Context Navigation

source: trunk/expressoAdmin1_2/inc/class.ldap_functions.inc.php @ 1913

Revision 1913, 89.1 KB checked in by valmir.sena, 14 years ago (diff)
Ticket #849 - Criacao de caixas compartilhadas pelo administrador, commit inicial com as principais mudancas
Property svn:eol-style set to `native` Property svn:executable set to ``*

Line
1	<?php
2	define('PHPGW_INCLUDE_ROOT','../');
3	define('PHPGW_API_INC','../phpgwapi/inc');
4	include_once(PHPGW_API_INC.'/class.common.inc.php');
5	include_once('class.functions.inc.php');
6
7	function ldapRebind($ldap_connection, $ldap_url)
8	{
9	// Enquanto estivermos utilizando referral na arvore ldap, teremos que continuar a utilizar o usuário sistemas:expresso.
10	// Depois, quando não existir mais referral, não existirá a necessidade de ldapRebind.
11	//ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_master_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_master_root_pw']);
12	if ( ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
13	{
14	@ldap_bind($ldap_connection, $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'], $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw']);
15	}
16	}
17
18	class ldap_functions
19	{
20	var $ldap;
21	var $current_config;
22	var $functions;
23	var $manager_contexts;
24
25	function ldap_functions(){
26	$GLOBALS['phpgw_info']['server'] = $_SESSION['phpgw_info']['expresso']['server'];
27	$this->current_config = $_SESSION['phpgw_info']['expresso']['expressoAdmin'];
28	$common = new common();
29
30	if ( (!empty($GLOBALS['phpgw_info']['server']['ldap_master_host'])) &&
31	(!empty($GLOBALS['phpgw_info']['server']['ldap_master_root_dn'])) &&
32	(!empty($GLOBALS['phpgw_info']['server']['ldap_master_root_pw'])) )
33	{
34	$this->ldap = $common->ldapConnect($GLOBALS['phpgw_info']['server']['ldap_master_host'],
35	$GLOBALS['phpgw_info']['server']['ldap_master_root_dn'],
36	$GLOBALS['phpgw_info']['server']['ldap_master_root_pw']);
37	}
38	else
39	{
40	$this->ldap = $common->ldapConnect();
41	}
42
43	$this->functions = new functions;
44	$manager_acl = $this->functions->read_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid']);
45	$this->manager_contexts = $manager_acl['contexts'];
46	}
47
48	function create_shared_accounts($params)
49	{
50	/* Begin: Access verification */
51
52	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'add_shared_accounts'))
53	{
54	$return['status'] = false;
55	$return['msg'] = $this->functions->lang('You do not have right to create shared accounts') . ".";
56	return $return;
57	}
58
59	$access_granted = false;
60	foreach ($this->manager_contexts as $idx=>$manager_context)
61	{
62	if (stristr($params['context'], $manager_context))
63	{
64	$access_granted = true;
65	break;
66	}
67	}
68
69	if (!$access_granted)
70	{
71	$return['status'] = false;
72	$return['msg'] = $this->functions->lang('You do not have access to this organization') . ".";
73	return $return;
74	}
75	/* End: Access verification */
76
77
78	/* Begin: Validation */
79	if ( (empty($params['cn'])) \|\| (empty($params['mail'])) )
80	{
81	$result['status'] = false;
82	$result['msg'] = $this->functions->lang('Field mail or name is empty'); return $result;
83	}
84
85	if (! eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+$", $params['mail']) )
86	{
87	$result['status'] = false;
88	$result['msg'] = $this->functions->lang('Field mail is not formed correcty') . '.';
89	return $result;
90	}
91	$dn = "uid=$params[uid]," . $params['context'];
92	$filter = "(mail=".$params['mail'].")";
93	$justthese = array("cn");
94	$search = @ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
95	$entries = @ldap_get_entries($this->ldap,$search);
96	if ($entries['count'] != 0)
97	{
98	$result['status'] = false;
99	$result['msg'] = $this->functions->lang('Field mail already in use');
100	return $result;
101	}
102	/* End: Validation */
103
104	$info = array();
105	$info['cn'] = $params['cn'];
106	$info['sn'] = $params['cn'];
107	$info['uid'] = $params['uid'];
108	$info['mail'] = $params['mail'];
109	$info['description'] = utf8_encode($params['description']);
110	$info['phpgwAccountType'] = 's';
111	$info['objectClass'][] = 'inetOrgPerson';
112	$info['objectClass'][] = 'phpgwAccount';
113	$info['objectClass'][] = 'top';
114	$info['objectClass'][] = 'person';
115	$info['objectClass'][] = 'qmailUser';
116	$info['objectClass'][] = 'organizationalPerson';
117
118	if ($params['accountStatus'] == 'on')
119	{
120	$info['accountStatus'] = 'active';
121	}
122	if ($params['phpgwAccountVisible'] == 'on')
123	{
124	$info['phpgwAccountVisible'] = '-1';
125	}
126
127	/*if (!empty($params['owners']))
128	{
129	foreach($params['owners'] as $index=>$uidnumber)
130	{
131	$info['mailForwardingAddress'][] = $this->uidnumber2mail($uidnumber);
132	}
133	}*/
134	$result = array();
135	//print_r($info);exit();
136	if (!@ldap_add ( $this->ldap, $dn, $info ))
137	{
138	$result['status'] = false;
139	$result['msg'] = $this->functions->lang('Error on function') . ' ldap_functions->create_shared_accounts';
140	$result['msg'] .= "\n" . $this->functions->lang('Server return') . ': ' . ldap_error($this->ldap);
141	}
142	else{
143	$result['status'] = true;
144	}
145	return $result;
146	}
147
148	/* expressoAdmin: email lists : deve utilizar o ldap Host Master com o usuario e senha do CC*/
149	/* ldap connection following referrals and using Master config, from setup */
150	function ldapMasterConnect()
151	{
152	/*
153	$common = new common();
154	if ( (!empty($GLOBALS['phpgw_info']['server']['ldap_master_host'])) &&
155	(!empty($GLOBALS['phpgw_info']['server']['ldap_master_root_dn'])) &&
156	(!empty($GLOBALS['phpgw_info']['server']['ldap_master_root_pw'])) )
157	{
158	$ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_master_host']);
159	ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
160	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
161	ldap_set_rebind_proc($ldap_connection, ldapRebind);
162	ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_master_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_master_root_pw']);
163	}
164	else
165	{
166	$ldap_connection = $common->ldapConnect($GLOBALS['phpgw_info']['server']['ldap_host'],
167	$GLOBALS['phpgw_info']['server']['ldap_root_dn'],
168	$GLOBALS['phpgw_info']['server']['ldap_root_pw'], true);
169	}
170
171	// If success, return follow_referral connection. Else, return normal connection.
172	if ($ldap_connection)
173	return $ldap_connection;
174	else
175	return $this->ldap;
176	*/
177
178	// Este if é para utilizar o master. (para replicação)
179	if ( (!empty($GLOBALS['phpgw_info']['server']['ldap_master_host'])) && ($ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_master_host'])) )
180	{
181	ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
182	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
183	ldap_set_rebind_proc($ldap_connection, ldapRebind);
184	if ( ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
185	{
186	if ( ! ldap_bind($ldap_connection, $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'], $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw']) )
187	{
188	return false;
189	}
190	}
191	return $ldap_connection;
192	}
193	else
194	{
195	$ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']);
196	if ($ldap_connection)
197	{
198	ldap_set_option($ldap_connection,LDAP_OPT_PROTOCOL_VERSION,3);
199	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
200	if ( ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_root_pw']) )
201	return $ldap_connection;
202	}
203	}
204
205	return false;
206	}
207
208	function validate_fields($params)
209	{
210	/* ldap connection following referals and using Contac Center config*/
211	if (is_array($_SESSION['phpgw_info']['expresso']['cc_ldap_server']))
212	{
213	$ldap_connection = ldap_connect($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['host']);
214	if ($ldap_connection)
215	{
216	ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
217	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
218
219	if ( ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
220	ldap_bind($ldap_connection, $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'], $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw']);
221	$context = $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['dn'];
222	}
223	else
224	{
225	$result['status'] = false;
226	$result['msg'] = $this->functions->lang('Connection with ldap fail') . ".";
227	return $result;
228	}
229	}
230	else
231	{
232	$ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']);
233	ldap_set_option($ldap_connection,LDAP_OPT_PROTOCOL_VERSION,3);
234	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
235	ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_root_pw']);
236	$context = $GLOBALS['phpgw_info']['server']['ldap_context'];
237	}
238
239	$result['status'] = true;
240
241	$params = unserialize($params['attributes']);
242	$type = $params['type'];
243	$uid = $params['uid'];
244	$mail = $params['mail'];
245	$mailalternateaddress = $params['mailalternateaddress'];
246	$cpf = $params['cpf'];
247
248	if ($_SESSION['phpgw_info']['expresso']['global_denied_users'][$uid])
249	{
250	$result['status'] = false;
251	$result['msg'] = $this->functions->lang('this login can not be used because is a system account') . ".";
252	return $result;
253	}
254
255	if (($type == 'create_user') \|\| ($type == 'rename_user'))
256	{
257	if ($this->current_config['expressoAdmin_prefix_org'] == 'true')
258	{
259	//Obtenho UID sem a organização. Na criação o uid já vem sem a organização
260	$tmp_uid_without_org = split("-", $params['uid']);
261	$tmp_reverse_uid_without_org = array_reverse($tmp_uid_without_org);
262	array_pop($tmp_reverse_uid_without_org);
263	$uid_without_org = implode("-", $tmp_reverse_uid_without_org);
264	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(\|(uid=$uid)(uid=$uid_without_org)))";
265	}
266	else
267	{
268	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uid=$uid))";
269	}
270	/*
271	//UID
272	if (($type == 'rename_user') && ($this->current_config['expressoAdmin_prefix_org'] == 'true'))
273	{
274	//Obtenho UID sem a organização. Na criação o uid já vem sem a organização
275	$tmp_uid_without_org = split("-", $params['uid']);
276	$tmp_reverse_uid_without_org = array_reverse($tmp_uid_without_org);
277	array_pop($tmp_reverse_uid_without_org);
278	$uid_without_org = implode("-", $tmp_reverse_uid_without_org);
279	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(\|(uid=$uid)(uid=$uid_without_org)))";
280	}
281	else
282	{
283	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uid=$uid))";
284	}
285	*/
286
287	$justthese = array("uid", "mail", "cn");
288	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
289	$count_entries = ldap_count_entries($ldap_connection,$search);
290	if ($count_entries > 0)
291	{
292	$entries = ldap_get_entries($ldap_connection, $search);
293
294	for ($i=0; $i<$entries['count']; $i++)
295	{
296	$users .= $entries[$i]['cn'][0] . ' - ' . $entries[$i]['mail'][0] . "\n";
297	}
298
299	$result['status'] = false;
300	$result['msg'] = $this->functions->lang('this login is already used by') . ":\n" . $users;
301	return $result;
302	}
303
304	// GRUPOS
305	$filter = "(&(phpgwAccountType=g)(cn=$uid))";
306	$justthese = array("cn");
307	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
308	$count_entries = ldap_count_entries($ldap_connection,$search);
309	if ($count_entries > 0)
310	{
311	$result['status'] = false;
312	$result['msg'] = $this->functions->lang('This login is being used by a group') . ".";
313	return $result;
314	}
315
316
317	// UID em outras organizações, pesquiso apenas na maquina local e se utilizar prefix_org
318	if ($this->current_config['expressoAdmin_prefix_org'] == 'true')
319	{
320	$ldap_connection2 = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']);
321	ldap_set_option($ldap_connection2,LDAP_OPT_PROTOCOL_VERSION,3);
322	ldap_set_option($ldap_connection2, LDAP_OPT_REFERRALS, false);
323	ldap_bind($ldap_connection2, $GLOBALS['phpgw_info']['server']['ldap_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_root_pw']);
324	$context = $GLOBALS['phpgw_info']['server']['ldap_context'];
325
326	//Obtenho UID sem a organização
327	/*
328	$tmp_uid_without_org = split("-", $params['uid']);
329	if (count($tmp_uid_without_org) < 2)
330	{
331	$result['status'] = false;
332	$result['msg'] = 'Novo login sem organização.';
333	return $result;
334	}
335	$tmp_reverse_uid_without_org = array_reverse($tmp_uid_without_org);
336	array_pop($tmp_reverse_uid_without_org);
337	$uid_without_org = implode("-", $tmp_reverse_uid_without_org);
338	*/
339
340	$filter = "(ou=*)";
341	$justthese = array("ou");
342	$search = ldap_list($ldap_connection2, $context, $filter, $justthese);
343	$entries = ldap_get_entries($ldap_connection2 ,$search);
344
345	foreach ($entries as $index=>$org)
346	{
347	$organization = $org['ou'][0];
348	$organization = strtolower($organization);
349
350	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uid=$organization-$uid))";
351
352	$justthese = array("uid");
353	$search = ldap_search($ldap_connection2, $context, $filter, $justthese);
354	$count_entries = ldap_count_entries($ldap_connection2,$search);
355	if ($count_entries > 0)
356	{
357	$result['status'] = false;
358	$result['msg'] = $this->functions->lang('this login is already used by a user in another organization') . ".";
359	ldap_close($ldap_connection2);
360	return $result;
361	}
362	}
363	ldap_close($ldap_connection2);
364	}
365	}
366
367	if ($type == 'rename_user')
368	{
369	return $result;
370	}
371
372	// MAIL
373	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(\|(mail=$mail)(mailalternateaddress=$mail)))";
374	$justthese = array("mail", "uid");
375	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
376	$entries = ldap_get_entries($ldap_connection,$search);
377	if ($entries['count'] == 1){
378	if ($entries[0]['uid'][0] != $uid){
379	$result['status'] = false;
380	$result['msg'] = $this->functions->lang('this email address is being used by 1 user') . ": " . $entries[0]['uid'][0];
381	return $result;
382	}
383	}
384	else if ($entries['count'] > 1){
385	$result['status'] = false;
386	$result['msg'] = $this->functions->lang('this email address is being used by 2 or more users') . ".";
387	return $result;
388	}
389
390	// MAILAlternateAddress
391	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(\|(mail=$mailalternateaddress)(mailalternateaddress=$mailalternateaddress)))";
392	$justthese = array("mail", "uid");
393	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
394	$entries = ldap_get_entries($ldap_connection,$search);
395	if ($entries['count'] == 1){
396	if ($entries[0]['uid'][0] != $uid){
397	$result['status'] = false;
398	$result['msg'] = $this->functions->lang('alternative email is being used by 1 user') . ": " . $entries[0]['uid'][0];
399	return $result;
400	}
401	}
402	else if ($entries['count'] > 1){
403	$result['status'] = false;
404	$result['msg'] = $this->functions->lang('alternative email is being used by 2 or more users') . ".";
405	return $result;
406	}
407
408	//Begin: Check CPF, only if the manager has access to this field.
