560	{
1561	if (!@ldap_mod_add ( $this->ldap, $dn, $ldap_add ))
1562	{
1563	$return['status'] = false;
1564	$return['error_number'] = ldap_errno($this->ldap);
1565	$return['msg'] = $this->functions->lang('Error on function') . " ldap_functions->add_user_attributes ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1566	}
1567	else
1568	$return['status'] = true;
1569
1570	return $return;
1571	}
1572
1573	function remove_user_attributes($dn, $ldap_remove)
1574	{
1575	if (!@ldap_mod_del ( $this->ldap, $dn, $ldap_remove ))
1576	{
1577	$return['status'] = false;
1578	$return['msg'] = $this->functions->lang('Error on function') . " ldap_functions->remove_user_attributes ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1579	}
1580	else
1581	$return['status'] = true;
1582
1583	return $return;
1584	}
1585
1586	function set_user_password($uid, $password)
1587	{
1588	$justthese = array("userPassword");
1589	$filter="(&(phpgwAccountType=u)(uid=".$uid."))";
1590	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1591	$entry = ldap_get_entries($this->ldap, $search);
1592	$dn = $entry[0]['dn'];
1593	$userPassword = $entry[0]['userpassword'][0];
1594	$ldap_mod_replace['userPassword'] = $password;
1595	$this->replace_user_attributes($dn, $ldap_mod_replace);
1596	return $userPassword;
1597	}
1598
1599	function delete_user($user_info)
1600	{
1601	// Verifica acesso do gerente (OU) ao tentar deletar um usuário.
1602	$manager_access = false;
1603	foreach ($this->manager_contexts as $index=>$context)
1604	{
1605	if ( (strpos(strtolower($user_info['context']), strtolower($context))) \|\| (strtolower($user_info['context']) == strtolower($context)) )
1606	{
1607	$manager_access = true;
1608	break;
1609	}
1610	}
1611	if (!$manager_access)
1612	{
1613	$return['status'] = false;
1614	$result['msg'] = $this->functions->lang('You do not have access to delete this user') . ".";
1615	return $return;
1616	}
1617
1618	$return['status'] = true;
1619	$return['msg'] = "";
1620
1621	// GROUPS
1622	$attrs = array();
1623	$attrs['memberuid'] = $user_info['uid'];
1624
1625	if (count($user_info['groups_info']))
1626	{
1627	foreach ($user_info['groups_info'] as $group_info)
1628	{
1629	$gidnumber = $group_info['gidnumber'];
1630	$justthese = array("dn");
1631	$filter="(&(phpgwAccountType=g)(gidnumber=".$gidnumber."))";
1632	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1633	$entry = ldap_get_entries($this->ldap, $search);
1634	$dn = $entry[0]['dn'];
1635
1636	if (!@ldap_mod_del($this->ldap, $dn, $attrs))
1637	{
1638	$return['status'] = false;
1639	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->delete_user from group ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1640	}
1641	}
1642	}
1643
1644	//INSTITUTIONAL ACCOUNTS
1645	$attrs = array();
1646	$attrs['mailForwardingAddress'] = $user_info['mail'];
1647
1648	$justthese = array("dn");
1649	$filter="(&(phpgwAccountType=i)(mailforwardingaddress=".$user_info['mail']."))";
1650	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1651	$entries = ldap_get_entries($this->ldap, $search);
1652
1653	for ($i=0; $i<$entries['count']; $i++)
1654	{
1655	if ( !@ldap_mod_del($this->ldap, $entries[$i]['dn'], $attrs) )
1656	{
1657	$result['status'] = false;
1658	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->delete_user, institutional accounts ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1659	}
1660	}
1661
1662	// MAILLISTS
1663	$attrs = array();
1664	$attrs['mailForwardingAddress'] = $user_info['mail'];
1665
1666	if (count($user_info['maillists_info']))
1667	{
1668
1669	if ( !$ldapMasterConnect = $this->ldapMasterConnect() )
1670	{
1671	$return['status'] = false;
1672	$result['msg'] = $this->functions->lang('Connection with ldap_master fail') . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1673	return $return;
1674	}
1675
1676	foreach ($user_info['maillists_info'] as $maillists_info)
1677	{
1678	$uid = $maillists_info['uid'];
1679	$justthese = array("dn");
1680	$filter="(&(phpgwAccountType=l)(uid=".$uid."))";
1681	$search = ldap_search($ldapMasterConnect, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1682	$entry = ldap_get_entries($ldapMasterConnect, $search);
1683	$dn = $entry[0]['dn'];
1684
1685	if (!@ldap_mod_del($ldapMasterConnect, $dn, $attrs))
1686	{
1687	$return['status'] = false;
1688	if (ldap_errno($ldapMasterConnect) == '50')
1689	{
1690	$result['msg'] = $this->functions->lang('Error on the function') . ' ldap_functions->add_user2maillist' . ".\n" .
