yetangitu/lam
1
0
Fork 0
mirror of https://github.com/LDAPAccountManager/lam.git synced 2025-10-03 17:59:21 +02:00
Code Issues Releases Wiki Activity

refactoring

Browse source
This commit is contained in:
Roland Gruber 2024-09-24 07:58:26 +02:00
parent f51f2348ca
commit a002ef87db
4 changed files with 91 additions and 122 deletions
Download patch file Download diff file Expand all files Collapse all files

12
lam/lib/baseType.inc
View file

@ -253,17 +253,17 @@ class baseType {
if (!$radioDisabled) { if (!$radioDisabled) {
$radio = new htmlRadio('lam_accountStatusAction', [_('Lock') => 'lock', _('Unlock') => 'unlock'], $selectedRadio); $radio = new htmlRadio('lam_accountStatusAction', [_('Lock') => 'lock', _('Unlock') => 'unlock'], $selectedRadio);
$radio->setOnchangeEvent($onchange); $radio->setOnchangeEvent($onchange);
$container->add($radio, 12); $container->add($radio);
} }
else { else {
$radio = new htmlRadio('lam_accountStatusActionDisabled', [_('Lock') => 'lock', _('Unlock') => 'unlock'], $selectedRadio); $radio = new htmlRadio('lam_accountStatusActionDisabled', [_('Lock') => 'lock', _('Unlock') => 'unlock'], $selectedRadio);
$radio->setIsEnabled(false); $radio->setIsEnabled(false);
$container->add($radio, 12); $container->add($radio);
$container->add(new htmlHiddenInput('lam_accountStatusAction', $selectedRadio), 12); $container->add(new htmlHiddenInput('lam_accountStatusAction', $selectedRadio));
} }
$container->addVerticalSpacer('1rem'); $container->addVerticalSpacer('1rem');
$container->add(new htmlHiddenInput('lam_accountStatusResult', 'cancel'), 12); $container->add(new htmlHiddenInput('lam_accountStatusResult', 'cancel'));
// locking part // locking part
if ($hasLockOptions) { if ($hasLockOptions) {
@ -349,7 +349,7 @@ class baseType {
if ($_POST['lam_accountStatusAction'] == 'lock') { if ($_POST['lam_accountStatusAction'] == 'lock') {
$lockIds = []; $lockIds = [];
foreach ($_POST as $key => $value) { foreach ($_POST as $key => $value) {
if (($value === 'on') && (strpos($key, 'lam_accountStatusLock_') === 0)) { if (($value === 'on') && (str_starts_with($key, 'lam_accountStatusLock_'))) {
$lockIds[] = substr($key, strlen('lam_accountStatusLock_')); $lockIds[] = substr($key, strlen('lam_accountStatusLock_'));
} }
} }
@ -366,7 +366,7 @@ class baseType {
elseif ($_POST['lam_accountStatusAction'] == 'unlock') { elseif ($_POST['lam_accountStatusAction'] == 'unlock') {
$unlockIds = []; $unlockIds = [];
foreach ($_POST as $key => $value) { foreach ($_POST as $key => $value) {
if (($value === 'on') && (strpos($key, 'lam_accountStatusUnlock_') === 0)) { if (($value === 'on') && (str_starts_with($key, 'lam_accountStatusUnlock_'))) {
$unlockIds[] = substr($key, strlen('lam_accountStatusUnlock_')); $unlockIds[] = substr($key, strlen('lam_accountStatusUnlock_'));
} }
} }

132
lam/lib/config.inc
View file

@ -1,12 +1,13 @@
<?php <?php
use \LAM\LIB\TWO_FACTOR\TwoFactorProviderService; use LAM\LIB\TWO_FACTOR\TwoFactorProviderService;
use LAM\PDF\PdfStructurePersistenceManager; use LAM\PDF\PdfStructurePersistenceManager;
use LAM\PERSISTENCE\ConfigurationDatabase; use LAM\PERSISTENCE\ConfigurationDatabase;
use LAM\PROFILES\AccountProfilePersistenceManager; use LAM\PROFILES\AccountProfilePersistenceManager;
use \LAM\REMOTE\RemoteServerConfiguration; use LAM\REMOTE\RemoteServerConfiguration;
use LAM\TYPES\TypeManager; use LAM\TYPES\TypeManager;
use function LAM\PERSISTENCE\dbTableExists; use function LAM\PERSISTENCE\dbTableExists;
use function LAM\TYPES\getScopeFromTypeId;
/* /*
@ -53,13 +54,7 @@ include_once '2factor.inc';
* Sets the environment variables for custom SSL CA certificates. * Sets the environment variables for custom SSL CA certificates.
