account.inc
This provides several helper function for the account modules.
Tags
Interfaces, Classes, Traits and Enums
- samba3domain
- Represents a Samba 3 domain entry
- moduleCache
- Caches module objects.
- LAMException
- LAM exception with title and message.
Table of Contents
- array_delete() : array<string|int, mixed>
- This function will return all values from $array without values of $values.
- in_array_ignore_case() : mixed
- Checks if a string exists in an array, ignoring case.
- getdays() : number
- This function will return the days from 1.1.1970 until now.
- smbflag() : string
- Takes a list of Samba flags and creates the corresponding flag string.
- lmPassword() : string
- Generates the LM hash of a password.
- ntPassword() : string
- Generates the NT hash of a password.
- pwd_hash() : string
- Returns the hash value of a plain text password.
- getHashType() : string
- Returns the hash type of the given password hash.
- getSupportedHashTypes() : array<string|int, mixed>
- Returns the list of supported hash types (e.g. SSHA).
- generateSalt() : string
- Calculates a password salt of the given length.
- pwd_enable() : string
- Marks an password hash as enabled and returns the new hash string
- pwd_disable() : string
- Marks an password hash as disabled and returns the new hash string
- pwd_is_lockable() : bool
- Checks if a Unix password can be locked.
- pwd_is_enabled() : bool
- Checks if a password hash is enabled/disabled
- generateRandomPassword() : string
- Generates a random password with 12 digits by default.
- generateRandomText() : string
- Generates a random text with 20 letters by default.
- checkPasswordHash() : bool
- Checks if the given password matches the crypto hash.
- getNumberOfCharacterClasses() : int
- Returns the number of character classes in a password.
- search_domains() : array<string|int, mixed>
- Returns an array with all Samba 3 domain entries under the given suffix
- get_preg() : bool
- Checks if a given value matches the selected regular expression.
- convertCommaEscaping() : string
- Converts the comma escaping from Windows to OpenLDAP style.
- connectToLDAP() : mixed
- Connects to an LDAP server using the given URL.
- searchLDAPByAttribute() : array<string|int, mixed>
- This will search the given LDAP suffix for all entries which have the given attribute.
- searchLDAPByFilter() : array<string|int, mixed>
- This will search the given LDAP suffix for all entries which match the given filter.
- searchLDAP() : array<string|int, mixed>
- Runs an LDAP search.
- getLDAPServerHandle() : handle
- Returns the LDAP server handle.
- searchLDAPPaged() : array<string|int, mixed>
- Runs an LDAP search and uses paging if configured.
- ldapGetDN() : array<string|int, mixed>|null
- Returns the given DN.
- ldapListDN() : array<string|int, mixed>
- Returns the DN and children of a given DN.
- deleteDN() : array<string|int, mixed>
- Deletes a DN and all child entries.
- copyDnRecursive() : void
- Performs a recursive copy from old DN under target DN.
- moveDn() : void
- Moves an LDAP entry.
- getLastLDAPError() : array<string|int, mixed>
- Returns the parameters for a StatusMessage of the last LDAP search.
- cleanLDAPResult() : mixed
- Cleans the result of an LDAP search.
- getAbstractDN() : string
- Transforms a DN into a more user friendly format.
- unescapeLdapSpecialCharacters() : string
- Unescapes LDAP special characters for readability.
- unescapeLdapSpecialCharactersCallback() : string
- Callback function for unescaping DN.
- compareDN() : int
- Helper function to sort DNs.
- compareLDAPEntriesByDn() : int
- Helper function to sort LDAP entries by DN.
- formatLDAPTimestamp() : string
- Formats an LDAP time string (e.g. from createTimestamp).
- parseLDAPTimestamp() : DateTime
- Parses an LDAP time stamp and returns a DateTime in current time zone.
- obfuscateText() : mixed
- Simple function to obfuscate strings.
- deobfuscateText() : mixed
- Simple function to deobfuscate strings.
- isObfuscatedText() : bool
- Checks if the given text is obfuscated.
- extractRDNAttribute() : string
- Extracts the RDN attribute name from a given DN.
- extractRDNValue() : string
- Extracts the RDN attribute value from a given DN.
- extractRDN() : string|null
- Extracts the RDN part of the DN.
- extractDNSuffix() : string
- Extracts the DN suffix from a given DN.
- testSmtpConnection() : void
- Checks if the SMTP connection with the given settings is fine.
- sendPasswordMail() : array<string|int, mixed>
- Sends the password mail.
- sendEMail() : mixed
- Sends out an email.
- isCommandlineSafeEmailAddress() : bool
- Checks if an email address is safe for use on commandline
- getRandomNumber() : int
- Returns a random number.
- getLDAPSSLCertificate() : mixed
- Connects to the LDAP server and extracts the certificates.
- getExtendedLDAPErrorMessage() : string
- Returns the extended LDAP error message if any.
- getDefaultLDAPErrorString() : string
- Returns the default error message to display on the web page.
- ldapIsPasswordExpired() : bool
- Returns if the last LDAP error was due to expired password or forced password change (AD only).
- getExtraInvalidCredentialsMessage() : string
- Tries to get additional information why invalid credentials was returned. E.g. account is locked.
- getCallingURL() : string
- Returns the URL under which the page was loaded.
- getTimeZoneOffsetHours() : int
- Returns the offset in hours from configured time zone to GMT.
- getTimeZone() : DateTimeZone
- Returns the configured time zone.
- getFormattedTime() : mixed
- Returns the current time in formatted form.
- formatSecondsToShortFormat() : string
- Formats a number of seconds to a more human readable format with minutes, hours, etc.
- unformatShortFormatToSeconds() : int
- Unformats text like 1m10s back to number of seconds.
- enforceUserIsLoggedIn() : mixed
- Checks if the user is logged in. Stops script execution if not.
- printHeaderContents() : mixed
- Prints the content of the header part.
- printJsIncludes() : mixed
- Prints script tags for all LAM JS files.
- convertUtf8ToUtf16Le() : mixed
- Converts an UTF-8 string to UTF16LE.
- getLAMVersionText() : string
- Returns the text with LAM and its version for header area.
- isDeveloperVersion() : bool
- Returns if the given release is a developer version.
Functions
array_delete()
This function will return all values from $array without values of $values.
array_delete(array<string|int, mixed> $values, array<string|int, mixed> $array) : array<string|int, mixed>
Parameters
- $values : array<string|int, mixed>
-
list of values which should be removed
- $array : array<string|int, mixed>
-
list of original values
Return values
array<string|int, mixed> —list of remaining values
in_array_ignore_case()
Checks if a string exists in an array, ignoring case.
in_array_ignore_case(string $needle, array<string|int, mixed> $haystack) : mixed
Parameters
- $needle : string
-
search string
- $haystack : array<string|int, mixed>
-
array
Return values
mixed —getdays()
This function will return the days from 1.1.1970 until now.
getdays() : number
Return values
number —of days
smbflag()
Takes a list of Samba flags and creates the corresponding flag string.
smbflag(array<string|int, mixed> $input) : string
Parameters
- $input : array<string|int, mixed>
-
is an array of Samba flags (e.g. X or D)
Return values
string —Samba flag string
lmPassword()
Generates the LM hash of a password.
lmPassword(mixed $password) : string
Parameters
- $password : mixed
Return values
string —password hash
ntPassword()
Generates the NT hash of a password.
ntPassword(mixed $password) : string
Parameters
- $password : mixed
Return values
string —password hash
pwd_hash()
Returns the hash value of a plain text password.
pwd_hash(string $password[, bool $enabled = true ][, string $hashType = 'SSHA' ]) : string
Parameters
- $password : string
-
the password string
- $enabled : bool = true
-
marks the hash as enabled/disabled (e.g. by prefixing "!")
- $hashType : string = 'SSHA'
-
password hash type (CRYPT, CRYPT-SHA512, SHA, SSHA, MD5, SMD5, PLAIN, K5KEY)
Tags
Return values
string —the password hash
getHashType()
Returns the hash type of the given password hash.
getHashType(string|null $hash) : string
This will return PLAIN if no supported hash type was found.
Parameters
- $hash : string|null
-
password hash
Return values
string —type (e.g. SSHA)
getSupportedHashTypes()
Returns the list of supported hash types (e.g. SSHA).
getSupportedHashTypes() : array<string|int, mixed>
Return values
array<string|int, mixed> —hash types
generateSalt()
Calculates a password salt of the given length.
generateSalt(int $len) : string
Parameters
- $len : int
-
salt length
Return values
string —the salt string
pwd_enable()
Marks an password hash as enabled and returns the new hash string
pwd_enable(string $hash) : string
Parameters
- $hash : string
-
hash value to enable
Return values
string —enabled password hash
pwd_disable()
Marks an password hash as disabled and returns the new hash string
pwd_disable(string $hash) : string
Parameters
- $hash : string
-
hash value to disable
Return values
string —disabled hash value
pwd_is_lockable()
Checks if a Unix password can be locked.
pwd_is_lockable(string $password) : bool
This checks if the password is not plain text but e.g. contains {SSHA}.
Parameters
- $password : string
-
password value
Return values
bool —can be locked
pwd_is_enabled()
Checks if a password hash is enabled/disabled
pwd_is_enabled(string $hash) : bool
Parameters
- $hash : string
-
password hash to check
Return values
bool —true if the password is marked as enabled
generateRandomPassword()
Generates a random password with 12 digits by default.
generateRandomPassword([int $length = 12 ][, bool $checkStrength = true ]) : string
Parameters
- $length : int = 12
-
length of password (defaults to 12)
- $checkStrength : bool = true
-
check if password matches the policy
Return values
string —password
generateRandomText()
Generates a random text with 20 letters by default.
generateRandomText([int $length = 20 ]) : string
Parameters
- $length : int = 20
-
length of password (defaults to 20)
Return values
string —text
checkPasswordHash()
Checks if the given password matches the crypto hash.
checkPasswordHash(mixed $type, string $hash, string $password) : bool
Parameters
- $type : mixed
- $hash : string
-
password hash value
- $password : string
-
plain text password to check
Tags
Return values
bool —hash matches
getNumberOfCharacterClasses()
Returns the number of character classes in a password.
getNumberOfCharacterClasses(string $password) : int
Parameters
- $password : string
-
password
Return values
int —number of classes
search_domains()
Returns an array with all Samba 3 domain entries under the given suffix
search_domains([mixed $server = null ][, string $suffix = null ]) : array<string|int, mixed>
Parameters
- $server : mixed = null
- $suffix : string = null
-
LDAP suffix to search (if null then $_SESSION['config']->get_Suffix('smbDomain') is used)
Return values
array<string|int, mixed> —list of samba3domain objects
get_preg()
Checks if a given value matches the selected regular expression.
get_preg(string $argument, string $regexp) : bool
Parameters
- $argument : string
-
value to check
- $regexp : string
-
pattern name
Return values
bool —true if matches, otherwise false
convertCommaEscaping()
Converts the comma escaping from Windows to OpenLDAP style.
convertCommaEscaping(string $dn) : string
Parameters
- $dn : string
-
DN
Return values
string —DN
connectToLDAP()
Connects to an LDAP server using the given URL.
connectToLDAP(string $serverURL, mixed $startTLS) : mixed
Parameters
- $serverURL : string
-
URL
- $startTLS : mixed
Return values
mixed —searchLDAPByAttribute()
This will search the given LDAP suffix for all entries which have the given attribute.
searchLDAPByAttribute(string $name, string $value, string $objectClass, array<string|int, mixed> $attributes, array<string|int, mixed> $scopes) : array<string|int, mixed>
Parameters
- $name : string
-
attribute name (may be null)
- $value : string
-
attribute value
- $objectClass : string
-
object class (may be null)
- $attributes : array<string|int, mixed>
-
list of attributes to return
- $scopes : array<string|int, mixed>
-
account types
Return values
array<string|int, mixed> —list of found entries
searchLDAPByFilter()
This will search the given LDAP suffix for all entries which match the given filter.
searchLDAPByFilter(string $filter, array<string|int, mixed> $attributes, array<string|int, mixed> $scopes[, bool $attrsOnly = false ]) : array<string|int, mixed>
Parameters
- $filter : string
- $attributes : array<string|int, mixed>
-
list of attributes to return
- $scopes : array<string|int, mixed>
-
account types
- $attrsOnly : bool = false
-
get only attributes but no values (default: false)
Return values
array<string|int, mixed> —list of found entries
searchLDAP()
Runs an LDAP search.
searchLDAP(string $suffix, string $filter, array<string|int, mixed> $attributes[, int $limit = -1 ]) : array<string|int, mixed>
Parameters
- $suffix : string
-
LDAP suffix
- $filter : string
-
filter
- $attributes : array<string|int, mixed>
-
list of attributes to return
- $limit : int = -1
-
result limit
Return values
array<string|int, mixed> —list of found entries
getLDAPServerHandle()
Returns the LDAP server handle.
getLDAPServerHandle() : handle
Return values
handle —LDAP handle
searchLDAPPaged()
Runs an LDAP search and uses paging if configured.
searchLDAPPaged(handle $server, string $dn, string $filter, array<string|int, mixed> $attributes, bool $attrsOnly, int $limit) : array<string|int, mixed>
Parameters
- $server : handle
-
LDAP connection handle
- $dn : string
-
DN
- $filter : string
-
filter
- $attributes : array<string|int, mixed>
-
attribute list
- $attrsOnly : bool
-
return only attribute names
- $limit : int
-
size limit
Return values
array<string|int, mixed> —results
ldapGetDN()
Returns the given DN.
ldapGetDN(string $dn[, array<string|int, mixed> $attributes = array('dn') ][, handle $handle = null ]) : array<string|int, mixed>|null
Parameters
- $dn : string
-
DN
- $attributes : array<string|int, mixed> = array('dn')
-
list of attributes to fetch
- $handle : handle = null
-
LDAP handle (optional for admin interface pages)
Return values
array<string|int, mixed>|null —attributes or null if not found
ldapListDN()
Returns the DN and children of a given DN.
ldapListDN(string $dn[, string $filter = '(objectclass=*)' ][, array<string|int, mixed> $attributes = array('dn') ][, handle $handle = null ][, int $limit = -1 ]) : array<string|int, mixed>
Parameters
- $dn : string
-
DN
- $filter : string = '(objectclass=*)'
-
LDAP filter
- $attributes : array<string|int, mixed> = array('dn')
-
list of attributes to fetch
- $handle : handle = null
-
LDAP handle (optional for admin interface pages)
- $limit : int = -1
-
result limit
Return values
array<string|int, mixed> —attributes or null if not found
deleteDN()
Deletes a DN and all child entries.
deleteDN(string $dn, bool $recursive) : array<string|int, mixed>
Parameters
- $dn : string
-
DN to delete
- $recursive : bool
-
recursive delete also child entries
Return values
array<string|int, mixed> —error messages
copyDnRecursive()
Performs a recursive copy from old DN under target DN.
copyDnRecursive(string $oldDn, string $targetDn) : void
Parameters
- $oldDn : string
-
old DN to copy
- $targetDn : string
-
copy nodes under this DN
Tags
Return values
void —moveDn()
Moves an LDAP entry.
moveDn(string $oldDn, string $targetDn) : void
Parameters
- $oldDn : string
-
old DN
- $targetDn : string
-
target container DN
Tags
Return values
void —getLastLDAPError()
Returns the parameters for a StatusMessage of the last LDAP search.
getLastLDAPError() : array<string|int, mixed>
Return values
array<string|int, mixed> —parameters for StatusMessage or null if all was ok
cleanLDAPResult()
Cleans the result of an LDAP search.
cleanLDAPResult(array<string|int, mixed> &$entries) : mixed
This will remove all 'count' entries and also all numeric array keys.
Parameters
- $entries : array<string|int, mixed>
-
LDAP entries in format $entries[entry number][attribute name][attribute values]
Return values
mixed —getAbstractDN()
Transforms a DN into a more user friendly format.
getAbstractDN(string $dn) : string
E.g. "dc=company,dc=de" is transformed to "company > de".
Parameters
- $dn : string
-
DN
Return values
string —transformed DN
unescapeLdapSpecialCharacters()
Unescapes LDAP special characters for readability.
unescapeLdapSpecialCharacters(string $dn) : string
Parameters
- $dn : string
-
escaped DN
Return values
string —unescaped DN
unescapeLdapSpecialCharactersCallback()
Callback function for unescaping DN.
unescapeLdapSpecialCharactersCallback(array<string|int, mixed> $matches) : string
Parameters
- $matches : array<string|int, mixed>
-
HEX value that was found
Return values
string —unescaped string
compareDN()
Helper function to sort DNs.
compareDN(string $a, string $b) : int
Parameters
- $a : string
-
first argument to compare
- $b : string
-
second argument to compare
Return values
int —0 if equal, 1 if $a is greater, -1 if $b is greater
compareLDAPEntriesByDn()
Helper function to sort LDAP entries by DN.
compareLDAPEntriesByDn(array<string|int, mixed> $a, array<string|int, mixed> $b) : int
Parameters
- $a : array<string|int, mixed>
-
first argument to compare
- $b : array<string|int, mixed>
-
second argument to compare
Return values
int —0 if equal, 1 if $a is greater, -1 if $b is greater
formatLDAPTimestamp()
Formats an LDAP time string (e.g. from createTimestamp).
formatLDAPTimestamp(string $time) : string
Parameters
- $time : string
-
LDAP time value
Return values
string —formatted time
parseLDAPTimestamp()
Parses an LDAP time stamp and returns a DateTime in current time zone.
parseLDAPTimestamp(string $time) : DateTime
Parameters
- $time : string
-
LDAP time value
Return values
DateTime —time
obfuscateText()
Simple function to obfuscate strings.
obfuscateText(string $text) : mixed
Parameters
- $text : string
-
text to obfuscate
Return values
mixed —deobfuscateText()
Simple function to deobfuscate strings.
deobfuscateText(string $text) : mixed
Parameters
- $text : string
-
text to deobfuscate
Return values
mixed —isObfuscatedText()
Checks if the given text is obfuscated.
isObfuscatedText(string $text) : bool
Parameters
- $text : string
-
text to check
Return values
bool —obfuscated or not
extractRDNAttribute()
Extracts the RDN attribute name from a given DN.
extractRDNAttribute(string $dn) : string
Parameters
- $dn : string
-
DN
Return values
string —RDN attribute name
extractRDNValue()
Extracts the RDN attribute value from a given DN.
extractRDNValue(string $dn) : string
Parameters
- $dn : string
-
DN
Return values
string —RDN attribute value
extractRDN()
Extracts the RDN part of the DN.
extractRDN(string|null $dn) : string|null
Parameters
- $dn : string|null
-
DN
Return values
string|null —RDN part
extractDNSuffix()
Extracts the DN suffix from a given DN.
extractDNSuffix(string $dn) : string
E.g. ou=people,dc=test,dc=com will result in dc=test,dc=com.
Parameters
- $dn : string
-
DN
Return values
string —DN suffix
testSmtpConnection()
Checks if the SMTP connection with the given settings is fine.
testSmtpConnection(string $server, string $user, string $password, string $encryption) : void
Parameters
- $server : string
-
SMTP server
- $user : string
-
user name
- $password : string
-
password
- $encryption : string
-
encryption type
Tags
Return values
void —sendPasswordMail()
Sends the password mail.
sendPasswordMail(string $pwd, array<string|int, mixed> $user[, string $recipient = null ]) : array<string|int, mixed>
Parameters
- $pwd : string
-
new password
- $user : array<string|int, mixed>
-
LDAP attributes of user
- $recipient : string = null
-
recipient address (optional, $user['mail'][0] used by default)
Return values
array<string|int, mixed> —list of arrays that can be used to create status messages
sendEMail()
Sends out an email.
sendEMail(string|array<string|int, mixed> $to, string $subject, string $text, string $from, bool $isHTML[, string $replyTo = null ][, string $cc = null ][, string $bcc = null ]) : mixed
Parameters
- $to : string|array<string|int, mixed>
-
TO address
- $subject : string
-
email subject
- $text : string
-
mail body (with \r\n EOL)
- $from : string
-
FROM address
- $isHTML : bool
-
HTML format
- $replyTo : string = null
-
REPLY-TO address (optional)
- $cc : string = null
-
CC address (optional)
- $bcc : string = null
-
BCC address (optional)
Return values
mixed —isCommandlineSafeEmailAddress()
Checks if an email address is safe for use on commandline
isCommandlineSafeEmailAddress( $address) : bool
Parameters
Return values
bool —is safe
getRandomNumber()
Returns a random number.
getRandomNumber() : int
Return values
int —random number
getLDAPSSLCertificate()
Connects to the LDAP server and extracts the certificates.
getLDAPSSLCertificate(string $server, string $port) : mixed
Parameters
- $server : string
-
server name
- $port : string
-
server port
Return values
mixed —false on error and certificate if extracted successfully
getExtendedLDAPErrorMessage()
Returns the extended LDAP error message if any.
getExtendedLDAPErrorMessage(handle $server) : string
Parameters
- $server : handle
-
LDAP server handle
Return values
string —error message
getDefaultLDAPErrorString()
Returns the default error message to display on the web page.
getDefaultLDAPErrorString(handle $server) : string
HTML special characters are already escaped.
Parameters
- $server : handle
-
LDAP server handle
Return values
string —error message
ldapIsPasswordExpired()
Returns if the last LDAP error was due to expired password or forced password change (AD only).
ldapIsPasswordExpired( $server) : bool
Parameters
Return values
bool —password expired
getExtraInvalidCredentialsMessage()
Tries to get additional information why invalid credentials was returned. E.g. account is locked.
getExtraInvalidCredentialsMessage(handle $ldap, string $userDn) : string
Parameters
- $ldap : handle
-
LDAP object to connect for getting extra data
- $userDn : string
-
failed DN
Return values
string —extra message
getCallingURL()
Returns the URL under which the page was loaded.
getCallingURL([ $baseUrl = '' ]) : string
This includes any GET parameters set.
Parameters
Return values
string —URL
getTimeZoneOffsetHours()
Returns the offset in hours from configured time zone to GMT.
getTimeZoneOffsetHours() : int
Return values
int —offset
getTimeZone()
Returns the configured time zone.
getTimeZone() : DateTimeZone
Return values
DateTimeZone —time zone
getFormattedTime()
Returns the current time in formatted form.
getFormattedTime(unknown $format) : mixed
Parameters
- $format : unknown
-
format to use (e.g. 'Y-m-d H:i:s')
Return values
mixed —formatSecondsToShortFormat()
Formats a number of seconds to a more human readable format with minutes, hours, etc.
formatSecondsToShortFormat(int $numSeconds) : string
E.g. 70 seconds will return 1m10s.
Parameters
- $numSeconds : int
-
number of seconds
Return values
string —formatted number
unformatShortFormatToSeconds()
Unformats text like 1m10s back to number of seconds.
unformatShortFormatToSeconds(string $text) : int
Parameters
- $text : string
-
formatted text
Return values
int —number of seconds
enforceUserIsLoggedIn()
Checks if the user is logged in. Stops script execution if not.
enforceUserIsLoggedIn([bool $check2ndFactor = true ]) : mixed
Parameters
- $check2ndFactor : bool = true
-
check if the 2nd factor was provided if required
Return values
mixed —printHeaderContents()
Prints the content of the header part.
printHeaderContents(string $title, string $prefix) : mixed
Parameters
- $title : string
-
page title
- $prefix : string
-
prefix to LAM main folder (e.g. "..")
Return values
mixed —printJsIncludes()
Prints script tags for all LAM JS files.
printJsIncludes(string $prefix) : mixed
Parameters
- $prefix : string
-
prefix to LAM main folder (e.g. "..")
Return values
mixed —convertUtf8ToUtf16Le()
Converts an UTF-8 string to UTF16LE.
convertUtf8ToUtf16Le(string $input) : mixed
Parameters
- $input : string
-
UTF-8 value
Return values
mixed —getLAMVersionText()
Returns the text with LAM and its version for header area.
getLAMVersionText() : string
Return values
string —LAM version text
isDeveloperVersion()
Returns if the given release is a developer version.
isDeveloperVersion(mixed $version) : bool
Parameters
- $version : mixed
Return values
bool —is developer version