1691	$this->functions->lang('The user used for record on LPDA, must have write access') . ".\n";
1692	$this->functions->lang('The user') . ' ' . $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] . ' ' . $this->functions->lang('does not have this access') . ".\n";
1693	$this->functions->lang('Edit Global Catalog Config, in the admin module, and add an user with write access') . ".\n";
1694	}
1695	else
1696	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->delete_user, email lists ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($ldapMasterConnect);
1697	}
1698	}
1699	ldap_close($ldapMasterConnect);
1700	}
1701
1702	// UID
1703	$dn = "uid=" . $user_info['uid'] . "," . $user_info['context'];
1704	if (!@ldap_delete($this->ldap, $dn))
1705	{
1706	$return['status'] = false;
1707	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->delete_user, email lists ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($ldapMasterConnect);
1708	}
1709	/* jakjr */
1710	return $return;
1711	}
1712
1713	function delete_maillist($uidnumber, $mail)
1714	{
1715	$return['status'] = true;
1716
1717	$justthese = array("dn");
1718
1719	// remove listas dentro de listas
1720	$filter="(&(phpgwAccountType=l)(mailForwardingAddress=".$mail."))";
1721	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1722	$entry = ldap_get_entries($this->ldap, $search);
1723	$attrs['mailForwardingAddress'] = $mail;
1724	for ($i=0; $i<=$entry['count']; $i++)
1725	{
1726	$dn = $entry[$i]['dn'];
1727	@ldap_mod_del ( $this->ldap, $dn, $attrs);
1728	}
1729
1730	$filter="(&(phpgwAccountType=l)(uidnumber=".$uidnumber."))";
1731	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1732	$entry = ldap_get_entries($this->ldap, $search);
1733	$dn = $entry[0]['dn'];
1734
1735	if (!@ldap_delete($this->ldap, $dn))
1736	{
1737	$return['status'] = false;
1738	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->delete_maillist ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1739	}
1740
1741	return $return;
1742	}
1743
1744	function delete_group($gidnumber)
1745	{
1746	$return['status'] = true;
1747
1748	$justthese = array("dn");
1749	$filter="(&(phpgwAccountType=g)(gidnumber=".$gidnumber."))";
1750	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1751	$entry = ldap_get_entries($this->ldap, $search);
1752	$dn = $entry[0]['dn'];
1753
1754	if (!@ldap_delete($this->ldap, $dn))
1755	{
1756	$return['status'] = false;
1757	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->delete_group ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1758	}
1759
1760	return $return;
1761	}
1762
1763	function check_access_to_renamed($uid)
1764	{
1765	$justthese = array("dn");
1766	$filter="(&(phpgwAccountType=u)(uid=$uid))";
1767
1768	foreach ($this->manager_contexts as $index=>$context)
1769	{
1770	$search = ldap_search($this->ldap, $context, $filter, $justthese);
1771	$entry = ldap_get_entries($this->ldap, $search);
1772	if ($entry['count'])
1773	return true;
1774	}
1775	return false;
1776	}
1777
1778	function check_rename_new_uid($uid)
1779	{
1780	if ( !$ldapMasterConnect = $this->ldapMasterConnect() )
1781	return false;
1782
1783	$justthese = array("dn");
1784	$filter="(&(phpgwAccountType=u)(uid=$uid))";
1785
1786	$search = ldap_search($ldapMasterConnect, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1787	$count_entries = @ldap_count_entries($ldapMasterConnect, $search);
1788
1789	if ($count_entries)
1790	return false;
1791
1792	return true;
1793	}
1794
1795	function rename_uid($uid, $new_uid)
1796	{
1797	$return['status'] = true;
1798
1799	$justthese = array("dn");
1800	$filter="(&(phpgwAccountType=u)(uid=".$uid."))";
1801	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1802	$entry = ldap_get_entries($this->ldap, $search);
1803	$dn = $entry[0]['dn'];
1804
1805	$explode_dn = ldap_explode_dn($dn, 0);
1806	$rdn = "uid=" . $new_uid;
1807
1808	$parent = array();
1809	for ($j=1; $j<(count($explode_dn)-1); $j++)
1810	$parent[] = $explode_dn[$j];
1811	$parent = implode(",", $parent);
1812
1813	$return['new_dn'] = $rdn . ',' . $parent;
1814
1815	if (!@ldap_rename($this->ldap, $dn, $rdn, $parent, true))
1816	{
1817	$return['status'] = false;
1818	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->rename_uid ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1819	}
1820
1821	//Grupos
1822	$justthese = array("dn");
1823	$filter="(&(phpgwAccountType=g)(memberuid=".$uid."))";
1824	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1825	$entry = ldap_get_entries($this->ldap, $search);
1826	$array_mod_add['memberUid'] = $new_uid;
1827	$array_mod_del['memberUid'] = $uid;
1828
1829	for ($i=0; $i<=$entry['count']; $i++)
1830	{
1831	$dn = $entry[$i]['dn'];
1832	@ldap_mod_add ( $this->ldap, $dn, $array_mod_add);
1833	@ldap_mod_del ( $this->ldap, $dn, $array_mod_del);
1834	}
1835	return $return;
1836	}
1837
1838	function rename_cn($cn, $new_cn)
1839	{
1840	$return['status'] = true;
1841
1842	$justthese = array("dn");
1843	$filter="(&(phpgwAccountType=g)(uid=".$cn."))";
1844	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1845	$entry = ldap_get_entries($this->ldap, $search);
1846	$dn = $entry[0]['dn'];
1847
1848	$explode_dn = ldap_explode_dn($dn, 0);
1849	$rdn = "cn=" . $new_cn;
1850
1851	$parent = array();
1852	for ($j=1; $j<(count($explode_dn)-1); $j++)
1853	$parent[] = $explode_dn[$j];
1854	$parent = implode(",", $parent);
1855
1856	$return['new_dn'] = $rdn . ',' . $parent;
1857
1858	if (!@ldap_rename($this->ldap, $dn, $rdn, $parent, false))
1859	{
1860	$return['status'] = false;
1861	}
1862
1863	return $return;
1864	}
1865
1866	function exist_sambadomains($contexts, $sambaDomainName)
1867	{
1868	$justthese = array("dn");
1869	$filter="(&(objectClass=sambaDomain)(sambaDomainName=$sambaDomainName))";
1870
1871	foreach ($contexts as $index=>$context)
1872	{
1873	$search = ldap_search($this->ldap, $context, $filter, $justthese);
1874	$entry = ldap_get_entries($this->ldap, $search);
1875
1876	if ($entry['count'])
1877	return true;
1878	}
1879	return false;
1880	}
1881
1882	// Primeiro nilvel de organização.