409	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'manipulate_corporative_information'))
410	{
411	if (!empty($cpf))
412	{
413	if (!$this->functions->checkCPF($cpf))
414	{
415	$result['status'] = false;
416	$result['msg'] = $this->functions->lang('Field CPF is invalid') . '.';
417	return $result;
418	}
419	else
420	{
421	//retira caracteres que não são números.
422	$cpf = ereg_replace("[^0-9]", "", $cpf);
423
424	$local_ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']);
425	if ($ldap_connection)
426	{
427	ldap_set_option($local_ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
428	ldap_set_option($local_ldap_connection, LDAP_OPT_REFERRALS, false);
429	ldap_bind($local_ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_root_pw']);
430	}
431	else
432	{
433	$result['status'] = false;
434	$result['msg'] = $this->functions->lang('Connection with ldap fail') . ".";
435	return $result;
436	}
437
438	$filter = "(&(phpgwAccountType=u)(cpf=$cpf))";
439	$justthese = array("cn","uid");
440	$search = ldap_search($local_ldap_connection, $context, $filter, $justthese);
441	$entries = ldap_get_entries($local_ldap_connection,$search);
442
443	if ( ($entries['count'] > 0 ) && (strcasecmp($uid, $entries[0]['uid'][0]) != 0) )
444	{
445	if ($entries['count'] > 0)
446	{
447	$entries_text = "";
448	for ($i=0; $i<$entries['count']; $i++)
449	{
450	if (strcasecmp($uid, $entries[$i]['uid'][0]) != 0)
451	$entries_text .= "- " . $entries[$i]['cn'][0] . "\n";
452	}
453	if ($this->current_config['expressoAdmin_deny_same_cpf'] == 'false' )
454	{
455	$result['question'] = $this->functions->lang('Field CPF used by') . ":\n";
456	$result['question'] .= $entries_text;
457	$result['question'] .= $this->functions->lang("Do you want to continue anyway") . "?";
458	return $result;
459	} else {
460	$result['status'] = false;
461	$result['msg'] = $this->functions->lang('Field CPF cannot be duplicated') . ".\n";
462	$result['msg'] .= $this->functions->lang('Field CPF used by') . ":\n";
463	$result['msg'] .= $entries_text;
464	return $result;
465	}
466
467	}
468	}
469	ldap_close($local_ldap_connection);
470	}
471	}
472	else if ($this->current_config['expressoAdmin_cpf_obligation'])
473	{
474	$result['status'] = false;
475	$result['msg'] = $this->functions->lang('Field CPF must be completed') . '.';
476	return $result;
477	}
478	}
479	//End: Check CPF
480
481	return $result;
482	}
483
484	function generate_login($params) {
485	$params = unserialize($params['attributes']);
486	$context = $GLOBALS['phpgw_info']['server']['ldap_context'];
487	$justthese = array("uid");
488	$i=1;
489	$login = array("status" => False,"msg" => $this->functions->lang("Login generator disabled"));
490	if( (isset($this->current_config['expressoAdmin_loginGenScript'])) &&
491	($this->current_config['expressoAdmin_loginGenScript'])) {
492
493	include_once "if.login.inc.php";
494	include_once "class.".$this->current_config['expressoAdmin_loginGenScript'].
495	".inc.php";
496
497	$classe = new ReflectionClass($this->current_config['expressoAdmin_loginGenScript']);
498
499	if(!$classe->implementsInterface('login'))
500	{
501	return array(
502	"status" => False,
503	"msg" => $this->functions->lang("Login interface not implemented (contact suport)")
504	);
505	}
506
507	$login = $classe->newInstance()->generate_login($params["first_name"],$params["second_name"],$this->ldap);
508
509	/*
510	If login exists, it concatenates a number to the end.
511	resulting in a new login
512	*/
513	$i = 1;
514	while($i < 1000) // Limit of 1000 equal names
515	{
516	$search = ldap_search($this->ldap, $context, "(uid=".$login.")", $justthese);
517	if (ldap_count_entries($this->ldap,$search) == 0)
518	break;
519	else
520	{
521	if ($i > 1) // If login have a number, remove the number and put the new one
522	$login=substr($login,0,strlen($login)-strlen($i)).$i;
523	else
524	$login.=$i;
525	$i++;
526	}
527	}
528	}
529
530	return array('status'=>true,'msg' => $login);
531	}
532	function validate_fields_group($params)
533	{
534	/* ldap connection following referals and using Contac Center config*/
535	if (is_array($_SESSION['phpgw_info']['expresso']['cc_ldap_server']))
536	{
537	$ldap_connection = ldap_connect($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['host']);
538	if ($ldap_connection)
539	{
540	ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
541	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
542	if ( ($GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
543	ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['acc'], $GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['pw']);
544	$context = $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['dn'];
545	}
546	else
547	{
548	$result['status'] = false;
549	$result['msg'] = $this->functions->lang('Connection with ldap fail') . ".";
550	return $result;
551	}
552	}
553	else
554	{
555	$ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']);
556	ldap_set_option($ldap_connection,LDAP_OPT_PROTOCOL_VERSION,3);
557	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
558	ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_root_pw']);
559	$context = $GLOBALS['phpgw_info']['server']['ldap_context'];
560	}
561
562	$cn = $params['cn'];
563	$result['status'] = true;
564
565	if ($_SESSION['phpgw_info']['expresso']['global_denied_groups'][$cn])
566	{
567	$result['status'] = false;
568	$result['msg'] = $this->functions->lang('This group name can not be used because is a System Account') . ".";
569	return $result;
570	}
571
572	// CN
573	$filter = "(&(phpgwAccountType=g)(cn=$cn))";
574	$justthese = array("cn");
575	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
576	$count_entries = ldap_count_entries($ldap_connection,$search);
577	if ($count_entries > 0)
578	{
579	$result['status'] = false;
580	$result['msg'] = $this->functions->lang('This name is already used') . ".";
581	return $result;
582	}
583
584	// UID
585	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uid=$cn))";
586	$justthese = array("uid");
587	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
588	$count_entries = ldap_count_entries($ldap_connection,$search);
589	if ($count_entries > 0)
590	{
591	$result['status'] = false;
592	$result['msg'] = $this->functions->lang('This grupo name is already used by an user') . ".";
593	return $result;
594	}
595
596	return $result;
597	}
598
599	function validate_fields_maillist($params)
600	{
601	/* ldap connection following referals and using Contac Center config*/
602	if (is_array($_SESSION['phpgw_info']['expresso']['cc_ldap_server']))
603	{
604	$ldap_connection = ldap_connect($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['host']);
605	if ($ldap_connection)
606	{
607	ldap_set_option($ldap_connection, LDAP_OPT_PROTOCOL_VERSION, 3);
608	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
609	if ( ($GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
610	ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['acc'], $GLOBALS['phpgw_info']['expresso']['cc_ldap_server']['pw']);
611	$context = $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['dn'];
612	}
613	else
614	{
615	$result['status'] = false;
616	$result['msg'] = $this->functions->lang('Connection with ldap fail') . ".";
617	return $result;
618	}
619	}
620	else
621	{
622	$ldap_connection = ldap_connect($GLOBALS['phpgw_info']['server']['ldap_host']);
623	ldap_set_option($ldap_connection,LDAP_OPT_PROTOCOL_VERSION,3);
624	ldap_set_option($ldap_connection, LDAP_OPT_REFERRALS, true);
625	ldap_bind($ldap_connection, $GLOBALS['phpgw_info']['server']['ldap_root_dn'], $GLOBALS['phpgw_info']['server']['ldap_root_pw']);
626	$context = $GLOBALS['phpgw_info']['server']['ldap_context'];
627	}
628
629	$uid = $params['uid'];
630	$mail = $params['mail'];
631	$result['status'] = true;
632
633	if ($_SESSION['phpgw_info']['expresso']['global_denied_users'][$uid])
634	{
635	$result['status'] = false;
636	$result['msg'] = $this->functions->lang('This LOGIN can not be used because is a System Account') . ".";
637	return $result;
638	}
639
640	// UID
641	$filter = "(&(phpgwAccountType=l)(uid=$uid))";
642	$justthese = array("uid");
643	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
644	$count_entries = ldap_count_entries($ldap_connection,$search);
645	if ($count_entries > 0)
646	{
647	$result['status'] = false;
648	$result['msg'] = $this->functions->lang('this email list login is already used') . ".";
649	return $result;
650	}
651
652	// MAIL
653	$filter = "(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(\|(mail=$mail)(mailalternateaddress=$mail)))";
654	$justthese = array("mail");
655	$search = ldap_search($ldap_connection, $context, $filter, $justthese);
656	$count_entries = ldap_count_entries($ldap_connection,$search);
657	if ($count_entries > 0)
658	{
659	$result['status'] = false;
660	$result['msg'] = $this->functions->lang('this email address is already used') . ".";
661	return $result;
662	}
663
664	return $result;
665	}
666
667	//Busca usuários de um contexto e já retorna as options do select;
668	function get_available_users($params)
669	{
670	$context = $params['context'];
671	$recursive = $params['recursive'];
672	$justthese = array("cn", "uidNumber");
673	$filter="(phpgwAccountType=u)";
674
675	if ($recursive == 'true')
676	$groups_list=ldap_search($this->ldap, $context, $filter, $justthese);
677	else
678	$groups_list=ldap_list($this->ldap, $context, $filter, $justthese);
679
680	$entries = ldap_get_entries($this->ldap, $groups_list);
681
682	for ($i=0; $i<$entries["count"]; $i++){
683	$u_tmp[$entries[$i]["uidnumber"][0]] = $entries[$i]["cn"][0];
684	}
685
686	if (count($u_tmp))
687	natcasesort($u_tmp);
688
689	$i = 0;
690	$users = array();
691
692	if (count($u_tmp))
693	{
694	foreach ($u_tmp as $uidnumber => $cn)
695	{
696	$options .= "<option value=$uidnumber>$cn</option>";
697	}
698	unset($u_tmp);
699	}
700
701	return $options;
702	}
703	//Busca usuarios de um contexto e ja retorna as options do select;
704	function get_available_users2($params)
705	{
706	$context= $params['context'];
707	$justthese = array("cn", "uid");
708	$filter = "(&(phpgwaccounttype=u)(!(phpgwaccountvisible=-1)))";
709
710	if ($this->ldap)
711	{
712	$sr=ldap_search($this->ldap, $context, $filter, $justthese);
713	$entries = ldap_get_entries($this->ldap, $sr);
714
715	for ($i=0; $i<$entries["count"]; $i++){
716	$u_tmp[$entries[$i]["uid"][0]] = $entries[$i]["cn"][0];
717	}
718
719	natcasesort($u_tmp);
720
721	$i = 0;
722	$users = array();
723
724	if (count($u_tmp))
725	{
726	foreach ($u_tmp as $uidnumber => $cn)
727	{
728	$options .= "<option value=$uidnumber>$cn</option>";
729	}
730	unset($u_tmp);
731	}
732	return $options;
733	}
734	}
735	//Busca usuários e listas de um contexto e já retorna as options do select;
736	function get_available_users_and_maillist($params)
737	{
738	$context = $params['context'];
739	$recursive = $params['recursive'];
740
741	//Usado para retirar a própria lista das possibilidades de inclusão.