*/ */
function setSSLCaCert() { function setSSLCaCert() {
$config = null; $config = $_SESSION['cfgMain'] ?? new LAMCfgMain();
if (isset($_SESSION['cfgMain'])) {
$config = $_SESSION['cfgMain'];
}
else {
$config = new LAMCfgMain();
}
// set SSL certificate if set // set SSL certificate if set
$sslCaPath = $config->getSSLCaCertPath(); $sslCaPath = $config->getSSLCaCertPath();
if ($sslCaPath != null) { if ($sslCaPath != null) {
@ -101,11 +96,8 @@ function setlanguage() {
if (!is_string($bindTextResult)) { if (!is_string($bindTextResult)) {
logNewMessage(LOG_WARNING, "Unable to bind text domain, check if 'locale -a' returns $code"); logNewMessage(LOG_WARNING, "Unable to bind text domain, check if 'locale -a' returns $code");
} }
$textDomainResult = textdomain("messages"); textdomain("messages");
if (!is_string($textDomainResult)) { header("Content-type: text/html; charset=" . $encoding);
logNewMessage(LOG_WARNING, "Unable to set text domain, check if 'locale -a' returns $code");
}
header("Content-type: text/html; charset=" . $encoding, true);
} }
/** /**
@ -404,7 +396,7 @@ class ServerProfilePersistenceManager {
} }
$copyFromTemplate = true; $copyFromTemplate = true;
$existingTemplateNames = $this->getConfigTemplates(); $existingTemplateNames = $this->getConfigTemplates();
if (strpos($templateName, '.sample') !== false) { if (str_contains($templateName, '.sample')) {
$templateNameShort = str_replace('.sample', '', $templateName); $templateNameShort = str_replace('.sample', '', $templateName);
if (!in_array($templateNameShort, $existingTemplateNames)) { if (!in_array($templateNameShort, $existingTemplateNames)) {
throw new LAMException(_("Profile name is invalid!")); throw new LAMException(_("Profile name is invalid!"));
@ -558,7 +550,7 @@ class ServerProfilePersistenceStrategyFiles implements ServerProfilePersistenceS
$ext = substr($entry, strlen($entry) - 5, 5); $ext = substr($entry, strlen($entry) - 5, 5);
$name = substr($entry, 0, strlen($entry) - 5); $name = substr($entry, 0, strlen($entry) - 5);
// check if extension is right, add to profile list // check if extension is right, add to profile list
if (($ext == ".conf") && (strpos($name, '.sample') === false) && is_readable($dirName . '/' . $entry)) { if (($ext == ".conf") && (!str_contains($name, '.sample')) && is_readable($dirName . '/' . $entry)) {
$ret[] = $name; $ret[] = $name;
} }
} }
@ -601,7 +593,7 @@ class ServerProfilePersistenceStrategyFiles implements ServerProfilePersistenceS
$property->setAccessible(true); $property->setAccessible(true);
$property->setValue($config, ''); $property->setValue($config, '');
} }
catch (ReflectionException $e) { catch (ReflectionException) {
// ignore // ignore
} }
} }
@ -612,7 +604,7 @@ class ServerProfilePersistenceStrategyFiles implements ServerProfilePersistenceS
$property->setAccessible(true); $property->setAccessible(true);
$property->setValue($config, substr($line, $startIndex)); $property->setValue($config, substr($line, $startIndex));
} }
catch (ReflectionException $e) { catch (ReflectionException) {
// ignore // ignore
} }
} }
@ -1237,7 +1229,7 @@ class LAMConfig {
$allTypes = LAM\TYPES\getTypes(); $allTypes = LAM\TYPES\getTypes();
$activeTypes = $this->get_ActiveTypes(); $activeTypes = $this->get_ActiveTypes();
for ($i = 0; $i < sizeof($activeTypes); $i++) { for ($i = 0; $i < sizeof($activeTypes); $i++) {
if (!in_array(\LAM\TYPES\getScopeFromTypeId($activeTypes[$i]), $allTypes)) { if (!in_array(getScopeFromTypeId($activeTypes[$i]), $allTypes)) {
unset($activeTypes[$i]); unset($activeTypes[$i]);
} }
} }
@ -1252,7 +1244,7 @@ class LAMConfig {
$types = $this->get_ActiveTypes(); $types = $this->get_ActiveTypes();
$availableByScope = []; $availableByScope = [];
foreach ($types as $type) { foreach ($types as $type) {
$scope = \LAM\TYPES\getScopeFromTypeId($type); $scope = getScopeFromTypeId($type);
$moduleVar = "modules_" . $type; $moduleVar = "modules_" . $type;
if (isset($this->typeSettings[$moduleVar])) { if (isset($this->typeSettings[$moduleVar])) {
$modules = explode(",", $this->typeSettings[$moduleVar]); $modules = explode(",", $this->typeSettings[$moduleVar]);
@ -1513,14 +1505,14 @@ class LAMConfig {
* @return boolean true, if matches * @return boolean true, if matches
*/ */
public function check_Passwd($password) { public function check_Passwd($password) {
if (strpos($this->Passwd, "{SSHA}") === 0) { if (str_starts_with($this->Passwd, "{SSHA}")) {
$value = substr($this->Passwd, strlen("{SSHA}")); $value = substr($this->Passwd, strlen("{SSHA}"));
$parts = explode(" ", $value); $parts = explode(" ", $value);
$salt = base64_decode($parts[1]); $salt = base64_decode($parts[1]);
$hash = "{SSHA}" . base64_encode(hex2bin(sha1($password . $salt))) . " " . base64_encode($salt); $hash = "{SSHA}" . base64_encode(hex2bin(sha1($password . $salt))) . " " . base64_encode($salt);
return ($hash === $this->Passwd); return ($hash === $this->Passwd);
} }
elseif (strpos($this->Passwd, "{CRYPT-SHA512}") === 0) { elseif (str_starts_with($this->Passwd, "{CRYPT-SHA512}")) {
$value = substr($this->Passwd, strlen("{CRYPT-SHA512}")); $value = substr($this->Passwd, strlen("{CRYPT-SHA512}"));
$parts = explode(" ", $value); $parts = explode(" ", $value);
$salt = base64_decode($parts[1]); $salt = base64_decode($parts[1]);
@ -1740,8 +1732,8 @@ class LAMConfig {
} }
$serverSettings = explode(':', $serverChunk); $serverSettings = explode(':', $serverChunk);
$serverName = $serverSettings[0]; $serverName = $serverSettings[0];
$serverLabel = isset($serverSettings[1]) ? $serverSettings[1] : null; $serverLabel = $serverSettings[1] ?? null;
$serverHomedirPrefix = isset($serverSettings[2]) ? $serverSettings[2] : null; $serverHomedirPrefix = $serverSettings[2] ?? null;
$servers[] = new RemoteServerConfiguration($serverName, $serverLabel, $serverHomedirPrefix, $scriptPath, $userName, $sshKey, $sshKeyPassword); $servers[] = new RemoteServerConfiguration($serverName, $serverLabel, $serverHomedirPrefix, $scriptPath, $userName, $sshKey, $sshKeyPassword);
} }
return $servers; return $servers;
@ -1795,18 +1787,18 @@ class LAMConfig {
$valid_ips = []; $valid_ips = [];
foreach ($array_string as $arr_value) { foreach ($array_string as $arr_value) {
// Explode name and IP, if a name exists // Explode name and IP, if a name exists
if (preg_match("/:/", $arr_value)) { if (str_contains($arr_value, ":")) {
$arr_value_explode = explode(":", $arr_value); $arr_value_explode = explode(":", $arr_value);
$servername = $arr_value_explode[0]; $servername = $arr_value_explode[0];
$label = $arr_value_explode[1]; $label = $arr_value_explode[1];
$homedirPrefix = isset($arr_value_explode[2]) ? $arr_value_explode[2] : ''; $homedirPrefix = $arr_value_explode[2] ?? '';
} }
else { else {
$servername = $arr_value; $servername = $arr_value;
$label = ''; $label = '';
$homedirPrefix = ''; $homedirPrefix = '';
} }
if (isset($servername) && is_string($servername) && preg_match("/^[a-z0-9-]+(\\.[a-z0-9-]+)*(,[0-9]+)?$/i", $servername)) { if (preg_match("/^[a-z0-9-]+(\\.[a-z0-9-]+)*(,[0-9]+)?$/i", $servername)) {
$serverData = [$servername]; $serverData = [$servername];
if (!empty($label)) { if (!empty($label)) {
$serverData[] = $label; $serverData[] = $label;
@ -3423,7 +3415,7 @@ class LAMCfgMain {
if (($configLine === false) || ($configLine === "") || ($configLine === "\n") || ($configLine[0] == "#")) { if (($configLine === false) || ($configLine === "") || ($configLine === "\n") || ($configLine[0] == "#")) {
continue; // ignore comments and empty lines continue; // ignore comments and empty lines
} }
array_push($file_array, $configLine); $file_array[] = $configLine;
} }
fclose($file); fclose($file);
// generate new configuration file // generate new configuration file
@ -3451,116 +3443,116 @@ class LAMCfgMain {
if (!$persistenceOnly) { if (!$persistenceOnly) {
// check if we have to add new entries (e.g. if user upgraded LAM and has an old config file) // check if we have to add new entries (e.g. if user upgraded LAM and has an old config file)
if (!in_array("password", $saved)) { if (!in_array("password", $saved)) {
array_push($file_array, "password: " . $this->password . "\n"); $file_array[] = "password: " . $this->password . "\n";
} }
if (!in_array("default", $saved)) { if (!in_array("default", $saved)) {
array_push($file_array, "default: " . $this->default . "\n"); $file_array[] = "default: " . $this->default . "\n";
} }
if (!in_array("sessionTimeout", $saved)) { if (!in_array("sessionTimeout", $saved)) {
array_push($file_array, "sessionTimeout: " . $this->sessionTimeout . "\n"); $file_array[] = "sessionTimeout: " . $this->sessionTimeout . "\n";
} }
if (!in_array("hideLoginErrorDetails", $saved)) { if (!in_array("hideLoginErrorDetails", $saved)) {
array_push($file_array, "hideLoginErrorDetails: " . $this->hideLoginErrorDetails . "\n"); $file_array[] = "hideLoginErrorDetails: " . $this->hideLoginErrorDetails . "\n";
} }
if (!in_array("logLevel", $saved)) { if (!in_array("logLevel", $saved)) {
array_push($file_array, "logLevel: " . $this->logLevel . "\n"); $file_array[] = "logLevel: " . $this->logLevel . "\n";
} }
if (!in_array("logDestination", $saved)) { if (!in_array("logDestination", $saved)) {
array_push($file_array, "logDestination: " . $this->logDestination . "\n"); $file_array[] = "logDestination: " . $this->logDestination . "\n";
} }
if (!in_array("allowedHosts", $saved)) { if (!in_array("allowedHosts", $saved)) {
array_push($file_array, "allowedHosts: " . $this->allowedHosts . "\n"); $file_array[] = "allowedHosts: " . $this->allowedHosts . "\n";
} }
if (!in_array("allowedHostsSelfService", $saved)) { if (!in_array("allowedHostsSelfService", $saved)) {
array_push($file_array, "allowedHostsSelfService: " . $this->allowedHostsSelfService . "\n"); $file_array[] = "allowedHostsSelfService: " . $this->allowedHostsSelfService . "\n";
} }
if (!in_array("passwordMinLength", $saved)) { if (!in_array("passwordMinLength", $saved)) {
array_push($file_array, "passwordMinLength: " . $this->passwordMinLength . "\n"); $file_array[] = "passwordMinLength: " . $this->passwordMinLength . "\n";
} }
if (!in_array("passwordMinUpper", $saved)) { if (!in_array("passwordMinUpper", $saved)) {
array_push($file_array, "passwordMinUpper: " . $this->passwordMinUpper . "\n"); $file_array[] = "passwordMinUpper: " . $this->passwordMinUpper . "\n";
} }
if (!in_array("passwordMinLower", $saved)) { if (!in_array("passwordMinLower", $saved)) {
array_push($file_array, "passwordMinLower: " . $this->passwordMinLower . "\n"); $file_array[] = "passwordMinLower: " . $this->passwordMinLower . "\n";
} }
if (!in_array("passwordMinNumeric", $saved)) { if (!in_array("passwordMinNumeric", $saved)) {
array_push($file_array, "passwordMinNumeric: " . $this->passwordMinNumeric . "\n"); $file_array[] = "passwordMinNumeric: " . $this->passwordMinNumeric . "\n";
} }
if (!in_array("passwordMinSymbol", $saved)) { if (!in_array("passwordMinSymbol", $saved)) {
array_push($file_array, "passwordMinSymbol: " . $this->passwordMinSymbol . "\n"); $file_array[] = "passwordMinSymbol: " . $this->passwordMinSymbol . "\n";
} }
if (!in_array("passwordMinClasses", $saved)) { if (!in_array("passwordMinClasses", $saved)) {
array_push($file_array, "passwordMinClasses: " . $this->passwordMinClasses . "\n"); $file_array[] = "passwordMinClasses: " . $this->passwordMinClasses . "\n";
} }
if (!in_array("checkedRulesCount", $saved)) { if (!in_array("checkedRulesCount", $saved)) {
array_push($file_array, "checkedRulesCount: " . $this->checkedRulesCount . "\n"); $file_array[] = "checkedRulesCount: " . $this->checkedRulesCount . "\n";
} }
if (!in_array("passwordMustNotContain3Chars", $saved)) { if (!in_array("passwordMustNotContain3Chars", $saved)) {
array_push($file_array, "passwordMustNotContain3Chars: " . $this->passwordMustNotContain3Chars . "\n"); $file_array[] = "passwordMustNotContain3Chars: " . $this->passwordMustNotContain3Chars . "\n";
} }
if (!in_array("passwordMustNotContainUser", $saved)) { if (!in_array("passwordMustNotContainUser", $saved)) {
array_push($file_array, "passwordMustNotContainUser: " . $this->passwordMustNotContainUser . "\n"); $file_array[] = "passwordMustNotContainUser: " . $this->passwordMustNotContainUser . "\n";
} }
if (!in_array("externalPwdCheckUrl", $saved)) { if (!in_array("externalPwdCheckUrl", $saved)) {
array_push($file_array, "externalPwdCheckUrl: " . $this->externalPwdCheckUrl . "\n"); $file_array[] = "externalPwdCheckUrl: " . $this->externalPwdCheckUrl . "\n";
} }
if (!in_array("errorReporting", $saved)) { if (!in_array("errorReporting", $saved)) {
array_push($file_array, "errorReporting: " . $this->errorReporting . "\n"); $file_array[] = "errorReporting: " . $this->errorReporting . "\n";
} }
if (!in_array("license", $saved)) { if (!in_array("license", $saved)) {
array_push($file_array, "license: " . $this->license . "\n"); $file_array[] = "license: " . $this->license . "\n";
} }
if (!in_array("licenseEmailFrom", $saved)) { if (!in_array("licenseEmailFrom", $saved)) {
array_push($file_array, "licenseEmailFrom: " . $this->licenseEmailFrom . "\n"); $file_array[] = "licenseEmailFrom: " . $this->licenseEmailFrom . "\n";
} }
if (!in_array("licenseEmailTo", $saved)) { if (!in_array("licenseEmailTo", $saved)) {
array_push($file_array, "licenseEmailTo: " . $this->licenseEmailTo . "\n"); $file_array[] = "licenseEmailTo: " . $this->licenseEmailTo . "\n";
} }
if (!in_array("licenseEmailDateSent", $saved)) { if (!in_array("licenseEmailDateSent", $saved)) {
array_push($file_array, "licenseEmailDateSent: " . $this->licenseEmailDateSent . "\n"); $file_array[] = "licenseEmailDateSent: " . $this->licenseEmailDateSent . "\n";
} }
if (!in_array("licenseWarningType", $saved)) { if (!in_array("licenseWarningType", $saved)) {
array_push($file_array, "licenseWarningType: " . $this->licenseWarningType . "\n"); $file_array[] = "licenseWarningType: " . $this->licenseWarningType . "\n";
} }
if (!in_array("mailServer", $saved)) { if (!in_array("mailServer", $saved)) {
array_push($file_array, "mailServer: " . $this->mailServer . "\n"); $file_array[] = "mailServer: " . $this->mailServer . "\n";
} }
if (!in_array("mailUser", $saved)) { if (!in_array("mailUser", $saved)) {
array_push($file_array, "mailUser: " . $this->mailUser . "\n"); $file_array[] = "mailUser: " . $this->mailUser . "\n";
} }
if (!in_array("mailPassword", $saved)) { if (!in_array("mailPassword", $saved)) {
array_push($file_array, "mailPassword: " . $this->mailPassword . "\n"); $file_array[] = "mailPassword: " . $this->mailPassword . "\n";
} }
if (!in_array("mailEncryption", $saved)) { if (!in_array("mailEncryption", $saved)) {
array_push($file_array, "mailEncryption: " . $this->mailEncryption . "\n"); $file_array[] = "mailEncryption: " . $this->mailEncryption . "\n";
} }
if (!in_array("mailAttribute", $saved)) { if (!in_array("mailAttribute", $saved)) {
array_push($file_array, "mailAttribute: " . $this->mailAttribute . "\n"); $file_array[] = "mailAttribute: " . $this->mailAttribute . "\n";
} }
if (!in_array("mailBackupAttribute", $saved)) { if (!in_array("mailBackupAttribute", $saved)) {
array_push($file_array, "mailBackupAttribute: " . $this->mailBackupAttribute . "\n"); $file_array[] = "mailBackupAttribute: " . $this->mailBackupAttribute . "\n";
} }
} }
if (!in_array("configDatabaseType", $saved)) { if (!in_array("configDatabaseType", $saved)) {
array_push($file_array, "configDatabaseType: " . $this->configDatabaseType . "\n"); $file_array[] = "configDatabaseType: " . $this->configDatabaseType . "\n";
} }
if (!in_array("configDatabaseServer", $saved)) { if (!in_array("configDatabaseServer", $saved)) {
array_push($file_array, "configDatabaseServer: " . $this->configDatabaseServer . "\n"); $file_array[] = "configDatabaseServer: " . $this->configDatabaseServer . "\n";
} }
if (!in_array("configDatabasePort", $saved)) { if (!in_array("configDatabasePort", $saved)) {
array_push($file_array, "configDatabasePort: " . $this->configDatabasePort . "\n"); $file_array[] = "configDatabasePort: " . $this->configDatabasePort . "\n";
} }
if (!in_array("configDatabaseName", $saved)) { if (!in_array("configDatabaseName", $saved)) {
array_push($file_array, "configDatabaseName: " . $this->configDatabaseName . "\n"); $file_array[] = "configDatabaseName: " . $this->configDatabaseName . "\n";
} }
if (!in_array("configDatabaseUser", $saved)) { if (!in_array("configDatabaseUser", $saved)) {
array_push($file_array, "configDatabaseUser: " . $this->configDatabaseUser . "\n"); $file_array[] = "configDatabaseUser: " . $this->configDatabaseUser . "\n";
} }
if (!in_array("configDatabasePassword", $saved)) { if (!in_array("configDatabasePassword", $saved)) {
array_push($file_array, "configDatabasePassword: " . $this->configDatabasePassword . "\n"); $file_array[] = "configDatabasePassword: " . $this->configDatabasePassword . "\n";
} }
if (!in_array("moduleSettings", $saved)) { if (!in_array("moduleSettings", $saved)) {
array_push($file_array, "moduleSettings: " . $this->moduleSettings . "\n"); $file_array[] = "moduleSettings: " . $this->moduleSettings . "\n";
} }
$file = @fopen($this->conffile, "w"); $file = @fopen($this->conffile, "w");
@ -3591,14 +3583,14 @@ class LAMCfgMain {
* @return boolean true, if password matches * @return boolean true, if password matches
*/ */
public function checkPassword($password) { public function checkPassword($password) {
if (strpos($this->password, "{SSHA}") === 0) { if (str_starts_with($this->password, "{SSHA}")) {
$value = substr($this->password, strlen("{SSHA}")); $value = substr($this->password, strlen("{SSHA}"));
$parts = explode(" ", $value); $parts = explode(" ", $value);
$salt = base64_decode($parts[1]); $salt = base64_decode($parts[1]);
$hash = "{SSHA}" . base64_encode(hex2bin(sha1($password . $salt))) . " " . base64_encode($salt); $hash = "{SSHA}" . base64_encode(hex2bin(sha1($password . $salt))) . " " . base64_encode($salt);
return ($hash === $this->password); return ($hash === $this->password);
} }
elseif (strpos($this->password, "{CRYPT-SHA512}") === 0) { elseif (str_starts_with($this->password, "{CRYPT-SHA512}")) {
$value = substr($this->password, strlen("{CRYPT-SHA512}")); $value = substr($this->password, strlen("{CRYPT-SHA512}"));
$parts = explode(" ", $value); $parts = explode(" ", $value);
$salt = base64_decode($parts[1]); $salt = base64_decode($parts[1]);
@ -3678,7 +3670,7 @@ class LAMCfgMain {
* @return mixed TRUE if format is correct, error message if file is not accepted * @return mixed TRUE if format is correct, error message if file is not accepted
*/ */
public function uploadSSLCaCert($cert) { public function uploadSSLCaCert($cert) {
if (strpos($cert, '-----BEGIN CERTIFICATE-----') === false) { if (!str_contains($cert, '-----BEGIN CERTIFICATE-----')) {
$pem = @chunk_split(@base64_encode($cert), 64, "\n"); $pem = @chunk_split(@base64_encode($cert), 64, "\n");
$cert = "-----BEGIN CERTIFICATE-----\n" . $pem . "-----END CERTIFICATE-----\n"; $cert = "-----BEGIN CERTIFICATE-----\n" . $pem . "-----END CERTIFICATE-----\n";
} }
@ -3817,14 +3809,14 @@ class LAMCfgMain {
if (empty($content)) { if (empty($content)) {
return []; return [];
} }
if (!(strpos($content, '-----BEGIN CERTIFICATE-----') === 0)) { if (!(str_starts_with($content, '-----BEGIN CERTIFICATE-----'))) {
return []; return [];
} }
$lines = explode("\n", $content); $lines = explode("\n", $content);
$list = []; $list = [];
$pos = -1; $pos = -1;
foreach ($lines as $line) { foreach ($lines as $line) {
if (strpos($line, '-----BEGIN CERTIFICATE-----') === 0) { if (str_starts_with($line, '-----BEGIN CERTIFICATE-----')) {
$pos++; $pos++;
} }
if (!isset($list[$pos])) { if (!isset($list[$pos])) {

2
lam/lib/export.inc
View file

@ -214,7 +214,7 @@ class Exporter {
sort($attributeNames); sort($attributeNames);
array_unshift($attributeNames, 'dn'); array_unshift($attributeNames, 'dn');
$attributeNamesQuoted = array_map([$this, 'escapeCsvAndAddQuotes'], $attributeNames); $attributeNamesQuoted = array_map($this->escapeCsvAndAddQuotes(...), $attributeNames);
$output = ''; $output = '';
// header // header
$output .= implode(',', $attributeNamesQuoted) . $lineEnding; $output .= implode(',', $attributeNamesQuoted) . $lineEnding;

67
lam/lib/persistence.inc
View file

@ -248,7 +248,7 @@ class ConfigDataExporter {
public function _getWebauthn() { public function _getWebauthn() {
$data = []; $data = [];
if (extension_loaded('PDO') if (extension_loaded('PDO')
&& in_array('sqlite', \PDO::getAvailableDrivers())) { && in_array('sqlite', PDO::getAvailableDrivers())) {
include_once __DIR__ . '/webauthn.inc'; include_once __DIR__ . '/webauthn.inc';
$webauthnManager = new WebauthnManager(); $webauthnManager = new WebauthnManager();
$webauthnDatabase = $webauthnManager->getDatabase(); $webauthnDatabase = $webauthnManager->getDatabase();
@ -430,43 +430,20 @@ class ConfigDataImporter {
continue; continue;
} }
$key = $step->getKey(); $key = $step->getKey();
switch ($key) { match ($key) {
case 'mainConfig': 'mainConfig' => $this->importMainConfig($step->getValue()),
$this->importMainConfig($step->getValue()); 'certificates' => $this->importCertificates($step->getValue()),
break; 'serverProfiles' => $this->importServerProfiles($step),
case 'certificates': 'accountProfiles' => $this->importAccountProfiles($step),
$this->importCertificates($step->getValue()); 'accountProfileTemplates' => $this->importAccountProfileTemplates($step),
break; 'pdfProfiles' => $this->importPdfProfiles($step),
case 'serverProfiles': 'pdfProfileTemplates' => $this->importPdfProfileTemplates($step),
$this->importServerProfiles($step); 'selfServiceProfiles' => $this->importSelfServiceProfiles($step),
break; 'webauthn' => $this->importWebauthn($step),
case 'accountProfiles': 'cronJobs' => $this->importCronJobs($step),
$this->importAccountProfiles($step); 'requestAccess' => $this->importRequestAccess($step),
break; default => logNewMessage(LOG_WARNING, 'Unknown import type: ' . $key),
case 'accountProfileTemplates': };
$this->importAccountProfileTemplates($step);
break;
case 'pdfProfiles':
$this->importPdfProfiles($step);
break;
case 'pdfProfileTemplates':
$this->importPdfProfileTemplates($step);
break;
case 'selfServiceProfiles':
$this->importSelfServiceProfiles($step);
break;
case 'webauthn':
$this->importWebauthn($step);
break;
case 'cronJobs':
$this->importCronJobs($step);
break;
case 'requestAccess':
$this->importRequestAccess($step);
break;
default:
logNewMessage(LOG_WARNING, 'Unknown import type: ' . $key);
}
} }
} }
@ -544,7 +521,7 @@ class ConfigDataImporter {
try { try {
$accountProfilePersistenceManager->writeAccountProfile($typeId, $accountProfileName, $serverProfileName, $accountProfileData); $accountProfilePersistenceManager->writeAccountProfile($typeId, $accountProfileName, $serverProfileName, $accountProfileData);
} }
catch (LAMException $e) { catch (LAMException) {
$failedProfiles[] = $serverProfileName . ':' . $typeId . ':' . $accountProfileName; $failedProfiles[] = $serverProfileName . ':' . $typeId . ':' . $accountProfileName;
} }
} }
@ -878,13 +855,13 @@ class ImporterStep {
class ConfigurationDatabase { class ConfigurationDatabase {
/** table for schema versions */ /** table for schema versions */
const TABLE_SCHEMA_VERSIONS = 'schema_versions'; public const TABLE_SCHEMA_VERSIONS = 'schema_versions';
/** row name for system schema version */ /** row name for system schema version */
const ROW_VERSION_SYSTEM = 'system'; private const ROW_VERSION_SYSTEM = 'system';
/** table for main configuration */ /** table for main configuration */
const TABLE_MAIN_CONFIG = 'main_configuration'; public const TABLE_MAIN_CONFIG = 'main_configuration';
/** row name for main config schema version */ /** row name for main config schema version */
const ROW_VERSION_MAIN_CONFIG = 'main_configuration'; private const ROW_VERSION_MAIN_CONFIG = 'main_configuration';
private $cfgMain; private $cfgMain;
@ -1000,9 +977,9 @@ class ConfigurationDatabase {
function dbTableExists(PDO $pdo, string $tableName): bool { function dbTableExists(PDO $pdo, string $tableName): bool {
try { try {
$result = $pdo->query("SELECT 1 FROM $tableName LIMIT 1"); $result = $pdo->query("SELECT 1 FROM $tableName LIMIT 1");
return ($result === false) ? false : true; return ($result !== false);
} }
catch (PDOException $e) { catch (PDOException) {
return false; return false;
} }
} }