1883	function exist_sambadomains_in_context($params)
1884	{
1885	$dn = $GLOBALS['phpgw_info']['server']['ldap_context'];
1886	$array_dn = ldap_explode_dn ( $dn, 0 );
1887
1888	$context = $params['context'];
1889	$array_context = ldap_explode_dn ( $context, 0 );
1890
1891	// Pego o setor no caso do contexto ser um sub-setor.
1892	if (($array_dn['count']+1) < ($array_context['count']))
1893	{
1894	// inverto o array_dn para poder retirar o count
1895	$array_dn_reverse = array_reverse ( $array_dn, false );
1896
1897	//retiro o count
1898	array_pop($array_dn_reverse);
1899
1900	//incluo o setor no dn
1901	array_push ( $array_dn_reverse, $array_context[ $array_context['count'] - 1 - $array_dn['count']]);
1902
1903	// Volto a ordem natural
1904	$array_dn = array_reverse ( $array_dn_reverse, false );
1905
1906	// Implodo
1907	$context = implode ( ",", $array_dn );
1908	}
1909
1910	$justthese = array("dn","sambaDomainName");
1911	$filter="(objectClass=sambaDomain)";
1912	$search = ldap_list($this->ldap, $context, $filter, $justthese);
1913	$entry = ldap_get_entries($this->ldap, $search);
1914
1915	for ($i=0; $i<$entry['count']; $i++)
1916	{
1917	$return['sambaDomains'][$i] = $entry[$i]['sambadomainname'][0];
1918	}
1919
1920	if ($entry['count'])
1921	$return['status'] = true;
1922	else
1923	$return['status'] = false;
1924
1925	return $return;
1926	}
1927	function exist_domain_name_sid($sambadomainname, $sambasid)
1928	{
1929	$context = $GLOBALS['phpgw_info']['server']['ldap_context'];
1930
1931	$justthese = array("dn","sambaDomainName");
1932	$filter="(&(objectClass=sambaDomain)(sambaSID=$sambasid)(sambaDomainName=$sambadomainname))";
1933	$search = ldap_search($this->ldap, $context, $filter, $justthese);
1934	$count_entries = ldap_count_entries($this->ldap, $search);
1935
1936	if ($count_entries > 0)
1937	return true;
1938	else
1939	return false;
1940	}
1941
1942	function add_sambadomain($sambadomainname, $sambasid, $context)
1943	{
1944	$result = array();
1945
1946	$dn = "sambaDomainName=$sambadomainname,$context";
1947	$entry['sambaSID'] = $sambasid;
1948	$entry['objectClass'] = 'sambaDomain';
1949	$entry['sambaAlgorithmicRidBase'] = '1000';
1950	$entry['sambaDomainName'] = $sambadomainname;
1951
1952	if (!@ldap_add ( $this->ldap, $dn, $entry ))
1953	{
1954	$return['status'] = false;
1955	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->add_sambadomain ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1956	}
1957	else
1958	$return['status'] = true;
1959
1960	return $return;
1961	}
1962
1963	function delete_sambadomain($sambadomainname)
1964	{
1965	$return['status'] = true;
1966	$filter="(sambaDomainName=$sambadomainname)";
1967	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter);
1968	$entry = ldap_get_entries($this->ldap, $search);
1969
1970	if ($entry['count'] != 0)
1971	{
1972	$dn = $entry[0]['dn'];
1973
1974	if (!@ldap_delete($this->ldap, $dn))
1975	{
1976	$return['status'] = false;
1977	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->delete_sambadomain ($sambadomainname)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1978	}
1979	}
1980
1981	return $return;
1982	}
1983
1984	function search_user($params)
1985	{
1986	$search = $params['search'];
1987	$justthese = array("cn","uid", "mail");
1988	$users_list=ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], "(&(phpgwAccountType=u) (\|(cn=$search)(mail=$search*)) )", $justthese);
1989
1990	if (ldap_count_entries($this->ldap, $users_list) == 0)
1991	{
1992	$return['status'] = 'false';
1993	$result['msg'] = $this->functions->lang('Any result was found') . '.';
1994	return $return;
1995	}
1996
1997	ldap_sort($this->ldap, $users_list, "cn");
1998
1999	$entries = ldap_get_entries($this->ldap, $users_list);
2000
2001	$options = '';
2002	for ($i=0; $i<$entries['count']; $i++)
2003	{
2004	$options .= "<option value=" . $entries[$i]['uid'][0] . ">" . $entries[$i]['cn'][0] . " (".$entries[$i]['mail'][0].")" . "</option>";
2005	}
2006
2007	return $options;
2008	}
2009
2010	function create_institutional_accounts($params)
2011	{
2012	/* Begin: Access verification */
2013	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'add_institutional_accounts'))
2014	{
2015	$return['status'] = false;
2016	$return['msg'] = $this->functions->lang('You do not have right to create institutional accounts') . ".";
2017	return $return;
2018	}
2019
2020	$access_granted = false;
2021	foreach ($this->manager_contexts as $idx=>$manager_context)
2022	{
2023	if (stristr($params['context'], $manager_context))
2024	{
2025	$access_granted = true;
2026	break;
2027	}
2028	}
2029	if (!$access_granted)
2030	{
2031	$return['status'] = false;
2032	$return['msg'] = $this->functions->lang('You do not have access to this organization') . ".";