742	$denied_uidnumber = $params['denied_uidnumber'];
743
744	$justthese = array("cn", "uidNumber", "mail");
745
746	$users_filter="(phpgwAccountType=u)";
747	$lists_filter = $denied_uidnumber == '' ? "(phpgwAccountType=l)" : "(&(phpgwAccountType=l)(!(uidnumber=$denied_uidnumber)))";
748
749	$users = Array();
750	$lists = Array();
751
752	/* folling referral connection */
753	$ldap_conn_following_ref = ldap_connect($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['host']);
754	if ($ldap_conn_following_ref)
755	{
756	ldap_set_option($ldap_conn_following_ref, LDAP_OPT_PROTOCOL_VERSION, 3);
757	ldap_set_option($ldap_conn_following_ref, LDAP_OPT_REFERRALS, 1);
758
759	if ( ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
760	ldap_bind($ldap_conn_following_ref, $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'], $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw']);
761	}
762	else
763	return false;
764
765	if ($recursive == 'true')
766	{
767	$lists_search = ldap_search($ldap_conn_following_ref, $context, $lists_filter, $justthese);
768	$users_search = ldap_search($ldap_conn_following_ref, $context, $users_filter, $justthese);
769	}
770	else
771	{
772	$lists_search = ldap_list($ldap_conn_following_ref, $context, $lists_filter, $justthese);
773	$users_search = ldap_list($ldap_conn_following_ref, $context, $users_filter, $justthese);
774	}
775
776	/* email lists */
777	$lists_entries = ldap_get_entries($ldap_conn_following_ref, $lists_search);
778
779	for ($i=0; $i<$lists_entries["count"]; $i++)
780	{
781	$l_tmp[$lists_entries[$i]["mail"][0]] = $lists_entries[$i]["cn"][0];
782	}
783
784	if (count($l_tmp))
785	natcasesort($l_tmp);
786
787	$i = 0;
788	$lists = array();
789
790	$options .= '<option value="-1" disabled>------------------------------    '.$this->functions->lang('email lists').'    ------------------------------ </option>'."\n";
791	if (count($l_tmp))
792	{
793	foreach ($l_tmp as $mail => $cn)
794	{
795	$options .= "<option value=$mail>$cn</option>";
796	}
797	unset($l_tmp);
798	}
799
800	/* users */
801	$users_entries = ldap_get_entries($ldap_conn_following_ref, $users_search);
802	for ($i=0; $i<$users_entries["count"]; $i++)
803	{
804	$u_tmp[$users_entries[$i]["mail"][0]] = $users_entries[$i]["cn"][0];
805	}
806
807	if (count($u_tmp))
808	natcasesort($u_tmp);
809
810	$i = 0;
811	$users = array();
812
813	$options .= '<option value="-1" disabled>-----------------------------    '.$this->functions->lang('users').'    ---------------------------- </option>'."\n";
814
815	if (count($u_tmp))
816	{
817	foreach ($u_tmp as $mail => $cn)
818	{
819	$options .= "<option value=$mail class='line-above'>$cn</option>";
820	}
821	unset($u_tmp);
822	}
823
824	ldap_close($ldap_conn_following_ref);
825	return $options;
826	}
827
828	function get_available_groups($params)
829	{
830	$context = $params['context'];
831	$justthese = array("cn", "gidNumber");
832	$groups_list=ldap_list($this->ldap, $context, ("(phpgwAccountType=g)"), $justthese);
833	ldap_sort($this->ldap, $groups_list, "cn");
834
835	$entries = ldap_get_entries($this->ldap, $groups_list);
836
837	$options = '';
838	for ($i=0; $i<$entries['count']; $i++)
839	{
840	$options .= "<option value=" . $entries[$i]['gidnumber'][0] . ">" . $entries[$i]['cn'][0] . "</option>";
841	}
842
843	return $options;
844	}
845
846	function get_available_maillists($params)
847	{
848	if ( !$ldapMasterConnect = $this->ldapMasterConnect() )
849	return false;
850
851	$context = $params['context'];
852	$justthese = array("uid","mail","uidNumber");
853	$maillists=ldap_list($ldapMasterConnect, $context, ("(phpgwAccountType=l)"), $justthese);
854	ldap_sort($ldapMasterConnect, $maillists, "uid");
855
856	$entries = ldap_get_entries($ldapMasterConnect, $maillists);
857
858	$options = '';
859	for ($i=0; $i<$entries['count']; $i++)
860	{
861	$options .= "<option value=" . $entries[$i]['uid'][0] . ">" . $entries[$i]['uid'][0] . " (" . $entries[$i]['mail'][0] . ")" . "</option>";
862	}
863
864	ldap_close($ldapMasterConnect);
865	return $options;
866	}
867
868	function ldap_add_entry($dn, $entry)
869	{
870	$result = array();
871	if (!@ldap_add ( $this->ldap, $dn, $entry ))
872	{
873	$result['status'] = false;
874	$result['error_number'] = ldap_errno($this->ldap);
875	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->ldap_add_entry ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_errno($this->ldap) . ldap_error($this->ldap);
876	}
877	else
878	$result['status'] = true;
879
880	return $result;
881	}
882
883	function ldap_save_photo($dn, $pathphoto, $photo_exist=false)
884	{
885	$fd = fopen($pathphoto, "r");
886	$fsize = filesize($pathphoto);
887	$jpegStr = fread($fd, $fsize);
888	fclose ($fd);
889	$attrs['jpegPhoto'] = $jpegStr;
890
891	if ($photo_exist)
892	$res = @ldap_mod_replace($this->ldap, $dn, $attrs);
893	else
894	$res = @ldap_mod_add($this->ldap, $dn, $attrs);
895
896	if ($res)
897	{
898	$result['status'] = true;
899	}
900	else
901	{
902	$result['status'] = false;
903	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->ldap_save_photo ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
904	}
905
906	return $result;
907	}
908
909	function ldap_remove_photo($dn)
910	{
911	$attrs['jpegPhoto'] = array();
912	$res = ldap_mod_del($this->ldap, $dn, $attrs);
913
914	if ($res)
915	{
916	$result['status'] = true;
917	}
918	else
919	{
920	$result['status'] = false;
921	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->ldap_remove_photo ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
922	}
923
924	return $result;
925	}
926
927	// Pode receber tanto um único memberUid quanto um array de memberUid's
928	function add_user2group($gidNumber, $memberUid)
929	{
930	$filter = "(&(phpgwAccountType=g)(gidNumber=$gidNumber))";
931	$justthese = array("dn");
932	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
933	$entry = ldap_get_entries($this->ldap, $search);
934	$group_dn = $entry[0]['dn'];
935	$attrs['memberUid'] = $memberUid;
936
937	$res = @ldap_mod_add($this->ldap, $group_dn, $attrs);
938
939	if ($res)
940	{
941	$result['status'] = true;
942	}
943	else
944	{
945	$result['status'] = false;
946	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->add_user2group ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
947	}
948	return $result;
949	}
950
951	function remove_user2group($gidNumber, $memberUid)
952	{
953	$filter = "(&(phpgwAccountType=g)(gidNumber=$gidNumber))";
954	$justthese = array("dn");
955	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
956	$entry = ldap_get_entries($this->ldap, $search);
957	$group_dn = $entry[0]['dn'];
958	$attrs['memberUid'] = $memberUid;
959	$res = @ldap_mod_del($this->ldap, $group_dn, $attrs);
960
961	if ($res)
962	{
963	$result['status'] = true;
964	}
965	else
966	{
967	$result['status'] = false;
968	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->remove_user2group ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
969	}
970	return $result;
971	}
972
973	function add_user2maillist($uid, $mail)
974	{
975	if ( !$ldapMasterConnect = $this->ldapMasterConnect() )
976	{
977	$result['status'] = false;
978	$result['msg'] = $this->functions->lang('Ldap connection fail') . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($ldapMasterConnect);
979	return $result;
980	}
981
982	$filter = "(&(phpgwAccountType=l)(uid=$uid))";
983	$justthese = array("dn");
984	$search = ldap_search($ldapMasterConnect, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
985	$entry = ldap_get_entries($ldapMasterConnect, $search);
986	$group_dn = $entry[0]['dn'];
987	$attrs['mailForwardingAddress'] = $mail;
988	$res = @ldap_mod_add($ldapMasterConnect, $group_dn, $attrs);
989
990	if ($res)
991	{
992	$result['status'] = true;
993	}
994	else
995	{
996	$result['status'] = false;
997	if (ldap_errno($ldapMasterConnect) == '50')
998	{
999	$result['msg'] = $this->functions->lang('Error on the function') . ' ldap_functions->add_user2maillist' . ".\n" .
1000	$this->functions->lang('The user used for record on LPDA, must have write access') . ".\n";
1001	$this->functions->lang('The user') . ' ' . $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] . ' ' . $this->functions->lang('does not have this access') . ".\n";
1002	$this->functions->lang('Edit Global Catalog Config, in the admin module, and add an user with write access') . ".\n";
1003	}
1004	else
1005	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->add_user2maillist ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($ldapMasterConnect);
1006	}
1007
1008	ldap_close($ldapMasterConnect);
1009	return $result;
1010	}
1011
1012	function add_user2maillist_scl($dn, $array_emails)
1013	{
1014	$attrs['mailSenderAddress'] = $array_emails;
1015
1016	$res = @ldap_mod_add($this->ldap, $dn, $attrs);
1017
1018	if ($res)
1019	{
1020	$result['status'] = true;
1021	}
1022	else
1023	{
1024	$result['status'] = false;
1025	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->add_user2maillist_scp ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1026	}
1027	return $result;
1028	}
1029
1030	function remove_user2maillist($uid, $mail)
1031	{
1032	if ( !$ldapMasterConnect = $this->ldapMasterConnect() )
1033	{
1034	$result['status'] = false;
1035	$result['msg'] = $this->functions->lang('Ldap connection fail') . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($ldapMasterConnect);
1036	return $result;
1037	}
1038
1039	$filter = "(&(phpgwAccountType=l)(uid=$uid))";
1040	$justthese = array("dn");
1041	$search = ldap_search($ldapMasterConnect, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1042	$entry = ldap_get_entries($ldapMasterConnect, $search);
1043	$group_dn = $entry[0]['dn'];
1044	$attrs['mailForwardingAddress'] = $mail;
1045	$res = @ldap_mod_del($ldapMasterConnect, $group_dn, $attrs);
1046
1047	if ($res)
1048	{
1049	$result['status'] = true;
1050	}
1051	else
1052	{
1053	$result['status'] = false;
1054	if (ldap_errno($ldapMasterConnect) == '50')
1055	{
1056	$result['msg'] = $this->functions->lang('Error on the function') . ' ldap_functions->remove_user2maillist' . ".\n" .
