yetangitu/lam
1
0
Fork 0
mirror of https://github.com/LDAPAccountManager/lam.git synced 2025-10-06 03:49:56 +02:00
Code Issues Releases Wiki Activity

Merge pull request #203 from LDAPAccountManager/feature/random-text

Browse source 
Feature/random text
This commit is contained in:
gruberroland 2023-01-05 08:08:59 +01:00 committed by GitHub
commit d0695da541
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
14 changed files with 62 additions and 39 deletions
Download patch file Download diff file Expand all files Collapse all files

18
lam/lib/account.inc
View file

@ -3,7 +3,7 @@
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2003 - 2006 Tilo Lutz Copyright (C) 2003 - 2006 Tilo Lutz
2009 - 2022 Roland Gruber 2009 - 2023 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -388,6 +388,22 @@ function generateRandomPassword($length = 12, bool $checkStrength = true): strin
return $password; return $password;
} }
/**
* Generates a random text with 20 letters by default.
*
* @param int $length length of password (defaults to 20)
* @return string text
*/
function generateRandomText($length = 20): string {
$list = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$text = '';
for ($i = 0; $i < $length; $i++) {
$rand = abs(getRandomNumber() % 62);
$text .= $list[$rand];
}
return $text;
}
/** /**
* Checks if the given password matches the crypto hash. * Checks if the given password matches the crypto hash.
* *

6
lam/lib/config.inc
View file

@ -10,7 +10,7 @@ use function LAM\PERSISTENCE\dbTableExists;
/* /*
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2003 - 2022 Roland Gruber Copyright (C) 2003 - 2023 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -2525,7 +2525,7 @@ class LAMConfig {
*/ */
public function getJobToken() { public function getJobToken() {
if (empty($this->jobToken)) { if (empty($this->jobToken)) {
$this->jobToken = getRandomNumber(); $this->jobToken = generateRandomText();
} }
return $this->jobToken; return $this->jobToken;
} }
@ -3604,7 +3604,7 @@ class LAMCfgMain {
return null; return null;
} }
// write to temp file // write to temp file
$fileName = time() . getRandomNumber() . '.pem'; $fileName = time() . generateRandomText() . '.pem';
$path = dirname(__FILE__) . '/../tmp/' . $fileName; $path = dirname(__FILE__) . '/../tmp/' . $fileName;
$handle = @fopen($path, "wb"); $handle = @fopen($path, "wb");
@chmod($path, 0600); @chmod($path, 0600);

2
lam/lib/export.inc
View file

@ -173,7 +173,7 @@ class Exporter {
throw new LAMException(_('Invalid format')); throw new LAMException(_('Invalid format'));
} }
if ($this->saveAsFile) { if ($this->saveAsFile) {
$filename = '../../tmp/' . getRandomNumber() . time() .'.' . $this->format; $filename = '../../tmp/' . generateRandomText() . time() .'.' . $this->format;
$handle = fopen($filename, 'w'); $handle = fopen($filename, 'w');
chmod($filename, 0640); chmod($filename, 0640);
fwrite($handle, $output); fwrite($handle, $output);

13
lam/lib/modules/inetOrgPerson.inc
View file

@ -1608,7 +1608,7 @@ class inetOrgPerson extends baseModule implements passwordService,AccountStatusP
$photoFile = '../../graphics/user.svg'; $photoFile = '../../graphics/user.svg';
$noPhoto = true; $noPhoto = true;
if (isset($this->attributes['jpegPhoto'][0])) { if (isset($this->attributes['jpegPhoto'][0])) {
$jpeg_filename = 'jpg' . getRandomNumber() . '.jpg'; $jpeg_filename = 'jpg_' . generateRandomText() . '.jpg';
$outjpeg = @fopen(dirname(__FILE__) . '/../../tmp/' . $jpeg_filename, "wb"); $outjpeg = @fopen(dirname(__FILE__) . '/../../tmp/' . $jpeg_filename, "wb");
fwrite($outjpeg, $this->attributes['jpegPhoto'][0]); fwrite($outjpeg, $this->attributes['jpegPhoto'][0]);
fclose ($outjpeg); fclose ($outjpeg);
@ -1755,7 +1755,7 @@ class inetOrgPerson extends baseModule implements passwordService,AccountStatusP
} }
else { else {
$container->add(new htmlSubTitle(_('Crop image')), 12); $container->add(new htmlSubTitle(_('Crop image')), 12);
$jpeg_filename = 'jpg' . getRandomNumber() . '.jpg'; $jpeg_filename = 'jpg_' . generateRandomText() . '.jpg';
$outjpeg = @fopen(dirname(__FILE__) . '/../../tmp/' . $jpeg_filename, "wb"); $outjpeg = @fopen(dirname(__FILE__) . '/../../tmp/' . $jpeg_filename, "wb");
fwrite($outjpeg, $this->attributes['jpegPhoto'][0]); fwrite($outjpeg, $this->attributes['jpegPhoto'][0]);
fclose ($outjpeg); fclose ($outjpeg);
@ -1887,7 +1887,7 @@ class inetOrgPerson extends baseModule implements passwordService,AccountStatusP
$table = new htmlTable(); $table = new htmlTable();
$table->colspan = 10; $table->colspan = 10;
for ($i = 0; $i < sizeof($this->attributes['userCertificate;binary']); $i++) { for ($i = 0; $i < sizeof($this->attributes['userCertificate;binary']); $i++) {
$filename = 'userCertificate' . getRandomNumber() . '.der'; $filename = 'userCertificate_' . generateRandomText() . '.der';
$pathOut = dirname(__FILE__) . '/../../tmp/' . $filename; $pathOut = dirname(__FILE__) . '/../../tmp/' . $filename;
$out = @fopen($pathOut, "wb"); $out = @fopen($pathOut, "wb");
@chmod($pathOut, 0640); @chmod($pathOut, 0640);
@ -3132,7 +3132,7 @@ class inetOrgPerson extends baseModule implements passwordService,AccountStatusP
$photo = $_SESSION[self::SESS_PHOTO]; $photo = $_SESSION[self::SESS_PHOTO];
$row = new htmlResponsiveRow(); $row = new htmlResponsiveRow();
if (!empty($photo)) { if (!empty($photo)) {
$jpeg_filename = 'jpegPhoto' . getRandomNumber() . '.jpg'; $jpeg_filename = 'jpegPhoto_' . generateRandomText() . '.jpg';
$outjpeg = fopen(realpath('../../') . '/tmp/' . $jpeg_filename, "wb"); $outjpeg = fopen(realpath('../../') . '/tmp/' . $jpeg_filename, "wb");
fwrite($outjpeg, $photo); fwrite($outjpeg, $photo);
fclose ($outjpeg); fclose ($outjpeg);
@ -3270,7 +3270,7 @@ class inetOrgPerson extends baseModule implements passwordService,AccountStatusP
$certTable = new htmlResponsiveRow(); $certTable = new htmlResponsiveRow();
for ($i = 0; $i < sizeof($userCertificates); $i++) { for ($i = 0; $i < sizeof($userCertificates); $i++) {
$group = new htmlGroup(); $group = new htmlGroup();
$filename = 'userCertificate' . getRandomNumber() . '.der'; $filename = 'userCertificate_' . generateRandomText() . '.der';
$out = @fopen(dirname(__FILE__) . '/../../tmp/' . $filename, "wb"); $out = @fopen(dirname(__FILE__) . '/../../tmp/' . $filename, "wb");
fwrite($out, $userCertificates[$i]); fwrite($out, $userCertificates[$i]);
fclose ($out); fclose ($out);
@ -4643,8 +4643,7 @@ class inetOrgPerson extends baseModule implements passwordService,AccountStatusP
} }
} }
} }
$imgNumber = getRandomNumber(); $jpeg_filename = 'jpg_' . generateRandomText() . '.jpg';
$jpeg_filename = 'jpg' . $imgNumber . '.jpg';
$outjpeg = @fopen(dirname(__FILE__) . '/../../tmp/' . $jpeg_filename, "wb"); $outjpeg = @fopen(dirname(__FILE__) . '/../../tmp/' . $jpeg_filename, "wb");
fwrite($outjpeg, $entry[$attribute][0]); fwrite($outjpeg, $entry[$attribute][0]);
fclose ($outjpeg); fclose ($outjpeg);

2
lam/lib/modules/posixAccount.inc
View file

@ -1333,7 +1333,7 @@ class posixAccount extends baseModule implements passwordService,AccountStatusPr
&& ($this->get_scope() == 'user') && ($this->get_scope() == 'user')
&& $this->getAccountContainer()->isNewAccount && get_preg($this->attributes['uid'][0], 'username')) { && $this->getAccountContainer()->isNewAccount && get_preg($this->attributes['uid'][0], 'username')) {
$groupType = $this->getPosixGroupType(); $groupType = $this->getPosixGroupType();
$sessionKey = 'TMP' . getRandomNumber(); $sessionKey = 'TMP' . generateRandomText();
$accountContainerTmp = new accountContainer($groupType, $sessionKey); $accountContainerTmp = new accountContainer($groupType, $sessionKey);
$_SESSION[$sessionKey] = &$accountContainerTmp; $_SESSION[$sessionKey] = &$accountContainerTmp;
$accountContainerTmp->new_account(); $accountContainerTmp->new_account();

9
lam/lib/modules/windowsUser.inc
View file

@ -1564,7 +1564,7 @@ class windowsUser extends baseModule implements passwordService,AccountStatusPro
$photoFile = '../../graphics/user.svg'; $photoFile = '../../graphics/user.svg';
$noPhoto = true; $noPhoto = true;
if (isset($this->attributes['jpegPhoto'][0])) { if (isset($this->attributes['jpegPhoto'][0])) {
$jpeg_filename = 'jpg' . getRandomNumber() . '.jpg'; $jpeg_filename = 'jpg_' . generateRandomText() . '.jpg';
$outjpeg = @fopen(dirname(__FILE__) . '/../../tmp/' . $jpeg_filename, "wb"); $outjpeg = @fopen(dirname(__FILE__) . '/../../tmp/' . $jpeg_filename, "wb");
fwrite($outjpeg, $this->attributes['jpegPhoto'][0]); fwrite($outjpeg, $this->attributes['jpegPhoto'][0]);
fclose ($outjpeg); fclose ($outjpeg);
@ -2373,7 +2373,7 @@ class windowsUser extends baseModule implements passwordService,AccountStatusPro
} }
else { else {
$container->add(new htmlSubTitle(_('Crop image')), 12); $container->add(new htmlSubTitle(_('Crop image')), 12);
$jpeg_filename = 'jpg' . getRandomNumber() . '.jpg'; $jpeg_filename = 'jpg_' . generateRandomText() . '.jpg';
$outjpeg = @fopen(dirname(__FILE__) . '/../../tmp/' . $jpeg_filename, "wb"); $outjpeg = @fopen(dirname(__FILE__) . '/../../tmp/' . $jpeg_filename, "wb");
fwrite($outjpeg, $this->attributes['jpegPhoto'][0]); fwrite($outjpeg, $this->attributes['jpegPhoto'][0]);
fclose ($outjpeg); fclose ($outjpeg);
@ -2428,7 +2428,7 @@ class windowsUser extends baseModule implements passwordService,AccountStatusPro
} }
if (!empty($_FILES['photoFile']['tmp_name'])) { if (!empty($_FILES['photoFile']['tmp_name'])) {
$handle = fopen($_FILES['photoFile']['tmp_name'], "r"); $handle = fopen($_FILES['photoFile']['tmp_name'], "r");
$data = fread($handle, 10000000); $data = fread($handle, 100000000);
fclose($handle); fclose($handle);
if (!empty($this->moduleSettings['windowsUser_jpegPhoto_maxSize'][0]) && (strlen($data) > (1024 * $this->moduleSettings['windowsUser_jpegPhoto_maxSize'][0]))) { if (!empty($this->moduleSettings['windowsUser_jpegPhoto_maxSize'][0]) && (strlen($data) > (1024 * $this->moduleSettings['windowsUser_jpegPhoto_maxSize'][0]))) {
$errMsg = $this->messages['file'][3]; $errMsg = $this->messages['file'][3];
@ -4561,8 +4561,7 @@ class windowsUser extends baseModule implements passwordService,AccountStatusPro
} }
} }
} }
$imgNumber = getRandomNumber(); $jpeg_filename = 'jpg_' . generateRandomText() . '.jpg';
$jpeg_filename = 'jpg' . $imgNumber . '.jpg';
$outjpeg = @fopen(dirname(__FILE__) . '/../../tmp/' . $jpeg_filename, "wb"); $outjpeg = @fopen(dirname(__FILE__) . '/../../tmp/' . $jpeg_filename, "wb");
fwrite($outjpeg, $entry[$attribute][0]); fwrite($outjpeg, $entry[$attribute][0]);
fclose ($outjpeg); fclose ($outjpeg);

4
lam/lib/pdf.inc
View file

@ -6,7 +6,7 @@ use LAMException;
/* /*
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2003 - 2004 Michael Duergner Copyright (C) 2003 - 2004 Michael Duergner
2003 - 2021 Roland Gruber 2003 - 2023 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -168,7 +168,7 @@ function createPdf($structure, $accounts, $pdfKeys, $account_type, $font, $retur
$out = $pdf->Output('out.pdf', 'S'); $out = $pdf->Output('out.pdf', 'S');
if (!$returnAsString) { if (!$returnAsString) {
// use timestamp and random number from ldap.inc as filename so it should be unique. // use timestamp and random number from ldap.inc as filename so it should be unique.
$filename = '../../tmp/' . getRandomNumber() . time() .'.pdf'; $filename = '../../tmp/' . generateRandomText() . time() .'.pdf';
// Save PDF // Save PDF
$handle = fopen($filename, 'w'); $handle = fopen($filename, 'w');
chmod($filename, 0640); chmod($filename, 0640);

19
lam/lib/treeview.inc
View file

@ -395,35 +395,35 @@ class TreeView {
$row->add($newAttributeSelect, 12); $row->add($newAttributeSelect, 12);
$newAttributesContentSingleInput = new htmlResponsiveRow(); $newAttributesContentSingleInput = new htmlResponsiveRow();
$newAttributesContentSingleInput->addLabel(new htmlOutputText('PLACEHOLDER_SINGLE_INPUT_LABEL')); $newAttributesContentSingleInput->addLabel(new htmlOutputText('PLACEHOLDER_SINGLE_INPUT_LABEL'));
$newAttributesContentSingleInput->addField($this->getAttributeContentField('placeholder' . getRandomNumber(), array(''), false, false, false, null)); $newAttributesContentSingleInput->addField($this->getAttributeContentField('placeholder' . generateRandomText(), array(''), false, false, false, null));
$row->add(new htmlDiv('new-attributes-single-input', $newAttributesContentSingleInput, array('hidden')), 12); $row->add(new htmlDiv('new-attributes-single-input', $newAttributesContentSingleInput, array('hidden')), 12);
$newAttributesContentMultiInput = new htmlResponsiveRow(); $newAttributesContentMultiInput = new htmlResponsiveRow();
$newAttributesContentMultiInput->addLabel(new htmlOutputText('PLACEHOLDER_MULTI_INPUT_LABEL')); $newAttributesContentMultiInput->addLabel(new htmlOutputText('PLACEHOLDER_MULTI_INPUT_LABEL'));
$newAttributesContentMultiInput->addField($this->getAttributeContentField('placeholder' . getRandomNumber(), array(''), false, true, false, null)); $newAttributesContentMultiInput->addField($this->getAttributeContentField('placeholder' . generateRandomText(), array(''), false, true, false, null));
$row->add(new htmlDiv('new-attributes-multi-input', $newAttributesContentMultiInput, array('hidden')), 12); $row->add(new htmlDiv('new-attributes-multi-input', $newAttributesContentMultiInput, array('hidden')), 12);
$newAttributesContentSingleTextarea = new htmlResponsiveRow(); $newAttributesContentSingleTextarea = new htmlResponsiveRow();
$newAttributesContentSingleTextarea->addLabel(new htmlOutputText('PLACEHOLDER_SINGLE_TEXTAREA_LABEL')); $newAttributesContentSingleTextarea->addLabel(new htmlOutputText('PLACEHOLDER_SINGLE_TEXTAREA_LABEL'));
$newAttributesContentSingleTextarea->addField($this->getAttributeContentField('placeholder' . getRandomNumber(), array(''), false, false, true, null)); $newAttributesContentSingleTextarea->addField($this->getAttributeContentField('placeholder' . generateRandomText(), array(''), false, false, true, null));
$row->add(new htmlDiv('new-attributes-single-textarea', $newAttributesContentSingleTextarea, array('hidden')), 12); $row->add(new htmlDiv('new-attributes-single-textarea', $newAttributesContentSingleTextarea, array('hidden')), 12);
$newAttributesContentMultiTextarea = new htmlResponsiveRow(); $newAttributesContentMultiTextarea = new htmlResponsiveRow();
$newAttributesContentMultiTextarea->addLabel(new htmlOutputText('PLACEHOLDER_MULTI_TEXTAREA_LABEL')); $newAttributesContentMultiTextarea->addLabel(new htmlOutputText('PLACEHOLDER_MULTI_TEXTAREA_LABEL'));
$newAttributesContentMultiTextarea->addField($this->getAttributeContentField('placeholder' . getRandomNumber(), array(''), false, true, true, null)); $newAttributesContentMultiTextarea->addField($this->getAttributeContentField('placeholder' . generateRandomText(), array(''), false, true, true, null));
$row->add(new htmlDiv('new-attributes-multi-textarea', $newAttributesContentMultiTextarea, array('hidden')), 12); $row->add(new htmlDiv('new-attributes-multi-textarea', $newAttributesContentMultiTextarea, array('hidden')), 12);
$newAttributesContentSinglePassword = new htmlResponsiveRow(); $newAttributesContentSinglePassword = new htmlResponsiveRow();
$newAttributesContentSinglePassword->addLabel(new htmlOutputText('PLACEHOLDER_SINGLE_PASSWORD_LABEL')); $newAttributesContentSinglePassword->addLabel(new htmlOutputText('PLACEHOLDER_SINGLE_PASSWORD_LABEL'));
$newAttributesContentSinglePassword->addField($this->getAttributeContentField('userpassword' . getRandomNumber(), array(''), false, false, false, null)); $newAttributesContentSinglePassword->addField($this->getAttributeContentField('userpassword' . generateRandomText(), array(''), false, false, false, null));
$row->add(new htmlDiv('new-attributes-single-password', $newAttributesContentSinglePassword, array('hidden')), 12); $row->add(new htmlDiv('new-attributes-single-password', $newAttributesContentSinglePassword, array('hidden')), 12);
$newAttributesContentMultiPassword = new htmlResponsiveRow(); $newAttributesContentMultiPassword = new htmlResponsiveRow();
$newAttributesContentMultiPassword->addLabel(new htmlOutputText('PLACEHOLDER_MULTI_PASSWORD_LABEL')); $newAttributesContentMultiPassword->addLabel(new htmlOutputText('PLACEHOLDER_MULTI_PASSWORD_LABEL'));
$newAttributesContentMultiPassword->addField($this->getAttributeContentField('userpassword' . getRandomNumber(), array(''), false, true, false, null)); $newAttributesContentMultiPassword->addField($this->getAttributeContentField('userpassword' . generateRandomText(), array(''), false, true, false, null));
$row->add(new htmlDiv('new-attributes-multi-password', $newAttributesContentMultiPassword, array('hidden')), 12); $row->add(new htmlDiv('new-attributes-multi-password', $newAttributesContentMultiPassword, array('hidden')), 12);
$newAttributesContentSingleJpeg = new htmlResponsiveRow(); $newAttributesContentSingleJpeg = new htmlResponsiveRow();
$newAttributesContentSingleJpeg->addLabel(new htmlOutputText('PLACEHOLDER_SINGLE_JPEG_LABEL')); $newAttributesContentSingleJpeg->addLabel(new htmlOutputText('PLACEHOLDER_SINGLE_JPEG_LABEL'));
$newAttributesContentSingleJpeg->addField($this->getAttributeContentField('jpegphoto' . getRandomNumber(), array(''), false, false, false, null)); $newAttributesContentSingleJpeg->addField($this->getAttributeContentField('jpegphoto' . generateRandomText(), array(''), false, false, false, null));
$row->add(new htmlDiv('new-attributes-single-jpeg', $newAttributesContentSingleJpeg, array('hidden')), 12); $row->add(new htmlDiv('new-attributes-single-jpeg', $newAttributesContentSingleJpeg, array('hidden')), 12);
$newAttributesContentMultiJpeg = new htmlResponsiveRow(); $newAttributesContentMultiJpeg = new htmlResponsiveRow();
$newAttributesContentMultiJpeg->addLabel(new htmlOutputText('PLACEHOLDER_MULTI_JPEG_LABEL')); $newAttributesContentMultiJpeg->addLabel(new htmlOutputText('PLACEHOLDER_MULTI_JPEG_LABEL'));
$newAttributesContentMultiJpeg->addField($this->getAttributeContentField('jpegphoto' . getRandomNumber(), array(''), false, true, true, null)); $newAttributesContentMultiJpeg->addField($this->getAttributeContentField('jpegphoto' . generateRandomText(), array(''), false, true, true, null));
$row->add(new htmlDiv('new-attributes-multi-jpeg', $newAttributesContentMultiJpeg, array('hidden')), 12); $row->add(new htmlDiv('new-attributes-multi-jpeg', $newAttributesContentMultiJpeg, array('hidden')), 12);
} }
@ -732,8 +732,7 @@ class TreeView {
* @return htmlElement input field * @return htmlElement input field
*/ */
private function getAttributeJpegInputField(string $attributeName, string $value, bool $required, int $index): htmlElement { private function getAttributeJpegInputField(string $attributeName, string $value, bool $required, int $index): htmlElement {
$imgNumber = getRandomNumber(); $jpeg_filename = 'jpg_' . generateRandomText() . '.jpg';
$jpeg_filename = 'jpg' . $imgNumber . '.jpg';
$outJpeg = @fopen(__DIR__ . '/../tmp/' . $jpeg_filename, "wb"); $outJpeg = @fopen(__DIR__ . '/../tmp/' . $jpeg_filename, "wb");
fwrite($outJpeg, $value); fwrite($outJpeg, $value);
fclose ($outJpeg); fclose ($outJpeg);

4
lam/templates/account/edit.php
View file

@ -8,7 +8,7 @@ use LAM\TYPES\TypeManager;
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2003 - 2006 Tilo Lutz Copyright (C) 2003 - 2006 Tilo Lutz
2005 - 2021 Roland Gruber 2005 - 2023 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -67,7 +67,7 @@ if (isset($_GET['editKey'])) {
$sessionKey = htmlspecialchars($_GET['editKey']); $sessionKey = htmlspecialchars($_GET['editKey']);
} }
else { else {
$sessionKey = $sessionAccountPrefix . (new DateTime('now', getTimeZone()))->getTimestamp() . getRandomNumber(); $sessionKey = $sessionAccountPrefix . (new DateTime('now', getTimeZone()))->getTimestamp() . generateRandomText();
} }
// cleanup account containers in session // cleanup account containers in session

2
lam/templates/config/confImportExport.php
View file

@ -265,7 +265,7 @@ printHeaderContents(_("Import and export configuration"), '../..');
} }
$importer = new ConfigDataImporter(); $importer = new ConfigDataImporter();
$importSteps = $importer->getPossibleImportSteps($data); $importSteps = $importer->getPossibleImportSteps($data);
$tmpFile = __DIR__ . '/../../tmp/internal/import_' . getRandomNumber() . '.tmp'; $tmpFile = __DIR__ . '/../../tmp/internal/import_' . generateRandomText() . '.tmp';
$file = @fopen($tmpFile, "w"); $file = @fopen($tmpFile, "w");
if ($file) { if ($file) {
fputs($file, $data); fputs($file, $data);

4
lam/templates/delete.php
View file

@ -109,7 +109,7 @@ if (isset($_GET['type']) && isset($_SESSION['delete_dn'])) {
$users[] = substr($dn, $start, $end-$start); $users[] = substr($dn, $start, $end-$start);
} }
$sessionKey = $sessionAccountPrefix . (new \DateTime('now', getTimeZone()))->getTimestamp() . getRandomNumber(); $sessionKey = $sessionAccountPrefix . (new \DateTime('now', getTimeZone()))->getTimestamp() . generateRandomText();
//load account //load account
$_SESSION[$sessionKey] = new \accountContainer($type, $sessionKey); $_SESSION[$sessionKey] = new \accountContainer($type, $sessionKey);
// Show HTML Page // Show HTML Page
@ -191,7 +191,7 @@ if (isset($_POST['delete'])) {
addSecurityTokenToMetaHTML($container); addSecurityTokenToMetaHTML($container);
$container->add(new htmlHiddenInput('type', $type->getId()), 12); $container->add(new htmlHiddenInput('type', $type->getId()), 12);
$sessionKey = $sessionAccountPrefix . (new \DateTime('now', getTimeZone()))->getTimestamp() . getRandomNumber(); $sessionKey = $sessionAccountPrefix . (new \DateTime('now', getTimeZone()))->getTimestamp() . generateRandomText();
$_SESSION[$sessionKey] = new \accountContainer($type, $sessionKey); $_SESSION[$sessionKey] = new \accountContainer($type, $sessionKey);
// Delete dns // Delete dns
$allOk = true; $allOk = true;

4
lam/templates/tools/multiEdit.php
View file

@ -25,7 +25,7 @@ use LAM\TOOLS\TREEVIEW\TreeViewTool;
/* /*
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2013 - 2022 Roland Gruber Copyright (C) 2013 - 2023 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -472,7 +472,7 @@ function dryRun(): array {
$container->addElement(new htmlOutputText(_('Dry run finished.')), true); $container->addElement(new htmlOutputText(_('Dry run finished.')), true);
$container->addVerticalSpace('20px'); $container->addVerticalSpace('20px');
// store LDIF // store LDIF
$filename = 'ldif' . getRandomNumber() . '.ldif'; $filename = 'ldif_' . generateRandomText() . '.ldif';
$out = @fopen(dirname(__FILE__) . '/../../tmp/' . $filename, "wb"); $out = @fopen(dirname(__FILE__) . '/../../tmp/' . $filename, "wb");
if ($out !== false) { if ($out !== false) {
fwrite($out, $ldif); fwrite($out, $ldif);

4
lam/templates/upload/massBuildAccounts.php
View file

@ -10,7 +10,7 @@ use \htmlResponsiveRow;
/* /*
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/) This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2004 - 2022 Roland Gruber Copyright (C) 2004 - 2023 Roland Gruber
This program is free software; you can redistribute it and/or modify This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
@ -266,7 +266,7 @@ if ($_FILES['inputfile'] && ($_FILES['inputfile']['size'] > 0)) {
$_SESSION['mass_pdf']['structure'] = $_POST['pdfStructure']; $_SESSION['mass_pdf']['structure'] = $_POST['pdfStructure'];
$_SESSION['mass_pdf']['font'] = $_POST['pdf_font']; $_SESSION['mass_pdf']['font'] = $_POST['pdf_font'];
$_SESSION['mass_pdf']['counter'] = 0; $_SESSION['mass_pdf']['counter'] = 0;
$_SESSION['mass_pdf']['file'] = '../../tmp/lam_pdf' . getRandomNumber() . '.zip'; $_SESSION['mass_pdf']['file'] = '../../tmp/lam_pdf_' . generateRandomText() . '.zip';
} }
else { else {
$_SESSION['mass_pdf']['structure'] = null; $_SESSION['mass_pdf']['structure'] = null;

10
lam/tests/lib/AccountTest.php
View file

@ -242,4 +242,14 @@ class AccountTest extends TestCase {
$this->assertEquals(4, getNumberOfCharacterClasses('a-0AB.a3')); $this->assertEquals(4, getNumberOfCharacterClasses('a-0AB.a3'));
} }
function testGenerateRandomPassword() {
global $_SESSION;
$_SESSION = array('cfgMain' => new LAMCfgMain());
$this->assertEquals(20, strlen(generateRandomPassword(20)));
}
function testGenerateRandomText() {
$this->assertEquals(20, strlen(generateRandomText(20)));
}
} }