2033	return $return;
2034	}
2035	/* End: Access verification */
2036
2037	/* Begin: Validation */
2038	if ( (empty($params['cn'])) \|\| (empty($params['mail'])) )
2039	{
2040	$result['status'] = false;
2041	$result['msg'] = $this->functions->lang('Field mail or name is empty');
2042	return $result;
2043	}
2044
2045	if (! eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+$", $params['mail']) )
2046	{
2047	$result['status'] = false;
2048	$result['msg'] = $this->functions->lang('Field mail is not formed correcty') . '.';
2049	return $result;
2050	}
2051
2052	$uid = 'institutional_account_' . $params['mail'];
2053	$dn = "uid=$uid," . $params['context'];
2054
2055	$filter = "(mail=".$params['mail'].")";
2056	$justthese = array("cn");
2057	$search = @ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
2058	$entries = @ldap_get_entries($this->ldap,$search);
2059	if ($entries['count'] != 0)
2060	{
2061	$result['status'] = false;
2062	$result['msg'] = $this->functions->lang('Field mail already in use');
2063	return $result;
2064	}
2065	/* End: Validation */
2066
2067	$info = array();
2068	$info['cn'] = iconv("ISO-8859-1","UTF-8//TRANSLIT",$params['cn']);
2069	$info['sn'] = iconv("ISO-8859-1","UTF-8//TRANSLIT",$params['cn']);
2070	$info['uid'] = $uid;
2071	$info['mail'] = $params['mail'];
2072	$info['description'] = iconv("ISO-8859-1","UTF-8//TRANSLIT",$params['desc']);
2073	$info['phpgwAccountType'] = 'i';
2074	$info['objectClass'][] = 'inetOrgPerson';
2075	$info['objectClass'][] = 'phpgwAccount';
2076	$info['objectClass'][] = 'top';
2077	$info['objectClass'][] = 'person';
2078	$info['objectClass'][] = 'qmailUser';
2079	$info['objectClass'][] = 'organizationalPerson';
2080
2081	if ($params['accountStatus'] == 'on')
2082	{
2083	$info['accountStatus'] = 'active';
2084	}
2085	if ($params['phpgwAccountVisible'] == 'on')
2086	{
2087	$info['phpgwAccountVisible'] = '-1';
2088	}
2089
2090	if (!empty($params['owners']))
2091	{
2092	foreach($params['owners'] as $index=>$uidnumber)
2093	{
2094	$info['mailForwardingAddress'][] = $this->uidnumber2mail($uidnumber);
2095	}
2096	}
2097
2098	$result = array();
2099	if (!@ldap_add ( $this->ldap, $dn, $info ))
2100	{
2101	$result['status'] = false;
2102	$result['msg'] = $this->functions->lang('Error on function') . ' ldap_functions->create_institutional_accounts';
2103	$result['msg'] .= "\n" . $this->functions->lang('Server return') . ': ' . ldap_error($this->ldap);
2104	}
2105	else
2106	$result['status'] = true;
2107
2108	return $result;
2109	}
2110
2111	function save_institutional_accounts($params)
2112	{
2113	/* Begin: Access verification */
2114	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_institutional_accounts'))
2115	{
2116	$return['status'] = false;
2117	$return['msg'] = $this->functions->lang('You do not have right to edit institutional accounts') . ".";
2118	return $return;
2119	}
2120	$access_granted = false;
2121	foreach ($this->manager_contexts as $idx=>$manager_context)
2122	{
2123	if (stristr($params['context'], $manager_context))
2124	{
2125	$access_granted = true;
2126	break;
2127	}
2128	}
2129	if (!$access_granted)
2130	{
2131	$return['status'] = false;
2132	$return['msg'] = $this->functions->lang('You do not have access to this organization') . ".";
2133	return $return;
2134	}
2135	/* End: Access verification */
2136
2137	/* Begin: Validation */
2138	if ( (empty($params['cn'])) \|\| (empty($params['mail'])) )
2139	{
2140	$result['status'] = false;
2141	$result['msg'] = $this->functions->lang('Field mail or name is empty') . '.';
2142	return $result;
2143	}
2144
2145	if (! eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+$", $params['mail']) )
2146	{
2147	$result['status'] = false;
2148	$result['msg'] = $this->functions->lang('Field mail is not formed correcty') . '.';
2149	return $result;
2150	}
2151
2152	$uid = 'institutional_account_' . $params['mail'];
2153	$dn = strtolower("uid=$uid," . $params['context']);
2154	$anchor = strtolower($params['anchor']);
2155
2156	$filter = "(mail=".$params['mail'].")";
2157	$justthese = array("cn");
2158	$search = @ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
2159	$entries = @ldap_get_entries($this->ldap,$search);
2160
2161	if ( ($entries['count'] > 1) \|\| (($entries['count'] == 1) && ($entries[0]['dn'] != $anchor)) )
2162	{
2163	$result['status'] = false;
2164	$result['msg'] = $this->functions->lang('Field mail already in use.');
2165	return $result;
2166	}
2167	/* End: Validation */
2168
2169	$result = array();
2170	$result['status'] = true;
2171
2172	if ($anchor != $dn)
2173	{
2174	if (!@ldap_rename($this->ldap, $anchor, "uid=$uid", $params['context'], true))
2175	{
2176	$result['status'] = false;