1057	$this->functions->lang('The user used for record on LPDA, must have write access') . ".\n";
1058	$this->functions->lang('The user') . ' ' . $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] . ' ' . $this->functions->lang('does not have this access') . ".\n";
1059	$this->functions->lang('Edit Global Catalog Config, in the admin module, and add an user with write access') . ".\n";
1060	}
1061	else
1062	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->remove_user2maillist ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($ldapMasterConnect);
1063	}
1064	ldap_close($ldapMasterConnect);
1065	return $result;
1066	}
1067
1068	function remove_user2maillist_scl($dn, $array_emails)
1069	{
1070	$attrs['mailSenderAddress'] = $array_emails;
1071	$res = @ldap_mod_del($this->ldap, $dn, $attrs);
1072
1073	if ($res)
1074	{
1075	$result['status'] = true;
1076	}
1077	else
1078	{
1079	$result['status'] = false;
1080	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->remove_user2maillist_scp ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1081	}
1082	return $result;
1083	}
1084
1085	function replace_user2maillists($new_mail, $old_mail)
1086	{
1087	$filter = "(&(phpgwAccountType=l)(mailforwardingaddress=$old_mail))";
1088	$justthese = array("dn");
1089	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1090	$entries = ldap_get_entries($this->ldap, $search);
1091	$result['status'] = true;
1092	for ($i=0; $i<$entries['count']; $i++)
1093	{
1094	$attrs['mailforwardingaddress'] = $old_mail;
1095	$res1 = @ldap_mod_del($this->ldap, $entries[$i]['dn'], $attrs);
1096	$attrs['mailforwardingaddress'] = $new_mail;
1097	$res2 = @ldap_mod_add($this->ldap, $entries[$i]['dn'], $attrs);
1098
1099	if ((!$res1) \|\| (!$res2))
1100	{
1101	$result['status'] = false;
1102	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->replace_user2maillists ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1103	}
1104	}
1105
1106	return $result;
1107	}
1108
1109	function get_user_info($uidnumber)
1110	{
1111	foreach ($this->manager_contexts as $index=>$context)
1112	{
1113	$filter="(&(phpgwAccountType=u)(uidNumber=".$uidnumber."))";
1114	$search = ldap_search($this->ldap, $context, $filter);
1115	$entry = ldap_get_entries($this->ldap, $search);
1116
1117	if ($entry['count'])
1118	{
1119	//Pega o dn do setor do usuario.
1120	$entry[0]['dn'] = strtolower($entry[0]['dn']);
1121	$sector_dn_array = explode(",", $entry[0]['dn']);
1122	for($i=1; $i<count($sector_dn_array); $i++)
1123	$sector_dn .= $sector_dn_array[$i] . ',';
1124	//Retira ultimo pipe.
1125	$sector_dn = substr($sector_dn,0,(strlen($sector_dn) - 1));
1126
1127	$result['context'] = $sector_dn;
1128	$result['uid'] = $entry[0]['uid'][0];
1129	$result['uidnumber'] = $entry[0]['uidnumber'][0];
1130	$result['gidnumber'] = $entry[0]['gidnumber'][0];
1131	$result['departmentnumber'] = $entry[0]['departmentnumber'][0];
1132	$result['givenname'] = $entry[0]['givenname'][0];
1133	$result['sn'] = $entry[0]['sn'][0];
1134	$result['telephonenumber'] = $entry[0]['telephonenumber'][0];
1135	$result['passwd_expired'] = $entry[0]['phpgwlastpasswdchange'][0];
1136	$result['phpgwaccountstatus'] = $entry[0]['phpgwaccountstatus'][0];
1137	$result['phpgwaccountvisible'] = $entry[0]['phpgwaccountvisible'][0];
1138	$result['accountstatus'] = $entry[0]['accountstatus'][0];
1139	$result['mail'] = $entry[0]['mail'][0];
1140	$result['mailalternateaddress'] = $entry[0]['mailalternateaddress'];
1141	$result['mailforwardingaddress']= $entry[0]['mailforwardingaddress'];
1142	$result['deliverymode'] = $entry[0]['deliverymode'][0];
1143	$result['userPasswordRFC2617'] = $entry[0]['userpasswordrfc2617'][0];
1144
1145	//Photo
1146	if ($entry[0]['jpegphoto']['count'] == 1)
1147	$result['photo_exist'] = 'true';
1148
1149	// Samba
1150	for ($i=0; $i<$entry[0]['objectclass']['count']; $i++)
1151	{
1152	if ($entry[0]['objectclass'][$i] == 'sambaSamAccount')
1153	$result['sambaUser'] = true;
1154	}
1155	if (($this->current_config['expressoAdmin_samba_support'] == 'true') && ($result['sambaUser']))
1156	{
1157	$result['sambaaccflags'] = $entry[0]['sambaacctflags'][0];
1158	$result['sambalogonscript'] = $entry[0]['sambalogonscript'][0];
1159	$result['homedirectory'] = $entry[0]['homedirectory'][0];
1160	$a_tmp = explode("-", $entry[0]['sambasid'][0]);
1161	array_pop($a_tmp);
1162	$result['sambasid'] = implode("-", $a_tmp);
1163	}
1164
1165	// Verifica o acesso do gerente aos atributos corporativos
1166	if ($this->functions->check_acl($_SESSION['phpgw_session']['session_lid'], 'manipulate_corporative_information'))
1167	{
1168	$result['corporative_information_employeenumber']= $entry[0]['employeenumber'][0];
1169	$result['corporative_information_cpf'] = $entry[0]['cpf'][0];
1170	$result['corporative_information_rg'] = $entry[0]['rg'][0];
1171	$result['corporative_information_rguf'] = $entry[0]['rguf'][0];
1172	$result['corporative_information_description'] = utf8_decode($entry[0]['description'][0]);
1173	}
1174
1175	// MailLists
1176	$result['maillists_info'] = $this->get_user_maillists($result['mail']);
1177	if($result['maillists_info'])
1178	{
1179	foreach ($result['maillists_info'] as $maillist)
1180	{
1181	$result['maillists'][] = $maillist['uid'];
1182	}
1183	}
1184
1185	// Groups
1186	$justthese = array("gidnumber","cn");
1187	$filter="(&(phpgwAccountType=g)(memberuid=".$result['uid']."))";
1188	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1189	ldap_sort($this->ldap, $search, "cn");
1190	$entries = ldap_get_entries($this->ldap, $search);
1191	for ($i=0; $i<$entries['count']; $i++)
1192	{
1193	$result['groups_ldap'][ $entries[$i]['gidnumber'][0] ] = $entries[$i]['cn'][0];
1194	}
1195	}
1196	}
1197	if (is_array($result))
1198	return $result;
1199	else
1200	return false;
1201	}
1202
1203	function get_user_maillists($mail)
1204	{
1205	if ( !$ldapMasterConnect = $this->ldapMasterConnect() )
1206	return false;
1207
1208	$result = array();
1209
1210	//Mostra somente os mailists dos contextos do gerente
1211	$justthese = array("uid","mail","uidnumber");
1212	$filter="(&(phpgwAccountType=l)(mailforwardingaddress=$mail))";
1213
1214	foreach ($this->manager_contexts as $index=>$context)
1215	{
1216	$search = ldap_search($ldapMasterConnect, $context, $filter, $justthese);
1217	$entries = ldap_get_entries($ldapMasterConnect, $search);
1218
1219	for ($i=0; $i<$entries['count']; $i++)
1220	{
1221	$result[ $entries[$i]['uid'][0] ]['uid'] = $entries[$i]['uid'][0];
1222	$result[ $entries[$i]['uid'][0] ]['mail'] = $entries[$i]['mail'][0];
1223
1224	$a_tmp[] = $entries[$i]['uid'][0];
1225	}
1226	}
1227
1228	if($a_tmp) {
1229	natcasesort($a_tmp);
1230
1231	foreach ($a_tmp as $uid)
1232	{
1233	$return[$uid]['uid'] = $result[$uid]['uid'];
1234	$return[$uid]['mail'] = $result[$uid]['mail'];
1235	}
1236	}
1237	ldap_close($ldapMasterConnect);
1238	return $return;
1239	}
1240
1241	function get_group_info($gidnumber)
1242	{
1243	foreach ($this->manager_contexts as $index=>$context)
1244	{
1245	$filter="(&(phpgwAccountType=g)(gidNumber=".$gidnumber."))";
1246	$search = ldap_search($this->ldap, $context, $filter);
1247	$entry = ldap_get_entries($this->ldap, $search);
1248
1249	if ($entry['count'])
1250	{
1251	//Pega o dn do setor do grupo.
1252	$entry[0]['dn'] = strtolower($entry[0]['dn']);
1253	$sector_dn_array = explode(",", $entry[0]['dn']);
1254	for($i=1; $i<count($sector_dn_array); $i++)
1255	$sector_dn .= $sector_dn_array[$i] . ',';
1256	//Retira ultimo pipe.
1257	$sector_dn = substr($sector_dn,0,(strlen($sector_dn) - 1));
1258
1259	$result['context'] = $sector_dn;
1260	$result['cn'] = $entry[0]['cn'][0];
1261	$result['description'] = $entry[0]['description'][0];
1262	$result['gidnumber'] = $entry[0]['gidnumber'][0];
1263	$result['phpgwaccountvisible'] = $entry[0]['phpgwaccountvisible'][0];
1264	$result['email'] = $entry[0]['mail'][0];
1265
1266	//MemberUid
1267	for ($i=0; $i<$entry[0]['memberuid']['count']; $i++)
1268	{
1269	$justthese = array("cn","uid","uidnumber");
1270
1271	// Montagem dinamica do filtro
1272	$filter="(&(phpgwAccountType=u)(\|";
1273	for ($k=0; (($k<10) && ($i<$entry[0]['memberuid']['count'])); $k++)
1274	{
1275	$filter .= "(uid=".$entry[0]['memberuid'][$i].")";
1276	$i++;
1277	}
1278	$i--;
1279	$filter .= "))";
1280
1281	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1282	$user_entry = ldap_get_entries($this->ldap, $search);
1283
1284	for ($j=0; $j<$user_entry['count']; $j++)
1285	{
1286	$result['memberuid_info'][$user_entry[$j]['uid'][0]]['cn'] = $user_entry[$j]['cn'][0];
1287	$result['memberuid_info'][$user_entry[$j]['uid'][0]]['uidnumber'] = $user_entry[$j]['uidnumber'][0];
1288	$result['memberuid_info'][$user_entry[$j]['uid'][0]]['type'] = 'u';
1289	}
1290	}
1291
1292	// Checamos e-mails que não fazem parte do expresso.
1293	// Criamos um array temporario
1294	$tmp_array = array();
1295	if($result['memberuid_info'])
1296	foreach ($result['memberuid_info'] as $uid => $user_data)
1297	{
1298	$tmp_array[] = $uid;
1299	}
1300
1301	if($entry[0]['memberuid']) {
1302	// Retira o count do array
1303	array_shift($entry[0]['memberuid']);
1304	// Vemos a diferença
1305	$array_diff = array_diff($entry[0]['memberuid'], $tmp_array);
1306	// Incluimos no resultado
1307	foreach ($array_diff as $index=>$uid)
1308	{
1309	$result['memberuid_info'][$uid]['cn'] = $uid;
1310	}
1311	}
1312
1313	// Samba
1314	for ($i=0; $i<$entry[0]['objectclass']['count']; $i++)
1315	{
1316	if ($entry[0]['objectclass'][$i] == 'sambaGroupMapping')
1317	$result['sambaGroup'] = true;
1318
1319	$a_tmp = explode("-", $entry[0]['sambasid'][0]);
1320	array_pop($a_tmp);
1321	$result['sambasid'] = implode("-", $a_tmp);
1322	}
1323	return $result;
1324	}
1325	}
1326	}
1327
1328	function get_maillist_info($uidnumber)
1329	{
1330	/* folling referral connection */
1331	$ldap_conn_following_ref = ldap_connect($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['host']);
1332	if ($ldap_conn_following_ref)
1333	{
1334	ldap_set_option($ldap_conn_following_ref, LDAP_OPT_PROTOCOL_VERSION, 3);
1335	ldap_set_option($ldap_conn_following_ref, LDAP_OPT_REFERRALS, 1);
1336
1337	if ( ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] != '') && ($_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw'] != '') )
1338	ldap_bind($ldap_conn_following_ref, $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'], $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['pw']);
1339	}
1340
1341	foreach ($this->manager_contexts as $index=>$context)
1342	{
1343	$filter="(&(phpgwAccountType=l)(uidNumber=".$uidnumber."))";
1344	$search = ldap_search($this->ldap, $context, $filter);
1345	$entry = ldap_get_entries($this->ldap, $search);
1346
1347	if ($entry['count'])
1348	{
1349	//Pega o dn do setor do usuario.
1350	$entry[0]['dn'] = strtolower($entry[0]['dn']);
1351	$sector_dn_array = explode(",", $entry[0]['dn']);
1352	for($i=1; $i<count($sector_dn_array); $i++)
1353	$sector_dn .= $sector_dn_array[$i] . ',';
1354	//Retira ultimo pipe.
1355	$sector_dn = substr($sector_dn,0,(strlen($sector_dn) - 1));
1356
1357	$result['context'] = $sector_dn;
1358	$result['uidnumber'] = $entry[0]['uidnumber'][0];
1359	$result['uid'] = strtolower($entry[0]['uid'][0]);
1360	$result['cn'] = $entry[0]['cn'][0];
1361	$result['mail'] = $entry[0]['mail'][0];
1362	$result['description'] = utf8_decode($entry[0]['description'][0]);
1363	$result['accountStatus'] = $entry[0]['accountstatus'][0];
1364	$result['phpgwAccountVisible'] = $entry[0]['phpgwaccountvisible'][0];
1365
1366	//Members
1367	for ($i=0; $i<$entry[0]['mailforwardingaddress']['count']; $i++)
1368	{
1369	$justthese = array("cn", "uidnumber", "uid", "phpgwaccounttype", "mail");
1370
1371	// Montagem dinamica do filtro, para nao ter muitas conexoes com o ldap
1372	$filter="(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(\|";
1373	for ($k=0; (($k<10) && ($i<$entry[0]['mailforwardingaddress']['count'])); $k++)
1374	{
1375	$filter .= "(mail=".$entry[0]['mailforwardingaddress'][$i].")";
1376	$i++;
1377	}
1378	$i--;
1379	$filter .= "))";
1380
1381	$search = ldap_search($ldap_conn_following_ref, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1382	$user_entry = ldap_get_entries($ldap_conn_following_ref, $search);
1383
1384	for ($j=0; $j<$user_entry['count']; $j++)
1385	{
1386	$result['mailForwardingAddress_info'][$user_entry[$j]['mail'][0]]['uid'] = $user_entry[$j]['uid'][0];
1387	$result['mailForwardingAddress_info'][$user_entry[$j]['mail'][0]]['cn'] = $user_entry[$j]['cn'][0];
1388	$result['mailForwardingAddress_info'][$user_entry[$j]['mail'][0]]['type'] = $user_entry[$j]['phpgwaccounttype'][0];
1389	$result['mailForwardingAddress'][] = $user_entry[$j]['mail'][0];
1390	}
1391	}
1392
1393	// Emails não encontrados no ldap
1394	array_shift($entry[0]['mailforwardingaddress']); //Retira o count do array
1395	$missing_emails = array_diff($entry[0]['mailforwardingaddress'], $result['mailForwardingAddress']);
1396
1397	// Incluimos estes no resultado
1398	foreach ($missing_emails as $index=>$mailforwardingaddress)
1399	{
1400	$result['mailForwardingAddress_info'][$mailforwardingaddress]['uid'] = $mailforwardingaddress;
1401	$result['mailForwardingAddress_info'][$mailforwardingaddress]['cn'] = 'E-Mail nao encontrado';
1402	$result['mailForwardingAddress'][] = $mailforwardingaddress;
1403	}
1404
1405	ldap_close($ldap_conn_following_ref);
1406	return $result;
1407	}
1408	}
1409	}
1410
1411	function get_maillist_scl_info($uidnumber)
1412	{
1413	foreach ($this->manager_contexts as $index=>$context)
1414	{
1415	$filter="(&(phpgwAccountType=l)(uidNumber=$uidnumber))";
1416	$search = ldap_search($this->ldap, $context, $filter);
1417	$entry = ldap_get_entries($this->ldap, $search);
1418
1419	if ($entry['count'])
1420	{
1421	//Pega o dn do setor do usuario.
1422	$entry[0]['dn'] = strtolower($entry[0]['dn']);
1423	$sector_dn_array = explode(",", $entry[0]['dn']);
1424	for($i=1; $i<count($sector_dn_array); $i++)
1425	$sector_dn .= $sector_dn_array[$i] . ',';
1426	//Retira ultimo pipe.
1427	$sector_dn = substr($sector_dn,0,(strlen($sector_dn) - 1));
1428
1429	$result['dn'] = $entry[0]['dn'];
1430	$result['context'] = $sector_dn;
1431	$result['uidnumber'] = $entry[0]['uidnumber'][0];
1432	$result['uid'] = $entry[0]['uid'][0];
1433	$result['cn'] = $entry[0]['cn'][0];
1434	$result['mail'] = $entry[0]['mail'][0];
1435	$result['accountStatus'] = $entry[0]['accountstatus'][0];
1436	$result['phpgwAccountVisible'] = $entry[0]['phpgwaccountvisible'][0];
1437	$result['accountRestrictive'] = $entry[0]['accountrestrictive'][0];
1438	$result['participantCanSendMail'] = $entry[0]['participantcansendmail'][0];
1439
1440	//Senders
1441	for ($i=0; $i<$entry[0]['mailsenderaddress']['count']; $i++)
1442	{
1443	$justthese = array("cn", "uidnumber", "uid", "mail");
1444	$filter="(&(phpgwAccountType=u)(mail=".$entry[0]['mailsenderaddress'][$i]."))";
1445	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1446	$user_entry = ldap_get_entries($this->ldap, $search);
1447
1448	$result['senders_info'][$user_entry[0]['mail'][0]]['uid'] = $user_entry[0]['uid'][0];
1449	$result['senders_info'][$user_entry[0]['mail'][0]]['cn'] = $user_entry[0]['cn'][0];
1450	$result['members'][] = $user_entry[0]['mail'][0];
1451	}
1452	return $result;
1453	}
1454	}
1455	}
1456
1457	function group_exist($gidnumber)
1458	{
1459	$justthese = array("cn");
1460	$filter="(&(phpgwAccountType=g)(gidNumber=".$gidnumber."))";
1461	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1462
1463	$entry = ldap_get_entries($this->ldap, $search);
1464	if ($entry['count'] == 0)
1465	return false;
1466	else
1467	return true;
1468	}
1469
1470	function gidnumbers2cn($gidnumbers)
1471	{
1472	$result = array();
1473	if (count($gidnumbers))
1474	{
1475	$justthese = array("cn");
1476	$i = 0;
1477	foreach ($gidnumbers as $gidnumber)
1478	{
1479	$filter="(&(phpgwAccountType=g)(gidNumber=".$gidnumber."))";
1480	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1481
1482	$entry = ldap_get_entries($this->ldap, $search);
1483	if ($entry['count'] == 0)
1484	$result['groups_info'][$i]['cn'] = '_' . $this->functions->lang('group only exist on DB, but does not exist on ldap');
1485
1486	else
1487	$result['groups_info'][$i]['cn'] = $entry[0]['cn'][0];
1488	$result['groups_info'][$i]['gidnumber'] = $gidnumber;
1489
1490	/* o gerente pode excluir um grupo de um usuario onde este grupo esta em outra OU ? */
1491	/* é o mesmo que o manager editar um grupo de outra OU */
1492	$result['groups_info'][$i]['group_disabled'] = 'true';
1493	foreach ($this->manager_contexts as $index=>$context)
1494	{
1495	if (strpos(strtolower($entry[0]['dn']), strtolower($context)))
1496	{
1497	$result['groups_info'][$i]['group_disabled'] = 'false';
1498	}
1499	}
1500
1501	$i++;
1502	}
1503	}
1504	return $result;
1505	}
1506
1507	function uidnumber2uid($uidnumber)
1508	{
1509	$justthese = array("uid");
1510	$filter="(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uidNumber=".$uidnumber."))";
1511	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1512	$entry = ldap_get_entries($this->ldap, $search);
1513	return $entry[0]['uid'][0];
1514	}
1515
1516	function uid2cn($uid)
1517	{
1518	$justthese = array("cn");
1519	$filter="(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uid=".$uid."))";
1520	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1521	$entry = ldap_get_entries($this->ldap, $search);
1522	return $entry[0]['cn'][0];
1523	}
1524
1525	function uidnumber2mail($uidnumber)
1526	{
1527	$justthese = array("mail");
1528	$filter="(&(\|(phpgwAccountType=u)(phpgwAccountType=l))(uidNumber=".$uidnumber."))";
1529	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1530	$entry = ldap_get_entries($this->ldap, $search);
1531	return $entry[0]['mail'][0];
1532	}
1533
1534
1535	function change_user_context($dn, $newrdn, $newparent)
1536	{
1537	if (!ldap_rename ( $this->ldap, $dn, $newrdn, $newparent, true ))
1538	{
1539	$return['status'] = false;
1540	$return['msg'] = $this->functions->lang('Error on function') . " ldap_functions->change_user_context ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1541	}
1542	else
1543	$return['status'] = true;
1544
1545	return $return;
1546	}
1547
1548	function replace_user_attributes($dn, $ldap_mod_replace)
1549	{
1550	if (!@ldap_mod_replace ( $this->ldap, $dn, $ldap_mod_replace ))
1551	{
1552	$return['status'] = false;
1553	$return['error_number'] = ldap_errno($this->ldap);
1554	$return['msg'] = $this->functions->lang('Error on function') . " ldap_functions->replace_user_attributes ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1555	}
1556	else
1557	$return['status'] = true;
1558
1559	return $return;
1560	}
1561
1562	function add_user_attributes($dn, $ldap_add)
1563	{
1564	if (!@ldap_mod_add ( $this->ldap, $dn, $ldap_add ))
1565	{
1566	$return['status'] = false;
1567	$return['error_number'] = ldap_errno($this->ldap);
1568	$return['msg'] = $this->functions->lang('Error on function') . " ldap_functions->add_user_attributes ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1569	}
1570	else
1571	$return['status'] = true;
1572
1573	return $return;
1574	}
1575
1576	function remove_user_attributes($dn, $ldap_remove)
1577	{
1578	if (!@ldap_mod_del ( $this->ldap, $dn, $ldap_remove ))
1579	{
1580	$return['status'] = false;
1581	$return['msg'] = $this->functions->lang('Error on function') . " ldap_functions->remove_user_attributes ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1582	}
1583	else
1584	$return['status'] = true;
1585
1586	return $return;
1587	}
1588
1589	function set_user_password($uid, $password)
1590	{
1591	$justthese = array("userPassword");
1592	$filter="(&(phpgwAccountType=u)(uid=".$uid."))";
1593	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1594	$entry = ldap_get_entries($this->ldap, $search);
1595	$dn = $entry[0]['dn'];
1596	$userPassword = $entry[0]['userpassword'][0];
1597	$ldap_mod_replace['userPassword'] = $password;
1598	$this->replace_user_attributes($dn, $ldap_mod_replace);
1599	return $userPassword;
1600	}
1601
1602	function delete_user($user_info)
1603	{
1604	// Verifica acesso do gerente (OU) ao tentar deletar um usuário.
1605	$manager_access = false;
1606	foreach ($this->manager_contexts as $index=>$context)
1607	{
1608	if ( (strpos(strtolower($user_info['context']), strtolower($context))) \|\| (strtolower($user_info['context']) == strtolower($context)) )
1609	{
1610	$manager_access = true;
1611	break;
1612	}
1613	}
1614	if (!$manager_access)
1615	{
1616	$return['status'] = false;
1617	$result['msg'] = $this->functions->lang('You do not have access to delete this user') . ".";
1618	return $return;
1619	}
1620
1621	$return['status'] = true;
1622	$return['msg'] = "";
1623
1624	// GROUPS
1625	$attrs = array();
1626	$attrs['memberuid'] = $user_info['uid'];
1627
1628	if (count($user_info['groups_info']))
1629	{
1630	foreach ($user_info['groups_info'] as $group_info)
1631	{
1632	$gidnumber = $group_info['gidnumber'];
1633	$justthese = array("dn");
1634	$filter="(&(phpgwAccountType=g)(gidnumber=".$gidnumber."))";
1635	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1636	$entry = ldap_get_entries($this->ldap, $search);
1637	$dn = $entry[0]['dn'];
1638
1639	if (!@ldap_mod_del($this->ldap, $dn, $attrs))
1640	{
1641	$return['status'] = false;
1642	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->delete_user from group ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1643	}
1644	}
1645	}
1646
1647	//INSTITUTIONAL ACCOUNTS
1648	$attrs = array();
1649	$attrs['mailForwardingAddress'] = $user_info['mail'];
1650
1651	$justthese = array("dn");
1652	$filter="(&(phpgwAccountType=i)(mailforwardingaddress=".$user_info['mail']."))";
1653	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1654	$entries = ldap_get_entries($this->ldap, $search);
1655
1656	for ($i=0; $i<$entries['count']; $i++)
1657	{
1658	if ( !@ldap_mod_del($this->ldap, $entries[$i]['dn'], $attrs) )
1659	{
1660	$result['status'] = false;
1661	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->delete_user, institutional accounts ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1662	}
1663	}
1664
1665	// MAILLISTS
1666	$attrs = array();
1667	$attrs['mailForwardingAddress'] = $user_info['mail'];
1668
1669	if (count($user_info['maillists_info']))
1670	{
1671
1672	if ( !$ldapMasterConnect = $this->ldapMasterConnect() )
1673	{
1674	$return['status'] = false;
1675	$result['msg'] = $this->functions->lang('Connection with ldap_master fail') . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1676	return $return;
1677	}
1678
1679	foreach ($user_info['maillists_info'] as $maillists_info)
1680	{
1681	$uid = $maillists_info['uid'];
1682	$justthese = array("dn");
1683	$filter="(&(phpgwAccountType=l)(uid=".$uid."))";
1684	$search = ldap_search($ldapMasterConnect, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1685	$entry = ldap_get_entries($ldapMasterConnect, $search);
1686	$dn = $entry[0]['dn'];
1687
1688	if (!@ldap_mod_del($ldapMasterConnect, $dn, $attrs))
1689	{
1690	$return['status'] = false;
1691	if (ldap_errno($ldapMasterConnect) == '50')
1692	{
1693	$result['msg'] = $this->functions->lang('Error on the function') . ' ldap_functions->add_user2maillist' . ".\n" .
1694	$this->functions->lang('The user used for record on LPDA, must have write access') . ".\n";
1695	$this->functions->lang('The user') . ' ' . $_SESSION['phpgw_info']['expresso']['cc_ldap_server']['acc'] . ' ' . $this->functions->lang('does not have this access') . ".\n";
1696	$this->functions->lang('Edit Global Catalog Config, in the admin module, and add an user with write access') . ".\n";
1697	}
1698	else
1699	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->delete_user, email lists ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($ldapMasterConnect);
1700	}
1701	}
1702	ldap_close($ldapMasterConnect);
1703	}
1704
1705	// UID
1706	$dn = "uid=" . $user_info['uid'] . "," . $user_info['context'];
1707	if (!@ldap_delete($this->ldap, $dn))
1708	{
1709	$return['status'] = false;
1710	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->delete_user, email lists ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($ldapMasterConnect);
1711	}
1712	/* jakjr */
1713	return $return;
1714	}
1715
1716	function delete_maillist($uidnumber, $mail)
1717	{
1718	$return['status'] = true;
1719
1720	$justthese = array("dn");
1721
1722	// remove listas dentro de listas
1723	$filter="(&(phpgwAccountType=l)(mailForwardingAddress=".$mail."))";
1724	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1725	$entry = ldap_get_entries($this->ldap, $search);
1726	$attrs['mailForwardingAddress'] = $mail;
1727	for ($i=0; $i<=$entry['count']; $i++)
1728	{
1729	$dn = $entry[$i]['dn'];
1730	@ldap_mod_del ( $this->ldap, $dn, $attrs);
1731	}
1732
1733	$filter="(&(phpgwAccountType=l)(uidnumber=".$uidnumber."))";
1734	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1735	$entry = ldap_get_entries($this->ldap, $search);
1736	$dn = $entry[0]['dn'];
1737
1738	if (!@ldap_delete($this->ldap, $dn))
1739	{
1740	$return['status'] = false;
1741	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->delete_maillist ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1742	}
1743
1744	return $return;
1745	}
1746
1747	function delete_group($gidnumber)
1748	{
1749	$return['status'] = true;
1750
1751	$justthese = array("dn");
1752	$filter="(&(phpgwAccountType=g)(gidnumber=".$gidnumber."))";
1753	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1754	$entry = ldap_get_entries($this->ldap, $search);
1755	$dn = $entry[0]['dn'];
1756
1757	if (!@ldap_delete($this->ldap, $dn))
1758	{
1759	$return['status'] = false;
1760	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->delete_group ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1761	}
1762
1763	return $return;
1764	}
1765
1766	function check_access_to_renamed($uid)
1767	{
1768	$justthese = array("dn");
1769	$filter="(&(phpgwAccountType=u)(uid=$uid))";
1770
1771	foreach ($this->manager_contexts as $index=>$context)
1772	{
1773	$search = ldap_search($this->ldap, $context, $filter, $justthese);
1774	$entry = ldap_get_entries($this->ldap, $search);
1775	if ($entry['count'])
1776	return true;
1777	}
1778	return false;
1779	}
1780
1781	function check_rename_new_uid($uid)
1782	{
1783	if ( !$ldapMasterConnect = $this->ldapMasterConnect() )
1784	return false;
1785
1786	$justthese = array("dn");
1787	$filter="(&(phpgwAccountType=u)(uid=$uid))";
1788
1789	$search = ldap_search($ldapMasterConnect, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1790	$count_entries = @ldap_count_entries($ldapMasterConnect, $search);
1791
1792	if ($count_entries)
1793	return false;
1794
1795	return true;
1796	}
1797
1798	function rename_uid($uid, $new_uid)
1799	{
1800	$return['status'] = true;
1801
1802	$justthese = array("dn");
1803	$filter="(&(phpgwAccountType=u)(uid=".$uid."))";
1804	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1805	$entry = ldap_get_entries($this->ldap, $search);
1806	$dn = $entry[0]['dn'];
1807
1808	$explode_dn = ldap_explode_dn($dn, 0);
1809	$rdn = "uid=" . $new_uid;
1810
1811	$parent = array();
1812	for ($j=1; $j<(count($explode_dn)-1); $j++)
1813	$parent[] = $explode_dn[$j];
1814	$parent = implode(",", $parent);
1815
1816	$return['new_dn'] = $rdn . ',' . $parent;
1817
1818	if (!@ldap_rename($this->ldap, $dn, $rdn, $parent, true))
1819	{
1820	$return['status'] = false;
1821	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->rename_uid ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1822	}
1823
1824	//Grupos
1825	$justthese = array("dn");
1826	$filter="(&(phpgwAccountType=g)(memberuid=".$uid."))";
1827	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1828	$entry = ldap_get_entries($this->ldap, $search);
1829	$array_mod_add['memberUid'] = $new_uid;
1830	$array_mod_del['memberUid'] = $uid;
1831
1832	for ($i=0; $i<=$entry['count']; $i++)
1833	{
1834	$dn = $entry[$i]['dn'];
1835	@ldap_mod_add ( $this->ldap, $dn, $array_mod_add);
1836	@ldap_mod_del ( $this->ldap, $dn, $array_mod_del);
1837	}
1838	return $return;
1839	}
1840
1841	function rename_cn($cn, $new_cn)
1842	{
1843	$return['status'] = true;
1844
1845	$justthese = array("dn");
1846	$filter="(&(phpgwAccountType=g)(uid=".$cn."))";
1847	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
1848	$entry = ldap_get_entries($this->ldap, $search);
1849	$dn = $entry[0]['dn'];
1850
1851	$explode_dn = ldap_explode_dn($dn, 0);
1852	$rdn = "cn=" . $new_cn;
1853
1854	$parent = array();
1855	for ($j=1; $j<(count($explode_dn)-1); $j++)
1856	$parent[] = $explode_dn[$j];
1857	$parent = implode(",", $parent);
1858
1859	$return['new_dn'] = $rdn . ',' . $parent;
1860
1861	if (!@ldap_rename($this->ldap, $dn, $rdn, $parent, false))
1862	{
1863	$return['status'] = false;
1864	}
1865
1866	return $return;
1867	}
1868
1869	function exist_sambadomains($contexts, $sambaDomainName)
1870	{
1871	$justthese = array("dn");
1872	$filter="(&(objectClass=sambaDomain)(sambaDomainName=$sambaDomainName))";
1873
1874	foreach ($contexts as $index=>$context)
1875	{
1876	$search = ldap_search($this->ldap, $context, $filter, $justthese);
1877	$entry = ldap_get_entries($this->ldap, $search);
1878
1879	if ($entry['count'])
1880	return true;
1881	}
1882	return false;
1883	}
1884
1885	// Primeiro nilvel de organização.
1886	function exist_sambadomains_in_context($params)
1887	{
1888	$dn = $GLOBALS['phpgw_info']['server']['ldap_context'];
1889	$array_dn = ldap_explode_dn ( $dn, 0 );
1890
1891	$context = $params['context'];
1892	$array_context = ldap_explode_dn ( $context, 0 );
1893
1894	// Pego o setor no caso do contexto ser um sub-setor.
1895	if (($array_dn['count']+1) < ($array_context['count']))
1896	{
1897	// inverto o array_dn para poder retirar o count
1898	$array_dn_reverse = array_reverse ( $array_dn, false );
1899
1900	//retiro o count
1901	array_pop($array_dn_reverse);
1902
1903	//incluo o setor no dn
1904	array_push ( $array_dn_reverse, $array_context[ $array_context['count'] - 1 - $array_dn['count']]);
1905
1906	// Volto a ordem natural
1907	$array_dn = array_reverse ( $array_dn_reverse, false );
1908
1909	// Implodo
1910	$context = implode ( ",", $array_dn );
1911	}
1912
1913	$justthese = array("dn","sambaDomainName");
1914	$filter="(objectClass=sambaDomain)";
1915	$search = ldap_list($this->ldap, $context, $filter, $justthese);
1916	$entry = ldap_get_entries($this->ldap, $search);
1917
1918	for ($i=0; $i<$entry['count']; $i++)
1919	{
1920	$return['sambaDomains'][$i] = $entry[$i]['sambadomainname'][0];
1921	}
1922
1923	if ($entry['count'])
1924	$return['status'] = true;
1925	else
1926	$return['status'] = false;
1927
1928	return $return;
1929	}
1930	function exist_domain_name_sid($sambadomainname, $sambasid)
1931	{
1932	$context = $GLOBALS['phpgw_info']['server']['ldap_context'];
1933
1934	$justthese = array("dn","sambaDomainName");
1935	$filter="(&(objectClass=sambaDomain)(sambaSID=$sambasid)(sambaDomainName=$sambadomainname))";
1936	$search = ldap_search($this->ldap, $context, $filter, $justthese);
1937	$count_entries = ldap_count_entries($this->ldap, $search);
1938
1939	if ($count_entries > 0)
1940	return true;
1941	else
1942	return false;
1943	}
1944
1945	function add_sambadomain($sambadomainname, $sambasid, $context)
1946	{
1947	$result = array();
1948
1949	$dn = "sambaDomainName=$sambadomainname,$context";
1950	$entry['sambaSID'] = $sambasid;
1951	$entry['objectClass'] = 'sambaDomain';
1952	$entry['sambaAlgorithmicRidBase'] = '1000';
1953	$entry['sambaDomainName'] = $sambadomainname;
1954
1955	if (!@ldap_add ( $this->ldap, $dn, $entry ))
1956	{
1957	$return['status'] = false;
1958	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->add_sambadomain ($dn)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1959	}
1960	else
1961	$return['status'] = true;
1962
1963	return $return;
1964	}
1965
1966	function delete_sambadomain($sambadomainname)
1967	{
1968	$return['status'] = true;
1969	$filter="(sambaDomainName=$sambadomainname)";
1970	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter);
1971	$entry = ldap_get_entries($this->ldap, $search);
1972
1973	if ($entry['count'] != 0)
1974	{
1975	$dn = $entry[0]['dn'];
1976
1977	if (!@ldap_delete($this->ldap, $dn))
1978	{
1979	$return['status'] = false;
1980	$result['msg'] = $this->functions->lang('Error on function') . " ldap_functions->delete_sambadomain ($sambadomainname)" . ".\n" . $this->functions->lang('Server returns') . ': ' . ldap_error($this->ldap);
1981	}
1982	}
1983
1984	return $return;
1985	}
1986
1987	function search_user($params)
1988	{
1989	$search = $params['search'];
1990	$justthese = array("cn","uid", "mail");
1991	$users_list=ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], "(&(phpgwAccountType=u) (\|(cn=$search)(mail=$search*)) )", $justthese);
1992
1993	if (ldap_count_entries($this->ldap, $users_list) == 0)
1994	{
1995	$return['status'] = 'false';
1996	$result['msg'] = $this->functions->lang('Any result was found') . '.';
1997	return $return;
1998	}
1999
2000	ldap_sort($this->ldap, $users_list, "cn");
2001
2002	$entries = ldap_get_entries($this->ldap, $users_list);
2003
2004	$options = '';
2005	for ($i=0; $i<$entries['count']; $i++)
2006	{
2007	$options .= "<option value=" . $entries[$i]['uid'][0] . ">" . $entries[$i]['cn'][0] . " (".$entries[$i]['mail'][0].")" . "</option>";
2008	}
2009
2010	return $options;
2011	}
2012
2013	function create_institutional_accounts($params)
2014	{
2015	/* Begin: Access verification */
2016	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'add_institutional_accounts'))
2017	{
2018	$return['status'] = false;
2019	$return['msg'] = $this->functions->lang('You do not have right to create institutional accounts') . ".";
2020	return $return;
2021	}
2022
2023	$access_granted = false;
2024	foreach ($this->manager_contexts as $idx=>$manager_context)
2025	{
2026	if (stristr($params['context'], $manager_context))
2027	{
2028	$access_granted = true;
2029	break;
2030	}
2031	}
2032	if (!$access_granted)
2033	{
2034	$return['status'] = false;
2035	$return['msg'] = $this->functions->lang('You do not have access to this organization') . ".";
2036	return $return;
2037	}
2038	/* End: Access verification */
2039
2040	/* Begin: Validation */
2041	if ( (empty($params['cn'])) \|\| (empty($params['mail'])) )
2042	{
2043	$result['status'] = false;
2044	$result['msg'] = $this->functions->lang('Field mail or name is empty');
2045	return $result;
2046	}
2047
2048	if (! eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+$", $params['mail']) )
2049	{
2050	$result['status'] = false;
2051	$result['msg'] = $this->functions->lang('Field mail is not formed correcty') . '.';
2052	return $result;
2053	}
2054
2055	$uid = 'institutional_account_' . $params['mail'];
2056	$dn = "uid=$uid," . $params['context'];
2057
2058	$filter = "(mail=".$params['mail'].")";
2059	$justthese = array("cn");
2060	$search = @ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
2061	$entries = @ldap_get_entries($this->ldap,$search);
2062	if ($entries['count'] != 0)
2063	{
2064	$result['status'] = false;
2065	$result['msg'] = $this->functions->lang('Field mail already in use');
2066	return $result;
2067	}
2068	/* End: Validation */
2069
2070	$info = array();
2071	$info['cn'] = $params['cn'];
2072	$info['sn'] = $params['cn'];
2073	$info['uid'] = $uid;
2074	$info['mail'] = $params['mail'];
2075	$info['description'] = $params['description'];
2076	$info['phpgwAccountType'] = 'i';
2077	$info['objectClass'][] = 'inetOrgPerson';
2078	$info['objectClass'][] = 'phpgwAccount';
2079	$info['objectClass'][] = 'top';
2080	$info['objectClass'][] = 'person';
2081	$info['objectClass'][] = 'qmailUser';
2082	$info['objectClass'][] = 'organizationalPerson';
2083
2084	if ($params['accountStatus'] == 'on')
2085	{
2086	$info['accountStatus'] = 'active';
2087	}
2088	if ($params['phpgwAccountVisible'] == 'on')
2089	{
2090	$info['phpgwAccountVisible'] = '-1';
2091	}
2092
2093	if (!empty($params['owners']))
2094	{
2095	foreach($params['owners'] as $index=>$uidnumber)
2096	{
2097	$info['mailForwardingAddress'][] = $this->uidnumber2mail($uidnumber);
2098	}
2099	}
2100
2101	$result = array();
2102	if (!@ldap_add ( $this->ldap, $dn, $info ))
2103	{
2104	$result['status'] = false;
2105	$result['msg'] = $this->functions->lang('Error on function') . ' ldap_functions->create_institutional_accounts';
2106	$result['msg'] .= "\n" . $this->functions->lang('Server return') . ': ' . ldap_error($this->ldap);
2107	}
2108	else
2109	$result['status'] = true;
2110
2111	return $result;
2112	}
2113
2114	function save_institutional_accounts($params)
2115	{
2116	/* Begin: Access verification */
2117	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_institutional_accounts'))
2118	{
2119	$return['status'] = false;
2120	$return['msg'] = $this->functions->lang('You do not have right to edit institutional accounts') . ".";
2121	return $return;
2122	}
2123	$access_granted = false;
2124	foreach ($this->manager_contexts as $idx=>$manager_context)
2125	{
2126	if (stristr($params['context'], $manager_context))
2127	{
2128	$access_granted = true;
2129	break;
2130	}
2131	}
2132	if (!$access_granted)
2133	{
2134	$return['status'] = false;
2135	$return['msg'] = $this->functions->lang('You do not have access to this organization') . ".";
2136	return $return;
2137	}
2138	/* End: Access verification */
2139
2140	/* Begin: Validation */
2141	if ( (empty($params['cn'])) \|\| (empty($params['mail'])) )
2142	{
2143	$result['status'] = false;
2144	$result['msg'] = $this->functions->lang('Field mail or name is empty') . '.';
2145	return $result;
2146	}
2147
2148	if (! eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+$", $params['mail']) )
2149	{
2150	$result['status'] = false;
2151	$result['msg'] = $this->functions->lang('Field mail is not formed correcty') . '.';
2152	return $result;
2153	}
2154
2155	$uid = 'institutional_account_' . $params['mail'];
2156	$dn = strtolower("uid=$uid," . $params['context']);
2157	$anchor = strtolower($params['anchor']);
2158
2159	$filter = "(mail=".$params['mail'].")";
2160	$justthese = array("cn");
2161	$search = @ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
2162	$entries = @ldap_get_entries($this->ldap,$search);
2163
2164	if ( ($entries['count'] > 1) \|\| (($entries['count'] == 1) && ($entries[0]['dn'] != $anchor)) )
2165	{
2166	$result['status'] = false;
2167	$result['msg'] = $this->functions->lang('Field mail already in use.');
2168	return $result;
2169	}
2170	/* End: Validation */
2171
2172	$result = array();
2173	$result['status'] = true;
2174
2175	if ($anchor != $dn)
2176	{
2177	if (!@ldap_rename($this->ldap, $anchor, "uid=$uid", $params['context'], true))
2178	{
2179	$result['status'] = false;
2180	$result['msg'] = $this->functions->lang('Error on function') . ' ldap_functions->save_institutional_accounts: ldap_rename';
2181	$result['msg'] .= "\n" . $this->functions->lang('Server return') . ': ' . ldap_error($this->ldap);
2182	}
2183	}
2184
2185	$info = array();
2186	$info['cn'] = $params['cn'];
2187	$info['sn'] = $params['cn'];
2188	$info['uid'] = $uid;
2189	$info['mail'] = $params['mail'];
2190
2191	if ($params['accountStatus'] == 'on')
2192	$info['accountStatus'] = 'active';
2193	else
2194	$info['accountStatus'] = array();
2195
2196	if ($params['phpgwAccountVisible'] == 'on')
2197	$info['phpgwAccountVisible'] = '-1';
2198	else
2199	$info['phpgwAccountVisible'] = array();
2200
2201	if ($params['description'] != '')
2202	$info['description'] = utf8_encode($params['description']);
2203	else
2204	$info['description'] = array();
2205
2206	if (!empty($params['owners']))
2207	{
2208	foreach($params['owners'] as $index=>$uidnumber)
2209	{
2210	$mailForwardingAddress = $this->uidnumber2mail($uidnumber);
2211	if ($mailForwardingAddress != '')
2212	$info['mailForwardingAddress'][] = $mailForwardingAddress;
2213	}
2214	}
2215	else
2216	$info['mailForwardingAddress'] = array();
2217
2218	if (!@ldap_modify ( $this->ldap, $dn, $info ))
2219	{
2220	$result['status'] = false;
2221	$result['msg'] = $this->functions->lang('Error on function') . ' ldap_functions->save_institutional_accounts: ldap_modify';
2222	$result['msg'] .= "\n" . $this->functions->lang('Server return') . ': ' . ldap_error($this->ldap);
2223	}
2224
2225	return $result;
2226	}
2227
2228	function get_institutional_accounts($params)
2229	{
2230	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'list_institutional_accounts'))
2231	{
2232	$return['status'] = false;
2233	$return['msg'] = $this->functions->lang('You do not have right to list institutional accounts') . ".";
2234	return $return;
2235	}
2236
2237	$input = $params['input'];
2238	$justthese = array("cn", "mail", "uid");
2239	$trs = array();
2240
2241	foreach ($this->manager_contexts as $idx=>$context)
2242	{
2243	$institutional_accounts = ldap_search($this->ldap, $context, ("(&(phpgwAccountType=i)(\|(mail=$input)(cn=$input*)))"), $justthese);
2244	$entries = ldap_get_entries($this->ldap, $institutional_accounts);
2245
2246	for ($i=0; $i<$entries['count']; $i++)
2247	{
2248	$tr = "<tr class='normal' onMouseOver=this.className='selected' onMouseOut=this.className='normal'><td onClick=edit_institutional_account('".$entries[$i]['uid'][0]."')>" . $entries[$i]['cn'][0] . "</td><td onClick=edit_institutional_account('".$entries[$i]['uid'][0]."')>" . $entries[$i]['mail'][0] . "</td><td align='center' onClick=delete_institutional_accounts('".$entries[$i]['uid'][0]."')><img HEIGHT='16' WIDTH='16' src=./expressoAdmin1_2/templates/default/images/delete.png></td></tr>";
2249	$trs[$tr] = $entries[$i]['cn'][0];
2250	}
2251	}
2252
2253	$trs_string = '';
2254	if (count($trs))
2255	{
2256	natcasesort($trs);
2257	foreach ($trs as $tr=>$cn)
2258	{
2259	$trs_string .= $tr;
2260	}
2261	}
2262
2263	$return['status'] = 'true';
2264	$return['trs'] = $trs_string;
2265	return $return;
2266	}
2267
2268	function get_institutional_account_data($params)
2269	{
2270	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_institutional_accounts'))
2271	{
2272	$return['status'] = false;
2273	$return['msg'] = $this->functions->lang('You do not have right to edit institutional accounts') . ".";
2274	return $return;
2275	}
2276
2277	$uid = $params['uid'];
2278	//$justthese = array("accountStatus", "phpgwAccountVisible", "cn", "mail", "mailForwardingAddress", "description");
2279
2280	$institutional_accounts = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], ("(&(phpgwAccountType=i)(uid=$uid))"));
2281	$entrie = ldap_get_entries($this->ldap, $institutional_accounts);
2282
2283	if ($entrie['count'] != 1)
2284	{
2285	$return['status'] = 'false';
2286	$result['msg'] = $this->functions->lang('Problems loading datas') . '.';
2287	}
2288	else
2289	{
2290	$tmp_user_context = split(",", $entrie[0]['dn']);
2291	$tmp_reverse_user_context = array_reverse($tmp_user_context);
2292	array_pop($tmp_reverse_user_context);
2293	$return['user_context'] = implode(",", array_reverse($tmp_reverse_user_context));
2294
2295	$return['status'] = 'true';
2296	$return['accountStatus'] = $entrie[0]['accountstatus'][0];
2297	$return['phpgwAccountVisible'] = $entrie[0]['phpgwaccountvisible'][0];
2298	$return['cn'] = $entrie[0]['cn'][0];
2299	$return['mail'] = $entrie[0]['mail'][0];
2300	$return['description'] = utf8_decode($entrie[0]['description'][0]);
2301
2302	if ($entrie[0]['mailforwardingaddress']['count'] > 0)
2303	{
2304	$a_cn = array();
2305	for ($i=0; $i<$entrie[0]['mailforwardingaddress']['count']; $i++)
2306	{
2307	$tmp = $this->mailforwardingaddress2uidnumber($entrie[0]['mailforwardingaddress'][$i]);
2308	if (!$tmp) {}
2309	else
2310	$a_cn[$tmp['uidnumber']] = $tmp['cn'];
2311	}
2312	natcasesort($a_cn);
2313	foreach($a_cn as $uidnumber => $cn)
2314	{
2315	$return['owners'] .= '<option value='. $uidnumber .'>' . $cn . '</option>';
2316	}
2317	}
2318	}
2319
2320	return $return;
2321	}
2322	function get_shared_accounts($params)
2323	{
2324	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'list_shared_accounts'))
2325	{
2326	$return['status'] = false;
2327	$return['msg'] = $this->functions->lang('You do not have right to list shared accounts') . ".";
2328	return $return;
2329	}
2330
2331	$input = $params['input'];
2332	$justthese = array("cn", "mail", "uid");
2333	$trs = array();
2334
2335	foreach ($this->manager_contexts as $idx=>$context)
2336	{
2337	$institutional_accounts = ldap_search($this->ldap, $context, ("(&(phpgwAccountType=s)(\|(mail=$input)(cn=$input*)))"), $justthese);
2338	$entries = ldap_get_entries($this->ldap, $institutional_accounts);
2339
2340	for ($i=0; $i<$entries['count']; $i++)
2341	{
2342	$tr = "<tr class='normal' onMouseOver=this.className='selected' onMouseOut=this.className='normal'><td onClick=edit_shared_account('".$entries[$i]['uid'][0]."')>" . $entries[$i]['cn'][0] . "</td><td onClick=edit_shared_account('".$entries[$i]['uid'][0]."')>" . $entries[$i]['mail'][0] . "</td><td align='center' onClick=delete_shared_accounts('".$entries[$i]['uid'][0]."')><img HEIGHT='16' WIDTH='16' src=./expressoAdmin1_2/templates/default/images/delete.png></td></tr>";
2343	$trs[$tr] = $entries[$i]['cn'][0];
2344	}
2345	}
2346
2347	$trs_string = '';
2348	if (count($trs))
2349	{
2350	natcasesort($trs);
2351	foreach ($trs as $tr=>$cn)
2352	{
2353	$trs_string .= $tr;
2354	}
2355	}
2356
2357	$return['status'] = 'true';
2358	$return['trs'] = $trs_string;
2359	return $return;
2360	}
2361
2362	function save_shared_accounts($params)
2363	{
2364	/* Begin: Access verification */
2365	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_shared_accounts'))
2366	{
2367	$return['status'] = false;
2368	$return['msg'] = $this->functions->lang('You do not have right to edit shared accounts') . ".";
2369	return $return;
2370	}
2371	$access_granted = false;
2372	foreach ($this->manager_contexts as $idx=>$manager_context)
2373	{
2374	if (stristr($params['context'], $manager_context))
2375	{
2376	$access_granted = true;
2377	break;
2378	}
2379	}
2380	if (!$access_granted)
2381	{
2382	$return['status'] = false;
2383	$return['msg'] = $this->functions->lang('You do not have access to this organization') . ".";
2384	return $return;
2385	}
2386	/* End: Access verification */
2387
2388	/* Begin: Validation */
2389	if ( (empty($params['cn'])) \|\| (empty($params['mail'])) )
2390	{
2391	$result['status'] = false;
2392	$result['msg'] = $this->functions->lang('Field mail or name is empty') . '.';
2393	return $result;
2394	}
2395
2396	if (! eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+$", $params['mail']) )
2397	{
2398	$result['status'] = false;
2399	$result['msg'] = $this->functions->lang('Field mail is not formed correcty') . '.';
2400	return $result;
2401	}
2402
2403	$dn = strtolower("uid=$params[uid]," . $params['context']);
2404	$anchor = strtolower($params['anchor']);
2405
2406	$filter = "(mail=".$params['mail'].")";
2407	$justthese = array("cn");
2408	$search = @ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
2409	$entries = @ldap_get_entries($this->ldap,$search);
2410
2411	if ( ($entries['count'] > 1) \|\| (($entries['count'] == 1) && ($entries[0]['dn'] != $anchor)) )
2412	{
2413	$result['status'] = false;
2414	$result['msg'] = $this->functions->lang('Field mail already in use.');
2415	return $result;
2416	}
2417	/* End: Validation */
2418
2419	$result = array();
2420	$result['status'] = true;
2421
2422	if ($anchor != $dn)
2423	{
2424	if (!@ldap_rename($this->ldap, $anchor, "uid=$params[uid]", $params['context'], true))
2425	{
2426	$result['status'] = false;
2427	$result['msg'] = $this->functions->lang('Error on function') . ' ldap_functions->save_shared_accounts: ldap_rename';
2428	$result['msg'] .= "\n" . $this->functions->lang('Server return') . ': ' . ldap_error($this->ldap);
2429	}
2430	}
2431
2432	$info = array();
2433	$info['cn'] = $params['cn'];
2434	$info['sn'] = $params['cn'];
2435	$info['uid'] = $params['uid'];
2436	$info['mail'] = $params['mail'];
2437
2438	if ($params['accountStatus'] == 'on')
2439	$info['accountStatus'] = 'active';
2440	else
2441	$info['accountStatus'] = array();
2442
2443	if ($params['phpgwAccountVisible'] == 'on')
2444	$info['phpgwAccountVisible'] = '-1';
2445	else
2446	$info['phpgwAccountVisible'] = array();
2447
2448	if ($params['description'] != '')
2449	$info['description'] = utf8_encode($params['description']);
2450	else
2451	$info['description'] = array();
2452
2453	if (!@ldap_modify ( $this->ldap, $dn, $info ))
2454	{
2455	$result['status'] = false;
2456	$result['msg'] = $this->functions->lang('Error on function') . ' ldap_functions->save_shared_accounts: ldap_modify';
2457	$result['msg'] .= "\n" . $this->functions->lang('Server return') . ': ' . ldap_error($this->ldap);
2458	}
2459	//print_r($info);echo "Teste $dn".$result['msg'];exit();
2460	return $result;
2461	}
2462
2463	function get_shared_account_data($params)
2464	{
2465	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'edit_shared_accounts'))
2466	{
2467	$return['status'] = false;
2468	$return['msg'] = $this->functions->lang('You do not have right to edit an shared accounts') . ".";
2469	return $return;
2470	}
2471
2472	$uid = $params['uid'];
2473	//$justthese = array("accountStatus", "phpgwAccountVisible", "cn", "mail", "mailForwardingAddress", "description");
2474
2475	$shared_accounts = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], ("(&(phpgwAccountType=s)(uid=$uid))"));
2476	$entrie = ldap_get_entries($this->ldap, $shared_accounts);
2477
2478	if ($entrie['count'] != 1)
2479	{
2480	$return['status'] = 'false';
2481	$result['msg'] = $this->functions->lang('Problems loading datas') . '.';
2482	}
2483	else
2484	{
2485	$tmp_user_context = split(",", $entrie[0]['dn']);
2486	$tmp_reverse_user_context = array_reverse($tmp_user_context);
2487	array_pop($tmp_reverse_user_context);
2488	$return['user_context'] = implode(",", array_reverse($tmp_reverse_user_context));
2489
2490	$return['status'] = 'true';
2491	$return['accountStatus'] = $entrie[0]['accountstatus'][0];
2492	$return['phpgwAccountVisible'] = $entrie[0]['phpgwaccountvisible'][0];
2493	$return['cn'] = $entrie[0]['cn'][0];
2494	$return['mail'] = $entrie[0]['mail'][0];
2495	$return['description'] = utf8_decode($entrie[0]['description'][0]);
2496
2497	}
2498
2499	return $return;
2500	}
2501	function mailforwardingaddress2uidnumber($mail)
2502	{
2503	$justthese = array("uidnumber","cn");
2504	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], ("(&(phpgwAccountType=u)(mail=$mail))"), $justthese);
2505	$entrie = ldap_get_entries($this->ldap, $search);
2506	if ($entrie['count'] != 1)
2507	return false;
2508	else
2509	{
2510	$return['uidnumber'] = $entrie[0]['uidnumber'][0];
2511	$return['cn'] = $entrie[0]['cn'][0];
2512	return $return;
2513	}
2514	}
2515
2516	function delete_institutional_account_data($params)
2517	{
2518	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'remove_institutional_accounts'))
2519	{
2520	$return['status'] = false;
2521	$return['msg'] = $this->functions->lang('You do not have right to delete institutional accounts') . ".";
2522	return $return;
2523	}
2524
2525	$uid = $params['uid'];
2526	$return['status'] = true;
2527
2528	$justthese = array("cn");
2529	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], ("(&(phpgwAccountType=i)(uid=$uid))"), $justthese);
2530	$entrie = ldap_get_entries($this->ldap, $search);
2531	if ($entrie['count'] > 1)
2532	{
2533	$return['status'] = false;
2534	$return['msg'] = $this->functions->lang('More then one uid was found');
2535	return $return;
2536	}
2537	if ($entrie['count'] == 0)
2538	{
2539	$return['status'] = false;
2540	$return['msg'] = $this->functions->lang('No uid was found');
2541	return $return;
2542	}
2543
2544	$dn = $entrie[0]['dn'];
2545	if (!@ldap_delete($this->ldap, $dn))
2546	{
2547	$return['status'] = false;
2548	$return['msg'] = $this->functions->lang('Error on function') . " ldap_functions->delete_institutional_accounts: ldap_delete";
2549	$return['msg'] .= "\n" . $this->functions->lang('Server return') . ': ' . ldap_error($this->ldap);
2550	return $return;
2551	}
2552
2553	return $return;
2554	}
2555
2556	function replace_mail_from_institutional_account($newMail, $oldMail)
2557	{
2558	$filter = "(&(phpgwAccountType=i)(mailforwardingaddress=$oldMail))";
2559	$justthese = array("dn");
2560	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], $filter, $justthese);
2561	$entries = ldap_get_entries($this->ldap, $search);
2562	$result['status'] = true;
2563	for ($i=0; $i<$entries['count']; $i++)
2564	{
2565	$attrs['mailforwardingaddress'] = $oldMail;
2566	$res1 = @ldap_mod_del($this->ldap, $entries[$i]['dn'], $attrs);
2567	$attrs['mailforwardingaddress'] = $newMail;
2568	$res2 = @ldap_mod_add($this->ldap, $entries[$i]['dn'], $attrs);
2569
2570	if ((!$res1) \|\| (!$res2))
2571	{
2572	$result['status'] = false;
2573	$return['msg'] = $this->functions->lang('Error on function') . " ldap_functions->replace_mail_from_institutional_account.";
2574	}
2575	}
2576
2577	return $result;
2578	}
2579	function delete_shared_account_data($params)
2580	{
2581	if (!$this->functions->check_acl($_SESSION['phpgw_info']['expresso']['user']['account_lid'], 'delete_shared_accounts'))
2582	{
2583	$return['status'] = false;
2584	$return['msg'] = $this->functions->lang('You do not have right to delete shared accounts') . ".";
2585	return $return;
2586	}
2587	$uid = $params['uid'];
2588	$return['status'] = true;
2589
2590	$justthese = array("cn");
2591	$search = ldap_search($this->ldap, $GLOBALS['phpgw_info']['server']['ldap_context'], "(&(phpgwAccountType=s)(uid=$uid))", $justthese);
2592
2593	$entrie = ldap_get_entries($this->ldap, $search);
2594
2595	if ($entrie['count'] > 1)
2596	{
2597	$return['status'] = false;
2598	$return['msg'] = $this->functions->lang('More then one uid was found');
2599	return $return;
2600	}
2601	if ($entrie['count'] == 0)
2602	{
2603	$return['status'] = false;
2604	$return['msg'] = $this->functions->lang('No uid was found');
2605	return $return;
2606	}
2607
2608	$dn = $entrie[0]['dn'];
2609	if (!@ldap_delete($this->ldap, $dn))
2610	{
2611	$return['status'] = false;
2612	$return['msg'] = $this->functions->lang('Error on function') . " ldap_functions->delete_shared_accounts: ldap_delete";
2613	$return['msg'] .= "\n" . $this->functions->lang('Server return') . ': ' . ldap_error($this->ldap);
2614	return $return;
2615	}
2616
2617	return $return;
2618	}
2619	}
2620	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: