Savane PHP Frontend Developer Reference: account.php Source File

00001 <?php
00002 # This file is part of the Savane project
00003 # <http://gna.org/projects/savane/>
00004 #
00005 # $Id: account.php 5400 2006-02-16 14:15:55Z yeupou $
00006 #
00007 #  Copyright 1999-2000 (c) The SourceForge Crew
00008 #  Copyright 2000-2003 (c) Free Software Foundation
00009 #
00010 #  Copyright 2003-2004 (c) Mathieu Roy <yeupou--at--gnu.org>
00011 # 
00012 # The Savane project is free software; you can redistribute it and/or
00013 # modify it under the terms of the GNU General Public License
00014 # as published by the Free Software Foundation; either version 2
00015 # of the License, or (at your option) any later version.
00016 #
00017 # The Savane project is distributed in the hope that it will be useful,
00018 # but WITHOUT ANY WARRANTY; without even the implied warranty of
00019 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00020 # GNU General Public License for more details.
00021 #
00022 # You should have received a copy of the GNU General Public License
00023 # along with the Savane project; if not, write to the Free Software
00024 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
00025 
00026 # adduser.php - All the forms and functions to manage unix users
00027 
00028 function account_pwvalid ($pw) 
00029 {
00030   $MIN_PASSWD_LENGTH=3;
00031   if (strlen($pw) < $MIN_PASSWD_LENGTH)
00032     {
00033       $err_msg = sprintf(ngettext("Password must be at least %s character.", "Password must be at least %s characters.", $MIN_PASSWD_LENGTH), $MIN_PASSWD_LENGTH);
00034       $GLOBALS['register_error'] = $err_msg;
00035       fb($err_msg, 1);
00036       return 0;
00037     }
00038   return 1;
00039 }
00040 
00041 function account_namevalid ($name, $allow_dashes=0, $allow_underscores=1)
00042 {
00043   # By default, underscore are allowed, creating no specific issue for an
00044   # account name. It may creates trouble if the account is use to handle DNS...
00045   if ($allow_underscores) {
00046     $underscore = "_";
00047   }
00048 
00049   # By default, dashes are not allowed, creating issue with mailing list name
00050   # and many other potential conflicts. However, it is usually convenient for
00051   # groups name.
00052   if ($allow_dashes) {
00053     $dashes = "-";
00054   }
00055   
00056   # no spaces
00057   if (strrpos($name,' ') > 0)
00058     {
00059       fb(_("There cannot be any spaces in the login name."),1); 
00060       return 0;
00061     }
00062 
00063   # min and max length
00064   $MIN_ACCNAME_LENGTH= 3;
00065   $MAX_ACCNAME_LENGTH= 16;
00066 
00067   if (strlen($name) < $MIN_ACCNAME_LENGTH)
00068     {
00069       fb(sprintf(ngettext("Account name is too short. It must be at least %s character.", "Account name is too short. It must be at least %s characters.", $MIN_ACCNAME_LENGTH), $MIN_ACCNAME_LENGTH),1);
00070       return 0;
00071     }
00072 
00073   if (strlen($name) > $MAX_ACCNAME_LENGTH)
00074     {
00075       fb(sprintf(ngettext("Account name is too long. It must be at most %s character.", "Account name is too long. It must be at most %s characters.", $MAX_ACCNAME_LENGTH), $MAX_ACCNAME_LENGTH),1);
00076       return 0;
00077     }
00078 
00079   # must start with an alphanumeric non numeric
00080   if (strspn($name,"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ") == 0)
00081     {
00082       fb(_("Account name must begin with an alphabetical character."),1);
00083       return 0;
00084     }
00085 
00086   # must contain only legal characters and underscores, and maybe dashes and 
00087   # underscore, depending on the arguments
00088   if (strspn($name,"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789$underscore$dashes")
00089       != strlen($name))
00090     {
00091       if ($allow_underscore) 
00092         { fb(_("Account name must only contain alphanumerics and underscores."),1); }
00093       elseif ($allow_dashes) 
00094         { fb(_("Account name must only contain alphanumerics and dashes."),1); }
00095       else { fb(_("Account name must only contain alphanumerics."),1); }
00096 
00097       return 0;
00098     }
00099     
00100   # illegal names
00101   if (eregi("^((root)|(savane-keyrings)|(bin)|(daemon)|(adm)|(lp)|(sync)|(shutdown)|(halt)|(mail)|(news)"
00102             . "|(uucp)|(apache)|(operator)|(invalid)|(games)|(mysql)|(httpd)|(nobody)|(dummy)|(opensource)"
00103             . "|(web)|(www)|(cvs)|(anoncvs)|(anonymous)|(shell)|(ftp)|(irc)|(debian)|(ns)|(download))$",$name))
00104     {
00105       fb(_("That account name is reserved."),1);
00106       return 0;
00107     }
00108                 
00109   return 1;
00110 }
00111 
00112 # Just check if the email address domain is not from a forbidden domain
00113 # or if it is not already associated to an email account
00114 function account_emailvalid ($email)
00115 {
00116   if (db_numrows(db_query("SELECT user_id FROM user WHERE "
00117                           . "email LIKE '".addslashes($email)."'")) > 0)
00118     {
00119       fb(_("An account associated with that email address has already been created."),1);
00120       return 0;
00121     }
00122 
00123   utils_get_content("forbidden_mail_domains");
00124 
00125   if ($GLOBALS['forbid_mail_domains_regexp'])
00126     {
00127       if (preg_match($GLOBALS['forbid_mail_domains_regexp'], addslashes($email)))
00128         {
00129           fb(_("It is not allowed to associate an account with this email address."),1);
00130           return 0;
00131         }
00132     }
00133   return 1;
00134 }
00135 
00136 function account_groupnamevalid ($name)
00137 {
00138   
00139   # Test with the usual namevalid function, allowing dashes
00140   if (!account_namevalid($name, 1, 0)) 
00141     { return 0; }
00142   
00143   utils_get_content("forbidden_group_names");
00144 
00145   # All these groups are invalid by default. There can be used for system
00146   # services and already be existing on the system.
00147   # Please, keep that list in alphabetic order.
00148   $forbid_group_regexp = "/^(".
00149      "(adm)|".
00150      "(admin)|". 
00151      "(apache)|".
00152      "(bin)|".   
00153      "(compile)|".
00154      "(cvs[0-9]?)|".
00155      "(daemon)|".
00156      "(disk)|".
00157      "(download[0-9]?)|".
00158      "(exim)|".
00159      "(fencepost)|".
00160      "(ftp)|".
00161      "(ftp[0-9]?)|".
00162      "(gnudist)|".
00163      "(ident)|".
00164      "(irc[0-9]?)|".
00165      "(lists)|".
00166      "(lp)|".
00167      "(mail[0-9]?)|".
00168      "(man)|".
00169      "(monitor)|".
00170      "(mirrors?)|".
00171      "(nogroup)|".
00172      "(ns[0-9]?)|".
00173      "(news[0-9]?)|".
00174      "(ntp)|".
00175      "(postfix)|".
00176      "(projects)|".
00177      "(pub)|".
00178      "(root)|".
00179      "(rpc)|".
00180      "(rpcuser)|".
00181      "(shadow)|".
00182      "(shell[0-9]?)|".
00183      "(slayer)|".
00184      "(sshd)|".
00185      "(staff)|".
00186      "(sudo)|".
00187      "(savane-keyrings)|".   # reserved for keyrings 
00188      "(svusers)|".   # users group for savane users
00189      "(sys)|".
00190      "(tty)|".
00191      "(uucp)|".
00192      "(users)|".
00193      "(utmp)|".
00194      "(web.*)|".
00195      "(wheel)|".
00196      "(www[0-9]?)|".
00197      "(www-data)|".
00198      "(xfs)".
00199      ")$/";
00200   
00201   # Illegal names: check the hardcoded list unless the variable
00202   #      $only_specific_forbid_group_regexp is true
00203   if (!$GLOBALS['only_specific_forbid_group_regexp'])
00204     {
00205       dbg("apply standard regexp");
00206       if (preg_match($forbid_group_regexp,$name))
00207         {
00208           fb(_("This group name is not allowed."),1);
00209           return 0;
00210         }
00211     }
00212 
00213   # Illegal names: check the site specific list if a list is given
00214   #      (by consequence, the variable return true)
00215   if ($GLOBALS['specific_forbid_group_regexp']) 
00216     {
00217       dbg("apply specific regexp");
00218       if (preg_match($GLOBALS['specific_forbid_group_regexp'],$name))
00219         {
00220           fb(_("This group name is not allowed."),1);
00221           return 0;
00222         }
00223     }
00224   
00225   if (eregi("_",$name))
00226     {
00227       fb(_("Group name cannot contain underscore for DNS reasons."),1);
00228       return 0;
00229     }
00230 
00231   return 1;
00232 }
00233 
00234 # The following is a random salt generator
00235 function account_gensalt()
00236 {
00237   function rannum(){         
00238     mt_srand((double)microtime()*1000000);                
00239     $num = mt_rand(46,122);               
00240     return $num;                  
00241   }          
00242   function genchr(){
00243     do {          
00244       $num = rannum();            
00245     } while ( ( $num > 57 && $num < 65 ) || ( $num > 90 && $num < 97 ) );         
00246     $char = chr($num);    
00247     return $char;         
00248   }        
00249 
00250   $a = genchr(); 
00251   $b = genchr();
00252   #     $salt = "$1$" . "$a$b";
00253   $salt = "$a$b";
00254   return $salt; 
00255 }
00256 
00257 # generate unix pw
00258 function account_genunixpw($plainpw)
00259 {
00260   return crypt($plainpw,account_gensalt());
00261 }
00262 
00263 # returns next userid
00264 function account_nextuid()
00265 {
00266   db_query("SELECT max(unix_uid) AS maxid FROM user");
00267   $row = db_fetch_array();
00268   return ($row[maxid] + 1);
00269 }
00270 
00271 # print out shell selects
00272 function account_shellselects($current)
00273 {
00274   $shells = file("/etc/shells");
00275 
00276   for ($i = 0; $i < count($shells); $i++)
00277     {
00278       $this_shell = chop($shells[$i]);
00279       echo "<option ".(($current == $this_shell)?"selected ":"")."value=$this_shell>$this_shell</option>\n";
00280     }
00281 }
00282 
00283 ?>