2177	$result['msg'] = $this->functions->lang('Error on function') . ' ldap_functions->save_institutional_accounts: ldap_rename';
2178	$result['msg'] .= "\n" . $this->functions->lang('Server return') . ': ' . ldap_error($this->ldap);
2179	}
2180	}
2181
2182	$info = array();
2183	$info['cn'] = $params['cn'];
2184	$info['sn'] = $params['cn'];
2185	$info['uid'] = $uid;
2186	$info['mail'] = $params['mail'];
2187
2188	if ($params['accountStatus'] == 'on')
2189	$info['accountStatus'] = 'active';
2190	else
2191	$info['accountStatus'] = array();
2192
2193	if ($params['phpgwAccountVisible'] == 'on')
2194	$info['phpgwAccountVisible'] = '-1';
2195	else
2196	$info['phpgwAccountVisible'] = array();
2197
2198	if ($params['desc'] != '')
2199	$info['description'] = utf8_encode($params['desc']);
2200	else
2201	$info['description'] = array();
2202
2203	if (!empty($params['owners']))
2204	{
2205	foreach($params['owners'] as $index=>$uidnumber)
2206	{
2207	$mailForwardingAddress = $this->uidnumber2mail($uidnumber);
2208	if ($mailForwardingAddress != '')
2209	$info['mailForwardingAddress'][] = $mailForwardingAddress;
2210	}
2211	}
2212	else
2213	$info['mailForwardingAddress'] = array();
2214
2215	if (!@ldap_modify ( $this->ldap, $dn, $info ))
2216	{
2217	$result['status'] = false;
2218	$result['msg'] = $this->functions->lang('Error on function') . ' ldap_functions->save_institutional_accounts: ldap_modify';
2219	$result['msg'] .= "\n" . $this->functions->lang('Server return') . ': ' . ldap_error($this->ldap);
2220	}
2221
2222	return $result;
2223	}
2224
2225	function get_institutional_accounts($params)
2226	{
2227	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'list_institutional_accounts'))
2228	{
2229	$return['status'] = false;
2230	$return['msg'] = $this->functions->lang('You do not have right to list institutional accounts') . ".";
2231	return $return;
2232	}
2233
2234	$input = $params['input'];
2235	$justthese = array("cn", "mail", "uid");
2236	$trs = array();
2237
2238	foreach ($this->manager_contexts as $idx=>$context)
2239	{
2240	$institutional_accounts = ldap_search($this->ldap, $context, ("(&(phpgwAccountType=i)(\|(mail=$input)(cn=$input*)))"), $justthese);
2241	$entries = ldap_get_entries($this->ldap, $institutional_accounts);
2242
2243	for ($i=0; $i<$entries['count']; $i++)
2244	{
2245	$tr = "<tr class='normal' onMouseOver=this.className='selected' onMouseOut=this.className='normal'><td onClick=edit_institutional_account('".$entries[$i]['uid'][0]."')>" . $entries[$i]['cn'][0] . "</td><td onClick=edit_institutional_account('".$entries[$i]['uid'][0]."')>" . $entries[$i]['mail'][0] . "</td><td align='center' onClick=delete_institutional_accounts('".$entries[$i]['uid'][0]."')><img HEIGHT='16' WIDTH='16' src=./expressoAdmin1_2/templates/default/images/delete.png></td></tr>";
2246	$trs[$tr] = $entries[$i]['cn'][0];
2247	}
2248	}
2249
2250	$trs_string = '';
2251	if (count($trs))
2252	{
2253	natcasesort($trs);
2254	foreach ($trs as $tr=>$cn)
2255	{
2256	$trs_string .= $tr;
2257	}
2258	}
2259
2260	$return['status'] = 'true';
2261	$return['trs'] = $trs_string;
2262	return $return;
2263	}
2264
2265	function get_institutional_account_data($params)
2266	{
2267	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_institutional_accounts'))
2268	{
2269	$return['status'] = false;
2270	$return['msg'] = $this->functions->lang('You do not have right to edit institutional accounts') . ".";
2271	return $return;
2272	}
2273
2274	$uid = $params['uid'];
2275	//$justthese = array("accountStatus", "phpgwAccountVisible", "cn", "mail", "mailForwardingAddress", "description");
2276
2277	$institutional_accounts = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], ("(&(phpgwAccountType=i)(uid=$uid))"));
2278	$entrie = ldap_get_entries($this->ldap, $institutional_accounts);
2279
2280	if ($entrie['count'] != 1)
2281	{
2282	$return['status'] = 'false';
2283	$result['msg'] = $this->functions->lang('Problems loading datas') . '.';
2284	}
2285	else
2286	{
2287	$tmp_user_context = split(",", $entrie[0]['dn']);
2288	$tmp_reverse_user_context = array_reverse($tmp_user_context);
2289	array_pop($tmp_reverse_user_context);
2290	$return['user_context'] = implode(",", array_reverse($tmp_reverse_user_context));
2291
2292	$return['status'] = 'true';
2293	$return['accountStatus'] = $entrie[0]['accountstatus'][0];
2294	$return['phpgwAccountVisible'] = $entrie[0]['phpgwaccountvisible'][0];
2295	$return['cn'] = $entrie[0]['cn'][0];
2296	$return['mail'] = $entrie[0]['mail'][0];
2297	$return['description'] = utf8_decode($entrie[0]['description'][0]);
2298
2299	if ($entrie[0]['mailforwardingaddress']['count'] > 0)
2300	{
2301	$a_cn = array();
2302	for ($i=0; $i<$entrie[0]['mailforwardingaddress']['count']; $i++)
2303	{
2304	$tmp = $this->mailforwardingaddress2uidnumber($entrie[0]['mailforwardingaddress'][$i]);
2305	if (!$tmp) {}
2306	else
2307	$a_cn[$tmp['uidnumber']] = $tmp['cn'];
2308	}
2309	natcasesort($a_cn);
2310	foreach($a_cn as $uidnumber => $cn)
2311	{
2312	$return['owners'] .= '<option value='. $uidnumber .'>' . $cn . '</option>';
2313	}
2314	}
2315	}
2316
2317	return $return;
2318	}
2319	function get_shared_accounts($params)
2320	{
2321	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'list_shared_accounts'))
2322	{
2323	$return['status'] = false;
2324	$return['msg'] = $this->functions->lang('You do not have right to list shared accounts') . ".";
2325	return $return;
2326	}
2327
2328	$input = $params['input'];
2329	$justthese = array("cn", "mail", "uid");
2330	$trs = array();
2331
2332	foreach ($this->manager_contexts as $idx=>$context)
2333	{
2334	$institutional_accounts = ldap_search($this->ldap, $context, ("(&(phpgwAccountType=s)(\|(mail=$input)(cn=$input*)))"), $justthese);
2335	$entries = ldap_get_entries($this->ldap, $institutional_accounts);
2336
2337	for ($i=0; $i<$entries['count']; $i++)
2338	{
2339	$tr = "<tr class='normal' onMouseOver=this.className='selected' onMouseOut=this.className='normal'><td onClick=edit_shared_account('".$entries[$i]['uid'][0]."')>" . $entries[$i]['cn'][0] . "</td><td onClick=edit_shared_account('".$entries[$i]['uid'][0]."')>" . $entries[$i]['mail'][0] . "</td><td align='center' onClick=delete_shared_accounts('".$entries[$i]['uid'][0]."')><img HEIGHT='16' WIDTH='16' src=./expressoAdmin1_2/templates/default/images/delete.png></td></tr>";
2340	$trs[$tr] = $entries[$i]['cn'][0];
2341	}
2342	}
2343
2344	$trs_string = '';
2345	if (count($trs))
2346	{
2347	natcasesort($trs);
2348	foreach ($trs as $tr=>$cn)
2349	{
2350	$trs_string .= $tr;
2351	}
2352	}
2353
2354	$return['status'] = 'true';
2355	$return['trs'] = $trs_string;
2356	return $return;
2357	}
2358
2359	function save_shared_accounts($params)
2360	{
2361	/* Begin: Access verification */
2362	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_shared_accounts'))
2363	{
2364	$return['status'] = false;
2365	$return['msg'] = $this->functions->lang('You do not have right to edit shared accounts') . ".";
2366	return $return;
2367	}
2368	$access_granted = false;
2369	foreach ($this->manager_contexts as $idx=>$manager_context)
2370	{
2371	if (stristr($params['context'], $manager_context))
2372	{
2373	$access_granted = true;
2374	break;
2375	}
2376	}
2377	if (!$access_granted)
2378	{
2379	$return['status'] = false;
2380	$return['msg'] = $this->functions->lang('You do not have access to this organization') . ".";
2381	return $return;
2382	}
2383	/* End: Access verification */
2384
2385	/* Begin: Validation */
2386	if ( (empty($params['cn'])) \|\| (empty($params['mail'])) )
2387	{
2388	$result['status'] = false;
2389	$result['msg'] = $this->functions->lang('Field mail or name is empty') . '.';
2390	return $result;
2391	}
2392
2393	if (! eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+$", $params['mail']) )
2394	{
2395	$result['status'] = false;
2396	$result['msg'] = $this->functions->lang('Field mail is not formed correcty') . '.';
2397	return $result;
2398	}
2399
2400	$dn = strtolower("uid=$params[uid]," . $params['context']);
2401	$anchor = strtolower($params['anchor']);
2402
2403	$filter = "(mail=".$params['mail'].")";
2404	$justthese = array("cn");
2405	$search = @ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
2406	$entries = @ldap_get_entries($this->ldap,$search);
2407
2408	if ( ($entries['count'] > 1) \|\| (($entries['count'] == 1) && ($entries[0]['dn'] != $anchor)) )
2409	{
2410	$result['status'] = false;
2411	$result['msg'] = $this->functions->lang('Field mail already in use.');
2412	return $result;
2413	}
2414	/* End: Validation */
2415
2416	$result = array();
2417	$result['status'] = true;
2418
2419	if ($anchor != $dn)
2420	{
2421	if (!@ldap_rename($this->ldap, $anchor, "uid=$params[uid]", $params['context'], true))
2422	{
2423	$result['status'] = false;
2424	$result['msg'] = $this->functions->lang('Error on function') . ' ldap_functions->save_shared_accounts: ldap_rename';
2425	$result['msg'] .= "\n" . $this->functions->lang('Server return') . ': ' . ldap_error($this->ldap);
2426	}
2427	}
2428
2429	$info = array();
2430	$info['cn'] = $params['cn'];
2431	$info['sn'] = $params['cn'];
2432	$info['uid'] = $params['uid'];
2433	$info['mail'] = $params['mail'];
2434
2435	if ($params['accountStatus'] == 'on')
2436	$info['accountStatus'] = 'active';
2437	else
2438	$info['accountStatus'] = array();
2439
2440	if ($params['phpgwAccountVisible'] == 'on')
2441	$info['phpgwAccountVisible'] = '-1';
2442	else
2443	$info['phpgwAccountVisible'] = array();
2444
2445	if ($params['desc'] != '')
2446	$info['description'] = utf8_encode($params['desc']);
2447	else
2448	$info['description'] = array();
2449
2450	if (!@ldap_modify ( $this->ldap, $dn, $info ))
2451	{
2452	$result['status'] = false;
2453	$result['msg'] = $this->functions->lang('Error on function') . ' ldap_functions->save_shared_accounts: ldap_modify';
2454	$result['msg'] .= "\n" . $this->functions->lang('Server return') . ': ' . ldap_error($this->ldap);
2455	}
2456	//print_r($info);echo "Teste $dn".$result['msg'];exit();
2457	return $result;
2458	}
2459
2460	function get_shared_account_data($params)
2461	{
2462	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_shared_accounts'))
2463	{
2464	$return['status'] = false;
2465	$return['msg'] = $this->functions->lang('You do not have right to edit an shared accounts') . ".";
2466	return $return;
2467	}
2468
2469	$uid = $params['uid'];
2470	//$justthese = array("accountStatus", "phpgwAccountVisible", "cn", "mail", "mailForwardingAddress", "description");
2471
2472	$shared_accounts = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], ("(&(phpgwAccountType=s)(uid=$uid))"));
2473	$entrie = ldap_get_entries($this->ldap, $shared_accounts);
2474
2475	if ($entrie['count'] != 1)
2476	{
2477	$return['status'] = 'false';
2478	$result['msg'] = $this->functions->lang('Problems loading datas') . '.';
2479	}
2480	else
2481	{
2482	$tmp_user_context = split(",", $entrie[0]['dn']);
2483	$tmp_reverse_user_context = array_reverse($tmp_user_context);
2484	array_pop($tmp_reverse_user_context);
2485	$return['user_context'] = implode(",", array_reverse($tmp_reverse_user_context));
2486
2487	$return['status'] = 'true';
2488	$return['accountStatus'] = $entrie[0]['accountstatus'][0];
2489	$return['phpgwAccountVisible'] = $entrie[0]['phpgwaccountvisible'][0];
2490	$return['cn'] = $entrie[0]['cn'][0];
2491	$return['mail'] = $entrie[0]['mail'][0];
2492	$return['description'] = utf8_decode($entrie[0]['description'][0]);
2493
2494	}
2495
2496	return $return;
2497	}
2498	function mailforwardingaddress2uidnumber($mail)
2499	{
2500	$justthese = array("uidnumber","cn");
2501	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], ("(&(phpgwAccountType=u)(mail=$mail))"), $justthese);
2502	$entrie = ldap_get_entries($this->ldap, $search);
2503	if ($entrie['count'] != 1)
2504	return false;
2505	else
2506	{
2507	$return['uidnumber'] = $entrie[0]['uidnumber'][0];
2508	$return['cn'] = $entrie[0]['cn'][0];
2509	return $return;
2510	}
2511	}
2512
2513	function delete_institutional_account_data($params)
2514	{
2515	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'remove_institutional_accounts'))
2516	{
2517	$return['status'] = false;
2518	$return['msg'] = $this->functions->lang('You do not have right to delete institutional accounts') . ".";
2519	return $return;
2520	}
2521
2522	$uid = $params['uid'];
2523	$return['status'] = true;
2524
2525	$justthese = array("cn");
2526	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], ("(&(phpgwAccountType=i)(uid=$uid))"), $justthese);
2527	$entrie = ldap_get_entries($this->ldap, $search);
2528	if ($entrie['count'] > 1)
2529	{
2530	$return['status'] = false;
2531	$return['msg'] = $this->functions->lang('More then one uid was found');
2532	return $return;
2533	}
2534	if ($entrie['count'] == 0)
2535	{
2536	$return['status'] = false;
2537	$return['msg'] = $this->functions->lang('No uid was found');
2538	return $return;
2539	}
2540
2541	$dn = $entrie[0]['dn'];
2542	if (!@ldap_delete($this->ldap, $dn))
2543	{
2544	$return['status'] = false;
2545	$return['msg'] = $this->functions->lang('Error on function') . " ldap_functions->delete_institutional_accounts: ldap_delete";
2546	$return['msg'] .= "\n" . $this->functions->lang('Server return') . ': ' . ldap_error($this->ldap);
2547	return $return;
2548	}
2549
2550	return $return;
2551	}
2552
2553	function replace_mail_from_institutional_account($newMail, $oldMail)
2554	{
2555	$filter = "(&(phpgwAccountType=i)(mailforwardingaddress=$oldMail))";
2556	$justthese = array("dn");
2557	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
2558	$entries = ldap_get_entries($this->ldap, $search);
2559	$result['status'] = true;
2560	for ($i=0; $i<$entries['count']; $i++)
2561	{
2562	$attrs['mailforwardingaddress'] = $oldMail;
2563	$res1 = @ldap_mod_del($this->ldap, $entries[$i]['dn'], $attrs);
2564	$attrs['mailforwardingaddress'] = $newMail;
2565	$res2 = @ldap_mod_add($this->ldap, $entries[$i]['dn'], $attrs);
2566
2567	if ((!$res1) \|\| (!$res2))
2568	{
2569	$result['status'] = false;
2570	$return['msg'] = $this->functions->lang('Error on function') . " ldap_functions->replace_mail_from_institutional_account.";
2571	}
2572	}
2573
2574	return $result;
2575	}
2576	function delete_shared_account_data($params)
2577	{
2578	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'delete_shared_accounts'))
2579	{
2580	$return['status'] = false;
2581	$return['msg'] = $this->functions->lang('You do not have right to delete shared accounts') . ".";
2582	return $return;
2583	}
2584	$uid = $params['uid'];
2585	$return['status'] = true;
2586
2587	$justthese = array("cn");
2588	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], "(&(phpgwAccountType=s)(uid=$uid))", $justthese);
2589
2590	$entrie = ldap_get_entries($this->ldap, $search);
2591
2592	if ($entrie['count'] > 1)
2593	{
2594	$return['status'] = false;
2595	$return['msg'] = $this->functions->lang('More then one uid was found');
2596	return $return;
2597	}
2598	if ($entrie['count'] == 0)
2599	{
2600	$return['status'] = false;
2601	$return['msg'] = $this->functions->lang('No uid was found');
2602	return $return;
2603	}
2604
2605	$dn = $entrie[0]['dn'];
2606	if (!@ldap_delete($this->ldap, $dn))
2607	{
2608	$return['status'] = false;
2609	$return['msg'] = $this->functions->lang('Error on function') . " ldap_functions->delete_shared_accounts: ldap_delete";
2610	$return['msg'] .= "\n" . $this->functions->lang('Server return') . ': ' . ldap_error($this->ldap);
2611	return $return;
2612	}
2613
2614	return $return;
2615	}
2616
2617	function search_available_users_and_maillist($params)
2618	{
2619	$context = $params['context'];
2620	$recursive = $params['recursive'];
2621	$filtro =utf8_encode($params['filter']);
2622	//Usado para retirar a própria lista das possibilidades de inclusão.
2623	$denied_uidnumber = $params['denied_uidnumber'];
2624
2625	$justthese = array("cn", "uidNumber", "mail");
2626
2627	$users_filter="(&(phpgwaccounttype=u)(!(phpgwaccountvisible=-1))(phpgwaccountstatus=A)(\|(cn=$filtro)(mail=$filtro*)))";
2628	$lists_filter = $denied_uidnumber == '' ? "(&(phpgwAccountType=l)(cn=$filtro))" : "(&(phpgwAccountType=l)(!(uidnumber=$denied_uidnumber))(\|(cn=$filtro)(mail=$filtro*)))";
2629
2630	$users = Array();
2631	$lists = Array();
2632
2633	/* folling referral connection */
2634	$ldap_conn_following_ref = ldap_connect($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['host']);
2635	if ($ldap_conn_following_ref)
2636	{
2637	ldap_set_option($ldap_conn_following_ref, LDAP_OPT_PROTOCOL_VERSION, 3);
2638	ldap_set_option($ldap_conn_following_ref, LDAP_OPT_REFERRALS, 1);
2639
2640	if ( ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
2641	ldap_bind($ldap_conn_following_ref, $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'], $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw']);
2642	}
2643	else
2644	return false;
2645
2646	if ($recursive == 'true')
2647	$users_search = ldap_search($ldap_conn_following_ref, $context, $users_filter, $justthese);
2648	else
2649	$users_search = ldap_list($ldap_conn_following_ref, $context, $users_filter, $justthese);
2650
2651	/* email lists */
2652	if($params['listSearch'] == 'true'){
2653	if ($recursive == 'true')
2654	$lists_search = ldap_search($ldap_conn_following_ref, $context, $lists_filter, $justthese);
2655	else
2656	$lists_search = ldap_list($ldap_conn_following_ref, $context, $lists_filter, $justthese);
2657
2658	$lists_entries = ldap_get_entries($ldap_conn_following_ref, $lists_search);
2659
2660	for ($i=0; $i<$lists_entries["count"]; $i++)
2661	{
2662	$l_tmp[$lists_entries[$i]["mail"][0]] = $lists_entries[$i]["cn"][0];
2663	}
2664
2665	if (count($l_tmp))
2666	natcasesort($l_tmp);
2667
2668	$i = 0;
2669	$lists = array();
2670
2671	$options .= '<option value="-1" disabled>------------------------------    '.$this->functions->lang('email lists').'    ------------------------------ </option>'."\n";
2672	if (count($l_tmp))
2673	{
2674	foreach ($l_tmp as $mail => $cn)
2675	{
2676	$options .= "<option value=$mail>$cn</option>";
2677	}
2678	unset($l_tmp);
2679	}
2680	}
2681
2682	/* users */
2683	$users_entries = ldap_get_entries($ldap_conn_following_ref, $users_search);
2684	for ($i=0; $i<$users_entries["count"]; $i++)
2685	{
2686	$u_tmp[$users_entries[$i]["mail"][0]] = $users_entries[$i]["cn"][0];
2687	}
2688
2689	if (count($u_tmp))
2690	natcasesort($u_tmp);
2691
2692	$i = 0;
2693	$users = array();
2694
2695	$options .= '<option value="-1" disabled>-----------------------------    '.$this->functions->lang('users').'    ---------------------------- </option>'."\n";
2696
2697	if (count($u_tmp))
2698	{
2699	foreach ($u_tmp as $mail => $cn)
2700	{
2701	$options .= "<option value=$mail class='line-above'>$cn</option>";
2702	}
2703	unset($u_tmp);
2704	}
2705
2706	ldap_close($ldap_conn_following_ref);
2707	return $options;
2708	}
2709
2710	}
2711	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: